[go: nahoru, domu]

tree: 38d6c4362a724a3438787a55eeaeb08b6fa4f314 [path history] [tgz]
  1. content/
  2. core/
  3. ios/
  4. services/
  5. COMMON_METADATA
  6. DEPS
  7. DIR_METADATA
  8. OWNERS
  9. README.md
components/password_manager/README.md

Password Manager

The password manager is a layered component.

This means that the code is spread out through the following directories:

  • ./core/: Essentials, not depending on any other layers. All other layers may depend on core.
  • ./content/: Content-specific embedding.
  • ./ios/: iOS-specific embedding.

NOTE: Some embedder-specific code must not be part of content (e.g. UI specific code) and located in

  • /chrome/browser/password_manager/
  • /chrome/android/java/src/org/chromium/chrome/browser/password_manager/
  • /ios/chrome/browser/passwords/

High-level architecture

The following architecture diagram shows instances of core classes. For simplicity, it shows the concrete instances in the case of Chrome on desktop. In reality there exist further abstractions, e.g. the ChromePasswordManagerClient is the Chrome-specific implementation of the PasswordManagerClient interface. The ContentPasswordManagerDriver is the content specific implementation of the *::PasswordManagerDriver interfaces.

Browser                                        + UI specific code in browser
                                               | and further browser specific
+-------------------+                          | code
|PasswordFormManager<-------+                  |
+-------------------+       |                  |
                            |  1 per tab       |  1 per tab
+-------------------+       +---------------+  |  +---------------------------+
|PasswordFormManager<-------+PasswordManager<----->ChromePasswordManagerClient|
+-------------------+       +-------+-------+  |  +-------------+-------------+
                            |       |          |                |
+-------------------+       |       |          |                |
|PasswordFormManager<-------+       |          |                |
+-------------------+               |          |                |
1 per form                          |          |  +-------------v-------------+
                                    |          |  |PasswordManagerUIController|
                        1 per frame |          |  +---------------------------+
            +-----------------------+----+     |
            |ContentPasswordManagerDriver|     |
            +-----------------------+----+     |
                                    |          |
+----------------------------------------------+------------------------------+
                                    |
Renderer                            |
             +----------------------------------------------+
             |                      |                       |
             |                      |                       |
             |                      |                       |
     +-------+-----+   +------------+--------+   +----------v------------+
     |AutofillAgent|   |PasswordAutofillAgent|   |PasswordGenerationAgent|
     +-------------+   +---------------------+   +-----------------------+
             1 of each per frame

Here is a summary of the core responsibilities of the classes and interfaces:

  • PasswordManagerClient interface (1 per tab)

    Abstracts operations that depend on the embedder environment (e.g. Chromium). Manages settings (which features are enabled?), UI (popup bubbles, etc.), provides access to the password store, etc.

  • PasswordManager (1 per tab)

    Embedder-agnostic password manager, manages the life-cycle of password forms (represented as PasswordFormManager instances). It is informed about newly observed forms from the renderers and initiates the filling on page load and (together with PasswordFormManager) save/update prompts on form submission.

  • PasswordFormManager (1 per form)

    This manages the life-cycle of an individual password form. It knows about credentials that are stored on disk or a credential typed by the user. It makes the decision which credentials should be filled into a form and whether to offer password saving or updating existing credentials after a successful form submission.

  • *::PasswordManagerDriver (1 per frame)

    The *::PasswordManagerDriver is the browser-side communication end-point for password related communication between the browser and renderers.

    This is actually a collection of two interfaces named *::PasswordManagerDriver. The first one (mojom::PasswordManagerDriver) is a mojo interface that allows renderers to talk to the browser. The second one (password_manager::PasswordManagerDriver) allows the browser to talk to renderers.

  • AutofillAgent (1 per frame)

    The renderer side implementation of Autofill, listens to DOM events and autofill UI events, and dispatches them to the password manager specific agents.

    This implements the mojom::AutofillAgent interface.

  • PasswordAutofillAgent (1 per frame)

    The renderer side implementation of filling credentials into the DOM and capturing/extracting all relevant information and events from DOM.

    This implements the mojom::PasswordAutofillAgent interface.

  • PasswordGenerationAgent (1 per frame)

    The renderer side implementation of password generation.

    This implements the mojom::PasswordGenerationAgent interface.