mirror of
https://github.com/bitwarden/server.git
synced 2026-04-12 11:43:51 -05:00
005c74456c
* Add new user key rotation endpoint with MP support * Increase test coverage * Add note on request model
163 lines
4.9 KiB
C#
163 lines
4.9 KiB
C#
using System.ComponentModel.DataAnnotations;
|
|
using Bit.Api.KeyManagement.Enums;
|
|
using Bit.Api.KeyManagement.Models.Requests;
|
|
using Bit.Core.Enums;
|
|
using Bit.Core.KeyManagement.Models.Api.Request;
|
|
using Xunit;
|
|
|
|
namespace Bit.Api.Test.KeyManagement.Models.Request;
|
|
|
|
public class UnlockMethodRequestModelTests
|
|
{
|
|
private const string _wrappedUserKey =
|
|
"2.AOs41Hd8OQiCPXjyJKCiDA==|O6OHgt2U2hJGBSNGnimJmg==|iD33s8B69C8JhYYhSa4V1tArjvLr8eEaGqOV7BRo5Jk=";
|
|
|
|
private const string _salt = "mockSalt";
|
|
|
|
[Fact]
|
|
public void Validate_MasterPassword_ValidData_PassesValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.MasterPassword,
|
|
MasterPasswordUnlockData = BuildMasterPasswordUnlockDataRequestModel(),
|
|
KeyConnectorKeyWrappedUserKey = null
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Empty(result);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_MasterPassword_MissingMasterPasswordUnlockData_FailsValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.MasterPassword,
|
|
MasterPasswordUnlockData = null,
|
|
KeyConnectorKeyWrappedUserKey = null
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Single(result);
|
|
Assert.NotNull(result.First().ErrorMessage);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_MasterPassword_KeyConnectorKeyPresent_FailsValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.MasterPassword,
|
|
MasterPasswordUnlockData = BuildMasterPasswordUnlockDataRequestModel(),
|
|
KeyConnectorKeyWrappedUserKey = _wrappedUserKey
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Single(result);
|
|
Assert.NotNull(result.First().ErrorMessage);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_Tde_NoExtraData_PassesValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.Tde,
|
|
MasterPasswordUnlockData = null,
|
|
KeyConnectorKeyWrappedUserKey = null
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Empty(result);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_Tde_MasterPasswordUnlockDataPresent_FailsValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.Tde,
|
|
MasterPasswordUnlockData = BuildMasterPasswordUnlockDataRequestModel(),
|
|
KeyConnectorKeyWrappedUserKey = null
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Single(result);
|
|
Assert.NotNull(result.First().ErrorMessage);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_Tde_KeyConnectorKeyPresent_FailsValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.Tde,
|
|
MasterPasswordUnlockData = null,
|
|
KeyConnectorKeyWrappedUserKey = _wrappedUserKey
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Single(result);
|
|
Assert.NotNull(result.First().ErrorMessage);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_KeyConnector_ValidData_PassesValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.KeyConnector,
|
|
MasterPasswordUnlockData = null,
|
|
KeyConnectorKeyWrappedUserKey = _wrappedUserKey
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Empty(result);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_KeyConnector_MissingKeyConnectorKey_FailsValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.KeyConnector,
|
|
MasterPasswordUnlockData = null,
|
|
KeyConnectorKeyWrappedUserKey = null
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Single(result);
|
|
Assert.NotNull(result.First().ErrorMessage);
|
|
}
|
|
|
|
[Fact]
|
|
public void Validate_KeyConnector_MasterPasswordUnlockDataPresent_FailsValidation()
|
|
{
|
|
var model = new UnlockMethodRequestModel
|
|
{
|
|
UnlockMethod = UnlockMethod.KeyConnector,
|
|
MasterPasswordUnlockData = BuildMasterPasswordUnlockDataRequestModel(),
|
|
KeyConnectorKeyWrappedUserKey = _wrappedUserKey
|
|
};
|
|
|
|
var result = Validate(model);
|
|
Assert.Single(result);
|
|
Assert.NotNull(result.First().ErrorMessage);
|
|
}
|
|
|
|
private static List<ValidationResult> Validate(UnlockMethodRequestModel model)
|
|
{
|
|
var results = new List<ValidationResult>();
|
|
Validator.TryValidateObject(model, new ValidationContext(model), results, true);
|
|
return results;
|
|
}
|
|
|
|
private static MasterPasswordUnlockDataRequestModel BuildMasterPasswordUnlockDataRequestModel() => new()
|
|
{
|
|
Kdf = new KdfRequestModel { KdfType = KdfType.PBKDF2_SHA256, Iterations = 600000 },
|
|
MasterKeyWrappedUserKey = _wrappedUserKey,
|
|
Salt = _salt
|
|
};
|
|
}
|