Update CompromiseTypeFlags

This CL adds kWeakCredential flag to CompromiseTypeFlags enum and rename it to InsecureCredentialTypeFlags. We need this changes because in the feature we want to add passwords weakness check and use this enum. Bug: 1119752 Change-Id: Ic27157ef119f9725b20d35507e371117ae95d51c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2377720 Commit-Queue: Irina Fedorova <irfedorova@google.com> Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org> Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> Cr-Commit-Position: refs/heads/master@{#802676}

Update CompromiseTypeFlags
This CL adds kWeakCredential flag to CompromiseTypeFlags enum and rename it to InsecureCredentialTypeFlags. We need this changes because in the feature we want to add passwords weakness check and use this enum. Bug: 1119752 Change-Id: Ic27157ef119f9725b20d35507e371117ae95d51c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2377720 Commit-Queue: Irina Fedorova <irfedorova@google.com> Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org> Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> Cr-Commit-Position: refs/heads/master@{#802676}
d77deebb · Irina Fedorova · Commit Bot · 41f8db90 · d77deebb · d77deebb
Commit d77deebb authored Aug 28, 2020 by Irina Fedorova Committed by Commit Bot Aug 28, 2020
8 changed files
--- a/chrome/browser/extensions/api/passwords_private/password_check_delegate.cc
+++ b/chrome/browser/extensions/api/passwords_private/password_check_delegate.cc
@@ -56,8 +56,8 @@ namespace {
 using autofill::PasswordForm;
 using password_manager::CanonicalizeUsername;
-using password_manager::CompromiseTypeFlags;
 using password_manager::CredentialWithPassword;
+using password_manager::InsecureCredentialTypeFlags;
 using password_manager::LeakCheckCredential;
 using ui::TimeFormat;
@@ -72,6 +72,14 @@ std::unique_ptr<std::string> GetChangePasswordUrl(const GURL& url) {
      password_manager::CreateChangePasswordUrl(url).spec());
 }
+// Unsets the bit responsible for the weak credential in the |flag|.
+InsecureCredentialTypeFlags UnsetWeakCredentialTypeFlag(
+    InsecureCredentialTypeFlags flag) {
+  return static_cast<InsecureCredentialTypeFlags>(
+      static_cast<int>(flag) &
+      ~(static_cast<int>(InsecureCredentialTypeFlags::kWeakCredential)));
+}
 }  // namespace
 // Key used to attach UserData to a LeakCheckCredential.
@@ -194,8 +202,10 @@ std::vector<CompromisedCredentialAndType> OrderCompromisedCredentials(
  std::vector<CompromisedCredentialAndType> results;
  results.reserve(compromised_credentials.size());
  for (auto& credential : compromised_credentials) {
+    // Since CompromiseType does not contain information about weakness of
+    // credential, we need to unset this bit in the |credential.insecure_type|.
    auto type = static_cast<api::passwords_private::CompromiseType>(
-        credential.compromise_type);
+        UnsetWeakCredentialTypeFlag(credential.insecure_type));
    results.push_back({std::move(credential), type});
  }
  // Reordering phished credential to the beginning.

--- a/chrome/browser/extensions/api/passwords_private/password_check_delegate_unittest.cc
+++ b/chrome/browser/extensions/api/passwords_private/password_check_delegate_unittest.cc
@@ -75,7 +75,7 @@ using password_manager::BulkLeakCheckDelegateInterface;
 using password_manager::BulkLeakCheckService;
 using password_manager::CompromisedCredentials;
 using password_manager::CompromiseType;
-using password_manager::CompromiseTypeFlags;
+using password_manager::InsecureCredentialTypeFlags;
 using password_manager::IsLeaked;
 using password_manager::LeakCheckCredential;
 using password_manager::TestPasswordStore;
@@ -264,21 +264,21 @@ class PasswordCheckDelegateTest : public ::testing::Test {
 TEST_F(PasswordCheckDelegateTest, VerifyCastingOfCompromisedCredentialTypes) {
  static_assert(
      static_cast<int>(api::passwords_private::COMPROMISE_TYPE_NONE) ==
-          static_cast<int>(CompromiseTypeFlags::kNotCompromised),
+          static_cast<int>(InsecureCredentialTypeFlags::kSecure),
      "");
  static_assert(
      static_cast<int>(api::passwords_private::COMPROMISE_TYPE_LEAKED) ==
-          static_cast<int>(CompromiseTypeFlags::kCredentialLeaked),
+          static_cast<int>(InsecureCredentialTypeFlags::kCredentialLeaked),
      "");
  static_assert(
      static_cast<int>(api::passwords_private::COMPROMISE_TYPE_PHISHED) ==
-          static_cast<int>(CompromiseTypeFlags::kCredentialPhished),
+          static_cast<int>(InsecureCredentialTypeFlags::kCredentialPhished),
      "");
  static_assert(
      static_cast<int>(
          api::passwords_private::COMPROMISE_TYPE_PHISHED_AND_LEAKED) ==
-          static_cast<int>(CompromiseTypeFlags::kCredentialLeaked |
+          static_cast<int>(InsecureCredentialTypeFlags::kCredentialLeaked |
-                           CompromiseTypeFlags::kCredentialPhished),
+                           InsecureCredentialTypeFlags::kCredentialPhished),
      "");
 }

--- a/chrome/browser/password_check/android/password_check_bridge.cc
+++ b/chrome/browser/password_check/android/password_check_bridge.cc
@@ -86,10 +86,10 @@ void PasswordCheckBridge::GetCompromisedCredentials(
                                               credential.change_password_url),
        base::android::ConvertUTF8ToJavaString(env, credential.package_name),
        credential.create_time.ToJavaTime(),
-        (credential.compromise_type ==
+        (credential.insecure_type ==
-         password_manager::CompromiseTypeFlags::kCredentialLeaked),
+         password_manager::InsecureCredentialTypeFlags::kCredentialLeaked),
-        (credential.compromise_type ==
+        (credential.insecure_type ==
-         password_manager::CompromiseTypeFlags::kCredentialPhished),
+         password_manager::InsecureCredentialTypeFlags::kCredentialPhished),
        credential.has_script);
  }
 }

--- a/chrome/browser/password_check/android/password_check_manager_unittest.cc
+++ b/chrome/browser/password_check/android/password_check_manager_unittest.cc
@@ -40,6 +40,7 @@ using autofill::PasswordForm;
 using password_manager::BulkLeakCheckService;
 using password_manager::CompromisedCredentials;
 using password_manager::CompromiseType;
+using password_manager::InsecureCredentialTypeFlags;
 using password_manager::PasswordCheckUIStatus;
 using password_manager::TestPasswordStore;
 using password_manager::prefs::kLastTimePasswordCheckCompleted;
@@ -54,7 +55,6 @@ using testing::Return;
 using CompromisedCredentialForUI =
    PasswordCheckManager::CompromisedCredentialForUI;
-using CompromiseTypeFlags = password_manager::CompromiseTypeFlags;
 using State = password_manager::BulkLeakCheckService::State;
 namespace {
@@ -187,7 +187,7 @@ auto ExpectCompromisedCredentialForUI(
    const base::string16& display_origin,
    const base::Optional<std::string>& package_name,
    const base::Optional<std::string>& change_password_url,
-    CompromiseTypeFlags compromise_type,
+    InsecureCredentialTypeFlags insecure_type,
    bool has_script) {
  auto package_name_field_matcher =
      package_name.has_value()
@@ -203,7 +203,7 @@ auto ExpectCompromisedCredentialForUI(
      Field(&CompromisedCredentialForUI::display_username, display_username),
      Field(&CompromisedCredentialForUI::display_origin, display_origin),
      package_name_field_matcher, change_password_url_field_matcher,
-      Field(&CompromisedCredentialForUI::compromise_type, compromise_type),
+      Field(&CompromisedCredentialForUI::insecure_type, insecure_type),
      Field(&CompromisedCredentialForUI::has_script, has_script));
 }
@@ -309,7 +309,7 @@ TEST_F(PasswordCheckManagerTest, CorrectlyCreatesUIStructForSiteCredential) {
      ElementsAre(ExpectCompromisedCredentialForUI(
          base::ASCIIToUTF16(kUsername1), base::ASCIIToUTF16("example.com"),
          base::nullopt, "https://example.com/",
-          CompromiseTypeFlags::kCredentialLeaked,
+          InsecureCredentialTypeFlags::kCredentialLeaked,
          /*has_script=*/false)));
 }
@@ -333,12 +333,12 @@ TEST_F(PasswordCheckManagerTest, CorrectlyCreatesUIStructForAppCredentials) {
          ExpectCompromisedCredentialForUI(
              base::ASCIIToUTF16(kUsername1),
              base::ASCIIToUTF16("App (com.example.app)"), "com.example.app",
-              base::nullopt, CompromiseTypeFlags::kCredentialLeaked,
+              base::nullopt, InsecureCredentialTypeFlags::kCredentialLeaked,
              /*has_script=*/false),
          ExpectCompromisedCredentialForUI(
              base::ASCIIToUTF16(kUsername2), base::ASCIIToUTF16("Example App"),
              "com.example.app", base::nullopt,
-              CompromiseTypeFlags::kCredentialLeaked,
+              InsecureCredentialTypeFlags::kCredentialLeaked,
              /*has_script=*/false)));
 }
@@ -388,7 +388,8 @@ TEST_F(PasswordCheckManagerTest,
      ElementsAre(ExpectCompromisedCredentialForUI(
          base::ASCIIToUTF16(kUsername1), base::ASCIIToUTF16("example.com"),
          base::nullopt, "https://example.com/",
-          CompromiseTypeFlags::kCredentialLeaked, /*has_script=*/false)));
+          InsecureCredentialTypeFlags::kCredentialLeaked,
+          /*has_script=*/false)));
 }
 TEST_F(PasswordCheckManagerTest,
@@ -414,7 +415,8 @@ TEST_F(PasswordCheckManagerTest,
      ElementsAre(ExpectCompromisedCredentialForUI(
          base::ASCIIToUTF16(kUsername1), base::ASCIIToUTF16("example.com"),
          base::nullopt, "https://example.com/",
-          CompromiseTypeFlags::kCredentialLeaked, /*has_script=*/true)));
+          InsecureCredentialTypeFlags::kCredentialLeaked,
+          /*has_script=*/true)));
 }
 TEST_F(PasswordCheckManagerTest, UpdatesProgressCorrectly) {

--- a/components/password_manager/core/browser/ui/compromised_credentials_manager.cc
+++ b/components/password_manager/core/browser/ui/compromised_credentials_manager.cc
@@ -19,10 +19,10 @@
 namespace password_manager {
-// Extra information about CompromisedCredentials which is required by UI.
+// Extra information about InsecureCredentials which is required by UI.
 struct CredentialMetadata {
  std::vector<autofill::PasswordForm> forms;
-  CompromiseTypeFlags type = CompromiseTypeFlags::kNotCompromised;
+  InsecureCredentialTypeFlags type = InsecureCredentialTypeFlags::kSecure;
  base::Time latest_time;
 };
@@ -54,20 +54,20 @@ struct CredentialWithoutPasswordLess {
  }
 };
-CompromiseTypeFlags ConvertCompromiseType(CompromiseType type) {
+InsecureCredentialTypeFlags ConvertCompromiseType(CompromiseType type) {
  switch (type) {
    case CompromiseType::kLeaked:
-      return CompromiseTypeFlags::kCredentialLeaked;
+      return InsecureCredentialTypeFlags::kCredentialLeaked;
    case CompromiseType::kPhished:
-      return CompromiseTypeFlags::kCredentialPhished;
+      return InsecureCredentialTypeFlags::kCredentialPhished;
  }
  NOTREACHED();
 }
 // This function takes two lists of compromised credentials and saved passwords
 // and joins them, producing a map that contains CredentialWithPassword as keys
-// and vector<autofill::PasswordForm> as values with CredentialCompromiseType as
+// and vector<autofill::PasswordForm> as values with InsecureCredentialTypeFlags
-// values.
+// as values.
 CredentialPasswordsMap JoinCompromisedCredentialsWithSavedPasswords(
    const std::vector<CompromisedCredentials>& credentials,
    SavedPasswordsPresenter::SavedPasswordsView saved_passwords) {
@@ -83,7 +83,7 @@ CredentialPasswordsMap JoinCompromisedCredentialsWithSavedPasswords(
    for (const auto& form : saved_passwords) {
      CredentialView compromised_credential(form);
      auto& credential_to_form = credentials_to_forms[compromised_credential];
-      credential_to_form.type = CompromiseTypeFlags::kCredentialLeaked;
+      credential_to_form.type = InsecureCredentialTypeFlags::kCredentialLeaked;
      credential_to_form.forms.push_back(form);
      credential_to_form.latest_time = form.date_created;
    }
@@ -131,7 +131,7 @@ std::vector<CredentialWithPassword> ExtractCompromisedCredentials(
  credentials.reserve(credentials_to_forms.size());
  for (const auto& credential_to_forms : credentials_to_forms) {
    CredentialWithPassword credential(credential_to_forms.first);
-    credential.compromise_type = credential_to_forms.second.type;
+    credential.insecure_type = credential_to_forms.second.type;
    credential.create_time = credential_to_forms.second.latest_time;
    credentials.push_back(std::move(credential));
  }
@@ -178,7 +178,7 @@ CredentialWithPassword::CredentialWithPassword(
                     credential.username,
                     /*password=*/{}),
      create_time(credential.create_time),
-      compromise_type(ConvertCompromiseType(credential.compromise_type)) {}
+      insecure_type(ConvertCompromiseType(credential.compromise_type)) {}
 CredentialWithPassword& CredentialWithPassword::operator=(
    const CredentialWithPassword& other) = default;

--- a/components/password_manager/core/browser/ui/compromised_credentials_manager.h
+++ b/components/password_manager/core/browser/ui/compromised_credentials_manager.h
@@ -27,22 +27,24 @@ namespace password_manager {
 class LeakCheckCredential;
-enum class CompromiseTypeFlags {
+enum class InsecureCredentialTypeFlags {
-  kNotCompromised = 0,
+  kSecure = 0,
-  // If the credentials was leaked by a data breach.
+  // If the credential was leaked by a data breach.
  kCredentialLeaked = 1 << 0,
-  // If the credentials was reused on a phishing site.
+  // If the credential was reused on a phishing site.
  kCredentialPhished = 1 << 1,
+  // If the credential has a weak password.
+  kWeakCredential = 1 << 2,
 };
-constexpr CompromiseTypeFlags operator|(CompromiseTypeFlags lhs,
+constexpr InsecureCredentialTypeFlags operator|(
-                                        CompromiseTypeFlags rhs) {
+    InsecureCredentialTypeFlags lhs,
-  return static_cast<CompromiseTypeFlags>(static_cast<int>(lhs) |
+    InsecureCredentialTypeFlags rhs) {
-                                          static_cast<int>(rhs));
+  return static_cast<InsecureCredentialTypeFlags>(static_cast<int>(lhs) |
+                                                  static_cast<int>(rhs));
 }
-// Simple struct that augments key values of CompromisedCredentials and a
+// Simple struct that augments key values of InsecureCredentials and a password.
-// password.
 struct CredentialView {
  CredentialView(std::string signon_realm,
                 GURL url,
@@ -62,10 +64,11 @@ struct CredentialView {
  base::string16 password;
 };
-// All information needed by UI to represent CompromisedCredential. It's a
+// All information needed by UI to represent InsecureCredential. It's a result
-// result of deduplicating CompromisedCredentials to have single entity both for
+// of deduplicating InsecureCredentials to have single entity for phished,
-// phished and leaked credentials with latest |create_time|, and after that
+// leaked and weak credentials with latest |create_time|, and after that joining
-// joining with autofill::PasswordForms to get passwords.
+// with autofill::PasswordForms to get passwords. If the credential is only
+// weak, |create_time| will be unset.
 struct CredentialWithPassword : CredentialView {
  explicit CredentialWithPassword(const CredentialView& credential);
  explicit CredentialWithPassword(const CompromisedCredentials& credential);
@@ -77,7 +80,8 @@ struct CredentialWithPassword : CredentialView {
  CredentialWithPassword& operator=(const CredentialWithPassword& other);
  CredentialWithPassword& operator=(CredentialWithPassword&& other);
  base::Time create_time;
-  CompromiseTypeFlags compromise_type = CompromiseTypeFlags::kNotCompromised;
+  InsecureCredentialTypeFlags insecure_type =
+      InsecureCredentialTypeFlags::kSecure;
 };
 // Comparator that can compare CredentialView or CredentialsWithPasswords.
@@ -88,7 +92,7 @@ struct PasswordCredentialLess {
  }
 };
-// Extra information about CompromisedCredentials which is required by UI.
+// Extra information about InsecureCredentials which is required by UI.
 struct CredentialMetadata;
 // This class provides clients with saved compromised credentials and

--- a/components/password_manager/core/browser/ui/compromised_credentials_manager_unittest.cc
+++ b/components/password_manager/core/browser/ui/compromised_credentials_manager_unittest.cc
@@ -77,10 +77,10 @@ CredentialWithPassword MakeCompromisedCredential(
    CompromisedCredentials credential) {
  CredentialWithPassword credential_with_password((CredentialView(form)));
  credential_with_password.create_time = credential.create_time;
-  credential_with_password.compromise_type =
+  credential_with_password.insecure_type =
      credential.compromise_type == CompromiseType::kLeaked
-          ? CompromiseTypeFlags::kCredentialLeaked
+          ? InsecureCredentialTypeFlags::kCredentialLeaked
-          : CompromiseTypeFlags::kCredentialPhished;
+          : InsecureCredentialTypeFlags::kCredentialPhished;
  return credential_with_password;
 }
@@ -113,8 +113,7 @@ bool operator==(const CredentialWithPassword& lhs,
                const CredentialWithPassword& rhs) {
  return lhs.signon_realm == rhs.signon_realm && lhs.username == rhs.username &&
         lhs.create_time == rhs.create_time &&
-         lhs.compromise_type == rhs.compromise_type &&
+         lhs.insecure_type == rhs.insecure_type && lhs.password == rhs.password;
-         lhs.password == rhs.password;
 }
 std::ostream& operator<<(std::ostream& out,
@@ -123,7 +122,7 @@ std::ostream& operator<<(std::ostream& out,
             << ", username: " << credential.username
             << ", create_time: " << credential.create_time
             << ", compromise_type: "
-             << static_cast<int>(credential.compromise_type)
+             << static_cast<int>(credential.insecure_type)
             << ", password: " << credential.password << " }";
 }
@@ -272,8 +271,8 @@ TEST_F(CompromisedCredentialsManagerTest, JoinPhishedAndLeaked) {
  CredentialWithPassword expected = MakeCompromisedCredential(password, leaked);
  expected.password = password.password_value;
-  expected.compromise_type = (CompromiseTypeFlags::kCredentialLeaked |
+  expected.insecure_type = (InsecureCredentialTypeFlags::kCredentialLeaked |
-                              CompromiseTypeFlags::kCredentialPhished);
+                            InsecureCredentialTypeFlags::kCredentialPhished);
  EXPECT_THAT(provider().GetCompromisedCredentials(), ElementsAre(expected));
 }

--- a/ios/chrome/browser/passwords/ios_chrome_password_check_manager_unittest.mm
+++ b/ios/chrome/browser/passwords/ios_chrome_password_check_manager_unittest.mm
@@ -54,7 +54,7 @@ using password_manager::CredentialWithPassword;
 using password_manager::MockBulkLeakCheckService;
 using password_manager::CompromisedCredentials;
 using password_manager::CompromiseType;
-using password_manager::CompromiseTypeFlags;
+using password_manager::InsecureCredentialTypeFlags;
 using password_manager::IsLeaked;
 using password_manager::LeakCheckCredential;
 using password_manager::TestPasswordStore;
@@ -132,14 +132,14 @@ auto ExpectCompromisedCredential(const std::string& signon_realm,
                                 const base::StringPiece& username,
                                 const base::StringPiece& password,
                                 base::TimeDelta elapsed_time_since_compromise,
-                                 CompromiseTypeFlags compromise_type) {
+                                 InsecureCredentialTypeFlags insecure_type) {
  return AllOf(
      Field(&CredentialWithPassword::signon_realm, signon_realm),
      Field(&CredentialWithPassword::username, base::ASCIIToUTF16(username)),
      Field(&CredentialWithPassword::password, base::ASCIIToUTF16(password)),
      Field(&CredentialWithPassword::create_time,
            (base::Time::Now() - elapsed_time_since_compromise)),
-      Field(&CredentialWithPassword::compromise_type, compromise_type));
+      Field(&CredentialWithPassword::insecure_type, insecure_type));
 }
 class IOSChromePasswordCheckManagerTest : public PlatformTest {
@@ -189,7 +189,7 @@ TEST_F(IOSChromePasswordCheckManagerTest, GetCompromisedCredentials) {
      manager().GetCompromisedCredentials(),
      ElementsAre(ExpectCompromisedCredential(
          kExampleCom, kUsername1, kPassword1, base::TimeDelta::FromMinutes(1),
-          CompromiseTypeFlags::kCredentialLeaked)));
+          InsecureCredentialTypeFlags::kCredentialLeaked)));
 }
 // Test that we don't create an entry in the password store if IsLeaked is
@@ -223,7 +223,7 @@ TEST_F(IOSChromePasswordCheckManagerTest, OnLeakFoundCreatesCredential) {
      manager().GetCompromisedCredentials(),
      ElementsAre(ExpectCompromisedCredential(
          kExampleCom, kUsername1, kPassword1, base::TimeDelta::FromMinutes(0),
-          CompromiseTypeFlags::kCredentialLeaked)));
+          InsecureCredentialTypeFlags::kCredentialLeaked)));
 }
 // Verifies that the case where the user has no saved passwords is reported
@@ -286,7 +286,7 @@ TEST_F(IOSChromePasswordCheckManagerTest,
      observer,
      CompromisedCredentialsChanged(ElementsAre(ExpectCompromisedCredential(
          kExampleCom, kUsername1, kPassword1, base::TimeDelta::FromMinutes(1),
-          CompromiseTypeFlags::kCredentialLeaked))));
+          InsecureCredentialTypeFlags::kCredentialLeaked))));
  store().AddCompromisedCredentials(MakeCompromised(
      kExampleCom, kUsername1, base::TimeDelta::FromMinutes(1)));
  RunUntilIdle();
@@ -337,7 +337,7 @@ TEST_F(IOSChromePasswordCheckManagerTest, DeletePassword) {
      manager().GetCompromisedCredentials(),
      ElementsAre(ExpectCompromisedCredential(
          kExampleCom, kUsername1, kPassword1, base::TimeDelta::FromMinutes(1),
-          CompromiseTypeFlags::kCredentialLeaked)));
+          InsecureCredentialTypeFlags::kCredentialLeaked)));
  manager().DeleteCompromisedPasswordForm(form);
  RunUntilIdle();