Establish device trust directly with a TrustDeviceResponse (#1246)

2026-06-03 03:06:21 -05:00 · 2024-04-09 11:06:31 -05:00
parent 05d1607024
commit 2ae8a76103
3 changed files with 90 additions and 19 deletions
--- a/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManager.kt
+++ b/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManager.kt
@@ -1,5 +1,7 @@
 package com.x8bit.bitwarden.data.auth.manager

+import com.bitwarden.crypto.TrustDeviceResponse
+
 /**
 * Manager used to establish trust with this device.
 */
@@ -8,4 +10,12 @@ interface TrustedDeviceManager {
     * Establishes trust with this device if necessary.
     */
    suspend fun trustThisDeviceIfNecessary(userId: String): Result<Boolean>
+
+    /**
+     * Establishes trust with this device based on the provided [TrustDeviceResponse].
+     */
+    suspend fun trustThisDevice(
+        userId: String,
+        trustDeviceResponse: TrustDeviceResponse,
+    ): Result<Unit>
 }
--- a/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerImpl.kt
+++ b/app/src/main/java/com/x8bit/bitwarden/data/auth/manager/TrustedDeviceManagerImpl.kt
@@ -1,5 +1,6 @@
 package com.x8bit.bitwarden.data.auth.manager

+import com.bitwarden.crypto.TrustDeviceResponse
 import com.x8bit.bitwarden.data.auth.datasource.disk.AuthDiskSource
 import com.x8bit.bitwarden.data.auth.datasource.network.service.DevicesService
 import com.x8bit.bitwarden.data.auth.manager.util.toUserStateJson
@@ -32,26 +33,31 @@ class TrustedDeviceManagerImpl(
        } else {
            vaultSdkSource
                .getTrustDevice(userId = userId)
-                .flatMap { trustedDevice ->
-                    devicesService
-                        .trustDevice(
-                            appId = authDiskSource.uniqueAppId,
-                            encryptedDevicePrivateKey = trustedDevice.protectedDevicePrivateKey,
-                            encryptedDevicePublicKey = trustedDevice.protectedDevicePublicKey,
-                            encryptedUserKey = trustedDevice.protectedUserKey,
-                        )
-                        .onSuccess {
-                            authDiskSource.storeDeviceKey(
-                                userId = userId,
-                                deviceKey = trustedDevice.deviceKey,
-                            )
-                            authDiskSource.userState = trustedDevice.toUserStateJson(
-                                userId = userId,
-                                previousUserState = requireNotNull(authDiskSource.userState),
-                            )
-                        }
-                }
+                .flatMap { trustThisDevice(userId = userId, trustDeviceResponse = it) }
                .also { authDiskSource.shouldTrustDevice = false }
                .map { true }
        }
+
+    override suspend fun trustThisDevice(
+        userId: String,
+        trustDeviceResponse: TrustDeviceResponse,
+    ): Result<Unit> = devicesService
+        .trustDevice(
+            appId = authDiskSource.uniqueAppId,
+            encryptedDevicePrivateKey = trustDeviceResponse.protectedDevicePrivateKey,
+            encryptedDevicePublicKey = trustDeviceResponse.protectedDevicePublicKey,
+            encryptedUserKey = trustDeviceResponse.protectedUserKey,
+        )
+        .onSuccess {
+            authDiskSource.storeDeviceKey(
+                userId = userId,
+                deviceKey = trustDeviceResponse.deviceKey,
+            )
+            authDiskSource.userState = trustDeviceResponse.toUserStateJson(
+                userId = userId,
+                previousUserState = requireNotNull(authDiskSource.userState),
+            )
+        }
+        .also { authDiskSource.shouldTrustDevice = false }
+        .map { Unit }
 }