bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-06-01 01:55:55 -05:00
Code Issues Packages Projects Releases 211 Wiki Activity
Files
ci/github-code-coverage-upload
server/test/Identity.Test/Wrappers/BaseRequestValidatorTestWrapper.cs
Rui Tomé a56946fd13 [PM-37486] Remove IPolicyService and associated dead code (#7672) 
* Refactor InitPendingOrganizationValidator to remove IPolicyService dependency and replace with IPolicyRequirementQuery for policy checks. Update related tests to reflect changes in policy validation logic.

* Refactor AccountsController and related validators to replace IPolicyService with IPolicyRequirementQuery for policy checks. Update tests accordingly to reflect changes in policy validation logic.

* Remove IPolicyService and related implementations from the codebase, updating PolicyServiceCollectionExtensions and deleting associated tests. This change streamlines policy management by relying on IPolicyRequirementQuery for policy checks.

* Refactor OrganizationUserRepository to remove GetByUserIdWithPolicyDetailsAsync method and associated tests.

* Remove unused stored procedures: OrganizationUser_ReadByUserIdWithPolicyDetails and PolicyDetails_ReadByUserId, as they are no longer called in the codebase.

* Remove OrganizationUserPolicyDetails class and associated test fixtures, as they are no longer needed in the codebase.

* Refactor BaseRequestValidatorTests to replace IPolicyService with IPolicyRequirementQuery for SSO validation checks. Update related test logic to ensure accurate policy validation outcomes. Clean up unused test fixtures in PolicyFixtures.cs to streamline the codebase.

* Refactor BaseRequestValidator and SsoRequestValidator to improve readability by storing policy requirement results in local variables before returning values. This change enhances code clarity while maintaining existing functionality.

* Refactor AccountsController to improve clarity by storing the result of the policy requirement query in a local variable before returning the enforced options. This change enhances code readability while preserving existing functionality.

* Revert "Remove unused stored procedures: OrganizationUser_ReadByUserIdWithPolicyDetails and PolicyDetails_ReadByUserId, as they are no longer called in the codebase."

This reverts commit 0f4fdca6e7.
2026-05-25 14:27:47 +01:00

149 lines
5.1 KiB
C#
Raw Permalink Blame History

using System.Security.Claims;
using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
using Bit.Core.Auth.Repositories;
using Bit.Core.Auth.UserFeatures.Devices.Interfaces;
using Bit.Core.Context;
using Bit.Core.Entities;
using Bit.Core.KeyManagement.Queries.Interfaces;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Identity.IdentityServer;
using Bit.Identity.IdentityServer.RequestValidators;
using Duende.IdentityServer.Models;
using Duende.IdentityServer.Validation;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Logging;
namespace Bit.Identity.Test.Wrappers;
public class BaseRequestValidationContextFake
{
public ValidatedTokenRequest ValidatedTokenRequest;
public CustomValidatorRequestContext CustomValidatorRequestContext;
public GrantValidationResult GrantResult;
public BaseRequestValidationContextFake(
ValidatedTokenRequest tokenRequest,
CustomValidatorRequestContext customValidatorRequestContext,
GrantValidationResult grantResult)
{
ValidatedTokenRequest = tokenRequest;
CustomValidatorRequestContext = customValidatorRequestContext;
GrantResult = grantResult;
}
}
interface IBaseRequestValidatorTestWrapper
{
Task ValidateAsync(BaseRequestValidationContextFake context);
}
public class BaseRequestValidatorTestWrapper : BaseRequestValidator<BaseRequestValidationContextFake>,
IBaseRequestValidatorTestWrapper
{
/*
* Some of the logic trees call `ValidateContextAsync`. Since this is a test wrapper, we set the return value
* of ValidateContextAsync() to whatever we need for the specific test case.
*/
public bool isValid { get; set; }
public BaseRequestValidatorTestWrapper(
UserManager<User> userManager,
IUserService userService,
IEventService eventService,
IDeviceValidator deviceValidator,
ITwoFactorAuthenticationValidator twoFactorAuthenticationValidator,
ISsoRequestValidator ssoRequestValidator,
IOrganizationUserRepository organizationUserRepository,
ILogger logger,
ICurrentContext currentContext,
GlobalSettings globalSettings,
IUserRepository userRepository,
IFeatureService featureService,
ISsoConfigRepository ssoConfigRepository,
IUserDecryptionOptionsBuilder userDecryptionOptionsBuilder,
IPolicyRequirementQuery policyRequirementQuery,
IAuthRequestRepository authRequestRepository,
IMailService mailService,
IUserAccountKeysQuery userAccountKeysQuery,
IClientVersionValidator clientVersionValidator,
IUpdateDeviceLastActivityCommand updateDeviceLastActivityCommand) :
base(
userManager,
userService,
eventService,
deviceValidator,
twoFactorAuthenticationValidator,
ssoRequestValidator,
organizationUserRepository,
logger,
currentContext,
globalSettings,
userRepository,
featureService,
ssoConfigRepository,
userDecryptionOptionsBuilder,
policyRequirementQuery,
authRequestRepository,
mailService,
userAccountKeysQuery,
clientVersionValidator,
updateDeviceLastActivityCommand)
{
}
public async Task ValidateAsync(
BaseRequestValidationContextFake context)
{
await ValidateAsync(context, context.ValidatedTokenRequest, context.CustomValidatorRequestContext);
}
protected override ClaimsPrincipal GetSubject(
BaseRequestValidationContextFake context)
{
return context.ValidatedTokenRequest.Subject ?? new ClaimsPrincipal();
}
[Obsolete]
protected override void SetErrorResult(
BaseRequestValidationContextFake context,
Dictionary<string, object> customResponse)
{
context.GrantResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant, customResponse: customResponse);
}
protected override Task SetSuccessResult(
BaseRequestValidationContextFake context,
User user,
List<Claim> claims,
Dictionary<string, object> customResponse)
{
context.GrantResult = new GrantValidationResult(customResponse: customResponse);
return Task.CompletedTask;
}
[Obsolete]
protected override void SetTwoFactorResult(
BaseRequestValidationContextFake context,
Dictionary<string, object> customResponse)
{
context.GrantResult = new GrantValidationResult(
TokenRequestErrors.InvalidGrant, "Two-factor authentication required.", customResponse);
}
protected override void SetValidationErrorResult(
BaseRequestValidationContextFake context,
CustomValidatorRequestContext requestContext)
{
context.GrantResult.IsError = true;
}
protected override Task<bool> ValidateContextAsync(
BaseRequestValidationContextFake context,
CustomValidatorRequestContext validatorContext)
{
return Task.FromResult(isValid);
}
}
Reference in New Issue View Git Blame Copy Permalink