From 8005cfe510cb25ff83148406de1c3d3b9a67f840 Mon Sep 17 00:00:00 2001
From: rr-bw <102181210+rr-bw@users.noreply.github.com>
Date: Fri, 12 Dec 2025 14:22:42 -0800
Subject: [PATCH] [PM-27086] add flagged logic to
 InputPasswordComponent.submit()

---
 .../input-password.component.ts               | 31 ++++++++++++++++---
 .../input-password/password-input-result.ts   |  2 ++
 libs/common/src/enums/feature-flag.enum.ts    |  1 +
 3 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/libs/auth/src/angular/input-password/input-password.component.ts b/libs/auth/src/angular/input-password/input-password.component.ts
index 62294f037a0..0548f7bef9d 100644
--- a/libs/auth/src/angular/input-password/input-password.component.ts
+++ b/libs/auth/src/angular/input-password/input-password.component.ts
@@ -10,7 +10,9 @@ import {
 import { AuditService } from "@bitwarden/common/abstractions/audit.service";
 import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
 import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options";
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { MasterPasswordServiceAbstraction } from "@bitwarden/common/key-management/master-password/abstractions/master-password.service.abstraction";
+import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
 import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
@@ -209,6 +211,7 @@ export class InputPasswordComponent implements OnInit {
   constructor(
     private auditService: AuditService,
     private cipherService: CipherService,
+    private configService: ConfigService,
     private dialogService: DialogService,
     private formBuilder: FormBuilder,
     private i18nService: I18nService,
@@ -312,7 +315,7 @@ export class InputPasswordComponent implements OnInit {
       }
 
       if (!this.email) {
-        throw new Error("Email is required to create master key.");
+        throw new Error("Email not found.");
       }
 
       // 1. Determine kdfConfig
@@ -320,13 +323,13 @@ export class InputPasswordComponent implements OnInit {
         this.kdfConfig = DEFAULT_KDF_CONFIG;
       } else {
         if (!this.userId) {
-          throw new Error("userId not passed down");
+          throw new Error("userId not found.");
         }
         this.kdfConfig = await firstValueFrom(this.kdfConfigService.getKdfConfig$(this.userId));
       }
 
       if (this.kdfConfig == null) {
-        throw new Error("KdfConfig is required to create master key.");
+        throw new Error("KdfConfig not found.");
       }
 
       const salt =
@@ -334,7 +337,7 @@ export class InputPasswordComponent implements OnInit {
           ? await firstValueFrom(this.masterPasswordService.saltForUser$(this.userId))
           : this.masterPasswordService.emailToSalt(this.email);
       if (salt == null) {
-        throw new Error("Salt is required to create master key.");
+        throw new Error("Salt not found.");
       }
 
       // 2. Verify current password is correct (if necessary)
@@ -361,6 +364,26 @@ export class InputPasswordComponent implements OnInit {
         return;
       }
 
+      const newApisFlagEnabled = await this.configService.getFeatureFlag(
+        FeatureFlag.PM27086_UpdateAuthenticationApisForInputPassword,
+      );
+
+      if (newApisFlagEnabled) {
+        // 4. Build a PasswordInputResult object
+        const passwordInputResult: PasswordInputResult = {
+          currentPassword,
+          newPassword,
+          kdfConfig: this.kdfConfig,
+          salt,
+          newPasswordHint,
+          rotateUserKey: this.formGroup.controls.rotateUserKey?.value ?? false,
+        };
+
+        // 5. Emit and return PasswordInputResult object
+        this.onPasswordFormSubmit.emit(passwordInputResult);
+        return passwordInputResult;
+      }
+
       // 4. Create cryptographic keys and build a PasswordInputResult object
       const newMasterKey = await this.keyService.makeMasterKey(
         newPassword,
diff --git a/libs/auth/src/angular/input-password/password-input-result.ts b/libs/auth/src/angular/input-password/password-input-result.ts
index 11c8f0d274d..923ba86594a 100644
--- a/libs/auth/src/angular/input-password/password-input-result.ts
+++ b/libs/auth/src/angular/input-password/password-input-result.ts
@@ -10,6 +10,8 @@ export interface PasswordInputResult {
   newPasswordHint?: string;
   rotateUserKey?: boolean;
 
+  // The deprecated properties below will be removed in PM-28143: https://bitwarden.atlassian.net/browse/PM-28143
+
   /** @deprecated This low-level cryptographic state will be removed. It will be replaced by high level calls to masterpassword service, in the consumers of this interface. */
   currentMasterKey?: MasterKey;
   /** @deprecated */
diff --git a/libs/common/src/enums/feature-flag.enum.ts b/libs/common/src/enums/feature-flag.enum.ts
index 0d4416d438a..47f1aa5c366 100644
--- a/libs/common/src/enums/feature-flag.enum.ts
+++ b/libs/common/src/enums/feature-flag.enum.ts
@@ -129,6 +129,7 @@ export const DefaultFeatureFlagValue = {
 
   /* Auth */
   [FeatureFlag.PM23801_PrefetchPasswordPrelogin]: FALSE,
+  [FeatureFlag.PM27086_UpdateAuthenticationApisForInputPassword]: FALSE,
 
   /* Billing */
   [FeatureFlag.TrialPaymentOptional]: FALSE,