11e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 21e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 31e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)// found in the LICENSE file. 41e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 51e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "chrome/browser/signin/local_auth.h" 61e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 71e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "base/base64.h" 81e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "base/prefs/pref_service.h" 9a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "chrome/browser/profiles/profile_manager.h" 101e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "chrome/common/pref_names.h" 11a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "chrome/test/base/testing_browser_process.h" 121e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "chrome/test/base/testing_pref_service_syncable.h" 131e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "chrome/test/base/testing_profile.h" 14a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "chrome/test/base/testing_profile_manager.h" 15a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#include "components/os_crypt/os_crypt.h" 161e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 171e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 181e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 191e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)using namespace chrome; 201e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 21a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)TEST(LocalAuthTest, SetAndCheckCredentials) { 22a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) TestingProfileManager testing_profile_manager( 23a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) TestingBrowserProcess::GetGlobal()); 24a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) ASSERT_TRUE(testing_profile_manager.SetUp()); 25a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) Profile* prof = testing_profile_manager.CreateTestingProfile("p1"); 26a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) ProfileInfoCache& cache = 27a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) testing_profile_manager.profile_manager()->GetProfileInfoCache(); 28a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) EXPECT_EQ(1U, cache.GetNumberOfProfiles()); 29a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) EXPECT_EQ("", cache.GetLocalAuthCredentialsOfProfileAtIndex(0)); 301e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 311e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#if defined(OS_MACOSX) 32a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) OSCrypt::UseMockKeychain(true); 331e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#endif 341e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 351e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) std::string password("Some Password"); 36a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password)); 371e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 38a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) SetLocalAuthCredentials(prof, password); 39a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0); 401e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 411e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // We perform basic validation on the written record to ensure bugs don't slip 421e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // in that cannot be seen from the API: 431e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // - The encoding exists (we can guarantee future backward compatibility). 441e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) // - The plaintext version of the password is not mistakenly stored anywhere. 451e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) EXPECT_FALSE(passhash.empty()); 461e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) EXPECT_EQ('1', passhash[0]); 471e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) EXPECT_EQ(passhash.find(password), std::string::npos); 481e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 491e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) std::string decodedhash; 501e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) base::Base64Decode(passhash.substr(1), &decodedhash); 511e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) EXPECT_FALSE(decodedhash.empty()); 521e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) EXPECT_EQ(decodedhash.find(password), std::string::npos); 531e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 54a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password)); 55a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password + "1")); 561e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 57a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) SetLocalAuthCredentials(prof, password); // makes different salt 58a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0)); 591e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)} 60