[PM-5216] User and Organization Duo Request and Response Model refactor (#4126)

* inital changes * add provider GatewayType migrations * db provider migrations * removed duo migrations added v2 metadata to duo response * removed helper scripts * remove signature from org duo * added backward compatibility for Duo v2 * added tests for duo request + response models * refactors to TwoFactorController * updated test methods to be compartmentalized by usage * fix organization add duo * Assert.Empty() fix for validator
2025-07-06 02:22:49 -05:00 · 2024-06-05 11:42:02 -07:00
parent a0a7654077
commit 97b3f3e7ee
19 changed files with 8504 additions and 55 deletions
--- a/src/Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs
+++ b/src/Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs
@ -110,8 +110,8 @@ public class TemporaryDuoWebV4SDKService : ITemporaryDuoWebV4SDKService

    private bool HasProperMetaData(TwoFactorProvider provider)
    {
-        return provider?.MetaData != null && provider.MetaData.ContainsKey("IKey") &&
-            provider.MetaData.ContainsKey("SKey") && provider.MetaData.ContainsKey("Host");
+        return provider?.MetaData != null && provider.MetaData.ContainsKey("ClientId") &&
+            provider.MetaData.ContainsKey("ClientSecret") && provider.MetaData.ContainsKey("Host");
    }

    /// <summary>
@ -122,14 +122,14 @@ public class TemporaryDuoWebV4SDKService : ITemporaryDuoWebV4SDKService
    private async Task<Duo.Client> BuildDuoClientAsync(TwoFactorProvider provider)
    {
        // Fetch Client name from header value since duo auth can be initiated from multiple clients and we want
-        // to redirect back to the correct client
+        // to redirect back to the initiating client
        _currentContext.HttpContext.Request.Headers.TryGetValue("Bitwarden-Client-Name", out var bitwardenClientName);
        var redirectUri = string.Format("{0}/duo-redirect-connector.html?client={1}",
            _globalSettings.BaseServiceUri.Vault, bitwardenClientName.FirstOrDefault() ?? "web");

        var client = new Duo.ClientBuilder(
-            (string)provider.MetaData["IKey"],
-            (string)provider.MetaData["SKey"],
+            (string)provider.MetaData["ClientId"],
+            (string)provider.MetaData["ClientSecret"],
            (string)provider.MetaData["Host"],
            redirectUri).Build();