[PM-5362]Create MP Service for state provider migration (#7623)

* create mp and kdf service

* update mp service interface to not rely on active user

* rename observable methods

* update crypto service with new MP service

* add master password service to login strategies
- make fake service for easier testing
- fix crypto service tests

* update auth service and finish strategies

* auth request refactors

* more service refactors and constructor updates

* setMasterKey refactors

* remove master key methods from crypto service

* remove master key and hash from state service

* missed fixes

* create migrations and fix references

* fix master key imports

* default force set password reason to none

* add password reset reason observable factory to service

* remove kdf changes and migrate only disk data

* update migration number

* fix sync service deps

* use disk for force set password state

* fix desktop migration

* fix sso test

* fix tests

* fix more tests

* fix even more tests

* fix even more tests

* fix cli

* remove kdf service abstraction

* add missing deps for browser

* fix merge conflicts

* clear reset password reason on lock or logout

* fix tests

* fix other tests

* add jsdocs to abstraction

* use state provider in crypto service

* inverse master password service factory

* add clearOn to master password service

* add parameter validation to master password service

* add component level userId

* add missed userId

* migrate key hash

* fix login strategy service

* delete crypto master key from account

* migrate master key encrypted user key

* rename key hash to master key hash

* use mp service for getMasterKeyEncryptedUserKey

* fix tests

libs/common/src/services/vault-timeout/vault-timeout.service.spec.ts

@@ -1,17 +1,21 @@
 import { MockProxy, any, mock } from "jest-mock-extended";
 import { BehaviorSubject } from "rxjs";
 
+import { FakeAccountService, mockAccountServiceWith } from "../../../spec/fake-account-service";
 import { SearchService } from "../../abstractions/search.service";
 import { VaultTimeoutSettingsService } from "../../abstractions/vault-timeout/vault-timeout-settings.service";
 import { AuthService } from "../../auth/abstractions/auth.service";
 import { AuthenticationStatus } from "../../auth/enums/authentication-status";
+import { FakeMasterPasswordService } from "../../auth/services/master-password/fake-master-password.service";
 import { VaultTimeoutAction } from "../../enums/vault-timeout-action.enum";
 import { CryptoService } from "../../platform/abstractions/crypto.service";
 import { MessagingService } from "../../platform/abstractions/messaging.service";
 import { PlatformUtilsService } from "../../platform/abstractions/platform-utils.service";
 import { StateService } from "../../platform/abstractions/state.service";
+import { Utils } from "../../platform/misc/utils";
 import { Account } from "../../platform/models/domain/account";
 import { StateEventRunnerService } from "../../platform/state";
+import { UserId } from "../../types/guid";
 import { CipherService } from "../../vault/abstractions/cipher.service";
 import { CollectionService } from "../../vault/abstractions/collection.service";
 import { FolderService } from "../../vault/abstractions/folder/folder.service.abstraction";
@@ -19,6 +23,8 @@ import { FolderService } from "../../vault/abstractions/folder/folder.service.ab
 import { VaultTimeoutService } from "./vault-timeout.service";
 
 describe("VaultTimeoutService", () => {
+  let accountService: FakeAccountService;
+  let masterPasswordService: FakeMasterPasswordService;
   let cipherService: MockProxy<CipherService>;
   let folderService: MockProxy<FolderService>;
   let collectionService: MockProxy<CollectionService>;
@@ -39,7 +45,11 @@ describe("VaultTimeoutService", () => {
 
   let vaultTimeoutService: VaultTimeoutService;
 
+  const userId = Utils.newGuid() as UserId;
+
   beforeEach(() => {
+    accountService = mockAccountServiceWith(userId);
+    masterPasswordService = new FakeMasterPasswordService();
     cipherService = mock();
     folderService = mock();
     collectionService = mock();
@@ -66,6 +76,8 @@ describe("VaultTimeoutService", () => {
     availableVaultTimeoutActionsSubject = new BehaviorSubject<VaultTimeoutAction[]>([]);
 
     vaultTimeoutService = new VaultTimeoutService(
+      accountService,
+      masterPasswordService,
       cipherService,
       folderService,
       collectionService,
@@ -123,6 +135,15 @@ describe("VaultTimeoutService", () => {
 
     stateService.activeAccount$ = new BehaviorSubject<string>(globalSetups?.userId);
 
+    if (globalSetups?.userId) {
+      accountService.activeAccountSubject.next({
+        id: globalSetups.userId as UserId,
+        status: accounts[globalSetups.userId]?.authStatus,
+        email: null,
+        name: null,
+      });
+    }
+
     platformUtilsService.isViewOpen.mockResolvedValue(globalSetups?.isViewOpen ?? false);
 
     vaultTimeoutSettingsService.vaultTimeoutAction$.mockImplementation((userId) => {
@@ -156,8 +177,8 @@ describe("VaultTimeoutService", () => {
     expect(vaultTimeoutSettingsService.availableVaultTimeoutActions$).toHaveBeenCalledWith(userId);
     expect(stateService.setEverBeenUnlocked).toHaveBeenCalledWith(true, { userId: userId });
     expect(stateService.setUserKeyAutoUnlock).toHaveBeenCalledWith(null, { userId: userId });
+    expect(masterPasswordService.mock.setMasterKey).toHaveBeenCalledWith(null, userId);
     expect(cryptoService.clearUserKey).toHaveBeenCalledWith(false, userId);
-    expect(cryptoService.clearMasterKey).toHaveBeenCalledWith(userId);
     expect(cipherService.clearCache).toHaveBeenCalledWith(userId);
     expect(lockedCallback).toHaveBeenCalledWith(userId);
   };

libs/common/src/services/vault-timeout/vault-timeout.service.ts

@@ -3,7 +3,9 @@ import { firstValueFrom, timeout } from "rxjs";
 import { SearchService } from "../../abstractions/search.service";
 import { VaultTimeoutSettingsService } from "../../abstractions/vault-timeout/vault-timeout-settings.service";
 import { VaultTimeoutService as VaultTimeoutServiceAbstraction } from "../../abstractions/vault-timeout/vault-timeout.service";
+import { AccountService } from "../../auth/abstractions/account.service";
 import { AuthService } from "../../auth/abstractions/auth.service";
+import { InternalMasterPasswordServiceAbstraction } from "../../auth/abstractions/master-password.service.abstraction";
 import { AuthenticationStatus } from "../../auth/enums/authentication-status";
 import { ClientType } from "../../enums";
 import { VaultTimeoutAction } from "../../enums/vault-timeout-action.enum";
@@ -21,6 +23,8 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
   private inited = false;
 
   constructor(
+    private accountService: AccountService,
+    private masterPasswordService: InternalMasterPasswordServiceAbstraction,
     private cipherService: CipherService,
     private folderService: FolderService,
     private collectionService: CollectionService,
@@ -84,7 +88,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
       await this.logOut(userId);
     }
 
-    const currentUserId = await this.stateService.getUserId();
+    const currentUserId = (await firstValueFrom(this.accountService.activeAccount$)).id;
 
     if (userId == null || userId === currentUserId) {
       this.searchService.clearIndex();
@@ -92,12 +96,13 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
       await this.collectionService.clearActiveUserCache();
     }
 
+    await this.masterPasswordService.setMasterKey(null, (userId ?? currentUserId) as UserId);
+
     await this.stateService.setEverBeenUnlocked(true, { userId: userId });
     await this.stateService.setUserKeyAutoUnlock(null, { userId: userId });
     await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });
 
     await this.cryptoService.clearUserKey(false, userId);
-    await this.cryptoService.clearMasterKey(userId);
     await this.cryptoService.clearOrgKeys(true, userId);
     await this.cryptoService.clearKeyPair(true, userId);