nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 07:36:14 -05:00
Code Activity

[PM-9826] Remove validation from 2fa GET and mask sensitive data (#4526)

Browse Source 
* remove validation from 2fa GET and mask sensitive data

* skip verification check on put email

* disable verification on send-email and reenable on put email

* validate authenticator on set instead of get

* Revert "validate authenticator on set instead of get"

This reverts commit 7bf2084531.

* fix tests

* fix more tests

* Narrow scope of verify bypass

* Defaulted to false on VerifySecretAsync

* fix default param value

---------

Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
This commit is contained in:
Jake Fink
2024-07-22 11:21:14 -04:00
committed by GitHub
parent 4f4750a0a6
commit 091c03a90c
6 changed files with 49 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
test/Api.Test/Auth/Models/Response/UserTwoFactorDuoResponseModelTests.cs
View File

@ -21,9 +21,9 @@ public class UserTwoFactorDuoResponseModelTests
// Assert if v4 data Ikey and Skey are set to clientId and clientSecret
Assert.NotNull(model);
Assert.Equal("clientId", model.ClientId);
Assert.Equal("clientSecret", model.ClientSecret);
Assert.Equal("secret************", model.ClientSecret);
Assert.Equal("clientId", model.IntegrationKey);
Assert.Equal("clientSecret", model.SecretKey);
Assert.Equal("secret************", model.SecretKey);
}
[Theory]
@ -57,9 +57,9 @@ public class UserTwoFactorDuoResponseModelTests
// Assert Even if both versions are present priority is given to v4 data
Assert.NotNull(model);
Assert.Equal("clientId", model.ClientId);
Assert.Equal("clientSecret", model.ClientSecret);
Assert.Equal("secret************", model.ClientSecret);
Assert.Equal("clientId", model.IntegrationKey);
Assert.Equal("clientSecret", model.SecretKey);
Assert.Equal("secret************", model.SecretKey);
}
[Theory]
@ -92,12 +92,14 @@ public class UserTwoFactorDuoResponseModelTests
private string GetTwoFactorDuoProvidersJson()
{
return "{\"2\":{\"Enabled\":true,\"MetaData\":{\"SKey\":\"SKey\",\"IKey\":\"IKey\",\"ClientSecret\":\"clientSecret\",\"ClientId\":\"clientId\",\"Host\":\"example.com\"}}}";
return
"{\"2\":{\"Enabled\":true,\"MetaData\":{\"SKey\":\"SKey\",\"IKey\":\"IKey\",\"ClientSecret\":\"secretClientSecret\",\"ClientId\":\"clientId\",\"Host\":\"example.com\"}}}";
}
private string GetTwoFactorDuoV4ProvidersJson()
{
return "{\"2\":{\"Enabled\":true,\"MetaData\":{\"ClientSecret\":\"clientSecret\",\"ClientId\":\"clientId\",\"Host\":\"example.com\"}}}";
return
"{\"2\":{\"Enabled\":true,\"MetaData\":{\"ClientSecret\":\"secretClientSecret\",\"ClientId\":\"clientId\",\"Host\":\"example.com\"}}}";
}
private string GetTwoFactorDuoV2ProvidersJson()