login_utils_browsertest.cc revision f2477e01787aa58f445919b809d89e252beef54f
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/chromeos/login/login_utils.h" 6 7#include "base/basictypes.h" 8#include "base/bind.h" 9#include "base/command_line.h" 10#include "base/files/scoped_temp_dir.h" 11#include "base/message_loop/message_loop.h" 12#include "base/path_service.h" 13#include "base/prefs/pref_registry_simple.h" 14#include "base/run_loop.h" 15#include "base/strings/string_util.h" 16#include "base/synchronization/waitable_event.h" 17#include "base/threading/sequenced_worker_pool.h" 18#include "base/threading/thread.h" 19#include "chrome/browser/chrome_notification_types.h" 20#include "chrome/browser/chromeos/input_method/input_method_configuration.h" 21#include "chrome/browser/chromeos/input_method/mock_input_method_manager.h" 22#include "chrome/browser/chromeos/login/authenticator.h" 23#include "chrome/browser/chromeos/login/login_status_consumer.h" 24#include "chrome/browser/chromeos/login/user_manager.h" 25#include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" 26#include "chrome/browser/chromeos/settings/cros_settings.h" 27#include "chrome/browser/chromeos/settings/device_settings_service.h" 28#include "chrome/browser/chromeos/settings/device_settings_test_helper.h" 29#include "chrome/browser/chromeos/settings/mock_owner_key_util.h" 30#include "chrome/browser/io_thread.h" 31#include "chrome/browser/net/predictor.h" 32#include "chrome/browser/policy/browser_policy_connector.h" 33#include "chrome/browser/policy/cloud/device_management_service.h" 34#include "chrome/browser/policy/policy_service.h" 35#include "chrome/browser/policy/proto/cloud/device_management_backend.pb.h" 36#include "chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.h" 37#include "chrome/browser/profiles/profile_manager.h" 38#include "chrome/browser/rlz/rlz.h" 39#include "chrome/common/chrome_paths.h" 40#include "chrome/common/chrome_switches.h" 41#include "chrome/common/pref_names.h" 42#include "chrome/test/base/scoped_testing_local_state.h" 43#include "chrome/test/base/testing_browser_process.h" 44#include "chromeos/chromeos_switches.h" 45#include "chromeos/cryptohome/mock_async_method_caller.h" 46#include "chromeos/cryptohome/system_salt_getter.h" 47#include "chromeos/dbus/fake_dbus_thread_manager.h" 48#include "chromeos/disks/disk_mount_manager.h" 49#include "chromeos/disks/mock_disk_mount_manager.h" 50#include "chromeos/login/login_state.h" 51#include "chromeos/network/network_handler.h" 52#include "chromeos/system/mock_statistics_provider.h" 53#include "chromeos/system/statistics_provider.h" 54#include "content/public/browser/browser_thread.h" 55#include "content/public/test/test_browser_thread.h" 56#include "content/public/test/test_utils.h" 57#include "google_apis/gaia/gaia_auth_consumer.h" 58#include "google_apis/gaia/gaia_urls.h" 59#include "net/url_request/test_url_fetcher_factory.h" 60#include "net/url_request/url_fetcher_delegate.h" 61#include "net/url_request/url_request.h" 62#include "net/url_request/url_request_context_getter.h" 63#include "net/url_request/url_request_status.h" 64#include "net/url_request/url_request_test_util.h" 65#include "testing/gmock/include/gmock/gmock.h" 66#include "testing/gtest/include/gtest/gtest.h" 67 68#if defined(ENABLE_RLZ) 69#include "rlz/lib/rlz_value_store.h" 70#endif 71 72using ::testing::AnyNumber; 73 74namespace chromeos { 75 76namespace { 77 78namespace em = enterprise_management; 79 80using ::testing::DoAll; 81using ::testing::Return; 82using ::testing::SaveArg; 83using ::testing::SetArgPointee; 84using ::testing::_; 85using content::BrowserThread; 86 87const char kDomain[] = "domain.com"; 88const char kUsername[] = "user@domain.com"; 89const char kDeviceId[] = "100200300"; 90const char kUsernameOtherDomain[] = "user@other.com"; 91 92const char kOAuthTokenCookie[] = "oauth_token=1234"; 93 94const char kGaiaAccountDisabledResponse[] = "Error=AccountDeleted"; 95 96const char kOAuth2TokenPairData[] = 97 "{" 98 " \"refresh_token\": \"1234\"," 99 " \"access_token\": \"5678\"," 100 " \"expires_in\": 3600" 101 "}"; 102 103const char kOAuth2AccessTokenData[] = 104 "{" 105 " \"access_token\": \"5678\"," 106 " \"expires_in\": 3600" 107 "}"; 108 109const char kDMServer[] = "http://server/device_management"; 110const char kDMRegisterRequest[] = 111 "http://server/device_management?request=register"; 112const char kDMPolicyRequest[] = 113 "http://server/device_management?request=policy"; 114 115const char kDMToken[] = "1234"; 116 117// Single task of the fake IO loop used in the test, that just waits until 118// it is signaled to quit or perform some work. 119// |completion| is the event to wait for, and |work| is the task to invoke 120// when signaled. If the task returns false then this quits the IO loop. 121void BlockLoop(base::WaitableEvent* completion, base::Callback<bool()> work) { 122 do { 123 completion->Wait(); 124 } while (work.Run()); 125 base::MessageLoop::current()->QuitNow(); 126} 127 128void CopyLockResult(base::RunLoop* loop, 129 policy::EnterpriseInstallAttributes::LockResult* out, 130 policy::EnterpriseInstallAttributes::LockResult result) { 131 *out = result; 132 loop->Quit(); 133} 134 135class LoginUtilsTest : public testing::Test, 136 public LoginUtils::Delegate, 137 public LoginStatusConsumer { 138 public: 139 // Initialization here is important. The UI thread gets the test's 140 // message loop, as does the file thread (which never actually gets 141 // started - so this is a way to fake multiple threads on a single 142 // test thread). The IO thread does not get the message loop set, 143 // and is never started. This is necessary so that we skip various 144 // bits of initialization that get posted to the IO thread. We do 145 // however, at one point in the test, temporarily set the message 146 // loop for the IO thread. 147 LoginUtilsTest() 148 : fake_io_thread_completion_(false, false), 149 fake_io_thread_("fake_io_thread"), 150 loop_(base::MessageLoop::TYPE_IO), 151 browser_process_(TestingBrowserProcess::GetGlobal()), 152 local_state_(browser_process_), 153 ui_thread_(BrowserThread::UI, &loop_), 154 db_thread_(BrowserThread::DB, &loop_), 155 file_thread_(BrowserThread::FILE, &loop_), 156 mock_input_method_manager_(NULL), 157 mock_async_method_caller_(NULL), 158 connector_(NULL), 159 prepared_profile_(NULL) {} 160 161 virtual void SetUp() OVERRIDE { 162 // This test is not a full blown InProcessBrowserTest, and doesn't have 163 // all the usual threads running. However a lot of subsystems pulled from 164 // ProfileImpl post to IO (usually from ProfileIOData), and DCHECK that 165 // those tasks were posted. Those tasks in turn depend on a lot of other 166 // components that aren't there during this test, so this kludge is used to 167 // have a running IO loop that doesn't really execute any tasks. 168 // 169 // See InvokeOnIO() below for a way to perform specific tasks on IO, when 170 // that's necessary. 171 172 // A thread is needed to create a new MessageLoop, since there can be only 173 // one loop per thread. 174 fake_io_thread_.StartWithOptions( 175 base::Thread::Options(base::MessageLoop::TYPE_IO, 0)); 176 base::MessageLoop* fake_io_loop = fake_io_thread_.message_loop(); 177 // Make this loop enter the single task, BlockLoop(). Pass in the completion 178 // event and the work callback. 179 fake_io_thread_.StopSoon(); 180 fake_io_loop->PostTask( 181 FROM_HERE, 182 base::Bind( 183 BlockLoop, 184 &fake_io_thread_completion_, 185 base::Bind(&LoginUtilsTest::DoIOWork, base::Unretained(this)))); 186 // Map BrowserThread::IO to this loop. This allows posting to IO but nothing 187 // will be executed. 188 io_thread_.reset( 189 new content::TestBrowserThread(BrowserThread::IO, fake_io_loop)); 190 191 ASSERT_TRUE(scoped_temp_dir_.CreateUniqueTempDir()); 192 193 CommandLine* command_line = CommandLine::ForCurrentProcess(); 194 command_line->AppendSwitchASCII( 195 ::switches::kDeviceManagementUrl, kDMServer); 196 command_line->AppendSwitchASCII(switches::kLoginProfile, "user"); 197 198 // DBusThreadManager should be initialized before io_thread_state_, as 199 // DBusThreadManager is used from chromeos::ProxyConfigServiceImpl, 200 // which is part of io_thread_state_. 201 DBusThreadManager::InitializeWithStub(); 202 203 SystemSaltGetter::Initialize(); 204 LoginState::Initialize(); 205 206 EXPECT_CALL(mock_statistics_provider_, GetMachineStatistic(_, _)) 207 .WillRepeatedly(Return(false)); 208 chromeos::system::StatisticsProvider::SetTestProvider( 209 &mock_statistics_provider_); 210 211 mock_input_method_manager_ = new input_method::MockInputMethodManager(); 212 input_method::InitializeForTesting(mock_input_method_manager_); 213 disks::DiskMountManager::InitializeForTesting(&mock_disk_mount_manager_); 214 mock_disk_mount_manager_.SetupDefaultReplies(); 215 216 mock_async_method_caller_ = new cryptohome::MockAsyncMethodCaller; 217 cryptohome::AsyncMethodCaller::InitializeForTesting( 218 mock_async_method_caller_); 219 220 test_device_settings_service_.reset(new ScopedTestDeviceSettingsService); 221 test_cros_settings_.reset(new ScopedTestCrosSettings); 222 test_user_manager_.reset(new ScopedTestUserManager); 223 224 // IOThread creates ProxyConfigServiceImpl and 225 // BrowserPolicyConnector::Init() creates a NetworkConfigurationUpdater, 226 // which both access NetworkHandler. Thus initialize it here before creating 227 // IOThread and before calling BrowserPolicyConnector::Init(). 228 NetworkHandler::Initialize(); 229 230 browser_process_->SetProfileManager( 231 new ProfileManagerWithoutInit(scoped_temp_dir_.path())); 232 browser_process_->SetSystemRequestContext( 233 new net::TestURLRequestContextGetter( 234 base::MessageLoopProxy::current())); 235 connector_ = browser_process_->browser_policy_connector(); 236 connector_->Init(local_state_.Get(), 237 browser_process_->system_request_context()); 238 239 io_thread_state_.reset(new IOThread(local_state_.Get(), 240 browser_process_->policy_service(), 241 NULL, NULL)); 242 browser_process_->SetIOThread(io_thread_state_.get()); 243 244#if defined(ENABLE_RLZ) 245 rlz_initialized_cb_ = base::Bind(&base::DoNothing); 246 rlz_lib::testing::SetRlzStoreDirectory(scoped_temp_dir_.path()); 247 RLZTracker::EnableZeroDelayForTesting(); 248#endif 249 250 RunUntilIdle(); 251 } 252 253 virtual void TearDown() OVERRIDE { 254 cryptohome::AsyncMethodCaller::Shutdown(); 255 mock_async_method_caller_ = NULL; 256 257 test_user_manager_.reset(); 258 259 InvokeOnIO( 260 base::Bind(&LoginUtilsTest::TearDownOnIO, base::Unretained(this))); 261 262 // LoginUtils instance must not outlive Profile instances. 263 LoginUtils::Set(NULL); 264 265 input_method::Shutdown(); 266 LoginState::Shutdown(); 267 SystemSaltGetter::Shutdown(); 268 269 // These trigger some tasks that have to run while BrowserThread::UI 270 // exists. Delete all the profiles before deleting the connector. 271 browser_process_->SetProfileManager(NULL); 272 connector_ = NULL; 273 browser_process_->SetBrowserPolicyConnector(NULL); 274 QuitIOLoop(); 275 RunUntilIdle(); 276 } 277 278 void TearDownOnIO() { 279 // chrome_browser_net::Predictor usually skips its shutdown routines on 280 // unit_tests, but does the full thing when 281 // g_browser_process->profile_manager() is valid during initialization. 282 // That includes a WaitableEvent on UI waiting for a task on IO, so that 283 // task must execute. Do it directly from here now. 284 std::vector<Profile*> profiles = 285 browser_process_->profile_manager()->GetLoadedProfiles(); 286 for (size_t i = 0; i < profiles.size(); ++i) { 287 chrome_browser_net::Predictor* predictor = 288 profiles[i]->GetNetworkPredictor(); 289 if (predictor) { 290 predictor->EnablePredictorOnIOThread(false); 291 predictor->Shutdown(); 292 } 293 } 294 } 295 296 void RunUntilIdle() { 297 loop_.RunUntilIdle(); 298 BrowserThread::GetBlockingPool()->FlushForTesting(); 299 loop_.RunUntilIdle(); 300 } 301 302 // Invokes |task| on the IO loop and returns after it has executed. 303 void InvokeOnIO(const base::Closure& task) { 304 fake_io_thread_work_ = task; 305 fake_io_thread_completion_.Signal(); 306 content::RunMessageLoop(); 307 } 308 309 // Makes the fake IO loop return. 310 void QuitIOLoop() { 311 fake_io_thread_completion_.Signal(); 312 content::RunMessageLoop(); 313 } 314 315 // Helper for BlockLoop, InvokeOnIO and QuitIOLoop. 316 bool DoIOWork() { 317 bool has_work = !fake_io_thread_work_.is_null(); 318 if (has_work) 319 fake_io_thread_work_.Run(); 320 fake_io_thread_work_.Reset(); 321 BrowserThread::PostTask( 322 BrowserThread::UI, FROM_HERE, 323 base::MessageLoop::QuitWhenIdleClosure()); 324 // If there was work then keep waiting for more work. 325 // If there was no work then quit the fake IO loop. 326 return has_work; 327 } 328 329 virtual void OnProfilePrepared(Profile* profile) OVERRIDE { 330 EXPECT_FALSE(prepared_profile_); 331 prepared_profile_ = profile; 332 } 333 334#if defined(ENABLE_RLZ) 335 virtual void OnRlzInitialized(Profile* profile) OVERRIDE { 336 rlz_initialized_cb_.Run(); 337 } 338#endif 339 340 virtual void OnLoginFailure(const LoginFailure& error) OVERRIDE { 341 FAIL() << "OnLoginFailure not expected"; 342 } 343 344 virtual void OnLoginSuccess(const UserContext& user_context) OVERRIDE { 345 FAIL() << "OnLoginSuccess not expected"; 346 } 347 348 void EnrollDevice(const std::string& username) { 349 base::RunLoop loop; 350 policy::EnterpriseInstallAttributes::LockResult result; 351 connector_->GetInstallAttributes()->LockDevice( 352 username, policy::DEVICE_MODE_ENTERPRISE, kDeviceId, 353 base::Bind(&CopyLockResult, &loop, &result)); 354 loop.Run(); 355 EXPECT_EQ(policy::EnterpriseInstallAttributes::LOCK_SUCCESS, result); 356 RunUntilIdle(); 357 } 358 359 void PrepareProfile(const std::string& username) { 360 // Normally this would happen during browser startup, but for tests 361 // we need to trigger creation of Profile-related services. 362 ChromeBrowserMainExtraPartsProfiles:: 363 EnsureBrowserContextKeyedServiceFactoriesBuilt(); 364 ProfileManager::AllowGetDefaultProfile(); 365 366 DeviceSettingsTestHelper device_settings_test_helper; 367 DeviceSettingsService::Get()->SetSessionManager( 368 &device_settings_test_helper, new MockOwnerKeyUtil()); 369 370 EXPECT_CALL(*mock_async_method_caller_, AsyncMount(_, _, _, _)) 371 .WillRepeatedly(Return()); 372 EXPECT_CALL(*mock_async_method_caller_, AsyncGetSanitizedUsername(_, _)) 373 .WillRepeatedly(Return()); 374 375 scoped_refptr<Authenticator> authenticator = 376 LoginUtils::Get()->CreateAuthenticator(this); 377 authenticator->CompleteLogin(ProfileManager::GetDefaultProfile(), 378 UserContext(username, 379 "password", 380 std::string(), 381 username)); // username_hash 382 383 const bool kUsingOAuth = true; 384 // Setting |kHasCookies| to false prevents ProfileAuthData::Transfer from 385 // waiting for an IO task before proceeding. 386 const bool kHasCookies = false; 387 const bool kHasActiveSession = false; 388 LoginUtils::Get()->PrepareProfile( 389 UserContext(username, "password", std::string(), username, kUsingOAuth), 390 std::string(), kHasCookies, kHasActiveSession, this); 391 device_settings_test_helper.Flush(); 392 RunUntilIdle(); 393 394 DeviceSettingsService::Get()->UnsetSessionManager(); 395 } 396 397 net::TestURLFetcher* PrepareOAuthFetcher(const GURL& expected_url) { 398 net::TestURLFetcher* fetcher = test_url_fetcher_factory_.GetFetcherByID(0); 399 EXPECT_TRUE(fetcher); 400 if (!fetcher) 401 return NULL; 402 EXPECT_TRUE(fetcher->delegate()); 403 EXPECT_TRUE(StartsWithASCII(fetcher->GetOriginalURL().spec(), 404 expected_url.spec(), 405 true)); 406 fetcher->set_url(fetcher->GetOriginalURL()); 407 fetcher->set_response_code(200); 408 fetcher->set_status(net::URLRequestStatus()); 409 return fetcher; 410 } 411 412 net::TestURLFetcher* PrepareDMServiceFetcher( 413 const std::string& expected_url, 414 const em::DeviceManagementResponse& response) { 415 net::TestURLFetcher* fetcher = test_url_fetcher_factory_.GetFetcherByID( 416 policy::DeviceManagementService::kURLFetcherID); 417 EXPECT_TRUE(fetcher); 418 if (!fetcher) 419 return NULL; 420 EXPECT_TRUE(fetcher->delegate()); 421 EXPECT_TRUE(StartsWithASCII(fetcher->GetOriginalURL().spec(), 422 expected_url, 423 true)); 424 fetcher->set_url(fetcher->GetOriginalURL()); 425 fetcher->set_response_code(200); 426 fetcher->set_status(net::URLRequestStatus()); 427 std::string data; 428 EXPECT_TRUE(response.SerializeToString(&data)); 429 fetcher->SetResponseString(data); 430 return fetcher; 431 } 432 433 net::TestURLFetcher* PrepareDMRegisterFetcher() { 434 em::DeviceManagementResponse response; 435 em::DeviceRegisterResponse* register_response = 436 response.mutable_register_response(); 437 register_response->set_device_management_token(kDMToken); 438 register_response->set_enrollment_type( 439 em::DeviceRegisterResponse::ENTERPRISE); 440 return PrepareDMServiceFetcher(kDMRegisterRequest, response); 441 } 442 443 net::TestURLFetcher* PrepareDMPolicyFetcher() { 444 em::DeviceManagementResponse response; 445 response.mutable_policy_response()->add_response(); 446 return PrepareDMServiceFetcher(kDMPolicyRequest, response); 447 } 448 449 protected: 450 base::Closure fake_io_thread_work_; 451 base::WaitableEvent fake_io_thread_completion_; 452 base::Thread fake_io_thread_; 453 454 base::MessageLoop loop_; 455 TestingBrowserProcess* browser_process_; 456 ScopedTestingLocalState local_state_; 457 458 content::TestBrowserThread ui_thread_; 459 content::TestBrowserThread db_thread_; 460 content::TestBrowserThread file_thread_; 461 scoped_ptr<content::TestBrowserThread> io_thread_; 462 scoped_ptr<IOThread> io_thread_state_; 463 464 input_method::MockInputMethodManager* mock_input_method_manager_; 465 disks::MockDiskMountManager mock_disk_mount_manager_; 466 net::TestURLFetcherFactory test_url_fetcher_factory_; 467 468 cryptohome::MockAsyncMethodCaller* mock_async_method_caller_; 469 470 chromeos::system::MockStatisticsProvider mock_statistics_provider_; 471 472 policy::BrowserPolicyConnector* connector_; 473 474 scoped_ptr<ScopedTestDeviceSettingsService> test_device_settings_service_; 475 scoped_ptr<ScopedTestCrosSettings> test_cros_settings_; 476 scoped_ptr<ScopedTestUserManager> test_user_manager_; 477 478 Profile* prepared_profile_; 479 480 base::Closure rlz_initialized_cb_; 481 482 private: 483 base::ScopedTempDir scoped_temp_dir_; 484 485 std::string device_policy_; 486 std::string user_policy_; 487 488 DISALLOW_COPY_AND_ASSIGN(LoginUtilsTest); 489}; 490 491class LoginUtilsBlockingLoginTest 492 : public LoginUtilsTest, 493 public testing::WithParamInterface<int> {}; 494 495TEST_F(LoginUtilsTest, NormalLoginDoesntBlock) { 496 UserManager* user_manager = UserManager::Get(); 497 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 498 EXPECT_FALSE(connector_->IsEnterpriseManaged()); 499 EXPECT_FALSE(prepared_profile_); 500 EXPECT_EQ(policy::USER_AFFILIATION_NONE, 501 connector_->GetUserAffiliation(kUsername)); 502 503 // The profile will be created without waiting for a policy response. 504 PrepareProfile(kUsername); 505 506 EXPECT_TRUE(prepared_profile_); 507 ASSERT_TRUE(user_manager->IsUserLoggedIn()); 508 EXPECT_EQ(kUsername, user_manager->GetLoggedInUser()->email()); 509} 510 511TEST_F(LoginUtilsTest, EnterpriseLoginDoesntBlockForNormalUser) { 512 UserManager* user_manager = UserManager::Get(); 513 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 514 EXPECT_FALSE(connector_->IsEnterpriseManaged()); 515 EXPECT_FALSE(prepared_profile_); 516 517 // Enroll the device. 518 EnrollDevice(kUsername); 519 520 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 521 EXPECT_TRUE(connector_->IsEnterpriseManaged()); 522 EXPECT_EQ(kDomain, connector_->GetEnterpriseDomain()); 523 EXPECT_FALSE(prepared_profile_); 524 EXPECT_EQ(policy::USER_AFFILIATION_NONE, 525 connector_->GetUserAffiliation(kUsernameOtherDomain)); 526 527 // Login with a non-enterprise user shouldn't block. 528 PrepareProfile(kUsernameOtherDomain); 529 530 EXPECT_TRUE(prepared_profile_); 531 ASSERT_TRUE(user_manager->IsUserLoggedIn()); 532 EXPECT_EQ(kUsernameOtherDomain, user_manager->GetLoggedInUser()->email()); 533} 534 535#if defined(ENABLE_RLZ) 536TEST_F(LoginUtilsTest, RlzInitialized) { 537 // No RLZ brand code set initially. 538 EXPECT_FALSE(local_state_.Get()->HasPrefPath(prefs::kRLZBrand)); 539 540 base::RunLoop wait_for_rlz_init; 541 rlz_initialized_cb_ = wait_for_rlz_init.QuitClosure(); 542 543 PrepareProfile(kUsername); 544 545 wait_for_rlz_init.Run(); 546 // Wait for blocking RLZ tasks to complete. 547 RunUntilIdle(); 548 549 // RLZ brand code has been set to empty string. 550 EXPECT_TRUE(local_state_.Get()->HasPrefPath(prefs::kRLZBrand)); 551 EXPECT_EQ(std::string(), local_state_.Get()->GetString(prefs::kRLZBrand)); 552 553 // RLZ value for homepage access point should have been initialized. 554 string16 rlz_string; 555 EXPECT_TRUE(RLZTracker::GetAccessPointRlz( 556 RLZTracker::CHROME_HOME_PAGE, &rlz_string)); 557 EXPECT_EQ(string16(), rlz_string); 558} 559#endif 560 561TEST_P(LoginUtilsBlockingLoginTest, EnterpriseLoginBlocksForEnterpriseUser) { 562 UserManager* user_manager = UserManager::Get(); 563 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 564 EXPECT_FALSE(connector_->IsEnterpriseManaged()); 565 EXPECT_FALSE(prepared_profile_); 566 567 // Enroll the device. 568 EnrollDevice(kUsername); 569 570 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 571 EXPECT_TRUE(connector_->IsEnterpriseManaged()); 572 EXPECT_EQ(kDomain, connector_->GetEnterpriseDomain()); 573 EXPECT_FALSE(prepared_profile_); 574 EXPECT_EQ(policy::USER_AFFILIATION_MANAGED, 575 connector_->GetUserAffiliation(kUsername)); 576 EXPECT_FALSE(user_manager->IsKnownUser(kUsername)); 577 578 // Login with a user of the enterprise domain waits for policy. 579 PrepareProfile(kUsername); 580 581 EXPECT_FALSE(prepared_profile_); 582 ASSERT_TRUE(user_manager->IsUserLoggedIn()); 583 EXPECT_TRUE(user_manager->IsCurrentUserNew()); 584 585 GaiaUrls* gaia_urls = GaiaUrls::GetInstance(); 586 net::TestURLFetcher* fetcher; 587 588 // |steps| is the test parameter, and is the number of successful fetches. 589 // The first incomplete fetch will fail. In any case, the profile creation 590 // should resume. 591 int steps = GetParam(); 592 593 // The next expected fetcher ID. This is used to make it fail. 594 int next_expected_fetcher_id = 0; 595 596 do { 597 if (steps < 1) break; 598 599 // Fake refresh token retrieval: 600 fetcher = PrepareOAuthFetcher(gaia_urls->client_login_to_oauth2_url()); 601 ASSERT_TRUE(fetcher); 602 net::ResponseCookies cookies; 603 cookies.push_back(kOAuthTokenCookie); 604 fetcher->set_cookies(cookies); 605 fetcher->delegate()->OnURLFetchComplete(fetcher); 606 if (steps < 2) break; 607 608 // Fake OAuth2 token pair retrieval: 609 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); 610 ASSERT_TRUE(fetcher); 611 fetcher->SetResponseString(kOAuth2TokenPairData); 612 fetcher->delegate()->OnURLFetchComplete(fetcher); 613 if (steps < 3) break; 614 615 // Fake OAuth2 access token retrieval: 616 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); 617 ASSERT_TRUE(fetcher); 618 fetcher->SetResponseString(kOAuth2AccessTokenData); 619 fetcher->delegate()->OnURLFetchComplete(fetcher); 620 621 // The cloud policy subsystem is now ready to fetch the dmtoken and the user 622 // policy. 623 next_expected_fetcher_id = policy::DeviceManagementService::kURLFetcherID; 624 RunUntilIdle(); 625 if (steps < 4) break; 626 627 fetcher = PrepareDMRegisterFetcher(); 628 ASSERT_TRUE(fetcher); 629 fetcher->delegate()->OnURLFetchComplete(fetcher); 630 // The policy fetch job has now been scheduled, run it: 631 RunUntilIdle(); 632 if (steps < 5) break; 633 634 // Verify that there is no profile prepared just before the policy fetch. 635 EXPECT_FALSE(prepared_profile_); 636 637 fetcher = PrepareDMPolicyFetcher(); 638 ASSERT_TRUE(fetcher); 639 fetcher->delegate()->OnURLFetchComplete(fetcher); 640 RunUntilIdle(); 641 } while (0); 642 643 if (steps < 5) { 644 // Verify that the profile hasn't been created yet. 645 EXPECT_FALSE(prepared_profile_); 646 647 // Make the current fetcher fail with a Gaia error. 648 net::TestURLFetcher* fetcher = test_url_fetcher_factory_.GetFetcherByID( 649 next_expected_fetcher_id); 650 ASSERT_TRUE(fetcher); 651 EXPECT_TRUE(fetcher->delegate()); 652 fetcher->set_url(fetcher->GetOriginalURL()); 653 fetcher->set_response_code(401); 654 // This response body is important to make the gaia fetcher skip its delayed 655 // retry behavior, which makes testing harder. If this is sent to the policy 656 // fetchers then it will make them fail too. 657 fetcher->SetResponseString(kGaiaAccountDisabledResponse); 658 fetcher->delegate()->OnURLFetchComplete(fetcher); 659 RunUntilIdle(); 660 } 661 662 // The profile is finally ready: 663 EXPECT_TRUE(prepared_profile_); 664} 665 666INSTANTIATE_TEST_CASE_P( 667 LoginUtilsBlockingLoginTestInstance, 668 LoginUtilsBlockingLoginTest, 669 testing::Values(0, 1, 2, 3, 4, 5)); 670 671} // namespace 672 673} // namespace chromeos 674