Removed automatic fallback to browser when no credentials exist (#7135)

Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2023-12-27 14:32:54 -05:00 · 2023-12-27 14:32:54 -05:00 · c289b3b8a4
parent 00bb814fbe
commit c289b3b8a4
3 changed files with 0 additions and 22 deletions
--- a/libs/common/src/vault/services/fido2/fido2-authenticator.service.spec.ts
+++ b/libs/common/src/vault/services/fido2/fido2-authenticator.service.spec.ts
@ -9,7 +9,6 @@ import {
  Fido2AuthenticatorGetAssertionParams,
  Fido2AuthenticatorMakeCredentialsParams,
 } from "../../abstractions/fido2/fido2-authenticator.service.abstraction";
 import { FallbackRequestedError } from "../../abstractions/fido2/fido2-client.service.abstraction";
 import {
  Fido2UserInterfaceService,
  Fido2UserInterfaceSession,
@ -484,17 +483,6 @@ describe("FidoAuthenticatorService", () => {
        expect(userInterfaceSession.informCredentialNotFound).toHaveBeenCalled();
      });
      it("should automatically fallback if no credential exists when fallback is supported", async () => {
        params.fallbackSupported = true;
        cipherService.getAllDecrypted.mockResolvedValue([]);
        userInterfaceSession.informCredentialNotFound.mockResolvedValue();
        const result = async () => await authenticator.getAssertion(params, tab);
        await expect(result).rejects.toThrowError(FallbackRequestedError);
        expect(userInterfaceSession.informCredentialNotFound).not.toHaveBeenCalled();
      });
      it("should inform user if credential exists but rpId does not match", async () => {
        const cipher = await createCipherView({ type: CipherType.Login });
        cipher.login.fido2Credentials[0].credentialId = credentialId;
--- a/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts
+++ b/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts
@ -12,7 +12,6 @@ import {
  Fido2AuthenticatorService as Fido2AuthenticatorServiceAbstraction,
  PublicKeyCredentialDescriptor,
 } from "../../abstractions/fido2/fido2-authenticator.service.abstraction";
 import { FallbackRequestedError } from "../../abstractions/fido2/fido2-client.service.abstraction";
 import { Fido2UserInterfaceService } from "../../abstractions/fido2/fido2-user-interface.service.abstraction";
 import { SyncService } from "../../abstractions/sync/sync.service.abstraction";
 import { CipherRepromptType } from "../../enums/cipher-reprompt-type";
@ -225,10 +224,6 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
          `[Fido2Authenticator] Aborting because no matching credentials were found in the vault.`,
        );
        if (params.fallbackSupported) {
          throw new FallbackRequestedError();
        }
        await userInterfaceSession.informCredentialNotFound();
        throw new Fido2AuthenticatorError(Fido2AuthenticatorErrorCode.NotAllowed);
      }
--- a/libs/common/src/vault/services/fido2/fido2-client.service.ts
+++ b/libs/common/src/vault/services/fido2/fido2-client.service.ts
@ -272,11 +272,6 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
        abortController,
      );
    } catch (error) {
      if (error instanceof FallbackRequestedError) {
        this.logService?.info(`[Fido2Client] Aborting because of auto fallback`);
        throw error;
      }
      if (
        abortController.signal.aborted &&
        abortController.signal.reason === UserRequestedFallbackAbortReason