[PM-11764] Implement account switching and sdk initialization

[coroiu]

🎟️ Tracking

Depends on: bitwarden/sdk-sm#1116

📔 Objective

Adds a function to default SDK service which can be used to subscribe to a fully initialized.

Note: Keys seem to hang around in memory, most likely because of how garbage collection works. Explicit clean up will be implemented in a follow up PR PM-13260 Implement cleanup logic for SDK on account logout.

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – a2f4f8d6-1626-46be-97b0-bd2562b0e2f3

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 781	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 781	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 780	Attack Vector
	Use_of_Broken_or_Risky_Cryptographic_Algorithm	/libs/common/src/platform/services/sdk/default-sdk.service.ts: 155	Attack Vector
	Use_of_Broken_or_Risky_Cryptographic_Algorithm	/libs/common/src/platform/services/sdk/default-sdk.service.ts: 172	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 809
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 820
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 780

[coroiu]

Reverting to draft while I add some logic to clean up the cache

[coroiu]

thought: I'm not 100% happy with this, but I can't really see any better solutions short-of removing the cache all together or maybe writing some advanced separate utility for it. Caching is hard.

An alternative would be to remove this and let the cache grow (leak memory). I don't think it would ever be an issue since nobody logs in and out of so many accounts that it will actually become an issue, but @JaredSnider-Bitwarden challenged me on this approach and in the end I leaned towards not leaking.

[coroiu]

Builds breaking because the PR still depends on the old SDK version. We'll have to merge the SDK PR first

[JaredSnider-Bitwarden]

Auth changes LGTM! Thank you for the tweaks based on our discussion.

[codecov]

Codecov Report

Attention: Patch coverage is 77.77778% with 10 lines in your changes missing coverage. Please review.

Project coverage is 33.19%. Comparing base (36c965c) to head (85d4809).
Report is 74 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
...n/src/platform/services/sdk/default-sdk.service.ts	82.92%	4 Missing and 3 partials ⚠️
...ibs/common/src/platform/services/crypto.service.ts	0.00%	2 Missing ⚠️
...ibs/common/src/auth/services/kdf-config.service.ts	50.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #11472      +/-   ##
==========================================
- Coverage   33.19%   33.19%   -0.01%     
==========================================
  Files        2772     2779       +7     
  Lines       86137    86362     +225     
  Branches    16411    16452      +41     
==========================================
+ Hits        28594    28666      +72     
- Misses      55278    55419     +141     
- Partials     2265     2277      +12     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[justindbaur]

Looks really good, just a couple minor suggestions and comments.

You have a todo in here for figure out what happens on logout but I think you've already covered it. A null user key should be saved for the user and any cached sdk clients should be freed.

[justindbaur]

Looks great!