OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_STORE_MAC_H_ | |
6 #define CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_STORE_MAC_H_ | |
7 | |
8 #include <memory> | |
9 #include <string> | |
10 #include <vector> | |
11 | |
12 #include "base/callback_forward.h" | |
13 #include "base/macros.h" | |
14 #include "base/single_thread_task_runner.h" | |
15 #include "base/threading/thread.h" | |
16 #include "components/password_manager/core/browser/login_database.h" | |
17 #include "components/password_manager/core/browser/password_store.h" | |
18 | |
19 namespace crypto { | |
20 class AppleKeychain; | |
21 } | |
22 | |
23 namespace password_manager { | |
24 class LoginDatabase; | |
25 } | |
26 | |
27 class PrefService; | |
28 | |
29 // TODO(vasilii): Deprecate this class. The class should be used by | |
30 // PasswordStoreProxyMac wrapper. | |
31 // Implements PasswordStore on top of the OS X Keychain, with an internal | |
32 // database for extra metadata. For an overview of the interactions with the | |
33 // Keychain, as well as the rationale for some of the behaviors, see the | |
34 // Keychain integration design doc: | |
35 // http://dev.chromium.org/developers/design-documents/os-x-password-manager-key
chain-integration | |
36 class PasswordStoreMac : public password_manager::PasswordStore { | |
37 public: | |
38 enum MigrationResult { | |
39 MIGRATION_OK, | |
40 LOGIN_DB_FAILURE, | |
41 ENCRYPTOR_FAILURE, | |
42 // Chrome has read whatever it had access to. Not all the passwords were | |
43 // accessible. | |
44 MIGRATION_PARTIAL, | |
45 }; | |
46 | |
47 PasswordStoreMac( | |
48 scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner, | |
49 scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner, | |
50 std::unique_ptr<crypto::AppleKeychain> keychain); | |
51 | |
52 // Sets the background thread. | |
53 void InitWithTaskRunner( | |
54 scoped_refptr<base::SingleThreadTaskRunner> background_task_runner); | |
55 | |
56 // For all the entries in LoginDatabase reads the password value from the | |
57 // Keychain and updates the database. | |
58 // The method conducts "best effort" migration without the UI prompt. | |
59 // Inaccessible entries are deleted. | |
60 static MigrationResult ImportFromKeychain( | |
61 password_manager::LoginDatabase* login_db, | |
62 crypto::AppleKeychain* keychain); | |
63 | |
64 // Delete Chrome-owned entries matching |forms| from the Keychain. | |
65 static void CleanUpKeychain( | |
66 crypto::AppleKeychain* keychain, | |
67 const std::vector<std::unique_ptr<autofill::PasswordForm>>& forms); | |
68 | |
69 // To be used for testing. | |
70 password_manager::LoginDatabase* login_metadata_db() const { | |
71 return login_metadata_db_; | |
72 } | |
73 | |
74 void set_login_metadata_db(password_manager::LoginDatabase* login_db); | |
75 | |
76 // To be used for testing. | |
77 crypto::AppleKeychain* keychain() const { return keychain_.get(); } | |
78 | |
79 protected: | |
80 ~PasswordStoreMac() override; | |
81 | |
82 private: | |
83 bool Init(const syncer::SyncableService::StartSyncFlare& flare, | |
84 PrefService* prefs) override; | |
85 void ReportMetricsImpl(const std::string& sync_username, | |
86 bool custom_passphrase_sync_enabled) override; | |
87 password_manager::PasswordStoreChangeList AddLoginImpl( | |
88 const autofill::PasswordForm& form) override; | |
89 password_manager::PasswordStoreChangeList UpdateLoginImpl( | |
90 const autofill::PasswordForm& form) override; | |
91 password_manager::PasswordStoreChangeList RemoveLoginImpl( | |
92 const autofill::PasswordForm& form) override; | |
93 password_manager::PasswordStoreChangeList RemoveLoginsByURLAndTimeImpl( | |
94 const base::Callback<bool(const GURL&)>& url_filter, | |
95 base::Time delete_begin, | |
96 base::Time delete_end) override; | |
97 password_manager::PasswordStoreChangeList RemoveLoginsCreatedBetweenImpl( | |
98 base::Time delete_begin, | |
99 base::Time delete_end) override; | |
100 password_manager::PasswordStoreChangeList RemoveLoginsSyncedBetweenImpl( | |
101 base::Time delete_begin, | |
102 base::Time delete_end) override; | |
103 password_manager::PasswordStoreChangeList DisableAutoSignInForOriginsImpl( | |
104 const base::Callback<bool(const GURL&)>& origin_filter) override; | |
105 bool RemoveStatisticsByOriginAndTimeImpl( | |
106 const base::Callback<bool(const GURL&)>& origin_filter, | |
107 base::Time delete_begin, | |
108 base::Time delete_end) override; | |
109 std::vector<std::unique_ptr<autofill::PasswordForm>> FillMatchingLogins( | |
110 const FormDigest& form) override; | |
111 std::vector<std::unique_ptr<autofill::PasswordForm>> | |
112 FillLoginsForSameOrganizationName(const std::string& signon_realm) override; | |
113 bool FillAutofillableLogins( | |
114 std::vector<std::unique_ptr<autofill::PasswordForm>>* forms) override; | |
115 bool FillBlacklistLogins( | |
116 std::vector<std::unique_ptr<autofill::PasswordForm>>* forms) override; | |
117 void AddSiteStatsImpl( | |
118 const password_manager::InteractionsStats& stats) override; | |
119 void RemoveSiteStatsImpl(const GURL& origin_domain) override; | |
120 std::vector<password_manager::InteractionsStats> GetAllSiteStatsImpl() | |
121 override; | |
122 std::vector<password_manager::InteractionsStats> GetSiteStatsImpl( | |
123 const GURL& origin_domain) override; | |
124 | |
125 // Adds the given form to the Keychain if it's something we want to store | |
126 // there (i.e., not a blacklist entry or a federated login). Returns true if | |
127 // the operation succeeded (either we added successfully, or we didn't need | |
128 // to). | |
129 bool AddToKeychainIfNecessary(const autofill::PasswordForm& form); | |
130 | |
131 // Returns true if our database contains a form that exactly matches the given | |
132 // keychain form. | |
133 bool DatabaseHasFormMatchingKeychainForm( | |
134 const autofill::PasswordForm& form); | |
135 | |
136 // Removes the given forms from the database. After the call |forms| contains | |
137 // only those forms which were successfully removed. | |
138 void RemoveDatabaseForms( | |
139 std::vector<std::unique_ptr<autofill::PasswordForm>>* forms); | |
140 | |
141 // Removes the given forms from the Keychain. | |
142 void RemoveKeychainForms( | |
143 const std::vector<std::unique_ptr<autofill::PasswordForm>>& forms); | |
144 | |
145 // Searches the database for forms without a corresponding entry in the | |
146 // keychain. Removes those forms from the database, and adds them to | |
147 // |orphaned_forms|. | |
148 void CleanOrphanedForms( | |
149 std::vector<std::unique_ptr<autofill::PasswordForm>>* orphaned_forms); | |
150 | |
151 std::unique_ptr<crypto::AppleKeychain> keychain_; | |
152 | |
153 // The login metadata SQL database. The caller is resonsible for initializing | |
154 // it. | |
155 password_manager::LoginDatabase* login_metadata_db_; | |
156 | |
157 DISALLOW_COPY_AND_ASSIGN(PasswordStoreMac); | |
158 }; | |
159 | |
160 #endif // CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_STORE_MAC_H_ | |
OLD | NEW |