bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-16 00:03:56 +00:00
Code Issues Releases Wiki Activity

Return correct master password hash from login strategies (#8518)

Browse Source
This commit is contained in:
Jake Fink
2024-03-27 17:17:17 -04:00
committed by GitHub
parent 5de2177175
commit aaa745ec36
2 changed files with 16 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
libs/auth/src/common/login-strategies/password-login.strategy.ts
View File

@@ -63,14 +63,12 @@ export class PasswordLoginStrategyData implements LoginStrategyData {
} }
export class PasswordLoginStrategy extends LoginStrategy { export class PasswordLoginStrategy extends LoginStrategy {
/** /** The email address of the user attempting to log in. */
* The email address of the user attempting to log in.
*/
email$: Observable<string>; email$: Observable<string>;
/** /** The master key hash used for authentication */
* The master key hash of the user attempting to log in. serverMasterKeyHash$: Observable<string>;
*/ /** The local master key hash we store client side */
masterKeyHash$: Observable<string | null>; localMasterKeyHash$: Observable<string | null>;
protected cache: BehaviorSubject<PasswordLoginStrategyData>; protected cache: BehaviorSubject<PasswordLoginStrategyData>;
@@ -107,7 +105,10 @@ export class PasswordLoginStrategy extends LoginStrategy {
this.cache = new BehaviorSubject(data); this.cache = new BehaviorSubject(data);
this.email$ = this.cache.pipe(map((state) => state.tokenRequest.email)); this.email$ = this.cache.pipe(map((state) => state.tokenRequest.email));
this.masterKeyHash$ = this.cache.pipe(map((state) => state.localMasterKeyHash)); this.serverMasterKeyHash$ = this.cache.pipe(
map((state) => state.tokenRequest.masterPasswordHash),
);
this.localMasterKeyHash$ = this.cache.pipe(map((state) => state.localMasterKeyHash));
} }
override async logIn(credentials: PasswordLoginCredentials) { override async logIn(credentials: PasswordLoginCredentials) {
@@ -123,11 +124,14 @@ export class PasswordLoginStrategy extends LoginStrategy {
data.masterKey, data.masterKey,
HashPurpose.LocalAuthorization, HashPurpose.LocalAuthorization,
); );
const masterKeyHash = await this.cryptoService.hashMasterKey(masterPassword, data.masterKey); const serverMasterKeyHash = await this.cryptoService.hashMasterKey(
masterPassword,
data.masterKey,
);
data.tokenRequest = new PasswordTokenRequest( data.tokenRequest = new PasswordTokenRequest(
email, email,
masterKeyHash, serverMasterKeyHash,
captchaToken, captchaToken,
await this.buildTwoFactor(twoFactor, email), await this.buildTwoFactor(twoFactor, email),
await this.buildDeviceRequest(), await this.buildDeviceRequest(),

4
libs/auth/src/common/services/login-strategies/login-strategy.service.ts
View File

@@ -137,8 +137,8 @@ export class LoginStrategyService implements LoginStrategyServiceAbstraction {
async getMasterPasswordHash(): Promise<string | null> { async getMasterPasswordHash(): Promise<string | null> {
const strategy = await firstValueFrom(this.loginStrategy$); const strategy = await firstValueFrom(this.loginStrategy$);
if ("masterKeyHash$" in strategy) { if ("serverMasterKeyHash$" in strategy) {
return await firstValueFrom(strategy.masterKeyHash$); return await firstValueFrom(strategy.serverMasterKeyHash$);
} }
return null; return null;
} }