Password update flows #453
Conversation
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
… ema/password-update-flows
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
| topContextData.inputType === 'credentials.password', | ||
| this.settings.featureToggles.password_generation, | ||
| form.isSignup | ||
| topContextData.inputType === 'credentials.password.new', |
There was a problem hiding this comment.
No need to rely on form.isSignup because we read the password.new attribute instead.
| static default () { | ||
| const globalConfig = createGlobalConfig() | ||
| static default (globalConfigOverrides) { | ||
| const globalConfig = createGlobalConfig(globalConfigOverrides) |
There was a problem hiding this comment.
This isn't really needed. But I had to add it temporarily to test something in the test suite and thought we can leave it here in case it's useful in the future. It just enables passing specific configs during tests.
| dataType === 'identities' && // only for identities | ||
| dataType !== 'creditCards' && // creditCards always override, the others only when we're focusing the input | ||
| input.nodeName !== 'SELECT' && input.value !== '' && // if the input is not empty | ||
| this.activeInput !== input && // and this is not the active input | ||
| !isEmailAutofill // and we're not auto-filling email | ||
| this.activeInput !== input // and this is not the active input |
There was a problem hiding this comment.
Avoid overriding any inserted data unless it's a credit card form or we're trying to override the current field. It's useful to avoid overriding the old password when generating a new one in 3-field update-password forms.
| if (variant === 'new' && AUTOGENERATED_KEY in data) { | ||
| return this.autofillInput(input, autofillData, dataType) | ||
| } | ||
| if (variant === 'current' && !(AUTOGENERATED_KEY in data)) { | ||
| return this.autofillInput(input, autofillData, dataType) | ||
| } |
There was a problem hiding this comment.
Fill all related fields, so if there's a repeat new password field we fill it in one go, but won't override current when filling new.
| const strength = likelyASubmit ? 20 : 2 | ||
| this.updateSignal({string, strength, signalType: `submit: ${string}`}) | ||
| const strength = likelyASubmit ? 20 : 4 | ||
| this.updateSignal({string, strength, signalType: `button: ${string}`, shouldFlip}) |
There was a problem hiding this comment.
This just takes into account forms with multiple buttons where only one is obviously a submit. Fixes a long-standing bug for Twitch, already in the test suite 💪.
|
|
||
| // We check for more than one to minimise false positives | ||
| this._isCCForm = Boolean(textMatches && textMatches.length > 1) | ||
| this._isCCForm = Boolean(textMatches && deDupedMatches.size > 1) |
There was a problem hiding this comment.
Again, fixes a bug added to the test suite. Strings could be counted multiple times and result in false matching credit card fields.
|
|
||
| const getMismatchedValue = (score) => { |
There was a problem hiding this comment.
Had to tweak how we compare in the test suite so we can account for the new variant without breaking all existing tests. I still back-filled about 100 of them 💪 .
| @@ -100,12 +100,26 @@ const inputTypeConfig = { | |||
| if (!canBeInteractedWith(input)) return '' | |||
|
|
|||
| if (device.settings.featureToggles.inlineIcon_credentials) { | |||
| const subtype = getInputSubtype(input) | |||
There was a problem hiding this comment.
Just tweaks to account for the different icons.
| if (!this.isInputLargeEnough('emailAddress', input)) { | ||
| if (shouldLog()) { | ||
| console.log('Field matched for Email Address, but discarded because too small when scanned') | ||
| } | ||
| return 'unknown' | ||
| } |
There was a problem hiding this comment.
Same functionality, but adds logging to simplify debugging.
| /** | ||
| * Remove whitespace of more than 2 in a row and trim the string | ||
| * @param {string | null} string | ||
| * @return {string} | ||
| */ | ||
| const removeExcessWhitespace = (string = '') => { | ||
| string = string?.trim() || '' |
There was a problem hiding this comment.
Just moved the trimming here so the length cutoff is more accurate. Form test added.
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
Signed-off-by: Emanuele Feliziani <[email protected]>
| // Check attributes first | ||
| // This is done mainly to ensure coverage for all languages, since attributes are usually in English | ||
| const attrsToCheck = [input.autocomplete, input.name, input.id] | ||
| if ( | ||
| opts.isSignup && | ||
| attrsToCheck.some(str => safeRegexTest(/new.?password|password.?new/i, str)) | ||
| ) { | ||
| return 'credentials.password.new' | ||
| } | ||
| if ( | ||
| (opts.isLogin || opts.isHybrid) && | ||
| attrsToCheck.some(str => safeRegexTest(/(current|old|previous).?password|password.?(current|old|previous)/i, str)) | ||
| ) { | ||
| return 'credentials.password.current' | ||
| } |
There was a problem hiding this comment.
none-blocking question: in your opinion, does this workaround indicate a flaw in our implementation of matchers?
I only ask because I'm curious if we can expand the design later to include things like this, so that we can keep these regexes together.
I don't feel strongly, I think your solution here is great, more of a talking point for later :)
There was a problem hiding this comment.
If I understand your question correctly, unfortunately this has nothing to do with our implementation. It's that some pages use autocomplete=current-password for signup pages and autocomplete=new-password for login pages, exactly backwards 🤦♂️. We found this even on very high-profile pages like Pinterest and Twitch. This workaround is needed to ensure that when that happens we still try to show the best option to users.
Task/Issue URL: https://app.asana.com/0/1206327382038426/1206327382038426 Autofill Release: https://github.com/duckduckgo/duckduckgo-autofill/releases/tag/10.0.3 ## Description Updates Autofill to version [10.0.3](https://github.com/duckduckgo/duckduckgo-autofill/releases/tag/10.0.3). ### Autofill 10.0.3 release notes ## What's Changed * Use the default branch when checking out repos by @GioSensation in duckduckgo/duckduckgo-autofill#444 * Password update flows by @GioSensation in duckduckgo/duckduckgo-autofill#453 * Bump @types/jest from 29.5.5 to 29.5.11 by @dependabot in duckduckgo/duckduckgo-autofill#439 * Update password-related json files (2023-12-21) by @daxmobile in duckduckgo/duckduckgo-autofill#454 * Move test forms out of src by @GioSensation in duckduckgo/duckduckgo-autofill#457 * Move integration tests around by @GioSensation in duckduckgo/duckduckgo-autofill#455 * Fixes by @GioSensation in duckduckgo/duckduckgo-autofill#467 * Update password-related json files (2024-01-11) by @daxmobile in duckduckgo/duckduckgo-autofill#466 **Full Changelog**: duckduckgo/duckduckgo-autofill@10.0.2...10.0.3 ## Steps to test This release has been tested during autofill development. For smoke test steps see [this task](https://app.asana.com/0/1198964220583541/1200583647142330/f). Co-authored-by: GioSensation <[email protected]>
Reviewer: @shakyShane
Asana: https://app.asana.com/0/0/1206019054894764/f
Description
Steps to test