components/autofill/core/common/password_form.h - platform/external/chromium_org - Git at Google

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__
 #define COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__

 #include <map>
 #include <string>
 #include <vector>

 #include "base/time/time.h"
 #include "components/autofill/core/common/form_data.h"
 #include "url/gurl.h"

 namespace autofill {

 // The PasswordForm struct encapsulates information about a login form,
 // which can be an HTML form or a dialog with username/password text fields.
 //
 // The Web Data database stores saved username/passwords and associated form
 // metdata using a PasswordForm struct, typically one that was created from
 // a parsed HTMLFormElement or LoginDialog, but the saved entries could have
 // also been created by imported data from another browser.
 //
 // The PasswordManager implements a fuzzy-matching algorithm to compare saved
 // PasswordForm entries against PasswordForms that were created from a parsed
 // HTML or dialog form. As one might expect, the more data contained in one
 // of the saved PasswordForms, the better the job the PasswordManager can do
 // in matching it against the actual form it was saved on, and autofill
 // accurately. But it is not always possible, especially when importing from
 // other browsers with different data models, to copy over all the information
 // about a particular "saved password entry" to our PasswordForm
 // representation.
 //
 // The field descriptions in the struct specification below are intended to
 // describe which fields are not strictly required when adding a saved password
 // entry to the database and how they can affect the matching process.

 struct PasswordForm {
   // Enum to differentiate between HTML form based authentication, and dialogs
   // using basic or digest schemes. Default is SCHEME_HTML. Only PasswordForms
   // of the same Scheme will be matched/autofilled against each other.
   enum Scheme {
     SCHEME_HTML,
     SCHEME_BASIC,
     SCHEME_DIGEST,
     SCHEME_OTHER,
     SCHEME_LAST = SCHEME_OTHER
   } scheme;

   // The "Realm" for the sign-on (scheme, host, port for SCHEME_HTML, and
   // contains the HTTP realm for dialog-based forms).
   // The signon_realm is effectively the primary key used for retrieving
   // data from the database, so it must not be empty.
   std::string signon_realm;

   // The original "Realm" for the sign-on (scheme, host, port for SCHEME_HTML,
   // and contains the HTTP realm for dialog-based forms). This realm is only set
   // when two PasswordForms are matched when trying to find a login/pass pair
   // for a site. It is only set to a non-empty value during a match of the
   // original stored login/pass and the current observed form if all these
   // statements are true:
   // 1) The full signon_realm is not the same.
   // 2) The registry controlled domain is the same. For example; example.com,
   // m.example.com, foo.login.example.com and www.example.com would all resolve
   // to example.com since .com is the public suffix.
   // 3) The scheme is the same.
   // 4) The port is the same.
   // For example, if there exists a stored password for http://www.example.com
   // (where .com is the public suffix) and the observed form is
   // http://m.example.com, |original_signon_realm| must be set to
   // http://www.example.com.
   std::string original_signon_realm;

   // The URL (minus query parameters) containing the form. This is the primary
   // data used by the PasswordManager to decide (in longest matching prefix
   // fashion) whether or not a given PasswordForm result from the database is a
   // good fit for a particular form on a page, so it must not be empty.
   GURL origin;

   // The action target of the form. This is the primary data used by the
   // PasswordManager for form autofill; that is, the action of the saved
   // credentials must match the action of the form on the page to be autofilled.
   // If this is empty / not available, it will result in a "restricted"
   // IE-like autofill policy, where we wait for the user to type in his
   // username before autofilling the password. In these cases, after successful
   // login the action URL will automatically be assigned by the
   // PasswordManager.
   //
   // When parsing an HTML form, this must always be set.
   GURL action;

   // The name of the submit button used. Optional; only used in scoring
   // of PasswordForm results from the database to make matches as tight as
   // possible.
   //
   // When parsing an HTML form, this must always be set.
   base::string16 submit_element;

   // The name of the username input element. Optional (improves scoring).
   //
   // When parsing an HTML form, this must always be set.
   base::string16 username_element;

   // The username. Optional.
   //
   // When parsing an HTML form, this is typically empty unless the site
   // has implemented some form of autofill.
   base::string16 username_value;

   // This member is populated in cases where we there are multiple input
   // elements that could possibly be the username. Used when our heuristics for
   // determining the username are incorrect. Optional.
   //
   // When parsing an HTML form, this is typically empty.
   std::vector<base::string16> other_possible_usernames;

   // The name of the input element corresponding to the current password.
   // Optional (improves scoring).
   //
   // When parsing an HTML form, this will always be set, unless it is a sign-up
   // form or a change password form that does not ask for the current password.
   // In these two cases the |new_password_element| will always be set.
   base::string16 password_element;

   // The current password. Must be non-empty for PasswordForm instances that are
   // meant to be persisted to the password store.
   //
   // When parsing an HTML form, this is typically empty.
   base::string16 password_value;

   // False if autocomplete is set to "off" for the password input element;
   // True otherwise.
   bool password_autocomplete_set;

   // If the form was a sign-up or a change password form, the name of the input
   // element corresponding to the new password. Optional, and not persisted.
   base::string16 new_password_element;

   // The new password. Optional, and not persisted.
   base::string16 new_password_value;

   // Whether or not this login was saved under an HTTPS session with a valid
   // SSL cert. We will never match or autofill a PasswordForm where
   // ssl_valid == true with a PasswordForm where ssl_valid == false. This means
   // passwords saved under HTTPS will never get autofilled onto an HTTP page.
   // When importing, this should be set to true if the page URL is HTTPS, thus
   // giving it "the benefit of the doubt" that the SSL cert was valid when it
   // was saved. Default to false.
   bool ssl_valid;

   // True if this PasswordForm represents the last username/password login the
   // user selected to log in to the site. If there is only one saved entry for
   // the site, this will always be true, but when there are multiple entries
   // the PasswordManager ensures that only one of them has a preferred bit set
   // to true. Default to false.
   //
   // When parsing an HTML form, this is not used.
   bool preferred;

   // When the login was saved (by chrome).
   //
   // When parsing an HTML form, this is not used.
   base::Time date_created;

   // When the login was downloaded from the sync server. For local passwords is
   // not used.
   //
   // When parsing an HTML form, this is not used.
   base::Time date_synced;

   // Tracks if the user opted to never remember passwords for this form. Default
   // to false.
   //
   // When parsing an HTML form, this is not used.
   bool blacklisted_by_user;

   // Enum to differentiate between manually filled forms and forms with auto
   // generated passwords.
   enum Type {
     TYPE_MANUAL,
     TYPE_GENERATED,
     TYPE_LAST = TYPE_GENERATED
   };

   // The form type. Not used yet. Please see http://crbug.com/152422
   Type type;

   // The number of times that this username/password has been used to
   // authenticate the user.
   //
   // When parsing an HTML form, this is not used.
   int times_used;

   // True if additional system level authentication should be used
   // (if available) before using this password for autofill.
   //
   // Default to false.
   bool use_additional_authentication;

   // Autofill representation of this form. Used to communicate with the
   // Autofill servers if necessary. Currently this is only used to help
   // determine forms where we can trigger password generation.
   //
   // When parsing an HTML form, this is normally set.
   FormData form_data;

   // Returns true if this match was found using public suffix matching.
   bool IsPublicSuffixMatch() const;

   // Equality operators for testing.
   bool operator==(const PasswordForm& form) const;
   bool operator!=(const PasswordForm& form) const;

   PasswordForm();
   ~PasswordForm();
 };

 // Map username to PasswordForm* for convenience. See password_form_manager.h.
 typedef std::map<base::string16, PasswordForm*> PasswordFormMap;

 // For testing.
 std::ostream& operator<<(std::ostream& os,
                          const autofill::PasswordForm& form);

 }  // namespace autofill

 #endif  // COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__
	// Copyright 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__
	#define COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__

	#include <map>
	#include <string>
	#include <vector>

	#include "base/time/time.h"
	#include "components/autofill/core/common/form_data.h"
	#include "url/gurl.h"

	namespace autofill {

	// The PasswordForm struct encapsulates information about a login form,
	// which can be an HTML form or a dialog with username/password text fields.
	//
	// The Web Data database stores saved username/passwords and associated form
	// metdata using a PasswordForm struct, typically one that was created from
	// a parsed HTMLFormElement or LoginDialog, but the saved entries could have
	// also been created by imported data from another browser.
	//
	// The PasswordManager implements a fuzzy-matching algorithm to compare saved
	// PasswordForm entries against PasswordForms that were created from a parsed
	// HTML or dialog form. As one might expect, the more data contained in one
	// of the saved PasswordForms, the better the job the PasswordManager can do
	// in matching it against the actual form it was saved on, and autofill
	// accurately. But it is not always possible, especially when importing from
	// other browsers with different data models, to copy over all the information
	// about a particular "saved password entry" to our PasswordForm
	// representation.
	//
	// The field descriptions in the struct specification below are intended to
	// describe which fields are not strictly required when adding a saved password
	// entry to the database and how they can affect the matching process.

	struct PasswordForm {
	// Enum to differentiate between HTML form based authentication, and dialogs
	// using basic or digest schemes. Default is SCHEME_HTML. Only PasswordForms
	// of the same Scheme will be matched/autofilled against each other.
	enum Scheme {
	SCHEME_HTML,
	SCHEME_BASIC,
	SCHEME_DIGEST,
	SCHEME_OTHER,
	SCHEME_LAST = SCHEME_OTHER
	} scheme;

	// The "Realm" for the sign-on (scheme, host, port for SCHEME_HTML, and
	// contains the HTTP realm for dialog-based forms).
	// The signon_realm is effectively the primary key used for retrieving
	// data from the database, so it must not be empty.
	std::string signon_realm;

	// The original "Realm" for the sign-on (scheme, host, port for SCHEME_HTML,
	// and contains the HTTP realm for dialog-based forms). This realm is only set
	// when two PasswordForms are matched when trying to find a login/pass pair
	// for a site. It is only set to a non-empty value during a match of the
	// original stored login/pass and the current observed form if all these
	// statements are true:
	// 1) The full signon_realm is not the same.
	// 2) The registry controlled domain is the same. For example; example.com,
	// m.example.com, foo.login.example.com and www.example.com would all resolve
	// to example.com since .com is the public suffix.
	// 3) The scheme is the same.
	// 4) The port is the same.
	// For example, if there exists a stored password for http://www.example.com
	// (where .com is the public suffix) and the observed form is
	// http://m.example.com, \|original_signon_realm\| must be set to
	// http://www.example.com.
	std::string original_signon_realm;

	// The URL (minus query parameters) containing the form. This is the primary
	// data used by the PasswordManager to decide (in longest matching prefix
	// fashion) whether or not a given PasswordForm result from the database is a
	// good fit for a particular form on a page, so it must not be empty.
	GURL origin;

	// The action target of the form. This is the primary data used by the
	// PasswordManager for form autofill; that is, the action of the saved
	// credentials must match the action of the form on the page to be autofilled.
	// If this is empty / not available, it will result in a "restricted"
	// IE-like autofill policy, where we wait for the user to type in his
	// username before autofilling the password. In these cases, after successful
	// login the action URL will automatically be assigned by the
	// PasswordManager.
	//
	// When parsing an HTML form, this must always be set.
	GURL action;

	// The name of the submit button used. Optional; only used in scoring
	// of PasswordForm results from the database to make matches as tight as
	// possible.
	//
	// When parsing an HTML form, this must always be set.
	base::string16 submit_element;

	// The name of the username input element. Optional (improves scoring).
	//
	// When parsing an HTML form, this must always be set.
	base::string16 username_element;

	// The username. Optional.
	//
	// When parsing an HTML form, this is typically empty unless the site
	// has implemented some form of autofill.
	base::string16 username_value;

	// This member is populated in cases where we there are multiple input
	// elements that could possibly be the username. Used when our heuristics for
	// determining the username are incorrect. Optional.
	//
	// When parsing an HTML form, this is typically empty.
	std::vector<base::string16> other_possible_usernames;

	// The name of the input element corresponding to the current password.
	// Optional (improves scoring).
	//
	// When parsing an HTML form, this will always be set, unless it is a sign-up
	// form or a change password form that does not ask for the current password.
	// In these two cases the \|new_password_element\| will always be set.
	base::string16 password_element;

	// The current password. Must be non-empty for PasswordForm instances that are
	// meant to be persisted to the password store.
	//
	// When parsing an HTML form, this is typically empty.
	base::string16 password_value;

	// False if autocomplete is set to "off" for the password input element;
	// True otherwise.
	bool password_autocomplete_set;

	// If the form was a sign-up or a change password form, the name of the input
	// element corresponding to the new password. Optional, and not persisted.
	base::string16 new_password_element;

	// The new password. Optional, and not persisted.
	base::string16 new_password_value;

	// Whether or not this login was saved under an HTTPS session with a valid
	// SSL cert. We will never match or autofill a PasswordForm where
	// ssl_valid == true with a PasswordForm where ssl_valid == false. This means
	// passwords saved under HTTPS will never get autofilled onto an HTTP page.
	// When importing, this should be set to true if the page URL is HTTPS, thus
	// giving it "the benefit of the doubt" that the SSL cert was valid when it
	// was saved. Default to false.
	bool ssl_valid;

	// True if this PasswordForm represents the last username/password login the
	// user selected to log in to the site. If there is only one saved entry for
	// the site, this will always be true, but when there are multiple entries
	// the PasswordManager ensures that only one of them has a preferred bit set
	// to true. Default to false.
	//
	// When parsing an HTML form, this is not used.
	bool preferred;

	// When the login was saved (by chrome).
	//
	// When parsing an HTML form, this is not used.
	base::Time date_created;

	// When the login was downloaded from the sync server. For local passwords is
	// not used.
	//
	// When parsing an HTML form, this is not used.
	base::Time date_synced;

	// Tracks if the user opted to never remember passwords for this form. Default
	// to false.
	//
	// When parsing an HTML form, this is not used.
	bool blacklisted_by_user;

	// Enum to differentiate between manually filled forms and forms with auto
	// generated passwords.
	enum Type {
	TYPE_MANUAL,
	TYPE_GENERATED,
	TYPE_LAST = TYPE_GENERATED
	};

	// The form type. Not used yet. Please see http://crbug.com/152422
	Type type;

	// The number of times that this username/password has been used to
	// authenticate the user.
	//
	// When parsing an HTML form, this is not used.
	int times_used;

	// True if additional system level authentication should be used
	// (if available) before using this password for autofill.
	//
	// Default to false.
	bool use_additional_authentication;

	// Autofill representation of this form. Used to communicate with the
	// Autofill servers if necessary. Currently this is only used to help
	// determine forms where we can trigger password generation.
	//
	// When parsing an HTML form, this is normally set.
	FormData form_data;

	// Returns true if this match was found using public suffix matching.
	bool IsPublicSuffixMatch() const;

	// Equality operators for testing.
	bool operator==(const PasswordForm& form) const;
	bool operator!=(const PasswordForm& form) const;

	PasswordForm();
	~PasswordForm();
	};

	// Map username to PasswordForm* for convenience. See password_form_manager.h.
	typedef std::map<base::string16, PasswordForm*> PasswordFormMap;

	// For testing.
	std::ostream& operator<<(std::ostream& os,
	const autofill::PasswordForm& form);

	} // namespace autofill

	#endif // COMPONENTS_AUTOFILL_CORE_COMMON_PASSWORD_FORM_H__