OLD | NEW |
| (Empty) |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/password_manager/content/browser/credential_manager_dispatc
her.h" | |
6 | |
7 #include <utility> | |
8 | |
9 #include "base/bind.h" | |
10 #include "base/strings/string16.h" | |
11 #include "base/strings/utf_string_conversions.h" | |
12 #include "components/autofill/core/common/password_form.h" | |
13 #include "components/password_manager/content/browser/content_password_manager_d
river.h" | |
14 #include "components/password_manager/content/browser/content_password_manager_d
river_factory.h" | |
15 #include "components/password_manager/content/common/credential_manager_messages
.h" | |
16 #include "components/password_manager/core/browser/affiliated_match_helper.h" | |
17 #include "components/password_manager/core/browser/password_manager_client.h" | |
18 #include "components/password_manager/core/browser/password_store.h" | |
19 #include "components/password_manager/core/common/credential_manager_types.h" | |
20 #include "components/password_manager/core/common/password_manager_pref_names.h" | |
21 #include "content/public/browser/render_view_host.h" | |
22 #include "content/public/browser/web_contents.h" | |
23 #include "ipc/ipc_message_macros.h" | |
24 | |
25 namespace password_manager { | |
26 | |
27 // CredentialManagerDispatcher ------------------------------------------------- | |
28 | |
29 CredentialManagerDispatcher::CredentialManagerDispatcher( | |
30 content::WebContents* web_contents, | |
31 PasswordManagerClient* client) | |
32 : WebContentsObserver(web_contents), client_(client), weak_factory_(this) { | |
33 DCHECK(web_contents); | |
34 auto_signin_enabled_.Init(prefs::kCredentialsEnableAutosignin, | |
35 client_->GetPrefs()); | |
36 } | |
37 | |
38 CredentialManagerDispatcher::~CredentialManagerDispatcher() { | |
39 } | |
40 | |
41 bool CredentialManagerDispatcher::OnMessageReceived( | |
42 const IPC::Message& message) { | |
43 bool handled = true; | |
44 IPC_BEGIN_MESSAGE_MAP(CredentialManagerDispatcher, message) | |
45 IPC_MESSAGE_HANDLER(CredentialManagerHostMsg_Store, OnStore); | |
46 IPC_MESSAGE_HANDLER(CredentialManagerHostMsg_RequireUserMediation, | |
47 OnRequireUserMediation); | |
48 IPC_MESSAGE_HANDLER(CredentialManagerHostMsg_RequestCredential, | |
49 OnRequestCredential); | |
50 IPC_MESSAGE_UNHANDLED(handled = false) | |
51 IPC_END_MESSAGE_MAP() | |
52 return handled; | |
53 } | |
54 | |
55 void CredentialManagerDispatcher::OnStore( | |
56 int request_id, | |
57 const password_manager::CredentialInfo& credential) { | |
58 DCHECK(credential.type != CredentialType::CREDENTIAL_TYPE_EMPTY); | |
59 DCHECK(request_id); | |
60 web_contents()->GetRenderViewHost()->Send( | |
61 new CredentialManagerMsg_AcknowledgeStore( | |
62 web_contents()->GetRenderViewHost()->GetRoutingID(), request_id)); | |
63 | |
64 if (!client_->IsSavingAndFillingEnabledForCurrentPage()) | |
65 return; | |
66 | |
67 scoped_ptr<autofill::PasswordForm> form(CreatePasswordFormFromCredentialInfo( | |
68 credential, web_contents()->GetLastCommittedURL().GetOrigin())); | |
69 form->skip_zero_click = !IsZeroClickAllowed(); | |
70 | |
71 form_manager_.reset(new CredentialManagerPasswordFormManager( | |
72 client_, GetDriver(), *form, this)); | |
73 } | |
74 | |
75 void CredentialManagerDispatcher::OnProvisionalSaveComplete() { | |
76 DCHECK(form_manager_); | |
77 DCHECK(client_->IsSavingAndFillingEnabledForCurrentPage()); | |
78 | |
79 if (form_manager_->IsNewLogin()) { | |
80 // If the PasswordForm we were given does not match an existing | |
81 // PasswordForm, ask the user if they'd like to save. | |
82 client_->PromptUserToSaveOrUpdatePassword( | |
83 std::move(form_manager_), CredentialSourceType::CREDENTIAL_SOURCE_API, | |
84 false); | |
85 } else { | |
86 // Otherwise, update the existing form, as we've been told by the site | |
87 // that the new PasswordForm is a functioning credential for the user. | |
88 // We use 'PasswordFormManager::Update(PasswordForm&)' here rather than | |
89 // 'PasswordFormManager::UpdateLogin', as we need to port over the | |
90 // 'skip_zero_click' state to ensure that we don't accidentally start | |
91 // signing users in just because the site asks us to. The simplest way | |
92 // to do so is simply to update the password field of the existing | |
93 // credential. | |
94 form_manager_->Update(*form_manager_->preferred_match()); | |
95 } | |
96 } | |
97 | |
98 void CredentialManagerDispatcher::OnRequireUserMediation(int request_id) { | |
99 DCHECK(request_id); | |
100 | |
101 PasswordStore* store = GetPasswordStore(); | |
102 if (!store || !IsUpdatingCredentialAllowed()) { | |
103 web_contents()->GetRenderViewHost()->Send( | |
104 new CredentialManagerMsg_AcknowledgeRequireUserMediation( | |
105 web_contents()->GetRenderViewHost()->GetRoutingID(), request_id)); | |
106 return; | |
107 } | |
108 | |
109 if (store->affiliated_match_helper()) { | |
110 store->affiliated_match_helper()->GetAffiliatedAndroidRealms( | |
111 GetSynthesizedFormForOrigin(), | |
112 base::Bind(&CredentialManagerDispatcher::ScheduleRequireMediationTask, | |
113 weak_factory_.GetWeakPtr(), request_id)); | |
114 } else { | |
115 std::vector<std::string> no_affiliated_realms; | |
116 ScheduleRequireMediationTask(request_id, no_affiliated_realms); | |
117 } | |
118 } | |
119 | |
120 void CredentialManagerDispatcher::ScheduleRequireMediationTask( | |
121 int request_id, | |
122 const std::vector<std::string>& android_realms) { | |
123 DCHECK(GetPasswordStore()); | |
124 if (!pending_require_user_mediation_) { | |
125 pending_require_user_mediation_.reset( | |
126 new CredentialManagerPendingRequireUserMediationTask( | |
127 this, web_contents()->GetLastCommittedURL().GetOrigin(), | |
128 android_realms)); | |
129 | |
130 // This will result in a callback to | |
131 // CredentialManagerPendingRequireUserMediationTask::OnGetPasswordStoreResul
ts(). | |
132 GetPasswordStore()->GetAutofillableLogins( | |
133 pending_require_user_mediation_.get()); | |
134 } else { | |
135 pending_require_user_mediation_->AddOrigin( | |
136 web_contents()->GetLastCommittedURL().GetOrigin()); | |
137 } | |
138 | |
139 web_contents()->GetRenderViewHost()->Send( | |
140 new CredentialManagerMsg_AcknowledgeRequireUserMediation( | |
141 web_contents()->GetRenderViewHost()->GetRoutingID(), request_id)); | |
142 } | |
143 | |
144 void CredentialManagerDispatcher::OnRequestCredential( | |
145 int request_id, | |
146 bool zero_click_only, | |
147 bool include_passwords, | |
148 const std::vector<GURL>& federations) { | |
149 DCHECK(request_id); | |
150 PasswordStore* store = GetPasswordStore(); | |
151 if (pending_request_ || !store) { | |
152 web_contents()->GetRenderViewHost()->Send( | |
153 new CredentialManagerMsg_RejectCredentialRequest( | |
154 web_contents()->GetRenderViewHost()->GetRoutingID(), request_id, | |
155 pending_request_ | |
156 ? blink::WebCredentialManagerPendingRequestError | |
157 : blink::WebCredentialManagerPasswordStoreUnavailableError)); | |
158 return; | |
159 } | |
160 | |
161 // Return an empty credential if zero-click is required but disabled, or if | |
162 // the current page has TLS errors. | |
163 if ((zero_click_only && !IsZeroClickAllowed()) || | |
164 client_->DidLastPageLoadEncounterSSLErrors()) { | |
165 web_contents()->GetRenderViewHost()->Send( | |
166 new CredentialManagerMsg_SendCredential( | |
167 web_contents()->GetRenderViewHost()->GetRoutingID(), request_id, | |
168 CredentialInfo())); | |
169 return; | |
170 } | |
171 | |
172 if (store->affiliated_match_helper()) { | |
173 store->affiliated_match_helper()->GetAffiliatedAndroidRealms( | |
174 GetSynthesizedFormForOrigin(), | |
175 base::Bind(&CredentialManagerDispatcher::ScheduleRequestTask, | |
176 weak_factory_.GetWeakPtr(), request_id, zero_click_only, | |
177 include_passwords, federations)); | |
178 } else { | |
179 std::vector<std::string> no_affiliated_realms; | |
180 ScheduleRequestTask(request_id, zero_click_only, include_passwords, | |
181 federations, no_affiliated_realms); | |
182 } | |
183 } | |
184 | |
185 void CredentialManagerDispatcher::ScheduleRequestTask( | |
186 int request_id, | |
187 bool zero_click_only, | |
188 bool include_passwords, | |
189 const std::vector<GURL>& federations, | |
190 const std::vector<std::string>& android_realms) { | |
191 DCHECK(GetPasswordStore()); | |
192 pending_request_.reset(new CredentialManagerPendingRequestTask( | |
193 this, request_id, zero_click_only, | |
194 web_contents()->GetLastCommittedURL().GetOrigin(), include_passwords, | |
195 federations, android_realms)); | |
196 | |
197 // This will result in a callback to | |
198 // PendingRequestTask::OnGetPasswordStoreResults(). | |
199 GetPasswordStore()->GetAutofillableLogins(pending_request_.get()); | |
200 } | |
201 | |
202 PasswordStore* CredentialManagerDispatcher::GetPasswordStore() { | |
203 return client_ ? client_->GetPasswordStore() : nullptr; | |
204 } | |
205 | |
206 bool CredentialManagerDispatcher::IsZeroClickAllowed() const { | |
207 return *auto_signin_enabled_ && !client_->IsOffTheRecord(); | |
208 } | |
209 | |
210 GURL CredentialManagerDispatcher::GetOrigin() const { | |
211 return web_contents()->GetLastCommittedURL().GetOrigin(); | |
212 } | |
213 | |
214 base::WeakPtr<PasswordManagerDriver> CredentialManagerDispatcher::GetDriver() { | |
215 ContentPasswordManagerDriverFactory* driver_factory = | |
216 ContentPasswordManagerDriverFactory::FromWebContents(web_contents()); | |
217 DCHECK(driver_factory); | |
218 PasswordManagerDriver* driver = | |
219 driver_factory->GetDriverForFrame(web_contents()->GetMainFrame()); | |
220 return driver->AsWeakPtr(); | |
221 } | |
222 | |
223 void CredentialManagerDispatcher::SendCredential(int request_id, | |
224 const CredentialInfo& info) { | |
225 DCHECK(pending_request_); | |
226 DCHECK_EQ(pending_request_->id(), request_id); | |
227 | |
228 if (PasswordStore* store = GetPasswordStore()) { | |
229 if (info.type != CredentialType::CREDENTIAL_TYPE_EMPTY && | |
230 IsZeroClickAllowed()) { | |
231 DCHECK(IsUpdatingCredentialAllowed()); | |
232 scoped_ptr<autofill::PasswordForm> form( | |
233 CreatePasswordFormFromCredentialInfo(info, | |
234 pending_request_->origin())); | |
235 form->skip_zero_click = false; | |
236 store->UpdateLogin(*form); | |
237 } | |
238 } | |
239 | |
240 web_contents()->GetRenderViewHost()->Send( | |
241 new CredentialManagerMsg_SendCredential( | |
242 web_contents()->GetRenderViewHost()->GetRoutingID(), | |
243 pending_request_->id(), info)); | |
244 pending_request_.reset(); | |
245 } | |
246 | |
247 PasswordManagerClient* CredentialManagerDispatcher::client() const { | |
248 return client_; | |
249 } | |
250 | |
251 autofill::PasswordForm | |
252 CredentialManagerDispatcher::GetSynthesizedFormForOrigin() const { | |
253 autofill::PasswordForm synthetic_form; | |
254 synthetic_form.origin = web_contents()->GetLastCommittedURL().GetOrigin(); | |
255 synthetic_form.signon_realm = synthetic_form.origin.spec(); | |
256 synthetic_form.scheme = autofill::PasswordForm::SCHEME_HTML; | |
257 synthetic_form.ssl_valid = synthetic_form.origin.SchemeIsCryptographic() && | |
258 !client_->DidLastPageLoadEncounterSSLErrors(); | |
259 return synthetic_form; | |
260 } | |
261 | |
262 void CredentialManagerDispatcher::DoneRequiringUserMediation() { | |
263 DCHECK(pending_require_user_mediation_); | |
264 pending_require_user_mediation_.reset(); | |
265 } | |
266 | |
267 bool CredentialManagerDispatcher::IsUpdatingCredentialAllowed() const { | |
268 return !client_->DidLastPageLoadEncounterSSLErrors() && | |
269 !client_->IsOffTheRecord(); | |
270 } | |
271 | |
272 } // namespace password_manager | |
OLD | NEW |