Prepare for the login server's TinyBox upgrade

When we send a `syncToken`, the login server knows we have this logic in place, and can send us a lightweight login reply that may not include the more sensitive fields.

src/core/login/login.ts

@@ -109,14 +109,14 @@ function applyLoginPayloadInner(
     loginId,
     loginAuthBox,
     userId,
-    otpKey,
+    otpKey: otpKey === true ? stash.otpKey : otpKey,
     otpResetDate,
     otpTimeout,
     pendingVouchers,
     parentBox,
     passwordAuthBox,
     passwordAuthSnrp,
-    passwordBox,
+    passwordBox: passwordBox === true ? stash.passwordBox : passwordBox,
     passwordKeySnrp,
     pin2TextBox,
     keyBoxes, // We should be more picky about these

src/core/login/password.ts

@@ -74,7 +74,11 @@ async function loginPasswordOnline(
     request,
     async reply => {
       const { passwordBox, passwordKeySnrp } = reply
-      if (passwordBox == null || passwordKeySnrp == null) {
+      if (
+        passwordBox == null ||
+        passwordBox === true ||
+        passwordKeySnrp == null
+      ) {
         throw new Error('Missing data for online password login')
       }
       const passwordKey = await scrypt(ai, up, passwordKeySnrp)

src/core/login/pin2.ts

@@ -62,7 +62,7 @@ export async function loginPin2(
     pin2Auth: makePin2Auth(pin2Key, pin)
   }
   return await serverLogin(ai, stashTree, stash, opts, request, async reply => {
-    if (reply.pin2Box == null) {
+    if (reply.pin2Box == null || reply.pin2Box === true) {
       throw new Error('Missing data for PIN v2 login')
     }
     return decrypt(reply.pin2Box, pin2Key)

src/core/login/recovery2.ts

@@ -61,7 +61,7 @@ export async function loginRecovery2(
     opts,
     request,
     async reply => {
-      if (reply.recovery2Box == null) {
+      if (reply.recovery2Box == null || reply.recovery2Box === true) {
         throw new Error('Missing data for recovery v2 login')
       }
       return decrypt(reply.recovery2Box, recovery2Key)

src/types/server-cleaners.ts

@@ -4,6 +4,7 @@ import {
   asBoolean,
   asCodec,
   asDate,
+  asEither,
   asNumber,
   asObject,
   asOptional,
@@ -270,6 +271,8 @@ export const asLobbyPayload: Cleaner<LobbyPayload> = asObject({
   replies: asArray(asEdgeLobbyReply)
 })
 
+const asTrue = asValue(true)
+
 export const asLoginPayload: Cleaner<LoginPayload> = asObject({
   // Identity:
   appId: asString,
@@ -282,24 +285,24 @@ export const asLoginPayload: Cleaner<LoginPayload> = asObject({
   parentBox: asOptional(asEdgeBox),
 
   // 2-factor login:
-  otpKey: asOptional(asBase32),
+  otpKey: asOptional(asEither(asTrue, asBase32)),
   otpResetDate: asOptional(asDate),
   otpTimeout: asOptional(asNumber),
 
   // Password login:
   passwordAuthBox: asOptional(asEdgeBox),
   passwordAuthSnrp: asOptional(asEdgeSnrp),
-  passwordBox: asOptional(asEdgeBox),
+  passwordBox: asOptional(asEither(asTrue, asEdgeBox)),
   passwordKeySnrp: asOptional(asEdgeSnrp),
 
   // PIN v2 login:
-  pin2Box: asOptional(asEdgeBox),
+  pin2Box: asOptional(asEither(asTrue, asEdgeBox)),
   pin2KeyBox: asOptional(asEdgeBox),
   pin2TextBox: asOptional(asEdgeBox),
 
   // Recovery v2 login:
   question2Box: asOptional(asEdgeBox),
-  recovery2Box: asOptional(asEdgeBox),
+  recovery2Box: asOptional(asEither(asTrue, asEdgeBox)),
   recovery2KeyBox: asOptional(asEdgeBox),
 
   // Secret-key login:

src/types/server-types.ts

@@ -217,24 +217,24 @@ export interface LoginPayload {
   parentBox?: EdgeBox
 
   // 2-factor login:
-  otpKey?: Uint8Array
+  otpKey?: Uint8Array | true
   otpResetDate?: Date
   otpTimeout?: number
 
   // Password login:
   passwordAuthBox?: EdgeBox
   passwordAuthSnrp?: EdgeSnrp
-  passwordBox?: EdgeBox
+  passwordBox?: EdgeBox | true
   passwordKeySnrp?: EdgeSnrp
 
   // PIN v2 login:
-  pin2Box?: EdgeBox
+  pin2Box?: EdgeBox | true
   pin2KeyBox?: EdgeBox
   pin2TextBox?: EdgeBox
 
   // Recovery v2 login:
   question2Box?: EdgeBox
-  recovery2Box?: EdgeBox
+  recovery2Box?: EdgeBox | true
   recovery2KeyBox?: EdgeBox
 
   // Secret-key login: