bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2025-12-21 02:33:36 +00:00
Code Issues Releases Wiki Activity

PM-3386 Fix MP reprompt / OTP decision to be also based on the master key hash. (#2688)

Browse Source
This commit is contained in:
Federico Maccaroni
2023-08-14 14:53:55 -03:00
committed by GitHub
parent afeec41500
commit 12f8c7b0d3
6 changed files with 13 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Android/MainApplication.cs
View File

@@ -68,7 +68,6 @@ namespace Bit.Droid
ServiceContainer.Register<IDeleteAccountActionFlowExecutioner>("deleteAccountActionFlowExecutioner", deleteAccountActionFlowExecutioner); ServiceContainer.Register<IDeleteAccountActionFlowExecutioner>("deleteAccountActionFlowExecutioner", deleteAccountActionFlowExecutioner);
var verificationActionsFlowHelper = new VerificationActionsFlowHelper( var verificationActionsFlowHelper = new VerificationActionsFlowHelper(
ServiceContainer.Resolve<IKeyConnectorService>("keyConnectorService"),
ServiceContainer.Resolve<IPasswordRepromptService>("passwordRepromptService"), ServiceContainer.Resolve<IPasswordRepromptService>("passwordRepromptService"),
ServiceContainer.Resolve<ICryptoService>("cryptoService"), ServiceContainer.Resolve<ICryptoService>("cryptoService"),
ServiceContainer.Resolve<IUserVerificationService>()); ServiceContainer.Resolve<IUserVerificationService>());

4
src/App/Pages/Settings/ExportVaultPageViewModel.cs
View File

@@ -65,7 +65,7 @@ namespace Bit.App.Pages
_initialized = true; _initialized = true;
FileFormatSelectedIndex = FileFormatOptions.FindIndex(k => k.Key == "json"); FileFormatSelectedIndex = FileFormatOptions.FindIndex(k => k.Key == "json");
DisablePrivateVaultPolicyEnabled = await _policyService.PolicyAppliesToUser(PolicyType.DisablePersonalVaultExport); DisablePrivateVaultPolicyEnabled = await _policyService.PolicyAppliesToUser(PolicyType.DisablePersonalVaultExport);
UseOTPVerification = !await _userVerificationService.HasMasterPasswordAsync(); UseOTPVerification = !await _userVerificationService.HasMasterPasswordAsync(true);
if (UseOTPVerification) if (UseOTPVerification)
{ {
@@ -163,7 +163,7 @@ namespace Bit.App.Pages
return; return;
} }
var verificationType = await _userVerificationService.HasMasterPasswordAsync() var verificationType = await _userVerificationService.HasMasterPasswordAsync(true)
? VerificationType.MasterPassword ? VerificationType.MasterPassword
: VerificationType.OTP; : VerificationType.OTP;
if (!await _userVerificationService.VerifyUser(Secret, verificationType)) if (!await _userVerificationService.VerifyUser(Secret, verificationType))

6
src/App/Utilities/VerificationActionsFlowHelper.cs
View File

@@ -60,7 +60,6 @@ namespace Bit.App.Utilities
/// </summary> /// </summary>
public class VerificationActionsFlowHelper : IVerificationActionsFlowHelper public class VerificationActionsFlowHelper : IVerificationActionsFlowHelper
{ {
private readonly IKeyConnectorService _keyConnectorService;
private readonly IPasswordRepromptService _passwordRepromptService; private readonly IPasswordRepromptService _passwordRepromptService;
private readonly ICryptoService _cryptoService; private readonly ICryptoService _cryptoService;
private readonly IUserVerificationService _userVerificationService; private readonly IUserVerificationService _userVerificationService;
@@ -72,12 +71,11 @@ namespace Bit.App.Utilities
private readonly Dictionary<VerificationFlowAction, IActionFlowExecutioner> _actionExecutionerDictionary = new Dictionary<VerificationFlowAction, IActionFlowExecutioner>(); private readonly Dictionary<VerificationFlowAction, IActionFlowExecutioner> _actionExecutionerDictionary = new Dictionary<VerificationFlowAction, IActionFlowExecutioner>();
public VerificationActionsFlowHelper(IKeyConnectorService keyConnectorService, public VerificationActionsFlowHelper(
IPasswordRepromptService passwordRepromptService, IPasswordRepromptService passwordRepromptService,
ICryptoService cryptoService, ICryptoService cryptoService,
IUserVerificationService userVerificationService) IUserVerificationService userVerificationService)
{ {
_keyConnectorService = keyConnectorService;
_passwordRepromptService = passwordRepromptService; _passwordRepromptService = passwordRepromptService;
_cryptoService = cryptoService; _cryptoService = cryptoService;
_userVerificationService = userVerificationService; _userVerificationService = userVerificationService;
@@ -110,7 +108,7 @@ namespace Bit.App.Utilities
public async Task ValidateAndExecuteAsync() public async Task ValidateAndExecuteAsync()
{ {
var verificationType = await _userVerificationService.HasMasterPasswordAsync() var verificationType = await _userVerificationService.HasMasterPasswordAsync(true)
? VerificationType.MasterPassword ? VerificationType.MasterPassword
: VerificationType.OTP; : VerificationType.OTP;

2
src/Core/Abstractions/IUserVerificationService.cs
View File

@@ -6,6 +6,6 @@ namespace Bit.Core.Abstractions
public interface IUserVerificationService public interface IUserVerificationService
{ {
Task<bool> VerifyUser(string secret, VerificationType verificationType); Task<bool> VerifyUser(string secret, VerificationType verificationType);
Task<bool> HasMasterPasswordAsync(); Task<bool> HasMasterPasswordAsync(bool checkMasterKeyHash = false);
} }
} }

11
src/Core/Services/UserVerificationService.cs
View File

@@ -68,15 +68,20 @@ namespace Bit.Core.Services
await _platformUtilsService.ShowDialogAsync(errorMessage); await _platformUtilsService.ShowDialogAsync(errorMessage);
} }
public async Task<bool> HasMasterPasswordAsync() public async Task<bool> HasMasterPasswordAsync(bool checkMasterKeyHash = false)
{ {
async Task<bool> CheckMasterKeyHashAsync()
{
return !checkMasterKeyHash && await _cryptoService.GetMasterKeyHashAsync() != null;
};
var decryptOptions = await _stateService.GetAccountDecryptionOptions(); var decryptOptions = await _stateService.GetAccountDecryptionOptions();
if (decryptOptions != null) if (decryptOptions != null)
{ {
return decryptOptions.HasMasterPassword; return decryptOptions.HasMasterPassword && await CheckMasterKeyHashAsync();
} }
return !await _keyConnectorService.GetUsesKeyConnectorAsync(); return !await _keyConnectorService.GetUsesKeyConnectorAsync() && await CheckMasterKeyHashAsync();
} }
} }
} }

1
src/iOS.Core/Utilities/iOSCoreHelpers.cs
View File

@@ -245,7 +245,6 @@ namespace Bit.iOS.Core.Utilities
ServiceContainer.Register<IDeleteAccountActionFlowExecutioner>("deleteAccountActionFlowExecutioner", deleteAccountActionFlowExecutioner); ServiceContainer.Register<IDeleteAccountActionFlowExecutioner>("deleteAccountActionFlowExecutioner", deleteAccountActionFlowExecutioner);
var verificationActionsFlowHelper = new VerificationActionsFlowHelper( var verificationActionsFlowHelper = new VerificationActionsFlowHelper(
ServiceContainer.Resolve<IKeyConnectorService>("keyConnectorService"),
ServiceContainer.Resolve<IPasswordRepromptService>("passwordRepromptService"), ServiceContainer.Resolve<IPasswordRepromptService>("passwordRepromptService"),
ServiceContainer.Resolve<ICryptoService>("cryptoService"), ServiceContainer.Resolve<ICryptoService>("cryptoService"),
ServiceContainer.Resolve<IUserVerificationService>()); ServiceContainer.Resolve<IUserVerificationService>());