Change where we transform UV

crates/bitwarden/src/platform/fido2/authenticator.rs

@@ -12,7 +12,7 @@
 
 use super::{
     crypto::attested_credential_data_into_iter, types::*, CheckUserOptions, CipherViewContainer,
-    Fido2CredentialStore, Fido2UserInterface, SelectedCredential, Verification, AAGUID,
+    Fido2CredentialStore, Fido2UserInterface, SelectedCredential, AAGUID,
 };
 use crate::{
     error::{require, Error, Result},
@@ -42,6 +42,14 @@
             .expect("Mutex is not poisoned")
             .replace(request.options.uv);
 
+        let verification_enabled = self.user_interface.is_verification_enabled().await;
+        let uv = match (request.options.uv, verification_enabled) {
+            (UV::Preferred, true) => true,
+            (UV::Preferred, false) => false,
+            (UV::Required, _) => true,
+            (UV::Discouraged, _) => false,
+        };
+
         let response = authenticator
             .make_credential(ctap2::make_credential::Request {
                 client_data_hash: request.client_data_hash.into(),
@@ -70,7 +78,7 @@
                 options: passkey::types::ctap2::make_credential::Options {
                     rk: request.options.rk,
                     up: true,
-                    uv: request.options.uv != UV::Discouraged,
+                    uv,
                 },
                 pin_auth: None,
                 pin_protocol: None,
@@ -398,30 +406,17 @@
         // make_credential Should we validate that it matches with what we stored?
         _verification: bool,
     ) -> Result<UserCheck, Ctap2Error> {
-        let verification_enabled = self
-            .authenticator
-            .user_interface
-            .is_verification_enabled()
-            .await;
-
-        let selected_uv = self
+        let verification = self
             .authenticator
             .selected_uv
             .lock()
             .expect("Mutex is not poisoned")
             .take()
             .ok_or(Ctap2Error::UserVerificationInvalid)?;
 
-        let require_verification = match (selected_uv, verification_enabled) {
-            (UV::Preferred, true) => Verification::Required,
-            (UV::Preferred, false) => Verification::Discouraged,
-            (UV::Required, _) => Verification::Required,
-            (UV::Discouraged, _) => Verification::Discouraged,
-        };
-
         let options = CheckUserOptions {
             require_presence: presence,
-            require_verification,
+            require_verification: verification.into(),
         };
 
         let result = self

crates/bitwarden/src/platform/fido2/types.rs

@@ -1,6 +1,6 @@
 use serde::Serialize;
 
-use super::{get_enum_from_string_name, SelectedCredential};
+use super::{get_enum_from_string_name, SelectedCredential, Verification};
 
 #[cfg_attr(feature = "mobile", derive(uniffi::Record))]
 pub struct PublicKeyCredentialRpEntity {
@@ -101,6 +101,16 @@
     Required,
 }
 
+impl From<UV> for Verification {
+    fn from(value: UV) -> Self {
+        match value {
+            UV::Discouraged => Verification::Discouraged,
+            UV::Preferred => Verification::Preferred,
+            UV::Required => Verification::Required,
+        }
+    }
+}
+
 #[cfg_attr(feature = "mobile", derive(uniffi::Record))]
 pub struct GetAssertionResult {
     pub credential_id: Vec<u8>,