Clean up PasswordFormConversionUtilsTest and add some missing tests.

components/autofill/content/renderer/password_form_conversion_utils_browsertest.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/strings/string16.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "components/autofill/content/renderer/password_form_conversion_utils.h"
 #include "components/autofill/core/common/password_form.h"
@@ skipping 94 matching lines @@
 
     *password_form = CreatePasswordForm(forms[0]);
   }
 
  private:
   DISALLOW_COPY_AND_ASSIGN(PasswordFormConversionUtilsTest);
 };
 
 }  // namespace
 
-TEST_F(PasswordFormConversionUtilsTest, ValidWebFormElementToPasswordForm) {
+TEST_F(PasswordFormConversionUtilsTest, BasicFormAttributes) {
   PasswordFormBuilder builder(kTestFormActionURL);
   builder.AddUsernameField("username", "johnsmith", NULL);
   builder.AddSubmitButton();
   builder.AddPasswordField("password", "secret", NULL);
   std::string html = builder.ProduceHTML();
 
   scoped_ptr<PasswordForm> password_form;
   ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
-  ASSERT_NE(static_cast<PasswordForm*>(NULL), password_form.get());
+  ASSERT_TRUE(password_form);
 
   EXPECT_EQ("data:", password_form->signon_realm);
   EXPECT_EQ(GURL(kTestFormActionURL), password_form->action);
   EXPECT_EQ(base::UTF8ToUTF16("username"), password_form->username_element);
   EXPECT_EQ(base::UTF8ToUTF16("johnsmith"), password_form->username_value);
   EXPECT_EQ(base::UTF8ToUTF16("password"), password_form->password_element);
   EXPECT_EQ(base::UTF8ToUTF16("secret"), password_form->password_value);
   EXPECT_EQ(PasswordForm::SCHEME_HTML, password_form->scheme);
   EXPECT_FALSE(password_form->ssl_valid);
   EXPECT_FALSE(password_form->preferred);
   EXPECT_FALSE(password_form->blacklisted_by_user);
   EXPECT_EQ(PasswordForm::TYPE_MANUAL, password_form->type);
-}
-
-TEST_F(PasswordFormConversionUtilsTest, InvalidWebFormElementToPasswordForm) {
-  PasswordFormBuilder builder("invalid_target");
-  builder.AddUsernameField("username", "johnsmith", NULL);
-  builder.AddSubmitButton();
-  builder.AddPasswordField("password", "secret", NULL);
-  std::string html = builder.ProduceHTML();
-
-  scoped_ptr<PasswordForm> password_form;
-  ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
-  ASSERT_EQ(static_cast<PasswordForm*>(NULL), password_form.get());
+  EXPECT_FALSE(password_form->use_additional_authentication);
 }
 
 TEST_F(PasswordFormConversionUtilsTest,
-       WebFormWithMultipleUseNameAndPassWordFieldsToPasswordForm) {
-  PasswordFormBuilder builder(kTestFormActionURL);
-  builder.AddUsernameField("username1", "John", NULL);
-  builder.AddPasswordField("password1", "oldsecret", NULL);
-  builder.AddUsernameField("username2", "William", NULL);
-  builder.AddPasswordField("password2", "secret", NULL);
-  builder.AddUsernameField("username3", "Smith", NULL);
-  builder.AddPasswordField("password3", "secret", NULL);
-  builder.AddSubmitButton();
-  std::string html = builder.ProduceHTML();
-
-  scoped_ptr<PasswordForm> password_form;
-  ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
-  ASSERT_NE(static_cast<PasswordForm*>(NULL), password_form.get());
-
-  EXPECT_EQ("data:", password_form->signon_realm);
-  EXPECT_EQ(GURL(kTestFormActionURL), password_form->action);
-  EXPECT_EQ(base::UTF8ToUTF16("username1"), password_form->username_element);
-  EXPECT_EQ(base::UTF8ToUTF16("John"), password_form->username_value);
-  EXPECT_EQ(base::UTF8ToUTF16("password1"),
-            password_form->password_element);
-  EXPECT_EQ(base::UTF8ToUTF16("oldsecret"), password_form->password_value);
-  EXPECT_EQ(base::UTF8ToUTF16("password2"),
-            password_form->new_password_element);
-  EXPECT_EQ(base::UTF8ToUTF16("secret"), password_form->new_password_value);
-  ASSERT_EQ(2u, password_form->other_possible_usernames.size());
-  EXPECT_EQ(base::UTF8ToUTF16("William"),
-            password_form->other_possible_usernames[0]);
-  EXPECT_EQ(base::UTF8ToUTF16("Smith"),
-            password_form->other_possible_usernames[1]);
-  EXPECT_EQ(PasswordForm::SCHEME_HTML, password_form->scheme);
-  EXPECT_FALSE(password_form->ssl_valid);
-  EXPECT_FALSE(password_form->preferred);
-  EXPECT_FALSE(password_form->blacklisted_by_user);
-  EXPECT_EQ(PasswordForm::TYPE_MANUAL, password_form->type);
-}
-
-TEST_F(PasswordFormConversionUtilsTest,
-       WebFormwithThreeDifferentPasswordsToPasswordForm) {
-  PasswordFormBuilder builder(kTestFormActionURL);
-  builder.AddUsernameField("username1", "John", NULL);
-  builder.AddPasswordField("password1", "alpha", NULL);
-  builder.AddPasswordField("password2", "beta", NULL);
-  builder.AddPasswordField("password3", "gamma", NULL);
-  builder.AddSubmitButton();
-  std::string html = builder.ProduceHTML();
-
-  scoped_ptr<PasswordForm> password_form;
-  ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
-  ASSERT_EQ(static_cast<PasswordForm*>(NULL), password_form.get());
-}
-
-TEST_F(PasswordFormConversionUtilsTest,
-       UsernameFieldsWithAutocompleteAttributes) {
+       IdentifyingUsernameFields) {

[vabr (Chromium), 2014/07/07 12:12:19]

nit: Seems like this would fit on one line?

[engedy, 2014/07/09 16:58:35]

Done.

   // Each test case consists of a set of parameters to be plugged into the
   // PasswordFormBuilder below, plus the corresponding expectations.
   struct TestCase {
     const char* autocomplete[3];
     const char* expected_username_element;
     const char* expected_username_value;
     const char* expected_other_possible_usernames;
   } cases[] = {
+      // When no elements are marked with autocomplete='username', the text-type
+      // input field before the first password element should get selected as
+      // the username, and the rest should be marked as alternatives.
+      {{NULL, NULL, NULL}, "username2", "William", "John+Smith"},
       // When a sole element is marked with autocomplete='username', it should
       // be treated as the username for sure, with no other_possible_usernames.
       {{"username", NULL, NULL}, "username1", "John", ""},
       {{NULL, "username", NULL}, "username2", "William", ""},
       {{NULL, NULL, "username"}, "username3", "Smith", ""},
       // When >=2 elements have the attribute, the first should be selected as
       // the username, and the rest should go to other_possible_usernames.
       {{"username", "username", NULL}, "username1", "John", "William"},
       {{NULL, "username", "username"}, "username2", "William", "Smith"},
       {{"username", NULL, "username"}, "username1", "John", "Smith"},
@@ skipping 14 matching lines @@
     PasswordFormBuilder builder(kTestFormActionURL);
     builder.AddUsernameField("username1", "John", cases[i].autocomplete[0]);
     builder.AddUsernameField("username2", "William", cases[i].autocomplete[1]);
     builder.AddPasswordField("password", "secret", NULL);
     builder.AddUsernameField("username3", "Smith", cases[i].autocomplete[2]);
     builder.AddSubmitButton();
     std::string html = builder.ProduceHTML();
 
     scoped_ptr<PasswordForm> password_form;
     ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
-    ASSERT_NE(static_cast<PasswordForm*>(NULL), password_form.get());
+    ASSERT_TRUE(password_form);
 
     EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_username_element),
               password_form->username_element);
     EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_username_value),
               password_form->username_value);
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_other_possible_usernames),
+              JoinString(password_form->other_possible_usernames, '+'));
+
+    // Do a basic sanity check that we are still having a password field.
     EXPECT_EQ(base::UTF8ToUTF16("password"), password_form->password_element);
     EXPECT_EQ(base::UTF8ToUTF16("secret"), password_form->password_value);
-    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_other_possible_usernames),
-              JoinString(password_form->other_possible_usernames, '+'));
+  }
+}
+
+TEST_F(PasswordFormConversionUtilsTest, IdentifyingTwoPasswordFields) {
+  // Each test case consists of a set of parameters to be plugged into the
+  // PasswordFormBuilder below, plus the corresponding expectations.
+  struct TestCase {
+    const char* password_values[2];
+    const char* expected_password_element;
+    const char* expected_password_value;
+    const char* expected_new_password_element;
+    const char* expected_new_password_value;
+  } cases[] = {
+      // Twp non-empty fields with the same value should be treated as a new
+      // password field plus a confirmation field for the new password.
+      {{"alpha", "alpha"}, "", "", "password1", "alpha"},
+      // The same goes if the fields are yet empty: we speculate that we will
+      // identify them as new password fields once they are filled out, and we
+      // want to keep our abstract interpretation of the form less flaky.
+      {{"", ""}, "", "", "password1", ""},
+      // Two different values should be treated as a password change form, one
+      // that also asks for the current password, but only once for the new.
+      {{"alpha", ""}, "password1", "alpha", "password2", ""},
+      {{"", "beta"}, "password1", "", "password2", "beta"},
+      {{"alpha", "beta"}, "password1", "alpha", "password2", "beta"}};
+
+  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(cases); ++i) {
+    SCOPED_TRACE(testing::Message() << "Iteration " << i);
+
+    PasswordFormBuilder builder(kTestFormActionURL);
+    builder.AddPasswordField("password1", cases[i].password_values[0], NULL);
+    builder.AddUsernameField("username1", "William", NULL);
+    builder.AddPasswordField("password2", cases[i].password_values[1], NULL);
+    builder.AddUsernameField("username2", "Smith", NULL);
+    builder.AddSubmitButton();
+    std::string html = builder.ProduceHTML();
+
+    scoped_ptr<PasswordForm> password_form;
+    ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
+    ASSERT_TRUE(password_form);
+
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_password_element),
+              password_form->password_element);
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_password_value),
+              password_form->password_value);
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_new_password_element),
+              password_form->new_password_element);
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_new_password_value),
+              password_form->new_password_value);
+
+    // Do a basic sanity check that we are still selecting the right username.
+    EXPECT_EQ(base::UTF8ToUTF16("username1"), password_form->username_element);
+    EXPECT_EQ(base::UTF8ToUTF16("William"), password_form->username_value);
+    ASSERT_EQ(1u, password_form->other_possible_usernames.size());
+    EXPECT_EQ(base::UTF8ToUTF16("Smith"),
+              password_form->other_possible_usernames[0]);
+  }
+}
+
+TEST_F(PasswordFormConversionUtilsTest, IdentifyingThreePasswordFields) {
+  // Each test case consists of a set of parameters to be plugged into the
+  // PasswordFormBuilder below, plus the corresponding expectations.
+  struct TestCase {
+    const char* password_values[3];
+    const char* expected_password_element;
+    const char* expected_password_value;
+    const char* expected_new_password_element;
+    const char* expected_new_password_value;
+  } cases[] = {
+      // Two fields with the same value, and one different: we should treat this
+      // as a password change form with confirmation for the new password. Note
+      // that we only recognize (current + new + new) and (new + new + current)
+      // without autocomplete attributes.
+      {{"alpha", "", ""}, "password1", "alpha", "password2", ""},
+      {{"", "beta", "beta"}, "password1", "", "password2", "beta"},
+      {{"alpha", "beta", "beta"}, "password1", "alpha", "password2", "beta"},
+      {{"beta", "beta", "alpha"}, "password3", "alpha", "password1", "beta"},
+      // If the fields are yet empty, we speculate that we will identify them as
+      // (current + new + new) once they are filled out, so we should classify
+      // them the same for now to keep our abstract interpretation less flaky.
+      {{"", "", ""}, "password1", "", "password2", ""}};
+      // Note: In all other cases, we give up and consider the form invalid.
+      // This is tested in InvalidFormDueToConfusingPasswordFields.
+
+  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(cases); ++i) {
+    SCOPED_TRACE(testing::Message() << "Iteration " << i);
+
+    PasswordFormBuilder builder(kTestFormActionURL);
+    builder.AddPasswordField("password1", cases[i].password_values[0], NULL);
+    builder.AddUsernameField("username1", "William", NULL);
+    builder.AddPasswordField("password2", cases[i].password_values[1], NULL);
+    builder.AddUsernameField("username2", "Smith", NULL);
+    builder.AddPasswordField("password3", cases[i].password_values[2], NULL);
+    builder.AddSubmitButton();
+    std::string html = builder.ProduceHTML();
+
+    scoped_ptr<PasswordForm> password_form;
+    ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
+    ASSERT_TRUE(password_form);
+
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_password_element),
+              password_form->password_element);
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_password_value),
+              password_form->password_value);
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_new_password_element),
+              password_form->new_password_element);
+    EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_new_password_value),
+              password_form->new_password_value);
+
+    // Do a basic sanity check that we are still selecting the right username.
+    EXPECT_EQ(base::UTF8ToUTF16("username1"), password_form->username_element);
+    EXPECT_EQ(base::UTF8ToUTF16("William"), password_form->username_value);
+    ASSERT_EQ(1u, password_form->other_possible_usernames.size());
+    EXPECT_EQ(base::UTF8ToUTF16("Smith"),
+              password_form->other_possible_usernames[0]);
   }
 }
 
 TEST_F(PasswordFormConversionUtilsTest,
-       PasswordFieldsWithAutocompleteAttributes) {
+       IdentifyingPasswordFieldsWithAutocompleteAttributes) {
   // Each test case consists of a set of parameters to be plugged into the
   // PasswordFormBuilder below, plus the corresponding expectations.
   struct TestCase {
     const char* autocomplete[3];
     const char* expected_password_element;
     const char* expected_password_value;
     const char* expected_new_password_element;
     const char* expected_new_password_value;
   } cases[] = {
       // When there are elements marked with autocomplete='current-password',
@@ skipping 81 matching lines @@
     builder.AddPasswordField("password1", "alpha", cases[i].autocomplete[0]);
     builder.AddUsernameField("username1", "William", NULL);
     builder.AddPasswordField("password2", "beta", cases[i].autocomplete[1]);
     builder.AddUsernameField("username2", "Smith", NULL);
     builder.AddPasswordField("password3", "gamma", cases[i].autocomplete[2]);
     builder.AddSubmitButton();
     std::string html = builder.ProduceHTML();
 
     scoped_ptr<PasswordForm> password_form;
     ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
-    ASSERT_NE(static_cast<PasswordForm*>(NULL), password_form.get());
+    ASSERT_TRUE(password_form);
 
-    // Any constellation of password autocomplete attributes should have no
-    // effect on that the first text-type input field before a password field
-    // should be selected as the username.
-    // TODO(engedy): Double-check whether this is the intended behavior.
-    EXPECT_EQ(base::UTF8ToUTF16("username1"), password_form->username_element);
-    EXPECT_EQ(base::UTF8ToUTF16("William"), password_form->username_value);
     EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_password_element),
               password_form->password_element);
     EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_password_value),
               password_form->password_value);
     EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_new_password_element),
               password_form->new_password_element);
     EXPECT_EQ(base::UTF8ToUTF16(cases[i].expected_new_password_value),
               password_form->new_password_value);
+
+    // Any constellation of password autocomplete attributes should have no

[vabr (Chromium), 2014/07/07 12:12:19]

nit: Any constellation ... should have no ... -> No constellation ... should
have effect ...

Optionally, I believe this comment could be simplified and clarified:
"In the absence of username autocomplete attributes, the username should be the
text input field before the first password. No constellation of password
autocomplete attributes should change that."

[engedy, 2014/07/09 16:58:35]

Done.

+    // effect on that the text-type input field before the first password field
+    // should be selected as the username.
+    // TODO(engedy): Double-check whether this is the intended behavior.
+    EXPECT_EQ(base::UTF8ToUTF16("username1"), password_form->username_element);
+    EXPECT_EQ(base::UTF8ToUTF16("William"), password_form->username_value);
     ASSERT_EQ(1u, password_form->other_possible_usernames.size());
     EXPECT_EQ(base::UTF8ToUTF16("Smith"),
               password_form->other_possible_usernames[0]);
   }
 }
 
+TEST_F(PasswordFormConversionUtilsTest, InvalidFormDueToBadActionURL) {
+  PasswordFormBuilder builder("invalid_target");
+  builder.AddUsernameField("username", "JohnSmith", NULL);
+  builder.AddSubmitButton();
+  builder.AddPasswordField("password", "secret", NULL);
+  std::string html = builder.ProduceHTML();
+
+  scoped_ptr<PasswordForm> password_form;
+  ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
+  EXPECT_FALSE(password_form);
+}
+
+TEST_F(PasswordFormConversionUtilsTest, InvalidFormDueToNoPasswordFields) {
+  PasswordFormBuilder builder(kTestFormActionURL);
+  builder.AddUsernameField("username1", "John", NULL);
+  builder.AddUsernameField("username2", "Smith", NULL);
+  builder.AddSubmitButton();
+  std::string html = builder.ProduceHTML();
+
+  scoped_ptr<PasswordForm> password_form;
+  ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
+  EXPECT_FALSE(password_form);
+}
+
+TEST_F(PasswordFormConversionUtilsTest,
+       InvalidFormDueToConfusingPasswordFields) {
+  // Each test case consists of a set of parameters to be plugged into the
+  // PasswordFormBuilder below.
+  const char* cases[][3] = {
+      // No autocomplete attributes to guide us, and we see:
+      //  * three password values that are all different,
+      //  * three password values that are all the same;
+      //  * three password values with the first and last matching.
+      // In any case, we are lost, and we should just give up on this form.
+      {"alpha", "beta", "gamma"},
+      {"alpha", "alpha", "alpha"},
+      {"alpha", "beta", "alpha"}};
+
+  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(cases); ++i) {
+    SCOPED_TRACE(testing::Message() << "Iteration " << i);
+
+    PasswordFormBuilder builder(kTestFormActionURL);
+    builder.AddUsernameField("username1", "John", NULL);
+    builder.AddPasswordField("password1", cases[i][0], NULL);
+    builder.AddPasswordField("password2", cases[i][1], NULL);
+    builder.AddPasswordField("password3", cases[i][2], NULL);
+    builder.AddSubmitButton();
+    std::string html = builder.ProduceHTML();
+
+    scoped_ptr<PasswordForm> password_form;
+    ASSERT_NO_FATAL_FAILURE(LoadHTMLAndConvertForm(html, &password_form));
+    EXPECT_FALSE(password_form);
+  }
+}
+
 }  // namespace autofill