Skip to content

Commit

Permalink
[BEEEP/PM-10534] Add snap biometric support (#12187)
Browse files Browse the repository at this point in the history
* Add snap biometric support

* Fix linting

* Remove unused message

* Disable snap browser integration again
  • Loading branch information
quexten authored Dec 11, 2024
1 parent b2ee27c commit 92a620d
Show file tree
Hide file tree
Showing 5 changed files with 34 additions and 8 deletions.
11 changes: 10 additions & 1 deletion apps/desktop/electron-builder.json
Original file line number Diff line number Diff line change
Expand Up @@ -241,7 +241,16 @@
"autoStart": true,
"base": "core22",
"confinement": "strict",
"plugs": ["default", "network-bind", "password-manager-service"],
"plugs": [
"default",
"network-bind",
"password-manager-service",
{
"polkit": {
"action-prefix": "com.bitwarden.Bitwarden"
}
}
],
"stagePackages": ["default"]
},
"protocols": [
Expand Down
2 changes: 1 addition & 1 deletion apps/desktop/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
"clean:dist": "rimraf ./dist",
"pack:dir": "npm run clean:dist && electron-builder --dir -p never",
"pack:lin:flatpak": "npm run clean:dist && electron-builder --dir -p never && flatpak-builder --repo=build/.repo build/.flatpak ./resources/com.bitwarden.desktop.devel.yaml --install-deps-from=flathub --force-clean && flatpak build-bundle ./build/.repo/ ./dist/com.bitwarden.desktop.flatpak com.bitwarden.desktop",
"pack:lin": "npm run clean:dist && electron-builder --linux --x64 -p never",
"pack:lin": "npm run clean:dist && electron-builder --linux --x64 -p never && export SNAP_FILE=$(realpath ./dist/bitwarden_*.snap) && unsquashfs -d ./dist/tmp-snap/ $SNAP_FILE && mkdir -p ./dist/tmp-snap/meta/polkit/ && cp ./resources/com.bitwarden.desktop.policy ./dist/tmp-snap/meta/polkit/polkit.com.bitwarden.desktop.policy && rm $SNAP_FILE && mksquashfs ./dist/tmp-snap/ $SNAP_FILE -noappend -comp lzo -no-fragments && rm -rf ./dist/tmp-snap/",
"pack:mac": "npm run clean:dist && electron-builder --mac --universal -p never",
"pack:mac:arm64": "npm run clean:dist && electron-builder --mac --arm64 -p never",
"pack:mac:mas": "npm run clean:dist && electron-builder --mac mas --universal -p never",
Expand Down
16 changes: 16 additions & 0 deletions apps/desktop/resources/com.bitwarden.desktop.policy
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">

<policyconfig>
<action id="com.bitwarden.Bitwarden.unlock">
<description>Unlock Bitwarden</description>
<message>Authenticate to unlock Bitwarden</message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>auth_self</allow_active>
</defaults>
</action>
</policyconfig>
Original file line number Diff line number Diff line change
Expand Up @@ -87,8 +87,8 @@ export default class BiometricUnixMain implements OsBiometricService {
}

async authenticateBiometric(): Promise<boolean> {
const hwnd = this.windowMain.win.getNativeWindowHandle();
return await biometrics.prompt(hwnd, this.i18nservice.t("polkitConsentMessage"));
const hwnd = Buffer.from("");
return await biometrics.prompt(hwnd, "");
}

async osSupportsBiometric(): Promise<boolean> {
Expand All @@ -98,10 +98,14 @@ export default class BiometricUnixMain implements OsBiometricService {
// This could be dynamically detected on dbus in the future.
// We should check if a libsecret implementation is available on the system
// because otherwise we cannot offlod the protected userkey to secure storage.
return (await passwords.isAvailable()) && !isSnapStore();
return await passwords.isAvailable();
}

async osBiometricsNeedsSetup(): Promise<boolean> {
if (isSnapStore()) {
return false;
}

// check whether the polkit policy is loaded via dbus call to polkit
return !(await biometrics.available());
}
Expand Down
3 changes: 0 additions & 3 deletions apps/desktop/src/locales/en/messages.json
Original file line number Diff line number Diff line change
Expand Up @@ -1734,9 +1734,6 @@
"windowsHelloConsentMessage": {
"message": "Verify for Bitwarden."
},
"polkitConsentMessage": {
"message": "Authenticate to unlock Bitwarden."
},
"unlockWithTouchId": {
"message": "Unlock with Touch ID"
},
Expand Down

0 comments on commit 92a620d

Please sign in to comment.