GetLoginsRequest: Use ScopedVector to express ownership of forms

chrome/browser/password_manager/password_store_mac_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/password_manager/password_store_mac.h"
 
 #include "base/basictypes.h"
 #include "base/files/scoped_temp_dir.h"
 #include "base/scoped_observer.h"
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/synchronization/waitable_event.h"
 #include "chrome/browser/password_manager/password_store_mac_internal.h"
 #include "chrome/common/chrome_paths.h"
 #include "components/password_manager/core/browser/login_database.h"
+#include "components/password_manager/core/browser/password_form_data.h"
 #include "components/password_manager/core/browser/password_store_consumer.h"
 #include "content/public/test/test_browser_thread.h"
 #include "crypto/mock_apple_keychain.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using autofill::PasswordForm;
 using base::ASCIIToUTF16;
 using base::WideToUTF16;
 using content::BrowserThread;
 using crypto::MockAppleKeychain;
 using internal_keychain_helpers::FormsMatchForMerge;
 using internal_keychain_helpers::STRICT_FORM_MATCH;
 using password_manager::LoginDatabase;
 using password_manager::PasswordStore;
 using password_manager::PasswordStoreConsumer;
 using testing::_;
 using testing::DoAll;
 using testing::Invoke;
+using testing::IsEmpty;
+using testing::SizeIs;
 using testing::WithArg;
 
 namespace {
 
-ACTION(STLDeleteElements0) {
-  STLDeleteContainerPointers(arg0.begin(), arg0.end());
-}
-
 ACTION(QuitUIMessageLoop) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   base::MessageLoop::current()->Quit();
 }
 
+// From the mock's argument #0 of type const std::vector<PasswordForm*>& takes
+// the first form and copies it to the form pointed to by |target_form_ptr|.
+ACTION_P(SaveACopyOfFirstForm, target_form_ptr) {
+  ASSERT_FALSE(arg0.empty());
+  *target_form_ptr = *arg0[0];
+}
+
 class MockPasswordStoreConsumer : public PasswordStoreConsumer {
  public:
-  MOCK_METHOD1(OnGetPasswordStoreResults,
-               void(const std::vector<autofill::PasswordForm*>&));
+  MOCK_METHOD1(OnGetPasswordStoreResultsConstRef,
+               void(const std::vector<PasswordForm*>&));
 
-  void CopyElements(const std::vector<autofill::PasswordForm*>& forms) {
-    last_result.clear();
-    for (size_t i = 0; i < forms.size(); ++i) {
-      last_result.push_back(*forms[i]);
-    }
+  // GMock cannot mock methods with move-only args.
+  void OnGetPasswordStoreResults(ScopedVector<PasswordForm> results) override {
+    OnGetPasswordStoreResultsConstRef(results.get());
   }
-
-  // Runs the current thread's message loop until OnGetPasswordStoreResults()
-  // is posted to it. This method should be called immediately after GetLogins,
-  // without pumping the message loop in-between.
-  void WaitOnGetPasswordStoreResults() {
-    EXPECT_CALL(*this, OnGetPasswordStoreResults(_)).WillOnce(DoAll(
-        WithArg<0>(Invoke(this, &MockPasswordStoreConsumer::CopyElements)),
-        WithArg<0>(STLDeleteElements0()),
-        QuitUIMessageLoop()));
-    base::MessageLoop::current()->Run();
-  }
-
-  std::vector<PasswordForm> last_result;
 };
 
 class MockPasswordStoreObserver : public PasswordStore::Observer {
  public:
   MOCK_METHOD1(OnLoginsChanged,
                void(const password_manager::PasswordStoreChangeList& changes));
 };
 
 // A mock LoginDatabase that simulates a failing Init() method.
 class BadLoginDatabase : public password_manager::LoginDatabase {
@@ skipping 43 matching lines @@
                          login_db.Pass()) {}
 
   using PasswordStoreMac::GetBackgroundTaskRunner;
 
  private:
   ~TestPasswordStoreMac() override {}
 
   DISALLOW_COPY_AND_ASSIGN(TestPasswordStoreMac);
 };
 
-}  // namespace
-
-#pragma mark -
-
-class PasswordStoreMacInternalsTest : public testing::Test {
- public:
-  void SetUp() override {
-    MockAppleKeychain::KeychainTestData test_data[] = {
-      // Basic HTML form.
-      { kSecAuthenticationTypeHTMLForm, "some.domain.com",
-        kSecProtocolTypeHTTP, NULL, 0, NULL, "20020601171500Z",
-        "joe_user", "sekrit", false },
-      // HTML form with path.
-      { kSecAuthenticationTypeHTMLForm, "some.domain.com",
-        kSecProtocolTypeHTTP, "/insecure.html", 0, NULL, "19991231235959Z",
-        "joe_user", "sekrit", false },
-      // Secure HTML form with path.
-      { kSecAuthenticationTypeHTMLForm, "some.domain.com",
-        kSecProtocolTypeHTTPS, "/secure.html", 0, NULL, "20100908070605Z",
-        "secure_user", "password", false },
-      // True negative item.
-      { kSecAuthenticationTypeHTMLForm, "dont.remember.com",
-        kSecProtocolTypeHTTP, NULL, 0, NULL, "20000101000000Z",
-        "", "", true },
-      // De-facto negative item, type one.
-      { kSecAuthenticationTypeHTMLForm, "dont.remember.com",
-        kSecProtocolTypeHTTP, NULL, 0, NULL, "20000101000000Z",
-        "Password Not Stored", "", false },
-      // De-facto negative item, type two.
-      { kSecAuthenticationTypeHTMLForm, "dont.remember.com",
-        kSecProtocolTypeHTTPS, NULL, 0, NULL, "20000101000000Z",
-        "Password Not Stored", " ", false },
-      // HTTP auth basic, with port and path.
-      { kSecAuthenticationTypeHTTPBasic, "some.domain.com",
-        kSecProtocolTypeHTTP, "/insecure.html", 4567, "low_security",
-        "19980330100000Z",
-        "basic_auth_user", "basic", false },
-      // HTTP auth digest, secure.
-      { kSecAuthenticationTypeHTTPDigest, "some.domain.com",
-        kSecProtocolTypeHTTPS, NULL, 0, "high_security", "19980330100000Z",
-        "digest_auth_user", "digest", false },
-      // An FTP password with an invalid date, for edge-case testing.
-      { kSecAuthenticationTypeDefault, "a.server.com",
-        kSecProtocolTypeFTP, NULL, 0, NULL, "20010203040",
-        "abc", "123", false },
-    };
-
-    keychain_ = new MockAppleKeychain();
-
-    for (unsigned int i = 0; i < arraysize(test_data); ++i) {
-      keychain_->AddTestItem(test_data[i]);
-    }
-  }
-
-  void TearDown() override {
-    ExpectCreatesAndFreesBalanced();
-    ExpectCreatorCodesSet();
-    delete keychain_;
-  }
-
- protected:
-  // Causes a test failure unless everything returned from keychain_'s
-  // ItemCopyAttributesAndData, SearchCreateFromAttributes, and SearchCopyNext
-  // was correctly freed.
-  void ExpectCreatesAndFreesBalanced() {
-    EXPECT_EQ(0, keychain_->UnfreedSearchCount());
-    EXPECT_EQ(0, keychain_->UnfreedKeychainItemCount());
-    EXPECT_EQ(0, keychain_->UnfreedAttributeDataCount());
-  }
-
-  // Causes a test failure unless any Keychain items added during the test have
-  // their creator code set.
-  void ExpectCreatorCodesSet() {
-    EXPECT_TRUE(keychain_->CreatorCodesSetForAddedItems());
-  }
-
-  MockAppleKeychain* keychain_;
-};
-
 #pragma mark -
 
 // Struct used for creation of PasswordForms from static arrays of data.
 struct PasswordFormData {
   const PasswordForm::Scheme scheme;
   const char* signon_realm;
   const char* origin;
   const char* action;
   const wchar_t* submit_element;
   const wchar_t* username_element;
   const wchar_t* password_element;
   const wchar_t* username_value;  // Set to NULL for a blacklist entry.
   const wchar_t* password_value;
   const bool preferred;
   const bool ssl_valid;
   const double creation_time;
 };
 
-// Creates and returns a new PasswordForm built from form_data. Caller is
-// responsible for deleting the object when finished with it.
-static PasswordForm* CreatePasswordFormFromData(
+// Creates and returns a new PasswordForm built from form_data.
+scoped_ptr<PasswordForm> CreatePasswordFormFromData(
     const PasswordFormData& form_data) {
-  PasswordForm* form = new PasswordForm();
+  scoped_ptr<PasswordForm> form(new PasswordForm());
   form->scheme = form_data.scheme;
   form->preferred = form_data.preferred;
   form->ssl_valid = form_data.ssl_valid;
   form->date_created = base::Time::FromDoubleT(form_data.creation_time);
   form->date_synced = form->date_created + base::TimeDelta::FromDays(1);
   if (form_data.signon_realm)
     form->signon_realm = std::string(form_data.signon_realm);
   if (form_data.origin)
     form->origin = GURL(form_data.origin);
   if (form_data.action)
     form->action = GURL(form_data.action);
   if (form_data.submit_element)
     form->submit_element = WideToUTF16(form_data.submit_element);
   if (form_data.username_element)
     form->username_element = WideToUTF16(form_data.username_element);
   if (form_data.password_element)
     form->password_element = WideToUTF16(form_data.password_element);
   if (form_data.username_value) {
     form->username_value = WideToUTF16(form_data.username_value);
     form->display_name = form->username_value;
     form->skip_zero_click = true;
     if (form_data.password_value)
       form->password_value = WideToUTF16(form_data.password_value);
   } else {
     form->blacklisted_by_user = true;
   }
   form->avatar_url = GURL("https://accounts.google.com/Avatar");
   form->federation_url = GURL("https://accounts.google.com/login");
-  return form;
+  return form.Pass();
 }
 
 // Macro to simplify calling CheckFormsAgainstExpectations with a useful label.
 #define CHECK_FORMS(forms, expectations, i) \
     CheckFormsAgainstExpectations(forms, expectations, #forms, i)
 
 // Ensures that the data in |forms| match |expectations|, causing test failures
 // for any discrepencies.
 // TODO(stuartmorgan): This is current order-dependent; ideally it shouldn't
 // matter if |forms| and |expectations| are scrambled.
-static void CheckFormsAgainstExpectations(
+void CheckFormsAgainstExpectations(
     const std::vector<PasswordForm*>& forms,
     const std::vector<PasswordFormData*>& expectations,
-    const char* forms_label, unsigned int test_number) {
+    const char* forms_label,
+    unsigned int test_number) {
   const unsigned int kBufferSize = 128;
   char test_label[kBufferSize];
   snprintf(test_label, kBufferSize, "%s in test %u", forms_label, test_number);
 
   EXPECT_EQ(expectations.size(), forms.size()) << test_label;
   if (expectations.size() != forms.size())
     return;
 
   for (unsigned int i = 0; i < expectations.size(); ++i) {
     snprintf(test_label, kBufferSize, "%s in test %u, item %u",
@@ skipping 27 matching lines @@
     EXPECT_DOUBLE_EQ(expectation->creation_time,
                      form->date_created.ToDoubleT()) << test_label;
     base::Time created = base::Time::FromDoubleT(expectation->creation_time);
     EXPECT_EQ(created + base::TimeDelta::FromDays(1),
               form->date_synced) << test_label;
     EXPECT_EQ(GURL("https://accounts.google.com/Avatar"), form->avatar_url);
     EXPECT_EQ(GURL("https://accounts.google.com/login"), form->federation_url);
   }
 }
 
+}  // namespace
+
+#pragma mark -
+
+class PasswordStoreMacInternalsTest : public testing::Test {
+ public:
+  void SetUp() override {
+    MockAppleKeychain::KeychainTestData test_data[] = {
+        // Basic HTML form.
+        {kSecAuthenticationTypeHTMLForm,
+         "some.domain.com",
+         kSecProtocolTypeHTTP,
+         NULL,
+         0,
+         NULL,
+         "20020601171500Z",
+         "joe_user",
+         "sekrit",
+         false},
+        // HTML form with path.
+        {kSecAuthenticationTypeHTMLForm,
+         "some.domain.com",
+         kSecProtocolTypeHTTP,
+         "/insecure.html",
+         0,
+         NULL,
+         "19991231235959Z",
+         "joe_user",
+         "sekrit",
+         false},
+        // Secure HTML form with path.
+        {kSecAuthenticationTypeHTMLForm,
+         "some.domain.com",
+         kSecProtocolTypeHTTPS,
+         "/secure.html",
+         0,
+         NULL,
+         "20100908070605Z",
+         "secure_user",
+         "password",
+         false},
+        // True negative item.
+        {kSecAuthenticationTypeHTMLForm,
+         "dont.remember.com",
+         kSecProtocolTypeHTTP,
+         NULL,
+         0,
+         NULL,
+         "20000101000000Z",
+         "",
+         "",
+         true},
+        // De-facto negative item, type one.
+        {kSecAuthenticationTypeHTMLForm,
+         "dont.remember.com",
+         kSecProtocolTypeHTTP,
+         NULL,
+         0,
+         NULL,
+         "20000101000000Z",
+         "Password Not Stored",
+         "",
+         false},
+        // De-facto negative item, type two.
+        {kSecAuthenticationTypeHTMLForm,
+         "dont.remember.com",
+         kSecProtocolTypeHTTPS,
+         NULL,
+         0,
+         NULL,
+         "20000101000000Z",
+         "Password Not Stored",
+         " ",
+         false},
+        // HTTP auth basic, with port and path.
+        {kSecAuthenticationTypeHTTPBasic,
+         "some.domain.com",
+         kSecProtocolTypeHTTP,
+         "/insecure.html",
+         4567,
+         "low_security",
+         "19980330100000Z",
+         "basic_auth_user",
+         "basic",
+         false},
+        // HTTP auth digest, secure.
+        {kSecAuthenticationTypeHTTPDigest,
+         "some.domain.com",
+         kSecProtocolTypeHTTPS,
+         NULL,
+         0,
+         "high_security",
+         "19980330100000Z",
+         "digest_auth_user",
+         "digest",
+         false},
+        // An FTP password with an invalid date, for edge-case testing.
+        {kSecAuthenticationTypeDefault,
+         "a.server.com",
+         kSecProtocolTypeFTP,
+         NULL,
+         0,
+         NULL,
+         "20010203040",
+         "abc",
+         "123",
+         false},
+    };
+
+    keychain_ = new MockAppleKeychain();
+
+    for (unsigned int i = 0; i < arraysize(test_data); ++i) {
+      keychain_->AddTestItem(test_data[i]);
+    }
+  }
+
+  void TearDown() override {
+    ExpectCreatesAndFreesBalanced();
+    ExpectCreatorCodesSet();
+    delete keychain_;
+  }
+
+ protected:
+  // Causes a test failure unless everything returned from keychain_'s
+  // ItemCopyAttributesAndData, SearchCreateFromAttributes, and SearchCopyNext
+  // was correctly freed.
+  void ExpectCreatesAndFreesBalanced() {
+    EXPECT_EQ(0, keychain_->UnfreedSearchCount());
+    EXPECT_EQ(0, keychain_->UnfreedKeychainItemCount());
+    EXPECT_EQ(0, keychain_->UnfreedAttributeDataCount());
+  }
+
+  // Causes a test failure unless any Keychain items added during the test have
+  // their creator code set.
+  void ExpectCreatorCodesSet() {
+    EXPECT_TRUE(keychain_->CreatorCodesSetForAddedItems());
+  }
+
+  MockAppleKeychain* keychain_;
+};
+
 #pragma mark -
 
 TEST_F(PasswordStoreMacInternalsTest, TestKeychainToFormTranslation) {
   typedef struct {
     const PasswordForm::Scheme scheme;
     const char* signon_realm;
     const char* origin;
     const wchar_t* username;  // Set to NULL to check for a blacklist entry.
     const wchar_t* password;
     const bool ssl_valid;
@@ skipping 132 matching lines @@
       0, 0 },
     // Garbage forms should have no matches.
     { { PasswordForm::SCHEME_HTML, "foo/bar/baz",
         NULL, NULL, NULL, NULL, NULL, NULL, NULL, false, false, 0 }, 0, 0 },
   };
 
   MacKeychainPasswordFormAdapter keychain_adapter(keychain_);
   MacKeychainPasswordFormAdapter owned_keychain_adapter(keychain_);
   owned_keychain_adapter.SetFindsOnlyOwnedItems(true);
   for (unsigned int i = 0; i < arraysize(test_data); ++i) {
-    scoped_ptr<PasswordForm> query_form(
-        CreatePasswordFormFromData(test_data[i].data));
+    scoped_ptr<PasswordForm> query_form =
+        CreatePasswordFormFromData(test_data[i].data);
 
     // Check matches treating the form as a fill target.
     ScopedVector<autofill::PasswordForm> matching_items =
         keychain_adapter.PasswordsFillingForm(query_form->signon_realm,
                                               query_form->scheme);
     EXPECT_EQ(test_data[i].expected_fill_matches, matching_items.size());
     matching_items.clear();
 
     // Check matches treating the form as a merging target.
     EXPECT_EQ(test_data[i].expected_merge_matches > 0,
@@ skipping 58 matching lines @@
     { PasswordForm::SCHEME_BASIC, "http://some.domain.com:4567/low_security",
       "http://some.domain.com:4567/insecure.html",
       NULL, NULL, NULL, NULL, L"basic_auth_user", NULL, true, false, 0 },
     { PasswordForm::SCHEME_DIGEST, "https://some.domain.com/high_security",
       "https://some.domain.com",
       NULL, NULL, NULL, NULL, L"digest_auth_user", NULL, true, true, 0 },
   };
 
   for (unsigned int i = 0; i < arraysize(base_form_data); ++i) {
     // Create a base form and make sure we find a match.
-    scoped_ptr<PasswordForm> base_form(CreatePasswordFormFromData(
-        base_form_data[i]));
+    scoped_ptr<PasswordForm> base_form =
+        CreatePasswordFormFromData(base_form_data[i]);
     EXPECT_TRUE(keychain_adapter.HasPasswordsMergeableWithForm(*base_form));
     EXPECT_TRUE(keychain_adapter.HasPasswordExactlyMatchingForm(*base_form));
 
     // Make sure that the matching isn't looser than it should be by checking
     // that slightly altered forms don't match.
     ScopedVector<autofill::PasswordForm> modified_forms;
 
     modified_forms.push_back(new PasswordForm(*base_form));
     modified_forms.back()->username_value = ASCIIToUTF16("wrong_user");
 
@@ skipping 52 matching lines @@
     // reported.
     { { PasswordForm::SCHEME_HTML, "http://some.domain.com",
         "http://some.domain.com/insecure.html", NULL, NULL, NULL, NULL,
         L"joe_user", L"fail_me", false, false, 0 }, false },
   };
 
   MacKeychainPasswordFormAdapter owned_keychain_adapter(keychain_);
   owned_keychain_adapter.SetFindsOnlyOwnedItems(true);
 
   for (unsigned int i = 0; i < arraysize(test_data); ++i) {
-    scoped_ptr<PasswordForm> in_form(
-        CreatePasswordFormFromData(test_data[i].data));
+    scoped_ptr<PasswordForm> in_form =
+        CreatePasswordFormFromData(test_data[i].data);
     bool add_succeeded = owned_keychain_adapter.AddPassword(*in_form);
     EXPECT_EQ(test_data[i].should_succeed, add_succeeded);
     if (add_succeeded) {
       EXPECT_TRUE(owned_keychain_adapter.HasPasswordsMergeableWithForm(
           *in_form));
       EXPECT_TRUE(owned_keychain_adapter.HasPasswordExactlyMatchingForm(
           *in_form));
     }
   }
 
   // Test that adding duplicate item updates the existing item.
   {
     PasswordFormData data = {
       PasswordForm::SCHEME_HTML, "http://some.domain.com",
       "http://some.domain.com/insecure.html", NULL,
       NULL, NULL, NULL, L"joe_user", L"updated_password", false, false, 0
     };
-    scoped_ptr<PasswordForm> update_form(CreatePasswordFormFromData(data));
+    scoped_ptr<PasswordForm> update_form = CreatePasswordFormFromData(data);
     MacKeychainPasswordFormAdapter keychain_adapter(keychain_);
     EXPECT_TRUE(keychain_adapter.AddPassword(*update_form));
     SecKeychainItemRef keychain_item = reinterpret_cast<SecKeychainItemRef>(2);
     PasswordForm stored_form;
     internal_keychain_helpers::FillPasswordFormFromKeychainItem(*keychain_,
                                                                 keychain_item,
                                                                 &stored_form,
                                                                 true);
     EXPECT_EQ(update_form->password_value, stored_form.password_value);
   }
@@ skipping 12 matching lines @@
     // Make sure we don't delete items we don't own.
     { { PasswordForm::SCHEME_HTML, "http://some.domain.com/",
         "http://some.domain.com/insecure.html", NULL, NULL, NULL, NULL,
         L"joe_user", NULL, true, false, 0 }, false },
   };
 
   MacKeychainPasswordFormAdapter owned_keychain_adapter(keychain_);
   owned_keychain_adapter.SetFindsOnlyOwnedItems(true);
 
   // Add our test item so that we can delete it.
-  PasswordForm* add_form = CreatePasswordFormFromData(test_data[0].data);
+  scoped_ptr<PasswordForm> add_form =
+      CreatePasswordFormFromData(test_data[0].data);
   EXPECT_TRUE(owned_keychain_adapter.AddPassword(*add_form));
-  delete add_form;
 
   for (unsigned int i = 0; i < arraysize(test_data); ++i) {
-    scoped_ptr<PasswordForm> form(CreatePasswordFormFromData(
-        test_data[i].data));
+    scoped_ptr<PasswordForm> form =
+        CreatePasswordFormFromData(test_data[i].data);
     EXPECT_EQ(test_data[i].should_succeed,
               owned_keychain_adapter.RemovePassword(*form));
 
     MacKeychainPasswordFormAdapter keychain_adapter(keychain_);
     bool match = keychain_adapter.HasPasswordExactlyMatchingForm(*form);
     EXPECT_EQ(test_data[i].should_succeed, !match);
   }
 }
 
 TEST_F(PasswordStoreMacInternalsTest, TestFormMatch) {
@@ skipping 180 matching lines @@
   test_data[DATABASE_INPUT][current_test].push_back(&db_user_1_with_path);
   test_data[MERGE_OUTPUT][current_test].push_back(&merged_user_1);
   test_data[MERGE_OUTPUT][current_test].push_back(
       &merged_user_1_with_both_paths);
 
   for (unsigned int test_case = 0; test_case <= current_test; ++test_case) {
     ScopedVector<autofill::PasswordForm> keychain_forms;
     for (std::vector<PasswordFormData*>::iterator i =
              test_data[KEYCHAIN_INPUT][test_case].begin();
          i != test_data[KEYCHAIN_INPUT][test_case].end(); ++i) {
-      keychain_forms.push_back(CreatePasswordFormFromData(*(*i)));
+      keychain_forms.push_back(CreatePasswordFormFromData(*(*i)).release());
     }
     ScopedVector<autofill::PasswordForm> database_forms;
     for (std::vector<PasswordFormData*>::iterator i =
              test_data[DATABASE_INPUT][test_case].begin();
          i != test_data[DATABASE_INPUT][test_case].end(); ++i) {
-      database_forms.push_back(CreatePasswordFormFromData(*(*i)));
+      database_forms.push_back(CreatePasswordFormFromData(*(*i)).release());
     }
 
     ScopedVector<autofill::PasswordForm> merged_forms;
     internal_keychain_helpers::MergePasswordForms(&keychain_forms,
                                                   &database_forms,
                                                   &merged_forms);
 
     CHECK_FORMS(keychain_forms.get(), test_data[KEYCHAIN_OUTPUT][test_case],
                 test_case);
     CHECK_FORMS(database_forms.get(), test_data[DATABASE_OUTPUT][test_case],
@@ skipping 24 matching lines @@
       "http://dont.remember.com/handlepage.cgi",
       L"submit", L"username", L"password", L"joe_user", L"",
       true, false, 1240000000 },
     { PasswordForm::SCHEME_HTML, "http://some.domain.com/",
       "http://some.domain.com/path.html", "http://some.domain.com/action.cgi",
       L"submit", L"username", L"password", NULL, NULL,
       true, false, 1212121212 },
   };
   ScopedVector<autofill::PasswordForm> database_forms;
   for (unsigned int i = 0; i < arraysize(db_data); ++i) {
-    database_forms.push_back(CreatePasswordFormFromData(db_data[i]));
+    database_forms.push_back(CreatePasswordFormFromData(db_data[i]).release());
   }
   ScopedVector<autofill::PasswordForm> merged_forms;
   internal_keychain_helpers::GetPasswordsForForms(*keychain_, &database_forms,
                                                   &merged_forms);
   EXPECT_EQ(2U, database_forms.size());
   ASSERT_EQ(3U, merged_forms.size());
   EXPECT_EQ(ASCIIToUTF16("sekrit"), merged_forms[0]->password_value);
   EXPECT_EQ(ASCIIToUTF16("sekrit"), merged_forms[1]->password_value);
   EXPECT_TRUE(merged_forms[2]->blacklisted_by_user);
 }
 
 TEST_F(PasswordStoreMacInternalsTest, TestBlacklistedFiltering) {
   PasswordFormData db_data[] = {
     { PasswordForm::SCHEME_HTML, "http://dont.remember.com/",
       "http://dont.remember.com/",
       "http://dont.remember.com/handlepage.cgi",
       L"submit", L"username", L"password", L"joe_user", L"non_empty_password",
       true, false, 1240000000 },
     { PasswordForm::SCHEME_HTML, "https://dont.remember.com/",
       "https://dont.remember.com/",
       "https://dont.remember.com/handlepage_secure.cgi",
       L"submit", L"username", L"password", L"joe_user", L"non_empty_password",
       true, false, 1240000000 },
   };
   ScopedVector<autofill::PasswordForm> database_forms;
   for (unsigned int i = 0; i < arraysize(db_data); ++i) {
-    database_forms.push_back(CreatePasswordFormFromData(db_data[i]));
+    database_forms.push_back(CreatePasswordFormFromData(db_data[i]).release());
   }
   ScopedVector<autofill::PasswordForm> merged_forms;
   internal_keychain_helpers::GetPasswordsForForms(*keychain_, &database_forms,
                                                   &merged_forms);
   EXPECT_EQ(2U, database_forms.size());
   ASSERT_EQ(0U, merged_forms.size());
 }
 
 TEST_F(PasswordStoreMacInternalsTest, TestFillPasswordFormFromKeychainItem) {
   // When |extract_password_data| is false, the password field must be empty,
@@ skipping 80 matching lines @@
       "http://web.site.com/path/to/page.html", NULL, NULL, NULL, NULL,
       L"anonymous", L"knock-knock", false, false, 0 },
     { PasswordForm::SCHEME_BASIC, "http://a.site.com:2222/therealm",
       "http://a.site.com:2222/", NULL, NULL, NULL, NULL,
       L"username", L"password", false, false, 0 },
     { PasswordForm::SCHEME_DIGEST, "https://digest.site.com/differentrealm",
       "https://digest.site.com/secure.html", NULL, NULL, NULL, NULL,
       L"testname", L"testpass", false, false, 0 },
   };
   for (unsigned int i = 0; i < arraysize(owned_password_data); ++i) {
-    scoped_ptr<PasswordForm> form(CreatePasswordFormFromData(
-        owned_password_data[i]));
+    scoped_ptr<PasswordForm> form =
+        CreatePasswordFormFromData(owned_password_data[i]);
     owned_keychain_adapter.AddPassword(*form);
   }
 
   ScopedVector<autofill::PasswordForm> all_passwords =
       keychain_adapter.GetAllPasswordFormPasswords();
   EXPECT_EQ(8 + arraysize(owned_password_data), all_passwords.size());
 
   ScopedVector<autofill::PasswordForm> owned_passwords =
       owned_keychain_adapter.GetAllPasswordFormPasswords();
   EXPECT_EQ(arraysize(owned_password_data), owned_passwords.size());
@@ skipping 46 matching lines @@
 
   MockAppleKeychain* keychain() {
     return static_cast<MockAppleKeychain*>(store_->keychain());
   }
 
   void FinishAsyncProcessing() {
     // Do a store-level query to wait for all the previously enqueued operations
     // to finish.
     MockPasswordStoreConsumer consumer;
     store_->GetLogins(PasswordForm(), PasswordStore::ALLOW_PROMPT, &consumer);
-    consumer.WaitOnGetPasswordStoreResults();
+    EXPECT_CALL(consumer, OnGetPasswordStoreResultsConstRef(_))
+        .WillOnce(QuitUIMessageLoop());
+    base::MessageLoop::current()->Run();
   }
 
   TestPasswordStoreMac* store() { return store_.get(); }
 
  protected:
   base::MessageLoopForUI message_loop_;
   content::TestBrowserThread ui_thread_;
 
   base::ScopedTempDir db_dir_;
   scoped_refptr<TestPasswordStoreMac> store_;
 };
 
 TEST_F(PasswordStoreMacTest, TestStoreUpdate) {
   // Insert a password into both the database and the keychain.
   // This is done manually, rather than through store_->AddLogin, because the
   // Mock Keychain isn't smart enough to be able to support update generically,
   // so some.domain.com triggers special handling to test it that make inserting
   // fail.
   PasswordFormData joint_data = {
     PasswordForm::SCHEME_HTML, "http://some.domain.com/",
     "http://some.domain.com/insecure.html", "login.cgi",
     L"username", L"password", L"submit", L"joe_user", L"sekrit", true, false, 1
   };
-  scoped_ptr<PasswordForm> joint_form(CreatePasswordFormFromData(joint_data));
+  scoped_ptr<PasswordForm> joint_form = CreatePasswordFormFromData(joint_data);
   login_db()->AddLogin(*joint_form);
   MockAppleKeychain::KeychainTestData joint_keychain_data = {
     kSecAuthenticationTypeHTMLForm, "some.domain.com",
     kSecProtocolTypeHTTP, "/insecure.html", 0, NULL, "20020601171500Z",
     "joe_user", "sekrit", false };
   keychain()->AddTestItem(joint_keychain_data);
 
   // Insert a password into the keychain only.
   MockAppleKeychain::KeychainTestData keychain_only_data = {
     kSecAuthenticationTypeHTMLForm, "keychain.only.com",
@@ skipping 28 matching lines @@
     // case where a form is filled, then the stored login is removed, then the
     // form is submitted.
     { { PasswordForm::SCHEME_HTML, "http://different.com/",
         "http://different.com/index.html", "login.cgi",
         L"username", L"password", L"submit", L"abc", L"123",
         true, false, 2 },
       NULL,
     },
   };
   for (unsigned int i = 0; i < arraysize(updates); ++i) {
-    scoped_ptr<PasswordForm> form(CreatePasswordFormFromData(
-        updates[i].form_data));
+    scoped_ptr<PasswordForm> form =
+        CreatePasswordFormFromData(updates[i].form_data);
     store_->UpdateLogin(*form);
   }
 
   FinishAsyncProcessing();
 
   MacKeychainPasswordFormAdapter keychain_adapter(keychain());
   for (unsigned int i = 0; i < arraysize(updates); ++i) {
-    scoped_ptr<PasswordForm> query_form(
-        CreatePasswordFormFromData(updates[i].form_data));
+    scoped_ptr<PasswordForm> query_form =
+        CreatePasswordFormFromData(updates[i].form_data);
 
     ScopedVector<autofill::PasswordForm> matching_items =
         keychain_adapter.PasswordsFillingForm(query_form->signon_realm,
                                               query_form->scheme);
     if (updates[i].password) {
       EXPECT_GT(matching_items.size(), 0U) << "iteration " << i;
       if (matching_items.size() >= 1)
         EXPECT_EQ(ASCIIToUTF16(updates[i].password),
                   matching_items[0]->password_value) << "iteration " << i;
     } else {
@@ skipping 22 matching lines @@
   // www.facebook.com password from the login database, we should not be blocked
   // from deleting it from the keystore just becaus the m.facebook.com password
   // fuzzy-matches the www.facebook.com one.)
 
   // 1. Add a password for www.facebook.com
   PasswordFormData www_form_data = {
     PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
     "http://www.facebook.com/index.html", "login",
     L"username", L"password", L"submit", L"joe_user", L"sekrit", true, false, 1
   };
-  scoped_ptr<PasswordForm> www_form(CreatePasswordFormFromData(www_form_data));
+  scoped_ptr<PasswordForm> www_form = CreatePasswordFormFromData(www_form_data);
   login_db()->AddLogin(*www_form);
   MacKeychainPasswordFormAdapter owned_keychain_adapter(keychain());
   owned_keychain_adapter.SetFindsOnlyOwnedItems(true);
   owned_keychain_adapter.AddPassword(*www_form);
 
   // 2. Get a password for m.facebook.com.
   PasswordForm m_form(*www_form);
   m_form.signon_realm = "http://m.facebook.com";
   m_form.origin = GURL("http://m.facebook.com/index.html");
 
   MockPasswordStoreConsumer consumer;
   store_->GetLogins(m_form, PasswordStore::ALLOW_PROMPT, &consumer);
-  consumer.WaitOnGetPasswordStoreResults();
-  EXPECT_EQ(1u, consumer.last_result.size());
+  PasswordForm returned_form;
+  EXPECT_CALL(consumer, OnGetPasswordStoreResultsConstRef(SizeIs(1u)))
+      .WillOnce(
+          DoAll(SaveACopyOfFirstForm(&returned_form), QuitUIMessageLoop()));
+  base::MessageLoop::current()->Run();
 
   // 3. Add the returned password for m.facebook.com.
-  login_db()->AddLogin(consumer.last_result[0]);
+  login_db()->AddLogin(returned_form);
   owned_keychain_adapter.AddPassword(m_form);
 
   // 4. Remove both passwords.
   store_->RemoveLogin(*www_form);
   store_->RemoveLogin(m_form);
   FinishAsyncProcessing();
 
   // No trace of www.facebook.com.
   ScopedVector<autofill::PasswordForm> matching_items =
       owned_keychain_adapter.PasswordsFillingForm(www_form->signon_realm,
@@ skipping 48 matching lines @@
       L"password", L"joe_user", L"sekrit", true, false, 0 };
   // The old form doesn't have elements names.
   PasswordFormData www_form_data_facebook_old = {
       PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
       "http://www.facebook.com/index.html", "login", L"", L"",
       L"", L"joe_user", L"oldsekrit", true, false, 0 };
   PasswordFormData www_form_data_other = {
       PasswordForm::SCHEME_HTML, "http://different.com/",
       "http://different.com/index.html", "login", L"submit", L"username",
       L"password", L"different_joe_user", L"sekrit", true, false, 0 };
-  scoped_ptr<PasswordForm> form_facebook(
-      CreatePasswordFormFromData(www_form_data_facebook));
-  scoped_ptr<PasswordForm> form_facebook_old(
-      CreatePasswordFormFromData(www_form_data_facebook_old));
-  scoped_ptr<PasswordForm> form_other(
-      CreatePasswordFormFromData(www_form_data_other));
+  scoped_ptr<PasswordForm> form_facebook =
+      CreatePasswordFormFromData(www_form_data_facebook);
+  scoped_ptr<PasswordForm> form_facebook_old =
+      CreatePasswordFormFromData(www_form_data_facebook_old);
+  scoped_ptr<PasswordForm> form_other =
+      CreatePasswordFormFromData(www_form_data_other);
   base::Time now = base::Time::Now();
   // TODO(vasilii): remove the next line once crbug/374132 is fixed.
   now = base::Time::FromTimeT(now.ToTimeT());
   base::Time next_day = now + base::TimeDelta::FromDays(1);
   if (check_created) {
     form_facebook_old->date_created = now;
     form_facebook->date_created = next_day;
     form_other->date_created = next_day;
   } else {
     form_facebook_old->date_synced = now;
@@ skipping 78 matching lines @@
   keychain()->AddTestItem(keychain_data);
 
   // Add a password through the adapter. It has the "Chrome" creator tag.
   // However, it's not referenced by the password database.
   MacKeychainPasswordFormAdapter owned_keychain_adapter(keychain());
   owned_keychain_adapter.SetFindsOnlyOwnedItems(true);
   PasswordFormData www_form_data1 = {
       PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
       "http://www.facebook.com/index.html", "login", L"username", L"password",
       L"submit", L"joe_user", L"sekrit", true, false, 1 };
-  scoped_ptr<PasswordForm> www_form(CreatePasswordFormFromData(www_form_data1));
+  scoped_ptr<PasswordForm> www_form =
+      CreatePasswordFormFromData(www_form_data1);
   EXPECT_TRUE(owned_keychain_adapter.AddPassword(*www_form));
 
   // Add a password from the current profile.
   PasswordFormData www_form_data2 = {
       PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
       "http://www.facebook.com/index.html", "login", L"username", L"password",
       L"submit", L"not_joe_user", L"12345", true, false, 1 };
-  www_form.reset(CreatePasswordFormFromData(www_form_data2));
+  www_form = CreatePasswordFormFromData(www_form_data2);
   store_->AddLogin(*www_form);
   FinishAsyncProcessing();
 
   ScopedVector<PasswordForm> matching_items;
   login_db()->GetLogins(*www_form, &matching_items);
   EXPECT_EQ(1u, matching_items.size());
   matching_items.clear();
 
   store_->RemoveLoginsCreatedBetween(base::Time(), base::Time());
   FinishAsyncProcessing();
@@ skipping 24 matching lines @@
   ClosePasswordStore();
 
   base::WaitableEvent event(false, false);
   CreateAndInitPasswordStore(make_scoped_ptr<password_manager::LoginDatabase>(
       new SlowToInitLoginDatabase(test_login_db_file_path(), &event)));
 
   PasswordFormData www_form_data = {
       PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
       "http://www.facebook.com/index.html", "login", L"username", L"password",
       L"submit", L"not_joe_user", L"12345", true, false, 1};
-  scoped_ptr<PasswordForm> form(CreatePasswordFormFromData(www_form_data));
+  scoped_ptr<PasswordForm> form = CreatePasswordFormFromData(www_form_data);
   store()->AddLogin(*form);
 
   MockPasswordStoreConsumer mock_consumer;
   store()->GetLogins(*form, PasswordStore::ALLOW_PROMPT, &mock_consumer);
 
   // Now the read/write tasks are scheduled, let the DB initialization proceed.
   event.Signal();
 
-  mock_consumer.WaitOnGetPasswordStoreResults();
-  EXPECT_EQ(1u, mock_consumer.last_result.size());
+  EXPECT_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(SizeIs(1u)))
+      .WillOnce(QuitUIMessageLoop());
+  base::MessageLoop::current()->Run();
   EXPECT_TRUE(login_db());
 }
 
 // Verify that operations on a PasswordStore with a bad database cause no
 // explosions, but fail without side effect, return no data and trigger no
 // notifications.
 TEST_F(PasswordStoreMacTest, OperationsOnABadDatabaseSilentlyFail) {
   ClosePasswordStore();
   CreateAndInitPasswordStore(
       make_scoped_ptr<password_manager::LoginDatabase>(new BadLoginDatabase));
   FinishAsyncProcessing();
   EXPECT_FALSE(login_db());
 
   testing::StrictMock<MockPasswordStoreObserver> mock_observer;
   store()->AddObserver(&mock_observer);
 
   // Add a new autofillable login + a blacklisted login.
   PasswordFormData www_form_data = {
       PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
       "http://www.facebook.com/index.html", "login", L"username", L"password",
       L"submit", L"not_joe_user", L"12345", true, false, 1};
-  scoped_ptr<PasswordForm> form(CreatePasswordFormFromData(www_form_data));
+  scoped_ptr<PasswordForm> form = CreatePasswordFormFromData(www_form_data);
   scoped_ptr<PasswordForm> blacklisted_form(new PasswordForm(*form));
   blacklisted_form->signon_realm = "http://foo.example.com";
   blacklisted_form->origin = GURL("http://foo.example.com/origin");
   blacklisted_form->action = GURL("http://foo.example.com/action");
   blacklisted_form->blacklisted_by_user = true;
   store()->AddLogin(*form);
   store()->AddLogin(*blacklisted_form);
   FinishAsyncProcessing();
 
   // Get all logins; autofillable logins; blacklisted logins.
   MockPasswordStoreConsumer mock_consumer;
   store()->GetLogins(*form, PasswordStore::DISALLOW_PROMPT, &mock_consumer);
-  mock_consumer.WaitOnGetPasswordStoreResults();
-  EXPECT_TRUE(mock_consumer.last_result.empty());
+  ON_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(_))
+      .WillByDefault(QuitUIMessageLoop());
+  EXPECT_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(IsEmpty()));
+  base::MessageLoop::current()->Run();
+
   store()->GetAutofillableLogins(&mock_consumer);
-  mock_consumer.WaitOnGetPasswordStoreResults();
-  EXPECT_TRUE(mock_consumer.last_result.empty());
+  EXPECT_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(IsEmpty()));
+  base::MessageLoop::current()->Run();
+
   store()->GetBlacklistLogins(&mock_consumer);
-  mock_consumer.WaitOnGetPasswordStoreResults();
-  EXPECT_TRUE(mock_consumer.last_result.empty());
+  EXPECT_CALL(mock_consumer, OnGetPasswordStoreResultsConstRef(IsEmpty()));
+  base::MessageLoop::current()->Run();
 
   // Report metrics.
   store()->ReportMetrics("Test Username", true);
   FinishAsyncProcessing();
 
   // Change the login.
   form->password_value = base::ASCIIToUTF16("a different password");
   store()->UpdateLogin(*form);
   FinishAsyncProcessing();
 
   // Delete one login; a range of logins.
   store()->RemoveLogin(*form);
   store()->RemoveLoginsCreatedBetween(base::Time(), base::Time::Max());
   store()->RemoveLoginsSyncedBetween(base::Time(), base::Time::Max());
   FinishAsyncProcessing();
 
   // Verify no notifications are fired during shutdown either.
   ClosePasswordStore();
 }