search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Disable view source for Developer Tools.
[chromium-blink-merge.git] / chrome / browser / password_manager / password_store.cc
blob1e96060fb40708144ca0f24b18d6b2a4602ad119
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/password_manager/password_store.h"
6
7 #include "base/bind.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "base/message_loop/message_loop.h"
10 #include "base/message_loop/message_loop_proxy.h"
11 #include "base/metrics/histogram.h"
12 #include "base/stl_util.h"
13 #include "chrome/browser/password_manager/password_store_consumer.h"
14 #include "components/autofill/core/common/password_form.h"
15 #include "content/public/browser/browser_thread.h"
16
17 using autofill::PasswordForm;
18 using content::BrowserThread;
19 using std::vector;
20
21 namespace {
22
23 // PasswordStoreConsumer callback requires vector const reference.
24 void RunConsumerCallbackIfNotCanceled(
25 const CancelableTaskTracker::IsCanceledCallback& is_canceled_cb,
26 PasswordStoreConsumer* consumer,
27 const vector<PasswordForm*>* matched_forms) {
28 if (is_canceled_cb.Run()) {
29 STLDeleteContainerPointers(matched_forms->begin(), matched_forms->end());
30 return;
31 }
32
33 // OnGetPasswordStoreResults owns PasswordForms in the vector.
34 consumer->OnGetPasswordStoreResults(*matched_forms);
35 }
36
37 void PostConsumerCallback(
38 base::TaskRunner* task_runner,
39 const CancelableTaskTracker::IsCanceledCallback& is_canceled_cb,
40 PasswordStoreConsumer* consumer,
41 const base::Time& ignore_logins_cutoff,
42 const vector<PasswordForm*>& matched_forms) {
43 vector<PasswordForm*>* matched_forms_copy = new vector<PasswordForm*>();
44 if (ignore_logins_cutoff.is_null()) {
45 *matched_forms_copy = matched_forms;
46 } else {
47 // Apply |ignore_logins_cutoff| and delete old ones.
48 for (size_t i = 0; i < matched_forms.size(); i++) {
49 if (matched_forms[i]->date_created < ignore_logins_cutoff)
50 delete matched_forms[i];
51 else
52 matched_forms_copy->push_back(matched_forms[i]);
53 }
54 }
55
56 task_runner->PostTask(
57 FROM_HERE,
58 base::Bind(&RunConsumerCallbackIfNotCanceled,
59 is_canceled_cb, consumer, base::Owned(matched_forms_copy)));
60 }
61
62 } // namespace
63
64 PasswordStore::GetLoginsRequest::GetLoginsRequest(
65 const GetLoginsCallback& callback)
66 : CancelableRequest1<GetLoginsCallback, vector<PasswordForm*> >(callback) {
67 }
68
69 void PasswordStore::GetLoginsRequest::ApplyIgnoreLoginsCutoff() {
70 if (!ignore_logins_cutoff_.is_null()) {
71 // Count down rather than up since we may be deleting elements.
72 // Note that in principle it could be more efficient to copy the whole array
73 // since that's worst-case linear time, but we expect that elements will be
74 // deleted rarely and lists will be small, so this avoids the copies.
75 for (size_t i = value.size(); i > 0; --i) {
76 if (value[i - 1]->date_created < ignore_logins_cutoff_) {
77 delete value[i - 1];
78 value.erase(value.begin() + (i - 1));
79 }
80 }
81 }
82 }
83
84 PasswordStore::GetLoginsRequest::~GetLoginsRequest() {
85 if (canceled()) {
86 STLDeleteElements(&value);
87 }
88 }
89
90 PasswordStore::PasswordStore() {
91 }
92
93 bool PasswordStore::Init() {
94 ReportMetrics();
95 return true;
96 }
97
98 void PasswordStore::AddLogin(const PasswordForm& form) {
99 ScheduleTask(base::Bind(&PasswordStore::WrapModificationTask, this,
100 base::Closure(base::Bind(&PasswordStore::AddLoginImpl, this, form))));
101 }
102
103 void PasswordStore::UpdateLogin(const PasswordForm& form) {
104 ScheduleTask(base::Bind(&PasswordStore::WrapModificationTask, this,
105 base::Closure(base::Bind(&PasswordStore::UpdateLoginImpl, this, form))));
106 }
107
108 void PasswordStore::RemoveLogin(const PasswordForm& form) {
109 ScheduleTask(base::Bind(&PasswordStore::WrapModificationTask, this,
110 base::Closure(base::Bind(&PasswordStore::RemoveLoginImpl, this, form))));
111 }
112
113 void PasswordStore::RemoveLoginsCreatedBetween(const base::Time& delete_begin,
114 const base::Time& delete_end) {
115 ScheduleTask(base::Bind(&PasswordStore::WrapModificationTask, this,
116 base::Closure(
117 base::Bind(&PasswordStore::RemoveLoginsCreatedBetweenImpl, this,
118 delete_begin, delete_end))));
119 }
120
121 CancelableTaskTracker::TaskId PasswordStore::GetLogins(
122 const PasswordForm& form,
123 AuthorizationPromptPolicy prompt_policy,
124 PasswordStoreConsumer* consumer) {
125 // Per http://crbug.com/121738, we deliberately ignore saved logins for
126 // http*://www.google.com/ that were stored prior to 2012. (Google now uses
127 // https://accounts.google.com/ for all login forms, so these should be
128 // unused.) We don't delete them just yet, and they'll still be visible in the
129 // password manager, but we won't use them to autofill any forms. This is a
130 // security feature to help minimize damage that can be done by XSS attacks.
131 // TODO(mdm): actually delete them at some point, say M24 or so.
132 base::Time ignore_logins_cutoff; // the null time
133 if (form.scheme == PasswordForm::SCHEME_HTML &&
134 (form.signon_realm == "http://www.google.com" ||
135 form.signon_realm == "http://www.google.com/" ||
136 form.signon_realm == "https://www.google.com" ||
137 form.signon_realm == "https://www.google.com/")) {
138 static const base::Time::Exploded exploded_cutoff =
139 { 2012, 1, 0, 1, 0, 0, 0, 0 }; // 00:00 Jan 1 2012
140 ignore_logins_cutoff = base::Time::FromUTCExploded(exploded_cutoff);
141 }
142
143 CancelableTaskTracker::IsCanceledCallback is_canceled_cb;
144 CancelableTaskTracker::TaskId id =
145 consumer->cancelable_task_tracker()->NewTrackedTaskId(&is_canceled_cb);
146
147 ConsumerCallbackRunner callback_runner =
148 base::Bind(&PostConsumerCallback,
149 base::MessageLoopProxy::current(),
150 is_canceled_cb,
151 consumer,
152 ignore_logins_cutoff);
153 ScheduleTask(base::Bind(&PasswordStore::GetLoginsImpl,
154 this, form, prompt_policy, callback_runner));
155 return id;
156 }
157
158 CancelableRequestProvider::Handle PasswordStore::GetAutofillableLogins(
159 PasswordStoreConsumer* consumer) {
160 return Schedule(&PasswordStore::GetAutofillableLoginsImpl, consumer);
161 }
162
163 CancelableRequestProvider::Handle PasswordStore::GetBlacklistLogins(
164 PasswordStoreConsumer* consumer) {
165 return Schedule(&PasswordStore::GetBlacklistLoginsImpl, consumer);
166 }
167
168 void PasswordStore::ReportMetrics() {
169 ScheduleTask(base::Bind(&PasswordStore::ReportMetricsImpl, this));
170 }
171
172 void PasswordStore::AddObserver(Observer* observer) {
173 observers_.AddObserver(observer);
174 }
175
176 void PasswordStore::RemoveObserver(Observer* observer) {
177 observers_.RemoveObserver(observer);
178 }
179
180 PasswordStore::~PasswordStore() {}
181
182 PasswordStore::GetLoginsRequest* PasswordStore::NewGetLoginsRequest(
183 const GetLoginsCallback& callback) {
184 return new GetLoginsRequest(callback);
185 }
186
187 bool PasswordStore::ScheduleTask(const base::Closure& task) {
188 return BrowserThread::PostTask(BrowserThread::DB, FROM_HERE, task);
189 }
190
191 void PasswordStore::ForwardLoginsResult(GetLoginsRequest* request) {
192 request->ApplyIgnoreLoginsCutoff();
193 request->ForwardResult(request->handle(), request->value);
194 }
195
196 void PasswordStore::LogStatsForBulkDeletion(int num_deletions) {
197 UMA_HISTOGRAM_COUNTS("PasswordManager.NumPasswordsDeletedByBulkDelete",
198 num_deletions);
199 }
200
201 template<typename BackendFunc>
202 CancelableRequestProvider::Handle PasswordStore::Schedule(
203 BackendFunc func,
204 PasswordStoreConsumer* consumer) {
205 scoped_refptr<GetLoginsRequest> request(
206 NewGetLoginsRequest(
207 base::Bind(&PasswordStoreConsumer::OnPasswordStoreRequestDone,
208 base::Unretained(consumer))));
209 AddRequest(request.get(), consumer->cancelable_consumer());
210 ScheduleTask(base::Bind(func, this, request));
211 return request->handle();
212 }
213
214 template<typename BackendFunc>
215 CancelableRequestProvider::Handle PasswordStore::Schedule(
216 BackendFunc func,
217 PasswordStoreConsumer* consumer,
218 const PasswordForm& form,
219 const base::Time& ignore_logins_cutoff) {
220 scoped_refptr<GetLoginsRequest> request(
221 NewGetLoginsRequest(
222 base::Bind(&PasswordStoreConsumer::OnPasswordStoreRequestDone,
223 base::Unretained(consumer))));
224 request->set_ignore_logins_cutoff(ignore_logins_cutoff);
225 AddRequest(request.get(), consumer->cancelable_consumer());
226 ScheduleTask(base::Bind(func, this, request, form));
227 return request->handle();
228 }
229
230 void PasswordStore::WrapModificationTask(base::Closure task) {
231 #if !defined(OS_MACOSX)
232 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB));
233 #endif // !defined(OS_MACOSX)
234 task.Run();
235 PostNotifyLoginsChanged();
236 }
237
238 void PasswordStore::PostNotifyLoginsChanged() {
239 #if !defined(OS_MACOSX)
240 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB));
241 #endif // !defined(OS_MACOSX)
242 BrowserThread::PostTask(
243 BrowserThread::UI, FROM_HERE,
244 base::Bind(&PasswordStore::NotifyLoginsChanged, this));
245 }
246
247 void PasswordStore::NotifyLoginsChanged() {
248 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
249 FOR_EACH_OBSERVER(Observer, observers_, OnLoginsChanged());
250 }