BIT-1898: Two-factor auth should have access to device data if available (#1054)

This commit is contained in:
David Perez 2024-02-22 14:05:13 -06:00 committed by Álison Fernandes
parent f03d40d5d7
commit c0c88f5108
2 changed files with 25 additions and 0 deletions

View file

@ -129,6 +129,12 @@ class AuthRepositoryImpl(
*/
private var identityTokenAuthModel: IdentityTokenAuthModel? = null
/**
* The device auth information to unlock the vault when logging in with device in the case
* of two-factor authentication.
*/
private var twoFactorDeviceData: DeviceDataModel? = null
/**
* The information necessary to resend the verification code email for two-factor login.
*/
@ -381,6 +387,7 @@ class AuthRepositoryImpl(
authModel = it,
twoFactorData = twoFactorData,
captchaToken = captchaToken ?: twoFactorResponse?.captchaToken,
deviceData = twoFactorDeviceData,
)
}
?: LoginResult.Error(errorMessage = null)
@ -431,6 +438,7 @@ class AuthRepositoryImpl(
// Cache the data necessary for the remaining two-factor auth flow.
identityTokenAuthModel = authModel
twoFactorResponse = loginResponse
twoFactorDeviceData = deviceData
resendEmailRequestJson = ResendEmailRequestJson(
deviceIdentifier = authDiskSource.uniqueAppId,
email = email,
@ -468,6 +476,7 @@ class AuthRepositoryImpl(
identityTokenAuthModel = null
twoFactorResponse = null
resendEmailRequestJson = null
twoFactorDeviceData = null
// Attempt to unlock the vault with password if possible.
password?.let {

View file

@ -1532,6 +1532,22 @@ class AuthRepositoryTest {
environmentUrlData = EnvironmentUrlDataJson.DEFAULT_US,
)
} returns SINGLE_USER_STATE_1
coEvery {
vaultRepository.unlockVault(
userId = SINGLE_USER_STATE_1.activeUserId,
email = SINGLE_USER_STATE_1.activeAccount.profile.email,
kdf = SINGLE_USER_STATE_1.activeAccount.profile.toSdkParams(),
privateKey = successResponse.privateKey,
initUserCryptoMethod = InitUserCryptoMethod.AuthRequest(
requestPrivateKey = DEVICE_REQUEST_PRIVATE_KEY,
method = AuthRequestMethod.MasterKey(
protectedMasterKey = DEVICE_ASYMMETRICAL_KEY,
authRequestKey = successResponse.key,
),
),
organizationKeys = null,
)
} returns VaultUnlockResult.Success
val finalResult = repository.login(
email = EMAIL,
password = null,