refactor(active-user-state-refactor): [PM-12040] Remove ActiveUserSta…

[Patrick-Pimentel-Bitwarden]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-12040

📔 Objective

Update the SSO Login Service to use SingleUserState instead of deprecated ActiveUserState.

Screenshots

Web TDE Flow

Screen.Recording.2025-02-02.at.10.11.01.PM.mov

Web Master Password Flow

Screen.Recording.2025-02-02.at.10.12.06.PM.mov

Desktop Master Password Flow

Screen.Recording.2025-02-03.at.11.02.40.AM.mov

Browser Master Password Flow

Screen.Recording.2025-02-03.at.11.15.05.AM.mov

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 43cdcda1-2981-46da-9728-b6e2f5ab2219

Fixed Issues (2)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CVE-2024-21538	Npm-cross-spawn-7.0.3
	CVE-2024-55565	Npm-nanoid-3.3.7

[codecov]

Codecov Report

Attention: Patch coverage is 58.33333% with 15 lines in your changes missing coverage. Please review.

Project coverage is 35.54%. Comparing base (ca53ecc) to head (6354f1b).
Report is 6 commits behind head on main.

Files with missing lines	Patch %	Lines
...ular/src/auth/components/set-password.component.ts	0.00%	7 Missing ⚠️
libs/auth/src/angular/sso/sso.component.ts	0.00%	2 Missing ⚠️
apps/browser/src/background/main.background.ts	0.00%	1 Missing ⚠️
...ents/base-login-decryption-options-v1.component.ts	0.00%	1 Missing ⚠️
libs/angular/src/auth/components/sso.component.ts	75.00%	0 Missing and 1 partial ⚠️
...nents/two-factor-auth/two-factor-auth.component.ts	75.00%	0 Missing and 1 partial ⚠️
...ngular/src/auth/components/two-factor.component.ts	66.66%	0 Missing and 1 partial ⚠️
...tion-options/login-decryption-options.component.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #13149      +/-   ##
==========================================
+ Coverage   35.48%   35.54%   +0.05%     
==========================================
  Files        3007     3008       +1     
  Lines       90899    90933      +34     
  Branches    16908    16917       +9     
==========================================
+ Hits        32260    32319      +59     
+ Misses      56137    56109      -28     
- Partials     2502     2505       +3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[JaredSnider-Bitwarden]

Nice work on this! Would you mind adding recordings of SSO login working still on each client on the PR? Just a few nits below:

[Patrick-Pimentel-Bitwarden]

Nice work on this! Would you mind adding recordings of SSO login working still on each client on the PR? Just a few nits below:

@JaredSnider-Bitwarden

I think some of the flows seem to concern TDE here and here. Am I understanding that correctly? In my own testing of these changes with SSO flows without TDE I didn't see these populate with values and moved on before chasing the end of the trail there. I'll give it another go.

[JaredSnider-Bitwarden]

Nice work on this! Would you mind adding recordings of SSO login working still on each client on the PR? Just a few nits below:

@JaredSnider-Bitwarden

I think some of the flows seem to concern TDE here and here. Am I understanding that correctly? In my own testing of these changes with SSO flows without TDE I didn't see these populate with values and moved on before chasing the end of the trail there. I'll give it another go.

Yes, sorry I missed that. Let me know if you need any help running through the SSO TDE flows.

[Patrick-Pimentel-Bitwarden]

@JaredSnider-Bitwarden I have uploaded videos of all the clients going through at least master password flows. Would you like me to verify TDE flows for all of them as well?

[JaredSnider-Bitwarden]

ing through at least master password flows. Would you like me to verify TDE flows for all of them as well?

No, the videos were sufficient! Thank you!

[JaredSnider-Bitwarden]

Nice work!