[PM-4580] Removed user verification requirement (#6711)

* Revert the undefined UV check.

* Adjusted formatting

* Remove restriction on passkeys for users without MPs.

* Removed user verification checks
This commit is contained in:
Todd Martin 2023-10-26 13:01:20 -04:00 committed by GitHub
parent 8d2a1a89b7
commit 3e62559f44
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 30 deletions

View File

@ -122,20 +122,6 @@ export class Fido2Component implements OnInit, OnDestroy {
return; return;
} }
// Show dialog if user account does not have master password
if (!(await this.passwordRepromptService.enabled())) {
await this.dialogService.openSimpleDialog({
title: { key: "featureNotSupported" },
content: { key: "passkeyFeatureIsNotImplementedForAccountsWithoutMasterPassword" },
acceptButtonText: { key: "ok" },
cancelButtonText: null,
type: "info",
});
this.abort(true);
return;
}
return message; return message;
}), }),
filter((message) => !!message), filter((message) => !!message),
@ -261,20 +247,14 @@ export class Fido2Component implements OnInit, OnDestroy {
protected async saveNewLogin() { protected async saveNewLogin() {
const data = this.message$.value; const data = this.message$.value;
if (data?.type === "ConfirmNewCredentialRequest") { if (data?.type === "ConfirmNewCredentialRequest") {
let userVerified = false;
if (data.userVerification) {
userVerified = await this.passwordRepromptService.showPasswordPrompt();
}
if (!data.userVerification || userVerified) {
await this.createNewCipher(); await this.createNewCipher();
}
// We are bypassing user verification pending implementation of PIN and biometric support.
this.send({ this.send({
sessionId: this.sessionId, sessionId: this.sessionId,
cipherId: this.cipher?.id, cipherId: this.cipher?.id,
type: "ConfirmNewCredentialResponse", type: "ConfirmNewCredentialResponse",
userVerified, userVerified: data.userVerification,
}); });
} }
@ -386,17 +366,17 @@ export class Fido2Component implements OnInit, OnDestroy {
} }
private async handleUserVerification( private async handleUserVerification(
userVerification: boolean, userVerificationRequested: boolean,
cipher: CipherView cipher: CipherView
): Promise<boolean> { ): Promise<boolean> {
const masterPasswordRepromptRequiered = cipher && cipher.reprompt !== 0; const masterPasswordRepromptRequired = cipher && cipher.reprompt !== 0;
const verificationRequired = userVerification || masterPasswordRepromptRequiered;
if (!verificationRequired) { if (masterPasswordRepromptRequired) {
return false; return await this.passwordRepromptService.showPasswordPrompt();
} }
return await this.passwordRepromptService.showPasswordPrompt(); // We are bypassing user verification pending implementation of PIN and biometric support.
return userVerificationRequested;
} }
private send(msg: BrowserFido2Message) { private send(msg: BrowserFido2Message) {

View File

@ -365,6 +365,7 @@ function mapToMakeCredentialParams({
const requireUserVerification = const requireUserVerification =
params.authenticatorSelection?.userVerification === "required" || params.authenticatorSelection?.userVerification === "required" ||
params.authenticatorSelection?.userVerification === "preferred" ||
params.authenticatorSelection?.userVerification === undefined; params.authenticatorSelection?.userVerification === undefined;
return { return {
@ -403,7 +404,9 @@ function mapToGetAssertionParams({
})); }));
const requireUserVerification = const requireUserVerification =
params.userVerification === "required" || params.userVerification === undefined; params.userVerification === "required" ||
params.userVerification === "preferred" ||
params.userVerification === undefined;
return { return {
rpId: params.rpId, rpId: params.rpId,