12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/bind.h" 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "net/base/net_errors.h" 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/base/rsa_key_pair.h" 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/protocol/authenticator_test_base.h" 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/protocol/channel_authenticator.h" 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/protocol/connection_tester.h" 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/protocol/fake_authenticator.h" 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/protocol/third_party_authenticator_base.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/protocol/third_party_client_authenticator.h" 142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "remoting/protocol/third_party_host_authenticator.h" 15a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#include "remoting/protocol/token_validator.h" 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "testing/gmock/include/gmock/gmock.h" 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 181320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci#include "third_party/webrtc/libjingle/xmllite/xmlelement.h" 192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::_; 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::DeleteArg; 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::SaveArg; 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace { 252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const int kMessageSize = 100; 272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const int kMessages = 1; 282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const char kTokenUrl[] = "https://example.com/Issue"; 302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const char kTokenScope[] = "host:a@b.com/1 client:a@b.com/2"; 312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const char kToken[] = "abc123456xyz789"; 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const char kSharedSecret[] = "1234-1234-5678"; 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const char kSharedSecretBad[] = "0000-0000-0001"; 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace remoting { 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace protocol { 392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class ThirdPartyAuthenticatorTest : public AuthenticatorTestBase { 412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) class FakeTokenFetcher : public ThirdPartyClientAuthenticator::TokenFetcher { 422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void FetchThirdPartyToken( 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const GURL& token_url, 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& scope, 46c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const TokenFetchedCallback& token_fetched_callback) OVERRIDE { 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(token_url.spec(), kTokenUrl); 482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(scope, kTokenScope); 492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_FALSE(token_fetched_callback.is_null()); 502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) on_token_fetched_ = token_fetched_callback; 512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnTokenFetched(const std::string& token, 542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& shared_secret) { 552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_FALSE(on_token_fetched_.is_null()); 562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) TokenFetchedCallback on_token_fetched = on_token_fetched_; 572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) on_token_fetched_.Reset(); 582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) on_token_fetched.Run(token, shared_secret); 592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) TokenFetchedCallback on_token_fetched_; 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 65a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) class FakeTokenValidator : public TokenValidator { 662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) FakeTokenValidator() 682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) : token_url_(kTokenUrl), 692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_scope_(kTokenScope) {} 702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~FakeTokenValidator() {} 722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void ValidateThirdPartyToken( 742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& token, 75c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const TokenValidatedCallback& token_validated_callback) OVERRIDE { 762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_FALSE(token_validated_callback.is_null()); 772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) on_token_validated_ = token_validated_callback; 782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnTokenValidated(const std::string& shared_secret) { 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_FALSE(on_token_validated_.is_null()); 822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) TokenValidatedCallback on_token_validated = on_token_validated_; 832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) on_token_validated_.Reset(); 842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) on_token_validated.Run(shared_secret); 852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual const GURL& token_url() const OVERRIDE { 882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return token_url_; 892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual const std::string& token_scope() const OVERRIDE { 922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return token_scope_; 932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) GURL token_url_; 972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string token_scope_; 982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Callback<void(const std::string& shared_secret)> on_token_validated_; 992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 1002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 1022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ThirdPartyAuthenticatorTest() {} 1032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~ThirdPartyAuthenticatorTest() {} 1042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) protected: 1062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void InitAuthenticators() { 107a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) scoped_ptr<TokenValidator> token_validator(new FakeTokenValidator()); 1082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_validator_ = static_cast<FakeTokenValidator*>(token_validator.get()); 1092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) host_.reset(new ThirdPartyHostAuthenticator( 1102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) host_cert_, key_pair_, token_validator.Pass())); 1112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_ptr<ThirdPartyClientAuthenticator::TokenFetcher> 1122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_fetcher(new FakeTokenFetcher()); 1132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_fetcher_ = static_cast<FakeTokenFetcher*>(token_fetcher.get()); 114c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) client_.reset(new ThirdPartyClientAuthenticator(token_fetcher.Pass())); 1152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 1162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) FakeTokenFetcher* token_fetcher_; 1182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) FakeTokenValidator* token_validator_; 1192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 1212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(ThirdPartyAuthenticatorTest); 1222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)}; 1232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 12403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)TEST_F(ThirdPartyAuthenticatorTest, SuccessfulAuth) { 1252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(InitAuthenticators()); 1262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(RunHostInitiatedAuthExchange()); 1272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, client_->state()); 1282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(token_fetcher_->OnTokenFetched( 1292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) kToken, kSharedSecret)); 1302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, host_->state()); 1312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE( 1322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_validator_->OnTokenValidated(kSharedSecret)); 1332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Both sides have finished. 1352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::ACCEPTED, host_->state()); 1362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::ACCEPTED, client_->state()); 1372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // An authenticated channel can be created after the authentication. 1392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) client_auth_ = client_->CreateChannelAuthenticator(); 1402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) host_auth_ = host_->CreateChannelAuthenticator(); 1412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) RunChannelAuth(false); 1422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StreamConnectionTester tester(host_socket_.get(), client_socket_.get(), 1442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) kMessageSize, kMessages); 1452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tester.Start(); 1472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) message_loop_.Run(); 1482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tester.CheckResults(); 1492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 1502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 15103b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)TEST_F(ThirdPartyAuthenticatorTest, ClientNoSecret) { 1522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(InitAuthenticators()); 1532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(RunHostInitiatedAuthExchange()); 1542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, client_->state()); 155c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE( 156c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) token_fetcher_->OnTokenFetched(kToken, std::string())); 1572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The end result is that the client rejected the connection, since it 1592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // couldn't fetch the secret. 1602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::REJECTED, client_->state()); 1612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 1622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 16303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)TEST_F(ThirdPartyAuthenticatorTest, InvalidToken) { 1642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(InitAuthenticators()); 1652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(RunHostInitiatedAuthExchange()); 1662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, client_->state()); 1672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(token_fetcher_->OnTokenFetched( 1682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) kToken, kSharedSecret)); 1692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, host_->state()); 170c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(token_validator_->OnTokenValidated(std::string())); 1712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The end result is that the host rejected the token. 1732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::REJECTED, host_->state()); 1742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 1752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 17603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)TEST_F(ThirdPartyAuthenticatorTest, CannotFetchToken) { 1772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(InitAuthenticators()); 1782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(RunHostInitiatedAuthExchange()); 1792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, client_->state()); 180c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE( 181c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) token_fetcher_->OnTokenFetched(std::string(), std::string())); 1822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The end result is that the client rejected the connection, since it 1842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // couldn't fetch the token. 1852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::REJECTED, client_->state()); 1862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 1872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Test that negotiation stops when the fake authentication is rejected. 18903b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)TEST_F(ThirdPartyAuthenticatorTest, HostBadSecret) { 1902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(InitAuthenticators()); 1912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(RunHostInitiatedAuthExchange()); 1922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, client_->state()); 1932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(token_fetcher_->OnTokenFetched( 1942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) kToken, kSharedSecret)); 1952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, host_->state()); 1962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE( 1972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_validator_->OnTokenValidated(kSharedSecretBad)); 1982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The end result is that the host rejected the fake authentication. 2002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::REJECTED, client_->state()); 2012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 2022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 20303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)TEST_F(ThirdPartyAuthenticatorTest, ClientBadSecret) { 2042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(InitAuthenticators()); 2052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE(RunHostInitiatedAuthExchange()); 2062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, client_->state()); 2072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE( 2082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_fetcher_->OnTokenFetched(kToken, kSharedSecretBad)); 2092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::PROCESSING_MESSAGE, host_->state()); 2102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_NO_FATAL_FAILURE( 2112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) token_validator_->OnTokenValidated(kSharedSecret)); 2122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The end result is that the host rejected the fake authentication. 2142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_EQ(Authenticator::REJECTED, client_->state()); 2152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 2162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace protocol 2182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace remoting 219