clients icon indicating copy to clipboard operation
clients copied to clipboard

Published 20 hours ago verified publisher icon bitwarden

Webauth / FIDO 2 HW Auth not working with brave browser

Open BlueCase opened this issue 9 months ago • 1 comments

Steps To Reproduce

  1. Install and enable Bitwarden Extension
  2. Try to login with Webauth/Fido2 Hardware Token

Expected Result

Pin/Key Dialog pop up

Actual Result

Immediately following error appears. image

Screenshots or Videos

No response

Additional Context

All working as expected with chromium. But since passkeys are supported following Window popup on fido2 auth. image This window not pop up under brave.

Also opened a bug in the brave github project: https://github.com/brave/brave-browser/issues/38153

Operating System

Linux

Operating System Version

Manjaro

Web Browser

Brave

Browser Version

1.65.126 Chromium

Build Version

124.0.6367.118

Issue Tracking Info

  • [X] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

BlueCase avatar May 08 '24 07:05 BlueCase

Hi there,

Thank you for your report!

I was able to reproduce this issue, and I have flagged this to our engineering team.

If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time - our engineering team will be happy to review these.

Thanks once again!

NovaSilentium avatar May 08 '24 08:05 NovaSilentium

Any update?

BlueCase avatar Jun 13 '24 11:06 BlueCase

@BlueCase Could you confirm which packaging method you are using to install Brave? Aur (since it's Manjaro)? Flatpak?

Unable to reproduce this on Fedora & Flatpak. Both yubikey and extension provided passkeys work as expected.

quexten avatar Aug 01 '24 12:08 quexten

@quexten I use the version from the manjaro extra repo

brave-browser  1.68.128-1 [Installiert]                                                                                                                 extra
    Web browser that blocks ads and trackers by default (binary release)

In generally it seems that all "Dialog Popup" actions from extensions not working. With chromium from the same repository this things all working.

BlueCase avatar Aug 01 '24 13:08 BlueCase

@BlueCase thanks for the extra info. Just to confirm, with the bitwarden extension disabled, you can use fido2 on sites (with your security key)?

And, is this just for logging into bitwarden, or also using fido2 on other sites (e.g https://webauthn.io/).

quexten avatar Aug 02 '24 13:08 quexten

@quexten Yes or when I add manually the URLs to "blocked domain" list what I figured out in the meantime.

  • Happen on all web pages where I tried to use fido2
  • Login/Unlock also not shown when I trigger the unlock via the User/Password Field drop down. image

BlueCase avatar Aug 02 '24 15:08 BlueCase