From 81a0f19d9095e65bb783573b962b04a9562eac0c Mon Sep 17 00:00:00 2001 From: Jacob Fink Date: Thu, 5 Oct 2023 15:21:18 -0400 Subject: [PATCH] move view ciphers logic to service --- .../emergency-access.service.ts | 48 +++++++++++++++---- .../emergency-access-view.component.ts | 38 ++------------- 2 files changed, 43 insertions(+), 43 deletions(-) diff --git a/apps/web/src/app/auth/core/services/emergency-access/emergency-access.service.ts b/apps/web/src/app/auth/core/services/emergency-access/emergency-access.service.ts index c007ed98ac..12cc25ffe7 100644 --- a/apps/web/src/app/auth/core/services/emergency-access/emergency-access.service.ts +++ b/apps/web/src/app/auth/core/services/emergency-access/emergency-access.service.ts @@ -10,8 +10,16 @@ import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.se import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; import { Utils } from "@bitwarden/common/platform/misc/utils"; import { EncryptedString } from "@bitwarden/common/platform/models/domain/enc-string"; -import { UserKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; +import { + SymmetricCryptoKey, + UserKey, +} from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; import { EmergencyAccessApiService } from "./emergency-access-api.service"; +import { EmergencyAccessGranteeView } from "../../views/emergency-access.view"; +import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view"; +import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service"; +import { Cipher } from "@bitwarden/common/vault/models/domain/cipher"; +import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service"; @Injectable() export class EmergencyAccessService { @@ -19,13 +27,19 @@ export class EmergencyAccessService { private emergencyAccessApiService: EmergencyAccessApiService, private apiService: ApiService, private cryptoService: CryptoService, + private encryptService: EncryptService, + private cipherService: CipherService, private logService: LogService ) {} + async getEmergencyAccessTrusted(): Promise { + return; + } + /** * Invites the email address to be an emergency contact * Step 1 of the 3 step setup flow - * Performed by grantor + * Intended for grantor * @param email email address of trusted emergency contact * @param type type of emergency access * @param waitTimeDays number of days to wait before granting access @@ -41,7 +55,7 @@ export class EmergencyAccessService { /** * Edits an existing emergency access - * Performed by grantor + * Intended for grantor * @param id emergency access id * @param type type of emergency access * @param waitTimeDays number of days to wait before granting access @@ -57,7 +71,7 @@ export class EmergencyAccessService { /** * Accepts an emergency access invitation * Step 2 of the 3 step setup flow - * Performed by grantee + * Intended for grantee * @param id emergency access id * @param token secret token provided in email */ @@ -71,7 +85,7 @@ export class EmergencyAccessService { /** * Encrypts user key with grantee's public key and sends to bitwarden * Step 3 of the 3 step setup flow - * Performed by grantor + * Intended for grantor * @param id emergency access id * @param token secret token provided in email */ @@ -99,7 +113,7 @@ export class EmergencyAccessService { /** * Requests access to grantor's vault - * Performed by grantee + * Intended for grantee * @param id emergency access id */ requestAccess(id: string): Promise { @@ -108,7 +122,7 @@ export class EmergencyAccessService { /** * Approves access to grantor's vault - * Performed by grantor + * Intended for grantor * @param id emergency access id */ approve(id: string): Promise { @@ -117,13 +131,31 @@ export class EmergencyAccessService { /** * Rejects access to grantor's vault - * Performed by grantor + * Intended for grantor * @param id emergency access id */ reject(id: string): Promise { return this.emergencyAccessApiService.postEmergencyAccessReject(id); } + /** + * Gets the grantor ciphers for an emergency access in view mode + * Intended for grantee + * @param id emergency access id + */ + async getViewOnlyCiphers(id: string): Promise { + const response = await this.emergencyAccessApiService.postEmergencyAccessView(id); + + const grantorKeyBuffer = await this.cryptoService.rsaDecrypt(response.keyEncrypted); + const grantorUserKey = new SymmetricCryptoKey(grantorKeyBuffer) as UserKey; + + const ciphers = await this.encryptService.decryptItems( + response.ciphers.map((c) => new Cipher(c)), + grantorUserKey + ); + return ciphers.sort(this.cipherService.getLocaleSortingFunction()); + } + async rotateEmergencyAccess(newUserKey: UserKey) { const emergencyAccess = await this.emergencyAccessApiService.getEmergencyAccessTrusted(); // Any Invited or Accepted requests won't have the key yet, so we don't need to update them diff --git a/apps/web/src/app/auth/settings/emergency-access/emergency-access-view.component.ts b/apps/web/src/app/auth/settings/emergency-access/emergency-access-view.component.ts index a76074af4a..7d63ef8b28 100644 --- a/apps/web/src/app/auth/settings/emergency-access/emergency-access-view.component.ts +++ b/apps/web/src/app/auth/settings/emergency-access/emergency-access-view.component.ts @@ -2,17 +2,8 @@ import { Component, OnInit, ViewChild, ViewContainerRef } from "@angular/core"; import { ActivatedRoute, Router } from "@angular/router"; import { ModalService } from "@bitwarden/angular/services/modal.service"; -import { EmergencyAccessViewResponse } from "@bitwarden/common/auth/models/response/emergency-access.response"; -import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service"; -import { - SymmetricCryptoKey, - UserKey, -} from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; -import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service"; -import { CipherData } from "@bitwarden/common/vault/models/data/cipher.data"; -import { Cipher } from "@bitwarden/common/vault/models/domain/cipher"; import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view"; -import { EmergencyAccessApiService } from "../../core/services/emergency-access/emergency-access-api.service"; +import { EmergencyAccessService } from "../../core/services/emergency-access/emergency-access.service"; import { EmergencyAccessAttachmentsComponent } from "./emergency-access-attachments.component"; import { EmergencyAddEditComponent } from "./emergency-add-edit.component"; @@ -33,12 +24,10 @@ export class EmergencyAccessViewComponent implements OnInit { loaded = false; constructor( - private cipherService: CipherService, - private cryptoService: CryptoService, private modalService: ModalService, private router: Router, private route: ActivatedRoute, - private emergencyAccessApiService: EmergencyAccessApiService + private emergencyAccessService: EmergencyAccessService ) {} ngOnInit() { @@ -69,8 +58,7 @@ export class EmergencyAccessViewComponent implements OnInit { } async load() { - const response = await this.emergencyAccessApiService.postEmergencyAccessView(this.id); - this.ciphers = await this.getAllCiphers(response); + this.ciphers = await this.emergencyAccessService.getViewOnlyCiphers(this.id); this.loaded = true; } @@ -84,24 +72,4 @@ export class EmergencyAccessViewComponent implements OnInit { } ); } - - protected async getAllCiphers(response: EmergencyAccessViewResponse): Promise { - const ciphers = response.ciphers; - - const decCiphers: CipherView[] = []; - const oldKeyBuffer = await this.cryptoService.rsaDecrypt(response.keyEncrypted); - const oldUserKey = new SymmetricCryptoKey(oldKeyBuffer) as UserKey; - - const promises: any[] = []; - ciphers.forEach((cipherResponse) => { - const cipherData = new CipherData(cipherResponse); - const cipher = new Cipher(cipherData); - promises.push(cipher.decrypt(oldUserKey).then((c) => decCiphers.push(c))); - }); - - await Promise.all(promises); - decCiphers.sort(this.cipherService.getLocaleSortingFunction()); - - return decCiphers; - } }