bitwarden
diff --git a/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/di/Fido2ProviderModule.kt
Lines changed: 15 additions & 4 deletions b/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/di/Fido2ProviderModule.kt
Lines changed: 15 additions & 4 deletions
diff --git a/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/manager/Fido2CredentialManager.kt
Lines changed: 0 additions & 10 deletions b/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/manager/Fido2CredentialManager.kt
Lines changed: 0 additions & 10 deletions
diff --git a/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/manager/Fido2CredentialManagerImpl.kt
Lines changed: 8 additions & 139 deletions b/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/manager/Fido2CredentialManagerImpl.kt
Lines changed: 8 additions & 139 deletions
diff --git a/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/manager/Fido2OriginManager.kt
Lines changed: 32 additions & 0 deletions b/‎app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/manager/Fido2OriginManager.kt
Lines changed: 32 additions & 0 deletions
@@ -8,6 +8,8 @@ import com.x8bit.bitwarden.data.auth.repository.AuthRepository
 import com.x8bit.bitwarden.data.autofill.fido2.datasource.network.service.DigitalAssetLinkService
 import com.x8bit.bitwarden.data.autofill.fido2.manager.Fido2CredentialManager
 import com.x8bit.bitwarden.data.autofill.fido2.manager.Fido2CredentialManagerImpl
+import com.x8bit.bitwarden.data.autofill.fido2.manager.Fido2OriginManager
+import com.x8bit.bitwarden.data.autofill.fido2.manager.Fido2OriginManagerImpl
 import com.x8bit.bitwarden.data.autofill.fido2.processor.Fido2ProviderProcessor
 import com.x8bit.bitwarden.data.autofill.fido2.processor.Fido2ProviderProcessorImpl
 import com.x8bit.bitwarden.data.platform.manager.AssetManager
@@ -58,17 +60,26 @@ object Fido2ProviderModule {
     @Provides
     @Singleton
     fun provideFido2CredentialManager(
-        assetManager: AssetManager,
-        digitalAssetLinkService: DigitalAssetLinkService,
         vaultSdkSource: VaultSdkSource,
         fido2CredentialStore: Fido2CredentialStore,
+        fido2OriginManager: Fido2OriginManager,
         json: Json,
     ): Fido2CredentialManager =
         Fido2CredentialManagerImpl(
-            assetManager = assetManager,
-            digitalAssetLinkService = digitalAssetLinkService,
             vaultSdkSource = vaultSdkSource,
             fido2CredentialStore = fido2CredentialStore,
+            fido2OriginManager = fido2OriginManager,
             json = json,
         )
+
+    @Provides
+    @Singleton
+    fun provideFido2OriginManager(
+        assetManager: AssetManager,
+        digitalAssetLinkService: DigitalAssetLinkService,
+    ): Fido2OriginManager =
+        Fido2OriginManagerImpl(
+            assetManager = assetManager,
+            digitalAssetLinkService = digitalAssetLinkService,
+        )
 }
@@ -1,12 +1,10 @@
 package com.x8bit.bitwarden.data.autofill.fido2.manager
 
-import androidx.credentials.provider.CallingAppInfo
 import com.bitwarden.vault.CipherView
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CreateCredentialRequest
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CredentialAssertionRequest
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CredentialAssertionResult
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2RegisterCredentialResult
-import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2ValidateOriginResult
 import com.x8bit.bitwarden.data.autofill.fido2.model.PasskeyAssertionOptions
 import com.x8bit.bitwarden.data.autofill.fido2.model.PasskeyAttestationOptions
 
@@ -26,14 +24,6 @@ interface Fido2CredentialManager {
      */
     var authenticationAttempts: Int
 
-    /**
-     * Attempt to validate the RP and origin of the provided [callingAppInfo] and [relyingPartyId].
-     */
-    suspend fun validateOrigin(
-        callingAppInfo: CallingAppInfo,
-        relyingPartyId: String,
-    ): Fido2ValidateOriginResult
-
     /**
      * Attempt to extract FIDO 2 passkey attestation options from the system [requestJson], or null.
      */
 
@@ -6,21 +6,17 @@ import com.bitwarden.fido.Origin
 import com.bitwarden.fido.UnverifiedAssetLink
 import com.bitwarden.sdk.Fido2CredentialStore
 import com.bitwarden.vault.CipherView
-import com.x8bit.bitwarden.data.autofill.fido2.datasource.network.model.DigitalAssetLinkResponseJson
-import com.x8bit.bitwarden.data.autofill.fido2.datasource.network.service.DigitalAssetLinkService
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CreateCredentialRequest
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CredentialAssertionRequest
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CredentialAssertionResult
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2RegisterCredentialResult
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2ValidateOriginResult
 import com.x8bit.bitwarden.data.autofill.fido2.model.PasskeyAssertionOptions
 import com.x8bit.bitwarden.data.autofill.fido2.model.PasskeyAttestationOptions
-import com.x8bit.bitwarden.data.platform.manager.AssetManager
 import com.x8bit.bitwarden.data.platform.util.decodeFromStringOrNull
 import com.x8bit.bitwarden.data.platform.util.getAppOrigin
 import com.x8bit.bitwarden.data.platform.util.getAppSigningSignatureFingerprint
 import com.x8bit.bitwarden.data.platform.util.getSignatureFingerprintAsHexString
-import com.x8bit.bitwarden.data.platform.util.validatePrivilegedApp
 import com.x8bit.bitwarden.data.vault.datasource.sdk.VaultSdkSource
 import com.x8bit.bitwarden.data.vault.datasource.sdk.model.AuthenticateFido2CredentialRequest
 import com.x8bit.bitwarden.data.vault.datasource.sdk.model.RegisterFido2CredentialRequest
@@ -31,18 +27,14 @@ import kotlinx.serialization.SerializationException
 import kotlinx.serialization.encodeToString
 import kotlinx.serialization.json.Json
 
-private const val GOOGLE_ALLOW_LIST_FILE_NAME = "fido2_privileged_google.json"
-private const val COMMUNITY_ALLOW_LIST_FILE_NAME = "fido2_privileged_community.json"
-
 /**
  * Primary implementation of [Fido2CredentialManager].
  */
 @Suppress("TooManyFunctions")
 class Fido2CredentialManagerImpl(
-    private val assetManager: AssetManager,
-    private val digitalAssetLinkService: DigitalAssetLinkService,
     private val vaultSdkSource: VaultSdkSource,
     private val fido2CredentialStore: Fido2CredentialStore,
+    private val fido2OriginManager: Fido2OriginManager,
     private val json: Json,
 ) : Fido2CredentialManager,
     Fido2CredentialStore by fido2CredentialStore {
@@ -108,16 +100,14 @@ class Fido2CredentialManagerImpl(
             )
     }
 
-    override suspend fun validateOrigin(
+    private suspend fun validateOrigin(
         callingAppInfo: CallingAppInfo,
         relyingPartyId: String,
-    ): Fido2ValidateOriginResult {
-        return if (callingAppInfo.isOriginPopulated()) {
-            validatePrivilegedAppOrigin(callingAppInfo)
-        } else {
-            validateCallingApplicationAssetLinks(callingAppInfo, relyingPartyId)
-        }
-    }
+    ): Fido2ValidateOriginResult = fido2OriginManager
+        .validateOrigin(
+            callingAppInfo = callingAppInfo,
+            relyingPartyId = relyingPartyId,
+        )
 
     override fun getPasskeyAttestationOptionsOrNull(
         requestJson: String,
@@ -168,7 +158,7 @@ class Fido2CredentialManagerImpl(
                 Fido2CredentialAssertionResult.Error
             }
 
-            Fido2ValidateOriginResult.Success -> {
+            is Fido2ValidateOriginResult.Success -> {
                 vaultSdkSource
                     .authenticateFido2Credential(
                         request = AuthenticateFido2CredentialRequest(
@@ -200,127 +190,6 @@ class Fido2CredentialManagerImpl(
         }
     }
 
-    private suspend fun validateCallingApplicationAssetLinks(
-        callingAppInfo: CallingAppInfo,
-        relyingPartyId: String,
-    ): Fido2ValidateOriginResult {
-        return digitalAssetLinkService
-            .getDigitalAssetLinkForRp(relyingParty = relyingPartyId)
-            .onFailure {
-                return Fido2ValidateOriginResult.Error.AssetLinkNotFound
-            }
-            .map { statements ->
-                statements
-                    .filterMatchingAppStatementsOrNull(
-                        rpPackageName = callingAppInfo.packageName,
-                    )
-                    ?: return Fido2ValidateOriginResult.Error.ApplicationNotFound
-            }
-            .map { matchingStatements ->
-                callingAppInfo
-                    .getSignatureFingerprintAsHexString()
-                    ?.let { certificateFingerprint ->
-                        matchingStatements
-                            .filterMatchingAppSignaturesOrNull(
-                                signature = certificateFingerprint,
-                            )
-                    }
-                    ?: return Fido2ValidateOriginResult.Error.ApplicationNotVerified
-            }
-            .fold(
-                onSuccess = {
-                    Fido2ValidateOriginResult.Success
-                },
-                onFailure = {
-                    Fido2ValidateOriginResult.Error.Unknown
-                },
-            )
-    }
-
-    private suspend fun validatePrivilegedAppOrigin(
-        callingAppInfo: CallingAppInfo,
-    ): Fido2ValidateOriginResult {
-        val googleAllowListResult =
-            validatePrivilegedAppSignatureWithGoogleList(callingAppInfo)
-        return when (googleAllowListResult) {
-            is Fido2ValidateOriginResult.Success -> {
-                // Application was found and successfully validated against the Google allow list so
-                // we can return the result as the final validation result.
-                googleAllowListResult
-            }
-
-            is Fido2ValidateOriginResult.Error -> {
-                // Check the community allow list if the Google allow list failed, and return the
-                // result as the final validation result.
-                validatePrivilegedAppSignatureWithCommunityList(callingAppInfo)
-            }
-        }
-    }
-
-    private suspend fun validatePrivilegedAppSignatureWithGoogleList(
-        callingAppInfo: CallingAppInfo,
-    ): Fido2ValidateOriginResult =
-        validatePrivilegedAppSignatureWithAllowList(
-            callingAppInfo = callingAppInfo,
-            fileName = GOOGLE_ALLOW_LIST_FILE_NAME,
-        )
-
-    private suspend fun validatePrivilegedAppSignatureWithCommunityList(
-        callingAppInfo: CallingAppInfo,
-    ): Fido2ValidateOriginResult =
-        validatePrivilegedAppSignatureWithAllowList(
-            callingAppInfo = callingAppInfo,
-            fileName = COMMUNITY_ALLOW_LIST_FILE_NAME,
-        )
-
-    private suspend fun validatePrivilegedAppSignatureWithAllowList(
-        callingAppInfo: CallingAppInfo,
-        fileName: String,
-    ): Fido2ValidateOriginResult =
-        assetManager
-            .readAsset(fileName)
-            .map { allowList ->
-                callingAppInfo.validatePrivilegedApp(
-                    allowList = allowList,
-                )
-            }
-            .fold(
-                onSuccess = { it },
-                onFailure = { Fido2ValidateOriginResult.Error.Unknown },
-            )
-
-    /**
-     * Returns statements targeting the calling Android application, or null.
-     */
-    private fun List<DigitalAssetLinkResponseJson>.filterMatchingAppStatementsOrNull(
-        rpPackageName: String,
-    ): List<DigitalAssetLinkResponseJson>? =
-        filter { statement ->
-            val target = statement.target
-            target.namespace == "android_app" &&
-                target.packageName == rpPackageName &&
-                statement.relation.containsAll(
-                    listOf(
-                        "delegate_permission/common.get_login_creds",
-                        "delegate_permission/common.handle_all_urls",
-                    ),
-                )
-        }
-            .takeUnless { it.isEmpty() }
-
-    /**
-     * Returns statements that match the given [signature], or null.
-     */
-    private fun List<DigitalAssetLinkResponseJson>.filterMatchingAppSignaturesOrNull(
-        signature: String,
-    ): List<DigitalAssetLinkResponseJson>? =
-        filter { statement ->
-            statement.target.sha256CertFingerprints
-                ?.contains(signature)
-                ?: false
-        }
-            .takeUnless { it.isEmpty() }
-
     override fun hasAuthenticationAttemptsRemaining(): Boolean =
         authenticationAttempts < MAX_AUTHENTICATION_ATTEMPTS
 
 
@@ -0,0 +1,32 @@
+package com.x8bit.bitwarden.data.autofill.fido2.manager
+
+import androidx.credentials.provider.CallingAppInfo
+import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2ValidateOriginResult
+
+/**
+ * Responsible for managing FIDO2 origin validation.
+ */
+interface Fido2OriginManager {
+
+    /**
+     * Validates the origin of a calling app.
+     *
+     * @param callingAppInfo The calling app info.
+     * @param relyingPartyId The relying party ID.
+     *
+     * @return The result of the validation.
+     */
+    suspend fun validateOrigin(
+        callingAppInfo: CallingAppInfo,
+        relyingPartyId: String,
+    ): Fido2ValidateOriginResult
+
+    /**
+     * Returns the privileged app origin, or null if the calling app is not allowed.
+     *
+     * @param callingAppInfo The calling app info.
+     *
+     * @return The privileged app origin, or null.
+     */
+    suspend fun getPrivilegedAppOriginOrNull(callingAppInfo: CallingAppInfo): String?
+}