Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(106)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/login/signin/oauth2_browsertest.cc

Issue 2903123002: cros: Terminate if merge session fails for online sign-in (Closed)
Patch Set: add comments Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/chromeos/login/session/user_session_manager.cc ('k') | google_apis/gaia/fake_gaia.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <string> 5 #include <string>
6 #include <utility> 6 #include <utility>
7 7
8 #include "base/macros.h" 8 #include "base/macros.h"
9 #include "base/memory/ptr_util.h" 9 #include "base/memory/ptr_util.h"
10 #include "base/message_loop/message_loop.h" 10 #include "base/message_loop/message_loop.h"
(...skipping 569 matching lines...) Expand 10 before | Expand all | Expand 10 after
580 login_manager->ContinueSessionRestore(); 580 login_manager->ContinueSessionRestore();
581 581
582 // Let go DB thread to finish TokenService::LoadCredentials. 582 // Let go DB thread to finish TokenService::LoadCredentials.
583 db_blocker.reset(); 583 db_blocker.reset();
584 584
585 // Session restore can finish normally and token is loaded. 585 // Session restore can finish normally and token is loaded.
586 WaitForMergeSessionCompletion(OAuth2LoginManager::SESSION_RESTORE_DONE); 586 WaitForMergeSessionCompletion(OAuth2LoginManager::SESSION_RESTORE_DONE);
587 EXPECT_TRUE(token_service->RefreshTokenIsAvailable(account_id)); 587 EXPECT_TRUE(token_service->RefreshTokenIsAvailable(account_id));
588 } 588 }
589 589
590 // Tests that user session is terminated if merge session fails for an online
591 // sign-in. This is necessary to prevent policy exploit.
592 // See http://crbug.com/677312
593 IN_PROC_BROWSER_TEST_F(OAuth2Test, TerminateOnBadMergeSessionAfterOnlineAuth) {
594 SimulateNetworkOnline();
595 WaitForGaiaPageLoad();
596
597 content::WindowedNotificationObserver termination_waiter(
598 chrome::NOTIFICATION_APP_TERMINATING,
599 content::NotificationService::AllSources());
600
601 // Configure FakeGaia so that online auth succeeds but merge session fails.
602 FakeGaia::MergeSessionParams params;
603 params.auth_sid_cookie = kTestAuthSIDCookie;
604 params.auth_lsid_cookie = kTestAuthLSIDCookie;
605 params.auth_code = kTestAuthCode;
606 params.refresh_token = kTestRefreshToken;
607 params.access_token = kTestAuthLoginAccessToken;
608 fake_gaia_->SetMergeSessionParams(params);
609
610 // Simulate an online sign-in.
611 GetLoginDisplay()->ShowSigninScreenForCreds(kTestEmail, kTestAccountPassword);
612
613 // User session should be terminated.
614 termination_waiter.Wait();
615
616 // Merge session should fail. Check after |termination_waiter| to ensure
617 // user profile is initialized and there is an OAuth2LoginManage.
618 WaitForMergeSessionCompletion(OAuth2LoginManager::SESSION_RESTORE_FAILED);
619 }
620
590 const char kGooglePageContent[] = 621 const char kGooglePageContent[] =
591 "<html><title>Hello!</title><script>alert('hello');</script>" 622 "<html><title>Hello!</title><script>alert('hello');</script>"
592 "<body>Hello Google!</body></html>"; 623 "<body>Hello Google!</body></html>";
593 const char kRandomPageContent[] = 624 const char kRandomPageContent[] =
594 "<html><title>SomthingElse</title><body>I am SomethingElse</body></html>"; 625 "<html><title>SomthingElse</title><body>I am SomethingElse</body></html>";
595 const char kHelloPagePath[] = "/hello_google"; 626 const char kHelloPagePath[] = "/hello_google";
596 const char kRandomPagePath[] = "/non_google_page"; 627 const char kRandomPagePath[] = "/non_google_page";
597 628
598 629
599 // FakeGoogle serves content of http://www.google.com/hello_google page for 630 // FakeGoogle serves content of http://www.google.com/hello_google page for
(...skipping 291 matching lines...) Expand 10 before | Expand all | Expand 10 after
891 922
892 if (!catcher.GetNextResult()) { 923 if (!catcher.GetNextResult()) {
893 std::string message = catcher.message(); 924 std::string message = catcher.message();
894 ADD_FAILURE() << "Tests failed: " << message; 925 ADD_FAILURE() << "Tests failed: " << message;
895 } 926 }
896 927
897 EXPECT_TRUE(fake_google_.IsPageRequested()); 928 EXPECT_TRUE(fake_google_.IsPageRequested());
898 } 929 }
899 930
900 } // namespace chromeos 931 } // namespace chromeos
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/login/session/user_session_manager.cc ('k') | google_apis/gaia/fake_gaia.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698