[PM-5363] PinService State Providers (#8244)

* move pinKeyEncryptedUserKey

* move pinKeyEncryptedUserKeyEphemeral

* remove comments, move docs

* cleanup

* use UserKeyDefinition

* refactor methods

* add migration

* fix browser dependency

* add tests for migration

* rename to pinService

* move state to PinService

* add PinService dep to CryptoService

* move protectedPin to state provider

* update service deps

* renaming

* move decryptUserKeyWithPin to pinService

* update service injection

* move more methods our of crypto service

* remove CryptoService dep from PinService and update service injection

* remove cryptoService reference

* add method to FakeMasterPasswordService

* fix circular dependency

* fix desktop service injection

* update browser dependencies

* add protectedPin to migrations

* move storePinKey to pinService

* update and clarify documentation

* more jsdoc updates

* update import paths

* refactor isPinLockSet method

* update state definitions

* initialize service before injecting into other services

* initialize service before injecting into other services (bw.ts)

* update clearOn and do additional cleanup

* clarify docs and naming

* assign abstract & private methods, add clarity to decryptAndMigrateOldPinKeyEncryptedMasterKey() method

* derived state (attempt)

* fix typos

* use accountService to get active user email

* use constant userId

* add derived state

* add get and clear for oldPinKeyEncryptedMasterKey

* require userId

* move pinProtected

* add clear methods

* remove pinProtected from account.ts and replace methods

* add methods to create and store pinKeyEncryptedUserKey

* add pinProtected/oldPinKeyEncrypterMasterKey to migration

* update migration tests

* update migration rollback tests

* update to systemService and decryptAndMigrate... method

* remove old test

* increase length of state definition name to meet test requirements

* rename 'TRANSIENT' to 'EPHEMERAL' for consistency

* fix tests for login strategies, vault-export, and fake MP service

* more updates to login-strategy tests

* write new tests for core pinKeyEncrypterUserKey methods and isPinSet

* write new tests for pinProtected and oldPinKeyEncryptedMasterKey methods

* minor test reformatting

* update test for decryptUserKeyWithPin()

* fix bug with oldPinKeyEncryptedMasterKey

* fix tests for vault-timeout-settings.service

* fix bitwarden-password-protected-importer test

* fix login strategy tests and auth-request.service test

* update pinService tests

* fix crypto service tests

* add jsdoc

* fix test file import

* update jsdocs for decryptAndMigrateOldPinKeyEncryptedMasterKey()

* update error messages and jsdocs

* add null checks, move userId retrievals

* update migration tests

* update stateService calls to require userId

* update test for decryptUserKeyWithPin()

* update oldPinKeyEncryptedMasterKey migration tests

* more test updates

* fix factory import

* update tests for isPinSet() and createProtectedPin()

* add test for makePinKey()

* add test for createPinKeyEncryptedUserKey()

* add tests for getPinLockType()

* consolidate userId verification tests

* add tests for storePinKeyEncryptedUserKey()

* fix service dep

* get email based on userId

* use MasterPasswordService instead of internal

* rename protectedPin to userKeyEncryptedPin

* rename to pinKeyEncryptedUserKeyPersistent

* update method params

* fix CryptoService tests

* jsdoc update

* use EncString for userKeyEncryptedPin

* remove comment

* use cryptoFunctionService.compareFast()

* update tests

* cleanup, remove comments

* resolve merge conflict

* fix DI of MasterPasswordService

* more DI fixes

libs/common/src/platform/models/domain/account-settings.spec.ts

@@ -1,24 +1,9 @@
-import { AccountSettings, EncryptionPair } from "./account";
-import { EncString } from "./enc-string";
+import { AccountSettings } from "./account";
 
 describe("AccountSettings", () => {
   describe("fromJSON", () => {
     it("should deserialize to an instance of itself", () => {
       expect(AccountSettings.fromJSON(JSON.parse("{}"))).toBeInstanceOf(AccountSettings);
     });
-
-    it("should deserialize pinProtected", () => {
-      const accountSettings = new AccountSettings();
-      accountSettings.pinProtected = EncryptionPair.fromJSON<string, EncString>({
-        encrypted: "encrypted",
-        decrypted: "3.data",
-      });
-      const jsonObj = JSON.parse(JSON.stringify(accountSettings));
-      const actual = AccountSettings.fromJSON(jsonObj);
-
-      expect(actual.pinProtected).toBeInstanceOf(EncryptionPair);
-      expect(actual.pinProtected.encrypted).toEqual("encrypted");
-      expect(actual.pinProtected.decrypted.encryptedString).toEqual("3.data");
-    });
   });
 });

libs/common/src/platform/models/domain/account.ts

@@ -11,7 +11,6 @@ import { DeepJsonify } from "../../../types/deep-jsonify";
 import { KdfType } from "../../enums";
 import { Utils } from "../../misc/utils";
 
-import { EncryptedString, EncString } from "./enc-string";
 import { SymmetricCryptoKey } from "./symmetric-crypto-key";
 
 export class EncryptionPair<TEncrypted, TDecrypted> {
@@ -148,26 +147,15 @@ export class AccountSettings {
   passwordGenerationOptions?: PasswordGeneratorOptions;
   usernameGenerationOptions?: UsernameGeneratorOptions;
   generatorOptions?: GeneratorOptions;
-  pinKeyEncryptedUserKey?: EncryptedString;
-  pinKeyEncryptedUserKeyEphemeral?: EncryptedString;
-  protectedPin?: string;
   vaultTimeout?: number;
   vaultTimeoutAction?: string = "lock";
 
-  /** @deprecated July 2023, left for migration purposes*/
-  pinProtected?: EncryptionPair<string, EncString> = new EncryptionPair<string, EncString>();
-
   static fromJSON(obj: Jsonify<AccountSettings>): AccountSettings {
     if (obj == null) {
       return null;
     }
 
-    return Object.assign(new AccountSettings(), obj, {
-      pinProtected: EncryptionPair.fromJSON<string, EncString>(
-        obj?.pinProtected,
-        EncString.fromJSON,
-      ),
-    });
+    return Object.assign(new AccountSettings(), obj);
   }
 }