chromium/chrome/browser/enterprise/profile_management/oidc_auth_response_capture_navigation_throttle_unittest.cc

// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "chrome/browser/enterprise/profile_management/oidc_auth_response_capture_navigation_throttle.h"

#include "base/base64.h"
#include "base/json/json_writer.h"
#include "base/test/metrics/histogram_tester.h"
#include "base/test/scoped_feature_list.h"
#include "chrome/browser/enterprise/profile_management/profile_management_features.h"
#include "chrome/browser/enterprise/signin/mock_oidc_authentication_signin_interceptor.h"
#include "chrome/browser/enterprise/signin/oidc_authentication_signin_interceptor_factory.h"
#include "chrome/browser/enterprise/signin/oidc_metrics_utils.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/signin/dice_web_signin_interceptor_delegate.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
#include "chrome/test/base/browser_with_test_window_test.h"
#include "chrome/test/base/testing_profile_manager.h"
#include "content/public/browser/web_contents.h"
#include "content/public/test/mock_navigation_handle.h"
#include "services/data_decoder/public/cpp/test_support/in_process_data_decoder.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"

NavigationThrottle;
_;

namespace {

constexpr char kTokenTemplate[] = …;
constexpr char kOidcAuthTokenFieldTemplate[] = …;
constexpr char kOidcIdTokenFieldTemplate[] = …;
constexpr char kOidcStateFieldTemplate[] = …;
constexpr char kOidcAuthResponseTemplate[] = …;
constexpr char kDummyHeader[] = …;
constexpr char kDummySignature[] = …;

constexpr char kOidcEntraReprocessUrl[] = …;
constexpr char kOidcNonEntraReprocessUrl[] = …;

constexpr char kOidcEntraKmsiUrl[] = …;
constexpr char kOidcState[] = …;

constexpr char kUserPrincipleNameClaimName[] = …;
constexpr char kSubjectClaimName[] = …;
constexpr char kIssuerClaimName[] = …;

constexpr char kExampleUserPrincipleName[] = …;
constexpr char kExampleAuthSubject[] = …;
constexpr char kExampleIdSubject[] = …;
constexpr char kExampleIdIssuer[] = …;

const char kOidcEnrollmentHistogramName[] = …;

std::string BuildTokenFromDict(const base::Value::Dict& dict) { … }

std::string BuildOidcResponseUrl(const std::string& oidc_auth_token,
                                 const std::string& oidc_id_token,
                                 const std::string& oidc_state) { … }

}  // namespace

namespace profile_management {

class OidcAuthResponseCaptureNavigationThrottleTest
    : public BrowserWithTestWindowTest,
      public testing::WithParamInterface<std::tuple<bool, bool>> { … };

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest,
       DirectNavigationOnGenericOidcOnly) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, SuccessfulInterception) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest,
       SuccessfulInterceptionWithState) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest,
       SuccessfulInterceptionWithState_nonEntraUrl) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, MismatchingHost) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, MsftKmsiThrottling) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, MsftGuidThrottling) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, McasThrottling) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, MissingAuthToken) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, MissingIdToken) { … }


TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, MissingIdTokenSubClaim) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, MissingIdTokenIssClaim) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, EmptyIdJson) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest,
       WrongNumberOfJwtSections) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, DecodeFailure) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, DataDecoderFailure) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, NoServiceForGuestMode) { … }

TEST_P(OidcAuthResponseCaptureNavigationThrottleTest, NoServiceForIncognito) { … }

INSTANTIATE_TEST_SUITE_P(…);

// Test class dedicated to test if OIDC throttle validatation accepts the
// correct set of URLs.
class OidcAuthNavigationThrottleUrlMatchingTest
    : public OidcAuthResponseCaptureNavigationThrottleTest { … };

TEST_F(OidcAuthNavigationThrottleUrlMatchingTest, MsftThrottleUrlMatching) { … }

TEST_F(OidcAuthNavigationThrottleUrlMatchingTest, MsftThrottleUrlNotMatching) { … }

}  // namespace profile_management