Minor changes to RealPanClient to get a bit farther

in the getrealpan flow.

Also, switch to using RealPanClient instead of fake card numbers (meaning we can not demo the UI until getrealpan works).

BUG=451286

Review URL: https://codereview.chromium.org/875183003

Cr-Commit-Position: refs/heads/master@{#314369}

components/autofill/core/browser/autofill_manager.cc

@@ -561,8 +561,7 @@ void AutofillManager::FillOrPreviewForm(
       unmasking_query_id_ = query_id;
       unmasking_form_ = form;
       unmasking_field_ = field;
-      // TODO(estade): uncomment this after the demo.
-      // real_pan_client_.Prepare();
+      real_pan_client_.Prepare();
       client()->ShowUnmaskPrompt(unmasking_card_,
                                  weak_ptr_factory_.GetWeakPtr());
       return;
@@ -690,23 +689,9 @@ void AutofillManager::OnLoadedServerPredictions(
 void AutofillManager::OnUnmaskResponse(const base::string16& cvc,
                                        const base::string16& exp_month,
                                        const base::string16& exp_year) {
-  // Most of this function is demo code. The real code should look something
-  // like:
-  //   real_pan_client_.UnmaskCard(unmasking_card_, cvc, exp_month, exp_year);
-
   unmasking_cvc_ = cvc;
-  // TODO(estade): fake verification: assume 123/1234 is the correct cvc.
-  if (StartsWithASCII(base::UTF16ToASCII(cvc), "123", true)) {
-    base::MessageLoop::current()->PostDelayedTask(
-        FROM_HERE, base::Bind(&AutofillManager::OnUnmaskVerificationResult,
-                              base::Unretained(this), true),
-        base::TimeDelta::FromSeconds(2));
-  } else {
-    base::MessageLoop::current()->PostDelayedTask(
-        FROM_HERE, base::Bind(&AutofillManager::OnUnmaskVerificationResult,
-                              base::Unretained(this), false),
-        base::TimeDelta::FromSeconds(2));
-  }
+  // TODO(estade): use month/year.
+  real_pan_client_.UnmaskCard(unmasking_card_, base::UTF16ToASCII(cvc));
 }
 
 void AutofillManager::OnUnmaskPromptClosed() {
@@ -721,25 +706,15 @@ IdentityProvider* AutofillManager::GetIdentityProvider() {
 }
 
 void AutofillManager::OnDidGetRealPan(const std::string& real_pan) {
-  NOTIMPLEMENTED();
-}
-
-void AutofillManager::OnUnmaskVerificationResult(bool success) {
-  if (success) {
+  if (!real_pan.empty()) {
     unmasking_card_.set_record_type(CreditCard::FULL_SERVER_CARD);
-    if (unmasking_card_.type() == kAmericanExpressCard) {
-      unmasking_card_.SetNumber(base::ASCIIToUTF16("371449635398431"));
-    } else if (unmasking_card_.type() == kVisaCard) {
-      unmasking_card_.SetNumber(base::ASCIIToUTF16("4012888888881881"));
-    } else {
-      DCHECK_EQ(kDiscoverCard, unmasking_card_.type());
-      unmasking_card_.SetNumber(base::ASCIIToUTF16("6011000990139424"));
-    }
+    unmasking_card_.SetNumber(base::UTF8ToUTF16(real_pan));
     personal_data_->UpdateServerCreditCard(unmasking_card_);
     FillCreditCardForm(unmasking_query_id_, unmasking_form_, unmasking_field_,
                        unmasking_card_);
   }
-  client()->OnUnmaskVerificationResult(success);
+
+  client()->OnUnmaskVerificationResult(!real_pan.empty());
 }
 
 void AutofillManager::OnDidEndTextFieldEditing() {

components/autofill/core/browser/autofill_manager.h

@@ -238,9 +238,6 @@ class AutofillManager : public AutofillDownloadManager::Observer,
   IdentityProvider* GetIdentityProvider() override;
   void OnDidGetRealPan(const std::string& real_pan) override;
 
-  // A toy method called when the (fake) unmasking process has finished.
-  void OnUnmaskVerificationResult(bool success);
-
   // Returns false if Autofill is disabled or if no Autofill data is available.
   bool RefreshDataModels() const;
 

components/autofill/core/browser/wallet/real_pan_wallet_client.cc

@@ -4,6 +4,7 @@
 
 #include "components/autofill/core/browser/wallet/real_pan_wallet_client.h"
 
+#include "base/base64.h"
 #include "base/bind.h"
 #include "base/json/json_reader.h"
 #include "base/json/json_writer.h"
@@ -23,12 +24,11 @@ namespace wallet {
 namespace {
 
 const char kUnmaskCardRequestFormat[] =
-    "request_content_type=application/json&request=%s&cvc=%s";
+    "requestContentType=application/json; charset=utf-8&request=%s&cvc=%s";
 
-// TODO(estade): use a sandbox server on dev builds?
 const char kUnmaskCardRequestUrl[] =
-    "https://wallet.google.com/payments/apis-secure/creditcardservice"
-    "/GetRealPan?s7e=cvc";
+    "https://sandbox.google.com/payments/apis-secure/creditcardservice"
+    "/getrealpan?s7e=cvc";
 
 const char kTokenServiceConsumerId[] = "real_pan_wallet_client";
 const char kWalletOAuth2Scope[] =
@@ -64,8 +64,13 @@ void RealPanWalletClient::UnmaskCard(const CreditCard& card,
 
   base::DictionaryValue request_dict;
   request_dict.SetString("encrypted_cvc", "__param:cvc");
-  // TODO(estade): is this the correct "token"?
   request_dict.SetString("credit_card_token", card.server_id());
+
+  // TODO(estade): add real risk data.
+  std::string base64_risk;
+  base::Base64Encode("{}", &base64_risk);
+  request_dict.SetString("risk_data_base64", base64_risk);
+
   std::string json_request;
   base::JSONWriter::Write(&request_dict, &json_request);
   std::string post_body = base::StringPrintf(kUnmaskCardRequestFormat,
@@ -91,6 +96,8 @@ void RealPanWalletClient::OnURLFetchComplete(const net::URLFetcher* source) {
   scoped_ptr<net::URLFetcher> scoped_request(request_.Pass());
   scoped_ptr<base::DictionaryValue> response_dict;
   int response_code = source->GetResponseCode();
+  std::string data;
+  source->GetResponseAsString(&data);
 
   // TODO(estade): OAuth2 may fail due to an expired access token, in which case
   // we should invalidate the token and try again. How is that failure reported?
@@ -98,41 +105,40 @@ void RealPanWalletClient::OnURLFetchComplete(const net::URLFetcher* source) {
   switch (response_code) {
     // Valid response.
     case net::HTTP_OK: {
-      std::string data;
-      source->GetResponseAsString(&data);
       scoped_ptr<base::Value> message_value(base::JSONReader::Read(data));
       if (message_value.get() &&
           message_value->IsType(base::Value::TYPE_DICTIONARY)) {
         response_dict.reset(
             static_cast<base::DictionaryValue*>(message_value.release()));
-      } else {
-        NOTIMPLEMENTED();
       }
       break;
     }
 
     // HTTP_BAD_REQUEST means the arguments are invalid. No point retrying.
     case net::HTTP_BAD_REQUEST: {
-      NOTIMPLEMENTED();
       break;
     }
 
     // Response contains an error to show the user.
     case net::HTTP_FORBIDDEN:
     case net::HTTP_INTERNAL_SERVER_ERROR: {
-      NOTIMPLEMENTED();
       break;
     }
 
     // Handle anything else as a generic error.
     default:
-      NOTIMPLEMENTED();
       break;
   }
 
   std::string real_pan;
   if (response_dict)
     response_dict->GetString("pan", &real_pan);
+
+  if (real_pan.empty()) {
+    NOTIMPLEMENTED() << "Unhandled error: " << response_code <<
+        " with data: " << data;
+  }
+
   delegate_->OnDidGetRealPan(real_pan);
 }
 
@@ -157,7 +163,7 @@ void RealPanWalletClient::OnGetTokenFailure(
     delegate_->OnDidGetRealPan(std::string());
   }
   // TODO(estade): what do we do in the failure case?
-  NOTIMPLEMENTED();
+  NOTIMPLEMENTED() << "Unhandled OAuth2 error: " << error.ToString();
 
   access_token_request_.reset();
 }
@@ -178,7 +184,7 @@ void RealPanWalletClient::StartTokenFetch() {
 }
 
 void RealPanWalletClient::SetOAuth2TokenAndStartRequest() {
-  request_->AddExtraRequestHeader("Authorization: " + access_token_);
+  request_->AddExtraRequestHeader("Authorization: Bearer " + access_token_);
   request_->Start();
 }