github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-05-18 14:19:36 -05:00
Code Issues 1.3k Packages Projects Releases 125 Wiki Activity

[PR #3099] [MERGED] [PM-6848] Improved User verification on passkeys creation #23401

New Issue
Closed
opened 2026-04-16 23:29:25 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-04-16 23:29:25 -05:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/bitwarden/android/pull/3099
Author: @fedemkr
Created: 3/20/2024
Status: Merged
Merged: 3/21/2024
Merged by: @fedemkr

Base: feature/maui-migration-passkeysHead: vault/pm-6848/fix-on-uv-cancel-dont-create-item

📝 Commits (2)

  • 3774c3f PM-6848 Updated cancellation flow on passkey user verification and improved UV enforcement on creation
  • 271bbfd PM-6848 Added null checks to help diagnosing if NRE is presented

📊 Changes

15 files changed (+202 additions, -90 deletions)

View changed files

📝 src/Core/Abstractions/IPlatformUtilsService.cs (+1 -1)
📝 src/Core/Abstractions/IUserVerificationMediatorService.cs (+19 -5)
📝 src/Core/Pages/Accounts/LockPageViewModel.cs (+1 -1)
📝 src/Core/Pages/Settings/SecuritySettingsPageViewModel.cs (+1 -1)
📝 src/Core/Services/Fido2AuthenticatorService.cs (+2 -15)
📝 src/Core/Services/MobilePlatformUtilsService.cs (+5 -1)
📝 src/Core/Services/UserVerification/Fido2UserVerificationPreferredServiceStrategy.cs (+11 -6)
📝 src/Core/Services/UserVerification/Fido2UserVerificationRequiredServiceStrategy.cs (+25 -12)
📝 src/Core/Services/UserVerification/IUserVerificationServiceStrategy.cs (+3 -2)
📝 src/Core/Services/UserVerification/UserVerificationMediatorService.cs (+68 -25)
src/Core/Utilities/CancellableResult.cs (+15 -0)
📝 src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs (+5 -3)
📝 src/iOS.Autofill/LoginAddViewController.cs (+12 -6)
📝 src/iOS.Autofill/LoginListViewController.cs (+33 -11)
📝 src/iOS.Core/Controllers/BaseLockPasswordViewController.cs (+1 -1)

📄 Description

Type of change

  • Bug fix
  • New feature development
  • Tech debt (refactoring, code cleanup, dependency upgrades, etc)
  • Build/deploy pipeline (DevOps)
  • Other

Objective

Improved user verification on passkeys creation to better take into account User verification cancellation and also enforcement at the moment of creation.

Code changes

  • MobilePlatformUtilsService: Now AuthenticateBiometricAsync returns null when cancelled by the user.
  • UserVerificationMediatorService: Changed to use CancellableResult<T> to tackle cancellation flows.
    • Same applies to its strategies
  • LoginListViewController/LoginAddViewController: Added cancellation flow so the user can try again and also implemented user verification enforcement at this stage as well to prevent the cipher to be created if the verification fails and is required.

Before you submit

  • Please check for formatting errors (dotnet format --verify-no-changes) (required)
  • Please add unit tests where it makes sense to do so (encouraged but not required)
  • If this change requires a documentation update - notify the documentation team
  • If this change has particular deployment requirements - notify the DevOps team

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/bitwarden/android/pull/3099 **Author:** [@fedemkr](https://github.com/fedemkr) **Created:** 3/20/2024 **Status:** ✅ Merged **Merged:** 3/21/2024 **Merged by:** [@fedemkr](https://github.com/fedemkr) **Base:** `feature/maui-migration-passkeys` ← **Head:** `vault/pm-6848/fix-on-uv-cancel-dont-create-item` --- ### 📝 Commits (2) - [`3774c3f`](https://github.com/bitwarden/android/commit/3774c3f13e8ec1214d2b4e74f82b6670f086f614) PM-6848 Updated cancellation flow on passkey user verification and improved UV enforcement on creation - [`271bbfd`](https://github.com/bitwarden/android/commit/271bbfde86f170dba2bd69c33b679ccea9afb49b) PM-6848 Added null checks to help diagnosing if NRE is presented ### 📊 Changes **15 files changed** (+202 additions, -90 deletions) <details> <summary>View changed files</summary> 📝 `src/Core/Abstractions/IPlatformUtilsService.cs` (+1 -1) 📝 `src/Core/Abstractions/IUserVerificationMediatorService.cs` (+19 -5) 📝 `src/Core/Pages/Accounts/LockPageViewModel.cs` (+1 -1) 📝 `src/Core/Pages/Settings/SecuritySettingsPageViewModel.cs` (+1 -1) 📝 `src/Core/Services/Fido2AuthenticatorService.cs` (+2 -15) 📝 `src/Core/Services/MobilePlatformUtilsService.cs` (+5 -1) 📝 `src/Core/Services/UserVerification/Fido2UserVerificationPreferredServiceStrategy.cs` (+11 -6) 📝 `src/Core/Services/UserVerification/Fido2UserVerificationRequiredServiceStrategy.cs` (+25 -12) 📝 `src/Core/Services/UserVerification/IUserVerificationServiceStrategy.cs` (+3 -2) 📝 `src/Core/Services/UserVerification/UserVerificationMediatorService.cs` (+68 -25) ➕ `src/Core/Utilities/CancellableResult.cs` (+15 -0) 📝 `src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs` (+5 -3) 📝 `src/iOS.Autofill/LoginAddViewController.cs` (+12 -6) 📝 `src/iOS.Autofill/LoginListViewController.cs` (+33 -11) 📝 `src/iOS.Core/Controllers/BaseLockPasswordViewController.cs` (+1 -1) </details> ### 📄 Description ## Type of change - [X] Bug fix - [ ] New feature development - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - [ ] Build/deploy pipeline (DevOps) - [ ] Other ## Objective <!--Describe what the purpose of this PR is. For example: what bug you're fixing or what new feature you're adding--> Improved user verification on passkeys creation to better take into account User verification cancellation and also enforcement at the moment of creation. ## Code changes <!--Explain the changes you've made to each file or major component. This should help the reviewer understand your changes--> <!--Also refer to any related changes or PRs in other repositories--> * **MobilePlatformUtilsService:** Now `AuthenticateBiometricAsync` returns `null` when cancelled by the user. * **UserVerificationMediatorService:** Changed to use `CancellableResult<T>` to tackle cancellation flows. * Same applies to its strategies * **LoginListViewController/LoginAddViewController:** Added cancellation flow so the user can try again and also implemented user verification enforcement at this stage as well to prevent the cipher to be created if the verification fails and is required. ## Before you submit - Please check for formatting errors (`dotnet format --verify-no-changes`) (required) - Please add **unit tests** where it makes sense to do so (encouraged but not required) - If this change requires a **documentation update** - notify the documentation team - If this change has particular **deployment requirements** - notify the DevOps team --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-04-16 23:29:25 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#23401
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?