PM-7745 - SSO Login Strategy - trySetUserKeyWithDeviceKey should use the user id from the IdTokenResponse and not StateService as I suspect it's not working as expected. Thinking there might be a race condition where the user id is null or maybe incorrect. (#8927)
This commit is contained in:
parent
ca1fc94a90
commit
d227639e1c
|
@ -241,7 +241,7 @@ export class SsoLoginStrategy extends LoginStrategy {
|
|||
|
||||
// Only try to set user key with device key if admin approval request was not successful
|
||||
if (!hasUserKey) {
|
||||
await this.trySetUserKeyWithDeviceKey(tokenResponse);
|
||||
await this.trySetUserKeyWithDeviceKey(tokenResponse, userId);
|
||||
}
|
||||
} else if (
|
||||
masterKeyEncryptedUserKey != null &&
|
||||
|
@ -309,11 +309,12 @@ export class SsoLoginStrategy extends LoginStrategy {
|
|||
}
|
||||
}
|
||||
|
||||
private async trySetUserKeyWithDeviceKey(tokenResponse: IdentityTokenResponse): Promise<void> {
|
||||
private async trySetUserKeyWithDeviceKey(
|
||||
tokenResponse: IdentityTokenResponse,
|
||||
userId: UserId,
|
||||
): Promise<void> {
|
||||
const trustedDeviceOption = tokenResponse.userDecryptionOptions?.trustedDeviceOption;
|
||||
|
||||
const userId = (await this.stateService.getUserId()) as UserId;
|
||||
|
||||
const deviceKey = await this.deviceTrustCryptoService.getDeviceKey(userId);
|
||||
const encDevicePrivateKey = trustedDeviceOption?.encryptedPrivateKey;
|
||||
const encUserKey = trustedDeviceOption?.encryptedUserKey;
|
||||
|
|
Loading…
Reference in New Issue