mirror of
https://github.com/bitwarden/desktop.git
synced 2024-11-24 11:55:50 +01:00
Ensure we only setup a communication when userId matches
This commit is contained in:
parent
326b6b3aaf
commit
8084b28013
@ -22,8 +22,9 @@ export class NativeMessagingService {
|
|||||||
private sharedSecrets = new Map<string, SymmetricCryptoKey>();
|
private sharedSecrets = new Map<string, SymmetricCryptoKey>();
|
||||||
|
|
||||||
constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
|
constructor(private cryptoFunctionService: CryptoFunctionService, private cryptoService: CryptoService,
|
||||||
private platformUtilService: PlatformUtilsService, private logService: LogService, private i18nService: I18nService,
|
private platformUtilService: PlatformUtilsService, private logService: LogService,
|
||||||
private userService: UserService, private messagingService: MessagingService, private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) {
|
private i18nService: I18nService, private userService: UserService, private messagingService: MessagingService,
|
||||||
|
private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService) {
|
||||||
ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {
|
ipcRenderer.on('nativeMessaging', async (event: any, message: any) => {
|
||||||
this.messageHandler(message);
|
this.messageHandler(message);
|
||||||
});
|
});
|
||||||
@ -37,6 +38,12 @@ export class NativeMessagingService {
|
|||||||
if (rawMessage.command === 'setupEncryption') {
|
if (rawMessage.command === 'setupEncryption') {
|
||||||
const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
|
const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
|
||||||
|
|
||||||
|
// Valudate the UserId to ensure we are logged into the same account.
|
||||||
|
if (rawMessage.userId !== await this.userService.getUserId()) {
|
||||||
|
ipcRenderer.send('nativeMessagingReply', {command: 'wrongUserId', appId: appId});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (await this.storageService.get<boolean>(ElectronConstants.enableBrowserIntegrationFingerprint)) {
|
if (await this.storageService.get<boolean>(ElectronConstants.enableBrowserIntegrationFingerprint)) {
|
||||||
ipcRenderer.send('nativeMessagingReply', {command: 'verifyFingerprint', appId: appId});
|
ipcRenderer.send('nativeMessagingReply', {command: 'verifyFingerprint', appId: appId});
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user