Bug Report: Passkey Handling with Locked Extension
If a Relying Party (on a non-excluded domain) request passkey authentication while the extension is locked, then the extension is expected to prompt the user to unlock the vault, with an option to “Use your device or hardware key” for handling the passkey authentication instead of using Bitwarden. If the user unlocks their vault when prompted, they should be presented with the matching passkeys available in the Bitwarden vault, and be allowed to select one for the authentication ceremony. This is the way that in works in the production version of the browser extension, but this workflow is completely broken in the beta extension (version 2024.11.999).
When the Relying Party requests passkey authentication while the beta browser extension is locked, the following pop-out window appears:
Note that the bottom of the UI is cut off in the pop-out window (pushed below the fold by the vast expanses of empty space in the UI), but even if one uses the scroll bar (or resizes the pop-out window) to reveal the full contents of the UI, there is no option to Use your device or hardware key.
If the user proceeds to unlock the vault, then the pop-out just opens to a static “Vault” page. There is no option to use any stored passkeys, and the floating pop-out window does not automatically close after unlocking has been completed.