| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback.h" | 9 #include "base/callback.h" |
| 10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| 11 #include "base/prefs/pref_registry_simple.h" | 11 #include "base/prefs/pref_registry_simple.h" |
| 12 #include "base/prefs/testing_pref_service.h" | 12 #include "base/prefs/testing_pref_service.h" |
| 13 #include "base/run_loop.h" | 13 #include "base/run_loop.h" |
| 14 #include "base/sequenced_task_runner.h" | 14 #include "base/sequenced_task_runner.h" |
| 15 #include "base/strings/string_util.h" | 15 #include "base/strings/string_util.h" |
| 16 #include "base/strings/utf_string_conversions.h" | 16 #include "base/strings/utf_string_conversions.h" |
| 17 #include "base/test/test_simple_task_runner.h" | 17 #include "base/test/test_simple_task_runner.h" |
| 18 #include "chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.h" | 18 #include "chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.h" |
| 19 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 19 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 20 #include "chrome/browser/policy/cloud/cloud_external_data_manager.h" | 20 #include "chrome/browser/policy/cloud/cloud_external_data_manager.h" |
| 21 #include "chrome/browser/policy/cloud/mock_cloud_external_data_manager.h" | 21 #include "chrome/browser/policy/cloud/mock_cloud_external_data_manager.h" |
| 22 #include "chrome/browser/policy/cloud/mock_cloud_policy_store.h" | 22 #include "chrome/browser/policy/cloud/mock_cloud_policy_store.h" |
| 23 #include "chrome/browser/policy/cloud/mock_device_management_service.h" | 23 #include "chrome/browser/policy/cloud/mock_device_management_service.h" |
| 24 #include "chrome/browser/policy/mock_configuration_policy_provider.h" | 24 #include "chrome/browser/policy/mock_configuration_policy_provider.h" |
| 25 #include "chrome/browser/policy/proto/cloud/device_management_backend.pb.h" | 25 #include "chrome/browser/policy/proto/cloud/device_management_backend.pb.h" |
| 26 #include "chrome/browser/policy/schema_registry.h" | 26 #include "chrome/browser/policy/schema_registry.h" |
| 27 #include "chrome/browser/prefs/browser_prefs.h" | 27 #include "chrome/browser/prefs/browser_prefs.h" |
| 28 #include "chrome/browser/prefs/pref_service_syncable.h" | 28 #include "chrome/browser/prefs/pref_service_syncable.h" |
| 29 #include "chrome/browser/signin/fake_profile_oauth2_token_service.h" |
| 29 #include "chrome/browser/signin/profile_oauth2_token_service.h" | 30 #include "chrome/browser/signin/profile_oauth2_token_service.h" |
| 30 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" | 31 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
| 31 #include "chrome/browser/signin/signin_manager.h" | |
| 32 #include "chrome/browser/signin/signin_manager_factory.h" | |
| 33 #include "chrome/browser/signin/token_service.h" | |
| 34 #include "chrome/browser/signin/token_service_factory.h" | |
| 35 #include "chrome/common/chrome_constants.h" | 32 #include "chrome/common/chrome_constants.h" |
| 36 #include "chrome/test/base/testing_browser_process.h" | 33 #include "chrome/test/base/testing_browser_process.h" |
| 37 #include "chrome/test/base/testing_profile.h" | 34 #include "chrome/test/base/testing_profile.h" |
| 38 #include "chrome/test/base/testing_profile_manager.h" | 35 #include "chrome/test/base/testing_profile_manager.h" |
| 39 #include "components/policy/core/common/external_data_fetcher.h" | 36 #include "components/policy/core/common/external_data_fetcher.h" |
| 40 #include "content/public/test/test_browser_thread_bundle.h" | 37 #include "content/public/test/test_browser_thread_bundle.h" |
| 41 #include "google_apis/gaia/gaia_auth_consumer.h" | 38 #include "google_apis/gaia/gaia_auth_consumer.h" |
| 39 #include "google_apis/gaia/gaia_constants.h" |
| 42 #include "google_apis/gaia/gaia_urls.h" | 40 #include "google_apis/gaia/gaia_urls.h" |
| 43 #include "net/url_request/test_url_fetcher_factory.h" | 41 #include "net/url_request/test_url_fetcher_factory.h" |
| 44 #include "net/url_request/url_fetcher_delegate.h" | 42 #include "net/url_request/url_fetcher_delegate.h" |
| 45 #include "net/url_request/url_request_context_getter.h" | 43 #include "net/url_request/url_request_context_getter.h" |
| 46 #include "net/url_request/url_request_status.h" | 44 #include "net/url_request/url_request_status.h" |
| 47 #include "policy/policy_constants.h" | 45 #include "policy/policy_constants.h" |
| 48 #include "testing/gmock/include/gmock/gmock.h" | 46 #include "testing/gmock/include/gmock/gmock.h" |
| 49 #include "testing/gtest/include/gtest/gtest.h" | 47 #include "testing/gtest/include/gtest/gtest.h" |
| 50 | 48 |
| 51 namespace em = enterprise_management; | 49 namespace em = enterprise_management; |
| 52 | 50 |
| 53 using testing::AnyNumber; | 51 using testing::AnyNumber; |
| 54 using testing::AtLeast; | 52 using testing::AtLeast; |
| 55 using testing::Mock; | 53 using testing::Mock; |
| 56 using testing::_; | 54 using testing::_; |
| 57 | 55 |
| 58 namespace policy { | 56 namespace policy { |
| 59 | 57 |
| 60 namespace { | 58 namespace { |
| 61 | 59 |
| 62 const char kOAuthTokenCookie[] = "oauth_token=1234"; | 60 const char kOAuthTokenCookie[] = "oauth_token=1234"; |
| 61 const char kTestAccountId[] = "user@gmail.com"; |
| 63 | 62 |
| 64 const char kOAuth2TokenPairData[] = | 63 const char kOAuth2TokenPairData[] = |
| 65 "{" | 64 "{" |
| 66 " \"refresh_token\": \"1234\"," | 65 " \"refresh_token\": \"1234\"," |
| 67 " \"access_token\": \"5678\"," | 66 " \"access_token\": \"5678\"," |
| 68 " \"expires_in\": 3600" | 67 " \"expires_in\": 3600" |
| 69 "}"; | 68 "}"; |
| 70 | 69 |
| 71 const char kOAuth2AccessTokenData[] = | 70 const char kOAuth2AccessTokenData[] = |
| 72 "{" | 71 "{" |
| (...skipping 11 matching lines...) Expand all Loading... |
| 84 task_runner_(new base::TestSimpleTaskRunner()), | 83 task_runner_(new base::TestSimpleTaskRunner()), |
| 85 profile_(NULL), | 84 profile_(NULL), |
| 86 signin_profile_(NULL) {} | 85 signin_profile_(NULL) {} |
| 87 | 86 |
| 88 virtual void SetUp() OVERRIDE { | 87 virtual void SetUp() OVERRIDE { |
| 89 // The initialization path that blocks on the initial policy fetch requires | 88 // The initialization path that blocks on the initial policy fetch requires |
| 90 // a signin Profile to use its URLRequestContext. | 89 // a signin Profile to use its URLRequestContext. |
| 91 profile_manager_.reset( | 90 profile_manager_.reset( |
| 92 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); | 91 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); |
| 93 ASSERT_TRUE(profile_manager_->SetUp()); | 92 ASSERT_TRUE(profile_manager_->SetUp()); |
| 93 TestingProfile::TestingFactories factories; |
| 94 factories.push_back( |
| 95 std::make_pair(ProfileOAuth2TokenServiceFactory::GetInstance(), |
| 96 FakeProfileOAuth2TokenService::Build)); |
| 94 profile_ = profile_manager_->CreateTestingProfile( | 97 profile_ = profile_manager_->CreateTestingProfile( |
| 95 chrome::kInitialProfile, scoped_ptr<PrefServiceSyncable>(), | 98 chrome::kInitialProfile, scoped_ptr<PrefServiceSyncable>(), |
| 96 UTF8ToUTF16("testing_profile"), 0, std::string()); | 99 UTF8ToUTF16("testing_profile"), 0, std::string(), factories); |
| 97 signin_profile_ = profile_manager_->CreateTestingProfile(kSigninProfile); | 100 signin_profile_ = profile_manager_->CreateTestingProfile(kSigninProfile); |
| 98 signin_profile_->ForceIncognito(true); | 101 signin_profile_->ForceIncognito(true); |
| 99 // Usually the signin Profile and the main Profile are separate, but since | 102 // Usually the signin Profile and the main Profile are separate, but since |
| 100 // the signin Profile is an OTR Profile then for this test it suffices to | 103 // the signin Profile is an OTR Profile then for this test it suffices to |
| 101 // attach it to the main Profile. | 104 // attach it to the main Profile. |
| 102 profile_->SetOffTheRecordProfile(scoped_ptr<Profile>(signin_profile_)); | 105 profile_->SetOffTheRecordProfile(scoped_ptr<Profile>(signin_profile_)); |
| 103 signin_profile_->SetOriginalProfile(profile_); | 106 signin_profile_->SetOriginalProfile(profile_); |
| 104 ASSERT_EQ(signin_profile_, chromeos::ProfileHelper::GetSigninProfile()); | 107 ASSERT_EQ(signin_profile_, chromeos::ProfileHelper::GetSigninProfile()); |
| 105 | 108 |
| 106 chrome::RegisterLocalState(prefs_.registry()); | 109 chrome::RegisterLocalState(prefs_.registry()); |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 195 fetcher->set_response_code(200); | 198 fetcher->set_response_code(200); |
| 196 fetcher->set_status(net::URLRequestStatus()); | 199 fetcher->set_status(net::URLRequestStatus()); |
| 197 return fetcher; | 200 return fetcher; |
| 198 } | 201 } |
| 199 | 202 |
| 200 // Issues the OAuth2 tokens and returns the device management register job | 203 // Issues the OAuth2 tokens and returns the device management register job |
| 201 // if the flow succeeded. | 204 // if the flow succeeded. |
| 202 MockDeviceManagementJob* IssueOAuthToken(bool has_request_token) { | 205 MockDeviceManagementJob* IssueOAuthToken(bool has_request_token) { |
| 203 EXPECT_FALSE(manager_->core()->client()->is_registered()); | 206 EXPECT_FALSE(manager_->core()->client()->is_registered()); |
| 204 | 207 |
| 205 GaiaUrls* gaia_urls = GaiaUrls::GetInstance(); | 208 // Issuing this token triggers the callback of the OAuth2PolicyFetcher, |
| 206 net::TestURLFetcher* fetcher = NULL; | 209 // which triggers the registration request. |
| 210 MockDeviceManagementJob* register_request = NULL; |
| 211 EXPECT_CALL(device_management_service_, |
| 212 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) |
| 213 .WillOnce(device_management_service_.CreateAsyncJob(®ister_request)); |
| 207 | 214 |
| 208 if (!has_request_token) { | 215 if (!has_request_token) { |
| 216 GaiaUrls* gaia_urls = GaiaUrls::GetInstance(); |
| 217 net::TestURLFetcher* fetcher = NULL; |
| 218 |
| 209 // Issue the oauth_token cookie first. | 219 // Issue the oauth_token cookie first. |
| 210 fetcher = PrepareOAuthFetcher(gaia_urls->client_login_to_oauth2_url()); | 220 fetcher = PrepareOAuthFetcher(gaia_urls->client_login_to_oauth2_url()); |
| 211 if (!fetcher) | 221 if (!fetcher) |
| 212 return NULL; | 222 return NULL; |
| 213 net::ResponseCookies cookies; | 223 net::ResponseCookies cookies; |
| 214 cookies.push_back(kOAuthTokenCookie); | 224 cookies.push_back(kOAuthTokenCookie); |
| 215 fetcher->set_cookies(cookies); | 225 fetcher->set_cookies(cookies); |
| 216 fetcher->delegate()->OnURLFetchComplete(fetcher); | 226 fetcher->delegate()->OnURLFetchComplete(fetcher); |
| 217 | 227 |
| 218 // Issue the refresh token. | 228 // Issue the refresh token. |
| 219 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); | 229 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); |
| 220 if (!fetcher) | 230 if (!fetcher) |
| 221 return NULL; | 231 return NULL; |
| 222 fetcher->SetResponseString(kOAuth2TokenPairData); | 232 fetcher->SetResponseString(kOAuth2TokenPairData); |
| 223 fetcher->delegate()->OnURLFetchComplete(fetcher); | 233 fetcher->delegate()->OnURLFetchComplete(fetcher); |
| 234 |
| 235 // Issue the access token. |
| 236 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); |
| 237 if (!fetcher) |
| 238 return NULL; |
| 239 fetcher->SetResponseString(kOAuth2AccessTokenData); |
| 240 fetcher->delegate()->OnURLFetchComplete(fetcher); |
| 241 } else { |
| 242 // Since the refresh token is available, OAuth2TokenService was used |
| 243 // to request the access token and not UserCloudPolicyTokenForwarder. |
| 244 // Issue the access token with the former. |
| 245 FakeProfileOAuth2TokenService* token_service = |
| 246 static_cast<FakeProfileOAuth2TokenService*>( |
| 247 ProfileOAuth2TokenServiceFactory::GetForProfile(profile_)); |
| 248 EXPECT_TRUE(token_service); |
| 249 OAuth2TokenService::ScopeSet scopes; |
| 250 scopes.insert(GaiaConstants::kDeviceManagementServiceOAuth); |
| 251 token_service->IssueTokenForScope( |
| 252 scopes, "5678", |
| 253 base::Time::Now() + base::TimeDelta::FromSeconds(3600)); |
| 224 } | 254 } |
| 225 | 255 |
| 226 // Issue the access token. | |
| 227 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); | |
| 228 if (!fetcher) | |
| 229 return NULL; | |
| 230 fetcher->SetResponseString(kOAuth2AccessTokenData); | |
| 231 | |
| 232 // Issuing this token triggers the callback of the OAuth2PolicyFetcher, | |
| 233 // which triggers the registration request. | |
| 234 MockDeviceManagementJob* register_request = NULL; | |
| 235 EXPECT_CALL(device_management_service_, | |
| 236 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)) | |
| 237 .WillOnce(device_management_service_.CreateAsyncJob(®ister_request)); | |
| 238 fetcher->delegate()->OnURLFetchComplete(fetcher); | |
| 239 EXPECT_TRUE(register_request); | 256 EXPECT_TRUE(register_request); |
| 240 EXPECT_FALSE(manager_->core()->client()->is_registered()); | 257 EXPECT_FALSE(manager_->core()->client()->is_registered()); |
| 241 | 258 |
| 242 Mock::VerifyAndClearExpectations(&device_management_service_); | 259 Mock::VerifyAndClearExpectations(&device_management_service_); |
| 243 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _)) | 260 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _)) |
| 244 .Times(AnyNumber()); | 261 .Times(AnyNumber()); |
| 245 | 262 |
| 246 return register_request; | 263 return register_request; |
| 247 } | 264 } |
| 248 | 265 |
| (...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 502 store_->NotifyStoreLoaded(); | 519 store_->NotifyStoreLoaded(); |
| 503 Mock::VerifyAndClearExpectations(&observer_); | 520 Mock::VerifyAndClearExpectations(&observer_); |
| 504 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); | 521 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); |
| 505 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 522 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 506 EXPECT_FALSE(manager_->core()->client()->is_registered()); | 523 EXPECT_FALSE(manager_->core()->client()->is_registered()); |
| 507 | 524 |
| 508 // The manager is waiting for the refresh token, and hasn't started any | 525 // The manager is waiting for the refresh token, and hasn't started any |
| 509 // fetchers. | 526 // fetchers. |
| 510 EXPECT_FALSE(test_url_fetcher_factory_.GetFetcherByID(0)); | 527 EXPECT_FALSE(test_url_fetcher_factory_.GetFetcherByID(0)); |
| 511 | 528 |
| 512 // Set a fake user in signin manager. This can be removed once TokenService | 529 // Set a fake refresh token at the OAuth2TokenService. |
| 513 // is removed. | 530 FakeProfileOAuth2TokenService* token_service = |
| 514 SigninManagerBase* signin_manager = | 531 static_cast<FakeProfileOAuth2TokenService*>( |
| 515 SigninManagerFactory::GetForProfile(profile_); | 532 ProfileOAuth2TokenServiceFactory::GetForProfile(profile_)); |
| 516 ASSERT_TRUE(signin_manager); | |
| 517 signin_manager->SetAuthenticatedUsername("user@gmail.com"); | |
| 518 | |
| 519 // Set a fake refresh token at the TokenService. | |
| 520 TokenService* token_service = TokenServiceFactory::GetForProfile(profile_); | |
| 521 ASSERT_TRUE(token_service); | 533 ASSERT_TRUE(token_service); |
| 522 GaiaAuthConsumer::ClientOAuthResult tokens("refresh", "access", 3600); | 534 EXPECT_FALSE(token_service->RefreshTokenIsAvailable(kTestAccountId)); |
| 523 EXPECT_FALSE(token_service->HasOAuthLoginToken()); | 535 token_service->IssueRefreshToken(kTestAccountId); |
| 524 token_service->UpdateCredentialsWithOAuth2(tokens); | 536 EXPECT_TRUE(token_service->RefreshTokenIsAvailable(kTestAccountId)); |
| 525 EXPECT_TRUE(token_service->HasOAuthLoginToken()); | |
| 526 | 537 |
| 527 // That should have notified the manager, which now issues the request for the | 538 // That should have notified the manager, which now issues the request for the |
| 528 // policy oauth token. | 539 // policy oauth token. |
| 529 MockDeviceManagementJob* register_request = IssueOAuthToken(true); | 540 MockDeviceManagementJob* register_request = IssueOAuthToken(true); |
| 530 ASSERT_TRUE(register_request); | 541 ASSERT_TRUE(register_request); |
| 531 register_request->SendResponse(DM_STATUS_SUCCESS, register_blob_); | 542 register_request->SendResponse(DM_STATUS_SUCCESS, register_blob_); |
| 532 | 543 |
| 533 // The refresh scheduler takes care of the initial fetch for unmanaged users. | 544 // The refresh scheduler takes care of the initial fetch for unmanaged users. |
| 534 // Running the task runner issues the initial fetch. | 545 // Running the task runner issues the initial fetch. |
| 535 FetchPolicy( | 546 FetchPolicy( |
| (...skipping 17 matching lines...) Expand all Loading... |
| 553 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 564 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 554 EXPECT_TRUE(manager_->core()->client()->is_registered()); | 565 EXPECT_TRUE(manager_->core()->client()->is_registered()); |
| 555 | 566 |
| 556 // The refresh scheduler takes care of the initial fetch for unmanaged users. | 567 // The refresh scheduler takes care of the initial fetch for unmanaged users. |
| 557 // Running the task runner issues the initial fetch. | 568 // Running the task runner issues the initial fetch. |
| 558 FetchPolicy( | 569 FetchPolicy( |
| 559 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_)); | 570 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_)); |
| 560 } | 571 } |
| 561 | 572 |
| 562 } // namespace policy | 573 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 59883010:
This is the fourth CL of several that will eventually replace TokenService with (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src