Assert that the system clock is between 1e9 and 2e9 for Origin Trial token validation tests

content/common/origin_trials/trial_token_validator_unittest.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/common/origin_trials/trial_token_validator.h"
 
 #include <memory>
 #include <set>
 #include <string>
 
@@ skipping 80 matching lines @@
 // Well-formed token, for an insecure origin.
 // Generate this token with the command (in tools/origin_trials):
 // generate_token.py http://valid.example.com Frobulate
 // --expire-timestamp=2000000000
 const char kInsecureOriginToken[] =
     "AjfC47H1q8/Ho5ALFkjkwf9CBK6oUUeRTlFc50Dj+eZEyGGKFIY2WTxMBfy8cLc3"
     "E0nmFroDA3OmABmO5jMCFgkAAABXeyJvcmlnaW4iOiAiaHR0cDovL3ZhbGlkLmV4"
     "YW1wbGUuY29tOjgwIiwgImZlYXR1cmUiOiAiRnJvYnVsYXRlIiwgImV4cGlyeSI6"
     "IDIwMDAwMDAwMDB9";
 
+// These timestamps should be in the past and future, respectively. Sanity
+// checks within the tests assert that that is true, to guard against poorly-set
+// system clocks. (And against the inevitable march of time past the year 2033)
+double kPastTimestamp = 1000000000;
+double kFutureTimestamp = 2000000000;

[Marc Treib, 2016/12/08 16:40:45]

Should probably make these const

+
 class TestOriginTrialPolicy : public OriginTrialPolicy {
  public:
   base::StringPiece GetPublicKey() const override {
     return base::StringPiece(reinterpret_cast<const char*>(key_),
                              arraysize(kTestPublicKey));
   }
   bool IsFeatureDisabled(base::StringPiece feature) const override {
     return disabled_features_.count(feature.as_string()) > 0;
   }
 
@@ skipping 34 matching lines @@
       : appropriate_origin_(GURL(kAppropriateOrigin)),
         inappropriate_origin_(GURL(kInappropriateOrigin)),
         insecure_origin_(GURL(kInsecureOrigin)),
         response_headers_(new net::HttpResponseHeaders("")) {
     SetPublicKey(kTestPublicKey);
     SetContentClient(&test_content_client_);
   }
 
   ~TrialTokenValidatorTest() override { SetContentClient(nullptr); }
 
+  void SetUp() override {
+    // Ensure that the system clock is set to a date that the matches the test
+    // expectations. If this fails, either the clock on the test device is
+    // incorrect, or the actual date is after 2033-05-18, and the tokens need to
+    // be regenerated.
+    ASSERT_GT(base::Time::Now(), base::Time::FromDoubleT(kPastTimestamp));
+    ASSERT_LT(base::Time::Now(), base::Time::FromDoubleT(kFutureTimestamp));
+  }
+
   void SetPublicKey(const uint8_t* key) {
     test_content_client_.SetOriginTrialPublicKey(key);
   }
 
   void DisableFeature(const std::string& feature) {
     test_content_client_.DisableFeature(feature);
   }
 
   const url::Origin appropriate_origin_;
   const url::Origin inappropriate_origin_;
@@ skipping 109 matching lines @@
       kAppropriateFeatureName));
   EXPECT_FALSE(TrialTokenValidator::RequestEnablesFeature(
       GURL(kAppropriateOrigin), response_headers_.get(),
       kInappropriateFeatureName));
   EXPECT_FALSE(TrialTokenValidator::RequestEnablesFeature(
       GURL(kInappropriateOrigin), response_headers_.get(),
       kAppropriateFeatureName));
 }
 
 }  // namespace content