bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2025-12-15 07:43:37 +00:00
Code Issues Releases Wiki Activity
Files
a7bf0e24d3bd0b8cb293f807bfa0d5cf2b9bdae2
mobile/src/Core/Services/FolderService.cs
Todd Martin a7bf0e24d3 Trusted Device Encryption feature (#2656) 
* [PM-1208] Add Device approval options screen. View model waiting for additional logic to be added.

* [PM-1208] Add device related api endpoint. Add AccoundDecryptOptions model and property to user Account.

* [PM-1208] Add continue button and not you option

* [PM-1379] add DeviceTrustCryptoService with establish trust logic (#2535)

* [PM-1379] add DeviceCryptoService with establish trust logic

* PM-1379 update api location and other minor refactors

* pm-1379 fix encoding

* update trusted device keys api call to Put

* [PM-1379] rename DeviceCryptoService to DeviceTrustCryptoService
- refactors to prevent side effects

* [PM-1379] rearrange methods in DeviceTrustCryptoService

* [PM-1379] rearrange methods in abstraction

* [PM-1379] deconstruct tuples

* [PM-1379] remove extra tasks

* [PM-2583] Answer auth request with mp field as null if doesn't have it. (#2609)

* [PM-2287][PM-2289][PM-2293] Approval Options (#2608)

* [PM-2293] Add AuthRequestType to PasswordlessLoginPage.

* [PM-2293] Add Actions to ApproveWithDevicePage

* [PM-2293] Change screen text based on AuthRequestType

* [PM-2293] Refactor AuthRequestType enum. Add label. Remove unnecessary actions.

* [PM-2293] Change boolean variable expression.

* [PM-2293] Trust device after admin request login.

* code format

* [PM-2287] Add trust device to master password unlock. Change trust device method. Remove email from SSO login page.

* [PM-2293] Fix state variable get set.

* [PM-2287][PM-2289][PM-2293] Rename method

* [PM-1201] Change timeout actions available based on hasMasterPassword (#2610)

* [PM-1201] Change timeout actions available based on hasMasterPassword

* [PM-2731] add user key and master key types

* [PM-2713] add new state for new keys and obsolete old ones
- UserKey
- MasterKey
- UserKeyMasterKey (enc UserKey from User Table)

* [PM-271] add UserKey and MasterKey support to crypto service

* [PM-2713] rename key hash to password hash & begin add methods to crypto service

* [PM-2713] continue organizing crypto service

* [PM-2713] more updates to crypto service

* [PM-2713] add new pin methods to state service

* [PM-2713] fix signature of GetUserKeyPin

* [PM-2713] add make user key method to crypto service

* [PM-2713] refresh pin key when setting user key

* [PM-2713] use new MakeMasterKey method

* [PM-2713] add toggle method to crypto service for keys

* [PM-2713] converting calls to new crypto service api

* [PM-2713] add migration for pin on lock screens

* [PM-2713] more conversions to new crypto service api

* [PM-2713] convert cipher service and others to crypto service api

* [PM-2713] More conversions to crypto api

* [PM-2713] use new crypto service api in auth service

* [PM-2713] remove unused cached values in crypto service

* [PM-2713] set decrypt and set user key in login helper

* fix bad merge

* Update crypto service api call to fix build

* [PM-1208] Fix app resource file

* [PM-1208] Fix merge

* [PM-1208] Fix merge

* [PM-2713] optimize async code in crypto service

* [PM-2713] rename password hash to master key hash

* [PM-2713] fix casting issues and pin

* [PM-2713] remove extra comment

* [PM-2713] remove broken casting

* [PM-2297] Login with trusted device (Flow 2) (#2623)

* [PM-2297] Add DecryptUserKeyWithDeviceKey method

* [PM-2297] Add methods to DeviceTrustCryptoService update decryption options model

* [PM-2297] Update account decryption options model

* [PM-2297] Fix TrustedDeviceOption and DeviceResponse model. Change StateService device key get set to have default user id

* [PM-2297] Update navigation to decryption options

* [PM-2297] Add missing action navigations to iOS extensions

* [PM-2297] Fix trust device bug/typo

* [PM-2297] Fix model bug

* [PM-2297] Fix state var crash

* [PM-2297] Add trust device login logic to auth service

* [PM-2297] Refactor auth service key connector code

* [PM-2297] Remove reconciledOptions for deviceKey in state service

* [PM-2297] Remove unnecessary user id params

* [PM-2289] [PM-2293] TDE Login with device Admin Request (#2642)

* [PM-2713] deconstruct new key pair

* [PM-2713] rename PrivateKey methods to UserPrivateKey on crypto service

* [PM-2713] rename PinLockEnum to PinLockType

* [PM-2713] don't pass user key as param when encrypting

* [PM-2713] rename toggle method, don't reset enc user key

* [PM-2713] pr feedback

* [PM-2713] PR feedback

* [PM-2713] rename get pin lock type method

* [PM-2713] revert feedback for build

* [PM-2713] rename state methods

* [PM-2713] combine makeDataEncKey methods

* [PM-2713] consolidate attachment key creation
- also fix ios files missed during symbol rename

* [PM-2713] replace generic with inherited class

* rename account keys to be more descriptive

* [PM-2713] add auto unlock key to mobile

* [PM-1208] Add TDE flows for new users (#2655)

* [PM-1208] Create new user on SSO. Logout if not password is setup or has pending admin auth request.

* [PM-1208] Fix new user UserKey decryption.

* [PM-1208] Add new user continue to vault logic. Auto enrol user on continue.

* [PM-1208] Trust device only if needed

* [PM-1208] Add logic for New User SSO.

* [PM-1208] Add logic for New User SSO (missing file).

* [PM-2713] set user key on set password page

* [PM-2713] set enc user key during kc onboarding

* fix formatting

* [PM-2713] make method async again
- returning null from a task thats not async throws

* [PM-2713] clear service cache when adding new account

* Fix build after merge

* [PM-3313] Fix Android SSO Login (#2663)

* [PM-3313] Catch exception on AuthPendingRequest

* [PM-3313] Fix lock timeout action if user doesn't have a master password.

* code format

* [PM-3313] Null email in Approval Options screen (#2664)

* [PM-3313] Fix null email in approval options screen

* [PM-3320][PM-3321] Fix labels and UI tweaks (#2666)

* [PM-3320] Fix UI copy and remember me default ON.

* [PM-3321] Fix UI on Log in with device screen.

* [PM-3337] Fix admin request deny error (#2669)

* [PM-3342] Not you button logs user out. (#2672)

* [PM-3319] Check for admin request in Lock page (#2668)

* [PM-3319] Ignore admin auth request when choosing mp as decryption option.

* [PM-2289] Change header title based on auth request type (#2670)

* [PM-2289] Change header title based on auth request type

* [PM-3333] Check for purged admin auth requests (#2671)

* [PM-3333] Check for purged admin auth requests

Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>

---------

Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>

* [PM-3341] Vault Timeout Action not persisted correctly (#2673)

* [PM-3341] Fix timeout action change when navigating

* [PM-3357] Fix copy for Login Initiated (#2674)

* [PM-3362] Fix auth request approval (#2675)

* [PM-3362] Fix auth request approval

* [PM-3362] Add new exception type

* [PM-3102] Update Master password reprompt to be based on MP instead of Key Connector (#2653)

* PM-3102 Added check to see if a user has master password set replacing previous usage of key connector.

* PM-3102 Fix formatting

* [PM-2713] Final merge from Key Migration branch to TDE Feature branch (#2667)

* [PM-2713] add async to key connector service methods

* [PM-2713] rename ephemeral pin key

* add state for biometric key and accept UserKey instead of string for auto key

* Get UserKey from bio state on unlock

* PM-2713 Fix auto-migrating EncKeyEncrypted into MasterKey encrypted UserKey when requesting DecryptUserKeyWithMasterKeyAsync is called

* renaming bio key and fix build

* PM-3194 Fix biometrics button to be shown on upgrade when no UserKey is present yet

* revert removal of key connector service from auth service

* PM-2713 set user key when using KC

* clear enc user key after migration

* use is true for nullable bool

* PR feedback, refactor kc service

---------

Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>

* Fix app fresh install user login with master password. (#2676)

* [PM-3303] Fix biometric login after key migration (#2679)

* [PM-3303] Add condition to biometric unlock

* [PM-3381] Fix TDE login 2FA flow (#2678)

* [PM-3381] Check for vault lock on 2FA screen

* [PM-3381] Move logic to ViewModel

* [PM-3381] Fix null vm error

* [PM-3379] Fix key rotation on trusted device. (#2680)

* [PM-3381] Update login flows (#2683)

* [PM-3381] Update login flows

* [PM-3381] Remove _authingWithSso parameter

* PM-3385 Fix MP reprompt item level when no MP hash is stored like logging in with TDE. Also refactor code to be more maintainable (#2687)

* PM-3386 Fix MP reprompt / OTP decision to be also based on the master key hash. (#2688)

* PM-3450 Fix has master password with mp key hash check (#2689)

* [PM-3394] Fix login with device for passwordless approvals (#2686)

* set activeUserId to null when logging in a new account
- Also stop the user key from being set in inactive accounts

* get token for login with device if approving device doesn't have master key

* add comment

* simplify logic

* check for route instead of using isAuthenticated
- we don't clear the user id when logging in new account
- this means we can't trust the state service, so we have to base our logic off the route in login with device

* use authenticated auth request for tde login with device

* [PM-3394] Add authingWithSso parameter to LoginPasswordlessRequestPage.

* pr feedback

* [PM-3394] Refactor condition

Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>

---------

Co-authored-by: André Bispo <abispo@bitwarden.com>
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>

* [PM-3462] Handle force password reset on mobile with TDE (#2694)

* [PM-3462] Handle force password reset on mobile with TDE

* [PM-3462] update references to refactored crypto method
- fix kc bug, we were sending private key instead of user key to server
- rename kc service method to be correct

* [PM-3462] Update TwoFactorPage login logic

* [PM-3462] Added pending admin request check to TwoFactorPage

* [PM-3462] Added new exception types for null keys

---------

Co-authored-by: André Bispo <abispo@bitwarden.com>

* [PM-1029] Fix Async suffix in ApiService. Add UserKeyNullExceptions.

* [PM 3513] Fix passwordless 2fa login with device on mobile (#2700)

* [PM-3513] Fix 2FA for normal login with device with users without mp

* move _userKey

---------

Co-authored-by: André Bispo <abispo@bitwarden.com>

* clear encrypted pin on logout (#2699)

---------

Co-authored-by: André Bispo <abispo@bitwarden.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
(cherry picked from commit bfcfd367dd)
2023-08-17 17:18:27 -04:00

270 lines
8.7 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
using Bit.Core.Abstractions;
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.Models.Domain;
using Bit.Core.Models.Request;
using Bit.Core.Models.Response;
using Bit.Core.Models.View;
using Bit.Core.Utilities;
namespace Bit.Core.Services
{
public class FolderService : IFolderService
{
private const char NestingDelimiter = '/';
private List<FolderView> _decryptedFolderCache;
private readonly ICryptoService _cryptoService;
private readonly IStateService _stateService;
private readonly IApiService _apiService;
private readonly II18nService _i18nService;
private readonly ICipherService _cipherService;
public FolderService(
ICryptoService cryptoService,
IStateService stateService,
IApiService apiService,
II18nService i18nService,
ICipherService cipherService)
{
_cryptoService = cryptoService;
_stateService = stateService;
_apiService = apiService;
_i18nService = i18nService;
_cipherService = cipherService;
}
public void ClearCache()
{
_decryptedFolderCache = null;
}
public async Task<Folder> EncryptAsync(FolderView model, SymmetricCryptoKey key = null)
{
var folder = new Folder
{
Id = model.Id,
Name = await _cryptoService.EncryptAsync(model.Name, key)
};
return folder;
}
public async Task<Folder> GetAsync(string id)
{
var folders = await _stateService.GetEncryptedFoldersAsync();
if (!folders?.ContainsKey(id) ?? true)
{
return null;
}
return new Folder(folders[id]);
}
public async Task<List<Folder>> GetAllAsync()
{
var folders = await _stateService.GetEncryptedFoldersAsync();
var response = folders?.Select(f => new Folder(f.Value));
return response?.ToList() ?? new List<Folder>();
}
// TODO: sequentialize?
public async Task<List<FolderView>> GetAllDecryptedAsync()
{
if (_decryptedFolderCache != null)
{
return _decryptedFolderCache;
}
var hasKey = await _cryptoService.HasUserKeyAsync();
if (!hasKey)
{
throw new UserKeyNullException();
}
var decFolders = new List<FolderView>();
async Task decryptAndAddFolderAsync(Folder folder)
{
var f = await folder.DecryptAsync();
decFolders.Add(f);
}
var tasks = new List<Task>();
var folders = await GetAllAsync();
foreach (var folder in folders)
{
tasks.Add(decryptAndAddFolderAsync(folder));
}
await Task.WhenAll(tasks);
decFolders = decFolders.OrderBy(f => f, new FolderLocaleComparer(_i18nService)).ToList();
var noneFolder = new FolderView
{
Name = _i18nService.T("FolderNone")
};
decFolders.Add(noneFolder);
_decryptedFolderCache = decFolders;
return _decryptedFolderCache;
}
public async Task<List<TreeNode<FolderView>>> GetAllNestedAsync(List<FolderView> folders = null)
{
if (folders == null)
{
folders = await GetAllDecryptedAsync();
}
var nodes = new List<TreeNode<FolderView>>();
foreach (var f in folders)
{
var folderCopy = new FolderView
{
Id = f.Id,
RevisionDate = f.RevisionDate
};
var parts = f.Name != null ?
Regex.Replace(f.Name, "^\\/+|\\/+$", string.Empty).Split(NestingDelimiter) : new string[] { };
CoreHelpers.NestedTraverse(nodes, 0, parts, folderCopy, null, NestingDelimiter);
}
return nodes;
}
public async Task<TreeNode<FolderView>> GetNestedAsync(string id)
{
var folders = await GetAllNestedAsync();
return CoreHelpers.GetTreeNodeObject(folders, id);
}
public async Task SaveWithServerAsync(Folder folder)
{
var request = new FolderRequest(folder);
FolderResponse response;
if (folder.Id == null)
{
response = await _apiService.PostFolderAsync(request);
folder.Id = response.Id;
}
else
{
response = await _apiService.PutFolderAsync(folder.Id, request);
}
var userId = await _stateService.GetActiveUserIdAsync();
var data = new FolderData(response, userId);
await UpsertAsync(data);
}
public async Task UpsertAsync(FolderData folder)
{
var folders = await _stateService.GetEncryptedFoldersAsync();
if (folders == null)
{
folders = new Dictionary<string, FolderData>();
}
if (!folders.ContainsKey(folder.Id))
{
folders.Add(folder.Id, null);
}
folders[folder.Id] = folder;
await _stateService.SetEncryptedFoldersAsync(folders);
_decryptedFolderCache = null;
}
public async Task UpsertAsync(List<FolderData> folder)
{
var folders = await _stateService.GetEncryptedFoldersAsync();
if (folders == null)
{
folders = new Dictionary<string, FolderData>();
}
foreach (var f in folder)
{
if (!folders.ContainsKey(f.Id))
{
folders.Add(f.Id, null);
}
folders[f.Id] = f;
}
await _stateService.SetEncryptedFoldersAsync(folders);
_decryptedFolderCache = null;
}
public async Task ReplaceAsync(Dictionary<string, FolderData> folders)
{
await _stateService.SetEncryptedFoldersAsync(folders);
_decryptedFolderCache = null;
}
public async Task ClearAsync(string userId)
{
await _stateService.SetEncryptedFoldersAsync(null, userId);
_decryptedFolderCache = null;
}
public async Task DeleteAsync(string id)
{
var folders = await _stateService.GetEncryptedFoldersAsync();
if (folders == null || !folders.ContainsKey(id))
{
return;
}
folders.Remove(id);
await _stateService.SetEncryptedFoldersAsync(folders);
_decryptedFolderCache = null;
// Items in a deleted folder are re-assigned to "No Folder"
var ciphers = await _stateService.GetEncryptedCiphersAsync();
if (ciphers != null)
{
var updates = new List<CipherData>();
foreach (var c in ciphers)
{
if (c.Value.FolderId == id)
{
c.Value.FolderId = null;
updates.Add(c.Value);
}
}
if (updates.Any())
{
await _cipherService.UpsertAsync(updates);
}
}
}
public async Task DeleteWithServerAsync(string id)
{
await _apiService.DeleteFolderAsync(id);
await DeleteAsync(id);
}
private class FolderLocaleComparer : IComparer<FolderView>
{
private readonly II18nService _i18nService;
public FolderLocaleComparer(II18nService i18nService)
{
_i18nService = i18nService;
}
public int Compare(FolderView a, FolderView b)
{
var aName = a?.Name;
var bName = b?.Name;
if (aName == null && bName != null)
{
return -1;
}
if (aName != null && bName == null)
{
return 1;
}
if (aName == null && bName == null)
{
return 0;
}
return _i18nService.StringComparer.Compare(aName, bName);
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink