From a89e148804e20467c350e1f5b4ab91da9c58e65d Mon Sep 17 00:00:00 2001
From: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Date: Thu, 9 May 2024 13:24:11 -0400
Subject: [PATCH] [PM-7029] Remove key-rotation-feature-flag (#8816)

* Removed key rotation feature flag.

* Fixed tests

* Removed unused dependency.

* Remove KeyRotationImprovements from default const
---
 ...rganization-user-reset-password.service.ts | 19 -----------------
 .../services/emergency-access.service.ts      | 12 -----------
 .../user-key-rotation.service.spec.ts         | 11 ----------
 .../key-rotation/user-key-rotation.service.ts | 21 +------------------
 libs/common/src/enums/feature-flag.enum.ts    |  2 --
 5 files changed, 1 insertion(+), 64 deletions(-)

diff --git a/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts b/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts
index fcdbe1e4962..c029d2ecdbe 100644
--- a/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts
+++ b/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts
@@ -165,23 +165,4 @@ export class OrganizationUserResetPasswordService {
     }
     return requests;
   }
-
-  /**
-   * @deprecated Nov 6, 2023: Use new Key Rotation Service for posting rotated data.
-   */
-  async postLegacyRotation(
-    userId: string,
-    requests: OrganizationUserResetPasswordWithIdRequest[],
-  ): Promise<void> {
-    if (requests == null) {
-      return;
-    }
-    for (const request of requests) {
-      await this.organizationUserService.putOrganizationUserResetPasswordEnrollment(
-        request.organizationId,
-        userId,
-        request,
-      );
-    }
-  }
 }
diff --git a/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts b/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts
index 819b80c1ad7..a50a5adc6cb 100644
--- a/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts
+++ b/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts
@@ -328,16 +328,4 @@ export class EmergencyAccessService {
   private async encryptKey(userKey: UserKey, publicKey: Uint8Array): Promise<EncryptedString> {
     return (await this.cryptoService.rsaEncrypt(userKey.key, publicKey)).encryptedString;
   }
-
-  /**
-   * @deprecated Nov 6, 2023: Use new Key Rotation Service for posting rotated data.
-   */
-  async postLegacyRotation(requests: EmergencyAccessWithIdRequest[]): Promise<void> {
-    if (requests == null) {
-      return;
-    }
-    for (const request of requests) {
-      await this.emergencyAccessApiService.putEmergencyAccess(request.id, request);
-    }
-  }
 }
diff --git a/apps/web/src/app/auth/key-rotation/user-key-rotation.service.spec.ts b/apps/web/src/app/auth/key-rotation/user-key-rotation.service.spec.ts
index ec685569318..792ae15690f 100644
--- a/apps/web/src/app/auth/key-rotation/user-key-rotation.service.spec.ts
+++ b/apps/web/src/app/auth/key-rotation/user-key-rotation.service.spec.ts
@@ -82,7 +82,6 @@ describe("KeyRotationService", () => {
       mockEncryptService,
       mockStateService,
       mockAccountService,
-      mockConfigService,
       mockKdfConfigService,
     );
   });
@@ -191,16 +190,6 @@ describe("KeyRotationService", () => {
       );
     });
 
-    it("uses legacy rotation if feature flag is off", async () => {
-      mockConfigService.getFeatureFlag.mockResolvedValueOnce(false);
-
-      await keyRotationService.rotateUserKeyAndEncryptedData("mockMasterPassword");
-
-      expect(mockApiService.postUserKeyUpdate).toHaveBeenCalled();
-      expect(mockEmergencyAccessService.postLegacyRotation).toHaveBeenCalled();
-      expect(mockResetPasswordService.postLegacyRotation).toHaveBeenCalled();
-    });
-
     it("throws if server rotation fails", async () => {
       mockApiService.postUserKeyUpdate.mockRejectedValueOnce(new Error("mockError"));
 
diff --git a/apps/web/src/app/auth/key-rotation/user-key-rotation.service.ts b/apps/web/src/app/auth/key-rotation/user-key-rotation.service.ts
index dc5f9337247..2763de71b37 100644
--- a/apps/web/src/app/auth/key-rotation/user-key-rotation.service.ts
+++ b/apps/web/src/app/auth/key-rotation/user-key-rotation.service.ts
@@ -5,8 +5,6 @@ import { AccountService } from "@bitwarden/common/auth/abstractions/account.serv
 import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractions/device-trust.service.abstraction";
 import { KdfConfigService } from "@bitwarden/common/auth/abstractions/kdf-config.service";
 import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction";
-import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
-import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
 import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
 import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
@@ -39,7 +37,6 @@ export class UserKeyRotationService {
     private encryptService: EncryptService,
     private stateService: StateService,
     private accountService: AccountService,
-    private configService: ConfigService,
     private kdfConfigService: KdfConfigService,
   ) {}
 
@@ -90,11 +87,7 @@ export class UserKeyRotationService {
     request.emergencyAccessKeys = await this.emergencyAccessService.getRotatedKeys(newUserKey);
     request.resetPasswordKeys = await this.resetPasswordService.getRotatedKeys(newUserKey);
 
-    if (await this.configService.getFeatureFlag(FeatureFlag.KeyRotationImprovements)) {
-      await this.apiService.postUserKeyUpdate(request);
-    } else {
-      await this.rotateUserKeyAndEncryptedDataLegacy(request);
-    }
+    await this.apiService.postUserKeyUpdate(request);
 
     const activeAccount = await firstValueFrom(this.accountService.activeAccount$);
     await this.deviceTrustService.rotateDevicesTrust(
@@ -139,16 +132,4 @@ export class UserKeyRotationService {
       }),
     );
   }
-
-  private async rotateUserKeyAndEncryptedDataLegacy(request: UpdateKeyRequest): Promise<void> {
-    // Update keys, ciphers, folders, and sends
-    await this.apiService.postUserKeyUpdate(request);
-
-    // Update emergency access keys
-    await this.emergencyAccessService.postLegacyRotation(request.emergencyAccessKeys);
-
-    // Update account recovery keys
-    const userId = await this.stateService.getUserId();
-    await this.resetPasswordService.postLegacyRotation(userId, request.resetPasswordKeys);
-  }
 }
diff --git a/libs/common/src/enums/feature-flag.enum.ts b/libs/common/src/enums/feature-flag.enum.ts
index 221b251f3c5..ef8c4d61e41 100644
--- a/libs/common/src/enums/feature-flag.enum.ts
+++ b/libs/common/src/enums/feature-flag.enum.ts
@@ -9,7 +9,6 @@ export enum FeatureFlag {
   FlexibleCollectionsV1 = "flexible-collections-v-1", // v-1 is intentional
   VaultOnboarding = "vault-onboarding",
   GeneratorToolsModernization = "generator-tools-modernization",
-  KeyRotationImprovements = "key-rotation-improvements",
   FlexibleCollectionsMigration = "flexible-collections-migration",
   ShowPaymentMethodWarningBanners = "show-payment-method-warning-banners",
   EnableConsolidatedBilling = "enable-consolidated-billing",
@@ -37,7 +36,6 @@ export const DefaultFeatureFlagValue = {
   [FeatureFlag.FlexibleCollectionsV1]: FALSE,
   [FeatureFlag.VaultOnboarding]: FALSE,
   [FeatureFlag.GeneratorToolsModernization]: FALSE,
-  [FeatureFlag.KeyRotationImprovements]: FALSE,
   [FeatureFlag.FlexibleCollectionsMigration]: FALSE,
   [FeatureFlag.ShowPaymentMethodWarningBanners]: FALSE,
   [FeatureFlag.EnableConsolidatedBilling]: FALSE,