Thanks to visit codestin.com
Credit goes to github.com

Skip to content

PM-11720 - TDE User Without MP Cannot Enable Autofill For Account #908

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
phil-livefront merged 4 commits into from
Sep 6, 2024
Merged

PM-11720 - TDE User Without MP Cannot Enable Autofill For Account #908

phil-livefront merged 4 commits into from
Sep 6, 2024

Conversation

@phil-livefront
Copy link
Collaborator

@phil-livefront phil-livefront commented Sep 6, 2024
edited
Loading

🎟️ Tracking

PM-11720

📔 Objective

  • When a user doesn't have a MP set but has a TDE account, they should be brought to a SSO flow (if biometrics are enabled to authenticate).

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@codecov
Copy link

codecov bot commented Sep 6, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 88.77%. Comparing base (c3f3a13) to head (d3e16d9).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #908      +/-   ##
==========================================
- Coverage   88.77%   88.77%   -0.01%     
==========================================
  Files         617      617              
  Lines       30906    30905       -1     
==========================================
- Hits        27438    27437       -1     
  Misses       3468     3468

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions
Copy link
Contributor

github-actions bot commented Sep 6, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Details8a9dc323-a4b1-4998-ae42-f396ff8a591e

No New Or Fixed Issues Found

matt-livefront
matt-livefront reviewed Sep 6, 2024
View reviewed changes
Copy link
Collaborator

@matt-livefront matt-livefront left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes look good!

There may be one additional piece that we need though. After you use SSO to authenticate in the extension, if you open the extension again, I think we should prompt the user for Face ID at that point since they have authenticated and we could have saved the integrity state.

Here's where we set the integrity state if you unlock your vault with your MP:

ios/BitwardenShared/Core/Auth/Repositories/AuthRepository.swift

Lines 959 to 966 in c3f3a13

// Re-enable biometrics, if required.
let biometricUnlockStatus = try? await biometricsRepository.getBiometricUnlockStatus()
switch biometricUnlockStatus {
case .available(_, true, false):
try await biometricsRepository.configureBiometricIntegrity()
try await biometricsRepository.setBiometricUnlockKey(
authKey: clientService.crypto().getUserEncryptionKey()
)

I think we would want to do that if you use either a password, device key (TDE), or key connector in that method.

BitwardenShared/UI/Auth/Extensions/AuthRouter+Redirects.swift Outdated
Comment on lines 359 to 360
if case let .available(_, enabled, validIntegrity) = biometricUnlockStatus, enabled, !validIntegrity {
return .enterpriseSingleSignOn(email: activeAccount.profile.email)
Copy link
Collaborator

@matt-livefront matt-livefront Sep 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think one other check we need to add here is to ensure the user doesn't have a master password, since otherwise they could use their MP to unlock the vault.

activeAccount.profile.userDecryptionOptions?.hasMasterPassword

fedemkr
fedemkr reviewed Sep 6, 2024
View reviewed changes
BitwardenShared/UI/Auth/Extensions/AuthRouter+Redirects.swift Outdated
Comment on lines 357 to 369
let biometricUnlockStatus = try await services.biometricsRepository.getBiometricUnlockStatus()
let hasMasterPassword = activeAccount.profile.userDecryptionOptions?.hasMasterPassword ?? false

if case .available(_, true, false) = biometricUnlockStatus, !hasMasterPassword {
return .enterpriseSingleSignOn(email: activeAccount.profile.email)
} else {
return .vaultUnlock(
activeAccount,
animated: animated,
attemptAutomaticBiometricUnlock: attemptAutomaticBiometricUnlock,
didSwitchAccountAutomatically: didSwitchAccountAutomatically
)
}
Copy link
Member

@fedemkr fedemkr Sep 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎨 A small improvement I'd add is that we don't need to check for biometric status if hasMasterPassword is true so I'd rewrite this as:

Suggested change
let biometricUnlockStatus = try await services.biometricsRepository.getBiometricUnlockStatus()
let hasMasterPassword = activeAccount.profile.userDecryptionOptions?.hasMasterPassword ?? false
if case .available(_, true, false) = biometricUnlockStatus, !hasMasterPassword {
return .enterpriseSingleSignOn(email: activeAccount.profile.email)
} else {
return .vaultUnlock(
activeAccount,
animated: animated,
attemptAutomaticBiometricUnlock: attemptAutomaticBiometricUnlock,
didSwitchAccountAutomatically: didSwitchAccountAutomatically
)
}
let hasMasterPassword = activeAccount.profile.userDecryptionOptions?.hasMasterPassword == true
if !hasMasterPassword {
let biometricUnlockStatus = try await services.biometricsRepository.getBiometricUnlockStatus()
if case .available(_, true, false) = biometricUnlockStatus {
return .enterpriseSingleSignOn(email: activeAccount.profile.email)
}
}
return .vaultUnlock(
activeAccount,
animated: animated,
attemptAutomaticBiometricUnlock: attemptAutomaticBiometricUnlock,
didSwitchAccountAutomatically: didSwitchAccountAutomatically
)

BitwardenShared/Core/Auth/Repositories/AuthRepository.swift
Comment on lines 1022 to 1030

private func configureBiometricUnlockIfRequired() async throws {
if case .available(_, true, false) = try? await biometricsRepository.getBiometricUnlockStatus() {
try await biometricsRepository.configureBiometricIntegrity()
try await biometricsRepository.setBiometricUnlockKey(
authKey: clientService.crypto().getUserEncryptionKey()
)
}
}
Copy link
Member

@fedemkr fedemkr Sep 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Add docs.
❓ Would it be ok the unlock flows affected by this break if this throws? I'd guess it's fine but checking just in case.

Copy link
Collaborator Author

@phil-livefront phil-livefront Sep 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah I was thinking that if this fails for some reason then the calls wouldn't be executed and the user would have to provide another form of auth. Instead of being given the optional to provide biometrics. Does that make sense?

matt-livefront
matt-livefront approved these changes Sep 6, 2024
View reviewed changes
Copy link
Collaborator

@matt-livefront matt-livefront left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me!

@phil-livefront phil-livefront merged commit f37d588 into main Sep 6, 2024
@phil-livefront phil-livefront deleted the phil/PM-11720-TDE-User-Without-MP-Cannot-Enable-Autofill-For-Account branch September 6, 2024 21:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fedemkr fedemkr fedemkr left review comments

@matt-livefront matt-livefront matt-livefront approved these changes

@KatherineInCode KatherineInCode Awaiting requested review from KatherineInCode

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@phil-livefront @fedemkr @matt-livefront