diff --git a/apps/browser/src/background/idle.background.ts b/apps/browser/src/background/idle.background.ts index 2de4b48a9c0..0f89aa4792a 100644 --- a/apps/browser/src/background/idle.background.ts +++ b/apps/browser/src/background/idle.background.ts @@ -1,5 +1,6 @@ import { firstValueFrom } from "rxjs"; +import { LogoutService } from "@bitwarden/auth/common"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; import { VaultTimeoutAction, @@ -8,6 +9,7 @@ import { VaultTimeoutStringType, } from "@bitwarden/common/key-management/vault-timeout"; import { ServerNotificationsService } from "@bitwarden/common/platform/server-notifications"; +import { UserId } from "@bitwarden/user-core"; const IdleInterval = 60 * 5; // 5 minutes @@ -21,6 +23,7 @@ export default class IdleBackground { private serverNotificationsService: ServerNotificationsService, private accountService: AccountService, private vaultTimeoutSettingsService: VaultTimeoutSettingsService, + private logoutService: LogoutService, ) { this.idle = chrome.idle || (browser != null ? browser.idle : null); } @@ -61,7 +64,7 @@ export default class IdleBackground { this.vaultTimeoutSettingsService.getVaultTimeoutActionByUserId$(userId), ); if (action === VaultTimeoutAction.LogOut) { - await this.vaultTimeoutService.logOut(userId); + await this.logoutService.logout(userId as UserId, "vaultTimeout"); } else { await this.vaultTimeoutService.lock(userId); } diff --git a/apps/browser/src/background/main.background.ts b/apps/browser/src/background/main.background.ts index 7ba55a45892..c4c412732c9 100644 --- a/apps/browser/src/background/main.background.ts +++ b/apps/browser/src/background/main.background.ts @@ -21,6 +21,7 @@ import { AuthRequestServiceAbstraction, DefaultAuthRequestApiService, DefaultLockService, + DefaultLogoutService, InternalUserDecryptionOptionsServiceAbstraction, LoginEmailServiceAbstraction, LogoutReason, @@ -976,6 +977,7 @@ export default class MainBackground { this.restrictedItemTypesService, ); + const logoutService = new DefaultLogoutService(this.messagingService); this.vaultTimeoutService = new VaultTimeoutService( this.accountService, this.masterPasswordService, @@ -994,7 +996,7 @@ export default class MainBackground { this.logService, this.biometricsService, lockedCallback, - logoutCallback, + logoutService, ); this.containerService = new ContainerService(this.keyService, this.encryptService); @@ -1386,6 +1388,7 @@ export default class MainBackground { this.serverNotificationsService, this.accountService, this.vaultTimeoutSettingsService, + logoutService, ); this.usernameGenerationService = legacyUsernameGenerationServiceFactory( diff --git a/apps/browser/src/key-management/vault-timeout/foreground-vault-timeout.service.ts b/apps/browser/src/key-management/vault-timeout/foreground-vault-timeout.service.ts index 5003dfd5b29..4081ab03359 100644 --- a/apps/browser/src/key-management/vault-timeout/foreground-vault-timeout.service.ts +++ b/apps/browser/src/key-management/vault-timeout/foreground-vault-timeout.service.ts @@ -13,8 +13,4 @@ export class ForegroundVaultTimeoutService implements BaseVaultTimeoutService { async lock(userId?: UserId): Promise { this.messagingService.send("lockVault", { userId }); } - - async logOut(userId?: string): Promise { - this.messagingService.send("logout", { userId }); - } } diff --git a/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts b/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts index 0980beddd09..168dbe7442e 100644 --- a/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts +++ b/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts @@ -1,6 +1,7 @@ import { Injectable } from "@angular/core"; import { firstValueFrom, Observable } from "rxjs"; +import { LogoutService } from "@bitwarden/auth/common"; import { Account } from "@bitwarden/common/auth/abstractions/account.service"; import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { CryptoFunctionService } from "@bitwarden/common/key-management/crypto/abstractions/crypto-function.service"; @@ -14,7 +15,6 @@ import { WrappedPrivateKey, WrappedSigningKey, } from "@bitwarden/common/key-management/types"; -import { VaultTimeoutService } from "@bitwarden/common/key-management/vault-timeout"; import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; @@ -89,7 +89,7 @@ export class UserKeyRotationService { private syncService: SyncService, private webauthnLoginAdminService: WebauthnLoginAdminService, private logService: LogService, - private vaultTimeoutService: VaultTimeoutService, + private logoutService: LogoutService, private toastService: ToastService, private i18nService: I18nService, private dialogService: DialogService, @@ -189,8 +189,7 @@ export class UserKeyRotationService { timeout: 15000, }); - // temporary until userkey can be better verified - await this.vaultTimeoutService.logOut(); + await this.logoutService.logout(user.id); } protected async ensureIsAllowedToRotateUserKey(): Promise { diff --git a/libs/angular/src/services/jslib-services.module.ts b/libs/angular/src/services/jslib-services.module.ts index f5642f45b2e..5d2a23444f0 100644 --- a/libs/angular/src/services/jslib-services.module.ts +++ b/libs/angular/src/services/jslib-services.module.ts @@ -891,7 +891,7 @@ const safeProviders: SafeProvider[] = [ LogService, BiometricsService, LOCKED_CALLBACK, - LOGOUT_CALLBACK, + LogoutService, ], }), safeProvider({ diff --git a/libs/common/src/key-management/vault-timeout/abstractions/vault-timeout.service.ts b/libs/common/src/key-management/vault-timeout/abstractions/vault-timeout.service.ts index 1c88a5c51ea..401fb8b107b 100644 --- a/libs/common/src/key-management/vault-timeout/abstractions/vault-timeout.service.ts +++ b/libs/common/src/key-management/vault-timeout/abstractions/vault-timeout.service.ts @@ -1,5 +1,4 @@ export abstract class VaultTimeoutService { abstract checkVaultTimeout(): Promise; abstract lock(userId?: string): Promise; - abstract logOut(userId?: string): Promise; } diff --git a/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.spec.ts b/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.spec.ts index da815f76f79..5ba434f7188 100644 --- a/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.spec.ts +++ b/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.spec.ts @@ -1,6 +1,6 @@ // FIXME: Update this file to be type safe and remove this and next line // @ts-strict-ignore -import { MockProxy, any, mock } from "jest-mock-extended"; +import { MockProxy, mock } from "jest-mock-extended"; import { BehaviorSubject, from, of } from "rxjs"; // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop. @@ -8,7 +8,7 @@ import { BehaviorSubject, from, of } from "rxjs"; import { CollectionService } from "@bitwarden/admin-console/common"; // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop. // eslint-disable-next-line no-restricted-imports -import { LogoutReason } from "@bitwarden/auth/common"; +import { LogoutService } from "@bitwarden/auth/common"; // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop. // eslint-disable-next-line no-restricted-imports import { BiometricsService } from "@bitwarden/key-management"; @@ -53,8 +53,8 @@ describe("VaultTimeoutService", () => { let taskSchedulerService: MockProxy; let logService: MockProxy; let biometricsService: MockProxy; + let logoutService: MockProxy; let lockedCallback: jest.Mock, [userId: string]>; - let loggedOutCallback: jest.Mock, [logoutReason: LogoutReason, userId?: string]>; let vaultTimeoutActionSubject: BehaviorSubject; let availableVaultTimeoutActionsSubject: BehaviorSubject; @@ -80,9 +80,9 @@ describe("VaultTimeoutService", () => { taskSchedulerService = mock(); logService = mock(); biometricsService = mock(); + logoutService = mock(); lockedCallback = jest.fn(); - loggedOutCallback = jest.fn(); vaultTimeoutActionSubject = new BehaviorSubject(VaultTimeoutAction.Lock); @@ -110,7 +110,7 @@ describe("VaultTimeoutService", () => { logService, biometricsService, lockedCallback, - loggedOutCallback, + logoutService, ); }); @@ -213,12 +213,12 @@ describe("VaultTimeoutService", () => { }; const expectUserToHaveLoggedOut = (userId: string) => { - expect(loggedOutCallback).toHaveBeenCalledWith("vaultTimeout", userId); + expect(logoutService.logout).toHaveBeenCalledWith(userId, "vaultTimeout"); }; const expectNoAction = (userId: string) => { expect(lockedCallback).not.toHaveBeenCalledWith(userId); - expect(loggedOutCallback).not.toHaveBeenCalledWith(any(), userId); + expect(logoutService.logout).not.toHaveBeenCalledWith(userId, "vaultTimeout"); }; describe("checkVaultTimeout", () => { diff --git a/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.ts b/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.ts index 8b523498c31..c0fa0423694 100644 --- a/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.ts +++ b/libs/common/src/key-management/vault-timeout/services/vault-timeout.service.ts @@ -7,7 +7,7 @@ import { combineLatest, concatMap, filter, firstValueFrom, map, timeout } from " import { CollectionService } from "@bitwarden/admin-console/common"; // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop. // eslint-disable-next-line no-restricted-imports -import { LogoutReason } from "@bitwarden/auth/common"; +import { LogoutService } from "@bitwarden/auth/common"; // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop. // eslint-disable-next-line no-restricted-imports import { BiometricsService } from "@bitwarden/key-management"; @@ -52,10 +52,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { protected logService: LogService, private biometricService: BiometricsService, private lockedCallback: (userId: UserId) => Promise = null, - private loggedOutCallback: ( - logoutReason: LogoutReason, - userId?: string, - ) => Promise = null, + private logoutService: LogoutService, ) { this.taskSchedulerService.registerTaskHandler( ScheduledTaskNames.vaultTimeoutCheckInterval, @@ -123,7 +120,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { ); const supportsLock = availableActions.includes(VaultTimeoutAction.Lock); if (!supportsLock) { - await this.logOut(userId); + await this.logoutService.logout(userId, "vaultTimeout"); } // HACK: Start listening for the transition of the locking user from something to the locked state. @@ -165,12 +162,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { } } - async logOut(userId?: string): Promise { - if (this.loggedOutCallback != null) { - await this.loggedOutCallback("vaultTimeout", userId); - } - } - private async shouldLock( userId: string, lastActive: Date, @@ -214,7 +205,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { this.vaultTimeoutSettingsService.getVaultTimeoutActionByUserId$(userId), ); timeoutAction === VaultTimeoutAction.LogOut - ? await this.logOut(userId) + ? await this.logoutService.logout(userId, "vaultTimeout") : await this.lock(userId); } }