Add-userid-to-encryption-methods (#14844)

* Get userId from response if available This is a small improvement for the Auth team which avoids inspection of the access token, sometimes. * Initialize sdk clients with a userId * return both Cipher and encryptedFor when encrypting a cipher Update cipher api requests to include encryptedFor attribute * Prefer named types with documentation * Update sdk to latest * Fixup types * Fixup tests * Revert getting userId from identity token response --------- Co-authored-by: Shane <smelton@bitwarden.com>
2025-12-17 16:53:34 +00:00 · 2025-05-30 10:50:54 -07:00
parent 4e112e2daa
commit 9f9cb0d13d
19 changed files with 212 additions and 227 deletions
--- a/libs/common/src/vault/models/data/field.data.ts
+++ b/libs/common/src/vault/models/data/field.data.ts
@@ -7,7 +7,7 @@ export class FieldData {
  type: FieldType;
  name: string;
  value: string;
-  linkedId: LinkedIdType;
+  linkedId: LinkedIdType | null;

  constructor(response?: FieldApi) {
    if (response == null) {
--- a/libs/common/src/vault/models/request/cipher-bulk-share.request.ts
+++ b/libs/common/src/vault/models/request/cipher-bulk-share.request.ts
@@ -1,5 +1,6 @@
 // FIXME: Update this file to be type safe and remove this and next line
 // @ts-strict-ignore
+import { UserId } from "../../../types/guid";
 import { Cipher } from "../domain/cipher";

 import { CipherWithIdRequest } from "./cipher-with-id.request";
@@ -8,11 +9,15 @@ export class CipherBulkShareRequest {
  ciphers: CipherWithIdRequest[];
  collectionIds: string[];

-  constructor(ciphers: Cipher[], collectionIds: string[]) {
+  constructor(
+    ciphers: Cipher[],
+    collectionIds: string[],
+    readonly encryptedFor: UserId,
+  ) {
    if (ciphers != null) {
      this.ciphers = [];
      ciphers.forEach((c) => {
-        this.ciphers.push(new CipherWithIdRequest(c));
+        this.ciphers.push(new CipherWithIdRequest({ cipher: c, encryptedFor }));
      });
    }
    this.collectionIds = collectionIds;
--- a/libs/common/src/vault/models/request/cipher-create.request.ts
+++ b/libs/common/src/vault/models/request/cipher-create.request.ts
@@ -1,4 +1,4 @@
-import { Cipher } from "../domain/cipher";
+import { EncryptionContext } from "../../abstractions/cipher.service";

 import { CipherRequest } from "./cipher.request";

@@ -6,8 +6,8 @@ export class CipherCreateRequest {
  cipher: CipherRequest;
  collectionIds: string[];

-  constructor(cipher: Cipher) {
-    this.cipher = new CipherRequest(cipher);
+  constructor({ cipher, encryptedFor }: EncryptionContext) {
+    this.cipher = new CipherRequest({ cipher, encryptedFor });
    this.collectionIds = cipher.collectionIds;
  }
 }
--- a/libs/common/src/vault/models/request/cipher-share.request.ts
+++ b/libs/common/src/vault/models/request/cipher-share.request.ts
@@ -1,4 +1,4 @@
-import { Cipher } from "../domain/cipher";
+import { EncryptionContext } from "../../abstractions/cipher.service";

 import { CipherRequest } from "./cipher.request";

@@ -6,8 +6,8 @@ export class CipherShareRequest {
  cipher: CipherRequest;
  collectionIds: string[];

-  constructor(cipher: Cipher) {
-    this.cipher = new CipherRequest(cipher);
+  constructor({ cipher, encryptedFor }: EncryptionContext) {
+    this.cipher = new CipherRequest({ cipher, encryptedFor });
    this.collectionIds = cipher.collectionIds;
  }
 }
--- a/libs/common/src/vault/models/request/cipher-with-id.request.ts
+++ b/libs/common/src/vault/models/request/cipher-with-id.request.ts
@@ -1,12 +1,12 @@
-import { Cipher } from "../domain/cipher";
+import { EncryptionContext } from "../../abstractions/cipher.service";

 import { CipherRequest } from "./cipher.request";

 export class CipherWithIdRequest extends CipherRequest {
  id: string;

-  constructor(cipher: Cipher) {
-    super(cipher);
+  constructor({ cipher, encryptedFor }: EncryptionContext) {
+    super({ cipher, encryptedFor });
    this.id = cipher.id;
  }
 }
--- a/libs/common/src/vault/models/request/cipher.request.ts
+++ b/libs/common/src/vault/models/request/cipher.request.ts
@@ -1,5 +1,7 @@
 // FIXME: Update this file to be type safe and remove this and next line
 // @ts-strict-ignore
+import { UserId } from "../../../types/guid";
+import { EncryptionContext } from "../../abstractions/cipher.service";
 import { CipherRepromptType } from "../../enums/cipher-reprompt-type";
 import { CipherType } from "../../enums/cipher-type";
 import { CardApi } from "../api/card.api";
@@ -10,12 +12,12 @@ import { LoginUriApi } from "../api/login-uri.api";
 import { LoginApi } from "../api/login.api";
 import { SecureNoteApi } from "../api/secure-note.api";
 import { SshKeyApi } from "../api/ssh-key.api";
-import { Cipher } from "../domain/cipher";

 import { AttachmentRequest } from "./attachment.request";
 import { PasswordHistoryRequest } from "./password-history.request";

 export class CipherRequest {
+  encryptedFor: UserId;
  type: CipherType;
  folderId: string;
  organizationId: string;
@@ -36,8 +38,9 @@ export class CipherRequest {
  reprompt: CipherRepromptType;
  key: string;

-  constructor(cipher: Cipher) {
+  constructor({ cipher, encryptedFor }: EncryptionContext) {
    this.type = cipher.type;
+    this.encryptedFor = encryptedFor;
    this.folderId = cipher.folderId;
    this.organizationId = cipher.organizationId;
    this.name = cipher.name ? cipher.name.encryptedString : null;
--- a/libs/common/src/vault/models/view/cipher.view.ts
+++ b/libs/common/src/vault/models/view/cipher.view.ts
@@ -25,7 +25,7 @@ export class CipherView implements View, InitializerMetadata {
  readonly initializerKey = InitializerKey.CipherView;

  id: string = null;
-  organizationId: string = null;
+  organizationId: string | undefined = null;
  folderId: string = null;
  name: string = null;
  notes: string = null;