Added support for handling a locked vault

Handle unlocktimeout
2025-12-15 15:53:27 +00:00 · 2025-03-19 23:52:12 +01:00
parent d902a0d953
commit b676f9b8a5
2 changed files with 41 additions and 5 deletions
--- a/apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts
+++ b/apps/desktop/src/autofill/services/desktop-fido2-user-interface.service.ts
@@ -253,10 +253,24 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi
    }
  }

-  private async showUi(route: string, position?: { x: number; y: number }): Promise<void> {
+  private async hideUi(): Promise<void> {
+    await this.desktopSettingsService.setModalMode(false);
+    await this.router.navigate(["/"]);
+  }
+
+  private async showUi(
+    route: string,
+    position?: { x: number; y: number },
+    disableRedirect?: boolean,
+  ): Promise<void> {
    // Load the UI:
    await this.desktopSettingsService.setModalMode(true, position);
-    await this.router.navigate([route]);
+    await this.router.navigate([
+      route,
+      {
+        "disable-redirect": disableRedirect || null,
+      },
+    ]);
  }

  /**
@@ -323,7 +337,25 @@ export class DesktopFido2UserInterfaceSession implements Fido2UserInterfaceSessi

    const status = await firstValueFrom(this.authService.activeAccountStatus$);
    if (status !== AuthenticationStatus.Unlocked) {
-      throw new Error("Vault is not unlocked");
+      await this.showUi("/lock", this.windowObject.windowXy, true);
+
+      let status2: AuthenticationStatus;
+      try {
+        status2 = await lastValueFrom(
+          this.authService.activeAccountStatus$.pipe(
+            filter((s) => s === AuthenticationStatus.Unlocked),
+            take(1),
+            timeout(1000 * 60 * 5), // 5 minutes
+          ),
+        );
+      } catch (error) {
+        this.logService.warning("Error while waiting for vault to unlock", error);
+      }
+
+      if (status2 !== AuthenticationStatus.Unlocked) {
+        await this.hideUi();
+        throw new Error("Vault is not unlocked");
+      }
    }
  }

--- a/libs/key-management-ui/src/lock/components/lock.component.ts
+++ b/libs/key-management-ui/src/lock/components/lock.component.ts
@@ -1,7 +1,7 @@
 import { CommonModule } from "@angular/common";
 import { Component, NgZone, OnDestroy, OnInit } from "@angular/core";
 import { FormBuilder, FormGroup, ReactiveFormsModule, Validators } from "@angular/forms";
-import { Router } from "@angular/router";
+import { Router, ActivatedRoute } from "@angular/router";
 import {
  BehaviorSubject,
  firstValueFrom,
@@ -136,6 +136,7 @@ export class LockComponent implements OnInit, OnDestroy {
    private keyService: KeyService,
    private platformUtilsService: PlatformUtilsService,
    private router: Router,
+    private activatedRoute: ActivatedRoute,
    private dialogService: DialogService,
    private messagingService: MessagingService,
    private biometricStateService: BiometricStateService,
@@ -621,7 +622,10 @@ export class LockComponent implements OnInit, OnDestroy {
    }

    // determine success route based on client type
-    if (this.clientType != null) {
+    if (
+      this.clientType != null &&
+      this.activatedRoute.snapshot.paramMap.get("disable-redirect") === null
+    ) {
      const successRoute = clientTypeToSuccessRouteRecord[this.clientType];
      await this.router.navigate([successRoute]);
    }