mirror of
https://github.com/bitwarden/browser.git
synced 2024-12-22 16:29:09 +01:00
[PM-7169][PM-5267] Remove auth status from account info (#8539)
* remove active account unlocked from state service * Remove status from account service `AccountInfo` * Fixup lingering usages of status Fixup missed factories * Fixup account info usage * fixup CLI build * Fixup current account type * Add helper for all auth statuses to auth service * Fix tests * Uncomment mistakenly commented code * Rework logged out account exclusion tests * Correct test description * Avoid getters returning observables * fixup type
This commit is contained in:
parent
c7ea35280d
commit
8d698d9d84
@ -6,6 +6,7 @@ import { Subject, firstValueFrom, map, switchMap, takeUntil } from "rxjs";
|
||||
import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service";
|
||||
import { VaultTimeoutService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout.service";
|
||||
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
@ -32,6 +33,7 @@ export class AccountSwitcherComponent implements OnInit, OnDestroy {
|
||||
private location: Location,
|
||||
private router: Router,
|
||||
private vaultTimeoutSettingsService: VaultTimeoutSettingsService,
|
||||
private authService: AuthService,
|
||||
) {}
|
||||
|
||||
get accountLimit() {
|
||||
@ -42,13 +44,14 @@ export class AccountSwitcherComponent implements OnInit, OnDestroy {
|
||||
return this.accountSwitcherService.SPECIAL_ADD_ACCOUNT_ID;
|
||||
}
|
||||
|
||||
get availableAccounts$() {
|
||||
return this.accountSwitcherService.availableAccounts$;
|
||||
}
|
||||
|
||||
get currentAccount$() {
|
||||
return this.accountService.activeAccount$;
|
||||
}
|
||||
readonly availableAccounts$ = this.accountSwitcherService.availableAccounts$;
|
||||
readonly currentAccount$ = this.accountService.activeAccount$.pipe(
|
||||
switchMap((a) =>
|
||||
a == null
|
||||
? null
|
||||
: this.authService.activeAccountStatus$.pipe(map((s) => ({ ...a, status: s }))),
|
||||
),
|
||||
);
|
||||
|
||||
async ngOnInit() {
|
||||
const availableVaultTimeoutActions = await firstValueFrom(
|
||||
|
@ -4,6 +4,7 @@ import { ActivatedRoute, Router } from "@angular/router";
|
||||
import { Observable, combineLatest, switchMap } from "rxjs";
|
||||
|
||||
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||
import { AvatarService } from "@bitwarden/common/auth/abstractions/avatar.service";
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
@ -29,12 +30,14 @@ export class CurrentAccountComponent {
|
||||
private router: Router,
|
||||
private location: Location,
|
||||
private route: ActivatedRoute,
|
||||
private authService: AuthService,
|
||||
) {
|
||||
this.currentAccount$ = combineLatest([
|
||||
this.accountService.activeAccount$,
|
||||
this.avatarService.avatarColor$,
|
||||
this.authService.activeAccountStatus$,
|
||||
]).pipe(
|
||||
switchMap(async ([account, avatarColor]) => {
|
||||
switchMap(async ([account, avatarColor, accountStatus]) => {
|
||||
if (account == null) {
|
||||
return null;
|
||||
}
|
||||
@ -42,7 +45,7 @@ export class CurrentAccountComponent {
|
||||
id: account.id,
|
||||
name: account.name || account.email,
|
||||
email: account.email,
|
||||
status: account.status,
|
||||
status: accountStatus,
|
||||
avatarColor,
|
||||
};
|
||||
|
||||
|
@ -1,7 +1,8 @@
|
||||
import { matches, mock } from "jest-mock-extended";
|
||||
import { BehaviorSubject, firstValueFrom, of, timeout } from "rxjs";
|
||||
import { BehaviorSubject, ReplaySubject, firstValueFrom, of, timeout } from "rxjs";
|
||||
|
||||
import { AccountInfo, AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||
import { AvatarService } from "@bitwarden/common/auth/abstractions/avatar.service";
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
|
||||
@ -12,22 +13,29 @@ import { UserId } from "@bitwarden/common/types/guid";
|
||||
import { AccountSwitcherService } from "./account-switcher.service";
|
||||
|
||||
describe("AccountSwitcherService", () => {
|
||||
const accountsSubject = new BehaviorSubject<Record<UserId, AccountInfo>>(null);
|
||||
const activeAccountSubject = new BehaviorSubject<{ id: UserId } & AccountInfo>(null);
|
||||
let accountsSubject: BehaviorSubject<Record<UserId, AccountInfo>>;
|
||||
let activeAccountSubject: BehaviorSubject<{ id: UserId } & AccountInfo>;
|
||||
let authStatusSubject: ReplaySubject<Record<UserId, AuthenticationStatus>>;
|
||||
|
||||
const accountService = mock<AccountService>();
|
||||
const avatarService = mock<AvatarService>();
|
||||
const messagingService = mock<MessagingService>();
|
||||
const environmentService = mock<EnvironmentService>();
|
||||
const logService = mock<LogService>();
|
||||
const authService = mock<AuthService>();
|
||||
|
||||
let accountSwitcherService: AccountSwitcherService;
|
||||
|
||||
beforeEach(() => {
|
||||
jest.resetAllMocks();
|
||||
accountsSubject = new BehaviorSubject<Record<UserId, AccountInfo>>(null);
|
||||
activeAccountSubject = new BehaviorSubject<{ id: UserId } & AccountInfo>(null);
|
||||
authStatusSubject = new ReplaySubject<Record<UserId, AuthenticationStatus>>(1);
|
||||
|
||||
// Use subject to allow for easy updates
|
||||
accountService.accounts$ = accountsSubject;
|
||||
accountService.activeAccount$ = activeAccountSubject;
|
||||
authService.authStatuses$ = authStatusSubject;
|
||||
|
||||
accountSwitcherService = new AccountSwitcherService(
|
||||
accountService,
|
||||
@ -35,48 +43,59 @@ describe("AccountSwitcherService", () => {
|
||||
messagingService,
|
||||
environmentService,
|
||||
logService,
|
||||
authService,
|
||||
);
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
accountsSubject.complete();
|
||||
activeAccountSubject.complete();
|
||||
authStatusSubject.complete();
|
||||
});
|
||||
|
||||
describe("availableAccounts$", () => {
|
||||
it("should return all accounts and an add account option when accounts are less than 5", async () => {
|
||||
const user1AccountInfo: AccountInfo = {
|
||||
it("should return all logged in accounts and an add account option when accounts are less than 5", async () => {
|
||||
const accountInfo: AccountInfo = {
|
||||
name: "Test User 1",
|
||||
email: "test1@email.com",
|
||||
status: AuthenticationStatus.Unlocked,
|
||||
};
|
||||
|
||||
avatarService.getUserAvatarColor$.mockReturnValue(of("#cccccc"));
|
||||
accountsSubject.next({
|
||||
"1": user1AccountInfo,
|
||||
} as Record<UserId, AccountInfo>);
|
||||
|
||||
activeAccountSubject.next(Object.assign(user1AccountInfo, { id: "1" as UserId }));
|
||||
accountsSubject.next({ ["1" as UserId]: accountInfo, ["2" as UserId]: accountInfo });
|
||||
authStatusSubject.next({
|
||||
["1" as UserId]: AuthenticationStatus.Unlocked,
|
||||
["2" as UserId]: AuthenticationStatus.Locked,
|
||||
});
|
||||
activeAccountSubject.next(Object.assign(accountInfo, { id: "1" as UserId }));
|
||||
|
||||
const accounts = await firstValueFrom(
|
||||
accountSwitcherService.availableAccounts$.pipe(timeout(20)),
|
||||
);
|
||||
expect(accounts).toHaveLength(2);
|
||||
expect(accounts).toHaveLength(3);
|
||||
expect(accounts[0].id).toBe("1");
|
||||
expect(accounts[0].isActive).toBeTruthy();
|
||||
|
||||
expect(accounts[1].id).toBe("addAccount");
|
||||
expect(accounts[1].id).toBe("2");
|
||||
expect(accounts[1].isActive).toBeFalsy();
|
||||
|
||||
expect(accounts[2].id).toBe("addAccount");
|
||||
expect(accounts[2].isActive).toBeFalsy();
|
||||
});
|
||||
|
||||
it.each([5, 6])(
|
||||
"should return only accounts if there are %i accounts",
|
||||
async (numberOfAccounts) => {
|
||||
const seedAccounts: Record<UserId, AccountInfo> = {};
|
||||
const seedStatuses: Record<UserId, AuthenticationStatus> = {};
|
||||
for (let i = 0; i < numberOfAccounts; i++) {
|
||||
seedAccounts[`${i}` as UserId] = {
|
||||
email: `test${i}@email.com`,
|
||||
name: "Test User ${i}",
|
||||
status: AuthenticationStatus.Unlocked,
|
||||
};
|
||||
seedStatuses[`${i}` as UserId] = AuthenticationStatus.Unlocked;
|
||||
}
|
||||
avatarService.getUserAvatarColor$.mockReturnValue(of("#cccccc"));
|
||||
accountsSubject.next(seedAccounts);
|
||||
authStatusSubject.next(seedStatuses);
|
||||
activeAccountSubject.next(
|
||||
Object.assign(seedAccounts["1" as UserId], { id: "1" as UserId }),
|
||||
);
|
||||
@ -89,6 +108,26 @@ describe("AccountSwitcherService", () => {
|
||||
});
|
||||
},
|
||||
);
|
||||
|
||||
it("excludes logged out accounts", async () => {
|
||||
const user1AccountInfo: AccountInfo = {
|
||||
name: "Test User 1",
|
||||
email: "",
|
||||
};
|
||||
accountsSubject.next({ ["1" as UserId]: user1AccountInfo });
|
||||
authStatusSubject.next({ ["1" as UserId]: AuthenticationStatus.LoggedOut });
|
||||
accountsSubject.next({
|
||||
"1": user1AccountInfo,
|
||||
} as Record<UserId, AccountInfo>);
|
||||
|
||||
const accounts = await firstValueFrom(
|
||||
accountSwitcherService.availableAccounts$.pipe(timeout(20)),
|
||||
);
|
||||
|
||||
// Add account only
|
||||
expect(accounts).toHaveLength(1);
|
||||
expect(accounts[0].id).toBe("addAccount");
|
||||
});
|
||||
});
|
||||
|
||||
describe("selectAccount", () => {
|
||||
|
@ -11,6 +11,7 @@ import {
|
||||
} from "rxjs";
|
||||
|
||||
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||
import { AvatarService } from "@bitwarden/common/auth/abstractions/avatar.service";
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
|
||||
@ -48,25 +49,27 @@ export class AccountSwitcherService {
|
||||
private messagingService: MessagingService,
|
||||
private environmentService: EnvironmentService,
|
||||
private logService: LogService,
|
||||
authService: AuthService,
|
||||
) {
|
||||
this.availableAccounts$ = combineLatest([
|
||||
this.accountService.accounts$,
|
||||
accountService.accounts$,
|
||||
authService.authStatuses$,
|
||||
this.accountService.activeAccount$,
|
||||
]).pipe(
|
||||
switchMap(async ([accounts, activeAccount]) => {
|
||||
const accountEntries = Object.entries(accounts).filter(
|
||||
([_, account]) => account.status !== AuthenticationStatus.LoggedOut,
|
||||
switchMap(async ([accounts, accountStatuses, activeAccount]) => {
|
||||
const loggedInIds = Object.keys(accounts).filter(
|
||||
(id: UserId) => accountStatuses[id] !== AuthenticationStatus.LoggedOut,
|
||||
);
|
||||
// Accounts shouldn't ever be more than ACCOUNT_LIMIT but just in case do a greater than
|
||||
const hasMaxAccounts = accountEntries.length >= this.ACCOUNT_LIMIT;
|
||||
const hasMaxAccounts = loggedInIds.length >= this.ACCOUNT_LIMIT;
|
||||
const options: AvailableAccount[] = await Promise.all(
|
||||
accountEntries.map(async ([id, account]) => {
|
||||
loggedInIds.map(async (id: UserId) => {
|
||||
return {
|
||||
name: account.name ?? account.email,
|
||||
email: account.email,
|
||||
name: accounts[id].name ?? accounts[id].email,
|
||||
email: accounts[id].email,
|
||||
id: id,
|
||||
server: (await this.environmentService.getEnvironment(id))?.getHostname(),
|
||||
status: account.status,
|
||||
status: accountStatuses[id],
|
||||
isActive: id === activeAccount?.id,
|
||||
avatarColor: await firstValueFrom(
|
||||
this.avatarService.getUserAvatarColor$(id as UserId),
|
||||
|
@ -779,14 +779,14 @@ export default class MainBackground {
|
||||
this.apiService,
|
||||
this.stateProvider,
|
||||
this.logService,
|
||||
this.accountService,
|
||||
this.authService,
|
||||
);
|
||||
this.eventCollectionService = new EventCollectionService(
|
||||
this.cipherService,
|
||||
this.stateProvider,
|
||||
this.organizationService,
|
||||
this.eventUploadService,
|
||||
this.accountService,
|
||||
this.authService,
|
||||
);
|
||||
this.totpService = new TotpService(this.cryptoFunctionService, this.logService);
|
||||
|
||||
|
@ -5,7 +5,10 @@ import {
|
||||
organizationServiceFactory,
|
||||
OrganizationServiceInitOptions,
|
||||
} from "../../admin-console/background/service-factories/organization-service.factory";
|
||||
import { accountServiceFactory } from "../../auth/background/service-factories/account-service.factory";
|
||||
import {
|
||||
authServiceFactory,
|
||||
AuthServiceInitOptions,
|
||||
} from "../../auth/background/service-factories/auth-service.factory";
|
||||
import {
|
||||
FactoryOptions,
|
||||
CachedServices,
|
||||
@ -29,7 +32,8 @@ export type EventCollectionServiceInitOptions = EventCollectionServiceOptions &
|
||||
CipherServiceInitOptions &
|
||||
StateServiceInitOptions &
|
||||
OrganizationServiceInitOptions &
|
||||
EventUploadServiceInitOptions;
|
||||
EventUploadServiceInitOptions &
|
||||
AuthServiceInitOptions;
|
||||
|
||||
export function eventCollectionServiceFactory(
|
||||
cache: { eventCollectionService?: AbstractEventCollectionService } & CachedServices,
|
||||
@ -45,7 +49,7 @@ export function eventCollectionServiceFactory(
|
||||
await stateProviderFactory(cache, opts),
|
||||
await organizationServiceFactory(cache, opts),
|
||||
await eventUploadServiceFactory(cache, opts),
|
||||
await accountServiceFactory(cache, opts),
|
||||
await authServiceFactory(cache, opts),
|
||||
),
|
||||
);
|
||||
}
|
||||
|
@ -1,7 +1,10 @@
|
||||
import { EventUploadService as AbstractEventUploadService } from "@bitwarden/common/abstractions/event/event-upload.service";
|
||||
import { EventUploadService } from "@bitwarden/common/services/event/event-upload.service";
|
||||
|
||||
import { accountServiceFactory } from "../../auth/background/service-factories/account-service.factory";
|
||||
import {
|
||||
AuthServiceInitOptions,
|
||||
authServiceFactory,
|
||||
} from "../../auth/background/service-factories/auth-service.factory";
|
||||
import {
|
||||
ApiServiceInitOptions,
|
||||
apiServiceFactory,
|
||||
@ -23,7 +26,8 @@ type EventUploadServiceOptions = FactoryOptions;
|
||||
export type EventUploadServiceInitOptions = EventUploadServiceOptions &
|
||||
ApiServiceInitOptions &
|
||||
StateServiceInitOptions &
|
||||
LogServiceInitOptions;
|
||||
LogServiceInitOptions &
|
||||
AuthServiceInitOptions;
|
||||
|
||||
export function eventUploadServiceFactory(
|
||||
cache: { eventUploadService?: AbstractEventUploadService } & CachedServices,
|
||||
@ -38,7 +42,7 @@ export function eventUploadServiceFactory(
|
||||
await apiServiceFactory(cache, opts),
|
||||
await stateProviderFactory(cache, opts),
|
||||
await logServiceFactory(cache, opts),
|
||||
await accountServiceFactory(cache, opts),
|
||||
await authServiceFactory(cache, opts),
|
||||
),
|
||||
);
|
||||
}
|
||||
|
@ -1,8 +1,10 @@
|
||||
import { Component, Input } from "@angular/core";
|
||||
import { Observable, map } from "rxjs";
|
||||
import { Observable, combineLatest, map, of, switchMap } from "rxjs";
|
||||
|
||||
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
import { UserId } from "@bitwarden/common/types/guid";
|
||||
|
||||
import { enableAccountSwitching } from "../flags";
|
||||
|
||||
@ -14,14 +16,18 @@ export class HeaderComponent {
|
||||
@Input() noTheme = false;
|
||||
@Input() hideAccountSwitcher = false;
|
||||
authedAccounts$: Observable<boolean>;
|
||||
constructor(accountService: AccountService) {
|
||||
constructor(accountService: AccountService, authService: AuthService) {
|
||||
this.authedAccounts$ = accountService.accounts$.pipe(
|
||||
map((accounts) => {
|
||||
switchMap((accounts) => {
|
||||
if (!enableAccountSwitching()) {
|
||||
return false;
|
||||
return of(false);
|
||||
}
|
||||
|
||||
return Object.values(accounts).some((a) => a.status !== AuthenticationStatus.LoggedOut);
|
||||
return combineLatest(
|
||||
Object.keys(accounts).map((id) => authService.authStatusFor$(id as UserId)),
|
||||
).pipe(
|
||||
map((statuses) => statuses.some((status) => status !== AuthenticationStatus.LoggedOut)),
|
||||
);
|
||||
}),
|
||||
);
|
||||
}
|
||||
|
@ -1,9 +1,10 @@
|
||||
import { ChangeDetectorRef, Component, NgZone, OnDestroy, OnInit } from "@angular/core";
|
||||
import { NavigationEnd, Router, RouterOutlet } from "@angular/router";
|
||||
import { ToastrService } from "ngx-toastr";
|
||||
import { filter, concatMap, Subject, takeUntil, firstValueFrom } from "rxjs";
|
||||
import { filter, concatMap, Subject, takeUntil, firstValueFrom, map } from "rxjs";
|
||||
|
||||
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { DialogService, SimpleDialogOptions } from "@bitwarden/components";
|
||||
@ -57,8 +58,9 @@ export class AppComponent implements OnInit, OnDestroy {
|
||||
this.activeUserId = userId;
|
||||
});
|
||||
|
||||
this.stateService.activeAccountUnlocked$
|
||||
this.authService.activeAccountStatus$
|
||||
.pipe(
|
||||
map((status) => status === AuthenticationStatus.Unlocked),
|
||||
filter((unlocked) => unlocked),
|
||||
concatMap(async () => {
|
||||
await this.recordActivity();
|
||||
|
@ -678,7 +678,7 @@ export class Main {
|
||||
this.apiService,
|
||||
this.stateProvider,
|
||||
this.logService,
|
||||
this.accountService,
|
||||
this.authService,
|
||||
);
|
||||
|
||||
this.eventCollectionService = new EventCollectionService(
|
||||
@ -686,7 +686,7 @@ export class Main {
|
||||
this.stateProvider,
|
||||
this.organizationService,
|
||||
this.eventUploadService,
|
||||
this.accountService,
|
||||
this.authService,
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -2,7 +2,6 @@ import { Injectable, inject } from "@angular/core";
|
||||
import { CanActivate, CanActivateFn, Router, UrlTree } from "@angular/router";
|
||||
import { Observable, map } from "rxjs";
|
||||
|
||||
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||
import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
|
||||
@ -43,14 +42,14 @@ const defaultRoutes: UnauthRoutes = {
|
||||
};
|
||||
|
||||
function unauthGuard(routes: UnauthRoutes): Observable<boolean | UrlTree> {
|
||||
const accountService = inject(AccountService);
|
||||
const authService = inject(AuthService);
|
||||
const router = inject(Router);
|
||||
|
||||
return accountService.activeAccount$.pipe(
|
||||
map((accountData) => {
|
||||
if (accountData == null || accountData.status === AuthenticationStatus.LoggedOut) {
|
||||
return authService.activeAccountStatus$.pipe(
|
||||
map((status) => {
|
||||
if (status == null || status === AuthenticationStatus.LoggedOut) {
|
||||
return true;
|
||||
} else if (accountData.status === AuthenticationStatus.Locked) {
|
||||
} else if (status === AuthenticationStatus.Locked) {
|
||||
return router.createUrlTree([routes.locked]);
|
||||
} else {
|
||||
return router.createUrlTree([routes.homepage()]);
|
||||
|
@ -756,7 +756,7 @@ const safeProviders: SafeProvider[] = [
|
||||
safeProvider({
|
||||
provide: EventUploadServiceAbstraction,
|
||||
useClass: EventUploadService,
|
||||
deps: [ApiServiceAbstraction, StateProvider, LogService, AccountServiceAbstraction],
|
||||
deps: [ApiServiceAbstraction, StateProvider, LogService, AuthServiceAbstraction],
|
||||
}),
|
||||
safeProvider({
|
||||
provide: EventCollectionServiceAbstraction,
|
||||
@ -766,7 +766,7 @@ const safeProviders: SafeProvider[] = [
|
||||
StateProvider,
|
||||
OrganizationServiceAbstraction,
|
||||
EventUploadServiceAbstraction,
|
||||
AccountServiceAbstraction,
|
||||
AuthServiceAbstraction,
|
||||
],
|
||||
}),
|
||||
safeProvider({
|
||||
|
@ -1,6 +1,5 @@
|
||||
import { firstValueFrom } from "rxjs";
|
||||
|
||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
import {
|
||||
FakeAccountService,
|
||||
@ -66,7 +65,6 @@ describe("UserDecryptionOptionsService", () => {
|
||||
await fakeAccountService.addAccount(givenUser, {
|
||||
name: "Test User 1",
|
||||
email: "test1@email.com",
|
||||
status: AuthenticationStatus.Locked,
|
||||
});
|
||||
await fakeStateProvider.setUserState(
|
||||
USER_DECRYPTION_OPTIONS,
|
||||
|
@ -1,8 +1,7 @@
|
||||
import { mock } from "jest-mock-extended";
|
||||
import { Observable, ReplaySubject } from "rxjs";
|
||||
import { ReplaySubject } from "rxjs";
|
||||
|
||||
import { AccountInfo, AccountService } from "../src/auth/abstractions/account.service";
|
||||
import { AuthenticationStatus } from "../src/auth/enums/authentication-status";
|
||||
import { UserId } from "../src/types/guid";
|
||||
|
||||
export function mockAccountServiceWith(
|
||||
@ -14,7 +13,6 @@ export function mockAccountServiceWith(
|
||||
...{
|
||||
name: "name",
|
||||
email: "email",
|
||||
status: AuthenticationStatus.Locked,
|
||||
},
|
||||
};
|
||||
const service = new FakeAccountService({ [userId]: fullInfo });
|
||||
@ -34,8 +32,6 @@ export class FakeAccountService implements AccountService {
|
||||
}
|
||||
accounts$ = this.accountsSubject.asObservable();
|
||||
activeAccount$ = this.activeAccountSubject.asObservable();
|
||||
accountLock$: Observable<UserId>;
|
||||
accountLogout$: Observable<UserId>;
|
||||
|
||||
constructor(initialData: Record<UserId, AccountInfo>) {
|
||||
this.accountsSubject.next(initialData);
|
||||
@ -57,14 +53,6 @@ export class FakeAccountService implements AccountService {
|
||||
await this.mock.setAccountEmail(userId, email);
|
||||
}
|
||||
|
||||
async setAccountStatus(userId: UserId, status: AuthenticationStatus): Promise<void> {
|
||||
await this.mock.setAccountStatus(userId, status);
|
||||
}
|
||||
|
||||
async setMaxAccountStatus(userId: UserId, maxStatus: AuthenticationStatus): Promise<void> {
|
||||
await this.mock.setMaxAccountStatus(userId, maxStatus);
|
||||
}
|
||||
|
||||
async switchAccount(userId: UserId): Promise<void> {
|
||||
const next =
|
||||
userId == null ? null : { id: userId, ...this.accountsSubject["_buffer"]?.[0]?.[userId] };
|
||||
|
@ -1,27 +1,23 @@
|
||||
import { Observable } from "rxjs";
|
||||
|
||||
import { UserId } from "../../types/guid";
|
||||
import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
|
||||
/**
|
||||
* Holds information about an account for use in the AccountService
|
||||
* if more information is added, be sure to update the equality method.
|
||||
*/
|
||||
export type AccountInfo = {
|
||||
status: AuthenticationStatus;
|
||||
email: string;
|
||||
name: string | undefined;
|
||||
};
|
||||
|
||||
export function accountInfoEqual(a: AccountInfo, b: AccountInfo) {
|
||||
return a?.status === b?.status && a?.email === b?.email && a?.name === b?.name;
|
||||
return a?.email === b?.email && a?.name === b?.name;
|
||||
}
|
||||
|
||||
export abstract class AccountService {
|
||||
accounts$: Observable<Record<UserId, AccountInfo>>;
|
||||
activeAccount$: Observable<{ id: UserId | undefined } & AccountInfo>;
|
||||
accountLock$: Observable<UserId>;
|
||||
accountLogout$: Observable<UserId>;
|
||||
/**
|
||||
* Updates the `accounts$` observable with the new account data.
|
||||
* @param userId
|
||||
@ -40,24 +36,6 @@ export abstract class AccountService {
|
||||
* @param email
|
||||
*/
|
||||
abstract setAccountEmail(userId: UserId, email: string): Promise<void>;
|
||||
/**
|
||||
* Updates the `accounts$` observable with the new account status.
|
||||
* Also emits the `accountLock$` or `accountLogout$` observable if the status is `Locked` or `LoggedOut` respectively.
|
||||
* @param userId
|
||||
* @param status
|
||||
*/
|
||||
abstract setAccountStatus(userId: UserId, status: AuthenticationStatus): Promise<void>;
|
||||
/**
|
||||
* Updates the `accounts$` observable with the new account status if the current status is higher than the `maxStatus`.
|
||||
*
|
||||
* This method only downgrades status to the maximum value sent in, it will not increase authentication status.
|
||||
*
|
||||
* @example An account is transitioning from unlocked to logged out. If callbacks that set the status to locked occur
|
||||
* after it is updated to logged out, the account will be in the incorrect state.
|
||||
* @param userId The user id of the account to be updated.
|
||||
* @param maxStatus The new status of the account.
|
||||
*/
|
||||
abstract setMaxAccountStatus(userId: UserId, maxStatus: AuthenticationStatus): Promise<void>;
|
||||
/**
|
||||
* Updates the `activeAccount$` observable with the new active account.
|
||||
* @param userId
|
||||
|
@ -6,6 +6,8 @@ import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
export abstract class AuthService {
|
||||
/** Authentication status for the active user */
|
||||
abstract activeAccountStatus$: Observable<AuthenticationStatus>;
|
||||
/** Authentication status for all known users */
|
||||
abstract authStatuses$: Observable<Record<UserId, AuthenticationStatus>>;
|
||||
/**
|
||||
* Returns an observable authentication status for the given user id.
|
||||
* @note userId is a required parameter, null values will always return `AuthenticationStatus.LoggedOut`
|
||||
|
@ -8,7 +8,6 @@ import { LogService } from "../../platform/abstractions/log.service";
|
||||
import { MessagingService } from "../../platform/abstractions/messaging.service";
|
||||
import { UserId } from "../../types/guid";
|
||||
import { AccountInfo } from "../abstractions/account.service";
|
||||
import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
|
||||
import {
|
||||
ACCOUNT_ACCOUNTS,
|
||||
@ -24,9 +23,7 @@ describe("accountService", () => {
|
||||
let accountsState: FakeGlobalState<Record<UserId, AccountInfo>>;
|
||||
let activeAccountIdState: FakeGlobalState<UserId>;
|
||||
const userId = "userId" as UserId;
|
||||
function userInfo(status: AuthenticationStatus): AccountInfo {
|
||||
return { status, email: "email", name: "name" };
|
||||
}
|
||||
const userInfo = { email: "email", name: "name" };
|
||||
|
||||
beforeEach(() => {
|
||||
messagingService = mock();
|
||||
@ -50,61 +47,49 @@ describe("accountService", () => {
|
||||
expect(emissions).toEqual([undefined]);
|
||||
});
|
||||
|
||||
it("should emit the active account and status", async () => {
|
||||
it("should emit the active account", async () => {
|
||||
const emissions = trackEmissions(sut.activeAccount$);
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Unlocked) });
|
||||
accountsState.stateSubject.next({ [userId]: userInfo });
|
||||
activeAccountIdState.stateSubject.next(userId);
|
||||
|
||||
expect(emissions).toEqual([
|
||||
undefined, // initial value
|
||||
{ id: userId, ...userInfo(AuthenticationStatus.Unlocked) },
|
||||
]);
|
||||
});
|
||||
|
||||
it("should update the status if the account status changes", async () => {
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Unlocked) });
|
||||
activeAccountIdState.stateSubject.next(userId);
|
||||
const emissions = trackEmissions(sut.activeAccount$);
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Locked) });
|
||||
|
||||
expect(emissions).toEqual([
|
||||
{ id: userId, ...userInfo(AuthenticationStatus.Unlocked) },
|
||||
{ id: userId, ...userInfo(AuthenticationStatus.Locked) },
|
||||
{ id: userId, ...userInfo },
|
||||
]);
|
||||
});
|
||||
|
||||
it("should remember the last emitted value", async () => {
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Unlocked) });
|
||||
accountsState.stateSubject.next({ [userId]: userInfo });
|
||||
activeAccountIdState.stateSubject.next(userId);
|
||||
|
||||
expect(await firstValueFrom(sut.activeAccount$)).toEqual({
|
||||
id: userId,
|
||||
...userInfo(AuthenticationStatus.Unlocked),
|
||||
...userInfo,
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe("accounts$", () => {
|
||||
it("should maintain an accounts cache", async () => {
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Unlocked) });
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Locked) });
|
||||
accountsState.stateSubject.next({ [userId]: userInfo });
|
||||
accountsState.stateSubject.next({ [userId]: userInfo });
|
||||
expect(await firstValueFrom(sut.accounts$)).toEqual({
|
||||
[userId]: userInfo(AuthenticationStatus.Locked),
|
||||
[userId]: userInfo,
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe("addAccount", () => {
|
||||
it("should emit the new account", async () => {
|
||||
await sut.addAccount(userId, userInfo(AuthenticationStatus.Unlocked));
|
||||
await sut.addAccount(userId, userInfo);
|
||||
const currentValue = await firstValueFrom(sut.accounts$);
|
||||
|
||||
expect(currentValue).toEqual({ [userId]: userInfo(AuthenticationStatus.Unlocked) });
|
||||
expect(currentValue).toEqual({ [userId]: userInfo });
|
||||
});
|
||||
});
|
||||
|
||||
describe("setAccountName", () => {
|
||||
const initialState = { [userId]: userInfo(AuthenticationStatus.Unlocked) };
|
||||
const initialState = { [userId]: userInfo };
|
||||
beforeEach(() => {
|
||||
accountsState.stateSubject.next(initialState);
|
||||
});
|
||||
@ -114,7 +99,7 @@ describe("accountService", () => {
|
||||
const currentState = await firstValueFrom(accountsState.state$);
|
||||
|
||||
expect(currentState).toEqual({
|
||||
[userId]: { ...userInfo(AuthenticationStatus.Unlocked), name: "new name" },
|
||||
[userId]: { ...userInfo, name: "new name" },
|
||||
});
|
||||
});
|
||||
|
||||
@ -127,7 +112,7 @@ describe("accountService", () => {
|
||||
});
|
||||
|
||||
describe("setAccountEmail", () => {
|
||||
const initialState = { [userId]: userInfo(AuthenticationStatus.Unlocked) };
|
||||
const initialState = { [userId]: userInfo };
|
||||
beforeEach(() => {
|
||||
accountsState.stateSubject.next(initialState);
|
||||
});
|
||||
@ -137,7 +122,7 @@ describe("accountService", () => {
|
||||
const currentState = await firstValueFrom(accountsState.state$);
|
||||
|
||||
expect(currentState).toEqual({
|
||||
[userId]: { ...userInfo(AuthenticationStatus.Unlocked), email: "new email" },
|
||||
[userId]: { ...userInfo, email: "new email" },
|
||||
});
|
||||
});
|
||||
|
||||
@ -149,49 +134,9 @@ describe("accountService", () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe("setAccountStatus", () => {
|
||||
const initialState = { [userId]: userInfo(AuthenticationStatus.Unlocked) };
|
||||
beforeEach(() => {
|
||||
accountsState.stateSubject.next(initialState);
|
||||
});
|
||||
|
||||
it("should update the account", async () => {
|
||||
await sut.setAccountStatus(userId, AuthenticationStatus.Locked);
|
||||
const currentState = await firstValueFrom(accountsState.state$);
|
||||
|
||||
expect(currentState).toEqual({
|
||||
[userId]: {
|
||||
...userInfo(AuthenticationStatus.Unlocked),
|
||||
status: AuthenticationStatus.Locked,
|
||||
},
|
||||
});
|
||||
});
|
||||
|
||||
it("should not update if the status is the same", async () => {
|
||||
await sut.setAccountStatus(userId, AuthenticationStatus.Unlocked);
|
||||
const currentState = await firstValueFrom(accountsState.state$);
|
||||
|
||||
expect(currentState).toEqual(initialState);
|
||||
});
|
||||
|
||||
it("should emit logout if the status is logged out", async () => {
|
||||
const emissions = trackEmissions(sut.accountLogout$);
|
||||
await sut.setAccountStatus(userId, AuthenticationStatus.LoggedOut);
|
||||
|
||||
expect(emissions).toEqual([userId]);
|
||||
});
|
||||
|
||||
it("should emit lock if the status is locked", async () => {
|
||||
const emissions = trackEmissions(sut.accountLock$);
|
||||
await sut.setAccountStatus(userId, AuthenticationStatus.Locked);
|
||||
|
||||
expect(emissions).toEqual([userId]);
|
||||
});
|
||||
});
|
||||
|
||||
describe("switchAccount", () => {
|
||||
beforeEach(() => {
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Unlocked) });
|
||||
accountsState.stateSubject.next({ [userId]: userInfo });
|
||||
activeAccountIdState.stateSubject.next(userId);
|
||||
});
|
||||
|
||||
@ -207,26 +152,4 @@ describe("accountService", () => {
|
||||
expect(sut.switchAccount("unknown" as UserId)).rejects.toThrowError("Account does not exist");
|
||||
});
|
||||
});
|
||||
|
||||
describe("setMaxAccountStatus", () => {
|
||||
it("should update the account", async () => {
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.Unlocked) });
|
||||
await sut.setMaxAccountStatus(userId, AuthenticationStatus.Locked);
|
||||
const currentState = await firstValueFrom(accountsState.state$);
|
||||
|
||||
expect(currentState).toEqual({
|
||||
[userId]: userInfo(AuthenticationStatus.Locked),
|
||||
});
|
||||
});
|
||||
|
||||
it("should not update if the new max status is higher than the current", async () => {
|
||||
accountsState.stateSubject.next({ [userId]: userInfo(AuthenticationStatus.LoggedOut) });
|
||||
await sut.setMaxAccountStatus(userId, AuthenticationStatus.Locked);
|
||||
const currentState = await firstValueFrom(accountsState.state$);
|
||||
|
||||
expect(currentState).toEqual({
|
||||
[userId]: userInfo(AuthenticationStatus.LoggedOut),
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
@ -14,7 +14,6 @@ import {
|
||||
KeyDefinition,
|
||||
} from "../../platform/state";
|
||||
import { UserId } from "../../types/guid";
|
||||
import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
|
||||
export const ACCOUNT_ACCOUNTS = KeyDefinition.record<AccountInfo, UserId>(
|
||||
ACCOUNT_MEMORY,
|
||||
@ -36,8 +35,6 @@ export class AccountServiceImplementation implements InternalAccountService {
|
||||
|
||||
accounts$;
|
||||
activeAccount$;
|
||||
accountLock$ = this.lock.asObservable();
|
||||
accountLogout$ = this.logout.asObservable();
|
||||
|
||||
constructor(
|
||||
private messagingService: MessagingService,
|
||||
@ -74,34 +71,6 @@ export class AccountServiceImplementation implements InternalAccountService {
|
||||
await this.setAccountInfo(userId, { email });
|
||||
}
|
||||
|
||||
async setAccountStatus(userId: UserId, status: AuthenticationStatus): Promise<void> {
|
||||
await this.setAccountInfo(userId, { status });
|
||||
|
||||
if (status === AuthenticationStatus.LoggedOut) {
|
||||
this.logout.next(userId);
|
||||
} else if (status === AuthenticationStatus.Locked) {
|
||||
this.lock.next(userId);
|
||||
}
|
||||
}
|
||||
|
||||
async setMaxAccountStatus(userId: UserId, maxStatus: AuthenticationStatus): Promise<void> {
|
||||
await this.accountsState.update(
|
||||
(accounts) => {
|
||||
accounts[userId].status = maxStatus;
|
||||
return accounts;
|
||||
},
|
||||
{
|
||||
shouldUpdate: (accounts) => {
|
||||
if (accounts?.[userId] == null) {
|
||||
throw new Error("Account does not exist");
|
||||
}
|
||||
|
||||
return accounts[userId].status > maxStatus;
|
||||
},
|
||||
},
|
||||
);
|
||||
}
|
||||
|
||||
async switchAccount(userId: UserId): Promise<void> {
|
||||
await this.activeAccountIdState.update(
|
||||
(_, accounts) => {
|
||||
|
@ -122,6 +122,25 @@ describe("AuthService", () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe("authStatuses$", () => {
|
||||
it("requests auth status for all known users", async () => {
|
||||
const userId2 = Utils.newGuid() as UserId;
|
||||
|
||||
await accountService.addAccount(userId2, { email: "email2", name: "name2" });
|
||||
|
||||
const mockFn = jest.fn().mockReturnValue(of(AuthenticationStatus.Locked));
|
||||
sut.authStatusFor$ = mockFn;
|
||||
|
||||
await expect(firstValueFrom(await sut.authStatuses$)).resolves.toEqual({
|
||||
[userId]: AuthenticationStatus.Locked,
|
||||
[userId2]: AuthenticationStatus.Locked,
|
||||
});
|
||||
expect(mockFn).toHaveBeenCalledTimes(2);
|
||||
expect(mockFn).toHaveBeenCalledWith(userId);
|
||||
expect(mockFn).toHaveBeenCalledWith(userId2);
|
||||
});
|
||||
});
|
||||
|
||||
describe("authStatusFor$", () => {
|
||||
beforeEach(() => {
|
||||
tokenService.hasAccessToken$.mockReturnValue(of(true));
|
||||
|
@ -21,6 +21,7 @@ import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
|
||||
export class AuthService implements AuthServiceAbstraction {
|
||||
activeAccountStatus$: Observable<AuthenticationStatus>;
|
||||
authStatuses$: Observable<Record<UserId, AuthenticationStatus>>;
|
||||
|
||||
constructor(
|
||||
protected accountService: AccountService,
|
||||
@ -36,6 +37,26 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
return this.authStatusFor$(userId);
|
||||
}),
|
||||
);
|
||||
|
||||
this.authStatuses$ = this.accountService.accounts$.pipe(
|
||||
map((accounts) => Object.keys(accounts) as UserId[]),
|
||||
switchMap((entries) =>
|
||||
combineLatest(
|
||||
entries.map((userId) =>
|
||||
this.authStatusFor$(userId).pipe(map((status) => ({ userId, status }))),
|
||||
),
|
||||
),
|
||||
),
|
||||
map((statuses) => {
|
||||
return statuses.reduce(
|
||||
(acc, { userId, status }) => {
|
||||
acc[userId] = status;
|
||||
return acc;
|
||||
},
|
||||
{} as Record<UserId, AuthenticationStatus>,
|
||||
);
|
||||
}),
|
||||
);
|
||||
}
|
||||
|
||||
authStatusFor$(userId: UserId): Observable<AuthenticationStatus> {
|
||||
|
@ -8,7 +8,6 @@ import { OrganizationAutoEnrollStatusResponse } from "../../admin-console/models
|
||||
import { CryptoService } from "../../platform/abstractions/crypto.service";
|
||||
import { I18nService } from "../../platform/abstractions/i18n.service";
|
||||
import { AccountInfo, AccountService } from "../abstractions/account.service";
|
||||
import { AuthenticationStatus } from "../enums/authentication-status";
|
||||
|
||||
import { PasswordResetEnrollmentServiceImplementation } from "./password-reset-enrollment.service.implementation";
|
||||
|
||||
@ -91,7 +90,6 @@ describe("PasswordResetEnrollmentServiceImplementation", () => {
|
||||
const user1AccountInfo: AccountInfo = {
|
||||
name: "Test User 1",
|
||||
email: "test1@email.com",
|
||||
status: AuthenticationStatus.Unlocked,
|
||||
};
|
||||
activeAccountSubject.next(Object.assign(user1AccountInfo, { id: "userId" as UserId }));
|
||||
|
||||
|
@ -33,10 +33,6 @@ export type InitOptions = {
|
||||
export abstract class StateService<T extends Account = Account> {
|
||||
accounts$: Observable<{ [userId: string]: T }>;
|
||||
activeAccount$: Observable<string>;
|
||||
/**
|
||||
* @deprecated use accountService.activeAccount$ instead
|
||||
*/
|
||||
activeAccountUnlocked$: Observable<boolean>;
|
||||
|
||||
addAccount: (account: T) => Promise<void>;
|
||||
setActiveUser: (userId: string) => Promise<void>;
|
||||
|
@ -4,7 +4,6 @@ import { firstValueFrom, of, tap } from "rxjs";
|
||||
import { FakeAccountService, mockAccountServiceWith } from "../../../spec/fake-account-service";
|
||||
import { FakeActiveUserState, FakeSingleUserState } from "../../../spec/fake-state";
|
||||
import { FakeStateProvider } from "../../../spec/fake-state-provider";
|
||||
import { AuthenticationStatus } from "../../auth/enums/authentication-status";
|
||||
import { FakeMasterPasswordService } from "../../auth/services/master-password/fake-master-password.service";
|
||||
import { CsprngArray } from "../../types/csprng";
|
||||
import { UserId } from "../../types/guid";
|
||||
@ -273,15 +272,6 @@ describe("cryptoService", () => {
|
||||
await expect(cryptoService.setUserKey(null, mockUserId)).rejects.toThrow("No key provided.");
|
||||
});
|
||||
|
||||
it("should update the user's lock state", async () => {
|
||||
await cryptoService.setUserKey(mockUserKey, mockUserId);
|
||||
|
||||
expect(accountService.mock.setAccountStatus).toHaveBeenCalledWith(
|
||||
mockUserId,
|
||||
AuthenticationStatus.Unlocked,
|
||||
);
|
||||
});
|
||||
|
||||
describe("Pin Key refresh", () => {
|
||||
let cryptoSvcMakePinKey: jest.SpyInstance;
|
||||
const protectedPin =
|
||||
@ -353,23 +343,6 @@ describe("cryptoService", () => {
|
||||
accountService.activeAccount$ = accountService.activeAccountSubject.asObservable();
|
||||
});
|
||||
|
||||
it("sets the maximum account status of the active user id to locked when user id is not specified", async () => {
|
||||
await cryptoService.clearKeys();
|
||||
expect(accountService.mock.setMaxAccountStatus).toHaveBeenCalledWith(
|
||||
mockUserId,
|
||||
AuthenticationStatus.Locked,
|
||||
);
|
||||
});
|
||||
|
||||
it("sets the maximum account status of the specified user id to locked when user id is specified", async () => {
|
||||
const userId = "someOtherUser" as UserId;
|
||||
await cryptoService.clearKeys(userId);
|
||||
expect(accountService.mock.setMaxAccountStatus).toHaveBeenCalledWith(
|
||||
userId,
|
||||
AuthenticationStatus.Locked,
|
||||
);
|
||||
});
|
||||
|
||||
describe.each([
|
||||
USER_ENCRYPTED_ORGANIZATION_KEYS,
|
||||
USER_ENCRYPTED_PROVIDER_KEYS,
|
||||
|
@ -7,7 +7,6 @@ import { ProfileProviderOrganizationResponse } from "../../admin-console/models/
|
||||
import { ProfileProviderResponse } from "../../admin-console/models/response/profile-provider.response";
|
||||
import { AccountService } from "../../auth/abstractions/account.service";
|
||||
import { InternalMasterPasswordServiceAbstraction } from "../../auth/abstractions/master-password.service.abstraction";
|
||||
import { AuthenticationStatus } from "../../auth/enums/authentication-status";
|
||||
import { KdfConfig } from "../../auth/models/domain/kdf-config";
|
||||
import { Utils } from "../../platform/misc/utils";
|
||||
import { CsprngArray } from "../../types/csprng";
|
||||
@ -152,8 +151,6 @@ export class CryptoService implements CryptoServiceAbstraction {
|
||||
[userId, key] = await this.stateProvider.setUserState(USER_KEY, key, userId);
|
||||
await this.stateProvider.setUserState(USER_EVER_HAD_USER_KEY, true, userId);
|
||||
|
||||
await this.accountService.setAccountStatus(userId, AuthenticationStatus.Unlocked);
|
||||
|
||||
await this.storeAdditionalKeys(key, userId);
|
||||
}
|
||||
|
||||
@ -256,14 +253,13 @@ export class CryptoService implements CryptoServiceAbstraction {
|
||||
* Clears the user key. Clears all stored versions of the user keys as well, such as the biometrics key
|
||||
* @param userId The desired user
|
||||
*/
|
||||
async clearUserKey(userId: UserId): Promise<void> {
|
||||
private async clearUserKey(userId: UserId): Promise<void> {
|
||||
if (userId == null) {
|
||||
// nothing to do
|
||||
return;
|
||||
}
|
||||
// Set userId to ensure we have one for the account status update
|
||||
await this.stateProvider.setUserState(USER_KEY, null, userId);
|
||||
await this.accountService.setMaxAccountStatus(userId, AuthenticationStatus.Locked);
|
||||
await this.clearAllStoredUserKeys(userId);
|
||||
}
|
||||
|
||||
|
@ -2,7 +2,6 @@ import { firstValueFrom } from "rxjs";
|
||||
|
||||
import { FakeStateProvider, awaitAsync } from "../../../spec";
|
||||
import { FakeAccountService } from "../../../spec/fake-account-service";
|
||||
import { AuthenticationStatus } from "../../auth/enums/authentication-status";
|
||||
import { UserId } from "../../types/guid";
|
||||
import { CloudRegion, Region } from "../abstractions/environment.service";
|
||||
|
||||
@ -32,12 +31,10 @@ describe("EnvironmentService", () => {
|
||||
[testUser]: {
|
||||
name: "name",
|
||||
email: "email",
|
||||
status: AuthenticationStatus.Locked,
|
||||
},
|
||||
[alternateTestUser]: {
|
||||
name: "name",
|
||||
email: "email",
|
||||
status: AuthenticationStatus.Locked,
|
||||
},
|
||||
});
|
||||
stateProvider = new FakeStateProvider(accountService);
|
||||
@ -50,7 +47,6 @@ describe("EnvironmentService", () => {
|
||||
id: userId,
|
||||
email: "test@example.com",
|
||||
name: `Test Name ${userId}`,
|
||||
status: AuthenticationStatus.Unlocked,
|
||||
});
|
||||
await awaitAsync();
|
||||
};
|
||||
|
@ -1,9 +1,8 @@
|
||||
import { BehaviorSubject, Observable, map } from "rxjs";
|
||||
import { BehaviorSubject } from "rxjs";
|
||||
import { Jsonify, JsonValue } from "type-fest";
|
||||
|
||||
import { AccountService } from "../../auth/abstractions/account.service";
|
||||
import { TokenService } from "../../auth/abstractions/token.service";
|
||||
import { AuthenticationStatus } from "../../auth/enums/authentication-status";
|
||||
import { AdminAuthRequestStorable } from "../../auth/models/domain/admin-auth-req-storable";
|
||||
import { KdfConfig } from "../../auth/models/domain/kdf-config";
|
||||
import { BiometricKey } from "../../auth/types/biometric-key";
|
||||
@ -68,8 +67,6 @@ export class StateService<
|
||||
protected activeAccountSubject = new BehaviorSubject<string | null>(null);
|
||||
activeAccount$ = this.activeAccountSubject.asObservable();
|
||||
|
||||
activeAccountUnlocked$: Observable<boolean>;
|
||||
|
||||
private hasBeenInited = false;
|
||||
protected isRecoveredSession = false;
|
||||
|
||||
@ -89,13 +86,7 @@ export class StateService<
|
||||
protected tokenService: TokenService,
|
||||
private migrationRunner: MigrationRunner,
|
||||
protected useAccountCache: boolean = true,
|
||||
) {
|
||||
this.activeAccountUnlocked$ = this.accountService.activeAccount$.pipe(
|
||||
map((a) => {
|
||||
return a?.status === AuthenticationStatus.Unlocked;
|
||||
}),
|
||||
);
|
||||
}
|
||||
) {}
|
||||
|
||||
async init(initOptions: InitOptions = {}): Promise<void> {
|
||||
// Deconstruct and apply defaults
|
||||
@ -151,7 +142,6 @@ export class StateService<
|
||||
await this.accountService.addAccount(state.activeUserId as UserId, {
|
||||
name: activeDiskAccount.profile.name,
|
||||
email: activeDiskAccount.profile.email,
|
||||
status: AuthenticationStatus.LoggedOut,
|
||||
});
|
||||
}
|
||||
await this.accountService.switchAccount(state.activeUserId as UserId);
|
||||
@ -177,16 +167,7 @@ export class StateService<
|
||||
|
||||
// TODO: Temporary update to avoid routing all account status changes through account service for now.
|
||||
// The determination of state should be handled by the various services that control those values.
|
||||
const token = await this.tokenService.getAccessToken(userId as UserId);
|
||||
const autoKey = await this.getUserKeyAutoUnlock({ userId: userId });
|
||||
const accountStatus =
|
||||
token == null
|
||||
? AuthenticationStatus.LoggedOut
|
||||
: autoKey == null
|
||||
? AuthenticationStatus.Locked
|
||||
: AuthenticationStatus.Unlocked;
|
||||
await this.accountService.addAccount(userId as UserId, {
|
||||
status: accountStatus,
|
||||
name: diskAccount.profile.name,
|
||||
email: diskAccount.profile.email,
|
||||
});
|
||||
@ -206,7 +187,6 @@ export class StateService<
|
||||
await this.setLastActive(new Date().getTime(), { userId: account.profile.userId });
|
||||
// TODO: Temporary update to avoid routing all account status changes through account service for now.
|
||||
await this.accountService.addAccount(account.profile.userId as UserId, {
|
||||
status: AuthenticationStatus.Locked,
|
||||
name: account.profile.name,
|
||||
email: account.profile.email,
|
||||
});
|
||||
@ -1406,8 +1386,6 @@ export class StateService<
|
||||
|
||||
return state;
|
||||
});
|
||||
// TODO: Invert this logic, we should remove accounts based on logged out emit
|
||||
await this.accountService.setAccountStatus(userId as UserId, AuthenticationStatus.LoggedOut);
|
||||
}
|
||||
|
||||
// settings persist even on reset, and are not affected by this method
|
||||
|
@ -9,7 +9,6 @@ import { Jsonify } from "type-fest";
|
||||
import { awaitAsync, trackEmissions } from "../../../../spec";
|
||||
import { FakeStorageService } from "../../../../spec/fake-storage.service";
|
||||
import { AccountInfo } from "../../../auth/abstractions/account.service";
|
||||
import { AuthenticationStatus } from "../../../auth/enums/authentication-status";
|
||||
import { UserId } from "../../../types/guid";
|
||||
import { StorageServiceProvider } from "../../services/storage-service.provider";
|
||||
import { StateDefinition } from "../state-definition";
|
||||
@ -84,7 +83,6 @@ describe("DefaultActiveUserState", () => {
|
||||
id: userId,
|
||||
email: `test${id}@example.com`,
|
||||
name: `Test User ${id}`,
|
||||
status: AuthenticationStatus.Unlocked,
|
||||
});
|
||||
await awaitAsync();
|
||||
};
|
||||
|
@ -3,7 +3,7 @@ import { firstValueFrom, map, from, zip } from "rxjs";
|
||||
import { EventCollectionService as EventCollectionServiceAbstraction } from "../../abstractions/event/event-collection.service";
|
||||
import { EventUploadService } from "../../abstractions/event/event-upload.service";
|
||||
import { OrganizationService } from "../../admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { AccountService } from "../../auth/abstractions/account.service";
|
||||
import { AuthService } from "../../auth/abstractions/auth.service";
|
||||
import { AuthenticationStatus } from "../../auth/enums/authentication-status";
|
||||
import { EventType } from "../../enums";
|
||||
import { EventData } from "../../models/data/event.data";
|
||||
@ -18,7 +18,7 @@ export class EventCollectionService implements EventCollectionServiceAbstraction
|
||||
private stateProvider: StateProvider,
|
||||
private organizationService: OrganizationService,
|
||||
private eventUploadService: EventUploadService,
|
||||
private accountService: AccountService,
|
||||
private authService: AuthService,
|
||||
) {}
|
||||
|
||||
/** Adds an event to the active user's event collection
|
||||
@ -71,12 +71,12 @@ export class EventCollectionService implements EventCollectionServiceAbstraction
|
||||
|
||||
const cipher$ = from(this.cipherService.get(cipherId));
|
||||
|
||||
const [accountInfo, orgIds, cipher] = await firstValueFrom(
|
||||
zip(this.accountService.activeAccount$, orgIds$, cipher$),
|
||||
const [authStatus, orgIds, cipher] = await firstValueFrom(
|
||||
zip(this.authService.activeAccountStatus$, orgIds$, cipher$),
|
||||
);
|
||||
|
||||
// The user must be authorized
|
||||
if (accountInfo.status != AuthenticationStatus.Unlocked) {
|
||||
if (authStatus != AuthenticationStatus.Unlocked) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -2,7 +2,7 @@ import { firstValueFrom, map } from "rxjs";
|
||||
|
||||
import { ApiService } from "../../abstractions/api.service";
|
||||
import { EventUploadService as EventUploadServiceAbstraction } from "../../abstractions/event/event-upload.service";
|
||||
import { AccountService } from "../../auth/abstractions/account.service";
|
||||
import { AuthService } from "../../auth/abstractions/auth.service";
|
||||
import { AuthenticationStatus } from "../../auth/enums/authentication-status";
|
||||
import { EventData } from "../../models/data/event.data";
|
||||
import { EventRequest } from "../../models/request/event.request";
|
||||
@ -18,7 +18,7 @@ export class EventUploadService implements EventUploadServiceAbstraction {
|
||||
private apiService: ApiService,
|
||||
private stateProvider: StateProvider,
|
||||
private logService: LogService,
|
||||
private accountService: AccountService,
|
||||
private authService: AuthService,
|
||||
) {}
|
||||
|
||||
init(checkOnInterval: boolean) {
|
||||
@ -43,13 +43,16 @@ export class EventUploadService implements EventUploadServiceAbstraction {
|
||||
userId = await firstValueFrom(this.stateProvider.activeUserId$);
|
||||
}
|
||||
|
||||
// Get the auth status from the provided user or the active user
|
||||
const userAuth$ = this.accountService.accounts$.pipe(
|
||||
map((accounts) => accounts[userId]?.status === AuthenticationStatus.Unlocked),
|
||||
);
|
||||
if (!userId) {
|
||||
return;
|
||||
}
|
||||
|
||||
const isAuthenticated = await firstValueFrom(userAuth$);
|
||||
if (!isAuthenticated) {
|
||||
const isUnlocked = await firstValueFrom(
|
||||
this.authService
|
||||
.authStatusFor$(userId)
|
||||
.pipe(map((status) => status === AuthenticationStatus.Unlocked)),
|
||||
);
|
||||
if (!isUnlocked) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -138,7 +138,6 @@ describe("VaultTimeoutService", () => {
|
||||
if (globalSetups?.userId) {
|
||||
accountService.activeAccountSubject.next({
|
||||
id: globalSetups.userId as UserId,
|
||||
status: accounts[globalSetups.userId]?.authStatus,
|
||||
email: null,
|
||||
name: null,
|
||||
});
|
||||
|
@ -8,7 +8,6 @@ import {
|
||||
awaitAsync,
|
||||
mockAccountServiceWith,
|
||||
} from "../../../../spec";
|
||||
import { AuthenticationStatus } from "../../../auth/enums/authentication-status";
|
||||
import { CryptoService } from "../../../platform/abstractions/crypto.service";
|
||||
import { EncryptService } from "../../../platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "../../../platform/abstractions/i18n.service";
|
||||
@ -64,7 +63,6 @@ describe("SendService", () => {
|
||||
id: mockUserId,
|
||||
email: "email",
|
||||
name: "name",
|
||||
status: AuthenticationStatus.Unlocked,
|
||||
});
|
||||
|
||||
// Initial encrypted state
|
||||
|
Loading…
Reference in New Issue
Block a user