Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PM-5064] Fix lock interaction between biometrics and vault timeout never #2885

Merged
merged 2 commits into from
Dec 4, 2023
Merged

[PM-5064] Fix lock interaction between biometrics and vault timeout never #2885

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1a643ba
PM-5064 Fix lock interaction between biometrics and vault timeout never
fedemkr Dec 1, 2023
2925d30
Merge branch 'master' into vault/pm-5064/fix-unlock-with-biometrics
fedemkr Dec 4, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions src/Core/Services/VaultTimeoutService.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,12 +63,20 @@
/// </param>
public async Task<bool> IsLockedAsync(string userId = null)
{
// If biometrics are used, we can use the flag to determine locked state taking into account the auto unlock key for vault timeout never.
var biometricSet = await IsBiometricLockSetAsync(userId);
var hasAutoUnlockKey = await _cryptoService.HasAutoUnlockKeyAsync(userId);
if (biometricSet && await _stateService.GetBiometricLockedAsync(userId) && !hasAutoUnlockKey)
{
return true;
}

if (!await _cryptoService.HasUserKeyAsync(userId))
{
try
{
// Filter out accounts without auto key
if (!await _cryptoService.HasAutoUnlockKeyAsync(userId))
if (!hasAutoUnlockKey)
{
return true;
}
Expand All @@ -84,7 +92,6 @@
// Legacy users must migrate on web vault before login
await LogOutAsync(false, userId);
}

}

// Check again to verify auto key was set
Expand Down Expand Up @@ -193,7 +200,7 @@
{
var pinStatus = await GetPinLockTypeAsync(userId);
var ephemeralPinSet = await _stateService.GetPinKeyEncryptedUserKeyEphemeralAsync()
?? await _stateService.GetPinProtectedKeyAsync();

Check warning on line 203 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (prod) 

'IStateService.GetPinProtectedKeyAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyEphemeralAsync instead, left for migration purposes'

Check warning on line 203 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (prod) 

'IStateService.GetPinProtectedKeyAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyEphemeralAsync instead, left for migration purposes'

Check warning on line 203 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (qa) 

'IStateService.GetPinProtectedKeyAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyEphemeralAsync instead, left for migration purposes'

Check warning on line 203 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (qa) 

'IStateService.GetPinProtectedKeyAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyEphemeralAsync instead, left for migration purposes'
var pinEnabled = (pinStatus == PinLockType.Transient && ephemeralPinSet != null) ||
pinStatus == PinLockType.Persistent;

Expand Down Expand Up @@ -253,7 +260,7 @@
// versions only used it for MP on Restart
var isPinEnabled = await _stateService.GetProtectedPinAsync(userId) != null;
var hasUserKeyPin = await _stateService.GetPinKeyEncryptedUserKeyAsync(userId) != null;
var hasOldUserKeyPin = await _stateService.GetPinProtectedAsync(userId) != null;

Check warning on line 263 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (prod) 

'IStateService.GetPinProtectedAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyAsync instead, left for migration purposes'

Check warning on line 263 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (prod) 

'IStateService.GetPinProtectedAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyAsync instead, left for migration purposes'

Check warning on line 263 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (qa) 

'IStateService.GetPinProtectedAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyAsync instead, left for migration purposes'

Check warning on line 263 in src/Core/Services/VaultTimeoutService.cs

View workflow job for this annotation

GitHub Actions / Android (qa) 

'IStateService.GetPinProtectedAsync(string)' is obsolete: 'Use GetPinKeyEncryptedUserKeyAsync instead, left for migration purposes'

if (hasUserKeyPin || hasOldUserKeyPin)
{
Expand Down
Loading