Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-12-02 13:53:23 +01:00
Code Issues Projects Releases Wiki Activity

updated logic in DeviceValidator; rename method in BaseRequestValidator

Browse Source
This commit is contained in:
Ike Kottlowski 2024-11-25 15:48:56 -07:00
parent b9e0114931
commit ab2e088ffc
No known key found for this signature in database
GPG Key ID: C86308E3DCA6D76F
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Identity/IdentityServer/RequestValidators/DeviceValidator.cs
View File

@ -123,16 +123,17 @@ public class DeviceValidator(
{ {
// verify the NewDeviceOtp // verify the NewDeviceOtp
var otpValid = await _userService.VerifyOTPAsync(user, newDeviceOtp); var otpValid = await _userService.VerifyOTPAsync(user, newDeviceOtp);
if(!otpValid) if(otpValid)
{ {
await _deviceService.SaveAsync(device); await _deviceService.SaveAsync(device);
return (true, null);
} }
return (false, "invalid otp"); return (false, "invalid otp");
} }
// if a user has no devices they are assumed to be newly registered user which does not require new device verification // if a user has no devices they are assumed to be newly registered user which does not require new device verification
var devices = await _deviceRepository.GetManyByUserIdAsync(user.Id); var devices = await _deviceRepository.GetManyByUserIdAsync(user.Id);
if (device == null) if (devices.Count == 0)
{ {
await _deviceService.SaveAsync(device); await _deviceService.SaveAsync(device);
return (true, null); return (true, null);

2
test/Identity.IntegrationTest/RequestValidation/ResourceOwnerPasswordValidatorTests.cs
View File

@ -226,7 +226,7 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
// Stub DeviceValidator // Stub DeviceValidator
factory.SubstituteService<IDeviceValidator>(sub => factory.SubstituteService<IDeviceValidator>(sub =>
{ {
sub.SaveDeviceAsync(Arg.Any<User>(), Arg.Any<ValidatedTokenRequest>()) sub.SaveRequestingDeviceAsync(Arg.Any<User>(), Arg.Any<ValidatedTokenRequest>())
.Returns(null as Device); .Returns(null as Device);
}); });