Add Support for App Display Names to GetShownOriginAndLinkUrl

This change adds support for app display names to Password UI Utils.
This is useful for the more human friendly display of Android
credentials, as this will display the Play Store name of the App, if
available.

Bug: 628988, 617094, 679434
Change-Id: Ide7bc694805ce40cbbccf8e8496c32bcb677de25
Reviewed-on: https://chromium-review.googlesource.com/567936
Commit-Queue: Jan Wilken Dörrie <jdoerrie@chromium.org>
Reviewed-by: Steven Bennetts <stevenjb@chromium.org>
Reviewed-by: Hector Carmona <hcarmona@chromium.org>
Reviewed-by: Bernhard Bauer <bauerb@chromium.org>
Reviewed-by: Vaclav Brozek <vabr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486721}

chrome/browser/android/password_ui_view_android.cc

@@ -12,43 +12,17 @@
 #include "base/strings/string_piece.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
-#include "chrome/grit/generated_resources.h"
 #include "components/autofill/core/common/password_form.h"
 #include "components/browser_sync/profile_sync_service.h"
 #include "components/password_manager/core/browser/password_manager_constants.h"
 #include "components/password_manager/core/browser/password_ui_utils.h"
 #include "jni/PasswordUIView_jni.h"
-#include "ui/base/l10n/l10n_util.h"
 
 using base::android::ConvertUTF16ToJavaString;
 using base::android::ConvertUTF8ToJavaString;
 using base::android::JavaParamRef;
 using base::android::ScopedJavaLocalRef;
 
-namespace {
-
-// Returns the human readable version of the origin string displayed in
-// Chrome settings for |form|.
-std::string GetDisplayOriginForSettings(const autofill::PasswordForm& form) {
-  bool is_android_uri = false;
-  bool is_clickable = false;
-  GURL link_url;  // TODO(crbug.com/617094) Also display link_url.
-  std::string human_readable_origin =
-      password_manager::GetShownOriginAndLinkUrl(form, &is_android_uri,
-                                                 &link_url,
-                                                 &is_clickable);
-  if (!is_clickable) {
-    DCHECK(is_android_uri);
-    human_readable_origin = password_manager::StripAndroidAndReverse(
-        human_readable_origin);
-    human_readable_origin = human_readable_origin +
-        l10n_util::GetStringUTF8(IDS_PASSWORDS_ANDROID_URI_SUFFIX);
-  }
-  return human_readable_origin;
-}
-
-}  // namespace
-
 PasswordUIViewAndroid::PasswordUIViewAndroid(JNIEnv* env, jobject obj)
     : password_manager_presenter_(this), weak_java_ui_controller_(env, obj) {}
 
@@ -108,9 +82,10 @@ ScopedJavaLocalRef<jobject> PasswordUIViewAndroid::GetSavedPasswordEntry(
         ConvertUTF16ToJavaString(env, base::string16()),
         ConvertUTF16ToJavaString(env, base::string16()));
   }
-  std::string human_readable_origin = GetDisplayOriginForSettings(*form);
   return Java_PasswordUIView_createSavedPasswordEntry(
-      env, ConvertUTF8ToJavaString(env, human_readable_origin),
+      env,
+      ConvertUTF8ToJavaString(
+          env, password_manager::GetShownOriginAndLinkUrl(*form).first),
       ConvertUTF16ToJavaString(env, form->username_value),
       ConvertUTF16ToJavaString(env, form->password_value));
 }
@@ -123,8 +98,8 @@ ScopedJavaLocalRef<jstring> PasswordUIViewAndroid::GetSavedPasswordException(
       password_manager_presenter_.GetPasswordException(index);
   if (!form)
     return ConvertUTF8ToJavaString(env, std::string());
-  std::string human_readable_origin = GetDisplayOriginForSettings(*form);
-  return ConvertUTF8ToJavaString(env, human_readable_origin);
+  return ConvertUTF8ToJavaString(
+      env, password_manager::GetShownOriginAndLinkUrl(*form).first);
 }
 
 void PasswordUIViewAndroid::HandleRemoveSavedPasswordEntry(

chrome/browser/android/password_ui_view_android.h

@@ -7,6 +7,8 @@
 
 #include <stddef.h>
 
+#include <memory>
+#include <string>
 #include <vector>
 
 #include "base/android/jni_weak_ref.h"

chrome/browser/extensions/api/passwords_private/passwords_private_utils.cc

@@ -4,59 +4,22 @@
 
 #include "chrome/browser/extensions/api/passwords_private/passwords_private_utils.h"
 
-#include "base/strings/string_util.h"
-#include "chrome/grit/generated_resources.h"
+#include <tuple>
+
 #include "components/autofill/core/common/password_form.h"
 #include "components/password_manager/core/browser/password_ui_utils.h"
-#include "ui/base/l10n/l10n_util.h"
-
-namespace {
-
-constexpr char kAndroidAppScheme[] = "android://";
-constexpr char kPlayStoreAppPrefix[] =
-    "https://play.google.com/store/apps/details?id=";
-
-}  // namespace
+#include "url/gurl.h"
 
 namespace extensions {
 
 api::passwords_private::UrlCollection CreateUrlCollectionFromForm(
     const autofill::PasswordForm& form) {
-  bool is_android_uri = false;
-  GURL link_url;
-  bool origin_is_clickable = false;
   api::passwords_private::UrlCollection urls;
-
+  GURL link_url;
+  std::tie(urls.shown, link_url) =
+      password_manager::GetShownOriginAndLinkUrl(form);
   urls.origin = form.signon_realm;
-  urls.shown = password_manager::GetShownOriginAndLinkUrl(
-      form, &is_android_uri, &link_url, &origin_is_clickable);
   urls.link = link_url.spec();
-
-  if (is_android_uri) {
-    if (!origin_is_clickable) {
-      // If the origin is not clickable, link to the PlayStore. Use that
-      // |urls.shown| is the result of |GetHumanReadableOriginForAndroidUri| and
-      // does not contain the base64 hash anymore.
-      urls.link = urls.shown;
-      // e.g. android://com.example.r => r.example.com.
-      urls.shown = password_manager::StripAndroidAndReverse(urls.shown);
-      // Turn human unfriendly string into a clickable link to the PlayStore.
-      base::ReplaceFirstSubstringAfterOffset(&urls.link, 0, kAndroidAppScheme,
-                                             kPlayStoreAppPrefix);
-    }
-
-    // Currently we use "direction=rtl" in CSS to elide long origins from the
-    // left. This does not play nice with appending strings that end in
-    // punctuation symbols, which is why the bidirectional override tag is
-    // necessary.
-    // TODO(crbug.com/679434): Clean this up.
-    // Reference:
-    // https://www.w3.org/International/questions/qa-bidi-unicode-controls
-    urls.shown += "\u202D" +  // equivalent to <bdo dir = "ltr">
-                  l10n_util::GetStringUTF8(IDS_PASSWORDS_ANDROID_URI_SUFFIX) +
-                  "\u202C";  // equivalent to </bdo>
-  }
-
   return urls;
 }
 

chrome/browser/extensions/api/passwords_private/passwords_private_utils.h

@@ -15,9 +15,7 @@ namespace extensions {
 
 // Obtains a collection of URLs from the passed in form. This includes an origin
 // URL used for internal logic, a human friendly string shown to the user as
-// well as a URL that is linked to. In case the passed in form is an Android
-// credential, the link URL is an affiliated website if possible, otherwise it
-// links to the PlayStore.
+// well as a URL that is linked to.
 api::passwords_private::UrlCollection CreateUrlCollectionFromForm(
     const autofill::PasswordForm& form);
 }

chrome/browser/extensions/api/passwords_private/passwords_private_utils_unittest.cc

@@ -4,12 +4,9 @@
 
 #include "chrome/browser/extensions/api/passwords_private/passwords_private_utils.h"
 
-#include "base/strings/utf_string_conversions.h"
-#include "chrome/grit/generated_resources.h"
 #include "components/autofill/core/common/password_form.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
-#include "ui/base/l10n/l10n_util.h"
 #include "url/gurl.h"
 
 namespace extensions {
@@ -39,33 +36,30 @@ TEST(CreateUrlCollectionFromFormTest, UrlsFromFederatedForm) {
   EXPECT_EQ(federated_urls.link, "https://example.com/");
 }
 
-TEST(CreateUrlCollectionFromFormTest, UrlsFromAndroidFormWithoutAffiliation) {
+TEST(CreateUrlCollectionFromFormTest, UrlsFromAndroidFormWithoutDisplayName) {
   autofill::PasswordForm android_form;
-  android_form.signon_realm = "android://example_hash@com.example.android";
+  android_form.signon_realm = "android://example@com.example.android";
+  android_form.app_display_name.clear();
 
   api::passwords_private::UrlCollection android_urls =
       CreateUrlCollectionFromForm(android_form);
-  EXPECT_EQ(android_urls.origin, "android://example_hash@com.example.android");
-  EXPECT_THAT(android_urls.shown, testing::StartsWith("android.example.com"));
-  EXPECT_THAT(android_urls.shown, testing::HasSubstr(l10n_util::GetStringUTF8(
-                                      IDS_PASSWORDS_ANDROID_URI_SUFFIX)));
-  EXPECT_EQ(
-      android_urls.link,
-      "https://play.google.com/store/apps/details?id=com.example.android");
+  EXPECT_EQ("android://example@com.example.android", android_urls.origin);
+  EXPECT_EQ("android.example.com", android_urls.shown);
+  EXPECT_EQ("https://play.google.com/store/apps/details?id=com.example.android",
+            android_urls.link);
 }
 
-TEST(CreateUrlCollectionFromFormTest, UrlsFromAndroidFormWithAffiliation) {
+TEST(CreateUrlCollectionFromFormTest, UrlsFromAndroidFormWithAppName) {
   autofill::PasswordForm android_form;
-  android_form.affiliated_web_realm = "https://example.com";
-  android_form.signon_realm = "android://example_hash@com.example.android";
+  android_form.signon_realm = "android://hash@com.example.android";
+  android_form.app_display_name = "Example Android App";
 
   api::passwords_private::UrlCollection android_urls =
       CreateUrlCollectionFromForm(android_form);
-  EXPECT_EQ(android_urls.origin, "android://example_hash@com.example.android");
-  EXPECT_THAT(android_urls.shown, testing::StartsWith("example.com"));
-  EXPECT_THAT(android_urls.shown, testing::HasSubstr(l10n_util::GetStringUTF8(
-                                      IDS_PASSWORDS_ANDROID_URI_SUFFIX)));
-  EXPECT_EQ(android_urls.link, "https://example.com/");
+  EXPECT_EQ(android_urls.origin, "android://hash@com.example.android");
+  EXPECT_EQ("Example Android App", android_urls.shown);
+  EXPECT_EQ("https://play.google.com/store/apps/details?id=com.example.android",
+            android_urls.link);
 }
 
 }  // namespace extensions

chrome/browser/ui/passwords/password_manager_presenter.cc

@@ -5,6 +5,7 @@
 #include "chrome/browser/ui/passwords/password_manager_presenter.h"
 
 #include <algorithm>
+#include <tuple>
 #include <utility>
 
 #include "base/bind.h"
@@ -41,6 +42,7 @@
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/web_contents.h"
 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
+#include "url/gurl.h"
 
 #if defined(OS_WIN)
 #include "chrome/browser/password_manager/password_manager_util_win.h"
@@ -64,39 +66,46 @@ const char kSortKeyPartsSeparator = ' ';
 // this character should be alphabetically smaller than real federations.
 const char kSortKeyNoFederationSymbol = '-';
 
-// Helper function that returns the type of the entry (non-Android credentials,
-// Android w/ affiliated web realm (i.e. clickable) or w/o web realm).
-std::string GetEntryTypeCode(bool is_android_uri, bool is_clickable) {
-  if (!is_android_uri)
-    return "0";
-  if (is_clickable)
-    return "1";
-  return "2";
-}
-
 // Creates key for sorting password or password exception entries. The key is
 // eTLD+1 followed by the reversed list of domains (e.g.
 // secure.accounts.example.com => example.com.com.example.accounts.secure) and
 // the scheme. If |entry_type == SAVED|, username, password and federation are
-// appended to the key. The entry type code (non-Android, Android w/ or w/o
-// affiliated web realm) is also appended to the key.
+// appended to the key. For Android credentials the canocial spec is included.
 std::string CreateSortKey(const autofill::PasswordForm& form,
                           PasswordEntryType entry_type) {
-  bool is_android_uri = false;
-  bool is_clickable = false;
+  std::string shown_origin;
   GURL link_url;
-  std::string origin = password_manager::GetShownOriginAndLinkUrl(
-      form, &is_android_uri, &link_url, &is_clickable);
-
-  if (!is_clickable)  // e.g. android://com.example.r => r.example.com.
-    origin = password_manager::StripAndroidAndReverse(origin);
+  std::tie(shown_origin, link_url) =
+      password_manager::GetShownOriginAndLinkUrl(form);
+
+  const auto facet_uri =
+      password_manager::FacetURI::FromPotentiallyInvalidSpec(form.signon_realm);
+  const bool is_android_uri = facet_uri.IsValidAndroidFacetURI();
+
+  if (is_android_uri) {
+    // In case of Android credentials |GetShownOriginAndLinkURl| might return
+    // the app display name, e.g. the Play Store name of the given application.
+    // This might or might not correspond to the eTLD+1, which is why
+    // |shown_origin| is set to the reversed android package name in this case,
+    // e.g. com.example.android => android.example.com.
+    shown_origin = password_manager::SplitByDotAndReverse(
+        facet_uri.android_package_name());
+  }
 
   std::string site_name =
       net::registry_controlled_domains::GetDomainAndRegistry(
-          origin, net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
+          shown_origin,
+          net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
   if (site_name.empty())  // e.g. localhost.
-    site_name = origin;
-  std::string key = site_name + password_manager::SplitByDotAndReverse(origin);
+    site_name = shown_origin;
+
+  std::string key = site_name + kSortKeyPartsSeparator;
+
+  // Since multiple distinct credentials might have the same site name, more
+  // information is added. For Android credentials this includes the full
+  // canonical spec which is guaranteed to be unique for a given App.
+  key += is_android_uri ? facet_uri.canonical_spec()
+                        : password_manager::SplitByDotAndReverse(shown_origin);
 
   if (entry_type == PasswordEntryType::SAVED) {
     key += kSortKeyPartsSeparator + base::UTF16ToUTF8(form.username_value) +
@@ -110,13 +119,7 @@ std::string CreateSortKey(const autofill::PasswordForm& form,
   }
 
   // To separate HTTP/HTTPS credentials, add the scheme to the key.
-  key += kSortKeyPartsSeparator + link_url.scheme();
-
-  // Since Android and non-Android entries shouldn't be merged into one entry,
-  // add the entry type code to the sort key.
-  key +=
-      kSortKeyPartsSeparator + GetEntryTypeCode(is_android_uri, is_clickable);
-  return key;
+  return key += kSortKeyPartsSeparator + link_url.scheme();
 }
 
 // Finds duplicates of |form| in |duplicates|, removes them from |store| and

chrome/browser/ui/passwords/password_manager_presenter_unittest.cc

@@ -29,7 +29,7 @@ struct SortEntry {
   const char* const origin;
   const char* const username;
   const char* const password;
-  const char* const affiliated_web_realm;
+  const char* const app_display_name;
   const char* const federation;
   const int expected_position;
 };
@@ -144,8 +144,8 @@ void PasswordManagerPresenterTest::SortAndCheckPositions(
       if (entry.federation != nullptr)
         form->federation_origin = url::Origin(GURL(entry.federation));
     }
-    if (entry.affiliated_web_realm)
-      form->affiliated_web_realm = entry.affiliated_web_realm;
+    if (entry.app_display_name)
+      form->app_display_name = entry.app_display_name;
     list.push_back(std::move(form));
     if (entry.expected_position >= 0)
       expected_number_of_unique_entries++;
@@ -303,16 +303,21 @@ TEST_F(PasswordManagerPresenterTest, Sorting_PasswordExceptions) {
 
 TEST_F(PasswordManagerPresenterTest, Sorting_AndroidCredentials) {
   const SortEntry test_cases[] = {
-      {"https://alpha.com", "user", "secret", nullptr, nullptr, 1},
-      {"android://hash@com.alpha", "user", "secret", "https://alpha.com",
-       nullptr, 0},
-      {"android://hash@com.alpha", "user", "secret", "https://alpha.com",
+      // Regular Web Credential.
+      {"https://alpha.example.com", "user", "secret", nullptr, nullptr, 3},
+      // First Android Credential.
+      {"android://hash@com.example.alpha", "user", "secret", nullptr, nullptr,
+       0},
+      // App display name is irrelevant, this should be hidden as a duplicate
+      // of the first one.
+      {"android://hash@com.example.alpha", "user", "secret", "Example App",
        nullptr, -1},
-      {"android://hash@com.alpha", "user", "secret", nullptr, nullptr, 2},
-      {"android://hash@com.betta.android", "user", "secret",
-       "https://betta.com", nullptr, 3},
-      {"android://hash@com.betta.android", "user", "secret", nullptr, nullptr,
-       4}};
+      // Apps with different package names are distinct.
+      {"android://hash@com.example.beta", "user", "secret", nullptr, nullptr,
+       1},
+      // Apps with same package name but different hashes are distinct.
+      {"android://hash_different@com.example.alpha", "user", "secret", nullptr,
+       nullptr, 2}};
   SortAndCheckPositions(test_cases, arraysize(test_cases),
                         PasswordEntryType::SAVED);
 }

chrome/browser/ui/webui/options/password_manager_handler.cc

@@ -5,6 +5,7 @@
 #include "chrome/browser/ui/webui/options/password_manager_handler.h"
 
 #include <memory>
+#include <tuple>
 #include <utility>
 
 #include "base/bind.h"
@@ -29,6 +30,7 @@
 #include "chrome/grit/generated_resources.h"
 #include "components/autofill/core/common/password_form.h"
 #include "components/browser_sync/profile_sync_service.h"
+#include "components/password_manager/core/browser/android_affiliation/affiliation_utils.h"
 #include "components/password_manager/core/browser/export/password_exporter.h"
 #include "components/password_manager/core/browser/password_bubble_experiment.h"
 #include "components/password_manager/core/browser/password_manager_constants.h"
@@ -46,6 +48,7 @@
 #include "content/public/browser/web_ui.h"
 #include "content/public/common/origin_util.h"
 #include "ui/base/l10n/l10n_util.h"
+#include "url/gurl.h"
 
 namespace options {
 
@@ -65,20 +68,20 @@ const char kFederationField[] = "federation";
 // Android URI, and whether the origin is secure.
 void CopyOriginInfoOfPasswordForm(const autofill::PasswordForm& form,
                                   base::DictionaryValue* entry) {
-  bool is_android_uri = false;
-  bool origin_is_clickable = false;
+  std::string shown_origin;
   GURL link_url;
-  entry->SetString(
-      kShownOriginField,
-      password_manager::GetShownOriginAndLinkUrl(
-          form, &is_android_uri, &link_url, &origin_is_clickable));
+  std::tie(shown_origin, link_url) =
+      password_manager::GetShownOriginAndLinkUrl(form);
+  entry->SetString(kShownOriginField, shown_origin);
   DCHECK(link_url.is_valid());
-  entry->SetString(
-      kUrlField, url_formatter::FormatUrl(
-                     link_url, url_formatter::kFormatUrlOmitNothing,
-                     net::UnescapeRule::SPACES, nullptr, nullptr, nullptr));
-  entry->SetBoolean(kIsAndroidUriField, is_android_uri);
-  entry->SetBoolean(kIsClickable, origin_is_clickable);
+  entry->SetString(kUrlField,
+                   url_formatter::FormatUrl(
+                       link_url, url_formatter::kFormatUrlOmitNothing,
+                       net::UnescapeRule::SPACES, nullptr, nullptr, nullptr));
+  entry->SetBoolean(
+      kIsAndroidUriField,
+      password_manager::IsValidAndroidFacetURI(form.signon_realm));
+  entry->SetBoolean(kIsClickable, true);
   entry->SetBoolean(kIsSecureField, content::IsOriginSecure(link_url));
 }
 

components/password_manager/core/browser/password_ui_utils.cc

@@ -6,6 +6,7 @@
 
 #include <algorithm>
 #include <string>
+#include <vector>
 
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
@@ -21,6 +22,9 @@ namespace {
 // The URL prefixes that are removed from shown origin.
 const char* const kRemovedPrefixes[] = {"m.", "mobile.", "www."};
 
+constexpr char kPlayStoreAppPrefix[] =
+    "https://play.google.com/store/apps/details?id=";
+
 }  // namespace
 
 std::string SplitByDotAndReverse(base::StringPiece host) {
@@ -30,41 +34,24 @@ std::string SplitByDotAndReverse(base::StringPiece host) {
   return base::JoinString(parts, ".");
 }
 
-std::string StripAndroidAndReverse(const std::string& origin) {
-  const int kAndroidAppSchemeAndDelimiterLength = sizeof("android://") - 1;
-  return SplitByDotAndReverse(
-      base::StringPiece(&origin[kAndroidAppSchemeAndDelimiterLength],
-                        origin.length() - kAndroidAppSchemeAndDelimiterLength));
-}
-
-std::string GetShownOriginAndLinkUrl(
-    const autofill::PasswordForm& password_form,
-    bool* is_android_uri,
-    GURL* link_url,
-    bool* origin_is_clickable) {
-  DCHECK(is_android_uri);
-  DCHECK(origin_is_clickable);
-  DCHECK(link_url);
+std::pair<std::string, GURL> GetShownOriginAndLinkUrl(
+    const autofill::PasswordForm& password_form) {
+  std::string shown_origin;
+  GURL link_url;
 
-  password_manager::FacetURI facet_uri =
-      password_manager::FacetURI::FromPotentiallyInvalidSpec(
-          password_form.signon_realm);
-  *is_android_uri = facet_uri.IsValidAndroidFacetURI();
-  if (*is_android_uri) {
-    if (password_form.affiliated_web_realm.empty()) {
-      *origin_is_clickable = false;
-      // Since the full url should be shown in the tooltip even for
-      // non-clickable origins, return it as |link_url|.
-      *link_url = GURL(password_form.signon_realm);
-      return GetHumanReadableOriginForAndroidUri(facet_uri);
-    }
-    *origin_is_clickable = true;
-    *link_url = GURL(password_form.affiliated_web_realm);
-    return GetShownOrigin(*link_url);
+  FacetURI facet_uri =
+      FacetURI::FromPotentiallyInvalidSpec(password_form.signon_realm);
+  if (facet_uri.IsValidAndroidFacetURI()) {
+    shown_origin = password_form.app_display_name.empty()
+                       ? SplitByDotAndReverse(facet_uri.android_package_name())
+                       : password_form.app_display_name;
+    link_url = GURL(kPlayStoreAppPrefix + facet_uri.android_package_name());
+  } else {
+    shown_origin = GetShownOrigin(password_form.origin);
+    link_url = password_form.origin;
   }
-  *origin_is_clickable = true;
-  *link_url = password_form.origin;
-  return GetShownOrigin(password_form.origin);
+
+  return {std::move(shown_origin), std::move(link_url)};
 }
 
 std::string GetShownOrigin(const GURL& origin) {

components/password_manager/core/browser/password_ui_utils.h

@@ -8,6 +8,7 @@
 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_UI_UTILS_H_
 
 #include <string>
+#include <utility>
 
 #include "base/strings/string_piece.h"
 
@@ -22,25 +23,18 @@ namespace password_manager {
 // Reverses order of labels in hostname.
 std::string SplitByDotAndReverse(base::StringPiece host);
 
-// Removes 'android://' and reverses order of labels in hostname.
-std::string StripAndroidAndReverse(const std::string& origin);
-
-// Returns a string suitable for security display to the user (just like
-// |FormatUrlForSecurityDisplay| with OMIT_HTTP_AND_HTTPS) based on origin of
-// |password_form| and without prefixes "m.", "mobile." or "www.". Also
-// returns the full URL of the origin as |link_url|. |link_url| will be also
-// shown as tooltip on the password page.
-// For Android forms with empty |password_form.affiliated_web_realm|,
-// returns the result of GetHumanReadableOriginForAndroidUri. For other Android
-// forms, returns |password_form.affiliated_web_realm|.
-// |*origin_is_clickable| is set to true, except for Android forms with empty
-// |password_form.affiliated_web_realm|.
-// |is_android_url|, |link_url|, |origin_is_clickable| are required to non-null.
-std::string GetShownOriginAndLinkUrl(
-    const autofill::PasswordForm& password_form,
-    bool* is_android_uri,
-    GURL* link_url,
-    bool* origin_is_clickable);
+// Returns a human readable origin and a link URL for the provided
+// |password_form|.
+//
+// For Web credentials the returned origin is suitable for security display and
+// is stripped off common prefixes like "m.", "mobile." or "www.". Furthermore
+// the link URL is set to the full origin of the original form.
+//
+//  For Android credentials the returned origin is set to the Play Store name
+//  if available, otherwise it is the reversed package name (e.g.
+//  com.example.android gets transformed to android.example.com).
+std::pair<std::string, GURL> GetShownOriginAndLinkUrl(
+    const autofill::PasswordForm& password_form);
 
 // Returns a string suitable for security display to the user (just like
 // |FormatUrlForSecurityDisplay| with OMIT_HTTP_AND_HTTPS) based on origin of

components/password_manager/core/browser/password_ui_utils_unittest.cc

@@ -2,10 +2,13 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "components/autofill/core/common/password_form.h"
 #include "components/password_manager/core/browser/password_ui_utils.h"
 
+#include <tuple>
+
+#include "components/autofill/core/common/password_form.h"
 #include "testing/gtest/include/gtest/gtest.h"
+#include "url/gurl.h"
 
 namespace password_manager {
 
@@ -37,44 +40,32 @@ TEST(GetShownOriginTest, RemovePrefixes) {
   }
 }
 
-TEST(GetShownOriginAndLinkUrlTest, OriginFromAndroidForm_NoAffiliatedRealm) {
+TEST(GetShownOriginAndLinkUrlTest, OriginFromAndroidForm_NoAppDisplayName) {
   autofill::PasswordForm android_form;
-  android_form.signon_realm =
-      "android://"
-      "m3HSJL1i83hdltRq0-o9czGb-8KJDKra4t_"
-      "3JRlnPKcjI8PZm6XBHXx6zG4UuMXaDEZjR1wuXDre9G9zvN7AQw=="
-      "@com.example.android";
-  android_form.affiliated_web_realm = std::string();
-
-  bool is_android_uri;
+  android_form.signon_realm = "android://hash@com.example.android";
+  android_form.app_display_name.clear();
+
+  std::string shown_origin;
   GURL link_url;
-  bool origin_is_clickable;
-  EXPECT_EQ("android://com.example.android",
-            GetShownOriginAndLinkUrl(android_form, &is_android_uri, &link_url,
-                                     &origin_is_clickable));
-  EXPECT_TRUE(is_android_uri);
-  EXPECT_FALSE(origin_is_clickable);
-  EXPECT_EQ(GURL(android_form.signon_realm), link_url);
+  std::tie(shown_origin, link_url) = GetShownOriginAndLinkUrl(android_form);
+
+  EXPECT_EQ("android.example.com", shown_origin);
+  EXPECT_EQ("https://play.google.com/store/apps/details?id=com.example.android",
+            link_url.spec());
 }
 
-TEST(GetShownOriginAndLinkUrlTest, OriginFromAndroidForm_WithAffiliatedRealm) {
+TEST(GetShownOriginAndLinkUrlTest, OriginFromAndroidForm_WithAppDisplayName) {
   autofill::PasswordForm android_form;
-  android_form.signon_realm =
-      "android://"
-      "m3HSJL1i83hdltRq0-o9czGb-8KJDKra4t_"
-      "3JRlnPKcjI8PZm6XBHXx6zG4UuMXaDEZjR1wuXDre9G9zvN7AQw=="
-      "@com.example.android";
-  android_form.affiliated_web_realm = "https://example.com/";
-
-  bool is_android_uri;
+  android_form.signon_realm = "android://hash@com.example.android";
+  android_form.app_display_name = "Example Android App";
+
+  std::string shown_origin;
   GURL link_url;
-  bool origin_is_clickable;
-  EXPECT_EQ("example.com",
-            GetShownOriginAndLinkUrl(android_form, &is_android_uri, &link_url,
-                                     &origin_is_clickable));
-  EXPECT_TRUE(is_android_uri);
-  EXPECT_TRUE(origin_is_clickable);
-  EXPECT_EQ(GURL(android_form.affiliated_web_realm), link_url);
+  std::tie(shown_origin, link_url) = GetShownOriginAndLinkUrl(android_form);
+
+  EXPECT_EQ("Example Android App", shown_origin);
+  EXPECT_EQ("https://play.google.com/store/apps/details?id=com.example.android",
+            link_url.spec());
 }
 
 TEST(GetShownOriginAndLinkUrlTest, OriginFromNonAndroidForm) {
@@ -82,15 +73,12 @@ TEST(GetShownOriginAndLinkUrlTest, OriginFromNonAndroidForm) {
   form.signon_realm = "https://example.com/";
   form.origin = GURL("https://example.com/login?ref=1");
 
-  bool is_android_uri;
+  std::string shown_origin;
   GURL link_url;
-  bool origin_is_clickable;
-  EXPECT_EQ("example.com",
-            GetShownOriginAndLinkUrl(form, &is_android_uri, &link_url,
-                                     &origin_is_clickable));
-  EXPECT_FALSE(is_android_uri);
-  EXPECT_TRUE(origin_is_clickable);
-  EXPECT_EQ(form.origin, link_url);
+  std::tie(shown_origin, link_url) = GetShownOriginAndLinkUrl(form);
+
+  EXPECT_EQ("example.com", shown_origin);
+  EXPECT_EQ(GURL("https://example.com/login?ref=1"), link_url);
 }
 
 TEST(SplitByDotAndReverseTest, ReversedHostname) {