[PM-27289] Remove password unlock method

[andrebispo5]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-27289

📔 Objective

This pull request refactors the vault unlock logic to fully transition away from the legacy password-based unlock method, ensuring that vault unlocking now always uses the more secure master password unlock flow. The changes update both implementation and tests.

Authentication Logic Refactor

• The unlockVaultWithPassword(password:) method now exclusively uses the .masterPasswordUnlock method, removing support for the legacy .password unlock flow. If masterPasswordUnlock data is missing, an explicit error is thrown.

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[claude]

Claude Code is working…

I'll analyze this and get back to you.

View job run

[claude]

💭 Consider a more specific error type

While AuthError.missingUserDecryptionOptions is functionally correct, it's also used in other unlock scenarios (device key, etc.). For better error diagnostics and user messaging, consider adding a more specific error case:

Suggested change

	throw AuthError.missingUserDecryptionOptions
	guard let masterPasswordUnlock = account.profile.userDecryptionOptions?.masterPasswordUnlock else {
	throw AuthError.missingMasterPasswordUnlockData

This would make it easier to distinguish between different missing decryption option scenarios when debugging or logging.

[fedemkr]

@andrebispo5 I think I agree with Claude here where we could add more explicit errors. Perhaps just an associated property to the enum' value AuthError.missingUserDecryptionOptions that explains which thing is missing. As in this case it could be that account.profile.userDecryptionOptions is nil or it could be that account.profile.userDecryptionOptions.masterPasswordUnlock is nil.
Also we'd need to update the docs on AuthError.missingUserDecryptionOptions as right now it says:

/// The device key from trusting the device is missing.
case missingUserDecryptionOptions

which doesn't align with this scenario.

[matt-livefront]

Are there any concerns that there could still be users that don't have masterPasswordUnlock data? Either self-hosted users or users which haven't synced in a while? In this case the user is essentially locked out after the password unlock option is removed, right? They'd have to log out and log back in to recover? Maybe a product question, but I wonder if we'd want a specific alert to let the user know that they need to logout and log back in?

[claude]

💭 Deprecation strategy

Good to mark this as "Legacy - Deprecated". Since this PR removes .password usage from the vault unlock flow but the enum case remains in the SDK, consider:

1. Adding a code comment documenting when/if this case can be fully removed
2. If it must remain for SDK compatibility, document which scenarios still require it
3. If removal is planned, consider adding a @available deprecation attribute when Swift's SDK supports it

This helps future maintainers understand the deprecation timeline.

[github-actions]

Checkmarx One – Scan Summary & Details – d955dc05-3fad-423f-914c-b94a65e44638

Great job! No new security vulnerabilities introduced in this pull request

[codecov]

Codecov Report

❌ Patch coverage is 98.87006% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.40%. Comparing base (bdc2c53) to head (5bafad4).
⚠️ Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
...hared/Core/Auth/Extensions/BitwardenSdk+Auth.swift	0.00%	1 Missing ⚠️
...Shared/Core/Auth/Repositories/AuthRepository.swift	90.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2155      +/-   ##
==========================================
+ Coverage   85.38%   85.40%   +0.01%     
==========================================
  Files        1726     1727       +1     
  Lines      145621   145770     +149     
==========================================
+ Hits       124343   124493     +150     
+ Misses      21278    21277       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.