mirror of
https://github.com/bitwarden/server.git
synced 2024-12-11 15:17:44 +01:00
3ad4bc1cab
* Send rotateable keyset on list webauthn keys * Implement basic prf key rotation * Add validator for webauthn rotation * Fix accounts controller tests * Add webauthn rotation validator tests * Introduce separate request model * Fix tests * Remove extra empty line * Remove filtering in validator * Don't send encrypted private key * Fix tests * Implement delegated webauthn db transactions * Add backward compatibility * Fix query not working * Update migration sql * Update dapper query * Remove unused helper * Rename webauthn to WebAuthnLogin * Fix linter errors * Fix tests * Fix tests
86 lines
3.1 KiB
C#
86 lines
3.1 KiB
C#
using Bit.Core.Auth.Entities;
|
|
using Bit.Core.Auth.Models.Data;
|
|
using Bit.Core.Auth.Repositories;
|
|
using Bit.Core.Auth.UserFeatures.UserKey.Implementations;
|
|
using Bit.Core.Entities;
|
|
using Bit.Core.Services;
|
|
using Bit.Test.Common.AutoFixture;
|
|
using Bit.Test.Common.AutoFixture.Attributes;
|
|
using Microsoft.AspNetCore.Identity;
|
|
using NSubstitute;
|
|
using Xunit;
|
|
|
|
namespace Bit.Core.Test.Auth.UserFeatures.UserKey;
|
|
|
|
[SutProviderCustomize]
|
|
public class RotateUserKeyCommandTests
|
|
{
|
|
[Theory, BitAutoData]
|
|
public async Task RotateUserKeyAsync_Success(SutProvider<RotateUserKeyCommand> sutProvider, User user,
|
|
RotateUserKeyData model)
|
|
{
|
|
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
|
|
.Returns(true);
|
|
foreach (var webauthnCred in model.WebAuthnKeys)
|
|
{
|
|
var dbWebauthnCred = new WebAuthnCredential
|
|
{
|
|
EncryptedPublicKey = "encryptedPublicKey",
|
|
EncryptedUserKey = "encryptedUserKey"
|
|
};
|
|
sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
|
|
.Returns(dbWebauthnCred);
|
|
}
|
|
|
|
var result = await sutProvider.Sut.RotateUserKeyAsync(user, model);
|
|
|
|
Assert.Equal(IdentityResult.Success, result);
|
|
}
|
|
|
|
[Theory, BitAutoData]
|
|
public async Task RotateUserKeyAsync_InvalidMasterPasswordHash_ReturnsFailedIdentityResult(
|
|
SutProvider<RotateUserKeyCommand> sutProvider, User user, RotateUserKeyData model)
|
|
{
|
|
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
|
|
.Returns(false);
|
|
foreach (var webauthnCred in model.WebAuthnKeys)
|
|
{
|
|
var dbWebauthnCred = new WebAuthnCredential
|
|
{
|
|
EncryptedPublicKey = "encryptedPublicKey",
|
|
EncryptedUserKey = "encryptedUserKey"
|
|
};
|
|
sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
|
|
.Returns(dbWebauthnCred);
|
|
}
|
|
|
|
var result = await sutProvider.Sut.RotateUserKeyAsync(user, model);
|
|
|
|
Assert.False(result.Succeeded);
|
|
}
|
|
|
|
[Theory, BitAutoData]
|
|
public async Task RotateUserKeyAsync_LogsOutUser(
|
|
SutProvider<RotateUserKeyCommand> sutProvider, User user, RotateUserKeyData model)
|
|
{
|
|
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
|
|
.Returns(true);
|
|
foreach (var webauthnCred in model.WebAuthnKeys)
|
|
{
|
|
var dbWebauthnCred = new WebAuthnCredential
|
|
{
|
|
EncryptedPublicKey = "encryptedPublicKey",
|
|
EncryptedUserKey = "encryptedUserKey"
|
|
};
|
|
sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
|
|
.Returns(dbWebauthnCred);
|
|
}
|
|
|
|
await sutProvider.Sut.RotateUserKeyAsync(user, model);
|
|
|
|
await sutProvider.GetDependency<IPushNotificationService>().ReceivedWithAnyArgs()
|
|
.PushLogOutAsync(default, default);
|
|
}
|
|
|
|
}
|