toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169

"use strict";

Cu.import("resource://gre/modules/Services.jsm");
Cu.import("resource://gre/modules/LoginHelper.jsm");

const HOST1 = "https://www.example.com/";
const HOST2 = "https://www.mozilla.org/";

const USER1 = "myuser";
const USER2 = "anotheruser";

const PASS1 = "mypass";
const PASS2 = "anotherpass";
const PASS3 = "yetanotherpass";

add_task(function test_new_logins() {
  let importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
    formSubmitURL: HOST1,
  });
  Assert.ok(importedLogin, "Return value should indicate imported login.");
  let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);

  importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST2,
    formSubmitURL: HOST2,
  });

  Assert.ok(importedLogin, "Return value should indicate another imported login.");
  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);

  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST2});
  Assert.equal(matchingLogins.length, 1, `There should also be 1 login for ${HOST2}`);
  Assert.equal(Services.logins.getAllLogins().length, 2, "There should be 2 logins in total");
  Services.logins.removeAllLogins();
});

add_task(function test_duplicate_logins() {
  let importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
    formSubmitURL: HOST1,
  });
  Assert.ok(importedLogin, "Return value should indicate imported login.");
  let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);

  importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
    formSubmitURL: HOST1,
  });
  Assert.ok(!importedLogin, "Return value should indicate no new login was imported.");
  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
  Services.logins.removeAllLogins();
});

add_task(function test_different_passwords() {
  let importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
    formSubmitURL: HOST1,
    timeCreated: new Date(Date.now() - 1000),
  });
  Assert.ok(importedLogin, "Return value should indicate imported login.");
  let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);

  // This item will be newer, so its password should take precedence.
  importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS2,
    hostname: HOST1,
    formSubmitURL: HOST1,
    timeCreated: new Date(),
  });
  Assert.ok(!importedLogin, "Return value should not indicate imported login (as we updated an existing one).");
  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
  Assert.equal(matchingLogins[0].password, PASS2, "We should have updated the password for this login.");

  // Now try to update with an older password:
  importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS3,
    hostname: HOST1,
    formSubmitURL: HOST1,
    timeCreated: new Date(Date.now() - 1000000),
  });
  Assert.ok(!importedLogin, "Return value should not indicate imported login (as we didn't update anything).");
  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
  Assert.equal(matchingLogins[0].password, PASS2, "We should NOT have updated the password for this login.");

  Services.logins.removeAllLogins();
});

add_task(function test_different_usernames() {
  let importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
    formSubmitURL: HOST1,
  });
  Assert.ok(importedLogin, "Return value should indicate imported login.");
  let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);

  importedLogin = LoginHelper.maybeImportLogin({
    username: USER2,
    password: PASS1,
    hostname: HOST1,
    formSubmitURL: HOST1,
  });
  Assert.ok(importedLogin, "Return value should indicate another imported login.");
  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 2, `There should now be 2 logins for ${HOST1}`);

  Services.logins.removeAllLogins();
});

add_task(function test_different_targets() {
  let importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
    formSubmitURL: HOST1,
  });
  Assert.ok(importedLogin, "Return value should indicate imported login.");
  let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);

  // Not passing either a formSubmitURL or a httpRealm should be treated as
  // the same as the previous login
  importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
  });
  Assert.ok(!importedLogin, "Return value should NOT indicate imported login " +
    "(because a missing formSubmitURL and httpRealm should be duped to the existing login).");
  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
  Assert.equal(matchingLogins[0].formSubmitURL, HOST1, "The form submission URL should have been kept.");

  importedLogin = LoginHelper.maybeImportLogin({
    username: USER1,
    password: PASS1,
    hostname: HOST1,
    httpRealm: HOST1,
  });
  Assert.ok(importedLogin, "Return value should indicate another imported login " +
    "as an httpRealm login shouldn't be duped.");
  matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
  Assert.equal(matchingLogins.length, 2, `There should now be 2 logins for ${HOST1}`);

  Services.logins.removeAllLogins();
});