Google Git
Sign in
chromium / chromium / src / main / . / third_party / blink / renderer / core / html / trust_token_attribute_parsing_test.cc
blob: 0f9fbe9f442b5d0e6a158478fad748224eb09304 [file] [log] [blame]
// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "third_party/blink/renderer/core/html/trust_token_attribute_parsing.h"
#include "services/network/public/mojom/trust_tokens.mojom-blink.h"
#include "services/network/test/trust_token_test_util.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/blink/renderer/platform/json/json_parser.h"
#include "third_party/blink/renderer/platform/json/json_values.h"
#include "third_party/blink/renderer/platform/testing/task_environment.h"
#include "third_party/blink/renderer/platform/weborigin/kurl.h"
#include "third_party/blink/renderer/platform/wtf/text/wtf_string.h"
namespace blink::internal {
namespace {
network::mojom::blink::TrustTokenParamsPtr NetworkParamsToBlinkParams(
network::mojom::TrustTokenParamsPtr params) {
auto ret = network::mojom::blink::TrustTokenParams::New();
ret->operation = params->operation;
ret->refresh_policy = params->refresh_policy;
for (const url::Origin& issuer : params->issuers) {
ret->issuers.push_back(SecurityOrigin::CreateFromUrlOrigin(issuer));
}
return ret;
}
} // namespace
using TrustTokenAttributeParsingSuccess =
::testing::TestWithParam<network::TrustTokenTestParameters>;
INSTANTIATE_TEST_SUITE_P(
WithIssuanceParams,
TrustTokenAttributeParsingSuccess,
::testing::ValuesIn(network::kIssuanceTrustTokenTestParameters));
INSTANTIATE_TEST_SUITE_P(
WithRedemptionParams,
TrustTokenAttributeParsingSuccess,
::testing::ValuesIn(network::kRedemptionTrustTokenTestParameters));
INSTANTIATE_TEST_SUITE_P(
WithSigningParams,
TrustTokenAttributeParsingSuccess,
::testing::ValuesIn(network::kSigningTrustTokenTestParameters));
// Test roundtrip serializations-then-deserializations for a collection of test
// cases covering all possible values of all enum attributes, and all
// possibilities (e.g. optional members present vs. not present) for all other
// attributes.
TEST_P(TrustTokenAttributeParsingSuccess, Roundtrip) {
network::mojom::TrustTokenParams network_expectation;
std::string input;
network::TrustTokenParametersAndSerialization
expected_params_and_serialization =
network::SerializeTrustTokenParametersAndConstructExpectation(
GetParam());
network::mojom::blink::TrustTokenParamsPtr expectation =
NetworkParamsToBlinkParams(
std::move(expected_params_and_serialization.params));
std::unique_ptr<JSONValue> json_value = ParseJSON(
String::FromUTF8(expected_params_and_serialization.serialized_params));
ASSERT_TRUE(json_value);
auto result = TrustTokenParamsFromJson(std::move(json_value));
ASSERT_TRUE(result);
// We can't use mojo's generated Equals method here because it doesn't play
// well with the "issuers" field's members' type of
// scoped_refptr<blink::SecurityOrigin>: in particular, the method does an
// address-to-address comparison of the pointers.
EXPECT_EQ(result->operation, expectation->operation);
EXPECT_EQ(result->refresh_policy, expectation->refresh_policy);
EXPECT_EQ(result->issuers.size(), expectation->issuers.size());
for (wtf_size_t i = 0; i < result->issuers.size(); ++i) {
EXPECT_EQ(!!result->issuers.at(i), !!expectation->issuers.at(i));
if (result->issuers.at(i)) {
EXPECT_EQ(result->issuers.at(i)->ToString(),
expectation->issuers.at(i)->ToString());
}
}
}
TEST(TrustTokenAttributeParsing, NotADictionary) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
3
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, MissingVersion) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "operation" : "token-request" }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, MissingOperation) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1 }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, TypeUnsafeVersion) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "operation": "token-request",
"version": "unsafe-version" }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, TypeUnsafeOperation) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": 3 }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, InvalidVersion) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 2,
"operation": "token-request" }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, NegativeVersionNumber) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": -1,
"operation": "token-request" }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, InvalidOperation) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "not a valid type" }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, TypeUnsafeRefreshPolicy) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"refreshPolicy": 3 }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, InvalidRefreshPolicy) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"refreshPolicy": "not a valid refresh policy" }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, NonListIssuers) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"issuers": 3 }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, EmptyIssuers) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"issuers": [] }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
TEST(TrustTokenAttributeParsing, WrongListTypeIssuers) {
test::TaskEnvironment task_environment;
JSONParseError err;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"issuers": [1995] }
)",
&err);
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
// Test that the parser requires each member of |issuers| be a valid origin.
TEST(TrustTokenAttributeParsing, NonUrlIssuer) {
test::TaskEnvironment task_environment;
JSONParseError err;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"issuers": ["https://ok.test", "not a URL"] }
)",
&err);
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
// Test that the parser requires that each member of |issuers| be a potentially
// trustworthy origin.
TEST(TrustTokenAttributeParsing, InsecureIssuer) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"issuers": ["https://trustworthy.example",
"http://not-potentially-trustworthy.example"] }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
// Test that the parser requires that each member of |issuers| be a HTTP or
// HTTPS origin.
TEST(TrustTokenAttributeParsing, NonHttpNonHttpsIssuer) {
test::TaskEnvironment task_environment;
auto json = ParseJSON(R"(
{ "version": 1,
"operation": "token-request",
"issuers": ["https://ok.test", "file:///"] }
)");
ASSERT_TRUE(json);
ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
}
} // namespace blink::internal