Families for enterprise/add sponsorship prevalidate (#1734)

* Add sponsorship prevalidate endpoint * Test pre validate endpoint * Fix tests * Rename variable
2025-06-30 15:42:48 -05:00 · 2021-11-24 14:18:52 -06:00
parent 0ae9e28884
commit 8dffb27667
4 changed files with 41 additions and 13 deletions
--- a/src/Api/Controllers/OrganizationSponsorshipsController.cs
+++ b/src/Api/Controllers/OrganizationSponsorshipsController.cs
@ -1,8 +1,6 @@
 using System;
-using System.Linq;
 using System.Threading.Tasks;
 using Bit.Core.Context;
-using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Api;
 using Bit.Core.Models.Api.Request;
@ -67,11 +65,18 @@ namespace Bit.Api.Controllers
                (await CurrentUser).Email);
        }

+        [HttpPost("validate-token")]
+        [SelfHosted(NotSelfHostedOnly = true)]
+        public async Task<bool> PreValidateSponsorshipToken([FromQuery] string sponsorshipToken)
+        {
+            return await _organizationsSponsorshipService.ValidateRedemptionTokenAsync(sponsorshipToken, (await CurrentUser).Email);
+        }
+
        [HttpPost("redeem")]
        [SelfHosted(NotSelfHostedOnly = true)]
        public async Task RedeemSponsorship([FromQuery] string sponsorshipToken, [FromBody] OrganizationSponsorshipRedeemRequestModel model)
        {
-            if (!await _organizationsSponsorshipService.ValidateRedemptionTokenAsync(sponsorshipToken))
+            if (!await _organizationsSponsorshipService.ValidateRedemptionTokenAsync(sponsorshipToken, (await CurrentUser).Email))
            {
                throw new BadRequestException("Failed to parse sponsorship token.");
            }
--- a/src/Core/Services/IOrganizationSponsorshipService.cs
+++ b/src/Core/Services/IOrganizationSponsorshipService.cs
@ -7,7 +7,7 @@ namespace Bit.Core.Services
 {
    public interface IOrganizationSponsorshipService
    {
-        Task<bool> ValidateRedemptionTokenAsync(string encryptedToken);
+        Task<bool> ValidateRedemptionTokenAsync(string encryptedToken, string currentUserEmail);
        Task OfferSponsorshipAsync(Organization sponsoringOrg, OrganizationUser sponsoringOrgUser,
            PlanSponsorshipType sponsorshipType, string sponsoredEmail, string friendlyName, string sponsoringUserEmail);
        Task ResendSponsorshipOfferAsync(Organization sponsoringOrg, OrganizationUser sponsoringOrgUser,
--- a/src/Core/Services/Implementations/OrganizationSponsorshipService.cs
+++ b/src/Core/Services/Implementations/OrganizationSponsorshipService.cs
@ -37,9 +37,9 @@ namespace Bit.Core.Services
            _dataProtector = dataProtectionProvider.CreateProtector("OrganizationSponsorshipServiceDataProtector");
        }

-        public async Task<bool> ValidateRedemptionTokenAsync(string encryptedToken)
+        public async Task<bool> ValidateRedemptionTokenAsync(string encryptedToken, string sponsoredUserEmail)
        {
-            if (!encryptedToken.StartsWith(TokenClearTextPrefix))
+            if (!encryptedToken.StartsWith(TokenClearTextPrefix) || sponsoredUserEmail == null)
            {
                return false;
            }
@ -61,7 +61,9 @@ namespace Bit.Core.Services
                }

                var sponsorship = await _organizationSponsorshipRepository.GetByIdAsync(sponsorshipId);
-                if (sponsorship == null || sponsorship.PlanSponsorshipType != sponsorshipType)
+                if (sponsorship == null ||
+                    sponsorship.PlanSponsorshipType != sponsorshipType ||
+                    sponsorship.OfferedToEmail != sponsoredUserEmail)
                {
                    return false;
                }