From 54f0852f1a4c306fb5d087318ac429d7c3f10811 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Tue, 22 Jul 2025 22:00:07 +0200 Subject: [PATCH] Migrate auth abstract services to strict ts (#15732) --- .../set-password-jit.service.abstraction.ts | 4 +-- .../auth-request.service.abstraction.ts | 36 +++++++++---------- .../abstractions/login-strategy.service.ts | 26 +++++++------- 3 files changed, 30 insertions(+), 36 deletions(-) diff --git a/libs/auth/src/angular/set-password-jit/set-password-jit.service.abstraction.ts b/libs/auth/src/angular/set-password-jit/set-password-jit.service.abstraction.ts index da6e9368007..92db88868a2 100644 --- a/libs/auth/src/angular/set-password-jit/set-password-jit.service.abstraction.ts +++ b/libs/auth/src/angular/set-password-jit/set-password-jit.service.abstraction.ts @@ -1,5 +1,3 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore import { UserId } from "@bitwarden/common/types/guid"; import { MasterKey } from "@bitwarden/common/types/key"; import { KdfConfig } from "@bitwarden/key-management"; @@ -31,5 +29,5 @@ export abstract class SetPasswordJitService { * @throws If any property on the `credentials` object is null or undefined, or if a protectedUserKey * or newKeyPair could not be created. */ - setPassword: (credentials: SetPasswordCredentials) => Promise; + abstract setPassword(credentials: SetPasswordCredentials): Promise; } diff --git a/libs/auth/src/common/abstractions/auth-request.service.abstraction.ts b/libs/auth/src/common/abstractions/auth-request.service.abstraction.ts index 7e480c3a69c..9eea3fe7bb0 100644 --- a/libs/auth/src/common/abstractions/auth-request.service.abstraction.ts +++ b/libs/auth/src/common/abstractions/auth-request.service.abstraction.ts @@ -1,5 +1,3 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore import { Observable } from "rxjs"; import { AdminAuthRequestStorable } from "@bitwarden/common/auth/models/domain/admin-auth-req-storable"; @@ -10,20 +8,20 @@ import { UserKey, MasterKey } from "@bitwarden/common/types/key"; export abstract class AuthRequestServiceAbstraction { /** Emits an auth request id when an auth request has been approved. */ - authRequestPushNotification$: Observable; + abstract authRequestPushNotification$: Observable; /** * Emits when a login has been approved by an admin. This emission is specifically for the * purpose of notifying the consuming component to display a toast informing the user. */ - adminLoginApproved$: Observable; + abstract adminLoginApproved$: Observable; /** * Returns an admin auth request for the given user if it exists. * @param userId The user id. * @throws If `userId` is not provided. */ - abstract getAdminAuthRequest: (userId: UserId) => Promise; + abstract getAdminAuthRequest(userId: UserId): Promise; /** * Sets an admin auth request for the given user. * Note: use {@link clearAdminAuthRequest} to clear the request. @@ -31,16 +29,16 @@ export abstract class AuthRequestServiceAbstraction { * @param userId The user id. * @throws If `authRequest` or `userId` is not provided. */ - abstract setAdminAuthRequest: ( + abstract setAdminAuthRequest( authRequest: AdminAuthRequestStorable, userId: UserId, - ) => Promise; + ): Promise; /** * Clears an admin auth request for the given user. * @param userId The user id. * @throws If `userId` is not provided. */ - abstract clearAdminAuthRequest: (userId: UserId) => Promise; + abstract clearAdminAuthRequest(userId: UserId): Promise; /** * Gets a list of standard pending auth requests for the user. * @returns An observable of an array of auth request. @@ -61,42 +59,42 @@ export abstract class AuthRequestServiceAbstraction { * approval was successful. * @throws If the auth request is missing an id or key. */ - abstract approveOrDenyAuthRequest: ( + abstract approveOrDenyAuthRequest( approve: boolean, authRequest: AuthRequestResponse, - ) => Promise; + ): Promise; /** * Sets the `UserKey` from an auth request. Auth request must have a `UserKey`. * @param authReqResponse The auth request. * @param authReqPrivateKey The private key corresponding to the public key sent in the auth request. * @param userId The ID of the user for whose account we will set the key. */ - abstract setUserKeyAfterDecryptingSharedUserKey: ( + abstract setUserKeyAfterDecryptingSharedUserKey( authReqResponse: AuthRequestResponse, authReqPrivateKey: ArrayBuffer, userId: UserId, - ) => Promise; + ): Promise; /** * Sets the `MasterKey` and `MasterKeyHash` from an auth request. Auth request must have a `MasterKey` and `MasterKeyHash`. * @param authReqResponse The auth request. * @param authReqPrivateKey The private key corresponding to the public key sent in the auth request. * @param userId The ID of the user for whose account we will set the keys. */ - abstract setKeysAfterDecryptingSharedMasterKeyAndHash: ( + abstract setKeysAfterDecryptingSharedMasterKeyAndHash( authReqResponse: AuthRequestResponse, authReqPrivateKey: ArrayBuffer, userId: UserId, - ) => Promise; + ): Promise; /** * Decrypts a `UserKey` from a public key encrypted `UserKey`. * @param pubKeyEncryptedUserKey The public key encrypted `UserKey`. * @param privateKey The private key corresponding to the public key used to encrypt the `UserKey`. * @returns The decrypted `UserKey`. */ - abstract decryptPubKeyEncryptedUserKey: ( + abstract decryptPubKeyEncryptedUserKey( pubKeyEncryptedUserKey: string, privateKey: ArrayBuffer, - ) => Promise; + ): Promise; /** * Decrypts a `MasterKey` and `MasterKeyHash` from a public key encrypted `MasterKey` and `MasterKeyHash`. * @param pubKeyEncryptedMasterKey The public key encrypted `MasterKey`. @@ -104,18 +102,18 @@ export abstract class AuthRequestServiceAbstraction { * @param privateKey The private key corresponding to the public key used to encrypt the `MasterKey` and `MasterKeyHash`. * @returns The decrypted `MasterKey` and `MasterKeyHash`. */ - abstract decryptPubKeyEncryptedMasterKeyAndHash: ( + abstract decryptPubKeyEncryptedMasterKeyAndHash( pubKeyEncryptedMasterKey: string, pubKeyEncryptedMasterKeyHash: string, privateKey: ArrayBuffer, - ) => Promise<{ masterKey: MasterKey; masterKeyHash: string }>; + ): Promise<{ masterKey: MasterKey; masterKeyHash: string }>; /** * Handles incoming auth request push notifications. * @param notification push notification. * @remark We should only be receiving approved push notifications to prevent enumeration. */ - abstract sendAuthRequestPushNotification: (notification: AuthRequestPushNotification) => void; + abstract sendAuthRequestPushNotification(notification: AuthRequestPushNotification): void; /** * Creates a dash-delimited fingerprint for use in confirming the `AuthRequest` between the requesting and approving device. diff --git a/libs/auth/src/common/abstractions/login-strategy.service.ts b/libs/auth/src/common/abstractions/login-strategy.service.ts index b0fffae2ab4..64854393240 100644 --- a/libs/auth/src/common/abstractions/login-strategy.service.ts +++ b/libs/auth/src/common/abstractions/login-strategy.service.ts @@ -1,5 +1,3 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore import { Observable } from "rxjs"; import { AuthenticationType } from "@bitwarden/common/auth/enums/authentication-type"; @@ -20,60 +18,60 @@ export abstract class LoginStrategyServiceAbstraction { * The current strategy being used to authenticate. * Emits null if the session has timed out. */ - currentAuthType$: Observable; + abstract currentAuthType$: Observable; /** * If the login strategy uses the email address of the user, this * will return it. Otherwise, it will return null. */ - getEmail: () => Promise; + abstract getEmail(): Promise; /** * If the user is logging in with a master password, this will return * the master password hash. Otherwise, it will return null. */ - getMasterPasswordHash: () => Promise; + abstract getMasterPasswordHash(): Promise; /** * If the user is logging in with SSO, this will return * the email auth token. Otherwise, it will return null. * @see {@link SsoLoginStrategyData.ssoEmail2FaSessionToken} */ - getSsoEmail2FaSessionToken: () => Promise; + abstract getSsoEmail2FaSessionToken(): Promise; /** * Returns the access code if the user is logging in with an * Auth Request. Otherwise, it will return null. */ - getAccessCode: () => Promise; + abstract getAccessCode(): Promise; /** * Returns the auth request ID if the user is logging in with an * Auth Request. Otherwise, it will return null. */ - getAuthRequestId: () => Promise; + abstract getAuthRequestId(): Promise; /** * Sends a token request to the server using the provided credentials. */ - logIn: ( + abstract logIn( credentials: | UserApiLoginCredentials | PasswordLoginCredentials | SsoLoginCredentials | AuthRequestLoginCredentials | WebAuthnLoginCredentials, - ) => Promise; + ): Promise; /** * Sends a token request to the server with the provided two factor token. * This uses data stored from {@link LoginStrategyServiceAbstraction.logIn}, so that must be called first. * Returns an error if no session data is found. */ - logInTwoFactor: (twoFactor: TokenTwoFactorRequest) => Promise; + abstract logInTwoFactor(twoFactor: TokenTwoFactorRequest): Promise; /** * Creates a master key from the provided master password and email. */ - makePreloginKey: (masterPassword: string, email: string) => Promise; + abstract makePreloginKey(masterPassword: string, email: string): Promise; /** * Emits true if the authentication session has expired. */ - authenticationSessionTimeout$: Observable; + abstract get authenticationSessionTimeout$(): Observable; /** * Sends a token request to the server with the provided device verification OTP. */ - logInNewDeviceVerification: (deviceVerificationOtp: string) => Promise; + abstract logInNewDeviceVerification(deviceVerificationOtp: string): Promise; }