[PM-3483] Remove migrateKeyForNeverLockIfNeeded Logic (#8953)

* Remove `migrateKeyForNeverLockIfNeeded` Logic

* Fix Test

* Remove `migrateAutoKeyIfNeeded`

apps/browser/src/background/main.background.ts

@@ -737,7 +737,6 @@ export default class MainBackground {
       this.cipherService,
       this.folderService,
       this.collectionService,
-      this.cryptoService,
       this.platformUtilsService,
       this.messagingService,
       this.searchService,

apps/browser/src/background/service-factories/vault-timeout-service.factory.ts

@@ -12,10 +12,6 @@ import {
   internalMasterPasswordServiceFactory,
   MasterPasswordServiceInitOptions,
 } from "../../auth/background/service-factories/master-password-service.factory";
-import {
-  CryptoServiceInitOptions,
-  cryptoServiceFactory,
-} from "../../platform/background/service-factories/crypto-service.factory";
 import {
   CachedServices,
   factory,
@@ -70,7 +66,6 @@ export type VaultTimeoutServiceInitOptions = VaultTimeoutServiceFactoryOptions &
   CipherServiceInitOptions &
   FolderServiceInitOptions &
   CollectionServiceInitOptions &
-  CryptoServiceInitOptions &
   PlatformUtilsServiceInitOptions &
   MessagingServiceInitOptions &
   SearchServiceInitOptions &
@@ -94,7 +89,6 @@ export function vaultTimeoutServiceFactory(
         await cipherServiceFactory(cache, opts),
         await folderServiceFactory(cache, opts),
         await collectionServiceFactory(cache, opts),
-        await cryptoServiceFactory(cache, opts),
         await platformUtilsServiceFactory(cache, opts),
         await messagingServiceFactory(cache, opts),
         await searchServiceFactory(cache, opts),

apps/cli/src/bw.ts

@@ -611,7 +611,6 @@ export class Main {
       this.cipherService,
       this.folderService,
       this.collectionService,
-      this.cryptoService,
       this.platformUtilsService,
       this.messagingService,
       this.searchService,

libs/angular/src/services/jslib-services.module.ts

@@ -656,7 +656,6 @@ const safeProviders: SafeProvider[] = [
       CipherServiceAbstraction,
       FolderServiceAbstraction,
       CollectionServiceAbstraction,
-      CryptoServiceAbstraction,
       PlatformUtilsServiceAbstraction,
       MessagingServiceAbstraction,
       SearchServiceAbstraction,

libs/common/src/platform/abstractions/crypto.service.ts

@@ -296,10 +296,6 @@ export abstract class CryptoService {
     kdfConfig: KdfConfig,
     oldPinKey: EncString,
   ): Promise<UserKey>;
-  /**
-   * Replaces old master auto keys with new user auto keys
-   */
-  abstract migrateAutoKeyIfNeeded(userId?: string): Promise<void>;
   /**
    * @param keyMaterial The key material to derive the send key from
    * @returns A new send key

libs/common/src/platform/abstractions/state.service.ts

@@ -82,10 +82,6 @@ export abstract class StateService<T extends Account = Account> {
    * @deprecated For migration purposes only, use getUserKeyMasterKey instead
    */
   getEncryptedCryptoSymmetricKey: (options?: StorageOptions) => Promise<string>;
-  /**
-   * @deprecated For migration purposes only, use getUserKeyAuto instead
-   */
-  getCryptoMasterKeyAuto: (options?: StorageOptions) => Promise<string>;
   /**
    * @deprecated For migration purposes only, use setUserKeyAuto instead
    */

libs/common/src/platform/services/crypto.service.ts

@@ -930,35 +930,6 @@ export class CryptoService implements CryptoServiceAbstraction {
     }
   }
 
-  async migrateAutoKeyIfNeeded(userId?: UserId) {
-    const oldAutoKey = await this.stateService.getCryptoMasterKeyAuto({ userId: userId });
-    if (!oldAutoKey) {
-      return;
-    }
-    // Decrypt
-    const masterKey = new SymmetricCryptoKey(Utils.fromB64ToArray(oldAutoKey)) as MasterKey;
-    if (await this.isLegacyUser(masterKey, userId)) {
-      // Legacy users don't have a user key, so no need to migrate.
-      // Instead, set the master key for additional isLegacyUser checks that will log the user out.
-      userId ??= await firstValueFrom(this.stateProvider.activeUserId$);
-      await this.masterPasswordService.setMasterKey(masterKey, userId);
-      return;
-    }
-    const encryptedUserKey = await this.stateService.getEncryptedCryptoSymmetricKey({
-      userId: userId,
-    });
-    const userKey = await this.decryptUserKeyWithMasterKey(
-      masterKey,
-      new EncString(encryptedUserKey),
-      userId,
-    );
-    // Migrate
-    await this.stateService.setUserKeyAutoUnlock(userKey.keyB64, { userId: userId });
-    await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });
-    // Set encrypted user key in case user immediately locks without syncing
-    await this.setMasterKeyEncryptedUserKey(encryptedUserKey);
-  }
-
   async decryptAndMigrateOldPinKey(
     masterPasswordOnRestart: boolean,
     pin: string,

libs/common/src/platform/services/state.service.ts

@@ -268,23 +268,6 @@ export class StateService<
     );
   }
 
-  /**
-   * @deprecated Use UserKeyAuto instead
-   */
-  async getCryptoMasterKeyAuto(options?: StorageOptions): Promise<string> {
-    options = this.reconcileOptions(
-      this.reconcileOptions(options, { keySuffix: "auto" }),
-      await this.defaultSecureStorageOptions(),
-    );
-    if (options?.userId == null) {
-      return null;
-    }
-    return await this.secureStorageService.get<string>(
-      `${options.userId}${partialKeys.autoKey}`,
-      options,
-    );
-  }
-
   /**
    * @deprecated Use UserKeyAuto instead
    */

libs/common/src/services/vault-timeout/vault-timeout.service.spec.ts

@@ -9,7 +9,6 @@ import { AuthService } from "../../auth/abstractions/auth.service";
 import { AuthenticationStatus } from "../../auth/enums/authentication-status";
 import { FakeMasterPasswordService } from "../../auth/services/master-password/fake-master-password.service";
 import { VaultTimeoutAction } from "../../enums/vault-timeout-action.enum";
-import { CryptoService } from "../../platform/abstractions/crypto.service";
 import { MessagingService } from "../../platform/abstractions/messaging.service";
 import { PlatformUtilsService } from "../../platform/abstractions/platform-utils.service";
 import { StateService } from "../../platform/abstractions/state.service";
@@ -28,7 +27,6 @@ describe("VaultTimeoutService", () => {
   let cipherService: MockProxy<CipherService>;
   let folderService: MockProxy<FolderService>;
   let collectionService: MockProxy<CollectionService>;
-  let cryptoService: MockProxy<CryptoService>;
   let platformUtilsService: MockProxy<PlatformUtilsService>;
   let messagingService: MockProxy<MessagingService>;
   let searchService: MockProxy<SearchService>;
@@ -52,7 +50,6 @@ describe("VaultTimeoutService", () => {
     cipherService = mock();
     folderService = mock();
     collectionService = mock();
-    cryptoService = mock();
     platformUtilsService = mock();
     messagingService = mock();
     searchService = mock();
@@ -76,7 +73,6 @@ describe("VaultTimeoutService", () => {
       cipherService,
       folderService,
       collectionService,
-      cryptoService,
       platformUtilsService,
       messagingService,
       searchService,

libs/common/src/services/vault-timeout/vault-timeout.service.ts

@@ -7,9 +7,7 @@ import { AccountService } from "../../auth/abstractions/account.service";
 import { AuthService } from "../../auth/abstractions/auth.service";
 import { InternalMasterPasswordServiceAbstraction } from "../../auth/abstractions/master-password.service.abstraction";
 import { AuthenticationStatus } from "../../auth/enums/authentication-status";
-import { ClientType } from "../../enums";
 import { VaultTimeoutAction } from "../../enums/vault-timeout-action.enum";
-import { CryptoService } from "../../platform/abstractions/crypto.service";
 import { MessagingService } from "../../platform/abstractions/messaging.service";
 import { PlatformUtilsService } from "../../platform/abstractions/platform-utils.service";
 import { StateService } from "../../platform/abstractions/state.service";
@@ -28,7 +26,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
     private cipherService: CipherService,
     private folderService: FolderService,
     private collectionService: CollectionService,
-    private cryptoService: CryptoService,
     protected platformUtilsService: PlatformUtilsService,
     private messagingService: MessagingService,
     private searchService: SearchService,
@@ -44,8 +41,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
     if (this.inited) {
       return;
     }
-    // TODO: Remove after 2023.10 release (https://bitwarden.atlassian.net/browse/PM-3483)
-    await this.migrateKeyForNeverLockIfNeeded();
 
     this.inited = true;
     if (checkOnInterval) {
@@ -175,21 +170,4 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
       ? await this.logOut(userId)
       : await this.lock(userId);
   }
-
-  private async migrateKeyForNeverLockIfNeeded(): Promise<void> {
-    // Web can't set vault timeout to never
-    if (this.platformUtilsService.getClientType() == ClientType.Web) {
-      return;
-    }
-    const accounts = await firstValueFrom(this.stateService.accounts$);
-    for (const userId in accounts) {
-      if (userId != null) {
-        await this.cryptoService.migrateAutoKeyIfNeeded(userId);
-        // Legacy users should be logged out since we're not on the web vault and can't migrate.
-        if (await this.cryptoService.isLegacyUser(null, userId)) {
-          await this.logOut(userId);
-        }
-      }
-    }
-  }
 }