summaryrefslogtreecommitdiff
path: root/chromium/third_party/blink/renderer/core/html/trust_token_attribute_parsing_test.cc
diff options
context:
space:
mode:
Diffstat (limited to 'chromium/third_party/blink/renderer/core/html/trust_token_attribute_parsing_test.cc')
-rw-r--r--chromium/third_party/blink/renderer/core/html/trust_token_attribute_parsing_test.cc233
1 files changed, 233 insertions, 0 deletions
diff --git a/chromium/third_party/blink/renderer/core/html/trust_token_attribute_parsing_test.cc b/chromium/third_party/blink/renderer/core/html/trust_token_attribute_parsing_test.cc
new file mode 100644
index 00000000000..75934f207ff
--- /dev/null
+++ b/chromium/third_party/blink/renderer/core/html/trust_token_attribute_parsing_test.cc
@@ -0,0 +1,233 @@
+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "third_party/blink/renderer/core/html/trust_token_attribute_parsing.h"
+
+#include "services/network/public/mojom/trust_tokens.mojom-blink.h"
+#include "services/network/trust_tokens/test/trust_token_test_util.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "third_party/blink/renderer/platform/json/json_parser.h"
+#include "third_party/blink/renderer/platform/json/json_values.h"
+#include "third_party/blink/renderer/platform/weborigin/kurl.h"
+#include "third_party/blink/renderer/platform/wtf/text/wtf_string.h"
+
+namespace blink {
+namespace internal {
+namespace {
+
+network::mojom::blink::TrustTokenParamsPtr NetworkParamsToBlinkParams(
+ network::mojom::TrustTokenParamsPtr params) {
+ auto ret = network::mojom::blink::TrustTokenParams::New();
+ ret->type = params->type;
+ ret->refresh_policy = params->refresh_policy;
+ ret->sign_request_data = params->sign_request_data;
+ ret->include_timestamp_header = params->include_timestamp_header;
+ if (params->issuer)
+ ret->issuer = SecurityOrigin::CreateFromUrlOrigin(*params->issuer);
+ for (const std::string& header : params->additional_signed_headers) {
+ ret->additional_signed_headers.push_back(String::FromUTF8(header));
+ }
+ return ret;
+}
+
+} // namespace
+
+using TrustTokenAttributeParsingSuccess =
+ ::testing::TestWithParam<network::TrustTokenTestParameters>;
+
+INSTANTIATE_TEST_SUITE_P(
+ WithIssuanceParams,
+ TrustTokenAttributeParsingSuccess,
+ ::testing::ValuesIn(network::kIssuanceTrustTokenTestParameters));
+INSTANTIATE_TEST_SUITE_P(
+ WithRedemptionParams,
+ TrustTokenAttributeParsingSuccess,
+ ::testing::ValuesIn(network::kRedemptionTrustTokenTestParameters));
+INSTANTIATE_TEST_SUITE_P(
+ WithSigningParams,
+ TrustTokenAttributeParsingSuccess,
+ ::testing::ValuesIn(network::kSigningTrustTokenTestParameters));
+
+// Test roundtrip serializations-then-deserializations for a collection of test
+// cases covering all possible values of all enum attributes, and all
+// possibilities (e.g. optional members present vs. not present) for all other
+// attributes.
+TEST_P(TrustTokenAttributeParsingSuccess, Roundtrip) {
+ network::mojom::TrustTokenParams network_expectation;
+ std::string input;
+
+ network::TrustTokenParametersAndSerialization
+ expected_params_and_serialization =
+ network::SerializeTrustTokenParametersAndConstructExpectation(
+ GetParam());
+
+ network::mojom::blink::TrustTokenParamsPtr expectation =
+ NetworkParamsToBlinkParams(
+ std::move(expected_params_and_serialization.params));
+
+ std::unique_ptr<JSONValue> json_value = ParseJSON(
+ String::FromUTF8(expected_params_and_serialization.serialized_params));
+ ASSERT_TRUE(json_value);
+ auto result = TrustTokenParamsFromJson(std::move(json_value));
+ ASSERT_TRUE(result);
+
+ // We can't use mojo's generated Equals method here because it doesn't play
+ // well with the "issuer" field's type of
+ // scoped_refptr<blink::SecurityOrigin>: in particular, the method does an
+ // address-to-address comparison of the pointers.
+ EXPECT_EQ(result->type, expectation->type);
+ EXPECT_EQ(result->refresh_policy, expectation->refresh_policy);
+ EXPECT_EQ(result->sign_request_data, expectation->sign_request_data);
+ EXPECT_EQ(result->include_timestamp_header,
+ expectation->include_timestamp_header);
+
+ EXPECT_EQ(!!result->issuer, !!expectation->issuer);
+ if (result->issuer)
+ EXPECT_EQ(result->issuer->ToString(), expectation->issuer->ToString());
+
+ EXPECT_EQ(result->additional_signed_headers,
+ expectation->additional_signed_headers);
+}
+
+TEST(TrustTokenAttributeParsing, NotADictionary) {
+ auto json = ParseJSON(R"(
+ 3
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, MissingType) {
+ auto json = ParseJSON(R"(
+ { }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, TypeUnsafeType) {
+ auto json = ParseJSON(R"(
+ { "type": 3 }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, InvalidType) {
+ auto json = ParseJSON(R"(
+ { "type": "not a valid type" }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, TypeUnsafeRefreshPolicy) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "refreshPolicy": 3 }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, InvalidRefreshPolicy) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "refreshPolicy": "not a valid refresh policy" }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, TypeUnsafeSignRequestData) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "signRequestData": 3 }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, InvalidSignRequestData) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "signRequestData": "not a member of the signRequestData enum" }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, TypeUnsafeIncludeTimestampHeader) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "includeTimestampHeader": 3 }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, TypeUnsafeIssuer) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "issuer": 3 }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+// Test that the parser requires that |issuer| be a valid origin.
+TEST(TrustTokenAttributeParsing, NonUrlIssuer) {
+ JSONParseError err;
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "issuer": "not a URL" }
+ )",
+ &err);
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+// Test that the parser requires that |issuer| be a potentially trustworthy
+// origin.
+TEST(TrustTokenAttributeParsing, InsecureIssuer) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "issuer": "http://not-potentially-trustworthy.example" }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+// Test that the parser requires that |issuer| be a HTTP or HTTPS origin.
+TEST(TrustTokenAttributeParsing, NonHttpNonHttpsIssuer) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "issuer": "file:///" }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+TEST(TrustTokenAttributeParsing, TypeUnsafeAdditionalSignedHeaders) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "additionalSignedHeaders": 3}
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+// Test that the parser requires that all members of the additionalSignedHeaders
+// be strings.
+TEST(TrustTokenAttributeParsing, TypeUnsafeAdditionalSignedHeader) {
+ auto json = ParseJSON(R"(
+ { "type": "token-request",
+ "additionalSignedHeaders": ["plausible header", 17] }
+ )");
+ ASSERT_TRUE(json);
+ ASSERT_FALSE(TrustTokenParamsFromJson(std::move(json)));
+}
+
+} // namespace internal
+} // namespace blink
View Lorry Controller Status