Add support for biometrics for Orion, a macOS browser

Feature name

• Add support for biometrics for Orion, a macOS browser

Feature function

• What will this feature do differently? Allow biometric unlock for the Orion macOS browser.
• What benefits will this feature bring? Orion users can use biometrics
• Remember to add a tag for each client application that will be affected

Related topics + references

• Are there any related topics that may help explain the need and function of this feature? No
• Are there any references to this feature or function on other platforms that may be helpful? Yes, on the Orion browser feedback forum: Bitwarden Biometric Authentication doesn't work: Page 2 - Orion Public Issue Tracker

Details

Orion is webkit browser for macOS and iOS, currently in beta. It is a zero-telemetry browser and generally its users love Bitwarden.

Orion is unique in that it has partial support for web extensions, with plans and current work for full support. The developers have implemented both the browser and chrome (manifest v2) extension APIs and both the FF and Chromium Bitwarden extensions work, except for biometrics.

If I understand correctly, this is because Bitwarden does not create the com.8bit.bitwarden.json file in the Orion NativeMessagingHosts directory. Indeed, if we install the appropriate version of the Bitwarden extension and copy the corresponding com.8bit.bitwarden.json file to that folder, the biometric extension-linking process succeeds and it works fine.

So, we hope Bitwarden can add the needed entitlements for the directory ~/Library/Application Support/Orion/NativeMessagingHosts and copy the file over.

The only hiccup is that Orion users may have either the Chrome or FF extension installed, and I think you need the correct json file for the biometric extension-linking process to work. In this case, Bitwarden Desktop needs to know if Orion has the FF or Chrome extension installed.

If this is indeed necessary, my idea was for Orion to add json file to the NativeMessagingHosts folder which indicates the version of the extension installed - something like this:

{
  "bitwarden": {
      "version": "Firefox"
  }
}

This way, no additional entitlements are needed to access this information and there is virtually no attack surface in the exposure of the installed extensions.

Of course I defer to you guys to decide on an acceptable solution if one is needed.

I’m able to liaise with the Orion team or connect a Bitwarden person with them.

Thanks for your time and all your hard work on Bitwarden.

Hi psychedelicious would it be possible for Orion to just fallback to the chrome directory like all the other chromium based browsers?

Orion developers could put a routine inside their extension section to recommend the Chrome extension for Bitwarden for those who want biometric capabilities, warning that the Firefox extension won’t work.

For what it’s worth, I’m a paid Orion user (Kagi user).

Wanted to try and resurrect this thread.

Orion is growing in popularity but small issues like this prevent a lot of people from daily driving it. It really is a unique browser, providing a better feature set than Safari while maintaining the OSX battery performance Webkit brings.

@abanay the Chrome directory fallback is what some are already using but for those of us that don’t want Chrome’s keystone deamon, this isn’t exactly an option.