The password manager is a component layered.
This means that the code is spread out through the following directories:
NOTE: Some embedder specific code must not be part of content (e.g. UI specific code) and located in
The following architecture diagram shows instances of core classes. For simplicity, it shows the concrete instances in case of Chrome on desktop. In reality there exist further abstractions, e.g. the ChromePasswordManagerClient
is the Chrome-specific implementation of the PasswordManagerClient
interface. The ContentPasswordManagerDriver
is the content specific implementation of the *::PasswordManagerDriver
interfaces.
Browser + UI specific code in browser | and further browser specific +-------------------+ | code |PasswordFormManager<-------+ | +-------------------+ | | | 1 per tab | 1 per tab +-------------------+ +---------------+ | +---------------------------+ |PasswordFormManager<-------+PasswordManager<----->ChromePasswordManagerClient| +-------------------+ +-------+-------+ | +-------------+-------------+ | | | | +-------------------+ | | | | |PasswordFormManager<-------+ | | | +-------------------+ | | | 1 per form | | +-------------v-------------+ | | |PasswordManagerUIController| 1 per frame | | +---------------------------+ +-----------------------+----+ | |ContentPasswordManagerDriver| | +-----------------------+----+ | | | +----------------------------------------------+------------------------------+ | Renderer | +----------------------------------------------+ | | | | | | | | | +-------+-----+ +------------+--------+ +----------v------------+ |AutofillAgent| |PasswordAutofillAgent| |PasswordGenerationAgent| +-------------+ +---------------------+ +-----------------------+ 1 of each per frame
Here is a summary of the core responsibilities of the classes and interfaces:
PasswordManagerClient
interface (1 per tab)
Abstracts operations that depend on the embedder environment (e.g. Chromium). Manages settings (which features are enabled?), UI (popup bubbles, etc.), provides access to the password store, etc.
Chrome's implementation of the PasswordManagerClient
on non-iOS platforms. This bootstraps the browser side classes at tab creation time.
IOSChromePasswordManagerClient
iOS implementation
WebViewPasswordManagerClient
//ios/web_view implementation
StubPasswordManagerClient
stub for mocking out calls to the embedder in tests.
PasswordManager
(1 per tab)
Embedder agnostic password manager, manages the life-cycle of password forms (represented as PasswordFormManager
instances). It is informed about newly observed forms from the renderers and initiates the filling on page load and (together with PasswordFormManager
) save/update prompts on form submission.
PasswordFormManager
(1 per form)
This manages the life-cycle of an individual password form. It knows about credentials that are stored on disk or a credential typed by the user. It makes the decision which credentials should be filled into a form and whether to offer password saving or updating existing credentials after a successful form submission.
*::PasswordManagerDriver
(1 per frame)
The *::PasswordManagerDriver
is the browser-side communication end-point for password related communication between the browser and renderers.
This is actually a collection of two interfaces named *::PasswordManagerDriver
. The first one (mojom::PasswordManagerDriver
) is a mojo interface that allows renderers to talk to the browser. The second one (password_manager::PasswordManagerDriver
) allows the browser to talk to renderers.
This is the content specific implementation of the PasswordManagerDriver
interfaces.
IOSChromePasswordManagerDriver
This is the iOS specific implementation.
A stub for mocking out communication to the renderer in tests.
AutofillAgent
(1 per frame)
The renderer side implementation of Autofill, listens to DOM events and autofill UI events, and dispatches them to the password manager specific agents.
This implements the mojom::AutofillAgent
interface.
PasswordAutofillAgent
(1 per frame)
The renderer side implementation of filling credentials into the DOM and capturing/extracting all relevant information and events from DOM.
This implements the mojom::PasswordAutofillAgent
interface.
PasswordGenerationAgent
(1 per frame)
The renderer side implementation of password generation.
This implements the mojom::PasswordGenerationAgent
interface.