Refactor SecurityStateModel/Clients for simplicity and reusability.

components/security_state/content/content_utils_unittest.cc

Index: components/security_state/content/content_utils_unittest.cc
diff --git a/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc b/components/security_state/content/content_utils_unittest.cc
similarity index 62%
rename from chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
rename to components/security_state/content/content_utils_unittest.cc
index 711c17cfcf9155fadbad38030854769bb2c2b182..8dab2bc05540ea15c3471d54d4fbed3dc677e9c6 100644
--- a/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
+++ b/components/security_state/content/content_utils_unittest.cc
@@ -2,13 +2,12 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "chrome/browser/ssl/chrome_security_state_model_client.h"
+#include "components/security_state/content/content_utils.h"
 
 #include "base/command_line.h"
 #include "base/test/histogram_tester.h"
-#include "chrome/test/base/chrome_render_view_host_test_harness.h"
-#include "components/security_state/security_state_model.h"
-#include "components/security_state/switches.h"
+#include "components/security_state/core/security_state_model.h"
+#include "components/security_state/core/switches.h"
 #include "content/public/browser/security_style_explanation.h"
 #include "content/public/browser/security_style_explanations.h"
 #include "net/cert/cert_status_flags.h"
@@ -18,14 +17,12 @@
 
 namespace {
 
-const char kHTTPBadHistogram[] =
-    "Security.HTTPBad.UserWarnedAboutSensitiveInput";
+using security_state_content_utils::GetSecurityStyle;
 
 // Tests that SecurityInfo flags for subresources with certificate
 // errors are reflected in the SecurityStyleExplanations produced by
-// ChromeSecurityStateModelClient.
-TEST(ChromeSecurityStateModelClientTest,
-     GetSecurityStyleForContentWithCertErrors) {
+// GetSecurityStyle.
+TEST(SecurityStateContentUtilsTest, GetSecurityStyleForContentWithCertErrors) {
   content::SecurityStyleExplanations explanations;
   security_state::SecurityStateModel::SecurityInfo security_info;
   security_info.cert_status = 0;
@@ -33,29 +30,25 @@ TEST(ChromeSecurityStateModelClientTest,
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_TRUE(explanations.ran_content_with_cert_errors);
   EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_RAN;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_TRUE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_NONE;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 }
@@ -64,7 +57,7 @@ TEST(ChromeSecurityStateModelClientTest,
 // errors are *not* set when the main resource has major certificate
 // errors. If the main resource has certificate errors, it would be
 // duplicative/confusing to also report subresources with cert errors.
-TEST(ChromeSecurityStateModelClientTest,
+TEST(SecurityStateContentUtilsTest,
      SubresourcesAndMainResourceWithMajorCertErrors) {
   content::SecurityStyleExplanations explanations;
   security_state::SecurityStateModel::SecurityInfo security_info;
@@ -73,29 +66,25 @@ TEST(ChromeSecurityStateModelClientTest,
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_RAN;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_NONE;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 }
@@ -104,7 +93,7 @@ TEST(ChromeSecurityStateModelClientTest,
 // errors are set when the main resource has only minor certificate
 // errors. Minor errors on the main resource should not hide major
 // errors on subresources.
-TEST(ChromeSecurityStateModelClientTest,
+TEST(SecurityStateContentUtilsTest,
      SubresourcesAndMainResourceWithMinorCertErrors) {
   content::SecurityStyleExplanations explanations;
   security_state::SecurityStateModel::SecurityInfo security_info;
@@ -113,29 +102,25 @@ TEST(ChromeSecurityStateModelClientTest,
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_TRUE(explanations.ran_content_with_cert_errors);
   EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_RAN;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_TRUE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
 
   security_info.content_with_cert_errors_status =
       security_state::SecurityStateModel::CONTENT_STATUS_NONE;
-  ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                   &explanations);
+  GetSecurityStyle(security_info, &explanations);
   EXPECT_FALSE(explanations.ran_content_with_cert_errors);
   EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
 }
@@ -156,7 +141,7 @@ bool FindSecurityStyleExplanation(
 
 // Test that connection explanations are formated as expected. Note the strings
 // are not translated and so will be the same in any locale.
-TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
+TEST(SecurityStateContentUtilsTest, ConnectionExplanation) {
   // Test a modern configuration with a key exchange group.
   security_state::SecurityStateModel::SecurityInfo security_info;
   security_info.cert_status = net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION;
@@ -170,8 +155,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
 
   {
     content::SecurityStyleExplanations explanations;
-    ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                     &explanations);
+    GetSecurityStyle(security_info, &explanations);
     content::SecurityStyleExplanation explanation;
     ASSERT_TRUE(FindSecurityStyleExplanation(
         explanations.secure_explanations, "Secure Connection", &explanation));
@@ -187,8 +171,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
   security_info.key_exchange_group = 0;
   {
     content::SecurityStyleExplanations explanations;
-    ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                     &explanations);
+    GetSecurityStyle(security_info, &explanations);
     content::SecurityStyleExplanation explanation;
     ASSERT_TRUE(FindSecurityStyleExplanation(
         explanations.secure_explanations, "Secure Connection", &explanation));
@@ -207,8 +190,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
   security_info.key_exchange_group = 29;  // X25519
   {
     content::SecurityStyleExplanations explanations;
-    ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                     &explanations);
+    GetSecurityStyle(security_info, &explanations);
     content::SecurityStyleExplanation explanation;
     ASSERT_TRUE(FindSecurityStyleExplanation(
         explanations.secure_explanations, "Secure Connection", &explanation));
@@ -222,14 +204,13 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
 
 // Tests that a security level of HTTP_SHOW_WARNING produces a
 // content::SecurityStyle of UNAUTHENTICATED, with an explanation.
-TEST(ChromeSecurityStateModelClientTest, HTTPWarning) {
+TEST(SecurityStateContentUtilsTest, HTTPWarning) {
   security_state::SecurityStateModel::SecurityInfo security_info;
   content::SecurityStyleExplanations explanations;
   security_info.security_level =
       security_state::SecurityStateModel::HTTP_SHOW_WARNING;
   blink::WebSecurityStyle security_style =
-      ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                       &explanations);
+      GetSecurityStyle(security_info, &explanations);
   EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
   EXPECT_EQ(1u, explanations.unauthenticated_explanations.size());
 }
@@ -237,92 +218,15 @@ TEST(ChromeSecurityStateModelClientTest, HTTPWarning) {
 // Tests that a security level of NONE when there is a password or
 // credit card field on HTTP produces a content::SecurityStyle of
 // UNAUTHENTICATED, with an info explanation.
-TEST(ChromeSecurityStateModelClientTest, HTTPWarningInFuture) {
+TEST(SecurityStateContentUtilsTest, HTTPWarningInFuture) {
   security_state::SecurityStateModel::SecurityInfo security_info;
   content::SecurityStyleExplanations explanations;
   security_info.security_level = security_state::SecurityStateModel::NONE;
   security_info.displayed_private_user_data_input_on_http = true;
   blink::WebSecurityStyle security_style =
-      ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
-                                                       &explanations);
+      GetSecurityStyle(security_info, &explanations);
   EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
   EXPECT_EQ(1u, explanations.info_explanations.size());
 }
 
-class ChromeSecurityStateModelClientHistogramTest
-    : public ChromeRenderViewHostTestHarness {
- public:
-  ChromeSecurityStateModelClientHistogramTest() {}
-  ~ChromeSecurityStateModelClientHistogramTest() override {}
-
-  void SetUp() override {
-    ChromeRenderViewHostTestHarness::SetUp();
-
-    ChromeSecurityStateModelClient::CreateForWebContents(web_contents());
-    client_ = ChromeSecurityStateModelClient::FromWebContents(web_contents());
-    navigate_to_http();
-  }
-
- protected:
-  ChromeSecurityStateModelClient* client() { return client_; }
-
-  void signal_password() {
-    web_contents()->OnPasswordInputShownOnHttp();
-    client_->VisibleSecurityStateChanged();
-  }
-
-  void navigate_to_http() { NavigateAndCommit(GURL("http://example.test")); }
-
- private:
-  ChromeSecurityStateModelClient* client_;
-  DISALLOW_COPY_AND_ASSIGN(ChromeSecurityStateModelClientHistogramTest);
-};
-
-// Tests that UMA logs the omnibox warning when security level is
-// HTTP_SHOW_WARNING.
-TEST_F(ChromeSecurityStateModelClientHistogramTest,
-       HTTPOmniboxWarningHistogram) {
-  // Show Warning Chip.
-  base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
-      security_state::switches::kMarkHttpAs,
-      security_state::switches::kMarkHttpWithPasswordsOrCcWithChip);
-
-  base::HistogramTester histograms;
-  signal_password();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 1);
-
-  // Fire again and ensure no sample is recorded.
-  signal_password();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 1);
-
-  // Navigate to a new page and ensure a sample is recorded.
-  navigate_to_http();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 1);
-  signal_password();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 2);
-}
-
-// Tests that UMA logs the console warning when security level is NONE.
-TEST_F(ChromeSecurityStateModelClientHistogramTest,
-       HTTPConsoleWarningHistogram) {
-  // Show Neutral for HTTP
-  base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
-      security_state::switches::kMarkHttpAs,
-      security_state::switches::kMarkHttpAsNeutral);
-
-  base::HistogramTester histograms;
-  signal_password();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 1);
-
-  // Fire again and ensure no sample is recorded.
-  signal_password();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 1);
-
-  // Navigate to a new page and ensure a sample is recorded.
-  navigate_to_http();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 1);
-  signal_password();
-  histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 2);
-}
-
 }  // namespace