bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-12 06:13:38 +00:00
Code Issues Releases Wiki Activity

[PM-6012] Added device identifier header when updating trust on key rotation (#7807)

Browse Source
This commit is contained in:
Todd Martin
2024-02-05 11:35:33 -05:00
committed by GitHub
parent 25711afaf6
commit 250e7c87e8
4 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libs/common/src/auth/abstractions/devices-api.service.abstraction.ts
View File

@@ -18,7 +18,10 @@ export abstract class DevicesApiServiceAbstraction {
deviceKeyEncryptedDevicePrivateKey: string, deviceKeyEncryptedDevicePrivateKey: string,
) => Promise<DeviceResponse>; ) => Promise<DeviceResponse>;
updateTrust: (updateDevicesTrustRequestModel: UpdateDevicesTrustRequest) => Promise<void>; updateTrust: (
updateDevicesTrustRequestModel: UpdateDevicesTrustRequest,
deviceIdentifier: string,
) => Promise<void>;
getDeviceKeys: ( getDeviceKeys: (
deviceIdentifier: string, deviceIdentifier: string,

2
libs/common/src/auth/services/device-trust-crypto.service.implementation.ts
View File

@@ -150,7 +150,7 @@ export class DeviceTrustCryptoService implements DeviceTrustCryptoServiceAbstrac
trustRequest.currentDevice = currentDeviceUpdateRequest; trustRequest.currentDevice = currentDeviceUpdateRequest;
trustRequest.otherDevices = []; trustRequest.otherDevices = [];
await this.devicesApiService.updateTrust(trustRequest); await this.devicesApiService.updateTrust(trustRequest, deviceIdentifier);
} }
async getDeviceKey(): Promise<DeviceKey> { async getDeviceKey(): Promise<DeviceKey> {

5
libs/common/src/auth/services/device-trust-crypto.service.spec.ts
View File

@@ -502,7 +502,7 @@ describe("deviceTrustCryptoService", () => {
await deviceTrustCryptoService.rotateDevicesTrust(fakeNewUserKey, ""); await deviceTrustCryptoService.rotateDevicesTrust(fakeNewUserKey, "");
expect(devicesApiService.updateTrust).not.toBeCalled(); expect(devicesApiService.updateTrust).not.toHaveBeenCalled();
}); });
describe("is on a trusted device", () => { describe("is on a trusted device", () => {
@@ -579,7 +579,7 @@ describe("deviceTrustCryptoService", () => {
await deviceTrustCryptoService.rotateDevicesTrust(fakeNewUserKey, "my_password_hash"); await deviceTrustCryptoService.rotateDevicesTrust(fakeNewUserKey, "my_password_hash");
expect(devicesApiService.updateTrust).toBeCalledWith( expect(devicesApiService.updateTrust).toHaveBeenCalledWith(
matches((updateTrustModel: UpdateDevicesTrustRequest) => { matches((updateTrustModel: UpdateDevicesTrustRequest) => {
return ( return (
updateTrustModel.currentDevice.encryptedPublicKey === updateTrustModel.currentDevice.encryptedPublicKey ===
@@ -587,6 +587,7 @@ describe("deviceTrustCryptoService", () => {
updateTrustModel.currentDevice.encryptedUserKey === "4.ZW5jcnlwdGVkdXNlcg==" updateTrustModel.currentDevice.encryptedUserKey === "4.ZW5jcnlwdGVkdXNlcg=="
); );
}), }),
expect.stringMatching("test_device_identifier"),
); );
}); });
}); });

9
libs/common/src/auth/services/devices-api.service.implementation.ts
View File

@@ -71,13 +71,20 @@ export class DevicesApiServiceImplementation implements DevicesApiServiceAbstrac
return new DeviceResponse(result); return new DeviceResponse(result);
} }
async updateTrust(updateDevicesTrustRequestModel: UpdateDevicesTrustRequest): Promise<void> { async updateTrust(
updateDevicesTrustRequestModel: UpdateDevicesTrustRequest,
deviceIdentifier: string,
): Promise<void> {
await this.apiService.send( await this.apiService.send(
"POST", "POST",
"/devices/update-trust", "/devices/update-trust",
updateDevicesTrustRequestModel, updateDevicesTrustRequestModel,
true, true,
false, false,
null,
(headers) => {
headers.set("X-Device-Identifier", deviceIdentifier);
},
); );
} }