[PM-4690] Setting in the browser extension that turns off passkeys (#6929)

* use passkeys setting * check state service on isFido2FeatureEnabled * fix broken json * update description text * make setting global * invert logic to positive state * fix and add to fido2 client service tests
2025-12-18 17:23:37 +00:00 · 2023-11-23 11:09:27 -05:00
parent 59f1a2d022
commit 74208d568e
8 changed files with 77 additions and 1 deletions
--- a/libs/common/src/vault/services/fido2/fido2-client.service.spec.ts
+++ b/libs/common/src/vault/services/fido2/fido2-client.service.spec.ts
@@ -40,6 +40,7 @@ describe("FidoAuthenticatorService", () => {

    client = new Fido2ClientService(authenticator, configService, authService, stateService);
    configService.getFeatureFlag.mockResolvedValue(true);
+    stateService.getEnablePasskeys.mockResolvedValue(true);
    tab = { id: 123, windowId: 456 } as chrome.tabs.Tab;
  });

@@ -229,6 +230,16 @@ describe("FidoAuthenticatorService", () => {
        await rejects.toThrow(FallbackRequestedError);
      });

+      it("should throw FallbackRequestedError if passkeys state is not enabled", async () => {
+        const params = createParams();
+        stateService.getEnablePasskeys.mockResolvedValue(false);
+
+        const result = async () => await client.createCredential(params, tab);
+
+        const rejects = expect(result).rejects;
+        await rejects.toThrow(FallbackRequestedError);
+      });
+
      it("should throw FallbackRequestedError if user is logged out", async () => {
        const params = createParams();
        authService.getAuthStatus.mockResolvedValue(AuthenticationStatus.LoggedOut);
@@ -389,6 +400,16 @@ describe("FidoAuthenticatorService", () => {
        await rejects.toThrow(FallbackRequestedError);
      });

+      it("should throw FallbackRequestedError if passkeys state is not enabled", async () => {
+        const params = createParams();
+        stateService.getEnablePasskeys.mockResolvedValue(false);
+
+        const result = async () => await client.assertCredential(params, tab);
+
+        const rejects = expect(result).rejects;
+        await rejects.toThrow(FallbackRequestedError);
+      });
+
      it("should throw FallbackRequestedError if user is logged out", async () => {
        const params = createParams();
        authService.getAuthStatus.mockResolvedValue(AuthenticationStatus.LoggedOut);
--- a/libs/common/src/vault/services/fido2/fido2-client.service.ts
+++ b/libs/common/src/vault/services/fido2/fido2-client.service.ts
@@ -46,7 +46,11 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
  ) {}

  async isFido2FeatureEnabled(): Promise<boolean> {
-    return await this.configService.getFeatureFlag<boolean>(FeatureFlag.Fido2VaultCredentials);
+    const featureFlagEnabled = await this.configService.getFeatureFlag<boolean>(
+      FeatureFlag.Fido2VaultCredentials
+    );
+    const userEnabledPasskeys = await this.stateService.getEnablePasskeys();
+    return featureFlagEnabled && userEnabledPasskeys;
  }

  async createCredential(