[PM-4766] Disable fido2 integration on bw vault page (#6861)

* [PM-4766] feat: disable fido2 integration on bw vault page * [PM-4766] fix: lint
2024-09-29 04:17:41 +02:00 · 2023-12-11 17:05:48 +01:00 · 2023-12-11 17:05:48 +01:00 · 29841605fb
commit 29841605fb
parent 43bda8b139
1 changed files with 26 additions and 6 deletions
--- a/apps/browser/src/vault/fido2/content/content-script.ts
+++ b/apps/browser/src/vault/fido2/content/content-script.ts
@ -21,7 +21,7 @@ async function getFromLocalStorage(keys: string | string[]): Promise<Record<stri
  });
 }

-async function isDomainExcluded() {
+async function getActiveUserSettings() {
  // TODO: This is code copied from `notification-bar.tsx`. We should refactor this into a shared function.
  // Look up the active user id from storage
  const activeUserIdKey = "activeUserId";
@ -32,10 +32,14 @@ async function isDomainExcluded() {
    activeUserId = activeUserStorageValue[activeUserIdKey];
  }

-  // Look up the user's settings from storage
-  const userSettingsStorageValue = await getFromLocalStorage(activeUserId);
+  const settingsStorage = await getFromLocalStorage(activeUserId);

-  const excludedDomains = userSettingsStorageValue[activeUserId]?.settings?.neverDomains;
+  // Look up the user's settings from storage
+  return settingsStorage?.[activeUserId]?.settings;
+}
+
+async function isDomainExcluded(activeUserSettings: Record<string, any>) {
+  const excludedDomains = activeUserSettings?.neverDomains;
  return excludedDomains && window.location.hostname in excludedDomains;
 }

@ -53,6 +57,10 @@ function isSameOriginWithAncestors() {
  }
 }

+async function isLocationBitwardenVault(activeUserSettings: Record<string, any>) {
+  return window.location.origin === activeUserSettings.serverConfig.environment.vault;
+}
+
 function initializeFido2ContentScript() {
  const s = document.createElement("script");
  s.src = chrome.runtime.getURL("content/fido2/page-script.js");
@ -132,9 +140,21 @@ function initializeFido2ContentScript() {
 }

 async function run() {
-  if ((await hasActiveUser()) && (await isFido2FeatureEnabled()) && !(await isDomainExcluded())) {
-    initializeFido2ContentScript();
+  if (!(await hasActiveUser())) {
+    return;
  }
+
+  const activeUserSettings = await getActiveUserSettings();
+  if (
+    activeUserSettings == null ||
+    !(await isFido2FeatureEnabled()) ||
+    (await isDomainExcluded(activeUserSettings)) ||
+    (await isLocationBitwardenVault(activeUserSettings))
+  ) {
+    return;
+  }
+
+  initializeFido2ContentScript();
 }

 run();