1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h"
8 #include "base/bind_helpers.h"
9 #include "base/callback.h"
10 #include "base/message_loop/message_loop.h"
11 #include "base/prefs/pref_registry_simple.h"
12 #include "base/prefs/testing_pref_service.h"
13 #include "base/run_loop.h"
14 #include "base/sequenced_task_runner.h"
15 #include "base/strings/string_util.h"
16 #include "base/strings/utf_string_conversions.h"
17 #include "base/test/test_simple_task_runner.h"
18 #include "chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.h"
19 #include "chrome/browser/chromeos/profiles/profile_helper.h"
20 #include "chrome/browser/prefs/browser_prefs.h"
21 #include "chrome/browser/prefs/pref_service_syncable.h"
22 #include "chrome/browser/signin/fake_profile_oauth2_token_service.h"
23 #include "chrome/browser/signin/fake_profile_oauth2_token_service_builder.h"
24 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
25 #include "chrome/browser/signin/signin_manager_factory.h"
26 #include "chrome/common/chrome_constants.h"
27 #include "chrome/test/base/testing_browser_process.h"
28 #include "chrome/test/base/testing_profile.h"
29 #include "chrome/test/base/testing_profile_manager.h"
30 #include "components/policy/core/common/cloud/cloud_external_data_manager.h"
31 #include "components/policy/core/common/cloud/mock_cloud_external_data_manager.h"
32 #include "components/policy/core/common/cloud/mock_cloud_policy_store.h"
33 #include "components/policy/core/common/cloud/mock_device_management_service.h"
34 #include "components/policy/core/common/external_data_fetcher.h"
35 #include "components/policy/core/common/mock_configuration_policy_provider.h"
36 #include "components/policy/core/common/schema_registry.h"
37 #include "components/signin/core/browser/profile_oauth2_token_service.h"
38 #include "components/signin/core/browser/signin_manager.h"
39 #include "content/public/test/test_browser_thread_bundle.h"
40 #include "google_apis/gaia/gaia_auth_consumer.h"
41 #include "google_apis/gaia/gaia_constants.h"
42 #include "google_apis/gaia/gaia_urls.h"
43 #include "net/url_request/test_url_fetcher_factory.h"
44 #include "net/url_request/url_fetcher_delegate.h"
45 #include "net/url_request/url_request_context_getter.h"
46 #include "net/url_request/url_request_status.h"
47 #include "policy/policy_constants.h"
48 #include "policy/proto/device_management_backend.pb.h"
49 #include "testing/gmock/include/gmock/gmock.h"
50 #include "testing/gtest/include/gtest/gtest.h"
52 namespace em = enterprise_management;
54 using testing::AnyNumber;
55 using testing::AtLeast;
63 const char kOAuthTokenCookie[] = "oauth_token=1234";
65 const char kOAuth2TokenPairData[] =
67 " \"refresh_token\": \"1234\","
68 " \"access_token\": \"5678\","
69 " \"expires_in\": 3600"
72 const char kOAuth2AccessTokenData[] =
74 " \"access_token\": \"5678\","
75 " \"expires_in\": 3600"
80 class UserCloudPolicyManagerChromeOSTest : public testing::Test {
82 UserCloudPolicyManagerChromeOSTest()
84 external_data_manager_(NULL),
85 task_runner_(new base::TestSimpleTaskRunner()),
87 signin_profile_(NULL) {}
89 virtual void SetUp() OVERRIDE {
90 // The initialization path that blocks on the initial policy fetch requires
91 // a signin Profile to use its URLRequestContext.
92 profile_manager_.reset(
93 new TestingProfileManager(TestingBrowserProcess::GetGlobal()));
94 ASSERT_TRUE(profile_manager_->SetUp());
95 TestingProfile::TestingFactories factories;
97 std::make_pair(ProfileOAuth2TokenServiceFactory::GetInstance(),
98 BuildFakeProfileOAuth2TokenService));
99 profile_ = profile_manager_->CreateTestingProfile(
100 chrome::kInitialProfile, scoped_ptr<PrefServiceSyncable>(),
101 base::UTF8ToUTF16("testing_profile"), 0, std::string(), factories);
102 signin_profile_ = profile_manager_->CreateTestingProfile(kSigninProfile);
103 signin_profile_->ForceIncognito(true);
104 // Usually the signin Profile and the main Profile are separate, but since
105 // the signin Profile is an OTR Profile then for this test it suffices to
106 // attach it to the main Profile.
107 profile_->SetOffTheRecordProfile(scoped_ptr<Profile>(signin_profile_));
108 signin_profile_->SetOriginalProfile(profile_);
109 ASSERT_EQ(signin_profile_, chromeos::ProfileHelper::GetSigninProfile());
111 chrome::RegisterLocalState(prefs_.registry());
113 // Set up a policy map for testing.
114 policy_map_.Set(key::kHomepageLocation,
115 POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
116 new base::StringValue("http://chromium.org"),
118 policy_map_.Set(key::kChromeOsMultiProfileUserBehavior,
119 POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
120 new base::StringValue("primary-only"),
122 expected_bundle_.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string()))
123 .CopyFrom(policy_map_);
125 // Create fake policy blobs to deliver to the client.
126 em::DeviceRegisterResponse* register_response =
127 register_blob_.mutable_register_response();
128 register_response->set_device_management_token("dmtoken123");
130 em::CloudPolicySettings policy_proto;
131 policy_proto.mutable_homepagelocation()->set_value("http://chromium.org");
133 policy_proto.SerializeToString(policy_data_.mutable_policy_value()));
134 policy_data_.set_policy_type(dm_protocol::kChromeUserPolicyType);
135 policy_data_.set_request_token("dmtoken123");
136 policy_data_.set_device_id("id987");
137 em::PolicyFetchResponse* policy_response =
138 policy_blob_.mutable_policy_response()->add_response();
139 ASSERT_TRUE(policy_data_.SerializeToString(
140 policy_response->mutable_policy_data()));
142 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _))
146 virtual void TearDown() OVERRIDE {
147 if (token_forwarder_)
148 token_forwarder_->Shutdown();
150 manager_->RemoveObserver(&observer_);
151 manager_->Shutdown();
153 signin_profile_ = NULL;
155 profile_manager_->DeleteTestingProfile(kSigninProfile);
156 profile_manager_->DeleteTestingProfile(chrome::kInitialProfile);
159 void CreateManager(bool wait_for_fetch, int fetch_timeout) {
160 store_ = new MockCloudPolicyStore();
161 external_data_manager_ = new MockCloudExternalDataManager;
162 external_data_manager_->SetPolicyStore(store_);
163 EXPECT_CALL(*store_, Load());
164 manager_.reset(new UserCloudPolicyManagerChromeOS(
165 scoped_ptr<CloudPolicyStore>(store_),
166 scoped_ptr<CloudExternalDataManager>(external_data_manager_),
169 base::TimeDelta::FromSeconds(fetch_timeout),
173 manager_->Init(&schema_registry_);
174 manager_->AddObserver(&observer_);
175 manager_->Connect(&prefs_, &device_management_service_, NULL,
176 USER_AFFILIATION_NONE);
177 Mock::VerifyAndClearExpectations(store_);
178 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
179 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
181 if (!wait_for_fetch) {
182 // Create the UserCloudPolicyTokenForwarder, which fetches the access
183 // token using the OAuth2PolicyFetcher and forwards it to the
184 // UserCloudPolicyManagerChromeOS. This service is automatically created
185 // for regular Profiles but not for testing Profiles.
186 ProfileOAuth2TokenService* token_service =
187 ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
188 ASSERT_TRUE(token_service);
189 SigninManagerBase* signin_manager =
190 SigninManagerFactory::GetForProfile(profile_);
191 ASSERT_TRUE(signin_manager);
192 token_forwarder_.reset(
193 new UserCloudPolicyTokenForwarder(manager_.get(), token_service,
198 // Expects a pending URLFetcher for the |expected_url|, and returns it with
199 // prepared to deliver a response to its delegate.
200 net::TestURLFetcher* PrepareOAuthFetcher(const GURL& expected_url) {
201 net::TestURLFetcher* fetcher = test_url_fetcher_factory_.GetFetcherByID(0);
202 EXPECT_TRUE(fetcher);
205 EXPECT_TRUE(fetcher->delegate());
206 EXPECT_TRUE(StartsWithASCII(fetcher->GetOriginalURL().spec(),
209 fetcher->set_url(fetcher->GetOriginalURL());
210 fetcher->set_response_code(200);
211 fetcher->set_status(net::URLRequestStatus());
215 // Issues the OAuth2 tokens and returns the device management register job
216 // if the flow succeeded.
217 MockDeviceManagementJob* IssueOAuthToken(bool has_request_token) {
218 EXPECT_FALSE(manager_->core()->client()->is_registered());
220 // Issuing this token triggers the callback of the OAuth2PolicyFetcher,
221 // which triggers the registration request.
222 MockDeviceManagementJob* register_request = NULL;
223 EXPECT_CALL(device_management_service_,
224 CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION, _))
225 .WillOnce(device_management_service_.CreateAsyncJob(®ister_request));
227 if (!has_request_token) {
228 GaiaUrls* gaia_urls = GaiaUrls::GetInstance();
229 net::TestURLFetcher* fetcher = NULL;
231 // Issue the oauth_token cookie first.
232 fetcher = PrepareOAuthFetcher(gaia_urls->client_login_to_oauth2_url());
235 net::ResponseCookies cookies;
236 cookies.push_back(kOAuthTokenCookie);
237 fetcher->set_cookies(cookies);
238 fetcher->delegate()->OnURLFetchComplete(fetcher);
240 // Issue the refresh token.
241 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url());
244 fetcher->SetResponseString(kOAuth2TokenPairData);
245 fetcher->delegate()->OnURLFetchComplete(fetcher);
247 // Issue the access token.
248 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url());
251 fetcher->SetResponseString(kOAuth2AccessTokenData);
252 fetcher->delegate()->OnURLFetchComplete(fetcher);
254 // Since the refresh token is available, OAuth2TokenService was used
255 // to request the access token and not UserCloudPolicyTokenForwarder.
256 // Issue the access token with the former.
257 FakeProfileOAuth2TokenService* token_service =
258 static_cast<FakeProfileOAuth2TokenService*>(
259 ProfileOAuth2TokenServiceFactory::GetForProfile(profile_));
260 EXPECT_TRUE(token_service);
261 OAuth2TokenService::ScopeSet scopes;
262 scopes.insert(GaiaConstants::kDeviceManagementServiceOAuth);
263 scopes.insert(GaiaConstants::kOAuthWrapBridgeUserInfoScope);
264 token_service->IssueTokenForScope(
266 base::Time::Now() + base::TimeDelta::FromSeconds(3600));
269 EXPECT_TRUE(register_request);
270 EXPECT_FALSE(manager_->core()->client()->is_registered());
272 Mock::VerifyAndClearExpectations(&device_management_service_);
273 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _))
276 return register_request;
279 // Expects a policy fetch request to be issued after invoking |trigger_fetch|.
280 // This method replies to that fetch request and verifies that the manager
281 // handled the response.
282 void FetchPolicy(const base::Closure& trigger_fetch) {
283 MockDeviceManagementJob* policy_request = NULL;
284 EXPECT_CALL(device_management_service_,
285 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH, _))
286 .WillOnce(device_management_service_.CreateAsyncJob(&policy_request));
288 ASSERT_TRUE(policy_request);
289 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
290 EXPECT_TRUE(manager_->core()->client()->is_registered());
292 Mock::VerifyAndClearExpectations(&device_management_service_);
293 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _, _))
296 // Send the initial policy back. This completes the initialization flow.
297 EXPECT_CALL(*store_, Store(_));
298 policy_request->SendResponse(DM_STATUS_SUCCESS, policy_blob_);
299 Mock::VerifyAndClearExpectations(store_);
301 // Notifying that the store is has cached the fetched policy completes the
302 // process, and initializes the manager.
303 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get()));
304 store_->policy_map_.CopyFrom(policy_map_);
305 store_->NotifyStoreLoaded();
306 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
307 Mock::VerifyAndClearExpectations(&observer_);
308 EXPECT_TRUE(manager_->policies().Equals(expected_bundle_));
311 // Required by the refresh scheduler that's created by the manager and
312 // for the cleanup of URLRequestContextGetter in the |signin_profile_|.
313 content::TestBrowserThreadBundle thread_bundle_;
315 // Convenience policy objects.
316 em::PolicyData policy_data_;
317 em::DeviceManagementResponse register_blob_;
318 em::DeviceManagementResponse policy_blob_;
319 PolicyMap policy_map_;
320 PolicyBundle expected_bundle_;
322 // Policy infrastructure.
323 net::TestURLFetcherFactory test_url_fetcher_factory_;
324 TestingPrefServiceSimple prefs_;
325 MockConfigurationPolicyObserver observer_;
326 MockDeviceManagementService device_management_service_;
327 MockCloudPolicyStore* store_; // Not owned.
328 MockCloudExternalDataManager* external_data_manager_; // Not owned.
329 scoped_refptr<base::TestSimpleTaskRunner> task_runner_;
330 SchemaRegistry schema_registry_;
331 scoped_ptr<UserCloudPolicyManagerChromeOS> manager_;
332 scoped_ptr<UserCloudPolicyTokenForwarder> token_forwarder_;
334 // Required by ProfileHelper to get the signin Profile context.
335 scoped_ptr<TestingProfileManager> profile_manager_;
336 TestingProfile* profile_;
337 TestingProfile* signin_profile_;
339 static const char kSigninProfile[];
342 DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyManagerChromeOSTest);
345 const char UserCloudPolicyManagerChromeOSTest::kSigninProfile[] =
348 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingFirstFetch) {
349 // Tests the initialization of a manager whose Profile is waiting for the
350 // initial fetch, when the policy cache is empty.
351 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000));
353 // Initialize the CloudPolicyService without any stored data.
354 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
355 store_->NotifyStoreLoaded();
356 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
357 EXPECT_FALSE(manager_->core()->client()->is_registered());
359 // This starts the OAuth2 policy token fetcher using the signin Profile.
360 // The manager will then issue the registration request.
361 MockDeviceManagementJob* register_request = IssueOAuthToken(false);
362 ASSERT_TRUE(register_request);
364 // Reply with a valid registration response. This triggers the initial policy
366 FetchPolicy(base::Bind(&MockDeviceManagementJob::SendResponse,
367 base::Unretained(register_request),
368 DM_STATUS_SUCCESS, register_blob_));
371 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingRefreshFetch) {
372 // Tests the initialization of a manager whose Profile is waiting for the
373 // initial fetch, when a previously cached policy and DMToken already exist.
374 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000));
376 // Set the initially cached data and initialize the CloudPolicyService.
377 // The initial policy fetch is issued using the cached DMToken.
378 store_->policy_.reset(new em::PolicyData(policy_data_));
379 FetchPolicy(base::Bind(&MockCloudPolicyStore::NotifyStoreLoaded,
380 base::Unretained(store_)));
383 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingFetchStoreError) {
384 // Tests the initialization of a manager whose Profile is waiting for the
385 // initial fetch, when the initial store load fails.
386 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000));
388 // Initialize the CloudPolicyService without any stored data.
389 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
390 store_->NotifyStoreError();
391 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
392 EXPECT_FALSE(manager_->core()->client()->is_registered());
394 // This starts the OAuth2 policy token fetcher using the signin Profile.
395 // The manager will then issue the registration request.
396 MockDeviceManagementJob* register_request = IssueOAuthToken(false);
397 ASSERT_TRUE(register_request);
399 // Reply with a valid registration response. This triggers the initial policy
401 FetchPolicy(base::Bind(&MockDeviceManagementJob::SendResponse,
402 base::Unretained(register_request),
403 DM_STATUS_SUCCESS, register_blob_));
406 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingFetchOAuthError) {
407 // Tests the initialization of a manager whose Profile is waiting for the
408 // initial fetch, when the OAuth2 token fetch fails.
409 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000));
411 // Initialize the CloudPolicyService without any stored data.
412 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
413 store_->NotifyStoreLoaded();
414 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
415 EXPECT_FALSE(manager_->core()->client()->is_registered());
417 // This starts the OAuth2 policy token fetcher using the signin Profile.
418 // The manager will initialize with no policy after the token fetcher fails.
419 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get()));
421 // The PolicyOAuth2TokenFetcher posts delayed retries on some errors. This
422 // data will make it fail immediately.
423 net::TestURLFetcher* fetcher = PrepareOAuthFetcher(
424 GaiaUrls::GetInstance()->client_login_to_oauth2_url());
425 ASSERT_TRUE(fetcher);
426 fetcher->set_response_code(400);
427 fetcher->SetResponseString("Error=BadAuthentication");
428 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
429 fetcher->delegate()->OnURLFetchComplete(fetcher);
430 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
431 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies()));
432 Mock::VerifyAndClearExpectations(&observer_);
435 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingFetchRegisterError) {
436 // Tests the initialization of a manager whose Profile is waiting for the
437 // initial fetch, when the device management registration fails.
438 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000));
440 // Initialize the CloudPolicyService without any stored data.
441 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
442 store_->NotifyStoreError();
443 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
444 EXPECT_FALSE(manager_->core()->client()->is_registered());
446 // This starts the OAuth2 policy token fetcher using the signin Profile.
447 // The manager will then issue the registration request.
448 MockDeviceManagementJob* register_request = IssueOAuthToken(false);
449 ASSERT_TRUE(register_request);
452 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
453 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get()));
454 register_request->SendResponse(DM_STATUS_TEMPORARY_UNAVAILABLE,
455 em::DeviceManagementResponse());
456 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
457 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies()));
458 Mock::VerifyAndClearExpectations(&observer_);
461 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingFetchPolicyFetchError) {
462 // Tests the initialization of a manager whose Profile is waiting for the
463 // initial fetch, when the policy fetch request fails.
464 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000));
466 // Initialize the CloudPolicyService without any stored data.
467 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
468 store_->NotifyStoreLoaded();
469 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
470 EXPECT_FALSE(manager_->core()->client()->is_registered());
472 // This starts the OAuth2 policy token fetcher using the signin Profile.
473 // The manager will then issue the registration request.
474 MockDeviceManagementJob* register_request = IssueOAuthToken(false);
475 ASSERT_TRUE(register_request);
477 // Reply with a valid registration response. This triggers the initial policy
479 MockDeviceManagementJob* policy_request = NULL;
480 EXPECT_CALL(device_management_service_,
481 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH, _))
482 .WillOnce(device_management_service_.CreateAsyncJob(&policy_request));
483 register_request->SendResponse(DM_STATUS_SUCCESS, register_blob_);
484 Mock::VerifyAndClearExpectations(&device_management_service_);
485 ASSERT_TRUE(policy_request);
486 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
487 EXPECT_TRUE(manager_->core()->client()->is_registered());
489 // Make the policy fetch fail. The observer gets 2 notifications: one from the
490 // RefreshPolicies callback, and another from the OnClientError callback.
491 // A single notification suffices for this edge case, but this behavior is
492 // also correct and makes the implementation simpler.
493 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())).Times(AtLeast(1));
494 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
495 policy_request->SendResponse(DM_STATUS_TEMPORARY_UNAVAILABLE,
496 em::DeviceManagementResponse());
497 Mock::VerifyAndClearExpectations(&observer_);
498 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
499 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies()));
502 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingFetchTimeout) {
503 // The blocking fetch should be abandoned after the timeout.
504 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 0));
506 // Initialize the CloudPolicyService without any stored data.
507 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
508 store_->NotifyStoreLoaded();
509 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
510 EXPECT_FALSE(manager_->core()->client()->is_registered());
512 // Running the message loop should trigger the timeout.
513 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())).Times(AtLeast(1));
514 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
515 base::RunLoop().RunUntilIdle();
516 Mock::VerifyAndClearExpectations(&observer_);
517 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
518 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies()));
522 TEST_F(UserCloudPolicyManagerChromeOSTest, NonBlockingFirstFetch) {
523 // Tests the first policy fetch request by a Profile that isn't managed.
524 ASSERT_NO_FATAL_FAILURE(CreateManager(false, 1000));
526 // Initialize the CloudPolicyService without any stored data. Since the
527 // manager is not waiting for the initial fetch, it will become initialized
528 // once the store is ready.
529 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
530 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
531 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get()));
532 store_->NotifyStoreLoaded();
533 Mock::VerifyAndClearExpectations(&observer_);
534 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
535 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
536 EXPECT_FALSE(manager_->core()->client()->is_registered());
538 // The manager is waiting for the refresh token, and hasn't started any
540 EXPECT_FALSE(test_url_fetcher_factory_.GetFetcherByID(0));
542 // Set a fake refresh token at the OAuth2TokenService.
543 FakeProfileOAuth2TokenService* token_service =
544 static_cast<FakeProfileOAuth2TokenService*>(
545 ProfileOAuth2TokenServiceFactory::GetForProfile(profile_));
546 ASSERT_TRUE(token_service);
547 SigninManagerBase* signin_manager =
548 SigninManagerFactory::GetForProfile(profile_);
549 ASSERT_TRUE(signin_manager);
550 const std::string& account_id = signin_manager->GetAuthenticatedAccountId();
551 EXPECT_FALSE(token_service->RefreshTokenIsAvailable(account_id));
552 token_service->UpdateCredentials(account_id, "refresh_token");
553 EXPECT_TRUE(token_service->RefreshTokenIsAvailable(account_id));
555 // That should have notified the manager, which now issues the request for the
556 // policy oauth token.
557 MockDeviceManagementJob* register_request = IssueOAuthToken(true);
558 ASSERT_TRUE(register_request);
559 register_request->SendResponse(DM_STATUS_SUCCESS, register_blob_);
561 // The refresh scheduler takes care of the initial fetch for unmanaged users.
562 // Running the task runner issues the initial fetch.
564 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_));
567 TEST_F(UserCloudPolicyManagerChromeOSTest, NonBlockingRefreshFetch) {
568 // Tests a non-blocking initial policy fetch for a Profile that already has
570 ASSERT_NO_FATAL_FAILURE(CreateManager(false, 1000));
572 // Set the initially cached data and initialize the CloudPolicyService.
573 // The initial policy fetch is issued using the cached DMToken.
574 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete());
575 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
576 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get()));
577 store_->policy_.reset(new em::PolicyData(policy_data_));
578 store_->NotifyStoreLoaded();
579 Mock::VerifyAndClearExpectations(&observer_);
580 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete());
581 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME));
582 EXPECT_TRUE(manager_->core()->client()->is_registered());
584 // The refresh scheduler takes care of the initial fetch for unmanaged users.
585 // Running the task runner issues the initial fetch.
587 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_));
590 } // namespace policy