[s13n] Convert AdvancedProtectionStatusManagerTest away from FakeProfileOAuth2TokenService
This CL is a continuation of [1], where AdvancedProtectionStatusManager (production code) was migrated from SigninManager and OAuth2TokenService to IdentityManager. At this time the respective unittests are migrated. The CL adds the adds/changes the following testing APIs: - IdentityTestEnvironment::WaitForAccessTokenRequestIfNecessaryAndRespondWithToken receives an extra (optional) parameter |id_token|, and forward it to FakeProfileOAuth2TokenService::IssueAllTokensForAccount. This allows the body of AdvancedProtectionStatusManagerTest::MakeOAuthTokenFetchSucceed to be migrated flawlessly. - IdentityTestEnvironment::UpdateAccountInfoForAccount. This method updates the account information for a given known account, by calling AccountTrackerService::SeedAccountInfo. [1] https://crrev.com/c/1250968 BUG=887266 Change-Id: Ica84fd299794552f2ae6957dfc6c7dde6bba7afa Reviewed-on: https://chromium-review.googlesource.com/c/1308993 Commit-Queue: Antonio Gomes <tonikitoo@igalia.com> Reviewed-by: Colin Blundell <blundell@chromium.org> Reviewed-by: Nathan Parker <nparker@chromium.org> Reviewed-by: Jialiu Lin <jialiul@chromium.org> Cr-Commit-Position: refs/heads/master@{#606440}
This commit is contained in:

committed by
Commit Bot

parent
f4a5aa2a64
commit
1339be2a6b
chrome/browser/safe_browsing
services/identity/public/cpp
@ -7,15 +7,11 @@
|
||||
#include "base/bind.h"
|
||||
#include "chrome/browser/safe_browsing/advanced_protection_status_manager_factory.h"
|
||||
#include "chrome/browser/signin/account_tracker_service_factory.h"
|
||||
#include "chrome/browser/signin/fake_profile_oauth2_token_service_builder.h"
|
||||
#include "chrome/browser/signin/fake_signin_manager_builder.h"
|
||||
#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
|
||||
#include "chrome/browser/signin/signin_manager_factory.h"
|
||||
#include "chrome/browser/signin/identity_test_environment_profile_adaptor.h"
|
||||
#include "chrome/test/base/testing_profile.h"
|
||||
#include "components/prefs/pref_service.h"
|
||||
#include "components/safe_browsing/common/safe_browsing_prefs.h"
|
||||
#include "components/signin/core/browser/account_tracker_service.h"
|
||||
#include "components/signin/core/browser/fake_profile_oauth2_token_service.h"
|
||||
#include "content/public/test/test_browser_thread_bundle.h"
|
||||
#include "testing/gtest/include/gtest/gtest.h"
|
||||
|
||||
@ -34,76 +30,61 @@ static const char* kIdTokenAdvancedProtectionDisabled =
|
||||
class AdvancedProtectionStatusManagerTest : public testing::Test {
|
||||
public:
|
||||
AdvancedProtectionStatusManagerTest() {
|
||||
TestingProfile::Builder builder;
|
||||
builder.AddTestingFactory(
|
||||
SigninManagerFactory::GetInstance(),
|
||||
base::BindRepeating(&BuildFakeSigninManagerForTesting));
|
||||
builder.AddTestingFactory(
|
||||
ProfileOAuth2TokenServiceFactory::GetInstance(),
|
||||
base::BindRepeating(&BuildFakeProfileOAuth2TokenService));
|
||||
testing_profile_.reset(builder.Build().release());
|
||||
fake_signin_manager_ = static_cast<FakeSigninManagerForTesting*>(
|
||||
SigninManagerFactory::GetForProfile(testing_profile_.get()));
|
||||
testing_profile_ = IdentityTestEnvironmentProfileAdaptor::
|
||||
CreateProfileForIdentityTestEnvironment();
|
||||
|
||||
identity_test_env_adaptor_ =
|
||||
std::make_unique<IdentityTestEnvironmentProfileAdaptor>(
|
||||
testing_profile_.get());
|
||||
|
||||
account_tracker_service_ =
|
||||
AccountTrackerServiceFactory::GetForProfile(testing_profile_.get());
|
||||
}
|
||||
|
||||
~AdvancedProtectionStatusManagerTest() override {}
|
||||
|
||||
std::string SignIn(const std::string& gaia_id,
|
||||
const std::string& email,
|
||||
std::string SignIn(const std::string& email,
|
||||
bool is_under_advanced_protection) {
|
||||
AccountInfo account_info;
|
||||
account_info.gaia = gaia_id;
|
||||
account_info.email = email;
|
||||
AccountInfo account_info = identity_test_env()->MakeAccountAvailable(email);
|
||||
|
||||
account_info.is_under_advanced_protection = is_under_advanced_protection;
|
||||
std::string account_id =
|
||||
account_tracker_service_->SeedAccountInfo(account_info);
|
||||
#if defined(OS_CHROMEOS)
|
||||
fake_signin_manager_->SignIn(account_id);
|
||||
#else
|
||||
fake_signin_manager_->SignIn(gaia_id, email, "password");
|
||||
#endif
|
||||
GetTokenService()->UpdateCredentials(account_id, "refresh_token");
|
||||
return account_id;
|
||||
}
|
||||
identity_test_env()->UpdateAccountInfoForAccount(account_info);
|
||||
|
||||
FakeProfileOAuth2TokenService* GetTokenService() {
|
||||
ProfileOAuth2TokenService* service =
|
||||
ProfileOAuth2TokenServiceFactory::GetForProfile(testing_profile_.get());
|
||||
return static_cast<FakeProfileOAuth2TokenService*>(service);
|
||||
}
|
||||
identity_test_env()->SetPrimaryAccount(account_info.email);
|
||||
|
||||
bool IsRequestActive() {
|
||||
return !GetTokenService()->GetPendingRequests().empty();
|
||||
return account_info.account_id;
|
||||
}
|
||||
|
||||
void MakeOAuthTokenFetchSucceed(const std::string& account_id,
|
||||
bool is_under_advanced_protection) {
|
||||
ASSERT_TRUE(IsRequestActive());
|
||||
GetTokenService()->IssueAllTokensForAccount(
|
||||
account_id,
|
||||
OAuth2AccessTokenConsumer::TokenResponse(
|
||||
"access_token", base::Time::Now() + base::TimeDelta::FromHours(1),
|
||||
identity_test_env()
|
||||
->WaitForAccessTokenRequestIfNecessaryAndRespondWithToken(
|
||||
account_id, "access_token",
|
||||
base::Time::Now() + base::TimeDelta::FromHours(1),
|
||||
is_under_advanced_protection ? kIdTokenAdvancedProtectionEnabled
|
||||
: kIdTokenAdvancedProtectionDisabled));
|
||||
: kIdTokenAdvancedProtectionDisabled);
|
||||
}
|
||||
|
||||
void MakeOAuthTokenFetchFail(const std::string& account_id,
|
||||
bool is_transient_error) {
|
||||
ASSERT_TRUE(IsRequestActive());
|
||||
GetTokenService()->IssueErrorForAllPendingRequestsForAccount(
|
||||
account_id,
|
||||
GoogleServiceAuthError(
|
||||
is_transient_error
|
||||
? GoogleServiceAuthError::CONNECTION_FAILED
|
||||
: GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS));
|
||||
identity_test_env()
|
||||
->WaitForAccessTokenRequestIfNecessaryAndRespondWithError(
|
||||
account_id,
|
||||
GoogleServiceAuthError(
|
||||
is_transient_error
|
||||
? GoogleServiceAuthError::CONNECTION_FAILED
|
||||
: GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS));
|
||||
}
|
||||
|
||||
identity::IdentityTestEnvironment* identity_test_env() {
|
||||
return identity_test_env_adaptor_->identity_test_env();
|
||||
}
|
||||
|
||||
protected:
|
||||
content::TestBrowserThreadBundle thread_bundle;
|
||||
std::unique_ptr<TestingProfile> testing_profile_;
|
||||
FakeSigninManagerForTesting* fake_signin_manager_;
|
||||
std::unique_ptr<IdentityTestEnvironmentProfileAdaptor>
|
||||
identity_test_env_adaptor_;
|
||||
AccountTrackerService* account_tracker_service_;
|
||||
};
|
||||
|
||||
@ -132,16 +113,14 @@ TEST_F(AdvancedProtectionStatusManagerTest,
|
||||
// Simulates the situation where user signed in long time ago, thus
|
||||
// has no advanced protection status.
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
|
||||
AdvancedProtectionStatusManager aps_manager(
|
||||
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
|
||||
base::RunLoop().RunUntilIdle();
|
||||
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
|
||||
|
||||
// An OAuth2 access token request should be sent.
|
||||
ASSERT_TRUE(IsRequestActive());
|
||||
// Simulates receiving access token, and this user is not under advanced
|
||||
// protection.
|
||||
// Waits for access token request and respond with an error without advanced
|
||||
// protection set.
|
||||
MakeOAuthTokenFetchFail(account_id, /* is_transient_error = */ true);
|
||||
|
||||
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
|
||||
@ -158,16 +137,14 @@ TEST_F(AdvancedProtectionStatusManagerTest,
|
||||
// Simulates the situation where user signed in long time ago, thus
|
||||
// has no advanced protection status.
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
|
||||
AdvancedProtectionStatusManager aps_manager(
|
||||
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
|
||||
base::RunLoop().RunUntilIdle();
|
||||
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
|
||||
|
||||
// An OAuth2 access token request should be sent.
|
||||
ASSERT_TRUE(IsRequestActive());
|
||||
// Simulates receiving access token, and this user is not under advanced
|
||||
// protection.
|
||||
// Waits for access token request and respond with an error without advanced
|
||||
// protection set.
|
||||
MakeOAuthTokenFetchFail(account_id, /* is_transient_error = */ false);
|
||||
|
||||
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
|
||||
@ -184,15 +161,13 @@ TEST_F(AdvancedProtectionStatusManagerTest, SignedInLongTimeAgoNotUnderAP) {
|
||||
// Simulates the situation where user signed in long time ago, thus
|
||||
// has no advanced protection status.
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
|
||||
AdvancedProtectionStatusManager aps_manager(
|
||||
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
|
||||
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
|
||||
base::RunLoop().RunUntilIdle();
|
||||
// An OAuth2 access token request should be sent.
|
||||
ASSERT_TRUE(IsRequestActive());
|
||||
// Simulates receiving access token, and this user is not under advanced
|
||||
// protection.
|
||||
// Waits for access token request and respond with a token without advanced
|
||||
// protection set.
|
||||
MakeOAuthTokenFetchSucceed(account_id,
|
||||
/* is_under_advanced_protection = */ false);
|
||||
|
||||
@ -207,12 +182,12 @@ TEST_F(AdvancedProtectionStatusManagerTest, SignedInLongTimeAgoUnderAP) {
|
||||
// Simulates the situation where user signed in long time ago, thus
|
||||
// has no advanced protection status yet.
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
|
||||
AdvancedProtectionStatusManager aps_manager(
|
||||
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
|
||||
base::RunLoop().RunUntilIdle();
|
||||
// Simulates receiving access token, and this user is not under advanced
|
||||
// protection.
|
||||
// Waits for access token request and respond with a token without advanced
|
||||
// protection set.
|
||||
MakeOAuthTokenFetchSucceed(account_id,
|
||||
/* is_under_advanced_protection = */ true);
|
||||
|
||||
@ -231,14 +206,12 @@ TEST_F(AdvancedProtectionStatusManagerTest, AlreadySignedInAndUnderAP) {
|
||||
// Simulates the situation where the user has already signed in and is
|
||||
// under advanced protection.
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
|
||||
AdvancedProtectionStatusManager aps_manager(
|
||||
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
|
||||
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
|
||||
ASSERT_TRUE(aps_manager.is_under_advanced_protection());
|
||||
|
||||
// Since user is already under advanced protection, no need to refresh.
|
||||
EXPECT_FALSE(IsRequestActive());
|
||||
// A refresh is scheduled in the future.
|
||||
EXPECT_TRUE(aps_manager.IsRefreshScheduled());
|
||||
aps_manager.UnsubscribeFromSigninEvents();
|
||||
@ -253,7 +226,7 @@ TEST_F(AdvancedProtectionStatusManagerTest,
|
||||
// Simulates the situation where the user has already signed in and is
|
||||
// under advanced protection.
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
|
||||
AdvancedProtectionStatusManagerFactory::GetForBrowserContext(
|
||||
Profile::FromBrowserContext(testing_profile_.get()))
|
||||
->MaybeRefreshOnStartUp();
|
||||
@ -275,7 +248,7 @@ TEST_F(AdvancedProtectionStatusManagerTest,
|
||||
// Simulates the situation where the user has already signed in and is
|
||||
// NOT under advanced protection.
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
|
||||
AdvancedProtectionStatusManagerFactory::GetForBrowserContext(
|
||||
Profile::FromBrowserContext(testing_profile_.get()))
|
||||
->MaybeRefreshOnStartUp();
|
||||
@ -295,7 +268,7 @@ TEST_F(AdvancedProtectionStatusManagerTest, StayInAdvancedProtection) {
|
||||
last_update.ToDeltaSinceWindowsEpoch().InMicroseconds());
|
||||
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
|
||||
AdvancedProtectionStatusManager aps_manager(
|
||||
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
|
||||
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
|
||||
@ -320,11 +293,11 @@ TEST_F(AdvancedProtectionStatusManagerTest, SignInAndSignOutEvent) {
|
||||
ASSERT_FALSE(aps_manager.is_under_advanced_protection());
|
||||
ASSERT_TRUE(aps_manager.GetPrimaryAccountId().empty());
|
||||
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
|
||||
EXPECT_TRUE(aps_manager.is_under_advanced_protection());
|
||||
EXPECT_TRUE(aps_manager.IsRefreshScheduled());
|
||||
|
||||
fake_signin_manager_->ForceSignOut();
|
||||
identity_test_env()->ClearPrimaryAccount();
|
||||
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
|
||||
EXPECT_TRUE(testing_profile_->GetPrefs()->HasPrefPath(
|
||||
prefs::kAdvancedProtectionLastRefreshInUs));
|
||||
@ -340,7 +313,7 @@ TEST_F(AdvancedProtectionStatusManagerTest, AccountRemoval) {
|
||||
ASSERT_TRUE(aps_manager.GetPrimaryAccountId().empty());
|
||||
|
||||
std::string account_id =
|
||||
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
|
||||
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
|
||||
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
|
||||
EXPECT_FALSE(aps_manager.IsRefreshScheduled());
|
||||
|
||||
|
@ -294,9 +294,12 @@ void IdentityTestEnvironment::
|
||||
WaitForAccessTokenRequestIfNecessaryAndRespondWithToken(
|
||||
const std::string& account_id,
|
||||
const std::string& token,
|
||||
const base::Time& expiration) {
|
||||
const base::Time& expiration,
|
||||
const std::string& id_token) {
|
||||
WaitForAccessTokenRequestIfNecessary(account_id);
|
||||
token_service_->IssueAllTokensForAccount(account_id, token, expiration);
|
||||
token_service_->IssueAllTokensForAccount(
|
||||
account_id,
|
||||
OAuth2AccessTokenConsumer::TokenResponse(token, expiration, id_token));
|
||||
}
|
||||
|
||||
void IdentityTestEnvironment::
|
||||
@ -399,4 +402,9 @@ void IdentityTestEnvironment::WaitForAccessTokenRequestIfNecessary(
|
||||
run_loop.Run();
|
||||
}
|
||||
|
||||
void IdentityTestEnvironment::UpdateAccountInfoForAccount(
|
||||
AccountInfo account_info) {
|
||||
identity::UpdateAccountInfoForAccount(account_tracker_service_, account_info);
|
||||
}
|
||||
|
||||
} // namespace identity
|
||||
|
@ -170,7 +170,8 @@ class IdentityTestEnvironment : public IdentityManager::DiagnosticsObserver {
|
||||
void WaitForAccessTokenRequestIfNecessaryAndRespondWithToken(
|
||||
const std::string& account_id,
|
||||
const std::string& token,
|
||||
const base::Time& expiration);
|
||||
const base::Time& expiration,
|
||||
const std::string& id_token = std::string());
|
||||
|
||||
// Issues |error| in response to any access token request that either has (a)
|
||||
// already occurred and has not been matched by a previous call to this or
|
||||
@ -204,6 +205,10 @@ class IdentityTestEnvironment : public IdentityManager::DiagnosticsObserver {
|
||||
// passing in a null callback, before the Wait* methods can be used again.
|
||||
void SetCallbackForNextAccessTokenRequest(base::OnceClosure callback);
|
||||
|
||||
// Updates the info for |account_info.account_id|, which must be a known
|
||||
// account.
|
||||
void UpdateAccountInfoForAccount(AccountInfo account_info);
|
||||
|
||||
private:
|
||||
friend class ::IdentityTestEnvironmentChromeBrowserStateAdaptor;
|
||||
friend class ::IdentityTestEnvironmentProfileAdaptor;
|
||||
|
@ -326,4 +326,13 @@ void SetCookieAccounts(FakeGaiaCookieManagerService* cookie_manager,
|
||||
run_loop.Run();
|
||||
}
|
||||
|
||||
void UpdateAccountInfoForAccount(AccountTrackerService* account_tracker_service,
|
||||
AccountInfo account_info) {
|
||||
// Make sure the account being updated is a known account.
|
||||
DCHECK(!account_tracker_service->GetAccountInfo(account_info.account_id)
|
||||
.account_id.empty());
|
||||
|
||||
account_tracker_service->SeedAccountInfo(account_info);
|
||||
}
|
||||
|
||||
} // namespace identity
|
||||
|
@ -143,6 +143,11 @@ void SetCookieAccounts(FakeGaiaCookieManagerService* cookie_manager,
|
||||
IdentityManager* identity_manager,
|
||||
const std::vector<CookieParams>& cookie_accounts);
|
||||
|
||||
// Updates the info for |account_info.account_id|, which must be a known
|
||||
// account.
|
||||
void UpdateAccountInfoForAccount(AccountTrackerService* account_tracker_service,
|
||||
AccountInfo account_info);
|
||||
|
||||
} // namespace identity
|
||||
|
||||
#endif // SERVICES_IDENTITY_PUBLIC_CPP_IDENTITY_TEST_UTILS_H_
|
||||
|
Reference in New Issue
Block a user