1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/chromeos/login/saml/saml_offline_signin_limiter.h" 6 7 #include "base/memory/ref_counted.h" 8 #include "base/prefs/pref_service.h" 9 #include "base/test/simple_test_clock.h" 10 #include "base/test/test_simple_task_runner.h" 11 #include "base/thread_task_runner_handle.h" 12 #include "base/time/clock.h" 13 #include "chrome/browser/chromeos/login/saml/saml_offline_signin_limiter_factory.h" 14 #include "chrome/browser/chromeos/login/users/mock_user_manager.h" 15 #include "chrome/browser/chromeos/login/users/scoped_user_manager_enabler.h" 16 #include "chrome/browser/profiles/profile.h" 17 #include "chrome/common/pref_names.h" 18 #include "chrome/test/base/testing_profile.h" 19 #include "components/pref_registry/pref_registry_syncable.h" 20 #include "testing/gmock/include/gmock/gmock.h" 21 #include "testing/gtest/include/gtest/gtest.h" 22 23 using testing::Mock; 24 using testing::ReturnRef; 25 using testing::Sequence; 26 27 namespace chromeos { 28 29 namespace { 30 const char kTestUser[] = "user (at) example.com"; 31 } 32 33 class SAMLOfflineSigninLimiterTest : public testing::Test { 34 protected: 35 SAMLOfflineSigninLimiterTest(); 36 virtual ~SAMLOfflineSigninLimiterTest(); 37 38 // testing::Test: 39 virtual void SetUp() OVERRIDE; 40 virtual void TearDown() OVERRIDE; 41 42 void DestroyLimiter(); 43 void CreateLimiter(); 44 45 scoped_refptr<base::TestSimpleTaskRunner> runner_; 46 base::ThreadTaskRunnerHandle runner_handle_; 47 48 MockUserManager* user_manager_; // Not owned. 49 ScopedUserManagerEnabler user_manager_enabler_; 50 51 scoped_ptr<TestingProfile> profile_; 52 base::SimpleTestClock clock_; 53 54 SAMLOfflineSigninLimiter* limiter_; // Owned. 55 56 DISALLOW_COPY_AND_ASSIGN(SAMLOfflineSigninLimiterTest); 57 }; 58 59 SAMLOfflineSigninLimiterTest::SAMLOfflineSigninLimiterTest() 60 : runner_(new base::TestSimpleTaskRunner), 61 runner_handle_(runner_), 62 user_manager_(new MockUserManager), 63 user_manager_enabler_(user_manager_), 64 limiter_(NULL) { 65 } 66 67 SAMLOfflineSigninLimiterTest::~SAMLOfflineSigninLimiterTest() { 68 DestroyLimiter(); 69 Mock::VerifyAndClearExpectations(user_manager_); 70 EXPECT_CALL(*user_manager_, Shutdown()).Times(1); 71 } 72 73 void SAMLOfflineSigninLimiterTest::DestroyLimiter() { 74 if (limiter_) { 75 limiter_->Shutdown(); 76 delete limiter_; 77 limiter_ = NULL; 78 } 79 } 80 81 void SAMLOfflineSigninLimiterTest::CreateLimiter() { 82 DestroyLimiter(); 83 limiter_ = new SAMLOfflineSigninLimiter(profile_.get(), &clock_); 84 } 85 86 void SAMLOfflineSigninLimiterTest::SetUp() { 87 profile_.reset(new TestingProfile); 88 89 SAMLOfflineSigninLimiterFactory::SetClockForTesting(&clock_); 90 user_manager_->AddUser(kTestUser); 91 profile_->set_profile_name(kTestUser); 92 clock_.Advance(base::TimeDelta::FromHours(1)); 93 } 94 95 void SAMLOfflineSigninLimiterTest::TearDown() { 96 SAMLOfflineSigninLimiterFactory::SetClockForTesting(NULL); 97 } 98 99 TEST_F(SAMLOfflineSigninLimiterTest, NoSAMLDefaultLimit) { 100 PrefService* prefs = profile_->GetPrefs(); 101 102 // Set the time of last login with SAML. 103 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 104 clock_.Now().ToInternalValue()); 105 106 // Authenticate against GAIA without SAML. Verify that the flag enforcing 107 // online login and the time of last login with SAML are cleared. 108 CreateLimiter(); 109 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 110 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 111 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITHOUT_SAML); 112 113 const PrefService::Preference* pref = 114 prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 115 ASSERT_TRUE(pref); 116 EXPECT_FALSE(pref->HasUserSetting()); 117 118 // Verify that no timer is running. 119 EXPECT_FALSE(runner_->HasPendingTask()); 120 121 // Log out. Verify that the flag enforcing online login is not set. 122 DestroyLimiter(); 123 124 // Authenticate offline. Verify that the flag enforcing online login is not 125 // changed and the time of last login with SAML is not set. 126 CreateLimiter(); 127 Mock::VerifyAndClearExpectations(user_manager_); 128 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 129 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 130 limiter_->SignedIn(UserContext::AUTH_FLOW_OFFLINE); 131 132 pref = prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 133 ASSERT_TRUE(pref); 134 EXPECT_FALSE(pref->HasUserSetting()); 135 136 // Verify that no timer is running. 137 EXPECT_FALSE(runner_->HasPendingTask()); 138 } 139 140 TEST_F(SAMLOfflineSigninLimiterTest, NoSAMLNoLimit) { 141 PrefService* prefs = profile_->GetPrefs(); 142 143 // Remove the time limit. 144 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, -1); 145 146 // Set the time of last login with SAML. 147 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 148 clock_.Now().ToInternalValue()); 149 150 // Authenticate against GAIA without SAML. Verify that the flag enforcing 151 // online login and the time of last login with SAML are cleared. 152 CreateLimiter(); 153 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 154 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 155 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITHOUT_SAML); 156 157 const PrefService::Preference* pref = 158 prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 159 ASSERT_TRUE(pref); 160 EXPECT_FALSE(pref->HasUserSetting()); 161 162 // Verify that no timer is running. 163 EXPECT_FALSE(runner_->HasPendingTask()); 164 165 // Log out. Verify that the flag enforcing online login is not set. 166 DestroyLimiter(); 167 168 // Authenticate offline. Verify that the flag enforcing online login is not 169 // changed and the time of last login with SAML is not set. 170 CreateLimiter(); 171 Mock::VerifyAndClearExpectations(user_manager_); 172 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 173 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 174 limiter_->SignedIn(UserContext::AUTH_FLOW_OFFLINE); 175 176 pref = prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 177 ASSERT_TRUE(pref); 178 EXPECT_FALSE(pref->HasUserSetting()); 179 180 // Verify that no timer is running. 181 EXPECT_FALSE(runner_->HasPendingTask()); 182 } 183 184 TEST_F(SAMLOfflineSigninLimiterTest, NoSAMLZeroLimit) { 185 PrefService* prefs = profile_->GetPrefs(); 186 187 // Set a zero time limit. 188 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, 0); 189 190 // Set the time of last login with SAML. 191 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 192 clock_.Now().ToInternalValue()); 193 194 // Authenticate against GAIA without SAML. Verify that the flag enforcing 195 // online login and the time of last login with SAML are cleared. 196 CreateLimiter(); 197 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 198 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 199 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITHOUT_SAML); 200 201 const PrefService::Preference* pref = 202 prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 203 ASSERT_TRUE(pref); 204 EXPECT_FALSE(pref->HasUserSetting()); 205 206 // Verify that no timer is running. 207 EXPECT_FALSE(runner_->HasPendingTask()); 208 209 // Log out. Verify that the flag enforcing online login is not set. 210 DestroyLimiter(); 211 212 // Authenticate offline. Verify that the flag enforcing online login is not 213 // changed and the time of last login with SAML is not set. 214 CreateLimiter(); 215 Mock::VerifyAndClearExpectations(user_manager_); 216 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 217 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 218 limiter_->SignedIn(UserContext::AUTH_FLOW_OFFLINE); 219 220 pref = prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 221 ASSERT_TRUE(pref); 222 EXPECT_FALSE(pref->HasUserSetting()); 223 224 // Verify that no timer is running. 225 EXPECT_FALSE(runner_->HasPendingTask()); 226 } 227 228 TEST_F(SAMLOfflineSigninLimiterTest, NoSAMLSetLimitWhileLoggedIn) { 229 PrefService* prefs = profile_->GetPrefs(); 230 231 // Remove the time limit. 232 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, -1); 233 234 // Set the time of last login with SAML. 235 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 236 clock_.Now().ToInternalValue()); 237 238 // Authenticate against GAIA without SAML. Verify that the flag enforcing 239 // online login and the time of last login with SAML are cleared. 240 CreateLimiter(); 241 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 242 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 243 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITHOUT_SAML); 244 245 const PrefService::Preference* pref = 246 prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 247 ASSERT_TRUE(pref); 248 EXPECT_FALSE(pref->HasUserSetting()); 249 250 // Verify that no timer is running. 251 EXPECT_FALSE(runner_->HasPendingTask()); 252 253 // Set a zero time limit. 254 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, 0); 255 256 // Verify that no timer is running. 257 EXPECT_FALSE(runner_->HasPendingTask()); 258 } 259 260 TEST_F(SAMLOfflineSigninLimiterTest, NoSAMLRemoveLimitWhileLoggedIn) { 261 PrefService* prefs = profile_->GetPrefs(); 262 263 // Set the time of last login with SAML. 264 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 265 clock_.Now().ToInternalValue()); 266 267 // Authenticate against GAIA without SAML. Verify that the flag enforcing 268 // online login and the time of last login with SAML are cleared. 269 CreateLimiter(); 270 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 271 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 272 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITHOUT_SAML); 273 274 const PrefService::Preference* pref = 275 prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 276 ASSERT_TRUE(pref); 277 EXPECT_FALSE(pref->HasUserSetting()); 278 279 // Verify that no timer is running. 280 EXPECT_FALSE(runner_->HasPendingTask()); 281 282 // Remove the time limit. 283 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, -1); 284 285 // Verify that no timer is running. 286 EXPECT_FALSE(runner_->HasPendingTask()); 287 } 288 289 TEST_F(SAMLOfflineSigninLimiterTest, NoSAMLLogInWithExpiredLimit) { 290 PrefService* prefs = profile_->GetPrefs(); 291 292 // Set the time of last login with SAML. 293 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 294 clock_.Now().ToInternalValue()); 295 296 // Advance time by four weeks. 297 clock_.Advance(base::TimeDelta::FromDays(28)); // 4 weeks. 298 299 // Authenticate against GAIA without SAML. Verify that the flag enforcing 300 // online login and the time of last login with SAML are cleared. 301 CreateLimiter(); 302 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 303 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 304 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITHOUT_SAML); 305 306 const PrefService::Preference* pref = 307 prefs->FindPreference(prefs::kSAMLLastGAIASignInTime); 308 ASSERT_TRUE(pref); 309 EXPECT_FALSE(pref->HasUserSetting()); 310 311 // Verify that no timer is running. 312 EXPECT_FALSE(runner_->HasPendingTask()); 313 } 314 315 TEST_F(SAMLOfflineSigninLimiterTest, SAMLDefaultLimit) { 316 PrefService* prefs = profile_->GetPrefs(); 317 318 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 319 // login is cleared and the time of last login with SAML is set. 320 CreateLimiter(); 321 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 322 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 323 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 324 325 base::Time last_gaia_signin_time = base::Time::FromInternalValue( 326 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 327 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 328 329 // Verify that the timer is running. 330 EXPECT_TRUE(runner_->HasPendingTask()); 331 332 // Log out. Verify that the flag enforcing online login is not set. 333 DestroyLimiter(); 334 335 // Advance time by an hour. 336 clock_.Advance(base::TimeDelta::FromHours(1)); 337 338 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 339 // login is cleared and the time of last login with SAML is updated. 340 CreateLimiter(); 341 Mock::VerifyAndClearExpectations(user_manager_); 342 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 343 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 344 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 345 346 last_gaia_signin_time = base::Time::FromInternalValue( 347 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 348 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 349 350 // Verify that the timer is running. 351 EXPECT_TRUE(runner_->HasPendingTask()); 352 353 // Log out. Verify that the flag enforcing online login is not set. 354 DestroyLimiter(); 355 356 // Advance time by an hour. 357 const base::Time gaia_signin_time = clock_.Now(); 358 clock_.Advance(base::TimeDelta::FromHours(1)); 359 360 // Authenticate offline. Verify that the flag enforcing online login and the 361 // time of last login with SAML are not changed. 362 CreateLimiter(); 363 Mock::VerifyAndClearExpectations(user_manager_); 364 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 365 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 366 limiter_->SignedIn(UserContext::AUTH_FLOW_OFFLINE); 367 368 last_gaia_signin_time = base::Time::FromInternalValue( 369 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 370 EXPECT_EQ(gaia_signin_time, last_gaia_signin_time); 371 372 // Verify that the timer is running. 373 EXPECT_TRUE(runner_->HasPendingTask()); 374 375 // Advance time by four weeks. 376 clock_.Advance(base::TimeDelta::FromDays(28)); // 4 weeks. 377 378 // Allow the timer to fire. Verify that the flag enforcing online login is 379 // set. 380 Mock::VerifyAndClearExpectations(user_manager_); 381 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 382 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(1); 383 runner_->RunPendingTasks(); 384 } 385 386 TEST_F(SAMLOfflineSigninLimiterTest, SAMLNoLimit) { 387 PrefService* prefs = profile_->GetPrefs(); 388 389 // Remove the time limit. 390 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, -1); 391 392 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 393 // login is cleared and the time of last login with SAML is set. 394 CreateLimiter(); 395 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 396 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 397 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 398 399 base::Time last_gaia_signin_time = base::Time::FromInternalValue( 400 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 401 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 402 403 // Verify that no timer is running. 404 EXPECT_FALSE(runner_->HasPendingTask()); 405 406 // Log out. Verify that the flag enforcing online login is not set. 407 DestroyLimiter(); 408 409 // Advance time by an hour. 410 clock_.Advance(base::TimeDelta::FromHours(1)); 411 412 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 413 // login is cleared and the time of last login with SAML is updated. 414 CreateLimiter(); 415 Mock::VerifyAndClearExpectations(user_manager_); 416 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 417 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 418 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 419 420 last_gaia_signin_time = base::Time::FromInternalValue( 421 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 422 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 423 424 // Verify that no timer is running. 425 EXPECT_FALSE(runner_->HasPendingTask()); 426 427 // Log out. Verify that the flag enforcing online login is not set. 428 DestroyLimiter(); 429 430 // Advance time by an hour. 431 const base::Time gaia_signin_time = clock_.Now(); 432 clock_.Advance(base::TimeDelta::FromHours(1)); 433 434 // Authenticate offline. Verify that the flag enforcing online login and the 435 // time of last login with SAML are not changed. 436 CreateLimiter(); 437 Mock::VerifyAndClearExpectations(user_manager_); 438 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 439 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 440 limiter_->SignedIn(UserContext::AUTH_FLOW_OFFLINE); 441 442 last_gaia_signin_time = base::Time::FromInternalValue( 443 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 444 EXPECT_EQ(gaia_signin_time, last_gaia_signin_time); 445 446 // Verify that no timer is running. 447 EXPECT_FALSE(runner_->HasPendingTask()); 448 } 449 450 TEST_F(SAMLOfflineSigninLimiterTest, SAMLZeroLimit) { 451 PrefService* prefs = profile_->GetPrefs(); 452 453 // Set a zero time limit. 454 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, 0); 455 456 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 457 // login is cleared and then set immediately. Also verify that the time of 458 // last login with SAML is set. 459 CreateLimiter(); 460 Sequence sequence; 461 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)) 462 .Times(1) 463 .InSequence(sequence); 464 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)) 465 .Times(1) 466 .InSequence(sequence); 467 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 468 469 const base::Time last_gaia_signin_time = base::Time::FromInternalValue( 470 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 471 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 472 } 473 474 TEST_F(SAMLOfflineSigninLimiterTest, SAMLSetLimitWhileLoggedIn) { 475 PrefService* prefs = profile_->GetPrefs(); 476 477 // Remove the time limit. 478 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, -1); 479 480 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 481 // login is cleared and the time of last login with SAML is set. 482 CreateLimiter(); 483 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 484 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 485 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 486 487 const base::Time last_gaia_signin_time = base::Time::FromInternalValue( 488 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 489 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 490 491 // Verify that no timer is running. 492 EXPECT_FALSE(runner_->HasPendingTask()); 493 494 // Set a zero time limit. Verify that the flag enforcing online login is set. 495 Mock::VerifyAndClearExpectations(user_manager_); 496 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 497 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(1); 498 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, 0); 499 } 500 501 TEST_F(SAMLOfflineSigninLimiterTest, SAMLRemoveLimit) { 502 PrefService* prefs = profile_->GetPrefs(); 503 504 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 505 // login is cleared and the time of last login with SAML is set. 506 CreateLimiter(); 507 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 508 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 509 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 510 511 const base::Time last_gaia_signin_time = base::Time::FromInternalValue( 512 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 513 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 514 515 // Verify that the timer is running. 516 EXPECT_TRUE(runner_->HasPendingTask()); 517 518 // Remove the time limit. 519 prefs->SetInteger(prefs::kSAMLOfflineSigninTimeLimit, -1); 520 521 // Allow the timer to fire. Verify that the flag enforcing online login is not 522 // changed. 523 Mock::VerifyAndClearExpectations(user_manager_); 524 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 525 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 526 runner_->RunUntilIdle(); 527 } 528 529 TEST_F(SAMLOfflineSigninLimiterTest, SAMLLogInWithExpiredLimit) { 530 PrefService* prefs = profile_->GetPrefs(); 531 532 // Set the time of last login with SAML. 533 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 534 clock_.Now().ToInternalValue()); 535 536 // Advance time by four weeks. 537 clock_.Advance(base::TimeDelta::FromDays(28)); // 4 weeks. 538 539 // Authenticate against GAIA with SAML. Verify that the flag enforcing online 540 // login is cleared and the time of last login with SAML is updated. 541 CreateLimiter(); 542 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(1); 543 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(0); 544 limiter_->SignedIn(UserContext::AUTH_FLOW_GAIA_WITH_SAML); 545 546 const base::Time last_gaia_signin_time = base::Time::FromInternalValue( 547 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 548 EXPECT_EQ(clock_.Now(), last_gaia_signin_time); 549 550 // Verify that the timer is running. 551 EXPECT_TRUE(runner_->HasPendingTask()); 552 } 553 554 TEST_F(SAMLOfflineSigninLimiterTest, SAMLLogInOfflineWithExpiredLimit) { 555 PrefService* prefs = profile_->GetPrefs(); 556 557 // Set the time of last login with SAML. 558 prefs->SetInt64(prefs::kSAMLLastGAIASignInTime, 559 clock_.Now().ToInternalValue()); 560 561 // Advance time by four weeks. 562 const base::Time gaia_signin_time = clock_.Now(); 563 clock_.Advance(base::TimeDelta::FromDays(28)); // 4 weeks. 564 565 // Authenticate offline. Verify that the flag enforcing online login is 566 // set and the time of last login with SAML is not changed. 567 CreateLimiter(); 568 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, false)).Times(0); 569 EXPECT_CALL(*user_manager_, SaveForceOnlineSignin(kTestUser, true)).Times(1); 570 limiter_->SignedIn(UserContext::AUTH_FLOW_OFFLINE); 571 572 const base::Time last_gaia_signin_time = base::Time::FromInternalValue( 573 prefs->GetInt64(prefs::kSAMLLastGAIASignInTime)); 574 EXPECT_EQ(gaia_signin_time, last_gaia_signin_time); 575 } 576 577 } // namespace chromeos 578
