[PM-8933] Require userId on setUserKey (#9675)

* Updated all sets of user key to pass in userId * Added userId on auth request login. * Fixed tests. * Fixed tests to pass in UserId * Added parameter to tests. * Addressed PR feedback. * Merged main
2025-12-17 16:53:34 +00:00 · 2024-08-13 08:07:36 -04:00
parent cdc82f13b0
commit 7b508b1ad7
15 changed files with 65 additions and 39 deletions
--- a/libs/auth/src/common/login-strategies/sso-login.strategy.ts
+++ b/libs/auth/src/common/login-strategies/sso-login.strategy.ts
@@ -255,6 +255,7 @@ export class SsoLoginStrategy extends LoginStrategy {
        await this.authRequestService.setKeysAfterDecryptingSharedMasterKeyAndHash(
          adminAuthReqResponse,
          adminAuthReqStorable.privateKey,
+          userId,
        );
      } else {
        // if masterPasswordHash is null, we will always receive authReqResponse.key
@@ -262,6 +263,7 @@ export class SsoLoginStrategy extends LoginStrategy {
        await this.authRequestService.setUserKeyAfterDecryptingSharedUserKey(
          adminAuthReqResponse,
          adminAuthReqStorable.privateKey,
+          userId,
        );
      }

@@ -321,7 +323,7 @@ export class SsoLoginStrategy extends LoginStrategy {
    );

    if (userKey) {
-      await this.cryptoService.setUserKey(userKey);
+      await this.cryptoService.setUserKey(userKey, userId);
    }
  }

@@ -337,7 +339,7 @@ export class SsoLoginStrategy extends LoginStrategy {
    }

    const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
-    await this.cryptoService.setUserKey(userKey);
+    await this.cryptoService.setUserKey(userKey, userId);
  }

  protected override async setPrivateKey(