[iOS][Password Check] Handling for Federated and Blocked origin

This change adds special handling for federated and blocked origin. Federated credentials are displayed without password field and blocked origins are displayed only with website value. Bug: 1075494 Change-Id: Iefa3e7d117a1ddc7abd24ba189f0a2b903bd9d5c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2360081 Commit-Queue: Viktor Semeniuk <vsemeniuk@google.com> Reviewed-by: Sergio Collazos <sczs@chromium.org> Cr-Commit-Position: refs/heads/master@{#800371}

[iOS][Password Check] Handling for Federated and Blocked origin
This change adds special handling for federated and blocked origin. Federated credentials are displayed without password field and blocked origins are displayed only with website value. Bug: 1075494 Change-Id: Iefa3e7d117a1ddc7abd24ba189f0a2b903bd9d5c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2360081 Commit-Queue: Viktor Semeniuk <vsemeniuk@google.com> Reviewed-by: Sergio Collazos <sczs@chromium.org> Cr-Commit-Position: refs/heads/master@{#800371}
03f87519 · Viktor Semeniuk · Commit Bot · eec8c8c0 · 03f87519 · 03f87519
Commit 03f87519 authored Aug 20, 2020 by Viktor Semeniuk Committed by Commit Bot Aug 20, 2020
4 changed files
--- a/ios/chrome/browser/ui/settings/password/password_details/password_details_coordinator.mm
+++ b/ios/chrome/browser/ui/settings/password/password_details/password_details_coordinator.mm
@@ -140,9 +140,12 @@
 }

 - (void)showPasswordDeleteDialogWithOrigin:(NSString*)origin {
-  NSString* message =
-      l10n_util::GetNSStringF(IDS_IOS_DELETE_COMPROMISED_PASSWORD_DESCRIPTION,
-                              base::SysNSStringToUTF16(origin));
+  NSString* message;
+
+  if (origin)
+    message =
+        l10n_util::GetNSStringF(IDS_IOS_DELETE_COMPROMISED_PASSWORD_DESCRIPTION,
+                                base::SysNSStringToUTF16(origin));
  self.actionSheetCoordinator = [[ActionSheetCoordinator alloc]
      initWithBaseViewController:self.viewController
                         browser:self.browser

--- a/ios/chrome/browser/ui/settings/password/password_details/password_details_handler.h
+++ b/ios/chrome/browser/ui/settings/password/password_details/password_details_handler.h
@@ -16,7 +16,8 @@
 - (void)showPasscodeDialog;

 // Called when the user wants to delete password. |origin| is a short website
-// version. It is displayed inside dialog.
+// version. It is displayed inside dialog. If |origin| is nil dialog is
+// displayed without message.
 - (void)showPasswordDeleteDialogWithOrigin:(NSString*)origin;

 // Called when the user wants to save edited password.

--- a/ios/chrome/browser/ui/settings/password/password_details/password_details_table_view_controller.mm
+++ b/ios/chrome/browser/ui/settings/password/password_details/password_details_table_view_controller.mm
@@ -99,6 +99,13 @@ typedef NS_ENUM(NSInteger, ReauthenticationReason) {
 #pragma mark - ChromeTableViewController

 - (void)editButtonPressed {
+  // If password value is missing, proceed with editing without
+  // reauthentication.
+  if (![self.password.password length]) {
+    [super editButtonPressed];
+    return;
+  }
+
  // Request reauthentication before revealing password during editing.
  // Editing mode will be entered on successful reauth.
  if (!self.tableView.editing && !self.isPasswordShown) {
@@ -128,23 +135,29 @@ typedef NS_ENUM(NSInteger, ReauthenticationReason) {
  [model addItem:[self websiteItem]
      toSectionWithIdentifier:SectionIdentifierPassword];

-  [model addItem:[self usernameItem]
-      toSectionWithIdentifier:SectionIdentifierPassword];
+  // Blocked password forms don't have username value.
+  if ([self.password.username length]) {
+    [model addItem:[self usernameItem]
+        toSectionWithIdentifier:SectionIdentifierPassword];
+  }

-  self.passwordTextItem = [self passwordItem];
-  [model addItem:self.passwordTextItem
-      toSectionWithIdentifier:SectionIdentifierPassword];
+  // Federated and blocked password forms don't have password value.
+  if ([self.password.password length]) {
+    self.passwordTextItem = [self passwordItem];
+    [model addItem:self.passwordTextItem
+        toSectionWithIdentifier:SectionIdentifierPassword];

-  if (self.password.isCompromised) {
-    [model addSectionWithIdentifier:SectionIdentifierCompromisedInfo];
+    if (self.password.isCompromised) {
+      [model addSectionWithIdentifier:SectionIdentifierCompromisedInfo];

-    if (self.password.changePasswordURL.is_valid()) {
-      [model addItem:[self changePasswordItem]
+      if (self.password.changePasswordURL.is_valid()) {
+        [model addItem:[self changePasswordItem]
+            toSectionWithIdentifier:SectionIdentifierCompromisedInfo];
+      }
+
+      [model addItem:[self changePasswordRecommendationItem]
          toSectionWithIdentifier:SectionIdentifierCompromisedInfo];
    }
-
-    [model addItem:[self changePasswordRecommendationItem]
-        toSectionWithIdentifier:SectionIdentifierCompromisedInfo];
  }
 }

@@ -315,7 +328,13 @@ typedef NS_ENUM(NSInteger, ReauthenticationReason) {
 // Called when user tapped Delete button during editing. It means presented
 // password should be deleted.
 - (void)deleteItems:(NSArray<NSIndexPath*>*)indexPaths {
-  [self.handler showPasswordDeleteDialogWithOrigin:self.password.origin];
+  // Pass origin only if password is compromised as confirmation message makes
+  // sense only in this case.
+  if (self.password.isCompromised) {
+    [self.handler showPasswordDeleteDialogWithOrigin:self.password.origin];
+  } else {
+    [self.handler showPasswordDeleteDialogWithOrigin:nil];
+  }
 }

 - (BOOL)shouldHideToolbar {

--- a/ios/chrome/browser/ui/settings/password/password_details/password_details_table_view_controller_unittest.mm
+++ b/ios/chrome/browser/ui/settings/password/password_details/password_details_table_view_controller_unittest.mm
@@ -129,6 +129,32 @@ class PasswordDetailsTableViewControllerTest
    [passwords_controller setPassword:passwordDetails];
  }

+  void SetFederatedPassword() {
+    auto form = autofill::PasswordForm();
+    form.username_value = base::ASCIIToUTF16("test@egmail.com");
+    form.url = GURL(base::ASCIIToUTF16("http://www.example.com/"));
+    form.signon_realm = form.url.spec();
+    form.federation_origin =
+        url::Origin::Create(GURL("http://www.example.com/"));
+    PasswordDetails* password =
+        [[PasswordDetails alloc] initWithPasswordForm:form];
+    PasswordDetailsTableViewController* passwords_controller =
+        static_cast<PasswordDetailsTableViewController*>(controller());
+    [passwords_controller setPassword:password];
+  }
+
+  void SetBlockedOrigin() {
+    auto form = autofill::PasswordForm();
+    form.url = GURL("http://www.example.com/");
+    form.blocked_by_user = true;
+    form.signon_realm = form.url.spec();
+    PasswordDetails* password =
+        [[PasswordDetails alloc] initWithPasswordForm:form];
+    PasswordDetailsTableViewController* passwords_controller =
+        static_cast<PasswordDetailsTableViewController*>(controller());
+    [passwords_controller setPassword:password];
+  }
+
  void CheckEditCellText(NSString* expected_text, int section, int item) {
    TableViewTextEditItem* cell =
        static_cast<TableViewTextEditItem*>(GetTableViewItem(section, item));
@@ -155,16 +181,6 @@ class PasswordDetailsTableViewControllerTest
  MockReauthenticationModule* reauthentication_module_;
 };

-// Tests PasswordDetailsTableViewController is set up with appropriate items
-// and sections.
-TEST_F(PasswordDetailsTableViewControllerTest, TestModel) {
-  CreateController();
-  CheckController();
-  EXPECT_EQ(1, NumberOfSections());
-
-  EXPECT_EQ(3, NumberOfItemsInSection(0));
-}
-
 // Tests that password is displayed properly.
 TEST_F(PasswordDetailsTableViewControllerTest, TestPassword) {
  SetPassword();
@@ -345,3 +361,38 @@ TEST_F(PasswordDetailsTableViewControllerTest,
  CheckDetailItemTextWithId(IDS_IOS_CHANGE_COMPROMISED_PASSWORD_DESCRIPTION, 1,
                            0);
 }
+
+// Tests federated credential is shown without password value and editing
+// doesn't require reauth.
+TEST_F(PasswordDetailsTableViewControllerTest, TestFederatedCredential) {
+  SetFederatedPassword();
+  EXPECT_EQ(1, NumberOfSections());
+  EXPECT_EQ(2, NumberOfItemsInSection(0));
+
+  CheckEditCellText(@"http://www.example.com/", 0, 0);
+  CheckEditCellText(@"test@egmail.com", 0, 1);
+
+  reauth().expectedResult = ReauthenticationResult::kFailure;
+  PasswordDetailsTableViewController* passwordDetails =
+      base::mac::ObjCCastStrict<PasswordDetailsTableViewController>(
+          controller());
+  [passwordDetails editButtonPressed];
+  EXPECT_TRUE(passwordDetails.tableView.editing);
+}
+
+// Tests blocked website is shown without password and username values and
+// editing doesn't require reauth.
+TEST_F(PasswordDetailsTableViewControllerTest, TestBlockedOrigin) {
+  SetBlockedOrigin();
+  EXPECT_EQ(1, NumberOfSections());
+  EXPECT_EQ(1, NumberOfItemsInSection(0));
+
+  CheckEditCellText(@"http://www.example.com/", 0, 0);
+
+  reauth().expectedResult = ReauthenticationResult::kFailure;
+  PasswordDetailsTableViewController* passwordDetails =
+      base::mac::ObjCCastStrict<PasswordDetailsTableViewController>(
+          controller());
+  [passwordDetails editButtonPressed];
+  EXPECT_TRUE(passwordDetails.tableView.editing);
+}