[SG-167] Implement Passwordless Authentication via Notifications (#2276)

* [SG-549] Commit Initial AuthRequest Repository (#2174)

* Model Passwordless

* Scaffold database for Passwordless

* Implement SQL Repository

* [SG-167] Base Passwordless API (#2185)

* Implement Passwordless notifications

* Implement Controller

* Add documentation to BaseRequestValidator

* Register AuthRequestRepo

* Remove ExpirationDate from the AuthRequest table

* [SG-407] Create job to delete expired requests (#2187)

* chore: init

* remove exp date

* fix: log name

* [SG-167] Added fingerprint phrase to response model. (#2233)

* Remove FailedLoginAttempt logic

* Block unknown devices

* Add EF Support for passwordless

* Got SignalR working for responses

* Added delete job method to EF repo

* Implement a GetMany API endpoint for AuthRequests

* Ran dotnet format

* Fix a merge issues

* Redated migration scripts

* tried sorting sqlproj

* Remove FailedLoginAttempts from SQL

* Groom Postgres script

* Remove extra commas from migration script

* Correct isSpent()

* [SG-167] Adde identity validation for passwordless requests. Registered IAuthRepository.

* [SG-167] Added origin of the request to response model

* Use display name for device identifier in response

* Add datetime conversions back to postgres migration script

* [SG-655] Add anonymous endpoint for checking if a device & user combo match

* [review] Consolidate error conditions

Co-authored-by: Brandon Maharaj <107377945+BrandonM-Bitwarden@users.noreply.github.com>
Co-authored-by: André Filipe da Silva Bispo <andrefsbispo@hotmail.com>
Co-authored-by: André Bispo <abispo@bitwarden.com>

test/Infrastructure.EFIntegration.Test/AutoFixture/AuthRequestFixtures.cs

@@ -0,0 +1,61 @@
+using AutoFixture;
+using AutoFixture.Kernel;
+using Bit.Core.Entities;
+using Bit.Core.Test.AutoFixture.UserFixtures;
+using Bit.Infrastructure.EFIntegration.Test.AutoFixture.Relays;
+using Bit.Infrastructure.EntityFramework.Repositories;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+
+namespace Bit.Infrastructure.EFIntegration.Test.AutoFixture;
+
+internal class AuthRequestBuilder : ISpecimenBuilder
+{
+    public object Create(object request, ISpecimenContext context)
+    {
+        if (context == null)
+        {
+            throw new ArgumentNullException(nameof(context));
+        }
+
+        var type = request as Type;
+        if (type == null || type != typeof(AuthRequest))
+        {
+            return new NoSpecimen();
+        }
+
+        var fixture = new Fixture();
+        fixture.Customizations.Insert(0, new MaxLengthStringRelay());
+        var obj = fixture.WithAutoNSubstitutions().Create<AuthRequest>();
+        return obj;
+    }
+}
+
+internal class EfAuthRequest : ICustomization
+{
+    public void Customize(IFixture fixture)
+    {
+        fixture.Customizations.Add(new IgnoreVirtualMembersCustomization());
+        fixture.Customizations.Add(new GlobalSettingsBuilder());
+        fixture.Customizations.Add(new AuthRequestBuilder());
+        fixture.Customizations.Add(new DeviceBuilder());
+        fixture.Customizations.Add(new UserBuilder());
+        fixture.Customizations.Add(new EfRepositoryListBuilder<AuthRequestRepository>());
+        fixture.Customizations.Add(new EfRepositoryListBuilder<DeviceRepository>());
+        fixture.Customizations.Add(new EfRepositoryListBuilder<UserRepository>());
+    }
+}
+
+internal class EfAuthRequestAutoDataAttribute : CustomAutoDataAttribute
+{
+    public EfAuthRequestAutoDataAttribute() : base(new SutProviderCustomization(), new EfAuthRequest())
+    { }
+}
+
+internal class InlineEfAuthRequestAutoDataAttribute : InlineCustomAutoDataAttribute
+{
+    public InlineEfAuthRequestAutoDataAttribute(params object[] values) : base(new[] { typeof(SutProviderCustomization),
+        typeof(EfAuthRequest) }, values)
+    { }
+}
+

test/Infrastructure.EFIntegration.Test/AutoFixture/EntityFrameworkRepositoryFixtures.cs

@@ -63,6 +63,7 @@ public class EfRepositoryListBuilder<T> : ISpecimenBuilder where T : BaseEntityF
             fixture.Customize<IMapper>(x => x.FromFactory(() =>
                 new MapperConfiguration(cfg =>
                 {
+                    cfg.AddProfile<AuthRequestMapperProfile>();
                     cfg.AddProfile<CipherMapperProfile>();
                     cfg.AddProfile<CollectionCipherMapperProfile>();
                     cfg.AddProfile<CollectionMapperProfile>();

test/Infrastructure.EFIntegration.Test/Repositories/AuthRequestRepositoryTests.cs

@@ -0,0 +1,50 @@
+using Bit.Core.Entities;
+using Bit.Core.Test.AutoFixture.Attributes;
+using Bit.Infrastructure.EFIntegration.Test.AutoFixture;
+using Bit.Infrastructure.EFIntegration.Test.Repositories.EqualityComparers;
+using Xunit;
+using EfRepo = Bit.Infrastructure.EntityFramework.Repositories;
+using SqlRepo = Bit.Infrastructure.Dapper.Repositories;
+
+namespace Bit.Infrastructure.EFIntegration.Test.Repositories;
+
+public class AuthRequestRepositoryTests
+{
+    [CiSkippedTheory, EfAuthRequestAutoData]
+    public async void CreateAsync_Works_DataMatches(
+        AuthRequest authRequest,
+        AuthRequestCompare equalityComparer,
+        List<EfRepo.AuthRequestRepository> suts,
+        SqlRepo.AuthRequestRepository sqlAuthRequestRepo,
+        User user,
+        List<EfRepo.UserRepository> efUserRepos,
+        SqlRepo.UserRepository sqlUserRepo
+        )
+    {
+        authRequest.ResponseDeviceId = null;
+        var savedAuthRequests = new List<AuthRequest>();
+        foreach (var sut in suts)
+        {
+            var i = suts.IndexOf(sut);
+
+            var efUser = await efUserRepos[i].CreateAsync(user);
+            sut.ClearChangeTracking();
+            authRequest.UserId = efUser.Id;
+
+            var postEfAuthRequest = await sut.CreateAsync(authRequest);
+            sut.ClearChangeTracking();
+
+            var savedAuthRequest = await sut.GetByIdAsync(postEfAuthRequest.Id);
+            savedAuthRequests.Add(savedAuthRequest);
+        }
+
+        var sqlUser = await sqlUserRepo.CreateAsync(user);
+        authRequest.UserId = sqlUser.Id;
+        var sqlAuthRequest = await sqlAuthRequestRepo.CreateAsync(authRequest);
+        var savedSqlAuthRequest = await sqlAuthRequestRepo.GetByIdAsync(sqlAuthRequest.Id);
+        savedAuthRequests.Add(savedSqlAuthRequest);
+
+        var distinctItems = savedAuthRequests.Distinct(equalityComparer);
+        Assert.True(!distinctItems.Skip(1).Any());
+    }
+}

test/Infrastructure.EFIntegration.Test/Repositories/EqualityComparers/AuthRequestCompare.cs

@@ -0,0 +1,23 @@
+using System.Diagnostics.CodeAnalysis;
+using Bit.Core.Entities;
+
+namespace Bit.Infrastructure.EFIntegration.Test.Repositories.EqualityComparers;
+
+public class AuthRequestCompare : IEqualityComparer<AuthRequest>
+{
+    public bool Equals(AuthRequest x, AuthRequest y)
+    {
+        return x.AccessCode == y.AccessCode &&
+        x.MasterPasswordHash == y.MasterPasswordHash &&
+        x.PublicKey == y.PublicKey &&
+        x.RequestDeviceIdentifier == y.RequestDeviceIdentifier &&
+        x.RequestDeviceType == y.RequestDeviceType &&
+        x.RequestIpAddress == y.RequestIpAddress &&
+        x.RequestFingerprint == y.RequestFingerprint;
+    }
+
+    public int GetHashCode([DisallowNull] AuthRequest obj)
+    {
+        return base.GetHashCode();
+    }
+}