mirror of
https://github.com/bitwarden/browser.git
synced 2025-01-20 21:01:29 +01:00
Ensure we only setup a communication when userId matches
This commit is contained in:
parent
326b6b3aaf
commit
8084b28013
@ -22,8 +22,9 @@ export class NativeMessagingService {
|
||||
private sharedSecrets = new Map<string, SymmetricCryptoKey>();
|
||||
|
||||
constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
|
||||
private platformUtilService: PlatformUtilsService, private logService: LogService, private i18nService: I18nService,
|
||||
private userService: UserService, private messagingService: MessagingService, private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) {
|
||||
private platformUtilService: PlatformUtilsService, private logService: LogService,
|
||||
private i18nService: I18nService, private userService: UserService, private messagingService: MessagingService,
|
||||
private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) {
|
||||
ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {
|
||||
this.messageHandler(message);
|
||||
});
|
||||
@ -37,6 +38,12 @@ export class NativeMessagingService {
|
||||
if (rawMessage.command === 'setupEncryption') {
|
||||
const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
|
||||
|
||||
// Valudate the UserId to ensure we are logged into the same account.
|
||||
if (rawMessage.userId !== await this.userService.getUserId()) {
|
||||
ipcRenderer.send('nativeMessagingReply', {command: 'wrongUserId', appId: appId});
|
||||
return;
|
||||
}
|
||||
|
||||
if (await this.storageService.get<boolean>(ElectronConstants.enableBrowserIntegrationFingerprint)) {
|
||||
ipcRenderer.send('nativeMessagingReply', {command: 'verifyFingerprint', appId: appId});
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user