Used url from sender window in getting matching logins

2024-09-28 04:08:47 +02:00 · 2023-10-10 18:49:40 -04:00 · 2023-10-10 18:49:40 -04:00 · ee7844d6b1
commit ee7844d6b1
parent 68da3d9efd
4 changed files with 16 additions and 11 deletions
--- a/apps/browser/src/platform/popup/abstractions/browser-popout-window.service.ts
+++ b/apps/browser/src/platform/popup/abstractions/browser-popout-window.service.ts
@ -11,7 +11,7 @@ interface BrowserPopoutWindowService {
  ): Promise<void>;
  closePasswordRepromptPrompt(): Promise<void>;
  openFido2Popout(
-    senderWindowId: number,
+    senderWindow: chrome.tabs.Tab,
    promptData: {
      sessionId: string;
      senderTabId: number;
--- a/apps/browser/src/platform/popup/browser-popout-window.service.ts
+++ b/apps/browser/src/platform/popup/browser-popout-window.service.ts
@ -50,7 +50,7 @@ class BrowserPopoutWindowService implements BrowserPopupWindowServiceInterface {
  }

  async openFido2Popout(
-    senderWindowId: number,
+    senderWindow: chrome.tabs.Tab,
    {
      sessionId,
      senderTabId,
@ -68,12 +68,18 @@ class BrowserPopoutWindowService implements BrowserPopupWindowServiceInterface {
      "?uilocation=popout" +
      `&sessionId=${sessionId}` +
      `&fallbackSupported=${fallbackSupported}` +
-      `&senderTabId=${senderTabId}`;
+      `&senderTabId=${senderTabId}` +
+      `&senderUrl=${encodeURIComponent(senderWindow.url)}`;

-    return await this.openSingleActionPopout(senderWindowId, promptWindowPath, "fido2Popout", {
-      width: 200,
-      height: 500,
-    });
+    return await this.openSingleActionPopout(
+      senderWindow.windowId,
+      promptWindowPath,
+      "fido2Popout",
+      {
+        width: 200,
+        height: 500,
+      }
+    );
  }

  async closeFido2Popout(): Promise<void> {
--- a/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts
+++ b/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts
@ -333,7 +333,7 @@ export class BrowserFido2UserInterfaceSession implements Fido2UserInterfaceSessi
      )
    );

-    const popoutId = await this.browserPopoutWindowService.openFido2Popout(this.tab.windowId, {
+    const popoutId = await this.browserPopoutWindowService.openFido2Popout(this.tab, {
      sessionId: this.sessionId,
      senderTabId: this.tab.id,
      fallbackSupported: this.fallbackSupported,
--- a/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
+++ b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
@ -89,6 +89,7 @@ export class Fido2Component implements OnInit, OnDestroy {
      map((queryParamMap) => ({
        sessionId: queryParamMap.get("sessionId"),
        senderTabId: queryParamMap.get("senderTabId"),
+        senderUrl: queryParamMap.get("senderUrl"),
      }))
    );

@ -97,7 +98,7 @@ export class Fido2Component implements OnInit, OnDestroy {
        concatMap(async ([queryParams, message]) => {
          this.sessionId = queryParams.sessionId;
          this.senderTabId = queryParams.senderTabId;
-
+          this.url = queryParams.senderUrl;
          // For a 'NewSessionCreatedRequest', abort if it doesn't belong to the current session.
          if (
            message.type === "NewSessionCreatedRequest" &&
@ -145,8 +146,6 @@ export class Fido2Component implements OnInit, OnDestroy {
      concatMap(async (message) => {
        switch (message.type) {
          case "ConfirmNewCredentialRequest": {
-            const activeTabs = await BrowserApi.getActiveTabs();
-            this.url = activeTabs[0].url;
            const equivalentDomains = this.settingsService.getEquivalentDomains(this.url);

            this.ciphers = (await this.cipherService.getAllDecrypted()).filter(