OLD | NEW |
| (Empty) |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/password_manager/content/browser/credential_manager_impl.h" | |
6 | |
7 #include <utility> | |
8 | |
9 #include "base/bind.h" | |
10 #include "base/strings/string16.h" | |
11 #include "base/strings/utf_string_conversions.h" | |
12 #include "components/autofill/core/common/password_form.h" | |
13 #include "components/password_manager/content/browser/content_password_manager_d
river.h" | |
14 #include "components/password_manager/content/browser/content_password_manager_d
river_factory.h" | |
15 #include "components/password_manager/content/public/cpp/type_converters.h" | |
16 #include "components/password_manager/core/browser/affiliated_match_helper.h" | |
17 #include "components/password_manager/core/browser/password_manager_client.h" | |
18 #include "components/password_manager/core/browser/password_store.h" | |
19 #include "components/password_manager/core/common/credential_manager_types.h" | |
20 #include "components/password_manager/core/common/password_manager_pref_names.h" | |
21 #include "content/public/browser/web_contents.h" | |
22 #include "mojo/common/url_type_converters.h" | |
23 | |
24 namespace password_manager { | |
25 | |
26 namespace { | |
27 | |
28 void RunMojoGetCallback(const mojom::CredentialManager::GetCallback& callback, | |
29 const CredentialInfo& info) { | |
30 mojom::CredentialInfoPtr credential = mojom::CredentialInfo::From(info); | |
31 callback.Run(mojom::CredentialManagerError::SUCCESS, std::move(credential)); | |
32 } | |
33 | |
34 } // namespace | |
35 | |
36 // CredentialManagerImpl ------------------------------------------------- | |
37 | |
38 CredentialManagerImpl::CredentialManagerImpl(content::WebContents* web_contents, | |
39 PasswordManagerClient* client) | |
40 : WebContentsObserver(web_contents), client_(client), weak_factory_(this) { | |
41 DCHECK(web_contents); | |
42 auto_signin_enabled_.Init(prefs::kCredentialsEnableAutosignin, | |
43 client_->GetPrefs()); | |
44 } | |
45 | |
46 CredentialManagerImpl::~CredentialManagerImpl() {} | |
47 | |
48 void CredentialManagerImpl::BindRequest( | |
49 mojom::CredentialManagerRequest request) { | |
50 bindings_.AddBinding(this, std::move(request)); | |
51 } | |
52 | |
53 void CredentialManagerImpl::Store(mojom::CredentialInfoPtr credential, | |
54 const StoreCallback& callback) { | |
55 CredentialInfo info = credential.To<CredentialInfo>(); | |
56 DCHECK_NE(CredentialType::CREDENTIAL_TYPE_EMPTY, info.type); | |
57 | |
58 // Send acknowledge response back. | |
59 callback.Run(); | |
60 | |
61 if (!client_->IsSavingAndFillingEnabledForCurrentPage()) | |
62 return; | |
63 | |
64 std::unique_ptr<autofill::PasswordForm> form( | |
65 CreatePasswordFormFromCredentialInfo( | |
66 info, web_contents()->GetLastCommittedURL().GetOrigin())); | |
67 form->skip_zero_click = !IsZeroClickAllowed(); | |
68 | |
69 form_manager_.reset(new CredentialManagerPasswordFormManager( | |
70 client_, GetDriver(), *form, this)); | |
71 } | |
72 | |
73 void CredentialManagerImpl::OnProvisionalSaveComplete() { | |
74 DCHECK(form_manager_); | |
75 DCHECK(client_->IsSavingAndFillingEnabledForCurrentPage()); | |
76 | |
77 if (form_manager_->IsNewLogin()) { | |
78 // If the PasswordForm we were given does not match an existing | |
79 // PasswordForm, ask the user if they'd like to save. | |
80 client_->PromptUserToSaveOrUpdatePassword( | |
81 std::move(form_manager_), CredentialSourceType::CREDENTIAL_SOURCE_API, | |
82 false); | |
83 } else { | |
84 // Otherwise, update the existing form, as we've been told by the site | |
85 // that the new PasswordForm is a functioning credential for the user. | |
86 // We use 'PasswordFormManager::Update(PasswordForm&)' here rather than | |
87 // 'PasswordFormManager::UpdateLogin', as we need to port over the | |
88 // 'skip_zero_click' state to ensure that we don't accidentally start | |
89 // signing users in just because the site asks us to. The simplest way | |
90 // to do so is simply to update the password field of the existing | |
91 // credential. | |
92 form_manager_->Update(*form_manager_->preferred_match()); | |
93 } | |
94 } | |
95 | |
96 void CredentialManagerImpl::RequireUserMediation( | |
97 const RequireUserMediationCallback& callback) { | |
98 PasswordStore* store = GetPasswordStore(); | |
99 if (!store || !IsUpdatingCredentialAllowed()) { | |
100 callback.Run(); | |
101 return; | |
102 } | |
103 | |
104 if (store->affiliated_match_helper()) { | |
105 store->affiliated_match_helper()->GetAffiliatedAndroidRealms( | |
106 GetSynthesizedFormForOrigin(), | |
107 base::Bind(&CredentialManagerImpl::ScheduleRequireMediationTask, | |
108 weak_factory_.GetWeakPtr(), callback)); | |
109 } else { | |
110 std::vector<std::string> no_affiliated_realms; | |
111 ScheduleRequireMediationTask(callback, no_affiliated_realms); | |
112 } | |
113 } | |
114 | |
115 void CredentialManagerImpl::ScheduleRequireMediationTask( | |
116 const RequireUserMediationCallback& callback, | |
117 const std::vector<std::string>& android_realms) { | |
118 DCHECK(GetPasswordStore()); | |
119 if (!pending_require_user_mediation_) { | |
120 pending_require_user_mediation_.reset( | |
121 new CredentialManagerPendingRequireUserMediationTask( | |
122 this, web_contents()->GetLastCommittedURL().GetOrigin(), | |
123 android_realms)); | |
124 | |
125 // This will result in a callback to | |
126 // CredentialManagerPendingRequireUserMediationTask:: | |
127 // OnGetPasswordStoreResults(). | |
128 GetPasswordStore()->GetAutofillableLogins( | |
129 pending_require_user_mediation_.get()); | |
130 } else { | |
131 pending_require_user_mediation_->AddOrigin( | |
132 web_contents()->GetLastCommittedURL().GetOrigin()); | |
133 } | |
134 | |
135 // Send acknowledge response back. | |
136 callback.Run(); | |
137 } | |
138 | |
139 void CredentialManagerImpl::Get(bool zero_click_only, | |
140 bool include_passwords, | |
141 mojo::Array<mojo::String> federations, | |
142 const GetCallback& callback) { | |
143 PasswordStore* store = GetPasswordStore(); | |
144 if (pending_request_ || !store) { | |
145 // Callback error. | |
146 callback.Run(pending_request_ | |
147 ? mojom::CredentialManagerError::PENDINGREQUEST | |
148 : mojom::CredentialManagerError::PASSWORDSTOREUNAVAILABLE, | |
149 nullptr); | |
150 return; | |
151 } | |
152 | |
153 // Return an empty credential if zero-click is required but disabled, or if | |
154 // the current page has TLS errors. | |
155 if ((zero_click_only && !IsZeroClickAllowed()) || | |
156 client_->DidLastPageLoadEncounterSSLErrors()) { | |
157 // Callback with empty credential info. | |
158 callback.Run(mojom::CredentialManagerError::SUCCESS, | |
159 mojom::CredentialInfo::New()); | |
160 return; | |
161 } | |
162 | |
163 if (store->affiliated_match_helper()) { | |
164 store->affiliated_match_helper()->GetAffiliatedAndroidRealms( | |
165 GetSynthesizedFormForOrigin(), | |
166 base::Bind(&CredentialManagerImpl::ScheduleRequestTask, | |
167 weak_factory_.GetWeakPtr(), callback, zero_click_only, | |
168 include_passwords, federations.To<std::vector<GURL>>())); | |
169 } else { | |
170 std::vector<std::string> no_affiliated_realms; | |
171 ScheduleRequestTask(callback, zero_click_only, include_passwords, | |
172 federations.To<std::vector<GURL>>(), | |
173 no_affiliated_realms); | |
174 } | |
175 } | |
176 | |
177 void CredentialManagerImpl::ScheduleRequestTask( | |
178 const GetCallback& callback, | |
179 bool zero_click_only, | |
180 bool include_passwords, | |
181 const std::vector<GURL>& federations, | |
182 const std::vector<std::string>& android_realms) { | |
183 DCHECK(GetPasswordStore()); | |
184 pending_request_.reset(new CredentialManagerPendingRequestTask( | |
185 this, base::Bind(&RunMojoGetCallback, callback), zero_click_only, | |
186 web_contents()->GetLastCommittedURL().GetOrigin(), include_passwords, | |
187 federations, android_realms)); | |
188 | |
189 // This will result in a callback to | |
190 // PendingRequestTask::OnGetPasswordStoreResults(). | |
191 GetPasswordStore()->GetAutofillableLogins(pending_request_.get()); | |
192 } | |
193 | |
194 PasswordStore* CredentialManagerImpl::GetPasswordStore() { | |
195 return client_ ? client_->GetPasswordStore() : nullptr; | |
196 } | |
197 | |
198 bool CredentialManagerImpl::IsZeroClickAllowed() const { | |
199 return *auto_signin_enabled_ && !client_->IsOffTheRecord(); | |
200 } | |
201 | |
202 GURL CredentialManagerImpl::GetOrigin() const { | |
203 return web_contents()->GetLastCommittedURL().GetOrigin(); | |
204 } | |
205 | |
206 base::WeakPtr<PasswordManagerDriver> CredentialManagerImpl::GetDriver() { | |
207 ContentPasswordManagerDriverFactory* driver_factory = | |
208 ContentPasswordManagerDriverFactory::FromWebContents(web_contents()); | |
209 DCHECK(driver_factory); | |
210 PasswordManagerDriver* driver = | |
211 driver_factory->GetDriverForFrame(web_contents()->GetMainFrame()); | |
212 return driver->AsWeakPtr(); | |
213 } | |
214 | |
215 void CredentialManagerImpl::SendCredential( | |
216 const SendCredentialCallback& send_callback, | |
217 const CredentialInfo& info) { | |
218 DCHECK(pending_request_); | |
219 DCHECK(send_callback.Equals(pending_request_->send_callback())); | |
220 | |
221 send_callback.Run(info); | |
222 pending_request_.reset(); | |
223 } | |
224 | |
225 void CredentialManagerImpl::SendPasswordForm( | |
226 const SendCredentialCallback& send_callback, | |
227 const autofill::PasswordForm* form) { | |
228 CredentialInfo info; | |
229 if (form) { | |
230 password_manager::CredentialType type_to_return = | |
231 form->federation_origin.unique() | |
232 ? CredentialType::CREDENTIAL_TYPE_PASSWORD | |
233 : CredentialType::CREDENTIAL_TYPE_FEDERATED; | |
234 info = CredentialInfo(*form, type_to_return); | |
235 if (PasswordStore* store = GetPasswordStore()) { | |
236 if (form->skip_zero_click && IsZeroClickAllowed()) { | |
237 DCHECK(IsUpdatingCredentialAllowed()); | |
238 autofill::PasswordForm update_form = *form; | |
239 update_form.skip_zero_click = false; | |
240 store->UpdateLogin(update_form); | |
241 } | |
242 } | |
243 } | |
244 SendCredential(send_callback, info); | |
245 } | |
246 | |
247 PasswordManagerClient* CredentialManagerImpl::client() const { | |
248 return client_; | |
249 } | |
250 | |
251 autofill::PasswordForm CredentialManagerImpl::GetSynthesizedFormForOrigin() | |
252 const { | |
253 autofill::PasswordForm synthetic_form; | |
254 synthetic_form.origin = web_contents()->GetLastCommittedURL().GetOrigin(); | |
255 synthetic_form.signon_realm = synthetic_form.origin.spec(); | |
256 synthetic_form.scheme = autofill::PasswordForm::SCHEME_HTML; | |
257 synthetic_form.ssl_valid = synthetic_form.origin.SchemeIsCryptographic() && | |
258 !client_->DidLastPageLoadEncounterSSLErrors(); | |
259 return synthetic_form; | |
260 } | |
261 | |
262 void CredentialManagerImpl::DoneRequiringUserMediation() { | |
263 DCHECK(pending_require_user_mediation_); | |
264 pending_require_user_mediation_.reset(); | |
265 } | |
266 | |
267 bool CredentialManagerImpl::IsUpdatingCredentialAllowed() const { | |
268 return !client_->DidLastPageLoadEncounterSSLErrors() && | |
269 !client_->IsOffTheRecord(); | |
270 } | |
271 | |
272 } // namespace password_manager | |
OLD | NEW |