From 24469e2267a7b77d18c518d1848ab9bfa70110cd Mon Sep 17 00:00:00 2001 From: Todd Martin <106564991+trmartin4@users.noreply.github.com> Date: Wed, 16 Nov 2022 10:30:28 -0500 Subject: [PATCH] Update push token on login to allow multiple users on mobile devices (#2404) * Changed query for device to include userId (cherry picked from commit 5e3f6db64bda449a8647ac05e69a822e6c5d462a) * Refactored push registration to allow notification on multiple clients (cherry picked from commit 75d299ae269eeb8ac272c96458815a359ea6d085) * Linting (cherry picked from commit f1cf54ebef2019743834f667861f9b34c1661e11) * Fixed compile error. * Removed class that I created when refactoring. * Removed references to PushNotification from DeviceService tests. * Refactored to not pass back a result on Save * Refactored to send requestDevice to push notifications. * Fixed whitespace. * Added missing Noop services. (cherry picked from commit bdad6cfadaf2779c2e672027122c95ea64e3cf0b) * Linting. * Refactored to put the push token back in SaveAsync. * Removed constructor parameter. * Added back in ClearTokenAsync to reduce risk. * Updated tab for linting. --- src/Api/Controllers/DevicesController.cs | 2 +- src/Core/Services/IDeviceService.cs | 1 + .../Services/Implementations/DeviceService.cs | 1 + .../IdentityServer/BaseRequestValidator.cs | 17 ++++++----------- .../Factories/WebApplicationFactoryBase.cs | 8 ++++++++ 5 files changed, 17 insertions(+), 12 deletions(-) diff --git a/src/Api/Controllers/DevicesController.cs b/src/Api/Controllers/DevicesController.cs index cc4ae0f128..1e94236a30 100644 --- a/src/Api/Controllers/DevicesController.cs +++ b/src/Api/Controllers/DevicesController.cs @@ -17,7 +17,6 @@ public class DevicesController : Controller private readonly IDeviceService _deviceService; private readonly IUserService _userService; private readonly IUserRepository _userRepository; - public DevicesController( IDeviceRepository deviceRepository, IDeviceService deviceService, @@ -101,6 +100,7 @@ public class DevicesController : Controller } await _deviceService.SaveAsync(model.ToDevice(device)); + } [AllowAnonymous] diff --git a/src/Core/Services/IDeviceService.cs b/src/Core/Services/IDeviceService.cs index 3109cc107a..2cb441ba1c 100644 --- a/src/Core/Services/IDeviceService.cs +++ b/src/Core/Services/IDeviceService.cs @@ -7,4 +7,5 @@ public interface IDeviceService Task SaveAsync(Device device); Task ClearTokenAsync(Device device); Task DeleteAsync(Device device); + } diff --git a/src/Core/Services/Implementations/DeviceService.cs b/src/Core/Services/Implementations/DeviceService.cs index 99f4648a3e..16d0937a78 100644 --- a/src/Core/Services/Implementations/DeviceService.cs +++ b/src/Core/Services/Implementations/DeviceService.cs @@ -41,6 +41,7 @@ public class DeviceService : IDeviceService public async Task DeleteAsync(Device device) { await _deviceRepository.DeleteAsync(device); + await _pushRegistrationService.DeleteRegistrationAsync(device.Id.ToString()); } } diff --git a/src/Identity/IdentityServer/BaseRequestValidator.cs b/src/Identity/IdentityServer/BaseRequestValidator.cs index c7d88e9e94..cc7cab59a6 100644 --- a/src/Identity/IdentityServer/BaseRequestValidator.cs +++ b/src/Identity/IdentityServer/BaseRequestValidator.cs @@ -37,7 +37,6 @@ public abstract class BaseRequestValidator where T : class private readonly IPolicyRepository _policyRepository; private readonly IUserRepository _userRepository; private readonly ICaptchaValidationService _captchaValidationService; - public BaseRequestValidator( UserManager userManager, IDeviceRepository deviceRepository, @@ -545,19 +544,16 @@ public abstract class BaseRequestValidator where T : class private async Task SaveDeviceAsync(User user, ValidatedTokenRequest request) { - var device = GetDeviceFromRequest(request); - if (device != null) + var deviceFromRequest = GetDeviceFromRequest(request); + if (deviceFromRequest != null) { var existingDevice = await GetKnownDeviceAsync(user, request); if (existingDevice == null) { - device.UserId = user.Id; - await _deviceService.SaveAsync(device); - var now = DateTime.UtcNow; if (now - user.CreationDate > TimeSpan.FromMinutes(10)) { - var deviceType = device.Type.GetType().GetMember(device.Type.ToString()) + var deviceType = deviceFromRequest.Type.GetType().GetMember(deviceFromRequest.Type.ToString()) .FirstOrDefault()?.GetCustomAttribute()?.GetName(); if (!_globalSettings.DisableEmailNewDevice) { @@ -565,14 +561,13 @@ public abstract class BaseRequestValidator where T : class _currentContext.IpAddress); } } - - return device; } - return existingDevice; + deviceFromRequest.UserId = user.Id; + await _deviceService.SaveAsync(deviceFromRequest); } - return null; + return deviceFromRequest; } private async Task ResetFailedAuthDetailsAsync(User user) diff --git a/test/IntegrationTestCommon/Factories/WebApplicationFactoryBase.cs b/test/IntegrationTestCommon/Factories/WebApplicationFactoryBase.cs index 45a1454ae7..45ad410eeb 100644 --- a/test/IntegrationTestCommon/Factories/WebApplicationFactoryBase.cs +++ b/test/IntegrationTestCommon/Factories/WebApplicationFactoryBase.cs @@ -86,6 +86,14 @@ public abstract class WebApplicationFactoryBase : WebApplicationFactory services.Remove(eventRepositoryService); services.AddSingleton(); + var mailDeliveryService = services.First(sd => sd.ServiceType == typeof(IMailDeliveryService)); + services.Remove(mailDeliveryService); + services.AddSingleton(); + + var captchaValidationService = services.First(sd => sd.ServiceType == typeof(ICaptchaValidationService)); + services.Remove(captchaValidationService); + services.AddSingleton(); + // Our Rate limiter works so well that it begins to fail tests unless we carve out // one whitelisted ip. We should still test the rate limiter though and they should change the Ip // to something that is NOT whitelisted