Cancel client auth requests when not promptable.

chrome/browser/extensions/background_xhr_apitest.cc

+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/bind.h"
+#include "base/memory/scoped_ptr.h"
+#include "base/run_loop.h"
+#include "chrome/browser/extensions/extension_apitest.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/profiles/profile_io_data.h"
+#include "chrome/browser/ui/browser.h"
+#include "content/public/browser/browser_thread.h"
+#include "net/ssl/client_cert_store.h"
+#include "net/test/spawned_test_server/spawned_test_server.h"
+
+namespace {
+
+scoped_ptr<net::ClientCertStore> CreateNullCertStore() {
+  return nullptr;
+}
+
+void InstallNullCertStoreFactoryOnIOThread(
+    content::ResourceContext* resource_context) {
+  ProfileIOData::FromResourceContext(resource_context)
+      ->set_client_cert_store_factory_for_testing(
+          base::Bind(&CreateNullCertStore));
+}
+
+}  // namespace
+
+// Test that fetching a URL using TLS client auth doesn't crash, hang, or
+// prompt.
+IN_PROC_BROWSER_TEST_F(ExtensionApiTest, BackgroundXhrTlsClientAuth) {

[asargent_no_longer_on_chrome, 2015/03/03 00:10:30]

Usually ExtensionApiTest tests are for testing extension API implementations -
the more common thing to inherit from here would be ExtensionBrowserTest
instead. But I guess that would mean you'd have to roll your own logic to call
ui_test_utils::NavigateToURL to open a tab to the "test_tls_client_auth.html"
page, and wait for a result from the test framework. Hmm.. I guess this is a
sign that the RunExtensionSubTest functionality should perhaps be hoisted up to
ExtensionBrowserTest or something. So feel free to leave as is. I guess just
keep in mind that as you end up using the ExtensionTestMessageListener thing for
passing a parameter from C++ to javascript, you might consider communicating
success/failure using that instead of using the ExtensionApiTest test framework.

[davidben, 2015/03/05 20:01:52]

Done.

+  // Install a null ClientCertStore so the client auth prompt isn't bypassed due
+  // to the system certificate store returning no certificates.
+  base::RunLoop loop;
+  content::BrowserThread::PostTaskAndReply(
+      content::BrowserThread::IO, FROM_HERE,
+      base::Bind(&InstallNullCertStoreFactoryOnIOThread,
+                 browser()->profile()->GetResourceContext()),
+      loop.QuitClosure());
+  loop.Run();
+
+  // Launch HTTPS server.
+  net::SpawnedTestServer::SSLOptions ssl_options;
+  ssl_options.request_client_certificate = true;
+  net::SpawnedTestServer https_server(
+      net::SpawnedTestServer::TYPE_HTTPS, ssl_options,
+      base::FilePath(FILE_PATH_LITERAL("content/test/data")));
+  ASSERT_TRUE(https_server.Start());
+
+  std::string url = https_server.GetURL("").spec();
+  ASSERT_TRUE(RunExtensionSubtestWithArg(
+      "background_xhr", "test_tls_client_auth.html", url.c_str()))
+      << message_;
+}
+
+// Test that fetching a URL using HTTP auth doesn't crash, hang, or prompt.
+IN_PROC_BROWSER_TEST_F(ExtensionApiTest, BackgroundXhrHttpAuth) {
+  ASSERT_TRUE(StartSpawnedTestServer());
+  ASSERT_TRUE(RunExtensionSubtest("background_xhr", "test_http_auth.html"))
+      << message_;
+}