Add support for requesting and using otp for verifying some requests (#527)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2025-12-12 14:23:32 +00:00 · 2021-11-09 17:01:22 +01:00
parent 99ff3feb53
commit 8f177e2d3a
54 changed files with 746 additions and 223 deletions
--- a/angular/src/components/lock.component.ts
+++ b/angular/src/components/lock.component.ts
@@ -5,6 +5,7 @@ import { ApiService } from 'jslib-common/abstractions/api.service';
 import { CryptoService } from 'jslib-common/abstractions/crypto.service';
 import { EnvironmentService } from 'jslib-common/abstractions/environment.service';
 import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { KeyConnectorService } from 'jslib-common/abstractions/keyConnector.service';
 import { LogService } from 'jslib-common/abstractions/log.service';
 import { MessagingService } from 'jslib-common/abstractions/messaging.service';
 import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
@@ -18,7 +19,7 @@ import { ConstantsService } from 'jslib-common/services/constants.service';
 import { EncString } from 'jslib-common/models/domain/encString';
 import { SymmetricCryptoKey } from 'jslib-common/models/domain/symmetricCryptoKey';

-import { PasswordVerificationRequest } from 'jslib-common/models/request/passwordVerificationRequest';
+import { SecretVerificationRequest } from 'jslib-common/models/request/secretVerificationRequest';

 import { Utils } from 'jslib-common/misc/utils';

@@ -48,7 +49,8 @@ export class LockComponent implements OnInit {
        protected userService: UserService, protected cryptoService: CryptoService,
        protected storageService: StorageService, protected vaultTimeoutService: VaultTimeoutService,
        protected environmentService: EnvironmentService, protected stateService: StateService,
-        protected apiService: ApiService, private logService: LogService) { }
+        protected apiService: ApiService, private logService: LogService,
+        private keyConnectorService: KeyConnectorService) { }

    async ngOnInit() {
        this.pinSet = await this.vaultTimeoutService.isPinLockSet();
@@ -59,6 +61,11 @@ export class LockComponent implements OnInit {
        this.biometricText = await this.storageService.get(ConstantsService.biometricText);
        this.email = await this.userService.getEmail();

+        // Users with key connector and without biometric or pin has no MP to unlock using
+        if (await this.keyConnectorService.getUsesKeyConnector() && !(this.biometricLock || this.pinLock)) {
+            await this.vaultTimeoutService.logOut();
+        }
+
        const webVaultUrl = this.environmentService.getWebVaultUrl();
        const vaultUrl = webVaultUrl === 'https://vault.bitwarden.com' ? 'https://bitwarden.com' : webVaultUrl;
        this.webVaultHostname = Utils.getHostname(vaultUrl);
@@ -119,7 +126,7 @@ export class LockComponent implements OnInit {
            if (storedKeyHash != null) {
                passwordValid = await this.cryptoService.compareAndUpdateKeyHash(this.masterPassword, key);
            } else {
-                const request = new PasswordVerificationRequest();
+                const request = new SecretVerificationRequest();
                const serverKeyHash = await this.cryptoService.hashPassword(this.masterPassword, key,
                    HashPurpose.ServerAuthorization);
                request.masterPasswordHash = serverKeyHash;