• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "base/run_loop.h"
6#include "components/signin/core/browser/profile_oauth2_token_service.h"
7#include "components/signin/core/browser/test_signin_client.h"
8#include "components/signin/ios/browser/profile_oauth2_token_service_ios.h"
9#include "google_apis/gaia/gaia_urls.h"
10#include "google_apis/gaia/oauth2_token_service_test_util.h"
11#include "ios/public/test/fake_profile_oauth2_token_service_ios_provider.h"
12#include "net/url_request/test_url_fetcher_factory.h"
13#include "testing/gtest/include/gtest/gtest.h"
14
15class ProfileOAuth2TokenServiceIOSTest : public testing::Test,
16                                         public OAuth2TokenService::Consumer,
17                                         public OAuth2TokenService::Observer {
18 public:
19  ProfileOAuth2TokenServiceIOSTest()
20      : OAuth2TokenService::Consumer("test_consumer_id"),
21        factory_(NULL),
22        token_available_count_(0),
23        token_revoked_count_(0),
24        tokens_loaded_count_(0),
25        access_token_success_(0),
26        access_token_failure_(0),
27        last_access_token_error_(GoogleServiceAuthError::NONE) {}
28
29  virtual void SetUp() OVERRIDE {
30    factory_.SetFakeResponse(GaiaUrls::GetInstance()->oauth2_revoke_url(),
31                             "",
32                             net::HTTP_OK,
33                             net::URLRequestStatus::SUCCESS);
34    fake_provider_ = client_.GetIOSProviderAsFake();
35    fake_provider_->set_using_shared_authentication(true);
36    oauth2_service_.Initialize(&client_);
37    oauth2_service_.AddObserver(this);
38  }
39
40  virtual void TearDown() OVERRIDE {
41    oauth2_service_.RemoveObserver(this);
42    oauth2_service_.Shutdown();
43  }
44
45  // OAuth2TokenService::Consumer implementation.
46  virtual void OnGetTokenSuccess(const OAuth2TokenService::Request* request,
47                                 const std::string& access_token,
48                                 const base::Time& expiration_time) OVERRIDE {
49    ++access_token_success_;
50  }
51
52  virtual void OnGetTokenFailure(const OAuth2TokenService::Request* request,
53                                 const GoogleServiceAuthError& error) OVERRIDE {
54    ++access_token_failure_;
55    last_access_token_error_ = error;
56  };
57
58  // OAuth2TokenService::Observer implementation.
59  virtual void OnRefreshTokenAvailable(const std::string& account_id) OVERRIDE {
60    ++token_available_count_;
61  }
62  virtual void OnRefreshTokenRevoked(const std::string& account_id) OVERRIDE {
63    ++token_revoked_count_;
64  }
65  virtual void OnRefreshTokensLoaded() OVERRIDE { ++tokens_loaded_count_; }
66
67  void ResetObserverCounts() {
68    token_available_count_ = 0;
69    token_revoked_count_ = 0;
70    tokens_loaded_count_ = 0;
71    token_available_count_ = 0;
72    access_token_failure_ = 0;
73  }
74
75 protected:
76  base::MessageLoop message_loop_;
77  net::FakeURLFetcherFactory factory_;
78  TestSigninClient client_;
79  ios::FakeProfileOAuth2TokenServiceIOSProvider* fake_provider_;
80  ProfileOAuth2TokenServiceIOS oauth2_service_;
81  TestingOAuth2TokenServiceConsumer consumer_;
82  int token_available_count_;
83  int token_revoked_count_;
84  int tokens_loaded_count_;
85  int access_token_success_;
86  int access_token_failure_;
87  GoogleServiceAuthError last_access_token_error_;
88};
89
90TEST_F(ProfileOAuth2TokenServiceIOSTest, LoadRevokeCredentialsOneAccount) {
91  fake_provider_->AddAccount("account_id");
92  oauth2_service_.LoadCredentials("account_id");
93  base::RunLoop().RunUntilIdle();
94  EXPECT_EQ(1, token_available_count_);
95  EXPECT_EQ(1, tokens_loaded_count_);
96  EXPECT_EQ(0, token_revoked_count_);
97  EXPECT_EQ(1U, oauth2_service_.GetAccounts().size());
98  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id"));
99
100  ResetObserverCounts();
101  oauth2_service_.RevokeAllCredentials();
102  EXPECT_EQ(0, token_available_count_);
103  EXPECT_EQ(0, tokens_loaded_count_);
104  EXPECT_EQ(1, token_revoked_count_);
105  EXPECT_EQ(0U, oauth2_service_.GetAccounts().size());
106  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
107}
108
109TEST_F(ProfileOAuth2TokenServiceIOSTest,
110       LoadRevokeCredentialsMultipleAccounts) {
111  fake_provider_->AddAccount("account_id_1");
112  fake_provider_->AddAccount("account_id_2");
113  fake_provider_->AddAccount("account_id_3");
114  oauth2_service_.LoadCredentials("account_id_1");
115  base::RunLoop().RunUntilIdle();
116  EXPECT_EQ(3, token_available_count_);
117  EXPECT_EQ(1, tokens_loaded_count_);
118  EXPECT_EQ(0, token_revoked_count_);
119  EXPECT_EQ(3U, oauth2_service_.GetAccounts().size());
120  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
121  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
122  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
123
124  ResetObserverCounts();
125  oauth2_service_.RevokeAllCredentials();
126  EXPECT_EQ(0, token_available_count_);
127  EXPECT_EQ(0, tokens_loaded_count_);
128  EXPECT_EQ(3, token_revoked_count_);
129  EXPECT_EQ(0U, oauth2_service_.GetAccounts().size());
130  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
131  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
132  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
133}
134
135TEST_F(ProfileOAuth2TokenServiceIOSTest, ReloadCredentials) {
136  fake_provider_->AddAccount("account_id_1");
137  fake_provider_->AddAccount("account_id_2");
138  fake_provider_->AddAccount("account_id_3");
139  oauth2_service_.LoadCredentials("account_id_1");
140  base::RunLoop().RunUntilIdle();
141
142  // Change the accounts.
143  ResetObserverCounts();
144  fake_provider_->ClearAccounts();
145  fake_provider_->AddAccount("account_id_1");
146  fake_provider_->AddAccount("account_id_4");
147  oauth2_service_.ReloadCredentials();
148
149  EXPECT_EQ(1, token_available_count_);
150  EXPECT_EQ(0, tokens_loaded_count_);
151  EXPECT_EQ(2, token_revoked_count_);
152  EXPECT_EQ(2U, oauth2_service_.GetAccounts().size());
153  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
154  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
155  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_3"));
156  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_4"));
157}
158
159TEST_F(ProfileOAuth2TokenServiceIOSTest, StartRequestSuccess) {
160  fake_provider_->AddAccount("account_id_1");
161  oauth2_service_.LoadCredentials("account_id_1");
162  base::RunLoop().RunUntilIdle();
163
164  // Fetch access tokens.
165  ResetObserverCounts();
166  OAuth2TokenService::ScopeSet scopes;
167  scopes.insert("scope");
168  scoped_ptr<OAuth2TokenService::Request> request(
169      oauth2_service_.StartRequest("account_id_1", scopes, this));
170  EXPECT_EQ(0, access_token_success_);
171  EXPECT_EQ(0, access_token_failure_);
172
173  ResetObserverCounts();
174  fake_provider_->IssueAccessTokenForAllRequests();
175  base::RunLoop().RunUntilIdle();
176  EXPECT_EQ(1, access_token_success_);
177  EXPECT_EQ(0, access_token_failure_);
178}
179
180TEST_F(ProfileOAuth2TokenServiceIOSTest, StartRequestFailure) {
181  fake_provider_->AddAccount("account_id_1");
182  oauth2_service_.LoadCredentials("account_id_1");
183  base::RunLoop().RunUntilIdle();
184
185  // Fetch access tokens.
186  ResetObserverCounts();
187  OAuth2TokenService::ScopeSet scopes;
188  scopes.insert("scope");
189  scoped_ptr<OAuth2TokenService::Request> request(
190      oauth2_service_.StartRequest("account_id_1", scopes, this));
191  EXPECT_EQ(0, access_token_success_);
192  EXPECT_EQ(0, access_token_failure_);
193
194  ResetObserverCounts();
195  fake_provider_->IssueAccessTokenErrorForAllRequests();
196  base::RunLoop().RunUntilIdle();
197  EXPECT_EQ(0, access_token_success_);
198  EXPECT_EQ(1, access_token_failure_);
199}
200
201TEST_F(ProfileOAuth2TokenServiceIOSTest, Migration) {
202  fake_provider_->set_using_shared_authentication(false);
203  oauth2_service_.LoadCredentials("account_id_1");
204  base::RunLoop().RunUntilIdle();
205
206  ResetObserverCounts();
207  oauth2_service_.UpdateCredentials("account_id_1", "pre_sso_refresh_token_1");
208  oauth2_service_.UpdateCredentials("account_id_2", "pre_sso_refresh_token_2");
209  EXPECT_EQ(2, token_available_count_);
210  EXPECT_EQ(0, tokens_loaded_count_);
211  EXPECT_EQ(0, token_revoked_count_);
212  EXPECT_EQ(2U, oauth2_service_.GetAccounts().size());
213  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
214  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
215  EXPECT_EQ("pre_sso_refresh_token_1",
216            oauth2_service_.GetRefreshTokenWhenNotUsingSharedAuthentication(
217                "account_id_1"));
218  EXPECT_EQ("pre_sso_refresh_token_2",
219            oauth2_service_.GetRefreshTokenWhenNotUsingSharedAuthentication(
220                "account_id_2"));
221
222  ResetObserverCounts();
223  oauth2_service_.StartUsingSharedAuthentication();
224  EXPECT_EQ(0, token_available_count_);
225  EXPECT_EQ(0, tokens_loaded_count_);
226  EXPECT_EQ(2, token_revoked_count_);
227  EXPECT_EQ(0U, oauth2_service_.GetAccounts().size());
228  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
229  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
230
231  ResetObserverCounts();
232  fake_provider_->AddAccount("account_id_1");
233  oauth2_service_.ReloadCredentials();
234  EXPECT_EQ(1, token_available_count_);
235  EXPECT_EQ(0, tokens_loaded_count_);
236  EXPECT_EQ(0, token_revoked_count_);
237  EXPECT_EQ(1U, oauth2_service_.GetAccounts().size());
238  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
239  EXPECT_FALSE(oauth2_service_.RefreshTokenIsAvailable("account_id_2"));
240}
241
242TEST_F(ProfileOAuth2TokenServiceIOSTest, ForceInvalidGrantResponses) {
243  fake_provider_->set_using_shared_authentication(false);
244  oauth2_service_.LoadCredentials("account_id_1");
245  base::RunLoop().RunUntilIdle();
246  oauth2_service_.UpdateCredentials("account_id_1", "pre_sso_refresh_token_1");
247  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
248
249  // First call revokes the existing token and then updates the credentials
250  // with a fake token.
251  ResetObserverCounts();
252  oauth2_service_.ForceInvalidGrantResponses();
253  EXPECT_EQ(1, token_available_count_);
254  EXPECT_EQ(0, tokens_loaded_count_);
255  EXPECT_EQ(1, token_revoked_count_);
256  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
257
258  // Fetching access tokens fails with invalid grant responses.
259  OAuth2TokenService::ScopeSet scopes;
260  scopes.insert("scope");
261  scoped_ptr<OAuth2TokenService::Request> request(
262      oauth2_service_.StartRequest("account_id_1", scopes, this));
263  base::RunLoop().RunUntilIdle();
264  EXPECT_EQ(0, access_token_success_);
265  EXPECT_EQ(1, access_token_failure_);
266  EXPECT_EQ(GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS,
267            last_access_token_error_.state());
268
269  // Second call to force invalid grant responses is ignored.
270  ResetObserverCounts();
271  oauth2_service_.ForceInvalidGrantResponses();
272  EXPECT_EQ(0, token_available_count_);
273  EXPECT_EQ(0, tokens_loaded_count_);
274  EXPECT_EQ(0, token_revoked_count_);
275  EXPECT_TRUE(oauth2_service_.RefreshTokenIsAvailable("account_id_1"));
276}
277