1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 #include "base/compiler_specific.h"
8 #include "base/run_loop.h"
9 #include "base/strings/utf_string_conversions.h"
10 #include "base/threading/sequenced_worker_pool.h"
11 #include "chrome/browser/chrome_notification_types.h"
12 #include "chrome/browser/chromeos/login/login_manager_test.h"
13 #include "chrome/browser/chromeos/login/startup_utils.h"
14 #include "chrome/browser/chromeos/login/supervised/supervised_user_authentication.h"
15 #include "chrome/browser/chromeos/login/supervised/supervised_user_test_base.h"
16 #include "chrome/browser/chromeos/login/ui/login_display_host_impl.h"
17 #include "chrome/browser/chromeos/login/ui/webui_login_view.h"
18 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h"
19 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h"
20 #include "chrome/browser/chromeos/net/network_portal_detector_test_impl.h"
21 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h"
22 #include "chrome/browser/supervised_user/supervised_user_constants.h"
23 #include "chrome/browser/supervised_user/supervised_user_registration_utility.h"
24 #include "chrome/browser/supervised_user/supervised_user_registration_utility_stub.h"
25 #include "chrome/browser/supervised_user/supervised_user_shared_settings_service.h"
26 #include "chrome/browser/supervised_user/supervised_user_shared_settings_service_factory.h"
27 #include "chrome/browser/supervised_user/supervised_user_sync_service.h"
28 #include "chrome/browser/supervised_user/supervised_user_sync_service_factory.h"
29 #include "chromeos/cryptohome/mock_async_method_caller.h"
30 #include "chromeos/cryptohome/mock_homedir_methods.h"
31 #include "content/public/browser/notification_service.h"
32 #include "content/public/test/browser_test_utils.h"
33 #include "content/public/test/test_utils.h"
34 #include "sync/api/fake_sync_change_processor.h"
35 #include "sync/api/sync_change.h"
36 #include "sync/api/sync_error_factory_mock.h"
37 #include "sync/internal_api/public/attachments/attachment_service_proxy_for_test.h"
38 #include "sync/protocol/sync.pb.h"
41 using chromeos::SupervisedUserTestBase;
42 using chromeos::kTestSupervisedUserDisplayName;
43 using chromeos::kTestManager;
47 class SupervisedUserPasswordTest : public SupervisedUserTestBase {
49 SupervisedUserPasswordTest() : SupervisedUserTestBase() {}
52 DISALLOW_COPY_AND_ASSIGN(SupervisedUserPasswordTest);
55 class SupervisedUserPasswordManagerTest : public SupervisedUserTestBase {
57 SupervisedUserPasswordManagerTest() : SupervisedUserTestBase() {}
60 DISALLOW_COPY_AND_ASSIGN(SupervisedUserPasswordManagerTest);
63 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
64 DISABLED_PRE_PRE_PRE_PasswordChangeFromUserTest) {
68 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
69 DISABLED_PRE_PRE_PasswordChangeFromUserTest) {
70 StartFlowLoginAsManager();
71 FillNewUserData(kTestSupervisedUserDisplayName);
72 StartUserCreation("supervised-user-creation-next-button",
73 kTestSupervisedUserDisplayName);
76 // Supervised user signs in, get sync notification about password update, and
77 // schedules password migration.
78 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
79 DISABLED_PRE_PasswordChangeFromUserTest) {
80 SigninAsSupervisedUser(true, 0, kTestSupervisedUserDisplayName);
82 const user_manager::User* user =
83 user_manager::UserManager::Get()->GetUsers().at(0);
85 ChromeUserManager::Get()->GetSupervisedUserManager()->GetUserSyncId(
87 base::DictionaryValue password;
88 password.SetIntegerWithoutPathExpansion(
89 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED);
90 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2);
92 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature");
93 password.SetStringWithoutPathExpansion(kEncryptedPassword,
94 "new-encrypted-password");
96 shared_settings_adapter_->AddChange(
97 sync_id, supervised_users::kChromeOSPasswordData, password, true, false);
98 content::RunAllPendingInMessageLoop();
101 // Supervised user signs in for second time, and actual password migration takes
103 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
104 DISABLED_PasswordChangeFromUserTest) {
105 EXPECT_CALL(*mock_homedir_methods_, MountEx(_, _, _, _)).Times(1);
106 EXPECT_CALL(*mock_homedir_methods_, UpdateKeyEx(_, _, _, _, _)).Times(1);
107 SigninAsSupervisedUser(false, 0, kTestSupervisedUserDisplayName);
108 testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_);
111 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
112 DISABLED_PRE_PRE_PRE_PasswordChangeFromManagerTest) {
116 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
117 DISABLED_PRE_PRE_PasswordChangeFromManagerTest) {
118 StartFlowLoginAsManager();
119 FillNewUserData(kTestSupervisedUserDisplayName);
120 StartUserCreation("supervised-user-creation-next-button",
121 kTestSupervisedUserDisplayName);
124 // Manager signs in, gets sync notification about supervised user password
125 // update, and performs migration.
126 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
127 DISABLED_PRE_PasswordChangeFromManagerTest) {
128 const user_manager::User* supervised_user =
129 user_manager::UserManager::Get()->GetUsers().at(0);
133 EXPECT_CALL(*mock_homedir_methods_, AddKeyEx(_, _, _, _, _)).Times(1);
135 std::string sync_id =
136 ChromeUserManager::Get()->GetSupervisedUserManager()->GetUserSyncId(
137 supervised_user->email());
139 ::sync_pb::ManagedUserSpecifics managed_user_proto;
141 managed_user_proto.set_id(sync_id);
142 managed_user_proto.set_name(kTestSupervisedUserDisplayName);
143 managed_user_proto.set_acknowledged(true);
144 managed_user_proto.set_master_key("master key");
145 managed_user_proto.set_password_signature_key("signature_key");
146 managed_user_proto.set_password_encryption_key("encryption_key");
148 supervised_users_adapter_->AddChange(managed_user_proto, false);
149 content::RunAllPendingInMessageLoop();
151 base::DictionaryValue password;
152 password.SetIntegerWithoutPathExpansion(
153 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED);
154 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2);
156 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature");
157 password.SetStringWithoutPathExpansion(kEncryptedPassword,
158 "new-encrypted-password");
159 shared_settings_adapter_->AddChange(
160 sync_id, supervised_users::kChromeOSPasswordData, password, true, false);
161 content::RunAllPendingInMessageLoop();
163 testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_);
166 // After that supervised user signs in, and no password change happens.
167 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
168 DISABLED_PasswordChangeFromManagerTest) {
169 EXPECT_CALL(*mock_homedir_methods_, MountEx(_, _, _, _)).Times(1);
170 EXPECT_CALL(*mock_homedir_methods_, UpdateKeyEx(_, _, _, _, _)).Times(0);
171 SigninAsSupervisedUser(false, 1, kTestSupervisedUserDisplayName);
172 testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_);
175 IN_PROC_BROWSER_TEST_F(
176 SupervisedUserPasswordTest,
177 DISABLED_PRE_PRE_PRE_PRE_PasswordChangeUserAndManagerTest) {
181 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
182 DISABLED_PRE_PRE_PRE_PasswordChangeUserAndManagerTest) {
183 StartFlowLoginAsManager();
184 FillNewUserData(kTestSupervisedUserDisplayName);
185 StartUserCreation("supervised-user-creation-next-button",
186 kTestSupervisedUserDisplayName);
189 // Supervised user signs in, get sync notification about password update, and
190 // schedules password migration.
191 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
192 DISABLED_PRE_PRE_PasswordChangeUserAndManagerTest) {
193 SigninAsSupervisedUser(true, 0, kTestSupervisedUserDisplayName);
195 const user_manager::User* user =
196 user_manager::UserManager::Get()->GetUsers().at(0);
197 std::string sync_id =
198 ChromeUserManager::Get()->GetSupervisedUserManager()->GetUserSyncId(
200 base::DictionaryValue password;
201 password.SetIntegerWithoutPathExpansion(
202 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED);
203 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2);
205 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature");
206 password.SetStringWithoutPathExpansion(kEncryptedPassword,
207 "new-encrypted-password");
209 shared_settings_adapter_->AddChange(
210 sync_id, supervised_users::kChromeOSPasswordData, password, true, false);
211 content::RunAllPendingInMessageLoop();
214 // After that manager signs in, and also detects password change. Manager
215 // performs the migration.
216 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
217 DISABLED_PRE_PasswordChangeUserAndManagerTest) {
218 const user_manager::User* supervised_user =
219 user_manager::UserManager::Get()->GetUsers().at(0);
223 EXPECT_CALL(*mock_homedir_methods_, AddKeyEx(_, _, _, _, _)).Times(1);
225 std::string sync_id =
226 ChromeUserManager::Get()->GetSupervisedUserManager()->GetUserSyncId(
227 supervised_user->email());
229 ::sync_pb::ManagedUserSpecifics managed_user_proto;
231 managed_user_proto.set_id(sync_id);
232 managed_user_proto.set_name(kTestSupervisedUserDisplayName);
233 managed_user_proto.set_acknowledged(true);
234 managed_user_proto.set_master_key("master key");
235 managed_user_proto.set_password_signature_key("signature_key");
236 managed_user_proto.set_password_encryption_key("encryption_key");
238 supervised_users_adapter_->AddChange(managed_user_proto, false);
239 content::RunAllPendingInMessageLoop();
241 base::DictionaryValue password;
242 password.SetIntegerWithoutPathExpansion(
243 kSchemaVersion, SupervisedUserAuthentication::SCHEMA_SALT_HASHED);
244 password.SetIntegerWithoutPathExpansion(kPasswordRevision, 2);
246 password.SetStringWithoutPathExpansion(kPasswordSignature, "signature");
247 password.SetStringWithoutPathExpansion(kEncryptedPassword,
248 "new-encrypted-password");
249 shared_settings_adapter_->AddChange(
250 sync_id, supervised_users::kChromeOSPasswordData, password, true, false);
251 content::RunAllPendingInMessageLoop();
253 testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_);
256 // When supervised user signs in, password is already migrated, so no migration
257 // should be attempted.
258 IN_PROC_BROWSER_TEST_F(SupervisedUserPasswordTest,
259 DISABLED_PasswordChangeUserAndManagerTest) {
260 EXPECT_CALL(*mock_homedir_methods_, MountEx(_, _, _, _)).Times(1);
261 EXPECT_CALL(*mock_homedir_methods_, UpdateKeyEx(_, _, _, _, _)).Times(0);
262 SigninAsSupervisedUser(false, 1, kTestSupervisedUserDisplayName);
263 testing::Mock::VerifyAndClearExpectations(mock_homedir_methods_);
266 } // namespace chromeos