Credential Management: Support zeroclick credential in 'request()'.

components/password_manager/content/browser/credential_manager_dispatcher.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/password_manager/content/browser/credential_manager_dispatcher.h"
 
 #include "base/bind.h"
 #include "base/memory/scoped_vector.h"
 #include "base/strings/string16.h"
 #include "base/strings/utf_string_conversions.h"
@@ skipping 119 matching lines @@
         new CredentialManagerMsg_SendCredential(
             web_contents()->GetRenderViewHost()->GetRoutingID(), request_id,
             CredentialInfo()));
     return;
   }
 
   pending_request_.reset(new PendingRequestParameters(
       request_id, zero_click_only,
       web_contents()->GetLastCommittedURL().GetOrigin(), federations));
 
+  // This will result in a callback to ::OnGetPasswordStoreResults().
   store->GetAutofillableLogins(this);
 }
 
 void CredentialManagerDispatcher::OnGetPasswordStoreResults(
     const std::vector<autofill::PasswordForm*>& results) {
   DCHECK(pending_request_);
 
   std::set<std::string> federations;
   for (const GURL& origin : pending_request_->federations)
     federations.insert(origin.spec());
 
   // We own the PasswordForm instances, so we're responsible for cleaning
   // up the instances we don't add to |local_results| or |federated_results|.
   // We'll dump them into a ScopedVector and allow it to delete the
   // PasswordForms upon destruction.
+  autofill::PasswordForm* to_send_as_zero_click = nullptr;
+  bool multiple_zero_click = false;
   std::vector<autofill::PasswordForm*> local_results;
   std::vector<autofill::PasswordForm*> federated_results;
   ScopedVector<autofill::PasswordForm> discarded_results;
   for (autofill::PasswordForm* form : results) {
-    // TODO(mkwst): Extend this filter to include federations.
-    if (form->origin == pending_request_->origin)
+    if (form->origin == pending_request_->origin) {
       local_results.push_back(form);
-    else if (federations.count(form->origin.spec()) != 0)
+
+      // If more than one local credential is_zero_click, then we punt on
+      // auto signin.
+      //
+      // TODO(mkwst): We should have a global on-off switch here alongside the
+      // credential-level toggle.
+      if (form->is_zero_click && !multiple_zero_click) {

[vasilii, 2015/01/28 13:25:30]

AS we discussed, I'll rename form->is_zero_click to
form->one_time_disable_zero_click.
Therefore I'd suggest that you don't use it for now.
On the other hand, you can use CredentialManagerDispatcher::IsZeroClickAllowed()
(to be extended with the global flag) assuming that "allow zero click" per form
is true.

[Mike West, 2015/01/28 14:42:14]

Perfect, thanks.

+        if (to_send_as_zero_click)
+          multiple_zero_click = true;
+        to_send_as_zero_click = multiple_zero_click ? nullptr : form;
+      }
+    } else if (federations.count(form->origin.spec()) != 0) {
       federated_results.push_back(form);
-    else
+    } else {
       discarded_results.push_back(form);

[vabr (Chromium), 2015/01/28 13:37:52]

Why not just
delete form;
?

[Mike West, 2015/01/28 14:42:14]

That would be too easy!

+    }
   }
 
   if ((local_results.empty() && federated_results.empty()) ||
       web_contents()->GetLastCommittedURL().GetOrigin() !=
           pending_request_->origin) {
     SendCredential(pending_request_->id, CredentialInfo());
     return;
   }
 
-  if (!client_->PromptUserToChooseCredentials(
-          local_results,
-          federated_results,
+  if (to_send_as_zero_click) {
+    discarded_results.assign(local_results.begin(), local_results.end());

[vabr (Chromium), 2015/01/28 13:37:52]

Why not use STLDeleteElements? This is a bit cryptic. Also below.

(FYI, I should be soon changing the type of results to ScopedVector, so
ultimately explicit deletion will not be needed.)

[Mike West, 2015/01/28 14:42:14]

Sure. I can do that.

+    discarded_results.assign(federated_results.begin(),
+                             federated_results.end());
+    CredentialInfo info(*to_send_as_zero_click,
+                        to_send_as_zero_click->federation_url.is_empty()
+                            ? CredentialType::CREDENTIAL_TYPE_LOCAL
+                            : CredentialType::CREDENTIAL_TYPE_FEDERATED);
+    SendCredential(pending_request_->id, info);
+    return;
+  }
+
+  if (pending_request_->zero_click_only ||
+      !client_->PromptUserToChooseCredentials(
+          local_results, federated_results,
           base::Bind(&CredentialManagerDispatcher::SendCredential,
                      base::Unretained(this), pending_request_->id))) {
     SendCredential(pending_request_->id, CredentialInfo());
   }
 }
 
 PasswordStore* CredentialManagerDispatcher::GetPasswordStore() {
   return client_ ? client_->GetPasswordStore() : nullptr;
 }
 
@@ skipping 20 matching lines @@
   DCHECK(pending_request_);
   DCHECK_EQ(pending_request_->id, request_id);
   web_contents()->GetRenderViewHost()->Send(
       new CredentialManagerMsg_SendCredential(
           web_contents()->GetRenderViewHost()->GetRoutingID(),
           pending_request_->id, info));
   pending_request_.reset();
 }
 
 }  // namespace password_manager