[PM-15906] Implement single tap passkey flows #4547
+301
−101
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🎟️ Tracking
PM-15906
PM-12511
Resolves #3953
📔 Objective
Add a biometric prompt to the passkey registration and authentication flows.
The biometric prompt will be shown when creating or authenticating with a passkey if the user has supported device biometrics enabled.
This change also adds an
isUserVerified
flag to the Fido2 requests to determine if the user has verified their identity using the single tap flow.Note
When vault timeout is set to immediate, users must unlock multiple times. This is intentional since the application is set to lock immediately after backgrounding and the passkey flow requires backgrounding the application after initial unlock and credential discovery.
📸 Screenshots
Device biometrics enabled
Vault timeout not
immediate
single-tap-creation-biometrics.webm
single-tap-auth-biometrics.webm
Vault timeout set to
immediate
single-tap-creation-immediate-timeout.webm
single-tap-auth-immediate-timeout.webm
Device biometrics disabled
Vault timeout not
immediate
single-tap-creation-pin.webm
single-tap-auth-pin.webm
Vault timeout set to
immediate
single-tap-creation-pin-immediate-timeout.webm
single-tap-auth-pin-immediate-timeout.webm
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:
) or similar for great changes:memo:
) or ℹ️ (:information_source:
) for notes or general info:question:
) for questions:thinking:
) or 💭 (:thought_balloon:
) for more open inquiry that's not quite a confirmedissue and could potentially benefit from discussion
:art:
) for suggestions / improvements:x:
) or:warning:
) for more significant problems or concerns needing attention:seedling:
) or ♻️ (:recycle:
) for future improvements or indications of technical debt:pick:
) for minor or nitpick changes