fix(auth-validator): [PM-22975] Client Version Validator - Minor touchups.

2025-12-10 00:42:07 -06:00 · 2025-12-08 13:38:16 -05:00 · 2025-12-08 13:38:16 -05:00 · fb83df353c
commit fb83df353c
parent 27c9e4d5da
1 changed files with 23 additions and 32 deletions
--- a/src/Identity/IdentityServer/RequestValidators/ClientVersionValidator.cs
+++ b/src/Identity/IdentityServer/RequestValidators/ClientVersionValidator.cs
@ -35,16 +35,7 @@ public class ClientVersionValidator(
        // the user not nullish checked. If they are null then the validator should fail.
        if (user == null)
        {
-            requestContext.ValidationErrorResult = new ValidationResult
-            {
-                Error = "no_user",
-                ErrorDescription = _noUserMessage,
-                IsError = true
-            };
-            requestContext.CustomResponse = new Dictionary<string, object>
-            {
-                { "ErrorModel", new ErrorResponseModel(_noUserMessage) }
-            };
+            FillContextWithErrorData(requestContext, "no_user", _noUserMessage);
            return false;
        }

@ -55,20 +46,12 @@ public class ClientVersionValidator(
        Version? minVersion = user.HasV2Encryption() ? Constants.MinimumClientVersionForV2Encryption : null;

        // Deny access if the client version headers are missing.
-        // We want to establish a contract with clients that if they omit this heading that they
-        // will be susceptible to encryption failures.
+        // We want to establish a strict contract with clients that if they omit this header,
+        // then the server cannot guarantee that a client won't do harm to a user's data
+        // with stale encryption architecture.
        if (clientVersion == null)
        {
-            requestContext.ValidationErrorResult = new ValidationResult
-            {
-                Error = "version_header_missing",
-                ErrorDescription = _versionHeaderMissing,
-                IsError = true
-            };
-            requestContext.CustomResponse = new Dictionary<string, object>
-            {
-                { "ErrorModel", new ErrorResponseModel(_versionHeaderMissing) }
-            };
+            FillContextWithErrorData(requestContext, "version_header_missing", _versionHeaderMissing);
            return false;
        }

@ -81,21 +64,29 @@ public class ClientVersionValidator(

        if (clientVersion < minVersion)
        {
-            requestContext.ValidationErrorResult = new ValidationResult
-            {
-                Error = "invalid_client_version",
-                ErrorDescription = _upgradeMessage,
-                IsError = true
-            };
-            requestContext.CustomResponse = new Dictionary<string, object>
-            {
-                { "ErrorModel", new ErrorResponseModel(_upgradeMessage) }
-            };
+            FillContextWithErrorData(requestContext, "invalid_client_version", _upgradeMessage);
            return false;
        }

        return true;
    }
+
+    private void FillContextWithErrorData(
+        CustomValidatorRequestContext requestContext,
+        string errorId,
+        string errorMessage)
+    {
+        requestContext.ValidationErrorResult = new ValidationResult
+        {
+            Error = errorId,
+            ErrorDescription = errorMessage,
+            IsError = true
+        };
+        requestContext.CustomResponse = new Dictionary<string, object>
+        {
+            { "ErrorModel", new ErrorResponseModel(errorMessage) }
+        };
+    }
 }