From 8b1a6b4ad3ed8b045702d96ecc7eaad3ead3d9bb Mon Sep 17 00:00:00 2001 From: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Date: Thu, 28 Apr 2022 16:42:47 -0500 Subject: [PATCH] [Bug] Skip WebAuthn 2fa event logs during login flow (#1978) * [Bug] Supress WebAuthn 2fa event logs during login process * Formatting * Simplified method call with new paramter input --- src/Core/Identity/WebAuthnTokenProvider.cs | 4 ++-- src/Core/Services/IUserService.cs | 2 +- src/Core/Services/Implementations/UserService.cs | 7 +++++-- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/Core/Identity/WebAuthnTokenProvider.cs b/src/Core/Identity/WebAuthnTokenProvider.cs index b3f72010a..40466f541 100644 --- a/src/Core/Identity/WebAuthnTokenProvider.cs +++ b/src/Core/Identity/WebAuthnTokenProvider.cs @@ -77,7 +77,7 @@ namespace Bit.Core.Identity var providers = user.GetTwoFactorProviders(); providers[TwoFactorProviderType.WebAuthn] = provider; user.SetTwoFactorProviders(providers); - await userService.UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn); + await userService.UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn, logEvent: false); return options.ToJson(); } @@ -123,7 +123,7 @@ namespace Bit.Core.Identity var providers = user.GetTwoFactorProviders(); providers[TwoFactorProviderType.WebAuthn].MetaData[webAuthCred.Item1] = webAuthCred.Item2; user.SetTwoFactorProviders(providers); - await userService.UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn); + await userService.UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn, logEvent: false); return res.Status == "ok"; } diff --git a/src/Core/Services/IUserService.cs b/src/Core/Services/IUserService.cs index c1fce0965..9abc99bfc 100644 --- a/src/Core/Services/IUserService.cs +++ b/src/Core/Services/IUserService.cs @@ -43,7 +43,7 @@ namespace Bit.Core.Services Task UpdateKeyAsync(User user, string masterPassword, string key, string privateKey, IEnumerable ciphers, IEnumerable folders, IEnumerable sends); Task RefreshSecurityStampAsync(User user, string masterPasswordHash); - Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type, bool setEnabled = true); + Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type, bool setEnabled = true, bool logEvent = true); Task DisableTwoFactorProviderAsync(User user, TwoFactorProviderType type, IOrganizationService organizationService); Task RecoverTwoFactorAsync(string email, string masterPassword, string recoveryCode, diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs index e6ad3b562..35f778cb3 100644 --- a/src/Core/Services/Implementations/UserService.cs +++ b/src/Core/Services/Implementations/UserService.cs @@ -879,11 +879,14 @@ namespace Bit.Core.Services return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch()); } - public async Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type, bool setEnabled = true) + public async Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type, bool setEnabled = true, bool logEvent = true) { SetTwoFactorProvider(user, type, setEnabled); await SaveUserAsync(user); - await _eventService.LogUserEventAsync(user.Id, EventType.User_Updated2fa); + if (logEvent) + { + await _eventService.LogUserEventAsync(user.Id, EventType.User_Updated2fa); + } } public async Task DisableTwoFactorProviderAsync(User user, TwoFactorProviderType type,