Use pref to determine if auth for filling should be enabled on Windows
Added way of controlling the biometric authentication before filling
feature on Windows using pref value, biometrics availability and feature
flag.
Bug: 1322079
Change-Id: I71b60dbacf8ef6332d7350b4d31a0e1d50d85ce9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3892920
Reviewed-by: Vasilii Sukhanov <[email protected]>
Auto-Submit: Karol Sygiet <[email protected]>
Commit-Queue: Vasilii Sukhanov <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1047639}
diff --git a/chrome/browser/password_manager/chrome_password_manager_client.cc b/chrome/browser/password_manager/chrome_password_manager_client.cc
index eebcd42..fd7806d 100644
--- a/chrome/browser/password_manager/chrome_password_manager_client.cc
+++ b/chrome/browser/password_manager/chrome_password_manager_client.cc
@@ -494,7 +494,7 @@
scoped_refptr<device_reauth::BiometricAuthenticator>
ChromePasswordManagerClient::GetBiometricAuthenticator() {
-#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
return ChromeBiometricAuthenticatorFactory::GetBiometricAuthenticator();
#else
return nullptr;
diff --git a/chrome/browser/password_manager/chrome_password_manager_client.h b/chrome/browser/password_manager/chrome_password_manager_client.h
index 5add44e..96062e0 100644
--- a/chrome/browser/password_manager/chrome_password_manager_client.h
+++ b/chrome/browser/password_manager/chrome_password_manager_client.h
@@ -142,8 +142,8 @@
bool IsAutofillAssistantUIVisible() const override;
// Returns a pointer to the BiometricAuthenticator which is created on demand.
- // This is currently only implemented for Android and Mac, on all other
- // platforms this will always be null.
+ // This is currently only implemented for Android, Mac and Windows. On all
+ // other platforms this will always be null.
scoped_refptr<device_reauth::BiometricAuthenticator>
GetBiometricAuthenticator() override;
void GeneratePassword(
diff --git a/components/password_manager/core/browser/password_autofill_manager.cc b/components/password_manager/core/browser/password_autofill_manager.cc
index a720003..6353950 100644
--- a/components/password_manager/core/browser/password_autofill_manager.cc
+++ b/components/password_manager/core/browser/password_autofill_manager.cc
@@ -504,8 +504,8 @@
scoped_refptr<device_reauth::BiometricAuthenticator> authenticator =
password_client_->GetBiometricAuthenticator();
- // Note: this is currently only implemented on Android and Mac. For other
- // platforms, the `authenticator` will be null.
+ // Note: this is currently only implemented on Android, Mac and Windows. For
+ // other platforms, the `authenticator` will be null.
if (!password_manager_util::CanUseBiometricAuth(
authenticator.get(),
device_reauth::BiometricAuthRequester::kAutofillSuggestion,
@@ -523,7 +523,7 @@
base::BindOnce(&PasswordAutofillManager::OnBiometricReauthCompleted,
base::Unretained(this), value, frontend_id),
/*use_last_valid_auth=*/true);
-#elif BUILDFLAG(IS_MAC)
+#elif BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
const std::u16string origin =
base::UTF8ToUTF16(GetShownOrigin(url::Origin::Create(
password_manager_driver_->GetLastCommittedURL())));
diff --git a/components/password_manager/core/browser/password_autofill_manager.h b/components/password_manager/core/browser/password_autofill_manager.h
index 1c92d37..6b9d536 100644
--- a/components/password_manager/core/browser/password_autofill_manager.h
+++ b/components/password_manager/core/browser/password_autofill_manager.h
@@ -227,7 +227,7 @@
// Used to trigger a reauthentication prompt based on biometrics that needs
// to be cleared before the password is filled. Currently only used
- // on Android and Mac.
+ // on Android, Mac and Windows.
scoped_refptr<device_reauth::BiometricAuthenticator> authenticator_;
base::WeakPtrFactory<PasswordAutofillManager> weak_ptr_factory_{this};
diff --git a/components/password_manager/core/browser/password_autofill_manager_unittest.cc b/components/password_manager/core/browser/password_autofill_manager_unittest.cc
index 3314808..9fe98bc 100644
--- a/components/password_manager/core/browser/password_autofill_manager_unittest.cc
+++ b/components/password_manager/core/browser/password_autofill_manager_unittest.cc
@@ -55,7 +55,7 @@
#if BUILDFLAG(IS_ANDROID)
#include "base/android/build_info.h"
-#elif BUILDFLAG(IS_MAC)
+#elif BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
#include "components/password_manager/core/common/password_manager_pref_names.h"
#include "components/prefs/pref_registry_simple.h"
#include "components/prefs/testing_pref_service.h"
@@ -325,7 +325,7 @@
webauthn_credentials_delegate_ =
std::make_unique<MockWebAuthnCredentialsDelegate>();
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
test_pref_service_ = std::make_unique<TestingPrefServiceSimple>();
test_pref_service_->registry()->RegisterBooleanPref(
password_manager::prefs::kBiometricAuthenticationBeforeFilling, true);
@@ -385,7 +385,7 @@
// The TestAutofillDriver uses a SequencedWorkerPool which expects the
// existence of a MessageLoop.
base::test::SingleThreadTaskEnvironment task_environment_;
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
std::unique_ptr<TestingPrefServiceSimple> test_pref_service_;
#endif
};
@@ -1673,11 +1673,11 @@
}
}
-#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_ANDROID)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_WIN)
TEST_F(PasswordAutofillManagerTest, FillsSuggestionIfAuthSuccessful) {
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndEnableFeature(
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
password_manager::features::kBiometricAuthenticationForFilling);
#else
password_manager::features::kBiometricTouchToFill);
@@ -1727,7 +1727,7 @@
.WillOnce(Return(true));
EXPECT_CALL(
*authenticator_.get(),
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
AuthenticateWithMessage(BiometricAuthRequester::kAutofillSuggestion,
/*message=*/_, _))
.WillOnce(RunOnceCallback<2>(/*auth_succeeded=*/true));
@@ -1748,7 +1748,7 @@
TEST_F(PasswordAutofillManagerTest, DoesntFillSuggestionIfAuthFailed) {
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndEnableFeature(
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
password_manager::features::kBiometricAuthenticationForFilling);
#else
password_manager::features::kBiometricTouchToFill);
@@ -1798,7 +1798,7 @@
.WillOnce(Return(true));
EXPECT_CALL(
*authenticator_.get(),
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
AuthenticateWithMessage(BiometricAuthRequester::kAutofillSuggestion,
/*message=*/_, _))
.WillOnce(RunOnceCallback<2>(/*auth_succeeded=*/false));
@@ -1819,7 +1819,7 @@
TEST_F(PasswordAutofillManagerTest, CancelsOngoingBiometricAuthOnDestroy) {
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndEnableFeature(
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
password_manager::features::kBiometricAuthenticationForFilling);
#else
password_manager::features::kBiometricTouchToFill);
@@ -1856,7 +1856,7 @@
.WillOnce(Return(true));
EXPECT_CALL(
*authenticator_.get(),
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
AuthenticateWithMessage(BiometricAuthRequester::kAutofillSuggestion,
/*message=*/_, _));
#else
@@ -1878,7 +1878,7 @@
CancelsOngoingBiometricAuthOnDeleteFillData) {
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndEnableFeature(
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
password_manager::features::kBiometricAuthenticationForFilling);
#else
password_manager::features::kBiometricTouchToFill);
@@ -1915,7 +1915,7 @@
.WillOnce(Return(true));
EXPECT_CALL(
*authenticator_.get(),
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
AuthenticateWithMessage(BiometricAuthRequester::kAutofillSuggestion,
/*message=*/_, _));
#else
@@ -1938,7 +1938,7 @@
CancelsOngoingBiometricAuthOnFillDataChange) {
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndEnableFeature(
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
password_manager::features::kBiometricAuthenticationForFilling);
#else
password_manager::features::kBiometricTouchToFill);
@@ -1975,7 +1975,7 @@
.WillOnce(Return(true));
EXPECT_CALL(
*authenticator_.get(),
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
AuthenticateWithMessage(BiometricAuthRequester::kAutofillSuggestion,
/*message=*/_, _));
#else
@@ -1993,7 +1993,7 @@
Cancel(BiometricAuthRequester::kAutofillSuggestion));
password_autofill_manager_->OnAddPasswordFillData(CreateTestFormFillData());
}
-#endif // BUILDFLAG(IS_MAC) || BUILDFLAG(IS_ANDROID)
+#endif // BUILDFLAG(IS_MAC) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_WIN)
TEST_F(PasswordAutofillManagerTest, ShowsWebAuthnSuggestions) {
TestPasswordManagerClient client;
diff --git a/components/password_manager/core/browser/password_form_filling.cc b/components/password_manager/core/browser/password_form_filling.cc
index b188d1a..64a6593 100644
--- a/components/password_manager/core/browser/password_form_filling.cc
+++ b/components/password_manager/core/browser/password_form_filling.cc
@@ -202,7 +202,7 @@
WaitForUsernameReason::kDontWait;
if (client->IsIncognito()) {
wait_for_username_reason = WaitForUsernameReason::kIncognitoMode;
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
} else if (password_manager_util::IsBiometricAuthenticationForFillingEnabled(
client)) {
wait_for_username_reason = WaitForUsernameReason::kBiometricAuthentication;
diff --git a/components/password_manager/core/browser/password_form_filling_unittest.cc b/components/password_manager/core/browser/password_form_filling_unittest.cc
index 12cac64..cbf5df4 100644
--- a/components/password_manager/core/browser/password_form_filling_unittest.cc
+++ b/components/password_manager/core/browser/password_form_filling_unittest.cc
@@ -28,7 +28,7 @@
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
#include "components/password_manager/core/common/password_manager_pref_names.h"
#include "components/prefs/pref_registry_simple.h"
#include "components/prefs/testing_pref_service.h"
@@ -135,7 +135,7 @@
ON_CALL(webauthn_credentials_delegate_, IsWebAuthnAutofillEnabled)
.WillByDefault(Return(false));
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
test_pref_service_ = std::make_unique<TestingPrefServiceSimple>();
test_pref_service_->registry()->RegisterBooleanPref(
password_manager::prefs::kBiometricAuthenticationBeforeFilling, true);
@@ -157,7 +157,7 @@
scoped_refptr<PasswordFormMetricsRecorder> metrics_recorder_;
std::vector<const PasswordForm*> federated_matches_;
MockWebAuthnCredentialsDelegate webauthn_credentials_delegate_;
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
std::unique_ptr<TestingPrefServiceSimple> test_pref_service_;
#endif
};
@@ -176,7 +176,7 @@
}
TEST_F(PasswordFormFillingTest, Autofill) {
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndEnableFeature(
password_manager::features::kBiometricAuthenticationForFilling);
@@ -200,7 +200,8 @@
// On Android Touch To Fill will prevent autofilling credentials on page load.
// On iOS Reauth is always required.
-#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_IOS) || BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_IOS) || BUILDFLAG(IS_MAC) || \
+ BUILDFLAG(IS_WIN)
EXPECT_EQ(LikelyFormFilling::kFillOnAccountSelect, likely_form_filling);
EXPECT_TRUE(fill_data.wait_for_username);
#else
@@ -227,7 +228,7 @@
}
TEST_F(PasswordFormFillingTest, TestFillOnLoadSuggestion) {
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndEnableFeature(
password_manager::features::kBiometricAuthenticationForFilling);
@@ -284,7 +285,8 @@
if (test_case.current_password_present) {
// On Android Touch To Fill will prevent autofilling credentials on page
// load. On iOS Reauth is always required.
-#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_IOS) || BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_IOS) || BUILDFLAG(IS_MAC) || \
+ BUILDFLAG(IS_WIN)
EXPECT_EQ(LikelyFormFilling::kFillOnAccountSelect, likely_form_filling);
#else
EXPECT_EQ(LikelyFormFilling::kFillOnPageLoad, likely_form_filling);
diff --git a/components/password_manager/core/browser/password_manager_util.cc b/components/password_manager/core/browser/password_manager_util.cc
index 9a074d6..02bda39 100644
--- a/components/password_manager/core/browser/password_manager_util.cc
+++ b/components/password_manager/core/browser/password_manager_util.cc
@@ -389,7 +389,7 @@
return result;
}
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
bool IsBiometricAuthenticationForFillingEnabled(
password_manager::PasswordManagerClient* client) {
// This checking order is important to ensure balanced experiment groups.
@@ -413,7 +413,7 @@
bool CanUseBiometricAuth(device_reauth::BiometricAuthenticator* authenticator,
device_reauth::BiometricAuthRequester requester,
password_manager::PasswordManagerClient* client) {
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
if (!client || !client->GetLocalStatePrefs() || !client->GetPrefs() ||
!authenticator) {
return false;
diff --git a/components/password_manager/core/browser/password_manager_util.h b/components/password_manager/core/browser/password_manager_util.h
index bd1fc8d..4cfb1487 100644
--- a/components/password_manager/core/browser/password_manager_util.h
+++ b/components/password_manager/core/browser/password_manager_util.h
@@ -166,7 +166,7 @@
password_manager::PasswordForm MakeNormalizedBlocklistedForm(
password_manager::PasswordFormDigest digest);
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
bool IsBiometricAuthenticationForFillingEnabled(
password_manager::PasswordManagerClient* client);
#endif
diff --git a/components/password_manager/core/browser/password_manager_util_unittest.cc b/components/password_manager/core/browser/password_manager_util_unittest.cc
index a0a5cab..7ba11dc 100644
--- a/components/password_manager/core/browser/password_manager_util_unittest.cc
+++ b/components/password_manager/core/browser/password_manager_util_unittest.cc
@@ -332,7 +332,7 @@
pref_service_.registry()->RegisterBooleanPref(
password_manager::prefs::kAutoSignInEnabledGMS, true);
#endif
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
pref_service_.registry()->RegisterBooleanPref(
password_manager::prefs::kBiometricAuthenticationBeforeFilling, false);
pref_service_.registry()->RegisterBooleanPref(
@@ -343,7 +343,7 @@
ON_CALL(*authenticator_, CanAuthenticate).WillByDefault(Return(true));
#endif
}
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
void SetHadBiometricsAvailable(bool available) {
pref_service_.SetBoolean(password_manager::prefs::kHadBiometricsAvailable,
available);
@@ -879,7 +879,7 @@
#endif
}
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
TEST_F(PasswordManagerUtilTest, CanUseBiometricAuth) {
base::test::ScopedFeatureList scoped_feature_list;
scoped_feature_list.InitAndDisableFeature(
@@ -919,6 +919,6 @@
device_reauth::BiometricAuthRequester::kAutofillSuggestion,
&mock_client_));
}
-#endif // BUILDFLAG(IS_MAC)
+#endif // BUILDFLAG(IS_MAC) || BUILDFLAG(IS_WIN)
} // namespace password_manager_util
diff --git a/components/password_manager_strings.grdp b/components/password_manager_strings.grdp
index 88ce84e..bb15d14 100644
--- a/components/password_manager_strings.grdp
+++ b/components/password_manager_strings.grdp
@@ -132,13 +132,16 @@
<message name="IDS_PASSWORD_MANAGER_USE_WINDOWS_HELLO" desc="Text that appears in the password autofill popup, for the Windows Hello passkey option. Windows Hello passkeys let users use their Windows PIN or fingerprint reader to verify their identity, instead of a password. Do not translate as “password”; “passkey” is a unique concept.">
Use Windows Hello
</message>
+ <message name="IDS_PASSWORD_MANAGER_FILLING_REAUTH" desc="Text appears in the password autofill reauthentication popup, asking user to authenticate using biometric before filling.">
+ Google Chrome is trying to fill your password on <ph name="APP_NAME">$1<ex>google.com</ex></ph>.
+ </message>
</if>
<if expr="is_macosx">
<message name="IDS_PASSWORD_MANAGER_USE_TOUCH_ID" desc="Text that appears in the password autofill popup, for the Mac TouchID passkey option. Touch ID passkeys let users use their local computer password or fingerprint reader to verify their identity, instead of a password. Do not translate as “password”; “passkey” is a unique concept.">
Use Touch ID
</message>
<message name="IDS_PASSWORD_MANAGER_FILLING_REAUTH" desc="Shown after 'Google Chrome is trying to ' (or in some languages, 'Google Chrome wants to ') in a dialog message. Text appears in the password autofill reauthentication popup, asking user to authenticate using biometric before filling.">
- fill your password on <ph name="APP_NAME">$1<ex>google.com</ex></ph>
+ fill your password on <ph name="APP_NAME">$1<ex>google.com</ex></ph>
</message>
</if>
<if expr="not is_win and not is_macosx">
