Add the Mojo implementation of authenticator.mojom's MakeCredential.

components/webauth/authenticator_impl_unittest.cc

Index: components/webauth/authenticator_impl_unittest.cc
diff --git a/components/webauth/authenticator_impl_unittest.cc b/components/webauth/authenticator_impl_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..510c55a0884cf2780c6ca22eeb4afb2b825c3a52
--- /dev/null
+++ b/components/webauth/authenticator_impl_unittest.cc
@@ -0,0 +1,167 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/webauth/authenticator_impl.h"
+
+#include <stdint.h>
+#include <string>
+#include <vector>
+
+#include "base/run_loop.h"
+#include "content/public/browser/render_frame_host.h"
+#include "content/public/browser/web_contents.h"
+#include "content/public/test/navigation_simulator.h"
+#include "content/public/test/test_renderer_host.h"
+#include "content/test/test_render_frame_host.h"
+#include "mojo/public/cpp/bindings/binding.h"
+#include "testing/gmock/include/gmock/gmock.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+using ::testing::_;
+
+namespace webauth {
+
+using mojom::RelyingPartyAccount;
+using mojom::ScopedCredentialOptions;
+using mojom::ScopedCredentialParameters;
+using mojom::AuthenticatorPtr;
+using mojom::AuthenticatorStatus;
+using mojom::RelyingPartyAccountPtr;
+using mojom::ScopedCredentialInfoPtr;
+using mojom::ScopedCredentialOptionsPtr;
+using mojom::ScopedCredentialParametersPtr;
+
+const char* kOrigin1 = "https://google.com";
+
+class AuthenticatorImplTest : public content::RenderViewHostTestHarness {
+ public:
+  AuthenticatorImplTest() {}
+  ~AuthenticatorImplTest() override {}
+
+ protected:
+  // Simulates navigating to a page and getting the page contents and language
+  // for that navigation.
+  void SimulateNavigation(const GURL& url) {
+    if (main_rfh()->GetLastCommittedURL() == url)
+      Reload();

[Mike West, 2017/06/27 08:03:30]

Why do you need the reload logic here? Would `NavigateAndCommit()` turn into a
noop if the URLs matched?

+    else
+      NavigateAndCommit(url);
+  }
+
+  AuthenticatorPtr ConnectToAuthenticator() {
+    AuthenticatorPtr authenticator;
+    AuthenticatorImpl::Create(main_rfh(), mojo::MakeRequest(&authenticator));
+    return authenticator;
+  }
+
+ private:
+  void SetUp() override { content::RenderViewHostTestHarness::SetUp(); }
+
+  void TearDown() override { content::RenderViewHostTestHarness::TearDown(); }

[Mike West, 2017/06/27 08:03:29]

Do we need to define either of these? It looks like we're just calling the
inherited method.

+};
+
+class TestMakeCredentialCallback {
+ public:
+  TestMakeCredentialCallback()
+      : callback_(base::Bind(&TestMakeCredentialCallback::ReceivedCallback,
+                             base::Unretained(this))) {}
+  ~TestMakeCredentialCallback() {}
+
+  void ReceivedCallback(AuthenticatorStatus status,
+                        ScopedCredentialInfoPtr credential) {
+    response_ = std::make_pair(status, std::move(credential));
+    closure_.Run();
+  }
+
+  std::pair<AuthenticatorStatus, ScopedCredentialInfoPtr>& WaitForCallback() {
+    closure_ = run_loop_.QuitClosure();
+    run_loop_.Run();
+    return response_;
+  }
+
+  const base::Callback<void(AuthenticatorStatus status,
+                            ScopedCredentialInfoPtr credential)>&
+  callback() {
+    return callback_;
+  }
+
+ private:
+  std::pair<AuthenticatorStatus, ScopedCredentialInfoPtr> response_;
+  base::Closure closure_;
+  base::Callback<void(AuthenticatorStatus status,
+                      ScopedCredentialInfoPtr credential)>
+      callback_;
+  base::RunLoop run_loop_;
+};
+
+RelyingPartyAccountPtr GetTestRelyingPartyAccount() {
+  RelyingPartyAccountPtr account = RelyingPartyAccount::New();
+  account->relying_party_display_name = std::string("TestRP");
+  account->display_name = std::string("Test A. Name");
+  account->id = std::string("1098237235409872");
+  account->name = std::string("Testname@example.com");
+  account->image_url = std::string("fakeurl.png");
+  return account;
+}
+
+std::vector<ScopedCredentialParametersPtr> GetTestScopedCredentialParameters() {
+  std::vector<ScopedCredentialParametersPtr> parameters;
+  auto fake_parameter = ScopedCredentialParameters::New();
+  fake_parameter->type = mojom::ScopedCredentialType::SCOPEDCRED;
+  parameters.push_back(std::move(fake_parameter));
+  return parameters;
+}
+
+ScopedCredentialOptionsPtr GetTestScopedCredentialOptions() {
+  ScopedCredentialOptionsPtr opts = ScopedCredentialOptions::New();
+  opts->adjusted_timeout = 60;
+  opts->relying_party_id = std::string("localhost");

[Mike West, 2017/06/27 08:03:29]

Note that this doesn't match either of the URLs tested below. It seems like we
should be exploding somewhere if we get a message from the renderer whose rpID
doesn't match its origin?

+  return opts;
+}
+
+// Test that service returns NOT_IMPLEMENTED on a call to MakeCredential.
+TEST_F(AuthenticatorImplTest, MakeCredentialNotImplemented) {
+  SimulateNavigation(GURL(kOrigin1));
+  AuthenticatorPtr authenticator = ConnectToAuthenticator();
+
+  RelyingPartyAccountPtr account = GetTestRelyingPartyAccount();
+
+  std::vector<ScopedCredentialParametersPtr> parameters =
+      GetTestScopedCredentialParameters();
+
+  std::vector<uint8_t> buffer(32, 0x0A);

[Mike West, 2017/06/27 08:03:30]

Why `0x0A`?

+  ScopedCredentialOptionsPtr opts = GetTestScopedCredentialOptions();
+
+  TestMakeCredentialCallback cb;
+  authenticator->MakeCredential(std::move(account), std::move(parameters),
+                                buffer, std::move(opts), cb.callback());
+  std::pair<mojom::AuthenticatorStatus, mojom::ScopedCredentialInfoPtr>&
+      response = cb.WaitForCallback();
+  EXPECT_EQ(mojom::AuthenticatorStatus::NOT_IMPLEMENTED, response.first);
+}
+
+// Test that service returns NOT_ALLOWED_ERROR on a call to MakeCredential with
+// an opaque origin.
+TEST_F(AuthenticatorImplTest, MakeCredentialOpaqueOrigin) {
+  NavigateAndCommit(GURL(base::UTF8ToUTF16("")));

[Mike West, 2017/06/27 08:03:29]

Hrm. It kinda surprises me that navigation to an empty URL works. :/

Perhaps you could navigate to `data:text/html,opaque` instead? That will have an
opaque origin, because all `data:` URLs have opaque origins.

+  AuthenticatorPtr authenticator = ConnectToAuthenticator();
+  RelyingPartyAccountPtr account = GetTestRelyingPartyAccount();
+
+  std::vector<ScopedCredentialParametersPtr> parameters =
+      GetTestScopedCredentialParameters();
+
+  std::vector<uint8_t> buffer(32, 0x0A);
+  ScopedCredentialOptionsPtr opts = GetTestScopedCredentialOptions();
+
+  TestMakeCredentialCallback cb;
+  authenticator->MakeCredential(std::move(account), std::move(parameters),
+                                buffer, std::move(opts), cb.callback());
+  std::pair<mojom::AuthenticatorStatus, mojom::ScopedCredentialInfoPtr>&
+      response = cb.WaitForCallback();
+  EXPECT_EQ(mojom::AuthenticatorStatus::NOT_ALLOWED_ERROR, response.first);
+}
+
+// Test that service returns SECURITY_ERROR on call to MakeCredential if
+// effectivedomain is empty.

[Mike West, 2017/06/27 08:03:29]

Nit: Drop the comment, as I think we're now DCHECKing to assert that this case
doesn't happen.

+}  // namespace webauth