[Auto Logout] Final review of feature (#932)

* Initial commit of LockService name refactor (#831) * [Auto-Logout] Update Service layer logic (#835) * Initial commit of service logic update * Added default value for action * Updated ToggleTokensAsync conditional * Removed unused variables, updated action conditional * Initial commit: lockOption/lock refactor app layer (#840) * [Auto-Logout] Settings Refactor - Application Layer Part 2 (#844) * Initial commit of app layer part 2 * Updated biometrics position * Reverted resource name refactor * LockOptions refactor revert * Updated method casing :: Removed VaultTimeout prefix for timeouts * Fixed dupe string resource (#854) * Updated dependency to use VaultTimeoutService (#896) * [Auto Logout] Xamarin Forms in AutoFill flow (iOS) (#902) * fix typo in PINRequireMasterPasswordRestart (#900) * initial commit for xf usage in autofill * Fixed databinding for hint button * Updated Two Factor page launch - removed unused imports * First pass at broadcast/messenger implentation for autofill * setting theme in extension using theme manager * extension app resources * App resources from main app * fix ref to twoFactorPage * apply resources to page * load empty app for sytling in extension * move ios renderers to ios core * static ref to resources and GetResourceColor helper * fix method ref * move application.current.resources refs to helper * switch login page alerts to device action dialogs * run on main thread * showDialog with device action service * abstract action sheet to device action service * add support for yubikey * add yubikey iimages to extension * support close button action * add support to action extension * remove empty lines Co-authored-by: Jonas Kittner <54631600+theendlessriver13@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com> * [Auto Logout] Update lock option to be default value (#929) * Initial commit - make lock action default * Removed extra whitespace Co-authored-by: Jonas Kittner <54631600+theendlessriver13@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2025-12-14 23:33:34 +00:00 · 2020-05-29 11:26:36 -05:00
parent 39e10ff01c
commit 4c3df2e1e1
80 changed files with 744 additions and 379 deletions
--- a/src/Core/Services/VaultTimeoutService.cs
+++ b/src/Core/Services/VaultTimeoutService.cs
@@ -0,0 +1,180 @@
+using Bit.Core.Abstractions;
+using Bit.Core.Models.Domain;
+using System;
+using System.Threading.Tasks;
+
+namespace Bit.Core.Services
+{
+    public class VaultTimeoutService : IVaultTimeoutService
+    {
+        private readonly ICryptoService _cryptoService;
+        private readonly IUserService _userService;
+        private readonly IPlatformUtilsService _platformUtilsService;
+        private readonly IStorageService _storageService;
+        private readonly IFolderService _folderService;
+        private readonly ICipherService _cipherService;
+        private readonly ICollectionService _collectionService;
+        private readonly ISearchService _searchService;
+        private readonly IMessagingService _messagingService;
+        private readonly ITokenService _tokenService;
+        private readonly Action<bool> _lockedCallback;
+        private readonly Func<bool, Task> _loggedOutCallback;
+
+        public VaultTimeoutService(
+            ICryptoService cryptoService,
+            IUserService userService,
+            IPlatformUtilsService platformUtilsService,
+            IStorageService storageService,
+            IFolderService folderService,
+            ICipherService cipherService,
+            ICollectionService collectionService,
+            ISearchService searchService,
+            IMessagingService messagingService,
+            ITokenService tokenService,
+            Action<bool> lockedCallback,
+            Func<bool, Task> loggedOutCallback)
+        {
+            _cryptoService = cryptoService;
+            _userService = userService;
+            _platformUtilsService = platformUtilsService;
+            _storageService = storageService;
+            _folderService = folderService;
+            _cipherService = cipherService;
+            _collectionService = collectionService;
+            _searchService = searchService;
+            _messagingService = messagingService;
+            _tokenService = tokenService;
+            _lockedCallback = lockedCallback;
+            _loggedOutCallback = loggedOutCallback;
+        }
+
+        public CipherString PinProtectedKey { get; set; } = null;
+        public bool FingerprintLocked { get; set; } = true;
+
+        public async Task<bool> IsLockedAsync()
+        {
+            var hasKey = await _cryptoService.HasKeyAsync();
+            if (hasKey)
+            {
+                var fingerprintSet = await IsFingerprintLockSetAsync();
+                if (fingerprintSet && FingerprintLocked)
+                {
+                    return true;
+                }
+            }
+            return !hasKey;
+        }
+
+        public async Task CheckVaultTimeoutAsync()
+        {
+            if (_platformUtilsService.IsViewOpen())
+            {
+                return;
+            }
+            var authed = await _userService.IsAuthenticatedAsync();
+            if (!authed)
+            {
+                return;
+            }
+            if (await IsLockedAsync())
+            {
+                return;
+            }
+            // This only returns null
+            var vaultTimeout = _platformUtilsService.LockTimeout();
+            if (vaultTimeout == null)
+            {
+                vaultTimeout = await _storageService.GetAsync<int?>(Constants.VaultTimeoutKey);
+            }
+            if (vaultTimeout.GetValueOrDefault(-1) < 0)
+            {
+                return;
+            }
+            var lastActive = await _storageService.GetAsync<DateTime?>(Constants.LastActiveKey);
+            if (lastActive == null)
+            {
+                return;
+            }
+            var diff = DateTime.UtcNow - lastActive.Value;
+            if (diff.TotalSeconds >= vaultTimeout.Value)
+            {
+                // Pivot based on saved action
+                var action = await _storageService.GetAsync<string>(Constants.VaultTimeoutActionKey);
+                if (action == "logOut")
+                {
+                    await LogOutAsync();
+                }
+                else
+                {
+                    await LockAsync(true);
+                }
+            }
+        }
+
+        public async Task LockAsync(bool allowSoftLock = false, bool userInitiated = false)
+        {
+            var authed = await _userService.IsAuthenticatedAsync();
+            if (!authed)
+            {
+                return;
+            }
+            if (allowSoftLock)
+            {
+                FingerprintLocked = await IsFingerprintLockSetAsync();
+                if (FingerprintLocked)
+                {
+                    _messagingService.Send("locked", userInitiated);
+                    _lockedCallback?.Invoke(userInitiated);
+                    return;
+                }
+            }
+            await Task.WhenAll(
+                _cryptoService.ClearKeyAsync(),
+                _cryptoService.ClearOrgKeysAsync(true),
+                _cryptoService.ClearKeyPairAsync(true),
+                _cryptoService.ClearEncKeyAsync(true));
+
+            _folderService.ClearCache();
+            _cipherService.ClearCache();
+            _collectionService.ClearCache();
+            _searchService.ClearIndex();
+            _messagingService.Send("locked", userInitiated);
+            _lockedCallback?.Invoke(userInitiated);
+        }
+        
+        public async Task LogOutAsync()
+        {
+            if(_loggedOutCallback != null)
+            {
+                await _loggedOutCallback.Invoke(false);
+            }
+        }
+
+        public async Task SetVaultTimeoutOptionsAsync(int? timeout, string action)
+        {
+            await _storageService.SaveAsync(Constants.VaultTimeoutKey, timeout);
+            await _storageService.SaveAsync(Constants.VaultTimeoutActionKey, action);
+            await _cryptoService.ToggleKeyAsync();
+            await _tokenService.ToggleTokensAsync();
+        }
+
+        public async Task<Tuple<bool, bool>> IsPinLockSetAsync()
+        {
+            var protectedPin = await _storageService.GetAsync<string>(Constants.ProtectedPin);
+            var pinProtectedKey = await _storageService.GetAsync<string>(Constants.PinProtectedKey);
+            return new Tuple<bool, bool>(protectedPin != null, pinProtectedKey != null);
+        }
+
+        public async Task<bool> IsFingerprintLockSetAsync()
+        {
+            var fingerprintLock = await _storageService.GetAsync<bool?>(Constants.FingerprintUnlockKey);
+            return fingerprintLock.GetValueOrDefault();
+        }
+
+        public async Task ClearAsync()
+        {
+            PinProtectedKey = null;
+            await _storageService.RemoveAsync(Constants.ProtectedPin);
+        }
+    }
+}