Add Lookup and DialogInteraction events to chrome://safe-browsing

All events in the sync Event Log are now displayed in the chrome://safe-browsing PhishGuard event log. Render: https://screenshot.googleplex.com/N6UOBVpmx95 Bug: 849351 Change-Id: I49509231f6dcab76122eb6218b26d8bb6630a22b Reviewed-on: https://chromium-review.googlesource.com/1106966Reviewed-by: Varun Khaneja <vakh@chromium.org> Commit-Queue: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#569673}

Add Lookup and DialogInteraction events to chrome://safe-browsing
All events in the sync Event Log are now displayed in the chrome://safe-browsing PhishGuard event log. Render: https://screenshot.googleplex.com/N6UOBVpmx95 Bug: 849351 Change-Id: I49509231f6dcab76122eb6218b26d8bb6630a22b Reviewed-on: https://chromium-review.googlesource.com/1106966Reviewed-by: Varun Khaneja <vakh@chromium.org> Commit-Queue: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#569673}
f97129a3 · Daniel Rubery · Commit Bot · 699b380d · f97129a3 · f97129a3
Commit f97129a3 authored Jun 22, 2018 by Daniel Rubery Committed by Commit Bot Jun 22, 2018
5 changed files
--- a/chrome/browser/safe_browsing/chrome_password_protection_service.cc
+++ b/chrome/browser/safe_browsing/chrome_password_protection_service.cc
@@ -569,6 +569,9 @@ void ChromePasswordProtectionService::MaybeLogPasswordReuseDetectedEvent(
    content::WebContents* web_contents) {
  DCHECK_CURRENTLY_ON(BrowserThread::UI);

+  if (!IsEventLoggingEnabled() && !WebUIInfoSingleton::HasListener())
+    return;
+
  syncer::UserEventService* user_event_service =
      browser_sync::UserEventServiceFactory::GetForProfile(profile_);
  if (!user_event_service)
@@ -599,17 +602,15 @@ void ChromePasswordProtectionService::MaybeLogPasswordReuseDetectedEvent(
  }

  WebUIInfoSingleton::GetInstance()->AddToPGEvents(*specifics);
-
-  if (IsEventLoggingEnabled())
-    user_event_service->RecordUserEvent(std::move(specifics));
+  user_event_service->RecordUserEvent(std::move(specifics));
 }

-void ChromePasswordProtectionService::LogPasswordReuseDialogInteraction(
+void ChromePasswordProtectionService::MaybeLogPasswordReuseDialogInteraction(
    int64_t navigation_id,
    PasswordReuseDialogInteraction::InteractionResult interaction_result) {
  DCHECK_CURRENTLY_ON(BrowserThread::UI);

-  if (!IsEventLoggingEnabled())
+  if (!IsEventLoggingEnabled() && !WebUIInfoSingleton::HasListener())
    return;

  syncer::UserEventService* user_event_service =
@@ -626,6 +627,8 @@ void ChromePasswordProtectionService::LogPasswordReuseDialogInteraction(
      specifics->mutable_gaia_password_reuse_event()
          ->mutable_dialog_interaction();
  dialog_interaction->set_interaction_result(interaction_result);
+
+  WebUIInfoSingleton::GetInstance()->AddToPGEvents(*specifics);
  user_event_service->RecordUserEvent(std::move(specifics));
 }

@@ -664,11 +667,14 @@ ChromePasswordProtectionService::GetUserEventSpecifics(
      GetLastCommittedNavigationID(web_contents));
 }

-void ChromePasswordProtectionService::LogPasswordReuseLookupResult(
+void ChromePasswordProtectionService::MaybeLogPasswordReuseLookupResult(
    content::WebContents* web_contents,
    PasswordReuseLookup::LookupResult result) {
  DCHECK_CURRENTLY_ON(BrowserThread::UI);

+  if (!IsEventLoggingEnabled() && !WebUIInfoSingleton::HasListener())
+    return;
+
  syncer::UserEventService* user_event_service =
      browser_sync::UserEventServiceFactory::GetForProfile(profile_);
  if (!user_event_service)
@@ -682,16 +688,21 @@ void ChromePasswordProtectionService::LogPasswordReuseLookupResult(
  auto* const reuse_lookup =
      specifics->mutable_gaia_password_reuse_event()->mutable_reuse_lookup();
  reuse_lookup->set_lookup_result(result);
+  WebUIInfoSingleton::GetInstance()->AddToPGEvents(*specifics);
  user_event_service->RecordUserEvent(std::move(specifics));
 }

-void ChromePasswordProtectionService::LogPasswordReuseLookupResultWithVerdict(
-    content::WebContents* web_contents,
-    PasswordReuseLookup::LookupResult result,
-    PasswordReuseLookup::ReputationVerdict verdict,
-    const std::string& verdict_token) {
+void ChromePasswordProtectionService::
+    MaybeLogPasswordReuseLookupResultWithVerdict(
+        content::WebContents* web_contents,
+        PasswordReuseLookup::LookupResult result,
+        PasswordReuseLookup::ReputationVerdict verdict,
+        const std::string& verdict_token) {
  DCHECK_CURRENTLY_ON(BrowserThread::UI);

+  if (!IsEventLoggingEnabled() && !WebUIInfoSingleton::HasListener())
+    return;
+
  syncer::UserEventService* user_event_service =
      browser_sync::UserEventServiceFactory::GetForProfile(profile_);
  if (!user_event_service)
@@ -707,6 +718,7 @@ void ChromePasswordProtectionService::LogPasswordReuseLookupResultWithVerdict(
  reuse_lookup->set_lookup_result(result);
  reuse_lookup->set_verdict(verdict);
  reuse_lookup->set_verdict_token(verdict_token);
+  WebUIInfoSingleton::GetInstance()->AddToPGEvents(*specifics);
  user_event_service->RecordUserEvent(std::move(specifics));
 }

@@ -714,40 +726,37 @@ void ChromePasswordProtectionService::MaybeLogPasswordReuseLookupEvent(
    content::WebContents* web_contents,
    PasswordProtectionService::RequestOutcome outcome,
    const LoginReputationClientResponse* response) {
-  if (!IsEventLoggingEnabled())
-    return;
-
  switch (outcome) {
    case PasswordProtectionService::MATCHED_WHITELIST:
-      LogPasswordReuseLookupResult(web_contents,
-                                   PasswordReuseLookup::WHITELIST_HIT);
+      MaybeLogPasswordReuseLookupResult(web_contents,
+                                        PasswordReuseLookup::WHITELIST_HIT);
      break;
    case PasswordProtectionService::RESPONSE_ALREADY_CACHED:
-      LogPasswordReuseLookupResultWithVerdict(
+      MaybeLogPasswordReuseLookupResultWithVerdict(
          web_contents, PasswordReuseLookup::CACHE_HIT,
          GetVerdictToLogFromResponse(response->verdict_type()),
          response->verdict_token());
      break;
    case PasswordProtectionService::SUCCEEDED:
-      LogPasswordReuseLookupResultWithVerdict(
+      MaybeLogPasswordReuseLookupResultWithVerdict(
          web_contents, PasswordReuseLookup::REQUEST_SUCCESS,
          GetVerdictToLogFromResponse(response->verdict_type()),
          response->verdict_token());
      break;
    case PasswordProtectionService::URL_NOT_VALID_FOR_REPUTATION_COMPUTING:
-      LogPasswordReuseLookupResult(web_contents,
-                                   PasswordReuseLookup::URL_UNSUPPORTED);
+      MaybeLogPasswordReuseLookupResult(web_contents,
+                                        PasswordReuseLookup::URL_UNSUPPORTED);
      break;
    case PasswordProtectionService::MATCHED_ENTERPRISE_WHITELIST:
    case PasswordProtectionService::MATCHED_ENTERPRISE_LOGIN_URL:
    case PasswordProtectionService::MATCHED_ENTERPRISE_CHANGE_PASSWORD_URL:
-      LogPasswordReuseLookupResult(
+      MaybeLogPasswordReuseLookupResult(
          web_contents, PasswordReuseLookup::ENTERPRISE_WHITELIST_HIT);
      break;
    case PasswordProtectionService::PASSWORD_ALERT_MODE:
    case PasswordProtectionService::TURNED_OFF_BY_ADMIN:
-      LogPasswordReuseLookupResult(web_contents,
-                                   PasswordReuseLookup::TURNED_OFF_BY_POLICY);
+      MaybeLogPasswordReuseLookupResult(
+          web_contents, PasswordReuseLookup::TURNED_OFF_BY_POLICY);
      break;
    case PasswordProtectionService::CANCELED:
    case PasswordProtectionService::TIMEDOUT:
@@ -759,8 +768,8 @@ void ChromePasswordProtectionService::MaybeLogPasswordReuseLookupEvent(
    case PasswordProtectionService::DISABLED_DUE_TO_FEATURE_DISABLED:
    case PasswordProtectionService::DISABLED_DUE_TO_USER_POPULATION:
    case PasswordProtectionService::MAX_OUTCOME:
-      LogPasswordReuseLookupResult(web_contents,
-                                   PasswordReuseLookup::REQUEST_FAILURE);
+      MaybeLogPasswordReuseLookupResult(web_contents,
+                                        PasswordReuseLookup::REQUEST_FAILURE);
      break;
    case PasswordProtectionService::UNKNOWN:
    case PasswordProtectionService::DEPRECATED_NO_EXTENDED_REPORTING:
@@ -933,7 +942,7 @@ void ChromePasswordProtectionService::HandleUserActionOnModalWarning(
  int64_t navigation_id =
      GetNavigationIDFromPrefsByOrigin(profile_->GetPrefs(), origin);
  if (action == PasswordProtectionService::CHANGE_PASSWORD) {
-    LogPasswordReuseDialogInteraction(
+    MaybeLogPasswordReuseDialogInteraction(
        navigation_id, PasswordReuseDialogInteraction::WARNING_ACTION_TAKEN);
    // Directly open enterprise change password page for enterprise password
    // reuses.
@@ -954,11 +963,11 @@ void ChromePasswordProtectionService::HandleUserActionOnModalWarning(
    }
  } else if (action == PasswordProtectionService::IGNORE_WARNING) {
    // No need to change state.
-    LogPasswordReuseDialogInteraction(
+    MaybeLogPasswordReuseDialogInteraction(
        navigation_id, PasswordReuseDialogInteraction::WARNING_ACTION_IGNORED);
  } else if (action == PasswordProtectionService::CLOSE) {
    // No need to change state.
-    LogPasswordReuseDialogInteraction(
+    MaybeLogPasswordReuseDialogInteraction(
        navigation_id, PasswordReuseDialogInteraction::WARNING_UI_IGNORED);
  } else {
    NOTREACHED();
@@ -978,7 +987,7 @@ void ChromePasswordProtectionService::HandleUserActionOnPageInfo(
  const Origin origin = Origin::Create(url);

  if (action == PasswordProtectionService::CHANGE_PASSWORD) {
-    LogPasswordReuseDialogInteraction(
+    MaybeLogPasswordReuseDialogInteraction(
        GetNavigationIDFromPrefsByOrigin(profile_->GetPrefs(), origin),
        PasswordReuseDialogInteraction::WARNING_ACTION_TAKEN);
    // Directly open enterprise change password page in a new tab for enterprise
@@ -1029,7 +1038,7 @@ void ChromePasswordProtectionService::HandleUserActionOnSettings(
  // If there's only one unhandled reuse, getting the first is correct.
  // If there are more than one, we have no way to figure out which
  // event the user is responding to, so just pick the first one.
-  LogPasswordReuseDialogInteraction(
+  MaybeLogPasswordReuseDialogInteraction(
      GetFirstNavIdOrZero(profile_->GetPrefs()),
      PasswordReuseDialogInteraction::WARNING_ACTION_TAKEN);
  // Opens change password page in a new tab for user to change password.

--- a/chrome/browser/safe_browsing/chrome_password_protection_service.h
+++ b/chrome/browser/safe_browsing/chrome_password_protection_service.h
@@ -304,12 +304,12 @@ class ChromePasswordProtectionService : public PasswordProtectionService {
  std::unique_ptr<sync_pb::UserEventSpecifics> GetUserEventSpecifics(
      content::WebContents* web_contents);

-  void LogPasswordReuseLookupResult(
+  void MaybeLogPasswordReuseLookupResult(
      content::WebContents* web_contents,
      sync_pb::UserEventSpecifics::GaiaPasswordReuse::PasswordReuseLookup::
          LookupResult result);

-  void LogPasswordReuseLookupResultWithVerdict(
+  void MaybeLogPasswordReuseLookupResultWithVerdict(
      content::WebContents* web_contents,
      sync_pb::UserEventSpecifics::GaiaPasswordReuse::PasswordReuseLookup::
          LookupResult result,
@@ -317,7 +317,7 @@ class ChromePasswordProtectionService : public PasswordProtectionService {
          ReputationVerdict verdict,
      const std::string& verdict_token);

-  void LogPasswordReuseDialogInteraction(
+  void MaybeLogPasswordReuseDialogInteraction(
      int64_t navigation_id,
      sync_pb::UserEventSpecifics::GaiaPasswordReuse::
          PasswordReuseDialogInteraction::InteractionResult interaction_result);

--- a/chrome/browser/safe_browsing/chrome_password_protection_service_unittest.cc
+++ b/chrome/browser/safe_browsing/chrome_password_protection_service_unittest.cc
@@ -492,7 +492,7 @@ TEST_F(ChromePasswordProtectionServiceTest,
  }

  // PasswordReuseDialogInteraction
-  service_->LogPasswordReuseDialogInteraction(
+  service_->MaybeLogPasswordReuseDialogInteraction(
      1000 /* navigation_id */,
      PasswordReuseDialogInteraction::WARNING_ACTION_TAKEN);
  ASSERT_TRUE(GetUserEventService()->GetRecordedUserEvents().empty());

--- a/components/safe_browsing/web_ui/safe_browsing_ui.cc
+++ b/components/safe_browsing/web_ui/safe_browsing_ui.cc
@@ -34,6 +34,12 @@
 #endif

 using base::Time;
+using PasswordReuseLookup =
+    sync_pb::UserEventSpecifics::GaiaPasswordReuse::PasswordReuseLookup;
+using PasswordReuseDetected =
+    sync_pb::UserEventSpecifics::GaiaPasswordReuse::PasswordReuseDetected;
+using PasswordReuseDialogInteraction = sync_pb::UserEventSpecifics::
+    GaiaPasswordReuse::PasswordReuseDialogInteraction;

 namespace safe_browsing {
 WebUIInfoSingleton::WebUIInfoSingleton() = default;
@@ -45,6 +51,11 @@ WebUIInfoSingleton* WebUIInfoSingleton::GetInstance() {
  return base::Singleton<WebUIInfoSingleton>::get();
 }

+// static
+bool WebUIInfoSingleton::HasListener() {
+  return !GetInstance()->webui_instances_.empty();
+}
+
 void WebUIInfoSingleton::AddToClientDownloadRequestsSent(
    std::unique_ptr<ClientDownloadRequest> client_download_request) {
  if (webui_instances_.empty())
@@ -353,10 +364,97 @@ base::DictionaryValue SerializePGEvent(
  if (reuse.has_reuse_detected()) {
    event_dict.SetPath({"reuse_detected", "status", "enabled"},
                       base::Value(reuse.reuse_detected().status().enabled()));
+
+    std::string reporting_population;
+    switch (
+        reuse.reuse_detected().status().safe_browsing_reporting_population()) {
+      case PasswordReuseDetected::SafeBrowsingStatus::
+          REPORTING_POPULATION_UNSPECIFIED:
+        reporting_population = "REPORTING_POPULATION_UNSPECIFIED";
+        break;
+      case PasswordReuseDetected::SafeBrowsingStatus::NONE:
+        reporting_population = "NONE";
+        break;
+      case PasswordReuseDetected::SafeBrowsingStatus::EXTENDED_REPORTING:
+        reporting_population = "EXTENDED_REPORTING";
+        break;
+      case PasswordReuseDetected::SafeBrowsingStatus::SCOUT:
+        reporting_population = "SCOUT";
+        break;
+    }
    event_dict.SetPath({"reuse_detected", "status", "reporting_population"},
-                       base::Value(reuse.reuse_detected()
-                                       .status()
-                                       .safe_browsing_reporting_population()));
+                       base::Value(reporting_population));
+  }
+
+  if (reuse.has_reuse_lookup()) {
+    std::string lookup_result;
+    switch (reuse.reuse_lookup().lookup_result()) {
+      case PasswordReuseLookup::UNSPECIFIED:
+        lookup_result = "UNSPECIFIED";
+        break;
+      case PasswordReuseLookup::WHITELIST_HIT:
+        lookup_result = "WHITELIST_HIT";
+        break;
+      case PasswordReuseLookup::CACHE_HIT:
+        lookup_result = "CACHE_HIT";
+        break;
+      case PasswordReuseLookup::REQUEST_SUCCESS:
+        lookup_result = "REQUEST_SUCCESS";
+        break;
+      case PasswordReuseLookup::REQUEST_FAILURE:
+        lookup_result = "REQUEST_FAILURE";
+        break;
+      case PasswordReuseLookup::URL_UNSUPPORTED:
+        lookup_result = "URL_UNSUPPORTED";
+        break;
+      case PasswordReuseLookup::ENTERPRISE_WHITELIST_HIT:
+        lookup_result = "ENTERPRISE_WHITELIST_HIT";
+        break;
+      case PasswordReuseLookup::TURNED_OFF_BY_POLICY:
+        lookup_result = "TURNED_OFF_BY_POLICY";
+        break;
+    }
+    event_dict.SetPath({"reuse_lookup", "lookup_result"},
+                       base::Value(lookup_result));
+
+    std::string verdict;
+    switch (reuse.reuse_lookup().verdict()) {
+      case PasswordReuseLookup::VERDICT_UNSPECIFIED:
+        verdict = "VERDICT_UNSPECIFIED";
+        break;
+      case PasswordReuseLookup::SAFE:
+        verdict = "SAFE";
+        break;
+      case PasswordReuseLookup::LOW_REPUTATION:
+        verdict = "LOW_REPUTATION";
+        break;
+      case PasswordReuseLookup::PHISHING:
+        verdict = "PHISHING";
+        break;
+    }
+    event_dict.SetPath({"reuse_lookup", "verdict"}, base::Value(verdict));
+    event_dict.SetPath({"reuse_lookup", "verdict_token"},
+                       base::Value(reuse.reuse_lookup().verdict_token()));
+  }
+
+  if (reuse.has_dialog_interaction()) {
+    std::string interaction_result;
+    switch (reuse.dialog_interaction().interaction_result()) {
+      case PasswordReuseDialogInteraction::UNSPECIFIED:
+        interaction_result = "UNSPECIFIED";
+        break;
+      case PasswordReuseDialogInteraction::WARNING_ACTION_TAKEN:
+        interaction_result = "WARNING_ACTION_TAKEN";
+        break;
+      case PasswordReuseDialogInteraction::WARNING_ACTION_IGNORED:
+        interaction_result = "WARNING_ACTION_IGNORED";
+        break;
+      case PasswordReuseDialogInteraction::WARNING_UI_IGNORED:
+        interaction_result = "WARNING_UI_IGNORED";
+        break;
+    }
+    event_dict.SetPath({"dialog_interaction", "interaction_result"},
+                       base::Value(interaction_result));
  }

  std::string event_serialized;

--- a/components/safe_browsing/web_ui/safe_browsing_ui.h
+++ b/components/safe_browsing/web_ui/safe_browsing_ui.h
@@ -89,6 +89,9 @@ class WebUIInfoSingleton {
 public:
  static WebUIInfoSingleton* GetInstance();

+  // Returns true when there is a listening chrome://safe-browsing tab.
+  static bool HasListener();
+
  // Add the new message in |client_download_requests_sent_| and send it to all
  // the open chrome://safe-browsing tabs.
  void AddToClientDownloadRequestsSent(