PM-5263 - TokenService needs to actually use secure storage (#8356)

bitwarden · Mar 15, 2024 · ca86288 · ca86288
1 parent 4fabc94
commit ca86288
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 7 deletions.
diff --git a/apps/desktop/src/main.ts b/apps/desktop/src/main.ts
@@ -42,6 +42,7 @@ import { ELECTRON_SUPPORTS_SECURE_STORAGE } from "./platform/services/electron-p
 import { ElectronStateService } from "./platform/services/electron-state.service";
 import { ElectronStorageService } from "./platform/services/electron-storage.service";
 import { I18nMainService } from "./platform/services/i18n.main.service";
+import { IllegalSecureStorageService } from "./platform/services/illegal-secure-storage-service";
 import { ElectronMainMessagingService } from "./services/electron-main-messaging.service";
 
 export class Main {
@@ -147,11 +148,14 @@ export class Main {
 
     this.environmentService = new EnvironmentService(stateProvider, accountService);
 
+    // Note: secure storage service is not available and should not be called in the main background process.
+    const illegalSecureStorageService = new IllegalSecureStorageService();
+
     this.tokenService = new TokenService(
       singleUserStateProvider,
       globalStateProvider,
       ELECTRON_SUPPORTS_SECURE_STORAGE,
-      this.storageService,
+      illegalSecureStorageService,
     );
 
     this.migrationRunner = new MigrationRunner(

diff --git a/apps/desktop/src/platform/services/illegal-secure-storage-service.ts b/apps/desktop/src/platform/services/illegal-secure-storage-service.ts
@@ -0,0 +1,28 @@
+import { AbstractStorageService } from "@bitwarden/common/platform/abstractions/storage.service";
+import { StorageOptions } from "@bitwarden/common/platform/models/domain/storage-options";
+
+export class IllegalSecureStorageService implements AbstractStorageService {
+  constructor() {}
+
+  get valuesRequireDeserialization(): boolean {
+    throw new Error("Method not implemented.");
+  }
+  has(key: string, options?: StorageOptions): Promise<boolean> {
+    throw new Error("Method not implemented.");
+  }
+  save<T>(key: string, obj: T, options?: StorageOptions): Promise<void> {
+    throw new Error("Method not implemented.");
+  }
+  async get<T>(key: string): Promise<T> {
+    throw new Error("Method not implemented.");
+  }
+  async set<T>(key: string, obj: T): Promise<void> {
+    throw new Error("Method not implemented.");
+  }
+  async remove(key: string): Promise<void> {
+    throw new Error("Method not implemented.");
+  }
+  async clear(): Promise<void> {
+    throw new Error("Method not implemented.");
+  }
+}
diff --git a/libs/angular/src/services/jslib-services.module.ts b/libs/angular/src/services/jslib-services.module.ts
@@ -485,12 +485,7 @@ const typesafeProviders: Array<SafeProvider> = [
   safeProvider({
     provide: TokenServiceAbstraction,
     useClass: TokenService,
-    deps: [
-      SingleUserStateProvider,
-      GlobalStateProvider,
-      SUPPORTS_SECURE_STORAGE,
-      AbstractStorageService,
-    ],
+    deps: [SingleUserStateProvider, GlobalStateProvider, SUPPORTS_SECURE_STORAGE, SECURE_STORAGE],
   }),
   safeProvider({
     provide: KeyGenerationServiceAbstraction,