refactorings around two-factor controller

2025-07-02 08:32:50 -05:00 · 2017-06-20 10:08:59 -04:00
parent 475160cfe1
commit 612697e815
8 changed files with 79 additions and 159 deletions
--- a/src/Core/Services/IUserService.cs
+++ b/src/Core/Services/IUserService.cs
@ -19,8 +19,8 @@ namespace Bit.Core.Services
        Task SaveUserAsync(User user);
        Task<IdentityResult> RegisterUserAsync(User user, string masterPassword);
        Task SendMasterPasswordHintAsync(string email);
-        Task SendTwoFactorEmailAsync(User user, string email = null);
-        Task<bool> VerifyTwoFactorEmailAsync(User user, string token, string email = null);
+        Task SendTwoFactorEmailAsync(User user);
+        Task<bool> VerifyTwoFactorEmailAsync(User user, string token);
        Task InitiateEmailChangeAsync(User user, string newEmail);
        Task<IdentityResult> ChangeEmailAsync(User user, string masterPassword, string newEmail, string newMasterPassword,
            string token, string key);
@ -28,7 +28,6 @@ namespace Bit.Core.Services
        Task<IdentityResult> UpdateKeyAsync(User user, string masterPassword, string key, string privateKey,
            IEnumerable<Cipher> ciphers, IEnumerable<Folder> folders);
        Task<IdentityResult> RefreshSecurityStampAsync(User user, string masterPasswordHash);
-        Task SetupTwoFactorAsync(User user, TwoFactorProviderType provider);
        Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type);
        Task DisableTwoFactorProviderAsync(User user, TwoFactorProviderType type);
        Task<bool> RecoverTwoFactorAsync(string email, string masterPassword, string recoveryCode);
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -182,43 +182,29 @@ namespace Bit.Core.Services
            await _mailService.SendMasterPasswordHintEmailAsync(email, user.MasterPasswordHint);
        }

-        public async Task SendTwoFactorEmailAsync(User user, string email = null)
+        public async Task SendTwoFactorEmailAsync(User user)
        {
-            if(string.IsNullOrWhiteSpace(email))
+            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
+            if(provider == null || provider.MetaData == null || !provider.MetaData.ContainsKey("Email"))
            {
-                var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
-                if(provider != null && provider.MetaData != null && provider.MetaData.ContainsKey("Email"))
-                {
-                    email = provider.MetaData["Email"];
-                }
+                throw new ArgumentNullException("No email.");
            }

-            if(string.IsNullOrWhiteSpace(email))
-            {
-                throw new ArgumentNullException(nameof(email));
-            }
-
-            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultEmailProvider, "2faEmail:" + email);
-            await _mailService.SendChangeEmailEmailAsync(email, token);
+            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
+                "2faEmail:" + provider.MetaData["Email"]);
+            await _mailService.SendChangeEmailEmailAsync(provider.MetaData["Email"], token);
        }

-        public async Task<bool> VerifyTwoFactorEmailAsync(User user, string token, string email = null)
+        public async Task<bool> VerifyTwoFactorEmailAsync(User user, string token)
        {
-            if(string.IsNullOrWhiteSpace(email))
+            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
+            if(provider == null || provider.MetaData == null || !provider.MetaData.ContainsKey("Email"))
            {
-                var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
-                if(provider != null && provider.MetaData != null && provider.MetaData.ContainsKey("Email"))
-                {
-                    email = provider.MetaData["Email"];
-                }
+                throw new ArgumentNullException("No email.");
            }

-            if(string.IsNullOrWhiteSpace(email))
-            {
-                throw new ArgumentNullException(nameof(email));
-            }
-
-            return await base.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider, "2faEmail:" + email, token);
+            return await base.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
+                "2faEmail:" + provider.MetaData["Email"], token);
        }

        public async Task InitiateEmailChangeAsync(User user, string newEmail)
@ -355,65 +341,6 @@ namespace Bit.Core.Services
            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
        }

-        public async Task SetupTwoFactorAsync(User user, TwoFactorProviderType provider)
-        {
-            var providers = user.GetTwoFactorProviders();
-            if(providers != null && providers.ContainsKey(provider) && providers[provider].MetaData != null)
-            {
-                switch(provider)
-                {
-                    case TwoFactorProviderType.Authenticator:
-                        if(!string.IsNullOrWhiteSpace(providers[provider].MetaData["Key"]))
-                        {
-                            return;
-                        }
-                        break;
-                    case TwoFactorProviderType.Email:
-                    case TwoFactorProviderType.U2F:
-                    case TwoFactorProviderType.YubiKey:
-                    case TwoFactorProviderType.Duo:
-                        break;
-                    default:
-                        throw new ArgumentException(nameof(provider));
-                }
-            }
-
-            if(providers == null)
-            {
-                providers = new Dictionary<TwoFactorProviderType, TwoFactorProvider>();
-            }
-
-            TwoFactorProvider providerInfo = null;
-            if(!providers.ContainsKey(provider))
-            {
-                providerInfo = new TwoFactorProvider();
-                providers.Add(provider, providerInfo);
-            }
-            else
-            {
-                providerInfo = providers[provider];
-            }
-
-            switch(provider)
-            {
-                case TwoFactorProviderType.Authenticator:
-                    var key = KeyGeneration.GenerateRandomKey(20);
-                    providerInfo.MetaData = new Dictionary<string, string> { ["Key"] = Base32Encoding.ToString(key) };
-                    break;
-                case TwoFactorProviderType.Email:
-                case TwoFactorProviderType.U2F:
-                case TwoFactorProviderType.YubiKey:
-                case TwoFactorProviderType.Duo:
-                    break;
-                default:
-                    throw new ArgumentException(nameof(provider));
-            }
-
-            user.TwoFactorProvider = provider;
-            user.SetTwoFactorProviders(providers);
-            await SaveUserAsync(user);
-        }
-
        public async Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type)
        {
            var providers = user.GetTwoFactorProviders();