Change biometric prompt to use the same logic as electron (#1805)

* Change biometric prompt to use the same logic as electron
2021-04-27 20:29:47 +02:00 · 2021-04-27 20:29:47 +02:00 · 5bf10376a8
parent cbe4be59d4
commit 5bf10376a8
1 changed files with 18 additions and 4 deletions
--- a/src/safari/safari/SafariWebExtensionHandler.swift
+++ b/src/safari/safari/SafariWebExtensionHandler.swift
@ -85,7 +85,9 @@ class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
            var error: NSError?
            let laContext = LAContext()
-            guard laContext.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) else {
+            laContext.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error)
            if let e = error, e.code != kLAErrorBiometryLockout {
                response.userInfo = [
                    SFExtensionMessageKey: [
                        "message": [
@ -95,10 +97,22 @@ class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
                        ],
                    ],
                ]
-                break;
+                break
            }
-            laContext.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: "Bitwarden Safari Extension") { (success, error) in
+            guard let accessControl = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, [.privateKeyUsage, .userPresence], nil) else {
                response.userInfo = [
                    SFExtensionMessageKey: [
                        "message": [
                            "command": "biometricUnlock",
                            "response": "not supported",
                            "timestamp": Int64(NSDate().timeIntervalSince1970 * 1000),
                        ],
                    ],
                ]
                break
            }
            laContext.evaluateAccessControl(accessControl, operation: .useKeySign, localizedReason: "Bitwarden Safari Extension") { (success, error) in
                if success {
                    let passwordName = "key"
                    var passwordLength: UInt32 = 0
@ -134,7 +148,7 @@ class SafariWebExtensionHandler: NSObject, NSExtensionRequestHandling {
                context.completeRequest(returningItems: [response], completionHandler: nil)
            }
-            return;
+            return
        default:
            return
        }