[PM-5404, PM-3518] Migrate user decryption options to new service (#7344)

* create new user decryption options service

* rename new service to user decryption options

* add hasMasterPassword to user decryption options service

* migrate device trust service to new user decryption options service

* add migration for user-decryption-options

* migrate sync service and calls to trust-device-service

* rename abstraction file

* migrate two factor component

* migrate two factor spec

* migrate sso component

* migrate set-password component

* migrate base login decryption component

* migrate organization options component

* fix component imports

* add missing imports
- remove state service calls
- add update user decryption options method

* remove acct decryption options from account

* lint

* fix tests and linting

* fix browser

* fix desktop

* add user decryption options service to cli

* remove default value from migration

* bump migration number

* fix merge conflict

* fix vault timeout settings

* fix cli

* more fixes

* add user decryption options service to deps of vault timeout settings service

* update login strategy service with user decryption options

* remove early return from sync bandaid for user decryption options

* move user decryption options service to lib/auth

* move user decryption options to libs/auth

* fix reference

* fix browser

* check user decryption options after 2fa check

* update migration and revert tsconfig changes

* add more documentation

* clear user decryption options on logout

* fix tests by creating helper for user decryption options

* fix tests

* pr feedback

* fix factory

* update migration

* add tests

* update missed migration num in test

libs/common/src/vault/services/sync/sync.service.ts

@@ -1,3 +1,7 @@
+import { firstValueFrom } from "rxjs";
+
+import { UserDecryptionOptionsServiceAbstraction } from "@bitwarden/auth/common";
+
 import { ApiService } from "../../../abstractions/api.service";
 import { InternalOrganizationServiceAbstraction } from "../../../admin-console/abstractions/organization/organization.service.abstraction";
 import { InternalPolicyService } from "../../../admin-console/abstractions/policy/policy.service.abstraction";
@@ -24,7 +28,6 @@ import { LogService } from "../../../platform/abstractions/log.service";
 import { MessagingService } from "../../../platform/abstractions/messaging.service";
 import { StateService } from "../../../platform/abstractions/state.service";
 import { sequentialize } from "../../../platform/misc/sequentialize";
-import { AccountDecryptionOptions } from "../../../platform/models/domain/account";
 import { SendData } from "../../../tools/send/models/data/send.data";
 import { SendResponse } from "../../../tools/send/models/response/send.response";
 import { SendApiService } from "../../../tools/send/services/send-api.service.abstraction";
@@ -62,6 +65,7 @@ export class SyncService implements SyncServiceAbstraction {
     private folderApiService: FolderApiServiceAbstraction,
     private organizationService: InternalOrganizationServiceAbstraction,
     private sendApiService: SendApiService,
+    private userDecryptionOptionsService: UserDecryptionOptionsServiceAbstraction,
     private avatarService: AvatarService,
     private logoutCallback: (expired: boolean) => Promise<void>,
     private billingAccountProfileStateService: BillingAccountProfileStateService,
@@ -353,19 +357,12 @@ export class SyncService implements SyncServiceAbstraction {
       );
     }
 
-    const acctDecryptionOpts: AccountDecryptionOptions =
-      await this.stateService.getAccountDecryptionOptions();
+    const userDecryptionOptions = await firstValueFrom(
+      this.userDecryptionOptionsService.userDecryptionOptions$,
+    );
 
-    // Account decryption options should never be null or undefined b/c it is always initialized
-    // during the processing of the ID token response, but there might be a state issue
-    // where it is being overwritten with undefined affecting browser extension + FireFox users.
-    // TODO: Consider removing this once we figure out the root cause of the state issue or after the state provider refactor.
-    if (acctDecryptionOpts === null || acctDecryptionOpts === undefined) {
+    if (userDecryptionOptions === null || userDecryptionOptions === undefined) {
       this.logService.error("Sync: Account decryption options are null or undefined.");
-      // Early return as a bandaid to allow the rest of the sync to continue so users can access
-      // their data that they might have added from another device.
-      // Otherwise, trying to access properties on undefined below will throw an error.
-      return;
     }
 
     // Even though TDE users should only be in a single org (per single org policy), check
@@ -384,8 +381,8 @@ export class SyncService implements SyncServiceAbstraction {
     }
 
     if (
-      acctDecryptionOpts.trustedDeviceOption !== undefined &&
-      !acctDecryptionOpts.hasMasterPassword &&
+      userDecryptionOptions.trustedDeviceOption !== undefined &&
+      !userDecryptionOptions.hasMasterPassword &&
       hasManageResetPasswordPermission
     ) {
       // TDE user w/out MP went from having no password reset permission to having it.