components/autofill/core/common/password_form.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__
   6 #define COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__
   7
   8 #include <map>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/time/time.h"
  13 #include "components/autofill/core/common/form_data.h"
  14 #include "url/gurl.h"
  15
  16 namespace autofill {
  17
  18 // The PasswordForm struct encapsulates information about a login form,
  19 // which can be an HTML form or a dialog with username/password text fields.
  20 //
  21 // The Web Data database stores saved username/passwords and associated form
  22 // metdata using a PasswordForm struct, typically one that was created from
  23 // a parsed HTMLFormElement or LoginDialog, but the saved entries could have
  24 // also been created by imported data from another browser.
  25 //
  26 // The PasswordManager implements a fuzzy-matching algorithm to compare saved
  27 // PasswordForm entries against PasswordForms that were created from a parsed
  28 // HTML or dialog form. As one might expect, the more data contained in one
  29 // of the saved PasswordForms, the better the job the PasswordManager can do
  30 // in matching it against the actual form it was saved on, and autofill
  31 // accurately. But it is not always possible, especially when importing from
  32 // other browsers with different data models, to copy over all the information
  33 // about a particular "saved password entry" to our PasswordForm
  34 // representation.
  35 //
  36 // The field descriptions in the struct specification below are intended to
  37 // describe which fields are not strictly required when adding a saved password
  38 // entry to the database and how they can affect the matching process.
  39
  40 struct PasswordForm {
  41   // Enum to keep track of what information has been sent to the server about
  42   // this form regarding password generation.
  43   enum GenerationUploadStatus {
  44     NO_SIGNAL_SENT,
  45     POSITIVE_SIGNAL_SENT,
  46     NEGATIVE_SIGNAL_SENT,
  47     // Reserve a few values for future use.
  48     UNKNOWN_STATUS = 10
  49   };
  50
  51   // Enum to differentiate between HTML form based authentication, and dialogs
  52   // using basic or digest schemes. Default is SCHEME_HTML. Only PasswordForms
  53   // of the same Scheme will be matched/autofilled against each other.
  54   enum Scheme {
  55     SCHEME_HTML,
  56     SCHEME_BASIC,
  57     SCHEME_DIGEST,
  58     SCHEME_OTHER,
  59     SCHEME_LAST = SCHEME_OTHER
  60   } scheme;
  61
  62   // The "Realm" for the sign-on. This is scheme, host, port for SCHEME_HTML.
  63   // Dialog based forms also contain the HTTP realm. Android based forms will
  64   // contain a string of the form "android://<hash of cert>@<package name>"
  65   //
  66   // The signon_realm is effectively the primary key used for retrieving
  67   // data from the database, so it must not be empty.
  68   std::string signon_realm;
  69
  70   // The original "Realm" for the sign-on (scheme, host, port for SCHEME_HTML,
  71   // and contains the HTTP realm for dialog-based forms). This realm is only set
  72   // when two PasswordForms are matched when trying to find a login/pass pair
  73   // for a site. It is only set to a non-empty value during a match of the
  74   // original stored login/pass and the current observed form if all these
  75   // statements are true:
  76   // 1) The full signon_realm is not the same.
  77   // 2) The registry controlled domain is the same. For example; example.com,
  78   // m.example.com, foo.login.example.com and www.example.com would all resolve
  79   // to example.com since .com is the public suffix.
  80   // 3) The scheme is the same.
  81   // 4) The port is the same.
  82   // For example, if there exists a stored password for http://www.example.com
  83   // (where .com is the public suffix) and the observed form is
  84   // http://m.example.com, |original_signon_realm| must be set to
  85   // http://www.example.com.
  86   std::string original_signon_realm;
  87
  88   // An origin URL consists of the scheme, host, port and path; the rest is
  89   // stripped. This is the primary data used by the PasswordManager to decide
  90   // (in longest matching prefix fashion) whether or not a given PasswordForm
  91   // result from the database is a good fit for a particular form on a page.
  92   // This should not be empty except for Android based credentials.
  93   GURL origin;
  94
  95   // The action target of the form; like |origin| URL consists of the scheme,
  96   // host, port and path; the rest is stripped. This is the primary data used by
  97   // the PasswordManager for form autofill; that is, the action of the saved
  98   // credentials must match the action of the form on the page to be autofilled.
  99   // If this is empty / not available, it will result in a "restricted" IE-like
 100   // autofill policy, where we wait for the user to type in his username before
 101   // autofilling the password. In these cases, after successful login the action
 102   // URL will automatically be assigned by the PasswordManager.
 103   //
 104   // When parsing an HTML form, this must always be set.
 105   GURL action;
 106
 107   // The name of the submit button used. Optional; only used in scoring
 108   // of PasswordForm results from the database to make matches as tight as
 109   // possible.
 110   //
 111   // When parsing an HTML form, this must always be set.
 112   base::string16 submit_element;
 113
 114   // The name of the username input element. Optional (improves scoring).
 115   //
 116   // When parsing an HTML form, this must always be set.
 117   base::string16 username_element;
 118
 119   // Whether the |username_element| has an autocomplete=username attribute. This
 120   // is only used in parsed HTML forms.
 121   bool username_marked_by_site;
 122
 123   // The username. Optional.
 124   //
 125   // When parsing an HTML form, this is typically empty unless the site
 126   // has implemented some form of autofill.
 127   base::string16 username_value;
 128
 129   // This member is populated in cases where we there are multiple input
 130   // elements that could possibly be the username. Used when our heuristics for
 131   // determining the username are incorrect. Optional.
 132   //
 133   // When parsing an HTML form, this is typically empty.
 134   std::vector<base::string16> other_possible_usernames;
 135
 136   // The name of the input element corresponding to the current password.
 137   // Optional (improves scoring).
 138   //
 139   // When parsing an HTML form, this will always be set, unless it is a sign-up
 140   // form or a change password form that does not ask for the current password.
 141   // In these two cases the |new_password_element| will always be set.
 142   base::string16 password_element;
 143
 144   // The current password. Must be non-empty for PasswordForm instances that are
 145   // meant to be persisted to the password store.
 146   //
 147   // When parsing an HTML form, this is typically empty.
 148   base::string16 password_value;
 149
 150   // False if autocomplete is set to "off" for the password input element;
 151   // True otherwise.
 152   bool password_autocomplete_set;
 153
 154   // If the form was a sign-up or a change password form, the name of the input
 155   // element corresponding to the new password. Optional, and not persisted.
 156   base::string16 new_password_element;
 157
 158   // The new password. Optional, and not persisted.
 159   base::string16 new_password_value;
 160
 161   // Whether or not this login was saved under an HTTPS session with a valid
 162   // SSL cert. We will never match or autofill a PasswordForm where
 163   // ssl_valid == true with a PasswordForm where ssl_valid == false. This means
 164   // passwords saved under HTTPS will never get autofilled onto an HTTP page.
 165   // When importing, this should be set to true if the page URL is HTTPS, thus
 166   // giving it "the benefit of the doubt" that the SSL cert was valid when it
 167   // was saved. Default to false.
 168   bool ssl_valid;
 169
 170   // True if this PasswordForm represents the last username/password login the
 171   // user selected to log in to the site. If there is only one saved entry for
 172   // the site, this will always be true, but when there are multiple entries
 173   // the PasswordManager ensures that only one of them has a preferred bit set
 174   // to true. Default to false.
 175   //
 176   // When parsing an HTML form, this is not used.
 177   bool preferred;
 178
 179   // When the login was saved (by chrome).
 180   //
 181   // When parsing an HTML form, this is not used.
 182   base::Time date_created;
 183
 184   // When the login was downloaded from the sync server. For local passwords is
 185   // not used.
 186   //
 187   // When parsing an HTML form, this is not used.
 188   base::Time date_synced;
 189
 190   // Tracks if the user opted to never remember passwords for this form. Default
 191   // to false.
 192   //
 193   // When parsing an HTML form, this is not used.
 194   bool blacklisted_by_user;
 195
 196   // Enum to differentiate between manually filled forms and forms with auto
 197   // generated passwords.
 198   enum Type {
 199     TYPE_MANUAL,
 200     TYPE_GENERATED,
 201     TYPE_LAST = TYPE_GENERATED
 202   };
 203
 204   // The form type.
 205   Type type;
 206
 207   // The number of times that this username/password has been used to
 208   // authenticate the user.
 209   //
 210   // When parsing an HTML form, this is not used.
 211   int times_used;
 212
 213   // Autofill representation of this form. Used to communicate with the
 214   // Autofill servers if necessary. Currently this is only used to help
 215   // determine forms where we can trigger password generation.
 216   //
 217   // When parsing an HTML form, this is normally set.
 218   FormData form_data;
 219
 220   // What information has been sent to the Autofill server about this form.
 221   GenerationUploadStatus generation_upload_status;
 222
 223   // These following fields are set by a website using the Credential Manager
 224   // API. They will be empty and remain unused for sites which do not use that
 225   // API.
 226   //
 227   // User friendly name to show in the UI.
 228   base::string16 display_name;
 229
 230   // The URL of the user's avatar to display in the UI.
 231   GURL avatar_url;
 232
 233   // The URL of identity provider used for federated login.
 234   GURL federation_url;
 235
 236   // If true, Chrome will not return this credential to a site in response to
 237   // 'navigator.credentials.request()' without user interaction.
 238   // Once user selects this credential the flag is reseted.
 239   bool skip_zero_click;
 240
 241   // Returns true if this match was found using public suffix matching.
 242   bool IsPublicSuffixMatch() const;
 243
 244   // Equality operators for testing.
 245   bool operator==(const PasswordForm& form) const;
 246   bool operator!=(const PasswordForm& form) const;
 247
 248   PasswordForm();
 249   ~PasswordForm();
 250 };
 251
 252 // Map username to PasswordForm* for convenience. See password_form_manager.h.
 253 typedef std::map<base::string16, PasswordForm*> PasswordFormMap;
 254
 255 typedef std::map<base::string16, const PasswordForm*> ConstPasswordFormMap;
 256
 257 // For testing.
 258 std::ostream& operator<<(std::ostream& os,
 259                          const autofill::PasswordForm& form);
 260
 261 }  // namespace autofill
 262
 263 #endif  // COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__