V2 Upgrade Token

Author: mzieniukbw

crates/bitwarden-api-api/src/models/mod.rs

@@ -952,6 +952,10 @@ pub mod user_license;
 pub use self::user_license::UserLicense;
 pub mod user_verification_requirement;
 pub use self::user_verification_requirement::UserVerificationRequirement;
+pub mod v2_upgrade_token_request_model;
+pub use self::v2_upgrade_token_request_model::V2UpgradeTokenRequestModel;
+pub mod v2_upgrade_token_response_model;
+pub use self::v2_upgrade_token_response_model::V2UpgradeTokenResponseModel;
 pub mod verified_organization_domain_sso_detail_response_model;
 pub use self::verified_organization_domain_sso_detail_response_model::VerifiedOrganizationDomainSsoDetailResponseModel;
 pub mod verified_organization_domain_sso_details_response_model;

crates/bitwarden-api-api/src/models/unlock_data_request_model.rs

@@ -34,6 +34,12 @@ pub struct UnlockDataRequestModel {
     pub passkey_unlock_data: Option<Vec<models::WebAuthnLoginRotateKeyRequestModel>>,
     #[serde(rename = "deviceKeyUnlockData", alias = "DeviceKeyUnlockData")]
     pub device_key_unlock_data: Option<Vec<models::OtherDeviceKeysUpdateRequestModel>>,
+    #[serde(
+        rename = "v2UpgradeToken",
+        alias = "V2UpgradeToken",
+        skip_serializing_if = "Option::is_none"
+    )]
+    pub v2_upgrade_token: Option<Box<models::V2UpgradeTokenRequestModel>>,
 }
 
 impl UnlockDataRequestModel {
@@ -52,6 +58,7 @@ impl UnlockDataRequestModel {
             organization_account_recovery_unlock_data,
             passkey_unlock_data,
             device_key_unlock_data,
+            v2_upgrade_token: None,
         }
     }
 }

crates/bitwarden-api-api/src/models/user_decryption_response_model.rs

@@ -27,13 +27,20 @@ pub struct UserDecryptionResponseModel {
         skip_serializing_if = "Option::is_none"
     )]
     pub web_authn_prf_options: Option<Vec<models::WebAuthnPrfDecryptionOption>>,
+    #[serde(
+        rename = "v2UpgradeToken",
+        alias = "V2UpgradeToken",
+        skip_serializing_if = "Option::is_none"
+    )]
+    pub v2_upgrade_token: Option<Box<models::V2UpgradeTokenResponseModel>>,
 }
 
 impl UserDecryptionResponseModel {
     pub fn new() -> UserDecryptionResponseModel {
         UserDecryptionResponseModel {
             master_password_unlock: None,
             web_authn_prf_options: None,
+            v2_upgrade_token: None,
         }
     }
 }

crates/bitwarden-api-api/src/models/v2_upgrade_token_request_model.rs

@@ -0,0 +1,36 @@
+/*
+ * Bitwarden Internal API
+ *
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: latest
+ *
+ * Generated by: https://openapi-generator.tech
+ */
+
+use serde::{Deserialize, Serialize};
+
+use crate::models;
+
+/// V2UpgradeTokenRequestModel : Request model for V2 upgrade token submitted during key rotation.
+/// Contains wrapped user keys allowing clients to unlock after V1→V2 upgrade.
+#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
+pub struct V2UpgradeTokenRequestModel {
+    /// User Key V2 Wrapped User Key V1.
+    #[serde(rename = "wrappedUserKey1", alias = "WrappedUserKey1")]
+    pub wrapped_user_key1: String,
+    /// User Key V1 Wrapped User Key V2.
+    #[serde(rename = "wrappedUserKey2", alias = "WrappedUserKey2")]
+    pub wrapped_user_key2: String,
+}
+
+impl V2UpgradeTokenRequestModel {
+    /// Request model for V2 upgrade token submitted during key rotation. Contains wrapped user keys
+    /// allowing clients to unlock after V1→V2 upgrade.
+    pub fn new(wrapped_user_key1: String, wrapped_user_key2: String) -> V2UpgradeTokenRequestModel {
+        V2UpgradeTokenRequestModel {
+            wrapped_user_key1,
+            wrapped_user_key2,
+        }
+    }
+}

crates/bitwarden-api-api/src/models/v2_upgrade_token_response_model.rs

@@ -0,0 +1,33 @@
+/*
+ * Bitwarden Internal API
+ *
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: latest
+ *
+ * Generated by: https://openapi-generator.tech
+ */
+
+use serde::{Deserialize, Serialize};
+
+use crate::models;
+
+#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
+pub struct V2UpgradeTokenResponseModel {
+    #[serde(rename = "wrappedUserKey1", alias = "WrappedUserKey1")]
+    pub wrapped_user_key1: Option<String>,
+    #[serde(rename = "wrappedUserKey2", alias = "WrappedUserKey2")]
+    pub wrapped_user_key2: Option<String>,
+}
+
+impl V2UpgradeTokenResponseModel {
+    pub fn new(
+        wrapped_user_key1: Option<String>,
+        wrapped_user_key2: Option<String>,
+    ) -> V2UpgradeTokenResponseModel {
+        V2UpgradeTokenResponseModel {
+            wrapped_user_key1,
+            wrapped_user_key2,
+        }
+    }
+}

crates/bitwarden-core/src/auth/auth_request.rs

@@ -166,6 +166,7 @@ mod tests {
                     salt: "test@bitwarden.com".to_string(),
                 },
                 WrappedAccountCryptographicState::V1 { private_key },
+                None,
             )
             .unwrap();
 
@@ -240,6 +241,7 @@ mod tests {
                 WrappedAccountCryptographicState::V1 {
                     private_key: private_key.clone(),
                 },
+                None,
             )
             .unwrap();
 
@@ -264,6 +266,7 @@ mod tests {
                         protected_user_key: approved_req,
                     },
                 },
+                upgrade_token: None,
             })
             .await
             .unwrap();

crates/bitwarden-core/src/auth/login/api_key.rs

@@ -48,6 +48,7 @@ pub(crate) async fn login_api_key(
                     input.password.clone(),
                     master_password_unlock.clone(),
                     user_key_state,
+                    None,
                 )?;
 
             client

crates/bitwarden-core/src/auth/login/auth_request.rs

@@ -135,6 +135,7 @@ pub(crate) async fn complete_auth_request(
                     request_private_key: auth_req.private_key,
                     method,
                 },
+                upgrade_token: None,
             })
             .await?;
 

crates/bitwarden-core/src/auth/login/password.rs

@@ -62,6 +62,7 @@ pub(crate) async fn login_password(
                     input.password.clone(),
                     master_password_unlock.clone(),
                     user_key_state,
+                    None,
                 )?;
 
             client

crates/bitwarden-core/src/auth/password/validate.rs

@@ -154,6 +154,7 @@ mod tests {
                     salt: email.to_string(),
                 },
                 WrappedAccountCryptographicState::V1 { private_key },
+                None,
             )
             .unwrap();
 
@@ -206,6 +207,7 @@ mod tests {
                     salt: email.to_string(),
                 },
                 WrappedAccountCryptographicState::V1 { private_key },
+                None,
             )
             .unwrap();