Chromium Code Reviews Chromium Code Reviews
Issue 2411803002:
Support subdomain matching in trial tokens (Closed)
| Index: content/common/origin_trials/trial_token_unittest.cc |
| diff --git a/content/common/origin_trials/trial_token_unittest.cc b/content/common/origin_trials/trial_token_unittest.cc |
| index 3c88134d1a59368ce4eb8ad580615285471f8fbc..6ba344888b5016235ae63a485141fc874fab5a5c 100644 |
| --- a/content/common/origin_trials/trial_token_unittest.cc |
| +++ b/content/common/origin_trials/trial_token_unittest.cc |
| @@ -67,11 +67,16 @@ const char* kSampleToken = |
| const char* kExpectedFeatureName = "Frobulate"; |
| const char* kExpectedOrigin = "https://valid.example.com"; |
| +const char* kExpectedWildcardOrigin = "https://example.com"; |
| +const char* kExpectedMultipleSubdomainOrigin = |
| + "https://part1.part2.part3.example.com"; |
| const uint64_t kExpectedExpiry = 1458766277; |
| // The token should not be valid for this origin, or for this feature. |
| const char* kInvalidOrigin = "https://invalid.example.com"; |
| const char* kInsecureOrigin = "http://valid.example.com"; |
| +const char* kIncorrectPortOrigin = "https://valid.example.com:444"; |
| +const char* kIncorrectDomainOrigin = "https://valid.example2.com"; |
|
iclelland
2016/10/12 04:18:16
Can you add one more bad domain for wildcard testi
|
| const char* kInvalidFeatureName = "Grokalyze"; |
| // The token should be valid if the current time is kValidTimestamp or earlier. |
| @@ -112,6 +117,14 @@ const char kSampleTokenJSON[] = |
| "{\"origin\": \"https://valid.example.com:443\", \"feature\": " |
| "\"Frobulate\", \"expiry\": 1458766277}"; |
| +const char kSampleNonWildcardTokenJSON[] = |
| + "{\"origin\": \"https://valid.example.com:443\", \"isWildcard\": false, " |
| + "\"feature\": \"Frobulate\", \"expiry\": 1458766277}"; |
| + |
| +const char kSampleWildcardTokenJSON[] = |
| + "{\"origin\": \"https://example.com:443\", \"isWildcard\": true, " |
| + "\"feature\": \"Frobulate\", \"expiry\": 1458766277}"; |
| + |
| // Various ill-formed trial tokens. These should all fail to parse. |
| const char* kInvalidTokens[] = { |
| // Invalid - Not JSON at all |
| @@ -126,13 +139,17 @@ const char* kInvalidTokens[] = { |
| "{}", |
| "{\"something\": 1}", |
| "{\"origin\": \"https://a.a\"}", |
| - "{\"origin\": \"https://a.a\", \"feature\": \"a\"}" |
| + "{\"origin\": \"https://a.a\", \"feature\": \"a\"}", |
|
iclelland
2016/10/12 04:18:16
Good catch
|
| "{\"origin\": \"https://a.a\", \"expiry\": 1458766277}", |
| "{\"feature\": \"FeatureName\", \"expiry\": 1458766277}", |
| // Incorrect types |
| "{\"origin\": 1, \"feature\": \"a\", \"expiry\": 1458766277}", |
| "{\"origin\": \"https://a.a\", \"feature\": 1, \"expiry\": 1458766277}", |
| "{\"origin\": \"https://a.a\", \"feature\": \"a\", \"expiry\": \"1\"}", |
| + "{\"origin\": \"https://a.a\", \"isWildcard\": \"true\", \"feature\": " |
| + "\"a\", \"expiry\": 1458766277}", |
| + "{\"origin\": \"https://a.a\", \"isWildcard\": 1, \"feature\": \"a\", " |
| + "\"expiry\": 1458766277}", |
| // Negative expiry timestamp |
| "{\"origin\": \"https://a.a\", \"feature\": \"a\", \"expiry\": -1}", |
| // Origin not a proper origin URL |
| @@ -140,7 +157,8 @@ const char* kInvalidTokens[] = { |
| "{\"origin\": \"data:text/plain,abcdef\", \"feature\": \"a\", \"expiry\": " |
| "1458766277}", |
| "{\"origin\": \"javascript:alert(1)\", \"feature\": \"a\", \"expiry\": " |
| - "1458766277}"}; |
| + "1458766277}", |
| +}; |
| } // namespace |
| @@ -148,8 +166,13 @@ class TrialTokenTest : public testing::TestWithParam<const char*> { |
| public: |
| TrialTokenTest() |
| : expected_origin_(GURL(kExpectedOrigin)), |
| + expected_wildcard_origin_(GURL(kExpectedWildcardOrigin)), |
| + expected_multiple_subdomain_origin_( |
| + GURL(kExpectedMultipleSubdomainOrigin)), |
| invalid_origin_(GURL(kInvalidOrigin)), |
| insecure_origin_(GURL(kInsecureOrigin)), |
| + incorrect_port_origin_(GURL(kIncorrectPortOrigin)), |
| + incorrect_domain_origin_(GURL(kIncorrectDomainOrigin)), |
| expected_expiry_(base::Time::FromDoubleT(kExpectedExpiry)), |
| valid_timestamp_(base::Time::FromDoubleT(kValidTimestamp)), |
| invalid_timestamp_(base::Time::FromDoubleT(kInvalidTimestamp)), |
| @@ -194,8 +217,12 @@ class TrialTokenTest : public testing::TestWithParam<const char*> { |
| base::StringPiece incorrect_public_key() { return incorrect_public_key_; } |
| const url::Origin expected_origin_; |
| + const url::Origin expected_wildcard_origin_; |
| + const url::Origin expected_multiple_subdomain_origin_; |
| const url::Origin invalid_origin_; |
| const url::Origin insecure_origin_; |
| + const url::Origin incorrect_port_origin_; |
| + const url::Origin incorrect_domain_origin_; |
| const base::Time expected_expiry_; |
| const base::Time valid_timestamp_; |
| @@ -274,16 +301,38 @@ TEST_F(TrialTokenTest, ParseValidToken) { |
| std::unique_ptr<TrialToken> token = Parse(kSampleTokenJSON); |
| ASSERT_TRUE(token); |
| EXPECT_EQ(kExpectedFeatureName, token->feature_name()); |
| + EXPECT_FALSE(token->is_wildcard_origin()); |
| EXPECT_EQ(expected_origin_, token->origin()); |
| EXPECT_EQ(expected_expiry_, token->expiry_time()); |
| } |
| +TEST_F(TrialTokenTest, ParseValidNonWildcardToken) { |
| + std::unique_ptr<TrialToken> token = Parse(kSampleNonWildcardTokenJSON); |
| + ASSERT_TRUE(token); |
| + EXPECT_EQ(kExpectedFeatureName, token->feature_name()); |
| + EXPECT_FALSE(token->is_wildcard_origin()); |
| + EXPECT_EQ(expected_origin_, token->origin()); |
| + EXPECT_EQ(expected_expiry_, token->expiry_time()); |
| +} |
| + |
| +TEST_F(TrialTokenTest, ParseValidWildcardToken) { |
| + std::unique_ptr<TrialToken> token = Parse(kSampleWildcardTokenJSON); |
| + ASSERT_TRUE(token); |
| + EXPECT_EQ(kExpectedFeatureName, token->feature_name()); |
| + EXPECT_TRUE(token->is_wildcard_origin()); |
| + EXPECT_EQ(kExpectedWildcardOrigin, token->origin().Serialize()); |
| + EXPECT_EQ(expected_wildcard_origin_, token->origin()); |
| + EXPECT_EQ(expected_expiry_, token->expiry_time()); |
| +} |
| + |
| TEST_F(TrialTokenTest, ValidateValidToken) { |
| std::unique_ptr<TrialToken> token = Parse(kSampleTokenJSON); |
| ASSERT_TRUE(token); |
| EXPECT_TRUE(ValidateOrigin(token.get(), expected_origin_)); |
| EXPECT_FALSE(ValidateOrigin(token.get(), invalid_origin_)); |
| EXPECT_FALSE(ValidateOrigin(token.get(), insecure_origin_)); |
| + EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_port_origin_)); |
| + EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_domain_origin_)); |
| EXPECT_TRUE(ValidateFeatureName(token.get(), kExpectedFeatureName)); |
| EXPECT_FALSE(ValidateFeatureName(token.get(), kInvalidFeatureName)); |
| EXPECT_FALSE(ValidateFeatureName( |
| @@ -294,6 +343,17 @@ TEST_F(TrialTokenTest, ValidateValidToken) { |
| EXPECT_FALSE(ValidateDate(token.get(), invalid_timestamp_)); |
| } |
| +TEST_F(TrialTokenTest, ValidateValidWildcardToken) { |
| + std::unique_ptr<TrialToken> token = Parse(kSampleWildcardTokenJSON); |
| + ASSERT_TRUE(token); |
| + EXPECT_TRUE(ValidateOrigin(token.get(), expected_origin_)); |
| + EXPECT_TRUE(ValidateOrigin(token.get(), expected_wildcard_origin_)); |
| + EXPECT_TRUE(ValidateOrigin(token.get(), expected_multiple_subdomain_origin_)); |
| + EXPECT_FALSE(ValidateOrigin(token.get(), insecure_origin_)); |
| + EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_port_origin_)); |
| + EXPECT_FALSE(ValidateOrigin(token.get(), incorrect_domain_origin_)); |
| +} |
| + |
| TEST_F(TrialTokenTest, TokenIsValid) { |
| std::unique_ptr<TrialToken> token = Parse(kSampleTokenJSON); |
| ASSERT_TRUE(token); |
| @@ -303,6 +363,28 @@ TEST_F(TrialTokenTest, TokenIsValid) { |
| token->IsValid(invalid_origin_, valid_timestamp_)); |
| EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin, |
| token->IsValid(insecure_origin_, valid_timestamp_)); |
| + EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin, |
| + token->IsValid(incorrect_port_origin_, valid_timestamp_)); |
| + EXPECT_EQ(blink::WebOriginTrialTokenStatus::Expired, |
| + token->IsValid(expected_origin_, invalid_timestamp_)); |
| +} |
| + |
| +TEST_F(TrialTokenTest, WildcardTokenIsValid) { |
| + std::unique_ptr<TrialToken> token = Parse(kSampleWildcardTokenJSON); |
| + ASSERT_TRUE(token); |
| + EXPECT_EQ(blink::WebOriginTrialTokenStatus::Success, |
| + token->IsValid(expected_origin_, valid_timestamp_)); |
| + EXPECT_EQ(blink::WebOriginTrialTokenStatus::Success, |
| + token->IsValid(expected_wildcard_origin_, valid_timestamp_)); |
| + EXPECT_EQ( |
| + blink::WebOriginTrialTokenStatus::Success, |
| + token->IsValid(expected_multiple_subdomain_origin_, valid_timestamp_)); |
| + EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin, |
| + token->IsValid(incorrect_domain_origin_, valid_timestamp_)); |
| + EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin, |
| + token->IsValid(insecure_origin_, valid_timestamp_)); |
| + EXPECT_EQ(blink::WebOriginTrialTokenStatus::WrongOrigin, |
| + token->IsValid(incorrect_port_origin_, valid_timestamp_)); |
| EXPECT_EQ(blink::WebOriginTrialTokenStatus::Expired, |
| token->IsValid(expected_origin_, invalid_timestamp_)); |
| } |
