Correctly assume UP

apps/desktop/src/autofill/services/desktop-autofill.service.ts

@@ -205,7 +205,7 @@ export class DesktopAutofillService implements OnDestroy {
         const controller = new AbortController();
         void this.fido2AuthenticatorService
           .getAssertion(
-            this.convertAssertionRequest(request, true),
+            this.convertAssertionRequest(request),
             { windowXy: request.windowXy },
             controller,
           )
@@ -290,7 +290,6 @@ export class DesktopAutofillService implements OnDestroy {
     request:
       | autofill.PasskeyAssertionRequest
       | autofill.PasskeyAssertionWithoutUserInterfaceRequest,
-    assumeUserPresence: boolean = false,
   ): Fido2AuthenticatorGetAssertionParams {
     let allowedCredentials;
     if ("credentialId" in request) {
@@ -315,7 +314,7 @@ export class DesktopAutofillService implements OnDestroy {
       requireUserVerification:
         request.userVerification === "required" || request.userVerification === "preferred",
       fallbackSupported: false,
-      assumeUserPresence,
+      assumeUserPresence: true, // For desktop assertions, it's safe to assume UP has been checked by OS dialogues
     };
   }
 

apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts

@@ -115,7 +115,7 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
     try {
       // Check if we can return the credential without user interaction
       // TODO: Assume user presence is undefined
-      if (cipherIds.length === 1 && !masterPasswordRepromptRequired) {
+      if (assumeUserPresence && cipherIds.length === 1 && !masterPasswordRepromptRequired) {
         this.logService.debug(
           "shortcut - Assuming user presence and returning cipherId",
           cipherIds[0],