OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" | 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
13 #include "base/message_loop/message_loop.h" | 13 #include "base/message_loop/message_loop.h" |
14 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
15 #include "base/strings/stringprintf.h" | 15 #include "base/strings/stringprintf.h" |
16 #include "chrome/browser/chromeos/login/auth/key.h" | 16 #include "chrome/browser/chromeos/login/auth/key.h" |
17 #include "chrome/browser/chromeos/login/auth/mock_login_status_consumer.h" | 17 #include "chrome/browser/chromeos/login/auth/mock_login_status_consumer.h" |
18 #include "chrome/browser/chromeos/login/auth/mock_url_fetchers.h" | 18 #include "chrome/browser/chromeos/login/auth/mock_url_fetchers.h" |
19 #include "chrome/browser/chromeos/login/auth/test_attempt_state.h" | 19 #include "chrome/browser/chromeos/login/auth/test_attempt_state.h" |
20 #include "chrome/browser/chromeos/login/auth/user_context.h" | 20 #include "chrome/browser/chromeos/login/auth/user_context.h" |
21 #include "chrome/browser/chromeos/login/users/fake_user_manager.h" | 21 #include "chrome/browser/chromeos/login/users/fake_user_manager.h" |
22 #include "chrome/browser/chromeos/login/users/user.h" | 22 #include "chrome/browser/chromeos/login/users/user.h" |
23 #include "chrome/browser/chromeos/login/users/user_manager.h" | 23 #include "chrome/browser/chromeos/login/users/user_manager.h" |
24 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" | 24 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" |
25 #include "chrome/browser/chromeos/ownership/owner_settings_service_factory.h" | 25 #include "chrome/browser/chromeos/ownership/owner_settings_service_factory.h" |
26 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 26 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
27 #include "chrome/browser/chromeos/settings/cros_settings.h" | 27 #include "chrome/browser/chromeos/settings/cros_settings.h" |
28 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | 28 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" |
29 #include "chrome/browser/chromeos/settings/mock_owner_key_util.h" | |
29 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" | 30 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" |
31 #include "chrome/test/base/testing_browser_process.h" | |
30 #include "chrome/test/base/testing_profile.h" | 32 #include "chrome/test/base/testing_profile.h" |
33 #include "chrome/test/base/testing_profile_manager.h" | |
31 #include "chromeos/chromeos_switches.h" | 34 #include "chromeos/chromeos_switches.h" |
32 #include "chromeos/cryptohome/mock_async_method_caller.h" | 35 #include "chromeos/cryptohome/mock_async_method_caller.h" |
33 #include "chromeos/cryptohome/system_salt_getter.h" | 36 #include "chromeos/cryptohome/system_salt_getter.h" |
34 #include "chromeos/dbus/fake_cryptohome_client.h" | 37 #include "chromeos/dbus/fake_cryptohome_client.h" |
35 #include "chromeos/dbus/fake_dbus_thread_manager.h" | 38 #include "chromeos/dbus/fake_dbus_thread_manager.h" |
36 #include "content/public/test/test_browser_thread_bundle.h" | 39 #include "content/public/test/test_browser_thread_bundle.h" |
40 #include "crypto/nss_util.h" | |
37 #include "google_apis/gaia/mock_url_fetcher_factory.h" | 41 #include "google_apis/gaia/mock_url_fetcher_factory.h" |
38 #include "net/base/net_errors.h" | 42 #include "net/base/net_errors.h" |
39 #include "net/url_request/url_request_status.h" | 43 #include "net/url_request/url_request_status.h" |
40 #include "testing/gmock/include/gmock/gmock.h" | 44 #include "testing/gmock/include/gmock/gmock.h" |
41 #include "testing/gtest/include/gtest/gtest.h" | 45 #include "testing/gtest/include/gtest/gtest.h" |
42 #include "third_party/cros_system_api/dbus/service_constants.h" | 46 #include "third_party/cros_system_api/dbus/service_constants.h" |
43 #include "url/gurl.h" | 47 #include "url/gurl.h" |
44 | 48 |
45 using ::testing::Invoke; | 49 using ::testing::Invoke; |
46 using ::testing::Return; | 50 using ::testing::Return; |
47 using ::testing::_; | 51 using ::testing::_; |
48 | 52 |
49 namespace chromeos { | 53 namespace chromeos { |
50 | 54 |
51 class ParallelAuthenticatorTest : public testing::Test { | 55 class ParallelAuthenticatorTest : public testing::Test { |
52 public: | 56 public: |
53 ParallelAuthenticatorTest() | 57 ParallelAuthenticatorTest() |
54 : user_context_("me@nowhere.org"), | 58 : user_context_("me@nowhere.org"), |
55 user_manager_(new FakeUserManager()), | 59 user_manager_(new FakeUserManager()), |
56 user_manager_enabler_(user_manager_), | 60 user_manager_enabler_(user_manager_), |
57 mock_caller_(NULL) { | 61 mock_caller_(NULL), |
62 owner_key_util_(new MockOwnerKeyUtil) { | |
58 user_context_.SetKey(Key("fakepass")); | 63 user_context_.SetKey(Key("fakepass")); |
64 user_context_.SetUserIDHash("me_nowhere_com_hash"); | |
59 const User* user = user_manager_->AddUser(user_context_.GetUserID()); | 65 const User* user = user_manager_->AddUser(user_context_.GetUserID()); |
60 profile_.set_profile_name(user_context_.GetUserID()); | 66 profile_.set_profile_name(user_context_.GetUserID()); |
61 | 67 |
62 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, &profile_); | 68 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, &profile_); |
63 | 69 |
64 transformed_key_ = *user_context_.GetKey(); | 70 transformed_key_ = *user_context_.GetKey(); |
65 transformed_key_.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, | 71 transformed_key_.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, |
66 SystemSaltGetter::ConvertRawSaltToHexString( | 72 SystemSaltGetter::ConvertRawSaltToHexString( |
67 FakeCryptohomeClient::GetStubSystemSalt())); | 73 FakeCryptohomeClient::GetStubSystemSalt())); |
68 } | 74 } |
69 | 75 |
70 virtual ~ParallelAuthenticatorTest() { | 76 virtual ~ParallelAuthenticatorTest() { |
71 DCHECK(!mock_caller_); | 77 DCHECK(!mock_caller_); |
72 } | 78 } |
73 | 79 |
74 virtual void SetUp() { | 80 virtual void SetUp() { |
75 CommandLine::ForCurrentProcess()->AppendSwitch(switches::kLoginManager); | 81 CommandLine::ForCurrentProcess()->AppendSwitch(switches::kLoginManager); |
76 | 82 |
77 mock_caller_ = new cryptohome::MockAsyncMethodCaller; | 83 mock_caller_ = new cryptohome::MockAsyncMethodCaller; |
78 cryptohome::AsyncMethodCaller::InitializeForTesting(mock_caller_); | 84 cryptohome::AsyncMethodCaller::InitializeForTesting(mock_caller_); |
79 | 85 |
80 FakeDBusThreadManager* fake_dbus_thread_manager = new FakeDBusThreadManager; | 86 FakeDBusThreadManager* fake_dbus_thread_manager = new FakeDBusThreadManager; |
81 fake_cryptohome_client_ = new FakeCryptohomeClient; | 87 fake_cryptohome_client_ = new FakeCryptohomeClient; |
82 fake_dbus_thread_manager->SetCryptohomeClient( | 88 fake_dbus_thread_manager->SetCryptohomeClient( |
83 scoped_ptr<CryptohomeClient>(fake_cryptohome_client_)); | 89 scoped_ptr<CryptohomeClient>(fake_cryptohome_client_)); |
84 DBusThreadManager::InitializeForTesting(fake_dbus_thread_manager); | 90 DBusThreadManager::InitializeForTesting(fake_dbus_thread_manager); |
85 | 91 |
86 SystemSaltGetter::Initialize(); | 92 SystemSaltGetter::Initialize(); |
87 | 93 |
94 OwnerSettingsService::SetOwnerKeyUtilForTesting(owner_key_util_); | |
95 | |
88 auth_ = new ParallelAuthenticator(&consumer_); | 96 auth_ = new ParallelAuthenticator(&consumer_); |
89 state_.reset(new TestAttemptState(user_context_, false)); | 97 state_.reset(new TestAttemptState(user_context_, false)); |
Ryan Sleevi
2014/07/01 18:51:33
Random aside; Why is this all in SetUp/TearDown, a
tbarzic
2014/07/01 23:55:03
Not sure about background for these..
Though, I th
| |
90 } | 98 } |
91 | 99 |
92 // Tears down the test fixture. | 100 // Tears down the test fixture. |
93 virtual void TearDown() { | 101 virtual void TearDown() { |
102 OwnerSettingsService::SetOwnerKeyUtilForTesting(NULL); | |
94 SystemSaltGetter::Shutdown(); | 103 SystemSaltGetter::Shutdown(); |
95 DBusThreadManager::Shutdown(); | 104 DBusThreadManager::Shutdown(); |
96 | 105 |
97 cryptohome::AsyncMethodCaller::Shutdown(); | 106 cryptohome::AsyncMethodCaller::Shutdown(); |
98 mock_caller_ = NULL; | 107 mock_caller_ = NULL; |
99 } | 108 } |
100 | 109 |
101 base::FilePath PopulateTempFile(const char* data, int data_len) { | 110 base::FilePath PopulateTempFile(const char* data, int data_len) { |
102 base::FilePath out; | 111 base::FilePath out; |
103 FILE* tmp_file = base::CreateAndOpenTemporaryFile(&out); | 112 FILE* tmp_file = base::CreateAndOpenTemporaryFile(&out); |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
186 | 195 |
187 content::TestBrowserThreadBundle thread_bundle_; | 196 content::TestBrowserThreadBundle thread_bundle_; |
188 | 197 |
189 UserContext user_context_; | 198 UserContext user_context_; |
190 Key transformed_key_; | 199 Key transformed_key_; |
191 | 200 |
192 ScopedDeviceSettingsTestHelper device_settings_test_helper_; | 201 ScopedDeviceSettingsTestHelper device_settings_test_helper_; |
193 ScopedTestCrosSettings test_cros_settings_; | 202 ScopedTestCrosSettings test_cros_settings_; |
194 | 203 |
195 TestingProfile profile_; | 204 TestingProfile profile_; |
205 scoped_ptr<TestingProfileManager> profile_manager_; | |
196 FakeUserManager* user_manager_; | 206 FakeUserManager* user_manager_; |
197 ScopedUserManagerEnabler user_manager_enabler_; | 207 ScopedUserManagerEnabler user_manager_enabler_; |
198 | 208 |
199 cryptohome::MockAsyncMethodCaller* mock_caller_; | 209 cryptohome::MockAsyncMethodCaller* mock_caller_; |
200 | 210 |
211 crypto::ScopedTestNSSDB test_nssdb_; | |
212 | |
201 MockConsumer consumer_; | 213 MockConsumer consumer_; |
202 scoped_refptr<ParallelAuthenticator> auth_; | 214 scoped_refptr<ParallelAuthenticator> auth_; |
203 scoped_ptr<TestAttemptState> state_; | 215 scoped_ptr<TestAttemptState> state_; |
204 FakeCryptohomeClient* fake_cryptohome_client_; | 216 FakeCryptohomeClient* fake_cryptohome_client_; |
217 | |
218 scoped_refptr<MockOwnerKeyUtil> owner_key_util_; | |
205 }; | 219 }; |
206 | 220 |
207 TEST_F(ParallelAuthenticatorTest, OnLoginSuccess) { | 221 TEST_F(ParallelAuthenticatorTest, OnLoginSuccess) { |
208 EXPECT_CALL(consumer_, OnLoginSuccess(user_context_)) | 222 EXPECT_CALL(consumer_, OnLoginSuccess(user_context_)) |
209 .Times(1) | 223 .Times(1) |
210 .RetiresOnSaturation(); | 224 .RetiresOnSaturation(); |
211 | 225 |
212 SetAttemptState(auth_.get(), state_.release()); | 226 SetAttemptState(auth_.get(), state_.release()); |
213 auth_->OnLoginSuccess(); | 227 auth_->OnLoginSuccess(); |
214 } | 228 } |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
269 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 283 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
270 SetOwnerState(false, false); | 284 SetOwnerState(false, false); |
271 // Test that the mount has succeeded. | 285 // Test that the mount has succeeded. |
272 state_.reset(new TestAttemptState(user_context_, false)); | 286 state_.reset(new TestAttemptState(user_context_, false)); |
273 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 287 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
274 EXPECT_EQ(ParallelAuthenticator::OFFLINE_LOGIN, | 288 EXPECT_EQ(ParallelAuthenticator::OFFLINE_LOGIN, |
275 SetAndResolveState(auth_.get(), state_.release())); | 289 SetAndResolveState(auth_.get(), state_.release())); |
276 } | 290 } |
277 | 291 |
278 TEST_F(ParallelAuthenticatorTest, ResolveOwnerNeededFailedMount) { | 292 TEST_F(ParallelAuthenticatorTest, ResolveOwnerNeededFailedMount) { |
293 profile_manager_.reset( | |
294 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); | |
295 ASSERT_TRUE(profile_manager_->SetUp()); | |
296 | |
279 FailOnLoginSuccess(); // Set failing on success as the default... | 297 FailOnLoginSuccess(); // Set failing on success as the default... |
280 LoginFailure failure = LoginFailure(LoginFailure::OWNER_REQUIRED); | 298 LoginFailure failure = LoginFailure(LoginFailure::OWNER_REQUIRED); |
281 ExpectLoginFailure(failure); | 299 ExpectLoginFailure(failure); |
282 | 300 |
283 fake_cryptohome_client_->set_unmount_result(true); | 301 fake_cryptohome_client_->set_unmount_result(true); |
284 | 302 |
285 CrosSettingsProvider* device_settings_provider; | 303 CrosSettingsProvider* device_settings_provider; |
286 StubCrosSettingsProvider stub_settings_provider; | 304 StubCrosSettingsProvider stub_settings_provider; |
287 // Set up state as though a cryptohome mount attempt has occurred | 305 // Set up state as though a cryptohome mount attempt has occurred |
288 // and succeeded but we are in safe mode and the current user is not owner. | 306 // and succeeded but we are in safe mode and the current user is not owner. |
289 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 307 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
290 SetOwnerState(false, false); | 308 SetOwnerState(false, false); |
291 // Remove the real DeviceSettingsProvider and replace it with a stub. | 309 // Remove the real DeviceSettingsProvider and replace it with a stub. |
292 device_settings_provider = | 310 device_settings_provider = |
293 CrosSettings::Get()->GetProvider(chromeos::kReportDeviceVersionInfo); | 311 CrosSettings::Get()->GetProvider(chromeos::kReportDeviceVersionInfo); |
294 EXPECT_TRUE(device_settings_provider != NULL); | 312 EXPECT_TRUE(device_settings_provider != NULL); |
295 EXPECT_TRUE( | 313 EXPECT_TRUE( |
296 CrosSettings::Get()->RemoveSettingsProvider(device_settings_provider)); | 314 CrosSettings::Get()->RemoveSettingsProvider(device_settings_provider)); |
297 CrosSettings::Get()->AddSettingsProvider(&stub_settings_provider); | 315 CrosSettings::Get()->AddSettingsProvider(&stub_settings_provider); |
298 CrosSettings::Get()->SetBoolean(kPolicyMissingMitigationMode, true); | 316 CrosSettings::Get()->SetBoolean(kPolicyMissingMitigationMode, true); |
299 | 317 |
300 // Initialize login state for this test to verify the login state is changed | 318 // Initialize login state for this test to verify the login state is changed |
301 // to SAFE_MODE. | 319 // to SAFE_MODE. |
302 LoginState::Initialize(); | 320 LoginState::Initialize(); |
303 | 321 |
304 EXPECT_EQ(ParallelAuthenticator::CONTINUE, | 322 EXPECT_EQ(ParallelAuthenticator::CONTINUE, |
305 SetAndResolveState(auth_.get(), state_.release())); | 323 SetAndResolveState(auth_.get(), state_.release())); |
306 EXPECT_TRUE(LoginState::Get()->IsInSafeMode()); | 324 EXPECT_TRUE(LoginState::Get()->IsInSafeMode()); |
307 | 325 |
308 // Simulate TPM token ready event. | |
309 OwnerSettingsService* service = | |
310 OwnerSettingsServiceFactory::GetForProfile(&profile_); | |
311 ASSERT_TRUE(service); | |
312 service->OnTPMTokenReady(); | |
313 | |
314 // Flush all the pending operations. The operations should induce an owner | 326 // Flush all the pending operations. The operations should induce an owner |
315 // verification. | 327 // verification. |
316 device_settings_test_helper_.Flush(); | 328 device_settings_test_helper_.Flush(); |
317 // Test that the mount has succeeded. | 329 |
318 state_.reset(new TestAttemptState(user_context_, false)); | 330 state_.reset(new TestAttemptState(user_context_, false)); |
319 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 331 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
332 | |
333 // The owner key util should not have found the owner key, so login should | |
334 // not be allowed. | |
320 EXPECT_EQ(ParallelAuthenticator::OWNER_REQUIRED, | 335 EXPECT_EQ(ParallelAuthenticator::OWNER_REQUIRED, |
321 SetAndResolveState(auth_.get(), state_.release())); | 336 SetAndResolveState(auth_.get(), state_.release())); |
337 EXPECT_TRUE(LoginState::Get()->IsInSafeMode()); | |
322 | 338 |
323 // Unset global objects used by this test. | 339 // Unset global objects used by this test. |
324 LoginState::Shutdown(); | 340 LoginState::Shutdown(); |
325 EXPECT_TRUE( | 341 EXPECT_TRUE( |
326 CrosSettings::Get()->RemoveSettingsProvider(&stub_settings_provider)); | 342 CrosSettings::Get()->RemoveSettingsProvider(&stub_settings_provider)); |
327 CrosSettings::Get()->AddSettingsProvider(device_settings_provider); | 343 CrosSettings::Get()->AddSettingsProvider(device_settings_provider); |
328 } | 344 } |
329 | 345 |
330 TEST_F(ParallelAuthenticatorTest, DriveFailedMount) { | 346 TEST_F(ParallelAuthenticatorTest, DriveFailedMount) { |
331 FailOnLoginSuccess(); | 347 FailOnLoginSuccess(); |
(...skipping 269 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
601 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 617 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
602 EXPECT_CALL(*mock_caller_, AsyncCheckKey(user_context_.GetUserID(), _, _)) | 618 EXPECT_CALL(*mock_caller_, AsyncCheckKey(user_context_.GetUserID(), _, _)) |
603 .Times(1) | 619 .Times(1) |
604 .RetiresOnSaturation(); | 620 .RetiresOnSaturation(); |
605 | 621 |
606 auth_->AuthenticateToUnlock(user_context_); | 622 auth_->AuthenticateToUnlock(user_context_); |
607 base::MessageLoop::current()->Run(); | 623 base::MessageLoop::current()->Run(); |
608 } | 624 } |
609 | 625 |
610 } // namespace chromeos | 626 } // namespace chromeos |
OLD | NEW |