From b586e214c52600de1cf9494b51c41c549aacff67 Mon Sep 17 00:00:00 2001
From: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Date: Thu, 16 Jan 2025 15:27:48 -0500
Subject: [PATCH] [PM-17177] Added additional validation to ensure license
 claim values aren't null (#5280)

* Added additional validation to ensure license claim values aren't null

* Added extra not null validation for any property with a type that can possibly be null

(cherry picked from commit 677265b1e1c34f36a7192668613c779c9726fd78)
---
 .../OrganizationLicenseClaimsFactory.cs       | 62 +++++++++++++++----
 .../UserLicenseClaimsFactory.cs               | 22 ++++---
 2 files changed, 66 insertions(+), 18 deletions(-)

diff --git a/src/Core/Billing/Licenses/Services/Implementations/OrganizationLicenseClaimsFactory.cs b/src/Core/Billing/Licenses/Services/Implementations/OrganizationLicenseClaimsFactory.cs
index 1aac7bb1d8..e436102012 100644
--- a/src/Core/Billing/Licenses/Services/Implementations/OrganizationLicenseClaimsFactory.cs
+++ b/src/Core/Billing/Licenses/Services/Implementations/OrganizationLicenseClaimsFactory.cs
@@ -22,16 +22,9 @@ public class OrganizationLicenseClaimsFactory : ILicenseClaimsFactory<Organizati
         var claims = new List<Claim>
         {
             new(nameof(OrganizationLicenseConstants.LicenseType), LicenseType.Organization.ToString()),
-            new Claim(nameof(OrganizationLicenseConstants.LicenseKey), entity.LicenseKey),
-            new(nameof(OrganizationLicenseConstants.InstallationId), licenseContext.InstallationId.ToString()),
             new(nameof(OrganizationLicenseConstants.Id), entity.Id.ToString()),
-            new(nameof(OrganizationLicenseConstants.Name), entity.Name),
-            new(nameof(OrganizationLicenseConstants.BillingEmail), entity.BillingEmail),
             new(nameof(OrganizationLicenseConstants.Enabled), entity.Enabled.ToString()),
-            new(nameof(OrganizationLicenseConstants.Plan), entity.Plan),
             new(nameof(OrganizationLicenseConstants.PlanType), entity.PlanType.ToString()),
-            new(nameof(OrganizationLicenseConstants.Seats), entity.Seats.ToString()),
-            new(nameof(OrganizationLicenseConstants.MaxCollections), entity.MaxCollections.ToString()),
             new(nameof(OrganizationLicenseConstants.UsePolicies), entity.UsePolicies.ToString()),
             new(nameof(OrganizationLicenseConstants.UseSso), entity.UseSso.ToString()),
             new(nameof(OrganizationLicenseConstants.UseKeyConnector), entity.UseKeyConnector.ToString()),
@@ -43,32 +36,79 @@ public class OrganizationLicenseClaimsFactory : ILicenseClaimsFactory<Organizati
             new(nameof(OrganizationLicenseConstants.Use2fa), entity.Use2fa.ToString()),
             new(nameof(OrganizationLicenseConstants.UseApi), entity.UseApi.ToString()),
             new(nameof(OrganizationLicenseConstants.UseResetPassword), entity.UseResetPassword.ToString()),
-            new(nameof(OrganizationLicenseConstants.MaxStorageGb), entity.MaxStorageGb.ToString()),
             new(nameof(OrganizationLicenseConstants.SelfHost), entity.SelfHost.ToString()),
             new(nameof(OrganizationLicenseConstants.UsersGetPremium), entity.UsersGetPremium.ToString()),
             new(nameof(OrganizationLicenseConstants.UseCustomPermissions), entity.UseCustomPermissions.ToString()),
-            new(nameof(OrganizationLicenseConstants.Issued), DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)),
             new(nameof(OrganizationLicenseConstants.UsePasswordManager), entity.UsePasswordManager.ToString()),
             new(nameof(OrganizationLicenseConstants.UseSecretsManager), entity.UseSecretsManager.ToString()),
-            new(nameof(OrganizationLicenseConstants.SmSeats), entity.SmSeats.ToString()),
-            new(nameof(OrganizationLicenseConstants.SmServiceAccounts), entity.SmServiceAccounts.ToString()),
             // LimitCollectionCreationDeletion was split and removed from the
             // license. Left here with an assignment from the new values for
             // backwards compatibility.
             new(nameof(OrganizationLicenseConstants.LimitCollectionCreationDeletion),
                 (entity.LimitCollectionCreation || entity.LimitCollectionDeletion).ToString()),
             new(nameof(OrganizationLicenseConstants.AllowAdminAccessToAllCollectionItems), entity.AllowAdminAccessToAllCollectionItems.ToString()),
+            new(nameof(OrganizationLicenseConstants.Issued), DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)),
             new(nameof(OrganizationLicenseConstants.Expires), expires.ToString(CultureInfo.InvariantCulture)),
             new(nameof(OrganizationLicenseConstants.Refresh), refresh.ToString(CultureInfo.InvariantCulture)),
             new(nameof(OrganizationLicenseConstants.ExpirationWithoutGracePeriod), expirationWithoutGracePeriod.ToString(CultureInfo.InvariantCulture)),
             new(nameof(OrganizationLicenseConstants.Trial), trial.ToString()),
         };
 
+        if (entity.Name is not null)
+        {
+            claims.Add(new(nameof(OrganizationLicenseConstants.Name), entity.Name));
+        }
+
+        if (entity.BillingEmail is not null)
+        {
+            claims.Add(new(nameof(OrganizationLicenseConstants.BillingEmail), entity.BillingEmail));
+        }
+
+        if (entity.Plan is not null)
+        {
+            claims.Add(new(nameof(OrganizationLicenseConstants.Plan), entity.Plan));
+        }
+
         if (entity.BusinessName is not null)
         {
             claims.Add(new Claim(nameof(OrganizationLicenseConstants.BusinessName), entity.BusinessName));
         }
 
+        if (entity.LicenseKey is not null)
+        {
+            claims.Add(new Claim(nameof(OrganizationLicenseConstants.LicenseKey), entity.LicenseKey));
+        }
+
+        if (licenseContext.InstallationId.HasValue)
+        {
+            claims.Add(new Claim(nameof(OrganizationLicenseConstants.InstallationId), licenseContext.InstallationId.ToString()));
+        }
+
+        if (entity.Seats.HasValue)
+        {
+            claims.Add(new Claim(nameof(OrganizationLicenseConstants.Seats), entity.Seats.ToString()));
+        }
+
+        if (entity.MaxCollections.HasValue)
+        {
+            claims.Add(new Claim(nameof(OrganizationLicenseConstants.MaxCollections), entity.MaxCollections.ToString()));
+        }
+
+        if (entity.MaxStorageGb.HasValue)
+        {
+            claims.Add(new Claim(nameof(OrganizationLicenseConstants.MaxStorageGb), entity.MaxStorageGb.ToString()));
+        }
+
+        if (entity.SmSeats.HasValue)
+        {
+            claims.Add(new Claim(nameof(OrganizationLicenseConstants.SmSeats), entity.SmSeats.ToString()));
+        }
+
+        if (entity.SmServiceAccounts.HasValue)
+        {
+            claims.Add(new Claim(nameof(OrganizationLicenseConstants.SmServiceAccounts), entity.SmServiceAccounts.ToString()));
+        }
+
         return Task.FromResult(claims);
     }
 
diff --git a/src/Core/Billing/Licenses/Services/Implementations/UserLicenseClaimsFactory.cs b/src/Core/Billing/Licenses/Services/Implementations/UserLicenseClaimsFactory.cs
index 3b7b275469..2aaa5efdc1 100644
--- a/src/Core/Billing/Licenses/Services/Implementations/UserLicenseClaimsFactory.cs
+++ b/src/Core/Billing/Licenses/Services/Implementations/UserLicenseClaimsFactory.cs
@@ -21,31 +21,39 @@ public class UserLicenseClaimsFactory : ILicenseClaimsFactory<User>
         {
             new(nameof(UserLicenseConstants.LicenseType), LicenseType.User.ToString()),
             new(nameof(UserLicenseConstants.Id), entity.Id.ToString()),
-            new(nameof(UserLicenseConstants.Name), entity.Name),
-            new(nameof(UserLicenseConstants.Email), entity.Email),
             new(nameof(UserLicenseConstants.Premium), entity.Premium.ToString()),
             new(nameof(UserLicenseConstants.Issued), DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)),
             new(nameof(UserLicenseConstants.Trial), trial.ToString()),
         };
 
+        if (entity.Email is not null)
+        {
+            claims.Add(new(nameof(UserLicenseConstants.Email), entity.Email));
+        }
+
+        if (entity.Name is not null)
+        {
+            claims.Add(new(nameof(UserLicenseConstants.Name), entity.Name));
+        }
+
         if (entity.LicenseKey is not null)
         {
             claims.Add(new(nameof(UserLicenseConstants.LicenseKey), entity.LicenseKey));
         }
 
-        if (entity.MaxStorageGb is not null)
+        if (entity.MaxStorageGb.HasValue)
         {
             claims.Add(new(nameof(UserLicenseConstants.MaxStorageGb), entity.MaxStorageGb.ToString()));
         }
 
-        if (expires is not null)
+        if (expires.HasValue)
         {
-            claims.Add(new(nameof(UserLicenseConstants.Expires), expires.ToString()));
+            claims.Add(new(nameof(UserLicenseConstants.Expires), expires.Value.ToString(CultureInfo.InvariantCulture)));
         }
 
-        if (refresh is not null)
+        if (refresh.HasValue)
         {
-            claims.Add(new(nameof(UserLicenseConstants.Refresh), refresh.ToString()));
+            claims.Add(new(nameof(UserLicenseConstants.Refresh), refresh.Value.ToString(CultureInfo.InvariantCulture)));
         }
 
         return Task.FromResult(claims);