using Bit.Core.Auth.Entities; using Bit.Core.Auth.Models.Data; using Bit.Core.Auth.Repositories; using Bit.Core.Auth.UserFeatures.UserKey.Implementations; using Bit.Core.Entities; using Bit.Core.Services; using Bit.Test.Common.AutoFixture; using Bit.Test.Common.AutoFixture.Attributes; using Microsoft.AspNetCore.Identity; using NSubstitute; using Xunit; namespace Bit.Core.Test.Auth.UserFeatures.UserKey; [SutProviderCustomize] public class RotateUserKeyCommandTests { [Theory, BitAutoData] public async Task RotateUserKeyAsync_Success(SutProvider sutProvider, User user, RotateUserKeyData model) { sutProvider.GetDependency().CheckPasswordAsync(user, model.MasterPasswordHash) .Returns(true); foreach (var webauthnCred in model.WebAuthnKeys) { var dbWebauthnCred = new WebAuthnCredential { EncryptedPublicKey = "encryptedPublicKey", EncryptedUserKey = "encryptedUserKey" }; sutProvider.GetDependency().GetByIdAsync(webauthnCred.Id, user.Id) .Returns(dbWebauthnCred); } var result = await sutProvider.Sut.RotateUserKeyAsync(user, model); Assert.Equal(IdentityResult.Success, result); } [Theory, BitAutoData] public async Task RotateUserKeyAsync_InvalidMasterPasswordHash_ReturnsFailedIdentityResult( SutProvider sutProvider, User user, RotateUserKeyData model) { sutProvider.GetDependency().CheckPasswordAsync(user, model.MasterPasswordHash) .Returns(false); foreach (var webauthnCred in model.WebAuthnKeys) { var dbWebauthnCred = new WebAuthnCredential { EncryptedPublicKey = "encryptedPublicKey", EncryptedUserKey = "encryptedUserKey" }; sutProvider.GetDependency().GetByIdAsync(webauthnCred.Id, user.Id) .Returns(dbWebauthnCred); } var result = await sutProvider.Sut.RotateUserKeyAsync(user, model); Assert.False(result.Succeeded); } [Theory, BitAutoData] public async Task RotateUserKeyAsync_LogsOutUser( SutProvider sutProvider, User user, RotateUserKeyData model) { sutProvider.GetDependency().CheckPasswordAsync(user, model.MasterPasswordHash) .Returns(true); foreach (var webauthnCred in model.WebAuthnKeys) { var dbWebauthnCred = new WebAuthnCredential { EncryptedPublicKey = "encryptedPublicKey", EncryptedUserKey = "encryptedUserKey" }; sutProvider.GetDependency().GetByIdAsync(webauthnCred.Id, user.Id) .Returns(dbWebauthnCred); } await sutProvider.Sut.RotateUserKeyAsync(user, model); await sutProvider.GetDependency().ReceivedWithAnyArgs() .PushLogOutAsync(default, default); } }