// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <memory> #include <string> #include <vector> #include "base/command_line.h" #include "base/feature_list.h" #include "base/functional/bind.h" #include "base/json/json_reader.h" #include "base/json/json_writer.h" #include "base/memory/raw_ptr.h" #include "base/strings/pattern.h" #include "base/strings/string_number_conversions.h" #include "base/strings/string_util.h" #include "base/strings/stringprintf.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/scoped_feature_list.h" #include "base/test/values_test_util.h" #include "base/values.h" #include "components/network_session_configurator/common/network_switches.h" #include "content/browser/in_memory_federated_permission_context.h" #include "content/browser/webid/fake_identity_request_dialog_controller.h" #include "content/browser/webid/identity_registry.h" #include "content/browser/webid/test/mock_digital_identity_provider.h" #include "content/browser/webid/test/mock_identity_request_dialog_controller.h" #include "content/browser/webid/test/mock_modal_dialog_view_delegate.h" #include "content/browser/webid/test/webid_test_content_browser_client.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/content_browser_client.h" #include "content/public/browser/identity_request_dialog_controller.h" #include "content/public/common/content_client.h" #include "content/public/common/content_features.h" #include "content/public/common/content_switches.h" #include "content/public/test/browser_test.h" #include "content/public/test/browser_test_utils.h" #include "content/public/test/content_browser_test.h" #include "content/public/test/content_browser_test_utils.h" #include "content/shell/browser/shell.h" #include "net/base/features.h" #include "net/dns/mock_host_resolver.h" #include "net/http/http_status_code.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "net/test/embedded_test_server/http_request.h" #include "net/test/embedded_test_server/http_response.h" #include "services/network/public/cpp/cors/cors.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "third_party/blink/public/common/features.h" #include "url/gurl.h" #include "url/origin.h" EmbeddedTestServer; HttpStatusCode; BasicHttpResponse; HttpMethod; HttpRequest; HttpResponse; _; Eq; NiceMock; WithArg; WithArgs; namespace content { namespace { constexpr char kRpHostName[] = …; // Use localhost for IDP so that the well-known file can be fetched from the // test server's custom port. IdpNetworkRequestManager::ComputeWellKnownUrl() // does not enforce a specific port if the IDP is localhost. constexpr char kIdpOrigin[] = …; constexpr char kExpectedConfigPath[] = …; constexpr char kExpectedWellKnownPath[] = …; constexpr char kTestContentType[] = …; constexpr char kIdpForbiddenHeader[] = …; // TODO(crbug.com/40245246): Replace these with a standardized header once // we collected enough metrics. static constexpr char kSetLoginHeader[] = …; static constexpr char kLoggedInHeaderValue[] = …; static constexpr char kLoggedOutHeaderValue[] = …; // Token value in //content/test/data/id_assertion_endpoint.json constexpr char kToken[] = …; constexpr char kJsErrorPrefix[] = …; // Extracts error from `result` removing `kJsErrorPrefix` and removing leading // and trailing whitespace and quotes. std::string ExtractJsError(const EvalJsResult& result) { … } bool IsGetRequestWithPath(const HttpRequest& request, const std::string& expected_path) { … } // This class implements the IdP logic, and responds to requests sent to the // test HTTP server. class IdpTestServer { … }; class TestFederatedIdentityModalDialogViewDelegate : public NiceMock<MockModalDialogViewDelegate> { … }; } // namespace class WebIdBrowserTest : public ContentBrowserTest { … }; class WebIdIdpSigninStatusBrowserTest : public WebIdBrowserTest { … }; class WebIdIdpSigninStatusForFetchKeepAliveBrowserTest : public WebIdBrowserTest { … }; class WebIdIdPRegistryBrowserTest : public WebIdBrowserTest { … }; class WebIdAuthzBrowserTest : public WebIdBrowserTest { … }; // Verify a standard login flow with IdP sign-in page. IN_PROC_BROWSER_TEST_F(WebIdBrowserTest, FullLoginFlow) { … } // Verify full login flow where the IdP uses absolute rather than relative // URLs. IN_PROC_BROWSER_TEST_F(WebIdBrowserTest, AbsoluteURLs) { … } // Verify an attempt to invoke FedCM with an insecure IDP path fails. IN_PROC_BROWSER_TEST_F(WebIdBrowserTest, FailsOnHTTP) { … } // Verify that an IdP can register itself. IN_PROC_BROWSER_TEST_F(WebIdIdPRegistryBrowserTest, RegisterIdP) { … } // Verify that the RP cannot register the IdP across origins. IN_PROC_BROWSER_TEST_F(WebIdIdPRegistryBrowserTest, RpCantRegisterIdP) { … } // Verify that an IdP can unregister itself. IN_PROC_BROWSER_TEST_F(WebIdIdPRegistryBrowserTest, UnregisterIdP) { … } // Verify that an RP can request from registered IdPs. IN_PROC_BROWSER_TEST_F(WebIdIdPRegistryBrowserTest, UseRegistry) { … } // Verify that when type is requested, an IDP not matching it will not show // up. IN_PROC_BROWSER_TEST_F(WebIdIdPRegistryBrowserTest, RegistryWithTypeNoMatch) { … } // Verify that when the type of the registered IdP matches the requested one, // the FedCM flow is successful. IN_PROC_BROWSER_TEST_F(WebIdIdPRegistryBrowserTest, RegistryWithTypeMatch) { … } // Test that multiple IdPs can be registered and that the FedCM flow is // successful when the two registered IdPs are shown. IN_PROC_BROWSER_TEST_F(WebIdIdPRegistryBrowserTest, MultipleRegisteredIdps) { … } // Verify that IDP sign-in headers work. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusBrowserTest, IdpSigninToplevel) { … } // Verify that IDP sign-out headers work. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusBrowserTest, IdpSignoutToplevel) { … } // Verify that IDP sign-in/out headers work in subresources. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusBrowserTest, IdpSigninAndOutSubresource) { … } // Verify that IDP sign-in/out headers work in fetch keepalive subresources when // proxied via browser. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusForFetchKeepAliveBrowserTest, IdpSigninAndOutSubresourceFetchKeepAliveInBrowser) { … } // Verify that IDP sign-in/out headers work in sync XHR. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusBrowserTest, IdpSigninAndOutSyncXhr) { … } // Verify that IDP sign-in/out headers work in fetch from worker. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusBrowserTest, IdpSigninAndOutFetchFromWorker) { … } // Verify that IDP sign-in/out headers work in fetch from nested worker. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusBrowserTest, IdpSigninAndOutFetchFromNestedWorker) { … } // Verify that an IdP can call close to close modal dialog views. IN_PROC_BROWSER_TEST_F(WebIdIdpSigninStatusBrowserTest, IdPClose) { … } class WebIdDigitalCredentialsBrowserTest : public WebIdBrowserTest { … }; std::string BuildDigitalIdentityValidJsRequestDictionary() { … } EvalJsResult EvalJsAndReturnToken(const ToRenderFrameHost& execution_target, std::string_view script_setting_token) { … } EvalJsResult RunDigitalIdentityValidRequest( const ToRenderFrameHost& execution_target) { … } // Leniently parses the input string as JSON and compares it to already-parsed // JSON. MATCHER_P(JsonMatches, ref, "") { … } // Test that a Verifiable Credential can be requested via the navigator.identity // JS API IN_PROC_BROWSER_TEST_F(WebIdDigitalCredentialsBrowserTest, NavigatorIdentityApi) { … } // Test that when there's a pending mdoc request, a second `get` call should be // rejected. IN_PROC_BROWSER_TEST_F(WebIdDigitalCredentialsBrowserTest, OnlyOneInFlightDigitalCredentialRequestIsAllowed) { … } // Test that when the user declines a digital identity request, the error // message returned to JavaScript does not indicate that the user declined the // request. IN_PROC_BROWSER_TEST_F(WebIdDigitalCredentialsBrowserTest, UserDeclinesRequest) { … } // Test that Blink.DigitalIdentityRequest.Status UMA metric is recorded when // digital identity request completes. IN_PROC_BROWSER_TEST_F(WebIdDigitalCredentialsBrowserTest, RecordRequestStatusHistogramAfterRequestCompletes) { … } // Verify that the Authz parameters are passed to the id assertion endpoint. IN_PROC_BROWSER_TEST_F(WebIdAuthzBrowserTest, Authz_noPopUpWindow) { … } // Verify that the Authz parameters are passed to the id assertion endpoint. IN_PROC_BROWSER_TEST_F(WebIdAuthzBrowserTest, Authz_invalidFields) { … } // Verify that the id assertion endpoint can request a pop-up window. IN_PROC_BROWSER_TEST_F(WebIdAuthzBrowserTest, Authz_openPopUpWindow) { … } // Verify that an IdentityCredentialError exception is returned. IN_PROC_BROWSER_TEST_F(WebIdBrowserTest, IdentityCredentialError) { … } // Verify that auto re-authn can be triggered if the Rp is on the // approved_clients list and the IdP has third party cookies access. IN_PROC_BROWSER_TEST_F(WebIdBrowserTest, IdpHas3PCAccessAndAddsRPInApprovedClients) { … } // Verify that using mediation in the wrong place adds log to console. IN_PROC_BROWSER_TEST_F(WebIdBrowserTest, MediationInIdentityCredentialRequestOptions) { … } // Verify that using mediation in the right place does not add log to console. IN_PROC_BROWSER_TEST_F(WebIdBrowserTest, NoConsoleWarningWithProperMediationCall) { … } } // namespace content
Codebase Browser
chromium