1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_FORM_MANAGER_H_
6 #define CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_FORM_MANAGER_H_
11 #include "build/build_config.h"
13 #include "base/stl_util.h"
14 #include "chrome/browser/password_manager/password_store_consumer.h"
15 #include "components/autofill/core/common/password_form.h"
19 } // namespace content
21 class PasswordManager;
25 // Per-password-form-{on-page, dialog} class responsible for interactions
26 // between a given form, the per-tab PasswordManager, and the PasswordStore.
27 class PasswordFormManager : public PasswordStoreConsumer {
29 // profile contains the link to the PasswordStore and whether we're off
31 // password_manager owns this object
32 // form_on_page is the form that may be submitted and could need login data.
33 // ssl_valid represents the security of the page containing observed_form,
34 // used to filter login results from database.
35 PasswordFormManager(Profile* profile,
36 PasswordManager* password_manager,
37 content::WebContents* web_contents,
38 const autofill::PasswordForm& observed_form,
40 virtual ~PasswordFormManager();
43 ACTION_MATCH_REQUIRED,
44 ACTION_MATCH_NOT_REQUIRED
47 enum OtherPossibleUsernamesAction {
48 ALLOW_OTHER_POSSIBLE_USERNAMES,
49 IGNORE_OTHER_POSSIBLE_USERNAMES
58 // Compare basic data of observed_form_ with argument. Only check the action
59 // URL when action match is required.
60 bool DoesManage(const autofill::PasswordForm& form,
61 ActionMatch action_match) const;
63 // Retrieves potential matching logins from the database.
64 void FetchMatchingLoginsFromPasswordStore();
66 // Simple state-check to verify whether this object as received a callback
67 // from the PasswordStore and completed its matching phase. Note that the
68 // callback in question occurs on the same (and only) main thread from which
69 // instances of this class are ever used, but it is required since it is
70 // conceivable that a user (or ui test) could attempt to submit a login
71 // prompt before the callback has occured, which would InvokeLater a call to
72 // PasswordManager::ProvisionallySave, which would interact with this object
73 // before the db has had time to answer with matching password entries.
74 // This is intended to be a one-time check; if the return value is false the
75 // expectation is caller will give up. This clearly won't work if you put it
76 // in a loop and wait for matching to complete; you're (supposed to be) on
78 bool HasCompletedMatching();
80 // Called when navigation occurs or the tab is closed. Takes the necessary
81 // action with the form's login based on the desired |password_action_|.
84 void set_password_action(PasswordAction password_action) {
85 password_action_ = password_action;
88 // Determines if the user opted to 'never remember' passwords for this form.
91 // Used by PasswordManager to determine whether or not to display
92 // a SavePasswordBar when given the green light to save the PasswordForm
96 // Returns true if the current pending credentials were found using
97 // origin matching of the public suffix, instead of the signon realm of the
99 bool IsPendingCredentialsPublicSuffixMatch();
101 // Checks if the form is a valid password form. Forms which lack either
102 // login or password field are not considered valid.
103 bool HasValidPasswordForm();
105 // These functions are used to determine if this form has had it's password
106 // auto generated by the browser.
107 bool HasGeneratedPassword();
108 void SetHasGeneratedPassword();
110 // Determines if we need to autofill given the results of the query.
111 void OnRequestDone(const std::vector<autofill::PasswordForm*>& result);
113 // PasswordStoreConsumer implementation.
114 virtual void OnPasswordStoreRequestDone(
115 CancelableRequestProvider::Handle handle,
116 const std::vector<autofill::PasswordForm*>& result) OVERRIDE;
117 virtual void OnGetPasswordStoreResults(
118 const std::vector<autofill::PasswordForm*>& results) OVERRIDE;
120 // A user opted to 'never remember' passwords for this form.
121 // Blacklist it so that from now on when it is seen we ignore it.
122 // TODO: Make this private once we switch to the new UI.
123 void PermanentlyBlacklist();
125 // If the user has submitted observed_form_, provisionally hold on to
126 // the submitted credentials until we are told by PasswordManager whether
127 // or not the login was successful. |action| describes how we deal with
128 // possible usernames. If |action| is ALLOW_OTHER_POSSIBLE_USERNAMES we will
129 // treat a possible usernames match as a sign that our original heuristics
130 // were wrong and that the user selected the correct username from the
132 void ProvisionallySave(const autofill::PasswordForm& credentials,
133 OtherPossibleUsernamesAction action);
135 // Handles save-as-new or update of the form managed by this manager.
136 // Note the basic data of updated_credentials must match that of
137 // observed_form_ (e.g DoesManage(pending_credentials_) == true).
138 // TODO: Make this private once we switch to the new UI.
141 // Call these if/when we know the form submission worked or failed.
142 // These routines are used to update internal statistics ("ActionsTaken").
146 // Return the username associated with the credentials.
147 const string16& associated_username() const {
148 return pending_credentials_.username_value;
151 // Returns the realm URL for the form managed my this manager.
152 const std::string& realm() const {
153 return pending_credentials_.signon_realm;
157 friend class PasswordFormManagerTest;
159 // ManagerAction - What does the manager do with this form? Either it
160 // fills it, or it doesn't. If it doesn't fill it, that's either
161 // because it has no match, or it is blacklisted, or it is disabled
162 // via the AUTOCOMPLETE=off attribute. Note that if we don't have
163 // an exact match, we still provide candidates that the user may
166 kManagerActionNone = 0,
167 kManagerActionAutofilled,
168 kManagerActionBlacklisted,
169 kManagerActionDisabled,
173 // UserAction - What does the user do with this form? If he or she
174 // does nothing (either by accepting what the password manager did, or
175 // by simply (not typing anything at all), you get None. If there were
176 // multiple choices and the user selects one other than the default,
177 // you get Choose, if user selects an entry from matching against the Public
178 // Suffix List you get ChoosePslMatch, and if the user types in a new value,
183 kUserActionChoosePslMatch,
188 // Result - What happens to the form?
190 kSubmitResultNotSubmitted = 0,
196 // The maximum number of combinations of the three preceding enums.
197 // This is used when recording the actions taken by the form in UMA.
198 static const int kMaxNumActionsTaken = kManagerActionMax * kUserActionMax *
201 // Helper for OnPasswordStoreRequestDone to determine whether or not
202 // the given result form is worth scoring.
203 bool IgnoreResult(const autofill::PasswordForm& form) const;
205 // Helper for Save in the case that best_matches.size() == 0, meaning
206 // we have no prior record of this form/username/password and the user
207 // has opted to 'Save Password'. If |reset_preferred_login| is set,
208 // the previously preferred login from |best_matches_| will be reset.
209 void SaveAsNewLogin(bool reset_preferred_login);
211 // Helper for OnPasswordStoreRequestDone to score an individual result
212 // against the observed_form_.
213 int ScoreResult(const autofill::PasswordForm& form) const;
215 // Helper for Save in the case that best_matches.size() > 0, meaning
216 // we have at least one match for this form/username/password. This
217 // Updates the form managed by this object, as well as any matching forms
218 // that now need to have preferred bit changed, since updated_credentials
219 // is now implicitly 'preferred'.
222 // Check to see if |pending| corresponds to an account creation form. If we
223 // think that it does, we label it as such and upload this state to the
224 // Autofill server, so that we will trigger password generation in the future.
225 void CheckForAccountCreationForm(const autofill::PasswordForm& pending,
226 const autofill::PasswordForm& observed);
228 // Update all login matches to reflect new preferred state - preferred flag
229 // will be reset on all matched logins that different than the current
230 // |pending_credentials_|.
231 void UpdatePreferredLoginState(PasswordStore* password_store);
233 // Returns true if |username| is one of the other possible usernames for a
234 // password form in |best_matches_| and sets |pending_credentials_| to the
235 // match which had this username.
236 bool UpdatePendingCredentialsIfOtherPossibleUsername(
237 const string16& username);
239 // Converts the "ActionsTaken" fields into an int so they can be logged to
241 int GetActionsTaken();
243 // Informs the renderer that the user has not blacklisted observed_form_ by
244 // choosing "never save passwords for this site". This is used by the password
245 // generation manager to deside whether to show the password generation icon.
246 virtual void SendNotBlacklistedToRenderer();
248 // Remove possible_usernames that may contains sensitive information and
250 void SanitizePossibleUsernames(autofill::PasswordForm* form);
252 // Set of PasswordForms from the DB that best match the form
253 // being managed by this. Use a map instead of vector, because we most
254 // frequently require lookups by username value in IsNewLogin.
255 autofill::PasswordFormMap best_matches_;
257 // Cleans up when best_matches_ goes out of scope.
258 STLValueDeleter<autofill::PasswordFormMap> best_matches_deleter_;
260 // The PasswordForm from the page or dialog managed by this.
261 autofill::PasswordForm observed_form_;
263 // The origin url path of observed_form_ tokenized, for convenience when
265 std::vector<std::string> form_path_tokens_;
267 // Stores updated credentials when the form was submitted but success is
269 autofill::PasswordForm pending_credentials_;
271 // Whether pending_credentials_ stores a new login or is an update
272 // to an existing one.
275 // Whether this form has an auto generated password.
276 bool has_generated_password_;
278 // Set if the user has selected one of the other possible usernames in
279 // |pending_credentials_|.
280 string16 selected_username_;
282 // PasswordManager owning this.
283 const PasswordManager* const password_manager_;
285 // Convenience pointer to entry in best_matches_ that is marked
286 // as preferred. This is only allowed to be null if there are no best matches
287 // at all, since there will always be one preferred login when there are
288 // multiple matches (when first saved, a login is marked preferred).
289 const autofill::PasswordForm* preferred_match_;
292 PRE_MATCHING_PHASE, // Have not yet invoked a GetLogins query to find
293 // matching login information from password store.
294 MATCHING_PHASE, // We've made a GetLogins request, but
295 // haven't received or finished processing result.
296 POST_MATCHING_PHASE // We've queried the DB and processed matching
298 } PasswordFormManagerState;
300 // State of matching process, used to verify that we don't call methods
301 // assuming we've already processed the request for matching logins,
302 // when we actually haven't.
303 PasswordFormManagerState state_;
305 // The profile from which we get the PasswordStore.
308 // Web contents from which we get the RenderViewHost for sending messages to
309 // the corresponding renderer.
310 content::WebContents* web_contents_;
312 // These three fields record the "ActionsTaken" by the browser and
313 // the user with this form, and the result. They are combined and
314 // recorded in UMA when the manager is destroyed.
315 ManagerAction manager_action_;
316 UserAction user_action_;
317 SubmitResult submit_result_;
319 // Whether we should save, blacklist, or do nothing with this form's login
320 // on the next navigation or when the tab is closed.
321 PasswordAction password_action_;
323 DISALLOW_COPY_AND_ASSIGN(PasswordFormManager);
325 #endif // CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_FORM_MANAGER_H_