[Core] [Security] Refactor Session

Author: OffRange

core/security/src/main/kotlin/de/davis/keygo/core/security/data/SessionImpl.kt

@@ -3,18 +3,27 @@ package de.davis.keygo.core.security.data
 import de.davis.keygo.core.security.domain.Session
 import de.davis.keygo.core.security.domain.crypto.model.AesKey
 import org.koin.core.annotation.Single
+import javax.security.auth.DestroyFailedException
 
 @Single
 internal class SessionImpl : Session {
 
+    private var _dek: AesKey? = null
+
+    override val dek: AesKey
+        get() = _dek ?: throw IllegalStateException("No active session")
+
     override fun startSession(dek: AesKey) {
         endSession()
-        scope.declare(dek)
+        _dek = dek
     }
 
     override fun endSession() {
-        if (scope.isNotClosed()) {
-            scope.close()
+        try {
+            _dek?.key?.destroy()
+        } catch (_: DestroyFailedException) {
+            // Not all SecretKey implementations support destroy
         }
+        _dek = null
     }
 }

core/security/src/main/kotlin/de/davis/keygo/core/security/domain/Session.kt

@@ -1,22 +1,11 @@
 package de.davis.keygo.core.security.domain
 
 import de.davis.keygo.core.security.domain.crypto.model.AesKey
-import org.koin.core.component.KoinScopeComponent
-import org.koin.core.qualifier.named
-import org.koin.core.scope.Scope
 
-interface Session : KoinScopeComponent {
+interface Session {
 
-    override val scope: Scope
-        get() = getKoin().getScopeOrNull(SCOPE_ID) ?: getKoin().createScope(
-            SCOPE_ID,
-            named<Session>()
-        )
+    val dek: AesKey
 
     fun startSession(dek: AesKey)
-    fun endSession() // TODO invoke on logout / app close
-
-    companion object {
-        const val SCOPE_ID = "session-scope"
-    }
+    fun endSession()
 }