Using NewPasswordFormManager for Credentials API processing.

This CL makes uses NewPasswordFormManager for saving with Credentials API
instead of PasswordFormManager, by replacing base class of
CredentialPasswordFormManager and making minor adaptations in
NewPasswordFormManager.

Along the way:
1.CreatePendingCredentials becomes protected so it moved in cc file,
no changes in its code.
2.PasswordForm::IsFederatedCredential is used instead of checking
federation_origin.opaque()

Bug:831123

Change-Id: I4a50784bbe73d2c2350383a0320ea64d82d78529
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1596429
Commit-Queue: Vadym Doroshenko <dvadym@chromium.org>
Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org>
Cr-Commit-Position: refs/heads/master@{#676407}

components/password_manager/core/browser/credential_manager_impl.cc

@@ -56,17 +56,16 @@ void CredentialManagerImpl::Store(const CredentialInfo& credential,
   std::unique_ptr<autofill::PasswordForm> form(
       CreatePasswordFormFromCredentialInfo(credential, origin));
 
-  std::unique_ptr<autofill::PasswordForm> observed_form =
-      CreateObservedPasswordFormFromOrigin(origin);
-  // Create a custom form fetcher without HTTP->HTTPS migration, as well as
-  // without fetching of suppressed HTTPS credentials on HTTP origins as the API
-  // is only available on HTTPS origins.
-  auto form_fetcher = std::make_unique<FormFetcherImpl>(
-      PasswordStore::FormDigest(*observed_form), client_, false);
+  std::string signon_realm = origin.GetOrigin().spec();
+  PasswordStore::FormDigest observed_digest(
+      autofill::PasswordForm::Scheme::kHtml, signon_realm, origin);
+
+  // Create a custom form fetcher without HTTP->HTTPS migration as the API is
+  // only available on HTTPS origins.
+  auto form_fetcher =
+      std::make_unique<FormFetcherImpl>(observed_digest, client_, false);
   form_manager_ = std::make_unique<CredentialManagerPasswordFormManager>(
-      client_, *observed_form, std::move(form), this, nullptr,
-      std::move(form_fetcher));
-  form_manager_->Init(nullptr);
+      client_, std::move(form), this, nullptr, std::move(form_fetcher));
 }
 
 void CredentialManagerImpl::PreventSilentAccess(

components/password_manager/core/browser/credential_manager_password_form_manager.cc

@@ -22,39 +22,26 @@ namespace password_manager {
 
 CredentialManagerPasswordFormManager::CredentialManagerPasswordFormManager(
     PasswordManagerClient* client,
-    const PasswordForm& observed_form,
-    std::unique_ptr<autofill::PasswordForm> saved_form,
+    std::unique_ptr<PasswordForm> saved_form,
     CredentialManagerPasswordFormManagerDelegate* delegate,
     std::unique_ptr<FormSaver> form_saver,
     std::unique_ptr<FormFetcher> form_fetcher)
-    : PasswordFormManager(client->GetPasswordManager(),
-                          client,
-                          nullptr,
-                          observed_form,
-                          (form_saver ? std::move(form_saver)
-                                      : std::make_unique<FormSaverImpl>(
-                                            client->GetPasswordStore())),
-                          form_fetcher.get()),
+    : NewPasswordFormManager(client,
+                             std::move(saved_form),
+                             std::move(form_fetcher),
+                             (form_saver ? std::move(form_saver)
+                                         : std::make_unique<FormSaverImpl>(
+                                               client->GetPasswordStore()))),
       delegate_(delegate),
-      saved_form_(std::move(saved_form)),
-      weak_factory_(this) {
-  DCHECK(saved_form_);
-  // This condition is only false on iOS.
-  if (form_fetcher)
-    form_fetcher->Fetch();
-  GrabFetcher(std::move(form_fetcher));
-}
+      weak_factory_(this) {}
 
-CredentialManagerPasswordFormManager::~CredentialManagerPasswordFormManager() {
-}
+CredentialManagerPasswordFormManager::~CredentialManagerPasswordFormManager() =
+    default;
 
 void CredentialManagerPasswordFormManager::OnFetchCompleted() {
-  PasswordFormManager::OnFetchCompleted();
+  NewPasswordFormManager::OnFetchCompleted();
 
-  // Mark the form as "preferred", as we've been told by the API that this is
-  // indeed the credential set that the user used to sign into the site.
-  saved_form_->preferred = true;
-  ProvisionallySave(*saved_form_);
+  CreatePendingCredentials();
 
   // Notify the delegate. This might result in deleting |this|, while
   // OnFetchCompleted is being called from FormFetcherImpl, owned by |this|. If

components/password_manager/core/browser/credential_manager_password_form_manager.h

@@ -7,7 +7,7 @@
 
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
-#include "components/password_manager/core/browser/password_form_manager.h"
+#include "components/password_manager/core/browser/new_password_form_manager.h"
 
 namespace autofill {
 struct PasswordForm;
@@ -27,7 +27,7 @@ class CredentialManagerPasswordFormManagerDelegate {
 
 // A PasswordFormManager built to handle PasswordForm objects synthesized
 // by the Credential Manager API.
-class CredentialManagerPasswordFormManager : public PasswordFormManager {
+class CredentialManagerPasswordFormManager : public NewPasswordFormManager {
  public:
   // Given a |client| and an |observed_form|, kick off the process of fetching
   // matching logins from the password store; if |observed_form| doesn't map to
@@ -39,7 +39,6 @@ class CredentialManagerPasswordFormManager : public PasswordFormManager {
   // This class does not take ownership of |delegate|.
   CredentialManagerPasswordFormManager(
       PasswordManagerClient* client,
-      const autofill::PasswordForm& observed_form,
       std::unique_ptr<autofill::PasswordForm> saved_form,
       CredentialManagerPasswordFormManagerDelegate* delegate,
       std::unique_ptr<FormSaver> form_saver,
@@ -57,7 +56,6 @@ class CredentialManagerPasswordFormManager : public PasswordFormManager {
   void NotifyDelegate();
 
   CredentialManagerPasswordFormManagerDelegate* delegate_;
-  std::unique_ptr<autofill::PasswordForm> saved_form_;
 
   base::WeakPtrFactory<CredentialManagerPasswordFormManager> weak_factory_;
 

components/password_manager/core/browser/credential_manager_password_form_manager_unittest.cc

@@ -8,6 +8,7 @@
 
 #include "base/macros.h"
 #include "base/run_loop.h"
+#include "base/strings/utf_string_conversions.h"
 #include "base/test/scoped_task_environment.h"
 #include "components/autofill/core/common/password_form.h"
 #include "components/password_manager/core/browser/fake_form_fetcher.h"
@@ -17,7 +18,9 @@
 #include "testing/gtest/include/gtest/gtest.h"
 
 using autofill::PasswordForm;
-using ::testing::Invoke;
+using base::ASCIIToUTF16;
+using testing::_;
+using testing::Invoke;
 
 namespace password_manager {
 
@@ -28,30 +31,89 @@ class MockDelegate : public CredentialManagerPasswordFormManagerDelegate {
   MOCK_METHOD0(OnProvisionalSaveComplete, void());
 };
 
+class MockFormSaver : public StubFormSaver {
+ public:
+  MockFormSaver() = default;
+  ~MockFormSaver() override = default;
+
+  // FormSaver:
+  MOCK_METHOD3(Save,
+               void(PasswordForm pending,
+                    const std::vector<const PasswordForm*>& matches,
+                    const base::string16& old_password));
+  MOCK_METHOD3(Update,
+               void(PasswordForm pending,
+                    const std::vector<const PasswordForm*>& matches,
+                    const base::string16& old_password));
+
+  // Convenience downcasting method.
+  static MockFormSaver& Get(NewPasswordFormManager* form_manager) {
+    return *static_cast<MockFormSaver*>(form_manager->form_saver());
+  }
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(MockFormSaver);
+};
+
+MATCHER_P(FormMatches, form, "") {
+  return form.signon_realm == arg.signon_realm && form.origin == arg.origin &&
+         form.username_value == arg.username_value &&
+         form.password_value == arg.password_value &&
+         form.scheme == arg.scheme && form.type == arg.type;
+}
+
 }  // namespace
 
 class CredentialManagerPasswordFormManagerTest : public testing::Test {
  public:
-  CredentialManagerPasswordFormManagerTest() = default;
+  CredentialManagerPasswordFormManagerTest() {
+    form_to_save_.origin = GURL("https://example.com/path");
+    form_to_save_.signon_realm = "https://example.com/";
+    form_to_save_.username_value = ASCIIToUTF16("user1");
+    form_to_save_.password_value = ASCIIToUTF16("pass1");
+    form_to_save_.scheme = PasswordForm::Scheme::kHtml;
+    form_to_save_.type = PasswordForm::Type::kApi;
+  }
 
  protected:
+  std::unique_ptr<CredentialManagerPasswordFormManager> CreateFormManager(
+      const PasswordForm& form_to_save) {
+    std::unique_ptr<FakeFormFetcher> fetcher(new FakeFormFetcher());
+    std::unique_ptr<MockFormSaver> saver(new MockFormSaver());
+    return std::make_unique<CredentialManagerPasswordFormManager>(
+        &client_, std::make_unique<PasswordForm>(form_to_save), &delegate_,
+        std::make_unique<MockFormSaver>(), std::make_unique<FakeFormFetcher>());
+  }
+
+  void SetNonFederatedAndNotifyFetchCompleted(
+      FormFetcher* fetcher,
+      const std::vector<const PasswordForm*>& non_federated) {
+    auto* fake_fetcher = static_cast<FakeFormFetcher*>(fetcher);
+    fake_fetcher->SetNonFederated(non_federated);
+    fake_fetcher->NotifyFetchCompleted();
+    // It is required because of PostTask in
+    // CredentialManagerPasswordFormManager::OnFetchCompleted
+    base::RunLoop().RunUntilIdle();
+  }
+
   // Necessary for callbacks, and for TestAutofillDriver.
   base::test::ScopedTaskEnvironment task_environment_;
 
   StubPasswordManagerClient client_;
+  MockDelegate delegate_;
+  PasswordForm form_to_save_;
 
   DISALLOW_COPY_AND_ASSIGN(CredentialManagerPasswordFormManagerTest);
 };
 
 // Test that aborting early does not cause use after free.
 TEST_F(CredentialManagerPasswordFormManagerTest, AbortEarly) {
-  PasswordForm observed_form;
+  auto saved_form = std::make_unique<PasswordForm>();
+  saved_form->password_value = base::ASCIIToUTF16("password");
   MockDelegate delegate;
   auto form_manager = std::make_unique<CredentialManagerPasswordFormManager>(
-      &client_, observed_form, std::make_unique<PasswordForm>(observed_form),
-      &delegate, std::make_unique<StubFormSaver>(),
-      std::make_unique<FakeFormFetcher>());
-  form_manager->Init(nullptr);
+      &client_, std::move(saved_form), &delegate,
+      std::make_unique<StubFormSaver>(), std::make_unique<FakeFormFetcher>());
 
   auto deleter = [&form_manager]() { form_manager.reset(); };
 
@@ -75,15 +137,68 @@ TEST_F(CredentialManagerPasswordFormManagerTest, AbortEarly) {
 // Ensure that GetCredentialSource is actually overriden and returns the proper
 // value.
 TEST_F(CredentialManagerPasswordFormManagerTest, GetCredentialSource) {
-  PasswordForm observed_form;
   MockDelegate delegate;
   auto form_manager = std::make_unique<CredentialManagerPasswordFormManager>(
-      &client_, observed_form, std::make_unique<PasswordForm>(observed_form),
-      &delegate, std::make_unique<StubFormSaver>(),
-      std::make_unique<FakeFormFetcher>());
-  form_manager->Init(nullptr);
+      &client_, std::make_unique<PasswordForm>(), &delegate,
+      std::make_unique<StubFormSaver>(), std::make_unique<FakeFormFetcher>());
   ASSERT_EQ(metrics_util::CredentialSourceType::kCredentialManagementAPI,
             form_manager->GetCredentialSource());
 }
 
+TEST_F(CredentialManagerPasswordFormManagerTest, SaveCredentialAPIEmptyStore) {
+  std::unique_ptr<CredentialManagerPasswordFormManager> form_manager =
+      CreateFormManager(form_to_save_);
+  MockFormSaver& form_saver = MockFormSaver::Get(form_manager.get());
+  EXPECT_CALL(delegate_, OnProvisionalSaveComplete());
+  SetNonFederatedAndNotifyFetchCompleted(form_manager->GetFormFetcher(), {});
+  EXPECT_TRUE(form_manager->IsNewLogin());
+  EXPECT_TRUE(form_manager->is_submitted());
+
+  EXPECT_CALL(form_saver, Save(FormMatches(form_to_save_), _, _));
+  form_manager->Save();
+}
+
+TEST_F(CredentialManagerPasswordFormManagerTest,
+       SaveCredentialAPINonEmptyStore) {
+  // Simulate that the password store has crendentials with different
+  // username/password as a submitted one.
+  PasswordForm saved_match = form_to_save_;
+  saved_match.username_value += ASCIIToUTF16("1");
+  saved_match.password_value += ASCIIToUTF16("1");
+
+  std::unique_ptr<CredentialManagerPasswordFormManager> form_manager =
+      CreateFormManager(form_to_save_);
+  MockFormSaver& form_saver = MockFormSaver::Get(form_manager.get());
+
+  EXPECT_CALL(delegate_, OnProvisionalSaveComplete());
+  SetNonFederatedAndNotifyFetchCompleted(form_manager->GetFormFetcher(),
+                                         {&saved_match});
+  EXPECT_TRUE(form_manager->IsNewLogin());
+  EXPECT_TRUE(form_manager->is_submitted());
+  EXPECT_EQ(form_to_save_.origin, form_manager->GetOrigin());
+
+  EXPECT_CALL(form_saver, Save(FormMatches(form_to_save_), _, _));
+  form_manager->Save();
+}
+
+TEST_F(CredentialManagerPasswordFormManagerTest, UpdatePasswordCredentialAPI) {
+  // Simulate that the submitted credential has the same username but the
+  // different password from already saved one.
+  PasswordForm saved_match = form_to_save_;
+  saved_match.password_value += ASCIIToUTF16("1");
+
+  std::unique_ptr<CredentialManagerPasswordFormManager> form_manager =
+      CreateFormManager(form_to_save_);
+  MockFormSaver& form_saver = MockFormSaver::Get(form_manager.get());
+
+  EXPECT_CALL(delegate_, OnProvisionalSaveComplete());
+  SetNonFederatedAndNotifyFetchCompleted(form_manager->GetFormFetcher(),
+                                         {&saved_match});
+  EXPECT_FALSE(form_manager->IsNewLogin());
+  EXPECT_TRUE(form_manager->is_submitted());
+
+  EXPECT_CALL(form_saver, Update(FormMatches(form_to_save_), _, _));
+  form_manager->Save();
+}
+
 }  // namespace password_manager

components/password_manager/core/browser/new_password_form_manager.cc

@@ -62,7 +62,7 @@ base::string16 GetPlatformSpecificIdentifier(const FormFieldData& field) {
 
 ValueElementPair PasswordToSave(const PasswordForm& form) {
   if (form.new_password_value.empty()) {
-    DCHECK(!form.password_value.empty());
+    DCHECK(!form.password_value.empty() || form.IsFederatedCredential());
     return {form.password_value, form.password_element};
   }
   return {form.new_password_value, form.new_password_element};
@@ -155,7 +155,7 @@ NewPasswordFormManager::NewPasswordFormManager(
                              std::move(form_saver),
                              nullptr /* metrics_recorder */,
                              observed_http_auth_digest) {
-  observed_http_auth_digest_ = std::move(observed_http_auth_digest);
+  observed_not_web_form_digest_ = std::move(observed_http_auth_digest);
   form_fetcher_->AddConsumer(this);
 }
 
@@ -208,9 +208,8 @@ bool NewPasswordFormManager::IsEqualToSubmittedForm(
 }
 
 const GURL& NewPasswordFormManager::GetOrigin() const {
-  if (IsHttpAuth())
-    return observed_http_auth_digest_->origin;
-  return observed_form_.url;
+  return observed_not_web_form_digest_ ? observed_not_web_form_digest_->origin
+                                       : observed_form_.url;
 }
 
 const std::map<base::string16, const PasswordForm*>&
@@ -392,16 +391,17 @@ void NewPasswordFormManager::PermanentlyBlacklist() {
 
   if (!new_blacklisted_) {
     new_blacklisted_ = std::make_unique<PasswordForm>();
-    if (IsHttpAuth()) {
-      new_blacklisted_->origin = observed_http_auth_digest_->origin;
+    if (observed_not_web_form_digest_) {
+      new_blacklisted_->origin = observed_not_web_form_digest_->origin;
       // GetSignonRealm is not suitable for http auth credentials.
-      new_blacklisted_->signon_realm = observed_http_auth_digest_->signon_realm;
-      new_blacklisted_->scheme = observed_http_auth_digest_->scheme;
+      new_blacklisted_->signon_realm =
+          IsHttpAuth() ? observed_not_web_form_digest_->signon_realm
+                       : GetSignonRealm(observed_not_web_form_digest_->origin);
     } else {
       new_blacklisted_->origin = observed_form_.url;
       new_blacklisted_->signon_realm = GetSignonRealm(observed_form_.url);
-      new_blacklisted_->scheme = PasswordForm::Scheme::kHtml;
     }
+    new_blacklisted_->scheme = GetScheme();
     blacklisted_matches_.push_back(new_blacklisted_.get());
   }
   *new_blacklisted_ = form_saver_->PermanentlyBlacklist(
@@ -567,12 +567,29 @@ std::unique_ptr<NewPasswordFormManager> NewPasswordFormManager::Clone() {
   return result;
 }
 
+NewPasswordFormManager::NewPasswordFormManager(
+    PasswordManagerClient* client,
+    std::unique_ptr<PasswordForm> saved_form,
+    std::unique_ptr<FormFetcher> form_fetcher,
+    std::unique_ptr<FormSaver> form_saver)
+    : NewPasswordFormManager(client,
+                             form_fetcher.get(),
+                             std::move(form_saver),
+                             nullptr /* metrics_recorder */,
+                             PasswordStore::FormDigest(*saved_form)) {
+  observed_not_web_form_digest_ = PasswordStore::FormDigest(*saved_form);
+  parsed_submitted_form_ = std::move(saved_form);
+  is_submitted_ = true;
+  owned_form_fetcher_ = std::move(form_fetcher),
+  form_fetcher_->AddConsumer(this);
+  if (form_fetcher_)
+    form_fetcher_->Fetch();
+}
+
 void NewPasswordFormManager::OnFetchCompleted() {
   received_stored_credentials_time_ = TimeTicks::Now();
   std::vector<const PasswordForm*> matches;
-  PasswordForm::Scheme observed_form_scheme =
-      observed_http_auth_digest_ ? observed_http_auth_digest_->scheme
-                                 : PasswordForm::Scheme::kHtml;
+  PasswordForm::Scheme observed_form_scheme = GetScheme();
   for (const auto* match : form_fetcher_->GetNonFederatedMatches()) {
     if (match->scheme == observed_form_scheme)
       matches.push_back(match);
@@ -587,6 +604,12 @@ void NewPasswordFormManager::OnFetchCompleted() {
 
   autofills_left_ = kMaxTimesAutofill;
 
+  if (IsCredentialAPISave()) {
+    // This is saving with credential API, there is no form to fill, so no
+    // filling required.
+    return;
+  }
+
   if (IsHttpAuth()) {
     // No server prediction for http auth, so no need to wait.
     FillHttpAuth();
@@ -636,7 +659,7 @@ bool NewPasswordFormManager::ProvisionallySaveHttpAuthForm(
     const PasswordForm& submitted_form) {
   if (!IsHttpAuth())
     return false;
-  if (!(*observed_http_auth_digest_ ==
+  if (!(*observed_not_web_form_digest_ ==
         PasswordStore::FormDigest(submitted_form)))
     return false;
 
@@ -647,7 +670,16 @@ bool NewPasswordFormManager::ProvisionallySaveHttpAuthForm(
 }
 
 bool NewPasswordFormManager::IsHttpAuth() const {
-  return !!observed_http_auth_digest_;
+  return GetScheme() != PasswordForm::Scheme::kHtml;
+}
+
+bool NewPasswordFormManager::IsCredentialAPISave() const {
+  return observed_not_web_form_digest_ && !IsHttpAuth();
+}
+
+PasswordForm::Scheme NewPasswordFormManager::GetScheme() const {
+  return observed_not_web_form_digest_ ? observed_not_web_form_digest_->scheme
+                                       : PasswordForm::Scheme::kHtml;
 }
 
 void NewPasswordFormManager::ProcessServerPredictions(
@@ -851,6 +883,8 @@ void NewPasswordFormManager::ReportTimeBetweenStoreAndServerUMA() {
   }
 }
 
+// TODO(https://crbug.com/831123): move this function to the proper place
+// corresponding to its place in the header.
 void NewPasswordFormManager::CreatePendingCredentials() {
   DCHECK(is_submitted_);
   // TODO(https://crbug.com/831123): Process correctly the case when saved
@@ -948,10 +982,11 @@ void NewPasswordFormManager::CreatePendingCredentials() {
 void NewPasswordFormManager::CreatePendingCredentialsForNewCredentials(
     const PasswordForm& submitted_password_form,
     const base::string16& password_element) {
-  if (IsHttpAuth()) {
+  if (IsHttpAuth() || IsCredentialAPISave()) {
     pending_credentials_ = submitted_password_form;
     return;
   }
+
   // TODO(https://crbug.com/831123): Replace parsing of the observed form with
   // usage of already parsed submitted form.
   std::unique_ptr<PasswordForm> parsed_observed_form =
@@ -978,7 +1013,7 @@ void NewPasswordFormManager::CreatePendingCredentialsForNewCredentials(
 
 void NewPasswordFormManager::ProcessUpdate() {
   DCHECK_EQ(FormFetcher::State::NOT_WAITING, form_fetcher_->GetState());
-  DCHECK(preferred_match_ || !pending_credentials_.federation_origin.opaque());
+  DCHECK(preferred_match_ || pending_credentials_.IsFederatedCredential());
   // If we're doing an Update, we either autofilled correctly and need to
   // update the stats, or the user typed in a new password for autofilled
   // username, or the user selected one of the non-preferred matches,
@@ -1103,9 +1138,7 @@ void NewPasswordFormManager::CalculateFillingAssistanceMetric(
 std::vector<const PasswordForm*> NewPasswordFormManager::GetAllMatches() const {
   std::vector<const autofill::PasswordForm*> result =
       form_fetcher_->GetNonFederatedMatches();
-  PasswordForm::Scheme observed_form_scheme =
-      observed_http_auth_digest_ ? observed_http_auth_digest_->scheme
-                                 : PasswordForm::Scheme::kHtml;
+  PasswordForm::Scheme observed_form_scheme = GetScheme();
   base::EraseIf(result, [observed_form_scheme](const auto* form) {
     return form->scheme != observed_form_scheme;
   });
@@ -1115,8 +1148,10 @@ std::vector<const PasswordForm*> NewPasswordFormManager::GetAllMatches() const {
 void NewPasswordFormManager::SavePendingToStore(bool update) {
   const PasswordForm* saved_form = password_manager_util::GetMatchForUpdating(
       *parsed_submitted_form_, best_matches_);
-  if (update || password_overridden_)
+  if ((update || password_overridden_) &&
+      !pending_credentials_.IsFederatedCredential()) {
     DCHECK(saved_form);
+  }
   base::string16 old_password =
       saved_form ? saved_form->password_value : base::string16();
   if (HasGeneratedPassword()) {

components/password_manager/core/browser/new_password_form_manager.h

@@ -109,6 +109,13 @@ class NewPasswordFormManager : public PasswordFormManagerInterface,
   // Returns true if |*this| manages http authentication.
   bool IsHttpAuth() const;
 
+  // Returns true if |*this| manages saving with Credentials API. This class is
+  // not used for filling with Credentials API.
+  bool IsCredentialAPISave() const;
+
+  // Returns scheme of the observed form or http authentication.
+  autofill::PasswordForm::Scheme GetScheme() const;
+
   // Selects from |predictions| predictions that corresponds to
   // |observed_form_|, initiates filling and stores predictions in
   // |predictions_|.
@@ -209,9 +216,19 @@ class NewPasswordFormManager : public PasswordFormManagerInterface,
   }
 
  protected:
+  // Constructor for Credentials API.
+  NewPasswordFormManager(PasswordManagerClient* client,
+                         std::unique_ptr<autofill::PasswordForm> saved_form,
+                         std::unique_ptr<FormFetcher> form_fetcher,
+                         std::unique_ptr<FormSaver> form_saver);
+
   // FormFetcher::Consumer:
   void OnFetchCompleted() override;
 
+  // Create pending credentials from |parsed_submitted_form_| and forms received
+  // from the password store.
+  void CreatePendingCredentials();
+
  private:
   // Delegating constructor.
   NewPasswordFormManager(
@@ -239,10 +256,6 @@ class NewPasswordFormManager : public PasswordFormManagerInterface,
   // the autofill server responding to the lookup request.
   void ReportTimeBetweenStoreAndServerUMA();
 
-  // Create pending credentials from |submitted_form_| and forms received from
-  // the password store.
-  void CreatePendingCredentials();
-
   // Create pending credentials from provisionally saved form when this form
   // represents credentials that were not previosly saved.
   void CreatePendingCredentialsForNewCredentials(
@@ -290,10 +303,12 @@ class NewPasswordFormManager : public PasswordFormManagerInterface,
   base::WeakPtr<PasswordManagerDriver> driver_;
 
   // TODO(https://crbug.com/943045): use std::variant for keeping
-  // |observed_form_| and |observed_http_auth_digest_|.
+  // |observed_form_| and |observed_not_web_form_digest_|.
   autofill::FormData observed_form_;
 
-  base::Optional<PasswordStore::FormDigest> observed_http_auth_digest_;
+  // Used for retrieving credentials in case http authentication or Credentials
+  // API.
+  base::Optional<PasswordStore::FormDigest> observed_not_web_form_digest_;
 
   // Set of nonblacklisted PasswordForms from the DB that best match the form
   // being managed by |this|, indexed by username. The PasswordForms are owned

components/password_manager/core/browser/new_password_form_manager_unittest.cc

@@ -374,7 +374,7 @@ class NewPasswordFormManagerTest : public testing::Test {
 
   // Creates NewPasswordFormManager and sets it to |form_manager_| for
   // |base_auth_observed_form|. Along the way a new |fetcher_| is created.
-  void CreateFormManagerForHttpAuthForm(
+  void CreateFormManagerForNonWebForm(
       const PasswordForm& base_auth_observed_form) {
     fetcher_.reset(new FakeFormFetcher());
     fetcher_->Fetch();
@@ -1871,7 +1871,7 @@ TEST_F(NewPasswordFormManagerTest, SaveHttpAuthNoHttpAuthStored) {
     EXPECT_CALL(driver_, FillPasswordForm(_)).Times(0);
     EXPECT_CALL(client_, AutofillHttpAuth(_, _)).Times(0);
 
-    CreateFormManagerForHttpAuthForm(http_auth_form);
+    CreateFormManagerForNonWebForm(http_auth_form);
     MockFormSaver& form_saver = MockFormSaver::Get(form_manager_.get());
 
     std::vector<const PasswordForm*> saved_matches;
@@ -1903,7 +1903,7 @@ TEST_F(NewPasswordFormManagerTest, HTTPAuthAlreadySaved) {
   PasswordForm http_auth_form = parsed_observed_form_;
   http_auth_form.scheme = PasswordForm::Scheme::kBasic;
 
-  CreateFormManagerForHttpAuthForm(http_auth_form);
+  CreateFormManagerForNonWebForm(http_auth_form);
 
   const base::string16 username = ASCIIToUTF16("user1");
   const base::string16 password = ASCIIToUTF16("pass1");
@@ -1924,7 +1924,7 @@ TEST_F(NewPasswordFormManagerTest, HTTPAuthPasswordOverridden) {
   PasswordForm http_auth_form = parsed_observed_form_;
   http_auth_form.scheme = PasswordForm::Scheme::kBasic;
 
-  CreateFormManagerForHttpAuthForm(http_auth_form);
+  CreateFormManagerForNonWebForm(http_auth_form);
   MockFormSaver& form_saver = MockFormSaver::Get(form_manager_.get());
 
   PasswordForm saved_http_auth_form = http_auth_form;
@@ -1963,7 +1963,7 @@ TEST_F(NewPasswordFormManagerTest, BlacklistHttpAuthCredentials) {
   http_auth_form.signon_realm += "my-auth-realm";
   http_auth_form.scheme = PasswordForm::Scheme::kBasic;
 
-  CreateFormManagerForHttpAuthForm(http_auth_form);
+  CreateFormManagerForNonWebForm(http_auth_form);
   MockFormSaver& form_saver = MockFormSaver::Get(form_manager_.get());
 
   // Simulate that the user submits http auth credentials.

components/password_manager/core/common/credential_manager_types.cc

@@ -87,14 +87,4 @@ std::unique_ptr<autofill::PasswordForm> CreatePasswordFormFromCredentialInfo(
   return form;
 }
 
-std::unique_ptr<autofill::PasswordForm> CreateObservedPasswordFormFromOrigin(
-    const GURL& origin) {
-  std::unique_ptr<autofill::PasswordForm> form(new autofill::PasswordForm);
-  form->origin = origin;
-  form->scheme = autofill::PasswordForm::Scheme::kHtml;
-  form->type = autofill::PasswordForm::Type::kApi;
-  form->signon_realm = origin.GetOrigin().spec();
-  return form;
-}
-
 }  // namespace password_manager

components/password_manager/core/common/credential_manager_types.h

@@ -82,11 +82,6 @@ std::unique_ptr<autofill::PasswordForm> CreatePasswordFormFromCredentialInfo(
     const CredentialInfo& info,
     const GURL& origin);
 
-// Create a new autofill::PasswordForm object based on |origin|. The result
-// plays the role of an observed form on that page.
-std::unique_ptr<autofill::PasswordForm> CreateObservedPasswordFormFromOrigin(
-    const GURL& origin);
-
 }  // namespace password_manager
 
 #endif  // COMPONENTS_PASSWORD_MANAGER_CORE_COMMON_CREDENTIAL_MANAGER_TYPES_H_

components/password_manager/core/common/credential_manager_types_unittest.cc

@@ -86,18 +86,4 @@ TEST_F(CredentialManagerTypesTest, CreatePasswordFormLocal) {
   EXPECT_EQ(origin_.spec(), form->signon_realm);
 }
 
-TEST_F(CredentialManagerTypesTest, CreateObservedPasswordForm) {
-  std::unique_ptr<autofill::PasswordForm> form =
-      CreateObservedPasswordFormFromOrigin(origin_);
-
-  ASSERT_TRUE(form);
-  EXPECT_EQ(GURL(), form->icon_url);
-  EXPECT_EQ(base::string16(), form->display_name);
-  EXPECT_EQ(origin_, form->origin);
-  EXPECT_EQ(autofill::PasswordForm::Scheme::kHtml, form->scheme);
-  EXPECT_TRUE(form->federation_origin.opaque());
-  EXPECT_EQ(base::string16(), form->password_value);
-  EXPECT_EQ(origin_.spec(), form->signon_realm);
-}
-
 }  // namespace password_manager