[PM-4580] Removed user verification requirement (#6711)

* Revert the undefined UV check. * Adjusted formatting * Remove restriction on passkeys for users without MPs. * Removed user verification checks
2024-11-24 12:06:15 +01:00 · 2023-10-26 13:01:20 -04:00 · 2023-10-26 13:01:20 -04:00 · 3e62559f44
commit 3e62559f44
parent 8d2a1a89b7
2 changed files with 13 additions and 30 deletions
--- a/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
+++ b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
@ -122,20 +122,6 @@ export class Fido2Component implements OnInit, OnDestroy {
            return;
          }
          // Show dialog if user account does not have master password
          if (!(await this.passwordRepromptService.enabled())) {
            await this.dialogService.openSimpleDialog({
              title: { key: "featureNotSupported" },
              content: { key: "passkeyFeatureIsNotImplementedForAccountsWithoutMasterPassword" },
              acceptButtonText: { key: "ok" },
              cancelButtonText: null,
              type: "info",
            });
            this.abort(true);
            return;
          }
          return message;
        }),
        filter((message) => !!message),
@ -261,20 +247,14 @@ export class Fido2Component implements OnInit, OnDestroy {
  protected async saveNewLogin() {
    const data = this.message$.value;
    if (data?.type === "ConfirmNewCredentialRequest") {
-      let userVerified = false;
+      await this.createNewCipher();
      if (data.userVerification) {
        userVerified = await this.passwordRepromptService.showPasswordPrompt();
      }
      if (!data.userVerification || userVerified) {
        await this.createNewCipher();
      }
      // We are bypassing user verification pending implementation of PIN and biometric support.
      this.send({
        sessionId: this.sessionId,
        cipherId: this.cipher?.id,
        type: "ConfirmNewCredentialResponse",
-        userVerified,
+        userVerified: data.userVerification,
      });
    }
@ -386,17 +366,17 @@ export class Fido2Component implements OnInit, OnDestroy {
  }
  private async handleUserVerification(
-    userVerification: boolean,
+    userVerificationRequested: boolean,
    cipher: CipherView
  ): Promise<boolean> {
-    const masterPasswordRepromptRequiered = cipher && cipher.reprompt !== 0;
+    const masterPasswordRepromptRequired = cipher && cipher.reprompt !== 0;
    const verificationRequired = userVerification || masterPasswordRepromptRequiered;
-    if (!verificationRequired) {
+    if (masterPasswordRepromptRequired) {
-      return false;
+      return await this.passwordRepromptService.showPasswordPrompt();
    }
-    return await this.passwordRepromptService.showPasswordPrompt();
+    // We are bypassing user verification pending implementation of PIN and biometric support.
    return userVerificationRequested;
  }
  private send(msg: BrowserFido2Message) {
--- a/libs/common/src/vault/services/fido2/fido2-client.service.ts
+++ b/libs/common/src/vault/services/fido2/fido2-client.service.ts
@ -365,6 +365,7 @@ function mapToMakeCredentialParams({
  const requireUserVerification =
    params.authenticatorSelection?.userVerification === "required" ||
    params.authenticatorSelection?.userVerification === "preferred" ||
    params.authenticatorSelection?.userVerification === undefined;
  return {
@ -403,7 +404,9 @@ function mapToGetAssertionParams({
    }));
  const requireUserVerification =
-    params.userVerification === "required" || params.userVerification === undefined;
+    params.userVerification === "required" ||
    params.userVerification === "preferred" ||
    params.userVerification === undefined;
  return {
    rpId: params.rpId,