Support subdomain matching in trial tokens

content/common/origin_trials/trial_token_unittest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/common/origin_trials/trial_token.h"
 
 #include <memory>
 
 #include "base/macros.h"
 #include "base/strings/string_piece.h"
@@ skipping 47 matching lines @@
 
 // This is a good trial token, signed with the above test private key.
 // Generate this token with the command (in tools/origin_trials):
 // generate_token.py valid.example.com Frobulate --expire-timestamp=1458766277
 const char* kSampleToken =
     "Ap+Q/Qm0ELadZql+dlEGSwnAVsFZKgCEtUZg8idQC3uekkIeSZIY1tftoYdrwhqj"
     "7FO5L22sNvkZZnacLvmfNwsAAABZeyJvcmlnaW4iOiAiaHR0cHM6Ly92YWxpZC5l"
     "eGFtcGxlLmNvbTo0NDMiLCAiZmVhdHVyZSI6ICJGcm9idWxhdGUiLCAiZXhwaXJ5"
     "IjogMTQ1ODc2NjI3N30=";
 
+// This is a good subdomain trial token, signed with the above test private key.
+// Generate this token with the command (in tools/origin_trials):
+// generate_token.py example.com Frobulate --is-subdomain
+//   --expire-timestamp=1458766277
+const char* kSampleSubdomainToken =
+    "Auu+j9nXAQoy5+t00MiWakZwFExcdNC8ENkRdK1gL4OMFHS0AbZCscslDTcP1fjN"
+    "FjpbmQG+VCPk1NrldVXZng4AAABoeyJvcmlnaW4iOiAiaHR0cHM6Ly9leGFtcGxl"
+    "LmNvbTo0NDMiLCAiaXNTdWJkb21haW4iOiB0cnVlLCAiZmVhdHVyZSI6ICJGcm9i"
+    "dWxhdGUiLCAiZXhwaXJ5IjogMTQ1ODc2NjI3N30=";
+
+// This is a good trial token, explicitly not a subdomain, signed with the above
+// test private key. Generate this token with the command:
+// generate_token.py valid.example.com Frobulate --no-subdomain
+//   --expire-timestamp=1458766277
+const char* kSampleNonSubdomainToken =
+    "AreD979D7tO0luSZTr1+/+J6E0SSj/GEUyLK41o1hXFzXw1R7Z1hCDHs0gXWVSu1"
+    "lvH52Winvy39tHbsU2gJJQYAAABveyJvcmlnaW4iOiAiaHR0cHM6Ly92YWxpZC5l"
+    "eGFtcGxlLmNvbTo0NDMiLCAiaXNTdWJkb21haW4iOiBmYWxzZSwgImZlYXR1cmUi"
+    "OiAiRnJvYnVsYXRlIiwgImV4cGlyeSI6IDE0NTg3NjYyNzd9";
+
 const char* kExpectedFeatureName = "Frobulate";
 const char* kExpectedOrigin = "https://valid.example.com";
+const char* kExpectedSubdomainOrigin = "https://example.com";
+const char* kExpectedMultipleSubdomainOrigin =
+    "https://part1.part2.part3.example.com";
 const uint64_t kExpectedExpiry = 1458766277;
 
 // The token should not be valid for this origin, or for this feature.
 const char* kInvalidOrigin = "https://invalid.example.com";
 const char* kInsecureOrigin = "http://valid.example.com";
+const char* kIncorrectPortOrigin = "https://valid.example.com:444";
+const char* kIncorrectDomainOrigin = "https://valid.example2.com";
+const char* kInvalidTLDOrigin = "https://com";
 const char* kInvalidFeatureName = "Grokalyze";
 
 // The token should be valid if the current time is kValidTimestamp or earlier.
 double kValidTimestamp = 1458766276.0;
 
 // The token should be invalid if the current time is kInvalidTimestamp or
 // later.
 double kInvalidTimestamp = 1458766278.0;
 
 // Well-formed trial token with an invalid signature.
@@ skipping 20 matching lines @@
 const char kIncorrectVersionToken[] =
     "KlH8wVLT5o59uDvlJESorMDjzgWnvG1hmIn/GiT9Ng3f45ratVeiXCNTeaJheOaG"
     "A6kX4ir4Amv8aHVC+OJHZQkAAABZeyJvcmlnaW4iOiAiaHR0cHM6Ly92YWxpZC5l"
     "eGFtcGxlLmNvbTo0NDMiLCAiZmVhdHVyZSI6ICJGcm9idWxhdGUiLCAiZXhwaXJ5"
     "IjogMTQ1ODc2NjI3N30=";
 
 const char kSampleTokenJSON[] =
     "{\"origin\": \"https://valid.example.com:443\", \"feature\": "
     "\"Frobulate\", \"expiry\": 1458766277}";
 
+const char kSampleNonSubdomainTokenJSON[] =
+    "{\"origin\": \"https://valid.example.com:443\", \"isSubdomain\": false, "
+    "\"feature\": \"Frobulate\", \"expiry\": 1458766277}";
+
+const char kSampleSubdomainTokenJSON[] =
+    "{\"origin\": \"https://example.com:443\", \"isSubdomain\": true, "
+    "\"feature\": \"Frobulate\", \"expiry\": 1458766277}";
+
 // Various ill-formed trial tokens. These should all fail to parse.
 const char* kInvalidTokens[] = {
     // Invalid - Not JSON at all
     "abcde",
     // Invalid JSON
     "{",
     // Not an object
     "\"abcde\"",
     "123.4",
     "[0, 1, 2]",
     // Missing keys
     "{}",
     "{\"something\": 1}",
     "{\"origin\": \"https://a.a\"}",
-    "{\"origin\": \"https://a.a\", \"feature\": \"a\"}"
+    "{\"origin\": \"https://a.a\", \"feature\": \"a\"}",
     "{\"origin\": \"https://a.a\", \"expiry\": 1458766277}",
     "{\"feature\": \"FeatureName\", \"expiry\": 1458766277}",
     // Incorrect types
     "{\"origin\": 1, \"feature\": \"a\", \"expiry\": 1458766277}",
     "{\"origin\": \"https://a.a\", \"feature\": 1, \"expiry\": 1458766277}",
     "{\"origin\": \"https://a.a\", \"feature\": \"a\", \"expiry\": \"1\"}",
+    "{\"origin\": \"https://a.a\", \"isSubdomain\": \"true\", \"feature\": "
+    "\"a\", \"expiry\": 1458766277}",
+    "{\"origin\": \"https://a.a\", \"isSubdomain\": 1, \"feature\": \"a\", "
+    "\"expiry\": 1458766277}",
     // Negative expiry timestamp
     "{\"origin\": \"https://a.a\", \"feature\": \"a\", \"expiry\": -1}",
     // Origin not a proper origin URL
     "{\"origin\": \"abcdef\", \"feature\": \"a\", \"expiry\": 1458766277}",
     "{\"origin\": \"data:text/plain,abcdef\", \"feature\": \"a\", \"expiry\": "
     "1458766277}",
     "{\"origin\": \"javascript:alert(1)\", \"feature\": \"a\", \"expiry\": "
-    "1458766277}"};
+    "1458766277}",
+};
 
 }  // namespace
 
 class TrialTokenTest : public testing::TestWithParam<const char*> {
  public:
   TrialTokenTest()
       : expected_origin_(GURL(kExpectedOrigin)),
+        expected_subdomain_origin_(GURL(kExpectedSubdomainOrigin)),
+        expected_multiple_subdomain_origin_(
+            GURL(kExpectedMultipleSubdomainOrigin)),
         invalid_origin_(GURL(kInvalidOrigin)),
         insecure_origin_(GURL(kInsecureOrigin)),
+        incorrect_port_origin_(GURL(kIncorrectPortOrigin)),
+        incorrect_domain_origin_(GURL(kIncorrectDomainOrigin)),
+        invalid_tld_origin_(GURL(kInvalidTLDOrigin)),
         expected_expiry_(base::Time::FromDoubleT(kExpectedExpiry)),
         valid_timestamp_(base::Time::FromDoubleT(kValidTimestamp)),
         invalid_timestamp_(base::Time::FromDoubleT(kInvalidTimestamp)),
         correct_public_key_(
             base::StringPiece(reinterpret_cast<const char*>(kTestPublicKey),
                               arraysize(kTestPublicKey))),
         incorrect_public_key_(
             base::StringPiece(reinterpret_cast<const char*>(kTestPublicKey2),
                               arraysize(kTestPublicKey2))) {}
 
@@ skipping 24 matching lines @@
   }
 
   bool ValidateDate(TrialToken* token, const base::Time& now) {
     return token->ValidateDate(now);
   }
 
   base::StringPiece correct_public_key() { return correct_public_key_; }
   base::StringPiece incorrect_public_key() { return incorrect_public_key_; }
 
   const url::Origin expected_origin_;
+  const url::Origin expected_subdomain_origin_;
+  const url::Origin expected_multiple_subdomain_origin_;
   const url::Origin invalid_origin_;
   const url::Origin insecure_origin_;
+  const url::Origin incorrect_port_origin_;
+  const url::Origin incorrect_domain_origin_;
+  const url::Origin invalid_tld_origin_;
 
   const base::Time expected_expiry_;
   const base::Time valid_timestamp_;
   const base::Time invalid_timestamp_;
 
  private:
   base::StringPiece correct_public_key_;
   base::StringPiece incorrect_public_key_;
 };
 
 // Test the extraction of the signed payload from token strings. This includes
 // checking the included version identifier, payload length, and cryptographic
 // signature.
 
 // Test verification of signature and extraction of token JSON from signed
 // token.
 TEST_F(TrialTokenTest, ValidateValidSignature) {
   std::string token_payload;
   blink::WebOriginTrialTokenStatus status =
       Extract(kSampleToken, correct_public_key(), &token_payload);
   ASSERT_EQ(blink::WebOriginTrialTokenStatus::Success, status);
   EXPECT_STREQ(kSampleTokenJSON, token_payload.c_str());
 }
 
+TEST_F(TrialTokenTest, ValidateSubdomainValidSignature) {
+  std::string token_payload;
+  blink::WebOriginTrialTokenStatus status =
+      Extract(kSampleSubdomainToken, correct_public_key(), &token_payload);
+  ASSERT_EQ(blink::WebOriginTrialTokenStatus::Success, status);
+  EXPECT_STREQ(kSampleSubdomainTokenJSON, token_payload.c_str());
+}
+
+TEST_F(TrialTokenTest, ValidateNonSubdomainValidSignature) {
+  std::string token_payload;
+  blink::WebOriginTrialTokenStatus status =
+      Extract(kSampleNonSubdomainToken, correct_public_key(), &token_payload);
+  ASSERT_EQ(blink::WebOriginTrialTokenStatus::Success, status);
+  EXPECT_STREQ(kSampleNonSubdomainTokenJSON, token_payload.c_str());
+}
+
 TEST_F(TrialTokenTest, ValidateInvalidSignature) {
   blink::WebOriginTrialTokenStatus status =
       ExtractIgnorePayload(kInvalidSignatureToken, correct_public_key());
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::InvalidSignature, status);
 }
 
 TEST_F(TrialTokenTest, ValidateSignatureWithIncorrectKey) {
   blink::WebOriginTrialTokenStatus status =
       ExtractIgnorePayload(kSampleToken, incorrect_public_key());
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::InvalidSignature, status);
@@ skipping 34 matching lines @@
   std::unique_ptr<TrialToken> empty_token = Parse(GetParam());
   EXPECT_FALSE(empty_token) << "Invalid trial token should not parse.";
 }
 
 INSTANTIATE_TEST_CASE_P(, TrialTokenTest, ::testing::ValuesIn(kInvalidTokens));
 
 TEST_F(TrialTokenTest, ParseValidToken) {
   std::unique_ptr<TrialToken> token = Parse(kSampleTokenJSON);
   ASSERT_TRUE(token);
   EXPECT_EQ(kExpectedFeatureName, token->feature_name());
+  EXPECT_FALSE(token->match_subdomains());
   EXPECT_EQ(expected_origin_, token->origin());
   EXPECT_EQ(expected_expiry_, token->expiry_time());
 }
 
+TEST_F(TrialTokenTest, ParseValidNonSubdomainToken) {
+  std::unique_ptr<TrialToken> token = Parse(kSampleNonSubdomainTokenJSON);
+  ASSERT_TRUE(token);
+  EXPECT_EQ(kExpectedFeatureName, token->feature_name());
+  EXPECT_FALSE(token->match_subdomains());
+  EXPECT_EQ(expected_origin_, token->origin());
+  EXPECT_EQ(expected_expiry_, token->expiry_time());
+}
+
+TEST_F(TrialTokenTest, ParseValidSubdomainToken) {
+  std::unique_ptr<TrialToken> token = Parse(kSampleSubdomainTokenJSON);
+  ASSERT_TRUE(token);
+  EXPECT_EQ(kExpectedFeatureName, token->feature_name());
+  EXPECT_TRUE(token->match_subdomains());
+  EXPECT_EQ(kExpectedSubdomainOrigin, token->origin().Serialize());
+  EXPECT_EQ(expected_subdomain_origin_, token->origin());
+  EXPECT_EQ(expected_expiry_, token->expiry_time());
+}
+
 TEST_F(TrialTokenTest, ValidateValidToken) {
   std::unique_ptr<TrialToken> token = Parse(kSampleTokenJSON);
   ASSERT_TRUE(token);
   EXPECT_TRUE(ValidateOrigin(token.get(), expected_origin_));
   EXPECT_FALSE(ValidateOrigin(token.get(), invalid_origin_));
   EXPECT_FALSE(ValidateOrigin(token.get(), insecure_origin_));
+  EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_port_origin_));
+  EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_domain_origin_));
+  EXPECT_FALSE(ValidateOrigin(token.get(), invalid_tld_origin_));
   EXPECT_TRUE(ValidateFeatureName(token.get(), kExpectedFeatureName));
   EXPECT_FALSE(ValidateFeatureName(token.get(), kInvalidFeatureName));
   EXPECT_FALSE(ValidateFeatureName(
       token.get(), base::ToUpperASCII(kExpectedFeatureName).c_str()));
   EXPECT_FALSE(ValidateFeatureName(
       token.get(), base::ToLowerASCII(kExpectedFeatureName).c_str()));
   EXPECT_TRUE(ValidateDate(token.get(), valid_timestamp_));
   EXPECT_FALSE(ValidateDate(token.get(), invalid_timestamp_));
 }
 
+TEST_F(TrialTokenTest, ValidateValidSubdomainToken) {
+  std::unique_ptr<TrialToken> token = Parse(kSampleSubdomainTokenJSON);
+  ASSERT_TRUE(token);
+  EXPECT_TRUE(ValidateOrigin(token.get(), expected_origin_));
+  EXPECT_TRUE(ValidateOrigin(token.get(), expected_subdomain_origin_));
+  EXPECT_TRUE(ValidateOrigin(token.get(), expected_multiple_subdomain_origin_));
+  EXPECT_FALSE(ValidateOrigin(token.get(), insecure_origin_));
+  EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_port_origin_));
+  EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_domain_origin_));
+  EXPECT_FALSE(ValidateOrigin(token.get(), invalid_tld_origin_));
+}
+
 TEST_F(TrialTokenTest, TokenIsValid) {
   std::unique_ptr<TrialToken> token = Parse(kSampleTokenJSON);
   ASSERT_TRUE(token);
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::Success,
             token->IsValid(expected_origin_, valid_timestamp_));
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin,
             token->IsValid(invalid_origin_, valid_timestamp_));
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin,
             token->IsValid(insecure_origin_, valid_timestamp_));
+  EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin,
+            token->IsValid(incorrect_port_origin_, valid_timestamp_));
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::Expired,
             token->IsValid(expected_origin_, invalid_timestamp_));
 }
+
+TEST_F(TrialTokenTest, SubdomainTokenIsValid) {
+  std::unique_ptr<TrialToken> token = Parse(kSampleSubdomainTokenJSON);
+  ASSERT_TRUE(token);
+  EXPECT_EQ(blink::WebOriginTrialTokenStatus::Success,
+            token->IsValid(expected_origin_, valid_timestamp_));
+  EXPECT_EQ(blink::WebOriginTrialTokenStatus::Success,
+            token->IsValid(expected_subdomain_origin_, valid_timestamp_));
+  EXPECT_EQ(
+      blink::WebOriginTrialTokenStatus::Success,
+      token->IsValid(expected_multiple_subdomain_origin_, valid_timestamp_));
+  EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin,
+            token->IsValid(incorrect_domain_origin_, valid_timestamp_));
+  EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin,
+            token->IsValid(insecure_origin_, valid_timestamp_));
+  EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin,
+            token->IsValid(incorrect_port_origin_, valid_timestamp_));
+  EXPECT_EQ(blink::WebOriginTrialTokenStatus::Expired,
+            token->IsValid(expected_origin_, invalid_timestamp_));
+}
 
 // Test overall extraction, to ensure output status matches returned token
 TEST_F(TrialTokenTest, ExtractValidToken) {
   blink::WebOriginTrialTokenStatus status;
   std::unique_ptr<TrialToken> token =
       TrialToken::From(kSampleToken, correct_public_key(), &status);
   EXPECT_TRUE(token);
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::Success, status);
 }
 
 TEST_F(TrialTokenTest, ExtractInvalidSignature) {
   blink::WebOriginTrialTokenStatus status;
   std::unique_ptr<TrialToken> token =
       TrialToken::From(kSampleToken, incorrect_public_key(), &status);
   EXPECT_FALSE(token);
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::InvalidSignature, status);
 }
 
 TEST_F(TrialTokenTest, ExtractMalformedToken) {
   blink::WebOriginTrialTokenStatus status;
   std::unique_ptr<TrialToken> token =
       TrialToken::From(kIncorrectLengthToken, correct_public_key(), &status);
   EXPECT_FALSE(token);
   EXPECT_EQ(blink::WebOriginTrialTokenStatus::Malformed, status);
 }
 
 }  // namespace content