Merge remote-tracking branch 'origin/autofill/anders-passkey-unlock' into autofill/PM-17444-use-reprompt

apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts

@@ -254,10 +254,19 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
     }
   }
 
-  private async showUi(route: string, position?: { x: number; y: number }): Promise<void> {
+  private async showUi(
+    route: string,
+    position?: { x: number; y: number },
+    disableRedirect?: boolean,
+  ): Promise<void> {
     // Load the UI:
     await this.desktopSettingsService.setModalMode(true, position);
-    await this.router.navigate([route]);
+    await this.router.navigate([
+      route,
+      {
+        "disable-redirect": disableRedirect || null,
+      },
+    ]);
   }
 
   /**
@@ -316,7 +325,17 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
 
     const status = await firstValueFrom(this.authService.activeAccountStatus$);
     if (status !== AuthenticationStatus.Unlocked) {
-      throw new Error("Vault is not unlocked");
+      await this.showUi("/lock", this.windowObject.windowXy, true);
+      const status2 = await lastValueFrom(
+        this.authService.activeAccountStatus$.pipe(
+          filter((s) => s === AuthenticationStatus.Unlocked),
+          take(1),
+          timeout(30000),
+        ),
+      );
+      if (status2 !== AuthenticationStatus.Unlocked) {
+        throw new Error("Vault is not unlocked");
+      }
     }
   }
 

apps/desktop/src/modal/passkeys/fido2-vault.component.ts

@@ -89,11 +89,14 @@ export class Fido2VaultComponent implements OnInit, OnDestroy {
   }
 
   async chooseCipher(cipher: CipherView) {
-    const userReprompted =
+    if (
       cipher.reprompt !== CipherRepromptType.None &&
-      !(await this.passwordRepromptService.showPasswordPrompt());
-
-    this.session?.confirmChosenCipher(cipher.id, userReprompted);
+      !(await this.passwordRepromptService.showPasswordPrompt())
+    ) {
+      this.session?.confirmChosenCipher(cipher.id, false);
+    } else {
+      this.session?.confirmChosenCipher(cipher.id, true);
+    }
 
     await this.router.navigate(["/"]);
     await this.desktopSettingsService.setModalMode(false);

libs/key-management-ui/src/lock/components/lock.component.ts

@@ -1,7 +1,7 @@
 import { CommonModule } from "@angular/common";
 import { Component, NgZone, OnDestroy, OnInit } from "@angular/core";
 import { FormBuilder, FormGroup, ReactiveFormsModule, Validators } from "@angular/forms";
-import { Router } from "@angular/router";
+import { Router, ActivatedRoute } from "@angular/router";
 import {
   BehaviorSubject,
   firstValueFrom,
@@ -136,6 +136,7 @@ export class LockComponent implements OnInit, OnDestroy {
     private keyService: KeyService,
     private platformUtilsService: PlatformUtilsService,
     private router: Router,
+    private activatedRoute: ActivatedRoute,
     private dialogService: DialogService,
     private messagingService: MessagingService,
     private biometricStateService: BiometricStateService,
@@ -621,7 +622,10 @@ export class LockComponent implements OnInit, OnDestroy {
     }
 
     // determine success route based on client type
-    if (this.clientType != null) {
+    if (
+      this.clientType != null &&
+      this.activatedRoute.snapshot.paramMap.get("disable-redirect") === null
+    ) {
       const successRoute = clientTypeToSuccessRouteRecord[this.clientType];
       await this.router.navigate([successRoute]);
     }