Implement pin storage backend.

chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h"
+#include "chrome/browser/chromeos/login/quick_unlock/pin_storage_factory.h"
+
+#include "chrome/common/pref_names.h"
+#include "chrome/test/base/testing_profile.h"
+#include "components/prefs/pref_service.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace {
+
+class PinStorageUnitTest : public testing::Test {
+ protected:
+  PinStorageUnitTest() : profile_(new TestingProfile()) {}
+
+  std::unique_ptr<TestingProfile> profile_;
+
+  DISALLOW_COPY_AND_ASSIGN(PinStorageUnitTest);
+};
+
+}  // namespace
+
+// Verifies that:
+// 1. Prefs are initially empty
+// 2. Setting a PIN will update the pref system.
+// 3. Removing a PIN clears prefs.
+TEST_F(PinStorageUnitTest, PinStorageWritesToPrefs) {
+  PrefService* prefs = profile_->GetPrefs();
+
+  EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSalt));
+  EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSecret));
+
+  chromeos::PinStorage* pin_storage =
+      chromeos::PinStorageFactory::GetForProfile(profile_.get());
+  pin_storage->SetPin("1111");
+  EXPECT_TRUE(pin_storage->IsPinSet());
+  EXPECT_EQ(pin_storage->PinSalt(),
+            prefs->GetString(prefs::kQuickUnlockPinSalt));
+  EXPECT_EQ(pin_storage->PinSecret(),
+            prefs->GetString(prefs::kQuickUnlockPinSecret));
+  EXPECT_NE("", pin_storage->PinSalt());
+  EXPECT_NE("", pin_storage->PinSecret());
+
+  pin_storage->RemovePin();
+  EXPECT_FALSE(pin_storage->IsPinSet());
+  EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSalt));
+  EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSecret));
+}
+
+// Verifies that:
+// 1. Initial unlock attempt count is zero.
+// 2. Attempting unlock attempts correctly increases unlock attempt count.
+// 3. Resetting unlock attempt count correctly sets attempt count to 0.
+TEST_F(PinStorageUnitTest, UnlockAttemptCount) {
+  chromeos::PinStorage* pin_storage =
+      chromeos::PinStorageFactory::GetForProfile(profile_.get());
+
+  EXPECT_EQ(0, pin_storage->UnlockAttemptCount());
+
+  pin_storage->AddUnlockAttempt();
+  pin_storage->AddUnlockAttempt();
+  pin_storage->AddUnlockAttempt();
+  EXPECT_EQ(3, pin_storage->UnlockAttemptCount());
+
+  pin_storage->ResetUnlockAttemptCount();
+  EXPECT_EQ(0, pin_storage->UnlockAttemptCount());
+}
+
+// Verifies that marking the strong auth makes TimeSinceLastStrongAuth a > zero
+// value.
+TEST_F(PinStorageUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) {
+  chromeos::PinStorage* pin_storage =
+      chromeos::PinStorageFactory::GetForProfile(profile_.get());
+
+  EXPECT_FALSE(pin_storage->HasStrongAuth());
+
+  pin_storage->MarkStrongAuth();
+
+  EXPECT_TRUE(pin_storage->HasStrongAuth());
+  pin_storage->last_strong_auth_ -= base::TimeDelta::FromSeconds(60);
+
+  EXPECT_TRUE(pin_storage->TimeSinceLastStrongAuth() >=
+              base::TimeDelta::FromSeconds(30));
+}
+
+// Verifies that the correct pin can be used to authenticate.
+TEST_F(PinStorageUnitTest, AuthenticationSucceedsWithRightPin) {
+  chromeos::PinStorage* pin_storage =
+      chromeos::PinStorageFactory::GetForProfile(profile_.get());
+
+  pin_storage->SetPin("1111");
+
+  pin_storage->MarkStrongAuth();
+  EXPECT_TRUE(pin_storage->TryAuthenticatePin("1111"));
+}
+
+// Verifies that the correct pin will fail to authenticate if too many
+// authentication attempts have been made.
+TEST_F(PinStorageUnitTest, AuthenticationFailsFromTooManyAttempts) {
+  chromeos::PinStorage* pin_storage =
+      chromeos::PinStorageFactory::GetForProfile(profile_.get());
+
+  pin_storage->SetPin("1111");
+
+  // Use up all of the authentication attempts so authentication fails.
+  pin_storage->MarkStrongAuth();
+  EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable());
+  for (int i = 0; i < chromeos::PinStorage::kMaximumUnlockAttempts; ++i)
+    EXPECT_FALSE(pin_storage->TryAuthenticatePin("foobar"));
+
+  // We used up all of the attempts, so entering the right PIN will still fail.
+  EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable());
+  EXPECT_FALSE(pin_storage->TryAuthenticatePin("1111"));
+}
+
+// Verifies that the correct pin will fail to authenticate if it has been too
+// long since a strong-auth/password authentication.
+TEST_F(PinStorageUnitTest, AuthenticationFailsFromTimeout) {
+  chromeos::PinStorage* pin_storage =
+      chromeos::PinStorageFactory::GetForProfile(profile_.get());
+
+  pin_storage->SetPin("1111");
+  pin_storage->MarkStrongAuth();
+  EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable());
+
+  // Move the auth time into the past so that it's larger than the auth timeout.
+  pin_storage->last_strong_auth_ -=

[achuithb, 2016/05/16 23:05:10]

Let's use a setter for testing here

[jdufault, 2016/05/17 19:58:26]

Replaced with a custom test API.

+      chromeos::PinStorage::kStrongAuthTimeout + base::TimeDelta::FromHours(1);
+  EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable());
+}