bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-07 20:24:01 +00:00
Code Issues Releases Wiki Activity

Add UV to makeCredential

Browse Source
This commit is contained in:
Isaiah Inuwa
2025-11-11 11:29:04 -06:00
parent 55e071bce4
commit eb8b1a3e57
10 changed files with 23 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
apps/desktop/desktop_native/napi/index.d.ts vendored
View File

@@ -159,6 +159,7 @@ export declare namespace autofill {
supportedAlgorithms: Array<number>
windowXy: Position
excludedCredentials: Array<Array<number>>
context?: Array<number>
}
export interface PasskeyRegistrationResponse {
rpId: string

1
apps/desktop/desktop_native/napi/src/lib.rs
View File

@@ -683,6 +683,7 @@ pub mod autofill {
pub supported_algorithms: Vec<i32>,
pub window_xy: Position,
pub excluded_credentials: Vec<Vec<u8>>,
pub context: Option<Vec<u8>>,
}
#[napi(object)]

1
apps/desktop/desktop_native/windows_plugin_authenticator/src/ipc2/registration.rs
View File

@@ -15,6 +15,7 @@ pub struct PasskeyRegistrationRequest {
pub supported_algorithms: Vec<i32>,
pub window_xy: Position,
pub excluded_credentials: Vec<Vec<u8>>,
pub context: Vec<u8>,
}
#[derive(Debug, Serialize, Deserialize)]

3
apps/desktop/desktop_native/windows_plugin_authenticator/src/make_credential.rs
View File

@@ -627,6 +627,8 @@ pub unsafe fn plugin_make_credential(
));
}
let transaction_id = req.transaction_id.to_u128().to_le_bytes().to_vec();
// Create Windows registration request
let registration_request = PasskeyRegistrationRequest {
rp_id: rpid.clone(),
@@ -641,6 +643,7 @@ pub unsafe fn plugin_make_credential(
x: coords.0,
y: coords.1,
},
context: transaction_id,
};
debug_log(&format!(

9
apps/desktop/src/autofill/modal/credentials/fido2-create.component.ts
View File

@@ -135,7 +135,10 @@ export class Fido2CreateComponent implements OnInit, OnDestroy {
throw new Error("Missing session");
}
this.session.notifyConfirmCreateCredential(true);
// TODO: We should know the username by now; we should pass that context here.
const username = "New Account" // placeholder
const isConfirmed = await this.session.promptForUserVerification("New Account", "Verify it's you to update a new credential")
this.session.notifyConfirmCreateCredential(isConfirmed);
} catch {
await this.showErrorDialog(this.DIALOG_MESSAGES.unableToSavePasskey);
}
@@ -208,7 +211,9 @@ export class Fido2CreateComponent implements OnInit, OnDestroy {
return this.passwordRepromptService.showPasswordPrompt();
}
return true;
let cred = cipher.login.fido2Credentials[0];
const username = cred.userName ?? cred.userDisplayName
return this.session.promptForUserVerification(username, "Verify it's you to update a new credential")
}
private async showErrorDialog(config: SimpleDialogOptions): Promise<void> {

4
apps/desktop/src/autofill/modal/credentials/fido2-vault.component.ts
View File

@@ -154,7 +154,9 @@ export class Fido2VaultComponent implements OnInit, OnDestroy {
if (cipher.reprompt !== CipherRepromptType.None) {
return this.passwordRepromptService.showPasswordPrompt();
} else {
return this.session.promptForUserVerification(cipher)
let cred = cipher.login.fido2Credentials[0];
const username = cred.userName ?? cred.userDisplayName
return this.session.promptForUserVerification(username, "Verify it's you to log in")
}
}
}

2
apps/desktop/src/autofill/services/desktop-autofill.service.ts
View File

@@ -210,12 +210,14 @@ export class DesktopAutofillService implements OnDestroy {
this.logService.debug("listenPasskeyRegistration2", this.convertRegistrationRequest(request));
const controller = new AbortController();
const ctx = request.context ? new Uint8Array(request.context).buffer : null;
try {
const response = await this.fido2AuthenticatorService.makeCredential(
this.convertRegistrationRequest(request),
{ windowXy: request.windowXy },
controller,
ctx
);
this.logService.debug("Sending registration response to plugin via callback");

6
apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts
View File

@@ -322,10 +322,8 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
}
/** Called by the UI to prompt the user for verification. May be fulfilled by the OS. */
async promptForUserVerification(cipher: CipherView): Promise<boolean> {
async promptForUserVerification(username: string, displayHint: string): Promise<boolean> {
this.logService.info("DesktopFido2UserInterfaceSession] Prompting for user verification")
let cred = cipher.login.fido2Credentials[0];
const username = cred.userName ?? cred.userDisplayName
let windowHandle = await ipc.platform.getNativeWindowHandle();
const uvResult = await ipc.autofill.runCommand<NativeAutofillUserVerificationCommand>({
@@ -335,7 +333,7 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
windowHandle: Utils.fromBufferToB64(windowHandle),
transactionContext: Utils.fromBufferToB64(this.transactionContext),
username,
displayHint: `Logging in as ${cipher.name}`,
displayHint,
},
});
if (uvResult.type === "error") {

1
libs/common/src/platform/abstractions/fido2/fido2-authenticator.service.abstraction.ts
View File

@@ -19,6 +19,7 @@ export abstract class Fido2AuthenticatorService<ParentWindowReference> {
params: Fido2AuthenticatorMakeCredentialsParams,
window: ParentWindowReference,
abortController?: AbortController,
transactionContext?: ArrayBuffer,
): Promise<Fido2AuthenticatorMakeCredentialResult>;
/**

2
libs/common/src/platform/services/fido2/fido2-authenticator.service.ts
View File

@@ -61,11 +61,13 @@ export class Fido2AuthenticatorService<ParentWindowReference>
params: Fido2AuthenticatorMakeCredentialsParams,
window: ParentWindowReference,
abortController?: AbortController,
transactionContext?: ArrayBuffer,
): Promise<Fido2AuthenticatorMakeCredentialResult> {
const userInterfaceSession = await this.userInterface.newSession(
params.fallbackSupported,
window,
abortController,
transactionContext,
);
try {