OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file tests the chromeos.quickUnlockPrivate extension API. | 5 // This file tests the chromeos.quickUnlockPrivate extension API. |
6 | 6 |
7 #include "chrome/browser/chromeos/extensions/quick_unlock_private/quick_unlock_p
rivate_api.h" | 7 #include "chrome/browser/chromeos/extensions/quick_unlock_private/quick_unlock_p
rivate_api.h" |
8 | 8 |
9 #include <algorithm> | 9 #include <algorithm> |
10 | 10 |
11 #include "base/bind.h" | 11 #include "base/bind.h" |
12 #include "base/memory/ptr_util.h" | 12 #include "base/memory/ptr_util.h" |
| 13 #include "base/stl_util.h" |
| 14 #include "base/threading/thread_task_runner_handle.h" |
| 15 #include "chrome/browser/chromeos/login/quick_unlock/pin_backend.h" |
| 16 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage_prefs.h" |
13 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_factory.h" | 17 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_factory.h" |
14 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_storage.h" | 18 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_storage.h" |
15 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" | 19 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" |
16 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" | 20 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" |
17 #include "chrome/browser/chromeos/login/users/scoped_user_manager_enabler.h" | 21 #include "chrome/browser/chromeos/login/users/scoped_user_manager_enabler.h" |
| 22 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
18 #include "chrome/browser/extensions/extension_api_unittest.h" | 23 #include "chrome/browser/extensions/extension_api_unittest.h" |
19 #include "chrome/common/pref_names.h" | 24 #include "chrome/common/pref_names.h" |
| 25 #include "chromeos/cryptohome/mock_homedir_methods.h" |
| 26 #include "chromeos/cryptohome/system_salt_getter.h" |
20 #include "chromeos/login/auth/fake_extended_authenticator.h" | 27 #include "chromeos/login/auth/fake_extended_authenticator.h" |
| 28 #include "content/public/test/test_utils.h" |
21 #include "extensions/browser/api_test_utils.h" | 29 #include "extensions/browser/api_test_utils.h" |
22 #include "extensions/browser/extension_function_dispatcher.h" | 30 #include "extensions/browser/extension_function_dispatcher.h" |
23 | 31 |
24 using namespace extensions; | 32 using namespace extensions; |
25 namespace quick_unlock_private = extensions::api::quick_unlock_private; | 33 namespace quick_unlock_private = extensions::api::quick_unlock_private; |
26 using CredentialCheck = quick_unlock_private::CredentialCheck; | 34 using CredentialCheck = quick_unlock_private::CredentialCheck; |
27 using CredentialProblem = quick_unlock_private::CredentialProblem; | 35 using CredentialProblem = quick_unlock_private::CredentialProblem; |
28 using CredentialRequirements = quick_unlock_private::CredentialRequirements; | 36 using CredentialRequirements = quick_unlock_private::CredentialRequirements; |
29 using QuickUnlockMode = quick_unlock_private::QuickUnlockMode; | 37 using QuickUnlockMode = quick_unlock_private::QuickUnlockMode; |
30 using QuickUnlockModeList = std::vector<QuickUnlockMode>; | 38 using QuickUnlockModeList = std::vector<QuickUnlockMode>; |
31 using CredentialList = std::vector<std::string>; | 39 using CredentialList = std::vector<std::string>; |
32 | 40 |
| 41 using ::testing::Invoke; |
| 42 using ::testing::WithArgs; |
| 43 using ::testing::_; |
| 44 |
33 namespace chromeos { | 45 namespace chromeos { |
34 namespace { | 46 namespace { |
35 | 47 |
36 const char* kTestUserEmail = "testuser@gmail.com"; | 48 const char* kTestUserEmail = "testuser@gmail.com"; |
37 const char* kTestUserEmailHash = "testuser@gmail.com-hash"; | 49 const char* kTestUserEmailHash = "testuser@gmail.com-hash"; |
38 const char* kValidPassword = "valid"; | 50 const char* kValidPassword = "valid"; |
39 const char* kInvalidPassword = "invalid"; | 51 const char* kInvalidPassword = "invalid"; |
40 | 52 |
41 ExtendedAuthenticator* CreateFakeAuthenticator( | 53 ExtendedAuthenticator* CreateFakeAuthenticator( |
42 AuthStatusConsumer* auth_status_consumer) { | 54 AuthStatusConsumer* auth_status_consumer) { |
(...skipping 16 matching lines...) Expand all Loading... |
59 PIN_GOOD = 1 << 0, | 71 PIN_GOOD = 1 << 0, |
60 PIN_TOO_SHORT = 1 << 1, | 72 PIN_TOO_SHORT = 1 << 1, |
61 PIN_TOO_LONG = 1 << 2, | 73 PIN_TOO_LONG = 1 << 2, |
62 PIN_WEAK_ERROR = 1 << 3, | 74 PIN_WEAK_ERROR = 1 << 3, |
63 PIN_WEAK_WARNING = 1 << 4, | 75 PIN_WEAK_WARNING = 1 << 4, |
64 PIN_CONTAINS_NONDIGIT = 1 << 5 | 76 PIN_CONTAINS_NONDIGIT = 1 << 5 |
65 }; | 77 }; |
66 | 78 |
67 } // namespace | 79 } // namespace |
68 | 80 |
69 class QuickUnlockPrivateUnitTest : public ExtensionApiUnittest { | 81 class QuickUnlockPrivateUnitTest |
| 82 : public ExtensionApiUnittest, |
| 83 public ::testing::WithParamInterface<quick_unlock::PinStorageType> { |
70 public: | 84 public: |
71 QuickUnlockPrivateUnitTest() | 85 QuickUnlockPrivateUnitTest() |
72 : fake_user_manager_(new FakeChromeUserManager()), | 86 : fake_user_manager_(new FakeChromeUserManager()), |
73 scoped_user_manager_(fake_user_manager_) {} | 87 scoped_user_manager_(fake_user_manager_) {} |
74 | 88 |
75 protected: | 89 protected: |
76 void SetUp() override { | 90 void SetUp() override { |
77 ExtensionApiUnittest::SetUp(); | 91 ExtensionApiUnittest::SetUp(); |
78 | 92 |
79 quick_unlock::EnableForTesting(quick_unlock::PinStorageType::kPrefs); | 93 quick_unlock::EnableForTesting(GetParam()); |
| 94 |
| 95 quick_unlock::PinBackend::ResetForTesting(); |
| 96 run_loop_ = base::MakeUnique<base::RunLoop>(); |
| 97 |
| 98 // PinBackend will run cryptohome routines even if we're just using the pref |
| 99 // backend. Make sure it has the globals needed. |
| 100 SystemSaltGetter::Get()->SetRawSaltForTesting({1, 2, 3, 4, 5, 6, 7, 8}); |
| 101 |
| 102 homedir_methods_ = new cryptohome::MockHomedirMethods(); |
| 103 ON_CALL(*homedir_methods_, GetKeyDataEx(_, _, _)) |
| 104 .WillByDefault(WithArgs<2>( |
| 105 Invoke(this, &QuickUnlockPrivateUnitTest::DoGetKeyDataCallback))); |
| 106 ON_CALL(*homedir_methods_, AddKeyEx(_, _, _, _, _)) |
| 107 .WillByDefault(WithArgs<2, 4>( |
| 108 Invoke(this, &QuickUnlockPrivateUnitTest::DoAddKeyCallback))); |
| 109 ON_CALL(*homedir_methods_, RemoveKeyEx(_, _, _, _)) |
| 110 .WillByDefault(WithArgs<2, 3>( |
| 111 Invoke(this, &QuickUnlockPrivateUnitTest::DoRemoveKeyCallback))); |
| 112 |
| 113 // InitializeForTesting takes ownership over |homedir_methods_|. |
| 114 cryptohome::HomedirMethods::InitializeForTesting(homedir_methods_); |
80 | 115 |
81 // Setup a primary user. | 116 // Setup a primary user. |
82 auto test_account = AccountId::FromUserEmail(kTestUserEmail); | 117 auto test_account = AccountId::FromUserEmail(kTestUserEmail); |
83 fake_user_manager_->AddUser(test_account); | 118 fake_user_manager_->AddUser(test_account); |
84 fake_user_manager_->UserLoggedIn(test_account, kTestUserEmailHash, false); | 119 fake_user_manager_->UserLoggedIn(test_account, kTestUserEmailHash, false); |
| 120 chromeos::ProfileHelper::Get()->SetUserToProfileMappingForTesting( |
| 121 fake_user_manager_->GetPrimaryUser(), GetProfile()); |
85 | 122 |
| 123 modes_changed_handler_ = base::Bind(&DoNothing); |
86 // Ensure that quick unlock is turned off. | 124 // Ensure that quick unlock is turned off. |
87 SetModes(QuickUnlockModeList{}, CredentialList{}); | 125 SetModes(QuickUnlockModeList{}, CredentialList{}); |
| 126 } |
88 | 127 |
89 modes_changed_handler_ = base::Bind(&DoNothing); | 128 void TearDown() override { |
| 129 PumpRunLoop(); |
| 130 run_loop_.reset(); |
| 131 |
| 132 homedir_methods_ = nullptr; |
| 133 fake_user_manager_ = nullptr; |
| 134 |
| 135 ExtensionApiUnittest::TearDown(); |
| 136 cryptohome::HomedirMethods::Shutdown(); |
| 137 } |
| 138 |
| 139 // Executes all pending tasks. |
| 140 void PumpRunLoop() { |
| 141 base::ThreadTaskRunnerHandle::Get()->PostTask( |
| 142 FROM_HERE, run_loop_->QuitWhenIdleClosure()); |
| 143 run_loop_->Run(); |
| 144 run_loop_ = base::MakeUnique<base::RunLoop>(); |
90 } | 145 } |
91 | 146 |
92 // If a mode change event is raised, fail the test. | 147 // If a mode change event is raised, fail the test. |
93 void FailIfModesChanged() { | 148 void FailIfModesChanged() { |
94 modes_changed_handler_ = base::Bind(&FailIfCalled); | 149 modes_changed_handler_ = base::Bind(&FailIfCalled); |
95 } | 150 } |
96 | 151 |
97 // If a mode change event is raised, expect the given |modes|. | 152 // If a mode change event is raised, expect the given |modes|. |
98 void ExpectModesChanged(const QuickUnlockModeList& modes) { | 153 void ExpectModesChanged(const QuickUnlockModeList& modes) { |
99 modes_changed_handler_ = | 154 modes_changed_handler_ = |
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
266 return api_test_utils::RunFunctionAndReturnError(func, args, profile()); | 321 return api_test_utils::RunFunctionAndReturnError(func, args, profile()); |
267 } | 322 } |
268 | 323 |
269 // Returns true if |password| is correct. This calls into SetModes to do so. | 324 // Returns true if |password| is correct. This calls into SetModes to do so. |
270 // This will turn off any active quick unlock modes. | 325 // This will turn off any active quick unlock modes. |
271 bool CheckPassword(const std::string& password) { | 326 bool CheckPassword(const std::string& password) { |
272 return SetModesUsingPassword(password, QuickUnlockModeList{}, | 327 return SetModesUsingPassword(password, QuickUnlockModeList{}, |
273 CredentialList{}); | 328 CredentialList{}); |
274 } | 329 } |
275 | 330 |
| 331 // Returns if the pin is set in the backend. |
| 332 bool IsPinSetInBackend() { |
| 333 const AccountId account_id = AccountId::FromUserEmail(kTestUserEmail); |
| 334 |
| 335 bool is_set = false; |
| 336 quick_unlock::PinBackend::IsSet( |
| 337 account_id, |
| 338 base::Bind([](bool* result, bool is_set) { *result = is_set; }, |
| 339 &is_set)); |
| 340 |
| 341 PumpRunLoop(); |
| 342 |
| 343 return is_set; |
| 344 } |
| 345 |
276 private: | 346 private: |
277 // Runs the given |func| with the given |params|. | 347 // Runs the given |func| with the given |params|. |
278 std::unique_ptr<base::Value> RunFunction( | 348 std::unique_ptr<base::Value> RunFunction( |
279 scoped_refptr<UIThreadExtensionFunction> func, | 349 scoped_refptr<UIThreadExtensionFunction> func, |
280 std::unique_ptr<base::ListValue> params) { | 350 std::unique_ptr<base::ListValue> params) { |
281 return std::unique_ptr<base::Value>( | 351 PumpRunLoop(); |
| 352 auto result = std::unique_ptr<base::Value>( |
282 api_test_utils::RunFunctionWithDelegateAndReturnSingleResult( | 353 api_test_utils::RunFunctionWithDelegateAndReturnSingleResult( |
283 func, std::move(params), profile(), | 354 func, std::move(params), profile(), |
284 base::MakeUnique<ExtensionFunctionDispatcher>(profile()), | 355 base::MakeUnique<ExtensionFunctionDispatcher>(profile()), |
285 api_test_utils::NONE)); | 356 api_test_utils::NONE)); |
| 357 PumpRunLoop(); |
| 358 return result; |
286 } | 359 } |
287 | 360 |
288 // Verifies a mode change event is raised and that |expected| is now the | 361 // Verifies a mode change event is raised and that |expected| is now the |
289 // active set of quick unlock modes. | 362 // active set of quick unlock modes. |
290 void ExpectModeList(const QuickUnlockModeList& expected, | 363 void ExpectModeList(const QuickUnlockModeList& expected, |
291 const QuickUnlockModeList& actual) { | 364 const QuickUnlockModeList& actual) { |
292 EXPECT_EQ(expected, actual); | 365 EXPECT_EQ(expected, actual); |
293 expect_modes_changed_ = false; | 366 expect_modes_changed_ = false; |
294 } | 367 } |
295 | 368 |
296 FakeChromeUserManager* fake_user_manager_; | 369 // Methods used to setup the mock homedir methods instance. |
| 370 void DoGetKeyDataCallback( |
| 371 const cryptohome::HomedirMethods::GetKeyDataCallback& callback) { |
| 372 callback.Run(true, cryptohome::MountError::MOUNT_ERROR_NONE, keys_); |
| 373 } |
| 374 |
| 375 void DoAddKeyCallback(const cryptohome::KeyDefinition& key, |
| 376 const cryptohome::HomedirMethods::Callback& callback) { |
| 377 keys_.push_back(key); |
| 378 callback.Run(true, cryptohome::MountError::MOUNT_ERROR_NONE); |
| 379 } |
| 380 |
| 381 void DoRemoveKeyCallback( |
| 382 const std::string& label, |
| 383 const cryptohome::HomedirMethods::Callback& callback) { |
| 384 base::EraseIf(keys_, [&label](const cryptohome::KeyDefinition& key) { |
| 385 return key.label == label; |
| 386 }); |
| 387 callback.Run(true, cryptohome::MountError::MOUNT_ERROR_NONE); |
| 388 } |
| 389 |
| 390 // Run loop that collects all pending tasks. Use |PumpRunLoop| to run them. |
| 391 std::unique_ptr<base::RunLoop> run_loop_; |
| 392 |
| 393 // Keys registered on cryptohome. |
| 394 std::vector<cryptohome::KeyDefinition> keys_; |
| 395 |
| 396 cryptohome::MockHomedirMethods* homedir_methods_ = nullptr; // Unowned |
| 397 FakeChromeUserManager* fake_user_manager_ = nullptr; |
297 ScopedUserManagerEnabler scoped_user_manager_; | 398 ScopedUserManagerEnabler scoped_user_manager_; |
298 QuickUnlockPrivateSetModesFunction::ModesChangedEventHandler | 399 QuickUnlockPrivateSetModesFunction::ModesChangedEventHandler |
299 modes_changed_handler_; | 400 modes_changed_handler_; |
300 bool expect_modes_changed_ = false; | 401 bool expect_modes_changed_ = false; |
301 | 402 |
302 DISALLOW_COPY_AND_ASSIGN(QuickUnlockPrivateUnitTest); | 403 DISALLOW_COPY_AND_ASSIGN(QuickUnlockPrivateUnitTest); |
303 }; | 404 }; |
304 | 405 |
305 // Verify that password checking works. | 406 // Verify that password checking works. |
306 TEST_F(QuickUnlockPrivateUnitTest, CheckPassword) { | 407 TEST_P(QuickUnlockPrivateUnitTest, CheckPassword) { |
307 EXPECT_TRUE(CheckPassword(kValidPassword)); | 408 EXPECT_TRUE(CheckPassword(kValidPassword)); |
308 EXPECT_FALSE(CheckPassword(kInvalidPassword)); | 409 EXPECT_FALSE(CheckPassword(kInvalidPassword)); |
309 } | 410 } |
310 | 411 |
311 // Verifies that this returns PIN for GetAvailableModes. | 412 // Verifies that this returns PIN for GetAvailableModes. |
312 TEST_F(QuickUnlockPrivateUnitTest, GetAvailableModes) { | 413 TEST_P(QuickUnlockPrivateUnitTest, GetAvailableModes) { |
313 EXPECT_EQ(GetAvailableModes(), | 414 EXPECT_EQ(GetAvailableModes(), |
314 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); | 415 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); |
315 } | 416 } |
316 | 417 |
317 // Verifies that an invalid password cannot be used to update the mode list. | 418 // Verifies that an invalid password cannot be used to update the mode list. |
318 TEST_F(QuickUnlockPrivateUnitTest, SetModesFailsWithInvalidPassword) { | 419 TEST_P(QuickUnlockPrivateUnitTest, SetModesFailsWithInvalidPassword) { |
319 // Verify there is no active mode. | 420 // Verify there is no active mode. |
320 EXPECT_EQ(GetActiveModes(), QuickUnlockModeList{}); | 421 EXPECT_EQ(GetActiveModes(), QuickUnlockModeList{}); |
321 | 422 |
322 // Try to enable PIN, but use an invalid password. Verify that no event is | 423 // Try to enable PIN, but use an invalid password. Verify that no event is |
323 // raised and GetActiveModes still returns an empty set. | 424 // raised and GetActiveModes still returns an empty set. |
324 FailIfModesChanged(); | 425 FailIfModesChanged(); |
325 EXPECT_FALSE(SetModesUsingPassword( | 426 EXPECT_FALSE(SetModesUsingPassword( |
326 kInvalidPassword, | 427 kInvalidPassword, |
327 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); | 428 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); |
328 EXPECT_EQ(GetActiveModes(), QuickUnlockModeList{}); | 429 EXPECT_EQ(GetActiveModes(), QuickUnlockModeList{}); |
329 } | 430 } |
330 | 431 |
331 // Verifies that the quickUnlockPrivate.onActiveModesChanged is only raised when | 432 // Verifies that the quickUnlockPrivate.onActiveModesChanged is only raised when |
332 // the active set of modes changes. | 433 // the active set of modes changes. |
333 TEST_F(QuickUnlockPrivateUnitTest, ModeChangeEventOnlyRaisedWhenModesChange) { | 434 TEST_P(QuickUnlockPrivateUnitTest, ModeChangeEventOnlyRaisedWhenModesChange) { |
334 // Make sure quick unlock is turned off, and then verify that turning it off | 435 // Make sure quick unlock is turned off, and then verify that turning it off |
335 // again does not trigger an event. | 436 // again does not trigger an event. |
336 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); | 437 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); |
337 FailIfModesChanged(); | 438 FailIfModesChanged(); |
338 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); | 439 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); |
339 | 440 |
340 // Turn on PIN unlock, and then verify turning it on again and also changing | 441 // Turn on PIN unlock, and then verify turning it on again and also changing |
341 // the password does not trigger an event. | 442 // the password does not trigger an event. |
342 ExpectModesChanged( | 443 ExpectModesChanged( |
343 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); | 444 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); |
344 EXPECT_TRUE(SetModes( | 445 EXPECT_TRUE(SetModes( |
345 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); | 446 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); |
346 FailIfModesChanged(); | 447 FailIfModesChanged(); |
347 EXPECT_TRUE(SetModes( | 448 EXPECT_TRUE(SetModes( |
348 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"222222"})); | 449 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"222222"})); |
349 EXPECT_TRUE(SetModes( | 450 EXPECT_TRUE(SetModes( |
350 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {""})); | 451 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {""})); |
351 } | 452 } |
352 | 453 |
353 // Ensures that quick unlock can be enabled and disabled by checking the result | 454 // Ensures that quick unlock can be enabled and disabled by checking the result |
354 // of quickUnlockPrivate.GetActiveModes and PinStorage::IsPinSet. | 455 // of quickUnlockPrivate.GetActiveModes and PinStorage::IsPinSet. |
355 TEST_F(QuickUnlockPrivateUnitTest, SetModesAndGetActiveModes) { | 456 TEST_P(QuickUnlockPrivateUnitTest, SetModesAndGetActiveModes) { |
356 quick_unlock::QuickUnlockStorage* quick_unlock_storage = | |
357 quick_unlock::QuickUnlockFactory::GetForProfile(profile()); | |
358 | |
359 // Update mode to PIN raises an event and updates GetActiveModes. | 457 // Update mode to PIN raises an event and updates GetActiveModes. |
360 ExpectModesChanged( | 458 ExpectModesChanged( |
361 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); | 459 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); |
362 EXPECT_TRUE(SetModes( | 460 EXPECT_TRUE(SetModes( |
363 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); | 461 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); |
364 EXPECT_EQ(GetActiveModes(), | 462 EXPECT_EQ(GetActiveModes(), |
365 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); | 463 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}); |
366 EXPECT_TRUE(quick_unlock_storage->pin_storage()->IsPinSet()); | 464 EXPECT_TRUE(IsPinSetInBackend()); |
367 | 465 |
368 // SetModes can be used to turn off a quick unlock mode. | 466 // SetModes can be used to turn off a quick unlock mode. |
369 ExpectModesChanged(QuickUnlockModeList{}); | 467 ExpectModesChanged(QuickUnlockModeList{}); |
370 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); | 468 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); |
371 EXPECT_EQ(GetActiveModes(), QuickUnlockModeList{}); | 469 EXPECT_EQ(GetActiveModes(), QuickUnlockModeList{}); |
372 EXPECT_FALSE(quick_unlock_storage->pin_storage()->IsPinSet()); | 470 EXPECT_FALSE(IsPinSetInBackend()); |
373 } | 471 } |
374 | 472 |
375 // Verifies that enabling PIN quick unlock actually talks to the PIN subsystem. | 473 // Verifies that enabling PIN quick unlock actually talks to the PIN subsystem. |
376 TEST_F(QuickUnlockPrivateUnitTest, VerifyAuthenticationAgainstPIN) { | 474 TEST_P(QuickUnlockPrivateUnitTest, VerifyAuthenticationAgainstPIN) { |
| 475 // Cryptohome authentication does not go through PinBackend at the moment and |
| 476 // cannot be easily tested. |
| 477 if (GetParam() == quick_unlock::PinStorageType::kCryptohome) |
| 478 return; |
| 479 |
377 quick_unlock::QuickUnlockStorage* quick_unlock_storage = | 480 quick_unlock::QuickUnlockStorage* quick_unlock_storage = |
378 quick_unlock::QuickUnlockFactory::GetForProfile(profile()); | 481 quick_unlock::QuickUnlockFactory::GetForProfile(profile()); |
| 482 quick_unlock::PinStoragePrefs* pin_storage = |
| 483 quick_unlock_storage->pin_storage_prefs(); |
379 | 484 |
380 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); | 485 EXPECT_TRUE(SetModes(QuickUnlockModeList{}, CredentialList{})); |
381 EXPECT_FALSE(quick_unlock_storage->pin_storage()->IsPinSet()); | 486 EXPECT_FALSE(IsPinSetInBackend()); |
382 | 487 |
383 EXPECT_TRUE(SetModes( | 488 EXPECT_TRUE(SetModes( |
384 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); | 489 QuickUnlockModeList{QuickUnlockMode::QUICK_UNLOCK_MODE_PIN}, {"111111"})); |
385 EXPECT_TRUE(quick_unlock_storage->pin_storage()->IsPinSet()); | 490 EXPECT_TRUE(IsPinSetInBackend()); |
386 | 491 |
387 quick_unlock_storage->MarkStrongAuth(); | 492 quick_unlock_storage->MarkStrongAuth(); |
388 quick_unlock_storage->pin_storage()->ResetUnlockAttemptCount(); | 493 pin_storage->ResetUnlockAttemptCount(); |
389 EXPECT_TRUE(quick_unlock_storage->TryAuthenticatePin("111111")); | 494 EXPECT_TRUE(pin_storage->TryAuthenticatePin("111111")); |
390 EXPECT_FALSE(quick_unlock_storage->TryAuthenticatePin("000000")); | 495 EXPECT_FALSE(pin_storage->TryAuthenticatePin("000000")); |
391 } | 496 } |
392 | 497 |
393 // Verifies that the number of modes and the number of passwords given must be | 498 // Verifies that the number of modes and the number of passwords given must be |
394 // the same. | 499 // the same. |
395 TEST_F(QuickUnlockPrivateUnitTest, ThrowErrorOnMismatchedParameterCount) { | 500 TEST_P(QuickUnlockPrivateUnitTest, ThrowErrorOnMismatchedParameterCount) { |
396 EXPECT_FALSE(SetModesWithError("[\"valid\", [\"PIN\"], []]").empty()); | 501 EXPECT_FALSE(SetModesWithError("[\"valid\", [\"PIN\"], []]").empty()); |
397 EXPECT_FALSE(SetModesWithError("[\"valid\", [], [\"11\"]]").empty()); | 502 EXPECT_FALSE(SetModesWithError("[\"valid\", [], [\"11\"]]").empty()); |
398 } | 503 } |
399 | 504 |
400 // Validates PIN error checking in conjuction with policy-related prefs. | 505 // Validates PIN error checking in conjuction with policy-related prefs. |
401 TEST_F(QuickUnlockPrivateUnitTest, CheckCredentialProblemReporting) { | 506 TEST_P(QuickUnlockPrivateUnitTest, CheckCredentialProblemReporting) { |
402 PrefService* pref_service = profile()->GetPrefs(); | 507 PrefService* pref_service = profile()->GetPrefs(); |
403 | 508 |
404 // Verify the pin checks work with the default preferences which are minimum | 509 // Verify the pin checks work with the default preferences which are minimum |
405 // length of 6, maximum length of 0 (no maximum) and no easy to guess check. | 510 // length of 6, maximum length of 0 (no maximum) and no easy to guess check. |
406 CheckPin(PIN_GOOD, "111112"); | 511 CheckPin(PIN_GOOD, "111112"); |
407 CheckPin(PIN_GOOD, "1111112"); | 512 CheckPin(PIN_GOOD, "1111112"); |
408 CheckPin(PIN_GOOD, "1111111111111112"); | 513 CheckPin(PIN_GOOD, "1111111111111112"); |
409 CheckPin(PIN_WEAK_WARNING, "111111"); | 514 CheckPin(PIN_WEAK_WARNING, "111111"); |
410 CheckPin(PIN_TOO_SHORT, "1"); | 515 CheckPin(PIN_TOO_SHORT, "1"); |
411 CheckPin(PIN_TOO_SHORT, "11"); | 516 CheckPin(PIN_TOO_SHORT, "11"); |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
463 CheckPin(PIN_WEAK_ERROR, "3210"); | 568 CheckPin(PIN_WEAK_ERROR, "3210"); |
464 CheckPin(PIN_WEAK_ERROR, "987654"); | 569 CheckPin(PIN_WEAK_ERROR, "987654"); |
465 // Too common. | 570 // Too common. |
466 CheckPin(PIN_WEAK_ERROR, "1212"); | 571 CheckPin(PIN_WEAK_ERROR, "1212"); |
467 | 572 |
468 // Verify that if a PIN has more than one error, both are returned. | 573 // Verify that if a PIN has more than one error, both are returned. |
469 CheckPin(PIN_TOO_SHORT | PIN_WEAK_ERROR, "111"); | 574 CheckPin(PIN_TOO_SHORT | PIN_WEAK_ERROR, "111"); |
470 CheckPin(PIN_TOO_SHORT | PIN_WEAK_ERROR, "234"); | 575 CheckPin(PIN_TOO_SHORT | PIN_WEAK_ERROR, "234"); |
471 } | 576 } |
472 | 577 |
473 TEST_F(QuickUnlockPrivateUnitTest, GetCredentialRequirements) { | 578 TEST_P(QuickUnlockPrivateUnitTest, GetCredentialRequirements) { |
474 PrefService* pref_service = profile()->GetPrefs(); | 579 PrefService* pref_service = profile()->GetPrefs(); |
475 | 580 |
476 // Verify that trying out PINs under the minimum/maximum lengths will send the | 581 // Verify that trying out PINs under the minimum/maximum lengths will send the |
477 // minimum/maximum lengths as additional information for display purposes. | 582 // minimum/maximum lengths as additional information for display purposes. |
478 pref_service->SetInteger(prefs::kPinUnlockMinimumLength, 6); | 583 pref_service->SetInteger(prefs::kPinUnlockMinimumLength, 6); |
479 pref_service->SetInteger(prefs::kPinUnlockMaximumLength, 8); | 584 pref_service->SetInteger(prefs::kPinUnlockMaximumLength, 8); |
480 CheckGetCredentialRequirements(6, 8); | 585 CheckGetCredentialRequirements(6, 8); |
481 | 586 |
482 // Verify that by setting a maximum length to be nonzero and smaller than the | 587 // Verify that by setting a maximum length to be nonzero and smaller than the |
483 // minimum length, the resulting maxium length will be equal to the minimum | 588 // minimum length, the resulting maxium length will be equal to the minimum |
484 // length pref. | 589 // length pref. |
485 pref_service->SetInteger(prefs::kPinUnlockMaximumLength, 4); | 590 pref_service->SetInteger(prefs::kPinUnlockMaximumLength, 4); |
486 CheckGetCredentialRequirements(6, 6); | 591 CheckGetCredentialRequirements(6, 6); |
487 | 592 |
488 // Verify that the values received from policy are sanitized. | 593 // Verify that the values received from policy are sanitized. |
489 pref_service->SetInteger(prefs::kPinUnlockMinimumLength, -3); | 594 pref_service->SetInteger(prefs::kPinUnlockMinimumLength, -3); |
490 pref_service->SetInteger(prefs::kPinUnlockMaximumLength, -3); | 595 pref_service->SetInteger(prefs::kPinUnlockMaximumLength, -3); |
491 CheckGetCredentialRequirements(1, 0); | 596 CheckGetCredentialRequirements(1, 0); |
492 } | 597 } |
| 598 |
| 599 INSTANTIATE_TEST_CASE_P( |
| 600 StorageProviders, |
| 601 QuickUnlockPrivateUnitTest, |
| 602 ::testing::Values(quick_unlock::PinStorageType::kPrefs, |
| 603 quick_unlock::PinStorageType::kCryptohome)); |
| 604 |
493 } // namespace chromeos | 605 } // namespace chromeos |
OLD | NEW |