From be8e7465be758c54a42c80cf694c45c6f1471eab Mon Sep 17 00:00:00 2001
From: Jared Snider <jsnider@bitwarden.com>
Date: Thu, 5 Jun 2025 15:57:21 -0400
Subject: [PATCH] PM-20532 - SendAccessGrantValidator.cs - password to password
 hash

---
 .../RequestValidators/SendAccessGrantValidator.cs         | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Identity/IdentityServer/RequestValidators/SendAccessGrantValidator.cs b/src/Identity/IdentityServer/RequestValidators/SendAccessGrantValidator.cs
index 0a8a1ce2a5..6645107c28 100644
--- a/src/Identity/IdentityServer/RequestValidators/SendAccessGrantValidator.cs
+++ b/src/Identity/IdentityServer/RequestValidators/SendAccessGrantValidator.cs
@@ -16,9 +16,9 @@ public class SendAccessGrantValidator(ISendAuthenticationQuery sendAuthenticatio
     string IExtensionGrantValidator.GrantType => GrantType;
 
     private const string _invalidRequestMissingSendIdMessage = "send_id is required.";
-    private const string _invalidRequestPasswordRequiredMessage = "Password is required.";
+    private const string _invalidRequestPasswordHashRequiredMessage = "Password hash is required.";
     // TODO: add email + OTP errors here
-    private const string _invalidGrantPasswordInvalid = "Password invalid.";
+    private const string _invalidGrantPasswordHashInvalid = "Password hash invalid.";
     // TODO: add email OTP validation error messages here.
 
     public async Task ValidateAsync(ExtensionGrantValidationContext context)
@@ -65,7 +65,7 @@ public class SendAccessGrantValidator(ISendAuthenticationQuery sendAuthenticatio
 
                 if (string.IsNullOrEmpty(password))
                 {
-                    context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, errorDescription: _invalidRequestPasswordRequiredMessage);
+                    context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, errorDescription: _invalidRequestPasswordHashRequiredMessage);
                     return;
                 }
 
@@ -73,7 +73,7 @@ public class SendAccessGrantValidator(ISendAuthenticationQuery sendAuthenticatio
 
                 if (!passwordValid)
                 {
-                    context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, errorDescription: _invalidGrantPasswordInvalid);
+                    context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, errorDescription: _invalidGrantPasswordHashInvalid);
                     return;
                 }