temp: device auth key Swift FIDO authenticator

BitwardenShared/Core/Auth/Models/Domain/DeviceAuthKeyRecord.swift

@@ -25,7 +25,7 @@ public struct DeviceAuthKeyRecord: Codable, Equatable, Sendable {
     public let discoverable: EncString
 
     /// The HMAC secret, if the credential supports the hmac-secret extension.
-    public let hmacSecret: EncString?
+    public let hmacSecret: EncString
 
     /// The algorithm used for the key (e.g., "ES256" for ECDSA with SHA-256).
     public let keyAlgorithm: EncString
@@ -43,16 +43,16 @@ public struct DeviceAuthKeyRecord: Codable, Equatable, Sendable {
     public let rpId: EncString
 
     /// The human-readable name of the relying party.
-    public let rpName: EncString?
+    public let rpName: EncString
 
     /// The user's human-readable display name.
-    public let userDisplayName: EncString?
+    public let userDisplayName: EncString
 
     /// The user identifier for the relying party.
-    public let userId: EncString?
+    public let userId: EncString
 
     /// The user's username or login name.
-    public let userName: EncString?
+    public let userName: EncString
 
     /// Creates a new device auth key record.
     ///
@@ -80,16 +80,16 @@ public struct DeviceAuthKeyRecord: Codable, Equatable, Sendable {
         creationDate: Date,
         credentialId: EncString,
         discoverable: EncString,
-        hmacSecret: EncString?,
+        hmacSecret: EncString,
         keyAlgorithm: EncString,
         keyCurve: EncString,
         keyType: EncString,
         keyValue: EncString,
         rpId: EncString,
-        rpName: EncString?,
-        userDisplayName: EncString?,
-        userId: EncString?,
-        userName: EncString?,
+        rpName: EncString,
+        userDisplayName: EncString,
+        userId: EncString,
+        userName: EncString,
     ) {
         self.cipherId = cipherId
         self.cipherName = cipherName
@@ -108,4 +108,122 @@ public struct DeviceAuthKeyRecord: Codable, Equatable, Sendable {
         self.userId = userId
         self.userName = userName
     }
+
+    func toCipherView() -> CipherView {
+        CipherView(
+            id: cipherId,
+            organizationId: nil,
+            folderId: nil,
+            collectionIds: [],
+            key: nil,
+            name: cipherName,
+            notes: nil,
+            type: .login,
+            login: BitwardenSdk.LoginView(
+                username: nil,
+                password: nil,
+                passwordRevisionDate: nil,
+                uris: nil,
+                totp: nil,
+                autofillOnPageLoad: true,
+                fido2Credentials: [
+                    Fido2Credential(
+                        credentialId: credentialId,
+                        keyType: keyType,
+                        keyAlgorithm: keyAlgorithm,
+                        keyCurve: keyCurve,
+                        keyValue: keyValue,
+                        rpId: rpId,
+                        userHandle: userId,
+                        userName: userName,
+                        counter: counter,
+                        rpName: rpName,
+                        userDisplayName: userDisplayName,
+                        discoverable: discoverable,
+                        // TODO(PM-26177): SDK will add this field
+                        // hmacSecret: hmacSecret,
+                        creationDate: creationDate
+                    ),
+                ]
+            ),
+            identity: nil,
+            card: nil,
+            secureNote: nil,
+            sshKey: nil,
+            favorite: false,
+            reprompt: .none,
+            organizationUseTotp: false,
+            edit: false,
+            permissions: nil,
+            viewPassword: false,
+            localData: nil,
+            attachments: nil,
+            attachmentDecryptionFailures: nil,
+            fields: nil,
+            passwordHistory: nil,
+            creationDate: creationDate,
+            deletedDate: nil,
+            revisionDate: creationDate,
+            archivedDate: nil
+        )
+    }
+
+    func toCipher() -> Cipher {
+        Cipher(
+            id: cipherId,
+            organizationId: nil,
+            folderId: nil,
+            collectionIds: [],
+            key: nil,
+            name: cipherName,
+            notes: nil,
+            type: .login,
+            login: BitwardenSdk.Login(
+                username: nil,
+                password: nil,
+                passwordRevisionDate: nil,
+                uris: nil,
+                totp: nil,
+                autofillOnPageLoad: true,
+                fido2Credentials: [
+                    Fido2Credential(
+                        credentialId: credentialId,
+                        keyType: keyType,
+                        keyAlgorithm: keyAlgorithm,
+                        keyCurve: keyCurve,
+                        keyValue: keyValue,
+                        rpId: rpId,
+                        userHandle: userId,
+                        userName: userName,
+                        counter: counter,
+                        rpName: rpName,
+                        userDisplayName: userDisplayName,
+                        discoverable: discoverable,
+                        // TODO(PM-26177): SDK will add this field
+                        // hmacSecret: hmacSecret,
+                        creationDate: creationDate
+                    ),
+                ]
+            ),
+            identity: nil,
+            card: nil,
+            secureNote: nil,
+            sshKey: nil,
+            favorite: false,
+            reprompt: .none,
+            organizationUseTotp: false,
+            edit: false,
+            permissions: nil,
+            viewPassword: false,
+            localData: nil,
+            attachments: nil,
+            fields: nil,
+            passwordHistory: nil,
+            creationDate: creationDate,
+            deletedDate: nil,
+            revisionDate: creationDate,
+            archivedDate: nil,
+            data: nil,
+        )
+    }
 }

BitwardenShared/Core/Auth/Services/ClientFido2Service.swift

@@ -1,4 +1,5 @@
 import BitwardenSdk
+import CryptoKit
 import Foundation
 
 /// A protocol for a service that handles Fido2 tasks. This is similar to
@@ -20,6 +21,17 @@ protocol ClientFido2Service: AnyObject {
     /// - Returns: An array of decrypted Fido2 credentials of type `Fido2CredentialAutofillView`.
     func decryptFido2AutofillCredentials(cipherView: CipherView) throws -> [Fido2CredentialAutofillView]
 
+    /// - Parameters:
+    ///   - userInterface: `Fido2UserInterface` with necessary platform side logic related to UI.
+    ///   - credentialStore: `Fido2CredentialStore` with necessary platform side logic related to credential storage.
+    ///   - deviceKey: `SymmetricKey` used to encrypt data on the device.
+    /// - Returns: Returns the `ClientFido2Authenticator` to perform Fido2 authenticator tasks.
+    func deviceAuthenticator(
+        userInterface: Fido2UserInterface,
+        credentialStore: Fido2CredentialStore,
+        deviceKey: SymmetricKey,
+    ) throws -> ClientFido2AuthenticatorProtocol
+
     /// Returns the `ClientFido2Authenticator` to perform Fido2 authenticator tasks.
     /// - Parameters:
     ///   - userInterface: `Fido2UserInterface` with necessary platform side logic related to UI.
@@ -45,6 +57,17 @@ extension ClientFido2: ClientFido2Service {
         try decryptFido2AutofillCredentials(cipherView: cipherView)
     }
 
+    func deviceAuthenticator(
+        userInterface: Fido2UserInterface,
+        credentialStore: Fido2CredentialStore,
+        deviceKey: SymmetricKey,
+    ) throws -> ClientFido2AuthenticatorProtocol {
+        let encryptionKey = deviceKey.withUnsafeBytes { bytes in
+            Data(Array(bytes))
+        }
+        throw DeviceAuthKeyError.notImplemented
+    }
+
     func vaultAuthenticator(
         userInterface: Fido2UserInterface,
         credentialStore: Fido2CredentialStore,