Remove stale SsoUser objects from database (#1560)

* Add SsoUser_ReadByUserIdOrganizationId

* Automatically reset stale/duplicate Sso links

* Fix typo

* Check for stale Sso link in existing user flow

* Delete any stale user record before provisioning new user

* Check for existing db query before creating

* PR feedback updates

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

bitwarden_license/src/Sso/Controllers/AccountController.cs

@@ -44,6 +44,7 @@ namespace Bit.Sso.Controllers
         private readonly IUserService _userService;
         private readonly II18nService _i18nService;
         private readonly UserManager<User> _userManager;
+        private readonly Core.Services.IEventService _eventService;
 
         public AccountController(
             IAuthenticationSchemeProvider schemeProvider,
@@ -58,7 +59,8 @@ namespace Bit.Sso.Controllers
             IPolicyRepository policyRepository,
             IUserService userService,
             II18nService i18nService,
-            UserManager<User> userManager)
+            UserManager<User> userManager,
+            Core.Services.IEventService eventService)
         {
             _schemeProvider = schemeProvider;
             _clientStore = clientStore;
@@ -73,6 +75,7 @@ namespace Bit.Sso.Controllers
             _userService = userService;
             _i18nService = i18nService;
             _userManager = userManager;
+            _eventService = eventService;
         }
         
         [HttpGet]
@@ -454,6 +457,9 @@ namespace Bit.Sso.Controllers
                     throw new Exception(_i18nService.T("UserAlreadyInvited", email, organization.Name)); 
                 }
 
+                // Delete existing SsoUser (if any) - avoids error if providerId has changed and the sso link is stale
+                await DeleteExistingSsoUserRecord(existingUser.Id, orgId, orgUser);
+
                 // Accepted or Confirmed - create SSO link and return;
                 await CreateSsoUserRecord(providerUserId, existingUser.Id, orgId);
                 return existingUser;
@@ -513,6 +519,9 @@ namespace Bit.Sso.Controllers
                 await _organizationUserRepository.ReplaceAsync(orgUser);
             }
             
+            // Delete any stale user record to be safe
+            await DeleteExistingSsoUserRecord(existingUser.Id, orgId, orgUser);
+
             // Create sso user record
             await CreateSsoUserRecord(providerUserId, user.Id, orgId);
             
@@ -565,6 +574,15 @@ namespace Bit.Sso.Controllers
             return null;
         }
 
+        private async Task DeleteExistingSsoUserRecord(Guid userId, Guid orgId, OrganizationUser orgUser)
+        {
+            var existingSsoUser = await _ssoUserRepository.GetByUserIdOrganizationIdAsync(orgId, userId);
+            if (existingSsoUser != null)
+            {
+                await _ssoUserRepository.DeleteAsync(userId, orgId);
+                await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_ResetSsoLink);
+            }
+        }
         private async Task CreateSsoUserRecord(string providerUserId, Guid userId, Guid orgId)
         {
             var ssoUser = new SsoUser

src/Core/Enums/EventType.cs

@@ -48,6 +48,7 @@
         OrganizationUser_ResetPassword_Enroll = 1506,
         OrganizationUser_ResetPassword_Withdraw = 1507,
         OrganizationUser_AdminResetPassword = 1508,
+        OrganizationUser_ResetSsoLink = 1509,
 
         Organization_Updated = 1600,
         Organization_PurgedVault = 1601,

src/Core/Repositories/EntityFramework/SsoUserRepository.cs

@@ -24,5 +24,16 @@ namespace Bit.Core.Repositories.EntityFramework
                 await dbContext.SaveChangesAsync();
             }
         }
+
+        public async Task<TableModel.SsoUser> GetByUserIdOrganizationIdAsync(Guid organizationId, Guid userId)
+        {
+            using (var scope = ServiceScopeFactory.CreateScope())
+            {
+                var dbContext = GetDatabaseContext(scope);
+                var entity = await GetDbSet(dbContext)
+                    .FirstOrDefaultAsync(e => e.OrganizationId == organizationId && e.UserId == userId);
+                return entity;
+            }
+        }
     }
 }

src/Core/Repositories/ISsoUserRepository.cs

@@ -7,5 +7,6 @@ namespace Bit.Core.Repositories
     public interface ISsoUserRepository : IRepository<SsoUser, long>
     {
         Task DeleteAsync(Guid userId, Guid? organizationId);
+        Task<SsoUser> GetByUserIdOrganizationIdAsync(Guid organizationId, Guid userId);
     }
 }

src/Core/Repositories/SqlServer/SsoUserRepository.cs

@@ -5,6 +5,7 @@ using System;
 using System.Threading.Tasks;
 using System.Data.SqlClient;
 using System.Data;
+using System.Linq;
 
 namespace Bit.Core.Repositories.SqlServer
 {
@@ -28,5 +29,18 @@ namespace Bit.Core.Repositories.SqlServer
                     commandType: CommandType.StoredProcedure);
             }
         }
+
+        public async Task<SsoUser> GetByUserIdOrganizationIdAsync(Guid organizationId, Guid userId)
+        {
+            using (var connection = new SqlConnection(ConnectionString))
+            {
+                var results = await connection.QueryAsync<SsoUser>(
+                    $"[{Schema}].[SsoUser_ReadByUserIdOrganizationId]",
+                    new { UserId = userId, OrganizationId = organizationId },
+                    commandType: CommandType.StoredProcedure);
+
+                return results.SingleOrDefault();
+            }
+        }
     }
 }

src/Sql/Sql.sqlproj

@@ -299,6 +299,7 @@
     <Build Include="dbo\Stored Procedures\User_ReadBySsoUserOrganizationIdExternalId.sql" />
     <Build Include="dbo\Stored Procedures\SsoUser_Update.sql" />
     <Build Include="dbo\Stored Procedures\SsoUser_ReadById.sql" />
+    <Build Include="dbo\Stored Procedures\SsoUser_ReadByUserIdOrganizationId.sql" />
     <Build Include="dbo\Stored Procedures\Cipher_DeleteByIdsOrganizationId.sql" />
     <Build Include="dbo\Stored Procedures\Cipher_SoftDeleteByIdsOrganizationId.sql" />
     <Build Include="dbo\Stored Procedures\Organization_ReadByIdentifier.sql" />

src/Sql/dbo/Stored Procedures/SsoUser_ReadByUserIdOrganizationId.sql

@@ -0,0 +1,15 @@
+CREATE PROCEDURE [dbo].[SsoUser_ReadByUserIdOrganizationId]
+    @UserId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        *
+    FROM
+        [dbo].[SsoUserView]
+    WHERE
+        [UserId] = @UserId
+        AND [OrganizationId] = @OrganizationId
+END

util/Migrator/DbScripts/2021-09-02_00_SsoUserReadyByUserIdOrganizationId.sql

@@ -0,0 +1,21 @@
+IF OBJECT_ID('[dbo].[SsoUser_ReadByUserIdOrganizationId]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[SsoUser_ReadByUserIdOrganizationId]
+END
+GO
+
+CREATE PROCEDURE [dbo].[SsoUser_ReadByUserIdOrganizationId]
+    @UserId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        *
+    FROM
+        [dbo].[SsoUserView]
+    WHERE
+        [UserId] = @UserId
+        AND [OrganizationId] = @OrganizationId
+END