mirror of
https://github.com/bitwarden/server.git
synced 2025-01-25 22:21:38 +01:00
091c03a90c
* remove validation from 2fa GET and mask sensitive data
* skip verification check on put email
* disable verification on send-email and reenable on put email
* validate authenticator on set instead of get
* Revert "validate authenticator on set instead of get"
This reverts commit 7bf2084531
.
* fix tests
* fix more tests
* Narrow scope of verify bypass
* Defaulted to false on VerifySecretAsync
* fix default param value
---------
Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
110 lines
3.5 KiB
C#
110 lines
3.5 KiB
C#
|
|
using Bit.Api.Auth.Models.Response.TwoFactor;
|
|
using Bit.Core.AdminConsole.Entities;
|
|
using Bit.Test.Common.AutoFixture.Attributes;
|
|
using Xunit;
|
|
|
|
namespace Bit.Api.Test.Auth.Models.Response;
|
|
|
|
public class OrganizationTwoFactorDuoResponseModelTests
|
|
{
|
|
[Theory]
|
|
[BitAutoData]
|
|
public void Organization_WithDuoV4_ShouldBuildModel(Organization organization)
|
|
{
|
|
// Arrange
|
|
organization.TwoFactorProviders = GetTwoFactorOrganizationDuoV4ProvidersJson();
|
|
|
|
// Act
|
|
var model = new TwoFactorDuoResponseModel(organization);
|
|
|
|
// Assert if v4 data Ikey and Skey are set to clientId and clientSecret
|
|
Assert.NotNull(model);
|
|
Assert.Equal("clientId", model.ClientId);
|
|
Assert.Equal("secret************", model.ClientSecret);
|
|
Assert.Equal("clientId", model.IntegrationKey);
|
|
Assert.Equal("secret************", model.SecretKey);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public void Organization_WithDuoV2_ShouldBuildModel(Organization organization)
|
|
{
|
|
// Arrange
|
|
organization.TwoFactorProviders = GetTwoFactorOrganizationDuoV2ProvidersJson();
|
|
|
|
// Act
|
|
var model = new TwoFactorDuoResponseModel(organization);
|
|
|
|
// Assert if only v2 data clientId and clientSecret are set to Ikey and Sk
|
|
Assert.NotNull(model);
|
|
Assert.Equal("IKey", model.ClientId);
|
|
Assert.Equal("SKey", model.ClientSecret);
|
|
Assert.Equal("IKey", model.IntegrationKey);
|
|
Assert.Equal("SKey", model.SecretKey);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public void Organization_WithDuo_ShouldBuildModel(Organization organization)
|
|
{
|
|
// Arrange
|
|
organization.TwoFactorProviders = GetTwoFactorOrganizationDuoProvidersJson();
|
|
|
|
// Act
|
|
var model = new TwoFactorDuoResponseModel(organization);
|
|
|
|
/// Assert Even if both versions are present priority is given to v4 data
|
|
Assert.NotNull(model);
|
|
Assert.Equal("clientId", model.ClientId);
|
|
Assert.Equal("secret************", model.ClientSecret);
|
|
Assert.Equal("clientId", model.IntegrationKey);
|
|
Assert.Equal("secret************", model.SecretKey);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public void Organization_WithDuoEmpty_ShouldFail(Organization organization)
|
|
{
|
|
// Arrange
|
|
organization.TwoFactorProviders = "{\"6\" : {}}";
|
|
|
|
// Act
|
|
var model = new TwoFactorDuoResponseModel(organization);
|
|
|
|
/// Assert
|
|
Assert.False(model.Enabled);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public void Organization_WithTwoFactorProvidersNull_ShouldFail(Organization organization)
|
|
{
|
|
// Arrange
|
|
organization.TwoFactorProviders = "{\"6\" : {}}";
|
|
|
|
// Act
|
|
var model = new TwoFactorDuoResponseModel(organization);
|
|
|
|
/// Assert
|
|
Assert.False(model.Enabled);
|
|
}
|
|
|
|
private string GetTwoFactorOrganizationDuoProvidersJson()
|
|
{
|
|
return
|
|
"{\"6\":{\"Enabled\":true,\"MetaData\":{\"SKey\":\"SKey\",\"IKey\":\"IKey\",\"ClientSecret\":\"secretClientSecret\",\"ClientId\":\"clientId\",\"Host\":\"example.com\"}}}";
|
|
}
|
|
|
|
private string GetTwoFactorOrganizationDuoV4ProvidersJson()
|
|
{
|
|
return
|
|
"{\"6\":{\"Enabled\":true,\"MetaData\":{\"ClientSecret\":\"secretClientSecret\",\"ClientId\":\"clientId\",\"Host\":\"example.com\"}}}";
|
|
}
|
|
|
|
private string GetTwoFactorOrganizationDuoV2ProvidersJson()
|
|
{
|
|
return "{\"6\":{\"Enabled\":true,\"MetaData\":{\"SKey\":\"SKey\",\"IKey\":\"IKey\",\"Host\":\"example.com\"}}}";
|
|
}
|
|
}
|