0

[s13n] Convert AdvancedProtectionStatusManagerTest away from FakeProfileOAuth2TokenService

This CL is a continuation of [1], where AdvancedProtectionStatusManager (production code)
was migrated from SigninManager and OAuth2TokenService to IdentityManager. At this time
the respective unittests are migrated.

The CL adds the adds/changes the following testing APIs:

- IdentityTestEnvironment::WaitForAccessTokenRequestIfNecessaryAndRespondWithToken
receives an extra (optional) parameter |id_token|, and forward it to
FakeProfileOAuth2TokenService::IssueAllTokensForAccount.
This allows the body of AdvancedProtectionStatusManagerTest::MakeOAuthTokenFetchSucceed
to be migrated flawlessly.

- IdentityTestEnvironment::UpdateAccountInfoForAccount. This method updates the account
information for a given known account, by calling AccountTrackerService::SeedAccountInfo.

[1] https://crrev.com/c/1250968

BUG=887266

Change-Id: Ica84fd299794552f2ae6957dfc6c7dde6bba7afa
Reviewed-on: https://chromium-review.googlesource.com/c/1308993
Commit-Queue: Antonio Gomes <tonikitoo@igalia.com>
Reviewed-by: Colin Blundell <blundell@chromium.org>
Reviewed-by: Nathan Parker <nparker@chromium.org>
Reviewed-by: Jialiu Lin <jialiul@chromium.org>
Cr-Commit-Position: refs/heads/master@{#606440}
This commit is contained in:
Antonio Gomes
2018-11-08 13:14:51 +00:00
committed by Commit Bot
parent f4a5aa2a64
commit 1339be2a6b
5 changed files with 81 additions and 81 deletions

@ -7,15 +7,11 @@
#include "base/bind.h"
#include "chrome/browser/safe_browsing/advanced_protection_status_manager_factory.h"
#include "chrome/browser/signin/account_tracker_service_factory.h"
#include "chrome/browser/signin/fake_profile_oauth2_token_service_builder.h"
#include "chrome/browser/signin/fake_signin_manager_builder.h"
#include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
#include "chrome/browser/signin/signin_manager_factory.h"
#include "chrome/browser/signin/identity_test_environment_profile_adaptor.h"
#include "chrome/test/base/testing_profile.h"
#include "components/prefs/pref_service.h"
#include "components/safe_browsing/common/safe_browsing_prefs.h"
#include "components/signin/core/browser/account_tracker_service.h"
#include "components/signin/core/browser/fake_profile_oauth2_token_service.h"
#include "content/public/test/test_browser_thread_bundle.h"
#include "testing/gtest/include/gtest/gtest.h"
@ -34,76 +30,61 @@ static const char* kIdTokenAdvancedProtectionDisabled =
class AdvancedProtectionStatusManagerTest : public testing::Test {
public:
AdvancedProtectionStatusManagerTest() {
TestingProfile::Builder builder;
builder.AddTestingFactory(
SigninManagerFactory::GetInstance(),
base::BindRepeating(&BuildFakeSigninManagerForTesting));
builder.AddTestingFactory(
ProfileOAuth2TokenServiceFactory::GetInstance(),
base::BindRepeating(&BuildFakeProfileOAuth2TokenService));
testing_profile_.reset(builder.Build().release());
fake_signin_manager_ = static_cast<FakeSigninManagerForTesting*>(
SigninManagerFactory::GetForProfile(testing_profile_.get()));
testing_profile_ = IdentityTestEnvironmentProfileAdaptor::
CreateProfileForIdentityTestEnvironment();
identity_test_env_adaptor_ =
std::make_unique<IdentityTestEnvironmentProfileAdaptor>(
testing_profile_.get());
account_tracker_service_ =
AccountTrackerServiceFactory::GetForProfile(testing_profile_.get());
}
~AdvancedProtectionStatusManagerTest() override {}
std::string SignIn(const std::string& gaia_id,
const std::string& email,
std::string SignIn(const std::string& email,
bool is_under_advanced_protection) {
AccountInfo account_info;
account_info.gaia = gaia_id;
account_info.email = email;
AccountInfo account_info = identity_test_env()->MakeAccountAvailable(email);
account_info.is_under_advanced_protection = is_under_advanced_protection;
std::string account_id =
account_tracker_service_->SeedAccountInfo(account_info);
#if defined(OS_CHROMEOS)
fake_signin_manager_->SignIn(account_id);
#else
fake_signin_manager_->SignIn(gaia_id, email, "password");
#endif
GetTokenService()->UpdateCredentials(account_id, "refresh_token");
return account_id;
}
identity_test_env()->UpdateAccountInfoForAccount(account_info);
FakeProfileOAuth2TokenService* GetTokenService() {
ProfileOAuth2TokenService* service =
ProfileOAuth2TokenServiceFactory::GetForProfile(testing_profile_.get());
return static_cast<FakeProfileOAuth2TokenService*>(service);
}
identity_test_env()->SetPrimaryAccount(account_info.email);
bool IsRequestActive() {
return !GetTokenService()->GetPendingRequests().empty();
return account_info.account_id;
}
void MakeOAuthTokenFetchSucceed(const std::string& account_id,
bool is_under_advanced_protection) {
ASSERT_TRUE(IsRequestActive());
GetTokenService()->IssueAllTokensForAccount(
account_id,
OAuth2AccessTokenConsumer::TokenResponse(
"access_token", base::Time::Now() + base::TimeDelta::FromHours(1),
identity_test_env()
->WaitForAccessTokenRequestIfNecessaryAndRespondWithToken(
account_id, "access_token",
base::Time::Now() + base::TimeDelta::FromHours(1),
is_under_advanced_protection ? kIdTokenAdvancedProtectionEnabled
: kIdTokenAdvancedProtectionDisabled));
: kIdTokenAdvancedProtectionDisabled);
}
void MakeOAuthTokenFetchFail(const std::string& account_id,
bool is_transient_error) {
ASSERT_TRUE(IsRequestActive());
GetTokenService()->IssueErrorForAllPendingRequestsForAccount(
account_id,
GoogleServiceAuthError(
is_transient_error
? GoogleServiceAuthError::CONNECTION_FAILED
: GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS));
identity_test_env()
->WaitForAccessTokenRequestIfNecessaryAndRespondWithError(
account_id,
GoogleServiceAuthError(
is_transient_error
? GoogleServiceAuthError::CONNECTION_FAILED
: GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS));
}
identity::IdentityTestEnvironment* identity_test_env() {
return identity_test_env_adaptor_->identity_test_env();
}
protected:
content::TestBrowserThreadBundle thread_bundle;
std::unique_ptr<TestingProfile> testing_profile_;
FakeSigninManagerForTesting* fake_signin_manager_;
std::unique_ptr<IdentityTestEnvironmentProfileAdaptor>
identity_test_env_adaptor_;
AccountTrackerService* account_tracker_service_;
};
@ -132,16 +113,14 @@ TEST_F(AdvancedProtectionStatusManagerTest,
// Simulates the situation where user signed in long time ago, thus
// has no advanced protection status.
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
AdvancedProtectionStatusManager aps_manager(
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
base::RunLoop().RunUntilIdle();
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
// An OAuth2 access token request should be sent.
ASSERT_TRUE(IsRequestActive());
// Simulates receiving access token, and this user is not under advanced
// protection.
// Waits for access token request and respond with an error without advanced
// protection set.
MakeOAuthTokenFetchFail(account_id, /* is_transient_error = */ true);
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
@ -158,16 +137,14 @@ TEST_F(AdvancedProtectionStatusManagerTest,
// Simulates the situation where user signed in long time ago, thus
// has no advanced protection status.
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
AdvancedProtectionStatusManager aps_manager(
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
base::RunLoop().RunUntilIdle();
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
// An OAuth2 access token request should be sent.
ASSERT_TRUE(IsRequestActive());
// Simulates receiving access token, and this user is not under advanced
// protection.
// Waits for access token request and respond with an error without advanced
// protection set.
MakeOAuthTokenFetchFail(account_id, /* is_transient_error = */ false);
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
@ -184,15 +161,13 @@ TEST_F(AdvancedProtectionStatusManagerTest, SignedInLongTimeAgoNotUnderAP) {
// Simulates the situation where user signed in long time ago, thus
// has no advanced protection status.
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
AdvancedProtectionStatusManager aps_manager(
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
base::RunLoop().RunUntilIdle();
// An OAuth2 access token request should be sent.
ASSERT_TRUE(IsRequestActive());
// Simulates receiving access token, and this user is not under advanced
// protection.
// Waits for access token request and respond with a token without advanced
// protection set.
MakeOAuthTokenFetchSucceed(account_id,
/* is_under_advanced_protection = */ false);
@ -207,12 +182,12 @@ TEST_F(AdvancedProtectionStatusManagerTest, SignedInLongTimeAgoUnderAP) {
// Simulates the situation where user signed in long time ago, thus
// has no advanced protection status yet.
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
AdvancedProtectionStatusManager aps_manager(
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
base::RunLoop().RunUntilIdle();
// Simulates receiving access token, and this user is not under advanced
// protection.
// Waits for access token request and respond with a token without advanced
// protection set.
MakeOAuthTokenFetchSucceed(account_id,
/* is_under_advanced_protection = */ true);
@ -231,14 +206,12 @@ TEST_F(AdvancedProtectionStatusManagerTest, AlreadySignedInAndUnderAP) {
// Simulates the situation where the user has already signed in and is
// under advanced protection.
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
AdvancedProtectionStatusManager aps_manager(
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
ASSERT_TRUE(aps_manager.is_under_advanced_protection());
// Since user is already under advanced protection, no need to refresh.
EXPECT_FALSE(IsRequestActive());
// A refresh is scheduled in the future.
EXPECT_TRUE(aps_manager.IsRefreshScheduled());
aps_manager.UnsubscribeFromSigninEvents();
@ -253,7 +226,7 @@ TEST_F(AdvancedProtectionStatusManagerTest,
// Simulates the situation where the user has already signed in and is
// under advanced protection.
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
AdvancedProtectionStatusManagerFactory::GetForBrowserContext(
Profile::FromBrowserContext(testing_profile_.get()))
->MaybeRefreshOnStartUp();
@ -275,7 +248,7 @@ TEST_F(AdvancedProtectionStatusManagerTest,
// Simulates the situation where the user has already signed in and is
// NOT under advanced protection.
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
AdvancedProtectionStatusManagerFactory::GetForBrowserContext(
Profile::FromBrowserContext(testing_profile_.get()))
->MaybeRefreshOnStartUp();
@ -295,7 +268,7 @@ TEST_F(AdvancedProtectionStatusManagerTest, StayInAdvancedProtection) {
last_update.ToDeltaSinceWindowsEpoch().InMicroseconds());
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
AdvancedProtectionStatusManager aps_manager(
testing_profile_.get(), base::TimeDelta() /*no min delay*/);
ASSERT_FALSE(aps_manager.GetPrimaryAccountId().empty());
@ -320,11 +293,11 @@ TEST_F(AdvancedProtectionStatusManagerTest, SignInAndSignOutEvent) {
ASSERT_FALSE(aps_manager.is_under_advanced_protection());
ASSERT_TRUE(aps_manager.GetPrimaryAccountId().empty());
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ true);
SignIn("test@test.com", /* is_under_advanced_protection = */ true);
EXPECT_TRUE(aps_manager.is_under_advanced_protection());
EXPECT_TRUE(aps_manager.IsRefreshScheduled());
fake_signin_manager_->ForceSignOut();
identity_test_env()->ClearPrimaryAccount();
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
EXPECT_TRUE(testing_profile_->GetPrefs()->HasPrefPath(
prefs::kAdvancedProtectionLastRefreshInUs));
@ -340,7 +313,7 @@ TEST_F(AdvancedProtectionStatusManagerTest, AccountRemoval) {
ASSERT_TRUE(aps_manager.GetPrimaryAccountId().empty());
std::string account_id =
SignIn("gaia_id", "email", /* is_under_advanced_protection = */ false);
SignIn("test@test.com", /* is_under_advanced_protection = */ false);
EXPECT_FALSE(aps_manager.is_under_advanced_protection());
EXPECT_FALSE(aps_manager.IsRefreshScheduled());

@ -294,9 +294,12 @@ void IdentityTestEnvironment::
WaitForAccessTokenRequestIfNecessaryAndRespondWithToken(
const std::string& account_id,
const std::string& token,
const base::Time& expiration) {
const base::Time& expiration,
const std::string& id_token) {
WaitForAccessTokenRequestIfNecessary(account_id);
token_service_->IssueAllTokensForAccount(account_id, token, expiration);
token_service_->IssueAllTokensForAccount(
account_id,
OAuth2AccessTokenConsumer::TokenResponse(token, expiration, id_token));
}
void IdentityTestEnvironment::
@ -399,4 +402,9 @@ void IdentityTestEnvironment::WaitForAccessTokenRequestIfNecessary(
run_loop.Run();
}
void IdentityTestEnvironment::UpdateAccountInfoForAccount(
AccountInfo account_info) {
identity::UpdateAccountInfoForAccount(account_tracker_service_, account_info);
}
} // namespace identity

@ -170,7 +170,8 @@ class IdentityTestEnvironment : public IdentityManager::DiagnosticsObserver {
void WaitForAccessTokenRequestIfNecessaryAndRespondWithToken(
const std::string& account_id,
const std::string& token,
const base::Time& expiration);
const base::Time& expiration,
const std::string& id_token = std::string());
// Issues |error| in response to any access token request that either has (a)
// already occurred and has not been matched by a previous call to this or
@ -204,6 +205,10 @@ class IdentityTestEnvironment : public IdentityManager::DiagnosticsObserver {
// passing in a null callback, before the Wait* methods can be used again.
void SetCallbackForNextAccessTokenRequest(base::OnceClosure callback);
// Updates the info for |account_info.account_id|, which must be a known
// account.
void UpdateAccountInfoForAccount(AccountInfo account_info);
private:
friend class ::IdentityTestEnvironmentChromeBrowserStateAdaptor;
friend class ::IdentityTestEnvironmentProfileAdaptor;

@ -326,4 +326,13 @@ void SetCookieAccounts(FakeGaiaCookieManagerService* cookie_manager,
run_loop.Run();
}
void UpdateAccountInfoForAccount(AccountTrackerService* account_tracker_service,
AccountInfo account_info) {
// Make sure the account being updated is a known account.
DCHECK(!account_tracker_service->GetAccountInfo(account_info.account_id)
.account_id.empty());
account_tracker_service->SeedAccountInfo(account_info);
}
} // namespace identity

@ -143,6 +143,11 @@ void SetCookieAccounts(FakeGaiaCookieManagerService* cookie_manager,
IdentityManager* identity_manager,
const std::vector<CookieParams>& cookie_accounts);
// Updates the info for |account_info.account_id|, which must be a known
// account.
void UpdateAccountInfoForAccount(AccountTrackerService* account_tracker_service,
AccountInfo account_info);
} // namespace identity
#endif // SERVICES_IDENTITY_PUBLIC_CPP_IDENTITY_TEST_UTILS_H_