Change biometric prompt to use the same logic as electron (#1805)

* Change biometric prompt to use the same logic as electron (cherry picked from commit 5bf10376a8)
2021-04-27 20:29:47 +02:00 · 2021-04-27 20:29:47 +02:00 · b5891adb7f
parent 749cf4c7ff
commit b5891adb7f
1 changed files with 18 additions and 4 deletions
--- a/src/safari/safari/SafariWebExtensionHandler.swift
+++ b/src/safari/safari/SafariWebExtensionHandler.swift
@ -85,7 +85,9 @@ class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
            var error: NSError?
            let laContext = LAContext()
            
-            guard laContext.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) else {
+            laContext.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error)
+            
+            if let e = error, e.code != kLAErrorBiometryLockout {
                response.userInfo = [
                    SFExtensionMessageKey: [
                        "message": [
@ -95,10 +97,22 @@ class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
                        ],
                    ],
                ]
-                break;
+                break
            }

-            laContext.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: "Bitwarden Safari Extension") { (success, error) in
+            guard let accessControl = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, [.privateKeyUsage, .userPresence], nil) else {
+                response.userInfo = [
+                    SFExtensionMessageKey: [
+                        "message": [
+                            "command": "biometricUnlock",
+                            "response": "not supported",
+                            "timestamp": Int64(NSDate().timeIntervalSince1970 * 1000),
+                        ],
+                    ],
+                ]
+                break
+            }
+            laContext.evaluateAccessControl(accessControl, operation: .useKeySign, localizedReason: "Bitwarden Safari Extension") { (success, error) in
                if success {
                    let passwordName = "key"
                    var passwordLength: UInt32 = 0
@ -134,7 +148,7 @@ class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
                context.completeRequest(returningItems: [response], completionHandler: nil)
            }
            
-            return;
+            return
        default:
            return
        }