From e83dca529b217632b1a52c9da79df9248549ac7e Mon Sep 17 00:00:00 2001 From: Bernd Schoolmann Date: Sat, 26 Oct 2024 13:47:40 +0200 Subject: [PATCH] [PM-12607] Move key rotation to km ownership (#11709) * Move key rotation to km ownership * Fix build * Move userkey rotation data provider abstraction to km ownership * Move userkey rotation data provider abstraction to km ownership * Fix linting * Fix CODEOWNERS for key-management web * Remove incorrect export * Fix import error --- .github/CODEOWNERS | 2 +- .../organization-user-reset-password.service.ts | 3 +-- .../services/webauthn-login/webauthn-login-admin.service.ts | 3 ++- .../emergency-access/services/emergency-access.service.ts | 3 +-- apps/web/src/app/auth/settings/change-password.component.ts | 2 +- apps/web/src/app/auth/settings/settings.module.ts | 2 +- .../key-rotation/request/update-key.request.ts | 2 +- .../key-rotation/user-key-rotation-api.service.ts | 0 .../key-rotation/user-key-rotation.module.ts | 0 .../key-rotation/user-key-rotation.service.spec.ts | 0 .../key-rotation/user-key-rotation.service.ts | 4 ++-- .../migrate-legacy-encryption.component.html | 0 .../migrate-encryption/migrate-legacy-encryption.component.ts | 0 apps/web/src/app/oss-routing.module.ts | 2 +- libs/auth/src/common/abstractions/index.ts | 1 - .../src/tools/send/services/send.service.abstraction.ts | 2 +- libs/common/src/vault/abstractions/cipher.service.ts | 2 +- .../vault/abstractions/folder/folder.service.abstraction.ts | 2 +- .../user-key-rotation-data-provider.abstraction.ts | 0 libs/key-management/src/index.ts | 1 + 20 files changed, 15 insertions(+), 16 deletions(-) rename apps/web/src/app/{auth => key-management}/key-rotation/request/update-key.request.ts (88%) rename apps/web/src/app/{auth => key-management}/key-rotation/user-key-rotation-api.service.ts (100%) rename apps/web/src/app/{auth => key-management}/key-rotation/user-key-rotation.module.ts (100%) rename apps/web/src/app/{auth => key-management}/key-rotation/user-key-rotation.service.spec.ts (100%) rename apps/web/src/app/{auth => key-management}/key-rotation/user-key-rotation.service.ts (98%) rename apps/web/src/app/{auth => key-management}/migrate-encryption/migrate-legacy-encryption.component.html (100%) rename apps/web/src/app/{auth => key-management}/migrate-encryption/migrate-legacy-encryption.component.ts (100%) rename libs/{auth/src/common => key-management/src}/abstractions/user-key-rotation-data-provider.abstraction.ts (100%) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 103401d1c9..5ba5885d72 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -106,7 +106,7 @@ apps/desktop/desktop_native @bitwarden/team-platform-dev ## Key management team files ## apps/desktop/src/key-management @bitwarden/team-key-management-dev -apps/web/src/key-management @bitwarden/team-key-management-dev +apps/web/src/app/key-management @bitwarden/team-key-management-dev apps/browser/src/key-management @bitwarden/team-key-management-dev apps/cli/src/key-management @bitwarden/team-key-management-dev libs/key-management @bitwarden/team-key-management-dev diff --git a/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts b/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts index abfae811d5..88cb75b087 100644 --- a/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts +++ b/apps/web/src/app/admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service.ts @@ -5,7 +5,6 @@ import { OrganizationUserResetPasswordRequest, OrganizationUserResetPasswordWithIdRequest, } from "@bitwarden/admin-console/common"; -import { UserKeyRotationDataProvider } from "@bitwarden/auth/common"; import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; import { @@ -21,7 +20,7 @@ import { EncryptedString, EncString } from "@bitwarden/common/platform/models/do import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; import { UserId } from "@bitwarden/common/types/guid"; import { UserKey } from "@bitwarden/common/types/key"; -import { KeyService } from "@bitwarden/key-management"; +import { UserKeyRotationDataProvider, KeyService } from "@bitwarden/key-management"; @Injectable({ providedIn: "root", diff --git a/apps/web/src/app/auth/core/services/webauthn-login/webauthn-login-admin.service.ts b/apps/web/src/app/auth/core/services/webauthn-login/webauthn-login-admin.service.ts index 09ea17829c..2edbd0ada1 100644 --- a/apps/web/src/app/auth/core/services/webauthn-login/webauthn-login-admin.service.ts +++ b/apps/web/src/app/auth/core/services/webauthn-login/webauthn-login-admin.service.ts @@ -1,7 +1,7 @@ import { Injectable, Optional } from "@angular/core"; import { BehaviorSubject, filter, from, map, Observable, shareReplay, switchMap, tap } from "rxjs"; -import { PrfKeySet, UserKeyRotationDataProvider } from "@bitwarden/auth/common"; +import { PrfKeySet } from "@bitwarden/auth/common"; import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction"; import { WebAuthnLoginPrfKeyServiceAbstraction } from "@bitwarden/common/auth/abstractions/webauthn/webauthn-login-prf-key.service.abstraction"; import { WebauthnRotateCredentialRequest } from "@bitwarden/common/auth/models/request/webauthn-rotate-credential.request"; @@ -11,6 +11,7 @@ import { Verification } from "@bitwarden/common/auth/types/verification"; import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; import { UserId } from "@bitwarden/common/types/guid"; import { UserKey } from "@bitwarden/common/types/key"; +import { UserKeyRotationDataProvider } from "@bitwarden/key-management"; import { CredentialCreateOptionsView } from "../../views/credential-create-options.view"; import { PendingWebauthnLoginCredentialView } from "../../views/pending-webauthn-login-credential.view"; diff --git a/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts b/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts index a4fd9eeff0..39eb6570df 100644 --- a/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts +++ b/apps/web/src/app/auth/emergency-access/services/emergency-access.service.ts @@ -1,6 +1,5 @@ import { Injectable } from "@angular/core"; -import { UserKeyRotationDataProvider } from "@bitwarden/auth/common"; import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { PolicyData } from "@bitwarden/common/admin-console/models/data/policy.data"; import { Policy } from "@bitwarden/common/admin-console/models/domain/policy"; @@ -23,7 +22,7 @@ import { UserKey } from "@bitwarden/common/types/key"; import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service"; import { Cipher } from "@bitwarden/common/vault/models/domain/cipher"; import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view"; -import { KeyService } from "@bitwarden/key-management"; +import { UserKeyRotationDataProvider, KeyService } from "@bitwarden/key-management"; import { EmergencyAccessStatusType } from "../enums/emergency-access-status-type"; import { EmergencyAccessType } from "../enums/emergency-access-type"; diff --git a/apps/web/src/app/auth/settings/change-password.component.ts b/apps/web/src/app/auth/settings/change-password.component.ts index ec1416ba0a..3406c2d5b6 100644 --- a/apps/web/src/app/auth/settings/change-password.component.ts +++ b/apps/web/src/app/auth/settings/change-password.component.ts @@ -25,7 +25,7 @@ import { DialogService, ToastService } from "@bitwarden/components"; import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; import { KeyService } from "@bitwarden/key-management"; -import { UserKeyRotationService } from "../key-rotation/user-key-rotation.service"; +import { UserKeyRotationService } from "../../key-management/key-rotation/user-key-rotation.service"; @Component({ selector: "app-change-password", diff --git a/apps/web/src/app/auth/settings/settings.module.ts b/apps/web/src/app/auth/settings/settings.module.ts index 2d1f64d1eb..437711f4aa 100644 --- a/apps/web/src/app/auth/settings/settings.module.ts +++ b/apps/web/src/app/auth/settings/settings.module.ts @@ -2,9 +2,9 @@ import { NgModule } from "@angular/core"; import { PasswordCalloutComponent } from "@bitwarden/auth/angular"; +import { UserKeyRotationModule } from "../../key-management/key-rotation/user-key-rotation.module"; import { SharedModule } from "../../shared"; import { EmergencyAccessModule } from "../emergency-access"; -import { UserKeyRotationModule } from "../key-rotation/user-key-rotation.module"; import { ChangePasswordComponent } from "./change-password.component"; import { WebauthnLoginSettingsModule } from "./webauthn-login-settings"; diff --git a/apps/web/src/app/auth/key-rotation/request/update-key.request.ts b/apps/web/src/app/key-management/key-rotation/request/update-key.request.ts similarity index 88% rename from apps/web/src/app/auth/key-rotation/request/update-key.request.ts rename to apps/web/src/app/key-management/key-rotation/request/update-key.request.ts index 0988ed54a9..81b7d36157 100644 --- a/apps/web/src/app/auth/key-rotation/request/update-key.request.ts +++ b/apps/web/src/app/key-management/key-rotation/request/update-key.request.ts @@ -4,7 +4,7 @@ import { SendWithIdRequest } from "@bitwarden/common/src/tools/send/models/reque import { CipherWithIdRequest } from "@bitwarden/common/src/vault/models/request/cipher-with-id.request"; import { FolderWithIdRequest } from "@bitwarden/common/src/vault/models/request/folder-with-id.request"; -import { EmergencyAccessWithIdRequest } from "../../emergency-access/request/emergency-access-update.request"; +import { EmergencyAccessWithIdRequest } from "../../../auth/emergency-access/request/emergency-access-update.request"; export class UpdateKeyRequest { masterPasswordHash: string; diff --git a/apps/web/src/app/auth/key-rotation/user-key-rotation-api.service.ts b/apps/web/src/app/key-management/key-rotation/user-key-rotation-api.service.ts similarity index 100% rename from apps/web/src/app/auth/key-rotation/user-key-rotation-api.service.ts rename to apps/web/src/app/key-management/key-rotation/user-key-rotation-api.service.ts diff --git a/apps/web/src/app/auth/key-rotation/user-key-rotation.module.ts b/apps/web/src/app/key-management/key-rotation/user-key-rotation.module.ts similarity index 100% rename from apps/web/src/app/auth/key-rotation/user-key-rotation.module.ts rename to apps/web/src/app/key-management/key-rotation/user-key-rotation.module.ts diff --git a/apps/web/src/app/auth/key-rotation/user-key-rotation.service.spec.ts b/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.spec.ts similarity index 100% rename from apps/web/src/app/auth/key-rotation/user-key-rotation.service.spec.ts rename to apps/web/src/app/key-management/key-rotation/user-key-rotation.service.spec.ts diff --git a/apps/web/src/app/auth/key-rotation/user-key-rotation.service.ts b/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts similarity index 98% rename from apps/web/src/app/auth/key-rotation/user-key-rotation.service.ts rename to apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts index 8116bcd047..e4e5ab2caa 100644 --- a/apps/web/src/app/auth/key-rotation/user-key-rotation.service.ts +++ b/apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts @@ -18,8 +18,8 @@ import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.serv import { KeyService } from "@bitwarden/key-management"; import { OrganizationUserResetPasswordService } from "../../admin-console/organizations/members/services/organization-user-reset-password/organization-user-reset-password.service"; -import { WebauthnLoginAdminService } from "../core"; -import { EmergencyAccessService } from "../emergency-access"; +import { WebauthnLoginAdminService } from "../../auth/core"; +import { EmergencyAccessService } from "../../auth/emergency-access"; import { UpdateKeyRequest } from "./request/update-key.request"; import { UserKeyRotationApiService } from "./user-key-rotation-api.service"; diff --git a/apps/web/src/app/auth/migrate-encryption/migrate-legacy-encryption.component.html b/apps/web/src/app/key-management/migrate-encryption/migrate-legacy-encryption.component.html similarity index 100% rename from apps/web/src/app/auth/migrate-encryption/migrate-legacy-encryption.component.html rename to apps/web/src/app/key-management/migrate-encryption/migrate-legacy-encryption.component.html diff --git a/apps/web/src/app/auth/migrate-encryption/migrate-legacy-encryption.component.ts b/apps/web/src/app/key-management/migrate-encryption/migrate-legacy-encryption.component.ts similarity index 100% rename from apps/web/src/app/auth/migrate-encryption/migrate-legacy-encryption.component.ts rename to apps/web/src/app/key-management/migrate-encryption/migrate-legacy-encryption.component.ts diff --git a/apps/web/src/app/oss-routing.module.ts b/apps/web/src/app/oss-routing.module.ts index 9f36df175f..b3a8db2002 100644 --- a/apps/web/src/app/oss-routing.module.ts +++ b/apps/web/src/app/oss-routing.module.ts @@ -177,7 +177,7 @@ const routes: Routes = [ { path: "migrate-legacy-encryption", loadComponent: () => - import("./auth/migrate-encryption/migrate-legacy-encryption.component").then( + import("./key-management/migrate-encryption/migrate-legacy-encryption.component").then( (mod) => mod.MigrateFromLegacyEncryptionComponent, ), }, diff --git a/libs/auth/src/common/abstractions/index.ts b/libs/auth/src/common/abstractions/index.ts index 6b618992e9..e686de5201 100644 --- a/libs/auth/src/common/abstractions/index.ts +++ b/libs/auth/src/common/abstractions/index.ts @@ -3,4 +3,3 @@ export * from "./login-email.service"; export * from "./login-strategy.service"; export * from "./user-decryption-options.service.abstraction"; export * from "./auth-request.service.abstraction"; -export * from "./user-key-rotation-data-provider.abstraction"; diff --git a/libs/common/src/tools/send/services/send.service.abstraction.ts b/libs/common/src/tools/send/services/send.service.abstraction.ts index 4fa927942c..866a661b4a 100644 --- a/libs/common/src/tools/send/services/send.service.abstraction.ts +++ b/libs/common/src/tools/send/services/send.service.abstraction.ts @@ -1,6 +1,6 @@ import { Observable } from "rxjs"; -import { UserKeyRotationDataProvider } from "@bitwarden/auth/common"; +import { UserKeyRotationDataProvider } from "@bitwarden/key-management"; import { EncArrayBuffer } from "../../../platform/models/domain/enc-array-buffer"; import { SymmetricCryptoKey } from "../../../platform/models/domain/symmetric-crypto-key"; diff --git a/libs/common/src/vault/abstractions/cipher.service.ts b/libs/common/src/vault/abstractions/cipher.service.ts index f0e19a2134..444c922fe3 100644 --- a/libs/common/src/vault/abstractions/cipher.service.ts +++ b/libs/common/src/vault/abstractions/cipher.service.ts @@ -1,7 +1,7 @@ import { Observable } from "rxjs"; -import { UserKeyRotationDataProvider } from "@bitwarden/auth/common"; import { LocalData } from "@bitwarden/common/vault/models/data/local.data"; +import { UserKeyRotationDataProvider } from "@bitwarden/key-management"; import { UriMatchStrategySetting } from "../../models/domain/domain-service"; import { SymmetricCryptoKey } from "../../platform/models/domain/symmetric-crypto-key"; diff --git a/libs/common/src/vault/abstractions/folder/folder.service.abstraction.ts b/libs/common/src/vault/abstractions/folder/folder.service.abstraction.ts index 857915ddb8..df21b136f4 100644 --- a/libs/common/src/vault/abstractions/folder/folder.service.abstraction.ts +++ b/libs/common/src/vault/abstractions/folder/folder.service.abstraction.ts @@ -1,6 +1,6 @@ import { Observable } from "rxjs"; -import { UserKeyRotationDataProvider } from "@bitwarden/auth/common"; +import { UserKeyRotationDataProvider } from "@bitwarden/key-management"; import { SymmetricCryptoKey } from "../../../platform/models/domain/symmetric-crypto-key"; import { UserId } from "../../../types/guid"; diff --git a/libs/auth/src/common/abstractions/user-key-rotation-data-provider.abstraction.ts b/libs/key-management/src/abstractions/user-key-rotation-data-provider.abstraction.ts similarity index 100% rename from libs/auth/src/common/abstractions/user-key-rotation-data-provider.abstraction.ts rename to libs/key-management/src/abstractions/user-key-rotation-data-provider.abstraction.ts diff --git a/libs/key-management/src/index.ts b/libs/key-management/src/index.ts index f2bb5e3016..5ad96ddeba 100644 --- a/libs/key-management/src/index.ts +++ b/libs/key-management/src/index.ts @@ -7,3 +7,4 @@ export * from "./biometrics/biometric.state"; export { KeyService } from "./abstractions/key.service"; export { DefaultKeyService } from "./key.service"; +export { UserKeyRotationDataProvider } from "./abstractions/user-key-rotation-data-provider.abstraction";