Add WellKnownChangePasswordTabHelper

Implements the behaviour for .well-known/change-password urls, analogous to the WellKnownChangePasswordNavigationThrottle Bug: 927473 Change-Id: Ib3eed87306ed6b3b5bc1f49f4aa8b91369c614dd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2317952 Commit-Queue: Jonathan Mengedoht <mengedoht@google.com> Reviewed-by: Eugene But <eugenebut@chromium.org> Cr-Commit-Position: refs/heads/master@{#794708}

Add WellKnownChangePasswordTabHelper
Implements the behaviour for .well-known/change-password urls, analogous to the WellKnownChangePasswordNavigationThrottle Bug: 927473 Change-Id: Ib3eed87306ed6b3b5bc1f49f4aa8b91369c614dd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2317952 Commit-Queue: Jonathan Mengedoht <mengedoht@google.com> Reviewed-by: Eugene But <eugenebut@chromium.org> Cr-Commit-Position: refs/heads/master@{#794708}
d42e3920 · Jonathan Mengedoht · Commit Bot · a92112f3 · d42e3920 · d42e3920
Commit d42e3920 authored Aug 04, 2020 by Jonathan Mengedoht Committed by Commit Bot Aug 04, 2020
5 changed files
--- a/ios/chrome/browser/passwords/BUILD.gn
+++ b/ios/chrome/browser/passwords/BUILD.gn
@@ -45,6 +45,8 @@ source_set("passwords") {
    "save_passwords_consumer.mm",
    "update_password_infobar_controller.h",
    "update_password_infobar_controller.mm",
+    "well_known_change_password_tab_helper.h",
+    "well_known_change_password_tab_helper.mm",
  ]
  deps = [
    ":infobar_delegates",
@@ -172,6 +174,7 @@ source_set("unit_tests") {
    "js_credential_manager_unittest.mm",
    "password_controller_js_unittest.mm",
    "password_controller_unittest.mm",
+    "well_known_change_password_tab_helper_unittest.mm",
  ]
  deps = [
    ":passwords",

--- a/ios/chrome/browser/passwords/well_known_change_password_tab_helper.h
+++ b/ios/chrome/browser/passwords/well_known_change_password_tab_helper.h
+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#ifndef IOS_CHROME_BROWSER_PASSWORDS_WELL_KNOWN_CHANGE_PASSWORD_TAB_HELPER_H_
+#define IOS_CHROME_BROWSER_PASSWORDS_WELL_KNOWN_CHANGE_PASSWORD_TAB_HELPER_H_
+#include "ios/web/public/navigation/web_state_policy_decider.h"
+#include "ios/web/public/web_state_observer.h"
+#import "ios/web/public/web_state_user_data.h"
+namespace password_manager {
+// This TabHelper checks whether a site supports the .well-known/change-password
+// url. To check whether a site supports the change-password url the TabHelper
+// also request a .well-known path that is defined to return a 404. When that
+// one returns 404 and the change password path 2XX we assume the site supports
+// the change-password url. If the site does not support the change password
+// url, the user gets redirected to the base path '/'. If the sites supports the
+// standard, the request is allowed and the navigation is not changed.
+class WellKnownChangePasswordTabHelper
+    : public web::WebStatePolicyDecider,
+      public web::WebStateObserver,
+      public web::WebStateUserData<WellKnownChangePasswordTabHelper> {
+ public:
+  ~WellKnownChangePasswordTabHelper() override;
+  PolicyDecision ShouldAllowRequest(NSURLRequest* request,
+                                    const RequestInfo& request_info) override;
+  void ShouldAllowResponse(
+      NSURLResponse* response,
+      bool for_main_frame,
+      web::WebStatePolicyDecider::PolicyDecisionCallback callback) override;
+  void DidRedirectNavigation(
+      web::WebState* web_state,
+      web::NavigationContext* navigation_context) override;
+  void WebStateDestroyed() override;
+  void WebStateDestroyed(web::WebState* web_state) override;
+ private:
+  explicit WellKnownChangePasswordTabHelper(web::WebState* web_state);
+  friend class web::WebStateUserData<WellKnownChangePasswordTabHelper>;
+  web::WebState* web_state_ = nullptr;
+  WEB_STATE_USER_DATA_KEY_DECL();
+};
+}  // namespace password_manager
+#endif  // IOS_CHROME_BROWSER_PASSWORDS_WELL_KNOWN_CHANGE_PASSWORD_TAB_HELPER_H_
--- a/ios/chrome/browser/passwords/well_known_change_password_tab_helper.mm
+++ b/ios/chrome/browser/passwords/well_known_change_password_tab_helper.mm
+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#import "ios/chrome/browser/passwords/well_known_change_password_tab_helper.h"
+#import <Foundation/Foundation.h>
+#include "base/logging.h"
+#include "components/password_manager/core/common/password_manager_features.h"
+#include "ios/chrome/browser/browser_state/chrome_browser_state.h"
+#import "ios/web/public/navigation/navigation_context.h"
+#import "net/base/mac/url_conversions.h"
+#if !defined(__has_feature) || !__has_feature(objc_arc)
+#error "This file requires ARC support."
+#endif
+namespace {
+// .well-known/change-password is a defined standard that points to the sites
+// change password form. https://wicg.github.io/change-password-url/
+bool IsWellKnownChangePasswordUrl(const GURL& url) {
+  return url.SchemeIsHTTPOrHTTPS() &&
+         (url.path() == "/.well-known/change-password" ||
+          url.path() == "/.well-known/change-password/");
+}
+}
+namespace password_manager {
+WellKnownChangePasswordTabHelper::WellKnownChangePasswordTabHelper(
+    web::WebState* web_state)
+    : web::WebStatePolicyDecider(web_state), web_state_(web_state) {
+  web_state->AddObserver(this);
+}
+WellKnownChangePasswordTabHelper::~WellKnownChangePasswordTabHelper() = default;
+void WellKnownChangePasswordTabHelper::DidRedirectNavigation(
+    web::WebState* web_state,
+    web::NavigationContext* navigation_context) {
+  // TODO(crbug.com/927473): handle redirects
+}
+web::WebStatePolicyDecider::PolicyDecision
+WellKnownChangePasswordTabHelper::ShouldAllowRequest(
+    NSURLRequest* request,
+    const RequestInfo& request_info) {
+  const GURL& request_url = net::GURLWithNSURL(request.URL);
+  // Boolean order important. First url then feature flag. Otherwise it messes
+  // with usage statistics of control and experimental group (UMA).
+  if (request_info.target_frame_is_main &&
+      IsWellKnownChangePasswordUrl(request_url) &&
+      base::FeatureList::IsEnabled(
+          password_manager::features::kWellKnownChangePassword)) {
+    // TODO(crbug.com/927473): Make request to non existing resource and check
+    // if well-known/change-password is supported.
+  }
+  return web::WebStatePolicyDecider::PolicyDecision::Allow();
+}
+void WellKnownChangePasswordTabHelper::ShouldAllowResponse(
+    NSURLResponse* response,
+    bool for_main_frame,
+    web::WebStatePolicyDecider::PolicyDecisionCallback callback) {
+  const GURL& url = net::GURLWithNSURL(response.URL);
+  // Boolean order important, feature flag check last. Otherwise it messes
+  // with usage statistics.
+  // We only want to handle main_frame requests to keep consistency with the
+  // NavigationThrottle implementation.
+  if (!for_main_frame || !IsWellKnownChangePasswordUrl(url) ||
+      !base::FeatureList::IsEnabled(
+          password_manager::features::kWellKnownChangePassword)) {
+    // TODO(crbug.com/927473): Handle .well-known/change-passord response.
+    std::move(callback).Run(
+        web::WebStatePolicyDecider::PolicyDecision::Allow());
+    return;
+  }
+  // TODO(crbug.com/927473): Handle Response
+  std::move(callback).Run(web::WebStatePolicyDecider::PolicyDecision::Allow());
+}
+void WellKnownChangePasswordTabHelper::WebStateDestroyed() {}
+void WellKnownChangePasswordTabHelper::WebStateDestroyed(
+    web::WebState* web_state) {
+  web_state->RemoveObserver(this);
+}
+WEB_STATE_USER_DATA_KEY_IMPL(WellKnownChangePasswordTabHelper)
+}
--- a/ios/chrome/browser/passwords/well_known_change_password_tab_helper_unittest.mm
+++ b/ios/chrome/browser/passwords/well_known_change_password_tab_helper_unittest.mm
+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#import "ios/chrome/browser/passwords/well_known_change_password_tab_helper.h"
+#if !defined(__has_feature) || !__has_feature(objc_arc)
+#error "This file requires ARC support."
+#endif
--- a/ios/chrome/browser/tabs/tab_helper_util.mm
+++ b/ios/chrome/browser/tabs/tab_helper_util.mm
@@ -46,6 +46,7 @@
 #import "ios/chrome/browser/open_in/open_in_tab_helper.h"
 #import "ios/chrome/browser/overscroll_actions/overscroll_actions_tab_helper.h"
 #import "ios/chrome/browser/passwords/password_tab_helper.h"
+#import "ios/chrome/browser/passwords/well_known_change_password_tab_helper.h"
 #import "ios/chrome/browser/policy/policy_features.h"
 #import "ios/chrome/browser/policy_url_blocking/policy_url_blocking_tab_helper.h"
 #include "ios/chrome/browser/reading_list/reading_list_model_factory.h"
@@ -115,6 +116,8 @@ void AttachTabHelpers(web::WebState* web_state, bool for_prerender) {
  AppLauncherTabHelper::CreateForWebState(web_state);
  security_interstitials::IOSBlockingPageTabHelper::CreateForWebState(
      web_state);
+  password_manager::WellKnownChangePasswordTabHelper::CreateForWebState(
+      web_state);
  if (base::FeatureList::IsEnabled(web::features::kUseJSForErrorPage)) {
    InvalidUrlTabHelper::CreateForWebState(web_state);