github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-03-09 11:44:41 -05:00
Code Issues 144 Packages Projects Releases 116 Wiki Activity

[PR #5599] [MERGED] [PM-24204] Correct TOTP generation to use cipherId instead of totpCode #5901

New Issue
Closed
opened 2025-11-27 00:16:37 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-27 00:16:37 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/bitwarden/android/pull/5599
Author: @SaintPatrck
Created: 7/28/2025
Status: Merged
Merged: 7/28/2025
Merged by: @SaintPatrck

Base: mainHead: PM-24204/copy-totp-fix

📝 Commits (1)

  • 1fcbc24 [PM-24204] Correct TOTP generation to use cipherId instead of totpCode

📊 Changes

20 files changed (+40 additions, -82 deletions)

View changed files

📝 app/src/main/kotlin/com/x8bit/bitwarden/data/autofill/manager/AutofillTotpManagerImpl.kt (+3 -2)
📝 app/src/main/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSource.kt (+0 -10)
📝 app/src/main/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSourceImpl.kt (+0 -14)
📝 app/src/main/kotlin/com/x8bit/bitwarden/data/vault/repository/VaultRepository.kt (+1 -1)
📝 app/src/main/kotlin/com/x8bit/bitwarden/data/vault/repository/VaultRepositoryImpl.kt (+12 -3)
📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/platform/feature/search/SearchViewModel.kt (+1 -1)
📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt (+1 -1)
📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/model/ListingItemOverflowAction.kt (+1 -1)
📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/util/CipherListViewExtensions.kt (+1 -1)
📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/vault/VaultViewModel.kt (+1 -1)
📝 app/src/test/kotlin/com/x8bit/bitwarden/data/autofill/manager/AutofillTotpManagerTest.kt (+2 -2)
📝 app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSourceTest.kt (+0 -31)
📝 app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/TotpCodeManagerTest.kt (+2 -2)
📝 app/src/test/kotlin/com/x8bit/bitwarden/data/vault/repository/VaultRepositoryTest.kt (+6 -3)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/search/SearchViewModelTest.kt (+2 -2)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/search/util/SearchUtil.kt (+1 -1)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModelTest.kt (+2 -2)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/util/VaultItemListingDataUtil.kt (+1 -1)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/util/CipherListViewExtensionsTest.kt (+1 -1)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/vault/VaultViewModelTest.kt (+2 -2)

📄 Description

🎟️ Tracking

PM-24204
PM-24206

📔 Objective

This commit modifies the TOTP generation logic across the application to utilize cipherId instead of the raw totpCode. This change enhances security and aligns with best practices by avoiding the direct handling of TOTP codes where possible.

Key changes include:

  • Updated VaultRepository and VaultSdkSource to accept cipherId for TOTP generation. The generateTotp method in VaultSdkSource that accepted a totp string has been removed.
  • VaultRepositoryImpl now retrieves the CipherListView using the provided cipherId to pass to VaultSdkSource.generateTotpForCipherListView.
  • ViewModels (SearchViewModel, VaultViewModel, VaultItemListingViewModel) and AutofillTotpManagerImpl now pass cipherId to VaultRepository.generateTotp.
  • ListingItemOverflowAction.VaultAction.CopyTotpClick now holds cipherId instead of totpCode.
  • CipherListViewExtensions updated to pass cipherId when creating CopyTotpClick action.
  • Relevant test cases across ViewModel tests, Repository tests, Manager tests, and DataSource tests have been updated to reflect these changes, ensuring cipherId is used for TOTP generation and mock interactions.

📸 Screenshots

https://github.com/user-attachments/assets/fb274dee-fff9-41d3-91b5-3af6a447194f

Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/bitwarden/android/pull/5599 **Author:** [@SaintPatrck](https://github.com/SaintPatrck) **Created:** 7/28/2025 **Status:** ✅ Merged **Merged:** 7/28/2025 **Merged by:** [@SaintPatrck](https://github.com/SaintPatrck) **Base:** `main` ← **Head:** `PM-24204/copy-totp-fix` --- ### 📝 Commits (1) - [`1fcbc24`](https://github.com/bitwarden/android/commit/1fcbc2447856e890fd0019c69e5ded4b8e2ca762) [PM-24204] Correct TOTP generation to use cipherId instead of totpCode ### 📊 Changes **20 files changed** (+40 additions, -82 deletions) <details> <summary>View changed files</summary> 📝 `app/src/main/kotlin/com/x8bit/bitwarden/data/autofill/manager/AutofillTotpManagerImpl.kt` (+3 -2) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSource.kt` (+0 -10) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSourceImpl.kt` (+0 -14) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/data/vault/repository/VaultRepository.kt` (+1 -1) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/data/vault/repository/VaultRepositoryImpl.kt` (+12 -3) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/platform/feature/search/SearchViewModel.kt` (+1 -1) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt` (+1 -1) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/model/ListingItemOverflowAction.kt` (+1 -1) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/util/CipherListViewExtensions.kt` (+1 -1) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/vault/VaultViewModel.kt` (+1 -1) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/data/autofill/manager/AutofillTotpManagerTest.kt` (+2 -2) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/VaultSdkSourceTest.kt` (+0 -31) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/TotpCodeManagerTest.kt` (+2 -2) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/data/vault/repository/VaultRepositoryTest.kt` (+6 -3) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/search/SearchViewModelTest.kt` (+2 -2) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/search/util/SearchUtil.kt` (+1 -1) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModelTest.kt` (+2 -2) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/util/VaultItemListingDataUtil.kt` (+1 -1) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/util/CipherListViewExtensionsTest.kt` (+1 -1) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/vault/VaultViewModelTest.kt` (+2 -2) </details> ### 📄 Description ## 🎟️ Tracking PM-24204 PM-24206 ## 📔 Objective This commit modifies the TOTP generation logic across the application to utilize `cipherId` instead of the raw `totpCode`. This change enhances security and aligns with best practices by avoiding the direct handling of TOTP codes where possible. Key changes include: - Updated `VaultRepository` and `VaultSdkSource` to accept `cipherId` for TOTP generation. The `generateTotp` method in `VaultSdkSource` that accepted a `totp` string has been removed. - `VaultRepositoryImpl` now retrieves the `CipherListView` using the provided `cipherId` to pass to `VaultSdkSource.generateTotpForCipherListView`. - ViewModels (`SearchViewModel`, `VaultViewModel`, `VaultItemListingViewModel`) and `AutofillTotpManagerImpl` now pass `cipherId` to `VaultRepository.generateTotp`. - `ListingItemOverflowAction.VaultAction.CopyTotpClick` now holds `cipherId` instead of `totpCode`. - `CipherListViewExtensions` updated to pass `cipherId` when creating `CopyTotpClick` action. - Relevant test cases across `ViewModel` tests, `Repository` tests, `Manager` tests, and `DataSource` tests have been updated to reflect these changes, ensuring `cipherId` is used for TOTP generation and mock interactions. ## 📸 Screenshots https://github.com/user-attachments/assets/fb274dee-fff9-41d3-91b5-3af6a447194f ## ⏰ Reminders before review - Contributor guidelines followed - All formatters and local linters executed and passed - Written new unit and / or integration tests where applicable - Protected functional changes with optionality (feature flags) - Used internationalization (i18n) for all UI strings - CI builds passed - Communicated to DevOps any deployment requirements - Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team ## 🦮 Reviewer guidelines <!-- Suggested interactions but feel free to use (or not) as you desire! --> - 👍 (`:+1:`) or similar for great changes - 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info - ❓ (`:question:`) for questions - 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - 🎨 (`:art:`) for suggestions / improvements - ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or concerns needing attention - 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or indications of technical debt - ⛏ (`:pick:`) for minor or nitpick changes --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-27 00:16:37 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#5901
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?