From 68759fc60829bcf8937c4268bbbfd4e6d16cfd00 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Bispo?= <abispo@bitwarden.com>
Date: Tue, 29 Aug 2023 10:28:51 +0100
Subject: [PATCH] [PM-3547] Change logic to set user key for inactive account
 (#2715)

---
 src/Core/Services/VaultTimeoutService.cs | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/src/Core/Services/VaultTimeoutService.cs b/src/Core/Services/VaultTimeoutService.cs
index be425dd99..09b48953a 100644
--- a/src/Core/Services/VaultTimeoutService.cs
+++ b/src/Core/Services/VaultTimeoutService.cs
@@ -59,13 +59,6 @@ namespace Bit.Core.Services
 
         public async Task<bool> IsLockedAsync(string userId = null)
         {
-            // When checking if we need to lock inactive account, we don't want to
-            // set the key, so we only check if the account has an auto unlock key
-            if (userId != null && await _stateService.GetActiveUserIdAsync() != userId)
-            {
-                return await _cryptoService.HasAutoUnlockKeyAsync(userId);
-            }
-
             var biometricSet = await IsBiometricLockSetAsync(userId);
             if (biometricSet && await _stateService.GetBiometricLockedAsync(userId))
             {
@@ -78,7 +71,10 @@ namespace Bit.Core.Services
                 {
                     return true;
                 }
-                await _cryptoService.SetUserKeyAsync(await _cryptoService.GetAutoUnlockKeyAsync(userId), userId);
+                if (userId != null && await _stateService.GetActiveUserIdAsync() != userId)
+                {
+                    await _cryptoService.SetUserKeyAsync(await _cryptoService.GetAutoUnlockKeyAsync(userId), userId);
+                }
             }
 
             // Check again to verify auto key was set