1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/chromeos/login/login_utils.h" 6 7 #include "base/basictypes.h" 8 #include "base/bind.h" 9 #include "base/command_line.h" 10 #include "base/files/scoped_temp_dir.h" 11 #include "base/message_loop/message_loop.h" 12 #include "base/path_service.h" 13 #include "base/prefs/pref_registry_simple.h" 14 #include "base/run_loop.h" 15 #include "base/strings/string_util.h" 16 #include "base/synchronization/waitable_event.h" 17 #include "base/threading/sequenced_worker_pool.h" 18 #include "base/threading/thread.h" 19 #include "chrome/browser/chrome_notification_types.h" 20 #include "chrome/browser/chromeos/input_method/input_method_configuration.h" 21 #include "chrome/browser/chromeos/input_method/mock_input_method_manager.h" 22 #include "chrome/browser/chromeos/login/authenticator.h" 23 #include "chrome/browser/chromeos/login/login_status_consumer.h" 24 #include "chrome/browser/chromeos/login/user_manager.h" 25 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" 26 #include "chrome/browser/chromeos/profiles/profile_helper.h" 27 #include "chrome/browser/chromeos/settings/cros_settings.h" 28 #include "chrome/browser/chromeos/settings/device_settings_service.h" 29 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" 30 #include "chrome/browser/chromeos/settings/mock_owner_key_util.h" 31 #include "chrome/browser/io_thread.h" 32 #include "chrome/browser/net/predictor.h" 33 #include "chrome/browser/policy/browser_policy_connector.h" 34 #include "chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.h" 35 #include "chrome/browser/profiles/profile_manager.h" 36 #include "chrome/browser/rlz/rlz.h" 37 #include "chrome/common/chrome_paths.h" 38 #include "chrome/common/chrome_switches.h" 39 #include "chrome/common/pref_names.h" 40 #include "chrome/test/base/scoped_testing_local_state.h" 41 #include "chrome/test/base/testing_browser_process.h" 42 #include "chromeos/chromeos_switches.h" 43 #include "chromeos/cryptohome/mock_async_method_caller.h" 44 #include "chromeos/cryptohome/system_salt_getter.h" 45 #include "chromeos/dbus/fake_dbus_thread_manager.h" 46 #include "chromeos/disks/disk_mount_manager.h" 47 #include "chromeos/disks/mock_disk_mount_manager.h" 48 #include "chromeos/login/login_state.h" 49 #include "chromeos/network/network_handler.h" 50 #include "chromeos/system/mock_statistics_provider.h" 51 #include "chromeos/system/statistics_provider.h" 52 #include "components/policy/core/common/cloud/device_management_service.h" 53 #include "components/policy/core/common/policy_service.h" 54 #include "content/public/browser/browser_thread.h" 55 #include "content/public/test/test_browser_thread.h" 56 #include "content/public/test/test_utils.h" 57 #include "google_apis/gaia/gaia_auth_consumer.h" 58 #include "google_apis/gaia/gaia_urls.h" 59 #include "net/url_request/test_url_fetcher_factory.h" 60 #include "net/url_request/url_fetcher_delegate.h" 61 #include "net/url_request/url_request.h" 62 #include "net/url_request/url_request_context_getter.h" 63 #include "net/url_request/url_request_status.h" 64 #include "net/url_request/url_request_test_util.h" 65 #include "policy/proto/device_management_backend.pb.h" 66 #include "testing/gmock/include/gmock/gmock.h" 67 #include "testing/gtest/include/gtest/gtest.h" 68 69 #if defined(ENABLE_RLZ) 70 #include "rlz/lib/rlz_value_store.h" 71 #endif 72 73 using ::testing::AnyNumber; 74 75 namespace chromeos { 76 77 namespace { 78 79 namespace em = enterprise_management; 80 81 using ::testing::DoAll; 82 using ::testing::Return; 83 using ::testing::SaveArg; 84 using ::testing::SetArgPointee; 85 using ::testing::_; 86 using content::BrowserThread; 87 88 const char kDomain[] = "domain.com"; 89 const char kUsername[] = "user (at) domain.com"; 90 const char kDeviceId[] = "100200300"; 91 const char kUsernameOtherDomain[] = "user (at) other.com"; 92 93 const char kOAuthTokenCookie[] = "oauth_token=1234"; 94 95 const char kGaiaAccountDisabledResponse[] = "Error=AccountDeleted"; 96 97 const char kOAuth2TokenPairData[] = 98 "{" 99 " \"refresh_token\": \"1234\"," 100 " \"access_token\": \"5678\"," 101 " \"expires_in\": 3600" 102 "}"; 103 104 const char kOAuth2AccessTokenData[] = 105 "{" 106 " \"access_token\": \"5678\"," 107 " \"expires_in\": 3600" 108 "}"; 109 110 const char kDMServer[] = "http://server/device_management"; 111 const char kDMRegisterRequest[] = 112 "http://server/device_management?request=register"; 113 const char kDMPolicyRequest[] = 114 "http://server/device_management?request=policy"; 115 116 const char kDMToken[] = "1234"; 117 118 // Single task of the fake IO loop used in the test, that just waits until 119 // it is signaled to quit or perform some work. 120 // |completion| is the event to wait for, and |work| is the task to invoke 121 // when signaled. If the task returns false then this quits the IO loop. 122 void BlockLoop(base::WaitableEvent* completion, base::Callback<bool()> work) { 123 do { 124 completion->Wait(); 125 } while (work.Run()); 126 base::MessageLoop::current()->QuitNow(); 127 } 128 129 void CopyLockResult(base::RunLoop* loop, 130 policy::EnterpriseInstallAttributes::LockResult* out, 131 policy::EnterpriseInstallAttributes::LockResult result) { 132 *out = result; 133 loop->Quit(); 134 } 135 136 class LoginUtilsTest : public testing::Test, 137 public LoginUtils::Delegate, 138 public LoginStatusConsumer { 139 public: 140 // Initialization here is important. The UI thread gets the test's 141 // message loop, as does the file thread (which never actually gets 142 // started - so this is a way to fake multiple threads on a single 143 // test thread). The IO thread does not get the message loop set, 144 // and is never started. This is necessary so that we skip various 145 // bits of initialization that get posted to the IO thread. We do 146 // however, at one point in the test, temporarily set the message 147 // loop for the IO thread. 148 LoginUtilsTest() 149 : fake_io_thread_completion_(false, false), 150 fake_io_thread_("fake_io_thread"), 151 loop_(base::MessageLoop::TYPE_IO), 152 browser_process_(TestingBrowserProcess::GetGlobal()), 153 local_state_(browser_process_), 154 ui_thread_(BrowserThread::UI, &loop_), 155 db_thread_(BrowserThread::DB, &loop_), 156 file_thread_(BrowserThread::FILE, &loop_), 157 mock_input_method_manager_(NULL), 158 mock_async_method_caller_(NULL), 159 connector_(NULL), 160 prepared_profile_(NULL) {} 161 162 virtual void SetUp() OVERRIDE { 163 // This test is not a full blown InProcessBrowserTest, and doesn't have 164 // all the usual threads running. However a lot of subsystems pulled from 165 // ProfileImpl post to IO (usually from ProfileIOData), and DCHECK that 166 // those tasks were posted. Those tasks in turn depend on a lot of other 167 // components that aren't there during this test, so this kludge is used to 168 // have a running IO loop that doesn't really execute any tasks. 169 // 170 // See InvokeOnIO() below for a way to perform specific tasks on IO, when 171 // that's necessary. 172 173 // A thread is needed to create a new MessageLoop, since there can be only 174 // one loop per thread. 175 fake_io_thread_.StartWithOptions( 176 base::Thread::Options(base::MessageLoop::TYPE_IO, 0)); 177 base::MessageLoop* fake_io_loop = fake_io_thread_.message_loop(); 178 // Make this loop enter the single task, BlockLoop(). Pass in the completion 179 // event and the work callback. 180 fake_io_thread_.StopSoon(); 181 fake_io_loop->PostTask( 182 FROM_HERE, 183 base::Bind( 184 BlockLoop, 185 &fake_io_thread_completion_, 186 base::Bind(&LoginUtilsTest::DoIOWork, base::Unretained(this)))); 187 // Map BrowserThread::IO to this loop. This allows posting to IO but nothing 188 // will be executed. 189 io_thread_.reset( 190 new content::TestBrowserThread(BrowserThread::IO, fake_io_loop)); 191 192 ASSERT_TRUE(scoped_temp_dir_.CreateUniqueTempDir()); 193 194 CommandLine* command_line = CommandLine::ForCurrentProcess(); 195 command_line->AppendSwitchASCII( 196 ::switches::kDeviceManagementUrl, kDMServer); 197 command_line->AppendSwitchASCII(switches::kLoginProfile, "user"); 198 199 // DBusThreadManager should be initialized before io_thread_state_, as 200 // DBusThreadManager is used from chromeos::ProxyConfigServiceImpl, 201 // which is part of io_thread_state_. 202 DBusThreadManager::InitializeWithStub(); 203 204 SystemSaltGetter::Initialize(); 205 LoginState::Initialize(); 206 207 EXPECT_CALL(mock_statistics_provider_, GetMachineStatistic(_, _)) 208 .WillRepeatedly(Return(false)); 209 chromeos::system::StatisticsProvider::SetTestProvider( 210 &mock_statistics_provider_); 211 212 mock_input_method_manager_ = new input_method::MockInputMethodManager(); 213 input_method::InitializeForTesting(mock_input_method_manager_); 214 disks::DiskMountManager::InitializeForTesting(&mock_disk_mount_manager_); 215 mock_disk_mount_manager_.SetupDefaultReplies(); 216 217 mock_async_method_caller_ = new cryptohome::MockAsyncMethodCaller; 218 cryptohome::AsyncMethodCaller::InitializeForTesting( 219 mock_async_method_caller_); 220 221 test_device_settings_service_.reset(new ScopedTestDeviceSettingsService); 222 test_cros_settings_.reset(new ScopedTestCrosSettings); 223 test_user_manager_.reset(new ScopedTestUserManager); 224 225 // IOThread creates ProxyConfigServiceImpl and 226 // BrowserPolicyConnector::Init() creates a NetworkConfigurationUpdater, 227 // which both access NetworkHandler. Thus initialize it here before creating 228 // IOThread and before calling BrowserPolicyConnector::Init(). 229 NetworkHandler::Initialize(); 230 231 browser_process_->SetProfileManager( 232 new ProfileManagerWithoutInit(scoped_temp_dir_.path())); 233 browser_process_->SetSystemRequestContext( 234 new net::TestURLRequestContextGetter( 235 base::MessageLoopProxy::current())); 236 connector_ = browser_process_->browser_policy_connector(); 237 connector_->Init(local_state_.Get(), 238 browser_process_->system_request_context()); 239 240 io_thread_state_.reset(new IOThread(local_state_.Get(), 241 browser_process_->policy_service(), 242 NULL, NULL)); 243 browser_process_->SetIOThread(io_thread_state_.get()); 244 245 #if defined(ENABLE_RLZ) 246 rlz_initialized_cb_ = base::Bind(&base::DoNothing); 247 rlz_lib::testing::SetRlzStoreDirectory(scoped_temp_dir_.path()); 248 RLZTracker::EnableZeroDelayForTesting(); 249 #endif 250 251 RunUntilIdle(); 252 } 253 254 virtual void TearDown() OVERRIDE { 255 cryptohome::AsyncMethodCaller::Shutdown(); 256 mock_async_method_caller_ = NULL; 257 258 test_user_manager_.reset(); 259 260 InvokeOnIO( 261 base::Bind(&LoginUtilsTest::TearDownOnIO, base::Unretained(this))); 262 263 // LoginUtils instance must not outlive Profile instances. 264 LoginUtils::Set(NULL); 265 266 input_method::Shutdown(); 267 LoginState::Shutdown(); 268 SystemSaltGetter::Shutdown(); 269 270 // These trigger some tasks that have to run while BrowserThread::UI 271 // exists. Delete all the profiles before deleting the connector. 272 browser_process_->SetProfileManager(NULL); 273 connector_ = NULL; 274 browser_process_->SetBrowserPolicyConnector(NULL); 275 QuitIOLoop(); 276 RunUntilIdle(); 277 } 278 279 void TearDownOnIO() { 280 // chrome_browser_net::Predictor usually skips its shutdown routines on 281 // unit_tests, but does the full thing when 282 // g_browser_process->profile_manager() is valid during initialization. 283 // That includes a WaitableEvent on UI waiting for a task on IO, so that 284 // task must execute. Do it directly from here now. 285 std::vector<Profile*> profiles = 286 browser_process_->profile_manager()->GetLoadedProfiles(); 287 for (size_t i = 0; i < profiles.size(); ++i) { 288 chrome_browser_net::Predictor* predictor = 289 profiles[i]->GetNetworkPredictor(); 290 if (predictor) { 291 predictor->EnablePredictorOnIOThread(false); 292 predictor->Shutdown(); 293 } 294 } 295 } 296 297 void RunUntilIdle() { 298 loop_.RunUntilIdle(); 299 BrowserThread::GetBlockingPool()->FlushForTesting(); 300 loop_.RunUntilIdle(); 301 } 302 303 // Invokes |task| on the IO loop and returns after it has executed. 304 void InvokeOnIO(const base::Closure& task) { 305 fake_io_thread_work_ = task; 306 fake_io_thread_completion_.Signal(); 307 content::RunMessageLoop(); 308 } 309 310 // Makes the fake IO loop return. 311 void QuitIOLoop() { 312 fake_io_thread_completion_.Signal(); 313 content::RunMessageLoop(); 314 } 315 316 // Helper for BlockLoop, InvokeOnIO and QuitIOLoop. 317 bool DoIOWork() { 318 bool has_work = !fake_io_thread_work_.is_null(); 319 if (has_work) 320 fake_io_thread_work_.Run(); 321 fake_io_thread_work_.Reset(); 322 BrowserThread::PostTask( 323 BrowserThread::UI, FROM_HERE, 324 base::MessageLoop::QuitWhenIdleClosure()); 325 // If there was work then keep waiting for more work. 326 // If there was no work then quit the fake IO loop. 327 return has_work; 328 } 329 330 virtual void OnProfilePrepared(Profile* profile) OVERRIDE { 331 EXPECT_FALSE(prepared_profile_); 332 prepared_profile_ = profile; 333 } 334 335 #if defined(ENABLE_RLZ) 336 virtual void OnRlzInitialized(Profile* profile) OVERRIDE { 337 rlz_initialized_cb_.Run(); 338 } 339 #endif 340 341 virtual void OnLoginFailure(const LoginFailure& error) OVERRIDE { 342 FAIL() << "OnLoginFailure not expected"; 343 } 344 345 virtual void OnLoginSuccess(const UserContext& user_context) OVERRIDE { 346 FAIL() << "OnLoginSuccess not expected"; 347 } 348 349 void EnrollDevice(const std::string& username) { 350 base::RunLoop loop; 351 policy::EnterpriseInstallAttributes::LockResult result; 352 connector_->GetInstallAttributes()->LockDevice( 353 username, policy::DEVICE_MODE_ENTERPRISE, kDeviceId, 354 base::Bind(&CopyLockResult, &loop, &result)); 355 loop.Run(); 356 EXPECT_EQ(policy::EnterpriseInstallAttributes::LOCK_SUCCESS, result); 357 RunUntilIdle(); 358 } 359 360 void PrepareProfile(const std::string& username) { 361 // Normally this would happen during browser startup, but for tests 362 // we need to trigger creation of Profile-related services. 363 ChromeBrowserMainExtraPartsProfiles:: 364 EnsureBrowserContextKeyedServiceFactoriesBuilt(); 365 366 DeviceSettingsTestHelper device_settings_test_helper; 367 DeviceSettingsService::Get()->SetSessionManager( 368 &device_settings_test_helper, new MockOwnerKeyUtil()); 369 370 EXPECT_CALL(*mock_async_method_caller_, AsyncMount(_, _, _, _)) 371 .WillRepeatedly(Return()); 372 EXPECT_CALL(*mock_async_method_caller_, AsyncGetSanitizedUsername(_, _)) 373 .WillRepeatedly(Return()); 374 375 scoped_refptr<Authenticator> authenticator = 376 LoginUtils::Get()->CreateAuthenticator(this); 377 authenticator->CompleteLogin(ProfileHelper::GetSigninProfile(), 378 UserContext(username, 379 "password", 380 std::string(), 381 username)); // username_hash 382 383 const bool kUsingOAuth = true; 384 // Setting |kHasCookies| to false prevents ProfileAuthData::Transfer from 385 // waiting for an IO task before proceeding. 386 const bool kHasCookies = false; 387 const bool kHasActiveSession = false; 388 LoginUtils::Get()->PrepareProfile( 389 UserContext(username, "password", std::string(), username, kUsingOAuth), 390 std::string(), kHasCookies, kHasActiveSession, this); 391 device_settings_test_helper.Flush(); 392 RunUntilIdle(); 393 394 DeviceSettingsService::Get()->UnsetSessionManager(); 395 } 396 397 net::TestURLFetcher* PrepareOAuthFetcher(const GURL& expected_url) { 398 net::TestURLFetcher* fetcher = test_url_fetcher_factory_.GetFetcherByID(0); 399 EXPECT_TRUE(fetcher); 400 if (!fetcher) 401 return NULL; 402 EXPECT_TRUE(fetcher->delegate()); 403 EXPECT_TRUE(StartsWithASCII(fetcher->GetOriginalURL().spec(), 404 expected_url.spec(), 405 true)); 406 fetcher->set_url(fetcher->GetOriginalURL()); 407 fetcher->set_response_code(200); 408 fetcher->set_status(net::URLRequestStatus()); 409 return fetcher; 410 } 411 412 net::TestURLFetcher* PrepareDMServiceFetcher( 413 const std::string& expected_url, 414 const em::DeviceManagementResponse& response) { 415 net::TestURLFetcher* fetcher = test_url_fetcher_factory_.GetFetcherByID( 416 policy::DeviceManagementService::kURLFetcherID); 417 EXPECT_TRUE(fetcher); 418 if (!fetcher) 419 return NULL; 420 EXPECT_TRUE(fetcher->delegate()); 421 EXPECT_TRUE(StartsWithASCII(fetcher->GetOriginalURL().spec(), 422 expected_url, 423 true)); 424 fetcher->set_url(fetcher->GetOriginalURL()); 425 fetcher->set_response_code(200); 426 fetcher->set_status(net::URLRequestStatus()); 427 std::string data; 428 EXPECT_TRUE(response.SerializeToString(&data)); 429 fetcher->SetResponseString(data); 430 return fetcher; 431 } 432 433 net::TestURLFetcher* PrepareDMRegisterFetcher() { 434 em::DeviceManagementResponse response; 435 em::DeviceRegisterResponse* register_response = 436 response.mutable_register_response(); 437 register_response->set_device_management_token(kDMToken); 438 register_response->set_enrollment_type( 439 em::DeviceRegisterResponse::ENTERPRISE); 440 return PrepareDMServiceFetcher(kDMRegisterRequest, response); 441 } 442 443 net::TestURLFetcher* PrepareDMPolicyFetcher() { 444 em::DeviceManagementResponse response; 445 response.mutable_policy_response()->add_response(); 446 return PrepareDMServiceFetcher(kDMPolicyRequest, response); 447 } 448 449 protected: 450 // Must be the first member variable as browser_process_ and local_state_ 451 // rely on this being set up. 452 TestingBrowserProcessInitializer initializer_; 453 454 base::Closure fake_io_thread_work_; 455 base::WaitableEvent fake_io_thread_completion_; 456 base::Thread fake_io_thread_; 457 458 base::MessageLoop loop_; 459 TestingBrowserProcess* browser_process_; 460 ScopedTestingLocalState local_state_; 461 462 content::TestBrowserThread ui_thread_; 463 content::TestBrowserThread db_thread_; 464 content::TestBrowserThread file_thread_; 465 scoped_ptr<content::TestBrowserThread> io_thread_; 466 scoped_ptr<IOThread> io_thread_state_; 467 468 input_method::MockInputMethodManager* mock_input_method_manager_; 469 disks::MockDiskMountManager mock_disk_mount_manager_; 470 net::TestURLFetcherFactory test_url_fetcher_factory_; 471 472 cryptohome::MockAsyncMethodCaller* mock_async_method_caller_; 473 474 chromeos::system::MockStatisticsProvider mock_statistics_provider_; 475 476 policy::BrowserPolicyConnector* connector_; 477 478 scoped_ptr<ScopedTestDeviceSettingsService> test_device_settings_service_; 479 scoped_ptr<ScopedTestCrosSettings> test_cros_settings_; 480 scoped_ptr<ScopedTestUserManager> test_user_manager_; 481 482 Profile* prepared_profile_; 483 484 base::Closure rlz_initialized_cb_; 485 486 private: 487 base::ScopedTempDir scoped_temp_dir_; 488 489 std::string device_policy_; 490 std::string user_policy_; 491 492 DISALLOW_COPY_AND_ASSIGN(LoginUtilsTest); 493 }; 494 495 class LoginUtilsBlockingLoginTest 496 : public LoginUtilsTest, 497 public testing::WithParamInterface<int> {}; 498 499 TEST_F(LoginUtilsTest, NormalLoginDoesntBlock) { 500 UserManager* user_manager = UserManager::Get(); 501 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 502 EXPECT_FALSE(connector_->IsEnterpriseManaged()); 503 EXPECT_FALSE(prepared_profile_); 504 EXPECT_EQ(policy::USER_AFFILIATION_NONE, 505 connector_->GetUserAffiliation(kUsername)); 506 507 // The profile will be created without waiting for a policy response. 508 PrepareProfile(kUsername); 509 510 EXPECT_TRUE(prepared_profile_); 511 ASSERT_TRUE(user_manager->IsUserLoggedIn()); 512 EXPECT_EQ(kUsername, user_manager->GetLoggedInUser()->email()); 513 } 514 515 TEST_F(LoginUtilsTest, EnterpriseLoginDoesntBlockForNormalUser) { 516 UserManager* user_manager = UserManager::Get(); 517 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 518 EXPECT_FALSE(connector_->IsEnterpriseManaged()); 519 EXPECT_FALSE(prepared_profile_); 520 521 // Enroll the device. 522 EnrollDevice(kUsername); 523 524 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 525 EXPECT_TRUE(connector_->IsEnterpriseManaged()); 526 EXPECT_EQ(kDomain, connector_->GetEnterpriseDomain()); 527 EXPECT_FALSE(prepared_profile_); 528 EXPECT_EQ(policy::USER_AFFILIATION_NONE, 529 connector_->GetUserAffiliation(kUsernameOtherDomain)); 530 531 // Login with a non-enterprise user shouldn't block. 532 PrepareProfile(kUsernameOtherDomain); 533 534 EXPECT_TRUE(prepared_profile_); 535 ASSERT_TRUE(user_manager->IsUserLoggedIn()); 536 EXPECT_EQ(kUsernameOtherDomain, user_manager->GetLoggedInUser()->email()); 537 } 538 539 #if defined(ENABLE_RLZ) 540 TEST_F(LoginUtilsTest, RlzInitialized) { 541 // No RLZ brand code set initially. 542 EXPECT_FALSE(local_state_.Get()->HasPrefPath(prefs::kRLZBrand)); 543 544 base::RunLoop wait_for_rlz_init; 545 rlz_initialized_cb_ = wait_for_rlz_init.QuitClosure(); 546 547 PrepareProfile(kUsername); 548 549 wait_for_rlz_init.Run(); 550 // Wait for blocking RLZ tasks to complete. 551 RunUntilIdle(); 552 553 // RLZ brand code has been set to empty string. 554 EXPECT_TRUE(local_state_.Get()->HasPrefPath(prefs::kRLZBrand)); 555 EXPECT_EQ(std::string(), local_state_.Get()->GetString(prefs::kRLZBrand)); 556 557 // RLZ value for homepage access point should have been initialized. 558 base::string16 rlz_string; 559 EXPECT_TRUE(RLZTracker::GetAccessPointRlz( 560 RLZTracker::CHROME_HOME_PAGE, &rlz_string)); 561 EXPECT_EQ(base::string16(), rlz_string); 562 } 563 #endif 564 565 TEST_P(LoginUtilsBlockingLoginTest, EnterpriseLoginBlocksForEnterpriseUser) { 566 UserManager* user_manager = UserManager::Get(); 567 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 568 EXPECT_FALSE(connector_->IsEnterpriseManaged()); 569 EXPECT_FALSE(prepared_profile_); 570 571 // Enroll the device. 572 EnrollDevice(kUsername); 573 574 EXPECT_FALSE(user_manager->IsUserLoggedIn()); 575 EXPECT_TRUE(connector_->IsEnterpriseManaged()); 576 EXPECT_EQ(kDomain, connector_->GetEnterpriseDomain()); 577 EXPECT_FALSE(prepared_profile_); 578 EXPECT_EQ(policy::USER_AFFILIATION_MANAGED, 579 connector_->GetUserAffiliation(kUsername)); 580 EXPECT_FALSE(user_manager->IsKnownUser(kUsername)); 581 582 // Login with a user of the enterprise domain waits for policy. 583 PrepareProfile(kUsername); 584 585 EXPECT_FALSE(prepared_profile_); 586 ASSERT_TRUE(user_manager->IsUserLoggedIn()); 587 EXPECT_TRUE(user_manager->IsCurrentUserNew()); 588 589 GaiaUrls* gaia_urls = GaiaUrls::GetInstance(); 590 net::TestURLFetcher* fetcher; 591 592 // |steps| is the test parameter, and is the number of successful fetches. 593 // The first incomplete fetch will fail. In any case, the profile creation 594 // should resume. 595 int steps = GetParam(); 596 597 // The next expected fetcher ID. This is used to make it fail. 598 int next_expected_fetcher_id = 0; 599 600 do { 601 if (steps < 1) break; 602 603 // Fake refresh token retrieval: 604 fetcher = PrepareOAuthFetcher(gaia_urls->client_login_to_oauth2_url()); 605 ASSERT_TRUE(fetcher); 606 net::ResponseCookies cookies; 607 cookies.push_back(kOAuthTokenCookie); 608 fetcher->set_cookies(cookies); 609 fetcher->delegate()->OnURLFetchComplete(fetcher); 610 if (steps < 2) break; 611 612 // Fake OAuth2 token pair retrieval: 613 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); 614 ASSERT_TRUE(fetcher); 615 fetcher->SetResponseString(kOAuth2TokenPairData); 616 fetcher->delegate()->OnURLFetchComplete(fetcher); 617 if (steps < 3) break; 618 619 // Fake OAuth2 access token retrieval: 620 fetcher = PrepareOAuthFetcher(gaia_urls->oauth2_token_url()); 621 ASSERT_TRUE(fetcher); 622 fetcher->SetResponseString(kOAuth2AccessTokenData); 623 fetcher->delegate()->OnURLFetchComplete(fetcher); 624 625 // The cloud policy subsystem is now ready to fetch the dmtoken and the user 626 // policy. 627 next_expected_fetcher_id = policy::DeviceManagementService::kURLFetcherID; 628 RunUntilIdle(); 629 if (steps < 4) break; 630 631 fetcher = PrepareDMRegisterFetcher(); 632 ASSERT_TRUE(fetcher); 633 fetcher->delegate()->OnURLFetchComplete(fetcher); 634 // The policy fetch job has now been scheduled, run it: 635 RunUntilIdle(); 636 if (steps < 5) break; 637 638 // Verify that there is no profile prepared just before the policy fetch. 639 EXPECT_FALSE(prepared_profile_); 640 641 fetcher = PrepareDMPolicyFetcher(); 642 ASSERT_TRUE(fetcher); 643 fetcher->delegate()->OnURLFetchComplete(fetcher); 644 RunUntilIdle(); 645 } while (0); 646 647 if (steps < 5) { 648 // Verify that the profile hasn't been created yet. 649 EXPECT_FALSE(prepared_profile_); 650 651 // Make the current fetcher fail with a Gaia error. 652 net::TestURLFetcher* fetcher = test_url_fetcher_factory_.GetFetcherByID( 653 next_expected_fetcher_id); 654 ASSERT_TRUE(fetcher); 655 EXPECT_TRUE(fetcher->delegate()); 656 fetcher->set_url(fetcher->GetOriginalURL()); 657 fetcher->set_response_code(401); 658 // This response body is important to make the gaia fetcher skip its delayed 659 // retry behavior, which makes testing harder. If this is sent to the policy 660 // fetchers then it will make them fail too. 661 fetcher->SetResponseString(kGaiaAccountDisabledResponse); 662 fetcher->delegate()->OnURLFetchComplete(fetcher); 663 RunUntilIdle(); 664 } 665 666 // The profile is finally ready: 667 EXPECT_TRUE(prepared_profile_); 668 } 669 670 INSTANTIATE_TEST_CASE_P( 671 LoginUtilsBlockingLoginTestInstance, 672 LoginUtilsBlockingLoginTest, 673 testing::Values(0, 1, 2, 3, 4, 5)); 674 675 } // namespace 676 677 } // namespace chromeos 678
