Clear the users auto-unlock key on logout (#561)

2026-05-10 16:45:43 -05:00 · 2024-01-10 10:10:22 -06:00
parent 53108c0b9d
commit 65bb2e5efd
2 changed files with 26 additions and 0 deletions
--- a/app/src/main/java/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt
+++ b/app/src/main/java/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt
@@ -256,6 +256,7 @@ class AuthRepositoryImpl constructor(
        authDiskSource.apply {
            storeUserKey(userId = userId, userKey = null)
            storePrivateKey(userId = userId, privateKey = null)
+            storeUserAutoUnlockKey(userId = userId, userAutoUnlockKey = null)
            storeOrganizationKeys(userId = userId, organizationKeys = null)
            storeOrganizations(userId = userId, organizations = null)
        }
--- a/app/src/test/java/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryTest.kt
+++ b/app/src/test/java/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryTest.kt
@@ -1001,6 +1001,10 @@ class AuthRepositoryTest {
                userId = USER_ID_1,
                privateKey = PRIVATE_KEY,
            )
+            storeUserAutoUnlockKey(
+                userId = USER_ID_1,
+                userAutoUnlockKey = USER_AUTO_UNLOCK_KEY,
+            )
            storeOrganizationKeys(
                userId = USER_ID_1,
                organizationKeys = ORGANIZATION_KEYS,
@@ -1032,6 +1036,10 @@ class AuthRepositoryTest {
                userId = USER_ID_1,
                userKey = null,
            )
+            fakeAuthDiskSource.assertUserAutoUnlockKey(
+                userId = USER_ID_1,
+                userAutoUnlockKey = null,
+            )
            fakeAuthDiskSource.assertOrganizationKeys(
                userId = USER_ID_1,
                organizationKeys = null,
@@ -1093,6 +1101,10 @@ class AuthRepositoryTest {
                    userId = USER_ID_2,
                    privateKey = PRIVATE_KEY,
                )
+                storeUserAutoUnlockKey(
+                    userId = USER_ID_2,
+                    userAutoUnlockKey = USER_AUTO_UNLOCK_KEY,
+                )
                storeOrganizationKeys(
                    userId = USER_ID_2,
                    organizationKeys = ORGANIZATION_KEYS,
@@ -1120,6 +1132,10 @@ class AuthRepositoryTest {
                    userId = USER_ID_1,
                    userKey = null,
                )
+                fakeAuthDiskSource.assertUserAutoUnlockKey(
+                    userId = USER_ID_1,
+                    userAutoUnlockKey = null,
+                )
                fakeAuthDiskSource.assertOrganizationKeys(
                    userId = USER_ID_1,
                    organizationKeys = null,
@@ -1148,6 +1164,10 @@ class AuthRepositoryTest {
                userId = USER_ID_2,
                privateKey = PRIVATE_KEY,
            )
+            storeUserAutoUnlockKey(
+                userId = USER_ID_2,
+                userAutoUnlockKey = USER_AUTO_UNLOCK_KEY,
+            )
            storeOrganizationKeys(
                userId = USER_ID_2,
                organizationKeys = ORGANIZATION_KEYS,
@@ -1172,6 +1192,10 @@ class AuthRepositoryTest {
                userId = USER_ID_2,
                userKey = null,
            )
+            fakeAuthDiskSource.assertUserAutoUnlockKey(
+                userId = USER_ID_2,
+                userAutoUnlockKey = null,
+            )
            fakeAuthDiskSource.assertOrganizationKeys(
                userId = USER_ID_2,
                organizationKeys = null,
@@ -1398,6 +1422,7 @@ class AuthRepositoryTest {
        private const val ENCRYPTED_USER_KEY = "encryptedUserKey"
        private const val PUBLIC_KEY = "PublicKey"
        private const val PRIVATE_KEY = "privateKey"
+        private const val USER_AUTO_UNLOCK_KEY = "userAutoUnlockKey"
        private const val USER_ID_1 = "2a135b23-e1fb-42c9-bec3-573857bc8181"
        private const val USER_ID_2 = "b9d32ec0-6497-4582-9798-b350f53bfa02"
        private const val USER_ID_3 = "3816ef34-0747-4133-9b7a-ba35d3768a68"