Allow the browser to choose PasswordManager's authorization prompt policy.

This only affects OSX. Recently, Chrome stopped prompting users for access to
the keychain to autofill passwords (to pull in passwords from other browsers).
Opera wants to use a different policy, so pull the logic into
password_manager_client.

BUG=178358

Review URL: https://codereview.chromium.org/444753002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@287825 0039d316-1c4b-4281-b951-d872f2087c98

components/password_manager/core/browser/password_manager.cc

@@ -373,18 +373,8 @@ void PasswordManager::CreatePendingLoginManagers(
         new PasswordFormManager(this, client_, driver_, *iter, ssl_valid);
     pending_login_managers_.push_back(manager);
 
-    // Password Autofill is supposed to be a convenience. If it creates a
-    // blocking dialog, it is no longer convenient. We should only prompt the
-    // user after a full username has been typed in. Until that behavior is
-    // implemented, never prompt the user for keychain access.
-    // Effectively, this means that passwords stored by Chrome still work,
-    // since Chrome can access those without a prompt, but passwords stored by
-    // Safari, Firefox, or Chrome Canary will not work. Note that the latest
-    // build of Safari and Firefox don't create keychain items with the
-    // relevant tags anyways (7/11/2014).
-    // http://crbug.com/178358
     PasswordStore::AuthorizationPromptPolicy prompt_policy =
-        PasswordStore::DISALLOW_PROMPT;
+        client_->GetAuthorizationPromptPolicy(*iter);
 
     manager->FetchMatchingLoginsFromPasswordStore(prompt_policy);
   }

components/password_manager/core/browser/password_manager_client.cc

@@ -33,4 +33,20 @@ bool PasswordManagerClient::IsLoggingActive() const {
   return false;
 }
 
+PasswordStore::AuthorizationPromptPolicy
+PasswordManagerClient::GetAuthorizationPromptPolicy(
+    const autofill::PasswordForm& form) {
+  // Password Autofill is supposed to be a convenience. If it creates a
+  // blocking dialog, it is no longer convenient. We should only prompt the
+  // user after a full username has been typed in. Until that behavior is
+  // implemented, never prompt the user for keychain access.
+  // Effectively, this means that passwords stored by Chrome still work,
+  // since Chrome can access those without a prompt, but passwords stored by
+  // Safari, Firefox, or Chrome Canary will not work. Note that the latest
+  // build of Safari and Firefox don't create keychain items with the
+  // relevant tags anyways (7/11/2014).
+  // http://crbug.com/178358
+  return PasswordStore::DISALLOW_PROMPT;
+}
+
 }  // namespace password_manager

components/password_manager/core/browser/password_manager_client.h

@@ -8,6 +8,7 @@
 #include "base/metrics/field_trial.h"
 #include "components/autofill/core/common/password_form.h"
 #include "components/autofill/core/common/password_form_fill_data.h"
+#include "components/password_manager/core/browser/password_store.h"
 
 class PrefService;
 
@@ -100,6 +101,11 @@ class PasswordManagerClient {
   // displayed, and false otherwise.
   virtual bool IsLoggingActive() const;
 
+  // Returns the authorization prompt policy to be used with the given form.
+  // Only relevant on OSX.
+  virtual PasswordStore::AuthorizationPromptPolicy GetAuthorizationPromptPolicy(
+      const autofill::PasswordForm& form);
+
  private:
   DISALLOW_COPY_AND_ASSIGN(PasswordManagerClient);
 };