Skip to content

GitLab

T
tangled
Commit 8b92b6ea authored by mkwst's avatar mkwst Committed by Commit bot
Browse files
Options

Credential Manager: Respect the 'skip_zero_click' flag for 'request()'. 

Now that we're setting the 'skip_zero_click' flag in 'notifySignedOut',
we ought to respect it when generating the list of items for 'request()'

BUG=450581
R=vabr@chromium.org, vasilii@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/896803003

Cr-Commit-Position: refs/heads/master@{#315287}
parent 823b2ac8
Hide whitespace changes
Inline Side-by-side
Showing with 73 additions and 8 deletions
components/password_manager/content/browser/credential_manager_dispatcher.cc
View file @ 8b92b6ea
......@@ -53,10 +53,23 @@ class CredentialManagerDispatcher::PendingRequestTask
// ScopedVector.
std::vector<autofill::PasswordForm*> local_results;
std::vector<autofill::PasswordForm*> federated_results;
autofill::PasswordForm* zero_click_form_to_return = nullptr;
bool found_zero_clickable_credential = false;
for (autofill::PasswordForm* form : results) {
if (form->origin == origin_)
if (form->origin == origin_) {
local_results.push_back(form);
else if (federations_.count(form->origin.spec()))
// If this is a zero-clickable PasswordForm, and we haven't found any
// other zero-clickable PasswordForms, then store this one for later.
// If we have found other zero-clickable PasswordForms, then clear
// the stored form (we return zero-click forms iff there is a single,
// unambigious choice).
if (!form->skip_zero_click) {
zero_click_form_to_return =
found_zero_clickable_credential ? nullptr : form;
found_zero_clickable_credential = true;
}
} else if (federations_.count(form->origin.spec()))
federated_results.push_back(form);
else
delete form;
......@@ -68,11 +81,9 @@ class CredentialManagerDispatcher::PendingRequestTask
dispatcher_->SendCredential(id_, CredentialInfo());
return;
}
if (local_results.size() == 1 && dispatcher_->IsZeroClickAllowed()) {
// TODO(mkwst): Use the `one_time_disable_zero_click` flag on the result
// to prevent auto-sign-in, once that flag is implemented.
CredentialInfo info(*local_results[0],
local_results[0]->federation_url.is_empty()
if (zero_click_form_to_return && dispatcher_->IsZeroClickAllowed()) {
CredentialInfo info(*zero_click_form_to_return,
zero_click_form_to_return->federation_url.is_empty()
? CredentialType::CREDENTIAL_TYPE_LOCAL
: CredentialType::CREDENTIAL_TYPE_FEDERATED);
STLDeleteElements(&local_results);
......
components/password_manager/content/browser/credential_manager_dispatcher_unittest.cc
View file @ 8b92b6ea
......@@ -167,13 +167,15 @@ class CredentialManagerDispatcherTest
form_.origin = web_contents()->GetLastCommittedURL().GetOrigin();
form_.signon_realm = form_.origin.spec();
form_.scheme = autofill::PasswordForm::SCHEME_HTML;
form_.skip_zero_click = false;
form2_.username_value = base::ASCIIToUTF16("Username 2");
form2_.display_name = base::ASCIIToUTF16("Display Name 2");
form2_.password_value = base::ASCIIToUTF16("Password 2");
form2_.origin = web_contents()->GetLastCommittedURL().GetOrigin();
form2_.signon_realm = form_.origin.spec();
form2_.signon_realm = form2_.origin.spec();
form2_.scheme = autofill::PasswordForm::SCHEME_HTML;
form2_.skip_zero_click = false;
cross_origin_form_.username_value = base::ASCIIToUTF16("Username");
cross_origin_form_.display_name = base::ASCIIToUTF16("Display Name");
......@@ -181,6 +183,7 @@ class CredentialManagerDispatcherTest
cross_origin_form_.origin = GURL("https://example.net/");
cross_origin_form_.signon_realm = cross_origin_form_.origin.spec();
cross_origin_form_.scheme = autofill::PasswordForm::SCHEME_HTML;
cross_origin_form_.skip_zero_click = false;
store_->Clear();
EXPECT_TRUE(store_->IsEmpty());
......@@ -403,6 +406,57 @@ TEST_F(CredentialManagerDispatcherTest,
EXPECT_EQ(CredentialType::CREDENTIAL_TYPE_EMPTY, get<1>(send_param).type);
}
TEST_F(CredentialManagerDispatcherTest,
OnRequestCredentialWithZeroClickOnlyOnePasswordStore) {
form_.skip_zero_click = true;
store_->AddLogin(form_);
store_->AddLogin(form2_);
std::vector<GURL> federations;
dispatcher()->OnRequestCredential(kRequestId, true, federations);
RunAllPendingTasks();
const uint32 kMsgID = CredentialManagerMsg_SendCredential::ID;
const IPC::Message* message =
process()->sink().GetFirstMessageMatching(kMsgID);
EXPECT_TRUE(message);
EXPECT_FALSE(client_->did_prompt_user_to_choose());
CredentialManagerMsg_SendCredential::Param send_param;
CredentialManagerMsg_SendCredential::Read(message, &send_param);
// We should get |form2_| back, as |form_| is marked as skipping zero-click.
EXPECT_EQ(CredentialType::CREDENTIAL_TYPE_LOCAL, get<1>(send_param).type);
EXPECT_EQ(form2_.username_value, get<1>(send_param).id);
EXPECT_EQ(form2_.display_name, get<1>(send_param).name);
EXPECT_EQ(form2_.password_value, get<1>(send_param).password);
}
TEST_F(CredentialManagerDispatcherTest,
OnRequestCredentialWithZeroClickOnlyCrossOriginPasswordStore) {
store_->AddLogin(cross_origin_form_);
form_.skip_zero_click = true;
store_->AddLogin(form_);
std::vector<GURL> federations;
dispatcher()->OnRequestCredential(kRequestId, true, federations);
RunAllPendingTasks();
const uint32 kMsgID = CredentialManagerMsg_SendCredential::ID;
const IPC::Message* message =
process()->sink().GetFirstMessageMatching(kMsgID);
EXPECT_TRUE(message);
EXPECT_FALSE(client_->did_prompt_user_to_choose());
CredentialManagerMsg_SendCredential::Param send_param;
CredentialManagerMsg_SendCredential::Read(message, &send_param);
// We only have cross-origin zero-click credentials; they should not be
// returned.
EXPECT_EQ(CredentialType::CREDENTIAL_TYPE_EMPTY, get<1>(send_param).type);
}
TEST_F(CredentialManagerDispatcherTest,
CredentialManagerOnRequestCredentialWhileRequestPending) {
client_->set_zero_click_enabled(false);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment