Clear HTTP auth data on clearing browsing data

net/http/http_auth_cache_unittest.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <string>
 
 #include "base/strings/string16.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
@@ skipping 359 matching lines @@
       origin, kRealm3, HttpAuth::AUTH_SCHEME_BASIC,
       AuthCredentials(kAdmin, kPassword)));
 
   // Make sure that removing one entry still leaves the other available for
   // lookup.
   HttpAuthCache::Entry* entry = cache.Lookup(
       origin, kRealm3, HttpAuth::AUTH_SCHEME_DIGEST);
   EXPECT_FALSE(NULL == entry);
 }
 
+TEST(HttpAuthCacheTest, ClearEntriesAddedWithin) {
+  GURL origin("http://foobar.com");
+
+  HttpAuthCache cache;
+  cache.Add(origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm1",
+            AuthCredentials(kAlice, k123), "/");
+  cache.Add(origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm2",
+            AuthCredentials(kRoot, kWileCoyote), "/");

[mmenke, 2016/08/09 14:40:20]

I don't think we're guaranteed the time recorded here will be strictly less than
start_time.

So it's possible that ClearEntriesAddedWithin will delete these, too.

[Tomasz Moniuszko, 2016/08/25 10:33:00]

Done. I added EnsureTimeDifference() call.

+
+  base::TimeTicks start_time = base::TimeTicks::Now();
+
+  cache.Add(origin, kRealm3, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm3",
+            AuthCredentials(kAlice2, k1234), "/");
+  cache.Add(origin, kRealm4, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm4",
+            AuthCredentials(kUsername, kPassword), "/");
+  // Add path to existing entry.
+  cache.Add(origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm2",
+            AuthCredentials(kAdmin, kPassword), "/baz/");
+
+  cache.ClearEntriesAddedWithin(base::TimeTicks::Now() - start_time);

[mmenke, 2016/08/09 14:40:20]

I don't think we're guaranteed that no time will pass between when we call Now()
here, and when the body of ClearEntriesAddedWithin() is invoked.

So it's possible that ClearEntriesAddedWithin() won't remove anything.

Could do something silly like spin the message loop enough cycles so those won't
be problems, but then there's a question of how long is long enough, which
varies by platform, and by whether or not this is an ASAN build.

[Tomasz Moniuszko, 2016/08/25 10:33:00]

I added EnsureTimeDifference() function which ensures the difference between the
two TimeTicks is non-zero.

+
+  EXPECT_NE(nullptr,
+            cache.Lookup(origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC));
+  EXPECT_NE(nullptr,
+            cache.Lookup(origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC));
+  // Creation time is set for a whole entry rather than for a particular path.
+  // Path added within the requested duration isn't be removed.
+  EXPECT_NE(nullptr, cache.LookupByPath(origin, "/baz/"));
+  EXPECT_EQ(nullptr,
+            cache.Lookup(origin, kRealm3, HttpAuth::AUTH_SCHEME_BASIC));
+  EXPECT_EQ(nullptr,
+            cache.Lookup(origin, kRealm4, HttpAuth::AUTH_SCHEME_BASIC));
+}
+
 TEST(HttpAuthCacheTest, UpdateStaleChallenge) {
   HttpAuthCache cache;
   GURL origin("http://foobar2.com");
   std::unique_ptr<HttpAuthHandler> digest_handler(new MockAuthHandler(
       HttpAuth::AUTH_SCHEME_DIGEST, kRealm1, HttpAuth::AUTH_PROXY));
   HttpAuthCache::Entry* entry_pre = cache.Add(
       origin,
       digest_handler->realm(),
       digest_handler->auth_scheme(),
       "Digest realm=Realm1,"
@@ skipping 210 matching lines @@
     CheckPathExistence(0, i, false);
 
   for (int i = 0; i < kMaxPaths; ++i)
     CheckPathExistence(0, i + 3, true);
 
   for (int i = 0; i < kMaxRealms; ++i)
     CheckRealmExistence(i, true);
 }
 
 }  // namespace net