Implementation for chrome.certificateProvider.requestPin/stopPinRequest

chrome/browser/extensions/api/certificate_provider/certificate_provider_apitest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include <stddef.h>
 #include <stdint.h>
 #include <stdlib.h>
 
 #include <memory>
 #include <string>
 #include <vector>
 
 #include "base/bind.h"
 #include "base/callback.h"
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/run_loop.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/values.h"
+#include "chrome/browser/chromeos/certificate_provider/certificate_provider_service.h"
+#include "chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.h"
+#include "chrome/browser/extensions/api/certificate_provider/certificate_provider_api.h"
 #include "chrome/browser/extensions/extension_apitest.h"
 #include "chrome/browser/ui/tabs/tab_strip_model.h"
 #include "chrome/test/base/ui_test_utils.h"
 #include "components/policy/core/browser/browser_policy_connector.h"
 #include "components/policy/core/common/mock_configuration_policy_provider.h"
 #include "components/policy/core/common/policy_map.h"
 #include "components/policy/core/common/policy_types.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/test/test_navigation_observer.h"
 #include "content/public/test/test_utils.h"
 #include "crypto/rsa_private_key.h"
 #include "crypto/scoped_openssl_types.h"
 #include "extensions/common/extension.h"
 #include "extensions/test/result_catcher.h"
 #include "net/test/spawned_test_server/spawned_test_server.h"
 #include "policy/policy_constants.h"
 #include "testing/gmock/include/gmock/gmock.h"
+#include "ui/views/controls/label.h"
+#include "ui/views/controls/textfield/textfield.h"
+#include "ui/views/widget/widget.h"

[stevenjb, 2016/08/09 21:04:39]

The API test shouldn't also test the UI, we should mock that out instead. The
best way to do that is to create a delegate interface that the UI can implement,
that way the extension code doesn't need to know anything about the UI code.

 
 using testing::Return;
 using testing::_;
 
 namespace {
 
 void IgnoreResult(const base::Closure& callback, const base::Value* value) {
   callback.Run();
 }
 
@@ skipping 64 matching lines @@
 std::string JsUint8Array(const std::vector<uint8_t>& bytes) {
   std::string res = "new Uint8Array([";
   for (const uint8_t byte : bytes) {
     res += base::UintToString(byte);
     res += ", ";
   }
   res += "])";
   return res;
 }
 
+// Enters the code in the ShowPinDialog window and pushes the OK event.
+void EnterCode(chromeos::CertificateProviderService* service,
+               base::string16 code) {
+   chromeos::RequestPinView* view = service->active_view_for_testing();
+   view->textfield_for_testing()->SetText(code);
+   view->Accept();
+   base::RunLoop().RunUntilIdle();
+}
+
+// Enters the valid code for extensions from local example folders, in the
+// ShowPinDialog window and waits for the window to close.
+void EnterCorrectPin(chromeos::CertificateProviderService* service) {
+  views::Widget* active_window = service->active_window_for_testing();
+  EnterCode(service, base::ASCIIToUTF16("1234"));
+
+  // Wait for extension to send request to close the window.
+  while (!active_window->IsClosed()) {
+    base::RunLoop().RunUntilIdle();
+  }
+}
+
+// Enters an invalid code for extensions from local example folders, in the
+// ShowPinDialog window and waits for the window to update with the error.
+void EnterWrongPin(chromeos::CertificateProviderService* service) {
+  EnterCode(service, base::ASCIIToUTF16("123"));
+
+  chromeos::RequestPinView* view = service->active_view_for_testing();
+  // Waiting for extension to open the dialog again with an error in red
+  // displayed.
+  while (view->error_label_for_testing()->enabled_color() != SK_ColorRED) {
+    base::RunLoop().RunUntilIdle();
+  }
+}
+
 class CertificateProviderApiTest : public ExtensionApiTest {
  public:
   CertificateProviderApiTest() {}
 
   void SetUpInProcessBrowserTestFixture() override {
     EXPECT_CALL(provider_, IsInitializationComplete(_))
         .WillRepeatedly(Return(true));
     policy::BrowserPolicyConnector::SetPolicyProviderForTesting(&provider_);
 
     ExtensionApiTest::SetUpInProcessBrowserTestFixture();
@@ skipping 11 matching lines @@
     policy::PolicyMap policy;
     policy.Set(policy::key::kAutoSelectCertificateForUrls,
                policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
                policy::POLICY_SOURCE_CLOUD, std::move(autoselect_policy),
                nullptr);
     provider_.UpdateChromePolicy(policy);
 
     content::RunAllPendingInMessageLoop();
   }
 
+  // Loads certificate_provider extension from folder (the page basic.html).
+  // Returns the CertificateProviderService object from browser context.
+  chromeos::CertificateProviderService* LoadExtensionFromFolder(
+      std::string folder) {
+    content::WebContents* extension_contents =
+        browser()->tab_strip_model()->GetActiveWebContents();
+    chromeos::CertificateProviderService* service =
+        chromeos::CertificateProviderServiceFactory::GetForBrowserContext(
+            extension_contents->GetBrowserContext());
+    service->AddSignRequestId(123);
+    const base::FilePath extension_path =
+        test_data_dir_.AppendASCII("certificate_provider/" + folder);
+    const extensions::Extension* const extension =
+        LoadExtension(extension_path);
+    ui_test_utils::NavigateToURL(browser(),
+                                 extension->GetResourceURL("basic.html"));
+    base::RunLoop().RunUntilIdle();
+    return service;
+  }
+
  protected:
   policy::MockConfigurationPolicyProvider provider_;
 };
 
 }  // namespace
 
 IN_PROC_BROWSER_TEST_F(CertificateProviderApiTest, Basic) {
   // Start an HTTPS test server that requests a client certificate.
   net::SpawnedTestServer::SSLOptions ssl_options;
   ssl_options.request_client_certificate = true;
@@ skipping 94 matching lines @@
     base::RunLoop run_loop;
     const std::string code = "replyWithSignatureSecondTime();";
     bool result = false;
     extension_contents->GetMainFrame()->ExecuteJavaScriptForTests(
         base::ASCIIToUTF16(code),
         base::Bind(&StoreBool, &result, run_loop.QuitClosure()));
     run_loop.Run();
     EXPECT_TRUE(result);
   }
 }
+
+// User closes the dialog three times, and the extension should be blocked from
+// showing it again.
+IN_PROC_BROWSER_TEST_F(CertificateProviderApiTest, ShowPinDialogClose) {
+  chromeos::CertificateProviderService* service =
+      LoadExtensionFromFolder("request_pin");
+
+  views::Widget* window = service->active_window_for_testing();
+  for (int i = 0; i < extensions::MAX_CLOSED_DIALOGS_PER_10_MINUTES; i++) {
+    window->Close();
+    // Waiting for the new window to pop up.
+    while (service->active_window_for_testing() == window) {
+      base::RunLoop().RunUntilIdle();
+    }
+
+    window = service->active_window_for_testing();
+  }
+
+  // This time when closed, the window should not be able to pop up again.
+  window->Close();
+  EXPECT_EQ(service->active_view_for_testing(), nullptr);
+}
+
+// User enters the correct PIN.
+IN_PROC_BROWSER_TEST_F(CertificateProviderApiTest, ShowPinDialogAccept) {
+  chromeos::CertificateProviderService* service =
+      LoadExtensionFromFolder("request_pin");
+
+  EnterCorrectPin(service);
+  chromeos::RequestPinView* view = service->active_view_for_testing();
+
+  // The view should be set to nullptr when the window is closed.
+  ASSERT_TRUE(view == nullptr);
+}
+
+// User enters a wrong PIN first and a correct PIN on the second try.
+IN_PROC_BROWSER_TEST_F(CertificateProviderApiTest, ShowPinDialogWrongPin) {
+  chromeos::CertificateProviderService* service =
+      LoadExtensionFromFolder("request_pin");
+
+  EnterWrongPin(service);
+  chromeos::RequestPinView* view = service->active_view_for_testing();
+
+  // The window should be active.
+  ASSERT_TRUE(service->active_window_for_testing()->IsVisible());
+  view = service->active_view_for_testing();
+  ASSERT_TRUE(view != nullptr);
+
+  // Enter the valid PIN.
+  EnterCorrectPin(service);
+  view = service->active_view_for_testing();
+
+  // The view should be set to nullptr when the window is closed.
+  ASSERT_TRUE(view == nullptr);
+}
+
+// User enters wrong PIN three times.
+IN_PROC_BROWSER_TEST_F(CertificateProviderApiTest,
+                       ShowPinDialogWrongPinThreeTimes) {
+  chromeos::CertificateProviderService* service =
+      LoadExtensionFromFolder("request_pin");
+  for (int i = 0; i < 3; i++) {
+    EnterWrongPin(service);
+  }
+
+  chromeos::RequestPinView* view = service->active_view_for_testing();
+
+  // The textfield has to be disabled, as extension does not allow input now.
+  ASSERT_FALSE(view->textfield_for_testing()->enabled());
+
+  // Close the dialog.
+  service->active_window_for_testing()->Close();
+  EXPECT_EQ(service->active_view_for_testing(), nullptr);
+}
+
+// User closes the dialog while the extension is processing the request.
+IN_PROC_BROWSER_TEST_F(CertificateProviderApiTest,
+                       ShowPinDialogCloseWhileProcessing) {
+  chromeos::CertificateProviderService* service =
+      LoadExtensionFromFolder("request_pin");
+
+  EnterCode(service, base::ASCIIToUTF16("123"));
+  service->active_window_for_testing()->Close();
+
+  // The window should be active.
+  ASSERT_TRUE(!service->active_window_for_testing()->IsVisible());
+
+  // The view should be set to nullptr when the window is closed.
+  ASSERT_TRUE(service->active_view_for_testing() == nullptr);
+}