Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-16 10:45:20 +01:00
Code Issues Projects Releases Wiki Activity

[EC-598] feat: do not exclude organization credentials

Browse Source
This commit is contained in:
Andreas Coroiu 2023-04-12 13:53:00 +02:00
parent 489c438ff4
commit 6d969439ef
No known key found for this signature in database
GPG Key ID: E70B5FFC81DFEC1A
2 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts
View File

@ -143,6 +143,19 @@ describe("FidoAuthenticatorService", () => {
await expect(result).rejects.toThrowError(Fido2AutenticatorErrorCode.NotAllowed);
});
/** Devation: Organization ciphers are not checked against excluded credentials, even if the user has access to them. */
it("should not inform user of duplication when the excluded credential belongs to an organization", async () => {
userInterfaceSession.informExcludedCredential.mockResolvedValue();
excludedCipher.organizationId = "someOrganizationId";
try {
await authenticator.makeCredential(params);
// eslint-disable-next-line no-empty
} catch {}
expect(userInterfaceSession.informExcludedCredential).not.toHaveBeenCalled();
});
it("should not inform user of duplication when input data does not pass checks", async () => {
userInterfaceSession.informExcludedCredential.mockResolvedValue();
const invalidParams = await createInvalidParams();
@ -204,6 +217,19 @@ describe("FidoAuthenticatorService", () => {
await expect(result).rejects.toThrowError(Fido2AutenticatorErrorCode.NotAllowed);
});
/** Devation: Organization ciphers are not checked against excluded credentials, even if the user has access to them. */
it.only("should not inform user of duplication when the excluded credential belongs to an organization", async () => {
userInterfaceSession.informExcludedCredential.mockResolvedValue();
excludedCipherView.organizationId = "someOrganizationId";
try {
await authenticator.makeCredential(params);
// eslint-disable-next-line no-empty
} catch {}
expect(userInterfaceSession.informExcludedCredential).not.toHaveBeenCalled();
});
it("should not inform user of duplication when input data does not pass checks", async () => {
userInterfaceSession.informExcludedCredential.mockResolvedValue();
const invalidParams = await createInvalidParams();

9
libs/common/src/webauthn/services/fido2-authenticator.service.ts
View File

@ -273,10 +273,11 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
return ciphers
.filter(
(cipher) =>
(cipher.type === CipherType.Fido2Key && ids.includes(cipher.id)) ||
(cipher.type === CipherType.Login &&
cipher.login.fido2Key != undefined &&
ids.includes(cipher.login.fido2Key.nonDiscoverableId))
cipher.organizationId == undefined &&
((cipher.type === CipherType.Fido2Key && ids.includes(cipher.id)) ||
(cipher.type === CipherType.Login &&
cipher.login.fido2Key != undefined &&
ids.includes(cipher.login.fido2Key.nonDiscoverableId)))
)
.map((cipher) => cipher.id);
}