| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h" | 5 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h" |
| 6 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage_factory.h" | 6 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage_factory.h" |
| 7 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" | 7 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" |
| 8 #include "chrome/common/pref_names.h" | 8 #include "chrome/common/pref_names.h" |
| 9 #include "chrome/test/base/testing_profile.h" | 9 #include "chrome/test/base/testing_profile.h" |
| 10 #include "components/prefs/pref_service.h" | 10 #include "components/prefs/pref_service.h" |
| 11 #include "components/prefs/scoped_user_pref_update.h" |
| 11 #include "content/public/test/test_browser_thread_bundle.h" | 12 #include "content/public/test/test_browser_thread_bundle.h" |
| 12 #include "testing/gtest/include/gtest/gtest.h" | 13 #include "testing/gtest/include/gtest/gtest.h" |
| 13 | 14 |
| 14 namespace { | 15 namespace { |
| 15 | 16 |
| 16 class PinStorageUnitTest : public testing::Test { | 17 class PinStorageUnitTest : public testing::Test { |
| 17 protected: | 18 protected: |
| 18 PinStorageUnitTest() : profile_(new TestingProfile()) {} | 19 PinStorageUnitTest() : profile_(new TestingProfile()) {} |
| 19 ~PinStorageUnitTest() override {} | 20 ~PinStorageUnitTest() override {} |
| 20 | 21 |
| 21 // testing::Test: | 22 // testing::Test: |
| 22 void SetUp() override { chromeos::EnableQuickUnlockForTesting(); } | 23 void SetUp() override { |
| 24 chromeos::EnableQuickUnlockForTesting(); |
| 25 |
| 26 // Pin is not allowed by default so we need to update it for this test. |
| 27 ListPrefUpdate update(profile_->GetPrefs(), |
| 28 prefs::kQuickUnlockModeWhitelist); |
| 29 update->Append(base::MakeUnique<base::StringValue>("pin")); |
| 30 } |
| 23 | 31 |
| 24 content::TestBrowserThreadBundle thread_bundle_; | 32 content::TestBrowserThreadBundle thread_bundle_; |
| 25 std::unique_ptr<TestingProfile> profile_; | 33 std::unique_ptr<TestingProfile> profile_; |
| 26 | 34 |
| 27 DISALLOW_COPY_AND_ASSIGN(PinStorageUnitTest); | 35 DISALLOW_COPY_AND_ASSIGN(PinStorageUnitTest); |
| 28 }; | 36 }; |
| 29 | 37 |
| 30 } // namespace | 38 } // namespace |
| 31 | 39 |
| 32 // Provides test-only PinStorage APIs. | 40 // Provides test-only PinStorage APIs. |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 111 pin_storage->MarkStrongAuth(); | 119 pin_storage->MarkStrongAuth(); |
| 112 | 120 |
| 113 EXPECT_TRUE(pin_storage->HasStrongAuth()); | 121 EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| 114 pin_storage_test.ReduceRemainingStrongAuthTimeBy( | 122 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 115 base::TimeDelta::FromSeconds(60)); | 123 base::TimeDelta::FromSeconds(60)); |
| 116 | 124 |
| 117 EXPECT_TRUE(pin_storage->TimeSinceLastStrongAuth() >= | 125 EXPECT_TRUE(pin_storage->TimeSinceLastStrongAuth() >= |
| 118 base::TimeDelta::FromSeconds(30)); | 126 base::TimeDelta::FromSeconds(30)); |
| 119 } | 127 } |
| 120 | 128 |
| 129 // Verifies altering the password confirmation preference produces the expected |
| 130 // results. |
| 131 TEST_F(PinStorageUnitTest, PasswordConfirmationFrequencyPreference) { |
| 132 chromeos::PinStorage* pin_storage = |
| 133 chromeos::PinStorageFactory::GetForProfile(profile_.get()); |
| 134 PrefService* pref_service = profile_->GetPrefs(); |
| 135 PinStorageTestApi pin_storage_test(pin_storage); |
| 136 |
| 137 // The default is one day, so verify moving time back 13 hours should not |
| 138 // request strong auth. |
| 139 pin_storage->MarkStrongAuth(); |
| 140 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 141 base::TimeDelta::FromHours(13)); |
| 142 EXPECT_FALSE(pin_storage->NeedsStrongAuth()); |
| 143 |
| 144 // Verify moving time back another 13 hours should request strong auth. |
| 145 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 146 base::TimeDelta::FromHours(13)); |
| 147 EXPECT_TRUE(pin_storage->NeedsStrongAuth()); |
| 148 |
| 149 // Reset the time since last strong auth. |
| 150 pin_storage->MarkStrongAuth(); |
| 151 |
| 152 // Verify that by changing the frequency of required password confirmation to |
| 153 // six hours, moving interval by 4 hours will not trigger a request for strong |
| 154 // auth, but moving interval by an additional 4 hours will. |
| 155 pref_service->SetInteger( |
| 156 prefs::kQuickUnlockTimeout, |
| 157 static_cast<int>(chromeos::PasswordConfirmationFrequency::SIX_HOURS)); |
| 158 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 159 base::TimeDelta::FromHours(4)); |
| 160 EXPECT_FALSE(pin_storage->NeedsStrongAuth()); |
| 161 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 162 base::TimeDelta::FromHours(4)); |
| 163 EXPECT_TRUE(pin_storage->NeedsStrongAuth()); |
| 164 |
| 165 // Verify that by changing the frequency of required password confirmation to |
| 166 // twelve hours, the current interval of 8 hours will not trigger a request |
| 167 // for strong auth, but moving interval by an additional 5 hours will. |
| 168 pref_service->SetInteger( |
| 169 prefs::kQuickUnlockTimeout, |
| 170 static_cast<int>(chromeos::PasswordConfirmationFrequency::TWELVE_HOURS)); |
| 171 EXPECT_FALSE(pin_storage->NeedsStrongAuth()); |
| 172 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 173 base::TimeDelta::FromHours(5)); |
| 174 EXPECT_TRUE(pin_storage->NeedsStrongAuth()); |
| 175 |
| 176 pin_storage->MarkStrongAuth(); |
| 177 // Verify that by changing the frequency of required password confirmation to |
| 178 // one week, moving interval by 3 days will not trigger a request for strong |
| 179 // auth, but moving interval by an addition 5 days will. |
| 180 pref_service->SetInteger( |
| 181 prefs::kQuickUnlockTimeout, |
| 182 static_cast<int>(chromeos::PasswordConfirmationFrequency::WEEK)); |
| 183 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 184 base::TimeDelta::FromDays(3)); |
| 185 EXPECT_FALSE(pin_storage->NeedsStrongAuth()); |
| 186 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 187 base::TimeDelta::FromDays(5)); |
| 188 EXPECT_TRUE(pin_storage->NeedsStrongAuth()); |
| 189 } |
| 190 |
| 121 // Verifies that the correct pin can be used to authenticate. | 191 // Verifies that the correct pin can be used to authenticate. |
| 122 TEST_F(PinStorageUnitTest, AuthenticationSucceedsWithRightPin) { | 192 TEST_F(PinStorageUnitTest, AuthenticationSucceedsWithRightPin) { |
| 123 chromeos::PinStorage* pin_storage = | 193 chromeos::PinStorage* pin_storage = |
| 124 chromeos::PinStorageFactory::GetForProfile(profile_.get()); | 194 chromeos::PinStorageFactory::GetForProfile(profile_.get()); |
| 125 | 195 |
| 126 pin_storage->SetPin("1111"); | 196 pin_storage->SetPin("1111"); |
| 127 | 197 |
| 128 pin_storage->MarkStrongAuth(); | 198 pin_storage->MarkStrongAuth(); |
| 129 EXPECT_TRUE(pin_storage->TryAuthenticatePin("1111")); | 199 EXPECT_TRUE(pin_storage->TryAuthenticatePin("1111")); |
| 130 } | 200 } |
| (...skipping 23 matching lines...) Expand all Loading... |
| 154 chromeos::PinStorage* pin_storage = | 224 chromeos::PinStorage* pin_storage = |
| 155 chromeos::PinStorageFactory::GetForProfile(profile_.get()); | 225 chromeos::PinStorageFactory::GetForProfile(profile_.get()); |
| 156 PinStorageTestApi pin_storage_test(pin_storage); | 226 PinStorageTestApi pin_storage_test(pin_storage); |
| 157 | 227 |
| 158 pin_storage->SetPin("1111"); | 228 pin_storage->SetPin("1111"); |
| 159 pin_storage->MarkStrongAuth(); | 229 pin_storage->MarkStrongAuth(); |
| 160 EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable()); | 230 EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable()); |
| 161 | 231 |
| 162 // Remove all of the strong auth time so that we have a strong auth timeout. | 232 // Remove all of the strong auth time so that we have a strong auth timeout. |
| 163 pin_storage_test.ReduceRemainingStrongAuthTimeBy( | 233 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 164 chromeos::PinStorage::kStrongAuthTimeout + base::TimeDelta::FromHours(1)); | 234 base::TimeDelta::FromDays(10)); |
| 165 | 235 |
| 166 EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable()); | 236 EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable()); |
| 167 } | 237 } |
| 238 |
| 239 TEST_F(PinStorageUnitTest, VerifyPinUnlockAgainstPolicy) { |
| 240 chromeos::PinStorage* pin_storage = |
| 241 chromeos::PinStorageFactory::GetForProfile(profile_.get()); |
| 242 |
| 243 ListPrefUpdate update(profile_->GetPrefs(), prefs::kQuickUnlockModeWhitelist); |
| 244 // Verify that clearing the whitelist diables the pin. |
| 245 update->Clear(); |
| 246 EXPECT_FALSE(pin_storage->IsPinUnlockEnabled()); |
| 247 |
| 248 // Verify that by adding pin and another unlock mode, pin is enabled. |
| 249 update->Append(base::MakeUnique<base::StringValue>("pin")); |
| 250 EXPECT_TRUE(pin_storage->IsPinUnlockEnabled()); |
| 251 update->Append(base::MakeUnique<base::StringValue>("password")); |
| 252 EXPECT_TRUE(pin_storage->IsPinUnlockEnabled()); |
| 253 |
| 254 // Verify that adding all to the whitelist enables the pin. |
| 255 update->Append(base::MakeUnique<base::StringValue>("all")); |
| 256 EXPECT_TRUE(pin_storage->IsPinUnlockEnabled()); |
| 257 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2387253002:
cros: Added policies for screen unlock. (Closed)
