From ccd71202de6d99666c1080eceea447ea6b80e6bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Bispo?= Date: Mon, 13 Mar 2023 15:39:55 +0000 Subject: [PATCH] [PM-1078] Login with Device - Change mobile to not get fingerprint from API (#2390) * [PM-1078] Fingerprint phrase gets calculated from pub key on AuthService instead of coming as a property from the api. --- src/App/App.xaml.cs | 2 +- .../LoginPasswordlessRequestViewModel.cs | 2 +- .../LoginPasswordlessRequestsListPage.xaml | 2 +- .../LoginPasswordlessRequestsListViewModel.cs | 2 +- .../Response/PasswordlessLoginResponse.cs | 2 +- src/Core/Services/AuthService.cs | 33 ++++++++++++++++--- 6 files changed, 34 insertions(+), 9 deletions(-) diff --git a/src/App/App.xaml.cs b/src/App/App.xaml.cs index 3cbc4ff52..e10bf85c0 100644 --- a/src/App/App.xaml.cs +++ b/src/App/App.xaml.cs @@ -217,7 +217,7 @@ namespace Bit.App Id = loginRequestData.Id, IpAddress = loginRequestData.RequestIpAddress, Email = await _stateService.GetEmailAsync(), - FingerprintPhrase = loginRequestData.RequestFingerprint, + FingerprintPhrase = loginRequestData.FingerprintPhrase, RequestDate = loginRequestData.CreationDate, DeviceType = loginRequestData.RequestDeviceType, Origin = loginRequestData.Origin diff --git a/src/App/Pages/Accounts/LoginPasswordlessRequestViewModel.cs b/src/App/Pages/Accounts/LoginPasswordlessRequestViewModel.cs index df8fce7dd..efdfe4cd3 100644 --- a/src/App/Pages/Accounts/LoginPasswordlessRequestViewModel.cs +++ b/src/App/Pages/Accounts/LoginPasswordlessRequestViewModel.cs @@ -171,7 +171,7 @@ namespace Bit.App.Pages var response = await _authService.PasswordlessCreateLoginRequestAsync(_email); if (response != null) { - FingerprintPhrase = response.RequestFingerprint; + FingerprintPhrase = response.FingerprintPhrase; _requestId = response.Id; _requestAccessCode = response.RequestAccessCode; _requestKeyPair = response.RequestKeyPair; diff --git a/src/App/Pages/Settings/LoginPasswordlessRequestsListPage.xaml b/src/App/Pages/Settings/LoginPasswordlessRequestsListPage.xaml index 3a170c30a..213127ea1 100644 --- a/src/App/Pages/Settings/LoginPasswordlessRequestsListPage.xaml +++ b/src/App/Pages/Settings/LoginPasswordlessRequestsListPage.xaml @@ -39,7 +39,7 @@ Padding="0, 10, 0 ,0" FontAttributes="Bold"/> > GetPasswordlessLoginRequestsAsync() { - return await _apiService.GetAuthRequestAsync(); + var response = await _apiService.GetAuthRequestAsync(); + return await PopulateFingerprintPhrasesAsync(response); } public async Task> GetActivePasswordlessLoginRequestsAsync() { var requests = await GetPasswordlessLoginRequestsAsync(); - return requests.Where(r => !r.IsAnswered && !r.IsExpired).OrderByDescending(r => r.CreationDate).ToList(); + var activeRequests = requests.Where(r => !r.IsAnswered && !r.IsExpired).OrderByDescending(r => r.CreationDate).ToList(); + return await PopulateFingerprintPhrasesAsync(activeRequests); } public async Task GetPasswordlessLoginRequestByIdAsync(string id) { - return await _apiService.GetAuthRequestAsync(id); + var response = await _apiService.GetAuthRequestAsync(id); + return await PopulateFingerprintPhraseAsync(response, await _stateService.GetEmailAsync()); } public async Task GetPasswordlessLoginResponseAsync(string id, string accessCode) @@ -520,7 +523,8 @@ namespace Bit.Core.Services var encryptedKey = await _cryptoService.RsaEncryptAsync(masterKey.EncKey, publicKey); var encryptedMasterPassword = await _cryptoService.RsaEncryptAsync(Encoding.UTF8.GetBytes(await _stateService.GetKeyHashAsync()), publicKey); var deviceId = await _appIdService.GetAppIdAsync(); - return await _apiService.PutAuthRequestAsync(id, encryptedKey.EncryptedString, encryptedMasterPassword.EncryptedString, deviceId, requestApproved); + var response = await _apiService.PutAuthRequestAsync(id, encryptedKey.EncryptedString, encryptedMasterPassword.EncryptedString, deviceId, requestApproved); + return await PopulateFingerprintPhraseAsync(response, await _stateService.GetEmailAsync()); } public async Task PasswordlessCreateLoginRequestAsync(string email) @@ -538,9 +542,30 @@ namespace Bit.Core.Services { response.RequestKeyPair = keyPair; response.RequestAccessCode = accessCode; + response.FingerprintPhrase = fingerprintPhrase; } return response; } + + private async Task> PopulateFingerprintPhrasesAsync(List passwordlessLoginList) + { + if (passwordlessLoginList == null) + { + return null; + } + var userEmail = await _stateService.GetEmailAsync(); + foreach (var passwordlessLogin in passwordlessLoginList) + { + await PopulateFingerprintPhraseAsync(passwordlessLogin, userEmail); + } + return passwordlessLoginList; + } + + private async Task PopulateFingerprintPhraseAsync(PasswordlessLoginResponse passwordlessLogin, string userEmail) + { + passwordlessLogin.FingerprintPhrase = string.Join("-", await _cryptoService.GetFingerprintAsync(userEmail, CoreHelpers.Base64UrlDecode(passwordlessLogin.PublicKey))); + return passwordlessLogin; + } } }