File: password_status_check_service.h

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (251 lines) | stat: -rw-r--r-- 10,502 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
 
// Copyright 2023 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CHROME_BROWSER_UI_SAFETY_HUB_PASSWORD_STATUS_CHECK_SERVICE_H_
#define CHROME_BROWSER_UI_SAFETY_HUB_PASSWORD_STATUS_CHECK_SERVICE_H_

#include "base/memory/raw_ptr.h"
#include "base/scoped_observation.h"
#include "base/timer/timer.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/safety_hub/safety_hub_service.h"
#include "components/keyed_service/core/keyed_service.h"
#include "components/password_manager/core/browser/leak_detection/bulk_leak_check_service_interface.h"
#include "components/password_manager/core/browser/password_store/password_store_interface.h"
#include "components/password_manager/core/browser/ui/insecure_credentials_manager.h"

class PasswordStatusCheckResult;

namespace password_manager {
class BulkLeakCheckServiceAdapter;
}
// The service that runs password checks periodically to get unsecure credential
// information. The service also observes the changes in password store to get
// notified about the newly discovered password issues.
class PasswordStatusCheckService
    : public KeyedService,
      public password_manager::BulkLeakCheckServiceInterface::Observer,
      public password_manager::PasswordStoreInterface::Observer,
      public password_manager::InsecureCredentialsManager::Observer {
 public:
  explicit PasswordStatusCheckService(Profile* profile);

  PasswordStatusCheckService(const PasswordStatusCheckService&) = delete;
  PasswordStatusCheckService& operator=(const PasswordStatusCheckService&) =
      delete;

  ~PasswordStatusCheckService() override;

  // KeyedService implementation.
  void Shutdown() override;

  // Getters for different issues with credentials.
  size_t compromised_credential_count() const {
    return compromised_credential_count_;
  }
  size_t weak_credential_count() const { return weak_credential_count_; }
  size_t reused_credential_count() const { return reused_credential_count_; }

  bool is_password_check_running() const;

  bool no_passwords_saved() const { return saved_credential_count_ == 0; }

  // Returns the time at which the password check is currently scheduled to run.
  base::Time GetScheduledPasswordCheckTime() const;

  // Returns the interval that was used to schedule the current password check
  // time.
  base::TimeDelta GetScheduledPasswordCheckInterval() const;

  // Register a delayed task running the password check.
  void StartRepeatedUpdates();

  // Bring cached credential issues up to date with data from Password Manager.
  void UpdateInsecureCredentialCountAsync();

  // Helper function for displaying the current status in the UI.
  base::Value::Dict GetPasswordCardData(bool signed_in);

  // Returns the latest PasswordStatusCheckResult that is available in memory.
  // TODO(crbug.com/40267370): This will be a SafetyHubService implementation.
  std::optional<std::unique_ptr<SafetyHubService::Result>> GetCachedResult();

  // Returns if there is any ongoing password check or insecure credential
  // check. Returns true if is_update_credential_count_pending() or
  // is_password_check_running().
  bool IsUpdateRunning() const;

  bool is_running_weak_reused_check() const {
    return running_weak_reused_check_;
  }

  // Verifies that both `password_check_delegate_` and
  // `saved_passwords_presenter_` are initialized.
  bool IsInfrastructureReady() const;

  // Testing functions.
  bool IsObservingBulkLeakCheckForTesting() const {
    return bulk_leak_check_observation_.IsObserving();
  }

  // Public getters for testing.
  password_manager::SavedPasswordsPresenter*
  GetSavedPasswordsPresenterForTesting() {
    return saved_passwords_presenter_.get();
  }

  password_manager::InsecureCredentialsManager*
  GetInsecureCredentialsManagerForTesting() {
    return insecure_credentials_manager_.get();
  }

  password_manager::BulkLeakCheckServiceAdapter*
  GetBulkLeakCheckServiceAdapterForTesting() {
    return bulk_leak_check_service_adapter_.get();
  }

 private:
  FRIEND_TEST_ALL_PREFIXES(PasswordStatusCheckServiceBaseTest,
                           CheckTimeUpdatedAfterRunScheduledInThePast);
  FRIEND_TEST_ALL_PREFIXES(PasswordStatusCheckServiceBaseTest,
                           CheckTimeUpdatedAfterRunScheduledLongTimeInThePast);
  // The enum to hold 4 password check states.
  // As soon as the check is started, the state will be kStarting.
  // When the state is kStarting:
  // - if OnStateChanged is called, it will be kOnStateChangedCalled.
  // - if OnStartedPasswordCheck is called, it will be
  // kOnStartCallbackCompleted.
  // When the state is kOnStateChangedCalled:
  // - if OnStartedPasswordCheck is called, it will be kStopped.
  // When the state is OnStartedPasswordCheck:
  // - if OnStateChanged is called, it will be kStopped.
  //  Whenever the state is kStopped, then the infra will be killed.
  enum PasswordCheckState {
    kStarting,
    kOnStateChangedCalled,
    kOnStartCallbackCompleted,
    kStopped,
  };

  // Triggers Password Manager's password check to discover new credential
  // issues.
  void RunPasswordCheckAsync();

  // Runs weak/reused password check.
  void RunWeakReusedCheckAsync();

  // BulkLeakCheckService::Observer implementation.
  // This is observed to get notified of the progress of the password check.
  void OnStateChanged(
      password_manager::BulkLeakCheckServiceInterface::State state) override;
  void OnCredentialDone(const password_manager::LeakCheckCredential& credential,
                        password_manager::IsLeaked is_leaked) override;
  void OnBulkCheckServiceShutDown() override;

  // PasswordStoreInterface::Observer implementation.
  // Used to trigger an update of the password issue counts when passwords
  // change.
  void OnLoginsChanged(
      password_manager::PasswordStoreInterface* store,
      const password_manager::PasswordStoreChangeList& changes) override;
  void OnLoginsRetained(password_manager::PasswordStoreInterface* store,
                        const std::vector<password_manager::PasswordForm>&
                            retained_passwords) override;

  // InsecureCredentialsManager::Observer implementation.
  void OnInsecureCredentialsChanged() override;

  // Called whenever password_check_delegate_->StartPasswordCheck is completed.
  // This is only used to prevent the infra being shutdown while there is an
  // ongoing check in the delegate.
  void OnStartedPasswordCheck(
      password_manager::BulkLeakCheckServiceInterface::State state);

  // This is called when weak and reuse checks are complete and
  // `InsecureCredentialsManager` is ready to be queried for credential issues.
  void OnWeakAndReuseChecksDone();

  // Initializes `saved_passwords_presenter_` and `password_check_delegate_`. If
  // there is no `password_store`, then the infra can not be initialized.
  void MaybeInitializePasswordCheckInfrastructure(base::OnceClosure completion);

  // Brings cached values for insecure credential counts up to date with
  // |saved_passwords_presenter_|.
  void UpdateInsecureCredentialCount();

  // Deletes `password_check_delegate_` and `saved_passwords_presenter_` if
  // async operations have concluded to keep memory footprint low.
  void MaybeResetInfrastructure();

  // Updates pref dict for scheduled password check.
  void SetPasswordCheckSchedulePrefsWithInterval(base::Time check_time);

  // Schedules the next password check time and calls StartRepeatedUpdates.
  void ScheduleCheckAndStartRepeatedUpdates();

  raw_ptr<Profile> profile_;

  // Required to obtain the list of saved passwords. Also is required for
  // construction of `PasswordCheckDelegate`. Because it is memory intensive,
  // only initialized when needed.
  std::unique_ptr<password_manager::SavedPasswordsPresenter>
      saved_passwords_presenter_;

  // Used to obtain the list of insecure credentials.
  std::unique_ptr<password_manager::InsecureCredentialsManager>
      insecure_credentials_manager_;

  // Adapter used to start, monitor and stop a bulk leak check.
  std::unique_ptr<password_manager::BulkLeakCheckServiceAdapter>
      bulk_leak_check_service_adapter_;

  // A scoped observer for `BulkLeakCheckService` which is used by
  // `PasswordCheckDelegate`. This is used for detecting when password check is
  // complete through `OnStateChanged`.
  base::ScopedObservation<
      password_manager::BulkLeakCheckServiceInterface,
      password_manager::BulkLeakCheckServiceInterface::Observer>
      bulk_leak_check_observation_{this};

  // Scoped observer for profile and account `PasswordStore`s. This is used
  // to trigger an update of the password issue counts when passwords have
  // changed. We're notified of this with `OnLoginsChanged`.
  base::ScopedObservation<password_manager::PasswordStoreInterface,
                          password_manager::PasswordStoreInterface::Observer>
      profile_password_store_observation_{this};
  base::ScopedObservation<password_manager::PasswordStoreInterface,
                          password_manager::PasswordStoreInterface::Observer>
      account_password_store_observation_{this};

  // A scoped observer for `insecure_credentials_manager_`. This is used for
  // detecting when insecure credentials are changed through
  // `OnInsecureCredentialsChanged`.
  base::ScopedObservation<
      password_manager::InsecureCredentialsManager,
      password_manager::InsecureCredentialsManager::Observer>
      insecure_credentials_manager_observation_{this};

  // Cached results of the password check.
  size_t compromised_credential_count_ = 0;
  size_t weak_credential_count_ = 0;
  size_t reused_credential_count_ = 0;
  size_t saved_credential_count_ = 0;

  // Indicates whether weak reause check is currently running.
  bool running_weak_reused_check_ = false;

  // Timer to schedule the run of the password check after some time has passed.
  base::OneShotTimer password_check_timer_;

  // Timer to schedule the weak and reuse checks to run every day.
  base::RepeatingTimer weak_and_reuse_check_timer_;

  // The latest available result, which is initialized when the service is
  // started and whenever insecure credentials are changed.
  std::unique_ptr<PasswordStatusCheckResult> latest_result_;

  base::WeakPtrFactory<PasswordStatusCheckService> weak_ptr_factory_{this};
};

#endif  // CHROME_BROWSER_UI_SAFETY_HUB_PASSWORD_STATUS_CHECK_SERVICE_H_