[iOS] Remove CHROME_CONNECTED cookie after displaying sign-in promo.

Currently Chrome stores whether it should show a sign-in promo on accounts.google.com in the CHROME_CONNECTED cookie. Once the promo is displayed it no longer requires this information and we should remove the cookie. This will not affect existing functionality since the CHROME_CONNECTED cookie is used for signed-in users and the promo will only be displayed to signed out users. Bug: 1125631 Change-Id: I504974aaebf8e7e71a596342726c5f5df0f189c7 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2440596Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Commit-Queue: Nohemi Fernandez <fernandex@chromium.org> Cr-Commit-Position: refs/heads/master@{#812078}

[iOS] Remove CHROME_CONNECTED cookie after displaying sign-in promo.
Currently Chrome stores whether it should show a sign-in promo on accounts.google.com in the CHROME_CONNECTED cookie. Once the promo is displayed it no longer requires this information and we should remove the cookie. This will not affect existing functionality since the CHROME_CONNECTED cookie is used for signed-in users and the promo will only be displayed to signed out users. Bug: 1125631 Change-Id: I504974aaebf8e7e71a596342726c5f5df0f189c7 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2440596Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Commit-Queue: Nohemi Fernandez <fernandex@chromium.org> Cr-Commit-Position: refs/heads/master@{#812078}
83aea86e · Nohemi Fernandez · Commit Bot · c5cc7179 · 83aea86e · 83aea86e
Commit 83aea86e authored Sep 30, 2020 by Nohemi Fernandez Committed by Commit Bot Sep 30, 2020
3 changed files
--- a/components/signin/ios/browser/account_consistency_service.h
+++ b/components/signin/ios/browser/account_consistency_service.h
@@ -82,6 +82,10 @@ class AccountConsistencyService : public KeyedService,
  // |url|. The cookie is set if it is not already on the domain.
  void SetChromeConnectedCookieWithUrls(const std::vector<const GURL>& urls);

+  // Removes CHROME_CONNECTED cookies on all the Google domains where it was
+  // set. Calls callback once all cookies were removed.
+  void RemoveAllChromeConnectedCookies(base::OnceClosure callback);
+
  // Notifies the AccountConsistencyService that browsing data has been removed
  // for any time period.
  void OnBrowsingDataRemoved();
@@ -126,10 +130,6 @@ class AccountConsistencyService : public KeyedService,
  // Adds CHROME_CONNECTED cookies on all the main Google domains.
  void AddChromeConnectedCookies();

-  // Removes CHROME_CONNECTED cookies on all the Google domains where it was
-  // set. Calls callback once all cookies were removed.
-  void RemoveAllChromeConnectedCookies(base::OnceClosure callback);
-
  // Triggers a Gaia cookie update on the Google domain.
  void TriggerGaiaCookieChangeIfDeleted(
      const net::CookieAccessResultList& cookie_list,

--- a/components/signin/ios/browser/account_consistency_service.mm
+++ b/components/signin/ios/browser/account_consistency_service.mm
@@ -53,10 +53,14 @@ constexpr base::TimeDelta kDelayThresholdToUpdateGaiaCookie =

 const char* kGoogleUrl = "https://google.com";
 const char* kYoutubeUrl = "https://youtube.com";
+const char* kGaiaDomain = "accounts.google.com";

 // Returns the registered, organization-identifying host, but no subdomains,
 // from the given GURL. Returns an empty string if the GURL is invalid.
 static std::string GetDomainFromUrl(const GURL& url) {
+  if (gaia::IsGaiaSignonRealm(url.GetOrigin())) {
+    return kGaiaDomain;
+  }
  return net::registry_controlled_domains::GetDomainAndRegistry(
      url, net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES);
 }
@@ -202,6 +206,12 @@ void AccountConsistencyHandler::PageLoaded(
  }
  [delegate_ onShowConsistencyPromo];
  show_consistency_promo_ = false;
+
+  // Chrome uses the CHROME_CONNECTED cookie to determine whether the
+  // eligibility promo should be shown. Once it is shown we should remove the
+  // cookie, since it should otherwise not be used unless the user is signed in.
+  account_consistency_service_->RemoveAllChromeConnectedCookies(
+      base::OnceClosure());
 }

 void AccountConsistencyHandler::WebStateDestroyed(web::WebState* web_state) {}

--- a/components/signin/ios/browser/account_consistency_service_unittest.mm
+++ b/components/signin/ios/browser/account_consistency_service_unittest.mm
@@ -762,34 +762,68 @@ TEST_F(AccountConsistencyServiceTest, SetChromeConnectedCookiesAfterDelete) {
  CheckDomainHasChromeConnectedCookie("google.ca");
 }

-// Ensures that CHROME_CONNECTED cookies are only set on GAIA urls when the user
-// is signed out for |kMobileIdentityConsistency| experiment.
+// Ensures that CHROME_CONNECTED cookies are not set on google.com when the user
+// is signed out and navigating to google.com for |kMobileIdentityConsistency|
+// experiment.
 TEST_F(AccountConsistencyServiceTest,
-       SetMiceChromeConnectedCookiesSignedOutUser) {
+       SetMiceChromeConnectedCookiesSignedOutGoogleVisitor) {
  base::test::ScopedFeatureList feature_list;
  feature_list.InitAndEnableFeature(signin::kMobileIdentityConsistency);
-
  id delegate =
      [OCMockObject mockForProtocol:@protocol(ManageAccountsDelegate)];
-  NSDictionary* headers = [NSDictionary dictionary];
-  NSHTTPURLResponse* responseGoogle = [[NSHTTPURLResponse alloc]
+
+  NSDictionary* headers =
+      [NSDictionary dictionaryWithObject:@"action=ADDSESSION"
+                                  forKey:@"X-Chrome-Manage-Accounts"];
+  NSHTTPURLResponse* response = [[NSHTTPURLResponse alloc]
       initWithURL:[NSURL URLWithString:@"https://google.com/"]
        statusCode:200
       HTTPVersion:@"HTTP/1.1"
      headerFields:headers];
  account_consistency_service_->SetWebStateHandler(&web_state_, delegate);

-  EXPECT_TRUE(web_state_.ShouldAllowResponse(responseGoogle,
+  EXPECT_TRUE(web_state_.ShouldAllowResponse(response,
                                             /* for_main_frame = */ true));
+
+  CheckNoChromeConnectedCookies();
+  SimulateNavigateToUrl(web::PageLoadCompletionStatus::SUCCESS,
+                        GURL("https://google.com/"));
  CheckNoChromeConnectedCookies();

-  NSHTTPURLResponse* responseGaia = [[NSHTTPURLResponse alloc]
+  web_state_.WebStateDestroyed();
+  EXPECT_OCMOCK_VERIFY(delegate);
+}
+
+// Ensures that CHROME_CONNECTED cookies are only set on GAIA urls when the user
+// is signed out and taps sign-in button for |kMobileIdentityConsistency|
+// experiment. These cookies are immediately removed after the sign-in promo is
+// shown.
+TEST_F(AccountConsistencyServiceTest,
+       SetMiceChromeConnectedCookiesSignedOutGaiaVisitor) {
+  base::test::ScopedFeatureList feature_list;
+  feature_list.InitAndEnableFeature(signin::kMobileIdentityConsistency);
+  id delegate =
+      [OCMockObject mockForProtocol:@protocol(ManageAccountsDelegate)];
+  [[delegate expect] onShowConsistencyPromo];
+
+  NSDictionary* headers = [NSDictionary
+      dictionaryWithObject:@"action=ADDSESSION,show_consistency_promo=true"
+                    forKey:@"X-Chrome-Manage-Accounts"];
+  NSHTTPURLResponse* response = [[NSHTTPURLResponse alloc]
       initWithURL:[NSURL URLWithString:@"https://accounts.google.com/"]
        statusCode:200
       HTTPVersion:@"HTTP/1.1"
      headerFields:headers];
-  EXPECT_TRUE(web_state_.ShouldAllowResponse(responseGaia,
+  account_consistency_service_->SetWebStateHandler(&web_state_, delegate);
+
+  EXPECT_TRUE(web_state_.ShouldAllowResponse(response,
                                             /* for_main_frame = */ true));
+
+  CheckDomainHasChromeConnectedCookie("accounts.google.com");
+  SimulateNavigateToUrl(web::PageLoadCompletionStatus::SUCCESS,
+                        GURL("https://accounts.google.com/"));
+  CheckNoChromeConnectedCookies();
+
  web_state_.WebStateDestroyed();
-  CheckDomainHasChromeConnectedCookie("google.com");
+  EXPECT_OCMOCK_VERIFY(delegate);
 }