| Index: chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc
|
| diff --git a/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc b/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc
|
| index d0266f8f59eb96504b8a62f03f17a92a790002c5..b3a937a39daa207d1502be07c59aefec09cd43ef 100644
|
| --- a/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc
|
| +++ b/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc
|
| @@ -8,11 +8,19 @@
|
| #include "chrome/common/pref_names.h"
|
| #include "chrome/test/base/testing_profile.h"
|
| #include "components/prefs/pref_service.h"
|
| +#include "components/prefs/scoped_user_pref_update.h"
|
| #include "content/public/test/test_browser_thread_bundle.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
|
|
| namespace {
|
|
|
| +void SetConfirmationFrequency(
|
| + PrefService* pref_service,
|
| + chromeos::QuickUnlockPasswordConfirmationFrequency frequency) {
|
| + pref_service->SetInteger(prefs::kQuickUnlockTimeout,
|
| + static_cast<int>(frequency));
|
| +}
|
| +
|
| class PinStorageUnitTest : public testing::Test {
|
| protected:
|
| PinStorageUnitTest() : profile_(new TestingProfile()) {}
|
| @@ -41,6 +49,10 @@ class PinStorageTestApi {
|
| pin_storage_->last_strong_auth_ -= time_delta;
|
| }
|
|
|
| + bool HasStrongAuthInfo() {
|
| + return !pin_storage_->last_strong_auth_.is_null();
|
| + }
|
| +
|
| std::string PinSalt() const { return pin_storage_->PinSalt(); }
|
|
|
| std::string PinSecret() const { return pin_storage_->PinSecret(); }
|
| @@ -106,11 +118,11 @@ TEST_F(PinStorageUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) {
|
| chromeos::PinStorageFactory::GetForProfile(profile_.get());
|
| PinStorageTestApi pin_storage_test(pin_storage);
|
|
|
| - EXPECT_FALSE(pin_storage->HasStrongAuth());
|
| + EXPECT_FALSE(pin_storage_test.HasStrongAuthInfo());
|
|
|
| pin_storage->MarkStrongAuth();
|
|
|
| - EXPECT_TRUE(pin_storage->HasStrongAuth());
|
| + EXPECT_TRUE(pin_storage_test.HasStrongAuthInfo());
|
| pin_storage_test.ReduceRemainingStrongAuthTimeBy(
|
| base::TimeDelta::FromSeconds(60));
|
|
|
| @@ -118,6 +130,67 @@ TEST_F(PinStorageUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) {
|
| base::TimeDelta::FromSeconds(30));
|
| }
|
|
|
| +// Verifies that by altering the password confirmation preference, the pin
|
| +// storage will request password reconfirmation as expected.
|
| +TEST_F(PinStorageUnitTest, QuickUnlockPasswordConfirmationFrequencyPreference) {
|
| + chromeos::PinStorage* pin_storage =
|
| + chromeos::PinStorageFactory::GetForProfile(profile_.get());
|
| + PrefService* pref_service = profile_->GetPrefs();
|
| + PinStorageTestApi test_api(pin_storage);
|
| +
|
| + // The default is one day, so verify moving the last strong auth time back 13
|
| + // hours should not request strong auth.
|
| + pin_storage->MarkStrongAuth();
|
| + test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(13));
|
| + EXPECT_TRUE(pin_storage->HasStrongAuth());
|
| +
|
| + // Verify moving the last strong auth time back another 13 hours should
|
| + // request strong auth.
|
| + test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(13));
|
| + EXPECT_FALSE(pin_storage->HasStrongAuth());
|
| +
|
| + // Verify that by changing the frequency of required password confirmation to
|
| + // six hours, moving the last strong auth interval back by 4 hours will not
|
| + // trigger a request for strong auth, but moving it by an additional 4 hours
|
| + // will.
|
| + pin_storage->MarkStrongAuth();
|
| + SetConfirmationFrequency(
|
| + pref_service,
|
| + chromeos::QuickUnlockPasswordConfirmationFrequency::SIX_HOURS);
|
| + test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(4));
|
| + EXPECT_TRUE(pin_storage->HasStrongAuth());
|
| + test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(4));
|
| + EXPECT_FALSE(pin_storage->HasStrongAuth());
|
| +
|
| + // A valid strong auth becomes invalid if the confirmation frequency is
|
| + // shortened to less than the expiration time.
|
| + pin_storage->MarkStrongAuth();
|
| + SetConfirmationFrequency(
|
| + pref_service,
|
| + chromeos::QuickUnlockPasswordConfirmationFrequency::TWELVE_HOURS);
|
| + EXPECT_TRUE(pin_storage->HasStrongAuth());
|
| + test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(8));
|
| + EXPECT_TRUE(pin_storage->HasStrongAuth());
|
| + SetConfirmationFrequency(
|
| + pref_service,
|
| + chromeos::QuickUnlockPasswordConfirmationFrequency::SIX_HOURS);
|
| + EXPECT_FALSE(pin_storage->HasStrongAuth());
|
| +
|
| + // An expired strong auth becomes usable if the confirmation frequency gets
|
| + // extended past the expiration time.
|
| + pin_storage->MarkStrongAuth();
|
| + SetConfirmationFrequency(
|
| + pref_service,
|
| + chromeos::QuickUnlockPasswordConfirmationFrequency::SIX_HOURS);
|
| + EXPECT_TRUE(pin_storage->HasStrongAuth());
|
| + test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(8));
|
| + EXPECT_FALSE(pin_storage->HasStrongAuth());
|
| + SetConfirmationFrequency(
|
| + pref_service,
|
| + chromeos::QuickUnlockPasswordConfirmationFrequency::TWELVE_HOURS);
|
| + EXPECT_TRUE(pin_storage->HasStrongAuth());
|
| +}
|
| +
|
| // Verifies that the correct pin can be used to authenticate.
|
| TEST_F(PinStorageUnitTest, AuthenticationSucceedsWithRightPin) {
|
| chromeos::PinStorage* pin_storage =
|
| @@ -161,7 +234,7 @@ TEST_F(PinStorageUnitTest, AuthenticationFailsFromTimeout) {
|
|
|
| // Remove all of the strong auth time so that we have a strong auth timeout.
|
| pin_storage_test.ReduceRemainingStrongAuthTimeBy(
|
| - chromeos::PinStorage::kStrongAuthTimeout + base::TimeDelta::FromHours(1));
|
| + base::TimeDelta::FromDays(10));
|
|
|
| EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable());
|
| }
|
|
|
Chromium Code Reviews
Issue 2387253002:
cros: Added policies for screen unlock. (Closed)
