[PM-37886] refactor: Pass keyConnectorKeyWrappedUserKey through LoginUnlockMethod instead of persisting in state

[matt-livefront]

🎟️ Tracking

PM-37886

📔 Objective

When a user logs in with key connector, their keyConnectorKeyWrappedUserKey is being persisted to the device as encryptedUserKey. For key connector, once the user is logged in and the vault is unlocked, this key is no longer used. As such, it doesn't need to be persisted.

Additional context: #2677 (comment)

This updates the key connector flows to pass the keyConnectorKeyWrappedUserKey from the login response through LoginUnlockMethod.keyConnector, which can then be used to unlock the vault in AuthRepository.unlockVaultWithKeyConnectorKey().

• LoginUnlockMethod.keyConnector now carries encryptedUserKey: String? populated from response.key in AuthService.unlockMethod(for:), eliminating the need to read it back from state during unlock.
• AuthRepository.unlockVaultWithKeyConnectorKey accepts a non-optional encryptedUserKey: String parameter directly, removing the redundant getAccountEncryptionKeys state read.
• KeyConnectorService.convertNewUserToKeyConnector no longer persists encryptedUserKey to state (both v1 and v2 paths); the cryptographicState (private key) is still persisted as required for future operations.
• SingleSignOnProcessor now uses an explicit guard let encryptedUserKey to trigger the key connector migration dialog for new users, replacing the implicit noAccountCryptographicState error path.

[github-actions]

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed this refactor that passes keyConnectorKeyWrappedUserKey through LoginUnlockMethod.keyConnector instead of persisting it to state as encryptedUserKey. Traced the new-user migration branching in SingleSignOnProcessor and TwoFactorAuthProcessor against the prior noAccountCryptographicState/noEncUserKey error paths and confirmed behavioral equivalence: a nil response.key corresponds to a new key connector user, and an existing migrated user always carries the wrapped key. Verified the convertNewUserToKeyConnector change still returns the key inline via KeyConnectorConversionResult (only stopping state persistence) and that the unrelated migrateUser master-password flow still reads its persisted encryptedUserKey unaffected. Test coverage is thorough and the migration from Task.sleep polling to waitForAsync is a solid improvement.

Code Review Details

No findings. The change is well-scoped, security-positive (reduces persistence of a sensitive wrapped key that is no longer needed after unlock), and comprehensively tested across all three unlock entry points.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.84%. Comparing base (0185de5) to head (f9ca3ee).
⚠️ Report is 4 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2764   +/-   ##
=======================================
  Coverage   80.83%   80.84%           
=======================================
  Files        1018     1018           
  Lines       64903    64902    -1     
=======================================
+ Hits        52463    52467    +4     
+ Misses      12440    12435    -5     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[fedemkr]

Looks good, just one small ⛏️