Commit 7f1b5314 authored by Alex Ilin's avatar Alex Ilin Committed by Commit Bot

[identity] Enable multi-account consent flow on ChromeOS

ChromeOS can now support multiple accounts in the extension consent
flow.

This change should be compatible with the old consent flow as well.

Bug: 1026237
Change-Id: I915a6697dc0301bb67f297983c32f98a1a2e5fb2
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2141102
Commit-Queue: Alex Ilin <alexilin@chromium.org>
Reviewed-by: default avatarDavid Roger <droger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#757791}
parent ab28c349
...@@ -260,7 +260,8 @@ IdentityAPI::RegisterOnShutdownCallback(const base::Closure& cb) { ...@@ -260,7 +260,8 @@ IdentityAPI::RegisterOnShutdownCallback(const base::Closure& cb) {
} }
bool IdentityAPI::AreExtensionsRestrictedToPrimaryAccount() { bool IdentityAPI::AreExtensionsRestrictedToPrimaryAccount() {
return !AccountConsistencyModeManager::IsDiceEnabledForProfile(profile_); return !AccountConsistencyModeManager::IsDiceEnabledForProfile(profile_) &&
!AccountConsistencyModeManager::IsMirrorEnabledForProfile(profile_);
} }
IdentityAPI::IdentityAPI(Profile* profile, IdentityAPI::IdentityAPI(Profile* profile,
......
...@@ -9,7 +9,6 @@ ...@@ -9,7 +9,6 @@
#include "base/optional.h" #include "base/optional.h"
#include "base/test/scoped_feature_list.h" #include "base/test/scoped_feature_list.h"
#include "base/threading/thread_task_runner_handle.h" #include "base/threading/thread_task_runner_handle.h"
#include "build/build_config.h"
#include "chrome/browser/extensions/test_extension_prefs.h" #include "chrome/browser/extensions/test_extension_prefs.h"
#include "chrome/test/base/testing_profile.h" #include "chrome/test/base/testing_profile.h"
#include "components/signin/public/base/signin_buildflags.h" #include "components/signin/public/base/signin_buildflags.h"
...@@ -59,16 +58,10 @@ class IdentityAPITest : public testing::Test { ...@@ -59,16 +58,10 @@ class IdentityAPITest : public testing::Test {
std::unique_ptr<IdentityAPI> api_; std::unique_ptr<IdentityAPI> api_;
}; };
#if BUILDFLAG(ENABLE_DICE_SUPPORT) // Tests that all accounts in extensions is enabled for regular profiles.
// Tests that all accounts in extensions is enabled when Dice is enabled. TEST_F(IdentityAPITest, AllAccountsExtensionEnabled) {
TEST_F(IdentityAPITest, DiceAllAccountsExtensions) {
EXPECT_FALSE(api()->AreExtensionsRestrictedToPrimaryAccount()); EXPECT_FALSE(api()->AreExtensionsRestrictedToPrimaryAccount());
} }
#else
TEST_F(IdentityAPITest, AllAccountsExtensionDisabled) {
EXPECT_TRUE(api()->AreExtensionsRestrictedToPrimaryAccount());
}
#endif
TEST_F(IdentityAPITest, GetGaiaIdForExtension) { TEST_F(IdentityAPITest, GetGaiaIdForExtension) {
std::string extension_id = prefs()->AddExtensionAndReturnId("extension"); std::string extension_id = prefs()->AddExtensionAndReturnId("extension");
......
...@@ -69,7 +69,11 @@ ...@@ -69,7 +69,11 @@
#if defined(OS_CHROMEOS) #if defined(OS_CHROMEOS)
#include "chrome/browser/chromeos/login/users/mock_user_manager.h" #include "chrome/browser/chromeos/login/users/mock_user_manager.h"
#include "chrome/browser/chromeos/net/network_portal_detector_test_impl.h"
#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
#include "chromeos/network/network_handler.h"
#include "chromeos/network/network_state.h"
#include "chromeos/network/network_state_handler.h"
#include "chromeos/tpm/stub_install_attributes.h" #include "chromeos/tpm/stub_install_attributes.h"
#include "components/user_manager/scoped_user_manager.h" #include "components/user_manager/scoped_user_manager.h"
#endif #endif
...@@ -88,6 +92,27 @@ namespace utils = extension_function_test_utils; ...@@ -88,6 +92,27 @@ namespace utils = extension_function_test_utils;
static const char kAccessToken[] = "auth_token"; static const char kAccessToken[] = "auth_token";
static const char kExtensionId[] = "ext_id"; static const char kExtensionId[] = "ext_id";
#if defined(OS_CHROMEOS)
void InitNetwork() {
const chromeos::NetworkState* default_network =
chromeos::NetworkHandler::Get()
->network_state_handler()
->DefaultNetwork();
auto* portal_detector = new chromeos::NetworkPortalDetectorTestImpl();
portal_detector->SetDefaultNetworkForTesting(default_network->guid());
chromeos::NetworkPortalDetector::CaptivePortalState online_state;
online_state.status =
chromeos::NetworkPortalDetector::CAPTIVE_PORTAL_STATUS_ONLINE;
online_state.response_code = 204;
portal_detector->SetDetectionResultsForTesting(default_network->guid(),
online_state);
chromeos::network_portal_detector::InitializeForTesting(portal_detector);
}
#endif
// Asynchronous function runner allows tests to manipulate the browser window // Asynchronous function runner allows tests to manipulate the browser window
// after the call happens. // after the call happens.
class AsyncFunctionRunner { class AsyncFunctionRunner {
...@@ -499,6 +524,11 @@ class IdentityTestWithSignin : public AsyncExtensionBrowserTest { ...@@ -499,6 +524,11 @@ class IdentityTestWithSignin : public AsyncExtensionBrowserTest {
void SetUpOnMainThread() override { void SetUpOnMainThread() override {
AsyncExtensionBrowserTest::SetUpOnMainThread(); AsyncExtensionBrowserTest::SetUpOnMainThread();
#if defined(OS_CHROMEOS)
// Fake the network online state so that Gaia requests can come through.
InitNetwork();
#endif
identity_test_env_profile_adaptor_ = identity_test_env_profile_adaptor_ =
std::make_unique<IdentityTestEnvironmentProfileAdaptor>(profile()); std::make_unique<IdentityTestEnvironmentProfileAdaptor>(profile());
...@@ -610,11 +640,7 @@ class IdentityGetAccountsFunctionTest : public IdentityTestWithSignin { ...@@ -610,11 +640,7 @@ class IdentityGetAccountsFunctionTest : public IdentityTestWithSignin {
}; };
IN_PROC_BROWSER_TEST_F(IdentityGetAccountsFunctionTest, AllAccountsOn) { IN_PROC_BROWSER_TEST_F(IdentityGetAccountsFunctionTest, AllAccountsOn) {
#if BUILDFLAG(ENABLE_DICE_SUPPORT)
EXPECT_FALSE(id_api()->AreExtensionsRestrictedToPrimaryAccount()); EXPECT_FALSE(id_api()->AreExtensionsRestrictedToPrimaryAccount());
#else
EXPECT_TRUE(id_api()->AreExtensionsRestrictedToPrimaryAccount());
#endif
} }
IN_PROC_BROWSER_TEST_F(IdentityGetAccountsFunctionTest, NoneSignedIn) { IN_PROC_BROWSER_TEST_F(IdentityGetAccountsFunctionTest, NoneSignedIn) {
...@@ -2020,6 +2046,8 @@ IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest, ...@@ -2020,6 +2046,8 @@ IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest,
} }
} }
// The signin flow is simply not used on ChromeOS.
#if !defined(OS_CHROMEOS)
IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest, IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest,
MultiSecondaryInteractiveInvalidToken) { MultiSecondaryInteractiveInvalidToken) {
// Setup a secondary account with no valid refresh token, and try to get a // Setup a secondary account with no valid refresh token, and try to get a
...@@ -2059,6 +2087,7 @@ IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest, ...@@ -2059,6 +2087,7 @@ IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest,
EXPECT_TRUE(func->scope_ui_shown()); EXPECT_TRUE(func->scope_ui_shown());
} }
} }
#endif
IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest, ScopesDefault) { IN_PROC_BROWSER_TEST_F(GetAuthTokenFunctionTest, ScopesDefault) {
SignIn("primary@example.com"); SignIn("primary@example.com");
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment