[PM-13932] Fix passkey flow incorrect routing #12363
Merged
+85
−9
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAttention: Patch coverage is
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #12363 +/- ##
=======================================
Coverage 33.36% 33.37%
=======================================
Files 2908 2908
Lines 90989 90990 +1
Branches 17328 17328
=======================================
+ Hits 30363 30369 +6
+ Misses 58223 58217 -6
- Partials 2403 2404 +1 ☔ View full report in Codecov by Sentry. |
|
New Issues
|
rr-bw
commented
Dec 12, 2024
rr-bw
commented
Dec 12, 2024
rr-bw
commented
Dec 12, 2024
…xtension-refresh-redirect.ts
JaredSnider-Bitwarden
approved these changes
Dec 12, 2024
|
Has been already merged but excellent work! This also fixed https://bitwarden.atlassian.net/browse/PM-16116. |
quexten
pushed a commit
that referenced
this pull request
Dec 18, 2024
This PR fixes a bug in the LockComponent refresh that affected the setup/save and use passkey flows. The user was wrongly directly to the /vault after unlock instead of to /fido2 (the passkey screen). Feature Flag: ExtensionRefresh ON (cherry picked from commit 8ec7561)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-13932
📔 Objective
This PR fixes a bug in the
LockComponentrefresh that affected the use and setup/save passkey flows.Description of the bug: When a locked user attempts to sign in with a passkey on a website, when they unlock they are incorrectly navigated to their vault, rather than to the "Login with passkey" screen (the
/fido2route). This forces them to re-initiate the sign in with passkey flow on the website, at which point they can now access the passkey in Bitwarden since they are unlocked.The correct flow is that when they unlock they should to be taken to the "Login with passkey" screen and allowed to use their passkey.
The fix for this involved three changes, which I've explained in a comment next to each of the code changes.
The two videos below show the before and after-fixed version of using a passkey. Note that I also tested the setting up/saving a passkey flow as well, and it works.
📸 Screenshots
🐞 Before (bug version)
before.mov
✅ After (fixed version)
after.mov
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes