Only allow setting userID once

MGibson1 · MGibson1 · commit 3413a5690fe0 · 2025-05-21T08:29:59.000-07:00
diff --git a/crates/bitwarden-core/src/client/internal.rs b/crates/bitwarden-core/src/client/internal.rs
@@ -1,4 +1,4 @@
-use std::sync::{Arc, RwLock};
+use std::sync::{Arc, OnceLock, RwLock};
 
 use bitwarden_crypto::KeyStore;
 #[cfg(any(feature = "internal", feature = "secrets"))]
@@ -11,10 +11,7 @@ use uuid::Uuid;
 #[cfg(feature = "secrets")]
 use super::login_method::ServiceAccountLoginMethod;
 use crate::{
-    auth::renew::renew_token,
-    client::{encryption_settings::EncryptionSettings, login_method::LoginMethod},
-    key_management::KeyIds,
-    DeviceType,
+    auth::renew::renew_token, client::{encryption_settings::EncryptionSettings, login_method::LoginMethod}, error::UserIdAlreadySetError, key_management::KeyIds, DeviceType
 };
 #[cfg(feature = "internal")]
 use crate::{
@@ -44,7 +41,7 @@ pub(crate) struct Tokens {
 
 #[derive(Debug)]
 pub struct InternalClient {
-    pub(crate) user_id: RwLock<Option<Uuid>>,
+    pub(crate) user_id: OnceLock<Uuid>,
     pub(crate) tokens: RwLock<Tokens>,
     pub(crate) login_method: RwLock<Option<Arc<LoginMethod>>>,
 
@@ -173,12 +170,12 @@ impl InternalClient {
         &self.key_store
     }
 
-    pub fn set_user_id(&self, user_id: Uuid) {
-        *self.user_id.write().expect("RwLock is not poisoned") = Some(user_id);
+    pub fn init_user_id(&self, user_id: Uuid) -> Result<(), UserIdAlreadySetError> {
+        self.user_id.set(user_id).map_err(|_| UserIdAlreadySetError)
     }
 
     pub fn get_user_id(&self) -> Option<Uuid> {
-        *self.user_id.read().expect("RwLock is not poisoned")
+        self.user_id.get().map(|id| *id)
     }
 
     #[cfg(feature = "internal")]
diff --git a/crates/bitwarden-core/src/error.rs b/crates/bitwarden-core/src/error.rs
@@ -48,6 +48,11 @@ impl_bitwarden_error!(IdentityError, ApiError);
 #[error("The client is not authenticated or the session has expired")]
 pub struct NotAuthenticatedError;
 
+/// Client's user ID is already set.
+#[derive(Debug, Error)]
+#[error("The client user ID is already set")]
+pub struct UserIdAlreadySetError;
+
 /// Missing required field.
 #[derive(Debug, Error)]
 #[error("The response received was missing a required field: {0}")]
diff --git a/crates/bitwarden-core/src/mobile/crypto.rs b/crates/bitwarden-core/src/mobile/crypto.rs
@@ -133,7 +133,7 @@ pub async fn initialize_user_crypto(
     let private_key: EncString = req.private_key.parse()?;
 
     if let Some(user_id) = req.user_id {
-        client.internal.set_user_id(user_id);
+        client.internal.init_user_id(user_id);
     }
 
     match req.method {

Original file line number	Diff line number	Diff line change
`@@ -133,7 +133,7 @@ pub async fn initialize_user_crypto(`
`133`	`133`	`let private_key: EncString = req.private_key.parse()?;`
`134`	`134`
`135`	`135`	`if let Some(user_id) = req.user_id {`
`136`		`- client.internal.set_user_id(user_id);`
	`136`	`+ client.internal.init_user_id(user_id);`
`137`	`137`	`}`
`138`	`138`
`139`	`139`	`match req.method {`