check security stamp when syncing profile

2024-10-31 23:25:45 +03:00 · 2017-05-31 23:09:21 -04:00 · 2017-05-31 23:09:21 -04:00 · 0b24cc29c1
commit 0b24cc29c1
parent 2fa7b532b1
6 changed files with 34 additions and 9 deletions
--- a/src/App/Abstractions/Services/IAppSettingsService.cs
+++ b/src/App/Abstractions/Services/IAppSettingsService.cs
@ -8,5 +8,6 @@ namespace Bit.App.Abstractions
        DateTime LastActivity { get; set; }
        bool AutofillPersistNotification { get; set; }
        bool AutofillPasswordField { get; set; }
+        string SecurityStamp { get; set; }
    }
 }
--- a/src/App/Constants.cs
+++ b/src/App/Constants.cs
@ -26,7 +26,7 @@
        public const string ExtensionStarted = "extension:started";
        public const string ExtensionActivated = "extension:activated";

-        public const string FirstVaultLoad = "other:firstVaultLoad";
+        public const string SecurityStamp = "other:securityStamp";
        public const string LastActivityDate = "other:lastActivityDate";
        public const string Locked = "other:locked";
        public const string LastLoginEmail = "other:lastLoginEmail";
--- a/src/App/Models/Api/Response/ProfileResponse.cs
+++ b/src/App/Models/Api/Response/ProfileResponse.cs
@ -12,6 +12,7 @@ namespace Bit.App.Models.Api
        public bool TwoFactorEnabled { get; set; }
        public string Key { get; set; }
        public string PrivateKey { get; set; }
+        public string SecurityStamp { get; set; }
        public IEnumerable<ProfileOrganizationResponseModel> Organizations { get; set; }
    }
 }
--- a/src/App/Services/AppSettingsService.cs
+++ b/src/App/Services/AppSettingsService.cs
@ -61,5 +61,17 @@ namespace Bit.App.Services
                _settings.AddOrUpdateValue(Constants.AutofillPasswordField, value);
            }
        }
+
+        public string SecurityStamp
+        {
+            get
+            {
+                return _settings.GetValueOrDefault<string>(Constants.SecurityStamp);
+            }
+            set
+            {
+                _settings.AddOrUpdateValue(Constants.SecurityStamp, value);
+            }
+        }
    }
 }
--- a/src/App/Services/AuthService.cs
+++ b/src/App/Services/AuthService.cs
@ -202,7 +202,7 @@ namespace Bit.App.Services
            UserId = null;
            Email = null;
            _cryptoService.ClearKeys();
-            _settings.Remove(Constants.FirstVaultLoad);
+            _settings.Remove(Constants.SecurityStamp);
            _settings.Remove(Constants.PushLastRegistrationDate);
            _settings.Remove(Constants.Locked);
        }
--- a/src/App/Services/SyncService.cs
+++ b/src/App/Services/SyncService.cs
@ -25,6 +25,7 @@ namespace Bit.App.Services
        private readonly IAuthService _authService;
        private readonly ICryptoService _cryptoService;
        private readonly ISettings _settings;
+        private readonly IAppSettingsService _appSettingsService;

        public SyncService(
            ICipherApiRepository cipherApiRepository,
@ -37,7 +38,8 @@ namespace Bit.App.Services
            ISettingsRepository settingsRepository,
            IAuthService authService,
            ICryptoService cryptoService,
-            ISettings settings)
+            ISettings settings,
+            IAppSettingsService appSettingsService)
        {
            _cipherApiRepository = cipherApiRepository;
            _folderApiRepository = folderApiRepository;
@ -50,6 +52,7 @@ namespace Bit.App.Services
            _authService = authService;
            _cryptoService = cryptoService;
            _settings = settings;
+            _appSettingsService = appSettingsService;
        }

        public bool SyncInProgress { get; private set; }
@ -197,7 +200,8 @@ namespace Bit.App.Services
            SyncStarted();

            var profile = await _accountsApiRepository.GetProfileAsync().ConfigureAwait(false);
-            if(!CheckSuccess(profile))
+            if(!CheckSuccess(profile, !string.IsNullOrWhiteSpace(_appSettingsService.SecurityStamp) &&
+                _appSettingsService.SecurityStamp != profile.Result.SecurityStamp))
            {
                return false;
            }
@ -238,7 +242,8 @@ namespace Bit.App.Services

            // Just check profile first to make sure we'll have a success with the API
            var profile = await _accountsApiRepository.GetProfileAsync().ConfigureAwait(false);
-            if(!CheckSuccess(profile))
+            if(!CheckSuccess(profile, !string.IsNullOrWhiteSpace(_appSettingsService.SecurityStamp) &&
+                _appSettingsService.SecurityStamp != profile.Result.SecurityStamp))
            {
                return false;
            }
@ -408,6 +413,11 @@ namespace Bit.App.Services
                _cryptoService.SetPrivateKey(new CipherString(profile.PrivateKey));
            }

+            if(!string.IsNullOrWhiteSpace(profile.SecurityStamp))
+            {
+                _appSettingsService.SecurityStamp = profile.SecurityStamp;
+            }
+
            _cryptoService.SetOrgKeys(profile);
            return Task.FromResult(0);
        }
@ -434,14 +444,15 @@ namespace Bit.App.Services
            MessagingCenter.Send(Application.Current, "SyncCompleted", successfully);
        }

-        private bool CheckSuccess<T>(ApiResult<T> result)
+        private bool CheckSuccess<T>(ApiResult<T> result, bool logout = false)
        {
-            if(!result.Succeeded)
+            if(!result.Succeeded || logout)
            {
                SyncCompleted(false);

-                if(Application.Current != null && (result.StatusCode == System.Net.HttpStatusCode.Forbidden
-                    || result.StatusCode == System.Net.HttpStatusCode.Unauthorized))
+                if(Application.Current != null && (logout ||
+                    result.StatusCode == System.Net.HttpStatusCode.Forbidden ||
+                    result.StatusCode == System.Net.HttpStatusCode.Unauthorized))
                {
                    MessagingCenter.Send(Application.Current, "Logout", (string)null);
                }