Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PM-15906] Implement single tap passkey flows #4547

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

SaintPatrck
Copy link
Contributor

@SaintPatrck SaintPatrck commented Jan 10, 2025

🎟️ Tracking

PM-15906
PM-12511
Resolves #3953

📔 Objective

Add a biometric prompt to the passkey registration and authentication flows.

The biometric prompt will be shown when creating or authenticating with a passkey if the user has supported device biometrics enabled.

This change also adds an isUserVerified flag to the Fido2 requests to determine if the user has verified their identity using the single tap flow.

Note

When vault timeout is set to immediate, users must unlock multiple times. This is intentional since the application is set to lock immediately after backgrounding and the passkey flow requires backgrounding the application after initial unlock and credential discovery.

📸 Screenshots

Device biometrics enabled

Vault timeout not immediate

Case Before After
Create
single-tap-creation-biometrics.webm
Auth
single-tap-auth-biometrics.webm

Vault timeout set to immediate

Case Before After
Create
single-tap-creation-immediate-timeout.webm
Auth
single-tap-auth-immediate-timeout.webm

Device biometrics disabled

Vault timeout not immediate

Case Before After
Create
single-tap-creation-pin.webm
Auth
single-tap-auth-pin.webm

Vault timeout set to immediate

Case Before After
Create
single-tap-creation-pin-immediate-timeout.webm
Auth
single-tap-auth-pin-immediate-timeout.webm

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed
    issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

Copy link
Contributor

github-actions bot commented Jan 10, 2025

Logo
Checkmarx One – Scan Summary & Detailsbe703e0e-9e13-4854-9b30-be95b7857c81

No New Or Fixed Issues Found

@SaintPatrck SaintPatrck force-pushed the PM-15906/single-tap-passkey-flows branch from 4680813 to 0a9effb Compare January 10, 2025 16:01

This comment was marked as resolved.

@SaintPatrck SaintPatrck marked this pull request as draft January 10, 2025 16:51
@SaintPatrck SaintPatrck force-pushed the PM-15906/single-tap-passkey-flows branch from 0a9effb to 4090cfc Compare January 10, 2025 17:47
Copy link

codecov bot commented Jan 10, 2025

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 88.26%. Comparing base (a3096c0) to head (518e8df).

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #4547      +/-   ##
==========================================
- Coverage   88.31%   88.26%   -0.05%     
==========================================
  Files         603      603              
  Lines       40272    40321      +49     
  Branches     5697     5715      +18     
==========================================
+ Hits        35565    35591      +26     
- Misses       2721     2732      +11     
- Partials     1986     1998      +12     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

This change adds a biometric prompt to the passkey autofill flow.

The biometric prompt will be shown when creating or authenticating with a passkey if the user has supported device biometrics enabled.

This change also adds an isUserVerified flag to the Fido2 requests to determine if the user has verified their identity using the single tap flow.
@SaintPatrck SaintPatrck force-pushed the PM-15906/single-tap-passkey-flows branch from 4090cfc to 518e8df Compare January 10, 2025 18:12
@SaintPatrck SaintPatrck marked this pull request as ready for review January 10, 2025 18:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Passkey Authentication Failure on Session timeout set to 'Immediately'
1 participant