nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity

[PM-4371] Implement PRF key rotation (#4157)

Browse Source 
* Send rotateable keyset on list webauthn keys

* Implement basic prf key rotation

* Add validator for webauthn rotation

* Fix accounts controller tests

* Add webauthn rotation validator tests

* Introduce separate request model

* Fix tests

* Remove extra empty line

* Remove filtering in validator

* Don't send encrypted private key

* Fix tests

* Implement delegated webauthn db transactions

* Add backward compatibility

* Fix query not working

* Update migration sql

* Update dapper query

* Remove unused helper

* Rename webauthn to WebAuthnLogin

* Fix linter errors

* Fix tests

* Fix tests
This commit is contained in:
Bernd Schoolmann
2024-06-17 20:46:57 +02:00
committed by GitHub
parent a556462685
commit 3ad4bc1cab
19 changed files with 347 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
test/Core.Test/Auth/UserFeatures/UserKey/RotateUserKeyCommandTests.cs
View File

@ -1,4 +1,6 @@
using Bit.Core.Auth.Models.Data;
using Bit.Core.Auth.Entities;
using Bit.Core.Auth.Models.Data;
using Bit.Core.Auth.Repositories;
using Bit.Core.Auth.UserFeatures.UserKey.Implementations;
using Bit.Core.Entities;
using Bit.Core.Services;
@ -19,6 +21,16 @@ public class RotateUserKeyCommandTests
{
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
.Returns(true);
foreach (var webauthnCred in model.WebAuthnKeys)
{
var dbWebauthnCred = new WebAuthnCredential
{
EncryptedPublicKey = "encryptedPublicKey",
EncryptedUserKey = "encryptedUserKey"
};
sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
.Returns(dbWebauthnCred);
}
var result = await sutProvider.Sut.RotateUserKeyAsync(user, model);
@ -31,6 +43,16 @@ public class RotateUserKeyCommandTests
{
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
.Returns(false);
foreach (var webauthnCred in model.WebAuthnKeys)
{
var dbWebauthnCred = new WebAuthnCredential
{
EncryptedPublicKey = "encryptedPublicKey",
EncryptedUserKey = "encryptedUserKey"
};
sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
.Returns(dbWebauthnCred);
}
var result = await sutProvider.Sut.RotateUserKeyAsync(user, model);
@ -43,6 +65,16 @@ public class RotateUserKeyCommandTests
{
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
.Returns(true);
foreach (var webauthnCred in model.WebAuthnKeys)
{
var dbWebauthnCred = new WebAuthnCredential
{
EncryptedPublicKey = "encryptedPublicKey",
EncryptedUserKey = "encryptedUserKey"
};
sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
.Returns(dbWebauthnCred);
}
await sutProvider.Sut.RotateUserKeyAsync(user, model);