Specify clearOn options for platform services (#8584)

* Use UserKeys in biometric state * Remove global clear todo. Answer is never * User UserKeys in crypto state * Clear userkey on both lock and logout via User Key Definitions * Use UserKeyDefinitions in environment service * Rely on userKeyDefinition to clear org keys * Rely on userKeyDefinition to clear provider keys * Rely on userKeyDefinition to clear user keys * Rely on userKeyDefinitions to clear user asym key pair
2025-12-17 16:53:34 +00:00 · 2024-04-09 10:17:00 -05:00
parent aefea43fff
commit c02723d6a6
15 changed files with 169 additions and 365 deletions
--- a/libs/common/src/platform/services/key-state/org-keys.state.ts
+++ b/libs/common/src/platform/services/key-state/org-keys.state.ts
@@ -4,13 +4,14 @@ import { OrganizationId } from "../../../types/guid";
 import { OrgKey } from "../../../types/key";
 import { CryptoService } from "../../abstractions/crypto.service";
 import { SymmetricCryptoKey } from "../../models/domain/symmetric-crypto-key";
-import { KeyDefinition, CRYPTO_DISK, DeriveDefinition } from "../../state";
+import { CRYPTO_DISK, DeriveDefinition, UserKeyDefinition } from "../../state";

-export const USER_ENCRYPTED_ORGANIZATION_KEYS = KeyDefinition.record<
+export const USER_ENCRYPTED_ORGANIZATION_KEYS = UserKeyDefinition.record<
  EncryptedOrganizationKeyData,
  OrganizationId
 >(CRYPTO_DISK, "organizationKeys", {
  deserializer: (obj) => obj,
+  clearOn: ["logout"],
 });

 export const USER_ORGANIZATION_KEYS = DeriveDefinition.from<