[PM-27315] Add account cryptographic state service (#17589)

* Update account init and save signed public key * Add account cryptographic state service * Fix build * Cleanup * Fix build * Fix import * Fix build on browser * Fix * Fix DI * Fix * Fix * Fix * Fix * Fix * Fix test * Fix desktop build * Fix * Address nits * Cleanup setting private key * Add tests * Add tests * Add test coverage * Relative imports * Fix web build * Cleanup setting of private key
2026-01-05 01:53:55 +00:00 · 2025-12-17 22:04:08 +01:00
parent 4f0b69ab64
commit ea45c5d3c0
34 changed files with 607 additions and 10 deletions
--- a/libs/common/src/auth/models/response/identity-token.response.spec.ts
+++ b/libs/common/src/auth/models/response/identity-token.response.spec.ts
@@ -116,4 +116,36 @@ describe("IdentityTokenResponse", () => {
    const identityTokenResponse = new IdentityTokenResponse(response);
    expect(identityTokenResponse.userDecryptionOptions).toBeDefined();
  });
+
+  it("should create response with accountKeys not present", () => {
+    const response = {
+      access_token: accessToken,
+      token_type: tokenType,
+      AccountKeys: null as unknown,
+    };
+
+    const identityTokenResponse = new IdentityTokenResponse(response);
+    expect(identityTokenResponse.accountKeysResponseModel).toBeNull();
+  });
+
+  it("should create response with accountKeys present", () => {
+    const accountKeysData = {
+      publicKeyEncryptionKeyPair: {
+        publicKey: "testPublicKey",
+        wrappedPrivateKey: "testPrivateKey",
+      },
+    };
+
+    const response = {
+      access_token: accessToken,
+      token_type: tokenType,
+      AccountKeys: accountKeysData,
+    };
+
+    const identityTokenResponse = new IdentityTokenResponse(response);
+    expect(identityTokenResponse.accountKeysResponseModel).toBeDefined();
+    expect(
+      identityTokenResponse.accountKeysResponseModel?.publicKeyEncryptionKeyPair,
+    ).toBeDefined();
+  });
 });
--- a/libs/common/src/auth/models/response/identity-token.response.ts
+++ b/libs/common/src/auth/models/response/identity-token.response.ts
@@ -5,6 +5,7 @@
 import { Argon2KdfConfig, KdfConfig, KdfType, PBKDF2KdfConfig } from "@bitwarden/key-management";

 import { EncString } from "../../../key-management/crypto/models/enc-string";
+import { PrivateKeysResponseModel } from "../../../key-management/keys/response/private-keys.response";
 import { BaseResponse } from "../../../models/response/base.response";

 import { MasterPasswordPolicyResponse } from "./master-password-policy.response";
@@ -19,6 +20,7 @@ export class IdentityTokenResponse extends BaseResponse {

  // Decryption Information
  privateKey: string; // userKeyEncryptedPrivateKey
+  accountKeysResponseModel: PrivateKeysResponseModel | null = null;
  key?: EncString; // masterKeyEncryptedUserKey
  twoFactorToken: string;
  kdfConfig: KdfConfig;
@@ -52,6 +54,11 @@ export class IdentityTokenResponse extends BaseResponse {
    }

    this.privateKey = this.getResponseProperty("PrivateKey");
+    if (this.getResponseProperty("AccountKeys") != null) {
+      this.accountKeysResponseModel = new PrivateKeysResponseModel(
+        this.getResponseProperty("AccountKeys"),
+      );
+    }
    const key = this.getResponseProperty("Key");
    if (key) {
      this.key = new EncString(key);