Implement origin-based deletion for passwords in PasswordDefaultMac.

chrome/browser/password_manager/password_store_mac_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/password_manager/password_store_mac.h"
 
 #include <string>
 
 #include "base/basictypes.h"
 #include "base/files/scoped_temp_dir.h"
 #include "base/scoped_observer.h"
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/synchronization/waitable_event.h"
 #include "base/test/histogram_tester.h"
 #include "base/thread_task_runner_handle.h"
 #include "chrome/browser/password_manager/password_store_mac_internal.h"
 #include "chrome/common/chrome_paths.h"
 #include "components/os_crypt/os_crypt.h"
 #include "components/password_manager/core/browser/login_database.h"
 #include "components/password_manager/core/browser/password_manager_test_utils.h"
 #include "components/password_manager/core/browser/password_store_consumer.h"
-#include "content/public/test/test_browser_thread.h"
+#include "components/password_manager/core/browser/password_store_origin_unittest.h"
+#include "content/public/test/test_browser_thread_bundle.h"
 #include "content/public/test/test_utils.h"
 #include "crypto/mock_apple_keychain.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using autofill::PasswordForm;
 using base::ASCIIToUTF16;
 using base::WideToUTF16;
 using content::BrowserThread;
 using crypto::MockAppleKeychain;
@@ skipping 34 matching lines @@
  public:
   MOCK_METHOD1(OnGetPasswordStoreResultsConstRef,
                void(const std::vector<PasswordForm*>&));
 
   // GMock cannot mock methods with move-only args.
   void OnGetPasswordStoreResults(ScopedVector<PasswordForm> results) override {
     OnGetPasswordStoreResultsConstRef(results.get());
   }
 };
 
-class MockPasswordStoreObserver : public PasswordStore::Observer {
- public:
-  MOCK_METHOD1(OnLoginsChanged,
-               void(const password_manager::PasswordStoreChangeList& changes));
-};
-
 // A LoginDatabase that simulates an Init() method that takes a long time.
 class SlowToInitLoginDatabase : public password_manager::LoginDatabase {
  public:
   // Creates an instance whose Init() method will block until |event| is
   // signaled. |event| must outlive |this|.
   SlowToInitLoginDatabase(const base::FilePath& db_path,
                           base::WaitableEvent* event)
       : password_manager::LoginDatabase(db_path), event_(event) {}
   ~SlowToInitLoginDatabase() override {}
 
@@ skipping 72 matching lines @@
         form->date_synced);
     EXPECT_EQ(GURL(password_manager::kTestingIconUrlSpec), form->icon_url);
   }
 }
 
 PasswordStoreChangeList AddChangeForForm(const PasswordForm& form) {
   return PasswordStoreChangeList(
       1, PasswordStoreChange(PasswordStoreChange::ADD, form));
 }
 
+class PasswordStoreMacTestDelegate {
+ public:
+  PasswordStoreMacTestDelegate();
+  ~PasswordStoreMacTestDelegate();
+
+  static void FinishAsyncProcessing() {
+    scoped_refptr<content::MessageLoopRunner> runner =
+        new content::MessageLoopRunner;
+    ASSERT_TRUE(base::ThreadTaskRunnerHandle::Get()->PostTaskAndReply(
+        FROM_HERE, base::Bind(&Noop), runner->QuitClosure()));
+    runner->Run();
+  }
+
+  PasswordStoreMac* store() const { return store_.get(); }
+
+  PasswordStoreMac* store() { return store_.get(); }
+
+ private:
+  static void InitLoginDatabase(LoginDatabase* login_db);
+  void Initialize();
+  base::FilePath test_login_db_file_path() const;
+
+  void ClosePasswordStore();
+
+  content::TestBrowserThreadBundle thread_bundle_;
+
+  base::ScopedTempDir db_dir_;
+  scoped_ptr<LoginDatabase> login_db_;
+  scoped_refptr<PasswordStoreMac> store_;
+
+  DISALLOW_COPY_AND_ASSIGN(PasswordStoreMacTestDelegate);
+};
+
+PasswordStoreMacTestDelegate::PasswordStoreMacTestDelegate()
+    : thread_bundle_(content::TestBrowserThreadBundle::IO_MAINLOOP) {

[vasilii, 2015/11/24 18:14:55]

By passing IO_MAINLOOP you still create a single-threaded environment but the
thread is the IO thread (not UI). Basically it's the same as if you pass
DEFAULT.

[Timo Reimann, 2015/11/24 23:06:02]

Gotcha. Replaced by REAL_FILE_THREAD.

+  Initialize();
+}
+
+PasswordStoreMacTestDelegate::~PasswordStoreMacTestDelegate() {
+  ClosePasswordStore();
+  login_db_.reset();
+}
+
+void PasswordStoreMacTestDelegate::Initialize() {
+  ASSERT_TRUE(db_dir_.CreateUniqueTempDir());
+
+  // Ensure that LoginDatabase will use the mock keychain if it needs to
+  // encrypt/decrypt a password.
+  OSCrypt::UseMockKeychain(true);
+  login_db_.reset(new LoginDatabase(test_login_db_file_path()));
+  ASSERT_TRUE(BrowserThread::PostTask(
+      BrowserThread::IO, FROM_HERE,
+      base::Bind(&PasswordStoreMacTestDelegate::InitLoginDatabase,
+                 base::Unretained(login_db_.get()))));
+
+  // Creat and initialize the password store.
+  store_ = new PasswordStoreMac(base::ThreadTaskRunnerHandle::Get(), nullptr,
+                                make_scoped_ptr(new MockAppleKeychain));
+  ASSERT_TRUE(BrowserThread::PostTask(
+      BrowserThread::IO, FROM_HERE,
+      base::Bind(&PasswordStoreMac::InitWithTaskRunner, store_,
+                 base::ThreadTaskRunnerHandle::Get())));
+
+  ASSERT_TRUE(BrowserThread::PostTask(
+      BrowserThread::IO, FROM_HERE,
+      base::Bind(&PasswordStoreMac::set_login_metadata_db, store_,
+                 base::Unretained(login_db_.get()))));
+
+  // Make sure deferred initialization is performed before some tests start
+  // accessing the |login_db| directly.
+  FinishAsyncProcessing();
+}
+
+void PasswordStoreMacTestDelegate::InitLoginDatabase(LoginDatabase* login_db) {
+  ASSERT_TRUE(login_db->Init());
+}
+
+base::FilePath PasswordStoreMacTestDelegate::test_login_db_file_path() const {
+  return db_dir_.path().Append(FILE_PATH_LITERAL("login.db"));
+}
+
+void PasswordStoreMacTestDelegate::ClosePasswordStore() {
+  store_->ShutdownOnUIThread();
+  FinishAsyncProcessing();
+}
+
 }  // namespace
 
+namespace password_manager {
+
+INSTANTIATE_TYPED_TEST_CASE_P(Mac,
+                              PasswordStoreOriginTest,
+                              PasswordStoreMacTestDelegate);
+
+}  // namespace password_manager
+
 #pragma mark -
 
 class PasswordStoreMacInternalsTest : public testing::Test {
  public:
   void SetUp() override {
     MockAppleKeychain::KeychainTestData test_data[] = {
         // Basic HTML form.
         {kSecAuthenticationTypeHTMLForm,
          "some.domain.com",
          kSecProtocolTypeHTTP,
@@ skipping 979 matching lines @@
 
   ScopedVector<autofill::PasswordForm> owned_passwords =
       owned_keychain_adapter.GetAllPasswordFormPasswords();
   EXPECT_EQ(arraysize(owned_password_data), owned_passwords.size());
 }
 
 #pragma mark -
 
 class PasswordStoreMacTest : public testing::Test {
  public:
-  PasswordStoreMacTest() : ui_thread_(BrowserThread::UI, &message_loop_) {}
+  PasswordStoreMacTest() : histogram_tester_(new base::HistogramTester) {}
 
-  void SetUp() override {
-    ASSERT_TRUE(db_dir_.CreateUniqueTempDir());
-    histogram_tester_.reset(new base::HistogramTester);
-
-    // Ensure that LoginDatabase will use the mock keychain if it needs to
-    // encrypt/decrypt a password.
-    OSCrypt::UseMockKeychain(true);
-    login_db_.reset(
-        new password_manager::LoginDatabase(test_login_db_file_path()));
-    thread_.reset(new base::Thread("Chrome_PasswordStore_Thread"));
-    ASSERT_TRUE(thread_->Start());
-    ASSERT_TRUE(thread_->task_runner()->PostTask(
-        FROM_HERE, base::Bind(&PasswordStoreMacTest::InitLoginDatabase,
-                              base::Unretained(login_db_.get()))));
-    CreateAndInitPasswordStore(login_db_.get());
-    // Make sure deferred initialization is performed before some tests start
-    // accessing the |login_db| directly.
-    FinishAsyncProcessing();
-  }
-
-  void TearDown() override {
-    ClosePasswordStore();
-    thread_.reset();
-    login_db_.reset();
+  ~PasswordStoreMacTest() override {
     // Whatever a test did, PasswordStoreMac stores only empty password values
     // in LoginDatabase. The empty valus do not require encryption and therefore
     // OSCrypt shouldn't call the Keychain. The histogram doesn't cover the
     // internet passwords.
     if (histogram_tester_) {
       histogram_tester_->ExpectTotalCount("OSX.Keychain.Access", 0);
     }
   }
 
-  static void InitLoginDatabase(password_manager::LoginDatabase* login_db) {
-    ASSERT_TRUE(login_db->Init());
-  }
-
-  void CreateAndInitPasswordStore(password_manager::LoginDatabase* login_db) {
-    store_ = new PasswordStoreMac(
-        base::ThreadTaskRunnerHandle::Get(), nullptr,
-        make_scoped_ptr<AppleKeychain>(new MockAppleKeychain));
-    ASSERT_TRUE(thread_->task_runner()->PostTask(
-        FROM_HERE, base::Bind(&PasswordStoreMac::InitWithTaskRunner, store_,
-                              thread_->task_runner())));
-
-    ASSERT_TRUE(thread_->task_runner()->PostTask(
-        FROM_HERE, base::Bind(&PasswordStoreMac::set_login_metadata_db, store_,
-                              base::Unretained(login_db))));
-  }
-
-  void ClosePasswordStore() {
-    if (!store_)
-      return;
-
-    store_->ShutdownOnUIThread();
-    store_ = nullptr;
-  }
-
   // Verifies that the given |form| can be properly stored so that it can be
   // retrieved by FillMatchingLogins() and GetAutofillableLogins(), and then it
   // can be properly removed.
   void VerifyCredentialLifecycle(const PasswordForm& form) {
     // Run everything twice to make sure no garbage is left behind that would
     // prevent storing the form a second time.
     for (size_t iteration = 0; iteration < 2; ++iteration) {
       SCOPED_TRACE(testing::Message("Iteration: ") << iteration);
 
       MockPasswordStoreConsumer mock_consumer;
       EXPECT_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(IsEmpty()))
           .WillOnce(QuitUIMessageLoop());
-      store()->GetAutofillableLogins(&mock_consumer);
+      delegate_.store()->GetAutofillableLogins(&mock_consumer);
       base::MessageLoop::current()->Run();
       ::testing::Mock::VerifyAndClearExpectations(&mock_consumer);
 
-      store()->AddLogin(form);
-      FinishAsyncProcessing();
+      delegate_.store()->AddLogin(form);
+      delegate_.FinishAsyncProcessing();
 
       PasswordForm returned_form;
       EXPECT_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(SizeIs(1u)))
           .WillOnce(
               DoAll(SaveACopyOfFirstForm(&returned_form), QuitUIMessageLoop()));
 
       // The query operations will also do some housekeeping: they will remove
       // dangling credentials in the LoginDatabase without a matching Keychain
       // item when one is expected. If the logic that stores the Keychain item
       // is incorrect, this will wipe the newly added form before the second
       // query.
-      store()->GetAutofillableLogins(&mock_consumer);
+      delegate_.store()->GetAutofillableLogins(&mock_consumer);
       base::MessageLoop::current()->Run();
       ::testing::Mock::VerifyAndClearExpectations(&mock_consumer);
       EXPECT_EQ(form, returned_form);
 
       PasswordForm query_form = form;
       query_form.password_value.clear();
       query_form.username_value.clear();
       EXPECT_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(SizeIs(1u)))
           .WillOnce(
               DoAll(SaveACopyOfFirstForm(&returned_form), QuitUIMessageLoop()));
-      store()->GetLogins(query_form, PasswordStore::ALLOW_PROMPT,
-                         &mock_consumer);
+      delegate_.store()->GetLogins(query_form, PasswordStore::ALLOW_PROMPT,
+                                   &mock_consumer);
       base::MessageLoop::current()->Run();
       ::testing::Mock::VerifyAndClearExpectations(&mock_consumer);
       EXPECT_EQ(form, returned_form);
 
-      store()->RemoveLogin(form);
+      delegate_.store()->RemoveLogin(form);
     }
   }
 
-  base::FilePath test_login_db_file_path() const {
-    return db_dir_.path().Append(FILE_PATH_LITERAL("login.db"));
-  }
-
   password_manager::LoginDatabase* login_db() const {
-    return store_->login_metadata_db();
+    return delegate_.store()->login_metadata_db();
   }
 
   MockAppleKeychain* keychain() {
-    return static_cast<MockAppleKeychain*>(store_->keychain());
+    return static_cast<MockAppleKeychain*>(delegate_.store()->keychain());
   }
 
-  void FinishAsyncProcessing() {
-    scoped_refptr<content::MessageLoopRunner> runner =
-        new content::MessageLoopRunner;
-    ASSERT_TRUE(thread_->task_runner()->PostTaskAndReply(
-        FROM_HERE, base::Bind(&Noop), runner->QuitClosure()));
-    runner->Run();
-  }
-
-  PasswordStoreMac* store() { return store_.get(); }
+  PasswordStoreMacTestDelegate& delegate() { return delegate_; }
 
  protected:
-  base::MessageLoopForUI message_loop_;
-  content::TestBrowserThread ui_thread_;
-  // Thread that the synchronous methods are run on.
-  scoped_ptr<base::Thread> thread_;
-
-  base::ScopedTempDir db_dir_;
-  scoped_ptr<password_manager::LoginDatabase> login_db_;
-  scoped_refptr<PasswordStoreMac> store_;
   scoped_ptr<base::HistogramTester> histogram_tester_;
+  PasswordStoreMacTestDelegate delegate_;
 };
 
 TEST_F(PasswordStoreMacTest, TestStoreUpdate) {
   // Insert a password into both the database and the keychain.
-  // This is done manually, rather than through store_->AddLogin, because the
+  // This is done manually, rather than through delegate_.store()->AddLogin,
+  // because the
   // Mock Keychain isn't smart enough to be able to support update generically,
   // so some.domain.com triggers special handling to test it that make inserting
   // fail.
   PasswordFormData joint_data = {
     PasswordForm::SCHEME_HTML, "http://some.domain.com/",
     "http://some.domain.com/insecure.html", "login.cgi",
     L"username", L"password", L"submit", L"joe_user", L"sekrit", true, false, 1
   };
   scoped_ptr<PasswordForm> joint_form =
       CreatePasswordFormFromDataForTesting(joint_data);
@@ skipping 40 matching lines @@
     { { PasswordForm::SCHEME_HTML, "http://different.com/",
         "http://different.com/index.html", "login.cgi",
         L"username", L"password", L"submit", L"abc", L"123",
         true, false, 2 },
       NULL,
     },
   };
   for (unsigned int i = 0; i < arraysize(updates); ++i) {
     scoped_ptr<PasswordForm> form =
         CreatePasswordFormFromDataForTesting(updates[i].form_data);
-    store_->UpdateLogin(*form);
+    delegate_.store()->UpdateLogin(*form);
   }
 
-  FinishAsyncProcessing();
+  delegate_.FinishAsyncProcessing();
 
   MacKeychainPasswordFormAdapter keychain_adapter(keychain());
   for (unsigned int i = 0; i < arraysize(updates); ++i) {
     scoped_ptr<PasswordForm> query_form =
         CreatePasswordFormFromDataForTesting(updates[i].form_data);
 
     ScopedVector<autofill::PasswordForm> matching_items =
         keychain_adapter.PasswordsFillingForm(query_form->signon_realm,
                                               query_form->scheme);
     if (updates[i].password) {
@@ skipping 39 matching lines @@
   MacKeychainPasswordFormAdapter owned_keychain_adapter(keychain());
   owned_keychain_adapter.SetFindsOnlyOwnedItems(true);
   owned_keychain_adapter.AddPassword(*www_form);
 
   // 2. Get a password for m.facebook.com.
   PasswordForm m_form(*www_form);
   m_form.signon_realm = "http://m.facebook.com";
   m_form.origin = GURL("http://m.facebook.com/index.html");
 
   MockPasswordStoreConsumer consumer;
-  store_->GetLogins(m_form, PasswordStore::ALLOW_PROMPT, &consumer);
+  delegate_.store()->GetLogins(m_form, PasswordStore::ALLOW_PROMPT, &consumer);
   PasswordForm returned_form;
   EXPECT_CALL(consumer, OnGetPasswordStoreResultsConstRef(SizeIs(1u)))
       .WillOnce(
           DoAll(SaveACopyOfFirstForm(&returned_form), QuitUIMessageLoop()));
   base::MessageLoop::current()->Run();
 
   // 3. Add the returned password for m.facebook.com.
   returned_form.signon_realm = "http://m.facebook.com";
   returned_form.origin = GURL("http://m.facebook.com/index.html");
   EXPECT_EQ(AddChangeForForm(returned_form),
             login_db()->AddLogin(returned_form));
   owned_keychain_adapter.AddPassword(m_form);
 
   // 4. Remove both passwords.
-  store_->RemoveLogin(*www_form);
-  store_->RemoveLogin(m_form);
-  FinishAsyncProcessing();
+  delegate_.store()->RemoveLogin(*www_form);
+  delegate_.store()->RemoveLogin(m_form);
+  delegate_.FinishAsyncProcessing();
 
   // No trace of www.facebook.com.
   ScopedVector<autofill::PasswordForm> matching_items =
       owned_keychain_adapter.PasswordsFillingForm(www_form->signon_realm,
                                                   www_form->scheme);
   EXPECT_EQ(0u, matching_items.size());
   EXPECT_TRUE(login_db()->GetLogins(*www_form, &matching_items));
   EXPECT_EQ(0u, matching_items.size());
   // No trace of m.facebook.com.
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       m_form.signon_realm, m_form.scheme);
   EXPECT_EQ(0u, matching_items.size());
   EXPECT_TRUE(login_db()->GetLogins(m_form, &matching_items));
   EXPECT_EQ(0u, matching_items.size());
 }
 
 namespace {
 
 class PasswordsChangeObserver
     : public password_manager::PasswordStore::Observer {
  public:
   explicit PasswordsChangeObserver(PasswordStoreMac* store) : observer_(this) {
     observer_.Add(store);
   }
 
   void WaitAndVerify(PasswordStoreMacTest* test) {
-    test->FinishAsyncProcessing();
+    test->delegate().FinishAsyncProcessing();
     ::testing::Mock::VerifyAndClearExpectations(this);
   }
 
   // password_manager::PasswordStore::Observer:
   MOCK_METHOD1(OnLoginsChanged,
                void(const password_manager::PasswordStoreChangeList& changes));
 
  private:
   ScopedObserver<password_manager::PasswordStore, PasswordsChangeObserver>
       observer_;
@@ skipping 33 matching lines @@
   if (check_created) {
     form_facebook_old->date_created = now;
     form_facebook->date_created = next_day;
     form_other->date_created = next_day;
   } else {
     form_facebook_old->date_synced = now;
     form_facebook->date_synced = next_day;
     form_other->date_synced = next_day;
   }
 
-  PasswordsChangeObserver observer(test->store());
-  test->store()->AddLogin(*form_facebook_old);
-  test->store()->AddLogin(*form_facebook);
-  test->store()->AddLogin(*form_other);
+  PasswordsChangeObserver observer(test->delegate().store());
+  test->delegate().store()->AddLogin(*form_facebook_old);
+  test->delegate().store()->AddLogin(*form_facebook);
+  test->delegate().store()->AddLogin(*form_other);
   EXPECT_CALL(observer, OnLoginsChanged(GetAddChangeList(*form_facebook_old)));
   EXPECT_CALL(observer, OnLoginsChanged(GetAddChangeList(*form_facebook)));
   EXPECT_CALL(observer, OnLoginsChanged(GetAddChangeList(*form_other)));
   observer.WaitAndVerify(test);
 
   // Check the keychain content.
   MacKeychainPasswordFormAdapter owned_keychain_adapter(test->keychain());
   owned_keychain_adapter.SetFindsOnlyOwnedItems(false);
   ScopedVector<PasswordForm> matching_items(
       owned_keychain_adapter.PasswordsFillingForm(form_facebook->signon_realm,
                                                   form_facebook->scheme));
   EXPECT_EQ(1u, matching_items.size());
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       form_other->signon_realm, form_other->scheme);
   EXPECT_EQ(1u, matching_items.size());
 
   // Remove facebook.
   if (check_created) {
-    test->store()->RemoveLoginsCreatedBetween(base::Time(), next_day,
-                                              base::Closure());
+    test->delegate().store()->RemoveLoginsCreatedBetween(base::Time(), next_day,
+                                                         base::Closure());
   } else {
-    test->store()->RemoveLoginsSyncedBetween(base::Time(), next_day);
+    test->delegate().store()->RemoveLoginsSyncedBetween(base::Time(), next_day);
   }
   password_manager::PasswordStoreChangeList list;
   form_facebook_old->password_value.clear();
   form_facebook->password_value.clear();
   list.push_back(password_manager::PasswordStoreChange(
       password_manager::PasswordStoreChange::REMOVE, *form_facebook_old));
   list.push_back(password_manager::PasswordStoreChange(
       password_manager::PasswordStoreChange::REMOVE, *form_facebook));
   EXPECT_CALL(observer, OnLoginsChanged(list));
   list.clear();
   observer.WaitAndVerify(test);
 
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       form_facebook->signon_realm, form_facebook->scheme);
   EXPECT_EQ(0u, matching_items.size());
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       form_other->signon_realm, form_other->scheme);
   EXPECT_EQ(1u, matching_items.size());
 
   // Remove form_other.
   if (check_created) {
-    test->store()->RemoveLoginsCreatedBetween(next_day, base::Time(),
-                                              base::Closure());
+    test->delegate().store()->RemoveLoginsCreatedBetween(next_day, base::Time(),
+                                                         base::Closure());
   } else {
-    test->store()->RemoveLoginsSyncedBetween(next_day, base::Time());
+    test->delegate().store()->RemoveLoginsSyncedBetween(next_day, base::Time());
   }
   form_other->password_value.clear();
   list.push_back(password_manager::PasswordStoreChange(
       password_manager::PasswordStoreChange::REMOVE, *form_other));
   EXPECT_CALL(observer, OnLoginsChanged(list));
   observer.WaitAndVerify(test);
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       form_other->signon_realm, form_other->scheme);
   EXPECT_EQ(0u, matching_items.size());
 }
@@ skipping 30 matching lines @@
   scoped_ptr<PasswordForm> www_form =
       CreatePasswordFormFromDataForTesting(www_form_data1);
   EXPECT_TRUE(owned_keychain_adapter.AddPassword(*www_form));
 
   // Add a password from the current profile.
   PasswordFormData www_form_data2 = {
       PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
       "http://www.facebook.com/index.html", "login", L"username", L"password",
       L"submit", L"not_joe_user", L"12345", true, false, 1 };
   www_form = CreatePasswordFormFromDataForTesting(www_form_data2);
-  store_->AddLogin(*www_form);
-  FinishAsyncProcessing();
+  delegate_.store()->AddLogin(*www_form);
+  delegate_.FinishAsyncProcessing();
 
   ScopedVector<PasswordForm> matching_items;
   EXPECT_TRUE(login_db()->GetLogins(*www_form, &matching_items));
   EXPECT_EQ(1u, matching_items.size());
 
-  store_->RemoveLoginsCreatedBetween(base::Time(), base::Time(),
-                                     base::Closure());
-  FinishAsyncProcessing();
+  delegate_.store()->RemoveLoginsCreatedBetween(base::Time(), base::Time(),
+                                                base::Closure());
+  delegate_.FinishAsyncProcessing();
 
   // Check the second facebook form is gone.
   EXPECT_TRUE(login_db()->GetLogins(*www_form, &matching_items));
   EXPECT_EQ(0u, matching_items.size());
 
   // Check the first facebook form is still there.
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       www_form->signon_realm, www_form->scheme);
   ASSERT_EQ(1u, matching_items.size());
   EXPECT_EQ(ASCIIToUTF16("joe_user"), matching_items[0]->username_value);
 
   // Check the third-party password is still there.
   owned_keychain_adapter.SetFindsOnlyOwnedItems(false);
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       "http://some.domain.com/insecure.html", PasswordForm::SCHEME_HTML);
   ASSERT_EQ(1u, matching_items.size());
 }
 
 // Add a facebook form to the store but not to the keychain. The form is to be
 // implicitly deleted. However, the observers shouldn't get notified about
 // deletion of non-existent forms like m.facebook.com.
 TEST_F(PasswordStoreMacTest, SilentlyRemoveOrphanedForm) {
-  testing::StrictMock<MockPasswordStoreObserver> mock_observer;
-  store()->AddObserver(&mock_observer);
+  testing::StrictMock<password_manager::MockPasswordStoreObserver>
+      mock_observer;
+  delegate_.store()->AddObserver(&mock_observer);
 
   // 1. Add a password for www.facebook.com to the LoginDatabase.
   PasswordFormData www_form_data = {
     PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
     "http://www.facebook.com/index.html", "login",
     L"username", L"password", L"submit", L"joe_user", L"", true, false, 1
   };
   scoped_ptr<PasswordForm> www_form(
       CreatePasswordFormFromDataForTesting(www_form_data));
   EXPECT_EQ(AddChangeForForm(*www_form), login_db()->AddLogin(*www_form));
 
   // 2. Get a PSL-matched password for m.facebook.com. The observer isn't
   // notified because the form isn't in the database.
   PasswordForm m_form(*www_form);
   m_form.signon_realm = "http://m.facebook.com";
   m_form.origin = GURL("http://m.facebook.com/index.html");
 
   MockPasswordStoreConsumer consumer;
   ON_CALL(consumer, OnGetPasswordStoreResultsConstRef(_))
       .WillByDefault(QuitUIMessageLoop());
   EXPECT_CALL(mock_observer, OnLoginsChanged(_)).Times(0);
   // The PSL-matched form isn't returned because there is no actual password in
   // the keychain.
   EXPECT_CALL(consumer, OnGetPasswordStoreResultsConstRef(IsEmpty()));
-  store_->GetLogins(m_form, PasswordStore::ALLOW_PROMPT, &consumer);
+  delegate_.store()->GetLogins(m_form, PasswordStore::ALLOW_PROMPT, &consumer);
   base::MessageLoop::current()->Run();
   ScopedVector<autofill::PasswordForm> all_forms;
   EXPECT_TRUE(login_db()->GetAutofillableLogins(&all_forms));
   EXPECT_EQ(1u, all_forms.size());
   ::testing::Mock::VerifyAndClearExpectations(&mock_observer);
 
   // 3. Get a password for www.facebook.com. The form is implicitly removed and
   // the observer is notified.
   password_manager::PasswordStoreChangeList list;
   list.push_back(password_manager::PasswordStoreChange(
       password_manager::PasswordStoreChange::REMOVE, *www_form));
   EXPECT_CALL(mock_observer, OnLoginsChanged(list));
   EXPECT_CALL(consumer, OnGetPasswordStoreResultsConstRef(IsEmpty()));
-  store_->GetLogins(*www_form, PasswordStore::ALLOW_PROMPT, &consumer);
+  delegate_.store()->GetLogins(*www_form, PasswordStore::ALLOW_PROMPT,
+                               &consumer);
   base::MessageLoop::current()->Run();
   EXPECT_TRUE(login_db()->GetAutofillableLogins(&all_forms));
   EXPECT_EQ(0u, all_forms.size());
 }
 
 // Verify that Android app passwords can be stored, retrieved, and deleted.
 // Regression test for http://crbug.com/455551
 TEST_F(PasswordStoreMacTest, StoringAndRetrievingAndroidCredentials) {
   PasswordForm form;
   form.signon_realm = "android://7x7IDboo8u9YKraUsbmVkuf1@net.rateflix.app/";
@@ skipping 32 matching lines @@
   form2.origin = GURL("http://facebook.com/Login");
   form2.signon_realm = "http://facebook.com/";
   form2.username_value = ASCIIToUTF16("my_username");
   form2.password_value = ASCIIToUTF16("my_password");
 
   PasswordForm blacklisted_form;
   blacklisted_form.origin = GURL("http://badsite.com/Login");
   blacklisted_form.signon_realm = "http://badsite.com/";
   blacklisted_form.blacklisted_by_user = true;
 
-  store()->AddLogin(form1);
-  store()->AddLogin(form2);
-  store()->AddLogin(blacklisted_form);
-  FinishAsyncProcessing();
+  delegate_.store()->AddLogin(form1);
+  delegate_.store()->AddLogin(form2);
+  delegate_.store()->AddLogin(blacklisted_form);
+  delegate_.FinishAsyncProcessing();
 
   ASSERT_TRUE(base::PostTaskAndReplyWithResult(
-      thread_->task_runner().get(), FROM_HERE,
-      base::Bind(&PasswordStoreMac::ImportFromKeychain, store()),
+      base::ThreadTaskRunnerHandle::Get().get(), FROM_HERE,
+      base::Bind(&PasswordStoreMac::ImportFromKeychain, delegate_.store()),
       base::Bind(&CheckMigrationResult, PasswordStoreMac::MIGRATION_OK)));
-  FinishAsyncProcessing();
+  delegate_.FinishAsyncProcessing();
 
   // The password should be stored in the database by now.
   ScopedVector<PasswordForm> matching_items;
   EXPECT_TRUE(login_db()->GetLogins(form1, &matching_items));
   ASSERT_EQ(1u, matching_items.size());
   EXPECT_EQ(form1, *matching_items[0]);
 
   EXPECT_TRUE(login_db()->GetLogins(form2, &matching_items));
   ASSERT_EQ(1u, matching_items.size());
   EXPECT_EQ(form2, *matching_items[0]);
@@ skipping 10 matching lines @@
 
 // Import a federated credential while the Keychain is locked.
 TEST_F(PasswordStoreMacTest, ImportFederatedFromLockedKeychain) {
   keychain()->set_locked(true);
   PasswordForm form1;
   form1.origin = GURL("http://example.com/Login");
   form1.signon_realm = "http://example.com/";
   form1.username_value = ASCIIToUTF16("my_username");
   form1.federation_url = GURL("https://accounts.google.com/");
 
-  store()->AddLogin(form1);
-  FinishAsyncProcessing();
+  delegate_.store()->AddLogin(form1);
+  delegate_.FinishAsyncProcessing();
   ASSERT_TRUE(base::PostTaskAndReplyWithResult(
-      thread_->task_runner().get(), FROM_HERE,
-      base::Bind(&PasswordStoreMac::ImportFromKeychain, store()),
+      base::ThreadTaskRunnerHandle::Get().get(), FROM_HERE,
+      base::Bind(&PasswordStoreMac::ImportFromKeychain, delegate_.store()),
       base::Bind(&CheckMigrationResult, PasswordStoreMac::MIGRATION_OK)));
-  FinishAsyncProcessing();
+  delegate_.FinishAsyncProcessing();
 
   ScopedVector<PasswordForm> matching_items;
   EXPECT_TRUE(login_db()->GetLogins(form1, &matching_items));
   ASSERT_EQ(1u, matching_items.size());
   EXPECT_EQ(form1, *matching_items[0]);
 }
 
 // Try to import while the Keychain is locked but the encryption key had been
 // read earlier.
 TEST_F(PasswordStoreMacTest, ImportFromLockedKeychainError) {
   PasswordForm form1;
   form1.origin = GURL("http://accounts.google.com/LoginAuth");
   form1.signon_realm = "http://accounts.google.com/";
   form1.username_value = ASCIIToUTF16("my_username");
   form1.password_value = ASCIIToUTF16("my_password");
-  store()->AddLogin(form1);
-  FinishAsyncProcessing();
+  delegate_.store()->AddLogin(form1);
+  delegate_.FinishAsyncProcessing();
 
   // Add a second keychain item matching the Database entry.
   PasswordForm form2 = form1;
   form2.origin = GURL("http://accounts.google.com/Login");
   form2.password_value = ASCIIToUTF16("1234");
   MacKeychainPasswordFormAdapter adapter(keychain());
   EXPECT_TRUE(adapter.AddPassword(form2));
 
   keychain()->set_locked(true);
   ASSERT_TRUE(base::PostTaskAndReplyWithResult(
-      thread_->task_runner().get(), FROM_HERE,
-      base::Bind(&PasswordStoreMac::ImportFromKeychain, store()),
+      base::ThreadTaskRunnerHandle::Get().get(), FROM_HERE,
+      base::Bind(&PasswordStoreMac::ImportFromKeychain, delegate_.store()),
       base::Bind(&CheckMigrationResult, PasswordStoreMac::KEYCHAIN_BLOCKED)));
-  FinishAsyncProcessing();
+  delegate_.FinishAsyncProcessing();
 
   ScopedVector<PasswordForm> matching_items;
   EXPECT_TRUE(login_db()->GetLogins(form1, &matching_items));
   ASSERT_EQ(1u, matching_items.size());
   EXPECT_EQ(base::string16(), matching_items[0]->password_value);
 
   histogram_tester_->ExpectUniqueSample(
       "PasswordManager.KeychainMigration.NumPasswordsOnFailure", 1, 1);
   histogram_tester_->ExpectUniqueSample(
       "PasswordManager.KeychainMigration.NumFailedPasswords", 1, 1);
   histogram_tester_->ExpectUniqueSample(
       "PasswordManager.KeychainMigration.NumChromeOwnedInaccessiblePasswords",
       2, 1);
   // Don't test the encryption key access.
   histogram_tester_.reset();
 }