[PM-27086 Change Password] Refactor InputPasswordComponent to use proofOfDecryption

libs/auth/src/angular/input-password/input-password.component.ts

@@ -11,6 +11,7 @@ import { AuditService } from "@bitwarden/common/abstractions/audit.service";
 import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
 import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options";
 import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
+import { MasterPasswordUnlockService } from "@bitwarden/common/key-management/master-password/abstractions/master-password-unlock.service";
 import { MasterPasswordServiceAbstraction } from "@bitwarden/common/key-management/master-password/abstractions/master-password.service.abstraction";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
@@ -218,6 +219,7 @@ export class InputPasswordComponent implements OnInit {
     private kdfConfigService: KdfConfigService,
     private keyService: KeyService,
     private masterPasswordService: MasterPasswordServiceAbstraction,
+    private masterPasswordUnlockService: MasterPasswordUnlockService,
     private passwordGenerationService: PasswordGenerationServiceAbstraction,
     private platformUtilsService: PlatformUtilsService,
     private policyService: PolicyService,
@@ -340,17 +342,32 @@ export class InputPasswordComponent implements OnInit {
         throw new Error("Salt not found.");
       }
 
+      // When you unwind the flag in PM-28143, also remove the ConfigService if it is un-used.
+      const newApisWithInputPasswordFlagEnabled = await this.configService.getFeatureFlag(
+        FeatureFlag.PM27086_UpdateAuthenticationApisForInputPassword,
+      );
+
       // 2. Verify current password is correct (if necessary)
       if (
         this.flow === InputPasswordFlow.ChangePassword ||
         this.flow === InputPasswordFlow.ChangePasswordWithOptionalUserKeyRotation
       ) {
-        const currentPasswordVerified = await this.verifyCurrentPassword(
-          currentPassword,
-          this.kdfConfig,
-        );
-        if (!currentPasswordVerified) {
-          return;
+        if (newApisWithInputPasswordFlagEnabled) {
+          const currentPasswordVerified = await this.masterPasswordUnlockService.proofOfDecryption(
+            currentPassword,
+            this.userId,
+          );
+          if (!currentPasswordVerified) {
+            return;
+          }
+        } else {
+          const currentPasswordVerified = await this.verifyCurrentPassword(
+            currentPassword,
+            this.kdfConfig,
+          );
+          if (!currentPasswordVerified) {
+            return;
+          }
         }
       }
 
@@ -364,11 +381,6 @@ export class InputPasswordComponent implements OnInit {
         return;
       }
 
-      // When you unwind the flag in PM-28143, also remove the ConfigService if it is un-used.
-      const newApisWithInputPasswordFlagEnabled = await this.configService.getFeatureFlag(
-        FeatureFlag.PM27086_UpdateAuthenticationApisForInputPassword,
-      );
-
       if (newApisWithInputPasswordFlagEnabled) {
         // 4. Build a PasswordInputResult object
         const passwordInputResult: PasswordInputResult = {
@@ -537,6 +549,8 @@ export class InputPasswordComponent implements OnInit {
   }
 
   /**
+   * @deprecated To be removed in PM-28143 (use `MasterPasswordUnlockService.proofOfDecryption()` instead)
+   *
    * Returns `true` if the current password is correct (it can be used to successfully decrypt
    * the masterKeyEncryptedUserKey), `false` otherwise
    */