Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

LineageOS 21: Bitwarden cannot be used for passkey authentication on mobile #3310

Open
1 task
somova mannequin opened this issue Jun 15, 2024 · 14 comments
Open
1 task

LineageOS 21: Bitwarden cannot be used for passkey authentication on mobile #3310

somova mannequin opened this issue Jun 15, 2024 · 14 comments
Labels
bug Something isn't working

Comments

@somova
Copy link
Mannequin

somova mannequin commented Jun 15, 2024

Steps To Reproduce

  1. Ensure Bitwarden mobile is set as provider for "Passwords, Passkeys and Data Services"
  2. Open mobile Browser
  3. Open webpage "https://webauthn.io/"
  4. Try to register a passkey or authenticate with a passkey

Expected Result

Android should offer to select the favorite passkey provider to use with the webpage

Actual Result

Google only offers to store a new or use an already stored passkey in the Google Account or to select another device. The list of other devices only contains NFC, USB or other smartphone.

Screenshots or Videos

No response

Additional Context

No response

Operating System

Android

Operating System Version

LineageOS 21 (Build: 20240610; Android 14)

Device

Oneplus 9 Pro (LE2123)

Build Version

2024.5.1 (10574)

Beta

  • Using a pre-release version of the application.
@somova somova mannequin added the bug Something isn't working label Jun 15, 2024
@somova somova mannequin changed the title Lineageos21: Bitwarden cannot be used for passkey authentication on mobile LineageOS 21: Bitwarden cannot be used for passkey authentication on mobile Jun 15, 2024
@SergeantConfused
Copy link

Hi @somova,

Thank you for this report. Did you test this in Chrome after performing the steps that are outlined in the documentation?

Thank you in advance,

@somova
Copy link
Mannequin Author

somova mannequin commented Jun 16, 2024

Sorry, I forgot to mention the tested apps:

  • Vivaldi mobile browser (v.6.7.3335.149)
  • Firefox mobile browser (v.127.0)
  • Chrome mobile browser (v.126.0.6478.71)

Additionally, I followed the documentation and enabled flag "M124", but no avail.

Addition:
At first I did not find the second option (Enabled for 3rd party passkey providers under Android Credential Management for passkeys). After a closer look I found and enabled it. Now, the Chrome browser shows a bitwarden prompt when authenticating at "webauthn.io", but throws the following error message:

Fehler beim Lesen des Passkeys. Es gab ein Problem beim Lesen deines Passkeys für webauthn.io. Versuche es später erneut

Since my LineageOS smartphone is rooted. Are there any log files I could inspect?

@micahblut
Copy link
Member

@somova Do you know if LineageOS supports Google Play Services?

@msiqx9
Copy link
Mannequin

msiqx9 mannequin commented Jun 18, 2024

@somova Do you know if LineageOS supports Google Play Services?

Yes, all my OnePlus phones with LineageOS 21 have Google Play Services installed.

@somova
Copy link
Mannequin Author

somova mannequin commented Jun 18, 2024

@somova Do you know if LineageOS supports Google Play Services?

Yes, LineageOS supports Google Play Services. During initial installation phase of LineageOS the user can decide to add the Google addon package. On my smartphone Google Services including Google Play are available

@somova
Copy link
Mannequin Author

somova mannequin commented Jun 18, 2024

Now authentication succeeds with the Chrome browser. The error message

Fehler beim Lesen des Passkeys. Es gab ein Problem beim Lesen deines Passkeys für webauthn.io. Versuche es später erneut

disappers if the session timeout in the bitwarden mobile app is set to a value other than "immediately". Registering a passkey is still not offered.

@vvolkgang vvolkgang transferred this issue from another repository Jun 19, 2024
@vvolkgang vvolkgang transferred this issue from another repository Jun 19, 2024
@aphedges
Copy link

aphedges commented Jul 10, 2024

I don't think this is a LineageOS-specific issue. I similarly can't create passkeys using a more mainstream setup:

  • Operating System: Android
  • Operating System Version: Android 14 (Build number: AP2A.240605.024)
  • Device: Pixel 6a (Hardware version: MP1.0)
  • Build Version: 2024.6.0 (10746)

I tried with the following browsers:

  • Chrome (com.android.chrome): version 126.0.6478.122
    • The setting under chrome://flags was called "Enabled for 3rd party passkeys" instead of "Enabled for 3rd party passkey providers", which what the Bitwarden documentation states
  • Firefox (org.mozilla.firefox): version 128.0 (Build #2016030615)

In both browsers, when I tried to create a passkey for https://webauthn.io/, Google's password manager popped up instead as the only option for storage. Additionally, when I created an account for https://webauthn.io/ on my desktop, I was able to use that account to log in for both Chrome and Firefox.

I was unable to use Bitwarden when I attempted to log into an existing account on a website, but I think it is related to the following limitation (from Setup Bitwarden for use with passkeys):

Please also note that Android does not allow 3rd party passkey providers like Bitwarden to support passkey-based 2FA (a.k.a. "non-discoverable credentials").

@9SMTM6
Copy link

9SMTM6 commented Jul 20, 2024

I've just submitted a suggestion to that article.

Perhaps youve got the same issue.

On my CMF Phone I've got the additional field 'Additional Providers' in the relevant android settings.

When I unselected the only option, google, there, it did not offer to save passkeys in google any longer. But any Passkey registration simply failed.

I had to switch the regular option to none and then back to bitwarden (after unselecting google in the additional option of course) to make bitwarden offer to save passkeys when registering them.

@somova
Copy link

somova commented Aug 14, 2024

Are there any news in this topic?

@msiqx9
Copy link

msiqx9 commented Sep 3, 2024

I dug out my old OnePlus 5 where I had previously wiped the OS and installed LineageOS 21. This phone has Bitwarden app 2024.8.0 (beta) and Chrome browser v127 installed and set "Enabled for Google Password Manager and 3rd party passkeys".

I had success with WebAuthn.io with the passkey being stored and used from Bitwarden.

@braupach
Copy link

braupach commented Sep 12, 2024

I could reproduce this bug on my Poco F1 but it now works after the 21.0-20240910 update.
I guess this issue can be closed now?

Edit: I made an error testing it. Registration doesn't work yet but authentication does

@trandzik
Copy link

Please will it be possible to use Bitwarden for passkeys without Google Play Services on LineageOS?

When trying to sign in with a passkey on following website https://www.passkeys.io/ after clicking on the button nothing happens.

I am using Bitwarden 2024.7.1, Firefox 130.0.1, LineageOS 21.

@msiqx9
Copy link

msiqx9 commented Oct 1, 2024

I have just updated my OnePlus 5 to 21-20240930-NIGHTLY-cheeseburger and am running the Bitwarden app 2024.8.1 (beta). I have just tested https://webauthn.io in the Chrome browser v129 and have had success with the passkey being stored in and used from Bitwarden.

@somova
Copy link

somova commented Dec 15, 2024

Unfortunately, the problem still persists. As a result, the Bitwarden app is unfortunately only partially usable on Android. It now seems to work in the Chrome browser. However, there are other cases in which it does not work (for example, registration in the Vivaldi browser).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

8 participants