From 5a1f09a568223b85429d5ff5457d6a30164d1ab0 Mon Sep 17 00:00:00 2001 From: Jake Fink Date: Tue, 27 Feb 2024 11:28:50 -0500 Subject: [PATCH] [PM-5499] Use public key for approving auth requests (#8110) * change key check to public key check * use public key for encryption * fix tests --- .../auth-request/auth-request.service.spec.ts | 14 ++++++++++---- .../services/auth-request/auth-request.service.ts | 4 ++-- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts b/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts index c6e3449b7a..b1971f6b52 100644 --- a/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts +++ b/libs/auth/src/common/services/auth-request/auth-request.service.spec.ts @@ -39,12 +39,12 @@ describe("AuthRequestService", () => { }); it("should throw if auth request is missing id or key", async () => { const authRequestNoId = new AuthRequestResponse({ id: "", key: "KEY" }); - const authRequestNoKey = new AuthRequestResponse({ id: "123", key: "" }); + const authRequestNoPublicKey = new AuthRequestResponse({ id: "123", publicKey: "" }); await expect(sut.approveOrDenyAuthRequest(true, authRequestNoId)).rejects.toThrow( "Auth request has no id", ); - await expect(sut.approveOrDenyAuthRequest(true, authRequestNoKey)).rejects.toThrow( + await expect(sut.approveOrDenyAuthRequest(true, authRequestNoPublicKey)).rejects.toThrow( "Auth request has no public key", ); }); @@ -53,7 +53,10 @@ describe("AuthRequestService", () => { cryptoService.getMasterKey.mockResolvedValueOnce({ encKey: new Uint8Array(64) } as MasterKey); stateService.getKeyHash.mockResolvedValueOnce("KEY_HASH"); - await sut.approveOrDenyAuthRequest(true, new AuthRequestResponse({ id: "123", key: "KEY" })); + await sut.approveOrDenyAuthRequest( + true, + new AuthRequestResponse({ id: "123", publicKey: "KEY" }), + ); expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything()); }); @@ -61,7 +64,10 @@ describe("AuthRequestService", () => { it("should use the user key if the master key and hash do not exist", async () => { cryptoService.getUserKey.mockResolvedValueOnce({ key: new Uint8Array(64) } as UserKey); - await sut.approveOrDenyAuthRequest(true, new AuthRequestResponse({ id: "123", key: "KEY" })); + await sut.approveOrDenyAuthRequest( + true, + new AuthRequestResponse({ id: "123", publicKey: "KEY" }), + ); expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything()); }); diff --git a/libs/auth/src/common/services/auth-request/auth-request.service.ts b/libs/auth/src/common/services/auth-request/auth-request.service.ts index ad9dd150d3..ab33780fe6 100644 --- a/libs/auth/src/common/services/auth-request/auth-request.service.ts +++ b/libs/auth/src/common/services/auth-request/auth-request.service.ts @@ -25,10 +25,10 @@ export class AuthRequestService implements AuthRequestServiceAbstraction { if (!authRequest.id) { throw new Error("Auth request has no id"); } - if (!authRequest.key) { + if (!authRequest.publicKey) { throw new Error("Auth request has no public key"); } - const pubKey = Utils.fromB64ToArray(authRequest.key); + const pubKey = Utils.fromB64ToArray(authRequest.publicKey); const masterKey = await this.cryptoService.getMasterKey(); const masterKeyHash = await this.stateService.getKeyHash();