From 67a59b60726dc7979685712315af582e55183e06 Mon Sep 17 00:00:00 2001 From: Bernd Schoolmann Date: Thu, 9 Jan 2025 13:01:49 +0100 Subject: [PATCH] [PM-15584] Fix autoprompt safari process reload (#12352) * Move ownership of biometrics to key-management * Move biometrics ipc ownership to km * Move further files to km; split off preload / ipc to km * Fix linting * Fix linting * Fix tests * Extract biometric messaging service * Fix tests * Update .github/CODEOWNERS Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update .github/CODEOWNERS Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Change ownership of native messaging to key-management * Initial refactor * Initial refactor * Continued refactor * Continued refactor * Add message for when biometric unlock is not configured in desktop app * Clean up lock component * Clean up lock component html * Fix build * Fix status for windows and linux * Continue refactor * Refactor browser * Fix unlock on extensions and add message enums * Implement safari and fix setup * Fix cli and web * Make tests pass * Add backward compatibility * Fix version incompatibility * Clean up auto-bio-prompt on desktop * Fix biometric auto prompt on browser * Fix tests * Remove logging * Add null in return type of unlockwithbiometricsforuser * Move biometrics to libs/key-management * Add README to capital whitelist * Update package-lock.json * Move km to key-management * Move km to key-management * Fix build for cli * Import fixes * Apply prettier fix * Fix test * Import fixes * Import fixes * Update libs/key-management/README.md Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update libs/key-management/package.json Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> * Update lock file * Change imports to top level km package * Change import order * Fix cli build * Remove debug logging * Fix user not showing in "notenabledinconnecteddesktopapp" helptext * Document autoprompt and enable it on manual account switch * Fix build * Fix unlock on windows * Rename duckduckgo message handler service * Fix merge conflicts * Fix codeowners * Fix biometric message handler naming * Update codeowners for renamed message handler service * Fix cli build error * Fix browser build errors * Fix tests and update lock components * Fix linking * Fix build error * Fix build error * Fix build error * Fix build error * Fix logging message * Fix conflicts * Add jsdoc to biometric status enum * Add jsdoc to biometric commands * Remove unused initialization code * Fix incorrectly checked setup-required status in desktop settings component * Extract process reload when required * Remvoe cryptoservice reference * Remove commented out tests * Improve tests * Fix build * Fix tests * Fix biometric unlock * Fix errors from prior merge * Re-add tests * Update lock component tests * Add tests for process reload for biometric ipc unlock * Fix autoprompt happening when it should not * Fix lock v2 * Fix lint * Update apps/browser/src/auth/popup/settings/account-security.component.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update apps/desktop/src/app/accounts/settings.component.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update apps/desktop/src/key-management/biometrics/main-biometrics.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/key-management/src/biometrics/biometric.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update libs/key-management/src/biometrics/biometrics-status.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update apps/browser/src/background/nativeMessaging.background.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update apps/desktop/src/key-management/biometrics/main-biometrics.service.ts Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Cleanup * Remove unavailabilityReason from UI * Fix autoprompt safari process reload * Apply changes according to feedback * Adjust PR according to feedback * Address feedback * Fix account settings biometrics setting * Fix build * Cleanup * Fix incorrect merge * Allow disabling biometrics in browser while desktop app is disconnected --------- Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com> Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> --- apps/browser/src/popup/app.component.ts | 3 +++ .../angular/lock/components/lock.component.ts | 11 ++++++++++- .../src/biometrics/biometric-state.service.ts | 18 ++++++++++++++++++ .../src/biometrics/biometric.state.ts | 11 +++++++++++ 4 files changed, 42 insertions(+), 1 deletion(-) diff --git a/apps/browser/src/popup/app.component.ts b/apps/browser/src/popup/app.component.ts index 8e51152be2e..e8a660620a9 100644 --- a/apps/browser/src/popup/app.component.ts +++ b/apps/browser/src/popup/app.component.ts @@ -21,6 +21,7 @@ import { ToastOptions, ToastService, } from "@bitwarden/components"; +import { BiometricStateService } from "@bitwarden/key-management"; import { PopupCompactModeService } from "../platform/popup/layout/popup-compact-mode.service"; import { PopupViewCacheService } from "../platform/popup/view-cache/popup-view-cache.service"; @@ -64,6 +65,7 @@ export class AppComponent implements OnInit, OnDestroy { private toastService: ToastService, private accountService: AccountService, private animationControlService: AnimationControlService, + private biometricStateService: BiometricStateService, ) {} async ngOnInit() { @@ -134,6 +136,7 @@ export class AppComponent implements OnInit, OnDestroy { } else if (msg.command === "reloadProcess") { if (this.platformUtilsService.isSafari()) { window.setTimeout(() => { + this.biometricStateService.updateLastProcessReload(); window.location.reload(); }, 2000); } diff --git a/libs/key-management/src/angular/lock/components/lock.component.ts b/libs/key-management/src/angular/lock/components/lock.component.ts index e9c7d0d6073..23f1a7a4330 100644 --- a/libs/key-management/src/angular/lock/components/lock.component.ts +++ b/libs/key-management/src/angular/lock/components/lock.component.ts @@ -70,6 +70,9 @@ const clientTypeToSuccessRouteRecord: Partial> = { [ClientType.Browser]: "/tabs/current", }; +/// The minimum amount of time to wait after a process reload for a biometrics auto prompt to be possible +/// Fixes safari autoprompt behavior +const AUTOPROMPT_BIOMETRICS_PROCESS_RELOAD_DELAY = 5000; @Component({ selector: "bit-lock", templateUrl: "lock.component.html", @@ -304,7 +307,13 @@ export class LockComponent implements OnInit, OnDestroy { (await this.biometricService.getShouldAutopromptNow()) ) { await this.biometricService.setShouldAutopromptNow(false); - await this.unlockViaBiometrics(); + if ( + (await this.biometricStateService.getLastProcessReload()) == null || + Date.now() - (await this.biometricStateService.getLastProcessReload()).getTime() > + AUTOPROMPT_BIOMETRICS_PROCESS_RELOAD_DELAY + ) { + await this.unlockViaBiometrics(); + } } } } diff --git a/libs/key-management/src/biometrics/biometric-state.service.ts b/libs/key-management/src/biometrics/biometric-state.service.ts index 138e2589b1c..c7f958c97a8 100644 --- a/libs/key-management/src/biometrics/biometric-state.service.ts +++ b/libs/key-management/src/biometrics/biometric-state.service.ts @@ -14,6 +14,7 @@ import { PROMPT_AUTOMATICALLY, PROMPT_CANCELLED, FINGERPRINT_VALIDATED, + LAST_PROCESS_RELOAD, } from "./biometric.state"; export abstract class BiometricStateService { @@ -106,6 +107,10 @@ export abstract class BiometricStateService { */ abstract setFingerprintValidated(validated: boolean): Promise; + abstract updateLastProcessReload(): Promise; + + abstract getLastProcessReload(): Promise; + abstract logout(userId: UserId): Promise; } @@ -117,6 +122,7 @@ export class DefaultBiometricStateService implements BiometricStateService { private promptCancelledState: GlobalState>; private promptAutomaticallyState: ActiveUserState; private fingerprintValidatedState: GlobalState; + private lastProcessReloadState: GlobalState; biometricUnlockEnabled$: Observable; encryptedClientKeyHalf$: Observable; requirePasswordOnStart$: Observable; @@ -124,6 +130,7 @@ export class DefaultBiometricStateService implements BiometricStateService { promptCancelled$: Observable; promptAutomatically$: Observable; fingerprintValidated$: Observable; + lastProcessReload$: Observable; constructor(private stateProvider: StateProvider) { this.biometricUnlockEnabledState = this.stateProvider.getActive(BIOMETRIC_UNLOCK_ENABLED); @@ -159,6 +166,9 @@ export class DefaultBiometricStateService implements BiometricStateService { this.fingerprintValidatedState = this.stateProvider.getGlobal(FINGERPRINT_VALIDATED); this.fingerprintValidated$ = this.fingerprintValidatedState.state$.pipe(map(Boolean)); + + this.lastProcessReloadState = this.stateProvider.getGlobal(LAST_PROCESS_RELOAD); + this.lastProcessReload$ = this.lastProcessReloadState.state$; } async setBiometricUnlockEnabled(enabled: boolean): Promise { @@ -270,6 +280,14 @@ export class DefaultBiometricStateService implements BiometricStateService { async setFingerprintValidated(validated: boolean): Promise { await this.fingerprintValidatedState.update(() => validated); } + + async updateLastProcessReload(): Promise { + await this.lastProcessReloadState.update(() => new Date()); + } + + async getLastProcessReload(): Promise { + return await firstValueFrom(this.lastProcessReload$); + } } function encryptedClientKeyHalfToEncString( diff --git a/libs/key-management/src/biometrics/biometric.state.ts b/libs/key-management/src/biometrics/biometric.state.ts index f88bd1da581..c37b7d7370d 100644 --- a/libs/key-management/src/biometrics/biometric.state.ts +++ b/libs/key-management/src/biometrics/biometric.state.ts @@ -95,3 +95,14 @@ export const FINGERPRINT_VALIDATED = new KeyDefinition( deserializer: (obj) => obj, }, ); + +/** + * Last process reload time + */ +export const LAST_PROCESS_RELOAD = new KeyDefinition( + BIOMETRIC_SETTINGS_DISK, + "lastProcessReload", + { + deserializer: (obj) => new Date(obj), + }, +);