diff options
| author | rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-25 01:46:03 +0000 |
|---|---|---|
| committer | rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-25 01:46:03 +0000 |
| commit | 7181799965db607aef9242a501f4dd78ff86f607 (patch) | |
| tree | 925182e4fbe812e853529bf3f8379a9503c8c11c /remoting/host/token_validator_factory_impl_unittest.cc | |
| parent | 5df0b3229519a2a4a8c45955081a7dcaafbe666d (diff) | |
| download | chromium_src-7181799965db607aef9242a501f4dd78ff86f607.zip chromium_src-7181799965db607aef9242a501f4dd78ff86f607.tar.gz chromium_src-7181799965db607aef9242a501f4dd78ff86f607.tar.bz2 | |
Support sending client certificates when validating tokens.
(Resubmitting due to memory leak in unittests in first attempt)
I chose to add a new certificate auto-selection policy, because the existing certificate auto-selection is very coupled with Chrome. The existing AutoSelectCertificateUrls requires chrome/common/content_settings_pattern.h (which depends on other browser specific files, and is otherwise very browser-specific logic) to parse the URL pattern, and chrome/browser/chrome_content_browser_client.cc to match the certificate.
Also, URLFetcher doesn't support sending certificates, and supporting it is a strict non-goal ( https://codereview.chromium.org/136883010/ ), so I had to use the lower level URLRequest, and have tokenvalidator do its own buffering.
Finally, the client certificate store has some unpleasant lifetime requirements, so there are some hacks to deal with that as well.
BUG=315825
Review URL: https://codereview.chromium.org/145323009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@247060 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'remoting/host/token_validator_factory_impl_unittest.cc')
| -rw-r--r-- | remoting/host/token_validator_factory_impl_unittest.cc | 85 |
1 files changed, 63 insertions, 22 deletions
diff --git a/remoting/host/token_validator_factory_impl_unittest.cc b/remoting/host/token_validator_factory_impl_unittest.cc index 18208fa..ffc376f 100644 --- a/remoting/host/token_validator_factory_impl_unittest.cc +++ b/remoting/host/token_validator_factory_impl_unittest.cc @@ -9,8 +9,10 @@ #include "base/json/json_writer.h" #include "base/values.h" #include "net/http/http_status_code.h" -#include "net/url_request/test_url_fetcher_factory.h" +#include "net/url_request/url_request_job_factory.h" +#include "net/url_request/url_request_job_factory_impl.h" #include "net/url_request/url_request_status.h" +#include "net/url_request/url_request_test_job.h" #include "net/url_request/url_request_test_util.h" #include "remoting/base/rsa_key_pair.h" #include "remoting/base/test_rsa_key_pair.h" @@ -22,6 +24,7 @@ namespace { const char kTokenUrl[] = "https://example.com/token"; const char kTokenValidationUrl[] = "https://example.com/validate"; +const char kTokenValidationCertIssuer[] = ""; const char kLocalJid[] = "user@example.com/local"; const char kRemoteJid[] = "user@example.com/remote"; const char kToken[] = "xyz123456"; @@ -31,6 +34,35 @@ const char kSharedSecret[] = "abcdefgh"; const char kBadScope[] = "client:user@example.com/local host:user@example.com/remote"; +class FakeProtocolHandler : public net::URLRequestJobFactory::ProtocolHandler { + public: + FakeProtocolHandler(const std::string& headers, const std::string& response) + : headers_(headers), + response_(response) { + } + virtual net::URLRequestJob* MaybeCreateJob( + net::URLRequest* request, net::NetworkDelegate* network_delegate) const + OVERRIDE { + return new net::URLRequestTestJob( + request, network_delegate, headers_, response_, true); + } + + private: + std::string headers_; + std::string response_; +}; + +class SetResponseURLRequestContext: public net::TestURLRequestContext { + public: + void SetResponse(const std::string& headers, const std::string& response) { + net::URLRequestJobFactoryImpl* factory = + new net::URLRequestJobFactoryImpl(); + factory->SetProtocolHandler( + "https", new FakeProtocolHandler(headers, response)); + context_storage_.set_job_factory(factory); + } +}; + } // namespace namespace remoting { @@ -58,11 +90,16 @@ class TokenValidatorFactoryImplTest : public testing::Test { protected: virtual void SetUp() OVERRIDE { key_pair_ = RsaKeyPair::FromString(kTestRsaKeyPair); + scoped_ptr<net::TestURLRequestContext> context( + new SetResponseURLRequestContext()); request_context_getter_ = new net::TestURLRequestContextGetter( - message_loop_.message_loop_proxy()); + message_loop_.message_loop_proxy(), context.Pass()); + ThirdPartyAuthConfig config; + config.token_url = GURL(kTokenUrl); + config.token_validation_url = GURL(kTokenValidationUrl); + config.token_validation_cert_issuer = kTokenValidationCertIssuer; token_validator_factory_.reset(new TokenValidatorFactoryImpl( - GURL(kTokenUrl), GURL(kTokenValidationUrl), key_pair_, - request_context_getter_)); + config, key_pair_, request_context_getter_)); } static std::string CreateResponse(const std::string& scope) { @@ -83,6 +120,14 @@ class TokenValidatorFactoryImplTest : public testing::Test { return response; } + + void SetResponse(const std::string& headers, const std::string& response) { + SetResponseURLRequestContext* context = + static_cast<SetResponseURLRequestContext*>( + request_context_getter_->GetURLRequestContext()); + context->SetResponse(headers, response); + } + base::MessageLoop message_loop_; scoped_refptr<RsaKeyPair> key_pair_; scoped_refptr<net::URLRequestContextGetter> request_context_getter_; @@ -92,13 +137,12 @@ class TokenValidatorFactoryImplTest : public testing::Test { }; TEST_F(TokenValidatorFactoryImplTest, Success) { - net::FakeURLFetcherFactory factory(NULL); token_validator_ = token_validator_factory_->CreateTokenValidator( kLocalJid, kRemoteJid); - factory.SetFakeResponse( - GURL(kTokenValidationUrl), - CreateResponse(token_validator_->token_scope()), - net::HTTP_OK, net::URLRequestStatus::SUCCESS); + + SetResponse(net::URLRequestTestJob::test_headers(), + CreateResponse(token_validator_->token_scope())); + token_validator_->ValidateThirdPartyToken( kToken, base::Bind(&TokenValidatorFactoryImplTest::SuccessCallback, base::Unretained(this))); @@ -106,12 +150,11 @@ TEST_F(TokenValidatorFactoryImplTest, Success) { } TEST_F(TokenValidatorFactoryImplTest, BadToken) { - net::FakeURLFetcherFactory factory(NULL); token_validator_ = token_validator_factory_->CreateTokenValidator( kLocalJid, kRemoteJid); - factory.SetFakeResponse(GURL(kTokenValidationUrl), std::string(), - net::HTTP_INTERNAL_SERVER_ERROR, - net::URLRequestStatus::FAILED); + + SetResponse(net::URLRequestTestJob::test_error_headers(), std::string()); + token_validator_->ValidateThirdPartyToken( kToken, base::Bind(&TokenValidatorFactoryImplTest::FailureCallback, base::Unretained(this))); @@ -119,12 +162,12 @@ TEST_F(TokenValidatorFactoryImplTest, BadToken) { } TEST_F(TokenValidatorFactoryImplTest, BadScope) { - net::FakeURLFetcherFactory factory(NULL); token_validator_ = token_validator_factory_->CreateTokenValidator( kLocalJid, kRemoteJid); - factory.SetFakeResponse( - GURL(kTokenValidationUrl), CreateResponse(kBadScope), net::HTTP_OK, - net::URLRequestStatus::SUCCESS); + + SetResponse(net::URLRequestTestJob::test_headers(), + CreateResponse(kBadScope)); + token_validator_->ValidateThirdPartyToken( kToken, base::Bind(&TokenValidatorFactoryImplTest::FailureCallback, base::Unretained(this))); @@ -132,13 +175,11 @@ TEST_F(TokenValidatorFactoryImplTest, BadScope) { } TEST_F(TokenValidatorFactoryImplTest, DeleteOnFailure) { - net::FakeURLFetcherFactory factory(NULL); token_validator_ = token_validator_factory_->CreateTokenValidator( kLocalJid, kRemoteJid); - factory.SetFakeResponse(GURL(kTokenValidationUrl), - std::string(), - net::HTTP_INTERNAL_SERVER_ERROR, - net::URLRequestStatus::FAILED); + + SetResponse(net::URLRequestTestJob::test_error_headers(), std::string()); + token_validator_->ValidateThirdPartyToken( kToken, base::Bind( &TokenValidatorFactoryImplTest::DeleteOnFailureCallback, |