fix push device registration and unregistration

refactor code to use the same registration function and clean up the registration logic. also unregister device if there already is a push token saved. also the `unregister_push_device` used the wrong argument. C.f. https://github.com/bitwarden/server/blob/08d380900b540f8d1a734c7abccaf80e59a91ced/src/Core/Services/Implementations/RelayPushRegistrationService.cs#L43
dani-garcia · Jan 3, 2024 · 09fba4e · 09fba4e
1 parent 2f0cc26
commit 09fba4e
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 18 deletions.
diff --git a/src/api/admin.rs b/src/api/admin.rs
@@ -412,7 +412,7 @@ async fn deauth_user(uuid: &str, _token: AdminToken, mut conn: DbConn, nt: Notif
 
     if CONFIG.push_enabled() {
         for device in Device::find_push_devices_by_user(&user.uuid, &mut conn).await {
-            match unregister_push_device(device.uuid).await {
+            match unregister_push_device(device.push_uuid).await {
                 Ok(r) => r,
                 Err(e) => error!("Unable to unregister devices from Bitwarden server: {}", e),
             };

diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs
@@ -5,8 +5,8 @@ use serde_json::Value;
 
 use crate::{
     api::{
-        core::log_user_event, register_push_device, unregister_push_device, AnonymousNotify, EmptyResult, JsonResult,
-        JsonUpcase, Notify, NumberOrString, PasswordOrOtpData, UpdateType,
+        core::log_user_event, register_missing_push_device, unregister_push_device, AnonymousNotify, EmptyResult,
+        JsonResult, JsonUpcase, Notify, NumberOrString, PasswordOrOtpData, UpdateType,
     },
     auth::{decode_delete, decode_invite, decode_verify_email, ClientHeaders, Headers},
     crypto,
@@ -951,24 +951,23 @@ async fn post_device_token(uuid: &str, data: JsonUpcase<PushToken>, headers: Hea
 async fn put_device_token(uuid: &str, data: JsonUpcase<PushToken>, headers: Headers, mut conn: DbConn) -> EmptyResult {
     let data = data.into_inner().data;
     let token = data.PushToken;
+
     let mut device = match Device::find_by_uuid_and_user(&headers.device.uuid, &headers.user.uuid, &mut conn).await {
         Some(device) => device,
         None => err!(format!("Error: device {uuid} should be present before a token can be assigned")),
     };
-    device.push_token = Some(token);
-    /* only generate a new push_uuid if push is enabled, so we can call register_push_device later */
-    if device.push_uuid.is_none() && CONFIG.push_enabled() {
-        device.push_uuid = Some(uuid::Uuid::new_v4().to_string());
+
+    // Unregister old device
+    if device.push_uuid.is_some() {
+        unregister_push_device(device.push_uuid).await?;
+        device.push_uuid = None;
     }
+    device.push_token = Some(token);
     if let Err(e) = device.save(&mut conn).await {
         err!(format!("An error occurred while trying to save the device push token: {e}"));
     }
 
-    if CONFIG.push_enabled() {
-        if let Err(e) = register_push_device(&device).await {
-            err!(format!("An error occurred while proceeding registration of a device: {e}"));
-        }
-    }
+    register_missing_push_device(&mut device, &mut conn).await?;
 
     Ok(())
 }
@@ -985,7 +984,7 @@ async fn put_clear_device_token(uuid: &str, mut conn: DbConn) -> EmptyResult {
 
     if let Some(device) = Device::find_by_uuid(uuid, &mut conn).await {
         Device::clear_push_token_by_uuid(uuid, &mut conn).await?;
-        unregister_push_device(device.uuid).await?;
+        unregister_push_device(device.push_uuid).await?;
     }
 
     Ok(())

diff --git a/src/api/mod.rs b/src/api/mod.rs
@@ -25,8 +25,8 @@ pub use crate::api::{
     notifications::routes as notifications_routes,
     notifications::{start_notification_server, AnonymousNotify, Notify, UpdateType, WS_ANONYMOUS_SUBSCRIPTIONS},
     push::{
-        push_cipher_update, push_folder_update, push_logout, push_send_update, push_user_update, register_push_device,
-        unregister_push_device,
+        push_cipher_update, push_folder_update, push_logout, push_send_update, push_user_update,
+        register_missing_push_device, unregister_push_device,
     },
     web::catchers as web_catchers,
     web::routes as web_routes,

diff --git a/src/api/push.rs b/src/api/push.rs
@@ -131,16 +131,16 @@ pub async fn register_push_device(device: &Device) -> EmptyResult {
     Ok(())
 }
 
-pub async fn unregister_push_device(uuid: String) -> EmptyResult {
-    if !CONFIG.push_enabled() {
+pub async fn unregister_push_device(push_uuid: Option<String>) -> EmptyResult {
+    if !CONFIG.push_enabled() || push_uuid.is_none() {
         return Ok(());
     }
     let auth_push_token = get_auth_push_token().await?;
 
     let auth_header = format!("Bearer {}", &auth_push_token);
 
     match get_reqwest_client()
-        .delete(CONFIG.push_relay_uri() + "/push/" + &uuid)
+        .delete(CONFIG.push_relay_uri() + "/push/" + &push_uuid.unwrap())
         .header(AUTHORIZATION, auth_header)
         .send()
         .await