[iOS] Using Affiliation Service for Change Password URLs

This change enables use of Affiliation Service to obtain Change Password URLs on iOS. Bug: 1108279 Change-Id: I48ce4fd4bd6e9da74166309e2ee737b50fb8aa86 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2566753 Commit-Queue: Viktor Semeniuk <vsemeniuk@google.com> Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org> Cr-Commit-Position: refs/heads/master@{#841021}

[iOS] Using Affiliation Service for Change Password URLs
This change enables use of Affiliation Service to obtain Change Password URLs on iOS. Bug: 1108279 Change-Id: I48ce4fd4bd6e9da74166309e2ee737b50fb8aa86 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2566753 Commit-Queue: Viktor Semeniuk <vsemeniuk@google.com> Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org> Cr-Commit-Position: refs/heads/master@{#841021}
c81f627f · Viktor Semeniuk · Chromium LUCI CQ · 04341206 · c81f627f · c81f627f
Commit c81f627f authored Jan 07, 2021 by Viktor Semeniuk Committed by Chromium LUCI CQ Jan 07, 2021
6 changed files
--- a/ios/chrome/browser/passwords/BUILD.gn
+++ b/ios/chrome/browser/passwords/BUILD.gn
@@ -9,6 +9,8 @@ source_set("passwords") {
  sources = [
    "credentials_cleaner_runner_factory.cc",
    "credentials_cleaner_runner_factory.h",
+    "ios_chrome_affiliation_service_factory.cc",
+    "ios_chrome_affiliation_service_factory.h",
    "ios_chrome_bulk_leak_check_service_factory.cc",
    "ios_chrome_bulk_leak_check_service_factory.h",
    "ios_chrome_change_password_url_service_factory.cc",

--- a/ios/chrome/browser/passwords/ios_chrome_affiliation_service_factory.cc
+++ b/ios/chrome/browser/passwords/ios_chrome_affiliation_service_factory.cc
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#include "ios/chrome/browser/passwords/ios_chrome_affiliation_service_factory.h"
+#include <memory>
+#include <utility>
+#include "components/keyed_service/ios/browser_state_dependency_manager.h"
+#include "components/keyed_service/ios/browser_state_keyed_service_factory.h"
+#include "components/password_manager/core/browser/site_affiliation/affiliation_service_impl.h"
+#include "ios/chrome/browser/browser_state/browser_state_otr_helper.h"
+#include "ios/chrome/browser/browser_state/chrome_browser_state.h"
+#include "ios/chrome/browser/sync/profile_sync_service_factory.h"
+#include "services/network/public/cpp/shared_url_loader_factory.h"
+// static
+IOSChromeAffiliationServiceFactory*
+IOSChromeAffiliationServiceFactory::GetInstance() {
+  static base::NoDestructor<IOSChromeAffiliationServiceFactory> instance;
+  return instance.get();
+}
+// static
+password_manager::AffiliationService*
+IOSChromeAffiliationServiceFactory::GetForBrowserState(
+    web::BrowserState* browser_state) {
+  return static_cast<password_manager::AffiliationService*>(
+      GetInstance()->GetServiceForBrowserState(browser_state, true));
+}
+IOSChromeAffiliationServiceFactory::IOSChromeAffiliationServiceFactory()
+    : BrowserStateKeyedServiceFactory(
+          "AffiliationService",
+          BrowserStateDependencyManager::GetInstance()) {
+  DependsOn(ProfileSyncServiceFactory::GetInstance());
+}
+IOSChromeAffiliationServiceFactory::~IOSChromeAffiliationServiceFactory() =
+    default;
+std::unique_ptr<KeyedService>
+IOSChromeAffiliationServiceFactory::BuildServiceInstanceFor(
+    web::BrowserState* context) const {
+  ChromeBrowserState* browser_state =
+      ChromeBrowserState::FromBrowserState(context);
+  syncer::SyncService* sync_service =
+      ProfileSyncServiceFactory::GetForBrowserState(browser_state);
+  return std::make_unique<password_manager::AffiliationServiceImpl>(
+      sync_service, context->GetSharedURLLoaderFactory());
+}
--- a/ios/chrome/browser/passwords/ios_chrome_affiliation_service_factory.h
+++ b/ios/chrome/browser/passwords/ios_chrome_affiliation_service_factory.h
+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#ifndef IOS_CHROME_BROWSER_PASSWORDS_IOS_CHROME_AFFILIATION_SERVICE_FACTORY_H_
+#define IOS_CHROME_BROWSER_PASSWORDS_IOS_CHROME_AFFILIATION_SERVICE_FACTORY_H_
+#include "base/macros.h"
+#include "base/no_destructor.h"
+#include "components/keyed_service/ios/browser_state_keyed_service_factory.h"
+#include "ios/chrome/browser/browser_state/browser_state_otr_helper.h"
+namespace password_manager {
+class AffiliationService;
+}
+class IOSChromeAffiliationServiceFactory
+    : public BrowserStateKeyedServiceFactory {
+ public:
+  static IOSChromeAffiliationServiceFactory* GetInstance();
+  static password_manager::AffiliationService* GetForBrowserState(
+      web::BrowserState* browser_state);
+ private:
+  friend class base::NoDestructor<IOSChromeAffiliationServiceFactory>;
+  IOSChromeAffiliationServiceFactory();
+  ~IOSChromeAffiliationServiceFactory() override;
+  std::unique_ptr<KeyedService> BuildServiceInstanceFor(
+      web::BrowserState* context) const override;
+};
+#endif  // IOS_CHROME_BROWSER_PASSWORDS_IOS_CHROME_AFFILIATION_SERVICE_FACTORY_H_
--- a/ios/chrome/browser/passwords/well_known_change_password_tab_helper.h
+++ b/ios/chrome/browser/passwords/well_known_change_password_tab_helper.h
@@ -13,6 +13,8 @@
 namespace password_manager {
+class AffiliationService;
 // This TabHelper checks whether a site supports the .well-known/change-password
 // url. To check whether a site supports the change-password url the TabHelper
 // also request a .well-known path that is defined to return a 404. When that
@@ -81,7 +83,8 @@ class WellKnownChangePasswordTabHelper
  web::WebStatePolicyDecider::PolicyDecisionCallback response_policy_callback_;
  password_manager::WellKnownChangePasswordState
      well_known_change_password_state_{this};
-  ChangePasswordUrlService* change_password_url_service_;
+  ChangePasswordUrlService* change_password_url_service_ = nullptr;
+  password_manager::AffiliationService* affiliation_service_ = nullptr;
  WEB_STATE_USER_DATA_KEY_DECL();
 };

--- a/ios/chrome/browser/passwords/well_known_change_password_tab_helper.mm
+++ b/ios/chrome/browser/passwords/well_known_change_password_tab_helper.mm
@@ -7,8 +7,11 @@
 #import <Foundation/Foundation.h>
 #include "base/logging.h"
+#include "components/password_manager/core/browser/site_affiliation/affiliation_service.h"
+#include "components/password_manager/core/common/password_manager_features.h"
 #import "components/ukm/ios/ukm_url_recorder.h"
 #include "ios/chrome/browser/browser_state/chrome_browser_state.h"
+#include "ios/chrome/browser/passwords/ios_chrome_affiliation_service_factory.h"
 #include "ios/chrome/browser/passwords/ios_chrome_change_password_url_service_factory.h"
 #import "ios/web/public/navigation/navigation_context.h"
 #import "net/base/mac/url_conversions.h"
@@ -25,11 +28,17 @@ using password_manager::WellKnownChangePasswordTabHelper;
 WellKnownChangePasswordTabHelper::WellKnownChangePasswordTabHelper(
    web::WebState* web_state)
-    : web::WebStatePolicyDecider(web_state),
+    : web::WebStatePolicyDecider(web_state), web_state_(web_state) {
-      web_state_(web_state),
+  if (base::FeatureList::IsEnabled(
-      change_password_url_service_(
+          password_manager::features::kChangePasswordAffiliationInfo)) {
-          IOSChromeChangePasswordUrlServiceFactory::GetForBrowserState(
+    affiliation_service_ =
-              web_state->GetBrowserState())) {
+        IOSChromeAffiliationServiceFactory::GetForBrowserState(
+            web_state->GetBrowserState());
+  } else {
+    change_password_url_service_ =
+        IOSChromeChangePasswordUrlServiceFactory::GetForBrowserState(
+            web_state->GetBrowserState());
+  }
  web_state->AddObserver(this);
 }
@@ -62,7 +71,16 @@ WellKnownChangePasswordTabHelper::ShouldAllowRequest(
        web_state_->GetLastCommittedURL().is_empty() &&  // empty tab history
        IsWellKnownChangePasswordUrl(request_url)) {
      request_url_ = request_url;
-      change_password_url_service_->PrefetchURLs();
+      if (base::FeatureList::IsEnabled(
+              password_manager::features::kChangePasswordAffiliationInfo)) {
+        if (affiliation_service_->GetChangePasswordURL(request_url_)
+                .is_empty()) {
+          well_known_change_password_state_.PrefetchChangePasswordURLs(
+              affiliation_service_, {request_url_});
+        }
+      } else {
+        change_password_url_service_->PrefetchURLs();
+      }
      auto url_loader_factory =
          web_state_->GetBrowserState()->GetSharedURLLoaderFactory();
      well_known_change_password_state_.FetchNonExistingResource(
@@ -126,8 +144,14 @@ void WellKnownChangePasswordTabHelper::OnProcessingFinished(bool is_supported) {
  } else {
    std::move(response_policy_callback_)
        .Run(web::WebStatePolicyDecider::PolicyDecision::Cancel());
-    GURL redirect_url =
+    GURL redirect_url;
-        change_password_url_service_->GetChangePasswordUrl(request_url_);
+    if (base::FeatureList::IsEnabled(
+            password_manager::features::kChangePasswordAffiliationInfo)) {
+      redirect_url = affiliation_service_->GetChangePasswordURL(request_url_);
+    } else {
+      redirect_url =
+          change_password_url_service_->GetChangePasswordUrl(request_url_);
+    }
    if (redirect_url.is_valid()) {
      RecordMetric(WellKnownChangePasswordResult::kFallbackToOverrideUrl);
      Redirect(redirect_url);

--- a/ios/chrome/browser/passwords/well_known_change_password_tab_helper_unittest.mm
+++ b/ios/chrome/browser/passwords/well_known_change_password_tab_helper_unittest.mm
@@ -6,9 +6,14 @@
 #import <Foundation/Foundation.h>
 #include "base/run_loop.h"
+#include "base/test/bind.h"
 #import "base/test/ios/wait_util.h"
+#include "base/test/scoped_feature_list.h"
+#include "components/password_manager/core/browser/site_affiliation/affiliation_service_impl.h"
 #include "components/password_manager/core/browser/well_known_change_password_util.h"
+#include "components/password_manager/core/common/password_manager_features.h"
 #include "components/ukm/test_ukm_recorder.h"
+#include "ios/chrome/browser/passwords/ios_chrome_affiliation_service_factory.h"
 #include "ios/chrome/browser/passwords/ios_chrome_change_password_url_service_factory.h"
 #import "ios/web/public/navigation/navigation_manager.h"
 #import "ios/web/public/test/fakes/fake_web_client.h"
@@ -26,6 +31,8 @@
 #include "services/metrics/public/cpp/ukm_builders.h"
 #include "services/network/public/cpp/weak_wrapper_shared_url_loader_factory.h"
 #include "services/network/test/test_url_loader_factory.h"
+#include "testing/gmock/include/gmock/gmock.h"
+#include "testing/gtest/include/gtest/gtest.h"
 #if !defined(__has_feature) || !__has_feature(objc_arc)
 #error "This file requires ARC support."
@@ -51,6 +58,27 @@ struct ServerResponse {
 constexpr char kMockChangePasswordPath[] = "/change-password-override";
+class TestAffiliationService : public password_manager::AffiliationService {
+ public:
+  void PrefetchChangePasswordURLs(
+      const std::vector<GURL>& urls,
+      /*AffiliationService:*/ base::OnceClosure closure) override {}
+  void Clear() override {}
+  GURL GetChangePasswordURL(const GURL& url) const override {
+    if (override_available_) {
+      GURL::Replacements replacement;
+      replacement.SetPathStr(kMockChangePasswordPath);
+      return url.ReplaceComponents(replacement);
+    }
+    return GURL();
+  }
+  void SetOverrideAvailable(bool available) { override_available_ = available; }
+ private:
+  bool override_available_ = false;
+};
 // Re-implementation of web::LoadUrl() that allows specifying a custom page
 // transition.
 void LoadUrlWithTransition(web::WebState* web_state,
@@ -87,8 +115,10 @@ class TestChangePasswordUrlService
 // This test uses a mockserver to simulate different response. To handle the
 // url_loader requests we also mock the response for the url_loader_factory.
-class WellKnownChangePasswordTabHelperTest : public web::FakeWebClient,
+class WellKnownChangePasswordTabHelperTest
-                                             public web::WebTestWithWebState {
+    : public web::FakeWebClient,
+      public web::WebTestWithWebState,
+      public ::testing::WithParamInterface<bool> {
 public:
  using UkmBuilder =
      ukm::builders::PasswordManager_WellKnownChangePasswordResult;
@@ -96,6 +126,14 @@ class WellKnownChangePasswordTabHelperTest : public web::FakeWebClient,
    test_server_->RegisterRequestHandler(base::BindRepeating(
        &WellKnownChangePasswordTabHelperTest::HandleRequest,
        base::Unretained(this)));
+    if (GetParam()) {
+      feature_list_.InitAndEnableFeature(
+          password_manager::features::kChangePasswordAffiliationInfo);
+    } else {
+      feature_list_.InitAndDisableFeature(
+          password_manager::features::kChangePasswordAffiliationInfo);
+    }
  }
  void SetUp() override {
@@ -103,14 +141,26 @@ class WellKnownChangePasswordTabHelperTest : public web::FakeWebClient,
    EXPECT_TRUE(test_server_->InitializeAndListen());
    test_server_->StartAcceptingConnections();
-    url_service_ = static_cast<TestChangePasswordUrlService*>(
+    if (GetParam()) {
-        IOSChromeChangePasswordUrlServiceFactory::GetInstance()
+      affiliation_service_ = static_cast<TestAffiliationService*>(
-            ->SetTestingFactoryAndUse(
+          IOSChromeAffiliationServiceFactory::GetInstance()
-                web_state()->GetBrowserState(),
+              ->SetTestingFactoryAndUse(
-                base::BindRepeating([](web::BrowserState* browser_state) {
+                  web_state()->GetBrowserState(),
-                  return std::unique_ptr<KeyedService>(
+                  base::BindRepeating([](web::BrowserState* browser_state) {
-                      std::make_unique<TestChangePasswordUrlService>());
+                    return std::unique_ptr<KeyedService>(
-                })));
+                        std::make_unique<TestAffiliationService>());
+                  })));
+    } else {
+      url_service_ = static_cast<TestChangePasswordUrlService*>(
+          IOSChromeChangePasswordUrlServiceFactory::GetInstance()
+              ->SetTestingFactoryAndUse(
+                  web_state()->GetBrowserState(),
+                  base::BindRepeating([](web::BrowserState* browser_state) {
+                    return std::unique_ptr<KeyedService>(
+                        std::make_unique<TestChangePasswordUrlService>());
+                  })));
+    }
    web_state()->SetDelegate(&delegate_);
    password_manager::WellKnownChangePasswordTabHelper::CreateForWebState(
        web_state());
@@ -142,11 +192,19 @@ class WellKnownChangePasswordTabHelperTest : public web::FakeWebClient,
  // Returns the url after the navigation is complete.
  GURL GetNavigatedUrl() const;
+  // Sets if change passwords URL can be obtained.
+  void SetOverrideAvailable(bool available) {
+    if (GetParam()) {
+      affiliation_service_->SetOverrideAvailable(available);
+    } else {
+      url_service_->SetOverrideAvailable(available);
+    }
+  }
  // Maps a path to a ServerResponse config object.
  base::flat_map<std::string, ServerResponse> path_response_map_;
  std::unique_ptr<EmbeddedTestServer> test_server_ =
      std::make_unique<EmbeddedTestServer>();
-  TestChangePasswordUrlService* url_service_ = nullptr;
  std::unique_ptr<ukm::TestAutoSetUkmRecorder> test_recorder_;
 private:
@@ -155,8 +213,11 @@ class WellKnownChangePasswordTabHelperTest : public web::FakeWebClient,
  // |path_response_map_|.
  std::unique_ptr<HttpResponse> HandleRequest(const HttpRequest& request);
+  base::test::ScopedFeatureList feature_list_;
  network::TestURLLoaderFactory test_url_loader_factory_;
  web::FakeWebStateDelegate delegate_;
+  TestChangePasswordUrlService* url_service_ = nullptr;
+  TestAffiliationService* affiliation_service_ = nullptr;
 };
 GURL WellKnownChangePasswordTabHelperTest::GetNavigatedUrl() const {
@@ -199,7 +260,7 @@ WellKnownChangePasswordTabHelperTest::HandleRequest(
  return http_response;
 }
-TEST_F(WellKnownChangePasswordTabHelperTest, SupportForChangePassword) {
+TEST_P(WellKnownChangePasswordTabHelperTest, SupportForChangePassword) {
  path_response_map_[kWellKnownChangePasswordPath] = {net::HTTP_OK, {}};
  SetUrlLoaderResponse(kWellKnownNotExistingResourcePath, net::HTTP_NOT_FOUND);
@@ -211,7 +272,7 @@ TEST_F(WellKnownChangePasswordTabHelperTest, SupportForChangePassword) {
  ExpectUkmMetric(WellKnownChangePasswordResult::kUsedWellKnownChangePassword);
 }
-TEST_F(WellKnownChangePasswordTabHelperTest,
+TEST_P(WellKnownChangePasswordTabHelperTest,
       SupportForChangePassword_WithRedirect) {
  path_response_map_[kWellKnownChangePasswordPath] = {
      net::HTTP_PERMANENT_REDIRECT,
@@ -227,7 +288,7 @@ TEST_F(WellKnownChangePasswordTabHelperTest,
  ExpectUkmMetric(WellKnownChangePasswordResult::kUsedWellKnownChangePassword);
 }
-TEST_F(WellKnownChangePasswordTabHelperTest,
+TEST_P(WellKnownChangePasswordTabHelperTest,
       NoSupportForChangePassword_NotFound) {
  path_response_map_[kWellKnownChangePasswordPath] = {net::HTTP_NOT_FOUND, {}};
  path_response_map_["/"] = {net::HTTP_OK, {}};
@@ -240,7 +301,7 @@ TEST_F(WellKnownChangePasswordTabHelperTest,
  ExpectUkmMetric(WellKnownChangePasswordResult::kFallbackToOriginUrl);
 }
-TEST_F(WellKnownChangePasswordTabHelperTest, NoSupportForChangePassword_Ok) {
+TEST_P(WellKnownChangePasswordTabHelperTest, NoSupportForChangePassword_Ok) {
  path_response_map_[kWellKnownChangePasswordPath] = {net::HTTP_OK, {}};
  path_response_map_["/"] = {net::HTTP_OK, {}};
  SetUrlLoaderResponse(kWellKnownNotExistingResourcePath, net::HTTP_OK);
@@ -252,7 +313,7 @@ TEST_F(WellKnownChangePasswordTabHelperTest, NoSupportForChangePassword_Ok) {
  ExpectUkmMetric(WellKnownChangePasswordResult::kFallbackToOriginUrl);
 }
-TEST_F(WellKnownChangePasswordTabHelperTest,
+TEST_P(WellKnownChangePasswordTabHelperTest,
       NoSupportForChangePassword_WithRedirect) {
  path_response_map_[kWellKnownChangePasswordPath] = {
      net::HTTP_PERMANENT_REDIRECT, {std::make_pair("Location", "/not-found")}};
@@ -265,9 +326,9 @@ TEST_F(WellKnownChangePasswordTabHelperTest,
  ExpectUkmMetric(WellKnownChangePasswordResult::kFallbackToOriginUrl);
 }
-TEST_F(WellKnownChangePasswordTabHelperTest,
+TEST_P(WellKnownChangePasswordTabHelperTest,
       NoSupportForChangePassword_WithOverride) {
-  url_service_->SetOverrideAvailable(true);
+  SetOverrideAvailable(true);
  path_response_map_[kWellKnownChangePasswordPath] = {
      net::HTTP_PERMANENT_REDIRECT, {std::make_pair("Location", "/not-found")}};
  path_response_map_["/not-found"] = {net::HTTP_NOT_FOUND, {}};
@@ -279,7 +340,7 @@ TEST_F(WellKnownChangePasswordTabHelperTest,
  ExpectUkmMetric(WellKnownChangePasswordResult::kFallbackToOverrideUrl);
 }
-TEST_F(WellKnownChangePasswordTabHelperTest,
+TEST_P(WellKnownChangePasswordTabHelperTest,
       NoSupportForChangePasswordForLinks) {
  path_response_map_[kWellKnownChangePasswordPath] = {net::HTTP_OK, {}};
  LoadUrlWithTransition(web_state(),
@@ -292,3 +353,7 @@ TEST_F(WellKnownChangePasswordTabHelperTest,
  // no metrics should be recorded.
  EXPECT_TRUE(test_recorder_->GetEntriesByName(UkmBuilder::kEntryName).empty());
 }
+INSTANTIATE_TEST_SUITE_P(ChangePasswordWithAffiliationDisabledAndEnabled,
+                         WellKnownChangePasswordTabHelperTest,
+                         ::testing::Bool());