sso support (#127)

* support for sso

* created master password boolean

* resetMasterPassword flows

* throw on bad ctor for token request
This commit is contained in:
Kyle Spearrin 2020-07-16 08:59:29 -04:00 committed by GitHub
parent f820cb9186
commit fefef546f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 148 additions and 29 deletions

View File

@ -141,6 +141,7 @@ export abstract class ApiService {
postAccountKeys: (request: KeysRequest) => Promise<any>; postAccountKeys: (request: KeysRequest) => Promise<any>;
postAccountVerifyEmail: () => Promise<any>; postAccountVerifyEmail: () => Promise<any>;
postAccountVerifyEmailToken: (request: VerifyEmailRequest) => Promise<any>; postAccountVerifyEmailToken: (request: VerifyEmailRequest) => Promise<any>;
postAccountVerifyPassword: (request: PasswordVerificationRequest) => Promise<any>;
postAccountRecoverDelete: (request: DeleteRecoverRequest) => Promise<any>; postAccountRecoverDelete: (request: DeleteRecoverRequest) => Promise<any>;
postAccountRecoverDeleteToken: (request: VerifyDeleteRecoverRequest) => Promise<any>; postAccountRecoverDeleteToken: (request: VerifyDeleteRecoverRequest) => Promise<any>;
postAccountKdf: (request: KdfRequest) => Promise<any>; postAccountKdf: (request: KdfRequest) => Promise<any>;

View File

@ -6,10 +6,14 @@ import { SymmetricCryptoKey } from '../models/domain/symmetricCryptoKey';
export abstract class AuthService { export abstract class AuthService {
email: string; email: string;
masterPasswordHash: string; masterPasswordHash: string;
code: string;
codeVerifier: string;
ssoRedirectUrl: string;
twoFactorProvidersData: Map<TwoFactorProviderType, { [key: string]: string; }>; twoFactorProvidersData: Map<TwoFactorProviderType, { [key: string]: string; }>;
selectedTwoFactorProviderType: TwoFactorProviderType; selectedTwoFactorProviderType: TwoFactorProviderType;
logIn: (email: string, masterPassword: string) => Promise<AuthResult>; logIn: (email: string, masterPassword: string) => Promise<AuthResult>;
logInSso: (code: string, codeVerifier: string, redirectUrl: string) => Promise<AuthResult>;
logInTwoFactor: (twoFactorProvider: TwoFactorProviderType, twoFactorToken: string, logInTwoFactor: (twoFactorProvider: TwoFactorProviderType, twoFactorToken: string,
remember?: boolean) => Promise<AuthResult>; remember?: boolean) => Promise<AuthResult>;
logInComplete: (email: string, masterPassword: string, twoFactorProvider: TwoFactorProviderType, logInComplete: (email: string, masterPassword: string, twoFactorProvider: TwoFactorProviderType,
@ -18,4 +22,6 @@ export abstract class AuthService {
getSupportedTwoFactorProviders: (win: Window) => any[]; getSupportedTwoFactorProviders: (win: Window) => any[];
getDefaultTwoFactorProvider: (u2fSupported: boolean) => TwoFactorProviderType; getDefaultTwoFactorProvider: (u2fSupported: boolean) => TwoFactorProviderType;
makePreloginKey: (masterPassword: string, email: string) => Promise<SymmetricCryptoKey>; makePreloginKey: (masterPassword: string, email: string) => Promise<SymmetricCryptoKey>;
authingWithSso: () => boolean;
authingWithPassword: () => boolean;
} }

View File

@ -1,6 +1,7 @@
import { OnInit } from '@angular/core'; import { OnInit } from '@angular/core';
import { Router } from '@angular/router'; import { Router } from '@angular/router';
import { ApiService } from '../../abstractions/api.service';
import { CryptoService } from '../../abstractions/crypto.service'; import { CryptoService } from '../../abstractions/crypto.service';
import { EnvironmentService } from '../../abstractions/environment.service'; import { EnvironmentService } from '../../abstractions/environment.service';
import { I18nService } from '../../abstractions/i18n.service'; import { I18nService } from '../../abstractions/i18n.service';
@ -16,6 +17,8 @@ import { ConstantsService } from '../../services/constants.service';
import { CipherString } from '../../models/domain/cipherString'; import { CipherString } from '../../models/domain/cipherString';
import { SymmetricCryptoKey } from '../../models/domain/symmetricCryptoKey'; import { SymmetricCryptoKey } from '../../models/domain/symmetricCryptoKey';
import { PasswordVerificationRequest } from '../../models/request/passwordVerificationRequest';
import { Utils } from '../../misc/utils'; import { Utils } from '../../misc/utils';
export class LockComponent implements OnInit { export class LockComponent implements OnInit {
@ -25,6 +28,7 @@ export class LockComponent implements OnInit {
email: string; email: string;
pinLock: boolean = false; pinLock: boolean = false;
webVaultHostname: string = ''; webVaultHostname: string = '';
formPromise: Promise<any>;
protected successRoute: string = 'vault'; protected successRoute: string = 'vault';
protected onSuccessfulSubmit: () => void; protected onSuccessfulSubmit: () => void;
@ -36,7 +40,8 @@ export class LockComponent implements OnInit {
protected platformUtilsService: PlatformUtilsService, protected messagingService: MessagingService, protected platformUtilsService: PlatformUtilsService, protected messagingService: MessagingService,
protected userService: UserService, protected cryptoService: CryptoService, protected userService: UserService, protected cryptoService: CryptoService,
protected storageService: StorageService, protected vaultTimeoutService: VaultTimeoutService, protected storageService: StorageService, protected vaultTimeoutService: VaultTimeoutService,
protected environmentService: EnvironmentService, protected stateService: StateService) { } protected environmentService: EnvironmentService, protected stateService: StateService,
protected apiService: ApiService) { }
async ngOnInit() { async ngOnInit() {
this.pinSet = await this.vaultTimeoutService.isPinLockSet(); this.pinSet = await this.vaultTimeoutService.isPinLockSet();
@ -98,9 +103,26 @@ export class LockComponent implements OnInit {
} else { } else {
const key = await this.cryptoService.makeKey(this.masterPassword, this.email, kdf, kdfIterations); const key = await this.cryptoService.makeKey(this.masterPassword, this.email, kdf, kdfIterations);
const keyHash = await this.cryptoService.hashPassword(this.masterPassword, key); const keyHash = await this.cryptoService.hashPassword(this.masterPassword, key);
const storedKeyHash = await this.cryptoService.getKeyHash();
if (storedKeyHash != null && keyHash != null && storedKeyHash === keyHash) { let passwordValid = false;
if (keyHash != null) {
const storedKeyHash = await this.cryptoService.getKeyHash();
if (storedKeyHash != null) {
passwordValid = storedKeyHash === keyHash;
} else {
const request = new PasswordVerificationRequest();
request.masterPasswordHash = keyHash;
try {
this.formPromise = this.apiService.postAccountVerifyPassword(request);
await this.formPromise;
passwordValid = true;
await this.cryptoService.setKeyHash(keyHash);
} catch { }
}
}
if (passwordValid) {
if (this.pinSet[0]) { if (this.pinSet[0]) {
const protectedPin = await this.storageService.get<string>(ConstantsService.protectedPin); const protectedPin = await this.storageService.get<string>(ConstantsService.protectedPin);
const encKey = await this.cryptoService.getEncKey(key); const encKey = await this.cryptoService.getEncKey(key);

View File

@ -52,12 +52,16 @@ export class TwoFactorComponent implements OnInit, OnDestroy {
} }
async ngOnInit() { async ngOnInit() {
if (this.authService.email == null || this.authService.masterPasswordHash == null || if ((!this.authService.authingWithSso() && !this.authService.authingWithPassword()) ||
this.authService.twoFactorProvidersData == null) { this.authService.twoFactorProvidersData == null) {
this.router.navigate([this.loginRoute]); this.router.navigate([this.loginRoute]);
return; return;
} }
if (this.authService.authingWithSso()) {
this.successRoute = 'lock';
}
if (this.initU2f && this.win != null && this.u2fSupported) { if (this.initU2f && this.win != null && this.u2fSupported) {
let customWebVaultUrl: string = null; let customWebVaultUrl: string = null;
if (this.environmentService.baseUrl != null) { if (this.environmentService.baseUrl != null) {

View File

@ -89,6 +89,14 @@ export class Utils {
} }
} }
static fromBufferToUrlB64(buffer: ArrayBuffer): string {
const output = this.fromBufferToB64(buffer)
.replace(/\+/g, '-')
.replace(/\//g, '_')
.replace(/=/g, '');
return output;
}
static fromBufferToUtf8(buffer: ArrayBuffer): string { static fromBufferToUtf8(buffer: ArrayBuffer): string {
if (Utils.isNode || Utils.isNativeScript) { if (Utils.isNode || Utils.isNativeScript) {
return Buffer.from(buffer).toString('utf8'); return Buffer.from(buffer).toString('utf8');

View File

@ -2,5 +2,6 @@ import { TwoFactorProviderType } from '../../enums/twoFactorProviderType';
export class AuthResult { export class AuthResult {
twoFactor: boolean = false; twoFactor: boolean = false;
resetMasterPassword: boolean = false;
twoFactorProviders: Map<TwoFactorProviderType, { [key: string]: string; }> = null; twoFactorProviders: Map<TwoFactorProviderType, { [key: string]: string; }> = null;
} }

View File

@ -5,15 +5,24 @@ import { DeviceRequest } from './deviceRequest';
export class TokenRequest { export class TokenRequest {
email: string; email: string;
masterPasswordHash: string; masterPasswordHash: string;
code: string;
codeVerifier: string;
redirectUri: string;
token: string; token: string;
provider: TwoFactorProviderType; provider: TwoFactorProviderType;
remember: boolean; remember: boolean;
device?: DeviceRequest; device?: DeviceRequest;
constructor(email: string, masterPasswordHash: string, provider: TwoFactorProviderType, constructor(credentials: string[], codes: string[], provider: TwoFactorProviderType,
token: string, remember: boolean, device?: DeviceRequest) { token: string, remember: boolean, device?: DeviceRequest) {
this.email = email; if (credentials != null && credentials.length > 1) {
this.masterPasswordHash = masterPasswordHash; this.email = credentials[0];
this.masterPasswordHash = credentials[1];
} else if (codes != null && codes.length > 2) {
this.code = codes[0];
this.codeVerifier = codes[1];
this.redirectUri = codes[2];
}
this.token = token; this.token = token;
this.provider = provider; this.provider = provider;
this.remember = remember; this.remember = remember;
@ -22,13 +31,23 @@ export class TokenRequest {
toIdentityToken(clientId: string) { toIdentityToken(clientId: string) {
const obj: any = { const obj: any = {
grant_type: 'password',
username: this.email,
password: this.masterPasswordHash,
scope: 'api offline_access', scope: 'api offline_access',
client_id: clientId, client_id: clientId,
}; };
if (this.masterPasswordHash != null && this.email != null) {
obj.grant_type = 'password';
obj.username = this.email;
obj.password = this.masterPasswordHash;
} else if (this.code != null && this.codeVerifier != null && this.redirectUri != null) {
obj.grant_type = 'authorization_code';
obj.code = this.code;
obj.code_verifier = this.codeVerifier;
obj.redirect_uri = this.redirectUri;
} else {
throw new Error('must provide credentials or codes');
}
if (this.device) { if (this.device) {
obj.deviceType = this.device.type; obj.deviceType = this.device.type;
obj.deviceIdentifier = this.device.identifier; obj.deviceIdentifier = this.device.identifier;

View File

@ -1,14 +1,19 @@
import { BaseResponse } from './baseResponse'; import { BaseResponse } from './baseResponse';
import { KdfType } from '../../enums/kdfType';
export class IdentityTokenResponse extends BaseResponse { export class IdentityTokenResponse extends BaseResponse {
accessToken: string; accessToken: string;
expiresIn: number; expiresIn: number;
refreshToken: string; refreshToken: string;
tokenType: string; tokenType: string;
resetMasterPassword: boolean;
privateKey: string; privateKey: string;
key: string; key: string;
twoFactorToken: string; twoFactorToken: string;
kdf: KdfType;
kdfIterations: number;
constructor(response: any) { constructor(response: any) {
super(response); super(response);
@ -17,8 +22,11 @@ export class IdentityTokenResponse extends BaseResponse {
this.refreshToken = response.refresh_token; this.refreshToken = response.refresh_token;
this.tokenType = response.token_type; this.tokenType = response.token_type;
this.resetMasterPassword = this.getResponseProperty('ResetMasterPassword');
this.privateKey = this.getResponseProperty('PrivateKey'); this.privateKey = this.getResponseProperty('PrivateKey');
this.key = this.getResponseProperty('Key'); this.key = this.getResponseProperty('Key');
this.twoFactorToken = this.getResponseProperty('TwoFactorToken'); this.twoFactorToken = this.getResponseProperty('TwoFactorToken');
this.kdf = this.getResponseProperty('Kdf');
this.kdfIterations = this.getResponseProperty('KdfIterations');
} }
} }

View File

@ -321,6 +321,10 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('POST', '/accounts/verify-email-token', request, false, false); return this.send('POST', '/accounts/verify-email-token', request, false, false);
} }
postAccountVerifyPassword(request: PasswordVerificationRequest): Promise<any> {
return this.send('POST', '/accounts/verify-password', request, true, false);
}
postAccountRecoverDelete(request: DeleteRecoverRequest): Promise<any> { postAccountRecoverDelete(request: DeleteRecoverRequest): Promise<any> {
return this.send('POST', '/accounts/delete-recover', request, false, false); return this.send('POST', '/accounts/delete-recover', request, false, false);
} }

View File

@ -77,12 +77,13 @@ export const TwoFactorProviders = {
export class AuthService implements AuthServiceAbstraction { export class AuthService implements AuthServiceAbstraction {
email: string; email: string;
masterPasswordHash: string; masterPasswordHash: string;
code: string;
codeVerifier: string;
ssoRedirectUrl: string;
twoFactorProvidersData: Map<TwoFactorProviderType, { [key: string]: string; }>; twoFactorProvidersData: Map<TwoFactorProviderType, { [key: string]: string; }>;
selectedTwoFactorProviderType: TwoFactorProviderType = null; selectedTwoFactorProviderType: TwoFactorProviderType = null;
private key: SymmetricCryptoKey; private key: SymmetricCryptoKey;
private kdf: KdfType;
private kdfIterations: number;
constructor(private cryptoService: CryptoService, private apiService: ApiService, constructor(private cryptoService: CryptoService, private apiService: ApiService,
private userService: UserService, private tokenService: TokenService, private userService: UserService, private tokenService: TokenService,
@ -116,13 +117,19 @@ export class AuthService implements AuthServiceAbstraction {
this.selectedTwoFactorProviderType = null; this.selectedTwoFactorProviderType = null;
const key = await this.makePreloginKey(masterPassword, email); const key = await this.makePreloginKey(masterPassword, email);
const hashedPassword = await this.cryptoService.hashPassword(masterPassword, key); const hashedPassword = await this.cryptoService.hashPassword(masterPassword, key);
return await this.logInHelper(email, hashedPassword, key); return await this.logInHelper(email, hashedPassword, null, null, null, key,
null, null, null);
}
async logInSso(code: string, codeVerifier: string, redirectUrl: string): Promise<AuthResult> {
this.selectedTwoFactorProviderType = null;
return await this.logInHelper(null, null, code, codeVerifier, redirectUrl, null, null, null, null);
} }
async logInTwoFactor(twoFactorProvider: TwoFactorProviderType, twoFactorToken: string, async logInTwoFactor(twoFactorProvider: TwoFactorProviderType, twoFactorToken: string,
remember?: boolean): Promise<AuthResult> { remember?: boolean): Promise<AuthResult> {
return await this.logInHelper(this.email, this.masterPasswordHash, this.key, twoFactorProvider, return await this.logInHelper(this.email, this.masterPasswordHash, this.code, this.codeVerifier,
twoFactorToken, remember); this.ssoRedirectUrl, this.key, twoFactorProvider, twoFactorToken, remember);
} }
async logInComplete(email: string, masterPassword: string, twoFactorProvider: TwoFactorProviderType, async logInComplete(email: string, masterPassword: string, twoFactorProvider: TwoFactorProviderType,
@ -130,7 +137,8 @@ export class AuthService implements AuthServiceAbstraction {
this.selectedTwoFactorProviderType = null; this.selectedTwoFactorProviderType = null;
const key = await this.makePreloginKey(masterPassword, email); const key = await this.makePreloginKey(masterPassword, email);
const hashedPassword = await this.cryptoService.hashPassword(masterPassword, key); const hashedPassword = await this.cryptoService.hashPassword(masterPassword, key);
return await this.logInHelper(email, hashedPassword, key, twoFactorProvider, twoFactorToken, remember); return await this.logInHelper(email, hashedPassword, null, null, null, key, twoFactorProvider, twoFactorToken,
remember);
} }
logOut(callback: Function) { logOut(callback: Function) {
@ -201,37 +209,59 @@ export class AuthService implements AuthServiceAbstraction {
async makePreloginKey(masterPassword: string, email: string): Promise<SymmetricCryptoKey> { async makePreloginKey(masterPassword: string, email: string): Promise<SymmetricCryptoKey> {
email = email.trim().toLowerCase(); email = email.trim().toLowerCase();
this.kdf = null; let kdf: KdfType = null;
this.kdfIterations = null; let kdfIterations: number = null;
try { try {
const preloginResponse = await this.apiService.postPrelogin(new PreloginRequest(email)); const preloginResponse = await this.apiService.postPrelogin(new PreloginRequest(email));
if (preloginResponse != null) { if (preloginResponse != null) {
this.kdf = preloginResponse.kdf; kdf = preloginResponse.kdf;
this.kdfIterations = preloginResponse.kdfIterations; kdfIterations = preloginResponse.kdfIterations;
} }
} catch (e) { } catch (e) {
if (e == null || e.statusCode !== 404) { if (e == null || e.statusCode !== 404) {
throw e; throw e;
} }
} }
return this.cryptoService.makeKey(masterPassword, email, this.kdf, this.kdfIterations); return this.cryptoService.makeKey(masterPassword, email, kdf, kdfIterations);
} }
private async logInHelper(email: string, hashedPassword: string, key: SymmetricCryptoKey, authingWithSso(): boolean {
twoFactorProvider?: TwoFactorProviderType, twoFactorToken?: string, remember?: boolean): Promise<AuthResult> { return this.code != null && this.codeVerifier != null && this.ssoRedirectUrl != null;
}
authingWithPassword(): boolean {
return this.email != null && this.masterPasswordHash != null;
}
private async logInHelper(email: string, hashedPassword: string, code: string, codeVerifier: string,
redirectUrl: string, key: SymmetricCryptoKey, twoFactorProvider?: TwoFactorProviderType,
twoFactorToken?: string, remember?: boolean): Promise<AuthResult> {
const storedTwoFactorToken = await this.tokenService.getTwoFactorToken(email); const storedTwoFactorToken = await this.tokenService.getTwoFactorToken(email);
const appId = await this.appIdService.getAppId(); const appId = await this.appIdService.getAppId();
const deviceRequest = new DeviceRequest(appId, this.platformUtilsService); const deviceRequest = new DeviceRequest(appId, this.platformUtilsService);
let emailPassword: string[] = [];
let codeCodeVerifier: string[] = [];
if (email != null && hashedPassword != null) {
emailPassword = [email, hashedPassword];
} else {
emailPassword = null;
}
if (code != null && codeVerifier != null && redirectUrl != null) {
codeCodeVerifier = [code, codeVerifier, redirectUrl];
} else {
codeCodeVerifier = null;
}
let request: TokenRequest; let request: TokenRequest;
if (twoFactorToken != null && twoFactorProvider != null) { if (twoFactorToken != null && twoFactorProvider != null) {
request = new TokenRequest(email, hashedPassword, twoFactorProvider, twoFactorToken, remember, request = new TokenRequest(emailPassword, codeCodeVerifier, twoFactorProvider, twoFactorToken, remember,
deviceRequest); deviceRequest);
} else if (storedTwoFactorToken != null) { } else if (storedTwoFactorToken != null) {
request = new TokenRequest(email, hashedPassword, TwoFactorProviderType.Remember, request = new TokenRequest(emailPassword, codeCodeVerifier, TwoFactorProviderType.Remember,
storedTwoFactorToken, false, deviceRequest); storedTwoFactorToken, false, deviceRequest);
} else { } else {
request = new TokenRequest(email, hashedPassword, null, null, false, deviceRequest); request = new TokenRequest(emailPassword, codeCodeVerifier, null, null, false, deviceRequest);
} }
const response = await this.apiService.postIdentityToken(request); const response = await this.apiService.postIdentityToken(request);
@ -245,6 +275,9 @@ export class AuthService implements AuthServiceAbstraction {
const twoFactorResponse = response as IdentityTwoFactorResponse; const twoFactorResponse = response as IdentityTwoFactorResponse;
this.email = email; this.email = email;
this.masterPasswordHash = hashedPassword; this.masterPasswordHash = hashedPassword;
this.code = code;
this.codeVerifier = codeVerifier;
this.ssoRedirectUrl = redirectUrl;
this.key = this.setCryptoKeys ? key : null; this.key = this.setCryptoKeys ? key : null;
this.twoFactorProvidersData = twoFactorResponse.twoFactorProviders2; this.twoFactorProvidersData = twoFactorResponse.twoFactorProviders2;
result.twoFactorProviders = twoFactorResponse.twoFactorProviders2; result.twoFactorProviders = twoFactorResponse.twoFactorProviders2;
@ -252,16 +285,21 @@ export class AuthService implements AuthServiceAbstraction {
} }
const tokenResponse = response as IdentityTokenResponse; const tokenResponse = response as IdentityTokenResponse;
result.resetMasterPassword = tokenResponse.resetMasterPassword;
if (tokenResponse.twoFactorToken != null) { if (tokenResponse.twoFactorToken != null) {
await this.tokenService.setTwoFactorToken(tokenResponse.twoFactorToken, email); await this.tokenService.setTwoFactorToken(tokenResponse.twoFactorToken, email);
} }
await this.tokenService.setTokens(tokenResponse.accessToken, tokenResponse.refreshToken); await this.tokenService.setTokens(tokenResponse.accessToken, tokenResponse.refreshToken);
await this.userService.setInformation(this.tokenService.getUserId(), this.tokenService.getEmail(), await this.userService.setInformation(this.tokenService.getUserId(), this.tokenService.getEmail(),
this.kdf, this.kdfIterations); tokenResponse.kdf, tokenResponse.kdfIterations);
if (this.setCryptoKeys) { if (this.setCryptoKeys) {
await this.cryptoService.setKey(key); if (key != null) {
await this.cryptoService.setKeyHash(hashedPassword); await this.cryptoService.setKey(key);
}
if (hashedPassword != null) {
await this.cryptoService.setKeyHash(hashedPassword);
}
await this.cryptoService.setEncKey(tokenResponse.key); await this.cryptoService.setEncKey(tokenResponse.key);
// User doesn't have a key pair yet (old account), let's generate one for them // User doesn't have a key pair yet (old account), let's generate one for them
@ -284,8 +322,12 @@ export class AuthService implements AuthServiceAbstraction {
} }
private clearState(): void { private clearState(): void {
this.key = null;
this.email = null; this.email = null;
this.masterPasswordHash = null; this.masterPasswordHash = null;
this.code = null;
this.codeVerifier = null;
this.ssoRedirectUrl = null;
this.twoFactorProvidersData = null; this.twoFactorProvidersData = null;
this.selectedTwoFactorProviderType = null; this.selectedTwoFactorProviderType = null;
} }

View File

@ -23,6 +23,8 @@ export class ConstantsService {
static readonly protectedPin: string = 'protectedPin'; static readonly protectedPin: string = 'protectedPin';
static readonly clearClipboardKey: string = 'clearClipboardKey'; static readonly clearClipboardKey: string = 'clearClipboardKey';
static readonly eventCollectionKey: string = 'eventCollection'; static readonly eventCollectionKey: string = 'eventCollection';
static readonly ssoCodeVerifierKey: string = 'ssoCodeVerifier';
static readonly ssoStateKey: string = 'ssoState';
readonly environmentUrlsKey: string = ConstantsService.environmentUrlsKey; readonly environmentUrlsKey: string = ConstantsService.environmentUrlsKey;
readonly disableGaKey: string = ConstantsService.disableGaKey; readonly disableGaKey: string = ConstantsService.disableGaKey;
@ -47,4 +49,6 @@ export class ConstantsService {
readonly protectedPin: string = ConstantsService.protectedPin; readonly protectedPin: string = ConstantsService.protectedPin;
readonly clearClipboardKey: string = ConstantsService.clearClipboardKey; readonly clearClipboardKey: string = ConstantsService.clearClipboardKey;
readonly eventCollectionKey: string = ConstantsService.eventCollectionKey; readonly eventCollectionKey: string = ConstantsService.eventCollectionKey;
readonly ssoCodeVerifierKey: string = ConstantsService.ssoCodeVerifierKey;
readonly ssoStateKey: string = ConstantsService.ssoStateKey;
} }