New encryption/escrow endpoints for Wallet

No more EncryptionEscrowClient!
Updates Wallet client to use new endpoints for AuthenticateInstrument, GetFullWallet, and SaveToWallet and reduces all those calls to just one roundtrip.
No more confusing Save/Update... calls, just one SaveToWallet call.

Still need to manually test SaveToWallet and AuthenticateInstrument.

TEST=unit tests all still pass with minimal changes, manual testing of GetFullWallet

BUG=249958,245341,238807

Review URL: https://chromiumcodereview.appspot.com/17970003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@212754 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 161 insertions, 374 deletions

diff --git a/components/autofill/content/browser/wallet/wallet_client.cc b/components/autofill/content/browser/wallet/wallet_client.cc
index 9e18185..aa82172 100644
--- a/components/autofill/content/browser/wallet/wallet_client.cc
+++ b/components/autofill/content/browser/wallet/wallet_client.cc
@@ -9,7 +9,10 @@
 #include "base/json/json_writer.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
+#include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
+#include "base/strings/stringprintf.h"
+#include "base/strings/utf_string_conversions.h"
 #include "components/autofill/content/browser/wallet/form_field_error.h"
 #include "components/autofill/content/browser/wallet/instrument.h"
 #include "components/autofill/content/browser/wallet/wallet_address.h"
@@ -19,6 +22,7 @@
 #include "components/autofill/core/browser/autofill_metrics.h"
 #include "crypto/random.h"
 #include "google_apis/google_api_keys.h"
+#include "net/base/escape.h"
 #include "net/http/http_status_code.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_request_context_getter.h"
@@ -29,9 +33,24 @@ namespace wallet {
 
 namespace {
 
+const char kFormEncodedMimeType[] = "application/x-www-form-urlencoded";
 const char kJsonMimeType[] = "application/json";
+const char kEscrowNewInstrumentFormat[] =
+    "request_content_type=application/json&request=%s&cvn=%s&card_number=%s";
+const char kEscrowCardVerificationNumberFormat[] =
+    "request_content_type=application/json&request=%s&cvn=%s";
+const char kGetFullWalletRequestFormat[] =
+    "request_content_type=application/json&request=%s&otp=%s:%s";
 const size_t kOneTimePadLength = 6;
 
+// The maximum number of bits in the one time pad that the server is willing to
+// accept.
+const size_t kMaxBits = 56;
+
+// The minimum number of bits in the one time pad that the server is willing to
+// accept.
+const size_t kMinBits = 40;
+
 std::string AutocheckoutStatusToString(AutocheckoutStatus status) {
   switch (status) {
     case MISSING_FIELDMAPPING:
@@ -241,23 +260,12 @@ WalletClient::FullWalletRequest::FullWalletRequest(
 
 WalletClient::FullWalletRequest::~FullWalletRequest() {}
 
-WalletClient::UpdateInstrumentRequest::UpdateInstrumentRequest(
-    const std::string& instrument_id,
-    const GURL& source_url)
-    : instrument_id(instrument_id),
-      expiration_month(0),
-      expiration_year(0),
-      source_url(source_url) {}
-
-WalletClient::UpdateInstrumentRequest::~UpdateInstrumentRequest() {}
-
 WalletClient::WalletClient(net::URLRequestContextGetter* context_getter,
                            WalletClientDelegate* delegate)
     : context_getter_(context_getter),
       delegate_(delegate),
       request_type_(NO_PENDING_REQUEST),
-      one_time_pad_(kOneTimePadLength),
-      encryption_escrow_client_(context_getter, this) {
+      one_time_pad_(kOneTimePadLength) {
   DCHECK(context_getter_.get());
   DCHECK(delegate_);
 }
@@ -280,27 +288,37 @@ void WalletClient::AcceptLegalDocuments(
 
 void WalletClient::AuthenticateInstrument(
     const std::string& instrument_id,
-    const std::string& card_verification_number,
-    const std::string& obfuscated_gaia_id) {
+    const std::string& card_verification_number) {
   if (HasRequestInProgress()) {
     pending_requests_.push(base::Bind(&WalletClient::AuthenticateInstrument,
                                       base::Unretained(this),
                                       instrument_id,
-                                      card_verification_number,
-                                      obfuscated_gaia_id));
+                                      card_verification_number));
     return;
   }
 
   DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  DCHECK(pending_request_body_.empty());
   request_type_ = AUTHENTICATE_INSTRUMENT;
 
-  pending_request_body_.SetString(kApiKeyKey, google_apis::GetAPIKey());
-  pending_request_body_.SetString(kRiskParamsKey, delegate_->GetRiskData());
-  pending_request_body_.SetString(kInstrumentIdKey, instrument_id);
+  base::DictionaryValue request_dict;
+  request_dict.SetString(kApiKeyKey, google_apis::GetAPIKey());
+  request_dict.SetString(kRiskParamsKey, delegate_->GetRiskData());
+  request_dict.SetString(kInstrumentIdKey, instrument_id);
+
+  std::string json_payload;
+  base::JSONWriter::Write(&request_dict, &json_payload);
+
+  std::string escaped_card_verification_number = net::EscapeUrlEncodedData(
+      card_verification_number, true);
+
+  std::string post_body = base::StringPrintf(
+      kEscrowCardVerificationNumberFormat,
+      net::EscapeUrlEncodedData(json_payload, true).c_str(),
+      escaped_card_verification_number.c_str());
 
-  encryption_escrow_client_.EscrowCardVerificationNumber(
-      card_verification_number, obfuscated_gaia_id);
+  MakeWalletRequest(GetAuthenticateInstrumentUrl(),
+                    post_body,
+                    kFormEncodedMimeType);
 }
 
 void WalletClient::GetFullWallet(const FullWalletRequest& full_wallet_request) {
@@ -312,23 +330,21 @@ void WalletClient::GetFullWallet(const FullWalletRequest& full_wallet_request) {
   }
 
   DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  DCHECK(pending_request_body_.empty());
   request_type_ = GET_FULL_WALLET;
 
-  pending_request_body_.SetString(kApiKeyKey, google_apis::GetAPIKey());
-  pending_request_body_.SetString(kRiskParamsKey, delegate_->GetRiskData());
-  pending_request_body_.SetString(kSelectedInstrumentIdKey,
-                                  full_wallet_request.instrument_id);
-  pending_request_body_.SetString(kSelectedAddressIdKey,
-                                  full_wallet_request.address_id);
-  pending_request_body_.SetString(
+  base::DictionaryValue request_dict;
+  request_dict.SetString(kApiKeyKey, google_apis::GetAPIKey());
+  request_dict.SetString(kRiskParamsKey, delegate_->GetRiskData());
+  request_dict.SetString(kSelectedInstrumentIdKey,
+                         full_wallet_request.instrument_id);
+  request_dict.SetString(kSelectedAddressIdKey, full_wallet_request.address_id);
+  request_dict.SetString(
       kMerchantDomainKey,
       full_wallet_request.source_url.GetWithEmptyPath().spec());
-  pending_request_body_.SetString(kGoogleTransactionIdKey,
-                                  full_wallet_request.google_transaction_id);
-  pending_request_body_.SetString(
-      kFeatureKey,
-      DialogTypeToFeatureString(delegate_->GetDialogType()));
+  request_dict.SetString(kGoogleTransactionIdKey,
+                         full_wallet_request.google_transaction_id);
+  request_dict.SetString(kFeatureKey,
+                         DialogTypeToFeatureString(delegate_->GetDialogType()));
 
   scoped_ptr<base::ListValue> risk_capabilities_list(new base::ListValue());
   for (std::vector<RiskCapability>::const_iterator it =
@@ -337,47 +353,41 @@ void WalletClient::GetFullWallet(const FullWalletRequest& full_wallet_request) {
        ++it) {
     risk_capabilities_list->AppendString(RiskCapabilityToString(*it));
   }
-  pending_request_body_.Set(kRiskCapabilitiesKey,
-                            risk_capabilities_list.release());
+  request_dict.Set(kRiskCapabilitiesKey, risk_capabilities_list.release());
 
-  crypto::RandBytes(&(one_time_pad_[0]), one_time_pad_.size());
-  encryption_escrow_client_.EncryptOneTimePad(one_time_pad_);
-}
+  std::string json_payload;
+  base::JSONWriter::Write(&request_dict, &json_payload);
 
-void WalletClient::GetWalletItems(const GURL& source_url) {
-  if (HasRequestInProgress()) {
-    pending_requests_.push(base::Bind(&WalletClient::GetWalletItems,
-                                      base::Unretained(this),
-                                      source_url));
-    return;
-  }
+  crypto::RandBytes(&(one_time_pad_[0]), one_time_pad_.size());
 
-  DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  request_type_ = GET_WALLET_ITEMS;
+  size_t num_bits = one_time_pad_.size() * 8;
+  DCHECK_LE(num_bits, kMaxBits);
+  DCHECK_GE(num_bits, kMinBits);
 
-  base::DictionaryValue request_dict;
-  request_dict.SetString(kApiKeyKey, google_apis::GetAPIKey());
-  request_dict.SetString(kMerchantDomainKey,
-                         source_url.GetWithEmptyPath().spec());
-
-  std::string post_body;
-  base::JSONWriter::Write(&request_dict, &post_body);
+  std::string post_body = base::StringPrintf(
+      kGetFullWalletRequestFormat,
+      net::EscapeUrlEncodedData(json_payload, true).c_str(),
+      base::HexEncode(&num_bits, 1).c_str(),
+      base::HexEncode(&(one_time_pad_[0]), one_time_pad_.size()).c_str());
 
-  MakeWalletRequest(GetGetWalletItemsUrl(), post_body);
+  MakeWalletRequest(GetGetFullWalletUrl(), post_body, kFormEncodedMimeType);
 }
 
-void WalletClient::SaveAddress(const Address& shipping_address,
-                               const GURL& source_url) {
+void WalletClient::SaveToWallet(scoped_ptr<Instrument> instrument,
+                                scoped_ptr<Address> address,
+                                const GURL& source_url) {
+  DCHECK(instrument || address);
   if (HasRequestInProgress()) {
-    pending_requests_.push(base::Bind(&WalletClient::SaveAddress,
+    pending_requests_.push(base::Bind(&WalletClient::SaveToWallet,
                                       base::Unretained(this),
-                                      shipping_address,
+                                      base::Passed(&instrument),
+                                      base::Passed(&address),
                                       source_url));
     return;
   }
 
   DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  request_type_ = SAVE_ADDRESS;
+  request_type_ = SAVE_TO_WALLET;
 
   base::DictionaryValue request_dict;
   request_dict.SetString(kApiKeyKey, google_apis::GetAPIKey());
@@ -385,80 +395,97 @@ void WalletClient::SaveAddress(const Address& shipping_address,
   request_dict.SetString(kMerchantDomainKey,
                          source_url.GetWithEmptyPath().spec());
 
-  request_dict.Set(kShippingAddressKey,
-                   shipping_address.ToDictionaryWithID().release());
-
-  std::string post_body;
-  base::JSONWriter::Write(&request_dict, &post_body);
+  std::string primary_account_number;
+  std::string card_verification_number;
+  if (instrument) {
+    primary_account_number = net::EscapeUrlEncodedData(
+        UTF16ToUTF8(instrument->primary_account_number()), true);
+    card_verification_number = net::EscapeUrlEncodedData(
+        UTF16ToUTF8(instrument->card_verification_number()), true);
+
+    if (instrument->object_id().empty()) {
+      request_dict.Set(kInstrumentKey, instrument->ToDictionary().release());
+      request_dict.SetString(kInstrumentPhoneNumberKey,
+                             instrument->address()->phone_number());
+    } else {
+      DCHECK(instrument->address() ||
+             (instrument->expiration_month() > 0 &&
+              instrument->expiration_year() > 0));
+
+      request_dict.SetString(kUpgradedInstrumentIdKey,
+                             instrument->object_id());
+
+      if (instrument->address()) {
+        request_dict.SetString(kInstrumentPhoneNumberKey,
+                               instrument->address()->phone_number());
+        request_dict.Set(
+            kUpgradedBillingAddressKey,
+            instrument->address()->ToDictionaryWithoutID().release());
+      }
 
-  MakeWalletRequest(GetSaveToWalletUrl(), post_body);
-}
+      if (instrument->expiration_month() > 0 &&
+          instrument->expiration_year() > 0) {
+        DCHECK(!instrument->card_verification_number().empty());
+        request_dict.SetInteger(kInstrumentExpMonthKey,
+                                instrument->expiration_month());
+        request_dict.SetInteger(kInstrumentExpYearKey,
+                                instrument->expiration_year());
+      }
 
-void WalletClient::SaveInstrument(
-    const Instrument& instrument,
-    const std::string& obfuscated_gaia_id,
-    const GURL& source_url) {
-  if (HasRequestInProgress()) {
-    pending_requests_.push(base::Bind(&WalletClient::SaveInstrument,
-                                      base::Unretained(this),
-                                      instrument,
-                                      obfuscated_gaia_id,
-                                      source_url));
-    return;
+      if (request_dict.HasKey(kInstrumentKey))
+        request_dict.SetString(kInstrumentType, "CREDIT_CARD");
+    }
+  }
+  if (address) {
+    request_dict.Set(kShippingAddressKey,
+                     address->ToDictionaryWithID().release());
   }
 
-  DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  DCHECK(pending_request_body_.empty());
-  request_type_ = SAVE_INSTRUMENT;
-
-  pending_request_body_.SetString(kApiKeyKey, google_apis::GetAPIKey());
-  pending_request_body_.SetString(kRiskParamsKey, delegate_->GetRiskData());
-  pending_request_body_.SetString(kMerchantDomainKey,
-                                  source_url.GetWithEmptyPath().spec());
-
-  pending_request_body_.Set(kInstrumentKey,
-                            instrument.ToDictionary().release());
-  pending_request_body_.SetString(kInstrumentPhoneNumberKey,
-                                  instrument.address().phone_number());
+  std::string json_payload;
+  base::JSONWriter::Write(&request_dict, &json_payload);
 
-  encryption_escrow_client_.EscrowInstrumentInformation(instrument,
-                                                        obfuscated_gaia_id);
+  if (!card_verification_number.empty()) {
+    std::string post_body;
+    if (!primary_account_number.empty()) {
+      post_body = base::StringPrintf(
+          kEscrowNewInstrumentFormat,
+          net::EscapeUrlEncodedData(json_payload, true).c_str(),
+          card_verification_number.c_str(),
+          primary_account_number.c_str());
+    } else {
+      post_body = base::StringPrintf(
+          kEscrowCardVerificationNumberFormat,
+          net::EscapeUrlEncodedData(json_payload, true).c_str(),
+          card_verification_number.c_str());
+    }
+    MakeWalletRequest(GetSaveToWalletUrl(), post_body, kFormEncodedMimeType);
+  } else {
+    MakeWalletRequest(GetSaveToWalletNoEscrowUrl(),
+                      json_payload,
+                      kJsonMimeType);
+  }
 }
 
-void WalletClient::SaveInstrumentAndAddress(
-    const Instrument& instrument,
-    const Address& address,
-    const std::string& obfuscated_gaia_id,
-    const GURL& source_url) {
+void WalletClient::GetWalletItems(const GURL& source_url) {
   if (HasRequestInProgress()) {
-    pending_requests_.push(base::Bind(&WalletClient::SaveInstrumentAndAddress,
+    pending_requests_.push(base::Bind(&WalletClient::GetWalletItems,
                                       base::Unretained(this),
-                                      instrument,
-                                      address,
-                                      obfuscated_gaia_id,
                                       source_url));
     return;
   }
 
   DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  DCHECK(pending_request_body_.empty());
-  request_type_ = SAVE_INSTRUMENT_AND_ADDRESS;
-
-  pending_request_body_.SetString(kApiKeyKey, google_apis::GetAPIKey());
-  pending_request_body_.SetString(kRiskParamsKey, delegate_->GetRiskData());
-  pending_request_body_.SetString(kMerchantDomainKey,
-                                  source_url.GetWithEmptyPath().spec());
+  request_type_ = GET_WALLET_ITEMS;
 
-  pending_request_body_.Set(kInstrumentKey,
-                            instrument.ToDictionary().release());
-  pending_request_body_.SetString(kInstrumentPhoneNumberKey,
-                              instrument.address().phone_number());
+  base::DictionaryValue request_dict;
+  request_dict.SetString(kApiKeyKey, google_apis::GetAPIKey());
+  request_dict.SetString(kMerchantDomainKey,
+                         source_url.GetWithEmptyPath().spec());
 
-  pending_request_body_.Set(kShippingAddressKey,
-                        address.ToDictionaryWithID().release());
+  std::string post_body;
+  base::JSONWriter::Write(&request_dict, &post_body);
 
-  encryption_escrow_client_.EscrowInstrumentInformation(instrument,
-                                                        obfuscated_gaia_id);
+  MakeWalletRequest(GetGetWalletItemsUrl(), post_body, kJsonMimeType);
 }
 
 void WalletClient::SendAutocheckoutStatus(
@@ -504,116 +531,14 @@ void WalletClient::SendAutocheckoutStatus(
   std::string post_body;
   base::JSONWriter::Write(&request_dict, &post_body);
 
-  MakeWalletRequest(GetSendStatusUrl(), post_body);
-}
-
-void WalletClient::UpdateAddress(const Address& address,
-                                 const GURL& source_url) {
-  if (HasRequestInProgress()) {
-    pending_requests_.push(base::Bind(&WalletClient::UpdateAddress,
-                                      base::Unretained(this),
-                                      address,
-                                      source_url));
-    return;
-  }
-
-  DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  request_type_ = UPDATE_ADDRESS;
-
-  base::DictionaryValue request_dict;
-  request_dict.SetString(kApiKeyKey, google_apis::GetAPIKey());
-  request_dict.SetString(kRiskParamsKey, delegate_->GetRiskData());
-  request_dict.SetString(kMerchantDomainKey,
-                         source_url.GetWithEmptyPath().spec());
-
-  request_dict.Set(kShippingAddressKey,
-                   address.ToDictionaryWithID().release());
-
-  std::string post_body;
-  base::JSONWriter::Write(&request_dict, &post_body);
-
-  MakeWalletRequest(GetSaveToWalletUrl(), post_body);
-}
-
-void WalletClient::UpdateInstrument(
-    const UpdateInstrumentRequest& update_instrument_request,
-    scoped_ptr<Address> billing_address) {
-  if (HasRequestInProgress()) {
-    pending_requests_.push(base::Bind(&WalletClient::UpdateInstrument,
-                                      base::Unretained(this),
-                                      update_instrument_request,
-                                      base::Passed(&billing_address)));
-    return;
-  }
-
-  DCHECK_EQ(NO_PENDING_REQUEST, request_type_);
-  DCHECK(pending_request_body_.empty());
-  DCHECK(update_instrument_request.card_verification_number.empty() ==
-         update_instrument_request.obfuscated_gaia_id.empty());
-  DCHECK(billing_address ||
-         (update_instrument_request.expiration_month > 0 &&
-          update_instrument_request.expiration_year > 0));
-
-  request_type_ = UPDATE_INSTRUMENT;
-
-  base::DictionaryValue* active_request_body;
-  base::DictionaryValue request_dict;
-  if (update_instrument_request.card_verification_number.empty())
-    active_request_body = &request_dict;
-  else
-    active_request_body = &pending_request_body_;
-
-  active_request_body->SetString(kApiKeyKey, google_apis::GetAPIKey());
-  active_request_body->SetString(kRiskParamsKey, delegate_->GetRiskData());
-  active_request_body->SetString(
-      kMerchantDomainKey,
-      update_instrument_request.source_url.GetWithEmptyPath().spec());
-
-  active_request_body->SetString(kUpgradedInstrumentIdKey,
-                                 update_instrument_request.instrument_id);
-
-  if (billing_address) {
-    active_request_body->SetString(kInstrumentPhoneNumberKey,
-                                   billing_address->phone_number());
-    active_request_body->Set(
-        kUpgradedBillingAddressKey,
-        billing_address->ToDictionaryWithoutID().release());
-  }
-
-  if (update_instrument_request.expiration_month > 0 &&
-      update_instrument_request.expiration_year > 0) {
-    DCHECK(!update_instrument_request.card_verification_number.empty());
-    active_request_body->SetInteger(
-        kInstrumentExpMonthKey,
-        update_instrument_request.expiration_month);
-    active_request_body->SetInteger(kInstrumentExpYearKey,
-                                    update_instrument_request.expiration_year);
-  }
-
-  if (active_request_body->HasKey(kInstrumentKey))
-    active_request_body->SetString(kInstrumentType, "CREDIT_CARD");
-
-  if (update_instrument_request.card_verification_number.empty()) {
-    std::string post_body;
-    base::JSONWriter::Write(active_request_body, &post_body);
-    MakeWalletRequest(GetSaveToWalletUrl(), post_body);
-  } else {
-    encryption_escrow_client_.EscrowCardVerificationNumber(
-        update_instrument_request.card_verification_number,
-        update_instrument_request.obfuscated_gaia_id);
-  }
+  MakeWalletRequest(GetSendStatusUrl(), post_body, kJsonMimeType);
 }
 
 bool WalletClient::HasRequestInProgress() const {
-  // |SaveInstrument*()| and |UpdateInstrument()| methods don't set |request_|
-  // until sensitive info has been escrowed, so this class is considered to have
-  // a request in progress if |encryption_escrow_client_| is working as well.
-  return request_ || encryption_escrow_client_.HasRequestInProgress();
+  return request_;
 }
 
 void WalletClient::CancelRequests() {
-  encryption_escrow_client_.CancelRequest();
-  pending_request_body_.Clear();
   request_.reset();
   request_type_ = NO_PENDING_REQUEST;
   while (!pending_requests_.empty()) {
@@ -653,18 +578,19 @@ void WalletClient::DoAcceptLegalDocuments(
   std::string post_body;
   base::JSONWriter::Write(&request_dict, &post_body);
 
-  MakeWalletRequest(GetAcceptLegalDocumentsUrl(), post_body);
+  MakeWalletRequest(GetAcceptLegalDocumentsUrl(), post_body, kJsonMimeType);
 }
 
 void WalletClient::MakeWalletRequest(const GURL& url,
-                                     const std::string& post_body) {
+                                     const std::string& post_body,
+                                     const std::string& mime_type) {
   DCHECK(!HasRequestInProgress());
 
   request_.reset(net::URLFetcher::Create(
       0, url, net::URLFetcher::POST, this));
   request_->SetRequestContext(context_getter_.get());
   VLOG(1) << "Making request to " << url << " with post_body=" << post_body;
-  request_->SetUploadData(kJsonMimeType, post_body);
+  request_->SetUploadData(mime_type, post_body);
   request_->AddExtraRequestHeader("Authorization: GoogleLogin auth=" +
                                   delegate_->GetWalletCookieValue());
   DVLOG(1) << "Setting authorization header value to "
@@ -793,44 +719,7 @@ void WalletClient::OnURLFetchComplete(
       break;
     }
 
-    case SAVE_ADDRESS: {
-      std::string shipping_address_id;
-      std::vector<RequiredAction> required_actions;
-      GetRequiredActionsForSaveToWallet(*response_dict, &required_actions);
-      std::vector<FormFieldError> form_errors;
-      GetFormFieldErrors(*response_dict, &form_errors);
-      if (response_dict->GetString(kShippingAddressIdKey,
-                                   &shipping_address_id) ||
-          !required_actions.empty()) {
-        LogRequiredActions(required_actions);
-        delegate_->OnDidSaveAddress(shipping_address_id,
-                                    required_actions,
-                                    form_errors);
-      } else {
-        HandleMalformedResponse();
-      }
-      break;
-    }
-
-    case SAVE_INSTRUMENT: {
-      std::string instrument_id;
-      std::vector<RequiredAction> required_actions;
-      GetRequiredActionsForSaveToWallet(*response_dict, &required_actions);
-      std::vector<FormFieldError> form_errors;
-      GetFormFieldErrors(*response_dict, &form_errors);
-      if (response_dict->GetString(kInstrumentIdKey, &instrument_id) ||
-          !required_actions.empty()) {
-        LogRequiredActions(required_actions);
-        delegate_->OnDidSaveInstrument(instrument_id,
-                                       required_actions,
-                                       form_errors);
-      } else {
-        HandleMalformedResponse();
-      }
-      break;
-    }
-
-    case SAVE_INSTRUMENT_AND_ADDRESS: {
+    case SAVE_TO_WALLET: {
       std::string instrument_id;
       response_dict->GetString(kInstrumentIdKey, &instrument_id);
       std::string shipping_address_id;
@@ -840,51 +729,15 @@ void WalletClient::OnURLFetchComplete(
       GetRequiredActionsForSaveToWallet(*response_dict, &required_actions);
       std::vector<FormFieldError> form_errors;
       GetFormFieldErrors(*response_dict, &form_errors);
-      if ((!instrument_id.empty() && !shipping_address_id.empty()) ||
-          !required_actions.empty()) {
-        LogRequiredActions(required_actions);
-        delegate_->OnDidSaveInstrumentAndAddress(instrument_id,
-                                                 shipping_address_id,
-                                                 required_actions,
-                                                 form_errors);
-      } else {
+      if (instrument_id.empty() && shipping_address_id.empty() &&
+          required_actions.empty()) {
         HandleMalformedResponse();
-      }
-      break;
-    }
-
-    case UPDATE_ADDRESS: {
-      std::string address_id;
-      std::vector<RequiredAction> required_actions;
-      GetRequiredActionsForSaveToWallet(*response_dict, &required_actions);
-      std::vector<FormFieldError> form_errors;
-      GetFormFieldErrors(*response_dict, &form_errors);
-      if (response_dict->GetString(kShippingAddressIdKey, &address_id) ||
-          !required_actions.empty()) {
-        LogRequiredActions(required_actions);
-        delegate_->OnDidUpdateAddress(address_id,
-                                      required_actions,
-                                      form_errors);
       } else {
-        HandleMalformedResponse();
-      }
-      break;
-    }
-
-    case UPDATE_INSTRUMENT: {
-      std::string instrument_id;
-      std::vector<RequiredAction> required_actions;
-      GetRequiredActionsForSaveToWallet(*response_dict, &required_actions);
-      std::vector<FormFieldError> form_errors;
-      GetFormFieldErrors(*response_dict, &form_errors);
-      if (response_dict->GetString(kInstrumentIdKey, &instrument_id) ||
-          !required_actions.empty()) {
         LogRequiredActions(required_actions);
-        delegate_->OnDidUpdateInstrument(instrument_id,
-                                         required_actions,
-                                         form_errors);
-      } else {
-        HandleMalformedResponse();
+        delegate_->OnDidSaveToWallet(instrument_id,
+                                     shipping_address_id,
+                                     required_actions,
+                                     form_errors);
       }
       break;
     }
@@ -951,64 +804,6 @@ void WalletClient::HandleWalletError(WalletClient::ErrorType error_type) {
       delegate_->GetDialogType(), ErrorTypeToUmaMetric(error_type));
 }
 
-void WalletClient::OnDidEncryptOneTimePad(
-    const std::string& encrypted_one_time_pad,
-    const std::string& session_material) {
-  DCHECK_EQ(GET_FULL_WALLET, request_type_);
-  pending_request_body_.SetString(kEncryptedOtpKey, encrypted_one_time_pad);
-  pending_request_body_.SetString(kSessionMaterialKey, session_material);
-
-  std::string post_body;
-  base::JSONWriter::Write(&pending_request_body_, &post_body);
-  pending_request_body_.Clear();
-
-  MakeWalletRequest(GetGetFullWalletUrl(), post_body);
-}
-
-void WalletClient::OnDidEscrowInstrumentInformation(
-    const std::string& escrow_handle) {
-  DCHECK(request_type_ == SAVE_INSTRUMENT ||
-         request_type_ == SAVE_INSTRUMENT_AND_ADDRESS);
-
-  pending_request_body_.SetString(kInstrumentEscrowHandleKey, escrow_handle);
-
-  std::string post_body;
-  base::JSONWriter::Write(&pending_request_body_, &post_body);
-  pending_request_body_.Clear();
-
-  MakeWalletRequest(GetSaveToWalletUrl(), post_body);
-}
-
-void WalletClient::OnDidEscrowCardVerificationNumber(
-    const std::string& escrow_handle) {
-  DCHECK(request_type_ == AUTHENTICATE_INSTRUMENT ||
-         request_type_ == UPDATE_INSTRUMENT);
-  pending_request_body_.SetString(kInstrumentEscrowHandleKey, escrow_handle);
-
-  std::string post_body;
-  base::JSONWriter::Write(&pending_request_body_, &post_body);
-  pending_request_body_.Clear();
-
-  if (request_type_ == AUTHENTICATE_INSTRUMENT)
-    MakeWalletRequest(GetAuthenticateInstrumentUrl(), post_body);
-  else
-    MakeWalletRequest(GetSaveToWalletUrl(), post_body);
-}
-
-void WalletClient::OnDidMakeRequest() {
-  delegate_->GetMetricLogger().LogWalletErrorMetric(
-      delegate_->GetDialogType(),
-      AutofillMetrics::WALLET_ERROR_BASELINE_ISSUED_REQUEST);
-}
-
-void WalletClient::OnNetworkError() {
-  HandleWalletError(NETWORK_ERROR);
-}
-
-void WalletClient::OnMalformedResponse() {
-  HandleWalletError(MALFORMED_RESPONSE);
-}
-
 // Logs an UMA metric for each of the |required_actions|.
 void WalletClient::LogRequiredActions(
     const std::vector<RequiredAction>& required_actions) const {
@@ -1030,18 +825,10 @@ AutofillMetrics::WalletApiCallMetric WalletClient::RequestTypeToUmaMetric(
       return AutofillMetrics::GET_FULL_WALLET;
     case GET_WALLET_ITEMS:
       return AutofillMetrics::GET_WALLET_ITEMS;
-    case SAVE_ADDRESS:
-      return AutofillMetrics::SAVE_ADDRESS;
-    case SAVE_INSTRUMENT:
-      return AutofillMetrics::SAVE_INSTRUMENT;
-    case SAVE_INSTRUMENT_AND_ADDRESS:
-      return AutofillMetrics::SAVE_INSTRUMENT_AND_ADDRESS;
+    case SAVE_TO_WALLET:
+      return AutofillMetrics::SAVE_TO_WALLET;
     case SEND_STATUS:
       return AutofillMetrics::SEND_STATUS;
-    case UPDATE_ADDRESS:
-      return AutofillMetrics::UPDATE_ADDRESS;
-    case UPDATE_INSTRUMENT:
-      return AutofillMetrics::UPDATE_INSTRUMENT;
     case NO_PENDING_REQUEST:
       NOTREACHED();
       return AutofillMetrics::UNKNOWN_API_CALL;