Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-01-10 20:07:56 +01:00
Code Issues Projects Releases Wiki Activity

Handle null user in captch tokenable (#1897)

Browse Source 
* Handle null user in captch tokenable

* Update test/Core.Test/Models/Business/Tokenables/HCaptchaTokenableTests.cs

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
This commit is contained in:
Matt Gibson 2022-03-08 09:21:54 -05:00 committed by GitHub
parent 4deb138fd9
commit a725802476
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 39 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Core/Models/Business/Tokenables/HCaptchaTokenable.cs
View File

@ -24,12 +24,17 @@ namespace Bit.Core.Models.Business.Tokenables
public HCaptchaTokenable(User user) : this() public HCaptchaTokenable(User user) : this()
{ {
Id = user.Id; Id = user?.Id ?? default;
Email = user.Email; Email = user?.Email;
} }
public bool TokenIsValid(User user) public bool TokenIsValid(User user)
{ {
if (Id == default || Email == default || user == null)
{
return false;
}
return Id == user.Id && return Id == user.Id &&
Email.Equals(user.Email, StringComparison.InvariantCultureIgnoreCase); Email.Equals(user.Email, StringComparison.InvariantCultureIgnoreCase);
} }

32
test/Core.Test/Models/Business/Tokenables/HCaptchaTokenableTests.cs
View File

@ -3,12 +3,44 @@ using AutoFixture.Xunit2;
using Bit.Core.Entities; using Bit.Core.Entities;
using Bit.Core.Models.Business.Tokenables; using Bit.Core.Models.Business.Tokenables;
using Bit.Core.Tokens; using Bit.Core.Tokens;
using Bit.Test.Common.AutoFixture.Attributes;
using Xunit; using Xunit;
namespace Bit.Core.Test.Models.Business.Tokenables namespace Bit.Core.Test.Models.Business.Tokenables
{ {
public class HCaptchaTokenableTests public class HCaptchaTokenableTests
{ {
[Fact]
public void CanHandleNullUser()
{
var token = new HCaptchaTokenable(null);
Assert.Equal(default, token.Id);
Assert.Equal(default, token.Email);
}
[Fact]
public void TokenWithNullUserIsInvalid()
{
var token = new HCaptchaTokenable(null)
{
ExpirationDate = DateTime.UtcNow + TimeSpan.FromDays(1)
};
Assert.False(token.Valid);
}
[Theory, BitAutoData]
public void TokenValidityCheckNullUserIdIsInvalid(User user)
{
var token = new HCaptchaTokenable(user)
{
ExpirationDate = DateTime.UtcNow + TimeSpan.FromDays(1)
};
Assert.False(token.TokenIsValid(null));
}
[Theory, AutoData] [Theory, AutoData]
public void CanUpdateExpirationToNonStandard(User user) public void CanUpdateExpirationToNonStandard(User user)
{ {