bitwarden-estensione-browser/common/src/services/userVerification.service.ts

import { UserVerificationService as UserVerificationServiceAbstraction } from '../abstractions/userVerification.service';

import { ApiService } from '../abstractions/api.service';
import { CryptoService } from '../abstractions/crypto.service';
import { I18nService } from '../abstractions/i18n.service';

import { VerificationType } from '../enums/verificationType';

import { VerifyOTPRequest } from '../models/request/account/verifyOTPRequest';
import { SecretVerificationRequest } from '../models/request/secretVerificationRequest';

import { Verification } from '../types/verification';

export class UserVerificationService implements UserVerificationServiceAbstraction {
    constructor(private cryptoService: CryptoService, private i18nService: I18nService,
        private apiService: ApiService) { }

    async buildRequest<T extends SecretVerificationRequest>(verification: Verification,
        requestClass?: new () => T, alreadyHashed?: boolean) {
        this.validateInput(verification);

        const request = requestClass != null
            ? new requestClass()
            : new SecretVerificationRequest() as T;

        if (verification.type === VerificationType.OTP) {
            request.otp = verification.secret;
        } else {
            request.masterPasswordHash = alreadyHashed
                ? verification.secret
                : await this.cryptoService.hashPassword(verification.secret, null);
        }

        return request;
    }

    async verifyUser(verification: Verification): Promise<boolean> {
        this.validateInput(verification);

        if (verification.type === VerificationType.OTP) {
            const request = new VerifyOTPRequest(verification.secret);
            try {
                await this.apiService.postAccountVerifyOTP(request);
            } catch (e) {
                throw new Error(this.i18nService.t('invalidVerificationCode'));
            }
        } else {
            const passwordValid = await this.cryptoService.compareAndUpdateKeyHash(verification.secret, null);
            if (!passwordValid) {
                throw new Error(this.i18nService.t('invalidMasterPassword'));
            }
        }
        return true;
    }

    async requestOTP() {
        await this.apiService.postAccountRequestOTP();
    }

    private validateInput(verification: Verification) {
        if (verification?.secret == null || verification.secret === '') {
            if (verification.type === VerificationType.OTP) {
                throw new Error(this.i18nService.t('verificationCodeRequired'));
            } else {
                throw new Error(this.i18nService.t('masterPassRequired'));
            }
        }
    }
}
Add support for requesting and using otp for verifying some requests (#527) Co-authored-by: Thomas Rittson <trittson@bitwarden.com> 2021-11-09 17:01:22 +01:00			`import { UserVerificationService as UserVerificationServiceAbstraction } from '../abstractions/userVerification.service';`

			`import { ApiService } from '../abstractions/api.service';`
			`import { CryptoService } from '../abstractions/crypto.service';`
			`import { I18nService } from '../abstractions/i18n.service';`

			`import { VerificationType } from '../enums/verificationType';`

			`import { VerifyOTPRequest } from '../models/request/account/verifyOTPRequest';`
			`import { SecretVerificationRequest } from '../models/request/secretVerificationRequest';`

			`import { Verification } from '../types/verification';`

			`export class UserVerificationService implements UserVerificationServiceAbstraction {`
			`constructor(private cryptoService: CryptoService, private i18nService: I18nService,`
[Key Connector] QA fixes for CLI and Desktop (#544) * Make UserVerificationService compatible with CLI * Refactor error handling * Fix i18n key name * Add apiUseKeyConnector flag to TokenResponse * Always require keyConnectorUrl to be passed in * Throw errors in userVerificationService * Use requestOTP in UserVerificationService * Remove unused deps * Fix linting 2021-11-15 22:53:57 +01:00			`private apiService: ApiService) { }`
Add support for requesting and using otp for verifying some requests (#527) Co-authored-by: Thomas Rittson <trittson@bitwarden.com> 2021-11-09 17:01:22 +01:00
			`async buildRequest<T extends SecretVerificationRequest>(verification: Verification,`
			`requestClass?: new () => T, alreadyHashed?: boolean) {`
[Key Connector] QA fixes for CLI and Desktop (#544) * Make UserVerificationService compatible with CLI * Refactor error handling * Fix i18n key name * Add apiUseKeyConnector flag to TokenResponse * Always require keyConnectorUrl to be passed in * Throw errors in userVerificationService * Use requestOTP in UserVerificationService * Remove unused deps * Fix linting 2021-11-15 22:53:57 +01:00			`this.validateInput(verification);`
Add support for requesting and using otp for verifying some requests (#527) Co-authored-by: Thomas Rittson <trittson@bitwarden.com> 2021-11-09 17:01:22 +01:00
			`const request = requestClass != null`
			`? new requestClass()`
			`: new SecretVerificationRequest() as T;`

			`if (verification.type === VerificationType.OTP) {`
			`request.otp = verification.secret;`
			`} else {`
			`request.masterPasswordHash = alreadyHashed`
			`? verification.secret`
			`: await this.cryptoService.hashPassword(verification.secret, null);`
			`}`

			`return request;`
			`}`

			`async verifyUser(verification: Verification): Promise<boolean> {`
[Key Connector] QA fixes for CLI and Desktop (#544) * Make UserVerificationService compatible with CLI * Refactor error handling * Fix i18n key name * Add apiUseKeyConnector flag to TokenResponse * Always require keyConnectorUrl to be passed in * Throw errors in userVerificationService * Use requestOTP in UserVerificationService * Remove unused deps * Fix linting 2021-11-15 22:53:57 +01:00			`this.validateInput(verification);`
Add support for requesting and using otp for verifying some requests (#527) Co-authored-by: Thomas Rittson <trittson@bitwarden.com> 2021-11-09 17:01:22 +01:00
			`if (verification.type === VerificationType.OTP) {`
			`const request = new VerifyOTPRequest(verification.secret);`
			`try {`
			`await this.apiService.postAccountVerifyOTP(request);`
			`} catch (e) {`
[Key Connector] QA fixes for CLI and Desktop (#544) * Make UserVerificationService compatible with CLI * Refactor error handling * Fix i18n key name * Add apiUseKeyConnector flag to TokenResponse * Always require keyConnectorUrl to be passed in * Throw errors in userVerificationService * Use requestOTP in UserVerificationService * Remove unused deps * Fix linting 2021-11-15 22:53:57 +01:00			`throw new Error(this.i18nService.t('invalidVerificationCode'));`
Add support for requesting and using otp for verifying some requests (#527) Co-authored-by: Thomas Rittson <trittson@bitwarden.com> 2021-11-09 17:01:22 +01:00			`}`
			`} else {`
			`const passwordValid = await this.cryptoService.compareAndUpdateKeyHash(verification.secret, null);`
			`if (!passwordValid) {`
[Key Connector] QA fixes for CLI and Desktop (#544) * Make UserVerificationService compatible with CLI * Refactor error handling * Fix i18n key name * Add apiUseKeyConnector flag to TokenResponse * Always require keyConnectorUrl to be passed in * Throw errors in userVerificationService * Use requestOTP in UserVerificationService * Remove unused deps * Fix linting 2021-11-15 22:53:57 +01:00			`throw new Error(this.i18nService.t('invalidMasterPassword'));`
Add support for requesting and using otp for verifying some requests (#527) Co-authored-by: Thomas Rittson <trittson@bitwarden.com> 2021-11-09 17:01:22 +01:00			`}`
			`}`
			`return true;`
			`}`
[Key Connector] QA fixes for CLI and Desktop (#544) * Make UserVerificationService compatible with CLI * Refactor error handling * Fix i18n key name * Add apiUseKeyConnector flag to TokenResponse * Always require keyConnectorUrl to be passed in * Throw errors in userVerificationService * Use requestOTP in UserVerificationService * Remove unused deps * Fix linting 2021-11-15 22:53:57 +01:00
			`async requestOTP() {`
			`await this.apiService.postAccountRequestOTP();`
			`}`

			`private validateInput(verification: Verification) {`
			`if (verification?.secret == null \|\| verification.secret === '') {`
			`if (verification.type === VerificationType.OTP) {`
			`throw new Error(this.i18nService.t('verificationCodeRequired'));`
			`} else {`
			`throw new Error(this.i18nService.t('masterPassRequired'));`
			`}`
			`}`
			`}`
Add support for requesting and using otp for verifying some requests (#527) Co-authored-by: Thomas Rittson <trittson@bitwarden.com> 2021-11-09 17:01:22 +01:00			`}`