mirror of
https://github.com/bitwarden/browser
synced 2025-12-14 23:33:31 +00:00
[PM-3198][PM-3199] Rename PasswordlessLoginStrategy (#6425)
* rename to LoginWithDeviceLoginStrategy * rename LoginWithDeviceComponent * update translation for web route * rename strategy to AuthRequestLoginStrategy * rename PasswordlessLogInCredentials and PasswordlessCreateAuthRequest * rename setPasswordlessAccessCode * rename startPasswordlessLogin() in template files * rename startPasswordlessLogin() for browser template file * rename AuthenticationType.Passwordless * standardize LogInStrategy to LoginStrategy * standardize PasswordLogInStrategy to PasswordLoginStrategy * standardize SsoLogInStrategy to SsoLoginStrategy * standardize UserApiLogInStrategy to UserApiLoginStrategy * standardize naming of login credentials * rename log-in-credentials.ts to login-credentials.ts
This commit is contained in:
rr-bw
GitHub
@@ -32,6 +32,7 @@ import {
|
||||
} from "../admin-console/models/response/provider/provider-user.response";
|
||||
import { ProviderResponse } from "../admin-console/models/response/provider/provider.response";
|
||||
import { SelectionReadOnlyResponse } from "../admin-console/models/response/selection-read-only.response";
|
||||
import { CreateAuthRequest } from "../auth/models/request/create-auth.request";
|
||||
import { DeviceVerificationRequest } from "../auth/models/request/device-verification.request";
|
||||
import { EmailTokenRequest } from "../auth/models/request/email-token.request";
|
||||
import { EmailRequest } from "../auth/models/request/email.request";
|
||||
@@ -47,7 +48,6 @@ import { KeyConnectorUserKeyRequest } from "../auth/models/request/key-connector
|
||||
import { PasswordHintRequest } from "../auth/models/request/password-hint.request";
|
||||
import { PasswordRequest } from "../auth/models/request/password.request";
|
||||
import { PasswordlessAuthRequest } from "../auth/models/request/passwordless-auth.request";
|
||||
import { PasswordlessCreateAuthRequest } from "../auth/models/request/passwordless-create-auth.request";
|
||||
import { SecretVerificationRequest } from "../auth/models/request/secret-verification.request";
|
||||
import { SetKeyConnectorKeyRequest } from "../auth/models/request/set-key-connector-key.request";
|
||||
import { SetPasswordRequest } from "../auth/models/request/set-password.request";
|
||||
@@ -199,8 +199,8 @@ export abstract class ApiService {
|
||||
putUpdateTempPassword: (request: UpdateTempPasswordRequest) => Promise<any>;
|
||||
postConvertToKeyConnector: () => Promise<void>;
|
||||
//passwordless
|
||||
postAuthRequest: (request: PasswordlessCreateAuthRequest) => Promise<AuthRequestResponse>;
|
||||
postAdminAuthRequest: (request: PasswordlessCreateAuthRequest) => Promise<AuthRequestResponse>;
|
||||
postAuthRequest: (request: CreateAuthRequest) => Promise<AuthRequestResponse>;
|
||||
postAdminAuthRequest: (request: CreateAuthRequest) => Promise<AuthRequestResponse>;
|
||||
getAuthResponse: (id: string, accessCode: string) => Promise<AuthRequestResponse>;
|
||||
getAuthRequest: (id: string) => Promise<AuthRequestResponse>;
|
||||
putAuthRequest: (id: string, request: PasswordlessAuthRequest) => Promise<AuthRequestResponse>;
|
||||
|
||||
@@ -5,11 +5,11 @@ import { MasterKey } from "../../platform/models/domain/symmetric-crypto-key";
|
||||
import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import {
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
PasswordlessLogInCredentials,
|
||||
} from "../models/domain/log-in-credentials";
|
||||
UserApiLoginCredentials,
|
||||
PasswordLoginCredentials,
|
||||
SsoLoginCredentials,
|
||||
AuthRequestLoginCredentials,
|
||||
} from "../models/domain/login-credentials";
|
||||
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
|
||||
import { AuthRequestResponse } from "../models/response/auth-request.response";
|
||||
|
||||
@@ -22,10 +22,10 @@ export abstract class AuthService {
|
||||
|
||||
logIn: (
|
||||
credentials:
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
| UserApiLoginCredentials
|
||||
| PasswordLoginCredentials
|
||||
| SsoLoginCredentials
|
||||
| AuthRequestLoginCredentials
|
||||
) => Promise<AuthResult>;
|
||||
logInTwoFactor: (
|
||||
twoFactor: TokenTwoFactorRequest,
|
||||
|
||||
@@ -2,5 +2,5 @@ export enum AuthenticationType {
|
||||
Password = 0,
|
||||
Sso = 1,
|
||||
UserApi = 2,
|
||||
Passwordless = 3,
|
||||
AuthRequest = 3,
|
||||
}
|
||||
|
||||
@@ -17,13 +17,13 @@ import { CsprngArray } from "../../types/csprng";
|
||||
import { DeviceTrustCryptoServiceAbstraction } from "../abstractions/device-trust-crypto.service.abstraction";
|
||||
import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { PasswordlessLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { AuthRequestLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
|
||||
import { AuthRequestLoginStrategy } from "./auth-request-login.strategy";
|
||||
import { identityTokenResponseFactory } from "./login.strategy.spec";
|
||||
import { PasswordlessLogInStrategy } from "./passwordless-login.strategy";
|
||||
|
||||
describe("PasswordlessLogInStrategy", () => {
|
||||
describe("AuthRequestLoginStrategy", () => {
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -35,8 +35,8 @@ describe("PasswordlessLogInStrategy", () => {
|
||||
let twoFactorService: MockProxy<TwoFactorService>;
|
||||
let deviceTrustCryptoService: MockProxy<DeviceTrustCryptoServiceAbstraction>;
|
||||
|
||||
let passwordlessLoginStrategy: PasswordlessLogInStrategy;
|
||||
let credentials: PasswordlessLogInCredentials;
|
||||
let authRequestLoginStrategy: AuthRequestLoginStrategy;
|
||||
let credentials: AuthRequestLoginCredentials;
|
||||
let tokenResponse: IdentityTokenResponse;
|
||||
|
||||
const deviceId = Utils.newGuid();
|
||||
@@ -66,7 +66,7 @@ describe("PasswordlessLogInStrategy", () => {
|
||||
appIdService.getAppId.mockResolvedValue(deviceId);
|
||||
tokenService.decodeToken.mockResolvedValue({});
|
||||
|
||||
passwordlessLoginStrategy = new PasswordlessLogInStrategy(
|
||||
authRequestLoginStrategy = new AuthRequestLoginStrategy(
|
||||
cryptoService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -84,7 +84,7 @@ describe("PasswordlessLogInStrategy", () => {
|
||||
});
|
||||
|
||||
it("sets keys after a successful authentication when masterKey and masterKeyHash provided in login credentials", async () => {
|
||||
credentials = new PasswordlessLogInCredentials(
|
||||
credentials = new AuthRequestLoginCredentials(
|
||||
email,
|
||||
accessCode,
|
||||
authRequestId,
|
||||
@@ -99,7 +99,7 @@ describe("PasswordlessLogInStrategy", () => {
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
cryptoService.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
|
||||
|
||||
await passwordlessLoginStrategy.logIn(credentials);
|
||||
await authRequestLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(cryptoService.setMasterKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(cryptoService.setMasterKeyHash).toHaveBeenCalledWith(decMasterKeyHash);
|
||||
@@ -111,7 +111,7 @@ describe("PasswordlessLogInStrategy", () => {
|
||||
|
||||
it("sets keys after a successful authentication when only userKey provided in login credentials", async () => {
|
||||
// Initialize credentials with only userKey
|
||||
credentials = new PasswordlessLogInCredentials(
|
||||
credentials = new AuthRequestLoginCredentials(
|
||||
email,
|
||||
accessCode,
|
||||
authRequestId,
|
||||
@@ -121,7 +121,7 @@ describe("PasswordlessLogInStrategy", () => {
|
||||
);
|
||||
|
||||
// Call logIn
|
||||
await passwordlessLoginStrategy.logIn(credentials);
|
||||
await authRequestLoginStrategy.logIn(credentials);
|
||||
|
||||
// setMasterKey and setMasterKeyHash should not be called
|
||||
expect(cryptoService.setMasterKey).not.toHaveBeenCalled();
|
||||
@@ -9,28 +9,28 @@ import { DeviceTrustCryptoServiceAbstraction } from "../abstractions/device-trus
|
||||
import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import { PasswordlessLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { AuthRequestLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
|
||||
import { LogInStrategy } from "./login.strategy";
|
||||
import { LoginStrategy } from "./login.strategy";
|
||||
|
||||
export class PasswordlessLogInStrategy extends LogInStrategy {
|
||||
export class AuthRequestLoginStrategy extends LoginStrategy {
|
||||
get email() {
|
||||
return this.tokenRequest.email;
|
||||
}
|
||||
|
||||
get accessCode() {
|
||||
return this.passwordlessCredentials.accessCode;
|
||||
return this.authRequestCredentials.accessCode;
|
||||
}
|
||||
|
||||
get authRequestId() {
|
||||
return this.passwordlessCredentials.authRequestId;
|
||||
return this.authRequestCredentials.authRequestId;
|
||||
}
|
||||
|
||||
tokenRequest: PasswordTokenRequest;
|
||||
private passwordlessCredentials: PasswordlessLogInCredentials;
|
||||
private authRequestCredentials: AuthRequestLoginCredentials;
|
||||
|
||||
constructor(
|
||||
cryptoService: CryptoService,
|
||||
@@ -57,8 +57,8 @@ export class PasswordlessLogInStrategy extends LogInStrategy {
|
||||
);
|
||||
}
|
||||
|
||||
override async logIn(credentials: PasswordlessLogInCredentials) {
|
||||
this.passwordlessCredentials = credentials;
|
||||
override async logIn(credentials: AuthRequestLoginCredentials) {
|
||||
this.authRequestCredentials = credentials;
|
||||
|
||||
this.tokenRequest = new PasswordTokenRequest(
|
||||
credentials.email,
|
||||
@@ -68,7 +68,7 @@ export class PasswordlessLogInStrategy extends LogInStrategy {
|
||||
await this.buildDeviceRequest()
|
||||
);
|
||||
|
||||
this.tokenRequest.setPasswordlessAccessCode(credentials.authRequestId);
|
||||
this.tokenRequest.setAuthRequestAccessCode(credentials.authRequestId);
|
||||
const [authResult] = await this.startLogIn();
|
||||
return authResult;
|
||||
}
|
||||
@@ -83,13 +83,11 @@ export class PasswordlessLogInStrategy extends LogInStrategy {
|
||||
|
||||
protected override async setMasterKey(response: IdentityTokenResponse) {
|
||||
if (
|
||||
this.passwordlessCredentials.decryptedMasterKey &&
|
||||
this.passwordlessCredentials.decryptedMasterKeyHash
|
||||
this.authRequestCredentials.decryptedMasterKey &&
|
||||
this.authRequestCredentials.decryptedMasterKeyHash
|
||||
) {
|
||||
await this.cryptoService.setMasterKey(this.passwordlessCredentials.decryptedMasterKey);
|
||||
await this.cryptoService.setMasterKeyHash(
|
||||
this.passwordlessCredentials.decryptedMasterKeyHash
|
||||
);
|
||||
await this.cryptoService.setMasterKey(this.authRequestCredentials.decryptedMasterKey);
|
||||
await this.cryptoService.setMasterKeyHash(this.authRequestCredentials.decryptedMasterKeyHash);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -98,8 +96,8 @@ export class PasswordlessLogInStrategy extends LogInStrategy {
|
||||
// but set the master key encrypted user key if it exists regardless
|
||||
await this.cryptoService.setMasterKeyEncryptedUserKey(response.key);
|
||||
|
||||
if (this.passwordlessCredentials.decryptedUserKey) {
|
||||
await this.cryptoService.setUserKey(this.passwordlessCredentials.decryptedUserKey);
|
||||
if (this.authRequestCredentials.decryptedUserKey) {
|
||||
await this.cryptoService.setUserKey(this.authRequestCredentials.decryptedUserKey);
|
||||
} else {
|
||||
await this.trySetUserKeyWithMasterKey();
|
||||
// Establish trust if required after setting user key
|
||||
@@ -34,7 +34,7 @@ import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { TwoFactorProviderType } from "../enums/two-factor-provider-type";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import { ForceResetPasswordReason } from "../models/domain/force-reset-password-reason";
|
||||
import { PasswordLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { PasswordLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
|
||||
import { IdentityCaptchaResponse } from "../models/response/identity-captcha.response";
|
||||
@@ -43,7 +43,7 @@ import { IdentityTwoFactorResponse } from "../models/response/identity-two-facto
|
||||
import { MasterPasswordPolicyResponse } from "../models/response/master-password-policy.response";
|
||||
import { IUserDecryptionOptionsServerResponse } from "../models/response/user-decryption-options/user-decryption-options.response";
|
||||
|
||||
import { PasswordLogInStrategy } from "./password-login.strategy";
|
||||
import { PasswordLoginStrategy } from "./password-login.strategy";
|
||||
|
||||
const email = "hello@world.com";
|
||||
const masterPassword = "password";
|
||||
@@ -96,7 +96,7 @@ export function identityTokenResponseFactory(
|
||||
}
|
||||
|
||||
// TODO: add tests for latest changes to base class for TDE
|
||||
describe("LogInStrategy", () => {
|
||||
describe("LoginStrategy", () => {
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -110,8 +110,8 @@ describe("LogInStrategy", () => {
|
||||
let policyService: MockProxy<PolicyService>;
|
||||
let passwordStrengthService: MockProxy<PasswordStrengthServiceAbstraction>;
|
||||
|
||||
let passwordLogInStrategy: PasswordLogInStrategy;
|
||||
let credentials: PasswordLogInCredentials;
|
||||
let passwordLoginStrategy: PasswordLoginStrategy;
|
||||
let credentials: PasswordLoginCredentials;
|
||||
|
||||
beforeEach(async () => {
|
||||
cryptoService = mock<CryptoService>();
|
||||
@@ -130,8 +130,8 @@ describe("LogInStrategy", () => {
|
||||
appIdService.getAppId.mockResolvedValue(deviceId);
|
||||
tokenService.decodeToken.calledWith(accessToken).mockResolvedValue(decodedToken);
|
||||
|
||||
// The base class is abstract so we test it via PasswordLogInStrategy
|
||||
passwordLogInStrategy = new PasswordLogInStrategy(
|
||||
// The base class is abstract so we test it via PasswordLoginStrategy
|
||||
passwordLoginStrategy = new PasswordLoginStrategy(
|
||||
cryptoService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -145,7 +145,7 @@ describe("LogInStrategy", () => {
|
||||
policyService,
|
||||
authService
|
||||
);
|
||||
credentials = new PasswordLogInCredentials(email, masterPassword);
|
||||
credentials = new PasswordLoginCredentials(email, masterPassword);
|
||||
});
|
||||
|
||||
describe("base class", () => {
|
||||
@@ -167,7 +167,7 @@ describe("LogInStrategy", () => {
|
||||
const idTokenResponse = identityTokenResponseFactory();
|
||||
apiService.postIdentityToken.mockResolvedValue(idTokenResponse);
|
||||
|
||||
await passwordLogInStrategy.logIn(credentials);
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(stateService.addAccount).toHaveBeenCalledWith(
|
||||
new Account({
|
||||
@@ -211,7 +211,7 @@ describe("LogInStrategy", () => {
|
||||
accountKeys.deviceKey = deviceKey;
|
||||
|
||||
// Act
|
||||
await passwordLogInStrategy.logIn(credentials);
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(stateService.addAccount).toHaveBeenCalledWith(
|
||||
@@ -226,7 +226,7 @@ describe("LogInStrategy", () => {
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
|
||||
const result = await passwordLogInStrategy.logIn(credentials);
|
||||
const result = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(result).toEqual({
|
||||
forcePasswordReset: ForceResetPasswordReason.AdminForcePasswordReset,
|
||||
@@ -248,7 +248,7 @@ describe("LogInStrategy", () => {
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
cryptoService.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
|
||||
|
||||
const result = await passwordLogInStrategy.logIn(credentials);
|
||||
const result = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(stateService.addAccount).not.toHaveBeenCalled();
|
||||
expect(messagingService.send).not.toHaveBeenCalled();
|
||||
@@ -267,7 +267,7 @@ describe("LogInStrategy", () => {
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
cryptoService.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
|
||||
|
||||
await passwordLogInStrategy.logIn(credentials);
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
// User symmetric key must be set before the new RSA keypair is generated
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalled();
|
||||
@@ -295,7 +295,7 @@ describe("LogInStrategy", () => {
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
|
||||
const result = await passwordLogInStrategy.logIn(credentials);
|
||||
const result = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(stateService.addAccount).not.toHaveBeenCalled();
|
||||
expect(messagingService.send).not.toHaveBeenCalled();
|
||||
@@ -325,7 +325,7 @@ describe("LogInStrategy", () => {
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
|
||||
const result = await passwordLogInStrategy.logIn(credentials);
|
||||
const result = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(stateService.addAccount).not.toHaveBeenCalled();
|
||||
expect(messagingService.send).not.toHaveBeenCalled();
|
||||
@@ -343,7 +343,7 @@ describe("LogInStrategy", () => {
|
||||
tokenService.getTwoFactorToken.mockResolvedValue(twoFactorToken);
|
||||
apiService.postIdentityToken.mockResolvedValue(identityTokenResponseFactory());
|
||||
|
||||
await passwordLogInStrategy.logIn(credentials);
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(apiService.postIdentityToken).toHaveBeenCalledWith(
|
||||
expect.objectContaining({
|
||||
@@ -365,7 +365,7 @@ describe("LogInStrategy", () => {
|
||||
twoFactorRemember
|
||||
);
|
||||
|
||||
await passwordLogInStrategy.logIn(credentials);
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(apiService.postIdentityToken).toHaveBeenCalledWith(
|
||||
expect.objectContaining({
|
||||
@@ -380,7 +380,7 @@ describe("LogInStrategy", () => {
|
||||
|
||||
it("sends 2FA token provided by user to server (two-step)", async () => {
|
||||
// Simulate a partially completed login
|
||||
passwordLogInStrategy.tokenRequest = new PasswordTokenRequest(
|
||||
passwordLoginStrategy.tokenRequest = new PasswordTokenRequest(
|
||||
email,
|
||||
masterPasswordHash,
|
||||
null,
|
||||
@@ -389,7 +389,7 @@ describe("LogInStrategy", () => {
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(identityTokenResponseFactory());
|
||||
|
||||
await passwordLogInStrategy.logInTwoFactor(
|
||||
await passwordLoginStrategy.logInTwoFactor(
|
||||
new TokenTwoFactorRequest(twoFactorProviderType, twoFactorToken, twoFactorRemember),
|
||||
null
|
||||
);
|
||||
|
||||
@@ -20,11 +20,11 @@ import { TwoFactorProviderType } from "../enums/two-factor-provider-type";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import { ForceResetPasswordReason } from "../models/domain/force-reset-password-reason";
|
||||
import {
|
||||
PasswordlessLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
} from "../models/domain/log-in-credentials";
|
||||
AuthRequestLoginCredentials,
|
||||
PasswordLoginCredentials,
|
||||
SsoLoginCredentials,
|
||||
UserApiLoginCredentials,
|
||||
} from "../models/domain/login-credentials";
|
||||
import { DeviceRequest } from "../models/request/identity-token/device.request";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
|
||||
@@ -36,7 +36,7 @@ import { IdentityTwoFactorResponse } from "../models/response/identity-two-facto
|
||||
|
||||
type IdentityResponse = IdentityTokenResponse | IdentityTwoFactorResponse | IdentityCaptchaResponse;
|
||||
|
||||
export abstract class LogInStrategy {
|
||||
export abstract class LoginStrategy {
|
||||
protected abstract tokenRequest: UserApiTokenRequest | PasswordTokenRequest | SsoTokenRequest;
|
||||
protected captchaBypassToken: string = null;
|
||||
|
||||
@@ -54,10 +54,10 @@ export abstract class LogInStrategy {
|
||||
|
||||
abstract logIn(
|
||||
credentials:
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
| UserApiLoginCredentials
|
||||
| PasswordLoginCredentials
|
||||
| SsoLoginCredentials
|
||||
| AuthRequestLoginCredentials
|
||||
): Promise<AuthResult>;
|
||||
|
||||
async logInTwoFactor(
|
||||
|
||||
@@ -25,13 +25,13 @@ import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { TwoFactorProviderType } from "../enums/two-factor-provider-type";
|
||||
import { ForceResetPasswordReason } from "../models/domain/force-reset-password-reason";
|
||||
import { PasswordLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { PasswordLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
import { IdentityTwoFactorResponse } from "../models/response/identity-two-factor.response";
|
||||
import { MasterPasswordPolicyResponse } from "../models/response/master-password-policy.response";
|
||||
|
||||
import { identityTokenResponseFactory } from "./login.strategy.spec";
|
||||
import { PasswordLogInStrategy } from "./password-login.strategy";
|
||||
import { PasswordLoginStrategy } from "./password-login.strategy";
|
||||
|
||||
const email = "hello@world.com";
|
||||
const masterPassword = "password";
|
||||
@@ -48,7 +48,7 @@ const masterPasswordPolicy = new MasterPasswordPolicyResponse({
|
||||
MinLength: 8,
|
||||
});
|
||||
|
||||
describe("PasswordLogInStrategy", () => {
|
||||
describe("PasswordLoginStrategy", () => {
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -62,8 +62,8 @@ describe("PasswordLogInStrategy", () => {
|
||||
let policyService: MockProxy<PolicyService>;
|
||||
let passwordStrengthService: MockProxy<PasswordStrengthServiceAbstraction>;
|
||||
|
||||
let passwordLogInStrategy: PasswordLogInStrategy;
|
||||
let credentials: PasswordLogInCredentials;
|
||||
let passwordLoginStrategy: PasswordLoginStrategy;
|
||||
let credentials: PasswordLoginCredentials;
|
||||
let tokenResponse: IdentityTokenResponse;
|
||||
|
||||
beforeEach(async () => {
|
||||
@@ -94,7 +94,7 @@ describe("PasswordLogInStrategy", () => {
|
||||
|
||||
policyService.evaluateMasterPassword.mockReturnValue(true);
|
||||
|
||||
passwordLogInStrategy = new PasswordLogInStrategy(
|
||||
passwordLoginStrategy = new PasswordLoginStrategy(
|
||||
cryptoService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -108,14 +108,14 @@ describe("PasswordLogInStrategy", () => {
|
||||
policyService,
|
||||
authService
|
||||
);
|
||||
credentials = new PasswordLogInCredentials(email, masterPassword);
|
||||
credentials = new PasswordLoginCredentials(email, masterPassword);
|
||||
tokenResponse = identityTokenResponseFactory(masterPasswordPolicy);
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
});
|
||||
|
||||
it("sends master password credentials to the server", async () => {
|
||||
await passwordLogInStrategy.logIn(credentials);
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(apiService.postIdentityToken).toHaveBeenCalledWith(
|
||||
expect.objectContaining({
|
||||
@@ -139,7 +139,7 @@ describe("PasswordLogInStrategy", () => {
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
cryptoService.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
|
||||
|
||||
await passwordLogInStrategy.logIn(credentials);
|
||||
await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(cryptoService.setMasterKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(cryptoService.setMasterKeyHash).toHaveBeenCalledWith(localHashedPassword);
|
||||
@@ -151,7 +151,7 @@ describe("PasswordLogInStrategy", () => {
|
||||
it("does not force the user to update their master password when there are no requirements", async () => {
|
||||
apiService.postIdentityToken.mockResolvedValueOnce(identityTokenResponseFactory());
|
||||
|
||||
const result = await passwordLogInStrategy.logIn(credentials);
|
||||
const result = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(policyService.evaluateMasterPassword).not.toHaveBeenCalled();
|
||||
expect(result.forcePasswordReset).toEqual(ForceResetPasswordReason.None);
|
||||
@@ -161,7 +161,7 @@ describe("PasswordLogInStrategy", () => {
|
||||
passwordStrengthService.getPasswordStrength.mockReturnValue({ score: 5 } as any);
|
||||
policyService.evaluateMasterPassword.mockReturnValue(true);
|
||||
|
||||
const result = await passwordLogInStrategy.logIn(credentials);
|
||||
const result = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(policyService.evaluateMasterPassword).toHaveBeenCalled();
|
||||
expect(result.forcePasswordReset).toEqual(ForceResetPasswordReason.None);
|
||||
@@ -171,7 +171,7 @@ describe("PasswordLogInStrategy", () => {
|
||||
passwordStrengthService.getPasswordStrength.mockReturnValue({ score: 0 } as any);
|
||||
policyService.evaluateMasterPassword.mockReturnValue(false);
|
||||
|
||||
const result = await passwordLogInStrategy.logIn(credentials);
|
||||
const result = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(policyService.evaluateMasterPassword).toHaveBeenCalled();
|
||||
expect(stateService.setForcePasswordResetReason).toHaveBeenCalledWith(
|
||||
@@ -194,13 +194,13 @@ describe("PasswordLogInStrategy", () => {
|
||||
|
||||
// First login request fails requiring 2FA
|
||||
apiService.postIdentityToken.mockResolvedValueOnce(token2FAResponse);
|
||||
const firstResult = await passwordLogInStrategy.logIn(credentials);
|
||||
const firstResult = await passwordLoginStrategy.logIn(credentials);
|
||||
|
||||
// Second login request succeeds
|
||||
apiService.postIdentityToken.mockResolvedValueOnce(
|
||||
identityTokenResponseFactory(masterPasswordPolicy)
|
||||
);
|
||||
const secondResult = await passwordLogInStrategy.logInTwoFactor(
|
||||
const secondResult = await passwordLoginStrategy.logInTwoFactor(
|
||||
{
|
||||
provider: TwoFactorProviderType.Authenticator,
|
||||
token: "123456",
|
||||
|
||||
@@ -15,16 +15,16 @@ import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import { ForceResetPasswordReason } from "../models/domain/force-reset-password-reason";
|
||||
import { PasswordLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { PasswordLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
|
||||
import { IdentityCaptchaResponse } from "../models/response/identity-captcha.response";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
import { IdentityTwoFactorResponse } from "../models/response/identity-two-factor.response";
|
||||
|
||||
import { LogInStrategy } from "./login.strategy";
|
||||
import { LoginStrategy } from "./login.strategy";
|
||||
|
||||
export class PasswordLogInStrategy extends LogInStrategy {
|
||||
export class PasswordLoginStrategy extends LoginStrategy {
|
||||
get email() {
|
||||
return this.tokenRequest.email;
|
||||
}
|
||||
@@ -91,7 +91,7 @@ export class PasswordLogInStrategy extends LogInStrategy {
|
||||
return result;
|
||||
}
|
||||
|
||||
override async logIn(credentials: PasswordLogInCredentials) {
|
||||
override async logIn(credentials: PasswordLoginCredentials) {
|
||||
const { email, masterPassword, captchaToken, twoFactor } = credentials;
|
||||
|
||||
this.masterKey = await this.authService.makePreloginKey(masterPassword, email);
|
||||
@@ -180,7 +180,7 @@ export class PasswordLogInStrategy extends LogInStrategy {
|
||||
}
|
||||
|
||||
private evaluateMasterPassword(
|
||||
{ masterPassword, email }: PasswordLogInCredentials,
|
||||
{ masterPassword, email }: PasswordLoginCredentials,
|
||||
options: MasterPasswordPolicyOptions
|
||||
): boolean {
|
||||
const passwordStrength = this.passwordStrengthService.getPasswordStrength(
|
||||
|
||||
@@ -21,17 +21,17 @@ import { DeviceTrustCryptoServiceAbstraction } from "../abstractions/device-trus
|
||||
import { KeyConnectorService } from "../abstractions/key-connector.service";
|
||||
import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { SsoLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { SsoLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
import { IUserDecryptionOptionsServerResponse } from "../models/response/user-decryption-options/user-decryption-options.response";
|
||||
|
||||
import { identityTokenResponseFactory } from "./login.strategy.spec";
|
||||
import { SsoLogInStrategy } from "./sso-login.strategy";
|
||||
import { SsoLoginStrategy } from "./sso-login.strategy";
|
||||
|
||||
// TODO: Add tests for new trySetUserKeyWithApprovedAdminRequestIfExists logic
|
||||
// https://bitwarden.atlassian.net/browse/PM-3339
|
||||
|
||||
describe("SsoLogInStrategy", () => {
|
||||
describe("SsoLoginStrategy", () => {
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -46,8 +46,8 @@ describe("SsoLogInStrategy", () => {
|
||||
let authRequestCryptoService: MockProxy<AuthRequestCryptoServiceAbstraction>;
|
||||
let i18nService: MockProxy<I18nService>;
|
||||
|
||||
let ssoLogInStrategy: SsoLogInStrategy;
|
||||
let credentials: SsoLogInCredentials;
|
||||
let ssoLoginStrategy: SsoLoginStrategy;
|
||||
let credentials: SsoLoginCredentials;
|
||||
|
||||
const deviceId = Utils.newGuid();
|
||||
const keyConnectorUrl = "KEY_CONNECTOR_URL";
|
||||
@@ -76,7 +76,7 @@ describe("SsoLogInStrategy", () => {
|
||||
appIdService.getAppId.mockResolvedValue(deviceId);
|
||||
tokenService.decodeToken.mockResolvedValue({});
|
||||
|
||||
ssoLogInStrategy = new SsoLogInStrategy(
|
||||
ssoLoginStrategy = new SsoLoginStrategy(
|
||||
cryptoService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -91,13 +91,13 @@ describe("SsoLogInStrategy", () => {
|
||||
authRequestCryptoService,
|
||||
i18nService
|
||||
);
|
||||
credentials = new SsoLogInCredentials(ssoCode, ssoCodeVerifier, ssoRedirectUrl, ssoOrgId);
|
||||
credentials = new SsoLoginCredentials(ssoCode, ssoCodeVerifier, ssoRedirectUrl, ssoOrgId);
|
||||
});
|
||||
|
||||
it("sends SSO information to server", async () => {
|
||||
apiService.postIdentityToken.mockResolvedValue(identityTokenResponseFactory());
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(apiService.postIdentityToken).toHaveBeenCalledWith(
|
||||
expect.objectContaining({
|
||||
@@ -120,7 +120,7 @@ describe("SsoLogInStrategy", () => {
|
||||
tokenResponse.key = null;
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(cryptoService.setMasterKey).not.toHaveBeenCalled();
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
@@ -133,7 +133,7 @@ describe("SsoLogInStrategy", () => {
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
|
||||
// Act
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setMasterKeyEncryptedUserKey).toHaveBeenCalledTimes(1);
|
||||
@@ -195,7 +195,7 @@ describe("SsoLogInStrategy", () => {
|
||||
const cryptoSvcSetUserKeySpy = jest.spyOn(cryptoService, "setUserKey");
|
||||
|
||||
// Act
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(deviceTrustCryptoService.getDeviceKey).toHaveBeenCalledTimes(1);
|
||||
@@ -216,7 +216,7 @@ describe("SsoLogInStrategy", () => {
|
||||
deviceTrustCryptoService.decryptUserKeyWithDeviceKey.mockResolvedValue(mockUserKey);
|
||||
|
||||
// Act
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
@@ -237,7 +237,7 @@ describe("SsoLogInStrategy", () => {
|
||||
deviceTrustCryptoService.getDeviceKey.mockResolvedValue(mockDeviceKey);
|
||||
|
||||
// Act
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
@@ -256,7 +256,7 @@ describe("SsoLogInStrategy", () => {
|
||||
deviceTrustCryptoService.decryptUserKeyWithDeviceKey.mockResolvedValue(null);
|
||||
|
||||
// Act
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
// Assert
|
||||
expect(cryptoService.setUserKey).not.toHaveBeenCalled();
|
||||
@@ -281,7 +281,7 @@ describe("SsoLogInStrategy", () => {
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(keyConnectorService.setMasterKeyFromUrl).toHaveBeenCalledWith(keyConnectorUrl);
|
||||
});
|
||||
@@ -291,7 +291,7 @@ describe("SsoLogInStrategy", () => {
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(keyConnectorService.convertNewSsoUserToKeyConnector).toHaveBeenCalledWith(
|
||||
tokenResponse,
|
||||
@@ -309,7 +309,7 @@ describe("SsoLogInStrategy", () => {
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
cryptoService.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(cryptoService.decryptUserKeyWithMasterKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(userKey);
|
||||
@@ -332,7 +332,7 @@ describe("SsoLogInStrategy", () => {
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(keyConnectorService.setMasterKeyFromUrl).toHaveBeenCalledWith(keyConnectorUrl);
|
||||
});
|
||||
@@ -342,7 +342,7 @@ describe("SsoLogInStrategy", () => {
|
||||
|
||||
apiService.postIdentityToken.mockResolvedValue(tokenResponse);
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(keyConnectorService.convertNewSsoUserToKeyConnector).toHaveBeenCalledWith(
|
||||
tokenResponse,
|
||||
@@ -360,7 +360,7 @@ describe("SsoLogInStrategy", () => {
|
||||
cryptoService.getMasterKey.mockResolvedValue(masterKey);
|
||||
cryptoService.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
|
||||
|
||||
await ssoLogInStrategy.logIn(credentials);
|
||||
await ssoLoginStrategy.logIn(credentials);
|
||||
|
||||
expect(cryptoService.decryptUserKeyWithMasterKey).toHaveBeenCalledWith(masterKey);
|
||||
expect(cryptoService.setUserKey).toHaveBeenCalledWith(userKey);
|
||||
|
||||
@@ -15,13 +15,13 @@ import { KeyConnectorService } from "../abstractions/key-connector.service";
|
||||
import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { ForceResetPasswordReason } from "../models/domain/force-reset-password-reason";
|
||||
import { SsoLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { SsoLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
|
||||
import { LogInStrategy } from "./login.strategy";
|
||||
import { LoginStrategy } from "./login.strategy";
|
||||
|
||||
export class SsoLogInStrategy extends LogInStrategy {
|
||||
export class SsoLoginStrategy extends LoginStrategy {
|
||||
tokenRequest: SsoTokenRequest;
|
||||
orgId: string;
|
||||
|
||||
@@ -59,7 +59,7 @@ export class SsoLogInStrategy extends LogInStrategy {
|
||||
);
|
||||
}
|
||||
|
||||
async logIn(credentials: SsoLogInCredentials) {
|
||||
async logIn(credentials: SsoLoginCredentials) {
|
||||
this.orgId = credentials.orgId;
|
||||
this.tokenRequest = new SsoTokenRequest(
|
||||
credentials.code,
|
||||
|
||||
@@ -18,12 +18,12 @@ import { CsprngArray } from "../../types/csprng";
|
||||
import { KeyConnectorService } from "../abstractions/key-connector.service";
|
||||
import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { UserApiLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { UserApiLoginCredentials } from "../models/domain/login-credentials";
|
||||
|
||||
import { identityTokenResponseFactory } from "./login.strategy.spec";
|
||||
import { UserApiLogInStrategy } from "./user-api-login.strategy";
|
||||
import { UserApiLoginStrategy } from "./user-api-login.strategy";
|
||||
|
||||
describe("UserApiLogInStrategy", () => {
|
||||
describe("UserApiLoginStrategy", () => {
|
||||
let cryptoService: MockProxy<CryptoService>;
|
||||
let apiService: MockProxy<ApiService>;
|
||||
let tokenService: MockProxy<TokenService>;
|
||||
@@ -36,8 +36,8 @@ describe("UserApiLogInStrategy", () => {
|
||||
let keyConnectorService: MockProxy<KeyConnectorService>;
|
||||
let environmentService: MockProxy<EnvironmentService>;
|
||||
|
||||
let apiLogInStrategy: UserApiLogInStrategy;
|
||||
let credentials: UserApiLogInCredentials;
|
||||
let apiLogInStrategy: UserApiLoginStrategy;
|
||||
let credentials: UserApiLoginCredentials;
|
||||
|
||||
const deviceId = Utils.newGuid();
|
||||
const keyConnectorUrl = "KEY_CONNECTOR_URL";
|
||||
@@ -61,7 +61,7 @@ describe("UserApiLogInStrategy", () => {
|
||||
tokenService.getTwoFactorToken.mockResolvedValue(null);
|
||||
tokenService.decodeToken.mockResolvedValue({});
|
||||
|
||||
apiLogInStrategy = new UserApiLogInStrategy(
|
||||
apiLogInStrategy = new UserApiLoginStrategy(
|
||||
cryptoService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -75,7 +75,7 @@ describe("UserApiLogInStrategy", () => {
|
||||
keyConnectorService
|
||||
);
|
||||
|
||||
credentials = new UserApiLogInCredentials(apiClientId, apiClientSecret);
|
||||
credentials = new UserApiLoginCredentials(apiClientId, apiClientSecret);
|
||||
});
|
||||
|
||||
it("sends api key credentials to the server", async () => {
|
||||
|
||||
@@ -9,13 +9,13 @@ import { MessagingService } from "../../platform/abstractions/messaging.service"
|
||||
import { PlatformUtilsService } from "../../platform/abstractions/platform-utils.service";
|
||||
import { StateService } from "../../platform/abstractions/state.service";
|
||||
import { KeyConnectorService } from "../abstractions/key-connector.service";
|
||||
import { UserApiLogInCredentials } from "../models/domain/log-in-credentials";
|
||||
import { UserApiLoginCredentials } from "../models/domain/login-credentials";
|
||||
import { UserApiTokenRequest } from "../models/request/identity-token/user-api-token.request";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
|
||||
import { LogInStrategy } from "./login.strategy";
|
||||
import { LoginStrategy } from "./login.strategy";
|
||||
|
||||
export class UserApiLogInStrategy extends LogInStrategy {
|
||||
export class UserApiLoginStrategy extends LoginStrategy {
|
||||
tokenRequest: UserApiTokenRequest;
|
||||
|
||||
constructor(
|
||||
@@ -44,7 +44,7 @@ export class UserApiLogInStrategy extends LogInStrategy {
|
||||
);
|
||||
}
|
||||
|
||||
override async logIn(credentials: UserApiLogInCredentials) {
|
||||
override async logIn(credentials: UserApiLoginCredentials) {
|
||||
this.tokenRequest = new UserApiTokenRequest(
|
||||
credentials.clientId,
|
||||
credentials.clientSecret,
|
||||
|
||||
@@ -2,7 +2,7 @@ import { MasterKey, UserKey } from "../../../platform/models/domain/symmetric-cr
|
||||
import { AuthenticationType } from "../../enums/authentication-type";
|
||||
import { TokenTwoFactorRequest } from "../request/identity-token/token-two-factor.request";
|
||||
|
||||
export class PasswordLogInCredentials {
|
||||
export class PasswordLoginCredentials {
|
||||
readonly type = AuthenticationType.Password;
|
||||
|
||||
constructor(
|
||||
@@ -13,7 +13,7 @@ export class PasswordLogInCredentials {
|
||||
) {}
|
||||
}
|
||||
|
||||
export class SsoLogInCredentials {
|
||||
export class SsoLoginCredentials {
|
||||
readonly type = AuthenticationType.Sso;
|
||||
|
||||
constructor(
|
||||
@@ -25,14 +25,14 @@ export class SsoLogInCredentials {
|
||||
) {}
|
||||
}
|
||||
|
||||
export class UserApiLogInCredentials {
|
||||
export class UserApiLoginCredentials {
|
||||
readonly type = AuthenticationType.UserApi;
|
||||
|
||||
constructor(public clientId: string, public clientSecret: string) {}
|
||||
}
|
||||
|
||||
export class PasswordlessLogInCredentials {
|
||||
readonly type = AuthenticationType.Passwordless;
|
||||
export class AuthRequestLoginCredentials {
|
||||
readonly type = AuthenticationType.AuthRequest;
|
||||
|
||||
constructor(
|
||||
public email: string,
|
||||
@@ -1,6 +1,6 @@
|
||||
import { AuthRequestType } from "../../enums/auth-request-type";
|
||||
|
||||
export class PasswordlessCreateAuthRequest {
|
||||
export class CreateAuthRequest {
|
||||
constructor(
|
||||
readonly email: string,
|
||||
readonly deviceIdentifier: string,
|
||||
@@ -3,7 +3,7 @@ import { TokenTwoFactorRequest } from "./token-two-factor.request";
|
||||
|
||||
export abstract class TokenRequest {
|
||||
protected device?: DeviceRequest;
|
||||
protected passwordlessAuthRequest: string;
|
||||
protected authRequest: string;
|
||||
|
||||
constructor(protected twoFactor: TokenTwoFactorRequest, device?: DeviceRequest) {
|
||||
this.device = device != null ? device : null;
|
||||
@@ -18,8 +18,8 @@ export abstract class TokenRequest {
|
||||
this.twoFactor = twoFactor;
|
||||
}
|
||||
|
||||
setPasswordlessAccessCode(accessCode: string) {
|
||||
this.passwordlessAuthRequest = accessCode;
|
||||
setAuthRequestAccessCode(accessCode: string) {
|
||||
this.authRequest = accessCode;
|
||||
}
|
||||
|
||||
protected toIdentityToken(clientId: string) {
|
||||
@@ -37,8 +37,8 @@ export abstract class TokenRequest {
|
||||
}
|
||||
|
||||
//passswordless login
|
||||
if (this.passwordlessAuthRequest) {
|
||||
obj.authRequest = this.passwordlessAuthRequest;
|
||||
if (this.authRequest) {
|
||||
obj.authRequest = this.authRequest;
|
||||
}
|
||||
|
||||
if (this.twoFactor) {
|
||||
|
||||
@@ -26,18 +26,18 @@ import { TokenService } from "../abstractions/token.service";
|
||||
import { TwoFactorService } from "../abstractions/two-factor.service";
|
||||
import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
import { AuthenticationType } from "../enums/authentication-type";
|
||||
import { PasswordLogInStrategy } from "../login-strategies/password-login.strategy";
|
||||
import { PasswordlessLogInStrategy } from "../login-strategies/passwordless-login.strategy";
|
||||
import { SsoLogInStrategy } from "../login-strategies/sso-login.strategy";
|
||||
import { UserApiLogInStrategy } from "../login-strategies/user-api-login.strategy";
|
||||
import { AuthRequestLoginStrategy } from "../login-strategies/auth-request-login.strategy";
|
||||
import { PasswordLoginStrategy } from "../login-strategies/password-login.strategy";
|
||||
import { SsoLoginStrategy } from "../login-strategies/sso-login.strategy";
|
||||
import { UserApiLoginStrategy } from "../login-strategies/user-api-login.strategy";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import { KdfConfig } from "../models/domain/kdf-config";
|
||||
import {
|
||||
PasswordlessLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
} from "../models/domain/log-in-credentials";
|
||||
AuthRequestLoginCredentials,
|
||||
PasswordLoginCredentials,
|
||||
SsoLoginCredentials,
|
||||
UserApiLoginCredentials,
|
||||
} from "../models/domain/login-credentials";
|
||||
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
|
||||
import { PasswordlessAuthRequest } from "../models/request/passwordless-auth.request";
|
||||
import { AuthRequestResponse } from "../models/response/auth-request.response";
|
||||
@@ -47,9 +47,9 @@ const sessionTimeoutLength = 2 * 60 * 1000; // 2 minutes
|
||||
export class AuthService implements AuthServiceAbstraction {
|
||||
get email(): string {
|
||||
if (
|
||||
this.logInStrategy instanceof PasswordLogInStrategy ||
|
||||
this.logInStrategy instanceof PasswordlessLogInStrategy ||
|
||||
this.logInStrategy instanceof SsoLogInStrategy
|
||||
this.logInStrategy instanceof PasswordLoginStrategy ||
|
||||
this.logInStrategy instanceof AuthRequestLoginStrategy ||
|
||||
this.logInStrategy instanceof SsoLoginStrategy
|
||||
) {
|
||||
return this.logInStrategy.email;
|
||||
}
|
||||
@@ -58,34 +58,34 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
}
|
||||
|
||||
get masterPasswordHash(): string {
|
||||
return this.logInStrategy instanceof PasswordLogInStrategy
|
||||
return this.logInStrategy instanceof PasswordLoginStrategy
|
||||
? this.logInStrategy.masterPasswordHash
|
||||
: null;
|
||||
}
|
||||
|
||||
get accessCode(): string {
|
||||
return this.logInStrategy instanceof PasswordlessLogInStrategy
|
||||
return this.logInStrategy instanceof AuthRequestLoginStrategy
|
||||
? this.logInStrategy.accessCode
|
||||
: null;
|
||||
}
|
||||
|
||||
get authRequestId(): string {
|
||||
return this.logInStrategy instanceof PasswordlessLogInStrategy
|
||||
return this.logInStrategy instanceof AuthRequestLoginStrategy
|
||||
? this.logInStrategy.authRequestId
|
||||
: null;
|
||||
}
|
||||
|
||||
get ssoEmail2FaSessionToken(): string {
|
||||
return this.logInStrategy instanceof SsoLogInStrategy
|
||||
return this.logInStrategy instanceof SsoLoginStrategy
|
||||
? this.logInStrategy.ssoEmail2FaSessionToken
|
||||
: null;
|
||||
}
|
||||
|
||||
private logInStrategy:
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy;
|
||||
| UserApiLoginStrategy
|
||||
| PasswordLoginStrategy
|
||||
| SsoLoginStrategy
|
||||
| AuthRequestLoginStrategy;
|
||||
private sessionTimeout: any;
|
||||
|
||||
private pushNotificationSubject = new Subject<string>();
|
||||
@@ -112,22 +112,22 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
|
||||
async logIn(
|
||||
credentials:
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
| UserApiLoginCredentials
|
||||
| PasswordLoginCredentials
|
||||
| SsoLoginCredentials
|
||||
| AuthRequestLoginCredentials
|
||||
): Promise<AuthResult> {
|
||||
this.clearState();
|
||||
|
||||
let strategy:
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy;
|
||||
| UserApiLoginStrategy
|
||||
| PasswordLoginStrategy
|
||||
| SsoLoginStrategy
|
||||
| AuthRequestLoginStrategy;
|
||||
|
||||
switch (credentials.type) {
|
||||
case AuthenticationType.Password:
|
||||
strategy = new PasswordLogInStrategy(
|
||||
strategy = new PasswordLoginStrategy(
|
||||
this.cryptoService,
|
||||
this.apiService,
|
||||
this.tokenService,
|
||||
@@ -143,7 +143,7 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
);
|
||||
break;
|
||||
case AuthenticationType.Sso:
|
||||
strategy = new SsoLogInStrategy(
|
||||
strategy = new SsoLoginStrategy(
|
||||
this.cryptoService,
|
||||
this.apiService,
|
||||
this.tokenService,
|
||||
@@ -160,7 +160,7 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
);
|
||||
break;
|
||||
case AuthenticationType.UserApi:
|
||||
strategy = new UserApiLogInStrategy(
|
||||
strategy = new UserApiLoginStrategy(
|
||||
this.cryptoService,
|
||||
this.apiService,
|
||||
this.tokenService,
|
||||
@@ -174,8 +174,8 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
this.keyConnectorService
|
||||
);
|
||||
break;
|
||||
case AuthenticationType.Passwordless:
|
||||
strategy = new PasswordlessLogInStrategy(
|
||||
case AuthenticationType.AuthRequest:
|
||||
strategy = new AuthRequestLoginStrategy(
|
||||
this.cryptoService,
|
||||
this.apiService,
|
||||
this.tokenService,
|
||||
@@ -229,19 +229,19 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
}
|
||||
|
||||
authingWithUserApiKey(): boolean {
|
||||
return this.logInStrategy instanceof UserApiLogInStrategy;
|
||||
return this.logInStrategy instanceof UserApiLoginStrategy;
|
||||
}
|
||||
|
||||
authingWithSso(): boolean {
|
||||
return this.logInStrategy instanceof SsoLogInStrategy;
|
||||
return this.logInStrategy instanceof SsoLoginStrategy;
|
||||
}
|
||||
|
||||
authingWithPassword(): boolean {
|
||||
return this.logInStrategy instanceof PasswordLogInStrategy;
|
||||
return this.logInStrategy instanceof PasswordLoginStrategy;
|
||||
}
|
||||
|
||||
authingWithPasswordless(): boolean {
|
||||
return this.logInStrategy instanceof PasswordlessLogInStrategy;
|
||||
return this.logInStrategy instanceof AuthRequestLoginStrategy;
|
||||
}
|
||||
|
||||
async getAuthStatus(userId?: string): Promise<AuthenticationStatus> {
|
||||
@@ -349,10 +349,10 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
|
||||
private saveState(
|
||||
strategy:
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy
|
||||
| UserApiLoginStrategy
|
||||
| PasswordLoginStrategy
|
||||
| SsoLoginStrategy
|
||||
| AuthRequestLoginStrategy
|
||||
) {
|
||||
this.logInStrategy = strategy;
|
||||
this.startSessionTimeout();
|
||||
|
||||
@@ -34,6 +34,7 @@ import {
|
||||
import { ProviderResponse } from "../admin-console/models/response/provider/provider.response";
|
||||
import { SelectionReadOnlyResponse } from "../admin-console/models/response/selection-read-only.response";
|
||||
import { TokenService } from "../auth/abstractions/token.service";
|
||||
import { CreateAuthRequest } from "../auth/models/request/create-auth.request";
|
||||
import { DeviceVerificationRequest } from "../auth/models/request/device-verification.request";
|
||||
import { EmailTokenRequest } from "../auth/models/request/email-token.request";
|
||||
import { EmailRequest } from "../auth/models/request/email.request";
|
||||
@@ -51,7 +52,6 @@ import { KeyConnectorUserKeyRequest } from "../auth/models/request/key-connector
|
||||
import { PasswordHintRequest } from "../auth/models/request/password-hint.request";
|
||||
import { PasswordRequest } from "../auth/models/request/password.request";
|
||||
import { PasswordlessAuthRequest } from "../auth/models/request/passwordless-auth.request";
|
||||
import { PasswordlessCreateAuthRequest } from "../auth/models/request/passwordless-create-auth.request";
|
||||
import { SecretVerificationRequest } from "../auth/models/request/secret-verification.request";
|
||||
import { SetKeyConnectorKeyRequest } from "../auth/models/request/set-key-connector-key.request";
|
||||
import { SetPasswordRequest } from "../auth/models/request/set-password.request";
|
||||
@@ -252,11 +252,11 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
}
|
||||
|
||||
// TODO: PM-3519: Create and move to AuthRequest Api service
|
||||
async postAuthRequest(request: PasswordlessCreateAuthRequest): Promise<AuthRequestResponse> {
|
||||
async postAuthRequest(request: CreateAuthRequest): Promise<AuthRequestResponse> {
|
||||
const r = await this.send("POST", "/auth-requests/", request, false, true);
|
||||
return new AuthRequestResponse(r);
|
||||
}
|
||||
async postAdminAuthRequest(request: PasswordlessCreateAuthRequest): Promise<AuthRequestResponse> {
|
||||
async postAdminAuthRequest(request: CreateAuthRequest): Promise<AuthRequestResponse> {
|
||||
const r = await this.send("POST", "/auth-requests/admin-request", request, true, true);
|
||||
return new AuthRequestResponse(r);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user