Expose passwords to JavaScript in Credential Manager API

third_party/WebKit/LayoutTests/external/wpt/credential-management/idl.https.html

 <!DOCTYPE html>
 <script src=/resources/testharness.js></script>
 <script src=/resources/testharnessreport.js></script>
 <script src=/resources/WebIDLParser.js></script>
 <script src=/resources/idlharness.js></script>
 <script type="text/plain" id="untested">
     dictionary CredentialData {
       USVString id;
     };
 
     [Exposed=Window, SecureContext]
     interface Credential {
       readonly attribute USVString id;
       readonly attribute DOMString type;
     };
 
     dictionary SiteBoundCredentialData : CredentialData {

[Mike West, 2017/05/08 11:01:57]

We should have removed the `SiteBound` stuff in the other patch. Would you mind
spinning off a new patch to clean up this test?

[jdoerrie, 2017/05/08 14:03:17]

Will do. I had another related question: In
third_party/WebKit/Source/modules/credentialmanager we use
LocallyStoredCredentialData.idl which links to the (dead)
https://w3c.github.io/webappsec/specs/credentialmanagement/#dictdef-locallyst....
Was this also part of the spec at some point and is now obsolete? It doesn't
appear in this file, so my current assumption is that it's mainly an
implementation detail at this point. Is this correct? If yes, should we keep it
or also delete it?

[jdoerrie, 2017/05/08 15:21:07]

Nvm, I also deleted LocallyStoredCredentialData as part of the
SiteBoundCredentialData cleanup: https://codereview.chromium.org/2867643004/ I
will send that CL out for review by you when the bots are happy with it.

       USVString name;
       USVString iconURL;
     };
 
     [NoInterfaceObject, SecureContext]
     interface CredentialUserData {
       readonly attribute USVString name;
       readonly attribute USVString iconURL;
     };
 
@@ skipping 30 matching lines @@
     };
 
     [Constructor(PasswordCredentialData data),
      Constructor(HTMLFormElement form),
      Exposed=Window,
      SecureContext]
     interface PasswordCredential : Credential {
       attribute USVString idName;
       attribute USVString passwordName;
 
       attribute CredentialBodyType? additionalData;

[Mike West, 2017/05/08 11:01:57]

Please drop these three attributes from this test, as it will be upstreamed and
should reflect the state of the spec and not the state of Chrome.

[jdoerrie, 2017/05/08 14:03:17]

Will do this as well. Currently I am getting a presubmit error after I removed
the attributes and the appropriate lines from the *-expected.txt file: 

** Presubmit ERRORS **
* The following files are passing testharness results without console error
messages, they should be removed:

//third_party/WebKit/LayoutTests/external/wpt/credential-management/idl.https-expected.txt
ERROR: found passing testharness results without console error messages.

From the looks of it it's complaining that there is no line with FAIL in that
file anymore.  The corresponding script
(https://codesearch.chromium.org/chromium/src/third_party/WebKit/Tools/Scripts...)
states the following:

"""Check if a LayoutTest expected file is a passing testharness result.

The intent of this script is to identify expected files that are passing
testharness.js results. Those files are not needed because the test
infrastructure will read the output of testharness.js tests if there is no
expected files."""

Is it fine to simply go ahead and remove the *-expected.txt file? I don't fully
understand this test framework yet, but removing the expectation file seems
wrong to me. What do you think?

+      readonly attribute DOMString password;
     };
     PasswordCredential implements CredentialUserData;
 
     [Constructor(FederatedCredentialData data),
      Exposed=Window,
      SecureContext]
     interface FederatedCredential : Credential {
       readonly attribute USVString provider;
       readonly attribute DOMString? protocol;
     };
     FederatedCredential implements CredentialUserData;
 </script>
 <script>
     "use strict";
     var idl_array = new IdlArray();
     idl_array.add_untested_idls(document.querySelector('#untested').textContent);
     idl_array.add_idls(document.querySelector('#tested').textContent);
     idl_array.add_objects({
       CredentialsContainer: ['navigator.credentials'],
       PasswordCredential: ['new PasswordCredential({ id: "id", password: "pencil", iconURL: "https://example.com/", name: "name" })'],
       FederatedCredential: ['new FederatedCredential({ id: "id", provider: "https://example.com", iconURL: "https://example.com/", name: "name" })']
     });
     idl_array.test();
 </script>