mirror of
https://github.com/bitwarden/android.git
synced 2024-12-24 18:08:26 +03:00
check security stamp when syncing profile
This commit is contained in:
parent
2fa7b532b1
commit
0b24cc29c1
6 changed files with 34 additions and 9 deletions
|
@ -8,5 +8,6 @@ namespace Bit.App.Abstractions
|
|||
DateTime LastActivity { get; set; }
|
||||
bool AutofillPersistNotification { get; set; }
|
||||
bool AutofillPasswordField { get; set; }
|
||||
string SecurityStamp { get; set; }
|
||||
}
|
||||
}
|
|
@ -26,7 +26,7 @@
|
|||
public const string ExtensionStarted = "extension:started";
|
||||
public const string ExtensionActivated = "extension:activated";
|
||||
|
||||
public const string FirstVaultLoad = "other:firstVaultLoad";
|
||||
public const string SecurityStamp = "other:securityStamp";
|
||||
public const string LastActivityDate = "other:lastActivityDate";
|
||||
public const string Locked = "other:locked";
|
||||
public const string LastLoginEmail = "other:lastLoginEmail";
|
||||
|
|
|
@ -12,6 +12,7 @@ namespace Bit.App.Models.Api
|
|||
public bool TwoFactorEnabled { get; set; }
|
||||
public string Key { get; set; }
|
||||
public string PrivateKey { get; set; }
|
||||
public string SecurityStamp { get; set; }
|
||||
public IEnumerable<ProfileOrganizationResponseModel> Organizations { get; set; }
|
||||
}
|
||||
}
|
||||
|
|
|
@ -61,5 +61,17 @@ namespace Bit.App.Services
|
|||
_settings.AddOrUpdateValue(Constants.AutofillPasswordField, value);
|
||||
}
|
||||
}
|
||||
|
||||
public string SecurityStamp
|
||||
{
|
||||
get
|
||||
{
|
||||
return _settings.GetValueOrDefault<string>(Constants.SecurityStamp);
|
||||
}
|
||||
set
|
||||
{
|
||||
_settings.AddOrUpdateValue(Constants.SecurityStamp, value);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -202,7 +202,7 @@ namespace Bit.App.Services
|
|||
UserId = null;
|
||||
Email = null;
|
||||
_cryptoService.ClearKeys();
|
||||
_settings.Remove(Constants.FirstVaultLoad);
|
||||
_settings.Remove(Constants.SecurityStamp);
|
||||
_settings.Remove(Constants.PushLastRegistrationDate);
|
||||
_settings.Remove(Constants.Locked);
|
||||
}
|
||||
|
|
|
@ -25,6 +25,7 @@ namespace Bit.App.Services
|
|||
private readonly IAuthService _authService;
|
||||
private readonly ICryptoService _cryptoService;
|
||||
private readonly ISettings _settings;
|
||||
private readonly IAppSettingsService _appSettingsService;
|
||||
|
||||
public SyncService(
|
||||
ICipherApiRepository cipherApiRepository,
|
||||
|
@ -37,7 +38,8 @@ namespace Bit.App.Services
|
|||
ISettingsRepository settingsRepository,
|
||||
IAuthService authService,
|
||||
ICryptoService cryptoService,
|
||||
ISettings settings)
|
||||
ISettings settings,
|
||||
IAppSettingsService appSettingsService)
|
||||
{
|
||||
_cipherApiRepository = cipherApiRepository;
|
||||
_folderApiRepository = folderApiRepository;
|
||||
|
@ -50,6 +52,7 @@ namespace Bit.App.Services
|
|||
_authService = authService;
|
||||
_cryptoService = cryptoService;
|
||||
_settings = settings;
|
||||
_appSettingsService = appSettingsService;
|
||||
}
|
||||
|
||||
public bool SyncInProgress { get; private set; }
|
||||
|
@ -197,7 +200,8 @@ namespace Bit.App.Services
|
|||
SyncStarted();
|
||||
|
||||
var profile = await _accountsApiRepository.GetProfileAsync().ConfigureAwait(false);
|
||||
if(!CheckSuccess(profile))
|
||||
if(!CheckSuccess(profile, !string.IsNullOrWhiteSpace(_appSettingsService.SecurityStamp) &&
|
||||
_appSettingsService.SecurityStamp != profile.Result.SecurityStamp))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
@ -238,7 +242,8 @@ namespace Bit.App.Services
|
|||
|
||||
// Just check profile first to make sure we'll have a success with the API
|
||||
var profile = await _accountsApiRepository.GetProfileAsync().ConfigureAwait(false);
|
||||
if(!CheckSuccess(profile))
|
||||
if(!CheckSuccess(profile, !string.IsNullOrWhiteSpace(_appSettingsService.SecurityStamp) &&
|
||||
_appSettingsService.SecurityStamp != profile.Result.SecurityStamp))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
@ -408,6 +413,11 @@ namespace Bit.App.Services
|
|||
_cryptoService.SetPrivateKey(new CipherString(profile.PrivateKey));
|
||||
}
|
||||
|
||||
if(!string.IsNullOrWhiteSpace(profile.SecurityStamp))
|
||||
{
|
||||
_appSettingsService.SecurityStamp = profile.SecurityStamp;
|
||||
}
|
||||
|
||||
_cryptoService.SetOrgKeys(profile);
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
@ -434,14 +444,15 @@ namespace Bit.App.Services
|
|||
MessagingCenter.Send(Application.Current, "SyncCompleted", successfully);
|
||||
}
|
||||
|
||||
private bool CheckSuccess<T>(ApiResult<T> result)
|
||||
private bool CheckSuccess<T>(ApiResult<T> result, bool logout = false)
|
||||
{
|
||||
if(!result.Succeeded)
|
||||
if(!result.Succeeded || logout)
|
||||
{
|
||||
SyncCompleted(false);
|
||||
|
||||
if(Application.Current != null && (result.StatusCode == System.Net.HttpStatusCode.Forbidden
|
||||
|| result.StatusCode == System.Net.HttpStatusCode.Unauthorized))
|
||||
if(Application.Current != null && (logout ||
|
||||
result.StatusCode == System.Net.HttpStatusCode.Forbidden ||
|
||||
result.StatusCode == System.Net.HttpStatusCode.Unauthorized))
|
||||
{
|
||||
MessagingCenter.Send(Application.Current, "Logout", (string)null);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue