Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(798)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/url_request/url_request_unittest.cc

Issue 1781003003: Implement referred Token Bindings (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Add #ifdef for OS_ANDROID in TokenBindingURLRequestTest Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/url_request/url_request_job.cc ('k') | third_party/tlslite/README.chromium » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <utility> 5 #include <utility>
6 6
7 #include "build/build_config.h" 7 #include "build/build_config.h"
8 8
9 #if defined(OS_WIN) 9 #if defined(OS_WIN)
10 #include <windows.h> 10 #include <windows.h>
(...skipping 3481 matching lines...) Expand 10 before | Expand all | Expand 10 after
3492 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status()); 3492 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3493 3493
3494 HttpRequestHeaders headers; 3494 HttpRequestHeaders headers;
3495 std::string token_binding_header, token_binding_message; 3495 std::string token_binding_header, token_binding_message;
3496 EXPECT_TRUE(r->GetFullRequestHeaders(&headers)); 3496 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3497 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding, 3497 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3498 &token_binding_header)); 3498 &token_binding_header));
3499 EXPECT_TRUE(base::Base64UrlDecode( 3499 EXPECT_TRUE(base::Base64UrlDecode(
3500 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING, 3500 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
3501 &token_binding_message)); 3501 &token_binding_message));
3502 base::StringPiece ec_point, signature; 3502 std::vector<TokenBinding> token_bindings;
3503 EXPECT_TRUE( 3503 ASSERT_TRUE(
3504 ParseTokenBindingMessage(token_binding_message, &ec_point, &signature)); 3504 ParseTokenBindingMessage(token_binding_message, &token_bindings));
3505 ASSERT_EQ(1ull, token_bindings.size());
3505 3506
3506 EXPECT_GT(d.bytes_received(), 0); 3507 EXPECT_GT(d.bytes_received(), 0);
3507 std::string ekm = d.data_received(); 3508 std::string ekm = d.data_received();
3508 3509
3509 EXPECT_TRUE(VerifyEKMSignature(ec_point, signature, ekm)); 3510 EXPECT_EQ(TokenBindingType::PROVIDED, token_bindings[0].type);
3511 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
3512 token_bindings[0].signature, ekm));
3510 } 3513 }
3511 } 3514 }
3515
3516 TEST_F(TokenBindingURLRequestTest, ForwardTokenBinding) {
3517 SpawnedTestServer::SSLOptions ssl_options;
3518 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
3519 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
3520 ssl_options,
3521 base::FilePath(kTestFilePath));
3522 ASSERT_TRUE(https_test_server.Start());
3523
3524 TestDelegate d;
3525 {
3526 GURL redirect_url =
3527 https_test_server.GetURL("forward-tokbind?/tokbind-ekm");
3528 scoped_ptr<URLRequest> r(
3529 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
3530 r->Start();
3531 EXPECT_TRUE(r->is_pending());
3532
3533 base::RunLoop().Run();
3534
3535 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3536
3537 HttpRequestHeaders headers;
3538 std::string token_binding_header, token_binding_message;
3539 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3540 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3541 &token_binding_header));
3542 EXPECT_TRUE(base::Base64UrlDecode(
3543 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
3544 &token_binding_message));
3545 std::vector<TokenBinding> token_bindings;
3546 ASSERT_TRUE(
3547 ParseTokenBindingMessage(token_binding_message, &token_bindings));
3548 ASSERT_EQ(2ull, token_bindings.size());
3549
3550 EXPECT_GT(d.bytes_received(), 0);
3551 std::string ekm = d.data_received();
3552
3553 EXPECT_EQ(TokenBindingType::PROVIDED, token_bindings[0].type);
3554 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
3555 token_bindings[0].signature, ekm));
3556 EXPECT_EQ(TokenBindingType::REFERRED, token_bindings[1].type);
3557 EXPECT_TRUE(VerifyEKMSignature(token_bindings[1].ec_point,
3558 token_bindings[1].signature, ekm));
3559 }
3560 }
3561
3562 // TODO(nharper): Remove this #ifdef and replace SpawnedTestServer with
3563 // EmbeddedTestServer once crbug.com/599187 is resolved.
3564 #if !defined(OS_ANDROID)
3565 TEST_F(TokenBindingURLRequestTest, DontForwardHeaderFromHttp) {
3566 SpawnedTestServer http_server(SpawnedTestServer::TYPE_HTTP,
3567 SpawnedTestServer::kLocalhost,
3568 base::FilePath());
3569 ASSERT_TRUE(http_server.Start());
3570 SpawnedTestServer::SSLOptions ssl_options;
3571 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
3572 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
3573 ssl_options,
3574 base::FilePath(kTestFilePath));
3575 ASSERT_TRUE(https_test_server.Start());
3576
3577 TestDelegate d;
3578 {
3579 GURL redirect_url = http_server.GetURL(
3580 "forward-tokbind?" + https_test_server.GetURL("tokbind-ekm").spec());
3581 scoped_ptr<URLRequest> r(
3582 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
3583 r->Start();
3584 EXPECT_TRUE(r->is_pending());
3585
3586 base::RunLoop().Run();
3587
3588 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3589
3590 HttpRequestHeaders headers;
3591 std::string token_binding_header, token_binding_message;
3592 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3593 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3594 &token_binding_header));
3595 EXPECT_TRUE(base::Base64UrlDecode(
3596 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
3597 &token_binding_message));
3598 std::vector<TokenBinding> token_bindings;
3599 ASSERT_TRUE(
3600 ParseTokenBindingMessage(token_binding_message, &token_bindings));
3601 ASSERT_EQ(1ull, token_bindings.size());
3602
3603 EXPECT_GT(d.bytes_received(), 0);
3604 std::string ekm = d.data_received();
3605
3606 EXPECT_EQ(TokenBindingType::PROVIDED, token_bindings[0].type);
3607 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
3608 token_bindings[0].signature, ekm));
3609 }
3610 }
3611
3612 // Test that if a server supporting Token Binding redirects (with
3613 // Include-Referer-Token-Binding-ID) to an https url on a server that does not
3614 // support Token Binding, then we do not send a Sec-Token-Binding when following
3615 // the redirect.
3616 TEST_F(TokenBindingURLRequestTest, ForwardWithoutTokenBinding) {
3617 SpawnedTestServer::SSLOptions ssl_options;
3618 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
3619 ssl_options,
3620 base::FilePath(kTestFilePath));
3621 ASSERT_TRUE(https_test_server.Start());
3622 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
3623 SpawnedTestServer token_binding_test_server(SpawnedTestServer::TYPE_HTTPS,
3624 ssl_options,
3625 base::FilePath(kTestFilePath));
3626 ASSERT_TRUE(token_binding_test_server.Start());
3627
3628 TestDelegate d;
3629 {
3630 GURL redirect_url = token_binding_test_server.GetURL(
3631 "forward-tokbind?" + https_test_server.GetURL("tokbind-ekm").spec());
3632 scoped_ptr<URLRequest> r(
3633 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
3634 r->Start();
3635 EXPECT_TRUE(r->is_pending());
3636
3637 base::RunLoop().Run();
3638
3639 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3640
3641 HttpRequestHeaders headers;
3642 std::string token_binding_header, token_binding_message;
3643 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3644 EXPECT_FALSE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3645 &token_binding_header));
3646 }
3647 }
3648 #endif // !defined(OS_ANDROID)
3512 #endif // !defined(OS_IOS) 3649 #endif // !defined(OS_IOS)
3513 3650
3514 // In this unit test, we're using the HTTPTestServer as a proxy server and 3651 // In this unit test, we're using the HTTPTestServer as a proxy server and
3515 // issuing a CONNECT request with the magic host name "www.redirect.com". 3652 // issuing a CONNECT request with the magic host name "www.redirect.com".
3516 // The EmbeddedTestServer will return a 302 response, which we should not 3653 // The EmbeddedTestServer will return a 302 response, which we should not
3517 // follow. 3654 // follow.
3518 TEST_F(URLRequestTestHTTP, ProxyTunnelRedirectTest) { 3655 TEST_F(URLRequestTestHTTP, ProxyTunnelRedirectTest) {
3519 http_test_server()->RegisterRequestHandler( 3656 http_test_server()->RegisterRequestHandler(
3520 base::Bind(&HandleRedirectConnect)); 3657 base::Bind(&HandleRedirectConnect));
3521 ASSERT_TRUE(http_test_server()->Start()); 3658 ASSERT_TRUE(http_test_server()->Start());
(...skipping 6524 matching lines...) Expand 10 before | Expand all | Expand 10 after
10046 AddTestInterceptor()->set_main_intercept_job(std::move(job)); 10183 AddTestInterceptor()->set_main_intercept_job(std::move(job));
10047 10184
10048 req->Start(); 10185 req->Start();
10049 req->Cancel(); 10186 req->Cancel();
10050 base::RunLoop().RunUntilIdle(); 10187 base::RunLoop().RunUntilIdle();
10051 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); 10188 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status());
10052 EXPECT_EQ(0, d.received_redirect_count()); 10189 EXPECT_EQ(0, d.received_redirect_count());
10053 } 10190 }
10054 10191
10055 } // namespace net 10192 } // namespace net
OLDNEW
« no previous file with comments | « net/url_request/url_request_job.cc ('k') | third_party/tlslite/README.chromium » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698