[Signin] Send eligible_for_consistency to Gaia URLs only

Modifies logic for the signed out state: X-Chrome-Connected with
eligible_for_consistency is now sent to Gaia URLs only. This only
affects Android and iOS with MobileIdentityConsistency flag enabled.

Bug: 1129777
Change-Id: Ib702f0efabeb926f45b553841a6690c384f1187e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2418576
Commit-Queue: Mihai Sardarescu <msarda@chromium.org>
Reviewed-by: Mihai Sardarescu <msarda@chromium.org>
Cr-Commit-Position: refs/heads/master@{#808808}

components/signin/core/browser/chrome_connected_header_helper.cc

@@ -196,7 +196,8 @@ std::string ChromeConnectedHeaderHelper::BuildRequestHeader(
 #if !defined(OS_CHROMEOS)
   if (!force_account_consistency && gaia_id.empty()) {
 #if defined(OS_ANDROID) || defined(OS_IOS)
-    if (base::FeatureList::IsEnabled(kMobileIdentityConsistency)) {
+    if (base::FeatureList::IsEnabled(kMobileIdentityConsistency) &&
+        gaia::IsGaiaSignonRealm(url.GetOrigin())) {
       parts.push_back(
           base::StringPrintf("%s=%s", kEligibleForConsistency, "true"));
       return base::JoinString(parts, is_header_request ? "," : ":");

components/signin/core/browser/signin_header_helper_unittest.cc

@@ -161,20 +161,33 @@ TEST_F(SigninHeaderHelperTest, TestMirrorRequestNoAccountIdChromeOS) {
 }
 #else  // !defined(OS_CHROMEOS)
 #if defined(OS_ANDROID) || defined(OS_IOS)
-// Tests that Mirror request is returned on mobile (Android, iOS) for Public
-// Sessions (no account id), when the Mobile Identity Consistency feature is
-// enabled.
-TEST_F(SigninHeaderHelperTest, TestMirrorRequestNoAccountIdMobile) {
+// Tests that eligible_for_consistency request is returned on mobile (Android,
+// iOS) when reaching to Gaia origin and there's no primary account. Only
+// applicable when the Mobile Identity Consistency is enabled.
+TEST_F(SigninHeaderHelperTest, TestEligibleForConsistencyRequestGaiaOrigin) {
   base::test::ScopedFeatureList feature_list;
   feature_list.InitAndEnableFeature(kMobileIdentityConsistency);
 
   account_consistency_ = AccountConsistencyMethod::kMirror;
-  CheckMirrorHeaderRequest(GURL("https://docs.google.com"), "",
+  CheckMirrorHeaderRequest(GURL("https://accounts.google.com"), "",
                            "source=TestSource,eligible_for_consistency=true");
-  CheckMirrorCookieRequest(GURL("https://docs.google.com"), "",
+  CheckMirrorCookieRequest(GURL("https://accounts.google.com"), "",
                            "eligible_for_consistency=true");
 }
 
+// Tests that eligible_for_consistency request is NOT returned on mobile
+// (Android, iOS) when reaching to NON-Gaia origin and there's no primary
+// account. Only applicable when the Mobile Identity Consistency is enabled.
+TEST_F(SigninHeaderHelperTest,
+       TestNoEligibleForConsistencyRequestNonGaiaOrigin) {
+  base::test::ScopedFeatureList feature_list;
+  feature_list.InitAndEnableFeature(kMobileIdentityConsistency);
+
+  account_consistency_ = AccountConsistencyMethod::kMirror;
+  CheckMirrorHeaderRequest(GURL("https://docs.google.com"), "", "");
+  CheckMirrorCookieRequest(GURL("https://docs.google.com"), "", "");
+}
+
 // Tests that the full Mirror request is returned when the
 // force_account_consistency param is true.
 TEST_F(SigninHeaderHelperTest, TestForceAccountConsistencyMobile) {