PM-6685 Fix race condition issue where the biometrics check is being done before the iOS extension is being shown. So when we need the UI, we wait until ViewDidAppear happens. (#3078)

2025-12-20 10:13:42 +00:00 · 2024-03-14 18:07:52 -03:00
parent 144fc7c727
commit 74085689d3
10 changed files with 64 additions and 17 deletions
--- a/src/Core/Abstractions/IConditionedAwaiterManager.cs
+++ b/src/Core/Abstractions/IConditionedAwaiterManager.cs
@@ -1,12 +1,10 @@
-using System;
+namespace Bit.Core.Abstractions
 using System.Threading.Tasks;
 namespace Bit.Core.Abstractions
 {
    public enum AwaiterPrecondition
    {
        EnvironmentUrlsInited,
-        AndroidWindowCreated
+        AndroidWindowCreated,
        AutofillIOSExtensionViewDidAppear
    }
    public interface IConditionedAwaiterManager
@@ -14,5 +12,6 @@ namespace Bit.Core.Abstractions
        Task GetAwaiterForPrecondition(AwaiterPrecondition awaiterPrecondition);
        void SetAsCompleted(AwaiterPrecondition awaiterPrecondition);
        void SetException(AwaiterPrecondition awaiterPrecondition, Exception ex);
        void Recreate(AwaiterPrecondition awaiterPrecondition);
    }
 }
--- a/src/Core/Resources/Localization/AppResources.Designer.cs
+++ b/src/Core/Resources/Localization/AppResources.Designer.cs
@@ -7685,6 +7685,15 @@ namespace Bit.Core.Resources.Localization {
            }
        }
        /// <summary>
        ///   Looks up a localized string similar to Verifying identity....
        /// </summary>
        public static string VerifyingIdentityEllipsis {
            get {
                return ResourceManager.GetString("VerifyingIdentityEllipsis", resourceCulture);
            }
        }
        /// <summary>
        ///   Looks up a localized string similar to Verify master password.
        /// </summary>
--- a/src/Core/Resources/Localization/AppResources.resx
+++ b/src/Core/Resources/Localization/AppResources.resx
@@ -2936,6 +2936,9 @@ Do you want to switch to this account?</value>
    <value>There was a problem reading your passkey for {0}. Try again later.</value>
    <comment>The parameter is the RpId</comment>
  </data>
  <data name="VerifyingIdentityEllipsis" xml:space="preserve">
    <value>Verifying identity...</value>
  </data>
  <data name="Passwords" xml:space="preserve">
    <value>Passwords</value>
  </data>
--- a/src/Core/Services/ConditionedAwaiterManager.cs
+++ b/src/Core/Services/ConditionedAwaiterManager.cs
@@ -1,7 +1,4 @@
-using System;
+using System.Collections.Concurrent;
 using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 using Bit.Core.Abstractions;
 namespace Bit.Core.Services
@@ -11,7 +8,8 @@ namespace Bit.Core.Services
        private readonly ConcurrentDictionary<AwaiterPrecondition, TaskCompletionSource<bool>> _preconditionsTasks = new ConcurrentDictionary<AwaiterPrecondition, TaskCompletionSource<bool>>
        {
            [AwaiterPrecondition.EnvironmentUrlsInited] = new TaskCompletionSource<bool>(),
-            [AwaiterPrecondition.AndroidWindowCreated] = new TaskCompletionSource<bool>()
+            [AwaiterPrecondition.AndroidWindowCreated] = new TaskCompletionSource<bool>(),
            [AwaiterPrecondition.AutofillIOSExtensionViewDidAppear] = new TaskCompletionSource<bool>()
        };
        public Task GetAwaiterForPrecondition(AwaiterPrecondition awaiterPrecondition)
@@ -39,5 +37,15 @@ namespace Bit.Core.Services
                tcs.TrySetException(ex);
            }
        }
        public void Recreate(AwaiterPrecondition awaiterPrecondition)
        {
            if (_preconditionsTasks.TryRemove(awaiterPrecondition, out var oldTcs))
            {
                oldTcs.TrySetCanceled();
                _preconditionsTasks.TryAdd(awaiterPrecondition, new TaskCompletionSource<bool>());
            }
        }
    }
 }
--- a/src/Core/Services/UserVerification/Fido2UserVerificationPreferredServiceStrategy.cs
+++ b/src/Core/Services/UserVerification/Fido2UserVerificationPreferredServiceStrategy.cs
@@ -19,7 +19,10 @@ namespace Bit.Core.Services.UserVerification
                return true;
            }
-            options.OnNeedUI?.Invoke();
+            if (options.OnNeedUITask != null)
            {
                await options.OnNeedUITask();
            }
            var (canPerformOSUnlock, isOSUnlocked) = await _userVerificationMediatorService.PerformOSUnlockAsync();
            if (canPerformOSUnlock)
--- a/src/Core/Services/UserVerification/Fido2UserVerificationRequiredServiceStrategy.cs
+++ b/src/Core/Services/UserVerification/Fido2UserVerificationRequiredServiceStrategy.cs
@@ -23,7 +23,10 @@ namespace Bit.Core.Services.UserVerification
                return true;
            }
-            options.OnNeedUI?.Invoke();
+            if (options.OnNeedUITask != null)
            {
                await options.OnNeedUITask();
            }
            var (canPerformOSUnlock, isOSUnlocked) = await _userVerificationMediatorService.PerformOSUnlockAsync();
            if (canPerformOSUnlock)
--- a/src/Core/Services/UserVerification/UserVerificationMediatorService.cs
+++ b/src/Core/Services/UserVerification/UserVerificationMediatorService.cs
@@ -39,7 +39,11 @@ namespace Bit.Core.Services.UserVerification
        {
            if (await ShouldPerformMasterPasswordRepromptAsync(options))
            {
-                options.OnNeedUI?.Invoke();
+                if (options.OnNeedUITask != null)
                {
                    await options.OnNeedUITask();
                }
                return await _passwordRepromptService.PromptAndCheckPasswordIfNeededAsync(Enums.CipherRepromptType.Password);
            }
--- a/src/Core/Utilities/Fido2/Fido2UserVerificationOptions.cs
+++ b/src/Core/Utilities/Fido2/Fido2UserVerificationOptions.cs
@@ -6,19 +6,19 @@
            Fido2UserVerificationPreference userVerificationPreference,
            bool hasVaultBeenUnlockedInTransaction,
            string rpId = null,
-            Action onNeedUI = null)
+            Func<Task> onNeedUITask = null)
        {
            ShouldCheckMasterPasswordReprompt = shouldCheckMasterPasswordReprompt;
            UserVerificationPreference = userVerificationPreference;
            HasVaultBeenUnlockedInTransaction = hasVaultBeenUnlockedInTransaction;
            RpId = rpId;
-            OnNeedUI = onNeedUI;
+            OnNeedUITask = onNeedUITask;
        }
        public bool ShouldCheckMasterPasswordReprompt { get; }
        public Fido2UserVerificationPreference UserVerificationPreference { get; }
        public bool HasVaultBeenUnlockedInTransaction { get; }
        public string RpId { get; }
-        public Action OnNeedUI { get; }
+        public Func<Task> OnNeedUITask { get; }
    }
 }
--- a/src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs
+++ b/src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs
@@ -270,13 +270,21 @@ namespace Bit.iOS.Autofill
                        userVerificationPreference,
                        _context.VaultUnlockedDuringThisSession,
                        _context.PasskeyCredentialIdentity?.RelyingPartyIdentifier,
-                        () =>
+                        async () =>
                        {
                            if (_context.IsExecutingWithoutUserInteraction)
                            {
                                CancelRequest(ASExtensionErrorCode.UserInteractionRequired);
                                throw new InvalidOperationNeedsUIException();
                            }
                            // HACK: [PM-6685] There are some devices that end up with a race condition when doing biometrics authentication
                            // that the check is trying to be done before the iOS extension UI is shown, which cause the bio check to fail.
                            // So a workaround is to show a toast which force the iOS extension UI to be shown and then awaiting for the
                            // precondition that the view did appear before continuing with the verification.
                            _platformUtilsService.Value.ShowToast(null, null, AppResources.VerifyingIdentityEllipsis);
                            await _conditionedAwaiterManager.Value.GetAwaiterForPrecondition(AwaiterPrecondition.AutofillIOSExtensionViewDidAppear);
                        })
                    );
            }
--- a/src/iOS.Autofill/CredentialProviderViewController.cs
+++ b/src/iOS.Autofill/CredentialProviderViewController.cs
@@ -32,6 +32,7 @@ namespace Bit.iOS.Autofill
        private IAccountsManager _accountsManager;
        private readonly LazyResolve<IStateService> _stateService = new LazyResolve<IStateService>();
        private readonly LazyResolve<IConditionedAwaiterManager> _conditionedAwaiterManager = new LazyResolve<IConditionedAwaiterManager>();
        public CredentialProviderViewController(IntPtr handle)
            : base(handle)
@@ -56,6 +57,8 @@ namespace Bit.iOS.Autofill
                {
                    ExtContext = ExtensionContext
                };
                _conditionedAwaiterManager.Value.Recreate(AwaiterPrecondition.AutofillIOSExtensionViewDidAppear);
            }
            catch (Exception ex)
            {
@@ -63,6 +66,13 @@ namespace Bit.iOS.Autofill
            }
        }
        public override void ViewDidAppear(bool animated)
        {
            base.ViewDidAppear(animated);
            _conditionedAwaiterManager.Value.SetAsCompleted(AwaiterPrecondition.AutofillIOSExtensionViewDidAppear);
        }
        public override async void PrepareCredentialList(ASCredentialServiceIdentifier[] serviceIdentifiers)
        {
            try