mirror of
https://github.com/bitwarden/clients.git
synced 2026-07-07 21:10:55 +08:00
[PM-33554] Don't log out when trust denied for sdk key rotation (#19961)
* Don't log out when trust denied * Cleanup
This commit is contained in:
parent
26cb88bd8c
commit
f3aff99db5
@ -123,20 +123,23 @@ export class UserKeyRotationService {
|
||||
this.logService.info(
|
||||
"[UserKey Rotation] Using SDK-based key rotation service from user-crypto-management",
|
||||
);
|
||||
await this.sdkUserKeyRotationService.changePasswordAndRotateUserKey(
|
||||
const success = await this.sdkUserKeyRotationService.changePasswordAndRotateUserKey(
|
||||
currentMasterPassword,
|
||||
newMasterPassword,
|
||||
newMasterPasswordHint,
|
||||
asUuid(user.id),
|
||||
);
|
||||
this.toastService.showToast({
|
||||
variant: "success",
|
||||
title: this.i18nService.t("rotationCompletedTitle"),
|
||||
message: this.i18nService.t("rotationCompletedDesc"),
|
||||
timeout: 15000,
|
||||
});
|
||||
|
||||
await this.logoutService.logout(user.id);
|
||||
if (success) {
|
||||
this.toastService.showToast({
|
||||
variant: "success",
|
||||
title: this.i18nService.t("rotationCompletedTitle"),
|
||||
message: this.i18nService.t("rotationCompletedDesc"),
|
||||
timeout: 15000,
|
||||
});
|
||||
|
||||
await this.logoutService.logout(user.id);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@ -28,7 +28,7 @@ export abstract class UserKeyRotationService {
|
||||
newMasterPassword: string,
|
||||
hint: string | undefined,
|
||||
userId: UserId,
|
||||
): Promise<void>;
|
||||
): Promise<boolean>;
|
||||
|
||||
/**
|
||||
* Verifies the trust of organizations and emergency access users by prompting the user.
|
||||
|
||||
@ -33,17 +33,17 @@ export class DefaultUserKeyRotationService implements UserKeyRotationService {
|
||||
newMasterPassword: string,
|
||||
hint: string | undefined,
|
||||
userId: UserId,
|
||||
): Promise<void> {
|
||||
): Promise<boolean> {
|
||||
// First, the provided organizations and emergency access users need to be verified;
|
||||
// this is currently done by providing the user a manual confirmation dialog.
|
||||
const { wasTrustDenied, trustedOrganizationPublicKeys, trustedEmergencyAccessUserPublicKeys } =
|
||||
await this.verifyTrust(userId);
|
||||
if (wasTrustDenied) {
|
||||
this.logService.info("[Userkey rotation] Trust was denied by user. Aborting!");
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
return firstValueFrom(
|
||||
return await firstValueFrom(
|
||||
this.sdkService.userClient$(userId).pipe(
|
||||
map(async (sdk) => {
|
||||
if (!sdk) {
|
||||
@ -63,6 +63,7 @@ export class DefaultUserKeyRotationService implements UserKeyRotationService {
|
||||
trusted_emergency_access_public_keys: trustedEmergencyAccessUserPublicKeys,
|
||||
trusted_organization_public_keys: trustedOrganizationPublicKeys,
|
||||
} as RotateUserKeysRequest);
|
||||
return true;
|
||||
}),
|
||||
catchError((error: unknown) => {
|
||||
this.logService.error(`Failed to rotate user keys: ${error}`);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user