[PM-18466] Add support for Fido2 to cipher list view (#178)

## 🎟️ Tracking

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

## 📔 Objective

Allows mobile apps to start using `CipherListView`

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

Author: coroiu

crates/bitwarden-fido/src/authenticator.rs

@@ -269,17 +269,13 @@ impl<'a> Fido2Authenticator<'a> {
     pub async fn credentials_for_autofill(
         &mut self,
     ) -> Result<Vec<Fido2CredentialAutofillView>, CredentialsForAutofillError> {
-        let key_store = self.client.internal.get_key_store();
         let all_credentials = self.credential_store.all_credentials().await?;
 
-        let mut ctx = key_store.context();
         all_credentials
             .into_iter()
             .map(
                 |cipher| -> Result<Vec<Fido2CredentialAutofillView>, CredentialsForAutofillError> {
-                    Ok(Fido2CredentialAutofillView::from_cipher_view(
-                        &cipher, &mut ctx,
-                    )?)
+                    Ok(Fido2CredentialAutofillView::from_cipher_list_view(&cipher)?)
                 },
             )
             .flatten_ok()

crates/bitwarden-fido/src/traits.rs

@@ -1,4 +1,4 @@
-use bitwarden_vault::{Cipher, CipherView, Fido2CredentialNewView};
+use bitwarden_vault::{Cipher, CipherListView, CipherView, Fido2CredentialNewView};
 use passkey::authenticator::UIHint;
 use thiserror::Error;
 
@@ -41,7 +41,7 @@ pub trait Fido2CredentialStore: Send + Sync {
         rip_id: String,
     ) -> Result<Vec<CipherView>, Fido2CallbackError>;
 
-    async fn all_credentials(&self) -> Result<Vec<CipherView>, Fido2CallbackError>;
+    async fn all_credentials(&self) -> Result<Vec<CipherListView>, Fido2CallbackError>;
 
     async fn save_credential(&self, cred: Cipher) -> Result<(), Fido2CallbackError>;
 }

crates/bitwarden-fido/src/types.rs

@@ -3,7 +3,7 @@ use std::borrow::Cow;
 use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine};
 use bitwarden_core::key_management::KeyIds;
 use bitwarden_crypto::{CryptoError, KeyStoreContext};
-use bitwarden_vault::CipherView;
+use bitwarden_vault::{CipherListView, CipherListViewType, CipherView, LoginListView};
 use passkey::types::webauthn::UserVerificationRequirement;
 use reqwest::Url;
 use schemars::JsonSchema;
@@ -71,9 +71,10 @@ impl Fido2CredentialAutofillView {
         let credentials = cipher.decrypt_fido2_credentials(ctx)?;
 
         credentials
-            .into_iter()
+            .iter()
             .filter_map(|c| -> Option<Result<_, Fido2CredentialAutofillViewError>> {
                 c.user_handle
+                    .as_ref()
                     .map(|u| URL_SAFE_NO_PAD.decode(u))
                     .map(|user_handle| {
                         Ok(Fido2CredentialAutofillView {
@@ -97,6 +98,42 @@ impl Fido2CredentialAutofillView {
             })
             .collect()
     }
+
+    pub fn from_cipher_list_view(
+        cipher: &CipherListView,
+    ) -> Result<Vec<Fido2CredentialAutofillView>, Fido2CredentialAutofillViewError> {
+        match &cipher.r#type {
+            CipherListViewType::Login(LoginListView {
+                fido2_credentials: Some(fido2_credentials),
+                username,
+                ..
+            }) => fido2_credentials
+                .iter()
+                .filter_map(|c| -> Option<Result<_, Fido2CredentialAutofillViewError>> {
+                    c.user_handle
+                        .as_ref()
+                        .map(|u| URL_SAFE_NO_PAD.decode(u))
+                        .map(|user_handle| {
+                            Ok(Fido2CredentialAutofillView {
+                                credential_id: string_to_guid_bytes(&c.credential_id)?,
+                                cipher_id: cipher
+                                    .id
+                                    .ok_or(Fido2CredentialAutofillViewError::MissingCipherId)?,
+                                rp_id: c.rp_id.clone(),
+                                user_handle: user_handle?,
+                                user_name_for_ui: c
+                                    .user_name
+                                    .none_whitespace()
+                                    .or(c.user_display_name.none_whitespace())
+                                    .or(username.none_whitespace())
+                                    .or(cipher.name.none_whitespace()),
+                            })
+                        })
+                })
+                .collect(),
+            _ => Ok(vec![]),
+        }
+    }
 }
 
 #[cfg_attr(feature = "uniffi", derive(uniffi::Record))]

crates/bitwarden-uniffi/src/platform/fido2.rs

@@ -7,7 +7,7 @@ use bitwarden_fido::{
     PublicKeyCredentialAuthenticatorAttestationResponse, PublicKeyCredentialRpEntity,
     PublicKeyCredentialUserEntity,
 };
-use bitwarden_vault::{Cipher, CipherView, Fido2CredentialNewView};
+use bitwarden_vault::{Cipher, CipherListView, CipherView, Fido2CredentialNewView};
 
 use crate::{
     error::{Error, Result},
@@ -255,7 +255,7 @@ pub trait Fido2CredentialStore: Send + Sync {
         rip_id: String,
     ) -> Result<Vec<CipherView>, Fido2CallbackError>;
 
-    async fn all_credentials(&self) -> Result<Vec<CipherView>, Fido2CallbackError>;
+    async fn all_credentials(&self) -> Result<Vec<CipherListView>, Fido2CallbackError>;
 
     async fn save_credential(&self, cred: Cipher) -> Result<(), Fido2CallbackError>;
 }
@@ -279,7 +279,7 @@ impl bitwarden_fido::Fido2CredentialStore for UniffiTraitBridge<&dyn Fido2Creden
             .map_err(Into::into)
     }
 
-    async fn all_credentials(&self) -> Result<Vec<CipherView>, BitFido2CallbackError> {
+    async fn all_credentials(&self) -> Result<Vec<CipherListView>, BitFido2CallbackError> {
         self.0.all_credentials().await.map_err(Into::into)
     }
 

crates/bitwarden-uniffi/swift/iOS/App/ContentView.swift

@@ -402,17 +402,17 @@ class Fido2UserInterfaceImpl: Fido2UserInterface {
     func checkUser(options: BitwardenSdk.CheckUserOptions, hint: UiHint) async throws -> BitwardenSdk.CheckUserResult {
         return CheckUserResult(userPresent: true, userVerified: true)
     }
-    
+
     func isVerificationEnabled() async  -> Bool {
         true
     }
 }
 
 class Fido2CredentialStoreImpl: Fido2CredentialStore {
-    func allCredentials() async throws -> [BitwardenSdk.CipherView] {
+    func allCredentials() async throws -> [BitwardenSdk.CipherListView] {
         abort()
     }
-    
+
     func findCredentials(ids: [Data]?, ripId: String) async throws -> [BitwardenSdk.CipherView] {
         abort()
     }

crates/bitwarden-vault/src/cipher/cipher.rs

@@ -734,7 +734,7 @@ mod tests {
     use ssh_key::SshKey;
 
     use super::*;
-    use crate::Fido2Credential;
+    use crate::{login::Fido2CredentialListView, Fido2Credential};
 
     fn generate_cipher() -> CipherView {
         let test_id: uuid::Uuid = "fd411a1a-fec8-4070-985d-0e6560860e69".parse().unwrap();
@@ -852,7 +852,15 @@ mod tests {
                 name: "My test login".to_string(),
                 subtitle: "test_username".to_string(),
                 r#type: CipherListViewType::Login(LoginListView {
+                    fido2_credentials: Some(vec![Fido2CredentialListView {
+                        credential_id: "123".to_string(),
+                        rp_id: "123".to_string(),
+                        user_handle: None,
+                        user_name: None,
+                        user_display_name: None,
+                    }]),
                     has_fido2: true,
+                    username: Some("test_username".to_string()),
                     totp: cipher.login.as_ref().unwrap().totp.clone(),
                     uris: None,
                 }),

crates/bitwarden-vault/src/cipher/login.rs

@@ -90,6 +90,17 @@ pub struct Fido2Credential {
     pub creation_date: DateTime<Utc>,
 }
 
+#[derive(Serialize, Deserialize, Debug, JsonSchema, Clone, PartialEq)]
+#[serde(rename_all = "camelCase", deny_unknown_fields)]
+#[cfg_attr(feature = "uniffi", derive(uniffi::Record))]
+pub struct Fido2CredentialListView {
+    pub credential_id: String,
+    pub rp_id: String,
+    pub user_handle: Option<String>,
+    pub user_name: Option<String>,
+    pub user_display_name: Option<String>,
+}
+
 #[derive(Serialize, Deserialize, Debug, JsonSchema, Clone)]
 #[serde(rename_all = "camelCase", deny_unknown_fields)]
 #[cfg_attr(feature = "uniffi", derive(uniffi::Record))]
@@ -280,7 +291,9 @@ pub struct LoginView {
 #[serde(rename_all = "camelCase", deny_unknown_fields)]
 #[cfg_attr(feature = "uniffi", derive(uniffi::Record))]
 pub struct LoginListView {
+    pub fido2_credentials: Option<Vec<Fido2CredentialListView>>,
     pub has_fido2: bool,
+    pub username: Option<String>,
     /// The TOTP key is not decrypted. Useable as is with [`crate::generate_totp_cipher_view`].
     pub totp: Option<EncString>,
     pub uris: Option<Vec<LoginUriView>>,
@@ -357,7 +370,13 @@ impl Decryptable<KeyIds, SymmetricKeyId, LoginListView> for Login {
         key: SymmetricKeyId,
     ) -> Result<LoginListView, CryptoError> {
         Ok(LoginListView {
+            fido2_credentials: self
+                .fido2_credentials
+                .as_ref()
+                .map(|fido2_credentials| fido2_credentials.decrypt(ctx, key))
+                .transpose()?,
             has_fido2: self.fido2_credentials.is_some(),
+            username: self.username.decrypt(ctx, key).ok().flatten(),
             totp: self.totp.clone(),
             uris: self.uris.decrypt(ctx, key).ok().flatten(),
         })
@@ -420,6 +439,22 @@ impl Decryptable<KeyIds, SymmetricKeyId, Fido2CredentialView> for Fido2Credentia
     }
 }
 
+impl Decryptable<KeyIds, SymmetricKeyId, Fido2CredentialListView> for Fido2Credential {
+    fn decrypt(
+        &self,
+        ctx: &mut KeyStoreContext<KeyIds>,
+        key: SymmetricKeyId,
+    ) -> Result<Fido2CredentialListView, CryptoError> {
+        Ok(Fido2CredentialListView {
+            credential_id: self.credential_id.decrypt(ctx, key)?,
+            rp_id: self.rp_id.decrypt(ctx, key)?,
+            user_handle: self.user_handle.decrypt(ctx, key)?,
+            user_name: self.user_name.decrypt(ctx, key)?,
+            user_display_name: self.user_display_name.decrypt(ctx, key)?,
+        })
+    }
+}
+
 impl TryFrom<CipherLoginModel> for Login {
     type Error = VaultParseError;
 

crates/bitwarden-vault/src/cipher/mod.rs

@@ -15,13 +15,15 @@ pub use attachment::{
     Attachment, AttachmentEncryptResult, AttachmentFile, AttachmentFileView, AttachmentView,
 };
 pub use card::{CardBrand, CardView};
-pub use cipher::{Cipher, CipherError, CipherListView, CipherRepromptType, CipherType, CipherView};
-pub use cipher_permissions::CipherPermissions;
+pub use cipher::{
+    Cipher, CipherError, CipherListView, CipherListViewType, CipherRepromptType, CipherType,
+    CipherView,
+};
 pub use field::FieldView;
 pub use identity::IdentityView;
 pub use login::{
     Fido2Credential, Fido2CredentialFullView, Fido2CredentialNewView, Fido2CredentialView, Login,
-    LoginUriView, LoginView, UriMatchType,
+    LoginListView, LoginUriView, LoginView, UriMatchType,
 };
 pub use secure_note::{SecureNoteType, SecureNoteView};
 pub use ssh_key::SshKeyView;

crates/bitwarden-vault/src/totp.rs

@@ -727,7 +727,9 @@ mod tests {
             name: "My test login".to_string(),
             subtitle: "test_username".to_string(),
             r#type: CipherListViewType::Login(LoginListView{
+                fido2_credentials: None,
                 has_fido2: true,
+                username: None,
                 totp: Some("2.hqdioUAc81FsKQmO1XuLQg==|oDRdsJrQjoFu9NrFVy8tcJBAFKBx95gHaXZnWdXbKpsxWnOr2sKipIG43pKKUFuq|3gKZMiboceIB5SLVOULKg2iuyu6xzos22dfJbvx0EHk=".parse().unwrap()),
                 uris: None,
             }),