Fix migration to Key Connector in cli commands (#616)

* Move CLI Key Connector check out of base class

* Add missing await

* Move safe operation out of try/catch block

* Move Key Connector migration check to unlock command

* Set convertAccountRequired flag in syncService

* Remove unneeded service

common/src/services/keyConnector.service.ts

@@ -33,7 +33,7 @@ export class KeyConnectorService implements KeyConnectorServiceAbstraction {
   }
 
   async userNeedsMigration() {
-    const loggedInUsingSso = this.tokenService.getIsExternal();
+    const loggedInUsingSso = await this.tokenService.getIsExternal();
     const requiredByOrganization = (await this.getManagingOrganization()) != null;
     const userIsNotUsingKeyConnector = !(await this.getUsesKeyConnector());
 
@@ -43,9 +43,9 @@ export class KeyConnectorService implements KeyConnectorServiceAbstraction {
   async migrateUser() {
     const organization = await this.getManagingOrganization();
     const key = await this.cryptoService.getKey();
+    const keyConnectorRequest = new KeyConnectorUserKeyRequest(key.encKeyB64);
 
     try {
-      const keyConnectorRequest = new KeyConnectorUserKeyRequest(key.encKeyB64);
       await this.apiService.postUserKeyToKeyConnector(
         organization.keyConnectorUrl,
         keyConnectorRequest

common/src/services/sync.service.ts

@@ -334,6 +334,7 @@ export class SyncService implements SyncServiceAbstraction {
     ]);
 
     if (await this.keyConnectorService.userNeedsMigration()) {
+      await this.keyConnectorService.setConvertAccountRequired(true);
       this.messagingService.send("convertAccountToKeyConnector");
     } else {
       this.keyConnectorService.removeConvertAccountRequired();

node/src/cli/commands/login.command.ts

@@ -14,16 +14,13 @@ import { CryptoService } from "jslib-common/abstractions/crypto.service";
 import { CryptoFunctionService } from "jslib-common/abstractions/cryptoFunction.service";
 import { EnvironmentService } from "jslib-common/abstractions/environment.service";
 import { I18nService } from "jslib-common/abstractions/i18n.service";
-import { KeyConnectorService } from "jslib-common/abstractions/keyConnector.service";
 import { PasswordGenerationService } from "jslib-common/abstractions/passwordGeneration.service";
 import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
 import { PolicyService } from "jslib-common/abstractions/policy.service";
 import { StateService } from "jslib-common/abstractions/state.service";
-import { SyncService } from "jslib-common/abstractions/sync.service";
 
 import { Response } from "../models/response";
 
-import { KeyConnectorUserKeyRequest } from "jslib-common/models/request/keyConnectorUserKeyRequest";
 import { UpdateTempPasswordRequest } from "jslib-common/models/request/updateTempPasswordRequest";
 
 import { MessageResponse } from "../models/response/messageResponse";
@@ -56,9 +53,7 @@ export class LoginCommand {
     protected stateService: StateService,
     protected cryptoService: CryptoService,
     protected policyService: PolicyService,
-    clientId: string,
-    private syncService: SyncService,
-    protected keyConnectorService: KeyConnectorService
+    clientId: string
   ) {
     this.clientId = clientId;
   }
@@ -315,14 +310,6 @@ export class LoginCommand {
         );
       }
 
-      // Full sync required for the reset password and key connector checks
-      await this.syncService.fullSync(true);
-
-      // Handle converting to Key Connector if required
-      if (await this.keyConnectorService.userNeedsMigration()) {
-        return await this.migrateToKeyConnector();
-      }
-
       // Handle Updating Temp Password if NOT using an API Key for authentication
       if (response.forcePasswordReset && clientId == null && clientSecret == null) {
         return await this.updateTempPassword();
@@ -479,68 +466,6 @@ export class LoginCommand {
     return userInput;
   }
 
-  private async migrateToKeyConnector() {
-    // If no interaction available, alert user to use web vault
-    if (!this.canInteract) {
-      await this.logout();
-      this.authService.logOut(() => {
-        /* Do nothing */
-      });
-      return Response.error(
-        new MessageResponse(
-          "An organization you are a member of is using Key Connector. " +
-            "In order to access the vault, you must opt-in to Key Connector now via the web vault. You have been logged out.",
-          null
-        )
-      );
-    }
-
-    const organization = await this.keyConnectorService.getManagingOrganization();
-
-    const answer: inquirer.Answers = await inquirer.createPromptModule({ output: process.stderr })({
-      type: "list",
-      name: "convert",
-      message:
-        organization.name +
-        " is using a self-hosted key server. A master password is no longer required to log in for members of this organization. ",
-      choices: [
-        {
-          name: "Remove master password and log in",
-          value: "remove",
-        },
-        {
-          name: "Leave organization and log in",
-          value: "leave",
-        },
-        {
-          name: "Exit",
-          value: "exit",
-        },
-      ],
-    });
-
-    if (answer.convert === "remove") {
-      await this.keyConnectorService.migrateUser();
-
-      // Update environment URL - required for api key login
-      const urls = this.environmentService.getUrls();
-      urls.keyConnector = organization.keyConnectorUrl;
-      await this.environmentService.setUrls(urls, true);
-
-      return await this.handleSuccessResponse();
-    } else if (answer.convert === "leave") {
-      await this.apiService.postLeaveOrganization(organization.id);
-      await this.syncService.fullSync(true);
-      return await this.handleSuccessResponse();
-    } else {
-      await this.logout();
-      this.authService.logOut(() => {
-        /* Do nothing */
-      });
-      return Response.error("You have been logged out.");
-    }
-  }
-
   private async apiClientId(): Promise<string> {
     let clientId: string = null;