Update decryptUserKeyWithMasterKey to requireUserId (#11560)

* Updated decryptUserKeyWithMasterKey to requireUserId * Removed unintended extra character. * Added dependency to LogService. * Fixed unlock command.
2025-12-15 15:53:27 +00:00 · 2024-11-01 11:21:18 -04:00
parent 5eae599b81
commit a049b553a6
19 changed files with 41 additions and 18 deletions
--- a/libs/auth/src/angular/lock/lock.component.ts
+++ b/libs/auth/src/angular/lock/lock.component.ts
@@ -483,6 +483,7 @@ export class LockV2Component implements OnInit, OnDestroy {

    const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(
      masterPasswordVerificationResponse.masterKey,
+      this.activeAccount.id,
    );
    await this.setUserKeyAndContinue(userKey, true);
  }
--- a/libs/auth/src/common/login-strategies/auth-request-login.strategy.ts
+++ b/libs/auth/src/common/login-strategies/auth-request-login.strategy.ts
@@ -114,7 +114,10 @@ export class AuthRequestLoginStrategy extends LoginStrategy {
  private async trySetUserKeyWithMasterKey(userId: UserId): Promise<void> {
    const masterKey = await firstValueFrom(this.masterPasswordService.masterKey$(userId));
    if (masterKey) {
-      const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
+      const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(
+        masterKey,
+        userId,
+      );
      await this.keyService.setUserKey(userKey, userId);
    }
  }
--- a/libs/auth/src/common/login-strategies/password-login.strategy.ts
+++ b/libs/auth/src/common/login-strategies/password-login.strategy.ts
@@ -183,7 +183,10 @@ export class PasswordLoginStrategy extends LoginStrategy {

    const masterKey = await firstValueFrom(this.masterPasswordService.masterKey$(userId));
    if (masterKey) {
-      const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
+      const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(
+        masterKey,
+        userId,
+      );
      await this.keyService.setUserKey(userKey, userId);
    }
  }
--- a/libs/auth/src/common/login-strategies/sso-login.strategy.spec.ts
+++ b/libs/auth/src/common/login-strategies/sso-login.strategy.spec.ts
@@ -496,7 +496,7 @@ describe("SsoLoginStrategy", () => {

      expect(masterPasswordService.mock.decryptUserKeyWithMasterKey).toHaveBeenCalledWith(
        masterKey,
-        undefined,
+        userId,
        undefined,
      );
      expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, userId);
@@ -552,7 +552,7 @@ describe("SsoLoginStrategy", () => {

      expect(masterPasswordService.mock.decryptUserKeyWithMasterKey).toHaveBeenCalledWith(
        masterKey,
-        undefined,
+        userId,
        undefined,
      );
      expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, userId);
--- a/libs/auth/src/common/login-strategies/sso-login.strategy.ts
+++ b/libs/auth/src/common/login-strategies/sso-login.strategy.ts
@@ -338,7 +338,7 @@ export class SsoLoginStrategy extends LoginStrategy {
      return;
    }

-    const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
+    const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey, userId);
    await this.keyService.setUserKey(userKey, userId);
  }

--- a/libs/auth/src/common/login-strategies/user-api-login.strategy.spec.ts
+++ b/libs/auth/src/common/login-strategies/user-api-login.strategy.spec.ts
@@ -213,7 +213,7 @@ describe("UserApiLoginStrategy", () => {

    expect(masterPasswordService.mock.decryptUserKeyWithMasterKey).toHaveBeenCalledWith(
      masterKey,
-      undefined,
+      userId,
      undefined,
    );
    expect(keyService.setUserKey).toHaveBeenCalledWith(userKey, userId);
--- a/libs/auth/src/common/login-strategies/user-api-login.strategy.ts
+++ b/libs/auth/src/common/login-strategies/user-api-login.strategy.ts
@@ -69,7 +69,10 @@ export class UserApiLoginStrategy extends LoginStrategy {
    if (response.apiUseKeyConnector) {
      const masterKey = await firstValueFrom(this.masterPasswordService.masterKey$(userId));
      if (masterKey) {
-        const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
+        const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(
+          masterKey,
+          userId,
+        );
        await this.keyService.setUserKey(userKey, userId);
      }
    }
--- a/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts
+++ b/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts
@@ -200,7 +200,7 @@ describe("AuthRequestService", () => {
      );
      expect(masterPasswordService.mock.decryptUserKeyWithMasterKey).toHaveBeenCalledWith(
        mockDecryptedMasterKey,
-        undefined,
+        mockUserId,
        undefined,
      );
      expect(keyService.setUserKey).toHaveBeenCalledWith(mockDecryptedUserKey, mockUserId);
--- a/libs/auth/src/common/services/auth-request/auth-request.service.ts
+++ b/libs/auth/src/common/services/auth-request/auth-request.service.ts
@@ -150,7 +150,7 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
    );

    // Decrypt and set user key in state
-    const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey);
+    const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey, userId);

    // Set masterKey + masterKeyHash in state after decryption (in case decryption fails)
    await this.masterPasswordService.setMasterKey(masterKey, userId);
--- a/libs/auth/src/common/services/pin/pin.service.implementation.ts
+++ b/libs/auth/src/common/services/pin/pin.service.implementation.ts
@@ -418,6 +418,7 @@ export class PinService implements PinServiceAbstraction {

    const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(
      masterKey,
+      userId,
      encUserKey ? new EncString(encUserKey) : undefined,
    );