PM-4877: Only allow replacing passkeys for the same userhandle

[abergs]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-4877

📔 Objective

📸 Screenshots

Demo after these changes:
https://share.cleanshot.com/8j29tzPK

Demo before these changes:
https://share.cleanshot.com/xfLJ11Hd

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 6d83db3f-2053-440f-8c02-0c7b57a0de7a

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Angular_Improper_Type_Pipe_Usage	/bitwarden_license/bit-web/src/app/admin-console/providers/providers-layout.component.html: 50	Attack Vector
	Unpinned Actions Full Length Commit SHA	/build-desktop.yml: 1210	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Unpinned Actions Full Length Commit SHA	/build-cli.yml: 406	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Unpinned Actions Full Length Commit SHA	/build-desktop.yml: 1256	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Client_DOM_Open_Redirect	/apps/browser/src/platform/popup/layout/popup-header.component.ts: 29	Attack Vector
	Client_Use_Of_Iframe_Without_Sandbox	/apps/web/src/connectors/duo.ts: 8	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	Unpinned Actions Full Length Commit SHA	/build-cli.yml: 402
	Unpinned Actions Full Length Commit SHA	/build-desktop.yml: 1268
	Unpinned Actions Full Length Commit SHA	/build-desktop.yml: 1222
	Unsafe_Use_Of_Target_blank	/apps/web/src/app/auth/settings/two-factor-authenticator.component.html: 58
	Unsafe_Use_Of_Target_blank	/apps/web/src/app/auth/settings/two-factor-authenticator.component.html: 45

[coroiu]

Tests failing?

[abergs]

@coroiu Ah, I ran the tests locally but mistakenly only ran those in the /apps/browser folder. I've now fixed the failing platform test, but in github I get this error which I don't understand.

[coroiu]

@abergs seems like someone broke main, fix was pushed 7 minutes ago, just update your branch #9822 :)

Edit: seems you beat me to it!

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 6 lines in your changes missing coverage. Please review.

Project coverage is 29.53%. Comparing base (1fdfd69) to head (f4e5585).
Report is 46 commits behind head on main.

Files	Patch %	Lines
...rc/vault/popup/components/fido2/fido2.component.ts	0.00%	6 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #9804      +/-   ##
==========================================
+ Coverage   29.30%   29.53%   +0.22%     
==========================================
  Files        2532     2537       +5     
  Lines       73825    74158     +333     
  Branches    13783    13857      +74     
==========================================
+ Hits        21636    21903     +267     
- Misses      50569    50596      +27     
- Partials     1620     1659      +39     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[abergs]

How did a rebase trigger all of that crap. Sorry everyone that got pinged.

[abergs]

@coroiu Tests passing

[gbubemismith]

Looks good! Thanks for working on this @abergs

[gbubemismith]

I wonder why the mac os desktop build keeps failing

[abergs]

Need re-review because I was using === null which caused an error. Thanks to @justindbaur who told me to fix that in another PR i knew right away what to do!