[Autofill Assistant] Fail UserFormAction for invalid basic card networks.

Currently, autofill assistant does not validate the set of basic card networks sent by the autofill assistant backend. In the UI, this can lead to crash due to an assert. This CL adds the missing validation and terminates the action with INVALID_ACTION for unsupported cards.

Bug: b/143136284
Change-Id: If248fa0edd671078ef6459de34228e392f542800
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1871700
Commit-Queue: Clemens Arbesser <arbesser@google.com>
Reviewed-by: Maxim Kolosovskiy <kolos@chromium.org>
Reviewed-by: Rouslan Solomakhin <rouslan@chromium.org>
Reviewed-by: Mathias Carlen <mcarlen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#709431}

components/autofill/core/browser/autofill_data_util.cc

@@ -5,6 +5,7 @@
 #include "components/autofill/core/browser/autofill_data_util.h"
 
 #include <algorithm>
+#include <iterator>
 #include <vector>
 
 #include "base/i18n/char_iterator.h"
@@ -477,6 +478,16 @@ const char* GetIssuerNetworkForBasicCardIssuerNetwork(
   return kGenericPaymentRequestData.issuer_network;
 }
 
+bool IsValidBasicCardIssuerNetwork(
+    const std::string& basic_card_issuer_network) {
+  auto* it = std::find_if(
+      std::begin(kPaymentRequestData), std::end(kPaymentRequestData),
+      [basic_card_issuer_network](const auto& data) {
+        return data.basic_card_issuer_network == basic_card_issuer_network;
+      });
+  return it != std::end(kPaymentRequestData);
+}
+
 bool IsValidCountryCode(const std::string& country_code) {
   if (country_code.size() != 2)
     return false;

components/autofill/core/browser/autofill_data_util.h

@@ -107,6 +107,11 @@ const PaymentRequestData& GetPaymentRequestData(
 const char* GetIssuerNetworkForBasicCardIssuerNetwork(
     const std::string& basic_card_issuer_network);
 
+// Returns whether the specified |basic_card_issuer_network| is a valid basic
+// card network or not. Note that 'generic' is not considered valid.
+bool IsValidBasicCardIssuerNetwork(
+    const std::string& basic_card_issuer_network);
+
 // Returns whether the specified |country_code| is a valid country code.
 bool IsValidCountryCode(const std::string& country_code);
 bool IsValidCountryCode(const base::string16& country_code);

components/autofill_assistant/browser/actions/collect_user_data_action.cc

@@ -539,6 +539,13 @@ CollectUserDataAction::CreateOptionsFromProto() {
         contact_details.request_payer_phone();
   }
 
+  for (const auto& network :
+       collect_user_data.supported_basic_card_networks()) {
+    if (!autofill::data_util::IsValidBasicCardIssuerNetwork(network)) {
+      DVLOG(1) << "Invalid basic card network: " << network;
+      return nullptr;
+    }
+  }
   std::copy(collect_user_data.supported_basic_card_networks().begin(),
             collect_user_data.supported_basic_card_networks().end(),
             std::back_inserter(

components/autofill_assistant/browser/actions/collect_user_data_action_unittest.cc

@@ -856,5 +856,67 @@ TEST_F(CollectUserDataActionTest, TextInputSectionWritesToClientMemory) {
   EXPECT_EQ(*client_memory_.additional_value("key2"), "modified");
 }
 
+TEST_F(CollectUserDataActionTest, AllowedBasicCardNetworks) {
+  ActionProto action_proto;
+  auto* collect_user_data_proto = action_proto.mutable_collect_user_data();
+  SetRequiredTermsFields(collect_user_data_proto);
+  collect_user_data_proto->set_request_terms_and_conditions(false);
+
+  std::string kSupportedBasicCardNetworks[] = {"amex", "diners",   "discover",
+                                               "elo",  "jcb",      "mastercard",
+                                               "mir",  "unionpay", "visa"};
+
+  for (const auto& network : kSupportedBasicCardNetworks) {
+    *collect_user_data_proto->add_supported_basic_card_networks() = network;
+  }
+
+  ON_CALL(mock_action_delegate_, CollectUserData(_, _))
+      .WillByDefault(Invoke(
+          [](std::unique_ptr<CollectUserDataOptions> collect_user_data_options,
+             std::unique_ptr<UserData> user_data) {
+            user_data->succeed = true;
+
+            user_data->billing_address =
+                std::make_unique<autofill::AutofillProfile>(
+                    base::GenerateGUID(), kFakeUrl);
+            autofill::test::SetProfileInfo(
+                user_data->billing_address.get(), "Marion", "Mitchell",
+                "Morrison", "marion@me.xyz", "Fox", "123 Zoo St.", "unit 5",
+                "Hollywood", "CA", "96043", "US", "16505678910");
+
+            user_data->card = std::make_unique<autofill::CreditCard>(
+                base::GenerateGUID(), kFakeUrl);
+            autofill::test::SetCreditCardInfo(
+                user_data->card.get(), "Marion Mitchell", "4111 1111 1111 1111",
+                "01", "2020", user_data->billing_address->guid());
+
+            std::move(collect_user_data_options->confirm_callback)
+                .Run(std::move(user_data));
+          }));
+
+  EXPECT_CALL(
+      callback_,
+      Run(Pointee(Property(&ProcessedActionProto::status, ACTION_APPLIED))));
+  CollectUserDataAction action(&mock_action_delegate_, action_proto);
+  action.ProcessAction(callback_.Get());
+}
+
+TEST_F(CollectUserDataActionTest, InvalidBasicCardNetworks) {
+  ActionProto action_proto;
+  auto* collect_user_data_proto = action_proto.mutable_collect_user_data();
+  SetRequiredTermsFields(collect_user_data_proto);
+  collect_user_data_proto->set_request_terms_and_conditions(false);
+
+  *collect_user_data_proto->add_supported_basic_card_networks() = "visa";
+  *collect_user_data_proto->add_supported_basic_card_networks() =
+      "unknown_network";
+
+  EXPECT_CALL(
+      callback_,
+      Run(Pointee(Property(&ProcessedActionProto::status, INVALID_ACTION))));
+  CollectUserDataAction action(&mock_action_delegate_, action_proto);
+  action.ProcessAction(callback_.Get());
+}
+
 }  // namespace
 }  // namespace autofill_assistant