From 9957125d3a9d416d7a60b9904f0b7882f3fb58d0 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kspearrin@users.noreply.github.com>
Date: Mon, 17 Aug 2020 14:27:44 -0400
Subject: [PATCH] dont set keys if not there on sso (#152)

* dont set keys if not there on sso

* a comment
---
 src/services/auth.service.ts | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/src/services/auth.service.ts b/src/services/auth.service.ts
index 074a32ae77..5633d66dda 100644
--- a/src/services/auth.service.ts
+++ b/src/services/auth.service.ts
@@ -308,21 +308,25 @@ export class AuthService implements AuthServiceAbstraction {
             if (hashedPassword != null) {
                 await this.cryptoService.setKeyHash(hashedPassword);
             }
-            await this.cryptoService.setEncKey(tokenResponse.key);
 
-            // User doesn't have a key pair yet (old account), let's generate one for them
-            if (tokenResponse.privateKey == null) {
-                try {
-                    const keyPair = await this.cryptoService.makeKeyPair();
-                    await this.apiService.postAccountKeys(new KeysRequest(keyPair[0], keyPair[1].encryptedString));
-                    tokenResponse.privateKey = keyPair[1].encryptedString;
-                } catch (e) {
-                    // tslint:disable-next-line
-                    console.error(e);
+            // Skip this step during SSO new user flow. No key is returned from server.
+            if (code == null || tokenResponse.key != null) {
+                await this.cryptoService.setEncKey(tokenResponse.key);
+
+                // User doesn't have a key pair yet (old account), let's generate one for them
+                if (tokenResponse.privateKey == null) {
+                    try {
+                        const keyPair = await this.cryptoService.makeKeyPair();
+                        await this.apiService.postAccountKeys(new KeysRequest(keyPair[0], keyPair[1].encryptedString));
+                        tokenResponse.privateKey = keyPair[1].encryptedString;
+                    } catch (e) {
+                        // tslint:disable-next-line
+                        console.error(e);
+                    }
                 }
-            }
 
-            await this.cryptoService.setEncPrivateKey(tokenResponse.privateKey);
+                await this.cryptoService.setEncPrivateKey(tokenResponse.privateKey);
+            }
         }
 
         if (this.vaultTimeoutService != null) {