[SG-763] Store the fact that a Passwordless request was denied in the AuthRequest table (#2363)

* Added migrations for sqlserver and mysql * Added migrations for postgres * renamed mysql migration script to make naming uniform * introduced approved field to the update auth request controller;This change would keep track of denied passwordless requests * Recreated the authRequestView, introduced the approved field to the create procedure and updated the response model * Formatted code * fixed incorrect syntax in the AuthRequest_Create.sql SP
2025-06-30 15:42:48 -05:00 · 2022-10-25 17:14:48 -04:00
parent b938abab65
commit 351f62866b
15 changed files with 3591 additions and 12 deletions
--- a/src/Api/Controllers/AuthRequestsController.cs
+++ b/src/Api/Controllers/AuthRequestsController.cs
@ -131,15 +131,13 @@ public class AuthRequestsController : Controller
            throw new BadRequestException("Invalid device.");
        }

-        if (model.RequestApproved)
-        {
-            authRequest.Key = model.Key;
-            authRequest.MasterPasswordHash = model.MasterPasswordHash;
-            authRequest.ResponseDeviceId = device.Id;
-            authRequest.ResponseDate = DateTime.UtcNow;
-            await _authRequestRepository.ReplaceAsync(authRequest);
-            await _pushNotificationService.PushAuthRequestResponseAsync(authRequest);
-        }
+        authRequest.Key = model.Key;
+        authRequest.MasterPasswordHash = model.MasterPasswordHash;
+        authRequest.ResponseDeviceId = device.Id;
+        authRequest.ResponseDate = DateTime.UtcNow;
+        authRequest.Approved = model.RequestApproved;
+        await _authRequestRepository.ReplaceAsync(authRequest);
+        await _pushNotificationService.PushAuthRequestResponseAsync(authRequest);

        return new AuthRequestResponseModel(authRequest, _globalSettings.BaseServiceUri.Vault);
    }
--- a/src/Api/Models/Response/AuthRequestResponseModel.cs
+++ b/src/Api/Models/Response/AuthRequestResponseModel.cs
@ -1,7 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 using System.Reflection;
 using Bit.Core.Entities;
-using Bit.Core.Enums;
 using Bit.Core.Models.Api;

 namespace Bit.Api.Models.Response;
@ -25,8 +24,7 @@ public class AuthRequestResponseModel : ResponseModel
        Key = authRequest.Key;
        MasterPasswordHash = authRequest.MasterPasswordHash;
        CreationDate = authRequest.CreationDate;
-        RequestApproved = !string.IsNullOrWhiteSpace(Key) &&
-            (authRequest.Type == AuthRequestType.Unlock || !string.IsNullOrWhiteSpace(MasterPasswordHash));
+        RequestApproved = authRequest.Approved ?? false;
        Origin = new Uri(vaultUri).Host;
    }

--- a/src/Core/Entities/AuthRequest.cs
+++ b/src/Core/Entities/AuthRequest.cs
@ -20,6 +20,7 @@ public class AuthRequest : ITableObject<Guid>
    public string PublicKey { get; set; }
    public string Key { get; set; }
    public string MasterPasswordHash { get; set; }
+    public bool? Approved { get; set; }
    public DateTime CreationDate { get; set; } = DateTime.UtcNow;
    public DateTime? ResponseDate { get; set; }
    public DateTime? AuthenticationDate { get; set; }
--- a/Procedures/AuthRequest_Create.sql
+++ b/Procedures/AuthRequest_Create.sql
@ -11,6 +11,7 @@
    @PublicKey VARCHAR(MAX),
    @Key VARCHAR(MAX),
    @MasterPasswordHash VARCHAR(MAX),
+    @Approved BIT,
    @CreationDate DATETIME2(7),
    @ResponseDate DATETIME2(7),
    @AuthenticationDate DATETIME2(7)
@ -32,6 +33,7 @@ BEGIN
        [PublicKey],
        [Key],
        [MasterPasswordHash],
+        [Approved],
        [CreationDate],
        [ResponseDate],
        [AuthenticationDate]
@ -50,6 +52,7 @@ BEGIN
        @PublicKey,
        @Key,
        @MasterPasswordHash,
+        @Approved,
        @CreationDate,
        @ResponseDate,
        @AuthenticationDate
--- a/Procedures/AuthRequest_Update.sql
+++ b/Procedures/AuthRequest_Update.sql
@ -11,6 +11,7 @@
    @PublicKey VARCHAR(MAX),
    @Key VARCHAR(MAX),
    @MasterPasswordHash VARCHAR(MAX),
+    @Approved BIT,
    @CreationDate DATETIME2 (7),
    @ResponseDate DATETIME2 (7),
    @AuthenticationDate DATETIME2 (7)    
@ -32,6 +33,7 @@ BEGIN
        [PublicKey] = @PublicKey,
        [Key] = @Key,
        [MasterPasswordHash] = @MasterPasswordHash,
+        [Approved] = @Approved,
        [CreationDate] = @CreationDate,
        [ResponseDate] = @ResponseDate,
        [AuthenticationDate] = @AuthenticationDate
--- a/src/Sql/dbo/Tables/AuthRequest.sql
+++ b/src/Sql/dbo/Tables/AuthRequest.sql
@ -11,6 +11,7 @@
    [PublicKey]                 VARCHAR(MAX)     NOT NULL,
    [Key]                       VARCHAR(MAX)     NULL,
    [MasterPasswordHash]        VARCHAR(MAX)     NULL,
+    [Approved]                  BIT              NULL,
    [CreationDate]              DATETIME2 (7)    NOT NULL,
    [ResponseDate]              DATETIME2 (7)    NULL,
    [AuthenticationDate]        DATETIME2 (7)    NULL,