[PM-19728] Add keys on devices list and get responses (#5633)

* Add keys on devices list and get responses * Mark retrieve device keys endpoint as deprecated
2025-05-02 10:12:16 -05:00 · 2025-04-21 13:49:17 +02:00 · 2025-04-21 13:49:17 +02:00 · c195f83402
commit c195f83402
parent 159e4fe502
5 changed files with 33 additions and 1 deletions
--- a/src/Api/Controllers/DevicesController.cs
+++ b/src/Api/Controllers/DevicesController.cs
@ -128,6 +128,7 @@ public class DevicesController : Controller
    }

    [HttpPost("{identifier}/retrieve-keys")]
+    [Obsolete("This endpoint is deprecated. The keys are on the regular device GET endpoints now.")]
    public async Task<ProtectedDeviceResponseModel> GetDeviceKeys(string identifier)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
--- a/src/Api/Models/Response/DeviceResponseModel.cs
+++ b/src/Api/Models/Response/DeviceResponseModel.cs
@ -2,6 +2,7 @@
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Api;
+using Bit.Core.Utilities;

 namespace Bit.Api.Models.Response;

@ -21,6 +22,8 @@ public class DeviceResponseModel : ResponseModel
        Identifier = device.Identifier;
        CreationDate = device.CreationDate;
        IsTrusted = device.IsTrusted();
+        EncryptedUserKey = device.EncryptedUserKey;
+        EncryptedPublicKey = device.EncryptedPublicKey;
    }

    public Guid Id { get; set; }
@ -29,4 +32,10 @@ public class DeviceResponseModel : ResponseModel
    public string Identifier { get; set; }
    public DateTime CreationDate { get; set; }
    public bool IsTrusted { get; set; }
+    [EncryptedString]
+    [EncryptedStringLength(2000)]
+    public string EncryptedUserKey { get; set; }
+    [EncryptedString]
+    [EncryptedStringLength(2000)]
+    public string EncryptedPublicKey { get; set; }
 }
--- a/src/Core/Auth/Models/Api/Response/DeviceAuthRequestResponseModel.cs
+++ b/src/Core/Auth/Models/Api/Response/DeviceAuthRequestResponseModel.cs
@ -1,6 +1,7 @@
 using Bit.Core.Auth.Models.Data;
 using Bit.Core.Enums;
 using Bit.Core.Models.Api;
+using Bit.Core.Utilities;

 namespace Bit.Core.Auth.Models.Api.Response;

@ -19,6 +20,8 @@ public class DeviceAuthRequestResponseModel : ResponseModel
            Identifier = deviceAuthDetails.Identifier,
            CreationDate = deviceAuthDetails.CreationDate,
            IsTrusted = deviceAuthDetails.IsTrusted,
+            EncryptedPublicKey = deviceAuthDetails.EncryptedPublicKey,
+            EncryptedUserKey = deviceAuthDetails.EncryptedUserKey
        };

        if (deviceAuthDetails.AuthRequestId != null && deviceAuthDetails.AuthRequestCreatedAt != null)
@ -39,6 +42,12 @@ public class DeviceAuthRequestResponseModel : ResponseModel
    public string Identifier { get; set; }
    public DateTime CreationDate { get; set; }
    public bool IsTrusted { get; set; }
+    [EncryptedString]
+    [EncryptedStringLength(2000)]
+    public string EncryptedUserKey { get; set; }
+    [EncryptedString]
+    [EncryptedStringLength(2000)]
+    public string EncryptedPublicKey { get; set; }

    public PendingAuthRequest DevicePendingAuthRequest { get; set; }

--- a/src/Core/Auth/Models/Data/DeviceAuthDetails.cs
+++ b/src/Core/Auth/Models/Data/DeviceAuthDetails.cs
@ -29,6 +29,8 @@ public class DeviceAuthDetails : Device
        Identifier = device.Identifier;
        CreationDate = device.CreationDate;
        IsTrusted = device.IsTrusted();
+        EncryptedPublicKey = device.EncryptedPublicKey;
+        EncryptedUserKey = device.EncryptedUserKey;
        AuthRequestId = authRequestId;
        AuthRequestCreatedAt = authRequestCreationDate;
    }
@ -74,6 +76,8 @@ public class DeviceAuthDetails : Device
            EncryptedPrivateKey = encryptedPrivateKey,
            Active = active
        }.IsTrusted();
+        EncryptedPublicKey = encryptedPublicKey;
+        EncryptedUserKey = encryptedUserKey;
        AuthRequestId = authRequestId != Guid.Empty ? authRequestId : null;
        AuthRequestCreatedAt =
            authRequestCreationDate != DateTime.MinValue ? authRequestCreationDate : null;
--- a/test/Api.Test/Auth/Controllers/DevicesControllerTests.cs
+++ b/test/Api.Test/Auth/Controllers/DevicesControllerTests.cs
@ -63,7 +63,9 @@ public class DevicesControllerTest
                    UserId = userId,
                    Name = "chrome",
                    Type = DeviceType.ChromeBrowser,
-                    Identifier = Guid.Parse("811E9254-F77C-48C8-AF0A-A181943F5708").ToString()
+                    Identifier = Guid.Parse("811E9254-F77C-48C8-AF0A-A181943F5708").ToString(),
+                    EncryptedPublicKey = "PublicKey",
+                    EncryptedUserKey = "UserKey",
                },
                Guid.Parse("E09D6943-D574-49E5-AC85-C3F12B4E019E"),
                authDateTimeResponse)
@ -78,6 +80,13 @@ public class DevicesControllerTest
        // Assert
        Assert.NotNull(result);
        Assert.IsType<ListResponseModel<DeviceAuthRequestResponseModel>>(result);
+        var resultDevice = result.Data.First();
+        Assert.Equal("chrome", resultDevice.Name);
+        Assert.Equal(DeviceType.ChromeBrowser, resultDevice.Type);
+        Assert.Equal(Guid.Parse("B3136B10-7818-444F-B05B-4D7A9B8C48BF"), resultDevice.Id);
+        Assert.Equal(Guid.Parse("811E9254-F77C-48C8-AF0A-A181943F5708").ToString(), resultDevice.Identifier);
+        Assert.Equal("PublicKey", resultDevice.EncryptedPublicKey);
+        Assert.Equal("UserKey", resultDevice.EncryptedUserKey);
    }

    [Fact]