1 // Copyright 2019 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "components/autofill/core/browser/payments/credit_card_cvc_authenticator.h"
6
7 #include <stddef.h>
8
9 #include <algorithm>
10 #include <memory>
11 #include <string>
12 #include <tuple>
13 #include <utility>
14 #include <vector>
15
16 #include "base/base64.h"
17 #include "base/command_line.h"
18 #include "base/feature_list.h"
19 #include "base/memory/ref_counted.h"
20 #include "base/metrics/field_trial.h"
21 #include "base/metrics/metrics_hashes.h"
22 #include "base/stl_util.h"
23 #include "base/strings/string16.h"
24 #include "base/strings/string_number_conversions.h"
25 #include "base/strings/string_util.h"
26 #include "base/strings/stringprintf.h"
27 #include "base/strings/utf_string_conversions.h"
28 #include "base/test/metrics/histogram_tester.h"
29 #include "base/test/scoped_feature_list.h"
30 #include "base/test/task_environment.h"
31 #include "base/threading/thread_task_runner_handle.h"
32 #include "base/time/time.h"
33 #include "build/build_config.h"
34 #include "components/autofill/core/browser/autocomplete_history_manager.h"
35 #include "components/autofill/core/browser/autofill_download_manager.h"
36 #include "components/autofill/core/browser/autofill_test_utils.h"
37 #include "components/autofill/core/browser/data_model/autofill_profile.h"
38 #include "components/autofill/core/browser/data_model/credit_card.h"
39 #include "components/autofill/core/browser/metrics/form_events.h"
40 #include "components/autofill/core/browser/payments/test_authentication_requester.h"
41 #include "components/autofill/core/browser/payments/test_payments_client.h"
42 #include "components/autofill/core/browser/personal_data_manager.h"
43 #include "components/autofill/core/browser/test_autofill_client.h"
44 #include "components/autofill/core/browser/test_autofill_clock.h"
45 #include "components/autofill/core/browser/test_autofill_driver.h"
46 #include "components/autofill/core/browser/test_personal_data_manager.h"
47 #include "components/autofill/core/browser/validation.h"
48 #include "components/autofill/core/browser/webdata/autofill_webdata_service.h"
49 #include "components/autofill/core/common/autofill_clock.h"
50 #include "components/autofill/core/common/autofill_features.h"
51 #include "components/autofill/core/common/autofill_payments_features.h"
52 #include "components/autofill/core/common/autofill_prefs.h"
53 #include "components/autofill/core/common/autofill_switches.h"
54 #include "components/autofill/core/common/autofill_tick_clock.h"
55 #include "components/autofill/core/common/autofill_util.h"
56 #include "components/prefs/pref_service.h"
57 #include "components/security_state/core/security_state.h"
58 #include "components/strings/grit/components_strings.h"
59 #include "components/sync/driver/test_sync_service.h"
60 #include "components/version_info/channel.h"
61 #include "net/base/url_util.h"
62 #include "services/metrics/public/cpp/ukm_builders.h"
63 #include "services/network/public/cpp/shared_url_loader_factory.h"
64 #include "testing/gtest/include/gtest/gtest.h"
65 #include "ui/base/l10n/l10n_util.h"
66 #include "ui/gfx/geometry/rect.h"
67 #include "url/gurl.h"
68
69 using base::ASCIIToUTF16;
70
71 namespace autofill {
72 namespace {
73
74 const char kTestGUID[] = "00000000-0000-0000-0000-000000000001";
75 const char kTestNumber[] = "4234567890123456"; // Visa
76
77 } // namespace
78
79 class CreditCardCVCAuthenticatorTest : public testing::Test {
80 public:
CreditCardCVCAuthenticatorTest()81 CreditCardCVCAuthenticatorTest() {}
82
SetUp()83 void SetUp() override {
84 autofill_client_.SetPrefs(test::PrefServiceForTesting());
85 personal_data_manager_.Init(/*profile_database=*/database_,
86 /*account_database=*/nullptr,
87 /*pref_service=*/autofill_client_.GetPrefs(),
88 /*identity_manager=*/nullptr,
89 /*client_profile_validator=*/nullptr,
90 /*history_service=*/nullptr,
91 /*is_off_the_record=*/false);
92 personal_data_manager_.SetPrefService(autofill_client_.GetPrefs());
93
94 requester_.reset(new TestAuthenticationRequester());
95 autofill_driver_ =
96 std::make_unique<testing::NiceMock<TestAutofillDriver>>();
97
98 payments::TestPaymentsClient* payments_client =
99 new payments::TestPaymentsClient(
100 autofill_driver_->GetURLLoaderFactory(),
101 autofill_client_.GetIdentityManager(), &personal_data_manager_);
102 autofill_client_.set_test_payments_client(
103 std::unique_ptr<payments::TestPaymentsClient>(payments_client));
104 cvc_authenticator_ =
105 std::make_unique<CreditCardCVCAuthenticator>(&autofill_client_);
106 }
107
TearDown()108 void TearDown() override {
109 // Order of destruction is important as AutofillDriver relies on
110 // PersonalDataManager to be around when it gets destroyed.
111 autofill_driver_.reset();
112
113 personal_data_manager_.SetPrefService(nullptr);
114 personal_data_manager_.ClearCreditCards();
115 }
116
CreateServerCard(std::string guid,std::string number)117 CreditCard CreateServerCard(std::string guid, std::string number) {
118 CreditCard masked_server_card = CreditCard();
119 test::SetCreditCardInfo(&masked_server_card, "Elvis Presley",
120 number.c_str(), test::NextMonth().c_str(),
121 test::NextYear().c_str(), "1");
122 masked_server_card.set_guid(guid);
123 masked_server_card.set_record_type(CreditCard::MASKED_SERVER_CARD);
124
125 personal_data_manager_.ClearCreditCards();
126 personal_data_manager_.AddServerCreditCard(masked_server_card);
127
128 return masked_server_card;
129 }
130
OnDidGetRealPan(AutofillClient::PaymentsRpcResult result,const std::string & real_pan)131 void OnDidGetRealPan(AutofillClient::PaymentsRpcResult result,
132 const std::string& real_pan) {
133 payments::FullCardRequest* full_card_request =
134 cvc_authenticator_->full_card_request_.get();
135 DCHECK(full_card_request);
136
137 // Mock user response.
138 payments::FullCardRequest::UserProvidedUnmaskDetails details;
139 details.cvc = base::ASCIIToUTF16("123");
140 full_card_request->OnUnmaskPromptAccepted(details);
141
142 // Mock payments response.
143 payments::PaymentsClient::UnmaskResponseDetails response;
144 full_card_request->OnDidGetRealPan(result,
145 response.with_real_pan(real_pan));
146 }
147
148 protected:
149 std::unique_ptr<TestAuthenticationRequester> requester_;
150 base::test::TaskEnvironment task_environment_;
151 TestAutofillClient autofill_client_;
152 std::unique_ptr<TestAutofillDriver> autofill_driver_;
153 scoped_refptr<AutofillWebDataService> database_;
154 TestPersonalDataManager personal_data_manager_;
155 base::test::ScopedFeatureList scoped_feature_list_;
156 std::unique_ptr<CreditCardCVCAuthenticator> cvc_authenticator_;
157 };
158
TEST_F(CreditCardCVCAuthenticatorTest,AuthenticateServerCardSuccess)159 TEST_F(CreditCardCVCAuthenticatorTest, AuthenticateServerCardSuccess) {
160 CreditCard card = CreateServerCard(kTestGUID, kTestNumber);
161
162 cvc_authenticator_->Authenticate(&card, requester_->GetWeakPtr(),
163 &personal_data_manager_,
164 AutofillTickClock::NowTicks());
165
166 OnDidGetRealPan(AutofillClient::SUCCESS, kTestNumber);
167 EXPECT_TRUE(requester_->did_succeed());
168 EXPECT_EQ(ASCIIToUTF16(kTestNumber), requester_->number());
169 }
170
TEST_F(CreditCardCVCAuthenticatorTest,AuthenticateServerCardNetworkError)171 TEST_F(CreditCardCVCAuthenticatorTest, AuthenticateServerCardNetworkError) {
172 CreditCard card = CreateServerCard(kTestGUID, kTestNumber);
173
174 cvc_authenticator_->Authenticate(&card, requester_->GetWeakPtr(),
175 &personal_data_manager_,
176 AutofillTickClock::NowTicks());
177
178 OnDidGetRealPan(AutofillClient::NETWORK_ERROR, std::string());
179 EXPECT_FALSE(requester_->did_succeed());
180 }
181
TEST_F(CreditCardCVCAuthenticatorTest,AuthenticateServerCardPermanentFailure)182 TEST_F(CreditCardCVCAuthenticatorTest, AuthenticateServerCardPermanentFailure) {
183 CreditCard card = CreateServerCard(kTestGUID, kTestNumber);
184
185 cvc_authenticator_->Authenticate(&card, requester_->GetWeakPtr(),
186 &personal_data_manager_,
187 AutofillTickClock::NowTicks());
188
189 OnDidGetRealPan(AutofillClient::PERMANENT_FAILURE, std::string());
190 EXPECT_FALSE(requester_->did_succeed());
191 }
192
TEST_F(CreditCardCVCAuthenticatorTest,AuthenticateServerCardTryAgainFailure)193 TEST_F(CreditCardCVCAuthenticatorTest, AuthenticateServerCardTryAgainFailure) {
194 CreditCard card = CreateServerCard(kTestGUID, kTestNumber);
195
196 cvc_authenticator_->Authenticate(&card, requester_->GetWeakPtr(),
197 &personal_data_manager_,
198 AutofillTickClock::NowTicks());
199
200 OnDidGetRealPan(AutofillClient::TRY_AGAIN_FAILURE, std::string());
201 EXPECT_FALSE(requester_->did_succeed());
202
203 OnDidGetRealPan(AutofillClient::SUCCESS, kTestNumber);
204 EXPECT_TRUE(requester_->did_succeed());
205 EXPECT_EQ(ASCIIToUTF16(kTestNumber), requester_->number());
206 }
207
208 } // namespace autofill
209