OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "chrome/browser/chromeos/login/quick_unlock/fingerprint_unlock.h" | |
6 #include "chrome/browser/chromeos/login/quick_unlock/fingerprint_unlock_factory. h" | |
7 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" | |
8 #include "chrome/common/pref_names.h" | |
9 #include "chrome/test/base/testing_profile.h" | |
10 #include "components/prefs/pref_service.h" | |
11 #include "content/public/test/test_browser_thread_bundle.h" | |
12 #include "testing/gtest/include/gtest/gtest.h" | |
13 | |
14 namespace chromeos { | |
15 namespace { | |
16 | |
17 void SetConfirmationFrequency( | |
18 PrefService* pref_service, | |
19 quick_unlock::PasswordConfirmationFrequency frequency) { | |
20 pref_service->SetInteger(prefs::kQuickUnlockTimeout, | |
21 static_cast<int>(frequency)); | |
22 } | |
23 | |
24 class FingerprintUnlockUnitTest : public testing::Test { | |
25 protected: | |
26 FingerprintUnlockUnitTest() : profile_(new TestingProfile()) {} | |
27 ~FingerprintUnlockUnitTest() override {} | |
28 | |
29 // testing::Test: | |
30 void SetUp() override { quick_unlock::EnableForTesting(); } | |
31 | |
32 content::TestBrowserThreadBundle thread_bundle_; | |
33 std::unique_ptr<TestingProfile> profile_; | |
34 | |
35 DISALLOW_COPY_AND_ASSIGN(FingerprintUnlockUnitTest); | |
36 }; | |
37 | |
38 } // namespace | |
39 | |
40 // Provides test-only FingerprintUnlock APIs. | |
41 class FingerprintUnlockTestApi { | |
42 public: | |
43 // Does *not* take ownership over |fingerprint_unlock|. | |
44 explicit FingerprintUnlockTestApi( | |
45 quick_unlock::FingerprintUnlock* fingerprint_unlock) | |
46 : fingerprint_unlock_(fingerprint_unlock) {} | |
47 | |
48 // Reduces the amount of strong auth time available by |time_delta|. | |
49 void ReduceRemainingStrongAuthTimeBy(const base::TimeDelta& time_delta) { | |
50 fingerprint_unlock_->last_strong_auth_ -= time_delta; | |
51 } | |
52 | |
53 bool HasStrongAuthInfo() { | |
54 return !fingerprint_unlock_->last_strong_auth_.is_null(); | |
55 } | |
56 | |
57 void SetEnrollments(bool has_enrollments) { | |
58 fingerprint_unlock_->has_enrollments_ = has_enrollments; | |
59 } | |
60 | |
61 private: | |
62 quick_unlock::FingerprintUnlock* fingerprint_unlock_; | |
63 | |
64 DISALLOW_COPY_AND_ASSIGN(FingerprintUnlockTestApi); | |
65 }; | |
66 | |
67 // Verifies that: | |
68 // 1. Initial unlock attempt count is zero. | |
69 // 2. Attempting unlock attempts correctly increases unlock attempt count. | |
70 // 3. Resetting unlock attempt count correctly sets attempt count to 0. | |
71 TEST_F(FingerprintUnlockUnitTest, UnlockAttemptCount) { | |
72 quick_unlock::FingerprintUnlock* fingerprint_unlock = | |
73 quick_unlock::FingerprintUnlockFactory::GetForProfile(profile_.get()); | |
74 | |
75 EXPECT_EQ(0, fingerprint_unlock->unlock_attempt_count()); | |
76 | |
77 fingerprint_unlock->AddUnlockAttempt(); | |
78 fingerprint_unlock->AddUnlockAttempt(); | |
79 fingerprint_unlock->AddUnlockAttempt(); | |
80 EXPECT_EQ(3, fingerprint_unlock->unlock_attempt_count()); | |
81 | |
82 fingerprint_unlock->ResetUnlockAttemptCount(); | |
83 EXPECT_EQ(0, fingerprint_unlock->unlock_attempt_count()); | |
84 } | |
85 | |
86 // Verifies that marking the strong auth makes TimeSinceLastStrongAuth a > zero | |
87 // value. | |
88 TEST_F(FingerprintUnlockUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) { | |
89 quick_unlock::FingerprintUnlock* fingerprint_unlock = | |
90 quick_unlock::FingerprintUnlockFactory::GetForProfile(profile_.get()); | |
91 FingerprintUnlockTestApi test_api(fingerprint_unlock); | |
92 | |
93 EXPECT_FALSE(test_api.HasStrongAuthInfo()); | |
94 | |
95 fingerprint_unlock->MarkStrongAuth(); | |
96 | |
97 EXPECT_TRUE(test_api.HasStrongAuthInfo()); | |
98 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromSeconds(60)); | |
99 | |
100 EXPECT_TRUE(fingerprint_unlock->TimeSinceLastStrongAuth() >= | |
101 base::TimeDelta::FromSeconds(30)); | |
stevenjb
2017/02/27 17:25:34
It isn't clear whether 60 and 30 are arbitrary or
xiaoyinh(OOO Sep 11-29)
2017/02/27 21:36:42
Done.
| |
102 } | |
103 | |
104 // Verifies that by altering the password confirmation preference, the | |
105 // fingerprint unlock will request password reconfirmation as expected. | |
106 TEST_F(FingerprintUnlockUnitTest, | |
107 QuickUnlockPasswordConfirmationFrequencyPreference) { | |
108 quick_unlock::FingerprintUnlock* fingerprint_unlock = | |
109 quick_unlock::FingerprintUnlockFactory::GetForProfile(profile_.get()); | |
110 PrefService* pref_service = profile_->GetPrefs(); | |
111 FingerprintUnlockTestApi test_api(fingerprint_unlock); | |
112 | |
113 // The default is one day, so verify moving the last strong auth time back 13 | |
114 // hours should not request strong auth. | |
115 fingerprint_unlock->MarkStrongAuth(); | |
116 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(13)); | |
stevenjb
2017/02/27 17:25:34
Again, use named constants throughout.
xiaoyinh(OOO Sep 11-29)
2017/02/27 21:36:42
Done.
| |
117 EXPECT_TRUE(fingerprint_unlock->HasStrongAuth()); | |
118 | |
119 // Verify moving the last strong auth time back another 13 hours should | |
120 // request strong auth. | |
121 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(13)); | |
122 EXPECT_FALSE(fingerprint_unlock->HasStrongAuth()); | |
123 | |
124 // Verify that by changing the frequency of required password confirmation to | |
125 // six hours, moving the last strong auth interval back by 4 hours will not | |
126 // trigger a request for strong auth, but moving it by an additional 4 hours | |
127 // will. | |
128 fingerprint_unlock->MarkStrongAuth(); | |
129 SetConfirmationFrequency( | |
130 pref_service, quick_unlock::PasswordConfirmationFrequency::SIX_HOURS); | |
131 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(4)); | |
132 EXPECT_TRUE(fingerprint_unlock->HasStrongAuth()); | |
133 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(4)); | |
134 EXPECT_FALSE(fingerprint_unlock->HasStrongAuth()); | |
135 | |
136 // A valid strong auth becomes invalid if the confirmation frequency is | |
137 // shortened to less than the expiration time. | |
138 fingerprint_unlock->MarkStrongAuth(); | |
139 SetConfirmationFrequency( | |
140 pref_service, quick_unlock::PasswordConfirmationFrequency::TWELVE_HOURS); | |
141 EXPECT_TRUE(fingerprint_unlock->HasStrongAuth()); | |
142 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(8)); | |
143 EXPECT_TRUE(fingerprint_unlock->HasStrongAuth()); | |
144 SetConfirmationFrequency( | |
145 pref_service, quick_unlock::PasswordConfirmationFrequency::SIX_HOURS); | |
146 EXPECT_FALSE(fingerprint_unlock->HasStrongAuth()); | |
147 | |
148 // An expired strong auth becomes usable if the confirmation frequency gets | |
149 // extended past the expiration time. | |
150 fingerprint_unlock->MarkStrongAuth(); | |
151 SetConfirmationFrequency( | |
152 pref_service, quick_unlock::PasswordConfirmationFrequency::SIX_HOURS); | |
153 EXPECT_TRUE(fingerprint_unlock->HasStrongAuth()); | |
154 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(8)); | |
155 EXPECT_FALSE(fingerprint_unlock->HasStrongAuth()); | |
156 SetConfirmationFrequency( | |
157 pref_service, quick_unlock::PasswordConfirmationFrequency::TWELVE_HOURS); | |
158 EXPECT_TRUE(fingerprint_unlock->HasStrongAuth()); | |
159 } | |
160 | |
161 // Verifies that authentication is not available when | |
162 // 1. No enrollments registered | |
163 // 2. Too many authentication attempts | |
164 // 3. No valid strong auth | |
165 TEST_F(FingerprintUnlockUnitTest, AuthenticationUnAvailable) { | |
166 quick_unlock::FingerprintUnlock* fingerprint_unlock = | |
167 quick_unlock::FingerprintUnlockFactory::GetForProfile(profile_.get()); | |
168 FingerprintUnlockTestApi test_api(fingerprint_unlock); | |
169 | |
170 EXPECT_FALSE(test_api.HasStrongAuthInfo()); | |
171 fingerprint_unlock->MarkStrongAuth(); | |
172 EXPECT_TRUE(test_api.HasStrongAuthInfo()); | |
173 | |
174 EXPECT_FALSE(fingerprint_unlock->HasEnrollment()); | |
175 test_api.SetEnrollments(true); | |
176 EXPECT_TRUE(fingerprint_unlock->HasEnrollment()); | |
177 EXPECT_EQ(0, fingerprint_unlock->unlock_attempt_count()); | |
178 EXPECT_TRUE(fingerprint_unlock->IsFingerprintAuthenticationAvailable()); | |
179 | |
180 // No enrollment registered makes fingerprint authentication unavailable. | |
181 test_api.SetEnrollments(false); | |
182 EXPECT_FALSE(fingerprint_unlock->IsFingerprintAuthenticationAvailable()); | |
183 test_api.SetEnrollments(true); | |
184 EXPECT_TRUE(fingerprint_unlock->IsFingerprintAuthenticationAvailable()); | |
185 | |
186 // Too many authentication attempts make fingerprint authentication | |
187 // unavailable. | |
188 for (int i = 0; i < quick_unlock::FingerprintUnlock::kMaximumUnlockAttempts; | |
189 ++i) | |
190 fingerprint_unlock->AddUnlockAttempt(); | |
stevenjb
2017/02/27 17:25:34
{}
xiaoyinh(OOO Sep 11-29)
2017/02/27 21:36:43
Done.
| |
191 EXPECT_FALSE(fingerprint_unlock->IsFingerprintAuthenticationAvailable()); | |
192 fingerprint_unlock->ResetUnlockAttemptCount(); | |
193 EXPECT_TRUE(fingerprint_unlock->IsFingerprintAuthenticationAvailable()); | |
194 | |
195 // Strong auth becomes invalid after 1 day, and invalid strong auth makes | |
196 // fingerprint authentication unavailable. | |
197 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(24)); | |
198 EXPECT_FALSE(fingerprint_unlock->HasStrongAuth()); | |
199 EXPECT_FALSE(fingerprint_unlock->IsFingerprintAuthenticationAvailable()); | |
200 } | |
201 | |
202 } // namespace chromeos | |
OLD | NEW |