BITAU-173 Return null symmetric key when no users have enabled Authen… (#3961)

This commit is contained in:
Andrew Haisting 2024-09-25 10:01:07 -05:00 committed by GitHub
parent 0f009943b5
commit 6908111377
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 49 additions and 3 deletions

View file

@ -10,7 +10,7 @@ interface AuthenticatorBridgeRepository {
/**
* The currently persisted authenticator sync symmetric key. This key is used for
* encrypting IPC traffic.
* encrypting IPC traffic. This will return null if no users have enabled authenticator sync.
*/
val authenticatorSyncSymmetricKey: ByteArray?

View file

@ -26,7 +26,23 @@ class AuthenticatorBridgeRepositoryImpl(
) : AuthenticatorBridgeRepository {
override val authenticatorSyncSymmetricKey: ByteArray?
get() = authDiskSource.authenticatorSyncSymmetricKey
get() {
val doAnyAccountsHaveAuthenticatorSyncEnabled = authRepository
.userStateFlow
.value
?.accounts
?.any {
// Authenticator sync is enabled if any accounts have an authenticator
// sync key stored:
authDiskSource.getAuthenticatorSyncUnlockKey(it.userId) != null
}
?: false
return if (doAnyAccountsHaveAuthenticatorSyncEnabled) {
authDiskSource.authenticatorSyncSymmetricKey
} else {
null
}
}
@Suppress("LongMethod")
override suspend fun getSharedAccounts(): SharedAccountData {

View file

@ -334,7 +334,14 @@ class AuthenticatorBridgeRepositoryTest {
}
@Test
fun `authenticatorSyncSymmetricKey should read from authDiskSource`() {
@Suppress("MaxLineLength")
fun `authenticatorSyncSymmetricKey should read from authDiskSource when one user has authenticator sync enabled`() {
every { authRepository.userStateFlow } returns MutableStateFlow(USER_STATE)
fakeAuthDiskSource.storeAuthenticatorSyncUnlockKey(
userId = USER_1_ID,
authenticatorSyncUnlockKey = USER_1_UNLOCK_KEY,
)
fakeAuthDiskSource.authenticatorSyncSymmetricKey = null
assertNull(authenticatorBridgeRepository.authenticatorSyncSymmetricKey)
@ -342,6 +349,29 @@ class AuthenticatorBridgeRepositoryTest {
fakeAuthDiskSource.authenticatorSyncSymmetricKey = syncKey
assertEquals(syncKey, authenticatorBridgeRepository.authenticatorSyncSymmetricKey)
verify { authRepository.userStateFlow }
}
@Test
@Suppress("MaxLineLength")
fun `authenticatorSyncSymmetricKey should return null when no user has authenticator sync enabled`() {
every { authRepository.userStateFlow } returns MutableStateFlow(USER_STATE)
fakeAuthDiskSource.storeAuthenticatorSyncUnlockKey(
userId = USER_1_ID,
authenticatorSyncUnlockKey = null,
)
fakeAuthDiskSource.storeAuthenticatorSyncUnlockKey(
userId = USER_2_ID,
authenticatorSyncUnlockKey = null,
)
fakeAuthDiskSource.authenticatorSyncSymmetricKey = null
assertNull(authenticatorBridgeRepository.authenticatorSyncSymmetricKey)
val syncKey = generateSecretKey().getOrThrow().encoded
fakeAuthDiskSource.authenticatorSyncSymmetricKey = syncKey
assertNull(authenticatorBridgeRepository.authenticatorSyncSymmetricKey)
verify { authRepository.userStateFlow }
}
}