From 617ffbd36ab9880df7922b01145fd580ff14cff3 Mon Sep 17 00:00:00 2001 From: David Perez Date: Fri, 12 Apr 2024 12:13:22 -0500 Subject: [PATCH] Persist the pending auth request even past a logout (#1260) --- .../data/auth/datasource/disk/AuthDiskSourceImpl.kt | 5 ++--- .../data/auth/datasource/disk/AuthDiskSourceTest.kt | 1 - .../data/auth/datasource/disk/util/FakeAuthDiskSource.kt | 1 - 3 files changed, 2 insertions(+), 5 deletions(-) diff --git a/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt b/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt index a5c18aab5..fbb9ec22b 100644 --- a/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt +++ b/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt @@ -127,14 +127,13 @@ class AuthDiskSourceImpl( storePrivateKey(userId = userId, privateKey = null) storeOrganizationKeys(userId = userId, organizationKeys = null) storeOrganizations(userId = userId, organizations = null) - storePendingAuthRequest(userId = userId, pendingAuthRequest = null) storeUserBiometricUnlockKey(userId = userId, biometricsKey = null) storeMasterPasswordHash(userId = userId, passwordHash = null) storePolicies(userId = userId, policies = null) storeAccountTokens(userId = userId, accountTokens = null) - // Do not remove the DeviceKey on logout, that is persisted indefinitely unless - // the server no longer trusts the device. + // Do not remove the DeviceKey or PendingAuthRequest on logout, these are persisted + // indefinitely unless the TDE flow explicitly removes them. } override fun getLastActiveTimeMillis(userId: String): Long? = diff --git a/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceTest.kt b/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceTest.kt index 1ffcf3583..980f0c0d1 100644 --- a/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceTest.kt +++ b/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceTest.kt @@ -229,7 +229,6 @@ class AuthDiskSourceTest { authDiskSource.clearData(userId = userId) - assertNull(authDiskSource.getPendingAuthRequest(userId = userId)) assertNull(authDiskSource.getUserBiometricUnlockKey(userId = userId)) assertNull(authDiskSource.getLastActiveTimeMillis(userId = userId)) assertNull(authDiskSource.getInvalidUnlockAttempts(userId = userId)) diff --git a/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt b/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt index 4bd39269e..9df38ace3 100644 --- a/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt +++ b/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt @@ -67,7 +67,6 @@ class FakeAuthDiskSource : AuthDiskSource { storedOrganizations.remove(userId) storedPolicies.remove(userId) storedAccountTokens.remove(userId) - storedPendingAuthRequests.remove(userId) storedBiometricKeys.remove(userId) storedOrganizationKeys.remove(userId)