system-proxy: Call ClearUserCredentials D-Bus method

Users have the option to clear the HTTP authentication cache in the
browser. System-proxy uses the proxy credentials which a user has
entered in the browser to authenticate to a remote proxy.

This CL implements sending a |ClearUserCredentials| request to the
System-proxy service when a user clears the auth cache in the browser.

Bug: 1098216
Test: browser test
Change-Id: Ie2fb3020727005acb8fceca911e7587ce0d128b1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2317957
Commit-Queue: Andreea-Elena Costinas <acostinas@google.com>
Reviewed-by: Martin Šrámek <msramek@chromium.org>
Reviewed-by: Omar Morsi <omorsi@google.com>
Reviewed-by: Pavol Marko <pmarko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#794963}

chrome/browser/browsing_data/browsing_data_remover_browsertest.cc

@@ -96,6 +96,14 @@
 #include "chrome/browser/media/library_cdm_test_helper.h"
 #endif  // BUILDFLAG(ENABLE_LIBRARY_CDMS)
 
+#if defined(OS_CHROMEOS)
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/browser_process_platform_part.h"
+#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
+#include "chrome/browser/chromeos/policy/system_proxy_manager.h"
+#include "chromeos/dbus/system_proxy/system_proxy_client.h"
+#endif  // defined(OS_CHROMEOS)
+
 using content::BrowserThread;
 using content::BrowsingDataFilterBuilder;
 
@@ -1495,6 +1503,26 @@ IN_PROC_BROWSER_TEST_F(BrowsingDataRemoverBrowserTest,
   }
 }
 
+#if defined(OS_CHROMEOS)
+// Test that removing passwords, when System-proxy is enabled on Chrome OS,
+// sends a request to System-proxy to clear the cached user credentials.
+IN_PROC_BROWSER_TEST_F(BrowsingDataRemoverBrowserTest,
+                       SystemProxyClearsUserCredentials) {
+  g_browser_process->platform_part()
+      ->browser_policy_connector_chromeos()
+      ->GetSystemProxyManager()
+      ->SetSystemProxyEnabledForTest(true);
+  EXPECT_EQ(0, chromeos::SystemProxyClient::Get()
+                   ->GetTestInterface()
+                   ->GetClearUserCredentialsCount());
+  RemoveAndWait(ChromeBrowsingDataRemoverDelegate::DATA_TYPE_PASSWORDS);
+
+  EXPECT_EQ(1, chromeos::SystemProxyClient::Get()
+                   ->GetTestInterface()
+                   ->GetClearUserCredentialsCount());
+}
+#endif  // defined(OS_CHROMEOS)
+
 // Some storage backend use a different code path for full deletions and
 // partial deletions, so we need to test both.
 INSTANTIATE_TEST_SUITE_P(All,

chrome/browser/browsing_data/chrome_browsing_data_remover_delegate.cc

@@ -152,6 +152,10 @@
 #endif  // BUILDFLAG(ENABLE_EXTENSIONS)
 
 #if defined(OS_CHROMEOS)
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/browser_process_platform_part.h"
+#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
+#include "chrome/browser/chromeos/policy/system_proxy_manager.h"
 #include "chrome/browser/chromeos/profiles/profile_helper.h"
 #include "chromeos/cryptohome/cryptohome_parameters.h"
 #include "chromeos/dbus/constants/attestation_constants.h"
@@ -895,6 +899,22 @@ void ChromeBrowsingDataRemoverDelegate::RemoveEmbedderData(
         ->ClearHttpAuthCache(delete_begin_,
                              CreateTaskCompletionClosureForMojo(
                                  TracingDataType::kHttpAuthCache));
+#if defined(OS_CHROMEOS)
+    policy::SystemProxyManager* system_proxy_manager =
+        g_browser_process->platform_part()
+            ->browser_policy_connector_chromeos()
+            ->GetSystemProxyManager();
+    if (system_proxy_manager) {
+      // Sends a request to the System-proxy daemon to clear the proxy user
+      // credentials. System-proxy retrieves proxy username and password from
+      // the NetworkService, but not the creation time of the credentials. The
+      // |ClearUserCredentials| request will remove all the cached proxy
+      // credentials. If credentials prior to |delete_begin_| are removed from
+      // System-proxy, the daemon will send a D-Bus request to Chrome to fetch
+      // them from the NetworkService when needed.
+      system_proxy_manager->ClearUserCredentials();
+    }
+#endif  // defined(OS_CHROMEOS)
 
 #if defined(OS_MAC)
     device::fido::mac::TouchIdCredentialStore(

chrome/browser/chromeos/policy/system_proxy_manager.cc

@@ -90,6 +90,16 @@ void SystemProxyManager::StopObservingPrimaryProfilePrefs() {
   profile_pref_change_registrar_->RemoveAll();
   profile_pref_change_registrar_.reset();
 }
+void SystemProxyManager::ClearUserCredentials() {
+  if (!system_proxy_enabled_) {
+    return;
+  }
+
+  system_proxy::ClearUserCredentialsRequest request;
+  chromeos::SystemProxyClient::Get()->ClearUserCredentials(
+      request, base::BindOnce(&SystemProxyManager::OnClearUserCredentials,
+                              weak_factory_.GetWeakPtr()));
+}
 
 void SystemProxyManager::OnSystemProxySettingsPolicyChanged() {
   chromeos::CrosSettingsProvider::TrustedStatus status =
@@ -176,6 +186,10 @@ void SystemProxyManager::SendKerberosAuthenticationDetails() {
                               weak_factory_.GetWeakPtr()));
 }
 
+void SystemProxyManager::SetSystemProxyEnabledForTest(bool enabled) {
+  system_proxy_enabled_ = enabled;
+}
+
 void SystemProxyManager::SetSystemServicesProxyUrlForTest(
     const std::string& local_proxy_url) {
   system_proxy_enabled_ = true;
@@ -199,6 +213,15 @@ void SystemProxyManager::OnDaemonShutDown(
   }
 }
 
+void SystemProxyManager::OnClearUserCredentials(
+    const system_proxy::ClearUserCredentialsResponse& response) {
+  if (response.has_error_message() && !response.error_message().empty()) {
+    NET_LOG(ERROR) << "Failed to clear user credentials: "
+                   << kSystemProxyService
+                   << ", error: " << response.error_message();
+  }
+}
+
 void SystemProxyManager::OnWorkerActive(
     const system_proxy::WorkerActiveSignalDetails& details) {
   if (details.traffic_origin() == system_proxy::TrafficOrigin::SYSTEM) {

chrome/browser/chromeos/policy/system_proxy_manager.h

@@ -50,13 +50,21 @@ class SystemProxyManager {
   std::string SystemServicesProxyPacString() const;
   void StartObservingPrimaryProfilePrefs(Profile* profile);
   void StopObservingPrimaryProfilePrefs();
+  // If System-proxy is enabled, it will send a request via D-Bus to clear the
+  // user's proxy credentials cached by the local proxy workers. System-proxy
+  // requests proxy credentials from the browser by sending an
+  // |AuthenticationRequired| D-Bus signal.
+  void ClearUserCredentials();
 
+  void SetSystemProxyEnabledForTest(bool enabled);
   void SetSystemServicesProxyUrlForTest(const std::string& local_proxy_url);
 
  private:
   void OnSetAuthenticationDetails(
       const system_proxy::SetAuthenticationDetailsResponse& response);
   void OnDaemonShutDown(const system_proxy::ShutDownResponse& response);
+  void OnClearUserCredentials(
+      const system_proxy::ClearUserCredentialsResponse& response);
 
   void OnKerberosEnabledChanged();
   void OnKerberosAccountChanged();

chromeos/dbus/system_proxy/fake_system_proxy_client.cc

@@ -31,6 +31,15 @@ void FakeSystemProxyClient::ShutDownDaemon(ShutDownDaemonCallback callback) {
       FROM_HERE, base::BindOnce(std::move(callback), response));
 }
 
+void FakeSystemProxyClient::ClearUserCredentials(
+    const system_proxy::ClearUserCredentialsRequest& request,
+    ClearUserCredentialsCallback callback) {
+  ++clear_user_credentials_call_count_;
+  system_proxy::ClearUserCredentialsResponse response;
+  base::ThreadTaskRunnerHandle::Get()->PostTask(
+      FROM_HERE, base::BindOnce(std::move(callback), response));
+}
+
 void FakeSystemProxyClient::SetWorkerActiveSignalCallback(
     WorkerActiveCallback callback) {
   worker_active_callback_ = callback;
@@ -56,6 +65,10 @@ int FakeSystemProxyClient::GetShutDownCallCount() const {
   return shut_down_call_count_;
 }
 
+int FakeSystemProxyClient::GetClearUserCredentialsCount() const {
+  return clear_user_credentials_call_count_;
+}
+
 system_proxy::SetAuthenticationDetailsRequest
 FakeSystemProxyClient::GetLastAuthenticationDetailsRequest() const {
   return last_set_auth_details_request_;

chromeos/dbus/system_proxy/fake_system_proxy_client.h

@@ -28,6 +28,10 @@ class COMPONENT_EXPORT(CHROMEOS_DBUS) FakeSystemProxyClient
   void SetWorkerActiveSignalCallback(WorkerActiveCallback callback) override;
   void SetAuthenticationRequiredSignalCallback(
       AuthenticationRequiredCallback callback) override;
+  void ClearUserCredentials(
+      const system_proxy::ClearUserCredentialsRequest& request,
+      ClearUserCredentialsCallback callback) override;
+
   void ConnectToWorkerSignals() override;
 
   SystemProxyClient::TestInterface* GetTestInterface() override;
@@ -35,6 +39,7 @@ class COMPONENT_EXPORT(CHROMEOS_DBUS) FakeSystemProxyClient
   // SystemProxyClient::TestInterface implementation.
   int GetSetAuthenticationDetailsCallCount() const override;
   int GetShutDownCallCount() const override;
+  int GetClearUserCredentialsCount() const override;
   system_proxy::SetAuthenticationDetailsRequest
   GetLastAuthenticationDetailsRequest() const override;
   void SendAuthenticationRequiredSignal(
@@ -44,6 +49,7 @@ class COMPONENT_EXPORT(CHROMEOS_DBUS) FakeSystemProxyClient
   system_proxy::SetAuthenticationDetailsRequest last_set_auth_details_request_;
   int set_credentials_call_count_ = 0;
   int shut_down_call_count_ = 0;
+  int clear_user_credentials_call_count_ = 0;
   bool connect_to_worker_signals_called_ = false;
   // Signal callbacks.
   SystemProxyClient::WorkerActiveCallback worker_active_callback_;

chromeos/dbus/system_proxy/system_proxy_client.cc

@@ -71,6 +71,13 @@ class SystemProxyClientImpl : public SystemProxyClient {
     CallProtoMethod(system_proxy::kShutDownMethod, std::move(callback));
   }
 
+  void ClearUserCredentials(
+      const system_proxy::ClearUserCredentialsRequest& request,
+      ClearUserCredentialsCallback callback) override {
+    CallProtoMethodWithRequest(system_proxy::kClearUserCredentialsMethod,
+                               request, std::move(callback));
+  }
+
   void SetWorkerActiveSignalCallback(WorkerActiveCallback callback) override {
     DCHECK(callback);
     DCHECK(!worker_active_callback_);

chromeos/dbus/system_proxy/system_proxy_client.h

@@ -29,6 +29,8 @@ class COMPONENT_EXPORT(SYSTEM_PROXY) SystemProxyClient {
       const system_proxy::WorkerActiveSignalDetails& details)>;
   using AuthenticationRequiredCallback = base::RepeatingCallback<void(
       const system_proxy::AuthenticationRequiredDetails& details)>;
+  using ClearUserCredentialsCallback = base::OnceCallback<void(
+      const system_proxy::ClearUserCredentialsResponse& response)>;
 
   // Interface with testing functionality. Accessed through GetTestInterface(),
   // only implemented in the fake implementation.
@@ -38,6 +40,8 @@ class COMPONENT_EXPORT(SYSTEM_PROXY) SystemProxyClient {
     virtual int GetSetAuthenticationDetailsCallCount() const = 0;
     // Returns how many times |ShutDownDaemon| was called.
     virtual int GetShutDownCallCount() const = 0;
+    // Returns how many times |ClearUserCredentials| was called.
+    virtual int GetClearUserCredentialsCount() const = 0;
     // Returns the content of the last request sent to the System-proxy service
     // to set authentication details.
     virtual system_proxy::SetAuthenticationDetailsRequest
@@ -79,6 +83,10 @@ class COMPONENT_EXPORT(SYSTEM_PROXY) SystemProxyClient {
   // task and reply. |callback| is called when the daemon starts to shut-down.
   virtual void ShutDownDaemon(ShutDownDaemonCallback callback) = 0;
 
+  virtual void ClearUserCredentials(
+      const system_proxy::ClearUserCredentialsRequest& request,
+      ClearUserCredentialsCallback callback) = 0;
+
   // Returns an interface for testing (fake only), or returns nullptr.
   virtual TestInterface* GetTestInterface() = 0;