mirror of
https://github.com/bitwarden/browser
synced 2025-12-14 23:33:31 +00:00
91f1d9fb86
* PM-6689 - Add security stamp to Token state * PM-6689 - Remove Security Stamp from account and state service * PM-6689 - Add security stamp get and set to token service + abstraction + tests * PM-6689 - Add migration for security stamp, test it, and register it with migrator * PM-6689 - Update sync service + deps to use token service. * PM-6689 - Cleanup missed usages of account tokens which has been removed. * PM-6689 - Per PR feedback, remove unnecessary data migration as the security stamp is only in memory and doesn't need to be migrated.
77 lines
2.3 KiB
TypeScript
77 lines
2.3 KiB
TypeScript
import {
|
|
KeyDefinition,
|
|
TOKEN_DISK,
|
|
TOKEN_DISK_LOCAL,
|
|
TOKEN_MEMORY,
|
|
UserKeyDefinition,
|
|
} from "../../platform/state";
|
|
|
|
// Note: all tokens / API key information must be cleared on logout.
|
|
// because we are using secure storage, we must manually call to clean up our tokens.
|
|
// See stateService.deAuthenticateAccount for where we call clearTokens(...)
|
|
|
|
export const ACCESS_TOKEN_DISK = new UserKeyDefinition<string>(TOKEN_DISK, "accessToken", {
|
|
deserializer: (accessToken) => accessToken,
|
|
clearOn: [], // Manually handled
|
|
});
|
|
|
|
export const ACCESS_TOKEN_MEMORY = new UserKeyDefinition<string>(TOKEN_MEMORY, "accessToken", {
|
|
deserializer: (accessToken) => accessToken,
|
|
clearOn: [], // Manually handled
|
|
});
|
|
|
|
export const REFRESH_TOKEN_DISK = new UserKeyDefinition<string>(TOKEN_DISK, "refreshToken", {
|
|
deserializer: (refreshToken) => refreshToken,
|
|
clearOn: [], // Manually handled
|
|
});
|
|
|
|
export const REFRESH_TOKEN_MEMORY = new UserKeyDefinition<string>(TOKEN_MEMORY, "refreshToken", {
|
|
deserializer: (refreshToken) => refreshToken,
|
|
clearOn: [], // Manually handled
|
|
});
|
|
|
|
export const EMAIL_TWO_FACTOR_TOKEN_RECORD_DISK_LOCAL = KeyDefinition.record<string, string>(
|
|
TOKEN_DISK_LOCAL,
|
|
"emailTwoFactorTokenRecord",
|
|
{
|
|
deserializer: (emailTwoFactorTokenRecord) => emailTwoFactorTokenRecord,
|
|
},
|
|
);
|
|
|
|
export const API_KEY_CLIENT_ID_DISK = new UserKeyDefinition<string>(TOKEN_DISK, "apiKeyClientId", {
|
|
deserializer: (apiKeyClientId) => apiKeyClientId,
|
|
clearOn: [], // Manually handled
|
|
});
|
|
|
|
export const API_KEY_CLIENT_ID_MEMORY = new UserKeyDefinition<string>(
|
|
TOKEN_MEMORY,
|
|
"apiKeyClientId",
|
|
{
|
|
deserializer: (apiKeyClientId) => apiKeyClientId,
|
|
clearOn: [], // Manually handled
|
|
},
|
|
);
|
|
|
|
export const API_KEY_CLIENT_SECRET_DISK = new UserKeyDefinition<string>(
|
|
TOKEN_DISK,
|
|
"apiKeyClientSecret",
|
|
{
|
|
deserializer: (apiKeyClientSecret) => apiKeyClientSecret,
|
|
clearOn: [], // Manually handled
|
|
},
|
|
);
|
|
|
|
export const API_KEY_CLIENT_SECRET_MEMORY = new UserKeyDefinition<string>(
|
|
TOKEN_MEMORY,
|
|
"apiKeyClientSecret",
|
|
{
|
|
deserializer: (apiKeyClientSecret) => apiKeyClientSecret,
|
|
clearOn: [], // Manually handled
|
|
},
|
|
);
|
|
|
|
export const SECURITY_STAMP_MEMORY = new UserKeyDefinition<string>(TOKEN_MEMORY, "securityStamp", {
|
|
deserializer: (securityStamp) => securityStamp,
|
|
clearOn: ["logout"],
|
|
});
|