const { FXA_PWDMGR_HOST, FXA_PWDMGR_REALM } = ChromeUtils.importESModule(
"resource://gre/modules/FxAccountsCommon.sys.mjs"
);
const { LoginRec } = ChromeUtils.importESModule(
"resource://services-sync/engines/passwords.sys.mjs"
);
const { Service } = ChromeUtils.importESModule(
"resource://services-sync/service.sys.mjs"
);
const LoginInfo = Components.Constructor(
"@mozilla.org/login-manager/loginInfo;1",
Ci.nsILoginInfo,
"init"
);
const { LoginCSVImport } = ChromeUtils.importESModule(
"resource://gre/modules/LoginCSVImport.sys.mjs"
);
const { FileTestUtils } = ChromeUtils.importESModule(
"resource://testing-common/FileTestUtils.sys.mjs"
);
const PropertyBag = Components.Constructor(
"@mozilla.org/hash-property-bag;1",
Ci.nsIWritablePropertyBag
);
async
function cleanup(engine, server) {
await engine._tracker.stop();
await engine.wipeClient();
engine.lastModified =
null;
for (
const pref of Svc.PrefBranch.getChildList(
"")) {
Svc.PrefBranch.clearUserPref(pref);
}
Service.recordManager.clearCache();
if (server) {
await promiseStopServer(server);
}
}
add_task(async
function setup() {
// Disable addon sync because AddonManager won't be initialized here.
await Service.engineManager.unregister(
"addons");
await Service.engineManager.unregister(
"extension-storage");
});
add_task(async
function test_ignored_fields() {
_(
"Only changes to syncable fields should be tracked");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
enableValidationPrefs();
let loginInfo =
new LoginInfo(
"https://example.com",
"",
null,
"username",
"password",
"",
""
);
// Setting syncCounter to -1 so that it will be incremented to 0 when added.
loginInfo.syncCounter = -1;
let login = await Services.logins.addLoginAsync(loginInfo);
login.QueryInterface(Ci.nsILoginMetaInfo);
// For `guid`.
engine._tracker.start();
try {
let nonSyncableProps =
new PropertyBag();
nonSyncableProps.setProperty(
"timeLastUsed", Date.now());
nonSyncableProps.setProperty(
"timesUsed", 3);
Services.logins.modifyLogin(login, nonSyncableProps);
let noChanges = await engine.pullNewChanges();
deepEqual(noChanges, {},
"Should not track non-syncable fields");
let syncableProps =
new PropertyBag();
syncableProps.setProperty(
"username",
"newuser");
Services.logins.modifyLogin(login, syncableProps);
let changes = await engine.pullNewChanges();
deepEqual(
Object.keys(changes),
[login.guid],
"Should track syncable fields"
);
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_ignored_sync_credentials() {
_(
"Sync credentials in login manager should be ignored");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
enableValidationPrefs();
engine._tracker.start();
try {
let login = await Services.logins.addLoginAsync(
new LoginInfo(
FXA_PWDMGR_HOST,
null,
FXA_PWDMGR_REALM,
"fxa-uid",
"creds",
"",
""
)
);
let noChanges = await engine.pullNewChanges();
deepEqual(noChanges, {},
"Should not track new FxA credentials");
let props =
new PropertyBag();
props.setProperty(
"password",
"newcreds");
Services.logins.modifyLogin(login, props);
noChanges = await engine.pullNewChanges();
deepEqual(noChanges, {},
"Should not track changes to FxA credentials");
let foundLogins = await Services.logins.searchLoginsAsync({
origin: FXA_PWDMGR_HOST,
});
equal(foundLogins.length, 1);
equal(foundLogins[0].syncCounter, 0);
equal(foundLogins[0].everSynced,
false);
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_password_engine() {
_(
"Basic password sync test");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
enableValidationPrefs();
_(
"Add new login to upload during first sync");
let newLogin;
{
let login =
new LoginInfo(
"https://example.com",
"",
null,
"username",
"password",
"",
""
);
await Services.logins.addLoginAsync(login);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://example.com",
});
equal(logins.length, 1,
"Should find new login in login manager");
newLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
// Insert a server record that's older, so that we prefer the local one.
let rec =
new LoginRec(
"passwords", newLogin.guid);
rec.formSubmitURL = newLogin.formActionOrigin;
rec.httpRealm = newLogin.httpRealm;
rec.hostname = newLogin.origin;
rec.username = newLogin.username;
rec.password =
"sekrit";
let remotePasswordChangeTime = Date.now() - 1 * 60 * 60 * 24 * 1000;
rec.timeCreated = remotePasswordChangeTime;
rec.timePasswordChanged = remotePasswordChangeTime;
collection.insert(
newLogin.guid,
encryptPayload(rec.cleartext),
remotePasswordChangeTime / 1000
);
}
_(
"Add login with older password change time to replace during first sync");
let oldLogin;
{
let login =
new LoginInfo(
"https://mozilla.com",
"",
null,
"us3r",
"0ldpa55",
"",
""
);
await Services.logins.addLoginAsync(login);
let props =
new PropertyBag();
let localPasswordChangeTime = Date.now() - 1 * 60 * 60 * 24 * 1000;
props.setProperty(
"timePasswordChanged", localPasswordChangeTime);
Services.logins.modifyLogin(login, props);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://mozilla.com",
});
equal(logins.length, 1,
"Should find old login in login manager");
oldLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
equal(oldLogin.timePasswordChanged, localPasswordChangeTime);
let rec =
new LoginRec(
"passwords", oldLogin.guid);
rec.hostname = oldLogin.origin;
rec.formSubmitURL = oldLogin.formActionOrigin;
rec.httpRealm = oldLogin.httpRealm;
rec.username = oldLogin.username;
// Change the password and bump the password change time to ensure we prefer
// the remote one during reconciliation.
rec.password =
"n3wpa55";
rec.usernameField = oldLogin.usernameField;
rec.passwordField = oldLogin.usernameField;
rec.timeCreated = oldLogin.timeCreated;
rec.timePasswordChanged = Date.now();
collection.insert(oldLogin.guid, encryptPayload(rec.cleartext));
}
await engine._tracker.stop();
try {
await sync_engine_and_validate_telem(engine,
false);
let newRec = collection.cleartext(newLogin.guid);
equal(
newRec.password,
"password",
"Should update remote password for newer login"
);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://mozilla.com",
});
equal(
logins[0].password,
"n3wpa55",
"Should update local password for older login"
);
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_sync_outgoing() {
_(
"Test syncing outgoing records");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
let loginInfo =
new LoginInfo(
"http://mozilla.com",
"http://mozilla.com",
null,
"theuser",
"thepassword",
"username",
"password"
);
let login = await Services.logins.addLoginAsync(loginInfo);
engine._tracker.start();
try {
let foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://mozilla.com",
});
equal(foundLogins.length, 1);
equal(foundLogins[0].syncCounter, 1);
equal(foundLogins[0].everSynced,
false);
equal(collection.count(), 0);
let guid = foundLogins[0].QueryInterface(Ci.nsILoginMetaInfo).guid;
let changes = await engine.getChangedIDs();
let change = changes[guid];
equal(Object.keys(changes).length, 1);
equal(change.counter, 1);
ok(!change.deleted);
// This test modifies the password and then performs a sync and
// then ensures that the synced record is correct. This is done twice
// to ensure that syncing occurs correctly when the server record does not
// yet exist and when it does already exist.
for (let i = 1; i <= 2; i++) {
_(
"Modify the password iteration " + i);
foundLogins[0].password =
"newpassword" + i;
Services.logins.modifyLogin(login, foundLogins[0]);
foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://mozilla.com",
});
equal(foundLogins.length, 1);
// On the first pass, the counter should be 2, one for the add and one for the modify.
// No sync has occurred yet so everSynced should be false.
// On the second pass, the counter will only be 1 for the modify. The everSynced
// property should be true as the sync happened on the last iteration.
equal(foundLogins[0].syncCounter, i == 2 ? 1 : 2);
equal(foundLogins[0].everSynced, i == 2);
changes = await engine.getChangedIDs();
change = changes[guid];
equal(Object.keys(changes).length, 1);
equal(change.counter, i == 2 ? 1 : 2);
ok(!change.deleted);
_(
"Perform sync after modifying the password");
await sync_engine_and_validate_telem(engine,
false);
equal(Object.keys(await engine.getChangedIDs()), 0);
// The remote login should have the updated password.
let newRec = collection.cleartext(guid);
equal(
newRec.password,
"newpassword" + i,
"Should update remote password for login"
);
foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://mozilla.com",
});
equal(foundLogins.length, 1);
equal(foundLogins[0].syncCounter, 0);
equal(foundLogins[0].everSynced,
true);
login.password =
"newpassword" + i;
}
// Next, modify the username and sync.
_(
"Modify the username");
foundLogins[0].username =
"newuser";
Services.logins.modifyLogin(login, foundLogins[0]);
foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://mozilla.com",
});
equal(foundLogins.length, 1);
equal(foundLogins[0].syncCounter, 1);
equal(foundLogins[0].everSynced,
true);
_(
"Perform sync after modifying the username");
await sync_engine_and_validate_telem(engine,
false);
// The remote login should have the updated password.
let newRec = collection.cleartext(guid);
equal(
newRec.username,
"newuser",
"Should update remote username for login"
);
foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://mozilla.com",
});
equal(foundLogins.length, 1);
equal(foundLogins[0].syncCounter, 0);
equal(foundLogins[0].everSynced,
true);
// Finally, remove the login. The server record should be marked as deleted.
_(
"Remove the login");
equal(collection.count(), 1);
equal(Services.logins.countLogins(
"",
"",
""), 2);
equal((await Services.logins.getAllLogins()).length, 2);
ok(await engine._store.itemExists(guid));
ok((await engine._store.getAllIDs())[guid]);
Services.logins.removeLogin(foundLogins[0]);
foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://mozilla.com",
});
equal(foundLogins.length, 0);
changes = await engine.getChangedIDs();
change = changes[guid];
equal(Object.keys(changes).length, 1);
equal(change.counter, 1);
ok(change.deleted);
_(
"Perform sync after removing the login");
await sync_engine_and_validate_telem(engine,
false);
equal(collection.count(), 1);
let payload = collection.payloads()[0];
ok(payload.deleted);
equal(Object.keys(await engine.getChangedIDs()), 0);
// All of these should not include the deleted login. Only the FxA password should exist.
equal(Services.logins.countLogins(
"",
"",
""), 1);
equal((await Services.logins.getAllLogins()).length, 1);
ok(!(await engine._store.itemExists(guid)));
// getAllIDs includes deleted items but skips the FxA login.
ok((await engine._store.getAllIDs())[guid]);
let deletedLogin = await engine._store._getLoginFromGUID(guid);
equal(deletedLogin.hostname,
null,
"deleted login hostname");
equal(
deletedLogin.formActionOrigin,
null,
"deleted login formActionOrigin"
);
equal(deletedLogin.formSubmitURL,
null,
"deleted login formSubmitURL");
equal(deletedLogin.httpRealm,
null,
"deleted login httpRealm");
equal(deletedLogin.username,
null,
"deleted login username");
equal(deletedLogin.password,
null,
"deleted login password");
equal(deletedLogin.usernameField,
"",
"deleted login usernameField");
equal(deletedLogin.passwordField,
"",
"deleted login passwordField");
equal(deletedLogin.unknownFields,
null,
"deleted login unknownFields");
equal(deletedLogin.timeCreated, 0,
"deleted login timeCreated");
equal(deletedLogin.timeLastUsed, 0,
"deleted login timeLastUsed");
equal(deletedLogin.timesUsed, 0,
"deleted login timesUsed");
// These fields are not reset when the login is removed.
equal(deletedLogin.guid, guid,
"deleted login guid");
equal(deletedLogin.everSynced,
true,
"deleted login everSynced");
equal(deletedLogin.syncCounter, 0,
"deleted login syncCounter");
Assert.greater(
deletedLogin.timePasswordChanged,
0,
"deleted login timePasswordChanged"
);
}
finally {
await engine._tracker.stop();
await cleanup(engine, server);
}
});
add_task(async
function test_sync_incoming() {
_(
"Test syncing incoming records");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
const checkFields = [
"formSubmitURL",
"hostname",
"httpRealm",
"username",
"password",
"usernameField",
"passwordField",
"timeCreated",
];
let guid1 = Utils.makeGUID();
let details = {
formSubmitURL:
"https://www.example.com",
hostname:
"https://www.example.com",
httpRealm:
null,
username:
"camel",
password:
"llama",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
try {
// This test creates a remote server record and then verifies that the login
// has been added locally after the sync occurs.
_(
"Create remote login");
collection.insertRecord(Object.assign({}, details, { id: guid1 }));
_(
"Perform sync when remote login has been added");
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 1);
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).guid, guid1);
checkFields.forEach(field => {
equal(logins[0][field], details[field]);
});
equal(logins[0].timePasswordChanged, details.timePasswordChanged);
equal(logins[0].syncCounter, 0);
equal(logins[0].everSynced,
true);
// Modify the password within the remote record and then sync again.
_(
"Perform sync when remote login's password has been modified");
let newTime = Date.now();
collection.updateRecord(
guid1,
cleartext => {
cleartext.password =
"alpaca";
},
newTime / 1000 + 10
);
await engine.setLastSync(newTime / 1000 - 30);
await sync_engine_and_validate_telem(engine,
false);
logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 1);
details.password =
"alpaca";
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).guid, guid1);
checkFields.forEach(field => {
equal(logins[0][field], details[field]);
});
Assert.greater(logins[0].timePasswordChanged, details.timePasswordChanged);
equal(logins[0].syncCounter, 0);
equal(logins[0].everSynced,
true);
// Modify the username within the remote record and then sync again.
_(
"Perform sync when remote login's username has been modified");
newTime = Date.now();
collection.updateRecord(
guid1,
cleartext => {
cleartext.username =
"guanaco";
},
newTime / 1000 + 10
);
await engine.setLastSync(newTime / 1000 - 30);
await sync_engine_and_validate_telem(engine,
false);
logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 1);
details.username =
"guanaco";
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).guid, guid1);
checkFields.forEach(field => {
equal(logins[0][field], details[field]);
});
Assert.greater(logins[0].timePasswordChanged, details.timePasswordChanged);
equal(logins[0].syncCounter, 0);
equal(logins[0].everSynced,
true);
// Mark the remote record as deleted and then sync again.
_(
"Perform sync when remote login has been marked for deletion");
newTime = Date.now();
collection.updateRecord(
guid1,
cleartext => {
cleartext.deleted =
true;
},
newTime / 1000 + 10
);
await engine.setLastSync(newTime / 1000 - 30);
await sync_engine_and_validate_telem(engine,
false);
logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 0);
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_sync_incoming_deleted() {
_(
"Test syncing incoming deleted records");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
let guid1 = Utils.makeGUID();
let details2 = {
formSubmitURL:
"https://www.example.org",
hostname:
"https://www.example.org",
httpRealm:
null,
username:
"capybara",
password:
"beaver",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
deleted:
true,
};
try {
// This test creates a remote server record that has been deleted
// and then verifies that the login is not imported locally.
_(
"Create remote login");
collection.insertRecord(Object.assign({}, details2, { id: guid1 }));
_(
"Perform sync when remote login has been deleted");
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 0);
ok(!(await engine._store.getAllIDs())[guid1]);
ok(!(await engine._store.itemExists(guid1)));
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_sync_incoming_deleted_localchanged_remotenewer() {
_(
"Test syncing incoming deleted records where the local login has been changed but the remote record is newer"
);
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
let loginInfo =
new LoginInfo(
"http://mozilla.com",
"http://mozilla.com",
null,
"kangaroo",
"kaola",
"username",
"password"
);
let login = await Services.logins.addLoginAsync(loginInfo);
let guid = login.QueryInterface(Ci.nsILoginMetaInfo).guid;
try {
_(
"Perform sync on new login");
await sync_engine_and_validate_telem(engine,
false);
let foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://mozilla.com",
});
foundLogins[0].password =
"wallaby";
Services.logins.modifyLogin(login, foundLogins[0]);
// Use a time in the future to ensure that the remote record is newer.
collection.updateRecord(
guid,
cleartext => {
cleartext.deleted =
true;
},
Date.now() / 1000 + 1000
);
_(
"Perform sync when remote login has been deleted and local login has been changed"
);
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://mozilla.com",
});
equal(logins.length, 0);
ok(await engine._store.getAllIDs());
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_sync_incoming_deleted_localchanged_localnewer() {
_(
"Test syncing incoming deleted records where the local login has been changed but the local record is newer"
);
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
let loginInfo =
new LoginInfo(
"http://www.mozilla.com",
"http://www.mozilla.com",
null,
"lion",
"tiger",
"username",
"password"
);
let login = await Services.logins.addLoginAsync(loginInfo);
let guid = login.QueryInterface(Ci.nsILoginMetaInfo).guid;
try {
_(
"Perform sync on new login");
await sync_engine_and_validate_telem(engine,
false);
let foundLogins = await Services.logins.searchLoginsAsync({
origin:
"http://www.mozilla.com",
});
foundLogins[0].password =
"cheetah";
Services.logins.modifyLogin(login, foundLogins[0]);
// Use a time in the past to ensure that the local record is newer.
collection.updateRecord(
guid,
cleartext => {
cleartext.deleted =
true;
},
Date.now() / 1000 - 1000
);
_(
"Perform sync when remote login has been deleted and local login has been changed"
);
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"http://www.mozilla.com",
});
equal(logins.length, 1);
equal(logins[0].password,
"cheetah");
equal(logins[0].syncCounter, 0);
equal(logins[0].everSynced,
true);
ok(await engine._store.getAllIDs());
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_sync_incoming_no_formactionorigin() {
_(
"Test syncing incoming a record where there is no formActionOrigin");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
const checkFields = [
"formSubmitURL",
"hostname",
"httpRealm",
"username",
"password",
"usernameField",
"passwordField",
"timeCreated",
];
let guid1 = Utils.makeGUID();
let details = {
formSubmitURL:
"",
hostname:
"https://www.example.com",
httpRealm:
null,
username:
"rabbit",
password:
"squirrel",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
try {
// This test creates a remote server record and then verifies that the login
// has been added locally after the sync occurs.
_(
"Create remote login");
collection.insertRecord(Object.assign({}, details, { id: guid1 }));
_(
"Perform sync when remote login has been added");
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
formActionOrigin:
"",
});
equal(logins.length, 1);
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).guid, guid1);
checkFields.forEach(field => {
equal(logins[0][field], details[field]);
});
equal(logins[0].timePasswordChanged, details.timePasswordChanged);
equal(logins[0].syncCounter, 0);
equal(logins[0].everSynced,
true);
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_password_dupe() {
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
let guid1 = Utils.makeGUID();
let rec1 =
new LoginRec(
"passwords", guid1);
let guid2 = Utils.makeGUID();
let cleartext = {
formSubmitURL:
"https://www.example.com",
hostname:
"https://www.example.com",
httpRealm:
null,
username:
"foo",
password:
"bar",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Math.round(Date.now()),
timePasswordChanged: Math.round(Date.now()),
};
rec1.cleartext = cleartext;
_(
"Create remote record with same details and guid1");
collection.insert(guid1, encryptPayload(rec1.cleartext));
_(
"Create remote record with guid2");
collection.insert(guid2, encryptPayload(cleartext));
_(
"Create local record with same details and guid1");
await engine._store.create(rec1);
try {
_(
"Perform sync");
await sync_engine_and_validate_telem(engine,
true);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 1);
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).guid, guid2);
equal(
null, collection.payload(guid1));
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_updated_null_password_sync() {
_(
"Ensure updated null login username is converted to a string");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
let guid1 = Utils.makeGUID();
let guid2 = Utils.makeGUID();
let remoteDetails = {
formSubmitURL:
"https://www.nullupdateexample.com",
hostname:
"https://www.nullupdateexample.com",
httpRealm:
null,
username:
null,
password:
"bar",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
let localDetails = {
formSubmitURL:
"https://www.nullupdateexample.com",
hostname:
"https://www.nullupdateexample.com",
httpRealm:
null,
username:
"foo",
password:
"foobar",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
_(
"Create remote record with same details and guid1");
collection.insertRecord(Object.assign({}, remoteDetails, { id: guid1 }));
try {
_(
"Create local updated login with null password");
await engine._store.update(Object.assign({}, localDetails, { id: guid2 }));
_(
"Perform sync");
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.nullupdateexample.com",
});
equal(logins.length, 1);
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).guid, guid1);
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_updated_undefined_password_sync() {
_(
"Ensure updated undefined login username is converted to a string");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
let guid1 = Utils.makeGUID();
let guid2 = Utils.makeGUID();
let remoteDetails = {
formSubmitURL:
"https://www.undefinedupdateexample.com",
hostname:
"https://www.undefinedupdateexample.com",
httpRealm:
null,
username: undefined,
password:
"bar",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
let localDetails = {
formSubmitURL:
"https://www.undefinedupdateexample.com",
hostname:
"https://www.undefinedupdateexample.com",
httpRealm:
null,
username:
"foo",
password:
"foobar",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
_(
"Create remote record with same details and guid1");
collection.insertRecord(Object.assign({}, remoteDetails, { id: guid1 }));
try {
_(
"Create local updated login with undefined password");
await engine._store.update(Object.assign({}, localDetails, { id: guid2 }));
_(
"Perform sync");
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.undefinedupdateexample.com",
});
equal(logins.length, 1);
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).guid, guid1);
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_new_null_password_sync() {
_(
"Ensure new null login username is converted to a string");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let guid1 = Utils.makeGUID();
let rec1 =
new LoginRec(
"passwords", guid1);
rec1.cleartext = {
formSubmitURL:
"https://www.example.com",
hostname:
"https://www.example.com",
httpRealm:
null,
username:
null,
password:
"bar",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
try {
_(
"Create local login with null password");
await engine._store.create(rec1);
_(
"Perform sync");
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 1);
notEqual(logins[0].QueryInterface(Ci.nsILoginMetaInfo).username,
null);
notEqual(logins[0].QueryInterface(Ci.nsILoginMetaInfo).username, undefined);
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).username,
"");
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_new_undefined_password_sync() {
_(
"Ensure new undefined login username is converted to a string");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let guid1 = Utils.makeGUID();
let rec1 =
new LoginRec(
"passwords", guid1);
rec1.cleartext = {
formSubmitURL:
"https://www.example.com",
hostname:
"https://www.example.com",
httpRealm:
null,
username: undefined,
password:
"bar",
usernameField:
"username-field",
passwordField:
"password-field",
timeCreated: Date.now(),
timePasswordChanged: Date.now(),
};
try {
_(
"Create local login with undefined password");
await engine._store.create(rec1);
_(
"Perform sync");
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://www.example.com",
});
equal(logins.length, 1);
notEqual(logins[0].QueryInterface(Ci.nsILoginMetaInfo).username,
null);
notEqual(logins[0].QueryInterface(Ci.nsILoginMetaInfo).username, undefined);
equal(logins[0].QueryInterface(Ci.nsILoginMetaInfo).username,
"");
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_sync_password_validation() {
// This test isn't in test_password_validator to avoid duplicating cleanup.
_(
"Ensure that if a password validation happens, it ends up in the ping");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
Svc.PrefBranch.setIntPref(
"engine.passwords.validation.interval", 0);
Svc.PrefBranch.setIntPref(
"engine.passwords.validation.percentageChance",
100
);
Svc.PrefBranch.setIntPref(
"engine.passwords.validation.maxRecords", -1);
Svc.PrefBranch.setBoolPref(
"engine.passwords.validation.enabled",
true);
try {
let ping = await wait_for_ping(() => Service.sync());
let engineInfo = ping.engines.find(e => e.name ==
"passwords");
ok(engineInfo,
"Engine should be in ping");
let validation = engineInfo.validation;
ok(validation,
"Engine should have validation info");
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_roundtrip_unknown_fields() {
_(
"Testing that unknown fields from other clients get roundtripped back to server"
);
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
enableValidationPrefs();
_(
"Add login with older password change time to replace during first sync");
let oldLogin;
{
let login =
new LoginInfo(
"https://mozilla.com",
"",
null,
"us3r",
"0ldpa55",
"",
""
);
await Services.logins.addLoginAsync(login);
let props =
new PropertyBag();
let localPasswordChangeTime = Math.round(
Date.now() - 1 * 60 * 60 * 24 * 1000
);
props.setProperty(
"timePasswordChanged", localPasswordChangeTime);
Services.logins.modifyLogin(login, props);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://mozilla.com",
});
equal(logins.length, 1,
"Should find old login in login manager");
oldLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
equal(oldLogin.timePasswordChanged, localPasswordChangeTime);
let rec =
new LoginRec(
"passwords", oldLogin.guid);
rec.hostname = oldLogin.origin;
rec.formSubmitURL = oldLogin.formActionOrigin;
rec.httpRealm = oldLogin.httpRealm;
rec.username = oldLogin.username;
// Change the password and bump the password change time to ensure we prefer
// the remote one during reconciliation.
rec.password =
"n3wpa55";
rec.usernameField = oldLogin.usernameField;
rec.passwordField = oldLogin.usernameField;
rec.timeCreated = oldLogin.timeCreated;
rec.timePasswordChanged = Math.round(Date.now());
// pretend other clients have some snazzy new fields
// we don't quite understand yet
rec.cleartext.someStrField =
"I am a str";
rec.cleartext.someObjField = { newField:
"I am a new field" };
collection.insert(oldLogin.guid, encryptPayload(rec.cleartext));
}
await engine._tracker.stop();
try {
await sync_engine_and_validate_telem(engine,
false);
let logins = await Services.logins.searchLoginsAsync({
origin:
"https://mozilla.com",
});
equal(
logins[0].password,
"n3wpa55",
"Should update local password for older login"
);
let expectedUnknowns = JSON.stringify({
someStrField:
"I am a str",
someObjField: { newField:
"I am a new field" },
});
// Check that the local record has all unknown fields properly
// stringified
equal(logins[0].unknownFields, expectedUnknowns);
// Check that the server has the unknown fields unfurled and on the
// top-level record
let serverRec = collection.cleartext(oldLogin.guid);
equal(serverRec.someStrField,
"I am a str");
equal(serverRec.someObjField.newField,
"I am a new field");
}
finally {
await cleanup(engine, server);
}
});
add_task(async
function test_new_passwords_from_csv() {
_(
"Test syncing records imported from a csv file");
let engine = Service.engineManager.get(
"passwords");
let server = await serverForFoo(engine);
await SyncTestingInfrastructure(server);
let collection = server.user(
"foo").collection(
"passwords");
engine._tracker.start();
let data = [
{
hostname:
"https://example.com",
url:
"https://example.com/path",
username:
"exampleuser",
password:
"examplepassword",
},
{
hostname:
"https://mozilla.org",
url:
"https://mozilla.org",
username:
"mozillauser",
password:
"mozillapassword",
},
{
hostname:
"https://www.example.org",
url:
"https://www.example.org/example1/example2",
username:
"person",
password:
"mypassword",
},
];
let csvData = [
"url,username,login_password"];
for (let row of data) {
csvData.push(row.url +
"," + row.username +
"," + row.password);
}
let csvFile = FileTestUtils.getTempFile(`firefox_logins.csv`);
await IOUtils.writeUTF8(csvFile.path, csvData.join(
"\r\n"));
await LoginCSVImport.importFromCSV(csvFile.path);
equal(
engine._tracker.score,
SCORE_INCREMENT_XLARGE,
"Should only get one update notification for import"
);
_(
"Ensure that the csv import is correct");
for (let item of data) {
let foundLogins = await Services.logins.searchLoginsAsync({
origin: item.hostname,
});
equal(foundLogins.length, 1);
equal(foundLogins[0].syncCounter, 1);
equal(foundLogins[0].everSynced,
false);
equal(foundLogins[0].username, item.username);
equal(foundLogins[0].password, item.password);
}
_(
"Perform sync after modifying the password");
await sync_engine_and_validate_telem(engine,
false);
_(
"Verify that the sync counter and status are updated");
for (let item of data) {
let foundLogins = await Services.logins.searchLoginsAsync({
origin: item.hostname,
});
equal(foundLogins.length, 1);
equal(foundLogins[0].syncCounter, 0);
equal(foundLogins[0].everSynced,
true);
equal(foundLogins[0].username, item.username);
equal(foundLogins[0].password, item.password);
item.guid = foundLogins[0].guid;
}
equal(Object.keys(await engine.getChangedIDs()), 0);
equal(collection.count(), 3);
for (let item of data) {
// The remote login should have the imported username and password.
let newRec = collection.cleartext(item.guid);
equal(newRec.username, item.username);
equal(newRec.password, item.password);
}
});
