1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
6 #include "base/files/file_path.h"
7 #include "base/synchronization/waitable_event.h"
8 #include "chrome/browser/profiles/profile.h"
9 #include "chrome/browser/ssl/ssl_client_auth_requestor_mock.h"
10 #include "chrome/browser/ui/browser.h"
11 #include "chrome/browser/ui/tabs/tab_strip_model.h"
12 #include "chrome/browser/ui/views/ssl_client_certificate_selector.h"
13 #include "chrome/test/base/in_process_browser_test.h"
14 #include "chrome/test/base/interactive_test_utils.h"
15 #include "chrome/test/base/ui_test_utils.h"
16 #include "content/public/browser/web_contents.h"
17 #include "content/public/test/browser_test_utils.h"
18 #include "net/base/request_priority.h"
19 #include "net/base/test_data_directory.h"
20 #include "net/cert/x509_certificate.h"
21 #include "net/http/http_transaction_factory.h"
22 #include "net/ssl/ssl_cert_request_info.h"
23 #include "net/test/cert_test_util.h"
24 #include "net/url_request/url_request.h"
25 #include "net/url_request/url_request_context.h"
26 #include "net/url_request/url_request_context_getter.h"
27 #include "testing/gtest/include/gtest/gtest.h"
29 using ::testing::Mock;
30 using ::testing::StrictMock;
31 using content::BrowserThread;
33 // We don't have a way to do end-to-end SSL client auth testing, so this test
34 // creates a certificate selector_ manually with a mocked
35 // SSLClientAuthHandler.
37 class SSLClientCertificateSelectorTest : public InProcessBrowserTest {
39 SSLClientCertificateSelectorTest()
40 : io_loop_finished_event_(false, false),
45 void SetUpInProcessBrowserTestFixture() override {
46 base::FilePath certs_dir = net::GetTestCertsDirectory();
48 mit_davidben_cert_ = net::ImportCertFromFile(certs_dir, "mit.davidben.der");
49 ASSERT_NE(static_cast<net::X509Certificate*>(NULL),
50 mit_davidben_cert_.get());
52 foaf_me_chromium_test_cert_ = net::ImportCertFromFile(
53 certs_dir, "foaf.me.chromium-test-cert.der");
54 ASSERT_NE(static_cast<net::X509Certificate*>(NULL),
55 foaf_me_chromium_test_cert_.get());
57 cert_request_info_ = new net::SSLCertRequestInfo;
58 cert_request_info_->host_and_port = net::HostPortPair("foo", 123);
59 cert_request_info_->client_certs.push_back(mit_davidben_cert_);
60 cert_request_info_->client_certs.push_back(foaf_me_chromium_test_cert_);
63 void SetUpOnMainThread() override {
64 url_request_context_getter_ = browser()->profile()->GetRequestContext();
66 BrowserThread::PostTask(
67 BrowserThread::IO, FROM_HERE,
68 base::Bind(&SSLClientCertificateSelectorTest::SetUpOnIOThread, this));
70 io_loop_finished_event_.Wait();
72 content::WaitForLoadStop(
73 browser()->tab_strip_model()->GetActiveWebContents());
74 selector_ = new SSLClientCertificateSelector(
75 browser()->tab_strip_model()->GetActiveWebContents(),
76 auth_requestor_->cert_request_info_,
77 base::Bind(&SSLClientAuthRequestorMock::CertificateSelected,
81 EXPECT_EQ(mit_davidben_cert_.get(), selector_->GetSelectedCert());
84 virtual void SetUpOnIOThread() {
85 url_request_ = MakeURLRequest(url_request_context_getter_.get()).release();
87 auth_requestor_ = new StrictMock<SSLClientAuthRequestorMock>(
91 io_loop_finished_event_.Signal();
94 // Have to release our reference to the auth handler during the test to allow
95 // it to be destroyed while the Browser and its IO thread still exist.
96 void TearDownOnMainThread() override {
97 BrowserThread::PostTask(
98 BrowserThread::IO, FROM_HERE,
99 base::Bind(&SSLClientCertificateSelectorTest::CleanUpOnIOThread, this));
101 io_loop_finished_event_.Wait();
103 auth_requestor_ = NULL;
106 virtual void CleanUpOnIOThread() {
109 io_loop_finished_event_.Signal();
113 scoped_ptr<net::URLRequest> MakeURLRequest(
114 net::URLRequestContextGetter* context_getter) {
115 return context_getter->GetURLRequestContext()->CreateRequest(
116 GURL("https://example"), net::DEFAULT_PRIORITY, NULL, NULL);
119 base::WaitableEvent io_loop_finished_event_;
121 scoped_refptr<net::URLRequestContextGetter> url_request_context_getter_;
122 net::URLRequest* url_request_;
124 scoped_refptr<net::X509Certificate> mit_davidben_cert_;
125 scoped_refptr<net::X509Certificate> foaf_me_chromium_test_cert_;
126 scoped_refptr<net::SSLCertRequestInfo> cert_request_info_;
127 scoped_refptr<StrictMock<SSLClientAuthRequestorMock> > auth_requestor_;
128 // The selector will be deleted when a cert is selected or the tab is closed.
129 SSLClientCertificateSelector* selector_;
132 class SSLClientCertificateSelectorMultiTabTest
133 : public SSLClientCertificateSelectorTest {
135 void SetUpInProcessBrowserTestFixture() override {
136 SSLClientCertificateSelectorTest::SetUpInProcessBrowserTestFixture();
138 cert_request_info_1_ = new net::SSLCertRequestInfo;
139 cert_request_info_1_->host_and_port = net::HostPortPair("bar", 123);
140 cert_request_info_1_->client_certs.push_back(mit_davidben_cert_);
141 cert_request_info_1_->client_certs.push_back(foaf_me_chromium_test_cert_);
143 cert_request_info_2_ = new net::SSLCertRequestInfo;
144 cert_request_info_2_->host_and_port = net::HostPortPair("bar", 123);
145 cert_request_info_2_->client_certs.push_back(mit_davidben_cert_);
146 cert_request_info_2_->client_certs.push_back(foaf_me_chromium_test_cert_);
149 void SetUpOnMainThread() override {
150 // Also calls SetUpOnIOThread.
151 SSLClientCertificateSelectorTest::SetUpOnMainThread();
153 AddTabAtIndex(1, GURL("about:blank"), ui::PAGE_TRANSITION_LINK);
154 AddTabAtIndex(2, GURL("about:blank"), ui::PAGE_TRANSITION_LINK);
155 ASSERT_TRUE(NULL != browser()->tab_strip_model()->GetWebContentsAt(0));
156 ASSERT_TRUE(NULL != browser()->tab_strip_model()->GetWebContentsAt(1));
157 ASSERT_TRUE(NULL != browser()->tab_strip_model()->GetWebContentsAt(2));
158 content::WaitForLoadStop(browser()->tab_strip_model()->GetWebContentsAt(1));
159 content::WaitForLoadStop(browser()->tab_strip_model()->GetWebContentsAt(2));
161 selector_1_ = new SSLClientCertificateSelector(
162 browser()->tab_strip_model()->GetWebContentsAt(1),
163 auth_requestor_1_->cert_request_info_,
164 base::Bind(&SSLClientAuthRequestorMock::CertificateSelected,
167 selector_2_ = new SSLClientCertificateSelector(
168 browser()->tab_strip_model()->GetWebContentsAt(2),
169 auth_requestor_2_->cert_request_info_,
170 base::Bind(&SSLClientAuthRequestorMock::CertificateSelected,
174 EXPECT_EQ(2, browser()->tab_strip_model()->active_index());
175 EXPECT_EQ(mit_davidben_cert_.get(), selector_1_->GetSelectedCert());
176 EXPECT_EQ(mit_davidben_cert_.get(), selector_2_->GetSelectedCert());
179 void SetUpOnIOThread() override {
181 MakeURLRequest(url_request_context_getter_.get()).release();
183 MakeURLRequest(url_request_context_getter_.get()).release();
185 auth_requestor_1_ = new StrictMock<SSLClientAuthRequestorMock>(
187 cert_request_info_1_);
188 auth_requestor_2_ = new StrictMock<SSLClientAuthRequestorMock>(
190 cert_request_info_2_);
192 SSLClientCertificateSelectorTest::SetUpOnIOThread();
195 void TearDownOnMainThread() override {
196 auth_requestor_2_ = NULL;
197 auth_requestor_1_ = NULL;
198 SSLClientCertificateSelectorTest::TearDownOnMainThread();
201 void CleanUpOnIOThread() override {
202 delete url_request_1_;
203 delete url_request_2_;
204 SSLClientCertificateSelectorTest::CleanUpOnIOThread();
208 net::URLRequest* url_request_1_;
209 net::URLRequest* url_request_2_;
210 scoped_refptr<net::SSLCertRequestInfo> cert_request_info_1_;
211 scoped_refptr<net::SSLCertRequestInfo> cert_request_info_2_;
212 scoped_refptr<StrictMock<SSLClientAuthRequestorMock> > auth_requestor_1_;
213 scoped_refptr<StrictMock<SSLClientAuthRequestorMock> > auth_requestor_2_;
214 SSLClientCertificateSelector* selector_1_;
215 SSLClientCertificateSelector* selector_2_;
218 class SSLClientCertificateSelectorMultiProfileTest
219 : public SSLClientCertificateSelectorTest {
221 void SetUpInProcessBrowserTestFixture() override {
222 SSLClientCertificateSelectorTest::SetUpInProcessBrowserTestFixture();
224 cert_request_info_1_ = new net::SSLCertRequestInfo;
225 cert_request_info_1_->host_and_port = net::HostPortPair("foo", 123);
226 cert_request_info_1_->client_certs.push_back(mit_davidben_cert_);
227 cert_request_info_1_->client_certs.push_back(foaf_me_chromium_test_cert_);
230 void SetUpOnMainThread() override {
231 browser_1_ = CreateIncognitoBrowser();
232 url_request_context_getter_1_ = browser_1_->profile()->GetRequestContext();
234 // Also calls SetUpOnIOThread.
235 SSLClientCertificateSelectorTest::SetUpOnMainThread();
237 selector_1_ = new SSLClientCertificateSelector(
238 browser_1_->tab_strip_model()->GetActiveWebContents(),
239 auth_requestor_1_->cert_request_info_,
240 base::Bind(&SSLClientAuthRequestorMock::CertificateSelected,
244 EXPECT_EQ(mit_davidben_cert_.get(), selector_1_->GetSelectedCert());
247 void SetUpOnIOThread() override {
249 MakeURLRequest(url_request_context_getter_1_.get()).release();
251 auth_requestor_1_ = new StrictMock<SSLClientAuthRequestorMock>(
253 cert_request_info_1_);
255 SSLClientCertificateSelectorTest::SetUpOnIOThread();
258 void TearDownOnMainThread() override {
259 auth_requestor_1_ = NULL;
260 SSLClientCertificateSelectorTest::TearDownOnMainThread();
263 void CleanUpOnIOThread() override {
264 delete url_request_1_;
265 SSLClientCertificateSelectorTest::CleanUpOnIOThread();
270 scoped_refptr<net::URLRequestContextGetter> url_request_context_getter_1_;
271 net::URLRequest* url_request_1_;
272 scoped_refptr<net::SSLCertRequestInfo> cert_request_info_1_;
273 scoped_refptr<StrictMock<SSLClientAuthRequestorMock> > auth_requestor_1_;
274 SSLClientCertificateSelector* selector_1_;
277 #if defined(OS_LINUX) && !defined(OS_CHROMEOS) && defined(USE_AURA)
278 // TODO(erg): linux_aura bringup: http://crbug.com/163931
279 #define MAYBE_SelectNone DISABLED_SelectNone
281 #define MAYBE_SelectNone SelectNone
285 IN_PROC_BROWSER_TEST_F(SSLClientCertificateSelectorTest, MAYBE_SelectNone) {
286 EXPECT_CALL(*auth_requestor_.get(), CertificateSelected(NULL));
288 // Let the mock get checked on destruction.
291 // http://crbug.com/121007
292 IN_PROC_BROWSER_TEST_F(SSLClientCertificateSelectorTest, DISABLED_Escape) {
293 EXPECT_CALL(*auth_requestor_.get(), CertificateSelected(NULL));
295 EXPECT_TRUE(ui_test_utils::SendKeyPressSync(
296 browser(), ui::VKEY_ESCAPE, false, false, false, false));
298 Mock::VerifyAndClear(auth_requestor_.get());
301 // Flaky, http://crbug.com/103534 .
302 IN_PROC_BROWSER_TEST_F(SSLClientCertificateSelectorTest,
303 DISABLED_SelectDefault) {
304 EXPECT_CALL(*auth_requestor_.get(),
305 CertificateSelected(mit_davidben_cert_.get()));
307 EXPECT_TRUE(ui_test_utils::SendKeyPressSync(
308 browser(), ui::VKEY_RETURN, false, false, false, false));
310 Mock::VerifyAndClear(auth_requestor_.get());
313 // http://crbug.com/121007
314 IN_PROC_BROWSER_TEST_F(SSLClientCertificateSelectorMultiTabTest,
316 // auth_requestor_1_ should get selected automatically by the
317 // SSLClientAuthObserver when selector_2_ is accepted, since both 1 & 2 have
318 // the same host:port.
319 EXPECT_CALL(*auth_requestor_1_.get(), CertificateSelected(NULL));
320 EXPECT_CALL(*auth_requestor_2_.get(), CertificateSelected(NULL));
322 EXPECT_TRUE(ui_test_utils::SendKeyPressSync(
323 browser(), ui::VKEY_ESCAPE, false, false, false, false));
325 Mock::VerifyAndClear(auth_requestor_.get());
326 Mock::VerifyAndClear(auth_requestor_1_.get());
327 Mock::VerifyAndClear(auth_requestor_2_.get());
329 // Now let the default selection for auth_requestor_ mock get checked on
331 EXPECT_CALL(*auth_requestor_.get(), CertificateSelected(NULL));
334 // http://crbug.com/121007
335 IN_PROC_BROWSER_TEST_F(SSLClientCertificateSelectorMultiTabTest,
336 DISABLED_SelectSecond) {
337 // auth_requestor_1_ should get selected automatically by the
338 // SSLClientAuthObserver when selector_2_ is accepted, since both 1 & 2 have
339 // the same host:port.
340 EXPECT_CALL(*auth_requestor_1_.get(),
341 CertificateSelected(foaf_me_chromium_test_cert_.get()));
342 EXPECT_CALL(*auth_requestor_2_.get(),
343 CertificateSelected(foaf_me_chromium_test_cert_.get()));
345 EXPECT_TRUE(ui_test_utils::SendKeyPressSync(
346 browser(), ui::VKEY_DOWN, false, false, false, false));
348 EXPECT_EQ(mit_davidben_cert_.get(), selector_->GetSelectedCert());
349 EXPECT_EQ(mit_davidben_cert_.get(), selector_1_->GetSelectedCert());
350 EXPECT_EQ(foaf_me_chromium_test_cert_.get(), selector_2_->GetSelectedCert());
352 EXPECT_TRUE(ui_test_utils::SendKeyPressSync(
353 browser(), ui::VKEY_RETURN, false, false, false, false));
355 Mock::VerifyAndClear(auth_requestor_.get());
356 Mock::VerifyAndClear(auth_requestor_1_.get());
357 Mock::VerifyAndClear(auth_requestor_2_.get());
359 // Now let the default selection for auth_requestor_ mock get checked on
361 EXPECT_CALL(*auth_requestor_.get(), CertificateSelected(NULL));
364 // http://crbug.com/103529
365 IN_PROC_BROWSER_TEST_F(SSLClientCertificateSelectorMultiProfileTest,
367 EXPECT_CALL(*auth_requestor_1_.get(), CertificateSelected(NULL));
369 EXPECT_TRUE(ui_test_utils::SendKeyPressSync(
370 browser_1_, ui::VKEY_ESCAPE, false, false, false, false));
372 Mock::VerifyAndClear(auth_requestor_.get());
373 Mock::VerifyAndClear(auth_requestor_1_.get());
375 // Now let the default selection for auth_requestor_ mock get checked on
377 EXPECT_CALL(*auth_requestor_.get(), CertificateSelected(NULL));
380 // http://crbug.com/103534
381 IN_PROC_BROWSER_TEST_F(SSLClientCertificateSelectorMultiProfileTest,
382 DISABLED_SelectDefault) {
383 EXPECT_CALL(*auth_requestor_1_.get(),
384 CertificateSelected(mit_davidben_cert_.get()));
386 EXPECT_TRUE(ui_test_utils::SendKeyPressSync(
387 browser_1_, ui::VKEY_RETURN, false, false, false, false));
389 Mock::VerifyAndClear(auth_requestor_.get());
390 Mock::VerifyAndClear(auth_requestor_1_.get());
392 // Now let the default selection for auth_requestor_ mock get checked on
394 EXPECT_CALL(*auth_requestor_.get(), CertificateSelected(NULL));
projects / platform / framework / web / crosswalk.git / blob