[PM-2260] Remove TDE feature flag (#3614)

* Remove TDE feature flag. * Removed references to feature service from decryption options builder. * Removed redundant references. * Removed test that is no longer valid, as it was testing the feature flag. * Removed remainder of TDE feature check.
2025-06-30 07:36:14 -05:00 · 2024-01-10 12:33:19 -05:00
parent 06d0d933ee
commit 956efbdb39
5 changed files with 4 additions and 79 deletions
--- a/test/Identity.IntegrationTest/Endpoints/IdentityServerSsoTests.cs
+++ b/test/Identity.IntegrationTest/Endpoints/IdentityServerSsoTests.cs
@ -1,18 +1,15 @@
 using System.Security.Claims;
 using System.Text.Json;
-using Bit.Core;
 using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Auth.Entities;
 using Bit.Core.Auth.Enums;
 using Bit.Core.Auth.Models.Api.Request.Accounts;
 using Bit.Core.Auth.Models.Data;
 using Bit.Core.Auth.Repositories;
-using Bit.Core.Context;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data;
 using Bit.Core.Repositories;
-using Bit.Core.Services;
 using Bit.Core.Utilities;
 using Bit.IntegrationTestCommon.Factories;
 using Bit.Test.Common.Helpers;
@ -383,36 +380,6 @@ public class IdentityServerSsoTests

    }

-
-    [Fact]
-    public async Task SsoLogin_TrustedDeviceEncryption_FlagTurnedOff_DoesNotReturnOption()
-    {
-        // This creates SsoConfig that HAS enabled trusted device encryption which should have only been
-        // done with the feature flag turned on but we are testing that even if they have done that, this will turn off
-        // if returning as an option if the flag has later been turned off.  We should be very careful turning the flag
-        // back off.
-        using var responseBody = await RunSuccessTestAsync(async factory =>
-        {
-            await UpdateUserAsync(factory, user => user.MasterPassword = null);
-        }, MemberDecryptionType.TrustedDeviceEncryption, trustedDeviceEnabled: false);
-
-        // Assert
-        // If the organization has selected TrustedDeviceEncryption but the user still has their master password
-        // they can decrypt with either option
-        var root = responseBody.RootElement;
-        AssertHelper.AssertJsonProperty(root, "access_token", JsonValueKind.String);
-        var userDecryptionOptions = AssertHelper.AssertJsonProperty(root, "UserDecryptionOptions", JsonValueKind.Object);
-
-        // Expected to look like:
-        // "UserDecryptionOptions": {
-        //   "Object": "userDecryptionOptions"
-        //   "HasMasterPassword": false
-        // }
-
-        // Should only have 2 properties
-        Assert.Equal(2, userDecryptionOptions.EnumerateObject().Count());
-    }
-
    [Fact]
    public async Task SsoLogin_KeyConnector_ReturnsOptions()
    {
@ -511,12 +478,6 @@ public class IdentityServerSsoTests
                .Returns(authorizationCode);
        });

-        factory.SubstitueService<IFeatureService>(service =>
-        {
-            service.IsEnabled(FeatureFlagKeys.TrustedDeviceEncryption, Arg.Any<ICurrentContext>())
-                .Returns(trustedDeviceEnabled);
-        });
-
        // This starts the server and finalizes services
        var registerResponse = await factory.RegisterAsync(new RegisterRequestModel
        {