rAc: don't open sign in continue url in new tab

components/autofill/content/browser/wallet/wallet_service_url.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/autofill/content/browser/wallet/wallet_service_url.h"
 
 #include <string>
 
 #include "base/command_line.h"
 #include "base/format_macros.h"
 #include "base/metrics/field_trial.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/stringprintf.h"
 #include "components/autofill/core/common/autofill_switches.h"
+#include "content/public/common/url_constants.h"
 #include "google_apis/gaia/gaia_urls.h"
 #include "net/base/url_util.h"
 #include "url/gurl.h"
 
 namespace autofill {
 namespace {
 
 const char kProdWalletServiceUrl[] = "https://wallet.google.com/";
 
 // TODO(ahutter): Remove this once production is ready.
 const char kSandboxWalletServiceUrl[] =
     "https://wallet-web.sandbox.google.com/";
 
 // TODO(ahutter): Remove this once production is ready.
 const char kSandboxWalletSecureServiceUrl[] =
     "https://wallet-web.sandbox.google.com/";
 
+// Set to true during some tests.
+bool g_use_testing_sign_in_continue_url = false;
+
 bool IsWalletProductionEnabled() {
   const CommandLine* command_line = CommandLine::ForCurrentProcess();
   std::string sandbox_enabled(
       command_line->GetSwitchValueASCII(switches::kWalletServiceUseSandbox));
   if (!sandbox_enabled.empty())
     return sandbox_enabled != "1";
   return true;
 }
 
 GURL GetWalletHostUrl() {
@@ skipping 101 matching lines @@
                                   GetSignInContinueUrl().spec());
   return url;
 }
 
 // The continue url portion of the sign-in URL. This URL is used as a milestone
 // to determine that the sign-in process is finished. It has to be a Google
 // domain, use https://, and do almost nothing, but otherwise it's not too
 // important what the URL actually is: it's not important that this URL has the
 // ability to generate a gdToken.
 GURL GetSignInContinueUrl() {
+  if (g_use_testing_sign_in_continue_url)
+    return GURL(content::kAboutBlankURL);
+
   return GetPassiveAuthUrl(0);
 }
 
+void SetUseTestingSignInContinueUrl() {
+  g_use_testing_sign_in_continue_url = true;
+}
+
 bool IsSignInContinueUrl(const GURL& url, size_t* user_index) {
-  GURL final_url = wallet::GetSignInContinueUrl();
-  if (!url.SchemeIsSecure() ||
+  GURL final_url = GetSignInContinueUrl();
+  if (url.scheme() != final_url.scheme() ||
       url.host() != final_url.host() ||
       url.path() != final_url.path()) {
     return false;
   }
 
   *user_index = 0;
   std::string query_str = url.query();
   url_parse::Component query(0, query_str.length());
   url_parse::Component key, value;
   const char kUserIndexKey[] = "authuser";
   while (url_parse::ExtractQueryKeyValue(query_str.c_str(), &query, &key,
                                          &value)) {
     if (key.is_nonempty() &&
         query_str.substr(key.begin, key.len) == kUserIndexKey) {
       base::StringToSizeT(query_str.substr(value.begin, value.len), user_index);
       break;
     }
   }
 
   return true;
 }
 
 bool IsSignInRelatedUrl(const GURL& url) {
-  return url.GetOrigin() == GetSignInUrl().GetOrigin();
+  size_t unused;
+  return url.GetOrigin() == GetSignInUrl().GetOrigin() ||
+      IsSignInContinueUrl(url, &unused);

[groby-ooo-7-16, 2014/01/03 00:10:22]

I assume we added this additional test because of accounts.youtube.com? Would it
make more sense to allow that as a second GAIA origin, instead of limiting it to
the passive auth URL?

[Evan Stade, 2014/01/03 00:14:57]

Not sure where you're getting the youtube idea from. The sign in flow forwards
the user to the sign in continue url when it's done. That's why this is here.

 }
 
 bool IsUsingProd() {
   return GetWalletHostUrl() == GURL(kProdWalletServiceUrl);
 }
 
 }  // namespace wallet
 }  // namespace autofill