Removed automatic fallback to browser when no credentials exist (#7135)

Co-authored-by: bnagawiecki <[email protected]>
bitwarden · Dec 27, 2023 · c289b3b · c289b3b
1 parent 00bb814
commit c289b3b
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 22 deletions.
diff --git a/libs/common/src/vault/services/fido2/fido2-authenticator.service.spec.ts b/libs/common/src/vault/services/fido2/fido2-authenticator.service.spec.ts
@@ -9,7 +9,6 @@ import {
   Fido2AuthenticatorGetAssertionParams,
   Fido2AuthenticatorMakeCredentialsParams,
 } from "../../abstractions/fido2/fido2-authenticator.service.abstraction";
-import { FallbackRequestedError } from "../../abstractions/fido2/fido2-client.service.abstraction";
 import {
   Fido2UserInterfaceService,
   Fido2UserInterfaceSession,
@@ -484,17 +483,6 @@ describe("FidoAuthenticatorService", () => {
         expect(userInterfaceSession.informCredentialNotFound).toHaveBeenCalled();
       });
 
-      it("should automatically fallback if no credential exists when fallback is supported", async () => {
-        params.fallbackSupported = true;
-        cipherService.getAllDecrypted.mockResolvedValue([]);
-        userInterfaceSession.informCredentialNotFound.mockResolvedValue();
-
-        const result = async () => await authenticator.getAssertion(params, tab);
-
-        await expect(result).rejects.toThrowError(FallbackRequestedError);
-        expect(userInterfaceSession.informCredentialNotFound).not.toHaveBeenCalled();
-      });
-
       it("should inform user if credential exists but rpId does not match", async () => {
         const cipher = await createCipherView({ type: CipherType.Login });
         cipher.login.fido2Credentials[0].credentialId = credentialId;

diff --git a/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts b/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts
@@ -12,7 +12,6 @@ import {
   Fido2AuthenticatorService as Fido2AuthenticatorServiceAbstraction,
   PublicKeyCredentialDescriptor,
 } from "../../abstractions/fido2/fido2-authenticator.service.abstraction";
-import { FallbackRequestedError } from "../../abstractions/fido2/fido2-client.service.abstraction";
 import { Fido2UserInterfaceService } from "../../abstractions/fido2/fido2-user-interface.service.abstraction";
 import { SyncService } from "../../abstractions/sync/sync.service.abstraction";
 import { CipherRepromptType } from "../../enums/cipher-reprompt-type";
@@ -225,10 +224,6 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
           `[Fido2Authenticator] Aborting because no matching credentials were found in the vault.`,
         );
 
-        if (params.fallbackSupported) {
-          throw new FallbackRequestedError();
-        }
-
         await userInterfaceSession.informCredentialNotFound();
         throw new Fido2AuthenticatorError(Fido2AuthenticatorErrorCode.NotAllowed);
       }

diff --git a/libs/common/src/vault/services/fido2/fido2-client.service.ts b/libs/common/src/vault/services/fido2/fido2-client.service.ts
@@ -272,11 +272,6 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
         abortController,
       );
     } catch (error) {
-      if (error instanceof FallbackRequestedError) {
-        this.logService?.info(`[Fido2Client] Aborting because of auto fallback`);
-        throw error;
-      }
-
       if (
         abortController.signal.aborted &&
         abortController.signal.reason === UserRequestedFallbackAbortReason