| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <string> |
| 6 |
| 7 #include "base/compiler_specific.h" |
| 8 #include "base/run_loop.h" |
| 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "base/threading/sequenced_worker_pool.h" |
| 11 #include "chrome/browser/chrome_notification_types.h" |
| 12 #include "chrome/browser/chromeos/login/login_display_host_impl.h" |
| 13 #include "chrome/browser/chromeos/login/login_manager_test.h" |
| 14 #include "chrome/browser/chromeos/login/managed/managed_user_test_base.h" |
| 15 #include "chrome/browser/chromeos/login/managed/supervised_user_authentication.h
" |
| 16 #include "chrome/browser/chromeos/login/startup_utils.h" |
| 17 #include "chrome/browser/chromeos/login/supervised_user_manager.h" |
| 18 #include "chrome/browser/chromeos/login/webui_login_view.h" |
| 19 #include "chrome/browser/chromeos/net/network_portal_detector_test_impl.h" |
| 20 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" |
| 21 #include "chrome/browser/managed_mode/managed_user_constants.h" |
| 22 #include "chrome/browser/managed_mode/managed_user_registration_utility.h" |
| 23 #include "chrome/browser/managed_mode/managed_user_registration_utility_stub.h" |
| 24 #include "chrome/browser/managed_mode/managed_user_shared_settings_service.h" |
| 25 #include "chrome/browser/managed_mode/managed_user_shared_settings_service_facto
ry.h" |
| 26 #include "chrome/browser/managed_mode/managed_user_sync_service.h" |
| 27 #include "chrome/browser/managed_mode/managed_user_sync_service_factory.h" |
| 28 #include "chromeos/cryptohome/mock_async_method_caller.h" |
| 29 #include "chromeos/cryptohome/mock_homedir_methods.h" |
| 30 #include "content/public/browser/notification_service.h" |
| 31 #include "content/public/test/browser_test_utils.h" |
| 32 #include "content/public/test/test_utils.h" |
| 33 #include "sync/api/attachments/attachment_service_proxy_for_test.h" |
| 34 #include "sync/api/fake_sync_change_processor.h" |
| 35 #include "sync/api/sync_change.h" |
| 36 #include "sync/api/sync_error_factory_mock.h" |
| 37 #include "sync/protocol/sync.pb.h" |
| 38 |
| 39 using testing::_; |
| 40 using chromeos::testing::ManagedUserTestBase; |
| 41 using chromeos::testing::kTestSupervisedUserDisplayName; |
| 42 using chromeos::testing::kTestManager; |
| 43 |
| 44 namespace chromeos { |
| 45 |
| 46 class SupervisedUserPasswordTest : public ManagedUserTestBase { |
| 47 public: |
| 48 SupervisedUserPasswordTest() : ManagedUserTestBase() {} |
| 49 |
| 50 private: |
| 51 DISALLOW_COPY_AND_ASSIGN(SupervisedUserPasswordTest); |
| 52 }; |
| 53 |
| 54 class SupervisedUserPasswordManagerTest : public ManagedUserTestBase { |
| 55 public: |
| 56 SupervisedUserPasswordManagerTest() : ManagedUserTestBase() {} |
| 57 |
| 58 private: |
| 59 DISALLOW_COPY_AND_ASSIGN(SupervisedUserPasswordManagerTest); |
| 60 }; |
| 61 |
| 62 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 63 PRE_PRE_PRE_PasswordChangeFromUserTest) { |
| 64 PrepareUsers(); |
| 65 } |
| 66 |
| 67 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 68 PRE_PRE_PasswordChangeFromUserTest) { |
| 69 StartFlowLoginAsManager(); |
| 70 FillNewUserData(kTestSupervisedUserDisplayName); |
| 71 StartUserCreation("managed-user-creation-next-button", |
| 72 kTestSupervisedUserDisplayName); |
| 73 } |
| 74 |
| 75 // Supervised user signs in, get sync notification about password update, and |
| 76 // schedules password migration. |
| 77 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 78 PRE_PasswordChangeFromUserTest) { |
| 79 SigninAsSupervisedUser(true, 0, kTestSupervisedUserDisplayName); |
| 80 |
| 81 const User* user = UserManager::Get()->GetUsers().at(0); |
| 82 std::string sync_id = |
| 83 UserManager::Get()->GetSupervisedUserManager()->GetUserSyncId( |
| 84 user->email()); |
| 85 base::DictionaryValue password; |
| 86 password.SetIntegerWithoutPathExpansion( |
| 87 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED); |
| 88 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2); |
| 89 |
| 90 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature"); |
| 91 password.SetStringWithoutPathExpansion(kEncryptedPassword, |
| 92 "new-encrypted-password"); |
| 93 |
| 94 shared_settings_adapter_->AddChange( |
| 95 sync_id, managed_users::kChromeOSPasswordData, password, true, false); |
| 96 content::RunAllPendingInMessageLoop(); |
| 97 } |
| 98 |
| 99 // Supervised user signs in for second time, and actual password migration takes |
| 100 // place. |
| 101 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, PasswordChangeFromUserTest) { |
| 102 EXPECT_CALL(*mock_homedir_methods_, MountEx(_, _, _, _)).Times(1); |
| 103 EXPECT_CALL(*mock_homedir_methods_, UpdateKeyEx(_, _, _, _, _)).Times(1); |
| 104 SigninAsSupervisedUser(false, 0, kTestSupervisedUserDisplayName); |
| 105 ::testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_); |
| 106 } |
| 107 |
| 108 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 109 PRE_PRE_PRE_PasswordChangeFromManagerTest) { |
| 110 PrepareUsers(); |
| 111 } |
| 112 |
| 113 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 114 PRE_PRE_PasswordChangeFromManagerTest) { |
| 115 StartFlowLoginAsManager(); |
| 116 FillNewUserData(kTestSupervisedUserDisplayName); |
| 117 StartUserCreation("managed-user-creation-next-button", |
| 118 kTestSupervisedUserDisplayName); |
| 119 } |
| 120 |
| 121 // Manager signs in, gets sync notification about supervised user password |
| 122 // update, and performs migration. |
| 123 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 124 PRE_PasswordChangeFromManagerTest) { |
| 125 const User* managed_user = UserManager::Get()->GetUsers().at(0); |
| 126 |
| 127 SigninAsManager(1); |
| 128 |
| 129 EXPECT_CALL(*mock_homedir_methods_, AddKeyEx(_, _, _, _, _)).Times(1); |
| 130 |
| 131 std::string sync_id = |
| 132 UserManager::Get()->GetSupervisedUserManager()->GetUserSyncId( |
| 133 managed_user->email()); |
| 134 |
| 135 ::sync_pb::ManagedUserSpecifics managed_user_proto; |
| 136 |
| 137 managed_user_proto.set_id(sync_id); |
| 138 managed_user_proto.set_name(kTestSupervisedUserDisplayName); |
| 139 managed_user_proto.set_acknowledged(true); |
| 140 managed_user_proto.set_master_key("master key"); |
| 141 managed_user_proto.set_password_signature_key("signature_key"); |
| 142 managed_user_proto.set_password_encryption_key("encryption_key"); |
| 143 |
| 144 managed_users_adapter_->AddChange(managed_user_proto, false); |
| 145 content::RunAllPendingInMessageLoop(); |
| 146 |
| 147 base::DictionaryValue password; |
| 148 password.SetIntegerWithoutPathExpansion( |
| 149 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED); |
| 150 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2); |
| 151 |
| 152 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature"); |
| 153 password.SetStringWithoutPathExpansion(kEncryptedPassword, |
| 154 "new-encrypted-password"); |
| 155 shared_settings_adapter_->AddChange( |
| 156 sync_id, managed_users::kChromeOSPasswordData, password, true, false); |
| 157 content::RunAllPendingInMessageLoop(); |
| 158 |
| 159 ::testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_); |
| 160 } |
| 161 |
| 162 // After that supervised user signs in, and no password change happens. |
| 163 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 164 PasswordChangeFromManagerTest) { |
| 165 EXPECT_CALL(*mock_homedir_methods_, MountEx(_, _, _, _)).Times(1); |
| 166 EXPECT_CALL(*mock_homedir_methods_, UpdateKeyEx(_, _, _, _, _)).Times(0); |
| 167 SigninAsSupervisedUser(false, 1, kTestSupervisedUserDisplayName); |
| 168 ::testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_); |
| 169 } |
| 170 |
| 171 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 172 PRE_PRE_PRE_PRE_PasswordChangeUserAndManagerTest) { |
| 173 PrepareUsers(); |
| 174 } |
| 175 |
| 176 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 177 PRE_PRE_PRE_PasswordChangeUserAndManagerTest) { |
| 178 StartFlowLoginAsManager(); |
| 179 FillNewUserData(kTestSupervisedUserDisplayName); |
| 180 StartUserCreation("managed-user-creation-next-button", |
| 181 kTestSupervisedUserDisplayName); |
| 182 } |
| 183 |
| 184 // Supervised user signs in, get sync notification about password update, and |
| 185 // schedules password migration. |
| 186 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 187 PRE_PRE_PasswordChangeUserAndManagerTest) { |
| 188 SigninAsSupervisedUser(true, 0, kTestSupervisedUserDisplayName); |
| 189 |
| 190 const User* user = UserManager::Get()->GetUsers().at(0); |
| 191 std::string sync_id = |
| 192 UserManager::Get()->GetSupervisedUserManager()->GetUserSyncId( |
| 193 user->email()); |
| 194 base::DictionaryValue password; |
| 195 password.SetIntegerWithoutPathExpansion( |
| 196 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED); |
| 197 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2); |
| 198 |
| 199 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature"); |
| 200 password.SetStringWithoutPathExpansion(kEncryptedPassword, |
| 201 "new-encrypted-password"); |
| 202 |
| 203 shared_settings_adapter_->AddChange( |
| 204 sync_id, managed_users::kChromeOSPasswordData, password, true, false); |
| 205 content::RunAllPendingInMessageLoop(); |
| 206 } |
| 207 |
| 208 // After that manager signs in, and also detects password change. Manager |
| 209 // performs the migration. |
| 210 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 211 PRE_PasswordChangeUserAndManagerTest) { |
| 212 const User* managed_user = UserManager::Get()->GetUsers().at(0); |
| 213 |
| 214 SigninAsManager(1); |
| 215 |
| 216 EXPECT_CALL(*mock_homedir_methods_, AddKeyEx(_, _, _, _, _)).Times(1); |
| 217 |
| 218 std::string sync_id = |
| 219 UserManager::Get()->GetSupervisedUserManager()->GetUserSyncId( |
| 220 managed_user->email()); |
| 221 |
| 222 ::sync_pb::ManagedUserSpecifics managed_user_proto; |
| 223 |
| 224 managed_user_proto.set_id(sync_id); |
| 225 managed_user_proto.set_name(kTestSupervisedUserDisplayName); |
| 226 managed_user_proto.set_acknowledged(true); |
| 227 managed_user_proto.set_master_key("master key"); |
| 228 managed_user_proto.set_password_signature_key("signature_key"); |
| 229 managed_user_proto.set_password_encryption_key("encryption_key"); |
| 230 |
| 231 managed_users_adapter_->AddChange(managed_user_proto, false); |
| 232 content::RunAllPendingInMessageLoop(); |
| 233 |
| 234 base::DictionaryValue password; |
| 235 password.SetIntegerWithoutPathExpansion( |
| 236 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED); |
| 237 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2); |
| 238 |
| 239 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature"); |
| 240 password.SetStringWithoutPathExpansion(kEncryptedPassword, |
| 241 "new-encrypted-password"); |
| 242 shared_settings_adapter_->AddChange( |
| 243 sync_id, managed_users::kChromeOSPasswordData, password, true, false); |
| 244 content::RunAllPendingInMessageLoop(); |
| 245 |
| 246 ::testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_); |
| 247 } |
| 248 |
| 249 // When supervised user signs in, password is already migrated, so no migration |
| 250 // should be attempted. |
| 251 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest, |
| 252 PasswordChangeUserAndManagerTest) { |
| 253 EXPECT_CALL(*mock_homedir_methods_, MountEx(_, _, _, _)).Times(1); |
| 254 EXPECT_CALL(*mock_homedir_methods_, UpdateKeyEx(_, _, _, _, _)).Times(0); |
| 255 SigninAsSupervisedUser(false, 1, kTestSupervisedUserDisplayName); |
| 256 ::testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_); |
| 257 } |
| 258 |
| 259 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 243103007:
Tests for supervised users password sync: (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src