Clean up models

Author: iinuwa

BitwardenKit/Core/Platform/Extensions/Data.swift

@@ -2,14 +2,31 @@ import CryptoKit
 import Foundation
 
 public extension Data {
+    // MARK: Initializers
+
+    /// Parses bytes from a base64url-encoded string.
+    init?(base64UrlEncoded str: String) throws {
+        try self.init(base64Encoded: str.urlDecoded())
+    }
+
+    // MARK: Functions
+
+    /// Encodes bytes in Data as a base64url string.
     func base64UrlEncodedString(trimPadding shouldTrim: Bool) -> String {
-        let encoded = base64EncodedString().replacingOccurrences(of: "+", with: "-").replacingOccurrences(of: "/", with: "_")
+        let encoded = base64EncodedString().replacingOccurrences(
+            of: "+",
+            with: "-"
+        ).replacingOccurrences(
+            of: "/",
+            with: "_"
+        )
         if shouldTrim {
             return encoded.trimmingCharacters(in: CharacterSet(["="]))
         } else {
             return encoded
         }
     }
+
     /// Generates a hash value for the provided data.
     ///
     /// - Parameter using: The type of cryptographically secure hashing being performed.
@@ -39,11 +56,7 @@ public extension Data {
         let digest = hashFunction.hash(data: self)
         return Data(digest).base64EncodedString()
     }
-    
-    init?(base64UrlEncoded str: String) throws {
-        self.init(base64Encoded: try str.urlDecoded())
-    }
-    
+
     /// Transforms this Data in a hex formatted string.
     /// - Returns: Hex formatted string.
     func asHexString() -> String {

BitwardenShared/Core/Auth/Models/Request/SecretVerificationRequestModel.swift

@@ -1,39 +1,30 @@
-//
-//  SecretVerificationRequestModel.swift
-//  Bitwarden
-//
-//  Created by Isaiah Inuwa on 2025-10-03.
-//
-
-
 import Foundation
 import Networking
 
 struct SecretVerificationRequestModel: JSONRequestBody, Equatable {
-    static let encoder = JSONEncoder()
-
     // MARK: Properties
 
     let authRequestAccessCode: String?
     let masterPasswordHash: String?
     let otp: String?
 
-    
-    init(passwordHash: String) {
-        authRequestAccessCode = nil
-        masterPasswordHash = passwordHash
+    // MARK: Initializers
+
+    init(accessCode: String) {
+        authRequestAccessCode = accessCode
+        masterPasswordHash = nil
         otp = nil
     }
-    
+
     init(otp: String) {
         masterPasswordHash = nil
         self.otp = otp
         authRequestAccessCode = nil
     }
-    
-    init(accessCode: String) {
-        authRequestAccessCode = accessCode
-        masterPasswordHash = nil
+
+    init(passwordHash: String) {
+        authRequestAccessCode = nil
+        masterPasswordHash = passwordHash
         otp = nil
     }
-}
+}

BitwardenShared/Core/Auth/Models/Request/WebAuthnLoginSaveCredentialRequestModel.swift

@@ -1,56 +1,59 @@
-//
-//  WebAuthnLoginSaveCredentialRequestModel.swift
-//  Bitwarden
-//
-//  Created by Isaiah Inuwa on 2025-10-03.
-//
-
-
 import Foundation
 import Networking
 
-// MARK: - SaveCredentialRequestModel
+// MARK: WebAuthnLoginSaveCredentialRequestModel
 
-/// The request body for an answer login request request.
-///
+/// The request body for a request to save a WebAuthn credential.
 struct WebAuthnLoginSaveCredentialRequestModel: JSONRequestBody, Equatable {
-    static let encoder = JSONEncoder()
-
     // MARK: Properties
-    // The response received from the authenticator.
-    // This contains all information needed for future authentication flows.
-    let deviceResponse: WebAuthnLoginAttestationResponseRequest
-
-    // Nickname chosen by the user to identify this credential
-    let name: String
 
-    // Token required by the server to complete the creation.
-    // It contains encrypted information that the server needs to verify the credential.
-    let token: String
-
-    // True if the credential was created with PRF support.
-    let supportsPrf: Bool
+    /// The response received from the authenticator.
+    /// This contains all information needed for future authentication flows.
+    let deviceResponse: WebAuthnLoginAttestationResponseRequest
 
-    // Used for vault encryption. See {@link RotateableKeySet.encryptedUserKey }
+    /// Encapsulated user key in rotateable key set.
     let encryptedUserKey: String?
 
-    // Used for vault encryption. See {@link RotateableKeySet.encryptedPublicKey }
+    /// Encrypted public key in rotateable key set.
     let encryptedPublicKey: String?
 
-    // Used for vault encryption. See {@link RotateableKeySet.encryptedPrivateKey }
+    /// Encrypted private key in rotatable key set.
     let encryptedPrivateKey: String?
+
+    /// Nickname chosen by the user to identify this credential
+    let name: String
+
+    /// `true` if the credential was created with PRF support.
+    let supportsPrf: Bool
+
+    /// Token required by the server to complete the creation.
+    /// It contains encrypted information that the server needs to verify the credential.
+    let token: String
 }
 
+// MARK: WebAuthnLoginAttestationResponseRequest
+
+/// Fields corresponding to a WebAuthn PublicKeyCredential with an AuthenticatorAttestationResponse.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#iface-pkcredential)
 struct WebAuthnLoginAttestationResponseRequest: Encodable, Equatable {
     let id: String
     let rawId: String
-    let type: String
-    // let extensions: [String: Any]
     let response: WebAuthnLoginAttestationResponseRequestInner
+    let type: String
+    // We are currently not sending back any extension results to the server, so we are omitting this slot.
+    // let clientExtensionsResults: [String: Any]
 }
 
+// MARK: WebAuthnLoginAttestationResponseRequestInner
+
+/// Fields corresponding to a WebAuthn AuthenticatorAttestationResponse.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#authenticatorattestationresponse)
 struct WebAuthnLoginAttestationResponseRequestInner: Encodable, Equatable {
+    /// Attestation object received from the authenticator, encoded in base64url.
     let attestationObject: String
+
+    /// JSON object of Client Data used for the request.
     let clientDataJson: String
-    
-}
+}

BitwardenShared/Core/Auth/Models/Response/WebAuthnLoginCredentialAssertionOptionsResponse.swift

@@ -1,27 +1,25 @@
-//
-//  WebAuthnLoginCredentialAssertionOptionsResponse.swift
-//  Bitwarden
-//
-//  Created by Isaiah Inuwa on 2025-10-03.
-//
-
-
 import Foundation
 import Networking
 
+// MARK: WebAuthnLoginCredentialAssertionOptionsResponse
+
+/// Parameters received from the server for initializing a WebAuthn credential assertion flow.
 struct WebAuthnLoginCredentialAssertionOptionsResponse: JSONResponse, Equatable, Sendable {
     /// Options to be provided to the webauthn authenticator.
-    let options: PublicKeyCredentialAssertionOptions;
+    let options: PublicKeyCredentialRequestOptions
 
     /// Contains an encrypted version of the {@link options}.
     /// Used by the server to validate the attestation response of newly created credentials.
-    let token: String;
+    let token: String
 }
 
-struct PublicKeyCredentialAssertionOptions: Codable, Equatable, Hashable {
+// MARK: PublicKeyCredentialAssertionOptions
+
+/// WebAuthn PublicKeyCredentialRequestOptions.
+struct PublicKeyCredentialRequestOptions: Codable, Equatable, Hashable {
     let allowCredentials: [BwPublicKeyCredentialDescriptor]?
     let challenge: String
     let extensions: AuthenticationExtensionsClientInputs?
     let rpId: String
     let timeout: Int?
-}
+}

BitwardenShared/Core/Auth/Models/Response/WebAuthnLoginCredentialCreationOptionsResponse.swift

@@ -1,67 +1,137 @@
-//
-//  WebAuthnLoginCredentialCreationOptionsResponse.swift
-//  Bitwarden
-//
-//  Created by Isaiah Inuwa on 2025-10-03.
-//
-
-
 import Foundation
 import Networking
 
+// swiftlint:disable line_length
+
+// MARK: WebAuthnLoginCredentialCreationOptionsResponse
+
+/// Parameters received from the server to initiate a WebAuthn credential creation flow.
 struct WebAuthnLoginCredentialCreationOptionsResponse: JSONResponse, Equatable, Sendable {
     /// Options to be provided to the webauthn authenticator.
-    let options: PublicKeyCredentialCreationOptions;
+    let options: PublicKeyCredentialCreationOptions
 
     /// Contains an encrypted version of the {@link options}.
     /// Used by the server to validate the attestation response of newly created credentials.
-    let token: String;
+    let token: String
 }
 
+// MARK: PublicKeyCredentialCreationOptions
+
+/// WebAuthn [PublicKeyCredentialCreationOptions](https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialcreationoptions).
 struct PublicKeyCredentialCreationOptions: Codable, Equatable, Hashable {
-    // attestation?: AttestationConveyancePreference
-    // let authenticatorSelection: AuthenticatorSelectionCriteria?
+    /// A base64-encoded challenge that the authenticator signs, along with other data, when producing an attestation
+    /// object for the newly created credential.
+    ///
+    /// ([Link to specification](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-challenge))
+    ///
+    /// Note that the server sends this challenge as a padded base64 string, not as a unpadded base64url string as is
+    /// used in most places in the WebAuthn spec.
     let challenge: String
+
+    /// Credential IDs received from the server which should not appear on the authenticator used to complete the
+    /// ceremony.
+    ///
+    /// ([Link to specification](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-excludecredentials))
     let excludeCredentials: [BwPublicKeyCredentialDescriptor]?
+
+    /// WebAuthn client extension inputs.
+    ///
+    /// ([Link to specification](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-extensions)).
     let extensions: AuthenticationExtensionsClientInputs?
+
+    /// Types of WebAuthn credentials that the server supports.
+    ///
+    /// ([Link to specification](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-pubkeycredparams))
     let pubKeyCredParams: [BwPublicKeyCredentialParameters]
-    let rp: BwPublicKeyCredentialRpEntity
+
+    /// Relying party information for the request.
+    ///
+    /// [Link to specification](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-rp).
+    let rp: BwPublicKeyCredentialRpEntity // swiftlint:disable:this identifier_name
+
+    /// Time, in milliseconds, that the server is willing to wait for a response.
+    ///
+    /// [Link to specification](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-timeout)
     let timeout: Int?
+
+    /// Information about the user for whom the credential is being created.
+    ///
+    /// [Link to spec](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-user).
     let user: BwPublicKeyCredentialUserEntity
 }
 
+// MARK: AuthenticationExtensionsClientInputs
 
+/// Inputs for WebAuthn extensions.
 struct AuthenticationExtensionsClientInputs: Codable, Equatable, Hashable {
+    /// Input values for PRF extensions.
+    ///
+    /// [Link to specification](https://www.w3.org/TR/webauthn-3/#dom-authenticationextensionsclientinputs-prf)
     let prf: AuthenticationExtensionsPRFInputs?
 }
 
+// MARK: AuthenticationExtensionsPRFInputs
+
+/// Input values for WebAutn PRF extension.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#dictdef-authenticationextensionsprfinputs)
 struct AuthenticationExtensionsPRFInputs: Codable, Equatable, Hashable {
     let eval: AuthenticationExtensionsPRFValues?
     let evalByCredential: [String: AuthenticationExtensionsPRFValues]?
 }
 
+// MARK: AuthenticationExtensionsPRFValues
+
+/// WebAuthn PRF input values.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#dictdef-authenticationextensionsprfvalues)
 struct AuthenticationExtensionsPRFValues: Codable, Equatable, Hashable {
     let first: String
     let second: String?
 }
 
+// MARK: BwPublicKeyCredentialDescriptor
+
+/// WebAuthn Credential Descriptor.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#dictionary-credential-descriptor)
+/// Distinct from ``BitwardenSdk.PublicKeyCredentialDescriptor`` for deserialization purposes.
 struct BwPublicKeyCredentialDescriptor: Codable, Equatable, Hashable {
     let type: String
     let id: String
-    // let transports: [String]?
 }
 
+// MARK: BwPublicKeyCredentialParameters
+
+/// WebAuthn parameters for credential generation.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialparameters)
+/// Distinct from ``BitwardenSdk.PublicKeyCredentialParameters`` for serialization purposes.
 struct BwPublicKeyCredentialParameters: Codable, Equatable, Hashable {
     let type: String
     let alg: Int
 }
 
+// MARK: BwPublicKeyCredentialRpEntity
+
+/// WebAuthn relying party information.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialrpentity)
+/// Distinct from ``BitwardenSdk.PublicKeyCredentialRpEntity`` for serialization purposes.
 struct BwPublicKeyCredentialRpEntity: Codable, Equatable, Hashable {
     let id: String
     let name: String
 }
 
+// MARK: BwPublicKeyCredentialUserEntity
+
+/// WebAuthn user account parameters.
+///
+/// [Link to specification](https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialuserentity)
+/// Distinct from ``BitwardenSdk.PublicKeyCredentialUserEntity`` for serialization purposes.
 struct BwPublicKeyCredentialUserEntity: Codable, Equatable, Hashable {
     let id: String
     let name: String
-}
+}
+
+// swiftlint:enable line_length