| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "blimp/client/session/assignment_source.h" | |
| 6 | |
| 7 #include "base/command_line.h" | |
| 8 #include "base/files/file_path.h" | |
| 9 #include "base/files/file_util.h" | |
| 10 #include "base/json/json_reader.h" | |
| 11 #include "base/json/json_writer.h" | |
| 12 #include "base/message_loop/message_loop.h" | |
| 13 #include "base/path_service.h" | |
| 14 #include "base/run_loop.h" | |
| 15 #include "base/strings/string_number_conversions.h" | |
| 16 #include "base/test/test_simple_task_runner.h" | |
| 17 #include "base/threading/thread_task_runner_handle.h" | |
| 18 #include "base/values.h" | |
| 19 #include "blimp/client/core/blimp_client_switches.h" | |
| 20 #include "blimp/common/get_client_token.h" | |
| 21 #include "blimp/common/protocol_version.h" | |
| 22 #include "blimp/common/switches.h" | |
| 23 #include "components/safe_json/testing_json_parser.h" | |
| 24 #include "net/test/test_data_directory.h" | |
| 25 #include "net/url_request/test_url_fetcher_factory.h" | |
| 26 #include "testing/gmock/include/gmock/gmock.h" | |
| 27 #include "testing/gtest/include/gtest/gtest.h" | |
| 28 #include "url/gurl.h" | |
| 29 | |
| 30 using testing::_; | |
| 31 using testing::DoAll; | |
| 32 using testing::InSequence; | |
| 33 using testing::NotNull; | |
| 34 using testing::Return; | |
| 35 using testing::SetArgPointee; | |
| 36 | |
| 37 namespace blimp { | |
| 38 namespace client { | |
| 39 namespace { | |
| 40 | |
| 41 const uint8_t kTestIpAddress[] = {127, 0, 0, 1}; | |
| 42 const uint16_t kTestPort = 8086; | |
| 43 const char kTestIpAddressString[] = "127.0.0.1"; | |
| 44 const char kTcpTransportName[] = "tcp"; | |
| 45 const char kSslTransportName[] = "ssl"; | |
| 46 const char kCertRelativePath[] = | |
| 47 "blimp/client/session/test_selfsigned_cert.pem"; | |
| 48 const char kTestClientToken[] = "secrett0ken"; | |
| 49 const char kTestAuthToken[] = "UserAuthT0kenz"; | |
| 50 const char kAssignerUrl[] = "http://www.assigner.test/"; | |
| 51 const char kTestClientTokenPath[] = "blimp/test/data/test_client_token"; | |
| 52 | |
| 53 MATCHER_P(AssignmentEquals, assignment, "") { | |
| 54 return arg.transport_protocol == assignment.transport_protocol && | |
| 55 arg.engine_endpoint == assignment.engine_endpoint && | |
| 56 arg.client_token == assignment.client_token && | |
| 57 ((!assignment.cert && !arg.cert) || | |
| 58 (arg.cert && assignment.cert && | |
| 59 arg.cert->Equals(assignment.cert.get()))); | |
| 60 } | |
| 61 | |
| 62 // Converts |value| to a JSON string. | |
| 63 std::string ValueToString(const base::Value& value) { | |
| 64 std::string json; | |
| 65 base::JSONWriter::Write(value, &json); | |
| 66 return json; | |
| 67 } | |
| 68 | |
| 69 class AssignmentSourceTest : public testing::Test { | |
| 70 public: | |
| 71 AssignmentSourceTest() | |
| 72 : source_(GURL(kAssignerUrl), | |
| 73 message_loop_.task_runner(), | |
| 74 message_loop_.task_runner()) {} | |
| 75 | |
| 76 void SetUp() override { | |
| 77 base::FilePath src_root; | |
| 78 PathService::Get(base::DIR_SOURCE_ROOT, &src_root); | |
| 79 ASSERT_FALSE(src_root.empty()); | |
| 80 cert_path_ = src_root.Append(kCertRelativePath); | |
| 81 client_token_path_ = src_root.Append(kTestClientTokenPath); | |
| 82 ASSERT_TRUE(base::ReadFileToString(cert_path_, &cert_pem_)); | |
| 83 net::CertificateList cert_list = | |
| 84 net::X509Certificate::CreateCertificateListFromBytes( | |
| 85 cert_pem_.data(), cert_pem_.size(), | |
| 86 net::X509Certificate::FORMAT_PEM_CERT_SEQUENCE); | |
| 87 ASSERT_FALSE(cert_list.empty()); | |
| 88 cert_ = std::move(cert_list[0]); | |
| 89 ASSERT_TRUE(cert_); | |
| 90 } | |
| 91 | |
| 92 // This expects the AssignmentSource::GetAssignment to return a custom | |
| 93 // endpoint without having to hit the network. This will typically be used | |
| 94 // for testing that specifying an assignment via the command line works as | |
| 95 // expected. | |
| 96 void GetAlternateAssignment() { | |
| 97 source_.GetAssignment("", | |
| 98 base::Bind(&AssignmentSourceTest::AssignmentResponse, | |
| 99 base::Unretained(this))); | |
| 100 EXPECT_EQ(nullptr, factory_.GetFetcherByID(0)); | |
| 101 base::RunLoop().RunUntilIdle(); | |
| 102 } | |
| 103 | |
| 104 // See net/base/net_errors.h for possible status errors. | |
| 105 void GetNetworkAssignmentAndWaitForResponse( | |
| 106 net::HttpStatusCode response_code, | |
| 107 int status, | |
| 108 const std::string& response, | |
| 109 const std::string& client_auth_token, | |
| 110 const int protocol_version) { | |
| 111 source_.GetAssignment(client_auth_token, | |
| 112 base::Bind(&AssignmentSourceTest::AssignmentResponse, | |
| 113 base::Unretained(this))); | |
| 114 base::RunLoop().RunUntilIdle(); | |
| 115 | |
| 116 net::TestURLFetcher* fetcher = factory_.GetFetcherByID(0); | |
| 117 | |
| 118 EXPECT_NE(nullptr, fetcher); | |
| 119 EXPECT_EQ(kAssignerUrl, fetcher->GetOriginalURL().spec()); | |
| 120 | |
| 121 // Check that the request has a valid protocol_version. | |
| 122 std::unique_ptr<base::Value> json = | |
| 123 base::JSONReader::Read(fetcher->upload_data()); | |
| 124 EXPECT_NE(nullptr, json.get()); | |
| 125 | |
| 126 const base::DictionaryValue* dict; | |
| 127 EXPECT_TRUE(json->GetAsDictionary(&dict)); | |
| 128 | |
| 129 std::string uploaded_protocol_version; | |
| 130 EXPECT_TRUE( | |
| 131 dict->GetString("protocol_version", &uploaded_protocol_version)); | |
| 132 std::string expected_protocol_version = base::IntToString(protocol_version); | |
| 133 EXPECT_EQ(expected_protocol_version, uploaded_protocol_version); | |
| 134 | |
| 135 // Check that the request has a valid authentication header. | |
| 136 net::HttpRequestHeaders headers; | |
| 137 fetcher->GetExtraRequestHeaders(&headers); | |
| 138 | |
| 139 std::string authorization; | |
| 140 EXPECT_TRUE(headers.GetHeader("Authorization", &authorization)); | |
| 141 EXPECT_EQ("Bearer " + client_auth_token, authorization); | |
| 142 | |
| 143 // Send the fake response back. | |
| 144 fetcher->set_response_code(response_code); | |
| 145 fetcher->set_status(net::URLRequestStatus::FromError(status)); | |
| 146 fetcher->SetResponseString(response); | |
| 147 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 148 | |
| 149 base::RunLoop().RunUntilIdle(); | |
| 150 } | |
| 151 | |
| 152 MOCK_METHOD2(AssignmentResponse, | |
| 153 void(AssignmentSource::Result, const Assignment&)); | |
| 154 | |
| 155 protected: | |
| 156 Assignment BuildSslAssignment(); | |
| 157 | |
| 158 // Builds simulated JSON response from the Assigner service. | |
| 159 std::unique_ptr<base::DictionaryValue> BuildAssignerResponse(); | |
| 160 | |
| 161 // Used to drive all AssignmentSource tasks. | |
| 162 // MessageLoop is required by TestingJsonParser's self-deletion logic. | |
| 163 // TODO(bauerb): Replace this with a TestSimpleTaskRunner once | |
| 164 // TestingJsonParser no longer requires having a MessageLoop. | |
| 165 base::MessageLoop message_loop_; | |
| 166 | |
| 167 net::TestURLFetcherFactory factory_; | |
| 168 | |
| 169 // Path to the PEM-encoded certificate chain. | |
| 170 base::FilePath cert_path_; | |
| 171 | |
| 172 // Path to the client token; | |
| 173 base::FilePath client_token_path_; | |
| 174 | |
| 175 // Payload of PEM certificate chain at |cert_path_|. | |
| 176 std::string cert_pem_; | |
| 177 | |
| 178 // X509 certificate decoded from |cert_path_|. | |
| 179 scoped_refptr<net::X509Certificate> cert_; | |
| 180 | |
| 181 AssignmentSource source_; | |
| 182 | |
| 183 // Allows safe_json to parse JSON in-process, instead of depending on a | |
| 184 // utility proces. | |
| 185 safe_json::TestingJsonParser::ScopedFactoryOverride json_parsing_factory_; | |
| 186 }; | |
| 187 | |
| 188 Assignment AssignmentSourceTest::BuildSslAssignment() { | |
| 189 Assignment assignment; | |
| 190 assignment.transport_protocol = Assignment::TransportProtocol::SSL; | |
| 191 assignment.engine_endpoint = net::IPEndPoint(kTestIpAddress, kTestPort); | |
| 192 assignment.client_token = kTestClientToken; | |
| 193 assignment.cert = cert_; | |
| 194 return assignment; | |
| 195 } | |
| 196 | |
| 197 std::unique_ptr<base::DictionaryValue> | |
| 198 AssignmentSourceTest::BuildAssignerResponse() { | |
| 199 std::unique_ptr<base::DictionaryValue> dict(new base::DictionaryValue); | |
| 200 dict->SetString("clientToken", kTestClientToken); | |
| 201 dict->SetString("host", kTestIpAddressString); | |
| 202 dict->SetInteger("port", kTestPort); | |
| 203 dict->SetString("certificate", cert_pem_); | |
| 204 return dict; | |
| 205 } | |
| 206 | |
| 207 TEST_F(AssignmentSourceTest, TestTCPAlternateEndpointSuccess) { | |
| 208 Assignment assignment; | |
| 209 assignment.transport_protocol = Assignment::TransportProtocol::TCP; | |
| 210 assignment.engine_endpoint = net::IPEndPoint(kTestIpAddress, kTestPort); | |
| 211 assignment.cert = scoped_refptr<net::X509Certificate>(nullptr); | |
| 212 | |
| 213 auto* cmd_line = base::CommandLine::ForCurrentProcess(); | |
| 214 cmd_line->AppendSwitchASCII(switches::kEngineIP, kTestIpAddressString); | |
| 215 cmd_line->AppendSwitchASCII(switches::kEnginePort, | |
| 216 std::to_string(kTestPort)); | |
| 217 cmd_line->AppendSwitchASCII(switches::kEngineTransport, kTcpTransportName); | |
| 218 cmd_line->AppendSwitchASCII(kClientTokenPath, client_token_path_.value()); | |
| 219 | |
| 220 assignment.client_token = GetClientToken(*cmd_line); | |
| 221 | |
| 222 CHECK_EQ("MyVoiceIsMyPassport", assignment.client_token); | |
| 223 | |
| 224 EXPECT_CALL(*this, AssignmentResponse(AssignmentSource::Result::RESULT_OK, | |
| 225 AssignmentEquals(assignment))) | |
| 226 .Times(1); | |
| 227 | |
| 228 GetAlternateAssignment(); | |
| 229 } | |
| 230 | |
| 231 TEST_F(AssignmentSourceTest, TestSSLAlternateEndpointSuccess) { | |
| 232 Assignment assignment; | |
| 233 assignment.transport_protocol = Assignment::TransportProtocol::SSL; | |
| 234 assignment.engine_endpoint = net::IPEndPoint(kTestIpAddress, kTestPort); | |
| 235 assignment.cert = cert_; | |
| 236 | |
| 237 auto* cmd_line = base::CommandLine::ForCurrentProcess(); | |
| 238 | |
| 239 cmd_line->AppendSwitchASCII(switches::kEngineIP, kTestIpAddressString); | |
| 240 cmd_line->AppendSwitchASCII(switches::kEnginePort, | |
| 241 std::to_string(kTestPort)); | |
| 242 cmd_line->AppendSwitchASCII(switches::kEngineTransport, kSslTransportName); | |
| 243 cmd_line->AppendSwitchASCII(switches::kEngineCertPath, cert_path_.value()); | |
| 244 cmd_line->AppendSwitchASCII(kClientTokenPath, client_token_path_.value()); | |
| 245 | |
| 246 assignment.client_token = GetClientToken(*cmd_line); | |
| 247 | |
| 248 EXPECT_CALL(*this, AssignmentResponse(AssignmentSource::Result::RESULT_OK, | |
| 249 AssignmentEquals(assignment))) | |
| 250 .Times(1); | |
| 251 | |
| 252 GetAlternateAssignment(); | |
| 253 } | |
| 254 | |
| 255 TEST_F(AssignmentSourceTest, TestSuccess) { | |
| 256 Assignment assignment = BuildSslAssignment(); | |
| 257 | |
| 258 EXPECT_CALL(*this, AssignmentResponse(AssignmentSource::Result::RESULT_OK, | |
| 259 AssignmentEquals(assignment))) | |
| 260 .Times(1); | |
| 261 | |
| 262 GetNetworkAssignmentAndWaitForResponse( | |
| 263 net::HTTP_OK, net::Error::OK, ValueToString(*BuildAssignerResponse()), | |
| 264 kTestAuthToken, kProtocolVersion); | |
| 265 } | |
| 266 | |
| 267 TEST_F(AssignmentSourceTest, TestValidAfterError) { | |
| 268 InSequence sequence; | |
| 269 Assignment assignment = BuildSslAssignment(); | |
| 270 | |
| 271 EXPECT_CALL(*this, AssignmentResponse( | |
| 272 AssignmentSource::Result::RESULT_NETWORK_FAILURE, _)) | |
| 273 .Times(1) | |
| 274 .RetiresOnSaturation(); | |
| 275 | |
| 276 EXPECT_CALL(*this, AssignmentResponse(AssignmentSource::Result::RESULT_OK, | |
| 277 AssignmentEquals(assignment))) | |
| 278 .Times(1) | |
| 279 .RetiresOnSaturation(); | |
| 280 | |
| 281 GetNetworkAssignmentAndWaitForResponse(net::HTTP_OK, | |
| 282 net::Error::ERR_INSUFFICIENT_RESOURCES, | |
| 283 "", kTestAuthToken, kProtocolVersion); | |
| 284 | |
| 285 GetNetworkAssignmentAndWaitForResponse( | |
| 286 net::HTTP_OK, net::Error::OK, ValueToString(*BuildAssignerResponse()), | |
| 287 kTestAuthToken, kProtocolVersion); | |
| 288 } | |
| 289 | |
| 290 TEST_F(AssignmentSourceTest, TestNetworkFailure) { | |
| 291 EXPECT_CALL(*this, AssignmentResponse( | |
| 292 AssignmentSource::Result::RESULT_NETWORK_FAILURE, _)); | |
| 293 GetNetworkAssignmentAndWaitForResponse(net::HTTP_OK, | |
| 294 net::Error::ERR_INSUFFICIENT_RESOURCES, | |
| 295 "", kTestAuthToken, kProtocolVersion); | |
| 296 } | |
| 297 | |
| 298 TEST_F(AssignmentSourceTest, TestBadRequest) { | |
| 299 EXPECT_CALL(*this, AssignmentResponse( | |
| 300 AssignmentSource::Result::RESULT_BAD_REQUEST, _)); | |
| 301 GetNetworkAssignmentAndWaitForResponse(net::HTTP_BAD_REQUEST, net::Error::OK, | |
| 302 "", kTestAuthToken, kProtocolVersion); | |
| 303 } | |
| 304 | |
| 305 TEST_F(AssignmentSourceTest, TestUnauthorized) { | |
| 306 EXPECT_CALL(*this, | |
| 307 AssignmentResponse( | |
| 308 AssignmentSource::Result::RESULT_EXPIRED_ACCESS_TOKEN, _)); | |
| 309 GetNetworkAssignmentAndWaitForResponse(net::HTTP_UNAUTHORIZED, net::Error::OK, | |
| 310 "", kTestAuthToken, kProtocolVersion); | |
| 311 } | |
| 312 | |
| 313 TEST_F(AssignmentSourceTest, TestForbidden) { | |
| 314 EXPECT_CALL(*this, AssignmentResponse( | |
| 315 AssignmentSource::Result::RESULT_USER_INVALID, _)); | |
| 316 GetNetworkAssignmentAndWaitForResponse(net::HTTP_FORBIDDEN, net::Error::OK, | |
| 317 "", kTestAuthToken, kProtocolVersion); | |
| 318 } | |
| 319 | |
| 320 TEST_F(AssignmentSourceTest, TestTooManyRequests) { | |
| 321 EXPECT_CALL(*this, AssignmentResponse( | |
| 322 AssignmentSource::Result::RESULT_OUT_OF_VMS, _)); | |
| 323 GetNetworkAssignmentAndWaitForResponse(static_cast<net::HttpStatusCode>(429), | |
| 324 net::Error::OK, "", kTestAuthToken, | |
| 325 kProtocolVersion); | |
| 326 } | |
| 327 | |
| 328 TEST_F(AssignmentSourceTest, TestInternalServerError) { | |
| 329 EXPECT_CALL(*this, AssignmentResponse( | |
| 330 AssignmentSource::Result::RESULT_SERVER_ERROR, _)); | |
| 331 GetNetworkAssignmentAndWaitForResponse(net::HTTP_INTERNAL_SERVER_ERROR, | |
| 332 net::Error::OK, "", kTestAuthToken, | |
| 333 kProtocolVersion); | |
| 334 } | |
| 335 | |
| 336 TEST_F(AssignmentSourceTest, TestUnexpectedNetCodeFallback) { | |
| 337 EXPECT_CALL(*this, AssignmentResponse( | |
| 338 AssignmentSource::Result::RESULT_BAD_RESPONSE, _)); | |
| 339 GetNetworkAssignmentAndWaitForResponse(net::HTTP_NOT_IMPLEMENTED, | |
| 340 net::Error::OK, "", kTestAuthToken, | |
| 341 kProtocolVersion); | |
| 342 } | |
| 343 | |
| 344 TEST_F(AssignmentSourceTest, TestInvalidJsonResponse) { | |
| 345 Assignment assignment = BuildSslAssignment(); | |
| 346 | |
| 347 // Remove half the response. | |
| 348 std::string response = ValueToString(*BuildAssignerResponse()); | |
| 349 response = response.substr(response.size() / 2); | |
| 350 | |
| 351 EXPECT_CALL(*this, AssignmentResponse( | |
| 352 AssignmentSource::Result::RESULT_BAD_RESPONSE, _)); | |
| 353 GetNetworkAssignmentAndWaitForResponse(net::HTTP_OK, net::Error::OK, response, | |
| 354 kTestAuthToken, kProtocolVersion); | |
| 355 } | |
| 356 | |
| 357 TEST_F(AssignmentSourceTest, TestMissingResponsePort) { | |
| 358 std::unique_ptr<base::DictionaryValue> response = BuildAssignerResponse(); | |
| 359 response->Remove("port", nullptr); | |
| 360 EXPECT_CALL(*this, AssignmentResponse( | |
| 361 AssignmentSource::Result::RESULT_BAD_RESPONSE, _)); | |
| 362 GetNetworkAssignmentAndWaitForResponse(net::HTTP_OK, net::Error::OK, | |
| 363 ValueToString(*response), | |
| 364 kTestAuthToken, kProtocolVersion); | |
| 365 } | |
| 366 | |
| 367 TEST_F(AssignmentSourceTest, TestInvalidIPAddress) { | |
| 368 std::unique_ptr<base::DictionaryValue> response = BuildAssignerResponse(); | |
| 369 response->SetString("host", "happywhales.test"); | |
| 370 | |
| 371 EXPECT_CALL(*this, AssignmentResponse( | |
| 372 AssignmentSource::Result::RESULT_BAD_RESPONSE, _)); | |
| 373 GetNetworkAssignmentAndWaitForResponse(net::HTTP_OK, net::Error::OK, | |
| 374 ValueToString(*response), | |
| 375 kTestAuthToken, kProtocolVersion); | |
| 376 } | |
| 377 | |
| 378 TEST_F(AssignmentSourceTest, TestMissingCert) { | |
| 379 std::unique_ptr<base::DictionaryValue> response = BuildAssignerResponse(); | |
| 380 response->Remove("certificate", nullptr); | |
| 381 EXPECT_CALL(*this, AssignmentResponse( | |
| 382 AssignmentSource::Result::RESULT_BAD_RESPONSE, _)); | |
| 383 GetNetworkAssignmentAndWaitForResponse(net::HTTP_OK, net::Error::OK, | |
| 384 ValueToString(*response), | |
| 385 kTestAuthToken, kProtocolVersion); | |
| 386 } | |
| 387 | |
| 388 TEST_F(AssignmentSourceTest, TestInvalidCert) { | |
| 389 std::unique_ptr<base::DictionaryValue> response = BuildAssignerResponse(); | |
| 390 response->SetString("certificate", "h4x0rz!"); | |
| 391 EXPECT_CALL(*this, AssignmentResponse( | |
| 392 AssignmentSource::Result::RESULT_INVALID_CERT, _)); | |
| 393 GetNetworkAssignmentAndWaitForResponse(net::HTTP_OK, net::Error::OK, | |
| 394 ValueToString(*response), | |
| 395 kTestAuthToken, kProtocolVersion); | |
| 396 } | |
| 397 | |
| 398 } // namespace | |
| 399 } // namespace client | |
| 400 } // namespace blimp | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2157133003:
Move blimp AssignmentSource to core (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@move-blimp-client-switches-to-core