[s13n] Convert password_sync_util.cc to IdentityManager

This CL changes password_sync_util.cc|h and its various call sites to work with IdentityManager rather than SigninManager. There should be no functionality change, and the work is part of the identity manager servicification (//services/identity) effort. Specifically about IdentityManager, it wraps internally both SigninManager and OAuth2TokenService objects, exposing a new API. BUG=889874 Change-Id: I2014aff5a3fe4842d23f9c7610adbb9522f9e366 Reviewed-on: https://chromium-review.googlesource.com/c/1306153 Commit-Queue: Antonio Gomes <tonikitoo@igalia.com> Reviewed-by: Vaclav Brozek <vabr@chromium.org> Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Cr-Commit-Position: refs/heads/master@{#604288}

[s13n] Convert password_sync_util.cc to IdentityManager
This CL changes password_sync_util.cc|h and its various call sites to work with IdentityManager rather than SigninManager. There should be no functionality change, and the work is part of the identity manager servicification (//services/identity) effort. Specifically about IdentityManager, it wraps internally both SigninManager and OAuth2TokenService objects, exposing a new API. BUG=889874 Change-Id: I2014aff5a3fe4842d23f9c7610adbb9522f9e366 Reviewed-on: https://chromium-review.googlesource.com/c/1306153 Commit-Queue: Antonio Gomes <tonikitoo@igalia.com> Reviewed-by: Vaclav Brozek <vabr@chromium.org> Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Cr-Commit-Position: refs/heads/master@{#604288}
386ec91f · Antonio Gomes · Commit Bot · 574aaf0e · 386ec91f · 386ec91f
Commit 386ec91f authored Oct 31, 2018 by Antonio Gomes Committed by Commit Bot Oct 31, 2018
16 changed files
--- a/chrome/browser/password_manager/chrome_password_manager_client.cc
+++ b/chrome/browser/password_manager/chrome_password_manager_client.cc
@@ -23,7 +23,7 @@
 #include "chrome/browser/password_manager/password_store_factory.h"
 #include "chrome/browser/prerender/prerender_contents.h"
 #include "chrome/browser/profiles/profile.h"
-#include "chrome/browser/signin/signin_manager_factory.h"
+#include "chrome/browser/signin/identity_manager_factory.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
 #include "chrome/browser/ui/passwords/password_generation_popup_controller_impl.h"
 #include "chrome/browser/ui/passwords/passwords_client_ui_delegate.h"
@@ -55,7 +55,6 @@
 #include "components/password_manager/core/common/password_manager_pref_names.h"
 #include "components/prefs/pref_service.h"
 #include "components/sessions/content/content_record_password_state.h"
-#include "components/signin/core/browser/signin_manager.h"
 #include "components/ukm/content/source_url_recorder.h"
 #include "components/version_info/version_info.h"
 #include "content/public/browser/browser_context.h"
@@ -75,6 +74,7 @@
 #include "google_apis/gaia/gaia_urls.h"
 #include "net/base/url_util.h"
 #include "net/cert/cert_status_flags.h"
+#include "services/identity/public/cpp/identity_manager.h"
 #include "services/metrics/public/cpp/ukm_recorder.h"
 #include "third_party/re2/src/re2/re2.h"
 #include "url/url_constants.h"
@@ -120,8 +120,9 @@ const syncer::SyncService* GetSyncService(Profile* profile) {
  return nullptr;
 }

-const SigninManagerBase* GetSigninManagerForOriginalProfile(Profile* profile) {
-  return SigninManagerFactory::GetForProfile(profile->GetOriginalProfile());
+const identity::IdentityManager* GetIdentityManagerForOriginalProfile(
+    Profile* profile) {
+  return IdentityManagerFactory::GetForProfile(profile->GetOriginalProfile());
 }

 #if !defined(OS_ANDROID)
@@ -169,7 +170,7 @@ ChromePasswordManagerClient::ChromePasswordManagerClient(
      credentials_filter_(
          this,
          base::BindRepeating(&GetSyncService, profile_),
-          base::BindRepeating(&GetSigninManagerForOriginalProfile, profile_)),
+          base::BindRepeating(&GetIdentityManagerForOriginalProfile, profile_)),
      helper_(this) {
  ContentPasswordManagerDriverFactory::CreateForWebContents(web_contents, this,
                                                            autofill_client);
@@ -186,7 +187,7 @@ ChromePasswordManagerClient::ChromePasswordManagerClient(
      password_manager::prefs::kCredentialsEnableService, GetPrefs());
  static base::NoDestructor<password_manager::StoreMetricsReporter> reporter(
      *saving_and_filling_passwords_enabled_, this, GetSyncService(profile_),
-      GetSigninManagerForOriginalProfile(profile_), GetPrefs());
+      GetIdentityManagerForOriginalProfile(profile_), GetPrefs());
  driver_factory_->RequestSendLoggingAvailability();
 }


--- a/chrome/browser/ui/passwords/password_manager_presenter.cc
+++ b/chrome/browser/ui/passwords/password_manager_presenter.cc
@@ -21,7 +21,7 @@
 #include "build/build_config.h"
 #include "chrome/browser/password_manager/password_store_factory.h"
 #include "chrome/browser/profiles/profile.h"
-#include "chrome/browser/signin/signin_manager_factory.h"
+#include "chrome/browser/signin/identity_manager_factory.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
 #include "chrome/browser/ui/passwords/manage_passwords_view_utils.h"
 #include "chrome/browser/ui/passwords/password_ui_view.h"
@@ -266,7 +266,8 @@ void PasswordManagerPresenter::RequestShowPassword(
  }
  if (password_manager::sync_util::IsSyncAccountCredential(
          form, sync_service,
-          SigninManagerFactory::GetForProfile(password_view_->GetProfile()))) {
+          IdentityManagerFactory::GetForProfile(
+              password_view_->GetProfile()))) {
    base::RecordAction(
        base::UserMetricsAction("PasswordManager_SyncCredentialShown"));
  }

--- a/components/password_manager/core/browser/BUILD.gn
+++ b/components/password_manager/core/browser/BUILD.gn
@@ -229,6 +229,7 @@ jumbo_static_library("browser") {
    "//components/webdata/common",
    "//google_apis",
    "//net",
+    "//services/identity/public/cpp:cpp",
    "//services/metrics/public/cpp:metrics_cpp",
    "//services/metrics/public/cpp:ukm_builders",
    "//services/network/public/cpp",
@@ -491,6 +492,7 @@ source_set("unit_tests") {
    "//components/variations",
    "//google_apis:google_apis",
    "//net:test_support",
+    "//services/identity/public/cpp:test_support",
    "//services/metrics/public/cpp:ukm_builders",
    "//services/network:network_service",
    "//services/network:test_support",

--- a/components/password_manager/core/browser/DEPS
+++ b/components/password_manager/core/browser/DEPS
@@ -50,4 +50,10 @@ specific_include_rules = {
  "http_credentials_cleaner_unittest\.cc": [
    "+services/network",
  ],
+  "password_sync_util\.cc": [
+    "+services/identity/public/cpp",
+  ],
+  "sync_username_test_base\.h": [
+    "+services/identity/public/cpp",
+  ],
 }
--- a/components/password_manager/core/browser/password_sync_util.cc
+++ b/components/password_manager/core/browser/password_sync_util.cc
@@ -9,6 +9,7 @@
 #include "components/autofill/core/common/password_form.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 #include "google_apis/gaia/gaia_urls.h"
+#include "services/identity/public/cpp/identity_manager.h"
 #include "url/origin.h"

 #if defined(SYNC_PASSWORD_REUSE_DETECTION_ENABLED)
@@ -30,8 +31,8 @@ namespace sync_util {

 std::string GetSyncUsernameIfSyncingPasswords(
    const syncer::SyncService* sync_service,
-    const SigninManagerBase* signin_manager) {
-  if (!signin_manager)
+    const identity::IdentityManager* identity_manager) {
+  if (!identity_manager)
    return std::string();

  // If sync is set up, return early if we aren't syncing passwords.
@@ -40,12 +41,13 @@ std::string GetSyncUsernameIfSyncingPasswords(
    return std::string();
  }

-  return signin_manager->GetAuthenticatedAccountInfo().email;
+  return identity_manager->GetPrimaryAccountInfo().email;
 }

-bool IsSyncAccountCredential(const autofill::PasswordForm& form,
-                             const syncer::SyncService* sync_service,
-                             const SigninManagerBase* signin_manager) {
+bool IsSyncAccountCredential(
+    const autofill::PasswordForm& form,
+    const syncer::SyncService* sync_service,
+    const identity::IdentityManager* identity_manager) {
  if (!IsGaiaCredentialPage(form.signon_realm))
    return false;

@@ -57,11 +59,11 @@ bool IsSyncAccountCredential(const autofill::PasswordForm& form,

  return gaia::AreEmailsSame(
      base::UTF16ToUTF8(form.username_value),
-      GetSyncUsernameIfSyncingPasswords(sync_service, signin_manager));
+      GetSyncUsernameIfSyncingPasswords(sync_service, identity_manager));
 }

 bool ShouldSavePasswordHash(const autofill::PasswordForm& form,
-                            const SigninManagerBase* signin_manager,
+                            const identity::IdentityManager* identity_manager,
                            PrefService* prefs) {
 #if defined(SYNC_PASSWORD_REUSE_DETECTION_ENABLED)
  bool is_protected_credential_url =
@@ -74,7 +76,7 @@ bool ShouldSavePasswordHash(const autofill::PasswordForm& form,
  if (!is_protected_credential_url)
    return false;

-  std::string sync_email = signin_manager->GetAuthenticatedAccountInfo().email;
+  std::string sync_email = identity_manager->GetPrimaryAccountInfo().email;
  std::string username = base::UTF16ToUTF8(form.username_value);

  if (sync_email.empty() || username.empty())
@@ -93,12 +95,12 @@ bool ShouldSavePasswordHash(const autofill::PasswordForm& form,
 }

 bool IsSyncAccountEmail(const std::string& username,
-                        const SigninManagerBase* signin_manager) {
-  // |signin_manager| can be null if user is not signed in.
-  if (!signin_manager)
+                        const identity::IdentityManager* identity_manager) {
+  // |identity_manager| can be null if user is not signed in.
+  if (!identity_manager)
    return false;

-  std::string sync_email = signin_manager->GetAuthenticatedAccountInfo().email;
+  std::string sync_email = identity_manager->GetPrimaryAccountInfo().email;

  if (sync_email.empty() || username.empty())
    return false;

--- a/components/password_manager/core/browser/password_sync_util.h
+++ b/components/password_manager/core/browser/password_sync_util.h
@@ -9,37 +9,40 @@

 #include "components/autofill/core/common/password_form.h"
 #include "components/prefs/pref_service.h"
-#include "components/signin/core/browser/signin_manager.h"
 #include "components/sync/driver/sync_service.h"

+namespace identity {
+class IdentityManager;
+}
+
 namespace password_manager {
 namespace sync_util {

-// Returns the sync username received from |signin_manager| (if not null).
+// Returns the sync username received from |identity_manager| (if not null).
 // Moreover, using |sync_service| (if not null), this function also tries to
 // return an empty string if the user isn't syncing passwords, but it is not
 // always possible to determine since this code can be called during sync setup
 // (http://crbug.com/393626).
 std::string GetSyncUsernameIfSyncingPasswords(
    const syncer::SyncService* sync_service,
-    const SigninManagerBase* signin_manager);
+    const identity::IdentityManager* identity_manager);

 // Returns true if |form| corresponds to the account specified by
 // GetSyncUsernameIfSyncingPasswords. Returns false if
 // GetSyncUsernameIfSyncingPasswords does not specify any account.
 bool IsSyncAccountCredential(const autofill::PasswordForm& form,
                             const syncer::SyncService* sync_service,
-                             const SigninManagerBase* signin_manager);
+                             const identity::IdentityManager* identity_manager);

 // If |form| doesn't match GAIA sign-on realm or enterprise-specified password
 // protection URL, returns false. Otherwise, return true.
 bool ShouldSavePasswordHash(const autofill::PasswordForm& form,
-                            const SigninManagerBase* signin_manager,
+                            const identity::IdentityManager* identity_manager,
                            PrefService* prefs);

 // If |username| matches sync account.
 bool IsSyncAccountEmail(const std::string& username,
-                        const SigninManagerBase* signin_manager);
+                        const identity::IdentityManager* identity_manager);

 // If |signon_realm| matches Gaia signon realm.
 bool IsGaiaCredentialPage(const std::string& signon_realm);

--- a/components/password_manager/core/browser/password_sync_util_unittest.cc
+++ b/components/password_manager/core/browser/password_sync_util_unittest.cc
@@ -37,18 +37,18 @@ TEST_F(PasswordSyncUtilTest, GetSyncUsernameIfSyncingPasswords) {
    std::string fake_sync_username;
    std::string expected_result;
    const syncer::SyncService* sync_service;
-    const SigninManagerBase* signin_manager;
+    const identity::IdentityManager* identity_manager;
  } kTestCases[] = {
      {TestCase::NOT_SYNCING_PASSWORDS, "a@example.org", std::string(),
-       sync_service(), signin_manager()},
+       sync_service(), identity_manager()},

      {TestCase::SYNCING_PASSWORDS, "a@example.org", "a@example.org",
-       sync_service(), signin_manager()},
+       sync_service(), identity_manager()},

      // If sync_service is not available, we assume passwords are synced, even
      // if they are not.
      {TestCase::NOT_SYNCING_PASSWORDS, "a@example.org", "a@example.org",
-       nullptr, signin_manager()},
+       nullptr, identity_manager()},

      {TestCase::SYNCING_PASSWORDS, "a@example.org", std::string(),
       sync_service(), nullptr},
@@ -63,8 +63,8 @@ TEST_F(PasswordSyncUtilTest, GetSyncUsernameIfSyncingPasswords) {
                        TestCase::SYNCING_PASSWORDS);
    FakeSigninAs(kTestCases[i].fake_sync_username);
    EXPECT_EQ(kTestCases[i].expected_result,
-              GetSyncUsernameIfSyncingPasswords(kTestCases[i].sync_service,
-                                                kTestCases[i].signin_manager));
+              GetSyncUsernameIfSyncingPasswords(
+                  kTestCases[i].sync_service, kTestCases[i].identity_manager));
  }
 }

@@ -90,7 +90,7 @@ TEST_F(PasswordSyncUtilTest, IsSyncAccountCredential) {
    FakeSigninAs(kTestCases[i].fake_sync_username);
    EXPECT_EQ(kTestCases[i].expected_result,
              IsSyncAccountCredential(kTestCases[i].form, sync_service(),
-                                      signin_manager()));
+                                      identity_manager()));
  }
 }

@@ -118,7 +118,7 @@ TEST_F(PasswordSyncUtilTest, IsSyncAccountEmail) {
    FakeSigninAs(kTestCases[i].fake_sync_email);
    EXPECT_EQ(
        kTestCases[i].expected_result,
-        IsSyncAccountEmail(kTestCases[i].input_username, signin_manager()));
+        IsSyncAccountEmail(kTestCases[i].input_username, identity_manager()));
  }
 }

@@ -183,7 +183,7 @@ TEST_F(PasswordSyncUtilEnterpriseTest, ShouldSavePasswordHash) {
      SetSyncingPasswords(syncing_passwords);
      FakeSigninAs(kTestCases[i].fake_sync_username);
      EXPECT_EQ(kTestCases[i].expected_result,
-                ShouldSavePasswordHash(kTestCases[i].form, signin_manager(),
+                ShouldSavePasswordHash(kTestCases[i].form, identity_manager(),
                                       &prefs_));
    }
  }

--- a/components/password_manager/core/browser/store_metrics_reporter.cc
+++ b/components/password_manager/core/browser/store_metrics_reporter.cc
@@ -16,14 +16,14 @@ StoreMetricsReporter::StoreMetricsReporter(
    bool password_manager_enabled,
    PasswordManagerClient* client,
    const syncer::SyncService* sync_service,
-    const SigninManagerBase* signin_manager,
+    const identity::IdentityManager* identity_manager,
    PrefService* prefs) {
  password_manager::PasswordStore* store = client->GetPasswordStore();
  // May be null in tests.
  if (store) {
    store->ReportMetrics(
        password_manager::sync_util::GetSyncUsernameIfSyncingPasswords(
-            sync_service, signin_manager),
+            sync_service, identity_manager),
        client->GetPasswordSyncState() ==
            password_manager::SYNCING_WITH_CUSTOM_PASSPHRASE,
        client->IsUnderAdvancedProtection());

--- a/components/password_manager/core/browser/store_metrics_reporter.h
+++ b/components/password_manager/core/browser/store_metrics_reporter.h
@@ -8,7 +8,10 @@
 #include "base/macros.h"

 class PrefService;
-class SigninManagerBase;
+
+namespace identity {
+class IdentityManager;
+}

 namespace syncer {
 class SyncService;
@@ -29,13 +32,13 @@ class StoreMetricsReporter {
 public:
  // Reports various metrics based on whether password manager is enabled. Uses
  // |client| to obtain the password store and password syncing state. Uses
-  // |sync_service| and |signin_manager| to obtain the sync username to report
+  // |sync_service| and |identity_manager| to obtain the sync username to report
  // about its presence among saved credentials. Uses the |prefs| to obtain the
  // state of the first-run-experience bubble.
  StoreMetricsReporter(bool password_manager_enabled,
                       PasswordManagerClient* client,
                       const syncer::SyncService* sync_service,
-                       const SigninManagerBase* signin_manager,
+                       const identity::IdentityManager* identity_manager,
                       PrefService* prefs);

  ~StoreMetricsReporter();

--- a/components/password_manager/core/browser/store_metrics_reporter_unittest.cc
+++ b/components/password_manager/core/browser/store_metrics_reporter_unittest.cc
@@ -58,7 +58,8 @@ TEST_F(StoreMetricsReporterTest, StoreIndependentMetrics) {
      base::HistogramTester histogram_tester;
      EXPECT_CALL(client_, GetPasswordStore()).WillOnce(Return(nullptr));
      StoreMetricsReporter reporter(password_manager_enabled, &client_,
-                                    sync_service(), signin_manager(), &prefs_);
+                                    sync_service(), identity_manager(),
+                                    &prefs_);

      histogram_tester.ExpectBucketCount("PasswordManager.Enabled",
                                         password_manager_enabled, 1);
@@ -89,7 +90,7 @@ TEST_F(StoreMetricsReporterTest, PasswordStore) {
    FakeSigninAs("some.user@gmail.com");

    StoreMetricsReporter reporter(true, &client_, sync_service(),
-                                  signin_manager(), &prefs_);
+                                  identity_manager(), &prefs_);
    store->ShutdownOnUIThread();
  }
 }
@@ -114,7 +115,7 @@ TEST_F(StoreMetricsReporterTest, PasswordStoreForUnderAdvancedProtection) {
    FakeSigninAs("some.user@gmail.com");

    StoreMetricsReporter reporter(true, &client_, sync_service(),
-                                  signin_manager(), &prefs_);
+                                  identity_manager(), &prefs_);
    store->ShutdownOnUIThread();
  }
 }

--- a/components/password_manager/core/browser/sync_credentials_filter.cc
+++ b/components/password_manager/core/browser/sync_credentials_filter.cc
@@ -42,10 +42,10 @@ bool LastLoadWasTransactionalReauthPage(const GURL& last_load_url) {
 SyncCredentialsFilter::SyncCredentialsFilter(
    const PasswordManagerClient* client,
    SyncServiceFactoryFunction sync_service_factory_function,
-    SigninManagerFactoryFunction signin_manager_factory_function)
+    IdentityManagerFactoryFunction identity_manager_factory_function)
    : client_(client),
      sync_service_factory_function_(sync_service_factory_function),
-      signin_manager_factory_function_(signin_manager_factory_function) {}
+      identity_manager_factory_function_(identity_manager_factory_function) {}

 SyncCredentialsFilter::~SyncCredentialsFilter() {}

@@ -81,7 +81,7 @@ bool SyncCredentialsFilter::ShouldSave(
         !form.is_gaia_with_skip_save_password_form &&
         !sync_util::IsSyncAccountCredential(
             form, sync_service_factory_function_.Run(),
-             signin_manager_factory_function_.Run());
+             identity_manager_factory_function_.Run());
 }

 bool SyncCredentialsFilter::ShouldSaveGaiaPasswordHash(
@@ -102,8 +102,8 @@ bool SyncCredentialsFilter::ShouldSaveEnterprisePasswordHash(

 bool SyncCredentialsFilter::IsSyncAccountEmail(
    const std::string& username) const {
-  return sync_util::IsSyncAccountEmail(username,
-                                       signin_manager_factory_function_.Run());
+  return sync_util::IsSyncAccountEmail(
+      username, identity_manager_factory_function_.Run());
 }

 void SyncCredentialsFilter::ReportFormLoginSuccess(
@@ -112,7 +112,7 @@ void SyncCredentialsFilter::ReportFormLoginSuccess(
      sync_util::IsSyncAccountCredential(
          form_manager.GetPendingCredentials(),
          sync_service_factory_function_.Run(),
-          signin_manager_factory_function_.Run())) {
+          identity_manager_factory_function_.Run())) {
    base::RecordAction(base::UserMetricsAction(
        "PasswordManager_SyncCredentialFilledAndLoginSuccessfull"));
  }

--- a/components/password_manager/core/browser/sync_credentials_filter.h
+++ b/components/password_manager/core/browser/sync_credentials_filter.h
@@ -14,9 +14,12 @@
 #include "components/autofill/core/common/password_form.h"
 #include "components/password_manager/core/browser/credentials_filter.h"
 #include "components/password_manager/core/browser/password_manager_client.h"
-#include "components/signin/core/browser/signin_manager.h"
 #include "components/sync/driver/sync_service.h"

+namespace identity {
+class IdentityManager;
+}
+
 namespace password_manager {

 // The sync- and GAIA- aware implementation of the filter.
@@ -24,8 +27,8 @@ class SyncCredentialsFilter : public CredentialsFilter {
 public:
  using SyncServiceFactoryFunction =
      base::RepeatingCallback<const syncer::SyncService*(void)>;
-  using SigninManagerFactoryFunction =
-      base::RepeatingCallback<const SigninManagerBase*(void)>;
+  using IdentityManagerFactoryFunction =
+      base::RepeatingCallback<const identity::IdentityManager*(void)>;

  // Implements protection of sync credentials. Uses |client| to get the last
  // commited entry URL for a check against GAIA reauth site. Uses the factory
@@ -36,7 +39,7 @@ class SyncCredentialsFilter : public CredentialsFilter {
  SyncCredentialsFilter(
      const PasswordManagerClient* client,
      SyncServiceFactoryFunction sync_service_factory_function,
-      SigninManagerFactoryFunction signin_manager_factory_function);
+      IdentityManagerFactoryFunction identity_manager_factory_function);
  ~SyncCredentialsFilter() override;

  // CredentialsFilter
@@ -66,9 +69,9 @@ class SyncCredentialsFilter : public CredentialsFilter {

  const SyncServiceFactoryFunction sync_service_factory_function_;

-  // For incognito profile, |signin_manager_factory_function_| returns the
+  // For incognito profile, |identity_manager_factory_function_| returns the
  // sign in manager of its original profile.
-  const SigninManagerFactoryFunction signin_manager_factory_function_;
+  const IdentityManagerFactoryFunction identity_manager_factory_function_;

  DISALLOW_COPY_AND_ASSIGN(SyncCredentialsFilter);
 };

--- a/components/password_manager/core/browser/sync_credentials_filter_unittest.cc
+++ b/components/password_manager/core/browser/sync_credentials_filter_unittest.cc
@@ -13,7 +13,6 @@
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/macros.h"
-#include "base/message_loop/message_loop.h"
 #include "base/stl_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/test/metrics/histogram_tester.h"
@@ -105,7 +104,6 @@ class FakePasswordManagerClient : public StubPasswordManagerClient {
  void SetIsIncognito(bool is_incognito) { is_incognito_ = is_incognito; }

 private:
-  base::MessageLoop message_loop_;  // For |password_store_|.
  GURL last_committed_entry_url_;
  scoped_refptr<testing::NiceMock<MockPasswordStore>> password_store_;
  bool is_incognito_;
@@ -150,14 +148,14 @@ class CredentialsFilterTest : public SyncUsernameTestBase {
        filter_(&client_,
                base::BindRepeating(&SyncUsernameTestBase::sync_service,
                                    base::Unretained(this)),
-                base::BindRepeating(&SyncUsernameTestBase::signin_manager,
+                base::BindRepeating(&SyncUsernameTestBase::identity_manager,
                                    base::Unretained(this))) {
    form_manager_.Init(nullptr);
    fetcher_.Fetch();
  }

  void CheckFilterResultsTestCase(const TestCase& test_case) {
-    DCHECK(signin_manager()->IsAuthenticated());
+    DCHECK(identity_manager()->HasPrimaryAccount());

    SetSyncingPasswords(test_case.password_sync == TestCase::SYNCING_PASSWORDS);
    client_.set_last_committed_entry_url(test_case.last_committed_entry_url);
@@ -398,7 +396,7 @@ TEST_F(CredentialsFilterTest, ShouldSave_NotSyncCredential) {
  PasswordForm form = SimpleGaiaForm("user@example.org");

  ASSERT_NE("user@example.org",
-            signin_manager()->GetAuthenticatedAccountInfo().email);
+            identity_manager()->GetPrimaryAccountInfo().email);
  SetSyncingPasswords(true);
  EXPECT_TRUE(filter_.ShouldSave(form));
 }

--- a/components/password_manager/core/browser/sync_username_test_base.cc
+++ b/components/password_manager/core/browser/sync_username_test_base.cc
@@ -25,19 +25,26 @@ SyncUsernameTestBase::LocalFakeSyncService::GetPreferredDataTypes() const {

 SyncUsernameTestBase::SyncUsernameTestBase()
    : signin_client_(&prefs_),
+      token_service_(&prefs_),
 #if defined(OS_CHROMEOS)
      signin_manager_(&signin_client_,
                      &account_tracker_,
-                      nullptr /* signin_error_controller */) {
+                      nullptr /* signin_error_controller */),
 #else
-      token_service_(&prefs_),
      signin_manager_(&signin_client_,
                      &token_service_,
                      &account_tracker_,
                      nullptr, /* cookie_manager_service */
                      nullptr, /* signin_error_controller */
-                      signin::AccountConsistencyMethod::kDisabled) {
+                      signin::AccountConsistencyMethod::kDisabled),
 #endif
+      gaia_cookie_manager_service_(&token_service_,
+                                   "sync_username_test_base",
+                                   &signin_client_),
+      identity_test_env_(&account_tracker_,
+                         &token_service_,
+                         &signin_manager_,
+                         &gaia_cookie_manager_service_) {
  SigninManagerBase::RegisterProfilePrefs(prefs_.registry());
  AccountTrackerService::RegisterPrefs(prefs_.registry());
 #if !defined(OS_CHROMEOS)
@@ -49,7 +56,18 @@ SyncUsernameTestBase::SyncUsernameTestBase()
 SyncUsernameTestBase::~SyncUsernameTestBase() {}

 void SyncUsernameTestBase::FakeSigninAs(const std::string& email) {
-  signin_manager_.SetAuthenticatedAccountInfo("12345", email);
+  // This method is called in a roll by some tests. Differently than
+  // SigninManager, IdentityTestEnvironment does not allow logging in
+  // without a previously log-out.
+  // So make sure tests only log in once and that the email is the same
+  // in case of FakeSigninAs calls roll.
+  identity::IdentityManager* identity_manager =
+      identity_test_env_.identity_manager();
+  if (identity_manager->HasPrimaryAccount()) {
+    DCHECK_EQ(identity_manager->GetPrimaryAccountInfo().email, email);
+  } else {
+    identity_test_env_.MakePrimaryAccountAvailable(email);
+  }
 }

 // static

--- a/components/password_manager/core/browser/sync_username_test_base.h
+++ b/components/password_manager/core/browser/sync_username_test_base.h
@@ -10,23 +10,29 @@

 #include <string>

+#include "base/test/scoped_task_environment.h"
 #include "components/autofill/core/common/password_form.h"
 #include "components/signin/core/browser/account_tracker_service.h"
+#include "components/signin/core/browser/fake_gaia_cookie_manager_service.h"
+#include "components/signin/core/browser/fake_profile_oauth2_token_service.h"
 #include "components/signin/core/browser/signin_manager.h"
 #include "components/signin/core/browser/test_signin_client.h"
 #include "components/sync/base/model_type.h"
 #include "components/sync/driver/fake_sync_service.h"
 #include "components/sync_preferences/testing_pref_service_syncable.h"
+#include "services/identity/public/cpp/identity_test_environment.h"
 #include "testing/gtest/include/gtest/gtest.h"

-#if !defined(OS_CHROMEOS)
-#include "components/signin/core/browser/fake_profile_oauth2_token_service.h"
-#endif
-
 namespace password_manager {

 class SyncUsernameTestBase : public testing::Test {
 public:
+#if defined(OS_CHROMEOS)
+  using SigninManagerType = FakeSigninManagerBase;
+#else
+  using SigninManagerType = FakeSigninManager;
+#endif
+
  SyncUsernameTestBase();
  ~SyncUsernameTestBase() override;

@@ -47,6 +53,10 @@ class SyncUsernameTestBase : public testing::Test {

  const SigninManagerBase* signin_manager() { return &signin_manager_; }

+  const identity::IdentityManager* identity_manager() {
+    return identity_test_env_.identity_manager();
+  }
+
 private:
  class LocalFakeSyncService : public syncer::FakeSyncService {
   public:
@@ -64,15 +74,14 @@ class SyncUsernameTestBase : public testing::Test {
    bool syncing_passwords_;
  };

+  base::test::ScopedTaskEnvironment scoped_task_env_;
  sync_preferences::TestingPrefServiceSyncable prefs_;
  TestSigninClient signin_client_;
  AccountTrackerService account_tracker_;
-#if defined(OS_CHROMEOS)
-  SigninManagerBase signin_manager_;
-#else
  FakeProfileOAuth2TokenService token_service_;
-  SigninManager signin_manager_;
-#endif
+  SigninManagerType signin_manager_;
+  FakeGaiaCookieManagerService gaia_cookie_manager_service_;
+  identity::IdentityTestEnvironment identity_test_env_;
  LocalFakeSyncService sync_service_;
 };


--- a/ios/chrome/browser/passwords/ios_chrome_password_manager_client.mm
+++ b/ios/chrome/browser/passwords/ios_chrome_password_manager_client.mm
@@ -18,13 +18,12 @@
 #include "components/password_manager/core/browser/password_manager_util.h"
 #include "components/password_manager/core/browser/store_metrics_reporter.h"
 #include "components/password_manager/core/common/password_manager_pref_names.h"
-#include "components/signin/core/browser/signin_manager_base.h"
 #include "ios/chrome/browser/application_context.h"
 #include "ios/chrome/browser/browser_state/chrome_browser_state.h"
 #include "ios/chrome/browser/experimental_flags.h"
 #include "ios/chrome/browser/passwords/ios_chrome_password_store_factory.h"
 #include "ios/chrome/browser/passwords/password_manager_internals_service_factory.h"
-#include "ios/chrome/browser/signin/signin_manager_factory.h"
+#include "ios/chrome/browser/signin/identity_manager_factory.h"
 #include "ios/chrome/browser/sync/profile_sync_service_factory.h"
 #include "net/cert/cert_status_flags.h"
 #include "services/metrics/public/cpp/ukm_recorder.h"
@@ -46,9 +45,9 @@ const syncer::SyncService* GetSyncService(
  return ProfileSyncServiceFactory::GetForBrowserStateIfExists(browser_state);
 }

-const SigninManagerBase* GetSigninManager(
+const identity::IdentityManager* GetIdentityManager(
    ios::ChromeBrowserState* browser_state) {
-  return ios::SigninManagerFactory::GetForBrowserState(browser_state);
+  return IdentityManagerFactory::GetForBrowserState(browser_state);
 }

 }  // namespace
@@ -58,14 +57,14 @@ IOSChromePasswordManagerClient::IOSChromePasswordManagerClient(
    : delegate_(delegate),
      credentials_filter_(
          this,
-          base::Bind(&GetSyncService, delegate_.browserState),
-          base::Bind(&GetSigninManager, delegate_.browserState)),
+          base::BindRepeating(&GetSyncService, delegate_.browserState),
+          base::BindRepeating(&GetIdentityManager, delegate_.browserState)),
      helper_(this) {
  saving_passwords_enabled_.Init(
      password_manager::prefs::kCredentialsEnableService, GetPrefs());
  static base::NoDestructor<password_manager::StoreMetricsReporter> reporter(
      *saving_passwords_enabled_, this, GetSyncService(delegate_.browserState),
-      GetSigninManager(delegate_.browserState), GetPrefs());
+      GetIdentityManager(delegate_.browserState), GetPrefs());
  log_manager_ = password_manager::LogManager::Create(
      ios::PasswordManagerInternalsServiceFactory::GetForBrowserState(
          delegate_.browserState),