[PM-13673] Require UserId In CompareHash Method (#11568)

* Require UserId In CompareHash Method * Throw on null-ish 'masterKey' * Update Test
2025-12-06 00:13:28 +00:00 · 2024-11-04 15:11:59 -05:00
parent 008e928d0a
commit f41365ce48
6 changed files with 117 additions and 33 deletions
--- a/libs/vault/src/components/password-reprompt.component.ts
+++ b/libs/vault/src/components/password-reprompt.component.ts
@@ -1,8 +1,10 @@
 import { DialogRef } from "@angular/cdk/dialog";
 import { Component } from "@angular/core";
 import { FormBuilder, ReactiveFormsModule, Validators } from "@angular/forms";
+import { firstValueFrom, map } from "rxjs";

 import { JslibModule } from "@bitwarden/angular/jslib.module";
+import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
 import {
@@ -43,16 +45,25 @@ export class PasswordRepromptComponent {
    protected i18nService: I18nService,
    protected formBuilder: FormBuilder,
    protected dialogRef: DialogRef,
+    protected accountService: AccountService,
  ) {}

  submit = async () => {
+    const userId = await firstValueFrom(this.accountService.activeAccount$.pipe(map((a) => a?.id)));
+
+    if (userId == null) {
+      throw new Error("An active user is expected while doing password reprompt.");
+    }
+
    const storedMasterKey = await this.keyService.getOrDeriveMasterKey(
      this.formGroup.value.masterPassword,
+      userId,
    );
    if (
-      !(await this.keyService.compareAndUpdateKeyHash(
+      !(await this.keyService.compareKeyHash(
        this.formGroup.value.masterPassword,
        storedMasterKey,
+        userId,
      ))
    ) {
      this.platformUtilsService.showToast(