From 45c2d3eeb8740e7014a340efe2c3d65b79458047 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Sun, 13 Aug 2017 00:33:37 -0400
Subject: [PATCH] do not accept bank tokens for premium

---
 src/Core/Services/Implementations/UserService.cs | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs
index 5813f36af0..81bd0d0e8a 100644
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@@ -551,6 +551,11 @@ namespace Bit.Core.Services
             }
             else if(!string.IsNullOrWhiteSpace(paymentToken))
             {
+                if(paymentToken.StartsWith("btok_"))
+                {
+                    throw new BadRequestException("Invalid token.");
+                }
+
                 if(paymentToken.StartsWith("tok_"))
                 {
                     paymentService = new StripePaymentService();
@@ -612,6 +617,11 @@ namespace Bit.Core.Services
 
         public async Task ReplacePaymentMethodAsync(User user, string paymentToken)
         {
+            if(paymentToken.StartsWith("btok_"))
+            {
+                throw new BadRequestException("Invalid token.");
+            }
+
             IPaymentService paymentService = null;
             if(paymentToken.StartsWith("tok_"))
             {