[PM-11886] Update handling of unprivileged apps and improve error messaging

Author: SaintPatrck

app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/manager/Fido2CredentialManagerImpl.kt

@@ -6,6 +6,7 @@ import com.bitwarden.fido.Origin
 import com.bitwarden.fido.UnverifiedAssetLink
 import com.bitwarden.sdk.Fido2CredentialStore
 import com.bitwarden.vault.CipherView
+import com.x8bit.bitwarden.R
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CreateCredentialRequest
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CredentialAssertionRequest
 import com.x8bit.bitwarden.data.autofill.fido2.model.Fido2CredentialAssertionResult
@@ -22,9 +23,8 @@ import com.x8bit.bitwarden.data.vault.datasource.sdk.model.AuthenticateFido2Cred
 import com.x8bit.bitwarden.data.vault.datasource.sdk.model.RegisterFido2CredentialRequest
 import com.x8bit.bitwarden.data.vault.datasource.sdk.util.toAndroidAttestationResponse
 import com.x8bit.bitwarden.data.vault.datasource.sdk.util.toAndroidFido2PublicKeyCredential
-import com.x8bit.bitwarden.ui.platform.base.util.toHostOrPathOrNull
+import com.x8bit.bitwarden.ui.platform.base.util.asText
 import kotlinx.serialization.SerializationException
-import kotlinx.serialization.encodeToString
 import kotlinx.serialization.json.Json
 
 /**
@@ -48,41 +48,45 @@ class Fido2CredentialManagerImpl(
         fido2CreateCredentialRequest: Fido2CreateCredentialRequest,
         selectedCipherView: CipherView,
     ): Fido2RegisterCredentialResult {
-        val clientData = if (fido2CreateCredentialRequest.callingAppInfo.isOriginPopulated()) {
-            fido2CreateCredentialRequest
-                .callingAppInfo
+        val callingAppInfo = fido2CreateCredentialRequest.callingAppInfo
+        val clientData = if (fido2CreateCredentialRequest.origin.isNullOrEmpty()) {
+            ClientData.DefaultWithExtraData(androidPackageName = callingAppInfo.packageName)
+        } else {
+            callingAppInfo
                 .getAppSigningSignatureFingerprint()
                 ?.let { ClientData.DefaultWithCustomHash(hash = it) }
-                ?: return Fido2RegisterCredentialResult.Error
-        } else {
-            ClientData.DefaultWithExtraData(
-                androidPackageName = fido2CreateCredentialRequest
-                    .callingAppInfo
-                    .packageName,
+                ?: return Fido2RegisterCredentialResult.Error(
+                    R.string.passkey_operation_failed_because_app_is_signed_incorrectly.asText(),
+                )
+        }
+        val sdkOrigin = if (fido2CreateCredentialRequest.origin.isNullOrEmpty()) {
+            val host = getOriginUrlFromAttestationOptionsOrNull(
+                requestJson = fido2CreateCredentialRequest.requestJson,
+            )
+                ?: return Fido2RegisterCredentialResult.Error(
+                    R.string.passkey_operation_failed_because_host_url_is_not_present_in_request
+                        .asText(),
+                )
+            Origin.Android(
+                UnverifiedAssetLink(
+                    packageName = callingAppInfo.packageName,
+                    sha256CertFingerprint = callingAppInfo.getSignatureFingerprintAsHexString()
+                        ?: return Fido2RegisterCredentialResult.Error(
+                            R.string.passkey_operation_failed_because_app_signature_is_invalid
+                                .asText(),
+                        ),
+                    host = host,
+                    assetLinkUrl = host,
+                ),
             )
+        } else {
+            Origin.Web(fido2CreateCredentialRequest.origin)
         }
-        val assetLinkUrl = fido2CreateCredentialRequest
-            .origin
-            ?: getOriginUrlFromAttestationOptionsOrNull(fido2CreateCredentialRequest.requestJson)
-            ?: return Fido2RegisterCredentialResult.Error
-
-        val origin = Origin.Android(
-            UnverifiedAssetLink(
-                packageName = fido2CreateCredentialRequest.packageName,
-                sha256CertFingerprint = fido2CreateCredentialRequest
-                    .callingAppInfo
-                    .getSignatureFingerprintAsHexString()
-                    ?: return Fido2RegisterCredentialResult.Error,
-                host = assetLinkUrl.toHostOrPathOrNull()
-                    ?: return Fido2RegisterCredentialResult.Error,
-                assetLinkUrl = assetLinkUrl,
-            ),
-        )
         return vaultSdkSource
             .registerFido2Credential(
                 request = RegisterFido2CredentialRequest(
                     userId = userId,
-                    origin = origin,
+                    origin = sdkOrigin,
                     requestJson = """{"publicKey": ${fido2CreateCredentialRequest.requestJson}}""",
                     clientData = clientData,
                     selectedCipherView = selectedCipherView,
@@ -96,7 +100,11 @@ class Fido2CredentialManagerImpl(
             .mapCatching { json.encodeToString(it) }
             .fold(
                 onSuccess = { Fido2RegisterCredentialResult.Success(it) },
-                onFailure = { Fido2RegisterCredentialResult.Error },
+                onFailure = {
+                    Fido2RegisterCredentialResult.Error(
+                        R.string.passkey_registration_failed_due_to_an_internal_error.asText(),
+                    )
+                },
             )
     }
 
@@ -114,9 +122,9 @@ class Fido2CredentialManagerImpl(
     ): PasskeyAttestationOptions? =
         try {
             json.decodeFromString<PasskeyAttestationOptions>(requestJson)
-        } catch (e: SerializationException) {
+        } catch (_: SerializationException) {
             null
-        } catch (e: IllegalArgumentException) {
+        } catch (_: IllegalArgumentException) {
             null
         }
 
@@ -125,12 +133,13 @@ class Fido2CredentialManagerImpl(
     ): PasskeyAssertionOptions? =
         try {
             json.decodeFromString<PasskeyAssertionOptions>(requestJson)
-        } catch (e: SerializationException) {
+        } catch (_: SerializationException) {
             null
-        } catch (e: IllegalArgumentException) {
+        } catch (_: IllegalArgumentException) {
             null
         }
 
+    @Suppress("LongMethod")
     override suspend fun authenticateFido2Credential(
         userId: String,
         request: Fido2CredentialAssertionRequest,
@@ -140,39 +149,52 @@ class Fido2CredentialManagerImpl(
         val clientData = request.clientDataHash
             ?.let { ClientData.DefaultWithCustomHash(hash = it) }
             ?: ClientData.DefaultWithExtraData(androidPackageName = callingAppInfo.getAppOrigin())
-        val origin = callingAppInfo.origin
-            ?: getOriginUrlFromAssertionOptionsOrNull(request.requestJson)
-            ?: return Fido2CredentialAssertionResult.Error
         val relyingPartyId = json
             .decodeFromStringOrNull<PasskeyAssertionOptions>(request.requestJson)
             ?.relyingPartyId
-            ?: return Fido2CredentialAssertionResult.Error
+            ?: return Fido2CredentialAssertionResult.Error(
+                R.string.passkey_operation_failed_because_relying_party_cannot_be_identified
+                    .asText(),
+            )
 
         val validateOriginResult = validateOrigin(
             callingAppInfo = callingAppInfo,
             relyingPartyId = relyingPartyId,
         )
 
+        val sdkOrigin = if (!request.origin.isNullOrEmpty()) {
+            Origin.Web(request.origin)
+        } else {
+            val hostUrl = getOriginUrlFromAssertionOptionsOrNull(request.requestJson)
+                ?: return Fido2CredentialAssertionResult.Error(
+                    R.string.passkey_operation_failed_because_host_url_is_not_present_in_request
+                        .asText(),
+                )
+            Origin.Android(
+                UnverifiedAssetLink(
+                    packageName = callingAppInfo.packageName,
+                    sha256CertFingerprint = callingAppInfo.getSignatureFingerprintAsHexString()
+                        ?: return Fido2CredentialAssertionResult.Error(
+                            R.string.passkey_operation_failed_because_app_signature_is_invalid
+                                .asText(),
+                        ),
+                    host = hostUrl,
+                    assetLinkUrl = hostUrl,
+                ),
+            )
+        }
+
         return when (validateOriginResult) {
             is Fido2ValidateOriginResult.Error -> {
-                Fido2CredentialAssertionResult.Error
+                Fido2CredentialAssertionResult.Error(validateOriginResult.messageResId.asText())
             }
 
             is Fido2ValidateOriginResult.Success -> {
                 vaultSdkSource
                     .authenticateFido2Credential(
                         request = AuthenticateFido2CredentialRequest(
                             userId = userId,
-                            origin = Origin.Android(
-                                UnverifiedAssetLink(
-                                    callingAppInfo.packageName,
-                                    callingAppInfo.getSignatureFingerprintAsHexString()
-                                        ?: return Fido2CredentialAssertionResult.Error,
-                                    origin.toHostOrPathOrNull()
-                                        ?: return Fido2CredentialAssertionResult.Error,
-                                    origin,
-                                ),
-                            ),
+                            origin = sdkOrigin,
                             requestJson = """{"publicKey": ${request.requestJson}}""",
                             clientData = clientData,
                             selectedCipherView = selectedCipherView,
@@ -184,7 +206,12 @@ class Fido2CredentialManagerImpl(
                     .mapCatching { json.encodeToString(it) }
                     .fold(
                         onSuccess = { Fido2CredentialAssertionResult.Success(it) },
-                        onFailure = { Fido2CredentialAssertionResult.Error },
+                        onFailure = {
+                            Fido2CredentialAssertionResult.Error(
+                                R.string.passkey_authentication_failed_due_to_an_internal_error
+                                    .asText(),
+                            )
+                        },
                     )
             }
         }
@@ -196,13 +223,20 @@ class Fido2CredentialManagerImpl(
     private fun getOriginUrlFromAssertionOptionsOrNull(requestJson: String) =
         getPasskeyAssertionOptionsOrNull(requestJson)
             ?.relyingPartyId
-            ?.let { "$HTTPS$it" }
+            ?.prefixWithHttpsIfNecessary()
 
     private fun getOriginUrlFromAttestationOptionsOrNull(requestJson: String) =
         getPasskeyAttestationOptionsOrNull(requestJson)
             ?.relyingParty
             ?.id
-            ?.let { "$HTTPS$it" }
+            ?.prefixWithHttpsIfNecessary()
+
+    private fun String.prefixWithHttpsIfNecessary(): String =
+        if (!this.startsWith(HTTPS)) {
+            "$HTTPS$this"
+        } else {
+            this
+        }
 }
 
 private const val MAX_AUTHENTICATION_ATTEMPTS = 5

app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/model/Fido2CredentialAssertionResult.kt

@@ -1,5 +1,7 @@
 package com.x8bit.bitwarden.data.autofill.fido2.model
 
+import com.x8bit.bitwarden.ui.platform.base.util.Text
+
 /**
  * Represents possible outcomes of a FIDO 2 credential assertion request.
  */
@@ -13,5 +15,5 @@ sealed class Fido2CredentialAssertionResult {
     /**
      * Indicates there was an error and the assertion was not successful.
      */
-    data object Error : Fido2CredentialAssertionResult()
+    data class Error(val message: Text) : Fido2CredentialAssertionResult()
 }

app/src/main/java/com/x8bit/bitwarden/data/autofill/fido2/model/Fido2RegisterCredentialResult.kt

@@ -1,5 +1,7 @@
 package com.x8bit.bitwarden.data.autofill.fido2.model
 
+import com.x8bit.bitwarden.ui.platform.base.util.Text
+
 /**
  * Models the data returned from creating a FIDO 2 credential.
  */
@@ -9,13 +11,13 @@ sealed class Fido2RegisterCredentialResult {
      * Indicates the credential has been successfully registered.
      */
     data class Success(
-        val registrationResponse: String,
+        val responseJson: String,
     ) : Fido2RegisterCredentialResult()
 
     /**
      * Indicates there was an error and the credential was not registered.
      */
-    data object Error : Fido2RegisterCredentialResult()
+    data class Error(val message: Text) : Fido2RegisterCredentialResult()
 
     /**
      * Indicates the user cancelled the request.

app/src/main/java/com/x8bit/bitwarden/ui/auth/feature/vaultunlock/VaultUnlockScreen.kt

@@ -118,9 +118,9 @@ fun VaultUnlockScreen(
                 )
             }
 
-            VaultUnlockEvent.Fido2CredentialAssertionError -> {
+            is VaultUnlockEvent.Fido2CredentialAssertionError -> {
                 fido2CompletionManager.completeFido2Assertion(
-                    result = Fido2CredentialAssertionResult.Error,
+                    result = Fido2CredentialAssertionResult.Error(event.message),
                 )
             }
 

app/src/main/java/com/x8bit/bitwarden/ui/auth/feature/vaultunlock/VaultUnlockViewModel.kt

@@ -181,7 +181,12 @@ class VaultUnlockViewModel @Inject constructor(
             }
 
             state.fido2CredentialAssertionRequest != null -> {
-                sendEvent(VaultUnlockEvent.Fido2CredentialAssertionError)
+                sendEvent(
+                    VaultUnlockEvent.Fido2CredentialAssertionError(
+                        R.string.passkey_operation_failed_because_user_could_not_be_verified
+                            .asText(),
+                    ),
+                )
             }
 
             else -> Unit
@@ -522,7 +527,7 @@ sealed class VaultUnlockEvent {
     /**
      * Completes the FIDO2 credential assertion request with an error response.
      */
-    data object Fido2CredentialAssertionError : VaultUnlockEvent()
+    data class Fido2CredentialAssertionError(val message: Text) : VaultUnlockEvent()
 }
 
 /**

app/src/main/java/com/x8bit/bitwarden/ui/autofill/fido2/manager/Fido2CompletionManagerImpl.kt

@@ -49,7 +49,7 @@ class Fido2CompletionManagerImpl(
                         .setCreateCredentialResponse(
                             intent = intent,
                             response = CreatePublicKeyCredentialResponse(
-                                registrationResponseJson = result.registrationResponse,
+                                registrationResponseJson = result.responseJson,
                             ),
                         )
                 }
@@ -71,7 +71,7 @@ class Fido2CompletionManagerImpl(
         activity.also {
             val intent = Intent()
             when (result) {
-                Fido2CredentialAssertionResult.Error -> {
+                is Fido2CredentialAssertionResult.Error -> {
                     PendingIntentHandler
                         .setGetCredentialException(
                             intent = intent,

app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/addedit/VaultAddEditScreen.kt

@@ -25,6 +25,7 @@ import androidx.lifecycle.compose.collectAsStateWithLifecycle
 import com.x8bit.bitwarden.R
 import com.x8bit.bitwarden.ui.autofill.fido2.manager.Fido2CompletionManager
 import com.x8bit.bitwarden.ui.platform.base.util.EventsEffect
+import com.x8bit.bitwarden.ui.platform.base.util.Text
 import com.x8bit.bitwarden.ui.platform.components.appbar.BitwardenTopAppBar
 import com.x8bit.bitwarden.ui.platform.components.appbar.NavigationIcon
 import com.x8bit.bitwarden.ui.platform.components.appbar.action.BitwardenOverflowActionItem
@@ -131,7 +132,9 @@ fun VaultAddEditScreen(
             }
 
             is VaultAddEditEvent.CompleteFido2Registration -> {
-                fido2CompletionManager.completeFido2Registration(event.result)
+                fido2CompletionManager.completeFido2Registration(
+                    result = event.result,
+                )
             }
 
             is VaultAddEditEvent.Fido2UserVerification -> {
@@ -187,7 +190,11 @@ fun VaultAddEditScreen(
             { viewModel.trySendAction(VaultAddEditAction.Common.InitialAutofillDialogDismissed) }
         },
         onFido2ErrorDismiss = remember(viewModel) {
-            { viewModel.trySendAction(VaultAddEditAction.Common.Fido2ErrorDialogDismissed) }
+            { errorMessage ->
+                viewModel.trySendAction(
+                    VaultAddEditAction.Common.Fido2ErrorDialogDismissed(message = errorMessage),
+                )
+            }
         },
         onConfirmOverwriteExistingPasskey = remember(viewModel) {
             {
@@ -414,7 +421,7 @@ private fun VaultAddEditItemDialogs(
     dialogState: VaultAddEditState.DialogState?,
     onDismissRequest: () -> Unit,
     onAutofillDismissRequest: () -> Unit,
-    onFido2ErrorDismiss: () -> Unit,
+    onFido2ErrorDismiss: (Text) -> Unit,
     onConfirmOverwriteExistingPasskey: () -> Unit,
     onSubmitMasterPasswordFido2Verification: (password: String) -> Unit,
     onRetryFido2PasswordVerification: () -> Unit,
@@ -449,7 +456,7 @@ private fun VaultAddEditItemDialogs(
             BitwardenBasicDialog(
                 title = stringResource(id = R.string.an_error_has_occurred),
                 message = dialogState.message(),
-                onDismissRequest = onFido2ErrorDismiss,
+                onDismissRequest = { onFido2ErrorDismiss(dialogState.message) },
             )
         }