PM-7745 - SSO Login Strategy - trySetUserKeyWithDeviceKey should use the user id from the IdTokenResponse and not StateService as I suspect it's not working as expected. Thinking there might be a race condition where the user id is null or maybe incorrect. (#8927)

This commit is contained in:
Jared Snider 2024-04-26 10:18:05 -04:00 committed by GitHub
parent acea273f97
commit 7f5efcc18c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 4 deletions

View File

@ -244,7 +244,7 @@ export class SsoLoginStrategy extends LoginStrategy {
// Only try to set user key with device key if admin approval request was not successful
if (!hasUserKey) {
await this.trySetUserKeyWithDeviceKey(tokenResponse);
await this.trySetUserKeyWithDeviceKey(tokenResponse, userId);
}
} else if (
masterKeyEncryptedUserKey != null &&
@ -312,11 +312,12 @@ export class SsoLoginStrategy extends LoginStrategy {
}
}
private async trySetUserKeyWithDeviceKey(tokenResponse: IdentityTokenResponse): Promise<void> {
private async trySetUserKeyWithDeviceKey(
tokenResponse: IdentityTokenResponse,
userId: UserId,
): Promise<void> {
const trustedDeviceOption = tokenResponse.userDecryptionOptions?.trustedDeviceOption;
const userId = (await this.stateService.getUserId()) as UserId;
const deviceKey = await this.deviceTrustService.getDeviceKey(userId);
const encDevicePrivateKey = trustedDeviceOption?.encryptedPrivateKey;
const encUserKey = trustedDeviceOption?.encryptedUserKey;