Update

2025-12-10 05:13:48 +00:00 · 2025-12-04 13:27:23 +01:00
parent 4633b438f8
commit 5b766e936c
2 changed files with 20 additions and 14 deletions
--- a/src/Api/Auth/Controllers/AccountsController.cs
+++ b/src/Api/Auth/Controllers/AccountsController.cs
@@ -446,14 +446,14 @@ public class AccountsController : Controller

        if (model.AccountKeys != null)
        {
-            await _setAccountKeysForUserCommand.SetAccountKeysForUserAsync(user.Id, model.AccountKeys);
+            await _setAccountKeysForUserCommand.SetAccountKeysForUserAsync(user, model.AccountKeys);
        }
        else
        {
            await _userService.SaveUserAsync(model.ToUser(user));
        }

-        return new KeysResponseModel(user);
+        return new KeysResponseModel(model.AccountKeys.ToAccountKeysData(), user.Key);
    }

    [HttpGet("keys")]
@@ -465,7 +465,8 @@ public class AccountsController : Controller
            throw new UnauthorizedAccessException();
        }

-        return new KeysResponseModel(user);
+        var accountKeys = await _userAccountKeysQuery.Run(user);
+        return new KeysResponseModel(accountKeys, user.Key);
    }

    [HttpDelete]
--- a/src/Api/Models/Response/KeysResponseModel.cs
+++ b/src/Api/Models/Response/KeysResponseModel.cs
@@ -1,27 +1,32 @@
-// FIXME: Update this file to be null safe and then delete the line below
-#nullable disable
-
-using Bit.Core.Entities;
+using Bit.Core.KeyManagement.Models.Api.Response;
+using Bit.Core.KeyManagement.Models.Data;
 using Bit.Core.Models.Api;

 namespace Bit.Api.Models.Response;

 public class KeysResponseModel : ResponseModel
 {
-    public KeysResponseModel(User user)
+    public KeysResponseModel(UserAccountKeysData accountKeys, string? masterKeyWrappedUserKey)
        : base("keys")
    {
-        if (user == null)
+        if (masterKeyWrappedUserKey != null)
        {
-            throw new ArgumentNullException(nameof(user));
+            Key = masterKeyWrappedUserKey;
        }

-        Key = user.Key;
-        PublicKey = user.PublicKey;
-        PrivateKey = user.PrivateKey;
+        PublicKey = accountKeys.PublicKeyEncryptionKeyPairData.PublicKey;
+        PrivateKey = accountKeys.PublicKeyEncryptionKeyPairData.WrappedPrivateKey;
+        AccountKeys = new PrivateKeysResponseModel(accountKeys);
    }

-    public string Key { get; set; }
+    /// <summary>
+    /// The master key wrapped user key. The master key can either be a master-password master key or a
+    /// key-connector master key.
+    /// </summary>
+    public string? Key { get; set; }
+    [Obsolete("Use AccountKeys.PublicKeyEncryptionKeyPair.PublicKey instead")]
    public string PublicKey { get; set; }
+    [Obsolete("Use AccountKeys.PublicKeyEncryptionKeyPair.WrappedPrivateKey instead")]
    public string PrivateKey { get; set; }
+    public PrivateKeysResponseModel AccountKeys { get; set; }
 }