| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/files/file_path.h" | 5 #include "base/files/file_path.h" |
| 6 #include "base/message_loop/message_loop.h" | 6 #include "base/message_loop/message_loop.h" |
| 7 #include "base/message_loop/message_loop_proxy.h" | 7 #include "base/message_loop/message_loop_proxy.h" |
| 8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
| 9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| (...skipping 15 matching lines...) Expand all Loading... |
| 26 #include "chrome/test/base/testing_browser_process.h" | 26 #include "chrome/test/base/testing_browser_process.h" |
| 27 #include "chrome/test/base/testing_pref_service_syncable.h" | 27 #include "chrome/test/base/testing_pref_service_syncable.h" |
| 28 #include "chrome/test/base/testing_profile.h" | 28 #include "chrome/test/base/testing_profile.h" |
| 29 #include "components/policy/core/browser/browser_policy_connector.h" | 29 #include "components/policy/core/browser/browser_policy_connector.h" |
| 30 #include "components/policy/core/common/cloud/cloud_external_data_manager.h" | 30 #include "components/policy/core/common/cloud/cloud_external_data_manager.h" |
| 31 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 31 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 32 #include "components/policy/core/common/cloud/mock_device_management_service.h" | 32 #include "components/policy/core/common/cloud/mock_device_management_service.h" |
| 33 #include "components/policy/core/common/cloud/mock_user_cloud_policy_store.h" | 33 #include "components/policy/core/common/cloud/mock_user_cloud_policy_store.h" |
| 34 #include "components/policy/core/common/cloud/user_cloud_policy_manager.h" | 34 #include "components/policy/core/common/cloud/user_cloud_policy_manager.h" |
| 35 #include "components/policy/core/common/schema_registry.h" | 35 #include "components/policy/core/common/schema_registry.h" |
| 36 #include "components/signin/core/browser/account_tracker_service.h" |
| 36 #include "components/signin/core/browser/signin_manager.h" | 37 #include "components/signin/core/browser/signin_manager.h" |
| 37 #include "content/public/browser/browser_context.h" | 38 #include "content/public/browser/browser_context.h" |
| 38 #include "content/public/browser/notification_details.h" | 39 #include "content/public/browser/notification_details.h" |
| 39 #include "content/public/browser/notification_service.h" | 40 #include "content/public/browser/notification_service.h" |
| 40 #include "content/public/browser/notification_source.h" | 41 #include "content/public/browser/notification_source.h" |
| 41 #include "content/public/test/test_browser_thread_bundle.h" | 42 #include "content/public/test/test_browser_thread_bundle.h" |
| 42 #include "google_apis/gaia/gaia_constants.h" | 43 #include "google_apis/gaia/gaia_constants.h" |
| 43 #include "google_apis/gaia/google_service_auth_error.h" | 44 #include "google_apis/gaia/google_service_auth_error.h" |
| 44 #include "net/http/http_status_code.h" | 45 #include "net/http/http_status_code.h" |
| 45 #include "net/url_request/test_url_fetcher_factory.h" | 46 #include "net/url_request/test_url_fetcher_factory.h" |
| (...skipping 12 matching lines...) Expand all Loading... |
| 58 namespace em = enterprise_management; | 59 namespace em = enterprise_management; |
| 59 | 60 |
| 60 using testing::AnyNumber; | 61 using testing::AnyNumber; |
| 61 using testing::Mock; | 62 using testing::Mock; |
| 62 using testing::_; | 63 using testing::_; |
| 63 | 64 |
| 64 namespace policy { | 65 namespace policy { |
| 65 | 66 |
| 66 namespace { | 67 namespace { |
| 67 | 68 |
| 69 const char kTestGaiaId[] = "gaia-id-testuser@test.com"; |
| 68 const char kTestUser[] = "testuser@test.com"; | 70 const char kTestUser[] = "testuser@test.com"; |
| 69 | 71 |
| 70 #if !defined(OS_ANDROID) | 72 #if !defined(OS_ANDROID) |
| 71 const char kValidTokenResponse[] = | 73 const char kValidTokenResponse[] = |
| 72 "{" | 74 "{" |
| 73 " \"access_token\": \"at1\"," | 75 " \"access_token\": \"at1\"," |
| 74 " \"expires_in\": 3600," | 76 " \"expires_in\": 3600," |
| 75 " \"token_type\": \"Bearer\"" | 77 " \"token_type\": \"Bearer\"" |
| 76 "}"; | 78 "}"; |
| 77 #endif | 79 #endif |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 127 register_completed_ = true; | 129 register_completed_ = true; |
| 128 dm_token_ = dm_token; | 130 dm_token_ = dm_token; |
| 129 client_id_ = client_id; | 131 client_id_ = client_id; |
| 130 } | 132 } |
| 131 | 133 |
| 132 void RegisterPolicyClientWithCallback(UserPolicySigninService* service) { | 134 void RegisterPolicyClientWithCallback(UserPolicySigninService* service) { |
| 133 // Policy client registration on Android depends on Token Service having | 135 // Policy client registration on Android depends on Token Service having |
| 134 // a valid login token, while on other platforms, the login refresh token | 136 // a valid login token, while on other platforms, the login refresh token |
| 135 // is specified directly. | 137 // is specified directly. |
| 136 #if defined(OS_ANDROID) | 138 #if defined(OS_ANDROID) |
| 137 GetTokenService()->IssueRefreshTokenForUser(kTestUser, | 139 GetTokenService()->IssueRefreshTokenForUser( |
| 138 "oauth2_login_refresh_token"); | 140 AccountTrackerService::PickAccountIdForAccount( |
| 141 profile_.get()->GetPrefs(), kTestGaiaId, kTestUser), |
| 142 "oauth2_login_refresh_token"); |
| 139 #endif | 143 #endif |
| 140 service->RegisterForPolicy( | 144 service->RegisterForPolicy( |
| 141 kTestUser, | 145 kTestUser, |
| 142 #if !defined(OS_ANDROID) | 146 #if !defined(OS_ANDROID) |
| 143 "mock_oauth_token", | 147 "mock_oauth_token", |
| 144 #endif | 148 #endif |
| 145 base::Bind(&UserPolicySigninServiceTest::OnRegisterCompleted, | 149 base::Bind(&UserPolicySigninServiceTest::OnRegisterCompleted, |
| 146 base::Unretained(this))); | 150 base::Unretained(this))); |
| 147 ASSERT_TRUE(IsRequestActive()); | 151 ASSERT_TRUE(IsRequestActive()); |
| 148 } | 152 } |
| (...skipping 234 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 383 }; | 387 }; |
| 384 | 388 |
| 385 class UserPolicySigninServiceSignedInTest : public UserPolicySigninServiceTest { | 389 class UserPolicySigninServiceSignedInTest : public UserPolicySigninServiceTest { |
| 386 public: | 390 public: |
| 387 void AddProfile() override { | 391 void AddProfile() override { |
| 388 // UserCloudPolicyManager should not be initialized. | 392 // UserCloudPolicyManager should not be initialized. |
| 389 ASSERT_FALSE(manager_->core()->service()); | 393 ASSERT_FALSE(manager_->core()->service()); |
| 390 | 394 |
| 391 // Set the user as signed in. | 395 // Set the user as signed in. |
| 392 SigninManagerFactory::GetForProfile(profile_.get())-> | 396 SigninManagerFactory::GetForProfile(profile_.get())-> |
| 393 SetAuthenticatedUsername(kTestUser); | 397 SetAuthenticatedAccountInfo(kTestGaiaId, kTestUser); |
| 394 | 398 |
| 395 // Let the SigninService know that the profile has been created. | 399 // Let the SigninService know that the profile has been created. |
| 396 content::NotificationService::current()->Notify( | 400 content::NotificationService::current()->Notify( |
| 397 chrome::NOTIFICATION_PROFILE_ADDED, | 401 chrome::NOTIFICATION_PROFILE_ADDED, |
| 398 content::Source<Profile>(profile_.get()), | 402 content::Source<Profile>(profile_.get()), |
| 399 content::NotificationService::NoDetails()); | 403 content::NotificationService::NoDetails()); |
| 400 } | 404 } |
| 401 }; | 405 }; |
| 402 | 406 |
| 403 TEST_F(UserPolicySigninServiceTest, InitWhileSignedOut) { | 407 TEST_F(UserPolicySigninServiceTest, InitWhileSignedOut) { |
| (...skipping 14 matching lines...) Expand all Loading... |
| 418 // UserCloudPolicyManager should be initialized. | 422 // UserCloudPolicyManager should be initialized. |
| 419 ASSERT_TRUE(manager_->core()->service()); | 423 ASSERT_TRUE(manager_->core()->service()); |
| 420 | 424 |
| 421 // Complete initialization of the store. | 425 // Complete initialization of the store. |
| 422 mock_store_->NotifyStoreLoaded(); | 426 mock_store_->NotifyStoreLoaded(); |
| 423 | 427 |
| 424 // No oauth access token yet, so client registration should be deferred. | 428 // No oauth access token yet, so client registration should be deferred. |
| 425 ASSERT_FALSE(IsRequestActive()); | 429 ASSERT_FALSE(IsRequestActive()); |
| 426 | 430 |
| 427 // Make oauth token available. | 431 // Make oauth token available. |
| 428 GetTokenService()->IssueRefreshTokenForUser(kTestUser, | 432 GetTokenService()->IssueRefreshTokenForUser( |
| 429 "oauth_login_refresh_token"); | 433 SigninManagerFactory::GetForProfile(profile_.get()) |
| 434 ->GetAuthenticatedAccountId(), |
| 435 "oauth_login_refresh_token"); |
| 430 | 436 |
| 431 // Client registration should be in progress since we now have an oauth token. | 437 // Client registration should be in progress since we now have an oauth token. |
| 432 EXPECT_EQ(mock_store_->signin_username_, kTestUser); | 438 EXPECT_EQ(mock_store_->signin_username_, kTestUser); |
| 433 ASSERT_TRUE(IsRequestActive()); | 439 ASSERT_TRUE(IsRequestActive()); |
| 434 } | 440 } |
| 435 | 441 |
| 436 TEST_F(UserPolicySigninServiceSignedInTest, InitWhileSignedInOAuthError) { | 442 TEST_F(UserPolicySigninServiceSignedInTest, InitWhileSignedInOAuthError) { |
| 437 // UserCloudPolicyManager should be initialized. | 443 // UserCloudPolicyManager should be initialized. |
| 438 ASSERT_TRUE(manager_->core()->service()); | 444 ASSERT_TRUE(manager_->core()->service()); |
| 439 | 445 |
| 440 // Complete initialization of the store. | 446 // Complete initialization of the store. |
| 441 mock_store_->NotifyStoreLoaded(); | 447 mock_store_->NotifyStoreLoaded(); |
| 442 | 448 |
| 443 // No oauth access token yet, so client registration should be deferred. | 449 // No oauth access token yet, so client registration should be deferred. |
| 444 ASSERT_FALSE(IsRequestActive()); | 450 ASSERT_FALSE(IsRequestActive()); |
| 445 | 451 |
| 446 // Make oauth token available. | 452 // Make oauth token available. |
| 447 GetTokenService()->IssueRefreshTokenForUser(kTestUser, | 453 GetTokenService()->IssueRefreshTokenForUser( |
| 448 "oauth_login_refresh_token"); | 454 SigninManagerFactory::GetForProfile(profile_.get()) |
| 455 ->GetAuthenticatedAccountId(), |
| 456 "oauth_login_refresh_token"); |
| 449 | 457 |
| 450 // Client registration should be in progress since we now have an oauth token. | 458 // Client registration should be in progress since we now have an oauth token. |
| 451 ASSERT_TRUE(IsRequestActive()); | 459 ASSERT_TRUE(IsRequestActive()); |
| 452 | 460 |
| 453 // Now fail the access token fetch. | 461 // Now fail the access token fetch. |
| 454 GoogleServiceAuthError error( | 462 GoogleServiceAuthError error( |
| 455 GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS); | 463 GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS); |
| 456 GetTokenService()->IssueErrorForAllPendingRequests(error); | 464 GetTokenService()->IssueErrorForAllPendingRequests(error); |
| 457 ASSERT_FALSE(IsRequestActive()); | 465 ASSERT_FALSE(IsRequestActive()); |
| 458 } | 466 } |
| 459 | 467 |
| 460 TEST_F(UserPolicySigninServiceTest, SignInAfterInit) { | 468 TEST_F(UserPolicySigninServiceTest, SignInAfterInit) { |
| 461 // UserCloudPolicyManager should not be initialized since there is no | 469 // UserCloudPolicyManager should not be initialized since there is no |
| 462 // signed-in user. | 470 // signed-in user. |
| 463 ASSERT_FALSE(manager_->core()->service()); | 471 ASSERT_FALSE(manager_->core()->service()); |
| 464 | 472 |
| 465 // Now sign in the user. | 473 // Now sign in the user. |
| 466 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | 474 SigninManagerFactory::GetForProfile(profile_.get()) |
| 467 kTestUser); | 475 ->SetAuthenticatedAccountInfo(kTestGaiaId, kTestUser); |
| 468 | 476 |
| 469 // Complete initialization of the store. | 477 // Complete initialization of the store. |
| 470 mock_store_->NotifyStoreLoaded(); | 478 mock_store_->NotifyStoreLoaded(); |
| 471 | 479 |
| 472 // Make oauth token available. | 480 // Make oauth token available. |
| 473 GetTokenService()->IssueRefreshTokenForUser(kTestUser, | 481 GetTokenService()->IssueRefreshTokenForUser( |
| 474 "oauth_login_refresh_token"); | 482 SigninManagerFactory::GetForProfile(profile_.get()) |
| 483 ->GetAuthenticatedAccountId(), |
| 484 "oauth_login_refresh_token"); |
| 475 | 485 |
| 476 // UserCloudPolicyManager should be initialized. | 486 // UserCloudPolicyManager should be initialized. |
| 477 EXPECT_EQ(mock_store_->signin_username_, kTestUser); | 487 EXPECT_EQ(mock_store_->signin_username_, kTestUser); |
| 478 ASSERT_TRUE(manager_->core()->service()); | 488 ASSERT_TRUE(manager_->core()->service()); |
| 479 | 489 |
| 480 // Client registration should be in progress since we have an oauth token. | 490 // Client registration should be in progress since we have an oauth token. |
| 481 ASSERT_TRUE(IsRequestActive()); | 491 ASSERT_TRUE(IsRequestActive()); |
| 482 } | 492 } |
| 483 | 493 |
| 484 TEST_F(UserPolicySigninServiceTest, SignInWithNonEnterpriseUser) { | 494 TEST_F(UserPolicySigninServiceTest, SignInWithNonEnterpriseUser) { |
| 485 // UserCloudPolicyManager should not be initialized since there is no | 495 // UserCloudPolicyManager should not be initialized since there is no |
| 486 // signed-in user. | 496 // signed-in user. |
| 487 ASSERT_FALSE(manager_->core()->service()); | 497 ASSERT_FALSE(manager_->core()->service()); |
| 488 | 498 |
| 489 // Now sign in a non-enterprise user (blacklisted gmail.com domain). | 499 // Now sign in a non-enterprise user (blacklisted gmail.com domain). |
| 490 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | 500 SigninManagerFactory::GetForProfile(profile_.get()) |
| 491 "non_enterprise_user@gmail.com"); | 501 ->SetAuthenticatedAccountInfo("gaia-id-non_enterprise_user@gmail.com", |
| 502 "non_enterprise_user@gmail.com"); |
| 492 | 503 |
| 493 // Complete initialization of the store. | 504 // Complete initialization of the store. |
| 494 mock_store_->NotifyStoreLoaded(); | 505 mock_store_->NotifyStoreLoaded(); |
| 495 | 506 |
| 496 // Make oauth token available. | 507 // Make oauth token available. |
| 497 GetTokenService()->IssueRefreshTokenForUser(kTestUser, | 508 GetTokenService()->IssueRefreshTokenForUser( |
| 498 "oauth_login_refresh_token"); | 509 SigninManagerFactory::GetForProfile(profile_.get()) |
| 510 ->GetAuthenticatedAccountId(), |
| 511 "oauth_login_refresh_token"); |
| 499 | 512 |
| 500 // UserCloudPolicyManager should not be initialized and there should be no | 513 // UserCloudPolicyManager should not be initialized and there should be no |
| 501 // DMToken request active. | 514 // DMToken request active. |
| 502 ASSERT_TRUE(!manager_->core()->service()); | 515 ASSERT_TRUE(!manager_->core()->service()); |
| 503 ASSERT_FALSE(IsRequestActive()); | 516 ASSERT_FALSE(IsRequestActive()); |
| 504 } | 517 } |
| 505 | 518 |
| 506 TEST_F(UserPolicySigninServiceTest, UnregisteredClient) { | 519 TEST_F(UserPolicySigninServiceTest, UnregisteredClient) { |
| 507 // UserCloudPolicyManager should not be initialized since there is no | 520 // UserCloudPolicyManager should not be initialized since there is no |
| 508 // signed-in user. | 521 // signed-in user. |
| 509 ASSERT_FALSE(manager_->core()->service()); | 522 ASSERT_FALSE(manager_->core()->service()); |
| 510 | 523 |
| 511 // Now sign in the user. | 524 // Now sign in the user. |
| 512 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | 525 SigninManagerFactory::GetForProfile(profile_.get()) |
| 513 kTestUser); | 526 ->SetAuthenticatedAccountInfo(kTestGaiaId, kTestUser); |
| 514 | 527 |
| 515 // Make oauth token available. | 528 // Make oauth token available. |
| 516 GetTokenService()->IssueRefreshTokenForUser(kTestUser, | 529 GetTokenService()->IssueRefreshTokenForUser( |
| 517 "oauth_login_refresh_token"); | 530 SigninManagerFactory::GetForProfile(profile_.get()) |
| 531 ->GetAuthenticatedAccountId(), |
| 532 "oauth_login_refresh_token"); |
| 518 | 533 |
| 519 // UserCloudPolicyManager should be initialized. | 534 // UserCloudPolicyManager should be initialized. |
| 520 EXPECT_EQ(mock_store_->signin_username_, kTestUser); | 535 EXPECT_EQ(mock_store_->signin_username_, kTestUser); |
| 521 ASSERT_TRUE(manager_->core()->service()); | 536 ASSERT_TRUE(manager_->core()->service()); |
| 522 | 537 |
| 523 // Client registration should not be in progress since the store is not | 538 // Client registration should not be in progress since the store is not |
| 524 // yet initialized. | 539 // yet initialized. |
| 525 ASSERT_FALSE(IsRequestActive()); | 540 ASSERT_FALSE(IsRequestActive()); |
| 526 | 541 |
| 527 // Complete initialization of the store with no policy (unregistered client). | 542 // Complete initialization of the store with no policy (unregistered client). |
| 528 mock_store_->NotifyStoreLoaded(); | 543 mock_store_->NotifyStoreLoaded(); |
| 529 | 544 |
| 530 // Client registration should be in progress since we have an oauth token. | 545 // Client registration should be in progress since we have an oauth token. |
| 531 ASSERT_TRUE(IsRequestActive()); | 546 ASSERT_TRUE(IsRequestActive()); |
| 532 } | 547 } |
| 533 | 548 |
| 534 TEST_F(UserPolicySigninServiceTest, RegisteredClient) { | 549 TEST_F(UserPolicySigninServiceTest, RegisteredClient) { |
| 535 // UserCloudPolicyManager should not be initialized since there is no | 550 // UserCloudPolicyManager should not be initialized since there is no |
| 536 // signed-in user. | 551 // signed-in user. |
| 537 ASSERT_FALSE(manager_->core()->service()); | 552 ASSERT_FALSE(manager_->core()->service()); |
| 538 | 553 |
| 539 // Now sign in the user. | 554 // Now sign in the user. |
| 540 SigninManagerFactory::GetForProfile(profile_.get())->SetAuthenticatedUsername( | 555 SigninManagerFactory::GetForProfile(profile_.get()) |
| 541 kTestUser); | 556 ->SetAuthenticatedAccountInfo(kTestGaiaId, kTestUser); |
| 542 | 557 |
| 543 // Make oauth token available. | 558 // Make oauth token available. |
| 544 GetTokenService()->IssueRefreshTokenForUser(kTestUser, | 559 GetTokenService()->IssueRefreshTokenForUser( |
| 545 "oauth_login_refresh_token"); | 560 SigninManagerFactory::GetForProfile(profile_.get()) |
| 561 ->GetAuthenticatedAccountId(), |
| 562 "oauth_login_refresh_token"); |
| 546 | 563 |
| 547 // UserCloudPolicyManager should be initialized. | 564 // UserCloudPolicyManager should be initialized. |
| 548 EXPECT_EQ(mock_store_->signin_username_, kTestUser); | 565 EXPECT_EQ(mock_store_->signin_username_, kTestUser); |
| 549 ASSERT_TRUE(manager_->core()->service()); | 566 ASSERT_TRUE(manager_->core()->service()); |
| 550 | 567 |
| 551 // Client registration should not be in progress since the store is not | 568 // Client registration should not be in progress since the store is not |
| 552 // yet initialized. | 569 // yet initialized. |
| 553 ASSERT_FALSE(manager_->IsClientRegistered()); | 570 ASSERT_FALSE(manager_->IsClientRegistered()); |
| 554 ASSERT_FALSE(IsRequestActive()); | 571 ASSERT_FALSE(IsRequestActive()); |
| 555 | 572 |
| (...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 814 base::RunLoop().RunUntilIdle(); | 831 base::RunLoop().RunUntilIdle(); |
| 815 EXPECT_FALSE(manager_->IsClientRegistered()); | 832 EXPECT_FALSE(manager_->IsClientRegistered()); |
| 816 #if !defined(OS_ANDROID) | 833 #if !defined(OS_ANDROID) |
| 817 EXPECT_FALSE(signin_manager_->IsSignoutProhibited()); | 834 EXPECT_FALSE(signin_manager_->IsSignoutProhibited()); |
| 818 #endif | 835 #endif |
| 819 } | 836 } |
| 820 | 837 |
| 821 } // namespace | 838 } // namespace |
| 822 | 839 |
| 823 } // namespace policy | 840 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 964563002:
Replace SetAuthenticatedUsername with SetAuthenticatedAccountId. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@priv