From 477b1cca443a2f5edb934ba2f0f1317e17dc8308 Mon Sep 17 00:00:00 2001
From: Federico Maccaroni <fedemkr@gmail.com>
Date: Wed, 8 May 2024 16:54:00 -0300
Subject: [PATCH] [PM-7255] Fix autofill cancelling the request producing
 inconsistent behavior (#3230)

* PM-7255 Fix autofill cancelling the request on password autofill because of wrong safeguard

* PM-7255 Clear code no longer used
---
 .../CredentialProviderViewController.Passkeys.cs         | 5 -----
 src/iOS.Autofill/CredentialProviderViewController.cs     | 9 ++++++---
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs b/src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs
index b1664c85f..6560e6821 100644
--- a/src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs
+++ b/src/iOS.Autofill/CredentialProviderViewController.Passkeys.cs
@@ -328,11 +328,6 @@ namespace Bit.iOS.Autofill
             }
         }
 
-        private bool CanProvideCredentialOnPasskeyRequest(CipherView cipherView)
-        {
-            return _context.PasskeyCredentialRequest != null && !cipherView.Login.HasFido2Credentials;
-        }
-
         private void OnConfirmingNewCredential()
         {
             MainThread.BeginInvokeOnMainThread(() =>
diff --git a/src/iOS.Autofill/CredentialProviderViewController.cs b/src/iOS.Autofill/CredentialProviderViewController.cs
index a1e6bbaa5..501b508d0 100644
--- a/src/iOS.Autofill/CredentialProviderViewController.cs
+++ b/src/iOS.Autofill/CredentialProviderViewController.cs
@@ -443,14 +443,17 @@ namespace Bit.iOS.Autofill
                     return;
                 }
 
-                var decCipher = await cipher.DecryptAsync();
-
-                if (!CanProvideCredentialOnPasskeyRequest(decCipher))
+                if (_context.IsPasskey)
                 {
+                    // this shouldn't happen but as a safeguard we've set it here:
+                    // if somehow the flow got into here then it's impossible to find the credential identity
+                    // i.e. if on iOS < 17 and somehow there is a PasskeyCredentialRequest that was passed along in the iOS callbacks
                     CancelRequest(ASExtensionErrorCode.CredentialIdentityNotFound);
                     return;
                 }
 
+                var decCipher = await cipher.DecryptAsync();
+
                 if (decCipher.Reprompt != CipherRepromptType.None)
                 {
                     // Prompt for password using either the lock screen or dialog unless