Properly propagate proxy auth details on sign-in screen (v2)
(Reland with WebviewProxyAuthLoginTest browsertext fix)
This CL fixes sign-in behind an authenticated proxy. Two actual changes
were necessary in this context:
- SigninPartitionManager: copy auth data from the system request
context into new StoragePartitions
This makes SigninPartitionManager::StartSigninSession async, which
made small changes necessary in GaiaScreenHandler and
EnrollmentScreenHandler
- SigninScreenHandler: Don't reload gaia immediately when auth details
have been supplied. This was unnecessary (the URL Request will
continue) and actually harmful, as now that we're using a new
StoragePartition for each sign-in attempt, this discards auth data
before we can copy them.
To support the browsertest, testserver.py gets an argument to redirect
CONNECT requests to localhost when proxying (in sign-in browsertests
without proxy, we use RuleBasedHostResolverProc::AddRule to achieve
this effect).
unit_tests --gtest_filter=SigninPartitionManagerTest*
Manual test:
Setup:
Setup an proxy server with Basic authentication
Configure the device to use the proxy server.
Make sure the user adding screen is shown.
Test 1:
Expect proxy auth dialog. Enter correct proxy auth data.
Expect that sign-in screen is shown and sign-in works.
Test 2:
Expect proxy auth dialog. Enter incorrect proxy auth data.
Expect that proxy-auth dialog is shown again.
Test 3:
Expect proxy auth dialog. Press Cancel.
Expect that a network error dialog is shown.
Press "try to sign in again".
Expect proxy auth dialog. Enter correct proxy auth data.
Expect that sign-in screen is shown and sign-in works.
Bug: 793524
Test: browser_tests --gtest_filter=WebviewProxyAuthLoginTest.* &&
Change-Id: I56dafa240ad3bb5902517688a5cb17e309f2982d
Reviewed-on: https://chromium-review.googlesource.com/850472
Reviewed-by: Matt Menke <mmenke@chromium.org>
Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Commit-Queue: Pavol Marko <pmarko@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#527103}
Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src
Cr-Mirrored-Commit: 569a169adf806513bc290572393ad4f845e119f8diff --git a/testserver.py b/testserver.py
index 634b41e..0576ac6 100755
--- a/testserver.py
+++ b/testserver.py
@@ -1765,6 +1765,7 @@
"""
_AUTH_CREDENTIAL = 'Basic Zm9vOmJhcg==' # foo:bar
+ redirect_connect_to_localhost = False;
def parse_request(self):
"""Overrides parse_request to check credential."""
@@ -1850,6 +1851,9 @@
self.send_response(400)
self.end_headers()
+ if BasicAuthProxyRequestHandler.redirect_connect_to_localhost:
+ host = "127.0.0.1"
+
try:
sock = socket.create_connection((host, port))
self.send_response(200, 'Connection established')
@@ -2108,6 +2112,8 @@
print 'Echo UDP server started on port %d...' % server.server_port
server_data['port'] = server.server_port
elif self.options.server_type == SERVER_BASIC_AUTH_PROXY:
+ BasicAuthProxyRequestHandler.redirect_connect_to_localhost = \
+ self.options.redirect_connect_to_localhost
server = HTTPServer((host, port), BasicAuthProxyRequestHandler)
print 'BasicAuthProxy server started on port %d...' % server.server_port
server_data['port'] = server.server_port
@@ -2323,6 +2329,12 @@
action='store_true')
self.option_parser.add_option('--token-binding-params', action='append',
default=[], type='int')
+ self.option_parser.add_option('--redirect-connect-to-localhost',
+ dest='redirect_connect_to_localhost',
+ default=False, action='store_true',
+ help='If set, the Proxy server will connect '
+ 'to localhost instead of the requested URL '
+ 'on CONNECT requests')
if __name__ == '__main__':