[PM-15015] Add Country Name to auth request from request headers (#5471)

* feat(pm-15015) : * Add `CountryName` column to AuthRequest Table in Database, and refreshing AuthRequestView * Modify database stored procedures and Entity Framework migrations for AuthRequest Repositories * Add property to `ICurrentContext` and response models.
2025-04-04 20:50:21 -05:00 · 2025-03-10 12:16:43 -04:00 · 2025-03-10 12:16:43 -04:00 · 913da4a629
commit 913da4a629
parent 031e188e82
20 changed files with 9372 additions and 49 deletions
--- a/src/Api/AdminConsole/Models/Response/PendingOrganizationAuthRequestResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/PendingOrganizationAuthRequestResponseModel.cs
@ -23,6 +23,7 @@ public class PendingOrganizationAuthRequestResponseModel : ResponseModel
        RequestDeviceType = authRequest.RequestDeviceType.GetType().GetMember(authRequest.RequestDeviceType.ToString())
            .FirstOrDefault()?.GetCustomAttribute<DisplayAttribute>()?.GetName();
        RequestIpAddress = authRequest.RequestIpAddress;
+        RequestCountryName = authRequest.RequestCountryName;
        CreationDate = authRequest.CreationDate;
    }

@ -34,5 +35,6 @@ public class PendingOrganizationAuthRequestResponseModel : ResponseModel
    public string RequestDeviceIdentifier { get; set; }
    public string RequestDeviceType { get; set; }
    public string RequestIpAddress { get; set; }
+    public string RequestCountryName { get; set; }
    public DateTime CreationDate { get; set; }
 }
--- a/src/Api/Auth/Models/Response/AuthRequestResponseModel.cs
+++ b/src/Api/Auth/Models/Response/AuthRequestResponseModel.cs
@ -23,6 +23,7 @@ public class AuthRequestResponseModel : ResponseModel
        RequestDeviceType = authRequest.RequestDeviceType.GetType().GetMember(authRequest.RequestDeviceType.ToString())
            .FirstOrDefault()?.GetCustomAttribute<DisplayAttribute>()?.GetName();
        RequestIpAddress = authRequest.RequestIpAddress;
+        RequestCountryName = authRequest.RequestCountryName;
        Key = authRequest.Key;
        MasterPasswordHash = authRequest.MasterPasswordHash;
        CreationDate = authRequest.CreationDate;
@ -37,6 +38,7 @@ public class AuthRequestResponseModel : ResponseModel
    public DeviceType RequestDeviceTypeValue { get; set; }
    public string RequestDeviceType { get; set; }
    public string RequestIpAddress { get; set; }
+    public string RequestCountryName { get; set; }
    public string Key { get; set; }
    public string MasterPasswordHash { get; set; }
    public DateTime CreationDate { get; set; }
--- a/src/Core/Auth/Entities/AuthRequest.cs
+++ b/src/Core/Auth/Entities/AuthRequest.cs
@ -16,6 +16,12 @@ public class AuthRequest : ITableObject<Guid>
    public DeviceType RequestDeviceType { get; set; }
    [MaxLength(50)]
    public string RequestIpAddress { get; set; }
+    /// <summary>
+    /// This country name is populated through a header value fetched from the ISO-3166 country code.
+    /// It will always be the English short form of the country name. The length should never be over 200 characters.
+    /// </summary>
+    [MaxLength(200)]
+    public string RequestCountryName { get; set; }
    public Guid? ResponseDeviceId { get; set; }
    [MaxLength(25)]
    public string AccessCode { get; set; }
--- a/src/Core/Auth/Services/Implementations/AuthRequestService.cs
+++ b/src/Core/Auth/Services/Implementations/AuthRequestService.cs
@ -164,6 +164,7 @@ public class AuthRequestService : IAuthRequestService
            RequestDeviceIdentifier = model.DeviceIdentifier,
            RequestDeviceType = _currentContext.DeviceType.Value,
            RequestIpAddress = _currentContext.IpAddress,
+            RequestCountryName = _currentContext.CountryName,
            AccessCode = model.AccessCode,
            PublicKey = model.PublicKey,
            UserId = user.Id,
@ -176,12 +177,7 @@ public class AuthRequestService : IAuthRequestService

    public async Task<AuthRequest> UpdateAuthRequestAsync(Guid authRequestId, Guid currentUserId, AuthRequestUpdateRequestModel model)
    {
-        var authRequest = await _authRequestRepository.GetByIdAsync(authRequestId);
-
-        if (authRequest == null)
-        {
-            throw new NotFoundException();
-        }
+        var authRequest = await _authRequestRepository.GetByIdAsync(authRequestId) ?? throw new NotFoundException();

        // Once Approval/Disapproval has been set, this AuthRequest should not be updated again.
        if (authRequest.Approved is not null)
--- a/src/Core/Context/CurrentContext.cs
+++ b/src/Core/Context/CurrentContext.cs
@ -30,6 +30,7 @@ public class CurrentContext : ICurrentContext
    public virtual string DeviceIdentifier { get; set; }
    public virtual DeviceType? DeviceType { get; set; }
    public virtual string IpAddress { get; set; }
+    public virtual string CountryName { get; set; }
    public virtual List<CurrentContextOrganization> Organizations { get; set; }
    public virtual List<CurrentContextProvider> Providers { get; set; }
    public virtual Guid? InstallationId { get; set; }
@ -104,6 +105,12 @@ public class CurrentContext : ICurrentContext
        {
            ClientVersionIsPrerelease = clientVersionIsPrerelease == "1";
        }
+
+        if (httpContext.Request.Headers.TryGetValue("country-name", out var countryName))
+        {
+            CountryName = countryName;
+        }
+
    }

    public async virtual Task BuildAsync(ClaimsPrincipal user, GlobalSettings globalSettings)
--- a/src/Core/Context/ICurrentContext.cs
+++ b/src/Core/Context/ICurrentContext.cs
@ -20,6 +20,7 @@ public interface ICurrentContext
    string DeviceIdentifier { get; set; }
    DeviceType? DeviceType { get; set; }
    string IpAddress { get; set; }
+    string CountryName { get; set; }
    List<CurrentContextOrganization> Organizations { get; set; }
    Guid? InstallationId { get; set; }
    Guid? OrganizationId { get; set; }
--- a/Procedures/AuthRequest_Create.sql
+++ b/Procedures/AuthRequest_Create.sql
@ -6,6 +6,7 @@
    @RequestDeviceIdentifier NVARCHAR(50),
    @RequestDeviceType TINYINT,
    @RequestIpAddress VARCHAR(50),
+    @RequestCountryName NVARCHAR(200),
    @ResponseDeviceId UNIQUEIDENTIFIER,
    @AccessCode VARCHAR(25),
    @PublicKey VARCHAR(MAX),
@ -28,6 +29,7 @@ BEGIN
        [RequestDeviceIdentifier],
        [RequestDeviceType],
        [RequestIpAddress],
+        [RequestCountryName],
        [ResponseDeviceId],
        [AccessCode],
        [PublicKey],
@ -47,6 +49,7 @@ BEGIN
            @RequestDeviceIdentifier,
            @RequestDeviceType,
            @RequestIpAddress,
+            @RequestCountryName,
            @ResponseDeviceId,
            @AccessCode,
            @PublicKey,
--- a/Procedures/AuthRequest_Update.sql
+++ b/Procedures/AuthRequest_Update.sql
@ -6,6 +6,7 @@
    @RequestDeviceIdentifier NVARCHAR(50),
    @RequestDeviceType SMALLINT,
    @RequestIpAddress VARCHAR(50),
+    @RequestCountryName NVARCHAR(200),
    @ResponseDeviceId UNIQUEIDENTIFIER,
    @AccessCode VARCHAR(25),
    @PublicKey VARCHAR(MAX),
@ -28,6 +29,7 @@ BEGIN
    [RequestDeviceIdentifier] = @RequestDeviceIdentifier,
    [RequestDeviceType] = @RequestDeviceType,
    [RequestIpAddress] = @RequestIpAddress,
+    [RequestCountryName] = @RequestCountryName,
    [ResponseDeviceId] = @ResponseDeviceId,
    [AccessCode] = @AccessCode,
    [PublicKey] = @PublicKey,
--- a/Procedures/AuthRequest_UpdateMany.sql
+++ b/Procedures/AuthRequest_UpdateMany.sql
@ -10,6 +10,7 @@ BEGIN
        [RequestDeviceIdentifier] = ARI.[RequestDeviceIdentifier],
        [RequestDeviceType] = ARI.[RequestDeviceType],
        [RequestIpAddress] = ARI.[RequestIpAddress],
+        [RequestCountryName] = ARI.[RequestCountryName],
        [ResponseDeviceId] = ARI.[ResponseDeviceId],
        [AccessCode] = ARI.[AccessCode],
        [PublicKey] = ARI.[PublicKey],
@ -31,6 +32,7 @@ BEGIN
            RequestDeviceIdentifier NVARCHAR(50) '$.RequestDeviceIdentifier',
            RequestDeviceType SMALLINT '$.RequestDeviceType',
            RequestIpAddress VARCHAR(50) '$.RequestIpAddress',
+            RequestCountryName NVARCHAR(200) '$.RequestCountryName',
            ResponseDeviceId UNIQUEIDENTIFIER '$.ResponseDeviceId',
            AccessCode VARCHAR(25) '$.AccessCode',
            PublicKey VARCHAR(MAX) '$.PublicKey',
--- a/src/Sql/Auth/dbo/Tables/AuthRequest.sql
+++ b/src/Sql/Auth/dbo/Tables/AuthRequest.sql
@ -15,11 +15,11 @@
    [ResponseDate]              DATETIME2 (7)    NULL,
    [AuthenticationDate]        DATETIME2 (7)    NULL,
    [OrganizationId]            UNIQUEIDENTIFIER NULL,
+    [RequestCountryName]        NVARCHAR(200)     NULL,
    CONSTRAINT [PK_AuthRequest] PRIMARY KEY CLUSTERED ([Id] ASC),
    CONSTRAINT [FK_AuthRequest_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id]),
    CONSTRAINT [FK_AuthRequest_ResponseDevice] FOREIGN KEY ([ResponseDeviceId]) REFERENCES [dbo].[Device] ([Id]),
    CONSTRAINT [FK_AuthRequest_Organization] FOREIGN KEY ([OrganizationId]) REFERENCES [dbo].[Organization] ([Id])
 );

-
 GO
--- a/util/Migrator/DbScripts/2025-02-27_00_AlterAuthRequest.sql
+++ b/util/Migrator/DbScripts/2025-02-27_00_AlterAuthRequest.sql
@ -0,0 +1,168 @@
+ALTER TABLE
+  [dbo].[AuthRequest]
+ADD
+  [RequestCountryName] NVARCHAR(200) NULL;
+GO
+
+EXECUTE sp_refreshview 'dbo.AuthRequestView'
+GO
+
+CREATE OR ALTER PROCEDURE [dbo].[AuthRequest_Create]
+    @Id UNIQUEIDENTIFIER OUTPUT,
+    @UserId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER = NULL,
+    @Type TINYINT,
+    @RequestDeviceIdentifier NVARCHAR(50),
+    @RequestDeviceType TINYINT,
+    @RequestIpAddress VARCHAR(50),
+    @RequestCountryName NVARCHAR(200),
+    @ResponseDeviceId UNIQUEIDENTIFIER,
+    @AccessCode VARCHAR(25),
+    @PublicKey VARCHAR(MAX),
+    @Key VARCHAR(MAX),
+    @MasterPasswordHash VARCHAR(MAX),
+    @Approved BIT,
+    @CreationDate DATETIME2(7),
+    @ResponseDate DATETIME2(7),
+    @AuthenticationDate DATETIME2(7)
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    INSERT INTO [dbo].[AuthRequest]
+        (
+        [Id],
+        [UserId],
+        [OrganizationId],
+        [Type],
+        [RequestDeviceIdentifier],
+        [RequestDeviceType],
+        [RequestIpAddress],
+        [RequestCountryName],
+        [ResponseDeviceId],
+        [AccessCode],
+        [PublicKey],
+        [Key],
+        [MasterPasswordHash],
+        [Approved],
+        [CreationDate],
+        [ResponseDate],
+        [AuthenticationDate]
+        )
+    VALUES
+        (
+            @Id,
+            @UserId,
+            @OrganizationId,
+            @Type,
+            @RequestDeviceIdentifier,
+            @RequestDeviceType,
+            @RequestIpAddress,
+            @RequestCountryName,
+            @ResponseDeviceId,
+            @AccessCode,
+            @PublicKey,
+            @Key,
+            @MasterPasswordHash,
+            @Approved,
+            @CreationDate,
+            @ResponseDate,
+            @AuthenticationDate
+    )
+END
+GO
+
+CREATE OR ALTER PROCEDURE [dbo].[AuthRequest_Update]
+    @Id UNIQUEIDENTIFIER OUTPUT,
+    @UserId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER = NULL,
+    @Type SMALLINT,
+    @RequestDeviceIdentifier NVARCHAR(50),
+    @RequestDeviceType SMALLINT,
+    @RequestIpAddress VARCHAR(50),
+    @RequestCountryName NVARCHAR(200),
+    @ResponseDeviceId UNIQUEIDENTIFIER,
+    @AccessCode VARCHAR(25),
+    @PublicKey VARCHAR(MAX),
+    @Key VARCHAR(MAX),
+    @MasterPasswordHash VARCHAR(MAX),
+    @Approved BIT,
+    @CreationDate DATETIME2 (7),
+    @ResponseDate DATETIME2 (7),
+    @AuthenticationDate DATETIME2 (7)
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE
+    [dbo].[AuthRequest]
+SET
+    [UserId] = @UserId,
+    [Type] = @Type,
+    [OrganizationId] = @OrganizationId,
+    [RequestDeviceIdentifier] = @RequestDeviceIdentifier,
+    [RequestDeviceType] = @RequestDeviceType,
+    [RequestIpAddress] = @RequestIpAddress,
+    [RequestCountryName] = @RequestCountryName,
+    [ResponseDeviceId] = @ResponseDeviceId,
+    [AccessCode] = @AccessCode,
+    [PublicKey] = @PublicKey,
+    [Key] = @Key,
+    [MasterPasswordHash] = @MasterPasswordHash,
+    [Approved] = @Approved,
+    [CreationDate] = @CreationDate,
+    [ResponseDate] = @ResponseDate,
+    [AuthenticationDate] = @AuthenticationDate
+WHERE
+    [Id] = @Id
+END
+GO
+
+CREATE OR ALTER PROCEDURE AuthRequest_UpdateMany
+    @jsonData NVARCHAR(MAX)
+AS
+BEGIN
+    UPDATE AR
+    SET
+        [Id] = ARI.[Id],
+        [UserId] = ARI.[UserId],
+        [Type] = ARI.[Type],
+        [RequestDeviceIdentifier] = ARI.[RequestDeviceIdentifier],
+        [RequestDeviceType] = ARI.[RequestDeviceType],
+        [RequestIpAddress] = ARI.[RequestIpAddress],
+        [RequestCountryName] = ARI.[RequestCountryName],
+        [ResponseDeviceId] = ARI.[ResponseDeviceId],
+        [AccessCode] = ARI.[AccessCode],
+        [PublicKey] = ARI.[PublicKey],
+        [Key] = ARI.[Key],
+        [MasterPasswordHash] = ARI.[MasterPasswordHash],
+        [Approved] = ARI.[Approved],
+        [CreationDate] = ARI.[CreationDate],
+        [ResponseDate] = ARI.[ResponseDate],
+        [AuthenticationDate] = ARI.[AuthenticationDate],
+        [OrganizationId] = ARI.[OrganizationId]
+    FROM
+        [dbo].[AuthRequest] AR
+        INNER JOIN
+        OPENJSON(@jsonData)
+        WITH (
+            Id UNIQUEIDENTIFIER '$.Id',
+            UserId UNIQUEIDENTIFIER '$.UserId',
+            Type SMALLINT '$.Type',
+            RequestDeviceIdentifier NVARCHAR(50) '$.RequestDeviceIdentifier',
+            RequestDeviceType SMALLINT '$.RequestDeviceType',
+            RequestIpAddress VARCHAR(50) '$.RequestIpAddress',
+            RequestCountryName NVARCHAR(200) '$.RequestCountryName',
+            ResponseDeviceId UNIQUEIDENTIFIER '$.ResponseDeviceId',
+            AccessCode VARCHAR(25) '$.AccessCode',
+            PublicKey VARCHAR(MAX) '$.PublicKey',
+            [Key] VARCHAR(MAX) '$.Key',
+            MasterPasswordHash VARCHAR(MAX) '$.MasterPasswordHash',
+            Approved BIT '$.Approved',
+            CreationDate DATETIME2 '$.CreationDate',
+            ResponseDate DATETIME2 '$.ResponseDate',
+            AuthenticationDate DATETIME2 '$.AuthenticationDate',
+            OrganizationId UNIQUEIDENTIFIER '$.OrganizationId'
+        ) ARI ON AR.Id = ARI.Id;
+END
+GO
--- a/util/MySqlMigrations/Migrations/20250304221039_AlterAuthRequest.Designer.cs
+++ b/util/MySqlMigrations/Migrations/20250304221039_AlterAuthRequest.Designer.cs
--- a/util/MySqlMigrations/Migrations/20250304221039_AlterAuthRequest.cs
+++ b/util/MySqlMigrations/Migrations/20250304221039_AlterAuthRequest.cs
@ -0,0 +1,29 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.MySqlMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AlterAuthRequest : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<string>(
+            name: "RequestCountryName",
+            table: "AuthRequest",
+            type: "varchar(200)",
+            maxLength: 200,
+            nullable: true)
+            .Annotation("MySql:CharSet", "utf8mb4");
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "RequestCountryName",
+            table: "AuthRequest");
+    }
+}
--- a/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -407,6 +407,10 @@ namespace Bit.MySqlMigrations.Migrations
                    b.Property<DateTime?>("AuthenticationDate")
                        .HasColumnType("datetime(6)");

+                    b.Property<string>("RequestCountryName")
+                        .HasMaxLength(200)
+                        .HasColumnType("varchar(200)");
+
                    b.Property<DateTime>("CreationDate")
                        .HasColumnType("datetime(6)");

--- a/util/PostgresMigrations/Migrations/20250304204625_AlterAuthRequestTable.Designer.cs
+++ b/util/PostgresMigrations/Migrations/20250304204625_AlterAuthRequestTable.Designer.cs
--- a/util/PostgresMigrations/Migrations/20250304204625_AlterAuthRequestTable.cs
+++ b/util/PostgresMigrations/Migrations/20250304204625_AlterAuthRequestTable.cs
@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.PostgresMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AlterAuthRequestTable : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<string>(
+            name: "RequestCountryName",
+            table: "AuthRequest",
+            type: "character varying(200)",
+            maxLength: 200,
+            nullable: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "RequestCountryName",
+            table: "AuthRequest");
+    }
+}
--- a/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -410,6 +410,10 @@ namespace Bit.PostgresMigrations.Migrations
                    b.Property<DateTime?>("AuthenticationDate")
                        .HasColumnType("timestamp with time zone");

+                    b.Property<string>("RequestCountryName")
+                        .HasMaxLength(200)
+                        .HasColumnType("character varying(200)");
+
                    b.Property<DateTime>("CreationDate")
                        .HasColumnType("timestamp with time zone");

--- a/util/SqliteMigrations/Migrations/20250304204635_AlterAuthRequestTable.Designer.cs
+++ b/util/SqliteMigrations/Migrations/20250304204635_AlterAuthRequestTable.Designer.cs
--- a/util/SqliteMigrations/Migrations/20250304204635_AlterAuthRequestTable.cs
+++ b/util/SqliteMigrations/Migrations/20250304204635_AlterAuthRequestTable.cs
@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.SqliteMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AlterAuthRequestTable : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<string>(
+            name: "RequestCountryName",
+            table: "AuthRequest",
+            type: "TEXT",
+            maxLength: 200,
+            nullable: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "RequestCountryName",
+            table: "AuthRequest");
+    }
+}
--- a/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -402,6 +402,10 @@ namespace Bit.SqliteMigrations.Migrations
                    b.Property<DateTime?>("AuthenticationDate")
                        .HasColumnType("TEXT");

+                    b.Property<string>("RequestCountryName")
+                        .HasMaxLength(200)
+                        .HasColumnType("TEXT");
+
                    b.Property<DateTime>("CreationDate")
                        .HasColumnType("TEXT");