[PM-4688] Automatically fallback on passkey retrieval if no passkeys are found (#6787)

* [PM-4688] feat: auto-fallback when credential not found * [PM-4688] fix: don't show popup unless needed
2025-12-16 00:03:56 +00:00 · 2023-11-03 18:27:55 +01:00
parent 62e1e165c4
commit 197059d4fa
5 changed files with 40 additions and 4 deletions
--- a/apps/browser/src/background/main.background.ts
+++ b/apps/browser/src/background/main.background.ts
@@ -586,7 +586,8 @@ export default class MainBackground {
    this.browserPopoutWindowService = new BrowserPopoutWindowService();

    this.fido2UserInterfaceService = new BrowserFido2UserInterfaceService(
-      this.browserPopoutWindowService
+      this.browserPopoutWindowService,
+      this.authService
    );
    this.fido2AuthenticatorService = new Fido2AuthenticatorService(
      this.cipherService,
--- a/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts
+++ b/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts
@@ -17,6 +17,8 @@ import {
  throwError,
 } from "rxjs";

+import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
+import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
 import { Utils } from "@bitwarden/common/platform/misc/utils";
 import { UserRequestedFallbackAbortReason } from "@bitwarden/common/vault/abstractions/fido2/fido2-client.service.abstraction";
 import {
@@ -114,7 +116,10 @@ export type BrowserFido2Message = { sessionId: string } & (
 * The user interface is implemented as a popout and the service uses the browser's messaging API to communicate with it.
 */
 export class BrowserFido2UserInterfaceService implements Fido2UserInterfaceServiceAbstraction {
-  constructor(private browserPopoutWindowService: BrowserPopoutWindowService) {}
+  constructor(
+    private browserPopoutWindowService: BrowserPopoutWindowService,
+    private authService: AuthService
+  ) {}

  async newSession(
    fallbackSupported: boolean,
@@ -123,6 +128,7 @@ export class BrowserFido2UserInterfaceService implements Fido2UserInterfaceServi
  ): Promise<Fido2UserInterfaceSession> {
    return await BrowserFido2UserInterfaceSession.create(
      this.browserPopoutWindowService,
+      this.authService,
      fallbackSupported,
      tab,
      abortController
@@ -133,12 +139,14 @@ export class BrowserFido2UserInterfaceService implements Fido2UserInterfaceServi
 export class BrowserFido2UserInterfaceSession implements Fido2UserInterfaceSession {
  static async create(
    browserPopoutWindowService: BrowserPopoutWindowService,
+    authService: AuthService,
    fallbackSupported: boolean,
    tab: chrome.tabs.Tab,
    abortController?: AbortController
  ): Promise<BrowserFido2UserInterfaceSession> {
    return new BrowserFido2UserInterfaceSession(
      browserPopoutWindowService,
+      authService,
      fallbackSupported,
      tab,
      abortController
@@ -176,6 +184,7 @@ export class BrowserFido2UserInterfaceSession implements Fido2UserInterfaceSessi

  private constructor(
    private readonly browserPopoutWindowService: BrowserPopoutWindowService,
+    private readonly authService: AuthService,
    private readonly fallbackSupported: boolean,
    private readonly tab: chrome.tabs.Tab,
    readonly abortController = new AbortController(),
@@ -278,7 +287,9 @@ export class BrowserFido2UserInterfaceSession implements Fido2UserInterfaceSessi
  }

  async ensureUnlockedVault(): Promise<void> {
-    await this.connect();
+    if ((await this.authService.getAuthStatus()) !== AuthenticationStatus.Unlocked) {
+      await this.connect();
+    }
  }

  async informCredentialNotFound(): Promise<void> {