OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <utility> | 5 #include <utility> |
6 | 6 |
7 #include "build/build_config.h" | 7 #include "build/build_config.h" |
8 | 8 |
9 #if defined(OS_WIN) | 9 #if defined(OS_WIN) |
10 #include <windows.h> | 10 #include <windows.h> |
(...skipping 3481 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3492 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status()); | 3492 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status()); |
3493 | 3493 |
3494 HttpRequestHeaders headers; | 3494 HttpRequestHeaders headers; |
3495 std::string token_binding_header, token_binding_message; | 3495 std::string token_binding_header, token_binding_message; |
3496 EXPECT_TRUE(r->GetFullRequestHeaders(&headers)); | 3496 EXPECT_TRUE(r->GetFullRequestHeaders(&headers)); |
3497 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding, | 3497 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding, |
3498 &token_binding_header)); | 3498 &token_binding_header)); |
3499 EXPECT_TRUE(base::Base64UrlDecode( | 3499 EXPECT_TRUE(base::Base64UrlDecode( |
3500 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING, | 3500 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING, |
3501 &token_binding_message)); | 3501 &token_binding_message)); |
3502 base::StringPiece ec_point, signature; | 3502 std::vector<TokenBinding> token_bindings; |
3503 EXPECT_TRUE( | 3503 ASSERT_TRUE( |
3504 ParseTokenBindingMessage(token_binding_message, &ec_point, &signature)); | 3504 ParseTokenBindingMessage(token_binding_message, &token_bindings)); |
| 3505 ASSERT_EQ(1ull, token_bindings.size()); |
3505 | 3506 |
3506 EXPECT_GT(d.bytes_received(), 0); | 3507 EXPECT_GT(d.bytes_received(), 0); |
3507 std::string ekm = d.data_received(); | 3508 std::string ekm = d.data_received(); |
3508 | 3509 |
3509 EXPECT_TRUE(VerifyEKMSignature(ec_point, signature, ekm)); | 3510 EXPECT_EQ(TokenBindingType::PROVIDED, token_bindings[0].type); |
| 3511 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point, |
| 3512 token_bindings[0].signature, ekm)); |
3510 } | 3513 } |
3511 } | 3514 } |
| 3515 |
| 3516 TEST_F(TokenBindingURLRequestTest, ForwardTokenBinding) { |
| 3517 SpawnedTestServer::SSLOptions ssl_options; |
| 3518 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256); |
| 3519 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS, |
| 3520 ssl_options, |
| 3521 base::FilePath(kTestFilePath)); |
| 3522 ASSERT_TRUE(https_test_server.Start()); |
| 3523 |
| 3524 TestDelegate d; |
| 3525 { |
| 3526 GURL redirect_url = |
| 3527 https_test_server.GetURL("forward-tokbind?/tokbind-ekm"); |
| 3528 scoped_ptr<URLRequest> r( |
| 3529 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d)); |
| 3530 r->Start(); |
| 3531 EXPECT_TRUE(r->is_pending()); |
| 3532 |
| 3533 base::RunLoop().Run(); |
| 3534 |
| 3535 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status()); |
| 3536 |
| 3537 HttpRequestHeaders headers; |
| 3538 std::string token_binding_header, token_binding_message; |
| 3539 EXPECT_TRUE(r->GetFullRequestHeaders(&headers)); |
| 3540 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding, |
| 3541 &token_binding_header)); |
| 3542 EXPECT_TRUE(base::Base64UrlDecode( |
| 3543 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING, |
| 3544 &token_binding_message)); |
| 3545 std::vector<TokenBinding> token_bindings; |
| 3546 ASSERT_TRUE( |
| 3547 ParseTokenBindingMessage(token_binding_message, &token_bindings)); |
| 3548 ASSERT_EQ(2ull, token_bindings.size()); |
| 3549 |
| 3550 EXPECT_GT(d.bytes_received(), 0); |
| 3551 std::string ekm = d.data_received(); |
| 3552 |
| 3553 EXPECT_EQ(TokenBindingType::PROVIDED, token_bindings[0].type); |
| 3554 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point, |
| 3555 token_bindings[0].signature, ekm)); |
| 3556 EXPECT_EQ(TokenBindingType::REFERRED, token_bindings[1].type); |
| 3557 EXPECT_TRUE(VerifyEKMSignature(token_bindings[1].ec_point, |
| 3558 token_bindings[1].signature, ekm)); |
| 3559 } |
| 3560 } |
| 3561 |
| 3562 // TODO(nharper): Remove this #ifdef and replace SpawnedTestServer with |
| 3563 // EmbeddedTestServer once crbug.com/599187 is resolved. |
| 3564 #if !defined(OS_ANDROID) |
| 3565 TEST_F(TokenBindingURLRequestTest, DontForwardHeaderFromHttp) { |
| 3566 SpawnedTestServer http_server(SpawnedTestServer::TYPE_HTTP, |
| 3567 SpawnedTestServer::kLocalhost, |
| 3568 base::FilePath()); |
| 3569 ASSERT_TRUE(http_server.Start()); |
| 3570 SpawnedTestServer::SSLOptions ssl_options; |
| 3571 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256); |
| 3572 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS, |
| 3573 ssl_options, |
| 3574 base::FilePath(kTestFilePath)); |
| 3575 ASSERT_TRUE(https_test_server.Start()); |
| 3576 |
| 3577 TestDelegate d; |
| 3578 { |
| 3579 GURL redirect_url = http_server.GetURL( |
| 3580 "forward-tokbind?" + https_test_server.GetURL("tokbind-ekm").spec()); |
| 3581 scoped_ptr<URLRequest> r( |
| 3582 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d)); |
| 3583 r->Start(); |
| 3584 EXPECT_TRUE(r->is_pending()); |
| 3585 |
| 3586 base::RunLoop().Run(); |
| 3587 |
| 3588 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status()); |
| 3589 |
| 3590 HttpRequestHeaders headers; |
| 3591 std::string token_binding_header, token_binding_message; |
| 3592 EXPECT_TRUE(r->GetFullRequestHeaders(&headers)); |
| 3593 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding, |
| 3594 &token_binding_header)); |
| 3595 EXPECT_TRUE(base::Base64UrlDecode( |
| 3596 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING, |
| 3597 &token_binding_message)); |
| 3598 std::vector<TokenBinding> token_bindings; |
| 3599 ASSERT_TRUE( |
| 3600 ParseTokenBindingMessage(token_binding_message, &token_bindings)); |
| 3601 ASSERT_EQ(1ull, token_bindings.size()); |
| 3602 |
| 3603 EXPECT_GT(d.bytes_received(), 0); |
| 3604 std::string ekm = d.data_received(); |
| 3605 |
| 3606 EXPECT_EQ(TokenBindingType::PROVIDED, token_bindings[0].type); |
| 3607 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point, |
| 3608 token_bindings[0].signature, ekm)); |
| 3609 } |
| 3610 } |
| 3611 |
| 3612 // Test that if a server supporting Token Binding redirects (with |
| 3613 // Include-Referer-Token-Binding-ID) to an https url on a server that does not |
| 3614 // support Token Binding, then we do not send a Sec-Token-Binding when following |
| 3615 // the redirect. |
| 3616 TEST_F(TokenBindingURLRequestTest, ForwardWithoutTokenBinding) { |
| 3617 SpawnedTestServer::SSLOptions ssl_options; |
| 3618 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS, |
| 3619 ssl_options, |
| 3620 base::FilePath(kTestFilePath)); |
| 3621 ASSERT_TRUE(https_test_server.Start()); |
| 3622 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256); |
| 3623 SpawnedTestServer token_binding_test_server(SpawnedTestServer::TYPE_HTTPS, |
| 3624 ssl_options, |
| 3625 base::FilePath(kTestFilePath)); |
| 3626 ASSERT_TRUE(token_binding_test_server.Start()); |
| 3627 |
| 3628 TestDelegate d; |
| 3629 { |
| 3630 GURL redirect_url = token_binding_test_server.GetURL( |
| 3631 "forward-tokbind?" + https_test_server.GetURL("tokbind-ekm").spec()); |
| 3632 scoped_ptr<URLRequest> r( |
| 3633 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d)); |
| 3634 r->Start(); |
| 3635 EXPECT_TRUE(r->is_pending()); |
| 3636 |
| 3637 base::RunLoop().Run(); |
| 3638 |
| 3639 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status()); |
| 3640 |
| 3641 HttpRequestHeaders headers; |
| 3642 std::string token_binding_header, token_binding_message; |
| 3643 EXPECT_TRUE(r->GetFullRequestHeaders(&headers)); |
| 3644 EXPECT_FALSE(headers.GetHeader(HttpRequestHeaders::kTokenBinding, |
| 3645 &token_binding_header)); |
| 3646 } |
| 3647 } |
| 3648 #endif // !defined(OS_ANDROID) |
3512 #endif // !defined(OS_IOS) | 3649 #endif // !defined(OS_IOS) |
3513 | 3650 |
3514 // In this unit test, we're using the HTTPTestServer as a proxy server and | 3651 // In this unit test, we're using the HTTPTestServer as a proxy server and |
3515 // issuing a CONNECT request with the magic host name "www.redirect.com". | 3652 // issuing a CONNECT request with the magic host name "www.redirect.com". |
3516 // The EmbeddedTestServer will return a 302 response, which we should not | 3653 // The EmbeddedTestServer will return a 302 response, which we should not |
3517 // follow. | 3654 // follow. |
3518 TEST_F(URLRequestTestHTTP, ProxyTunnelRedirectTest) { | 3655 TEST_F(URLRequestTestHTTP, ProxyTunnelRedirectTest) { |
3519 http_test_server()->RegisterRequestHandler( | 3656 http_test_server()->RegisterRequestHandler( |
3520 base::Bind(&HandleRedirectConnect)); | 3657 base::Bind(&HandleRedirectConnect)); |
3521 ASSERT_TRUE(http_test_server()->Start()); | 3658 ASSERT_TRUE(http_test_server()->Start()); |
(...skipping 6524 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
10046 AddTestInterceptor()->set_main_intercept_job(std::move(job)); | 10183 AddTestInterceptor()->set_main_intercept_job(std::move(job)); |
10047 | 10184 |
10048 req->Start(); | 10185 req->Start(); |
10049 req->Cancel(); | 10186 req->Cancel(); |
10050 base::RunLoop().RunUntilIdle(); | 10187 base::RunLoop().RunUntilIdle(); |
10051 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); | 10188 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); |
10052 EXPECT_EQ(0, d.received_redirect_count()); | 10189 EXPECT_EQ(0, d.received_redirect_count()); |
10053 } | 10190 } |
10054 | 10191 |
10055 } // namespace net | 10192 } // namespace net |
OLD | NEW |