[PwdCheckManager] Add GetCompromisedCredentials to PasswordCheckManager

The check manager will now package the compromised credentials
in a format that is useful to the Java side and send them over to the
bridge.

Bug: 1102025
Change-Id: I86d6dc86c379a4dc67c618cb048a2eff8bbe5af7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2339967
Commit-Queue: Ioana Pandele <ioanap@chromium.org>
Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org>
Cr-Commit-Position: refs/heads/master@{#796036}

chrome/app/generated_resources.grd

@@ -4942,6 +4942,11 @@ Keep your key file in a safe place. You will need it to create new versions of y
           Manage passwords
         </message>
       </if>
+      <if expr="is_android">
+        <message name="IDS_SETTINGS_PASSWORDS_ANDROID_APP" desc="Label for the app a password is for when displaying a credential and the real app display name could not be obtained.">
+          App (<ph name="ANDROID_PACKAGE_NAME">$1<ex>com.netflix.mediaclient</ex></ph>)
+        </message>
+      </if>
       <!-- Password manager onboarding strings -->
       <message name="IDS_PASSWORD_MANAGER_ONBOARDING_TITLE_A" desc="The title shown in the password manager onboarding dialog.">
         Save your passwords?

chrome/app/generated_resources_grd/IDS_SETTINGS_PASSWORDS_ANDROID_APP.png.sha1

+56486e2523a8ed588602b35a82b3a448adcfcf60
\ No newline at end of file

chrome/browser/password_check/android/internal/BUILD.gn

@@ -73,6 +73,7 @@ android_library("internal_java") {
     "//third_party/android_deps:androidx_recyclerview_recyclerview_java",
     "//third_party/android_sdk/androidx_browser:androidx_browser_java",
     "//ui/android:ui_full_java",
+    "//url:gurl_java",
     _public_target,
   ]
   sources = [

chrome/browser/password_check/android/internal/java/src/org/chromium/chrome/browser/password_check/PasswordCheckBridge.java

@@ -77,11 +77,12 @@ class PasswordCheckBridge {
         mPasswordCheckObserver.onPasswordCheckStatusChanged(state);
     }
 
+    @CalledByNative
     private static void insertCredential(CompromisedCredential[] credentials, int index,
-            String originUrl, String username, String password, boolean phished,
+            String displayOrigin, String displayUsername, String password, boolean phished,
             boolean hasScript) {
-        credentials[index] =
-                new CompromisedCredential(originUrl, username, password, phished, hasScript);
+        credentials[index] = new CompromisedCredential(
+                displayOrigin, displayUsername, password, phished, hasScript);
     }
 
     /**

chrome/browser/password_check/android/password_check_bridge.cc

@@ -6,7 +6,10 @@
 
 #include <jni.h>
 
+#include "base/android/jni_string.h"
 #include "chrome/browser/password_check/android/internal/jni_headers/PasswordCheckBridge_jni.h"
+#include "components/password_manager/core/browser/ui/compromised_credentials_manager.h"
+#include "url/android/gurl_android.h"
 
 static jlong JNI_PasswordCheckBridge_Create(
     JNIEnv* env,
@@ -38,8 +41,22 @@ jint PasswordCheckBridge::GetSavedPasswordsCount(JNIEnv* env) {
 
 void PasswordCheckBridge::GetCompromisedCredentials(
     JNIEnv* env,
-    const base::android::JavaParamRef<jobjectArray>& credentials) {
-  // TODO(crbug.com/1102025): implement this.
+    const base::android::JavaParamRef<jobjectArray>& java_credentials) {
+  std::vector<PasswordCheckManager::CompromisedCredentialForUI> credentials =
+      check_manager_.GetCompromisedCredentials();
+
+  for (size_t i = 0; i < credentials.size(); ++i) {
+    const auto& credential = credentials[i];
+    Java_PasswordCheckBridge_insertCredential(
+        env, java_credentials, i,
+        base::android::ConvertUTF16ToJavaString(env, credential.display_origin),
+        base::android::ConvertUTF16ToJavaString(env,
+                                                credential.display_username),
+        base::android::ConvertUTF16ToJavaString(env, credential.password),
+        (credential.compromise_type ==
+         password_manager::CompromiseTypeFlags::kCredentialPhished),
+        credential.has_script);
+  }
 }
 
 void PasswordCheckBridge::RemoveCredential(

chrome/browser/password_check/android/password_check_manager.cc

@@ -4,15 +4,54 @@
 
 #include "chrome/browser/password_check/android/password_check_manager.h"
 
+#include "base/strings/utf_string_conversions.h"
 #include "chrome/browser/password_check/android/password_check_bridge.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
+#include "chrome/grit/generated_resources.h"
+#include "components/autofill/core/common/password_form.h"
+#include "components/password_manager/core/browser/android_affiliation/affiliation_utils.h"
 #include "components/password_manager/core/browser/password_manager_client.h"
 #include "components/password_manager/core/browser/password_manager_util.h"
+#include "components/password_manager/core/browser/ui/compromised_credentials_manager.h"
+#include "components/strings/grit/components_strings.h"
 #include "components/sync/driver/profile_sync_service.h"
+#include "components/url_formatter/url_formatter.h"
+#include "ui/base/l10n/l10n_util.h"
 
+namespace {
+
+base::string16 GetDisplayUsername(const base::string16& username) {
+  return username.empty()
+             ? l10n_util::GetStringUTF16(IDS_PASSWORD_MANAGER_EMPTY_LOGIN)
+             : username;
+}
+
+}  // namespace
+
+using autofill::PasswordForm;
+
+using CredentialsView =
+    password_manager::CompromisedCredentialsManager::CredentialsView;
 using PasswordCheckUIStatus = password_manager::PasswordCheckUIStatus;
 using State = password_manager::BulkLeakCheckService::State;
 using SyncState = password_manager::SyncState;
+using CredentialWithPassword = password_manager::CredentialWithPassword;
+using CompromisedCredentialForUI =
+    PasswordCheckManager::CompromisedCredentialForUI;
+
+CompromisedCredentialForUI::CompromisedCredentialForUI(
+    const CredentialWithPassword& credential)
+    : CredentialWithPassword(credential) {}
+
+CompromisedCredentialForUI::CompromisedCredentialForUI(
+    const CompromisedCredentialForUI& other) = default;
+CompromisedCredentialForUI::CompromisedCredentialForUI(
+    CompromisedCredentialForUI&& other) = default;
+CompromisedCredentialForUI& CompromisedCredentialForUI::operator=(
+    const CompromisedCredentialForUI& other) = default;
+CompromisedCredentialForUI& CompromisedCredentialForUI::operator=(
+    CompromisedCredentialForUI&& other) = default;
+CompromisedCredentialForUI::~CompromisedCredentialForUI() = default;
 
 PasswordCheckManager::PasswordCheckManager(Profile* profile, Observer* observer)
     : observer_(observer), profile_(profile) {
@@ -55,6 +94,18 @@ int PasswordCheckManager::GetSavedPasswordsCount() const {
   return saved_passwords_presenter_.GetSavedPasswords().size();
 }
 
+std::vector<CompromisedCredentialForUI>
+PasswordCheckManager::GetCompromisedCredentials() const {
+  std::vector<CredentialWithPassword> credentials =
+      compromised_credentials_manager_.GetCompromisedCredentials();
+  std::vector<CompromisedCredentialForUI> ui_credentials;
+  ui_credentials.reserve(credentials.size());
+  for (const auto& credential : credentials) {
+    ui_credentials.push_back(MakeUICredential(credential));
+  }
+  return ui_credentials;
+}
+
 void PasswordCheckManager::OnSavedPasswordsChanged(
     password_manager::SavedPasswordsPresenter::SavedPasswordsView passwords) {
   if (!is_initialized_) {
@@ -90,6 +141,45 @@ void PasswordCheckManager::OnCredentialDone(
   // TODO(crbug.com/1102025): implement this.
 }
 
+CompromisedCredentialForUI PasswordCheckManager::MakeUICredential(
+    const CredentialWithPassword& credential) const {
+  CompromisedCredentialForUI ui_credential(credential);
+  auto facet = password_manager::FacetURI::FromPotentiallyInvalidSpec(
+      credential.signon_realm);
+
+  ui_credential.display_username = GetDisplayUsername(credential.username);
+  if (facet.IsValidAndroidFacetURI()) {
+    const PasswordForm& android_form =
+        compromised_credentials_manager_.GetSavedPasswordsFor(credential)[0];
+
+    ui_credential.is_android_credential = true;
+    ui_credential.package_name = facet.android_package_name();
+
+    if (android_form.app_display_name.empty()) {
+      // In case no affiliation information could be obtained show the
+      // formatted package name to the user.
+      ui_credential.display_origin = l10n_util::GetStringFUTF16(
+          IDS_SETTINGS_PASSWORDS_ANDROID_APP,
+          base::UTF8ToUTF16(facet.android_package_name()));
+    } else {
+      ui_credential.display_origin =
+          base::UTF8ToUTF16(android_form.app_display_name);
+    }
+  } else {
+    ui_credential.is_android_credential = false;
+    ui_credential.display_origin = url_formatter::FormatUrl(
+        credential.url.GetOrigin(),
+        url_formatter::kFormatUrlOmitDefaults |
+            url_formatter::kFormatUrlOmitHTTPS |
+            url_formatter::kFormatUrlOmitTrivialSubdomains |
+            url_formatter::kFormatUrlTrimAfterHost,
+        net::UnescapeRule::SPACES, nullptr, nullptr, nullptr);
+    ui_credential.change_password_url = ui_credential.url.GetOrigin().spec();
+  }
+
+  return ui_credential;
+}
+
 void PasswordCheckManager::OnBulkCheckServiceShutDown() {
   observed_bulk_leak_check_service_.Remove(
       BulkLeakCheckServiceFactory::GetForProfile(profile_));

chrome/browser/password_check/android/password_check_manager.h

@@ -30,6 +30,25 @@ class PasswordCheckManager
         password_manager::PasswordCheckUIStatus status) = 0;
   };
 
+  struct CompromisedCredentialForUI : password_manager::CredentialWithPassword {
+    explicit CompromisedCredentialForUI(
+        const password_manager::CredentialWithPassword& credential);
+
+    CompromisedCredentialForUI(const CompromisedCredentialForUI& other);
+    CompromisedCredentialForUI(CompromisedCredentialForUI&& other);
+    CompromisedCredentialForUI& operator=(
+        const CompromisedCredentialForUI& other);
+    CompromisedCredentialForUI& operator=(CompromisedCredentialForUI&& other);
+    ~CompromisedCredentialForUI();
+
+    base::string16 display_username;
+    base::string16 display_origin;
+    std::string package_name;
+    std::string change_password_url;
+    bool is_android_credential = false;
+    bool has_script = false;
+  };
+
   // `observer` must outlive `this`.
   PasswordCheckManager(Profile* profile, Observer* observer);
   ~PasswordCheckManager() override;
@@ -48,6 +67,9 @@ class PasswordCheckManager
   // If the saved passwords haven't been fetched yet, this will return 0.
   int GetSavedPasswordsCount() const;
 
+  // Called by java to retrieve the compromised credentials.
+  std::vector<CompromisedCredentialForUI> GetCompromisedCredentials() const;
+
   // Not copyable or movable
   PasswordCheckManager(const PasswordCheckManager&) = delete;
   PasswordCheckManager& operator=(const PasswordCheckManager&) = delete;
@@ -72,6 +94,12 @@ class PasswordCheckManager
                         password_manager::IsLeaked is_leaked) override;
   void OnBulkCheckServiceShutDown() override;
 
+  // Turns a `CredentialWithPassword` into a `CompromisedCredentialForUI`,
+  // getting suitable strings for all display elements (e.g. url, app name,
+  // app package, username, etc.).
+  CompromisedCredentialForUI MakeUICredential(
+      const password_manager::CredentialWithPassword& credential) const;
+
   // Converts the state retrieved from the check service into a state that
   // can be used by the UI to display appropriate messages.
   password_manager::PasswordCheckUIStatus GetUIStatus(

components/password_manager/core/browser/ui/compromised_credentials_manager.cc

@@ -162,7 +162,7 @@ CredentialView& CredentialView::operator=(CredentialView&& credential) =
 CredentialView::~CredentialView() = default;
 
 CredentialWithPassword::CredentialWithPassword(const CredentialView& credential)
-    : CredentialView(std::move(credential)) {}
+    : CredentialView(credential) {}
 CredentialWithPassword::~CredentialWithPassword() = default;
 CredentialWithPassword::CredentialWithPassword(
     const CredentialWithPassword& other) = default;