The Tor Browser: toolkit/identity/tests/unit/test

Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.

     1 /* Any copyright is dedicated to the Public Domain.

     2    http://creativecommons.org/publicdomain/zero/1.0/ */

     4 "use strict";

     6 Cu.import("resource://gre/modules/identity/IdentityProvider.jsm");

     8 function check_provision_flow_done(provId) {

     9   do_check_null(IdentityProvider._provisionFlows[provId]);

    10 }

    12 function test_begin_provisioning() {

    13   do_test_pending();

    15   setup_provisioning(

    16     TEST_USER,

    17     function(caller) {

    18       // call .beginProvisioning()

    19       IdentityProvider.beginProvisioning(caller);

    20     }, function() {},

    21     {

    22       beginProvisioningCallback: function(email, duration_s) {

    23         do_check_eq(email, TEST_USER);

    24         do_check_true(duration_s > 0);

    25         do_check_true(duration_s <= (24 * 3600));

    27         do_test_finished();

    28         run_next_test();

    29       }

    30     });

    31 }

    33 function test_raise_provisioning_failure() {

    34   do_test_pending();

    35   let _callerId = null;

    37   setup_provisioning(

    38     TEST_USER,

    39     function(caller) {

    40       // call .beginProvisioning()

    41       _callerId = caller.id;

    42       IdentityProvider.beginProvisioning(caller);

    43     }, function(err) {

    44       // this should be invoked with a populated error

    45       do_check_neq(err, null);

    46       do_check_true(err.indexOf("can't authenticate this email") > -1);

    48       do_test_finished();

    49       run_next_test();

    50     },

    51     {

    52       beginProvisioningCallback: function(email, duration_s) {

    53         // raise the failure as if we can't provision this email

    54         IdentityProvider.raiseProvisioningFailure(_callerId, "can't authenticate this email");

    55       }

    56     });

    57 }

    59 function test_genkeypair_before_begin_provisioning() {

    60   do_test_pending();

    62   setup_provisioning(

    63     TEST_USER,

    64     function(caller) {

    65       // call genKeyPair without beginProvisioning

    66       IdentityProvider.genKeyPair(caller.id);

    67     },

    68     // expect this to be called with an error

    69     function(err) {

    70       do_check_neq(err, null);

    72       do_test_finished();

    73       run_next_test();

    74     },

    75     {

    76       // this should not be called at all!

    77       genKeyPairCallback: function(pk) {

    78         // a test that will surely fail because we shouldn't be here.

    79         do_check_true(false);

    81         do_test_finished();

    82         run_next_test();

    83       }

    84     }

    85   );

    86 }

    88 function test_genkeypair() {

    89   do_test_pending();

    90   let _callerId = null;

    92   setup_provisioning(

    93     TEST_USER,

    94     function(caller) {

    95       _callerId = caller.id;

    96       IdentityProvider.beginProvisioning(caller);

    97     },

    98     function(err) {

    99       // should not be called!

   100       do_check_true(false);

   102       do_test_finished();

   103       run_next_test();

   104     },

   105     {

   106       beginProvisioningCallback: function(email, time_s) {

   107         IdentityProvider.genKeyPair(_callerId);

   108       },

   109       genKeyPairCallback: function(kp) {

   110         do_check_neq(kp, null);

   112         // yay!

   113         do_test_finished();

   114         run_next_test();

   115       }

   116     }

   117   );

   118 }

   120 // we've already ensured that genkeypair can't be called

   121 // before beginProvisioning, so this test should be enough

   122 // to ensure full sequential call of the 3 APIs.

   123 function test_register_certificate_before_genkeypair() {

   124   do_test_pending();

   125   let _callerID = null;

   127   setup_provisioning(

   128     TEST_USER,

   129     function(caller) {

   130       // do the right thing for beginProvisioning

   131       _callerID = caller.id;

   132       IdentityProvider.beginProvisioning(caller);

   133     },

   134     // expect this to be called with an error

   135     function(err) {

   136       do_check_neq(err, null);

   138       do_test_finished();

   139       run_next_test();

   140     },

   141     {

   142       beginProvisioningCallback: function(email, duration_s) {

   143         // now we try to register cert but no keygen has been done

   144         IdentityProvider.registerCertificate(_callerID, "fake-cert");

   145       }

   146     }

   147   );

   148 }

   150 function test_register_certificate() {

   151   do_test_pending();

   152   let _callerId = null;

   154   setup_provisioning(

   155     TEST_USER,

   156     function(caller) {

   157       _callerId = caller.id;

   158       IdentityProvider.beginProvisioning(caller);

   159     },

   160     function(err) {

   161       // we should be cool!

   162       do_check_null(err);

   164       // check that the cert is there

   165       let identity = get_idstore().fetchIdentity(TEST_USER);

   166       do_check_neq(identity,null);

   167       do_check_eq(identity.cert, "fake-cert-42");

   169       do_execute_soon(function check_done() {

   170         // cleanup will happen after the callback is called

   171         check_provision_flow_done(_callerId);

   173         do_test_finished();

   174         run_next_test();

   175       });

   176     },

   177     {

   178       beginProvisioningCallback: function(email, duration_s) {

   179         IdentityProvider.genKeyPair(_callerId);

   180       },

   181       genKeyPairCallback: function(pk) {

   182         IdentityProvider.registerCertificate(_callerId, "fake-cert-42");

   183       }

   184     }

   185   );

   186 }

   189 function test_get_assertion_after_provision() {

   190   do_test_pending();

   191   let _callerId = null;

   193   setup_provisioning(

   194     TEST_USER,

   195     function(caller) {

   196       _callerId = caller.id;

   197       IdentityProvider.beginProvisioning(caller);

   198     },

   199     function(err) {

   200       // we should be cool!

   201       do_check_null(err);

   203       // check that the cert is there

   204       let identity = get_idstore().fetchIdentity(TEST_USER);

   205       do_check_neq(identity,null);

   206       do_check_eq(identity.cert, "fake-cert-42");

   208       do_execute_soon(function check_done() {

   209         // cleanup will happen after the callback is called

   210         check_provision_flow_done(_callerId);

   212         do_test_finished();

   213         run_next_test();

   214       });

   215     },

   216     {

   217       beginProvisioningCallback: function(email, duration_s) {

   218         IdentityProvider.genKeyPair(_callerId);

   219       },

   220       genKeyPairCallback: function(pk) {

   221         IdentityProvider.registerCertificate(_callerId, "fake-cert-42");

   222       }

   223     }

   224   );

   226 }

   228 let TESTS = [];

   230 TESTS.push(test_begin_provisioning);

   231 TESTS.push(test_raise_provisioning_failure);

   232 TESTS.push(test_genkeypair_before_begin_provisioning);

   233 TESTS.push(test_genkeypair);

   234 TESTS.push(test_register_certificate_before_genkeypair);

   235 TESTS.push(test_register_certificate);

   236 TESTS.push(test_get_assertion_after_provision);

   238 TESTS.forEach(add_test);

   240 function run_test() {

   241   run_next_test();

   242 }

The Tor Browser / file revision

toolkit/identity/tests/unit/test_provisioning.js@129ffea94266

toolkit/identity/tests/unit/test_provisioning.js