gecko/browser/components/loop/test/xpcshell/test_loopservice_token_validation.js

/* Any copyright is dedicated to the Public Domain.
   http://creativecommons.org/publicdomain/zero/1.0/ */

// XXX should report error if Hawk-Session-Token is lexically invalid
// (not a string of 64 hex digits) to help resist other possible injection
// attacks.  For now, however, we're just checking if it's the right length.
add_test(function test_registration_handles_bogus_hawk_token() {

  var wrongSizeToken = "jdkasjkasjdlaksj";
  Services.prefs.clearUserPref("loop.hawk-session-token");

  loopServer.registerPathHandler("/registration", (request, response) => {
    response.setStatusLine(null, 200, "OK");
    response.setHeader("Hawk-Session-Token", wrongSizeToken, false);
    response.processAsync();
    response.finish();
  });

  MozLoopService.promiseRegisteredWithServers().then(() => {
    do_throw("should not succeed with a bogus token");
  }, err => {

    Assert.equal(err.message, "session-token-wrong-size", "Should cause an error to be" +
      " called back if the session-token is not 64 characters long");

    // for some reason, Assert.throw is misbehaving, so....
    var ex;
    try {
      Services.prefs.getCharPref("loop.hawk-session-token");
    } catch (e) {
      ex = e;
    }
    Assert.notEqual(ex, undefined, "Should not set a loop.hawk-session-token pref");

    run_next_test();
  });
});

function run_test() {
  setupFakeLoopServer();

  mockPushHandler.registrationPushURL = kEndPointUrl;

  do_register_cleanup(function() {
    Services.prefs.clearUserPref("loop.hawk-session-token");
  });

  run_next_test();
}
Bug 1017902 Use saved hawk session tokens, if possible, when registering with the server to preserve the session across restarts. r=jparsons,r=mhammond 2014-06-05 02:29:54 -07:00			`/* Any copyright is dedicated to the Public Domain.`
			`http://creativecommons.org/publicdomain/zero/1.0/ */`
Bug 976109: Save hawk-session-token to prefs at reg time for later use; r=mhammond 2014-05-29 13:13:48 -07:00
			`// XXX should report error if Hawk-Session-Token is lexically invalid`
			`// (not a string of 64 hex digits) to help resist other possible injection`
			`// attacks. For now, however, we're just checking if it's the right length.`
			`add_test(function test_registration_handles_bogus_hawk_token() {`

			`var wrongSizeToken = "jdkasjkasjdlaksj";`
			`Services.prefs.clearUserPref("loop.hawk-session-token");`

Bug 1017902 Use saved hawk session tokens, if possible, when registering with the server to preserve the session across restarts. r=jparsons,r=mhammond 2014-06-05 02:29:54 -07:00			`loopServer.registerPathHandler("/registration", (request, response) => {`
Bug 976109: Save hawk-session-token to prefs at reg time for later use; r=mhammond 2014-05-29 13:13:48 -07:00			`response.setStatusLine(null, 200, "OK");`
			`response.setHeader("Hawk-Session-Token", wrongSizeToken, false);`
			`response.processAsync();`
			`response.finish();`
			`});`

Bug 1091161 - MozLoopService: Separate gInitializeTimerFunc from the actual initialize callback so we can retry initialization on demand. r=pkerr --HG-- extra : rebase_source : c47e54d93832079d4b0d2b6615d3348c6bc010cd 2014-10-29 16:20:31 -07:00			`MozLoopService.promiseRegisteredWithServers().then(() => {`
Bug 1017394 In MozLoopService use promises rather than callbacks to make the code cleaner. r=mhammond 2014-06-04 06:42:41 -07:00			`do_throw("should not succeed with a bogus token");`
			`}, err => {`
Bug 976109: Save hawk-session-token to prefs at reg time for later use; r=mhammond 2014-05-29 13:13:48 -07:00
Follow-up to bug 1099128 - fix issues with error values not being correctly handled by the room store, and switch the tests back to running with rooms enabled by default. r=nperriault 2014-11-24 13:39:57 -08:00			`Assert.equal(err.message, "session-token-wrong-size", "Should cause an error to be" +`
Bug 976109: Save hawk-session-token to prefs at reg time for later use; r=mhammond 2014-05-29 13:13:48 -07:00			`" called back if the session-token is not 64 characters long");`

			`// for some reason, Assert.throw is misbehaving, so....`
			`var ex;`
			`try {`
			`Services.prefs.getCharPref("loop.hawk-session-token");`
			`} catch (e) {`
			`ex = e;`
			`}`
			`Assert.notEqual(ex, undefined, "Should not set a loop.hawk-session-token pref");`

			`run_next_test();`
			`});`
			`});`

Bug 1088465 - MozLoopService: Use a \|mocks\| property instead of passing arguments through registration. r=mikedeboer 2014-10-27 03:11:36 -07:00			`function run_test() {`
Bug 1017902 Use saved hawk session tokens, if possible, when registering with the server to preserve the session across restarts. r=jparsons,r=mhammond 2014-06-05 02:29:54 -07:00			`setupFakeLoopServer();`
Bug 976109: Save hawk-session-token to prefs at reg time for later use; r=mhammond 2014-05-29 13:13:48 -07:00
Bug 1093500 - Cleanup Loop registration by pulling push URLs from the push handler. r=pkerr --HG-- extra : rebase_source : 40639702a655b5e20eb7e00473c2f8c7676500dc 2014-11-05 13:58:52 -08:00			`mockPushHandler.registrationPushURL = kEndPointUrl;`

Bug 976109: Save hawk-session-token to prefs at reg time for later use; r=mhammond 2014-05-29 13:13:48 -07:00			`do_register_cleanup(function() {`
			`Services.prefs.clearUserPref("loop.hawk-session-token");`
			`});`

			`run_next_test();`
			`}`