Fix 3650: Enable google sign in for extensions

[jumde]

Resolves brave/brave-browser#3650
Resolves brave/brave-browser#4672

Security Review: https://github.com/brave/security/issues/157 - (approved)

Submitter Checklist:

• Submitted a ticket for my issue if one did not already exist.
• Used Github auto-closing keywords in the commit message.
• Added/updated tests for this change (for new code or code which already has tests).
• Verified that these changes build without errors on
  • Android
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that these changes pass automated tests (unit, browser, security tests) on
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that all lint errors/warnings are resolved (npm run lint)
• Ran git rebase master (if needed).
• Ran git rebase -i to squash commits (if needed).
• Tagged reviewers and labelled the pull request as needed.
• Request a security/privacy review as needed.
• Add appropriate QA labels (QA/Yes or QA/No) to include the closed issue in milestone
• Public documentation has been updated as necessary. For instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Custom-Headers
  • https://github.com/brave/brave-browser/wiki/Web-compatibility-issues-with-tracking-protection
  • https://github.com/brave/brave-browser/wiki/QA-Guide

Test Plan:

Some follow-up changes were made to the workflow in https://github.com/brave/brave-core/pull/6516 -

To enable `Google Login for extensions` :

1. Navigate to brave://settings/extensions 
2. Toggle Google Login for extensions and Relaunch.

1. Open Brave with a new profile and verify no connections are made to accounts.google.com
2. Navigate to https://chrome.google.com/webstore/detail/google-keep-chrome-extens/lpcaedmchfhocbbapmcbpinfpgnhiddi to install google-keep extension
3. Verify that login to google works with google keep.
4. Navigate to https://chrome.google.com/webstore/detail/google-calendar/gmbgaklkmjakoegficnlkhebmhkjfich to install google-calendar extension
5. Verify that login works with google calendar
6. Remove the extensions from Brave
7. Navigate to brave://settings/siteData and clear all site data
8. Navigate to brave://settings/socialBlocking
9. Disable Allow Google login buttons on third party sites
10. Click Relaunch
11. Install Google Keep extension and navigate to brave.com
12. Try sign-in with Google Keep extension. It should fail.

Reviewer Checklist:

• New files have MPL-2.0 license header.
• Request a security/privacy review as needed.
• Adequate test coverage exists to prevent regressions
• Verify test plan is specified in PR before merging to source

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on.
• All relevant documentation has been updated.

[jumde]

This removes request to accounts.google.com on start, it is not required for enabling google sign in.

[diracdeltas]

suggest adding a link to a page (wiki?) explaining what google login in extensions entails

[jumde]

@diracdeltas - This is the wiki: https://developer.chrome.com/apps/identity - I can add it as a comment in the code. Or do you want me to create a separate brave wiki for it?

[diracdeltas]

@jumde i mean add a page that explains to the user what this option means and what data gets sent to Google. i think most people understand what Google login in 3p sites means but it's not clear what gets sent to google when you enable google login in extensionos.

[jumde]

@diracdeltas - Here it is: https://github.com/brave/brave-browser/wiki/Social-Blocking:-Allow-Google-login

[diracdeltas]

wiki page looks good, can you add an info link to it next to the setting?

[jumde]

@diracdeltas - Set here: https://github.com/brave/brave-core/pull/5616/files#diff-2ff48ebe156c663642e6a503ed3d3913R17

[pilgrim-brave]

Pretty sure that these defines should be named based on the class/function they're in, instead of by their use, but @bridiver can verify.

[pilgrim-brave]

LGTM modulo minor comments.

[bwims]

Does anyone know if this will resolve #5197 ? If so, when it is likely to be released?

Many thanks!

[bridiver]

see comments

[petemill]

I think this would be cleaner to understand with

component.properties = {
  ...component.properties,
  ...allPropertiesMap[moduleName]
}

[petemill]

IMO would be better to have console.debug (or console.log) here so that we don't have things that look like errors in the long list of log entries that occur when debug flag is on

[jumde]

@petemill - updated

[petemill]

I think this is hard to understand and follow what it's used for.

How about calling it something explicit like componentPropertyModifications or propertyModificationComponentBuffer and a comment stating that components are held there in case RegisterPolymerComponentProperties is called after the component is registered?

[petemill]

did you mean to add a blank line?

[simonhong]

I think //brave/chromium_src/chrome/app should not be added here because it is higher layer than chrome/browser, chrome/common or chrome/renderer.
Instead, how about adding //brave/chromium_src/chrome/app to //brave:browser_dependencies? @jumde @bridiver

When I needed to add new dependencies to brave_main_delegate.cc, I added them directly to //brave:browser_dependencies. but I think I should move them into //brave/chromium_src/chrome/app later.

[simonhong]

nit: to align with others, "chromium_src/chrome/app would be better?

Hmm, we've used absolute/relative path in a mix :)

[jumde]

CI fails with known issues being fixed here:

#6455

[bwims]

@bwims - The latest release of Tab Outliner in paid mode is not working on Chrome as well. Are you able to login to your account with Chrome?
Here is what I tried:

1. Navigate to chrome-extension://eggkanocgddhmamlbiijnphhppkpkmkl/options.html
2. Click Sign Into Chrome - Nothing happens

Let me know if you're seeing the same behvior.

No, it works fine. You have to call up the extension, click the settings, cogwheel and enable access to Google Drive.
Let me know if you want screenshots!
Thanks!
First picture shows extension button

Next the settings cogwheel (you have to hover in the bottom left corner to see these options)

This is the backup tab on Brave which shows it cannot be authorized.

This shows the same tab on Google after clicking the authorize button

Hi!

I have been away for a while and I was wondering if (a) Tabs Outliner now works (b) if so, which version of Brave can I use with it?

Many thanks!

[jumde]

@bwims - Can you try using Tab Outliner with the latest version. You'll have to enable Google Login for extensions in brave://settings/extensions. 1.14.81 Chromium: 85.0.4183.102 (Official Build) (64-bit)

There is some additional work required to fix all Paid/Premium extensions, its being tracked here: brave/brave-browser#10622

[bwims]

@bwims - Can you try using Tab Outliner with the latest version. You'll have to enable Google Login for extensions in brave://settings/extensions. 1.14.81 Chromium: 85.0.4183.102 (Official Build) (64-bit)

There is some additional work required to fix all Paid/Premium extensions, its being tracked here: brave/brave-browser#10622

It half works. It lets me use the automatic backup paid feature but not others.

The main problem is still as described on
brave/brave-browser#5197 . It wants access to my Chrome Profile email, so I guess that is totally different.

I don't think it is related to brave/brave-browser#10622

Oh well!