1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_MANAGER_H_
6 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_MANAGER_H_
10 #include "base/callback.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/memory/scoped_vector.h"
13 #include "base/observer_list.h"
14 #include "base/prefs/pref_member.h"
15 #include "base/stl_util.h"
16 #include "components/autofill/core/common/password_form.h"
17 #include "components/autofill/core/common/password_form_fill_data.h"
18 #include "components/password_manager/core/browser/login_model.h"
19 #include "components/password_manager/core/browser/password_form_manager.h"
21 class PrefRegistrySimple;
27 namespace user_prefs {
28 class PrefRegistrySyncable;
31 namespace password_manager {
33 class BrowserSavePasswordProgressLogger;
34 class PasswordManagerClient;
35 class PasswordManagerDriver;
36 class PasswordManagerTest;
37 class PasswordFormManager;
39 // Per-tab password manager. Handles creation and management of UI elements,
40 // receiving password form data from the renderer and managing the password
41 // database through the PasswordStore. The PasswordManager is a LoginModel
42 // for purposes of supporting HTTP authentication dialogs.
43 class PasswordManager : public LoginModel {
45 static const char kOtherPossibleUsernamesExperiment[];
47 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry);
49 static void RegisterLocalPrefs(PrefRegistrySimple* registry);
51 explicit PasswordManager(PasswordManagerClient* client);
52 virtual ~PasswordManager();
54 typedef base::Callback<void(const autofill::PasswordForm&)>
55 PasswordSubmittedCallback;
57 // There is no corresponding remove function as currently all of the
58 // owners of these callbacks have sufficient lifetimes so that the callbacks
59 // should always be valid when called.
60 void AddSubmissionCallback(const PasswordSubmittedCallback& callback);
62 // Is saving new data for password autofill enabled for the current profile
63 // and page? For example, saving new data is disabled in Incognito mode,
64 // whereas filling data is not. Also, saving data is disabled in the presence
65 // of SSL errors on a page.
66 bool IsSavingEnabledForCurrentPage() const;
68 // Called by a PasswordFormManager when it decides a form can be autofilled
70 virtual void Autofill(const autofill::PasswordForm& form_for_autofill,
71 const autofill::PasswordFormMap& best_matches,
72 const autofill::PasswordForm& preferred_match,
73 bool wait_for_username) const;
75 // LoginModel implementation.
76 virtual void AddObserver(LoginModelObserver* observer) OVERRIDE;
77 virtual void RemoveObserver(LoginModelObserver* observer) OVERRIDE;
79 // Mark this form as having a generated password.
80 void SetFormHasGeneratedPassword(const autofill::PasswordForm& form);
82 // TODO(isherman): This should not be public, but is currently being used by
83 // the LoginPrompt code.
84 // When a form is submitted, we prepare to save the password but wait
85 // until we decide the user has successfully logged in. This is step 1
86 // of 2 (see SavePassword).
87 void ProvisionallySavePassword(const autofill::PasswordForm& form);
89 // Should be called when the user navigates the main frame.
90 void DidNavigateMainFrame(bool is_in_page);
92 // Handles password forms being parsed.
93 void OnPasswordFormsParsed(
94 const std::vector<autofill::PasswordForm>& forms);
96 // Handles password forms being rendered.
97 void OnPasswordFormsRendered(
98 const std::vector<autofill::PasswordForm>& visible_forms,
99 bool did_stop_loading);
101 // Handles a password form being submitted.
102 virtual void OnPasswordFormSubmitted(
103 const autofill::PasswordForm& password_form);
105 PasswordManagerClient* client() { return client_; }
108 enum ProvisionalSaveFailure {
112 MATCHING_NOT_COMPLETE,
120 // Returns if the password manager is enabled for this page. There are certain
121 // situations (e.g. bad SSL cert) where we disable the password manager
123 bool IsEnabledForCurrentPage() const;
125 // Log failure for UMA. Logs additional metrics if the |form_origin|
126 // corresponds to one of the top, explicitly monitored websites. For some
127 // values of |failure| also sends logs to the internals page through |logger|,
128 // it |logger| is not NULL.
129 void RecordFailure(ProvisionalSaveFailure failure,
130 const std::string& form_origin,
131 BrowserSavePasswordProgressLogger* logger);
133 // Possibly set up FieldTrial for testing other possible usernames. This only
134 // happens if there are other_possible_usernames to be shown and the
135 // experiment hasn't already been initialized. We setup the experiment at
136 // such a late time because this experiment will only affect a small number
137 // of users so we want to include a larger fraction of these users than the
139 void PossiblyInitializeUsernamesExperiment(
140 const autofill::PasswordFormMap& matches) const;
142 // Returns true if we can show possible usernames to users in cases where
143 // the username for the form is ambigious.
144 bool OtherPossibleUsernamesEnabled() const;
146 // Returns true if the user needs to be prompted before a password can be
147 // saved (instead of automatically saving
148 // the password), based on inspecting the state of
149 // |provisional_save_manager_|.
150 bool ShouldPromptUserToSavePassword() const;
152 // Checks for every from in |forms| whether |pending_login_managers_| already
153 // contain a manager for that form. If not, adds a manager for each such form.
154 void CreatePendingLoginManagers(
155 const std::vector<autofill::PasswordForm>& forms);
157 // Note about how a PasswordFormManager can transition from
158 // pending_login_managers_ to provisional_save_manager_ and the infobar.
163 // pending_login -- form submit --> provisional_save ___/
164 // ^ | \___ (update DB)
166 // |-----------<------<---------| !new
168 // When a form is "seen" on a page, a PasswordFormManager is created
169 // and stored in this collection until user navigates away from page.
171 ScopedVector<PasswordFormManager> pending_login_managers_;
173 // When the user submits a password/credential, this contains the
174 // PasswordFormManager for the form in question until we deem the login
175 // attempt to have succeeded (as in valid credentials). If it fails, we
176 // send the PasswordFormManager back to the pending_login_managers_ set.
177 // Scoped in case PasswordManager gets deleted (e.g tab closes) between the
178 // time a user submits a login form and gets to the next page.
179 scoped_ptr<PasswordFormManager> provisional_save_manager_;
181 // The embedder-level client. Must outlive this class.
182 PasswordManagerClient* const client_;
184 // The platform-level driver. Must outlive this class.
185 PasswordManagerDriver* const driver_;
187 // Set to false to disable password saving (will no longer ask if you
188 // want to save passwords but will continue to fill passwords).
189 BooleanPrefMember saving_passwords_enabled_;
191 // Observers to be notified of LoginModel events. This is mutable to allow
192 // notification in const member functions.
193 mutable ObserverList<LoginModelObserver> observers_;
195 // Callbacks to be notified when a password form has been submitted.
196 std::vector<PasswordSubmittedCallback> submission_callbacks_;
198 // Records all visible forms seen during a page load, in all frames of the
199 // page. When the page stops loading, the password manager checks if one of
200 // the recorded forms matches the login form from the previous page
201 // (to see if the login was a failure), and clears the vector.
202 std::vector<autofill::PasswordForm> all_visible_forms_;
204 DISALLOW_COPY_AND_ASSIGN(PasswordManager);
207 } // namespace password_manager
209 #endif // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_MANAGER_H_