Auth/PM-32102 - (1) Create ConvertUserToKeyConnectorCommand (2) Remove salt on key connector conversion#7692
Draft
JaredSnider-Bitwarden wants to merge 4 commits into
Conversation
Introduces an opinionated in-memory mutation that nulls MasterPassword and MasterPasswordSalt together, preserving the credential/salt invariant. Updates RevisionDate and AccountRevisionDate; intentionally leaves LastPasswordChangeDate untouched since this is credential removal rather than a password change.
Extracts the Key Connector conversion logic into a dedicated command in the Key Management domain, mirroring the SetKeyConnectorKeyCommand pattern. The command composes IMasterPasswordService.PrepareClearMasterPassword to clear the credential — including the salt — before flipping UsesKeyConnector, optionally writing the wrapped user key, persisting, and emitting the migration event.
…nnectorCommand Injects IConvertUserToKeyConnectorCommand and switches both PostConvertToKeyConnectorAsync and PostEnrollToKeyConnectorAsync to use it instead of IUserService.ConvertToKeyConnectorAsync. Unit tests are retargeted to the new dependency. The integration tests now assert MasterPasswordSalt is nulled alongside MasterPassword, which is the behavior change the ticket exists to enforce.
The method's only production callers were the two endpoints on AccountsKeyManagementController, which now depend on IConvertUserToKeyConnectorCommand directly. Deleting it continues the ongoing decomposition of UserService. CheckCanUseKeyConnector stays in place — it is still called by the legacy SetKeyConnectorKeyAsync, which is scheduled for removal in PM-27328.
JaredSnider-Bitwarden
changed the title
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #7692 +/- ##
==========================================
- Coverage 64.86% 60.45% -4.41%
==========================================
Files 2140 2141 +1
Lines 94629 94666 +37
Branches 8445 8448 +3
==========================================
- Hits 61377 57233 -4144
- Misses 31156 35428 +4272
+ Partials 2096 2005 -91 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-32102
📔 Objective
📸 Screenshots