net/android/dummy_spnego_authenticator.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

// Copyright (c) 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef NET_ANDROID_DUMMY_SPNEGO_AUTHENTICATOR_H_
#define NET_ANDROID_DUMMY_SPNEGO_AUTHENTICATOR_H_

#include <jni.h>
#include <stdint.h>

#include <cstdint>
#include <list>
#include <string>

#include "base/android/scoped_java_ref.h"

// Provides an interface for controlling the DummySpnegoAuthenticator service.
// This includes a basic stub of the Mock GSSAPI library, so that OS independent
// Negotiate authentication tests can be run on Android.
namespace net {

// These constant values are arbitrary, and different from the real GSSAPI
// values, but must match those used in DummySpnegoAuthenticator.java
#define GSS_S_COMPLETE 0
#define GSS_S_CONTINUE_NEEDED 1
#define GSS_S_FAILURE 2

class gss_buffer_desc;

typedef struct gss_OID_desc_struct {
  uint32_t length;
  void* elements;
} gss_OID_desc, *gss_OID;

extern gss_OID CHROME_GSS_SPNEGO_MECH_OID_DESC;

namespace test {

// Copy of class in Mock GSSAPI library.
class GssContextMockImpl {
 public:
  GssContextMockImpl();
  GssContextMockImpl(const GssContextMockImpl& other);
  GssContextMockImpl(const char* src_name,
                     const char* targ_name,
                     uint32_t lifetime_rec,
                     const gss_OID_desc& mech_type,
                     uint32_t ctx_flags,
                     int locally_initiated,
                     int open);
  ~GssContextMockImpl();

  void Assign(const GssContextMockImpl& other);

  std::string src_name;
  std::string targ_name;
  int32_t lifetime_rec;
  gss_OID_desc mech_type;
  int32_t ctx_flags;
  int locally_initiated;
  int open;
};

}  // namespace test

namespace android {

// Interface to Java DummySpnegoAuthenticator.
class DummySpnegoAuthenticator {
 public:
  struct SecurityContextQuery {
    SecurityContextQuery(const std::string& expected_package,
                         uint32_t response_code,
                         uint32_t minor_response_code,
                         const test::GssContextMockImpl& context_info,
                         const std::string& expected_input_token,
                         const std::string& output_token);
    SecurityContextQuery(const std::string& expected_package,
                         uint32_t response_code,
                         uint32_t minor_response_code,
                         const test::GssContextMockImpl& context_info,
                         const char* expected_input_token,
                         const char* output_token);
    SecurityContextQuery();
    ~SecurityContextQuery();

    // Note that many of these fields only exist for compatibility with the
    // non-Android version of the tests. Only the response_code and tokens are
    // used or checked on Android.
    std::string expected_package;
    uint32_t response_code;
    uint32_t minor_response_code;
    test::GssContextMockImpl context_info;
    std::string expected_input_token;
    std::string output_token;

    // Java callable members
    base::android::ScopedJavaLocalRef<jstring> GetTokenToReturn(
        JNIEnv* env,
        const base::android::JavaParamRef<jobject>& obj);
    int GetResult(JNIEnv* env, const base::android::JavaParamRef<jobject>& obj);

    // Called from Java to check the arguments passed to the GetToken. Has to
    // be in C++ since these tests are driven by googletest, and can only report
    // failures through the googletest C++ API.
    void CheckGetTokenArguments(
        JNIEnv* env,
        const base::android::JavaParamRef<jobject>& obj,
        const base::android::JavaParamRef<jstring>& incoming_token);
  };

  DummySpnegoAuthenticator();

  ~DummySpnegoAuthenticator();

  void ExpectSecurityContext(const std::string& expected_package,
                             uint32_t response_code,
                             uint32_t minor_response_code,
                             const test::GssContextMockImpl& context_info,
                             const std::string& expected_input_token,
                             const std::string& output_token);

  static bool RegisterJni(JNIEnv* env);

  static void EnsureTestAccountExists();
  static void RemoveTestAccounts();

  long GetNextQuery(JNIEnv* env,
                    const base::android::JavaParamRef<jobject>& obj);

 private:
  // Abandon the test if the query queue is empty. Has to be a void function to
  // allow use of ASSERT_FALSE.
  void CheckQueueNotEmpty();

  std::list<SecurityContextQuery> expected_security_queries_;
  // Needed to keep the current query alive once it has been pulled from the
  // queue. This is simpler than transferring its ownership to Java.
  SecurityContextQuery current_query_;
};

}  // namespace android
}  // namespace net

#endif  // NET_ANDROID_DUMMY_SPNEGO_AUTHENTICATOR_DRIVER_H