[PM-26778] Make VaultTimeoutService use LogoutService (#16820)

* Make vaulttimeoutservice use logoutservice * Fix browser build * Fix mv3 build * Fix lint
2025-12-10 13:23:34 +00:00 · 2025-10-21 17:24:52 +02:00
parent a5dd42396c
commit 5a307633bb
8 changed files with 23 additions and 32 deletions
--- a/apps/browser/src/background/idle.background.ts
+++ b/apps/browser/src/background/idle.background.ts
@@ -1,5 +1,6 @@
 import { firstValueFrom } from "rxjs";

+import { LogoutService } from "@bitwarden/auth/common";
 import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import {
  VaultTimeoutAction,
@@ -8,6 +9,7 @@ import {
  VaultTimeoutStringType,
 } from "@bitwarden/common/key-management/vault-timeout";
 import { ServerNotificationsService } from "@bitwarden/common/platform/server-notifications";
+import { UserId } from "@bitwarden/user-core";

 const IdleInterval = 60 * 5; // 5 minutes

@@ -21,6 +23,7 @@ export default class IdleBackground {
    private serverNotificationsService: ServerNotificationsService,
    private accountService: AccountService,
    private vaultTimeoutSettingsService: VaultTimeoutSettingsService,
+    private logoutService: LogoutService,
  ) {
    this.idle = chrome.idle || (browser != null ? browser.idle : null);
  }
@@ -61,7 +64,7 @@ export default class IdleBackground {
                  this.vaultTimeoutSettingsService.getVaultTimeoutActionByUserId$(userId),
                );
                if (action === VaultTimeoutAction.LogOut) {
-                  await this.vaultTimeoutService.logOut(userId);
+                  await this.logoutService.logout(userId as UserId, "vaultTimeout");
                } else {
                  await this.vaultTimeoutService.lock(userId);
                }
--- a/apps/browser/src/background/main.background.ts
+++ b/apps/browser/src/background/main.background.ts
@@ -21,6 +21,7 @@ import {
  AuthRequestServiceAbstraction,
  DefaultAuthRequestApiService,
  DefaultLockService,
+  DefaultLogoutService,
  InternalUserDecryptionOptionsServiceAbstraction,
  LoginEmailServiceAbstraction,
  LogoutReason,
@@ -976,6 +977,7 @@ export default class MainBackground {
      this.restrictedItemTypesService,
    );

+    const logoutService = new DefaultLogoutService(this.messagingService);
    this.vaultTimeoutService = new VaultTimeoutService(
      this.accountService,
      this.masterPasswordService,
@@ -994,7 +996,7 @@ export default class MainBackground {
      this.logService,
      this.biometricsService,
      lockedCallback,
-      logoutCallback,
+      logoutService,
    );
    this.containerService = new ContainerService(this.keyService, this.encryptService);

@@ -1386,6 +1388,7 @@ export default class MainBackground {
      this.serverNotificationsService,
      this.accountService,
      this.vaultTimeoutSettingsService,
+      logoutService,
    );

    this.usernameGenerationService = legacyUsernameGenerationServiceFactory(
--- a/apps/browser/src/key-management/vault-timeout/foreground-vault-timeout.service.ts
+++ b/apps/browser/src/key-management/vault-timeout/foreground-vault-timeout.service.ts
@@ -13,8 +13,4 @@ export class ForegroundVaultTimeoutService implements BaseVaultTimeoutService {
  async lock(userId?: UserId): Promise<void> {
    this.messagingService.send("lockVault", { userId });
  }
-
-  async logOut(userId?: string): Promise<void> {
-    this.messagingService.send("logout", { userId });
-  }
 }
--- a/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts
+++ b/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts
@@ -1,6 +1,7 @@
 import { Injectable } from "@angular/core";
 import { firstValueFrom, Observable } from "rxjs";

+import { LogoutService } from "@bitwarden/auth/common";
 import { Account } from "@bitwarden/common/auth/abstractions/account.service";
 import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { CryptoFunctionService } from "@bitwarden/common/key-management/crypto/abstractions/crypto-function.service";
@@ -14,7 +15,6 @@ import {
  WrappedPrivateKey,
  WrappedSigningKey,
 } from "@bitwarden/common/key-management/types";
-import { VaultTimeoutService } from "@bitwarden/common/key-management/vault-timeout";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
@@ -89,7 +89,7 @@ export class UserKeyRotationService {
    private syncService: SyncService,
    private webauthnLoginAdminService: WebauthnLoginAdminService,
    private logService: LogService,
-    private vaultTimeoutService: VaultTimeoutService,
+    private logoutService: LogoutService,
    private toastService: ToastService,
    private i18nService: I18nService,
    private dialogService: DialogService,
@@ -189,8 +189,7 @@ export class UserKeyRotationService {
      timeout: 15000,
    });

-    // temporary until userkey can be better verified
-    await this.vaultTimeoutService.logOut();
+    await this.logoutService.logout(user.id);
  }

  protected async ensureIsAllowedToRotateUserKey(): Promise<void> {
--- a/libs/angular/src/services/jslib-services.module.ts
+++ b/libs/angular/src/services/jslib-services.module.ts
@@ -891,7 +891,7 @@ const safeProviders: SafeProvider[] = [
      LogService,
      BiometricsService,
      LOCKED_CALLBACK,
-      LOGOUT_CALLBACK,
+      LogoutService,
    ],
  }),
  safeProvider({
--- a/libs/common/src/key-management/vault-timeout/abstractions/vault-timeout.service.ts
+++ b/libs/common/src/key-management/vault-timeout/abstractions/vault-timeout.service.ts
@@ -1,5 +1,4 @@
 export abstract class VaultTimeoutService {
  abstract checkVaultTimeout(): Promise<void>;
  abstract lock(userId?: string): Promise<void>;
-  abstract logOut(userId?: string): Promise<void>;
 }
--- a/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.spec.ts
+++ b/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.spec.ts
@@ -1,6 +1,6 @@
 // FIXME: Update this file to be type safe and remove this and next line
 // @ts-strict-ignore
-import { MockProxy, any, mock } from "jest-mock-extended";
+import { MockProxy, mock } from "jest-mock-extended";
 import { BehaviorSubject, from, of } from "rxjs";

 // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop.
@@ -8,7 +8,7 @@ import { BehaviorSubject, from, of } from "rxjs";
 import { CollectionService } from "@bitwarden/admin-console/common";
 // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop.
 // eslint-disable-next-line no-restricted-imports
-import { LogoutReason } from "@bitwarden/auth/common";
+import { LogoutService } from "@bitwarden/auth/common";
 // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop.
 // eslint-disable-next-line no-restricted-imports
 import { BiometricsService } from "@bitwarden/key-management";
@@ -53,8 +53,8 @@ describe("VaultTimeoutService", () => {
  let taskSchedulerService: MockProxy<TaskSchedulerService>;
  let logService: MockProxy<LogService>;
  let biometricsService: MockProxy<BiometricsService>;
+  let logoutService: MockProxy<LogoutService>;
  let lockedCallback: jest.Mock<Promise<void>, [userId: string]>;
-  let loggedOutCallback: jest.Mock<Promise<void>, [logoutReason: LogoutReason, userId?: string]>;

  let vaultTimeoutActionSubject: BehaviorSubject<VaultTimeoutAction>;
  let availableVaultTimeoutActionsSubject: BehaviorSubject<VaultTimeoutAction[]>;
@@ -80,9 +80,9 @@ describe("VaultTimeoutService", () => {
    taskSchedulerService = mock<TaskSchedulerService>();
    logService = mock<LogService>();
    biometricsService = mock<BiometricsService>();
+    logoutService = mock<LogoutService>();

    lockedCallback = jest.fn();
-    loggedOutCallback = jest.fn();

    vaultTimeoutActionSubject = new BehaviorSubject(VaultTimeoutAction.Lock);

@@ -110,7 +110,7 @@ describe("VaultTimeoutService", () => {
      logService,
      biometricsService,
      lockedCallback,
-      loggedOutCallback,
+      logoutService,
    );
  });

@@ -213,12 +213,12 @@ describe("VaultTimeoutService", () => {
  };

  const expectUserToHaveLoggedOut = (userId: string) => {
-    expect(loggedOutCallback).toHaveBeenCalledWith("vaultTimeout", userId);
+    expect(logoutService.logout).toHaveBeenCalledWith(userId, "vaultTimeout");
  };

  const expectNoAction = (userId: string) => {
    expect(lockedCallback).not.toHaveBeenCalledWith(userId);
-    expect(loggedOutCallback).not.toHaveBeenCalledWith(any(), userId);
+    expect(logoutService.logout).not.toHaveBeenCalledWith(userId, "vaultTimeout");
  };

  describe("checkVaultTimeout", () => {
--- a/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.ts
+++ b/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.ts
@@ -7,7 +7,7 @@ import { combineLatest, concatMap, filter, firstValueFrom, map, timeout } from "
 import { CollectionService } from "@bitwarden/admin-console/common";
 // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop.
 // eslint-disable-next-line no-restricted-imports
-import { LogoutReason } from "@bitwarden/auth/common";
+import { LogoutService } from "@bitwarden/auth/common";
 // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop.
 // eslint-disable-next-line no-restricted-imports
 import { BiometricsService } from "@bitwarden/key-management";
@@ -52,10 +52,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
    protected logService: LogService,
    private biometricService: BiometricsService,
    private lockedCallback: (userId: UserId) => Promise<void> = null,
-    private loggedOutCallback: (
-      logoutReason: LogoutReason,
-      userId?: string,
-    ) => Promise<void> = null,
+    private logoutService: LogoutService,
  ) {
    this.taskSchedulerService.registerTaskHandler(
      ScheduledTaskNames.vaultTimeoutCheckInterval,
@@ -123,7 +120,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
    );
    const supportsLock = availableActions.includes(VaultTimeoutAction.Lock);
    if (!supportsLock) {
-      await this.logOut(userId);
+      await this.logoutService.logout(userId, "vaultTimeout");
    }

    // HACK: Start listening for the transition of the locking user from something to the locked state.
@@ -165,12 +162,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
    }
  }

-  async logOut(userId?: string): Promise<void> {
-    if (this.loggedOutCallback != null) {
-      await this.loggedOutCallback("vaultTimeout", userId);
-    }
-  }
-
  private async shouldLock(
    userId: string,
    lastActive: Date,
@@ -214,7 +205,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
      this.vaultTimeoutSettingsService.getVaultTimeoutActionByUserId$(userId),
    );
    timeoutAction === VaultTimeoutAction.LogOut
-      ? await this.logOut(userId)
+      ? await this.logoutService.logout(userId, "vaultTimeout")
      : await this.lock(userId);
  }
 }