[PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed (#6003)

* [PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed * [PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed * [PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed
2025-12-16 08:13:42 +00:00 · 2023-08-17 08:14:58 -05:00
parent abe16005f6
commit 93676824c2
4 changed files with 85 additions and 63 deletions
--- a/apps/browser/src/background/runtime.background.ts
+++ b/apps/browser/src/background/runtime.background.ts
@@ -52,7 +52,11 @@ export default class RuntimeBackground {
      sender: chrome.runtime.MessageSender,
      sendResponse: any
    ) => {
-      const messagesWithResponse = ["fido2RegisterCredentialRequest", "fido2GetCredentialRequest"];
+      const messagesWithResponse = [
+        "checkFido2FeatureEnabled",
+        "fido2RegisterCredentialRequest",
+        "fido2GetCredentialRequest",
+      ];

      if (messagesWithResponse.includes(msg.command)) {
        this.processMessage(msg, sender).then(
@@ -233,6 +237,8 @@ export default class RuntimeBackground {
      case "fido2AbortRequest":
        this.abortControllers.get(msg.abortedRequestId)?.abort();
        break;
+      case "checkFido2FeatureEnabled":
+        return await this.main.fido2ClientService.isFido2FeatureEnabled();
      case "fido2RegisterCredentialRequest":
        return await this.main.fido2ClientService
          .createCredential(msg.data, this.createAbortController(msg.requestId))
--- a/apps/browser/src/vault/fido2/content/content-script.ts
+++ b/apps/browser/src/vault/fido2/content/content-script.ts
@@ -1,65 +1,80 @@
 import { Message, MessageType } from "./messaging/message";
 import { Messenger } from "./messaging/messenger";

-const s = document.createElement("script");
-s.src = chrome.runtime.getURL("content/fido2/page-script.js");
-(document.head || document.documentElement).appendChild(s);
+function checkFido2FeatureEnabled() {
+  chrome.runtime.sendMessage(
+    { command: "checkFido2FeatureEnabled" },
+    (response: { result?: boolean }) => initializeFido2ContentScript(response.result)
+  );
+}

-const messenger = Messenger.forDOMCommunication(window);
-
-messenger.handler = async (message, abortController) => {
-  const abortHandler = () =>
-    chrome.runtime.sendMessage({
-      command: "fido2AbortRequest",
-      abortedRequestId: message.metadata.requestId,
-    });
-  abortController.signal.addEventListener("abort", abortHandler);
-
-  if (message.type === MessageType.CredentialCreationRequest) {
-    return new Promise((resolve, reject) => {
-      chrome.runtime.sendMessage(
-        {
-          command: "fido2RegisterCredentialRequest",
-          data: message.data,
-          requestId: message.metadata.requestId,
-        },
-        (response) => {
-          if (response.error !== undefined) {
-            return reject(response.error);
-          }
-
-          resolve({
-            type: MessageType.CredentialCreationResponse,
-            result: response.result,
-          });
-        }
-      );
-    });
+function initializeFido2ContentScript(isFido2FeatureEnabled: boolean) {
+  if (isFido2FeatureEnabled !== true) {
+    return;
  }

-  if (message.type === MessageType.CredentialGetRequest) {
-    return new Promise((resolve, reject) => {
-      chrome.runtime.sendMessage(
-        {
-          command: "fido2GetCredentialRequest",
-          data: message.data,
-          requestId: message.metadata.requestId,
-        },
-        (response) => {
-          if (response.error !== undefined) {
-            return reject(response.error);
+  const s = document.createElement("script");
+  s.src = chrome.runtime.getURL("content/fido2/page-script.js");
+  (document.head || document.documentElement).appendChild(s);
+
+  const messenger = Messenger.forDOMCommunication(window);
+
+  messenger.handler = async (message, abortController) => {
+    const abortHandler = () =>
+      chrome.runtime.sendMessage({
+        command: "fido2AbortRequest",
+        abortedRequestId: message.metadata.requestId,
+      });
+    abortController.signal.addEventListener("abort", abortHandler);
+
+    if (message.type === MessageType.CredentialCreationRequest) {
+      return new Promise((resolve, reject) => {
+        chrome.runtime.sendMessage(
+          {
+            command: "fido2RegisterCredentialRequest",
+            data: message.data,
+            requestId: message.metadata.requestId,
+          },
+          (response) => {
+            if (response.error !== undefined) {
+              return reject(response.error);
+            }
+
+            resolve({
+              type: MessageType.CredentialCreationResponse,
+              result: response.result,
+            });
          }
+        );
+      });
+    }

-          resolve({
-            type: MessageType.CredentialGetResponse,
-            result: response.result,
-          });
-        }
-      );
-    }).finally(() =>
-      abortController.signal.removeEventListener("abort", abortHandler)
-    ) as Promise<Message>;
-  }
+    if (message.type === MessageType.CredentialGetRequest) {
+      return new Promise((resolve, reject) => {
+        chrome.runtime.sendMessage(
+          {
+            command: "fido2GetCredentialRequest",
+            data: message.data,
+            requestId: message.metadata.requestId,
+          },
+          (response) => {
+            if (response.error !== undefined) {
+              return reject(response.error);
+            }

-  return undefined;
-};
+            resolve({
+              type: MessageType.CredentialGetResponse,
+              result: response.result,
+            });
+          }
+        );
+      }).finally(() =>
+        abortController.signal.removeEventListener("abort", abortHandler)
+      ) as Promise<Message>;
+    }
+
+    return undefined;
+  };
+}
+
+checkFido2FeatureEnabled();