diff --git a/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSource.kt b/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSource.kt index 1f683c7e4..c964757ec 100644 --- a/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSource.kt +++ b/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSource.kt @@ -119,15 +119,8 @@ interface AuthDiskSource { /** * Stores the device key for the given [userId]. - * - * When [inMemoryOnly] is `true`, the value will only be available via a call to [getDeviceKey] - * during the current app session. */ - fun storeDeviceKey( - userId: String, - deviceKey: String?, - inMemoryOnly: Boolean = false, - ) + fun storeDeviceKey(userId: String, deviceKey: String?) /** * Gets the stored [PendingAuthRequestJson] for the given [userId]. diff --git a/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt b/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt index fbb9ec22b..da57e5f65 100644 --- a/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt +++ b/app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/disk/AuthDiskSourceImpl.kt @@ -56,7 +56,6 @@ class AuthDiskSourceImpl( ), AuthDiskSource { - private val inMemoryDeviceKeys = mutableMapOf() private val inMemoryPinProtectedUserKeys = mutableMapOf() private val mutableOrganizationsFlowMap = mutableMapOf?>>() @@ -200,15 +199,12 @@ class AuthDiskSourceImpl( override fun getDeviceKey( userId: String, - ): String? = inMemoryDeviceKeys[userId] ?: getEncryptedString(key = "${DEVICE_KEY_KEY}_$userId") + ): String? = getEncryptedString(key = "${DEVICE_KEY_KEY}_$userId") override fun storeDeviceKey( userId: String, deviceKey: String?, - inMemoryOnly: Boolean, ) { - inMemoryDeviceKeys[userId] = deviceKey - if (inMemoryOnly) return putEncryptedString(key = "${DEVICE_KEY_KEY}_$userId", value = deviceKey) } diff --git a/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerImpl.kt b/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerImpl.kt index 68b43aebc..d45f4f66b 100644 --- a/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerImpl.kt +++ b/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerImpl.kt @@ -4,6 +4,7 @@ import com.bitwarden.crypto.TrustDeviceResponse import com.x8bit.bitwarden.data.auth.datasource.disk.AuthDiskSource import com.x8bit.bitwarden.data.auth.datasource.network.service.DevicesService import com.x8bit.bitwarden.data.auth.manager.util.toUserStateJson +import com.x8bit.bitwarden.data.platform.util.asSuccess import com.x8bit.bitwarden.data.platform.util.flatMap import com.x8bit.bitwarden.data.vault.datasource.sdk.VaultSdkSource @@ -17,19 +18,7 @@ class TrustedDeviceManagerImpl( ) : TrustedDeviceManager { override suspend fun trustThisDeviceIfNecessary(userId: String): Result = if (!authDiskSource.shouldTrustDevice) { - // Even though we are not trusting the device, we still store the device key in - // memory. This allows the user to be "trusted" for this session but on timeout - // or reboot, the "trust" will be gone. - vaultSdkSource - .getTrustDevice(userId = userId) - .onSuccess { trustedDevice -> - authDiskSource.storeDeviceKey( - userId = userId, - deviceKey = trustedDevice.deviceKey, - inMemoryOnly = true, - ) - } - .map { false } + false.asSuccess() } else { vaultSdkSource .getTrustDevice(userId = userId) diff --git a/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt b/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt index 9df38ace3..79528bb6e 100644 --- a/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt +++ b/app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/disk/util/FakeAuthDiskSource.kt @@ -38,7 +38,7 @@ class FakeAuthDiskSource : AuthDiskSource { mutableMapOf?>() private val storedOrganizationKeys = mutableMapOf?>() private val storedAccountTokens = mutableMapOf() - private val storedDeviceKey = mutableMapOf>() + private val storedDeviceKey = mutableMapOf() private val storedPendingAuthRequests = mutableMapOf() private val storedBiometricKeys = mutableMapOf() private val storedMasterPasswordHashes = mutableMapOf() @@ -166,14 +166,10 @@ class FakeAuthDiskSource : AuthDiskSource { getMutableOrganizationsFlow(userId = userId).tryEmit(organizations) } - override fun getDeviceKey(userId: String): String? = storedDeviceKey[userId]?.first + override fun getDeviceKey(userId: String): String? = storedDeviceKey[userId] - override fun storeDeviceKey( - userId: String, - deviceKey: String?, - inMemoryOnly: Boolean, - ) { - storedDeviceKey[userId] = deviceKey to inMemoryOnly + override fun storeDeviceKey(userId: String, deviceKey: String?) { + storedDeviceKey[userId] = deviceKey } override fun getPendingAuthRequest(userId: String): PendingAuthRequestJson? = @@ -301,8 +297,8 @@ class FakeAuthDiskSource : AuthDiskSource { /** * Assert that the [deviceKey] was stored successfully using the [userId]. */ - fun assertDeviceKey(userId: String, deviceKey: String?, inMemoryOnly: Boolean = false) { - assertEquals(deviceKey to inMemoryOnly, storedDeviceKey[userId]) + fun assertDeviceKey(userId: String, deviceKey: String?) { + assertEquals(deviceKey, storedDeviceKey[userId]) } /** diff --git a/app/src/test/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerTests.kt b/app/src/test/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerTests.kt index d792e20e8..173869aba 100644 --- a/app/src/test/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerTests.kt +++ b/app/src/test/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerTests.kt @@ -53,30 +53,13 @@ class TrustedDeviceManagerTests { @Test fun `trustThisDeviceIfNecessary when shouldTrustDevice false should return success with false`() = runTest { - val deviceKey = "deviceKey" - val trustedDeviceResponse = TrustDeviceResponse( - deviceKey = deviceKey, - protectedUserKey = "protectedUserKey", - protectedDevicePrivateKey = "protectedDevicePrivateKey", - protectedDevicePublicKey = "protectedDevicePublicKey", - ) fakeAuthDiskSource.shouldTrustDevice = false - coEvery { - vaultSdkSource.getTrustDevice(userId = USER_ID) - } returns trustedDeviceResponse.asSuccess() val result = manager.trustThisDeviceIfNecessary(userId = USER_ID) assertEquals(false.asSuccess(), result) - fakeAuthDiskSource.assertDeviceKey( - userId = USER_ID, - deviceKey = deviceKey, - inMemoryOnly = true, - ) - coVerify(exactly = 1) { - vaultSdkSource.getTrustDevice(userId = USER_ID) - } coVerify(exactly = 0) { + vaultSdkSource.getTrustDevice(userId = USER_ID) devicesService.trustDevice( appId = any(), encryptedUserKey = any(),