diff --git a/apps/web/src/app/auth/core/services/webauthn/webauthn-api.service.ts b/apps/web/src/app/auth/core/services/webauthn/webauthn-api.service.ts index 7f4165f023c..bf92909711c 100644 --- a/apps/web/src/app/auth/core/services/webauthn/webauthn-api.service.ts +++ b/apps/web/src/app/auth/core/services/webauthn/webauthn-api.service.ts @@ -35,7 +35,8 @@ export class WebauthnApiService { return this.apiService.send("GET", "/webauthn", null, true, true); } - deleteCredential(id: string): Promise { - return this.apiService.send("DELETE", `/webauthn/${id}`, null, true, true); + async deleteCredential(credentialId: string, verification: Verification): Promise { + const request = await this.userVerificationService.buildRequest(verification); + await this.apiService.send("POST", `/webauthn/${credentialId}/delete`, request, true, true); } } diff --git a/apps/web/src/app/auth/core/services/webauthn/webauthn.service.ts b/apps/web/src/app/auth/core/services/webauthn/webauthn.service.ts index 18da0da7452..b4285f5b7f8 100644 --- a/apps/web/src/app/auth/core/services/webauthn/webauthn.service.ts +++ b/apps/web/src/app/auth/core/services/webauthn/webauthn.service.ts @@ -114,9 +114,9 @@ export class WebauthnService { ); } - async deleteCredential(credentialId: string): Promise { + async deleteCredential(credentialId: string, verification: Verification): Promise { try { - await this.apiService.deleteCredential(credentialId); + await this.apiService.deleteCredential(credentialId, verification); this.platformUtilsService.showToast("success", null, this.i18nService.t("passkeyRemoved")); this.refresh(); return true; diff --git a/apps/web/src/app/auth/settings/fido2-login-settings/delete-credential-dialog/delete-credential-dialog.component.ts b/apps/web/src/app/auth/settings/fido2-login-settings/delete-credential-dialog/delete-credential-dialog.component.ts index d5d001813b3..1f99eaed602 100644 --- a/apps/web/src/app/auth/settings/fido2-login-settings/delete-credential-dialog/delete-credential-dialog.component.ts +++ b/apps/web/src/app/auth/settings/fido2-login-settings/delete-credential-dialog/delete-credential-dialog.component.ts @@ -4,6 +4,7 @@ import { FormBuilder, Validators } from "@angular/forms"; import { Subject, takeUntil } from "rxjs"; import { DialogServiceAbstraction } from "@bitwarden/angular/services/dialog"; +import { VerificationType } from "@bitwarden/common/auth/enums/verification-type"; import { WebauthnService } from "../../../core"; import { WebauthnCredentialView } from "../../../core/views/webauth-credential.view"; @@ -43,7 +44,11 @@ export class DeleteCredentialDialogComponent implements OnInit, OnDestroy { } this.dialogRef.disableClose = true; - if (!(await this.webauthnService.deleteCredential(this.credential.id))) { + const success = await this.webauthnService.deleteCredential(this.credential.id, { + type: VerificationType.MasterPassword, + secret: this.formGroup.value.masterPassword, + }); + if (!success) { this.dialogRef.disableClose = false; return; }