mirrors/bitwarden-android
1
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2025-01-12 19:27:37 +03:00
Code Issues Projects Releases Packages Wiki Activity

[PM-1078] Login with Device - Change mobile to not get fingerprint from API (#2390)

Browse source 
* [PM-1078] Fingerprint phrase gets calculated from pub key on AuthService instead of coming as a property from the api.
This commit is contained in:
André Bispo 2023-03-13 15:39:55 +00:00 committed by GitHub
parent 839aa9134c
commit ccd71202de
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 34 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/App/App.xaml.cs
View file

@ -217,7 +217,7 @@ namespace Bit.App
Id = loginRequestData.Id, Id = loginRequestData.Id,
IpAddress = loginRequestData.RequestIpAddress, IpAddress = loginRequestData.RequestIpAddress,
Email = await _stateService.GetEmailAsync(), Email = await _stateService.GetEmailAsync(),
FingerprintPhrase = loginRequestData.RequestFingerprint, FingerprintPhrase = loginRequestData.FingerprintPhrase,
RequestDate = loginRequestData.CreationDate, RequestDate = loginRequestData.CreationDate,
DeviceType = loginRequestData.RequestDeviceType, DeviceType = loginRequestData.RequestDeviceType,
Origin = loginRequestData.Origin Origin = loginRequestData.Origin

2
src/App/Pages/Accounts/LoginPasswordlessRequestViewModel.cs
View file

@ -171,7 +171,7 @@ namespace Bit.App.Pages
var response = await _authService.PasswordlessCreateLoginRequestAsync(_email); var response = await _authService.PasswordlessCreateLoginRequestAsync(_email);
if (response != null) if (response != null)
{ {
FingerprintPhrase = response.RequestFingerprint; FingerprintPhrase = response.FingerprintPhrase;
_requestId = response.Id; _requestId = response.Id;
_requestAccessCode = response.RequestAccessCode; _requestAccessCode = response.RequestAccessCode;
_requestKeyPair = response.RequestKeyPair; _requestKeyPair = response.RequestKeyPair;

2
src/App/Pages/Settings/LoginPasswordlessRequestsListPage.xaml
View file

@ -39,7 +39,7 @@
Padding="0, 10, 0 ,0" Padding="0, 10, 0 ,0"
FontAttributes="Bold"/> FontAttributes="Bold"/>
<controls:MonoLabel <controls:MonoLabel
FormattedText="{Binding RequestFingerprint}" FormattedText="{Binding FingerprintPhrase}"
Grid.Row="1" Grid.Row="1"
Grid.ColumnSpan="2" Grid.ColumnSpan="2"
FontSize="Small" FontSize="Small"

2
src/App/Pages/Settings/LoginPasswordlessRequestsListViewModel.cs
View file

@ -99,7 +99,7 @@ namespace Bit.App.Pages
Id = loginRequestData.Id, Id = loginRequestData.Id,
IpAddress = loginRequestData.RequestIpAddress, IpAddress = loginRequestData.RequestIpAddress,
Email = await _stateService.GetEmailAsync(), Email = await _stateService.GetEmailAsync(),
FingerprintPhrase = loginRequestData.RequestFingerprint, FingerprintPhrase = loginRequestData.FingerprintPhrase,
RequestDate = loginRequestData.CreationDate, RequestDate = loginRequestData.CreationDate,
DeviceType = loginRequestData.RequestDeviceType, DeviceType = loginRequestData.RequestDeviceType,
Origin = loginRequestData.Origin Origin = loginRequestData.Origin

2
src/Core/Models/Response/PasswordlessLoginResponse.cs
View file

@ -11,7 +11,7 @@ namespace Bit.Core.Models.Response
public string PublicKey { get; set; } public string PublicKey { get; set; }
public string RequestDeviceType { get; set; } public string RequestDeviceType { get; set; }
public string RequestIpAddress { get; set; } public string RequestIpAddress { get; set; }
public string RequestFingerprint { get; set; } public string FingerprintPhrase { get; set; }
public string Key { get; set; } public string Key { get; set; }
public string MasterPasswordHash { get; set; } public string MasterPasswordHash { get; set; }
public DateTime CreationDate { get; set; } public DateTime CreationDate { get; set; }

33
src/Core/Services/AuthService.cs
View file

@ -494,18 +494,21 @@ namespace Bit.Core.Services
public async Task<List<PasswordlessLoginResponse>> GetPasswordlessLoginRequestsAsync() public async Task<List<PasswordlessLoginResponse>> GetPasswordlessLoginRequestsAsync()
{ {
return await _apiService.GetAuthRequestAsync(); var response = await _apiService.GetAuthRequestAsync();
return await PopulateFingerprintPhrasesAsync(response);
} }
public async Task<List<PasswordlessLoginResponse>> GetActivePasswordlessLoginRequestsAsync() public async Task<List<PasswordlessLoginResponse>> GetActivePasswordlessLoginRequestsAsync()
{ {
var requests = await GetPasswordlessLoginRequestsAsync(); var requests = await GetPasswordlessLoginRequestsAsync();
return requests.Where(r => !r.IsAnswered && !r.IsExpired).OrderByDescending(r => r.CreationDate).ToList(); var activeRequests = requests.Where(r => !r.IsAnswered && !r.IsExpired).OrderByDescending(r => r.CreationDate).ToList();
return await PopulateFingerprintPhrasesAsync(activeRequests);
} }
public async Task<PasswordlessLoginResponse> GetPasswordlessLoginRequestByIdAsync(string id) public async Task<PasswordlessLoginResponse> GetPasswordlessLoginRequestByIdAsync(string id)
{ {
return await _apiService.GetAuthRequestAsync(id); var response = await _apiService.GetAuthRequestAsync(id);
return await PopulateFingerprintPhraseAsync(response, await _stateService.GetEmailAsync());
} }
public async Task<PasswordlessLoginResponse> GetPasswordlessLoginResponseAsync(string id, string accessCode) public async Task<PasswordlessLoginResponse> GetPasswordlessLoginResponseAsync(string id, string accessCode)
@ -520,7 +523,8 @@ namespace Bit.Core.Services
var encryptedKey = await _cryptoService.RsaEncryptAsync(masterKey.EncKey, publicKey); var encryptedKey = await _cryptoService.RsaEncryptAsync(masterKey.EncKey, publicKey);
var encryptedMasterPassword = await _cryptoService.RsaEncryptAsync(Encoding.UTF8.GetBytes(await _stateService.GetKeyHashAsync()), publicKey); var encryptedMasterPassword = await _cryptoService.RsaEncryptAsync(Encoding.UTF8.GetBytes(await _stateService.GetKeyHashAsync()), publicKey);
var deviceId = await _appIdService.GetAppIdAsync(); var deviceId = await _appIdService.GetAppIdAsync();
return await _apiService.PutAuthRequestAsync(id, encryptedKey.EncryptedString, encryptedMasterPassword.EncryptedString, deviceId, requestApproved); var response = await _apiService.PutAuthRequestAsync(id, encryptedKey.EncryptedString, encryptedMasterPassword.EncryptedString, deviceId, requestApproved);
return await PopulateFingerprintPhraseAsync(response, await _stateService.GetEmailAsync());
} }
public async Task<PasswordlessLoginResponse> PasswordlessCreateLoginRequestAsync(string email) public async Task<PasswordlessLoginResponse> PasswordlessCreateLoginRequestAsync(string email)
@ -538,9 +542,30 @@ namespace Bit.Core.Services
{ {
response.RequestKeyPair = keyPair; response.RequestKeyPair = keyPair;
response.RequestAccessCode = accessCode; response.RequestAccessCode = accessCode;
response.FingerprintPhrase = fingerprintPhrase;
} }
return response; return response;
} }
private async Task<List<PasswordlessLoginResponse>> PopulateFingerprintPhrasesAsync(List<PasswordlessLoginResponse> passwordlessLoginList)
{
if (passwordlessLoginList == null)
{
return null;
}
var userEmail = await _stateService.GetEmailAsync();
foreach (var passwordlessLogin in passwordlessLoginList)
{
await PopulateFingerprintPhraseAsync(passwordlessLogin, userEmail);
}
return passwordlessLoginList;
}
private async Task<PasswordlessLoginResponse> PopulateFingerprintPhraseAsync(PasswordlessLoginResponse passwordlessLogin, string userEmail)
{
passwordlessLogin.FingerprintPhrase = string.Join("-", await _cryptoService.GetFingerprintAsync(userEmail, CoreHelpers.Base64UrlDecode(passwordlessLogin.PublicKey)));
return passwordlessLogin;
}
} }
} }