Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(579)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/url_request/url_request_unittest.cc

Issue 1781003003: Implement referred Token Bindings (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: s/StringPice/StringPiece/ Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/ssl/token_binding.h ('K') | « net/url_request/url_request_job.cc ('k') | third_party/tlslite/README.chromium » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <utility> 5 #include <utility>
6 6
7 #include "build/build_config.h" 7 #include "build/build_config.h"
8 8
9 #if defined(OS_WIN) 9 #if defined(OS_WIN)
10 #include <windows.h> 10 #include <windows.h>
(...skipping 3481 matching lines...) Expand 10 before | Expand all | Expand 10 after
3492 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status()); 3492 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3493 3493
3494 HttpRequestHeaders headers; 3494 HttpRequestHeaders headers;
3495 std::string token_binding_header, token_binding_message; 3495 std::string token_binding_header, token_binding_message;
3496 EXPECT_TRUE(r->GetFullRequestHeaders(&headers)); 3496 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3497 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding, 3497 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3498 &token_binding_header)); 3498 &token_binding_header));
3499 EXPECT_TRUE(base::Base64UrlDecode( 3499 EXPECT_TRUE(base::Base64UrlDecode(
3500 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING, 3500 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
3501 &token_binding_message)); 3501 &token_binding_message));
3502 base::StringPiece ec_point, signature; 3502 std::vector<TokenBinding> token_bindings;
3503 EXPECT_TRUE( 3503 ASSERT_TRUE(
3504 ParseTokenBindingMessage(token_binding_message, &ec_point, &signature)); 3504 ParseTokenBindingMessage(token_binding_message, &token_bindings));
3505 ASSERT_EQ(1ull, token_bindings.size());
3505 3506
3506 EXPECT_GT(d.bytes_received(), 0); 3507 EXPECT_GT(d.bytes_received(), 0);
3507 std::string ekm = d.data_received(); 3508 std::string ekm = d.data_received();
3508 3509
3509 EXPECT_TRUE(VerifyEKMSignature(ec_point, signature, ekm)); 3510 EXPECT_EQ(TB_TYPE_PROVIDED, token_bindings[0].type);
3511 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
3512 token_bindings[0].signature, ekm));
3513 }
3514 }
3515
3516 TEST_F(TokenBindingURLRequestTest, ForwardTokenBinding) {
3517 SpawnedTestServer::SSLOptions ssl_options;
3518 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
3519 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
3520 ssl_options,
3521 base::FilePath(kTestFilePath));
3522 ASSERT_TRUE(https_test_server.Start());
3523
3524 TestDelegate d;
3525 {
3526 GURL redirect_url =
3527 https_test_server.GetURL("forward-tokbind?/tokbind-ekm");
3528 scoped_ptr<URLRequest> r(
3529 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
3530 r->Start();
3531 EXPECT_TRUE(r->is_pending());
3532
3533 base::RunLoop().Run();
3534
3535 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3536
3537 HttpRequestHeaders headers;
3538 std::string token_binding_header, token_binding_message;
3539 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3540 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3541 &token_binding_header));
3542 EXPECT_TRUE(base::Base64UrlDecode(
3543 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
3544 &token_binding_message));
3545 std::vector<TokenBinding> token_bindings;
3546 ASSERT_TRUE(
3547 ParseTokenBindingMessage(token_binding_message, &token_bindings));
3548 ASSERT_EQ(2ull, token_bindings.size());
3549
3550 EXPECT_GT(d.bytes_received(), 0);
3551 std::string ekm = d.data_received();
3552
3553 EXPECT_EQ(TB_TYPE_PROVIDED, token_bindings[0].type);
3554 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
3555 token_bindings[0].signature, ekm));
3556 EXPECT_EQ(TB_TYPE_REFERRED, token_bindings[1].type);
3557 EXPECT_TRUE(VerifyEKMSignature(token_bindings[1].ec_point,
3558 token_bindings[1].signature, ekm));
3559 }
3560 }
3561
3562 TEST_F(TokenBindingURLRequestTest, DontForwardHeaderFromHttp) {
3563 SpawnedTestServer http_server(SpawnedTestServer::TYPE_HTTP,
3564 SpawnedTestServer::kLocalhost,
3565 base::FilePath());
3566 ASSERT_TRUE(http_server.Start());
3567 SpawnedTestServer::SSLOptions ssl_options;
3568 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
3569 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
3570 ssl_options,
3571 base::FilePath(kTestFilePath));
3572 ASSERT_TRUE(https_test_server.Start());
3573
3574 TestDelegate d;
3575 {
3576 GURL redirect_url = http_server.GetURL(
3577 "forward-tokbind?" + https_test_server.GetURL("tokbind-ekm").spec());
3578 scoped_ptr<URLRequest> r(
3579 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
3580 r->Start();
3581 EXPECT_TRUE(r->is_pending());
3582
3583 base::RunLoop().Run();
3584
3585 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3586
3587 HttpRequestHeaders headers;
3588 std::string token_binding_header, token_binding_message;
3589 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3590 EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3591 &token_binding_header));
3592 EXPECT_TRUE(base::Base64UrlDecode(
3593 token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
3594 &token_binding_message));
3595 std::vector<TokenBinding> token_bindings;
3596 ASSERT_TRUE(
3597 ParseTokenBindingMessage(token_binding_message, &token_bindings));
3598 ASSERT_EQ(1ull, token_bindings.size());
3599
3600 EXPECT_GT(d.bytes_received(), 0);
3601 std::string ekm = d.data_received();
3602
3603 EXPECT_EQ(TB_TYPE_PROVIDED, token_bindings[0].type);
3604 EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
3605 token_bindings[0].signature, ekm));
3606 }
3607 }
3608
3609 // Test that if a server supporting Token Binding redirects (with
3610 // Include-Referer-Token-Binding-ID) to an https url on a server that does not
3611 // support Token Binding, then we do not send a Sec-Token-Binding when following
3612 // the redirect.
3613 TEST_F(TokenBindingURLRequestTest, ForwardWithoutTokenBinding) {
3614 SpawnedTestServer::SSLOptions ssl_options;
3615 SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
3616 ssl_options,
3617 base::FilePath(kTestFilePath));
3618 ASSERT_TRUE(https_test_server.Start());
3619 ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
3620 SpawnedTestServer token_binding_test_server(SpawnedTestServer::TYPE_HTTPS,
3621 ssl_options,
3622 base::FilePath(kTestFilePath));
3623 ASSERT_TRUE(token_binding_test_server.Start());
3624
3625 TestDelegate d;
3626 {
3627 GURL redirect_url = https_test_server.GetURL(
3628 "forward-tokbind?" +
3629 token_binding_test_server.GetURL("tokbind-ekm").spec());
3630 scoped_ptr<URLRequest> r(
3631 default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
3632 r->Start();
3633 EXPECT_TRUE(r->is_pending());
3634
3635 base::RunLoop().Run();
3636
3637 EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
3638
3639 HttpRequestHeaders headers;
3640 std::string token_binding_header, token_binding_message;
3641 EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
3642 EXPECT_FALSE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
3643 &token_binding_header));
3510 } 3644 }
3511 } 3645 }
3512 #endif // !defined(OS_IOS) 3646 #endif // !defined(OS_IOS)
3513 3647
3514 // In this unit test, we're using the HTTPTestServer as a proxy server and 3648 // In this unit test, we're using the HTTPTestServer as a proxy server and
3515 // issuing a CONNECT request with the magic host name "www.redirect.com". 3649 // issuing a CONNECT request with the magic host name "www.redirect.com".
3516 // The EmbeddedTestServer will return a 302 response, which we should not 3650 // The EmbeddedTestServer will return a 302 response, which we should not
3517 // follow. 3651 // follow.
3518 TEST_F(URLRequestTestHTTP, ProxyTunnelRedirectTest) { 3652 TEST_F(URLRequestTestHTTP, ProxyTunnelRedirectTest) {
3519 http_test_server()->RegisterRequestHandler( 3653 http_test_server()->RegisterRequestHandler(
(...skipping 6526 matching lines...) Expand 10 before | Expand all | Expand 10 after
10046 AddTestInterceptor()->set_main_intercept_job(std::move(job)); 10180 AddTestInterceptor()->set_main_intercept_job(std::move(job));
10047 10181
10048 req->Start(); 10182 req->Start();
10049 req->Cancel(); 10183 req->Cancel();
10050 base::RunLoop().RunUntilIdle(); 10184 base::RunLoop().RunUntilIdle();
10051 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); 10185 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status());
10052 EXPECT_EQ(0, d.received_redirect_count()); 10186 EXPECT_EQ(0, d.received_redirect_count());
10053 } 10187 }
10054 10188
10055 } // namespace net 10189 } // namespace net
OLDNEW
« net/ssl/token_binding.h ('K') | « net/url_request/url_request_job.cc ('k') | third_party/tlslite/README.chromium » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698