Browser test to check if phishguard captures pasted passwords

Bug: 948767
Change-Id: Iff94edda9604b9efa7e9792b7bc5ff224525cd8a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1597540Reviewed-by: Vadym Doroshenko <dvadym@chromium.org>
Reviewed-by: Varun Khaneja <vakh@chromium.org>
Reviewed-by: Daniel Rubery <drubery@chromium.org>
Commit-Queue: Archana Simha <archanasimha@google.com>
Cr-Commit-Position: refs/heads/master@{#663868}

chrome/browser/password_manager/chrome_password_manager_client.cc

@@ -679,11 +679,14 @@ void ChromePasswordManagerClient::DidStartNavigation(
 
 #if defined(SYNC_PASSWORD_REUSE_DETECTION_ENABLED)
 void ChromePasswordManagerClient::OnPaste() {
-  ui::Clipboard* clipboard = ui::Clipboard::GetForCurrentThread();
+  password_reuse_detection_manager_.OnPaste(GetTextFromClipboard());
+}
+
+base::string16 ChromePasswordManagerClient::GetTextFromClipboard() {
   base::string16 text;
-  clipboard->ReadText(ui::CLIPBOARD_TYPE_COPY_PASTE, &text);
-  was_on_paste_called_ = true;
-  password_reuse_detection_manager_.OnPaste(std::move(text));
+  ui::Clipboard::GetForCurrentThread()->ReadText(ui::CLIPBOARD_TYPE_COPY_PASTE,
+                                                 &text);
+  return text;
 }
 #endif
 

chrome/browser/password_manager/chrome_password_manager_client.h

@@ -185,7 +185,6 @@ class ChromePasswordManagerClient
   bool has_binding_for_credential_manager() const {
     return content_credential_manager_.HasBinding();
   }
-  bool was_on_paste_called() const { return was_on_paste_called_; }
 #endif
 
  protected:
@@ -193,6 +192,12 @@ class ChromePasswordManagerClient
   ChromePasswordManagerClient(content::WebContents* web_contents,
                               autofill::AutofillClient* autofill_client);
 
+  // content::WebContentsObserver override
+#if defined(SYNC_PASSWORD_REUSE_DETECTION_ENABLED)
+  void OnPaste() override;
+  base::string16 GetTextFromClipboard();
+#endif
+
  private:
   friend class content::WebContentsUserData<ChromePasswordManagerClient>;
 
@@ -201,9 +206,6 @@ class ChromePasswordManagerClient
       content::NavigationHandle* navigation_handle) override;
   void DidFinishNavigation(
       content::NavigationHandle* navigation_handle) override;
-#if defined(SYNC_PASSWORD_REUSE_DETECTION_ENABLED)
-  void OnPaste() override;
-#endif
 
 // TODO(crbug.com/706392): Fix password reuse detection for Android.
 #if !defined(OS_ANDROID)
@@ -289,9 +291,6 @@ class ChromePasswordManagerClient
   // WebContents. Used for testing.
   bool was_store_ever_called_ = false;
 
-  // Whether OnPaste() was called from this ChromePasswordManagerClient
-  bool was_on_paste_called_ = false;
-
   // Helper for performing logic that is common between
   // ChromePasswordManagerClient and IOSChromePasswordManagerClient.
   password_manager::PasswordManagerClientHelper helper_;

chrome/browser/password_manager/password_manager_browsertest.cc

@@ -47,6 +47,7 @@
 #include "components/password_manager/content/browser/content_password_manager_driver_factory.h"
 #include "components/password_manager/core/browser/http_auth_manager.h"
 #include "components/password_manager/core/browser/http_auth_observer.h"
+#include "components/password_manager/core/browser/mock_password_store.h"
 #include "components/password_manager/core/browser/new_password_form_manager.h"
 #include "components/password_manager/core/browser/test_password_store.h"
 #include "components/password_manager/core/common/password_manager_features.h"
@@ -63,12 +64,14 @@
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/test/browser_test_utils.h"
+#include "content/public/test/web_contents_tester.h"
 #include "net/base/filename_util.h"
 #include "net/test/embedded_test_server/http_request.h"
 #include "net/test/embedded_test_server/http_response.h"
 #include "net/url_request/test_url_fetcher_factory.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "third_party/blink/public/platform/web_input_event.h"
+#include "ui/base/clipboard/test/test_clipboard.h"
 #include "ui/base/ui_base_switches.h"
 #include "ui/events/keycodes/keyboard_codes.h"
 #include "ui/gfx/geometry/point.h"
@@ -4061,5 +4064,22 @@ IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, FormDynamicallyChanged) {
   WaitForElementValue("password_field", "pw");
 }
 
+IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest,
+                       CheckOnPasteCalledForPasteEvent) {
+  ::ui::Clipboard::SetClipboardForCurrentThread(
+      std::make_unique<::ui::TestClipboard>());
+  const std::string password = "password";
+  static_cast<::ui::TestClipboard*>(::ui::Clipboard::GetForCurrentThread())
+      ->WriteText(password.data(), password.length());
+  NavigateToFile("/password/password_form.html");
+  CustomPasswordManagerClient* client =
+      static_cast<CustomPasswordManagerClient*>(
+          ChromePasswordManagerClient::FromWebContents(WebContents()));
+  content::SimulateKeyPress(WebContents(), ::ui::DomKey::PASTE,
+                            ::ui::DomCode::PASTE, ::ui::VKEY_PASTE, true, true,
+                            false, true);
+  EXPECT_EQ(client->pasted_value(), base::ASCIIToUTF16("password"));
+}
+
 }  // namespace
 }  // namespace password_manager

chrome/browser/password_manager/password_manager_test_base.cc

@@ -63,26 +63,6 @@ class PasswordStoreResultsObserver
   DISALLOW_COPY_AND_ASSIGN(PasswordStoreResultsObserver);
 };
 
-// Custom class is required to enable password generation.
-class CustomPasswordManagerClient : public ChromePasswordManagerClient {
- public:
-  using ChromePasswordManagerClient::ChromePasswordManagerClient;
-
-  static void CreateForWebContentsWithAutofillClient(
-      content::WebContents* contents,
-      autofill::AutofillClient* autofill_client) {
-    ASSERT_FALSE(FromWebContents(contents));
-    contents->SetUserData(UserDataKey(),
-                          base::WrapUnique(new CustomPasswordManagerClient(
-                              contents, autofill_client)));
-  }
-
-  // PasswordManagerClient:
-  password_manager::SyncState GetPasswordSyncState() const override {
-    return password_manager::SYNCING_NORMAL_ENCRYPTION;
-  }
-};
-
 // ManagePasswordsUIController subclass to capture the UI events.
 class CustomManagePasswordsUIController : public ManagePasswordsUIController {
  public:
@@ -304,6 +284,25 @@ enum ReturnCodes {  // Possible results of the JavaScript code.
 };
 
 }  // namespace
+void CustomPasswordManagerClient::CreateForWebContentsWithAutofillClient(
+    content::WebContents* contents,
+    autofill::AutofillClient* autofill_client) {
+  ASSERT_FALSE(FromWebContents(contents));
+  contents->SetUserData(UserDataKey(),
+                        base::WrapUnique(new CustomPasswordManagerClient(
+                            contents, autofill_client)));
+}
+
+// PasswordManagerClient:
+password_manager::SyncState CustomPasswordManagerClient::GetPasswordSyncState()
+    const {
+  return password_manager::SYNCING_NORMAL_ENCRYPTION;
+}
+
+void CustomPasswordManagerClient::OnPaste() {
+  pasted_value_ = ChromePasswordManagerClient::GetTextFromClipboard();
+  ChromePasswordManagerClient::OnPaste();
+}
 
 NavigationObserver::NavigationObserver(content::WebContents* web_contents)
     : content::WebContentsObserver(web_contents),

chrome/browser/password_manager/password_manager_test_base.h

@@ -9,6 +9,7 @@
 
 #include "base/macros.h"
 #include "base/run_loop.h"
+#include "chrome/browser/password_manager/chrome_password_manager_client.h"
 #include "chrome/browser/ssl/cert_verifier_browser_test.h"
 #include "chrome/test/base/in_process_browser_test.h"
 #include "components/password_manager/core/browser/password_store_consumer.h"
@@ -21,6 +22,26 @@ struct PasswordForm;
 
 class ManagePasswordsUIController;
 
+// Custom class is required to enable password generation.
+class CustomPasswordManagerClient : public ChromePasswordManagerClient {
+ public:
+  using ChromePasswordManagerClient::ChromePasswordManagerClient;
+  static void CreateForWebContentsWithAutofillClient(
+      content::WebContents* contents,
+      autofill::AutofillClient* autofill_client);
+
+  // PasswordManagerClient:
+  password_manager::SyncState GetPasswordSyncState() const override;
+
+  void OnPaste() override;
+
+  base::string16 pasted_value() { return pasted_value_; }
+
+ private:
+  // Represents the text passed to PasswordResuseManager's OnPaste() method.
+  base::string16 pasted_value_;
+};
+
 class NavigationObserver : public content::WebContentsObserver {
  public:
   explicit NavigationObserver(content::WebContents* web_contents);