[Autofill Auth] Avoid Verifying Pending Dialog from flashing before CVC prompt.

If the user is opted-in, but the card they have selected is not authorized for
FIDO, then we should directly show the CVC prompt without flashing the
Verifying Pending Dialog.

Bug: 949269
Change-Id: I5bada2553a86303d28956f29308f642cc9025ef8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1994266
Commit-Queue: Manas Verma <manasverma@google.com>
Reviewed-by: Jared Saul <jsaul@google.com>
Cr-Commit-Position: refs/heads/master@{#730022}

components/autofill/core/browser/payments/credit_card_access_manager.cc

@@ -310,9 +310,12 @@ void CreditCardAccessManager::FetchCreditCard(
 #endif
 
 #if !defined(OS_ANDROID) && !defined(OS_IOS)
-  // On desktop, show the verify pending dialog for opted-in user.
-  if (user_is_opted_in)
+  // On desktop, show the verify pending dialog for opted-in user, unless it is
+  // already known that selected card requires CVC.
+  if (user_is_opted_in &&
+      (!get_unmask_details_returned || IsSelectedCardFidoAuthorized())) {
     ShowVerifyPendingDialog();
+  }
 #endif
 
   if (should_wait_to_authenticate) {
@@ -363,9 +366,7 @@ void CreditCardAccessManager::Authenticate(bool get_unmask_details_returned) {
                                          AutofillClient::UnmaskAuthMethod::FIDO;
 
   bool card_is_authorized_for_fido =
-      fido_auth_suggested &&
-      unmask_details_.fido_eligible_card_ids.find(card_->server_id()) !=
-          unmask_details_.fido_eligible_card_ids.end();
+      fido_auth_suggested && IsSelectedCardFidoAuthorized();
 
   // If FIDO authentication was suggested, but card is not in authorized list,
   // must authenticate with CVC followed by FIDO in order to authorize this card
@@ -535,6 +536,14 @@ bool CreditCardAccessManager::IsFidoAuthenticationEnabled() {
 #endif
 }
 
+bool CreditCardAccessManager::IsSelectedCardFidoAuthorized() {
+  DCHECK_NE(unmask_details_.unmask_auth_method,
+            AutofillClient::UnmaskAuthMethod::UNKNOWN);
+  return IsFidoAuthenticationEnabled() &&
+         unmask_details_.fido_eligible_card_ids.find(card_->server_id()) !=
+             unmask_details_.fido_eligible_card_ids.end();
+}
+
 void CreditCardAccessManager::ShowWebauthnOfferDialog(
     std::string card_authorization_token) {
 #if !defined(OS_ANDROID) && !defined(OS_IOS)

components/autofill/core/browser/payments/credit_card_access_manager.h

@@ -166,6 +166,10 @@ class CreditCardAccessManager : public CreditCardCVCAuthenticator::Requester,
   // immediately.
   bool IsFidoAuthenticationEnabled();
 
+  // Returns true if |unmask_details_| is set and the card selected is listed as
+  // FIDO eligible.
+  bool IsSelectedCardFidoAuthorized();
+
   // TODO(crbug.com/991037): Move this function under the build flags after the
   // refactoring is done.
   // Offer the option to use WebAuthn for authenticating future card unmasking.

components/autofill/core/browser/payments/test_payments_client.cc

@@ -29,7 +29,10 @@ TestPaymentsClient::TestPaymentsClient(
     PersonalDataManager* personal_data_manager)
     : PaymentsClient(url_loader_factory_,
                      identity_manager,
-                     personal_data_manager) {}
+                     personal_data_manager) {
+  // Default value should be CVC.
+  unmask_details_.unmask_auth_method = AutofillClient::UnmaskAuthMethod::CVC;
+}
 
 TestPaymentsClient::~TestPaymentsClient() {}