Trust Tokens: Add parameter enumeration and serialization in test utils

This CL adds common test utility code generating and serializing
combinations of Trust Token API parameters
(https://github.com/wicg/trust-token-api). This is so that the same code
can parameterize
1. the integration tests in trust_token_parameters_browsertest.cc, which
verify that JS parameters' values are correctly reflected in the network
stack, and
2. the iframe attribute parsing unittests in the child CL, which confirm
that the JSON-encoded 'trusttoken' iframe attribute is parsed into the
correct internal representation of the parameters' values.

It also refactors a test currently written using URLLoaderInterceptor to
use URLLoaderMonitor, which is much simpler.

Bug: 1062396
Change-Id: I3a109e2d0aacf3914f67aa7ac34ad3c7c363eccb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2115778Reviewed-by: Avi Drissman <avi@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Commit-Queue: David Van Cleve <davidvc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#754721}

content/test/BUILD.gn

@@ -1198,6 +1198,7 @@ test("content_browsertests") {
     "//services/image_annotation/public/mojom:mojom",
     "//services/metrics/public/cpp:ukm_builders",
     "//services/network:test_support",
+    "//services/network/trust_tokens:test_support",
     "//services/service_manager/public/cpp",
     "//services/test/echo/public/mojom",
     "//services/tracing:privacy_check",

content/test/DEPS

@@ -26,6 +26,7 @@ include_rules = [
   "+services/network/public/cpp",
   "+services/network/public/mojom",
   "+services/network/test",
+  "+services/network/trust_tokens/test",
   "+services/network/mock_mojo_dhcp_wpad_url_client.h",
   "+services/network/url_request_context_builder_mojo.h",
   "+services/proxy_resolver",

services/network/trust_tokens/BUILD.gn

@@ -12,6 +12,8 @@ source_set("trust_tokens") {
     "//services/network:tests",
   ]
 
+  defines = [ "IS_NETWORK_SERVICE_IMPL" ]
+
   sources = [
     "has_trust_tokens_answerer.cc",
     "has_trust_tokens_answerer.h",
@@ -63,6 +65,8 @@ source_set("trust_tokens") {
 source_set("test_support") {
   testonly = true
 
+  defines = [ "IS_NETWORK_SERVICE_IMPL" ]
+
   sources = [
     "test/trust_token_test_util.cc",
     "test/trust_token_test_util.h",
@@ -84,6 +88,8 @@ source_set("test_support") {
 source_set("tests") {
   testonly = true
 
+  defines = [ "IS_NETWORK_SERVICE_IMPL" ]
+
   sources = [
     "has_trust_tokens_answerer_unittest.cc",
     "pending_trust_token_store_unittest.cc",

services/network/trust_tokens/test/trust_token_test_util.cc

@@ -4,6 +4,7 @@
 
 #include "services/network/trust_tokens/test/trust_token_test_util.h"
 #include "base/test/bind_test_util.h"
+#include "services/network/public/mojom/trust_tokens.mojom-shared.h"
 
 namespace network {
 
@@ -35,4 +36,118 @@ TrustTokenRequestHelperTest::ExecuteBeginOperationAndWaitForResult(
   return status;
 }
 
+std::string TrustTokenEnumToString(mojom::TrustTokenOperationType type) {
+  switch (type) {
+    case mojom::TrustTokenOperationType::kIssuance:
+      return "token-request";
+    case mojom::TrustTokenOperationType::kRedemption:
+      return "srr-token-redemption";
+    case mojom::TrustTokenOperationType::kSigning:
+      return "send-srr";
+  }
+}
+
+std::string TrustTokenEnumToString(mojom::TrustTokenRefreshPolicy policy) {
+  switch (policy) {
+    case mojom::TrustTokenRefreshPolicy::kUseCached:
+      return "none";
+    case mojom::TrustTokenRefreshPolicy::kRefresh:
+      return "refresh";
+  }
+}
+
+std::string TrustTokenEnumToString(
+    mojom::TrustTokenSignRequestData sign_request_data) {
+  switch (sign_request_data) {
+    case mojom::TrustTokenSignRequestData::kOmit:
+      return "omit";
+    case mojom::TrustTokenSignRequestData::kHeadersOnly:
+      return "headers-only";
+    case mojom::TrustTokenSignRequestData::kInclude:
+      return "include";
+  }
+}
+
+TrustTokenParametersAndSerialization::TrustTokenParametersAndSerialization(
+    mojom::TrustTokenParamsPtr params,
+    std::string serialized_params)
+    : params(std::move(params)),
+      serialized_params(std::move(serialized_params)) {}
+TrustTokenParametersAndSerialization::~TrustTokenParametersAndSerialization() =
+    default;
+
+TrustTokenParametersAndSerialization::TrustTokenParametersAndSerialization(
+    TrustTokenParametersAndSerialization&&) = default;
+TrustTokenParametersAndSerialization& TrustTokenParametersAndSerialization::
+operator=(TrustTokenParametersAndSerialization&&) = default;
+
+TrustTokenTestParameters::~TrustTokenTestParameters() = default;
+TrustTokenTestParameters::TrustTokenTestParameters(
+    const TrustTokenTestParameters&) = default;
+TrustTokenTestParameters& TrustTokenTestParameters::operator=(
+    const TrustTokenTestParameters&) = default;
+
+TrustTokenTestParameters::TrustTokenTestParameters(
+    network::mojom::TrustTokenOperationType type,
+    base::Optional<network::mojom::TrustTokenRefreshPolicy> refresh_policy,
+    base::Optional<network::mojom::TrustTokenSignRequestData> sign_request_data,
+    base::Optional<bool> include_timestamp_header,
+    base::Optional<std::string> issuer_spec,
+    base::Optional<std::vector<std::string>> additional_signed_headers)
+    : type(type),
+      refresh_policy(refresh_policy),
+      sign_request_data(sign_request_data),
+      include_timestamp_header(include_timestamp_header),
+      issuer_spec(issuer_spec),
+      additional_signed_headers(additional_signed_headers) {}
+
+TrustTokenParametersAndSerialization
+SerializeTrustTokenParametersAndConstructExpectation(
+    const TrustTokenTestParameters& input) {
+  auto trust_token_params = mojom::TrustTokenParams::New();
+
+  base::Value parameters(base::Value::Type::DICTIONARY);
+  parameters.SetStringKey("type", TrustTokenEnumToString(input.type));
+  trust_token_params->type = input.type;
+
+  if (input.refresh_policy.has_value()) {
+    parameters.SetStringKey("refreshPolicy",
+                            TrustTokenEnumToString(*input.refresh_policy));
+    trust_token_params->refresh_policy = *input.refresh_policy;
+  }
+
+  if (input.sign_request_data.has_value()) {
+    parameters.SetStringKey("signRequestData",
+                            TrustTokenEnumToString(*input.sign_request_data));
+    trust_token_params->sign_request_data = *input.sign_request_data;
+  }
+
+  if (input.include_timestamp_header.has_value()) {
+    parameters.SetBoolKey("includeTimestampHeader",
+                          *input.include_timestamp_header);
+    trust_token_params->include_timestamp_header =
+        *input.include_timestamp_header;
+  }
+
+  if (input.issuer_spec.has_value()) {
+    parameters.SetStringKey("issuer", *input.issuer_spec);
+    trust_token_params->issuer = url::Origin::Create(GURL(*input.issuer_spec));
+  }
+
+  if (input.additional_signed_headers.has_value()) {
+    base::Value headers(base::Value::Type::LIST);
+    for (const std::string& header : *input.additional_signed_headers)
+      headers.Append(header);
+    parameters.SetKey("additionalSignedHeaders", std::move(headers));
+    for (const std::string& input_header : *input.additional_signed_headers) {
+      trust_token_params->additional_signed_headers.push_back(input_header);
+    }
+  }
+
+  std::string serialized_parameters;
+  JSONStringValueSerializer serializer(&serialized_parameters);
+  CHECK(serializer.Serialize(parameters));
+  return {std::move(trust_token_params), std::move(serialized_parameters)};
+}
+
 }  // namespace network

services/network/trust_tokens/test/trust_token_test_util.h

@@ -9,10 +9,14 @@
 #include <string>
 
 #include "base/callback_forward.h"
+#include "base/component_export.h"
+#include "base/json/json_string_value_serializer.h"
 #include "base/test/task_environment.h"
+#include "base/values.h"
 #include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
 #include "net/url_request/url_request_test_util.h"
 #include "services/network/public/mojom/trust_tokens.mojom-shared.h"
+#include "services/network/public/mojom/trust_tokens.mojom.h"
 #include "services/network/trust_tokens/trust_token_request_helper.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
@@ -52,6 +56,149 @@ class TrustTokenRequestHelperTest : public ::testing::Test {
   net::TestURLRequestContext context_;
 };
 
+// The following helper methods unify parameterized unit/integration testing of
+// the Trust Tokens interface.
+//
+// They provide a way to serialize a number of Trust Tokens parameter structures
+// to JSON in a manner that covers all of the Trust Tokens
+// parameters, and all of the permitted values of the enum and bool parameters,
+// in order to verify that the parameters' values correctly
+// serialize/deserialize and are properly propagated to the network stack.
+//
+// Intended use:
+// - parameterize tests by k{Issuance, Signing, Redemption}TrustTokenParameters;
+// - in the tests, call |SerializeTrustTokenParametersAndConstructExpectation|
+// to construct (1) a string representation of the trustToken JS argument and
+// (2) a corresponding mojom::TrustTokenParams object expected to
+// appear downstream;
+// - pass the provided argument to the API (fetch, iframe, XHR, ...) and check
+// that the corresponding Mojo struct does, in fact, subsequently materialize.
+
+// The instantiations of this struct will be serialized and passed to a
+// `fetch` call in executed JS. This class is declared out-of-line so that it
+// can be shared between embedder- and Blink-side code.
+struct TrustTokenTestParameters final {
+  // TrustTokenTestParameters (when serialized, nullopt in an optional field
+  // will be omitted from the parameter's value):
+  TrustTokenTestParameters(
+      mojom::TrustTokenOperationType type,
+      base::Optional<mojom::TrustTokenRefreshPolicy> refresh_policy,
+      base::Optional<mojom::TrustTokenSignRequestData> sign_request_data,
+      base::Optional<bool> include_timestamp_header,
+      base::Optional<std::string> issuer_spec,
+      base::Optional<std::vector<std::string>> additional_signed_headers);
+
+  ~TrustTokenTestParameters();
+
+  TrustTokenTestParameters(const TrustTokenTestParameters&);
+  TrustTokenTestParameters& operator=(const TrustTokenTestParameters&);
+
+  mojom::TrustTokenOperationType type;
+  base::Optional<mojom::TrustTokenRefreshPolicy> refresh_policy;
+  base::Optional<mojom::TrustTokenSignRequestData> sign_request_data;
+  base::Optional<bool> include_timestamp_header;
+  // Because static initialization of GURLs/Origins isn't allowed in tests, use
+  // the string representation of the issuer origin and convert it to an Origin
+  // in the test.
+  base::Optional<std::string> issuer_spec;
+  base::Optional<std::vector<std::string>> additional_signed_headers;
+};
+
+// Serializes the value of a Trust Tokens enum parameter to its JS string
+// representation. Must be kept in sync with the corresponding IDL enum
+// definition.
+std::string TrustTokenEnumToString(mojom::TrustTokenOperationType type);
+std::string TrustTokenEnumToString(mojom::TrustTokenRefreshPolicy policy);
+std::string TrustTokenEnumToString(
+    mojom::TrustTokenSignRequestData sign_request_data);
+
+// For a given test case, creates and returns:
+// 1. a serialized JSON dictionary suitable for passing as the value of
+//    `fetch`'s (and XHR's, and iframe's) `trustToken` parameter.
+// 2. a TrustTokenParams object that should equal the
+//    value eventually passed downstream when a fetch/XHR/iframe load
+//    is provided the serialized parameters.
+struct TrustTokenParametersAndSerialization {
+  TrustTokenParametersAndSerialization(mojom::TrustTokenParamsPtr params,
+                                       std::string serialized_params);
+  ~TrustTokenParametersAndSerialization();
+
+  TrustTokenParametersAndSerialization(
+      const TrustTokenParametersAndSerialization&) = delete;
+  TrustTokenParametersAndSerialization& operator=(
+      const TrustTokenParametersAndSerialization&) = delete;
+
+  TrustTokenParametersAndSerialization(TrustTokenParametersAndSerialization&&);
+  TrustTokenParametersAndSerialization& operator=(
+      TrustTokenParametersAndSerialization&&);
+
+  mojom::TrustTokenParamsPtr params;
+  std::string serialized_params;
+};
+TrustTokenParametersAndSerialization
+SerializeTrustTokenParametersAndConstructExpectation(
+    const TrustTokenTestParameters& input);
+
+// These groups of parameters are defined in this utility file so that they can
+// be shared among different tests deserializing and propagating Trust Tokens
+// parameters; see above for a more detailed description of the intended use.
+const TrustTokenTestParameters kIssuanceTrustTokenTestParameters[]{
+    // For issuance, there are no additional parameters to specify.
+    TrustTokenTestParameters(mojom::TrustTokenOperationType::kIssuance,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt)};
+
+const TrustTokenTestParameters kRedemptionTrustTokenTestParameters[]{
+    // For redemption, there is one free parameter, refreshPolicy, with two
+    // values (and a default).
+    TrustTokenTestParameters(mojom::TrustTokenOperationType::kRedemption,
+                             mojom::TrustTokenRefreshPolicy::kRefresh,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt),
+    TrustTokenTestParameters(mojom::TrustTokenOperationType::kRedemption,
+                             mojom::TrustTokenRefreshPolicy::kUseCached,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt),
+    TrustTokenTestParameters(mojom::TrustTokenOperationType::kRedemption,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt,
+                             base::nullopt)};
+
+const TrustTokenTestParameters kSigningTrustTokenTestParameters[]{
+    // Signing's inputs are issuer, signRequestData, additionalSignedHeaders,
+    // and includeTimestampHeader; "issuer" has no default and must always be
+    // a secure origin.
+    TrustTokenTestParameters(
+        mojom::TrustTokenOperationType::kSigning,
+        base::nullopt,
+        mojom::TrustTokenSignRequestData::kOmit,
+        /*include_timestamp_header=*/true,
+        "https://issuer.example",
+        std::vector<std::string>{"one additional header's name",
+                                 "another additional header's name"}),
+    TrustTokenTestParameters(mojom::TrustTokenOperationType::kSigning,
+                             base::nullopt,
+                             mojom::TrustTokenSignRequestData::kHeadersOnly,
+                             /*include_timestamp_header=*/false,
+                             "https://issuer.example",
+                             base::nullopt),
+    TrustTokenTestParameters(mojom::TrustTokenOperationType::kSigning,
+                             base::nullopt,
+                             mojom::TrustTokenSignRequestData::kInclude,
+                             /*include_timestamp_header=*/base::nullopt,
+                             "https://issuer.example",
+                             base::nullopt),
+};
+
 }  // namespace network
 
 #endif  // SERVICES_NETWORK_TRUST_TOKENS_TEST_TRUST_TOKEN_TEST_UTIL_H_