diff --git a/bitwarden_license/src/Sso/Controllers/AccountController.cs b/bitwarden_license/src/Sso/Controllers/AccountController.cs index 3ef99f0fa2..1f691a6017 100644 --- a/bitwarden_license/src/Sso/Controllers/AccountController.cs +++ b/bitwarden_license/src/Sso/Controllers/AccountController.cs @@ -459,11 +459,8 @@ namespace Bit.Sso.Controllers throw new Exception(_i18nService.T("UserAlreadyInvited", email, organization.Name)); } - // Delete existing SsoUser (if any) - avoids error if providerId has changed and the sso link is stale - await DeleteExistingSsoUserRecord(existingUser.Id, orgId, orgUser); - // Accepted or Confirmed - create SSO link and return; - await CreateSsoUserRecord(providerUserId, existingUser.Id, orgId); + await CreateSsoUserRecord(providerUserId, existingUser.Id, orgId, orgUser); return existingUser; } @@ -540,11 +537,8 @@ namespace Bit.Sso.Controllers await _organizationUserRepository.ReplaceAsync(orgUser); } - // Delete any stale user record to be safe - await DeleteExistingSsoUserRecord(user.Id, orgId, orgUser); - // Create sso user record - await CreateSsoUserRecord(providerUserId, user.Id, orgId); + await CreateSsoUserRecord(providerUserId, user.Id, orgId, orgUser); return user; } @@ -595,18 +589,21 @@ namespace Bit.Sso.Controllers return null; } - private async Task DeleteExistingSsoUserRecord(Guid userId, Guid orgId, OrganizationUser orgUser) + private async Task CreateSsoUserRecord(string providerUserId, Guid userId, Guid orgId, OrganizationUser orgUser) { + // Delete existing SsoUser (if any) - avoids error if providerId has changed and the sso link is stale var existingSsoUser = await _ssoUserRepository.GetByUserIdOrganizationIdAsync(orgId, userId); if (existingSsoUser != null) { await _ssoUserRepository.DeleteAsync(userId, orgId); await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_ResetSsoLink); } - } + else + { + // If no stale user, this is the user's first Sso login ever + await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_FirstSsoLogin); + } - private async Task CreateSsoUserRecord(string providerUserId, Guid userId, Guid orgId) - { var ssoUser = new SsoUser { ExternalId = providerUserId, diff --git a/src/Core/Context/CurrentContext.cs b/src/Core/Context/CurrentContext.cs index 7956726a83..b426de1130 100644 --- a/src/Core/Context/CurrentContext.cs +++ b/src/Core/Context/CurrentContext.cs @@ -392,13 +392,13 @@ namespace Bit.Core.Context public async Task ProviderIdForOrg(Guid orgId) { - if (Organizations.Any(org => org.Id == orgId)) + if (Organizations?.Any(org => org.Id == orgId) ?? false) { return null; } var po = (await GetProviderOrganizations()) - .FirstOrDefault(po => po.OrganizationId == orgId); + ?.FirstOrDefault(po => po.OrganizationId == orgId); return po?.ProviderId; } @@ -465,7 +465,7 @@ namespace Bit.Core.Context protected async Task> GetProviderOrganizations() { - if (_providerUserOrganizations == null) + if (_providerUserOrganizations == null && UserId.HasValue) { _providerUserOrganizations = await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(UserId.Value, ProviderUserStatusType.Confirmed); } diff --git a/src/Core/Enums/EventType.cs b/src/Core/Enums/EventType.cs index 54fbcf8d6a..3df151730f 100644 --- a/src/Core/Enums/EventType.cs +++ b/src/Core/Enums/EventType.cs @@ -50,6 +50,7 @@ OrganizationUser_ResetPassword_Withdraw = 1507, OrganizationUser_AdminResetPassword = 1508, OrganizationUser_ResetSsoLink = 1509, + OrganizationUser_FirstSsoLogin = 1510, Organization_Updated = 1600, Organization_PurgedVault = 1601,