Add-userid-to-encryption-methods (#14844)

* Get userId from response if available

This is a small improvement for the Auth team which avoids inspection of the access token, sometimes.

* Initialize sdk clients with a userId

* return both Cipher and encryptedFor when encrypting a cipher

Update cipher api requests to include encryptedFor attribute

* Prefer named types with documentation

* Update sdk to latest

* Fixup types

* Fixup tests

* Revert getting userId from identity token response

---------

Co-authored-by: Shane <smelton@bitwarden.com>

libs/common/src/platform/services/fido2/fido2-authenticator.service.spec.ts

@@ -6,7 +6,7 @@ import { BehaviorSubject, of } from "rxjs";
 import { mockAccountServiceWith } from "../../../../spec";
 import { Account } from "../../../auth/abstractions/account.service";
 import { UserId } from "../../../types/guid";
-import { CipherService } from "../../../vault/abstractions/cipher.service";
+import { CipherService, EncryptionContext } from "../../../vault/abstractions/cipher.service";
 import { SyncService } from "../../../vault/abstractions/sync/sync.service.abstraction";
 import { CipherRepromptType } from "../../../vault/enums/cipher-reprompt-type";
 import { CipherType } from "../../../vault/enums/cipher-type";
@@ -36,8 +36,9 @@ type ParentWindowReference = string;
 const RpId = "bitwarden.com";
 
 describe("FidoAuthenticatorService", () => {
+  const userId = "testId" as UserId;
   const activeAccountSubject = new BehaviorSubject<Account | null>({
-    id: "testId" as UserId,
+    id: userId,
     email: "test@example.com",
     emailVerified: true,
     name: "Test User",
@@ -254,7 +255,7 @@ describe("FidoAuthenticatorService", () => {
           cipherId: existingCipher.id,
           userVerified: false,
         });
-        cipherService.encrypt.mockResolvedValue(encryptedCipher as unknown as Cipher);
+        cipherService.encrypt.mockResolvedValue(encryptedCipher as unknown as EncryptionContext);
 
         await authenticator.makeCredential(params, windowReference);
 
@@ -325,7 +326,7 @@ describe("FidoAuthenticatorService", () => {
           cipherId: existingCipher.id,
           userVerified: false,
         });
-        cipherService.encrypt.mockResolvedValue(encryptedCipher as unknown as Cipher);
+        cipherService.encrypt.mockResolvedValue(encryptedCipher as unknown as EncryptionContext);
         cipherService.updateWithServer.mockRejectedValue(new Error("Internal error"));
 
         const result = async () => await authenticator.makeCredential(params, windowReference);
@@ -357,13 +358,13 @@ describe("FidoAuthenticatorService", () => {
         cipherService.decrypt.mockResolvedValue(cipher);
         cipherService.encrypt.mockImplementation(async (cipher) => {
           cipher.login.fido2Credentials[0].credentialId = credentialId; // Replace id for testability
-          return {} as any;
+          return { cipher: {} as any as Cipher, encryptedFor: userId };
         });
-        cipherService.createWithServer.mockImplementation(async (cipher) => {
+        cipherService.createWithServer.mockImplementation(async ({ cipher }) => {
           cipher.id = cipherId;
           return cipher;
         });
-        cipherService.updateWithServer.mockImplementation(async (cipher) => {
+        cipherService.updateWithServer.mockImplementation(async ({ cipher }) => {
           cipher.id = cipherId;
           return cipher;
         });

libs/common/src/platform/services/sdk/default-sdk.service.ts

@@ -180,9 +180,7 @@ export class DefaultSdkService implements SdkService {
           return () => client?.markForDisposal();
         });
       }),
-      tap({
-        finalize: () => this.sdkClientCache.delete(userId),
-      }),
+      tap({ finalize: () => this.sdkClientCache.delete(userId) }),
       shareReplay({ refCount: true, bufferSize: 1 }),
     );
 
@@ -205,9 +203,7 @@ export class DefaultSdkService implements SdkService {
       method: { decryptedKey: { decrypted_user_key: userKey.keyB64 } },
       kdfParams:
         kdfParams.kdfType === KdfType.PBKDF2_SHA256
-          ? {
-              pBKDF2: { iterations: kdfParams.iterations },
-            }
+          ? { pBKDF2: { iterations: kdfParams.iterations } }
           : {
               argon2id: {
                 iterations: kdfParams.iterations,