nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 23:52:50 -05:00
Code Activity

PM-6675 - Remove old registration endpoint (#5585)

Browse Source 
* feat : remove old registration endpoint

* fix: update integration test user registration to match current registration; We need to keep the IRegistrationCommand.RegisterUser method to JIT user.

* fix: updating accounts/profile tests to match current implementations
This commit is contained in:
Ike
2025-04-16 15:46:49 -04:00
committed by GitHub
parent 01a08c5814
commit 1399b1417e
14 changed files with 457 additions and 432 deletions
Download Patch File Download Diff File Expand all files Collapse all files

346
test/Identity.IntegrationTest/Endpoints/IdentityServerTests.cs
View File

@ -3,11 +3,13 @@ using Bit.Core;
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Enums;
using Bit.Core.AdminConsole.Repositories;
using Bit.Core.Auth.Models.Api.Request.Accounts;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Platform.Installations;
using Bit.Core.Repositories;
using Bit.Core.Test.Auth.AutoFixture;
using Bit.Identity.IdentityServer;
using Bit.Identity.Models.Request.Accounts;
using Bit.IntegrationTestCommon.Factories;
using Bit.Test.Common.AutoFixture.Attributes;
using Bit.Test.Common.Helpers;
@ -17,6 +19,7 @@ using Xunit;
namespace Bit.Identity.IntegrationTest.Endpoints;
[SutProviderCustomize]
public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
{
private const int SecondsInMinute = 60;
@ -27,7 +30,7 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
public IdentityServerTests(IdentityApplicationFactory factory)
{
_factory = factory;
ReinitializeDbForTests();
ReinitializeDbForTests(_factory);
}
[Fact]
@ -48,18 +51,14 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
AssertHelper.AssertEqualJson(endpointRoot, knownConfigurationRoot);
}
[Theory, BitAutoData]
public async Task TokenEndpoint_GrantTypePassword_Success(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_GrantTypePassword_Success(RegisterFinishRequestModel requestModel)
{
var username = "test+tokenpassword@email.com";
var localFactory = new IdentityApplicationFactory();
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
await _factory.RegisterAsync(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash"
});
var context = await PostLoginAsync(_factory.Server, username, deviceId, context => context.SetAuthEmail(username));
var context = await PostLoginAsync(localFactory.Server, user, requestModel.MasterPasswordHash,
context => context.SetAuthEmail(user.Email));
using var body = await AssertDefaultTokenBodyAsync(context);
var root = body.RootElement;
@ -73,18 +72,16 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
AssertUserDecryptionOptions(root);
}
[Theory, BitAutoData]
public async Task TokenEndpoint_GrantTypePassword_NoAuthEmailHeader_Fails(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_GrantTypePassword_NoAuthEmailHeader_Fails(
RegisterFinishRequestModel requestModel)
{
var username = "test+noauthemailheader@email.com";
requestModel.Email = "test+noauthemailheader@email.com";
await _factory.RegisterAsync(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash",
});
var localFactory = new IdentityApplicationFactory();
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
var context = await PostLoginAsync(_factory.Server, username, deviceId, null);
var context = await PostLoginAsync(localFactory.Server, user, requestModel.MasterPasswordHash, null);
Assert.Equal(StatusCodes.Status400BadRequest, context.Response.StatusCode);
@ -96,18 +93,17 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
AssertHelper.AssertJsonProperty(root, "error_description", JsonValueKind.String);
}
[Theory, BitAutoData]
public async Task TokenEndpoint_GrantTypePassword_InvalidBase64AuthEmailHeader_Fails(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_GrantTypePassword_InvalidBase64AuthEmailHeader_Fails(
RegisterFinishRequestModel requestModel)
{
var username = "test+badauthheader@email.com";
requestModel.Email = "test+badauthheader@email.com";
await _factory.RegisterAsync(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash",
});
var localFactory = new IdentityApplicationFactory();
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
var context = await PostLoginAsync(_factory.Server, username, deviceId, context => context.Request.Headers.Append("Auth-Email", "bad_value"));
var context = await PostLoginAsync(localFactory.Server, user, requestModel.MasterPasswordHash,
context => context.Request.Headers.Append("Auth-Email", "bad_value"));
Assert.Equal(StatusCodes.Status400BadRequest, context.Response.StatusCode);
@ -119,18 +115,17 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
AssertHelper.AssertJsonProperty(root, "error_description", JsonValueKind.String);
}
[Theory, BitAutoData]
public async Task TokenEndpoint_GrantTypePassword_WrongAuthEmailHeader_Fails(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_GrantTypePassword_WrongAuthEmailHeader_Fails(
RegisterFinishRequestModel requestModel)
{
var username = "test+badauthheader@email.com";
requestModel.Email = "test+badauthheader@email.com";
await _factory.RegisterAsync(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash",
});
var localFactory = new IdentityApplicationFactory();
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
var context = await PostLoginAsync(_factory.Server, username, deviceId, context => context.SetAuthEmail("bad_value"));
var context = await PostLoginAsync(localFactory.Server, user, requestModel.MasterPasswordHash,
context => context.SetAuthEmail("bad_value"));
Assert.Equal(StatusCodes.Status400BadRequest, context.Response.StatusCode);
@ -142,215 +137,198 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
AssertHelper.AssertJsonProperty(root, "error_description", JsonValueKind.String);
}
[Theory]
[Theory, RegisterFinishRequestModelCustomize]
[BitAutoData(OrganizationUserType.Owner)]
[BitAutoData(OrganizationUserType.Admin)]
[BitAutoData(OrganizationUserType.User)]
[BitAutoData(OrganizationUserType.Custom)]
public async Task TokenEndpoint_GrantTypePassword_WithAllUserTypes_WithSsoPolicyDisabled_WithEnforceSsoPolicyForAllUsersTrue_Success(OrganizationUserType organizationUserType, Guid organizationId, string deviceId, int generatedUsername)
public async Task TokenEndpoint_GrantTypePassword_WithAllUserTypes_WithSsoPolicyDisabled_WithEnforceSsoPolicyForAllUsersTrue_Success(
OrganizationUserType organizationUserType, RegisterFinishRequestModel requestModel, Guid organizationId, int generatedUsername)
{
var username = $"{generatedUsername}@example.com";
requestModel.Email = $"{generatedUsername}@example.com";
var server = _factory.WithWebHostBuilder(builder =>
var localFactory = new IdentityApplicationFactory();
var server = localFactory.WithWebHostBuilder(builder =>
{
builder.UseSetting("globalSettings:sso:enforceSsoPolicyForAllUsers", "true");
}).Server;
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
await server.PostAsync("/accounts/register", JsonContent.Create(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash"
}));
await CreateOrganizationWithSsoPolicyAsync(localFactory,
organizationId, user.Email, organizationUserType, ssoPolicyEnabled: false);
await CreateOrganizationWithSsoPolicyAsync(organizationId, username, organizationUserType, ssoPolicyEnabled: false);
var context = await PostLoginAsync(server, username, deviceId, context => context.SetAuthEmail(username));
var context = await PostLoginAsync(server, user, requestModel.MasterPasswordHash,
context => context.SetAuthEmail(user.Email));
Assert.Equal(StatusCodes.Status200OK, context.Response.StatusCode);
}
[Theory]
[Theory, RegisterFinishRequestModelCustomize]
[BitAutoData(OrganizationUserType.Owner)]
[BitAutoData(OrganizationUserType.Admin)]
[BitAutoData(OrganizationUserType.User)]
[BitAutoData(OrganizationUserType.Custom)]
public async Task TokenEndpoint_GrantTypePassword_WithAllUserTypes_WithSsoPolicyDisabled_WithEnforceSsoPolicyForAllUsersFalse_Success(OrganizationUserType organizationUserType, Guid organizationId, string deviceId, int generatedUsername)
public async Task TokenEndpoint_GrantTypePassword_WithAllUserTypes_WithSsoPolicyDisabled_WithEnforceSsoPolicyForAllUsersFalse_Success(
OrganizationUserType organizationUserType, RegisterFinishRequestModel requestModel, Guid organizationId, int generatedUsername)
{
var username = $"{generatedUsername}@example.com";
requestModel.Email = $"{generatedUsername}@example.com";
var server = _factory.WithWebHostBuilder(builder =>
var localFactory = new IdentityApplicationFactory();
var server = localFactory.WithWebHostBuilder(builder =>
{
builder.UseSetting("globalSettings:sso:enforceSsoPolicyForAllUsers", "false");
}).Server;
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
await server.PostAsync("/accounts/register", JsonContent.Create(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash"
}));
await CreateOrganizationWithSsoPolicyAsync(
localFactory, organizationId, user.Email, organizationUserType, ssoPolicyEnabled: false);
await CreateOrganizationWithSsoPolicyAsync(organizationId, username, organizationUserType, ssoPolicyEnabled: false);
var context = await PostLoginAsync(server, username, deviceId, context => context.SetAuthEmail(username));
var context = await PostLoginAsync(server, user, requestModel.MasterPasswordHash,
context => context.SetAuthEmail(user.Email));
Assert.Equal(StatusCodes.Status200OK, context.Response.StatusCode);
}
[Theory]
[Theory, RegisterFinishRequestModelCustomize]
[BitAutoData(OrganizationUserType.Owner)]
[BitAutoData(OrganizationUserType.Admin)]
[BitAutoData(OrganizationUserType.User)]
[BitAutoData(OrganizationUserType.Custom)]
public async Task TokenEndpoint_GrantTypePassword_WithAllUserTypes_WithSsoPolicyEnabled_WithEnforceSsoPolicyForAllUsersTrue_Throw(OrganizationUserType organizationUserType, Guid organizationId, string deviceId, int generatedUsername)
public async Task TokenEndpoint_GrantTypePassword_WithAllUserTypes_WithSsoPolicyEnabled_WithEnforceSsoPolicyForAllUsersTrue_Throw(
OrganizationUserType organizationUserType, RegisterFinishRequestModel requestModel, Guid organizationId, int generatedUsername)
{
var username = $"{generatedUsername}@example.com";
requestModel.Email = $"{generatedUsername}@example.com";
var server = _factory.WithWebHostBuilder(builder =>
var localFactory = new IdentityApplicationFactory();
var server = localFactory.WithWebHostBuilder(builder =>
{
builder.UseSetting("globalSettings:sso:enforceSsoPolicyForAllUsers", "true");
}).Server;
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
await server.PostAsync("/accounts/register", JsonContent.Create(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash"
}));
await CreateOrganizationWithSsoPolicyAsync(localFactory, organizationId, user.Email, organizationUserType, ssoPolicyEnabled: true);
await CreateOrganizationWithSsoPolicyAsync(organizationId, username, organizationUserType, ssoPolicyEnabled: true);
var context = await PostLoginAsync(server, username, deviceId, context => context.SetAuthEmail(username));
var context = await PostLoginAsync(server, user, requestModel.MasterPasswordHash,
context => context.SetAuthEmail(user.Email));
Assert.Equal(StatusCodes.Status400BadRequest, context.Response.StatusCode);
await AssertRequiredSsoAuthenticationResponseAsync(context);
}
[Theory]
[Theory, RegisterFinishRequestModelCustomize]
[BitAutoData(OrganizationUserType.Owner)]
[BitAutoData(OrganizationUserType.Admin)]
public async Task TokenEndpoint_GrantTypePassword_WithOwnerOrAdmin_WithSsoPolicyEnabled_WithEnforceSsoPolicyForAllUsersFalse_Success(OrganizationUserType organizationUserType, Guid organizationId, string deviceId, int generatedUsername)
public async Task TokenEndpoint_GrantTypePassword_WithOwnerOrAdmin_WithSsoPolicyEnabled_WithEnforceSsoPolicyForAllUsersFalse_Success(
OrganizationUserType organizationUserType, RegisterFinishRequestModel requestModel, Guid organizationId, int generatedUsername)
{
var username = $"{generatedUsername}@example.com";
requestModel.Email = $"{generatedUsername}@example.com";
var server = _factory.WithWebHostBuilder(builder =>
var localFactory = new IdentityApplicationFactory();
var server = localFactory.WithWebHostBuilder(builder =>
{
builder.UseSetting("globalSettings:sso:enforceSsoPolicyForAllUsers", "false");
}).Server;
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
await server.PostAsync("/accounts/register", JsonContent.Create(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash"
}));
await CreateOrganizationWithSsoPolicyAsync(localFactory, organizationId, user.Email, organizationUserType, ssoPolicyEnabled: true);
await CreateOrganizationWithSsoPolicyAsync(organizationId, username, organizationUserType, ssoPolicyEnabled: true);
var context = await PostLoginAsync(server, username, deviceId, context => context.SetAuthEmail(username));
var context = await PostLoginAsync(server, user, requestModel.MasterPasswordHash,
context => context.SetAuthEmail(user.Email));
Assert.Equal(StatusCodes.Status200OK, context.Response.StatusCode);
}
[Theory]
[Theory, RegisterFinishRequestModelCustomize]
[BitAutoData(OrganizationUserType.User)]
[BitAutoData(OrganizationUserType.Custom)]
public async Task TokenEndpoint_GrantTypePassword_WithNonOwnerOrAdmin_WithSsoPolicyEnabled_WithEnforceSsoPolicyForAllUsersFalse_Throws(OrganizationUserType organizationUserType, Guid organizationId, string deviceId, int generatedUsername)
public async Task TokenEndpoint_GrantTypePassword_WithNonOwnerOrAdmin_WithSsoPolicyEnabled_WithEnforceSsoPolicyForAllUsersFalse_Throws(
OrganizationUserType organizationUserType, RegisterFinishRequestModel requestModel, Guid organizationId, int generatedUsername)
{
var username = $"{generatedUsername}@example.com";
requestModel.Email = $"{generatedUsername}@example.com";
var server = _factory.WithWebHostBuilder(builder =>
var localFactory = new IdentityApplicationFactory();
var server = localFactory.WithWebHostBuilder(builder =>
{
builder.UseSetting("globalSettings:sso:enforceSsoPolicyForAllUsers", "false");
}).Server;
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
await server.PostAsync("/accounts/register", JsonContent.Create(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash"
}));
await CreateOrganizationWithSsoPolicyAsync(localFactory, organizationId, user.Email, organizationUserType, ssoPolicyEnabled: true);
await CreateOrganizationWithSsoPolicyAsync(organizationId, username, organizationUserType, ssoPolicyEnabled: true);
var context = await PostLoginAsync(server, username, deviceId, context => context.SetAuthEmail(username));
var context = await PostLoginAsync(server, user, requestModel.MasterPasswordHash,
context => context.SetAuthEmail(user.Email));
Assert.Equal(StatusCodes.Status400BadRequest, context.Response.StatusCode);
await AssertRequiredSsoAuthenticationResponseAsync(context);
}
[Theory, BitAutoData]
public async Task TokenEndpoint_GrantTypeRefreshToken_Success(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_GrantTypeRefreshToken_Success(RegisterFinishRequestModel requestModel)
{
var username = "test+tokenrefresh@email.com";
var localFactory = new IdentityApplicationFactory();
await _factory.RegisterAsync(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash",
});
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
var (_, refreshToken) = await _factory.TokenFromPasswordAsync(username, "master_password_hash", deviceId);
var (_, refreshToken) = await localFactory.TokenFromPasswordAsync(
requestModel.Email, requestModel.MasterPasswordHash);
var context = await _factory.Server.PostAsync("/connect/token", new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "grant_type", "refresh_token" },
{ "client_id", "web" },
{ "refresh_token", refreshToken },
}));
var context = await localFactory.Server.PostAsync("/connect/token",
new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "grant_type", "refresh_token" },
{ "client_id", "web" },
{ "refresh_token", refreshToken },
}));
using var body = await AssertDefaultTokenBodyAsync(context);
AssertRefreshTokenExists(body.RootElement);
}
[Theory, BitAutoData]
public async Task TokenEndpoint_GrantTypeClientCredentials_Success(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_GrantTypeClientCredentials_Success(RegisterFinishRequestModel model)
{
var username = "test+tokenclientcredentials@email.com";
var localFactory = new IdentityApplicationFactory();
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(model);
await _factory.RegisterAsync(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash",
});
var database = _factory.GetDatabaseContext();
var user = await database.Users
.FirstAsync(u => u.Email == username);
var context = await _factory.Server.PostAsync("/connect/token", new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "grant_type", "client_credentials" },
{ "client_id", $"user.{user.Id}" },
{ "client_secret", user.ApiKey },
{ "scope", "api" },
{ "DeviceIdentifier", deviceId },
{ "DeviceType", DeviceTypeAsString(DeviceType.FirefoxBrowser) },
{ "DeviceName", "firefox" },
}));
var context = await localFactory.Server.PostAsync("/connect/token",
new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "grant_type", "client_credentials" },
{ "client_id", $"user.{user.Id}" },
{ "client_secret", user.ApiKey },
{ "scope", "api" },
{ "DeviceIdentifier", IdentityApplicationFactory.DefaultDeviceIdentifier },
{ "DeviceType", DeviceTypeAsString(DeviceType.FirefoxBrowser) },
{ "DeviceName", "firefox" },
})
);
await AssertDefaultTokenBodyAsync(context, "api");
}
[Theory, BitAutoData]
public async Task TokenEndpoint_GrantTypeClientCredentials_AsLegacyUser_NotOnWebClient_Fails(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_GrantTypeClientCredentials_AsLegacyUser_NotOnWebClient_Fails(
RegisterFinishRequestModel model,
string deviceId)
{
var server = _factory.WithWebHostBuilder(builder =>
var localFactory = new IdentityApplicationFactory();
var server = localFactory.WithWebHostBuilder(builder =>
{
builder.UseSetting("globalSettings:launchDarkly:flagValues:block-legacy-users", "true");
}).Server;
var username = "test+tokenclientcredentials@email.com";
model.Email = "test+tokenclientcredentials@email.com";
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(model);
await server.PostAsync("/accounts/register", JsonContent.Create(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash"
}));
var database = _factory.GetDatabaseContext();
var user = await database.Users
.FirstAsync(u => u.Email == username);
user.PrivateKey = "EncryptedPrivateKey";
// Modify user to be legacy user. We have to fetch the user again to put it in the ef-context
// so when we modify change tracking will save the changes.
var database = localFactory.GetDatabaseContext();
user = await database.Users
.FirstAsync(u => u.Email == model.Email);
user.Key = null;
await database.SaveChangesAsync();
var context = await server.PostAsync("/connect/token", new FormUrlEncodedContent(
@ -362,9 +340,9 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
{ "deviceIdentifier", deviceId },
{ "deviceName", "chrome" },
{ "grant_type", "password" },
{ "username", username },
{ "password", "master_password_hash" },
}), context => context.SetAuthEmail(username));
{ "username", model.Email },
{ "password", model.MasterPasswordHash },
}), context => context.SetAuthEmail(model.Email));
Assert.Equal(StatusCodes.Status400BadRequest, context.Response.StatusCode);
@ -535,23 +513,21 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
Assert.Equal("invalid_client", error);
}
[Theory, BitAutoData]
public async Task TokenEndpoint_TooQuickInOneSecond_BlockRequest(string deviceId)
[Theory, BitAutoData, RegisterFinishRequestModelCustomize]
public async Task TokenEndpoint_TooQuickInOneSecond_BlockRequest(
RegisterFinishRequestModel requestModel)
{
const int AmountInOneSecondAllowed = 10;
// The rule we are testing is 10 requests in 1 second
var username = "test+ratelimiting@email.com";
requestModel.Email = "test+ratelimiting@email.com";
await _factory.RegisterAsync(new RegisterRequestModel
{
Email = username,
MasterPasswordHash = "master_password_hash",
});
var localFactory = new IdentityApplicationFactory();
var user = await localFactory.RegisterNewIdentityFactoryUserAsync(requestModel);
var database = _factory.GetDatabaseContext();
var user = await database.Users
.FirstAsync(u => u.Email == username);
var database = localFactory.GetDatabaseContext();
user = await database.Users
.FirstAsync(u => u.Email == user.Email);
var tasks = new Task<HttpContext>[AmountInOneSecondAllowed + 1];
@ -573,36 +549,40 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
{ "scope", "api offline_access" },
{ "client_id", "web" },
{ "deviceType", DeviceTypeAsString(DeviceType.FirefoxBrowser) },
{ "deviceIdentifier", deviceId },
{ "deviceIdentifier", IdentityApplicationFactory.DefaultDeviceIdentifier },
{ "deviceName", "firefox" },
{ "grant_type", "password" },
{ "username", username },
{ "username", user.Email},
{ "password", "master_password_hash" },
}), context => context.SetAuthEmail(username).SetIp("1.1.1.2"));
}), context => context.SetAuthEmail(user.Email).SetIp("1.1.1.2"));
}
}
private async Task<HttpContext> PostLoginAsync(TestServer server, string username, string deviceId, Action<HttpContext> extraConfiguration)
private async Task<HttpContext> PostLoginAsync(
TestServer server, User user, string MasterPasswordHash, Action<HttpContext> extraConfiguration)
{
return await server.PostAsync("/connect/token", new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "scope", "api offline_access" },
{ "client_id", "web" },
{ "deviceType", DeviceTypeAsString(DeviceType.FirefoxBrowser) },
{ "deviceIdentifier", deviceId },
{ "deviceIdentifier", IdentityApplicationFactory.DefaultDeviceIdentifier },
{ "deviceName", "firefox" },
{ "grant_type", "password" },
{ "username", username },
{ "password", "master_password_hash" },
{ "username", user.Email },
{ "password", MasterPasswordHash },
}), extraConfiguration);
}
private async Task CreateOrganizationWithSsoPolicyAsync(Guid organizationId, string username, OrganizationUserType organizationUserType, bool ssoPolicyEnabled)
private async Task CreateOrganizationWithSsoPolicyAsync(
IdentityApplicationFactory localFactory,
Guid organizationId,
string username, OrganizationUserType organizationUserType, bool ssoPolicyEnabled)
{
var userRepository = _factory.Services.GetService<IUserRepository>();
var organizationRepository = _factory.Services.GetService<IOrganizationRepository>();
var organizationUserRepository = _factory.Services.GetService<IOrganizationUserRepository>();
var policyRepository = _factory.Services.GetService<IPolicyRepository>();
var userRepository = localFactory.Services.GetService<IUserRepository>();
var organizationRepository = localFactory.Services.GetService<IOrganizationRepository>();
var organizationUserRepository = localFactory.Services.GetService<IOrganizationUserRepository>();
var policyRepository = localFactory.Services.GetService<IPolicyRepository>();
var organization = new Organization
{
@ -617,7 +597,7 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
await organizationRepository.CreateAsync(organization);
var user = await userRepository.GetByEmailAsync(username);
var organizationUser = new Bit.Core.Entities.OrganizationUser
var organizationUser = new OrganizationUser
{
OrganizationId = organization.Id,
UserId = user.Id,
@ -703,9 +683,9 @@ public class IdentityServerTests : IClassFixture<IdentityApplicationFactory>
(prop) => { Assert.Equal("Object", prop.Name); Assert.Equal("userDecryptionOptions", prop.Value.GetString()); });
}
private void ReinitializeDbForTests()
private void ReinitializeDbForTests(IdentityApplicationFactory factory)
{
var databaseContext = _factory.GetDatabaseContext();
var databaseContext = factory.GetDatabaseContext();
databaseContext.Policies.RemoveRange(databaseContext.Policies);
databaseContext.OrganizationUsers.RemoveRange(databaseContext.OrganizationUsers);
databaseContext.Organizations.RemoveRange(databaseContext.Organizations);