Add reauth before password export file selection

This CL adds a reauthentication step before the user is asked to even select a file for exporting passwords to. Bug: 700003 Change-Id: Ie89529a27ce86ed74b0b3c98bf56abefb1a52899 Reviewed-on: https://chromium-review.googlesource.com/739661Reviewed-by: Christos Froussios <cfroussios@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Commit-Queue: Vaclav Brozek <vabr@chromium.org> Cr-Commit-Position: refs/heads/master@{#512412}

Add reauth before password export file selection
This CL adds a reauthentication step before the user is asked to even select a file for exporting passwords to. Bug: 700003 Change-Id: Ie89529a27ce86ed74b0b3c98bf56abefb1a52899 Reviewed-on: https://chromium-review.googlesource.com/739661Reviewed-by: Christos Froussios <cfroussios@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Commit-Queue: Vaclav Brozek <vabr@chromium.org> Cr-Commit-Position: refs/heads/master@{#512412}
ea59d7fc · Vaclav Brozek · Commit Bot · bed9cb9d · ea59d7fc · ea59d7fc
Commit ea59d7fc authored Oct 28, 2017 by Vaclav Brozek Committed by Commit Bot Oct 28, 2017
3 changed files
--- a/chrome/browser/extensions/api/passwords_private/passwords_private_delegate_impl.cc
+++ b/chrome/browser/extensions/api/passwords_private/passwords_private_delegate_impl.cc
@@ -241,6 +241,15 @@ void PasswordsPrivateDelegateImpl::ImportPasswords(

 void PasswordsPrivateDelegateImpl::ExportPasswords(
    content::WebContents* web_contents) {
+  // Save |web_contents| so that it can be used later when GetNativeWindow() is
+  // called. Note: This is safe because the |web_contents| is used before
+  // exiting this method. TODO(crbug.com/495290): Pass the native window
+  // directly to the reauth-handling code.
+  web_contents_ = web_contents;
+  if (!password_access_authenticator_.EnsureUserIsAuthenticated()) {
+    return;
+  }
+
  password_manager_porter_->set_web_contents(web_contents);
  password_manager_porter_->Store();
 }

--- a/chrome/browser/extensions/api/passwords_private/passwords_private_delegate_impl_unittest.cc
+++ b/chrome/browser/extensions/api/passwords_private/passwords_private_delegate_impl_unittest.cc
@@ -254,4 +254,24 @@ TEST_F(PasswordsPrivateDelegateImplTest, TestFailedReauthOnView) {
  EXPECT_EQ(base::Value::Type::NONE, captured_args.type()) << captured_args;
 }

+TEST_F(PasswordsPrivateDelegateImplTest, TestReauthOnExport) {
+  SetUpPasswordStore({CreateSampleForm()});
+
+  PasswordsPrivateDelegateImpl delegate(&profile_);
+  // Spin the loop to allow PasswordStore tasks posted on the creation of
+  // |delegate| to be completed.
+  base::RunLoop().RunUntilIdle();
+
+  bool reauth_called = false;
+  delegate.SetOsReauthCallForTesting(base::BindRepeating(
+      &FakeOsReauthCall, &reauth_called, ReauthResult::PASS));
+
+  delegate.ExportPasswords(nullptr);
+  EXPECT_TRUE(reauth_called);
+
+  // TODO(crbug.com/341477): Once the export flow has defined messages to UI,
+  // such as progress indication, intercept them with PasswordEventObserver and
+  // check that exporting is aborted if the authentication failed.
+}
+
 }  // namespace extensions
--- a/chrome/browser/ui/passwords/password_manager_porter.cc
+++ b/chrome/browser/ui/passwords/password_manager_porter.cc
@@ -87,7 +87,9 @@ PasswordManagerPorter::PasswordManagerPorter(
 PasswordManagerPorter::~PasswordManagerPorter() {}

 void PasswordManagerPorter::Store() {
-  DCHECK(web_contents_);
+  // In unittests a null WebContents means: "Abort creating the file Selector."
+  if (!web_contents_)
+    return;
  PresentFileSelector(web_contents_,
                      PasswordManagerPorter::Type::PASSWORD_EXPORT);
 }