[PM-4580] Removed user verification requirement (#6711)

* Revert the undefined UV check. * Adjusted formatting * Remove restriction on passkeys for users without MPs. * Removed user verification checks
2024-11-24 12:06:15 +01:00 · 2023-10-26 13:01:20 -04:00 · 2023-10-26 13:01:20 -04:00 · 3e62559f44
commit 3e62559f44
parent 8d2a1a89b7
2 changed files with 13 additions and 30 deletions
--- a/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
+++ b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
@ -122,20 +122,6 @@ export class Fido2Component implements OnInit, OnDestroy {
            return;
          }

-          // Show dialog if user account does not have master password
-          if (!(await this.passwordRepromptService.enabled())) {
-            await this.dialogService.openSimpleDialog({
-              title: { key: "featureNotSupported" },
-              content: { key: "passkeyFeatureIsNotImplementedForAccountsWithoutMasterPassword" },
-              acceptButtonText: { key: "ok" },
-              cancelButtonText: null,
-              type: "info",
-            });
-
-            this.abort(true);
-            return;
-          }
-
          return message;
        }),
        filter((message) => !!message),
@ -261,20 +247,14 @@ export class Fido2Component implements OnInit, OnDestroy {
  protected async saveNewLogin() {
    const data = this.message$.value;
    if (data?.type === "ConfirmNewCredentialRequest") {
-      let userVerified = false;
-      if (data.userVerification) {
-        userVerified = await this.passwordRepromptService.showPasswordPrompt();
-      }
-
-      if (!data.userVerification || userVerified) {
-        await this.createNewCipher();
-      }
+      await this.createNewCipher();

+      // We are bypassing user verification pending implementation of PIN and biometric support.
      this.send({
        sessionId: this.sessionId,
        cipherId: this.cipher?.id,
        type: "ConfirmNewCredentialResponse",
-        userVerified,
+        userVerified: data.userVerification,
      });
    }

@ -386,17 +366,17 @@ export class Fido2Component implements OnInit, OnDestroy {
  }

  private async handleUserVerification(
-    userVerification: boolean,
+    userVerificationRequested: boolean,
    cipher: CipherView
  ): Promise<boolean> {
-    const masterPasswordRepromptRequiered = cipher && cipher.reprompt !== 0;
-    const verificationRequired = userVerification || masterPasswordRepromptRequiered;
+    const masterPasswordRepromptRequired = cipher && cipher.reprompt !== 0;

-    if (!verificationRequired) {
-      return false;
+    if (masterPasswordRepromptRequired) {
+      return await this.passwordRepromptService.showPasswordPrompt();
    }

-    return await this.passwordRepromptService.showPasswordPrompt();
+    // We are bypassing user verification pending implementation of PIN and biometric support.
+    return userVerificationRequested;
  }

  private send(msg: BrowserFido2Message) {
--- a/libs/common/src/vault/services/fido2/fido2-client.service.ts
+++ b/libs/common/src/vault/services/fido2/fido2-client.service.ts
@ -365,6 +365,7 @@ function mapToMakeCredentialParams({

  const requireUserVerification =
    params.authenticatorSelection?.userVerification === "required" ||
+    params.authenticatorSelection?.userVerification === "preferred" ||
    params.authenticatorSelection?.userVerification === undefined;

  return {
@ -403,7 +404,9 @@ function mapToGetAssertionParams({
    }));

  const requireUserVerification =
-    params.userVerification === "required" || params.userVerification === undefined;
+    params.userVerification === "required" ||
+    params.userVerification === "preferred" ||
+    params.userVerification === undefined;

  return {
    rpId: params.rpId,