Running the exposed passwords synchronously (#13163)

2025-12-19 17:53:39 +00:00 · 2025-01-31 08:46:54 -05:00
parent 6ae30f5059
commit 9197ea60b5
2 changed files with 26 additions and 8 deletions
--- a/bitwarden_license/bit-common/src/tools/reports/risk-insights/models/password-health.ts
+++ b/bitwarden_license/bit-common/src/tools/reports/risk-insights/models/password-health.ts
@@ -85,6 +85,7 @@ export type WeakPasswordScore = {
 * How many times a password has been exposed
 */
 export type ExposedPasswordDetail = {
+  cipherId: string;
  exposedXTimes: number;
 } | null;

--- a/bitwarden_license/bit-common/src/tools/reports/risk-insights/services/risk-insights-report.service.ts
+++ b/bitwarden_license/bit-common/src/tools/reports/risk-insights/services/risk-insights-report.service.ts
@@ -175,6 +175,7 @@ export class RiskInsightsReportService {
  ): Promise<CipherHealthReportDetail[]> {
    const cipherHealthReports: CipherHealthReportDetail[] = [];
    const passwordUseMap = new Map<string, number>();
+    const exposedDetails = await this.findExposedPasswords(ciphers);
    for (const cipher of ciphers) {
      if (this.validateCipher(cipher)) {
        const weakPassword = this.findWeakPassword(cipher);
@@ -189,7 +190,7 @@ export class RiskInsightsReportService {
          passwordUseMap.set(cipher.login.password, 1);
        }

-        const exposedPassword = await this.findExposedPassword(cipher);
+        const exposedPassword = exposedDetails.find((x) => x.cipherId === cipher.id);

        // Get the cipher members
        const cipherMembers = memberDetails.filter((x) => x.cipherId === cipher.id);
@@ -255,13 +256,29 @@ export class RiskInsightsReportService {
    return appReports;
  }

-  private async findExposedPassword(cipher: CipherView): Promise<ExposedPasswordDetail> {
-    const exposedCount = await this.auditService.passwordLeaked(cipher.login.password);
-    if (exposedCount > 0) {
-      const exposedDetail = { exposedXTimes: exposedCount } as ExposedPasswordDetail;
-      return exposedDetail;
-    }
-    return null;
+  private async findExposedPasswords(ciphers: CipherView[]): Promise<ExposedPasswordDetail[]> {
+    const exposedDetails: ExposedPasswordDetail[] = [];
+    const promises: Promise<void>[] = [];
+
+    ciphers.forEach((ciph) => {
+      if (this.validateCipher(ciph)) {
+        const promise = this.auditService
+          .passwordLeaked(ciph.login.password)
+          .then((exposedCount) => {
+            if (exposedCount > 0) {
+              const detail = {
+                exposedXTimes: exposedCount,
+                cipherId: ciph.id,
+              } as ExposedPasswordDetail;
+              exposedDetails.push(detail);
+            }
+          });
+        promises.push(promise);
+      }
+    });
+    await Promise.all(promises);
+
+    return exposedDetails;
  }

  private findWeakPassword(cipher: CipherView): WeakPasswordDetail {