[epiphany/carlosgc/http-auth-credential-storage: 2/2] Store HTTP Auth passwords in password manager

[Carlos Garcia Campos <carlosgc src gnome org>]

commit 4fe6817937b875a7a753ce0ff59f447814541800
Author: Carlos Garcia Campos <cgarcia igalia com>
Date:   Tue Jun 23 14:51:21 2020 +0200

    Store HTTP Auth passwords in password manager
    
    Use new WebKit API to disable the internal credential storage and use
    our own.
    
    Fixes: https://gitlab.gnome.org/GNOME/epiphany/-/issues/719

 embed/ephy-embed-shell.c |  1 +
 embed/ephy-web-view.c    | 83 +++++++++++++++++++++++++++++++++++++++++++-----
 2 files changed, 76 insertions(+), 8 deletions(-)
---
diff --git a/embed/ephy-embed-shell.c b/embed/ephy-embed-shell.c
index 293a7f2f1..b007b0ad5 100644
--- a/embed/ephy-embed-shell.c
+++ b/embed/ephy-embed-shell.c
@@ -781,6 +781,7 @@ ephy_embed_shell_create_web_context (EphyEmbedShell *shell)
     manager = webkit_website_data_manager_new ("base-data-directory", ephy_profile_dir (),
                                                "base-cache-directory", ephy_cache_dir (),
                                                NULL);
+    webkit_website_data_manager_set_persistent_credential_storage_enabled (manager, FALSE);
   }
 
   priv->web_context = g_object_new (WEBKIT_TYPE_WEB_CONTEXT,
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index 716711d34..995c98d57 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -2319,6 +2319,56 @@ reader_setting_changed_cb (GSettings   *settings,
   g_free (js_snippet);
 }
 
+typedef struct {
+  EphyWebView *web_view;
+  WebKitAuthenticationRequest *request;
+} AuthenticationData;
+
+static void
+auth_password_query_finished_cb (GList              *records,
+                                 AuthenticationData *data)
+{
+  EphyPasswordRecord *record;
+  g_autoptr (WebKitCredential) credential = NULL;
+
+  record = records && records->data ? EPHY_PASSWORD_RECORD (records->data) : NULL;
+  if (record) {
+    credential = webkit_credential_new (ephy_password_record_get_username (record),
+                                        ephy_password_record_get_password (record),
+                                        WEBKIT_CREDENTIAL_PERSISTENCE_NONE);
+  } else {
+    /* Provide a non-empty wrong credential to force a retry */
+    credential = webkit_credential_new (" ", "", WEBKIT_CREDENTIAL_PERSISTENCE_NONE);
+  }
+
+  webkit_authentication_request_authenticate (data->request, credential);
+  g_object_unref (data->request);
+  g_object_unref (data->web_view);
+  g_free (data);
+}
+
+static void
+authenticate_succeeded_cb (WebKitAuthenticationRequest *request,
+                           WebKitCredential            *credential)
+{
+  EphyPasswordManager *password_manager;
+  const char *origin;
+
+  if (webkit_credential_get_persistence (credential) != WEBKIT_CREDENTIAL_PERSISTENCE_PERMANENT)
+    return;
+
+  origin = webkit_authentication_request_get_host (request);
+  password_manager = ephy_embed_shell_get_password_manager (ephy_embed_shell_get_default ());
+  ephy_password_manager_save (password_manager,
+                              origin,
+                              origin,
+                              webkit_credential_get_username (credential),
+                              webkit_credential_get_password (credential),
+                              "",
+                              "",
+                              TRUE);
+}
+
 static gboolean
 authenticate_cb (WebKitWebView               *web_view,
                  WebKitAuthenticationRequest *request,
@@ -2326,18 +2376,35 @@ authenticate_cb (WebKitWebView               *web_view,
 {
   EphyWebView *ephy_web_view = EPHY_WEB_VIEW (web_view);
   g_autoptr (WebKitCredential) credential = NULL;
+  EphyPasswordManager *password_manager;
+  AuthenticationData *data;
+  const char *origin;
 
-  credential = webkit_authentication_request_get_proposed_credential (request);
-
-  /* In case we have known credentials and it is the firs try, authenticate automatically */
-  if (credential && !webkit_authentication_request_is_retry (request)) {
-    webkit_authentication_request_authenticate (request, credential);
-    return TRUE;
+  if (webkit_authentication_request_is_retry (request)) {
+    webkit_authentication_request_set_can_save_credentials (request, TRUE);
+    g_signal_connect_object (request, "authenticated",
+                             G_CALLBACK (authenticate_succeeded_cb),
+                             ephy_web_view, 0);
+    ephy_web_view->in_auth_dialog = 1;
+    return FALSE;
   }
 
-  ephy_web_view->in_auth_dialog = 1;
+  data = g_new (AuthenticationData, 1);
+  data->web_view = g_object_ref (ephy_web_view);
+  data->request = g_object_ref (request);
 
-  return FALSE;
+  origin = webkit_authentication_request_get_host (request);
+  password_manager = ephy_embed_shell_get_password_manager (ephy_embed_shell_get_default ());
+  ephy_password_manager_query (password_manager,
+                               NULL,
+                               origin,
+                               origin,
+                               NULL,
+                               NULL,
+                               NULL,
+                               (EphyPasswordManagerQueryCallback)auth_password_query_finished_cb,
+                               data);
+  return TRUE;
 }
 
 typedef struct {