CREDENTIAL: Add 'PasswordCredential::toFormData()'

The API has evolved a bit, dropping the 'password' and 'formData' accessors in favor of a 'toFormData(FormDataOptions)' method which is intended to be used in conjunction with 'fetch()' to submit credentials to a server-side endpoint. Defined at [1] and [2]. [1]: https://w3c.github.io/webappsec/specs/credentialmanagement/#interfaces-credential-types-passwordcredential [2]: https://w3c.github.io/webappsec/specs/credentialmanagement/#generate-formdata BUG=526995 Review URL: https://codereview.chromium.org/1317043003 git-svn-id: svn://svn.chromium.org/blink/trunk@201631 bbb929c8-8fbe-4397-9dbb-9b2b20218538

CREDENTIAL: Add 'PasswordCredential::toFormData()'
The API has evolved a bit, dropping the 'password' and 'formData' accessors in favor of a 'toFormData(FormDataOptions)' method which is intended to be used in conjunction with 'fetch()' to submit credentials to a server-side endpoint. Defined at [1] and [2]. [1]: https://w3c.github.io/webappsec/specs/credentialmanagement/#interfaces-credential-types-passwordcredential [2]: https://w3c.github.io/webappsec/specs/credentialmanagement/#generate-formdata BUG=526995 Review URL: https://codereview.chromium.org/1317043003 git-svn-id: svn://svn.chromium.org/blink/trunk@201631 bbb929c8-8fbe-4397-9dbb-9b2b20218538
e647a2a4 · mkwst@chromium.org · bfe6f774 · e647a2a4 · e647a2a4 · e647a2a4
Commit e647a2a4 authored Sep 02, 2015 by mkwst@chromium.org
8 changed files
--- a/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-basics.html
+++ b/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-basics.html
@@ -86,14 +86,14 @@ function stubRejectionChecker(reason) {
        verify_interface('PasswordCredential', c, {
            id: 'string',
            name: 'string',
-            iconURL: 'string',
-            password: 'string'
+            iconURL: 'string'
        });

        assert_equals(c.id, id);
        assert_equals(c.name, name);
        assert_equals(c.iconURL, icon);
-        assert_equals(c.password, password);
+        assert_true(c.toFormData() instanceof FormData);
+
        this.done();
    }


--- a/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-basics.html
+++ b/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-basics.html
@@ -8,20 +8,18 @@ test(function() {
    var credential = new PasswordCredential('id', 'pencil', 'name', 'https://example.com/icon.png');

    verify_interface('PasswordCredential', credential, {
-        formData: 'object',
        id: 'string',
        name: 'string',
        iconURL: 'string',
-        password: 'string',
        type: 'string'
    });

-    assert_true(credential.formData instanceof FormData);
    assert_equals(credential.id, 'id');
    assert_equals(credential.name, 'name');
    assert_equals(credential.iconURL, 'https://example.com/icon.png');
-    assert_equals(credential.password, 'pencil');
    assert_equals(credential.type, 'password');
+
+    assert_true(credential.toFormData() instanceof FormData);
 }, 'Interfaces and attributes of PasswordCredential');

 test(function() {
@@ -36,8 +34,8 @@ test(function() {
    assert_equals(credential.id, 'id');
    assert_equals(credential.name, 'name');
    assert_equals(credential.iconURL, '');
-    assert_equals(credential.password, 'pencil');
    assert_equals(credential.type, 'password');
+    assert_true(credential.toFormData() instanceof FormData);

 }, 'Construct a PasswordCredential with an empty icon URL.');

@@ -47,8 +45,35 @@ test(function() {
    assert_equals(credential.id, 'id');
    assert_equals(credential.name, '');
    assert_equals(credential.iconURL, '');
-    assert_equals(credential.password, 'pencil');
    assert_equals(credential.type, 'password');
-
+    assert_true(credential.toFormData() instanceof FormData);
 }, 'Construct a PasswordCredential with an empty name and icon URL.');
+
+test(function() {
+    var credential = new PasswordCredential('id', 'pencil');
+
+    var fd = credential.toFormData();
+    fd.append('n1', 'v1');
+    fd.append('n2', 'v2');
+    fd.append('n3', 'v3');
+    fd.append('n1', 'v4');
+    fd.append('n2', 'v5');
+    fd.append('n3', 'v6');
+
+    assert_equals(fd.get('n1'), null);
+    assert_equals(fd.get('n2'), null);
+    assert_equals(fd.get('n3'), null);
+
+    assert_equals(fd.has('n1'), false);
+    assert_equals(fd.has('n2'), false);
+    assert_equals(fd.has('n3'), false);
+
+    assert_array_equals(fd.getAll('n1'), []);
+    assert_array_equals(fd.getAll('n2'), []);
+    assert_array_equals(fd.getAll('n3'), []);
+
+    for(var entry of fd) {
+        assert_unreached("There should be nothing to iterate here.");
+    }
+}, 'Verify properties of opaque FormData.');
 </script>
--- a/third_party/WebKit/LayoutTests/webexposed/global-interface-listing-expected.txt
+++ b/third_party/WebKit/LayoutTests/webexposed/global-interface-listing-expected.txt
@@ -3577,9 +3577,8 @@ interface PageTransitionEvent
    getter persisted
    method constructor
 interface PasswordCredential
-    getter formData
-    getter password
    method constructor
+    method toFormData
 interface Path2D
    method addPath
    method arc

--- a/third_party/WebKit/Source/modules/credentialmanager/FormDataOptions.idl
+++ b/third_party/WebKit/Source/modules/credentialmanager/FormDataOptions.idl
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// https://w3c.github.io/webappsec/specs/credentialmanagement/#dictdef-formdataoptions
+
+dictionary FormDataOptions {
+    DOMString idName = "username";
+    DOMString passwordName = "password";
+};
--- a/third_party/WebKit/Source/modules/credentialmanager/PasswordCredential.cpp
+++ b/third_party/WebKit/Source/modules/credentialmanager/PasswordCredential.cpp
@@ -5,9 +5,13 @@
 #include "config.h"
 #include "modules/credentialmanager/PasswordCredential.h"

+#include "bindings/core/v8/Dictionary.h"
 #include "bindings/core/v8/ExceptionState.h"
+#include "core/dom/ExecutionContext.h"
 #include "core/html/DOMFormData.h"
+#include "modules/credentialmanager/FormDataOptions.h"
 #include "platform/credentialmanager/PlatformPasswordCredential.h"
+#include "platform/weborigin/SecurityOrigin.h"
 #include "public/platform/WebCredential.h"
 #include "public/platform/WebPasswordCredential.h"

@@ -33,10 +37,21 @@ PasswordCredential::PasswordCredential(WebPasswordCredential* webPasswordCredent

 PasswordCredential::PasswordCredential(const String& id, const String& password, const String& name, const KURL& icon)
    : Credential(PlatformPasswordCredential::create(id, password, name, icon))
-    , m_formData(DOMFormData::create())
 {
-    m_formData->append("username", id);
-    m_formData->append("password", password);
+}
+
+DOMFormData* PasswordCredential::toFormData(ScriptState* scriptState, const FormDataOptions& options)
+{
+    DOMFormData* fd = DOMFormData::create();
+
+    String errorMessage;
+    if (!scriptState->executionContext()->isPrivilegedContext(errorMessage))
+        return fd;
+
+    fd->append(options.idName(), id());
+    fd->append(options.passwordName(), password());
+    fd->makeOpaque();
+    return fd;
 }

 const String& PasswordCredential::password() const
@@ -46,7 +61,6 @@ const String& PasswordCredential::password() const

 DEFINE_TRACE(PasswordCredential)
 {
-    visitor->trace(m_formData);
    Credential::trace(visitor);
 }


--- a/third_party/WebKit/Source/modules/credentialmanager/PasswordCredential.h
+++ b/third_party/WebKit/Source/modules/credentialmanager/PasswordCredential.h
@@ -14,6 +14,7 @@
 namespace blink {

 class DOMFormData;
+class FormDataOptions;
 class WebPasswordCredential;

 class PasswordCredential final : public Credential {
@@ -33,8 +34,7 @@ public:
    static PasswordCredential* create(WebPasswordCredential*);

    // PasswordCredential.idl
-    const String& password() const;
-    DOMFormData* formData() const { return m_formData; }
+    DOMFormData* toFormData(ScriptState*, const FormDataOptions&);

    DECLARE_VIRTUAL_TRACE();

@@ -42,7 +42,7 @@ private:
    PasswordCredential(WebPasswordCredential*);
    PasswordCredential(const String& id, const String& password, const String& name, const KURL& icon);

-    Member<DOMFormData> m_formData;
+    const String& password() const;
 };

 } // namespace blink

--- a/third_party/WebKit/Source/modules/credentialmanager/PasswordCredential.idl
+++ b/third_party/WebKit/Source/modules/credentialmanager/PasswordCredential.idl
@@ -7,6 +7,5 @@
    RaisesException=Constructor,
    Constructor(DOMString id, DOMString password, optional DOMString name, optional DOMString iconURL)
 ] interface PasswordCredential : Credential {
-    readonly attribute DOMString password;
-    readonly attribute FormData formData;
+    [CallWith=ScriptState] FormData toFormData(optional FormDataOptions options);
 };
--- a/third_party/WebKit/Source/modules/modules.gypi
+++ b/third_party/WebKit/Source/modules/modules.gypi
@@ -429,6 +429,7 @@
      'credentialmanager/CredentialRequestOptions.idl',
      'credentialmanager/FederatedCredentialData.idl',
      'credentialmanager/FederatedCredentialRequestOptions.idl',
+      'credentialmanager/FormDataOptions.idl',
      'credentialmanager/LocallyStoredCredentialData.idl',
      'credentialmanager/PasswordCredentialData.idl',
      'device_light/DeviceLightEventInit.idl',
@@ -522,6 +523,8 @@
      '<(blink_modules_output_dir)/credentialmanager/FederatedCredentialData.h',
      '<(blink_modules_output_dir)/credentialmanager/FederatedCredentialRequestOptions.cpp',
      '<(blink_modules_output_dir)/credentialmanager/FederatedCredentialRequestOptions.h',
+      '<(blink_modules_output_dir)/credentialmanager/FormDataOptions.cpp',
+      '<(blink_modules_output_dir)/credentialmanager/FormDataOptions.h',
      '<(blink_modules_output_dir)/credentialmanager/LocallyStoredCredentialData.cpp',
      '<(blink_modules_output_dir)/credentialmanager/LocallyStoredCredentialData.h',
      '<(blink_modules_output_dir)/credentialmanager/PasswordCredentialData.cpp',