| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/metrics/histogram_samples.h" | 8 #include "base/metrics/histogram_samples.h" |
| 9 #include "base/metrics/statistics_recorder.h" | 9 #include "base/metrics/statistics_recorder.h" |
| 10 #include "base/path_service.h" | 10 #include "base/path_service.h" |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 #include "chrome/common/chrome_paths.h" | 28 #include "chrome/common/chrome_paths.h" |
| 29 #include "chrome/common/chrome_switches.h" | 29 #include "chrome/common/chrome_switches.h" |
| 30 #include "chrome/test/base/test_switches.h" | 30 #include "chrome/test/base/test_switches.h" |
| 31 #include "chrome/test/base/ui_test_utils.h" | 31 #include "chrome/test/base/ui_test_utils.h" |
| 32 #include "components/autofill/content/common/autofill_messages.h" | 32 #include "components/autofill/content/common/autofill_messages.h" |
| 33 #include "components/autofill/core/browser/autofill_test_utils.h" | 33 #include "components/autofill/core/browser/autofill_test_utils.h" |
| 34 #include "components/autofill/core/browser/test_autofill_client.h" | 34 #include "components/autofill/core/browser/test_autofill_client.h" |
| 35 #include "components/autofill/core/common/password_form.h" | 35 #include "components/autofill/core/common/password_form.h" |
| 36 #include "components/password_manager/content/browser/content_password_manager_d
river.h" | 36 #include "components/password_manager/content/browser/content_password_manager_d
river.h" |
| 37 #include "components/password_manager/content/browser/content_password_manager_d
river_factory.h" | 37 #include "components/password_manager/content/browser/content_password_manager_d
river_factory.h" |
| 38 #include "components/password_manager/core/browser/login_model.h" |
| 38 #include "components/password_manager/core/browser/test_password_store.h" | 39 #include "components/password_manager/core/browser/test_password_store.h" |
| 39 #include "components/password_manager/core/common/password_manager_switches.h" | 40 #include "components/password_manager/core/common/password_manager_switches.h" |
| 40 #include "components/version_info/version_info.h" | 41 #include "components/version_info/version_info.h" |
| 41 #include "content/public/browser/navigation_controller.h" | 42 #include "content/public/browser/navigation_controller.h" |
| 42 #include "content/public/browser/notification_service.h" | 43 #include "content/public/browser/notification_service.h" |
| 43 #include "content/public/browser/render_frame_host.h" | 44 #include "content/public/browser/render_frame_host.h" |
| 44 #include "content/public/browser/render_process_host.h" | 45 #include "content/public/browser/render_process_host.h" |
| 45 #include "content/public/browser/render_view_host.h" | 46 #include "content/public/browser/render_view_host.h" |
| 46 #include "content/public/browser/web_contents.h" | 47 #include "content/public/browser/web_contents.h" |
| 47 #include "content/public/browser/web_contents_observer.h" | 48 #include "content/public/browser/web_contents_observer.h" |
| 48 #include "content/public/common/content_switches.h" | 49 #include "content/public/common/content_switches.h" |
| 49 #include "content/public/test/browser_test_utils.h" | 50 #include "content/public/test/browser_test_utils.h" |
| 50 #include "content/public/test/test_utils.h" | 51 #include "content/public/test/test_utils.h" |
| 51 #include "ipc/ipc_security_test_util.h" | 52 #include "ipc/ipc_security_test_util.h" |
| 52 #include "net/base/filename_util.h" | 53 #include "net/base/filename_util.h" |
| 53 #include "net/dns/mock_host_resolver.h" | 54 #include "net/dns/mock_host_resolver.h" |
| 54 #include "net/test/embedded_test_server/embedded_test_server.h" | 55 #include "net/test/embedded_test_server/embedded_test_server.h" |
| 55 #include "net/test/embedded_test_server/http_request.h" | 56 #include "net/test/embedded_test_server/http_request.h" |
| 56 #include "net/test/embedded_test_server/http_response.h" | 57 #include "net/test/embedded_test_server/http_response.h" |
| 57 #include "net/test/spawned_test_server/spawned_test_server.h" | 58 #include "net/test/spawned_test_server/spawned_test_server.h" |
| 58 #include "net/url_request/test_url_fetcher_factory.h" | 59 #include "net/url_request/test_url_fetcher_factory.h" |
| 59 #include "testing/gmock/include/gmock/gmock.h" | 60 #include "testing/gmock/include/gmock/gmock.h" |
| 60 #include "third_party/WebKit/public/web/WebInputEvent.h" | 61 #include "third_party/WebKit/public/web/WebInputEvent.h" |
| 61 #include "ui/events/keycodes/keyboard_codes.h" | 62 #include "ui/events/keycodes/keyboard_codes.h" |
| 62 #include "ui/gfx/geometry/point.h" | 63 #include "ui/gfx/geometry/point.h" |
| 63 | 64 |
| 65 using testing::_; |
| 66 |
| 64 namespace { | 67 namespace { |
| 65 | 68 |
| 69 class MockLoginModelObserver : public password_manager::LoginModelObserver { |
| 70 public: |
| 71 MOCK_METHOD2(OnAutofillDataAvailableInternal, |
| 72 void(const base::string16&, const base::string16&)); |
| 73 |
| 74 private: |
| 75 void OnLoginModelDestroying() override {} |
| 76 }; |
| 77 |
| 66 GURL GetFileURL(const char* filename) { | 78 GURL GetFileURL(const char* filename) { |
| 67 base::FilePath path; | 79 base::FilePath path; |
| 68 PathService::Get(chrome::DIR_TEST_DATA, &path); | 80 PathService::Get(chrome::DIR_TEST_DATA, &path); |
| 69 path = path.AppendASCII("password").AppendASCII(filename); | 81 path = path.AppendASCII("password").AppendASCII(filename); |
| 70 CHECK(base::PathExists(path)); | 82 CHECK(base::PathExists(path)); |
| 71 return net::FilePathToFileURL(path); | 83 return net::FilePathToFileURL(path); |
| 72 } | 84 } |
| 73 | 85 |
| 74 // Handles |request| to "/basic_auth". If "Authorization" header is present, | 86 // Handles |request| to "/basic_auth". If "Authorization" header is present, |
| 75 // responds with a non-empty HTTP 200 page (regardless of its value). Otherwise | 87 // responds with a non-empty HTTP 200 page (regardless of its value). Otherwise |
| (...skipping 2402 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2478 std::string get_retype_password = | 2490 std::string get_retype_password = |
| 2479 "window.domAutomationController.send(" | 2491 "window.domAutomationController.send(" |
| 2480 " document.getElementById(" | 2492 " document.getElementById(" |
| 2481 " 'change_pwd_but_no_old_pwd').elements[2].value);"; | 2493 " 'change_pwd_but_no_old_pwd').elements[2].value);"; |
| 2482 std::string retyped_password; | 2494 std::string retyped_password; |
| 2483 ASSERT_TRUE(content::ExecuteScriptAndExtractString( | 2495 ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| 2484 RenderViewHost(), get_retype_password, &retyped_password)); | 2496 RenderViewHost(), get_retype_password, &retyped_password)); |
| 2485 EXPECT_EQ("", retyped_password); | 2497 EXPECT_EQ("", retyped_password); |
| 2486 } | 2498 } |
| 2487 | 2499 |
| 2500 // When there are multiple LoginModelObservers (e.g., multiple HTTP auth dialogs |
| 2501 // as in http://crbug.com/537823), ensure that credentials from PasswordStore |
| 2502 // distributed to them are filtered by the realm. |
| 2503 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestBase, |
| 2504 BasicAuthSeparateRealms) { |
| 2505 embedded_test_server()->RegisterRequestHandler( |
| 2506 base::Bind(&HandleTestAuthRequest)); |
| 2507 |
| 2508 // Save credentials for "test realm" in the store. |
| 2509 scoped_refptr<password_manager::TestPasswordStore> password_store = |
| 2510 static_cast<password_manager::TestPasswordStore*>( |
| 2511 PasswordStoreFactory::GetForProfile( |
| 2512 browser()->profile(), ServiceAccessType::IMPLICIT_ACCESS) |
| 2513 .get()); |
| 2514 autofill::PasswordForm creds; |
| 2515 creds.scheme = autofill::PasswordForm::SCHEME_BASIC; |
| 2516 creds.signon_realm = embedded_test_server()->base_url().spec() + "test realm"; |
| 2517 creds.password_value = base::ASCIIToUTF16("pw"); |
| 2518 creds.username_value = base::ASCIIToUTF16("temp"); |
| 2519 password_store->AddLogin(creds); |
| 2520 base::RunLoop run_loop; |
| 2521 run_loop.RunUntilIdle(); |
| 2522 ASSERT_FALSE(password_store->IsEmpty()); |
| 2523 |
| 2524 // In addition to the LoginModelObserver created automatically for the HTTP |
| 2525 // auth dialog, also create a mock observer, for a different realm. |
| 2526 MockLoginModelObserver mock_login_model_observer; |
| 2527 PasswordManager* password_manager = |
| 2528 ChromePasswordManagerClient::FromWebContents(WebContents()) |
| 2529 ->GetPasswordManager(); |
| 2530 autofill::PasswordForm other_form(creds); |
| 2531 other_form.signon_realm = "https://example.com/other realm"; |
| 2532 password_manager->AddObserverAndDeliverCredentials(&mock_login_model_observer, |
| 2533 other_form); |
| 2534 // The mock observer should not receive the stored credentials. |
| 2535 EXPECT_CALL(mock_login_model_observer, OnAutofillDataAvailableInternal(_, _)) |
| 2536 .Times(0); |
| 2537 |
| 2538 // Now wait until the navigation to the test server causes a HTTP auth dialog |
| 2539 // to appear. |
| 2540 content::NavigationController* nav_controller = |
| 2541 &WebContents()->GetController(); |
| 2542 WindowedAuthNeededObserver auth_needed_observer(nav_controller); |
| 2543 ui_test_utils::NavigateToURLWithDisposition( |
| 2544 browser(), embedded_test_server()->GetURL("/basic_auth"), CURRENT_TAB, |
| 2545 ui_test_utils::BROWSER_TEST_NONE); |
| 2546 auth_needed_observer.Wait(); |
| 2547 |
| 2548 // The auth dialog caused a query to PasswordStore, make sure it was |
| 2549 // processed. |
| 2550 base::RunLoop run_loop2; |
| 2551 run_loop2.RunUntilIdle(); |
| 2552 |
| 2553 password_manager->RemoveObserver(&mock_login_model_observer); |
| 2554 } |
| 2555 |
| 2488 } // namespace password_manager | 2556 } // namespace password_manager |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1421013003:
[Merge in M47] Do not involve PasswordManagerDriver in filling HTTP-auth forms; also check realm (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@2526