Update Bitwarden SDK to 0.3.1-20231219.150921-55 (#409)

app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/sdk/AuthSdkSource.kt

@@ -1,5 +1,6 @@
 package com.x8bit.bitwarden.data.auth.datasource.sdk
 
+import com.bitwarden.core.HashPurpose
 import com.bitwarden.core.Kdf
 import com.bitwarden.core.MasterPasswordPolicyOptions
 import com.bitwarden.core.RegisterKeyResponse
@@ -10,13 +11,13 @@ import com.x8bit.bitwarden.data.auth.datasource.sdk.model.PasswordStrength
  */
 interface AuthSdkSource {
     /**
-     * Creates a hashed password provided the given [email], [password], and [kdf].
-     * [kdf].
+     * Creates a hashed password provided the given [email], [password], [kdf], and [purpose].
      */
     suspend fun hashPassword(
         email: String,
         password: String,
         kdf: Kdf,
+        purpose: HashPurpose,
     ): Result<String>
 
     /**

app/src/main/java/com/x8bit/bitwarden/data/auth/datasource/sdk/AuthSdkSourceImpl.kt

@@ -1,5 +1,6 @@
 package com.x8bit.bitwarden.data.auth.datasource.sdk
 
+import com.bitwarden.core.HashPurpose
 import com.bitwarden.core.Kdf
 import com.bitwarden.core.MasterPasswordPolicyOptions
 import com.bitwarden.core.RegisterKeyResponse
@@ -20,11 +21,13 @@ class AuthSdkSourceImpl(
         email: String,
         password: String,
         kdf: Kdf,
+        purpose: HashPurpose,
     ): Result<String> = runCatching {
         clientAuth.hashPassword(
             email = email,
             password = password,
             kdfParams = kdf,
+            purpose = purpose,
         )
     }
 

app/src/main/java/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt

@@ -1,5 +1,6 @@
 package com.x8bit.bitwarden.data.auth.repository
 
+import com.bitwarden.core.HashPurpose
 import com.bitwarden.core.Kdf
 import com.x8bit.bitwarden.data.auth.datasource.disk.AuthDiskSource
 import com.x8bit.bitwarden.data.auth.datasource.network.model.GetTokenResponseJson
@@ -133,6 +134,7 @@ class AuthRepositoryImpl constructor(
                 email = profile.email,
                 password = password,
                 kdf = profile.toSdkParams(),
+                purpose = HashPurpose.SERVER_AUTHORIZATION,
             )
             .flatMap { hashedPassword -> accountsService.deleteAccount(hashedPassword) }
             .onSuccess { logout() }
@@ -154,6 +156,7 @@ class AuthRepositoryImpl constructor(
                 email = email,
                 password = password,
                 kdf = it.kdfParams.toSdkParams(),
+                purpose = HashPurpose.SERVER_AUTHORIZATION,
             )
         }
         .flatMap { passwordHash ->

app/src/test/java/com/x8bit/bitwarden/data/auth/datasource/sdk/AuthSdkSourceTest.kt

@@ -1,5 +1,6 @@
 package com.x8bit.bitwarden.data.auth.datasource.sdk
 
+import com.bitwarden.core.HashPurpose
 import com.bitwarden.core.Kdf
 import com.bitwarden.core.MasterPasswordPolicyOptions
 import com.bitwarden.core.RegisterKeyResponse
@@ -26,12 +27,14 @@ class AuthSdkSourceTest {
         val email = "email"
         val password = "password"
         val kdf = mockk<Kdf>()
+        val purpose = mockk<HashPurpose>()
         val expectedResult = "hashedPassword"
         coEvery {
             clientAuth.hashPassword(
                 email = email,
                 password = password,
                 kdfParams = kdf,
+                purpose = purpose,
             )
         } returns expectedResult
 
@@ -39,6 +42,7 @@ class AuthSdkSourceTest {
             email = email,
             password = password,
             kdf = kdf,
+            purpose = purpose,
         )
         assertEquals(
             expectedResult.asSuccess(),
@@ -49,6 +53,7 @@ class AuthSdkSourceTest {
                 email = email,
                 password = password,
                 kdfParams = kdf,
+                purpose = purpose,
             )
         }
     }

app/src/test/java/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryTest.kt

@@ -1,6 +1,7 @@
 package com.x8bit.bitwarden.data.auth.repository
 
 import app.cash.turbine.test
+import com.bitwarden.core.HashPurpose
 import com.bitwarden.core.Kdf
 import com.bitwarden.core.RegisterKeyResponse
 import com.bitwarden.core.RsaKeyPair
@@ -90,6 +91,7 @@ class AuthRepositoryTest {
                 email = EMAIL,
                 password = PASSWORD,
                 kdf = PRE_LOGIN_SUCCESS.kdfParams.toSdkParams(),
+                purpose = HashPurpose.SERVER_AUTHORIZATION,
             )
         } returns Result.success(PASSWORD_HASH)
         coEvery {
@@ -229,14 +231,14 @@ class AuthRepositoryTest {
         fakeAuthDiskSource.userState = SINGLE_USER_STATE_1
         val kdf = SINGLE_USER_STATE_1.activeAccount.profile.toSdkParams()
         coEvery {
-            authSdkSource.hashPassword(EMAIL, masterPassword, kdf)
+            authSdkSource.hashPassword(EMAIL, masterPassword, kdf, HashPurpose.SERVER_AUTHORIZATION)
         } returns Throwable("Fail").asFailure()
 
         val result = repository.deleteAccount(password = masterPassword)
 
         assertEquals(DeleteAccountResult.Error, result)
         coVerify {
-            authSdkSource.hashPassword(EMAIL, masterPassword, kdf)
+            authSdkSource.hashPassword(EMAIL, masterPassword, kdf, HashPurpose.SERVER_AUTHORIZATION)
         }
     }
 
@@ -247,7 +249,7 @@ class AuthRepositoryTest {
         fakeAuthDiskSource.userState = SINGLE_USER_STATE_1
         val kdf = SINGLE_USER_STATE_1.activeAccount.profile.toSdkParams()
         coEvery {
-            authSdkSource.hashPassword(EMAIL, masterPassword, kdf)
+            authSdkSource.hashPassword(EMAIL, masterPassword, kdf, HashPurpose.SERVER_AUTHORIZATION)
         } returns hashedMasterPassword.asSuccess()
         coEvery {
             accountsService.deleteAccount(hashedMasterPassword)
@@ -257,7 +259,7 @@ class AuthRepositoryTest {
 
         assertEquals(DeleteAccountResult.Error, result)
         coVerify {
-            authSdkSource.hashPassword(EMAIL, masterPassword, kdf)
+            authSdkSource.hashPassword(EMAIL, masterPassword, kdf, HashPurpose.SERVER_AUTHORIZATION)
             accountsService.deleteAccount(hashedMasterPassword)
         }
     }
@@ -269,7 +271,7 @@ class AuthRepositoryTest {
         fakeAuthDiskSource.userState = SINGLE_USER_STATE_1
         val kdf = SINGLE_USER_STATE_1.activeAccount.profile.toSdkParams()
         coEvery {
-            authSdkSource.hashPassword(EMAIL, masterPassword, kdf)
+            authSdkSource.hashPassword(EMAIL, masterPassword, kdf, HashPurpose.SERVER_AUTHORIZATION)
         } returns hashedMasterPassword.asSuccess()
         coEvery {
             accountsService.deleteAccount(hashedMasterPassword)
@@ -279,7 +281,7 @@ class AuthRepositoryTest {
 
         assertEquals(DeleteAccountResult.Success, result)
         coVerify {
-            authSdkSource.hashPassword(EMAIL, masterPassword, kdf)
+            authSdkSource.hashPassword(EMAIL, masterPassword, kdf, HashPurpose.SERVER_AUTHORIZATION)
             accountsService.deleteAccount(hashedMasterPassword)
         }
     }

gradle/libs.versions.toml

@@ -23,7 +23,7 @@ androidxRoom = "2.6.0"
 androidxSplash = "1.1.0-alpha02"
 # Once the app and SDK reach a critical point of completeness we should begin fixing the version
 # here (BIT-311).
-bitwardenSdk = "0.3.1-20231205.145329-16"
+bitwardenSdk = "0.3.1-20231219.150921-55"
 detekt = "1.23.1"
 firebaseBom = "32.5.0"
 glide = "1.0.0-beta01"