bitwarden · fedemkr · Dec 19, 2024 · Dec 19, 2024 · Dec 20, 2024 · Dec 20, 2024
@@ -72,6 +72,15 @@ class SceneDelegate: UIResponder, UIWindowSceneDelegate {
                let incomingURL = userActivity.webpageURL {
                 appProcessor.handleAppLinks(incomingURL: incomingURL)
             }
+
+            #if compiler(>=6.0.3)
+
+            if #available(iOS 18.2, *),
+               let userActivity = connectionOptions.userActivities.first {
+                await checkAndHandleCredentialExchangeActivity(appProcessor: appProcessor, userActivity: userActivity)
+            }
+
+            #endif
         }
     }
 
@@ -90,13 +99,10 @@ class SceneDelegate: UIResponder, UIWindowSceneDelegate {
 
         #if compiler(>=6.0.3)
 
-        if #available(iOS 18.2, *),
-           userActivity.activityType == ASCredentialExchangeActivity {
-            guard let token = userActivity.userInfo?[ASCredentialImportToken] as? UUID else {
-                return
+        if #available(iOS 18.2, *) {
+            Task {
+                await checkAndHandleCredentialExchangeActivity(appProcessor: appProcessor, userActivity: userActivity)
             }
-
-            appProcessor.handleImportCredentials(credentialImportToken: token)
         }
 
         #endif
@@ -173,3 +179,28 @@ class SceneDelegate: UIResponder, UIWindowSceneDelegate {
     }
     #endif
 }
+
+// MARK: - SceneDelegate 18.2
+
+#if compiler(>=6.0.3)
+
+@available(iOS 18.2, *)
+extension SceneDelegate {
+    /// Checks  whether there is an `ASCredentialExchangeActivity` in the `userActivity` and handles it.
+    /// - Parameters:
+    ///   - appProcessor: The `AppProcessor` to handle the logic.
+    ///   - userActivity: The activity to handle.
+    private func checkAndHandleCredentialExchangeActivity(
+        appProcessor: AppProcessor,
+        userActivity: NSUserActivity
+    ) async {
+        guard userActivity.activityType == ASCredentialExchangeActivity,
+              let token = userActivity.userInfo?[ASCredentialImportToken] as? UUID else {
+            return
+        }
+
+        await appProcessor.handleImportCredentials(credentialImportToken: token)
+    }
+}
+
+#endif
@@ -1,25 +1,6 @@
 import Foundation
 
 extension JSONDecoder {
-    // MARK: Types
-
-    /// `AnyKey` is a `CodingKey` type that can be used for encoding and decoding keys for custom
-    /// key decoding strategies.
-    struct AnyKey: CodingKey {
-        let stringValue: String
-        let intValue: Int?
-
-        init(stringValue: String) {
-            self.stringValue = stringValue
-            intValue = nil
-        }
-
-        init(intValue: Int) {
-            stringValue = String(intValue)
-            self.intValue = intValue
-        }
-    }
-
     // MARK: Static Properties
 
     /// The default `JSONDecoder` used to decode JSON payloads throughout the app.
@@ -39,9 +20,9 @@
            // not both at the same time 🙃. Since the API contains both formats with the more
            // common containing fractional seconds, attempt to parse that first and fall back to
            // parsing without fractional seconds.
            if let date = dateFormatterWithFractionalSeconds.date(from: stringValue) {
                return date
            } else if let date = dateFormatter.date(from: stringValue) {
                return date
            } else {
                throw DecodingError.dataCorruptedError(

@@ -5,6 +5,32 @@ import XCTest
 class JSONDecoderBitwardenTests: BitwardenTestCase {
     // MARK: Tests
 
+    /// `JSONDecoder.cxpDecoder` can decode Credential Exchange Format.
+    func test_cxpDecoder_decodesISO8601DateWithFractionalSeconds() {
+        let subject = JSONDecoder.cxpDecoder
+        let toDecode = #"{"credentialId":"credential","date":1697790414,"otherKey":"other","rpId":"rp"}"#
+
+        struct JSONBody: Codable, Equatable {
+            let credentialID: String
+            let date: Date
+            let otherKey: String
+            let rpID: String
+        }
+
+        let body = JSONBody(
+            credentialID: "credential",
+            date: Date(year: 2023, month: 10, day: 20, hour: 8, minute: 26, second: 54),
+            otherKey: "other",
+            rpID: "rp"
+        )
+
+        XCTAssertEqual(
+            try subject
+                .decode(JSONBody.self, from: Data(toDecode.utf8)),
+            body
+        )
+    }
+
     /// `JSONDecoder.defaultDecoder` can decode ISO8601 dates with fractional seconds.
     func test_defaultDecoder_decodesISO8601DateWithFractionalSeconds() {
         let subject = JSONDecoder.defaultDecoder

@@ -15,4 +15,32 @@ extension JSONEncoder {
         }
         return jsonEncoder
     }()
+
+    /// The default `JSONEncoder` used to encode JSON payloads when in Credential Exchange flow.
+    static let cxpEncoder: JSONEncoder = {
+        let jsonEncoder = JSONEncoder()
+        jsonEncoder.dateEncodingStrategy = .custom { date, encoder in
+            var container = encoder.singleValueContainer()
+            try container.encode(Int(date.timeIntervalSince1970))
+        }
+        jsonEncoder.keyEncodingStrategy = .custom { keys in
+            let key = keys.last!.stringValue
+            return AnyKey(stringValue: customTransformCodingKeyForCXP(key: key))
+        }
+        return jsonEncoder
+    }()
+
+    // MARK: Static Functions
+
+    /// Transforms the keys from CXP format handled by the Bitwarden SDK into the keys that Apple expects.
+    static func customTransformCodingKeyForCXP(key: String) -> String {
+        return switch key {
+        case "credentialID":
+            "credentialId"
+        case "rpID":
+            "rpId"
+        default:
+            key
+        }
+    }
 }
@@ -5,6 +5,32 @@ import XCTest
 class JSONEncoderBitwardenTests: BitwardenTestCase {
     // MARK: Tests
 
+    /// `JSONEncoder.cxpEncoder` encodes for Credential Exchange Format.
+    func test_cxfpEncoder_encodesISO8601DateWithFractionalSeconds() throws {
+        let subject = JSONEncoder.cxpEncoder
+        subject.outputFormatting = .sortedKeys // added for test consistency so output is ordered.
+
+        struct JSONBody: Codable {
+            let credentialID: String
+            let date: Date
+            let otherKey: String
+            let rpID: String
+        }
+
+        let body = JSONBody(
+            credentialID: "credential",
+            date: Date(year: 2023, month: 10, day: 20, hour: 8, minute: 26, second: 54),
+            otherKey: "other",
+            rpID: "rp"
+        )
+        let encodedData = try subject.encode(body)
+        let encodedString = String(data: encodedData, encoding: .utf8)
+        XCTAssertEqual(
+            encodedString,
+            #"{"credentialId":"credential","date":1697790414,"otherKey":"other","rpId":"rp"}"#
+        )
+    }
+
     /// `JSONEncoder.defaultEncoder` can encode ISO8601 dates without fractional seconds.
     func test_defaultEncoder_encodesISO8601DateWithoutFractionalSeconds() throws {
         let subject = JSONEncoder.defaultEncoder

@@ -28,7 +28,7 @@ protocol ClientService {
     /// - Parameter userId: The user ID mapped to the client instance.
     /// - Returns: A `ClientExportersProtocol` for vault export data tasks.
     ///
-    func exporters(for userId: String?) async throws -> ClientExportersServiceTemp
+    func exporters(for userId: String?) async throws -> ClientExportersProtocol
 
     /// Returns a `ClientGeneratorsProtocol` for generator data tasks.
     ///
@@ -88,7 +88,7 @@ extension ClientService {
 
     /// Returns a `ClientExportersProtocol` for vault export data tasks.
     ///
-    func exporters() async throws -> ClientExportersServiceTemp {
+    func exporters() async throws -> ClientExportersProtocol {
         try await exporters(for: nil)
     }
 
@@ -199,7 +199,7 @@ actor DefaultClientService: ClientService {
         try await client(for: userId).crypto()
     }
 
-    func exporters(for userId: String?) async throws -> ClientExportersServiceTemp {
+    func exporters(for userId: String?) async throws -> ClientExportersProtocol {
         try await client(for: userId).exporters()
     }
 
@@ -366,7 +366,7 @@ protocol BitwardenSdkClient {
     func crypto() -> ClientCryptoProtocol
 
     ///  Returns exporters.
-    func exporters() -> ClientExportersServiceTemp
+    func exporters() -> ClientExportersProtocol
 
     /// Returns generator operations.
     func generators() -> ClientGeneratorsProtocol
@@ -392,7 +392,7 @@ extension Client: BitwardenSdkClient {
         crypto() as ClientCrypto
     }
 
-    func exporters() -> ClientExportersServiceTemp {
+    func exporters() -> ClientExportersProtocol {
         exporters() as ClientExporters
     }
 

@@ -82,6 +82,9 @@ public class ServiceContainer: Services { // swiftlint:disable:this type_body_le
     /// The repository used by the application to manage generator data for the UI layer.
     let generatorRepository: GeneratorRepository
 
+    /// The repository used by the application to manage importing credential in Credential Exhange flow.
+    let importCiphersRepository: ImportCiphersRepository
+
     /// The service used to access & store data on the device keychain.
     let keychainService: KeychainService
 
@@ -192,6 +195,8 @@ public class ServiceContainer: Services { // swiftlint:disable:this type_body_le
     ///   and extends the capabilities of the `Fido2UserInterface` from the SDK.
     ///   - fido2CredentialStore: A store to be used on Fido2 flows to get/save credentials.
     ///   - generatorRepository: The repository used by the application to manage generator data for the UI layer.
+    ///   - importCiphersRepository: The repository used by the application to manage importing credential
+    ///   in Credential Exhange flow.
     ///   - keychainRepository: The repository used to manages keychain items.
     ///   - keychainService: The service used to access & store data on the device keychain.
     ///   - localAuthService: The service used by the application to evaluate local auth policies.
@@ -241,6 +246,7 @@ public class ServiceContainer: Services { // swiftlint:disable:this type_body_le
         fido2CredentialStore: Fido2CredentialStore,
         fido2UserInterfaceHelper: Fido2UserInterfaceHelper,
         generatorRepository: GeneratorRepository,
+        importCiphersRepository: ImportCiphersRepository,
         keychainRepository: KeychainRepository,
         keychainService: KeychainService,
         localAuthService: LocalAuthService,
@@ -290,6 +296,7 @@ public class ServiceContainer: Services { // swiftlint:disable:this type_body_le
         self.fido2CredentialStore = fido2CredentialStore
         self.fido2UserInterfaceHelper = fido2UserInterfaceHelper
         self.generatorRepository = generatorRepository
+        self.importCiphersRepository = importCiphersRepository
         self.keychainService = keychainService
         self.keychainRepository = keychainRepository
         self.localAuthService = localAuthService
@@ -657,6 +664,17 @@ public class ServiceContainer: Services { // swiftlint:disable:this type_body_le
             vaultTimeoutService: vaultTimeoutService
         )
 
+        let credentialManagerFactory = DefaultCredentialManagerFactory()
+
+        let importCiphersRepository = DefaultImportCiphersRepository(
+            clientService: clientService,
+            credentialManagerFactory: credentialManagerFactory,
+            importCiphersService: DefaultImportCiphersService(
+                importCiphersAPIService: apiService
+            ),
+            syncService: syncService
+        )
+
         let userVerificationHelperFactory = DefaultUserVerificationHelperFactory(
             authRepository: authRepository,
             errorReporter: errorReporter,
@@ -728,6 +746,7 @@ public class ServiceContainer: Services { // swiftlint:disable:this type_body_le
             fido2CredentialStore: fido2CredentialStore,
             fido2UserInterfaceHelper: fido2UserInterfaceHelper,
             generatorRepository: generatorRepository,
+            importCiphersRepository: importCiphersRepository,
             keychainRepository: keychainRepository,
             keychainService: keychainService,
             localAuthService: localAuthService,

@@ -24,6 +24,7 @@ typealias Services = HasAPIService
     & HasFido2UserInterfaceHelper
     & HasFileAPIService
     & HasGeneratorRepository
+    & HasImportCiphersRepository
     & HasLocalAuthService
     & HasNFCReaderService
     & HasNotificationCenterService
@@ -210,6 +211,13 @@ protocol HasGeneratorRepository {
     var generatorRepository: GeneratorRepository { get }
 }
 
+/// Protocol for an object that provides a `ImportCiphersRepository`.
+///
+protocol HasImportCiphersRepository {
+    /// The repository used by the application to manage importing credential in Credential Exhange flow.
+    var importCiphersRepository: ImportCiphersRepository { get }
+}
+
 /// Protocol for an object that provides a `LocalAuthService`.
 ///
 protocol HasLocalAuthService {

@@ -37,7 +37,7 @@ class MockClient: BitwardenSdkClient {
         ""
     }
 
-    func exporters() -> any ClientExportersServiceTemp {
+    func exporters() -> any ClientExportersProtocol {
         clientExporters
     }
 

@@ -44,7 +44,7 @@ class MockClientService: ClientService {
         mockCrypto
     }
 
-    func exporters(for userId: String?) -> ClientExportersServiceTemp {
+    func exporters(for userId: String?) -> ClientExportersProtocol {
         mockExporters
     }
 

@@ -24,6 +24,7 @@ extension ServiceContainer {
         fido2CredentialStore: Fido2CredentialStore = MockFido2CredentialStore(),
         fido2UserInterfaceHelper: Fido2UserInterfaceHelper = MockFido2UserInterfaceHelper(),
         generatorRepository: GeneratorRepository = MockGeneratorRepository(),
+        importCiphersRepository: ImportCiphersRepository = MockImportCiphersRepository(),
         httpClient: HTTPClient = MockHTTPClient(),
         keychainRepository: KeychainRepository = MockKeychainRepository(),
         keychainService: KeychainService = MockKeychainService(),
@@ -78,6 +79,7 @@ extension ServiceContainer {
             fido2CredentialStore: fido2CredentialStore,
             fido2UserInterfaceHelper: fido2UserInterfaceHelper,
             generatorRepository: generatorRepository,
+            importCiphersRepository: importCiphersRepository,
             keychainRepository: keychainRepository,
             keychainService: keychainService,
             localAuthService: localAuthService,

@@ -0,0 +1,16 @@
+/// `AnyKey` is a `CodingKey` type that can be used for encoding and decoding keys for custom
+/// key decoding strategies.
+struct AnyKey: CodingKey {
+    let stringValue: String
+    let intValue: Int?
+
+    init(stringValue: String) {
+        self.stringValue = stringValue
+        intValue = nil
+    }
+
+    init(intValue: Int) {
+        stringValue = String(intValue)
+        self.intValue = intValue
+    }
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -37,7 +37,7 @@ class MockClient: BitwardenSdkClient { @@
             ""
         }
-        func exporters() -> any ClientExportersServiceTemp {
+        func exporters() -> any ClientExportersProtocol {
             clientExporters
         }
@@ Expand Down @@