PM-6675 - Remove old registration endpoint (#5585)

* feat : remove old registration endpoint * fix: update integration test user registration to match current registration; We need to keep the IRegistrationCommand.RegisterUser method to JIT user. * fix: updating accounts/profile tests to match current implementations
2025-06-30 15:42:48 -05:00 · 2025-04-16 15:46:49 -04:00
parent 01a08c5814
commit 1399b1417e
14 changed files with 457 additions and 432 deletions
--- a/test/Identity.IntegrationTest/RequestValidation/ResourceOwnerPasswordValidatorTests.cs
+++ b/test/Identity.IntegrationTest/RequestValidation/ResourceOwnerPasswordValidatorTests.cs
@ -1,11 +1,11 @@
 using System.Text.Json;
+using Bit.Core;
 using Bit.Core.Auth.Entities;
 using Bit.Core.Auth.Enums;
+using Bit.Core.Auth.Models.Api.Request.Accounts;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Repositories;
-using Bit.Core.Services;
-using Bit.Identity.Models.Request.Accounts;
 using Bit.IntegrationTestCommon.Factories;
 using Bit.Test.Common.AutoFixture.Attributes;
 using Bit.Test.Common.Helpers;
@ -19,28 +19,16 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
    private const string DefaultPassword = "master_password_hash";
    private const string DefaultUsername = "test@email.qa";
    private const string DefaultDeviceIdentifier = "test_identifier";
-    private readonly IdentityApplicationFactory _factory;
-    private readonly UserManager<User> _userManager;
-    private readonly IAuthRequestRepository _authRequestRepository;
-    private readonly IDeviceService _deviceService;
-
-    public ResourceOwnerPasswordValidatorTests(IdentityApplicationFactory factory)
-    {
-        _factory = factory;
-
-        _userManager = _factory.GetService<UserManager<User>>();
-        _authRequestRepository = _factory.GetService<IAuthRequestRepository>();
-        _deviceService = _factory.GetService<IDeviceService>();
-    }

    [Fact]
    public async Task ValidateAsync_Success()
    {
        // Arrange
-        await EnsureUserCreatedAsync();
+        var localFactory = new IdentityApplicationFactory();
+        await EnsureUserCreatedAsync(localFactory);

        // Act
-        var context = await _factory.Server.PostAsync("/connect/token",
+        var context = await localFactory.Server.PostAsync("/connect/token",
            GetFormUrlEncodedContent(),
            context => context.SetAuthEmail(DefaultUsername));

@ -56,10 +44,11 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
    public async Task ValidateAsync_AuthEmailHeaderInvalid_InvalidGrantResponse()
    {
        // Arrange
-        await EnsureUserCreatedAsync();
+        var localFactory = new IdentityApplicationFactory();
+        await EnsureUserCreatedAsync(localFactory);

        // Act
-        var context = await _factory.Server.PostAsync(
+        var context = await localFactory.Server.PostAsync(
            "/connect/token",
            GetFormUrlEncodedContent()
        );
@ -75,8 +64,10 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
    [Theory, BitAutoData]
    public async Task ValidateAsync_UserNull_Failure(string username)
    {
+        // Arrange
+        var localFactory = new IdentityApplicationFactory();
        // Act
-        var context = await _factory.Server.PostAsync("/connect/token",
+        var context = await localFactory.Server.PostAsync("/connect/token",
            GetFormUrlEncodedContent(username: username),
            context => context.SetAuthEmail(username));

@ -105,13 +96,16 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
    public async Task ValidateAsync_BadPassword_Failure(string badPassword)
    {
        // Arrange
-        await EnsureUserCreatedAsync();
+        var localFactory = new IdentityApplicationFactory();
+        await EnsureUserCreatedAsync(localFactory);
+
+        var userManager = localFactory.GetService<UserManager<User>>();

        // Verify the User is not null to ensure the failure is due to bad password
-        Assert.NotNull(await _userManager.FindByEmailAsync(DefaultUsername));
+        Assert.NotNull(await userManager.FindByEmailAsync(DefaultUsername));

        // Act
-        var context = await _factory.Server.PostAsync("/connect/token",
+        var context = await localFactory.Server.PostAsync("/connect/token",
            GetFormUrlEncodedContent(password: badPassword),
            context => context.SetAuthEmail(DefaultUsername));

@ -128,9 +122,12 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
    public async Task ValidateAsync_ValidateContextAsync_AuthRequest_NotNull_AgeLessThanOneHour_Success()
    {
        // Arrange
+        var localFactory = new IdentityApplicationFactory();
+
        // Ensure User
-        await EnsureUserCreatedAsync();
-        var user = await _userManager.FindByEmailAsync(DefaultUsername);
+        await EnsureUserCreatedAsync(localFactory);
+        var userManager = localFactory.GetService<UserManager<User>>();
+        var user = await userManager.FindByEmailAsync(DefaultUsername);
        Assert.NotNull(user);

        // Connect Request to User and set CreationDate
@ -139,13 +136,14 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
            AuthRequestType.AuthenticateAndUnlock,
            DateTime.UtcNow.AddMinutes(-30)
        );
-        await _authRequestRepository.CreateAsync(authRequest);
+        var authRequestRepository = localFactory.GetService<IAuthRequestRepository>();
+        await authRequestRepository.CreateAsync(authRequest);

-        var expectedAuthRequest = await _authRequestRepository.GetManyByUserIdAsync(user.Id);
+        var expectedAuthRequest = await authRequestRepository.GetManyByUserIdAsync(user.Id);
        Assert.NotEmpty(expectedAuthRequest);

        // Act
-        var context = await _factory.Server.PostAsync("/connect/token",
+        var context = await localFactory.Server.PostAsync("/connect/token",
            new FormUrlEncodedContent(new Dictionary<string, string>
            {
                { "scope", "api offline_access" },
@ -171,9 +169,12 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
    public async Task ValidateAsync_ValidateContextAsync_AuthRequest_NotNull_AgeGreaterThanOneHour_Failure()
    {
        // Arrange
+        var localFactory = new IdentityApplicationFactory();
        // Ensure User
-        await EnsureUserCreatedAsync(_factory);
-        var user = await _userManager.FindByEmailAsync(DefaultUsername);
+        await EnsureUserCreatedAsync(localFactory);
+        var userManager = localFactory.GetService<UserManager<User>>();
+
+        var user = await userManager.FindByEmailAsync(DefaultUsername);
        Assert.NotNull(user);

        // Create AuthRequest
@ -184,7 +185,7 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
        );

        // Act
-        var context = await _factory.Server.PostAsync("/connect/token",
+        var context = await localFactory.Server.PostAsync("/connect/token",
            new FormUrlEncodedContent(new Dictionary<string, string>
            {
                { "scope", "api offline_access" },
@ -214,19 +215,23 @@ public class ResourceOwnerPasswordValidatorTests : IClassFixture<IdentityApplica
        Assert.Equal("Username or password is incorrect. Try again.", errorMessage);
    }

-    private async Task EnsureUserCreatedAsync(IdentityApplicationFactory factory = null)
+    private async Task EnsureUserCreatedAsync(IdentityApplicationFactory factory)
    {
-        factory ??= _factory;
-        // No need to create more users than we need
-        if (await _userManager.FindByEmailAsync(DefaultUsername) == null)
-        {
-            // Register user
-            await factory.RegisterAsync(new RegisterRequestModel
+        // Register user
+        await factory.RegisterNewIdentityFactoryUserAsync(
+            new RegisterFinishRequestModel
            {
                Email = DefaultUsername,
-                MasterPasswordHash = DefaultPassword
+                MasterPasswordHash = DefaultPassword,
+                Kdf = KdfType.PBKDF2_SHA256,
+                KdfIterations = AuthConstants.PBKDF2_ITERATIONS.Default,
+                UserAsymmetricKeys = new KeysRequestModel()
+                {
+                    PublicKey = "public_key",
+                    EncryptedPrivateKey = "private_key"
+                },
+                UserSymmetricKey = "sym_key",
            });
-        }
    }

    private FormUrlEncodedContent GetFormUrlEncodedContent(