organization 2fa apis

2025-07-04 09:32:48 -05:00 · 2018-04-02 23:18:26 -04:00
parent a790c37fcc
commit 0d4ea5ce5b
7 changed files with 219 additions and 13 deletions
--- a/src/Core/Services/IOrganizationService.cs
+++ b/src/Core/Services/IOrganizationService.cs
@ -26,6 +26,8 @@ namespace Bit.Core.Services
        Task UpdateExpirationDateAsync(Guid organizationId, DateTime? expirationDate);
        Task EnableAsync(Guid organizationId);
        Task UpdateAsync(Organization organization, bool updateBilling = false);
+        Task UpdateTwoFactorProviderAsync(Organization organization, TwoFactorProviderType type);
+        Task DisableTwoFactorProviderAsync(Organization organization, TwoFactorProviderType type);
        Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid? invitingUserId, string email,
            OrganizationUserType type, bool accessAll, string externalId, IEnumerable<SelectionReadOnly> collections);
        Task<List<OrganizationUser>> InviteUserAsync(Guid organizationId, Guid? invitingUserId, IEnumerable<string> emails,
--- a/src/Core/Services/Implementations/OrganizationService.cs
+++ b/src/Core/Services/Implementations/OrganizationService.cs
@ -832,6 +832,47 @@ namespace Bit.Core.Services
            }
        }

+        public async Task UpdateTwoFactorProviderAsync(Organization organization, TwoFactorProviderType type)
+        {
+            if(!type.ToString().StartsWith("Organization"))
+            {
+                throw new ArgumentException("Not an organization provider type.");
+            }
+
+            if(!organization.Use2fa)
+            {
+                throw new BadRequestException("Organization cannot use 2FA.");
+            }
+
+            var providers = organization.GetTwoFactorProviders();
+            if(!providers?.ContainsKey(type) ?? true)
+            {
+                return;
+            }
+
+            providers[type].Enabled = true;
+            organization.SetTwoFactorProviders(providers);
+            await UpdateAsync(organization);
+        }
+
+        public async Task DisableTwoFactorProviderAsync(Organization organization, TwoFactorProviderType type)
+        {
+            if(!type.ToString().StartsWith("Organization"))
+            {
+                throw new ArgumentException("Not an organization provider type.");
+            }
+
+            var providers = organization.GetTwoFactorProviders();
+            if(!providers?.ContainsKey(type) ?? true)
+            {
+                return;
+            }
+
+            providers.Remove(type);
+            organization.SetTwoFactorProviders(providers);
+            await UpdateAsync(organization);
+        }
+
        public async Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid? invitingUserId, string email,
            OrganizationUserType type, bool accessAll, string externalId, IEnumerable<SelectionReadOnly> collections)
        {