bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-19 17:53:39 +00:00
Code Issues Releases Wiki Activity

Running the exposed passwords synchronously (#13163)

Browse Source
This commit is contained in:
Tom
2025-01-31 08:46:54 -05:00
committed by GitHub
parent 6ae30f5059
commit 9197ea60b5
2 changed files with 26 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bitwarden_license/bit-common/src/tools/reports/risk-insights/models/password-health.ts
View File

@@ -85,6 +85,7 @@ export type WeakPasswordScore = {
* How many times a password has been exposed * How many times a password has been exposed
*/ */
export type ExposedPasswordDetail = { export type ExposedPasswordDetail = {
cipherId: string;
exposedXTimes: number; exposedXTimes: number;
} | null; } | null;

33
bitwarden_license/bit-common/src/tools/reports/risk-insights/services/risk-insights-report.service.ts
View File

@@ -175,6 +175,7 @@ export class RiskInsightsReportService {
): Promise<CipherHealthReportDetail[]> { ): Promise<CipherHealthReportDetail[]> {
const cipherHealthReports: CipherHealthReportDetail[] = []; const cipherHealthReports: CipherHealthReportDetail[] = [];
const passwordUseMap = new Map<string, number>(); const passwordUseMap = new Map<string, number>();
const exposedDetails = await this.findExposedPasswords(ciphers);
for (const cipher of ciphers) { for (const cipher of ciphers) {
if (this.validateCipher(cipher)) { if (this.validateCipher(cipher)) {
const weakPassword = this.findWeakPassword(cipher); const weakPassword = this.findWeakPassword(cipher);
@@ -189,7 +190,7 @@ export class RiskInsightsReportService {
passwordUseMap.set(cipher.login.password, 1); passwordUseMap.set(cipher.login.password, 1);
} }
const exposedPassword = await this.findExposedPassword(cipher); const exposedPassword = exposedDetails.find((x) => x.cipherId === cipher.id);
// Get the cipher members // Get the cipher members
const cipherMembers = memberDetails.filter((x) => x.cipherId === cipher.id); const cipherMembers = memberDetails.filter((x) => x.cipherId === cipher.id);
@@ -255,13 +256,29 @@ export class RiskInsightsReportService {
return appReports; return appReports;
} }
private async findExposedPassword(cipher: CipherView): Promise<ExposedPasswordDetail> { private async findExposedPasswords(ciphers: CipherView[]): Promise<ExposedPasswordDetail[]> {
const exposedCount = await this.auditService.passwordLeaked(cipher.login.password); const exposedDetails: ExposedPasswordDetail[] = [];
if (exposedCount > 0) { const promises: Promise<void>[] = [];
const exposedDetail = { exposedXTimes: exposedCount } as ExposedPasswordDetail;
return exposedDetail; ciphers.forEach((ciph) => {
} if (this.validateCipher(ciph)) {
return null; const promise = this.auditService
.passwordLeaked(ciph.login.password)
.then((exposedCount) => {
if (exposedCount > 0) {
const detail = {
exposedXTimes: exposedCount,
cipherId: ciph.id,
} as ExposedPasswordDetail;
exposedDetails.push(detail);
}
});
promises.push(promise);
}
});
await Promise.all(promises);
return exposedDetails;
} }
private findWeakPassword(cipher: CipherView): WeakPasswordDetail { private findWeakPassword(cipher: CipherView): WeakPasswordDetail {