Home | History | Annotate | Download | only in glue 
      1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef WEBKIT_GLUE_PASSWORD_FORM_H__
      6 #define WEBKIT_GLUE_PASSWORD_FORM_H__
      7 
      8 #include <string>
      9 #include <map>
     10 
     11 #include "base/time.h"
     12 #include "googleurl/src/gurl.h"
     13 #include "third_party/WebKit/Source/WebKit/chromium/public/WebPasswordFormData.h"
     14 
     15 namespace webkit_glue {
     16 
     17 // The PasswordForm struct encapsulates information about a login form,
     18 // which can be an HTML form or a dialog with username/password text fields.
     19 //
     20 // The Web Data database stores saved username/passwords and associated form
     21 // metdata using a PasswordForm struct, typically one that was created from
     22 // a parsed HTMLFormElement or LoginDialog, but the saved entries could have
     23 // also been created by imported data from another browser.
     24 //
     25 // The PasswordManager implements a fuzzy-matching algorithm to compare saved
     26 // PasswordForm entries against PasswordForms that were created from a parsed
     27 // HTML or dialog form. As one might expect, the more data contained in one
     28 // of the saved PasswordForms, the better the job the PasswordManager can do
     29 // in matching it against the actual form it was saved on, and autofill
     30 // accurately. But it is not always possible, especially when importing from
     31 // other browsers with different data models, to copy over all the information
     32 // about a particular "saved password entry" to our PasswordForm
     33 // representation.
     34 //
     35 // The field descriptions in the struct specification below are intended to
     36 // describe which fields are not strictly required when adding a saved password
     37 // entry to the database and how they can affect the matching process.
     38 
     39 struct PasswordForm {
     40   // Enum to differentiate between HTML form based authentication, and dialogs
     41   // using basic or digest schemes. Default is SCHEME_HTML. Only PasswordForms
     42   // of the same Scheme will be matched/autofilled against each other.
     43   enum Scheme {
     44     SCHEME_HTML,
     45     SCHEME_BASIC,
     46     SCHEME_DIGEST,
     47     SCHEME_OTHER
     48   } scheme;
     49 
     50   // The "Realm" for the sign-on (scheme, host, port for SCHEME_HTML, and
     51   // contains the HTTP realm for dialog-based forms).
     52   // The signon_realm is effectively the primary key used for retrieving
     53   // data from the database, so it must not be empty.
     54   std::string signon_realm;
     55 
     56   // The URL (minus query parameters) containing the form. This is the primary
     57   // data used by the PasswordManager to decide (in longest matching prefix
     58   // fashion) whether or not a given PasswordForm result from the database is a
     59   // good fit for a particular form on a page, so it must not be empty.
     60   GURL origin;
     61 
     62   // The action target of the form. This is the primary data used by the
     63   // PasswordManager for form autofill; that is, the action of the saved
     64   // credentials must match the action of the form on the page to be autofilled.
     65   // If this is empty / not available, it will result in a "restricted"
     66   // IE-like autofill policy, where we wait for the user to type in his
     67   // username before autofilling the password. In these cases, after successful
     68   // login the action URL will automatically be assigned by the
     69   // PasswordManager.
     70   //
     71   // When parsing an HTML form, this must always be set.
     72   GURL action;
     73 
     74   // The name of the submit button used. Optional; only used in scoring
     75   // of PasswordForm results from the database to make matches as tight as
     76   // possible.
     77   //
     78   // When parsing an HTML form, this must always be set.
     79   string16 submit_element;
     80 
     81   // The name of the username input element. Optional (improves scoring).
     82   //
     83   // When parsing an HTML form, this must always be set.
     84   string16 username_element;
     85 
     86   // The username. Optional.
     87   //
     88   // When parsing an HTML form, this is typically empty unless the site
     89   // has implemented some form of autofill.
     90   string16 username_value;
     91 
     92   // The name of the password input element, Optional (improves scoring).
     93   //
     94   // When parsing an HTML form, this must always be set.
     95   string16 password_element;
     96 
     97   // The password. Required.
     98   //
     99   // When parsing an HTML form, this is typically empty.
    100   string16 password_value;
    101 
    102   // If the form was a change password form, the name of the
    103   // 'old password' input element. Optional.
    104   string16 old_password_element;
    105 
    106   // The old password. Optional.
    107   string16 old_password_value;
    108 
    109   // Whether or not this login was saved under an HTTPS session with a valid
    110   // SSL cert. We will never match or autofill a PasswordForm where
    111   // ssl_valid == true with a PasswordForm where ssl_valid == false. This means
    112   // passwords saved under HTTPS will never get autofilled onto an HTTP page.
    113   // When importing, this should be set to true if the page URL is HTTPS, thus
    114   // giving it "the benefit of the doubt" that the SSL cert was valid when it
    115   // was saved. Default to false.
    116   bool ssl_valid;
    117 
    118   // True if this PasswordForm represents the last username/password login the
    119   // user selected to log in to the site. If there is only one saved entry for
    120   // the site, this will always be true, but when there are multiple entries
    121   // the PasswordManager ensures that only one of them has a preferred bit set
    122   // to true. Default to false.
    123   //
    124   // When parsing an HTML form, this is not used.
    125   bool preferred;
    126 
    127   // When the login was saved (by chrome).
    128   //
    129   // When parsing an HTML form, this is not used.
    130   base::Time date_created;
    131 
    132   // Tracks if the user opted to never remember passwords for this form. Default
    133   // to false.
    134   //
    135   // When parsing an HTML form, this is not used.
    136   bool blacklisted_by_user;
    137 
    138   PasswordForm();
    139   PasswordForm(const WebKit::WebPasswordFormData& web_password_form);
    140   ~PasswordForm();
    141 };
    142 
    143 // Map username to PasswordForm* for convenience. See password_form_manager.h.
    144 typedef std::map<string16, PasswordForm*> PasswordFormMap;
    145 
    146 }  // namespace webkit_glue
    147 
    148 #endif  // WEBKIT_GLUE_PASSWORD_FORM_H__
    149