[PM-11764] Implement account switching and sdk initialization (#11472)

* feat: update sdk service abstraction with documentation and new `userClient$` function * feat: add uninitialized user client with cache * feat: initialize user crypto * feat: initialize org keys * fix: org crypto not initializing properly * feat: avoid creating clients unnecessarily * chore: remove dev print/subscription * fix: clean up cache * chore: update sdk version * feat: implement clean-up logic (#11504) * chore: bump sdk version to fix build issues * chore: bump sdk version to fix build issues * fix: missing constructor parameters * refactor: simplify free() and delete() calls * refactor: use a named function for client creation * fix: client never freeing after refactor * fix: broken impl and race condition in tests
2025-12-17 16:53:34 +00:00 · 2024-10-18 16:15:10 +02:00
parent cdd5bd4387
commit c787ecd22c
12 changed files with 355 additions and 21 deletions
--- a/libs/common/src/platform/abstractions/crypto.service.ts
+++ b/libs/common/src/platform/abstractions/crypto.service.ts
@@ -1,5 +1,6 @@
 import { Observable } from "rxjs";

+import { EncryptedOrganizationKeyData } from "../../admin-console/models/data/encrypted-organization-key.data";
 import { ProfileOrganizationResponse } from "../../admin-console/models/response/profile-organization.response";
 import { ProfileProviderOrganizationResponse } from "../../admin-console/models/response/profile-provider-organization.response";
 import { ProfileProviderResponse } from "../../admin-console/models/response/profile-provider.response";
@@ -15,7 +16,7 @@ import {
  UserPublicKey,
 } from "../../types/key";
 import { KeySuffixOptions, HashPurpose } from "../enums";
-import { EncString } from "../models/domain/enc-string";
+import { EncryptedString, EncString } from "../models/domain/enc-string";
 import { SymmetricCryptoKey } from "../models/domain/symmetric-crypto-key";

 export class UserPrivateKeyDecryptionFailedError extends Error {
@@ -288,6 +289,17 @@ export abstract class CryptoService {
   */
  abstract userPrivateKey$(userId: UserId): Observable<UserPrivateKey>;

+  /**
+   * Gets an observable stream of the given users encrypted private key, will emit null if the user
+   * doesn't have an encrypted private key at all.
+   *
+   * @param userId The user id of the user to get the data for.
+   *
+   * @deprecated Temporary function to allow the SDK to be initialized after the login process, it
+   * will be removed when auth has been migrated to the SDK.
+   */
+  abstract userEncryptedPrivateKey$(userId: UserId): Observable<EncryptedString>;
+
  /**
   * Gets an observable stream of the given users decrypted private key with legacy support,
   * will emit null if the user doesn't have a UserKey to decrypt the encrypted private key
@@ -381,6 +393,18 @@ export abstract class CryptoService {
   */
  abstract orgKeys$(userId: UserId): Observable<Record<OrganizationId, OrgKey> | null>;

+  /**
+   * Gets an observable stream of the given users encrypted organisation keys.
+   *
+   * @param userId The user id of the user to get the data for.
+   *
+   * @deprecated Temporary function to allow the SDK to be initialized after the login process, it
+   * will be removed when auth has been migrated to the SDK.
+   */
+  abstract encryptedOrgKeys$(
+    userId: UserId,
+  ): Observable<Record<OrganizationId, EncryptedOrganizationKeyData>>;
+
  /**
   * Gets an observable stream of the users public key. If the user is does not have
   * a {@link UserKey} or {@link UserPrivateKey} that is decryptable, this will emit null.
--- a/libs/common/src/platform/abstractions/sdk/sdk.service.ts
+++ b/libs/common/src/platform/abstractions/sdk/sdk.service.ts
@@ -2,9 +2,27 @@ import { Observable } from "rxjs";

 import { BitwardenClient } from "@bitwarden/sdk-internal";

+import { UserId } from "../../../types/guid";
+
 export abstract class SdkService {
-  client$: Observable<BitwardenClient>;
+  /**
+   * Check if the SDK is supported in the current environment.
+   */
  supported$: Observable<boolean>;

+  /**
+   * Retrieve a client initialized without a user.
+   * This client can only be used for operations that don't require a user context.
+   */
+  client$: Observable<BitwardenClient | undefined>;
+
+  /**
+   * Retrieve a client initialized for a specific user.
+   * This client can be used for operations that require a user context, such as retrieving ciphers
+   * and operations involving crypto. It can also be used for operations that don't require a user context.
+   * @param userId
+   */
+  abstract userClient$(userId: UserId): Observable<BitwardenClient>;
+
  abstract failedToInitialize(): Promise<void>;
 }