Fix in-session password change success detection for Ping IdP

In-session password change success detection mechanism is based on
IdP-dependent heuristics. Small differences are possible even within a
single IdP which may lead to improper detection of successful password
change and left it unsynced between a chromebook and IdP.

This CL extends success scenarios for Ping IdP. The problem was detected
in customer installation and verified with a test account.


Bug: 1056602
Change-Id: I6a83c7e3e9eb070cd1677afe181db395b4593420
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2078451Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org>
Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Commit-Queue: Maciek Slusarczyk <mslus@chromium.org>
Cr-Commit-Position: refs/heads/master@{#745084}

chrome/browser/resources/gaia_auth_host/password_change_authenticator.js

@@ -56,7 +56,8 @@ cr.define('cr.samlPasswordChange', function() {
     if (url.host.match(/\.okta\.com$/)) {
       return PasswordChangePageProvider.OKTA;
     }
-    if (url.pathname.match('/password/chg/')) {
+    if (url.pathname.match('/password/chg/') ||
+        url.pathname.match('/pwdchange/')) {
       return PasswordChangePageProvider.PING;
     }
     return PasswordChangePageProvider.UNKNOWN;
@@ -105,8 +106,9 @@ cr.define('cr.samlPasswordChange', function() {
     if (pageProvider == PasswordChangePageProvider.PING) {
       // The returnurl is always preserved until password change succeeds - then
       // it is no longer needed.
-      return !!postUrl.searchParams.get('returnurl') &&
-          !redirectUrl.searchParams.get('returnurl');
+      return (!!postUrl.searchParams.get('returnurl') &&
+              !redirectUrl.searchParams.get('returnurl')) ||
+          redirectUrl.pathname.endsWith('Success');
     }
 
     // We can't currently detect success for Okta just by inspecting the