bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2025-12-12 22:33:25 +00:00
Code Issues Releases Wiki Activity

EC-312 Fix crash on entering invalid credentials five times on Autofill (#1988)

Browse Source
This commit is contained in:
Federico Maccaroni
2022-07-14 19:17:04 -03:00
committed by GitHub
parent 2d2a883b96
commit d2fbf5bdea
6 changed files with 236 additions and 170 deletions
Download Patch File Download Diff File Expand all files Collapse all files

347
src/iOS.Autofill/CredentialProviderViewController.cs
View File

@@ -8,10 +8,12 @@ using Bit.App.Utilities;
using Bit.App.Utilities.AccountManagement;
using Bit.Core.Abstractions;
using Bit.Core.Enums;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Bit.iOS.Autofill.Models;
using Bit.iOS.Core.Utilities;
using Bit.iOS.Core.Views;
using CoreFoundation;
using CoreNFC;
using Foundation;
using UIKit;
@@ -36,88 +38,128 @@ namespace Bit.iOS.Autofill
public override void ViewDidLoad()
{
InitApp();
base.ViewDidLoad();
Logo.Image = new UIImage(ThemeHelpers.LightTheme ? "logo.png" : "logo_white.png");
View.BackgroundColor = ThemeHelpers.SplashBackgroundColor;
_context = new Context
try
{
ExtContext = ExtensionContext
};
InitApp();
base.ViewDidLoad();
Logo.Image = new UIImage(ThemeHelpers.LightTheme ? "logo.png" : "logo_white.png");
View.BackgroundColor = ThemeHelpers.SplashBackgroundColor;
_context = new Context
{
ExtContext = ExtensionContext
};
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
}
public override async void PrepareCredentialList(ASCredentialServiceIdentifier[] serviceIdentifiers)
{
InitAppIfNeeded();
_context.ServiceIdentifiers = serviceIdentifiers;
if (serviceIdentifiers.Length > 0)
try
{
var uri = serviceIdentifiers[0].Identifier;
if (serviceIdentifiers[0].Type == ASCredentialServiceIdentifierType.Domain)
InitAppIfNeeded();
_context.ServiceIdentifiers = serviceIdentifiers;
if (serviceIdentifiers.Length > 0)
{
uri = string.Concat("https://", uri);
var uri = serviceIdentifiers[0].Identifier;
if (serviceIdentifiers[0].Type == ASCredentialServiceIdentifierType.Domain)
{
uri = string.Concat("https://", uri);
}
_context.UrlString = uri;
}
_context.UrlString = uri;
}
if (!await IsAuthed())
{
await _accountsManager.NavigateOnAccountChangeAsync(false);
}
else if (await IsLocked())
{
PerformSegue("lockPasswordSegue", this);
}
else
{
if (_context.ServiceIdentifiers == null || _context.ServiceIdentifiers.Length == 0)
if (!await IsAuthed())
{
PerformSegue("loginSearchSegue", this);
await _accountsManager.NavigateOnAccountChangeAsync(false);
}
else if (await IsLocked())
{
PerformSegue("lockPasswordSegue", this);
}
else
{
PerformSegue("loginListSegue", this);
if (_context.ServiceIdentifiers == null || _context.ServiceIdentifiers.Length == 0)
{
PerformSegue("loginSearchSegue", this);
}
else
{
PerformSegue("loginListSegue", this);
}
}
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
}
public override async void ProvideCredentialWithoutUserInteraction(ASPasswordCredentialIdentity credentialIdentity)
{
InitAppIfNeeded();
await _stateService.Value.SetPasswordRepromptAutofillAsync(false);
await _stateService.Value.SetPasswordVerifiedAutofillAsync(false);
if (!await IsAuthed() || await IsLocked())
try
{
var err = new NSError(new NSString("ASExtensionErrorDomain"),
Convert.ToInt32(ASExtensionErrorCode.UserInteractionRequired), null);
ExtensionContext.CancelRequest(err);
return;
InitAppIfNeeded();
await _stateService.Value.SetPasswordRepromptAutofillAsync(false);
await _stateService.Value.SetPasswordVerifiedAutofillAsync(false);
if (!await IsAuthed() || await IsLocked())
{
var err = new NSError(new NSString("ASExtensionErrorDomain"),
Convert.ToInt32(ASExtensionErrorCode.UserInteractionRequired), null);
ExtensionContext.CancelRequest(err);
return;
}
_context.CredentialIdentity = credentialIdentity;
await ProvideCredentialAsync(false);
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
_context.CredentialIdentity = credentialIdentity;
await ProvideCredentialAsync(false);
}
public override async void PrepareInterfaceToProvideCredential(ASPasswordCredentialIdentity credentialIdentity)
{
InitAppIfNeeded();
if (!await IsAuthed())
try
{
await _accountsManager.NavigateOnAccountChangeAsync(false);
return;
InitAppIfNeeded();
if (!await IsAuthed())
{
await _accountsManager.NavigateOnAccountChangeAsync(false);
return;
}
_context.CredentialIdentity = credentialIdentity;
await CheckLockAsync(async () => await ProvideCredentialAsync());
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
_context.CredentialIdentity = credentialIdentity;
CheckLock(async () => await ProvideCredentialAsync());
}
public override async void PrepareInterfaceForExtensionConfiguration()
{
InitAppIfNeeded();
_context.Configuring = true;
if (!await IsAuthed())
try
{
await _accountsManager.NavigateOnAccountChangeAsync(false);
return;
InitAppIfNeeded();
_context.Configuring = true;
if (!await IsAuthed())
{
await _accountsManager.NavigateOnAccountChangeAsync(false);
return;
}
await CheckLockAsync(() => PerformSegue("setupSegue", this));
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
CheckLock(() => PerformSegue("setupSegue", this));
}
public void CompleteRequest(string id = null, string username = null,
@@ -159,34 +201,43 @@ namespace Bit.iOS.Autofill
public override void PrepareForSegue(UIStoryboardSegue segue, NSObject sender)
{
if (segue.DestinationViewController is UINavigationController navController)
try
{
if (navController.TopViewController is LoginListViewController listLoginController)
if (segue.DestinationViewController is UINavigationController navController)
{
listLoginController.Context = _context;
listLoginController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(listLoginController.DismissModalAction);
}
else if (navController.TopViewController is LoginSearchViewController listSearchController)
{
listSearchController.Context = _context;
listSearchController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(listSearchController.DismissModalAction);
}
else if (navController.TopViewController is LockPasswordViewController passwordViewController)
{
passwordViewController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(passwordViewController.DismissModalAction);
}
else if (navController.TopViewController is SetupViewController setupViewController)
{
setupViewController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(setupViewController.DismissModalAction);
if (navController.TopViewController is LoginListViewController listLoginController)
{
listLoginController.Context = _context;
listLoginController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(listLoginController.DismissModalAction);
}
else if (navController.TopViewController is LoginSearchViewController listSearchController)
{
listSearchController.Context = _context;
listSearchController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(listSearchController.DismissModalAction);
}
else if (navController.TopViewController is LockPasswordViewController passwordViewController)
{
passwordViewController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(passwordViewController.DismissModalAction);
}
else if (navController.TopViewController is SetupViewController setupViewController)
{
setupViewController.CPViewController = this;
segue.DestinationViewController.PresentationController.Delegate =
new CustomPresentationControllerDelegate(setupViewController.DismissModalAction);
}
}
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
}
@@ -194,93 +245,109 @@ namespace Bit.iOS.Autofill
{
DismissViewController(false, async () =>
{
if (_context.CredentialIdentity != null)
try
{
await ProvideCredentialAsync();
return;
if (_context.CredentialIdentity != null)
{
await ProvideCredentialAsync();
return;
}
if (_context.Configuring)
{
PerformSegue("setupSegue", this);
return;
}
if (_context.ServiceIdentifiers == null || _context.ServiceIdentifiers.Length == 0)
{
PerformSegue("loginSearchSegue", this);
}
else
{
PerformSegue("loginListSegue", this);
}
}
if (_context.Configuring)
catch (Exception ex)
{
PerformSegue("setupSegue", this);
return;
}
if (_context.ServiceIdentifiers == null || _context.ServiceIdentifiers.Length == 0)
{
PerformSegue("loginSearchSegue", this);
}
else
{
PerformSegue("loginListSegue", this);
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
});
}
private async Task ProvideCredentialAsync(bool userInteraction = true)
{
var cipherService = ServiceContainer.Resolve<ICipherService>("cipherService", true);
Bit.Core.Models.Domain.Cipher cipher = null;
var cancel = cipherService == null || _context.CredentialIdentity?.RecordIdentifier == null;
if (!cancel)
try
{
cipher = await cipherService.GetAsync(_context.CredentialIdentity.RecordIdentifier);
cancel = cipher == null || cipher.Type != Bit.Core.Enums.CipherType.Login || cipher.Login == null;
}
if (cancel)
{
var err = new NSError(new NSString("ASExtensionErrorDomain"),
Convert.ToInt32(ASExtensionErrorCode.CredentialIdentityNotFound), null);
ExtensionContext?.CancelRequest(err);
return;
}
var decCipher = await cipher.DecryptAsync();
if (decCipher.Reprompt != Bit.Core.Enums.CipherRepromptType.None)
{
// Prompt for password using either the lock screen or dialog unless
// already verified the password.
if (!userInteraction)
var cipherService = ServiceContainer.Resolve<ICipherService>("cipherService", true);
Bit.Core.Models.Domain.Cipher cipher = null;
var cancel = cipherService == null || _context.CredentialIdentity?.RecordIdentifier == null;
if (!cancel)
{
cipher = await cipherService.GetAsync(_context.CredentialIdentity.RecordIdentifier);
cancel = cipher == null || cipher.Type != Bit.Core.Enums.CipherType.Login || cipher.Login == null;
}
if (cancel)
{
await _stateService.Value.SetPasswordRepromptAutofillAsync(true);
var err = new NSError(new NSString("ASExtensionErrorDomain"),
Convert.ToInt32(ASExtensionErrorCode.UserInteractionRequired), null);
Convert.ToInt32(ASExtensionErrorCode.CredentialIdentityNotFound), null);
ExtensionContext?.CancelRequest(err);
return;
}
else if (!await _stateService.Value.GetPasswordVerifiedAutofillAsync())
var decCipher = await cipher.DecryptAsync();
if (decCipher.Reprompt != Bit.Core.Enums.CipherRepromptType.None)
{
// Add a timeout to resolve keyboard not always showing up.
await Task.Delay(250);
var passwordRepromptService = ServiceContainer.Resolve<IPasswordRepromptService>("passwordRepromptService");
if (!await passwordRepromptService.ShowPasswordPromptAsync())
// Prompt for password using either the lock screen or dialog unless
// already verified the password.
if (!userInteraction)
{
await _stateService.Value.SetPasswordRepromptAutofillAsync(true);
var err = new NSError(new NSString("ASExtensionErrorDomain"),
Convert.ToInt32(ASExtensionErrorCode.UserCanceled), null);
Convert.ToInt32(ASExtensionErrorCode.UserInteractionRequired), null);
ExtensionContext?.CancelRequest(err);
return;
}
else if (!await _stateService.Value.GetPasswordVerifiedAutofillAsync())
{
// Add a timeout to resolve keyboard not always showing up.
await Task.Delay(250);
var passwordRepromptService = ServiceContainer.Resolve<IPasswordRepromptService>("passwordRepromptService");
if (!await passwordRepromptService.ShowPasswordPromptAsync())
{
var err = new NSError(new NSString("ASExtensionErrorDomain"),
Convert.ToInt32(ASExtensionErrorCode.UserCanceled), null);
ExtensionContext?.CancelRequest(err);
return;
}
}
}
}
string totpCode = null;
var disableTotpCopy = await _stateService.Value.GetDisableAutoTotpCopyAsync();
if (!disableTotpCopy.GetValueOrDefault(false))
{
var canAccessPremiumAsync = await _stateService.Value.CanAccessPremiumAsync();
if (!string.IsNullOrWhiteSpace(decCipher.Login.Totp) &&
(canAccessPremiumAsync || cipher.OrganizationUseTotp))
string totpCode = null;
var disableTotpCopy = await _stateService.Value.GetDisableAutoTotpCopyAsync();
if (!disableTotpCopy.GetValueOrDefault(false))
{
var totpService = ServiceContainer.Resolve<ITotpService>("totpService");
totpCode = await totpService.GetCodeAsync(decCipher.Login.Totp);
var canAccessPremiumAsync = await _stateService.Value.CanAccessPremiumAsync();
if (!string.IsNullOrWhiteSpace(decCipher.Login.Totp) &&
(canAccessPremiumAsync || cipher.OrganizationUseTotp))
{
var totpService = ServiceContainer.Resolve<ITotpService>("totpService");
totpCode = await totpService.GetCodeAsync(decCipher.Login.Totp);
}
}
}
CompleteRequest(decCipher.Id, decCipher.Login.Username, decCipher.Login.Password, totpCode);
CompleteRequest(decCipher.Id, decCipher.Login.Username, decCipher.Login.Password, totpCode);
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
throw;
}
}
private async void CheckLock(Action notLockedAction)
private async Task CheckLockAsync(Action notLockedAction)
{
if (await IsLocked() || await _stateService.Value.GetPasswordRepromptAutofillAsync())
{
PerformSegue("lockPasswordSegue", this);
DispatchQueue.MainQueue.DispatchAsync(() => PerformSegue("lockPasswordSegue", this));
}
else
{
@@ -303,15 +370,21 @@ namespace Bit.iOS.Autofill
{
NSRunLoop.Main.BeginInvokeOnMainThread(async () =>
{
if (await IsAuthed())
try
{
await AppHelpers.LogOutAsync(await _stateService.Value.GetActiveUserIdAsync());
var deviceActionService = ServiceContainer.Resolve<IDeviceActionService>("deviceActionService");
if (deviceActionService.SystemMajorVersion() >= 12)
if (await IsAuthed())
{
await ASCredentialIdentityStore.SharedStore?.RemoveAllCredentialIdentitiesAsync();
await AppHelpers.LogOutAsync(await _stateService.Value.GetActiveUserIdAsync());
if (UIDevice.CurrentDevice.CheckSystemVersion(12, 0))
{
await ASCredentialIdentityStore.SharedStore?.RemoveAllCredentialIdentitiesAsync();
}
}
}
catch (Exception ex)
{
LoggerHelper.LogEvenIfCantBeResolved(ex);
}
});
}