gecko-dev/caps/tests/gtest/TestPrincipalSerialization.cpp

216 строки
7.9 KiB
C++

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "gtest/gtest.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/ContentPrincipal.h"
#include "mozilla/NullPrincipal.h"
#include "mozilla/SystemPrincipal.h"
#include "mozilla/ExpandedPrincipal.h"
using mozilla::BasePrincipal;
using mozilla::ContentPrincipal;
using mozilla::NullPrincipal;
using mozilla::SystemPrincipal;
// None of these tests work in debug due to assert guards
#ifndef MOZ_DEBUG
// calling toJson() twice with the same string arg
// (ensure that we truncate correctly where needed)
TEST(PrincipalSerialization, ReusedJSONArgument)
{
nsCOMPtr<nsIScriptSecurityManager> ssm =
nsScriptSecurityManager::GetScriptSecurityManager();
nsAutoCString spec("https://mozilla.com");
nsCOMPtr<nsIPrincipal> principal;
nsresult rv =
ssm->CreateContentPrincipalFromOrigin(spec, getter_AddRefs(principal));
ASSERT_EQ(rv, NS_OK);
nsAutoCString JSON;
rv = BasePrincipal::Cast(principal)->ToJSON(JSON);
ASSERT_EQ(rv, NS_OK);
ASSERT_TRUE(JSON.EqualsLiteral("{\"1\":{\"0\":\"https://mozilla.com/\"}}"));
nsAutoCString spec2("https://example.com");
nsCOMPtr<nsIPrincipal> principal2;
rv = ssm->CreateContentPrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ASSERT_EQ(rv, NS_OK);
// Reuse JSON without truncation to check the code is doing this
rv = BasePrincipal::Cast(principal2)->ToJSON(JSON);
ASSERT_EQ(rv, NS_OK);
ASSERT_TRUE(JSON.EqualsLiteral("{\"1\":{\"0\":\"https://example.com/\"}}"));
}
// Assure that calling FromProperties() with an empty array list always returns
// a nullptr The exception here is SystemPrincipal which doesn't have fields but
// it also doesn't implement FromProperties These are overly cautious checks
// that we don't try to create a principal in reality FromProperties is only
// called with a populated array.
TEST(PrincipalSerialization, FromPropertiesEmpty)
{
nsTArray<ContentPrincipal::KeyVal> resContent;
nsCOMPtr<nsIPrincipal> contentPrincipal =
ContentPrincipal::FromProperties(resContent);
ASSERT_EQ(nullptr, contentPrincipal);
nsTArray<ExpandedPrincipal::KeyVal> resExpanded;
nsCOMPtr<nsIPrincipal> expandedPrincipal =
ExpandedPrincipal::FromProperties(resExpanded);
ASSERT_EQ(nullptr, expandedPrincipal);
nsTArray<NullPrincipal::KeyVal> resNull;
nsCOMPtr<nsIPrincipal> nullprincipal = NullPrincipal::FromProperties(resNull);
ASSERT_EQ(nullptr, nullprincipal);
}
// Double check that if we have two valid principals in a serialized JSON that
// nullptr is returned
TEST(PrincipalSerialization, TwoKeys)
{
// Sanity check that this returns a system principal
nsCOMPtr<nsIPrincipal> systemPrincipal =
BasePrincipal::FromJSON("{\"3\":{}}"_ns);
ASSERT_EQ(BasePrincipal::Cast(systemPrincipal)->Kind(),
BasePrincipal::eSystemPrincipal);
// Sanity check that this returns a content principal
nsCOMPtr<nsIPrincipal> contentPrincipal =
BasePrincipal::FromJSON("{\"1\":{\"0\":\"https://mozilla.com\"}}"_ns);
ASSERT_EQ(BasePrincipal::Cast(contentPrincipal)->Kind(),
BasePrincipal::eContentPrincipal);
// Check both combined don't return a principal
nsCOMPtr<nsIPrincipal> combinedPrincipal = BasePrincipal::FromJSON(
"{\"1\":{\"0\":\"https://mozilla.com\"},\"3\":{}}"_ns);
ASSERT_EQ(nullptr, combinedPrincipal);
}
#endif // ifndef MOZ_DEBUG
TEST(PrincipalSerialization, ExpandedPrincipal)
{
// Check basic Expandedprincipal works without OA
nsCOMPtr<nsIScriptSecurityManager> ssm =
nsScriptSecurityManager::GetScriptSecurityManager();
uint32_t length = 2;
nsTArray<nsCOMPtr<nsIPrincipal> > allowedDomains(length);
allowedDomains.SetLength(length);
nsAutoCString spec("https://mozilla.com");
nsCOMPtr<nsIPrincipal> principal;
nsresult rv =
ssm->CreateContentPrincipalFromOrigin(spec, getter_AddRefs(principal));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal)->Kind(),
BasePrincipal::eContentPrincipal);
allowedDomains[0] = principal;
nsAutoCString spec2("https://mozilla.org");
nsCOMPtr<nsIPrincipal> principal2;
rv = ssm->CreateContentPrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal2)->Kind(),
BasePrincipal::eContentPrincipal);
allowedDomains[1] = principal2;
OriginAttributes attrs;
RefPtr<ExpandedPrincipal> result =
ExpandedPrincipal::Create(allowedDomains, attrs);
ASSERT_EQ(BasePrincipal::Cast(result)->Kind(),
BasePrincipal::eExpandedPrincipal);
nsAutoCString JSON;
rv = BasePrincipal::Cast(result)->ToJSON(JSON);
ASSERT_EQ(rv, NS_OK);
ASSERT_STREQ(
JSON.get(),
"{\"2\":{\"0\":\"eyIxIjp7IjAiOiJodHRwczovL21vemlsbGEuY29tLyJ9fQ==,"
"eyIxIjp7IjAiOiJodHRwczovL21vemlsbGEub3JnLyJ9fQ==\"}}");
nsCOMPtr<nsIPrincipal> returnedPrincipal = BasePrincipal::FromJSON(JSON);
auto outPrincipal = BasePrincipal::Cast(returnedPrincipal);
ASSERT_EQ(outPrincipal->Kind(), BasePrincipal::eExpandedPrincipal);
ASSERT_TRUE(outPrincipal->FastSubsumesIgnoringFPD(principal));
ASSERT_TRUE(outPrincipal->FastSubsumesIgnoringFPD(principal2));
nsAutoCString specDev("https://mozilla.dev");
nsCOMPtr<nsIPrincipal> principalDev;
rv = ssm->CreateContentPrincipalFromOrigin(specDev,
getter_AddRefs(principalDev));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principalDev)->Kind(),
BasePrincipal::eContentPrincipal);
ASSERT_FALSE(outPrincipal->FastSubsumesIgnoringFPD(principalDev));
}
TEST(PrincipalSerialization, ExpandedPrincipalOA)
{
// Check Expandedprincipal works with top level OA
nsCOMPtr<nsIScriptSecurityManager> ssm =
nsScriptSecurityManager::GetScriptSecurityManager();
uint32_t length = 2;
nsTArray<nsCOMPtr<nsIPrincipal> > allowedDomains(length);
allowedDomains.SetLength(length);
nsAutoCString spec("https://mozilla.com");
nsCOMPtr<nsIPrincipal> principal;
nsresult rv =
ssm->CreateContentPrincipalFromOrigin(spec, getter_AddRefs(principal));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal)->Kind(),
BasePrincipal::eContentPrincipal);
allowedDomains[0] = principal;
nsAutoCString spec2("https://mozilla.org");
nsCOMPtr<nsIPrincipal> principal2;
rv = ssm->CreateContentPrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal2)->Kind(),
BasePrincipal::eContentPrincipal);
allowedDomains[1] = principal2;
OriginAttributes attrs;
nsAutoCString suffix("^userContextId=1");
bool ok = attrs.PopulateFromSuffix(suffix);
ASSERT_TRUE(ok);
RefPtr<ExpandedPrincipal> result =
ExpandedPrincipal::Create(allowedDomains, attrs);
ASSERT_EQ(BasePrincipal::Cast(result)->Kind(),
BasePrincipal::eExpandedPrincipal);
nsAutoCString JSON;
rv = BasePrincipal::Cast(result)->ToJSON(JSON);
ASSERT_EQ(rv, NS_OK);
ASSERT_STREQ(
JSON.get(),
"{\"2\":{\"0\":\"eyIxIjp7IjAiOiJodHRwczovL21vemlsbGEuY29tLyJ9fQ==,"
"eyIxIjp7IjAiOiJodHRwczovL21vemlsbGEub3JnLyJ9fQ==\",\"1\":\"^"
"userContextId=1\"}}");
nsCOMPtr<nsIPrincipal> returnedPrincipal = BasePrincipal::FromJSON(JSON);
auto outPrincipal = BasePrincipal::Cast(returnedPrincipal);
ASSERT_EQ(outPrincipal->Kind(), BasePrincipal::eExpandedPrincipal);
ASSERT_TRUE(outPrincipal->FastSubsumesIgnoringFPD(principal));
ASSERT_TRUE(outPrincipal->FastSubsumesIgnoringFPD(principal2));
nsAutoCString specDev("https://mozilla.dev");
nsCOMPtr<nsIPrincipal> principalDev;
rv = ssm->CreateContentPrincipalFromOrigin(specDev,
getter_AddRefs(principalDev));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principalDev)->Kind(),
BasePrincipal::eContentPrincipal);
ASSERT_FALSE(outPrincipal->FastSubsumesIgnoringFPD(principalDev));
}