Passkeys: Fix compatibility with StrongBox (#10420)

2025-04-05 05:27:39 +03:00 · 2024-03-31 23:12:33 +03:00 · 2024-03-31 23:12:33 +03:00 · c34098546d
commit c34098546d
parent e70777061c
6 changed files with 47 additions and 13 deletions
--- a/src/browser/BrowserService.cpp
+++ b/src/browser/BrowserService.cpp
@ -722,7 +722,7 @@ QJsonObject BrowserService::showPasskeysAuthenticationPrompt(const QJsonObject&
        }

        const auto privateKeyPem = selectedEntry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_PRIVATE_KEY_PEM);
-        const auto credentialId = selectedEntry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_CREDENTIAL_ID);
+        const auto credentialId = passkeyUtils()->getCredentialIdFromEntry(selectedEntry);
        const auto userHandle = selectedEntry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE);

        auto publicKeyCredential =
@ -788,13 +788,12 @@ void BrowserService::addPasskeyToEntry(Entry* entry,

    // Ask confirmation if entry already contains a Passkey
    if (entry->hasPasskey()) {
-        if (MessageBox::question(
-                m_currentDatabaseWidget,
-                tr("KeePassXC - Update Passkey"),
-                tr("Entry already has a Passkey.\nDo you want to overwrite the Passkey in %1 - %2?")
-                    .arg(entry->title(), entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USERNAME)),
-                MessageBox::Overwrite | MessageBox::Cancel,
-                MessageBox::Cancel)
+        if (MessageBox::question(m_currentDatabaseWidget,
+                                 tr("KeePassXC - Update Passkey"),
+                                 tr("Entry already has a Passkey.\nDo you want to overwrite the Passkey in %1 - %2?")
+                                     .arg(entry->title(), passkeyUtils()->getUsernameFromEntry(entry)),
+                                 MessageBox::Overwrite | MessageBox::Cancel,
+                                 MessageBox::Cancel)
            != MessageBox::Overwrite) {
            return;
        }
@ -1129,7 +1128,7 @@ QJsonObject BrowserService::prepareEntry(const Entry* entry)
    QJsonObject res;
 #ifdef WITH_XC_BROWSER_PASSKEYS
    // Use Passkey's username instead if found
-    res["login"] = entry->hasPasskey() ? entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_USERNAME)
+    res["login"] = entry->hasPasskey() ? passkeyUtils()->getUsernameFromEntry(entry)
                                       : entry->resolveMultiplePlaceholders(entry->username());
 #else
    res["login"] = entry->resolveMultiplePlaceholders(entry->username());
@ -1363,7 +1362,7 @@ QList<Entry*> BrowserService::getPasskeyAllowedEntries(const QJsonObject& assert
        // If allowedCredentials.isEmpty() check if entry contains an extra attribute for user handle.
        // If that is found, the entry should be allowed.
        // See: https://w3c.github.io/webauthn/#dom-authenticatorassertionresponse-userhandle
-        if (allowedCredentials.contains(entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_CREDENTIAL_ID))
+        if (allowedCredentials.contains(passkeyUtils()->getCredentialIdFromEntry(entry))
            || (allowedCredentials.isEmpty()
                && entry->attributes()->hasKey(BrowserPasskeys::KPEX_PASSKEY_USER_HANDLE))) {
            entries << entry;
@ -1385,7 +1384,7 @@ bool BrowserService::isPasskeyCredentialExcluded(const QJsonArray& excludeCreden

    const auto passkeyEntries = getPasskeyEntries(rpId, keyList);
    return std::any_of(passkeyEntries.begin(), passkeyEntries.end(), [&](const auto& entry) {
-        return allIds.contains(entry->attributes()->value(BrowserPasskeys::KPEX_PASSKEY_CREDENTIAL_ID));
+        return allIds.contains(passkeyUtils()->getCredentialIdFromEntry(entry));
    });
 }