Clear HTTP auth data on clearing browsing data

net/http/http_auth_cache_unittest.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <string>
 
+#include "base/run_loop.h"
 #include "base/strings/string16.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
+#include "base/threading/thread_task_runner_handle.h"
 #include "net/base/net_errors.h"
 #include "net/http/http_auth_cache.h"
 #include "net/http/http_auth_handler.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using base::ASCIIToUTF16;
 
 namespace net {
 
 namespace {
@@ skipping 48 matching lines @@
 const base::string16 kPassword(ASCIIToUTF16("password"));
 const base::string16 kRoot(ASCIIToUTF16("root"));
 const base::string16 kUsername(ASCIIToUTF16("username"));
 const base::string16 kWileCoyote(ASCIIToUTF16("wilecoyote"));
 
 AuthCredentials CreateASCIICredentials(const char* username,
                                        const char* password) {
   return AuthCredentials(ASCIIToUTF16(username), ASCIIToUTF16(password));
 }
 
+// Ensures that difference between TimeTicks of entering and leaving this
+// function is non-zero.
+void EnsureTimeDifference() {
+  base::TimeTicks begin_time = base::TimeTicks::Now();
+  base::RunLoop run_loop;
+  base::Closure quit_closure(run_loop.QuitClosure());
+  base::ThreadTaskRunnerHandle::Get()->PostDelayedTask(
+      FROM_HERE, quit_closure,
+      base::TimeDelta::FromMilliseconds(
+          base::TimeTicks::IsHighResolution() ? 1 : 20));
+  run_loop.Run();
+  ASSERT_FALSE((base::TimeTicks::Now() - begin_time).is_zero());
+}
+
 }  // namespace
 
 // Test adding and looking-up cache entries (both by realm and by path).
 TEST(HttpAuthCacheTest, Basic) {
   GURL origin("http://www.google.com");
   HttpAuthCache cache;
   HttpAuthCache::Entry* entry;
 
   // Add cache entries for 4 realms: "Realm1", "Realm2", "Realm3" and
   // "Realm4"
@@ skipping 281 matching lines @@
       origin, kRealm3, HttpAuth::AUTH_SCHEME_BASIC,
       AuthCredentials(kAdmin, kPassword)));
 
   // Make sure that removing one entry still leaves the other available for
   // lookup.
   HttpAuthCache::Entry* entry = cache.Lookup(
       origin, kRealm3, HttpAuth::AUTH_SCHEME_DIGEST);
   EXPECT_FALSE(NULL == entry);
 }
 
+TEST(HttpAuthCacheTest, ClearEntriesAddedWithin) {
+  GURL origin("http://foobar.com");
+
+  HttpAuthCache cache;
+  cache.Add(origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm1",
+            AuthCredentials(kAlice, k123), "/");
+  cache.Add(origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm2",
+            AuthCredentials(kRoot, kWileCoyote), "/");
+
+  EnsureTimeDifference();
+  base::TimeTicks start_time = base::TimeTicks::Now();
+
+  cache.Add(origin, kRealm3, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm3",
+            AuthCredentials(kAlice2, k1234), "/");
+  cache.Add(origin, kRealm4, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm4",
+            AuthCredentials(kUsername, kPassword), "/");
+  // Add path to existing entry.
+  cache.Add(origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC, "basic realm=Realm2",
+            AuthCredentials(kAdmin, kPassword), "/baz/");
+
+  EnsureTimeDifference();
+  cache.ClearEntriesAddedWithin(base::TimeTicks::Now() - start_time);

[mmenke, 2016/08/25 19:28:02]

I still don't think this works - ClearEntriesAddedWithin calls
base::TimeTicks::Now() again, which may be greater than the
base::TimeTicks::Now() when it's called here, to calculate the Delta.  I don't
think we can reasonably expect to be able to ensure that a
base::TimeTicks::Now() - delta when called by production code is between two
times, without mocking out base::TimeTicks::Now().

+
+  EXPECT_NE(nullptr,
+            cache.Lookup(origin, kRealm1, HttpAuth::AUTH_SCHEME_BASIC));
+  EXPECT_NE(nullptr,
+            cache.Lookup(origin, kRealm2, HttpAuth::AUTH_SCHEME_BASIC));
+  // Creation time is set for a whole entry rather than for a particular path.
+  // Path added within the requested duration isn't be removed.
+  EXPECT_NE(nullptr, cache.LookupByPath(origin, "/baz/"));
+  EXPECT_EQ(nullptr,
+            cache.Lookup(origin, kRealm3, HttpAuth::AUTH_SCHEME_BASIC));
+  EXPECT_EQ(nullptr,
+            cache.Lookup(origin, kRealm4, HttpAuth::AUTH_SCHEME_BASIC));
+}
+
 TEST(HttpAuthCacheTest, UpdateStaleChallenge) {
   HttpAuthCache cache;
   GURL origin("http://foobar2.com");
   std::unique_ptr<HttpAuthHandler> digest_handler(new MockAuthHandler(
       HttpAuth::AUTH_SCHEME_DIGEST, kRealm1, HttpAuth::AUTH_PROXY));
   HttpAuthCache::Entry* entry_pre = cache.Add(
       origin,
       digest_handler->realm(),
       digest_handler->auth_scheme(),
       "Digest realm=Realm1,"
@@ skipping 210 matching lines @@
     CheckPathExistence(0, i, false);
 
   for (int i = 0; i < kMaxPaths; ++i)
     CheckPathExistence(0, i + 3, true);
 
   for (int i = 0; i < kMaxRealms; ++i)
     CheckRealmExistence(i, true);
 }
 
 }  // namespace net