From d9fed46a048112017cb0f25cf8b349c47feab0d0 Mon Sep 17 00:00:00 2001
From: rr-bw <102181210+rr-bw@users.noreply.github.com>
Date: Thu, 25 Apr 2024 11:02:37 -0700
Subject: [PATCH] fix tests for login strategies, vault-export, and fake MP
 service

---
 libs/angular/src/auth/components/lock.component.ts   |  2 +-
 .../login-strategies/password-login.strategy.spec.ts |  2 +-
 .../services/pin/pin.service.implementation.ts       | 12 ++++++------
 .../master-password/fake-master-password.service.ts  |  2 +-
 libs/common/src/platform/services/crypto.service.ts  |  2 +-
 .../services/individual-vault-export.service.spec.ts |  4 ++++
 .../src/services/vault-export.service.spec.ts        |  4 ++++
 7 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/libs/angular/src/auth/components/lock.component.ts b/libs/angular/src/auth/components/lock.component.ts
index 45ae517ad6..6b70508d4b 100644
--- a/libs/angular/src/auth/components/lock.component.ts
+++ b/libs/angular/src/auth/components/lock.component.ts
@@ -346,7 +346,7 @@ export class LockComponent implements OnInit, OnDestroy {
     this.pinLockType = await this.pinService.getPinLockType(userId);
 
     let ephemeralPinSet = await this.pinService.getPinKeyEncryptedUserKeyEphemeral(userId);
-    ephemeralPinSet ||= new EncString(await this.pinService.getOldPinKeyEncryptedMasterKey(userId)); // TODO-rr-bw: verify
+    ephemeralPinSet ||= new EncString(await this.pinService.getOldPinKeyEncryptedMasterKey(userId));
 
     this.pinEnabled =
       (this.pinLockType === "EPHEMERAL" && !!ephemeralPinSet) || this.pinLockType === "PERSISTENT";
diff --git a/libs/auth/src/common/login-strategies/password-login.strategy.spec.ts b/libs/auth/src/common/login-strategies/password-login.strategy.spec.ts
index cb319fe844..62439d708c 100644
--- a/libs/auth/src/common/login-strategies/password-login.strategy.spec.ts
+++ b/libs/auth/src/common/login-strategies/password-login.strategy.spec.ts
@@ -157,7 +157,7 @@ describe("PasswordLoginStrategy", () => {
     const userKey = new SymmetricCryptoKey(new Uint8Array(64).buffer as CsprngArray) as UserKey;
 
     masterPasswordService.masterKeySubject.next(masterKey);
-    masterPasswordService.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
+    masterPasswordService.mock.decryptUserKeyWithMasterKey.mockResolvedValue(userKey);
 
     await passwordLoginStrategy.logIn(credentials);
 
diff --git a/libs/auth/src/common/services/pin/pin.service.implementation.ts b/libs/auth/src/common/services/pin/pin.service.implementation.ts
index c7f9363439..5d4956bf9a 100644
--- a/libs/auth/src/common/services/pin/pin.service.implementation.ts
+++ b/libs/auth/src/common/services/pin/pin.service.implementation.ts
@@ -38,7 +38,7 @@ const PIN_KEY_ENCRYPTED_USER_KEY = new UserKeyDefinition<EncryptedString>(
   "pinKeyEncryptedUserKey",
   {
     deserializer: (jsonValue) => jsonValue,
-    clearOn: ["logout"], // TODO-rr-bw: verify
+    clearOn: ["logout"],
   },
 );
 
@@ -198,19 +198,19 @@ export class PinService implements PinServiceAbstraction {
 
     const pinKey = await this.makePinKey(
       pin,
-      (await firstValueFrom(this.accountService.activeAccount$))?.email, // TODO-rr-bw: verify (could this user possibly be different from the UserId passed in?)
+      (await firstValueFrom(this.accountService.activeAccount$))?.email,
       await this.stateService.getKdfType({ userId }),
       await this.stateService.getKdfConfig({ userId }),
     );
 
-    return await this.encryptService.encrypt(userKey.key, pinKey); // TODO-rr-bw: verify that I can use encryptService.encrypt instead of cryptoService.encrypt
+    return await this.encryptService.encrypt(userKey.key, pinKey);
   }
 
   async createProtectedPin(pin: string, userKey: UserKey) {
     if (!userKey) {
       throw new Error("No UserKey provided. Cannot create protectedPin.");
     }
-    return await this.encryptService.encrypt(pin, userKey); // TODO-rr-bw: verify that I can use encryptService.encrypt instead of cryptoService.encrypt
+    return await this.encryptService.encrypt(pin, userKey);
   }
 
   async makePinKey(pin: string, salt: string, kdf: KdfType, kdfConfig: KdfConfig): Promise<PinKey> {
@@ -439,11 +439,11 @@ export class PinService implements PinServiceAbstraction {
       }
       case "EPHEMERAL": {
         const pinKeyEncryptedUserKey = await this.getPinKeyEncryptedUserKeyEphemeral(userId);
-        const oldPinKeyEncryptedMasterKey = await this.getOldPinKeyEncryptedMasterKey(userId); // TODO-rr-bw: verify
+        const oldPinKeyEncryptedMasterKey = await this.getOldPinKeyEncryptedMasterKey(userId);
 
         return {
           pinKeyEncryptedUserKey,
-          oldPinKeyEncryptedMasterKey: oldPinKeyEncryptedMasterKey // TODO-rr-bw: verify
+          oldPinKeyEncryptedMasterKey: oldPinKeyEncryptedMasterKey
             ? new EncString(oldPinKeyEncryptedMasterKey)
             : undefined,
         };
diff --git a/libs/common/src/auth/services/master-password/fake-master-password.service.ts b/libs/common/src/auth/services/master-password/fake-master-password.service.ts
index ce28310a7f..f57614f5d5 100644
--- a/libs/common/src/auth/services/master-password/fake-master-password.service.ts
+++ b/libs/common/src/auth/services/master-password/fake-master-password.service.ts
@@ -67,6 +67,6 @@ export class FakeMasterPasswordService implements InternalMasterPasswordServiceA
     userKey?: EncString,
     userId?: string,
   ): Promise<UserKey> {
-    return false as any; // TODO-rr-bw
+    return this.mock.decryptUserKeyWithMasterKey(masterKey, userKey, userId);
   }
 }
diff --git a/libs/common/src/platform/services/crypto.service.ts b/libs/common/src/platform/services/crypto.service.ts
index 0ef0da8e80..480c785c81 100644
--- a/libs/common/src/platform/services/crypto.service.ts
+++ b/libs/common/src/platform/services/crypto.service.ts
@@ -769,7 +769,7 @@ export class CryptoService implements CryptoServiceAbstraction {
 
       await this.pinService.storePinKeyEncryptedUserKey(
         pinKeyEncryptedUserKey,
-        noPreExistingPersistentKey, // TODO-rr-bw: verify
+        noPreExistingPersistentKey,
         userId,
       );
       // We can't always clear deprecated keys because the pin is only
diff --git a/libs/tools/export/vault-export/vault-export-core/src/services/individual-vault-export.service.spec.ts b/libs/tools/export/vault-export/vault-export-core/src/services/individual-vault-export.service.spec.ts
index fc8faa4b5b..5519c5efd9 100644
--- a/libs/tools/export/vault-export/vault-export-core/src/services/individual-vault-export.service.spec.ts
+++ b/libs/tools/export/vault-export/vault-export-core/src/services/individual-vault-export.service.spec.ts
@@ -1,5 +1,6 @@
 import { mock, MockProxy } from "jest-mock-extended";
 
+import { PinServiceAbstraction } from "@bitwarden/auth/common";
 import { KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
 import { CipherWithIdExport } from "@bitwarden/common/models/export/cipher-with-ids.export";
 import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
@@ -142,6 +143,7 @@ describe("VaultExportService", () => {
   let exportService: IndividualVaultExportService;
   let cryptoFunctionService: MockProxy<CryptoFunctionService>;
   let cipherService: MockProxy<CipherService>;
+  let pinService: MockProxy<PinServiceAbstraction>;
   let folderService: MockProxy<FolderService>;
   let cryptoService: MockProxy<CryptoService>;
   let stateService: MockProxy<StateService>;
@@ -149,6 +151,7 @@ describe("VaultExportService", () => {
   beforeEach(() => {
     cryptoFunctionService = mock<CryptoFunctionService>();
     cipherService = mock<CipherService>();
+    pinService = mock<PinServiceAbstraction>();
     folderService = mock<FolderService>();
     cryptoService = mock<CryptoService>();
     stateService = mock<StateService>();
@@ -162,6 +165,7 @@ describe("VaultExportService", () => {
     exportService = new IndividualVaultExportService(
       folderService,
       cipherService,
+      pinService,
       cryptoService,
       cryptoFunctionService,
       stateService,
diff --git a/libs/tools/export/vault-export/vault-export-core/src/services/vault-export.service.spec.ts b/libs/tools/export/vault-export/vault-export-core/src/services/vault-export.service.spec.ts
index fc8faa4b5b..5519c5efd9 100644
--- a/libs/tools/export/vault-export/vault-export-core/src/services/vault-export.service.spec.ts
+++ b/libs/tools/export/vault-export/vault-export-core/src/services/vault-export.service.spec.ts
@@ -1,5 +1,6 @@
 import { mock, MockProxy } from "jest-mock-extended";
 
+import { PinServiceAbstraction } from "@bitwarden/auth/common";
 import { KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
 import { CipherWithIdExport } from "@bitwarden/common/models/export/cipher-with-ids.export";
 import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
@@ -142,6 +143,7 @@ describe("VaultExportService", () => {
   let exportService: IndividualVaultExportService;
   let cryptoFunctionService: MockProxy<CryptoFunctionService>;
   let cipherService: MockProxy<CipherService>;
+  let pinService: MockProxy<PinServiceAbstraction>;
   let folderService: MockProxy<FolderService>;
   let cryptoService: MockProxy<CryptoService>;
   let stateService: MockProxy<StateService>;
@@ -149,6 +151,7 @@ describe("VaultExportService", () => {
   beforeEach(() => {
     cryptoFunctionService = mock<CryptoFunctionService>();
     cipherService = mock<CipherService>();
+    pinService = mock<PinServiceAbstraction>();
     folderService = mock<FolderService>();
     cryptoService = mock<CryptoService>();
     stateService = mock<StateService>();
@@ -162,6 +165,7 @@ describe("VaultExportService", () => {
     exportService = new IndividualVaultExportService(
       folderService,
       cipherService,
+      pinService,
       cryptoService,
       cryptoFunctionService,
       stateService,