Support Android username-only credentials.

chrome/browser/password_manager/password_store_mac.cc

Index: chrome/browser/password_manager/password_store_mac.cc
diff --git a/chrome/browser/password_manager/password_store_mac.cc b/chrome/browser/password_manager/password_store_mac.cc
index c7642219f55824a2943cf93f6b302f2f6810cbb8..e339cb39276761318ac14c40bc00f588bbdb6cd9 100644
--- a/chrome/browser/password_manager/password_store_mac.cc
+++ b/chrome/browser/password_manager/password_store_mac.cc
@@ -238,6 +238,12 @@ inline void MoveAllFormsOut(ScopedVector<autofill::PasswordForm>* forms,
   forms->weak_clear();
 }
 
+// True if the form has no password to be stored in Keychain.
+bool IsDBOnlyForm(const autofill::PasswordForm& form) {

[engedy, 2015/10/08 17:31:00]

nit: IsLoginDatabaseOnlyForm

[vasilii, 2015/10/12 15:12:48]

Done.

+  return form.blacklisted_by_user || !form.federation_url.is_empty() ||
+         form.scheme == autofill::PasswordForm::SCHEME_USERNAME_ONLY;
+}
+
 }  // namespace
 
 #pragma mark -
@@ -472,10 +478,9 @@ bool FormsMatchForMerge(const PasswordForm& form_a,
                         FormMatchStrictness strictness) {
   // We never merge blacklist entries between our store and the Keychain,

[vabr (Chromium), 2015/10/09 07:53:09]

nit: This comment is slightly out of date. And given that the name of the new
function is well-chosen, I don't think the comment is needed at all.

[vasilii, 2015/10/12 15:12:48]

Done.

   // and federated logins should not be stored in the Keychain at all.
-  if (form_a.blacklisted_by_user || form_b.blacklisted_by_user ||
-      !form_a.federation_url.is_empty() || !form_b.federation_url.is_empty()) {
+  if (IsDBOnlyForm(form_a) || IsDBOnlyForm(form_b))
     return false;
-  }
+
   bool equal_realm = form_a.signon_realm == form_b.signon_realm;
   if (strictness == FUZZY_FORM_MATCH) {
     equal_realm |= (!form_a.original_signon_realm.empty()) &&
@@ -494,7 +499,7 @@ void ExtractNonKeychainForms(ScopedVector<autofill::PasswordForm>* forms,
   ScopedVector<autofill::PasswordForm> remaining;
   MoveAllFormsOut(
       forms, [&remaining, extracted](scoped_ptr<autofill::PasswordForm> form) {
-        if (form->blacklisted_by_user || !form->federation_url.is_empty())
+        if (IsDBOnlyForm(*form))
           extracted->push_back(form.Pass());
         else
           remaining.push_back(form.Pass());
@@ -722,7 +727,7 @@ bool MacKeychainPasswordFormAdapter::HasPasswordExactlyMatchingForm(
 
 bool MacKeychainPasswordFormAdapter::HasPasswordsMergeableWithForm(
     const PasswordForm& query_form) {
-  if (!query_form.federation_url.is_empty())
+  if (IsDBOnlyForm(query_form))
     return false;
   std::string username = base::UTF16ToUTF8(query_form.username_value);
   std::vector<SecKeychainItemRef> matches =
@@ -769,7 +774,7 @@ MacKeychainPasswordFormAdapter::GetAllPasswordFormPasswords() {
 
 bool MacKeychainPasswordFormAdapter::AddPassword(const PasswordForm& form) {
   // We should never be trying to store a blacklist in the keychain.
-  DCHECK(!form.blacklisted_by_user);
+  DCHECK(!IsDBOnlyForm(form));
 
   std::string server;
   std::string security_domain;
@@ -849,9 +854,8 @@ SecKeychainItemRef MacKeychainPasswordFormAdapter::KeychainItemForForm(
   // We don't store blacklist entries in the keychain, so the answer to "what
   // Keychain item goes with this form" is always "nothing" for blacklists.
   // Same goes for federated logins.
-  if (form.blacklisted_by_user || !form.federation_url.is_empty()) {
+  if (IsDBOnlyForm(form))
     return NULL;
-  }
 
   std::string path;
   // Path doesn't make sense for Android app credentials.
@@ -917,6 +921,9 @@ SecAuthenticationType MacKeychainPasswordFormAdapter::AuthTypeForScheme(
     case PasswordForm::SCHEME_BASIC:  return kSecAuthenticationTypeHTTPBasic;
     case PasswordForm::SCHEME_DIGEST: return kSecAuthenticationTypeHTTPDigest;
     case PasswordForm::SCHEME_OTHER:  return kSecAuthenticationTypeDefault;
+    case PasswordForm::SCHEME_USERNAME_ONLY:
+      NOTREACHED();
+      break;
   }
   NOTREACHED();
   return kSecAuthenticationTypeDefault;
@@ -1263,7 +1270,7 @@ PasswordStoreMac::GetSiteStatsImpl(const GURL& origin_domain) {
 }
 
 bool PasswordStoreMac::AddToKeychainIfNecessary(const PasswordForm& form) {
-  if (form.blacklisted_by_user || !form.federation_url.is_empty())
+  if (IsDBOnlyForm(form))
     return true;
   MacKeychainPasswordFormAdapter keychainAdapter(keychain_.get());
   return keychainAdapter.AddPassword(form);