[PM-16978] Add support for fido2 2fa on mac #12823
Conversation
|
Fixed Issues (1)Great job! The following issues were fixed in this Pull Request
|
Codecov ReportAttention: Patch coverage is
✅ All tests successful. No failed tests found.
Additional details and impacted files@@ Coverage Diff @@
## main #12823 +/- ##
==========================================
- Coverage 34.34% 34.34% -0.01%
==========================================
Files 2965 2965
Lines 90514 90515 +1
Branches 16976 16977 +1
==========================================
Hits 31086 31086
- Misses 56964 56965 +1
Partials 2464 2464 ☔ View full report in Codecov by Sentry. |
quexten
changed the title
There was a problem hiding this comment.
I suspect there are several flows which do trigger prompts. Security Keys can be configured to always perform UV. TouchID might need UV?
It should be clear to the user that they need to change 2fa method as the default tends to be WebAuthn which might not work.
| // Temporarily restricted to only Windows until https://github.com/electron/electron/pull/28349 | ||
| // has been merged and an updated electron build is available. |
There was a problem hiding this comment.
Updated the comment. Also doesn't seem like electron will ever add support here, so I removed the reference to the PR and noted this has to be added in a different way.
quexten
force-pushed
the
km/fido-2-on-mac
branch
from
18281f2 to
814cee0
Compare
quexten
requested review from
Hinton and
coroiu
and removed request for
a team,
tangowithfoxtrot and
rr-bw
|
Sorry, should have linked that. The notallowederror is only present on the old two-factor component, but I've submitted the fix for that here: #12830; the new component shows: |
|
@quexten That error is not particularly useful to users with a TouchID 2fa though? They would need to get the error, go to our help page and troubleshoot the problem themselves to identify that the platform doesn't support non security keys? |
|
@Hinton Product seems good with the current messaging for this error since security-key / passkey users are pretty technical cc @micahblut |
|
Can't say I agree since I'm fairly technical and getting a "authentication was cancelled" error would not tell me anything. That said If product is fine I'm removing my request for changes. |
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-16978
📔 Objective
Fido2 on electron desktop on mac works, when no pin is required, only the pin is unimplemented. Therefore, we can just enable it for 2fa.
📸 Screenshots
Screen.Recording.2025-01-13.at.13.13.50.mov
Changes to the two-factor setup to remove outdated "supported devices":
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes