From 515decb4c9a2ea961a1da24d59d77ce2d35e502f Mon Sep 17 00:00:00 2001
From: Jacob Fink <jfink@bitwarden.com>
Date: Tue, 18 Jul 2023 10:04:57 -0400
Subject: [PATCH] [PM-2713] add new pin methods to state service

---
 src/Core/Abstractions/IStateService.cs | 10 +++++++-
 src/Core/Constants.cs                  |  6 +++--
 src/Core/Services/StateService.cs      | 32 ++++++++++++++++++++++++++
 3 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/src/Core/Abstractions/IStateService.cs b/src/Core/Abstractions/IStateService.cs
index 777a3dea8..d6f93e021 100644
--- a/src/Core/Abstractions/IStateService.cs
+++ b/src/Core/Abstractions/IStateService.cs
@@ -42,12 +42,20 @@ namespace Bit.Core.Abstractions
         Task<bool> IsAccountBiometricIntegrityValidAsync(string bioIntegritySrcKey, string userId = null);
         Task SetAccountBiometricIntegrityValidAsync(string bioIntegritySrcKey, string userId = null);
         Task<bool> CanAccessPremiumAsync(string userId = null);
-        Task SetPersonalPremiumAsync(bool value, string userId = null);
         Task<string> GetProtectedPinAsync(string userId = null);
+        Task SetPersonalPremiumAsync(bool value, string userId = null);
+        Task<string> GetUserKeyPin(string userId = null);
+        Task SetUserKeyPin(string value, string userId = null);
+        Task<EncString> GetUserKeyPinEphemeral(string userId = null);
+        Task SetUserKeyPinEphemeral(EncString value, string userId = null);
         Task SetProtectedPinAsync(string value, string userId = null);
+        [Obsolete("Use GetUserKeyPin instead, left for migration purposes")]
         Task<string> GetPinProtectedAsync(string userId = null);
+        [Obsolete("Use SetUserKeyPin instead")]
         Task SetPinProtectedAsync(string value, string userId = null);
+        [Obsolete("Use GetUserKeyPinEphemeral instead, left for migration purposes")]
         Task<EncString> GetPinProtectedKeyAsync(string userId = null);
+        [Obsolete("Use SetUserKeyPinEphemeral instead")]
         Task SetPinProtectedKeyAsync(EncString value, string userId = null);
         Task SetKdfConfigurationAsync(KdfConfig config, string userId = null);
         Task<string> GetKeyHashAsync(string userId = null);
diff --git a/src/Core/Constants.cs b/src/Core/Constants.cs
index 98dffb5c5..b7a17e1b8 100644
--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@@ -81,7 +81,7 @@ namespace Bit.Core
 
         public static string VaultTimeoutKey(string userId) => $"vaultTimeout_{userId}";
         public static string VaultTimeoutActionKey(string userId) => $"vaultTimeoutAction_{userId}";
-        public static string UserKeyKey(string userId) => $"UserKey_{userId}";
+        public static string UserKeyKey(string userId) => $"userKey_{userId}";
         public static string CiphersKey(string userId) => $"ciphers_{userId}";
         public static string FoldersKey(string userId) => $"folders_{userId}";
         public static string CollectionsKey(string userId) => $"collections_{userId}";
@@ -93,7 +93,7 @@ namespace Bit.Core
         public static string EncOrgKeysKey(string userId) => $"encOrgKeys_{userId}";
         public static string EncPrivateKeyKey(string userId) => $"encPrivateKey_{userId}";
         public static string KeyHashKey(string userId) => $"keyHash_{userId}";
-        public static string PinProtectedKey(string userId) => $"pinProtectedKey_{userId}";
+        public static string UserKeyPinKey(string userId) => $"userKeyPin_{userId}";
         public static string PassGenOptionsKey(string userId) => $"passwordGenerationOptions_{userId}";
         public static string PassGenHistoryKey(string userId) => $"generatedPasswordHistory_{userId}";
         public static string TwoFactorTokenKey(string email) => $"twoFactorToken_{email}";
@@ -126,5 +126,7 @@ namespace Bit.Core
         public static string KeyKey(string userId) => $"key_{userId}";
         [Obsolete]
         public static string EncKeyKey(string userId) => $"encKey_{userId}";
+        [Obsolete]
+        public static string PinProtectedKey(string userId) => $"pinProtectedKey_{userId}";
     }
 }
diff --git a/src/Core/Services/StateService.cs b/src/Core/Services/StateService.cs
index 494ae0956..0aa8461a3 100644
--- a/src/Core/Services/StateService.cs
+++ b/src/Core/Services/StateService.cs
@@ -395,6 +395,35 @@ namespace Bit.Core.Services
             await SetValueAsync(Constants.ProtectedPinKey(reconciledOptions.UserId), value, reconciledOptions);
         }
 
+        // TODO(Jake): Does this need to be secure storage?
+        public async Task<string> GetUserKeyPin(string value, string userId = null)
+        {
+            return await _storageMediatorService.GetAsync<string>(Constants.UserKeyPinKey(userId), false);
+        }
+
+        // TODO(Jake): Does this need to be secure storage?
+        public async Task SetUserKeyPin(string value, string userId = null)
+        {
+            await _storageMediatorService.SaveAsync(Constants.UserKeyPinKey(userId), value, false);
+        }
+
+        public async Task<EncString> GetUserKeyPinEphemeral(string userId = null)
+        {
+            return (await GetAccountAsync(
+                ReconcileOptions(new StorageOptions { UserId = userId }, await GetDefaultInMemoryOptionsAsync())
+            ))?.VolatileData?.UserKeyPinEphemeral;
+        }
+
+        public async Task SetUserKeyPinEphemeral(EncString value, string userId = null)
+        {
+            var reconciledOptions = ReconcileOptions(new StorageOptions { UserId = userId },
+                await GetDefaultInMemoryOptionsAsync());
+            var account = await GetAccountAsync(reconciledOptions);
+            account.VolatileData.UserKeyPinEphemeral = value;
+            await SaveAccountAsync(account, reconciledOptions);
+        }
+
+        [Obsolete("Use GetUserKeyPin instead, left for migration purposes")]
         public async Task<string> GetPinProtectedAsync(string userId = null)
         {
             var reconciledOptions = ReconcileOptions(new StorageOptions { UserId = userId },
@@ -402,6 +431,7 @@ namespace Bit.Core.Services
             return await GetValueAsync<string>(Constants.PinProtectedKey(reconciledOptions.UserId), reconciledOptions);
         }
 
+        [Obsolete("Use SetUserKeyPin instead")]
         public async Task SetPinProtectedAsync(string value, string userId = null)
         {
             var reconciledOptions = ReconcileOptions(new StorageOptions { UserId = userId },
@@ -409,6 +439,7 @@ namespace Bit.Core.Services
             await SetValueAsync(Constants.PinProtectedKey(reconciledOptions.UserId), value, reconciledOptions);
         }
 
+        [Obsolete("Use GetUserKeyPinEphemeral instead, left for migration purposes")]
         public async Task<EncString> GetPinProtectedKeyAsync(string userId = null)
         {
             return (await GetAccountAsync(
@@ -416,6 +447,7 @@ namespace Bit.Core.Services
             ))?.VolatileData?.PinProtectedKey;
         }
 
+        [Obsolete("Use SetUserKeyPinEphemeral instead")]
         public async Task SetPinProtectedKeyAsync(EncString value, string userId = null)
         {
             var reconciledOptions = ReconcileOptions(new StorageOptions { UserId = userId },