[PM-5362] Add MP Service (attempt #2) (#8619)

* create mp and kdf service * update mp service interface to not rely on active user * rename observable methods * update crypto service with new MP service * add master password service to login strategies - make fake service for easier testing - fix crypto service tests * update auth service and finish strategies * auth request refactors * more service refactors and constructor updates * setMasterKey refactors * remove master key methods from crypto service * remove master key and hash from state service * missed fixes * create migrations and fix references * fix master key imports * default force set password reason to none * add password reset reason observable factory to service * remove kdf changes and migrate only disk data * update migration number * fix sync service deps * use disk for force set password state * fix desktop migration * fix sso test * fix tests * fix more tests * fix even more tests * fix even more tests * fix cli * remove kdf service abstraction * add missing deps for browser * fix merge conflicts * clear reset password reason on lock or logout * fix tests * fix other tests * add jsdocs to abstraction * use state provider in crypto service * inverse master password service factory * add clearOn to master password service * add parameter validation to master password service * add component level userId * add missed userId * migrate key hash * fix login strategy service * delete crypto master key from account * migrate master key encrypted user key * rename key hash to master key hash * use mp service for getMasterKeyEncryptedUserKey * fix tests * fix user key decryption logic * add clear methods to mp service * fix circular dep and encryption issue * fix test * remove extra account service call * use EncString in state provider * fix tests * return to using encrypted string for serialization
2025-12-22 19:23:52 +00:00 · 2024-04-09 20:50:20 -04:00
parent c02723d6a6
commit 9d10825dbd
79 changed files with 1373 additions and 501 deletions
--- a/libs/common/src/state-migrations/migrations/55-move-master-key-state-to-provider.ts
+++ b/libs/common/src/state-migrations/migrations/55-move-master-key-state-to-provider.ts
@@ -0,0 +1,111 @@
+import { KeyDefinitionLike, MigrationHelper } from "../migration-helper";
+import { Migrator } from "../migrator";
+
+type ExpectedAccountType = {
+  keys?: {
+    masterKeyEncryptedUserKey?: string;
+  };
+  profile?: {
+    forceSetPasswordReason?: number;
+    keyHash?: string;
+  };
+};
+
+export const FORCE_SET_PASSWORD_REASON_DEFINITION: KeyDefinitionLike = {
+  key: "forceSetPasswordReason",
+  stateDefinition: {
+    name: "masterPassword",
+  },
+};
+
+export const MASTER_KEY_HASH_DEFINITION: KeyDefinitionLike = {
+  key: "masterKeyHash",
+  stateDefinition: {
+    name: "masterPassword",
+  },
+};
+
+export const MASTER_KEY_ENCRYPTED_USER_KEY_DEFINITION: KeyDefinitionLike = {
+  key: "masterKeyEncryptedUserKey",
+  stateDefinition: {
+    name: "masterPassword",
+  },
+};
+
+export class MoveMasterKeyStateToProviderMigrator extends Migrator<54, 55> {
+  async migrate(helper: MigrationHelper): Promise<void> {
+    const accounts = await helper.getAccounts<ExpectedAccountType>();
+    async function migrateAccount(userId: string, account: ExpectedAccountType): Promise<void> {
+      const forceSetPasswordReason = account?.profile?.forceSetPasswordReason;
+      if (forceSetPasswordReason != null) {
+        await helper.setToUser(
+          userId,
+          FORCE_SET_PASSWORD_REASON_DEFINITION,
+          forceSetPasswordReason,
+        );
+
+        delete account.profile.forceSetPasswordReason;
+        await helper.set(userId, account);
+      }
+
+      const masterKeyHash = account?.profile?.keyHash;
+      if (masterKeyHash != null) {
+        await helper.setToUser(userId, MASTER_KEY_HASH_DEFINITION, masterKeyHash);
+
+        delete account.profile.keyHash;
+        await helper.set(userId, account);
+      }
+
+      const masterKeyEncryptedUserKey = account?.keys?.masterKeyEncryptedUserKey;
+      if (masterKeyEncryptedUserKey != null) {
+        await helper.setToUser(
+          userId,
+          MASTER_KEY_ENCRYPTED_USER_KEY_DEFINITION,
+          masterKeyEncryptedUserKey,
+        );
+
+        delete account.keys.masterKeyEncryptedUserKey;
+        await helper.set(userId, account);
+      }
+    }
+
+    await Promise.all([...accounts.map(({ userId, account }) => migrateAccount(userId, account))]);
+  }
+  async rollback(helper: MigrationHelper): Promise<void> {
+    const accounts = await helper.getAccounts<ExpectedAccountType>();
+    async function rollbackAccount(userId: string, account: ExpectedAccountType): Promise<void> {
+      const forceSetPasswordReason = await helper.getFromUser(
+        userId,
+        FORCE_SET_PASSWORD_REASON_DEFINITION,
+      );
+      const masterKeyHash = await helper.getFromUser(userId, MASTER_KEY_HASH_DEFINITION);
+      const masterKeyEncryptedUserKey = await helper.getFromUser(
+        userId,
+        MASTER_KEY_ENCRYPTED_USER_KEY_DEFINITION,
+      );
+      if (account != null) {
+        if (forceSetPasswordReason != null) {
+          account.profile = Object.assign(account.profile ?? {}, {
+            forceSetPasswordReason,
+          });
+        }
+        if (masterKeyHash != null) {
+          account.profile = Object.assign(account.profile ?? {}, {
+            keyHash: masterKeyHash,
+          });
+        }
+        if (masterKeyEncryptedUserKey != null) {
+          account.keys = Object.assign(account.keys ?? {}, {
+            masterKeyEncryptedUserKey,
+          });
+        }
+        await helper.set(userId, account);
+      }
+
+      await helper.setToUser(userId, FORCE_SET_PASSWORD_REASON_DEFINITION, null);
+      await helper.setToUser(userId, MASTER_KEY_HASH_DEFINITION, null);
+    }
+
+    await Promise.all([...accounts.map(({ userId, account }) => rollbackAccount(userId, account))]);
+  }
+}