[PM-12607] Move key rotation & validators to km ownership (#4941)

* Move key rotation & validators to km ownership * Fix build errors * Fix build errors * Fix import ordering * Update validator namespace * Move key rotation data to km ownership * Fix linting * Fix namespaces * Fix namespace * Fix namespaces * Move rotateuserkeycommandtests to km ownership
2025-06-30 07:36:14 -05:00 · 2024-11-21 10:17:04 -08:00
parent 92b94fd4ee
commit fae8692d2a
42 changed files with 66 additions and 71 deletions
--- a/test/Core.Test/KeyManagement/UserKey/RotateUserKeyCommandTests.cs
+++ b/test/Core.Test/KeyManagement/UserKey/RotateUserKeyCommandTests.cs
@ -0,0 +1,85 @@
+using Bit.Core.Auth.Entities;
+using Bit.Core.Auth.Repositories;
+using Bit.Core.Entities;
+using Bit.Core.KeyManagement.Models.Data;
+using Bit.Core.KeyManagement.UserKey.Implementations;
+using Bit.Core.Services;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+using Microsoft.AspNetCore.Identity;
+using NSubstitute;
+using Xunit;
+
+namespace Bit.Core.Test.KeyManagement.UserFeatures.UserKey;
+
+[SutProviderCustomize]
+public class RotateUserKeyCommandTests
+{
+    [Theory, BitAutoData]
+    public async Task RotateUserKeyAsync_Success(SutProvider<RotateUserKeyCommand> sutProvider, User user,
+        RotateUserKeyData model)
+    {
+        sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
+            .Returns(true);
+        foreach (var webauthnCred in model.WebAuthnKeys)
+        {
+            var dbWebauthnCred = new WebAuthnCredential
+            {
+                EncryptedPublicKey = "encryptedPublicKey",
+                EncryptedUserKey = "encryptedUserKey"
+            };
+            sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
+                .Returns(dbWebauthnCred);
+        }
+
+        var result = await sutProvider.Sut.RotateUserKeyAsync(user, model);
+
+        Assert.Equal(IdentityResult.Success, result);
+    }
+
+    [Theory, BitAutoData]
+    public async Task RotateUserKeyAsync_InvalidMasterPasswordHash_ReturnsFailedIdentityResult(
+        SutProvider<RotateUserKeyCommand> sutProvider, User user, RotateUserKeyData model)
+    {
+        sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
+            .Returns(false);
+        foreach (var webauthnCred in model.WebAuthnKeys)
+        {
+            var dbWebauthnCred = new WebAuthnCredential
+            {
+                EncryptedPublicKey = "encryptedPublicKey",
+                EncryptedUserKey = "encryptedUserKey"
+            };
+            sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
+                .Returns(dbWebauthnCred);
+        }
+
+        var result = await sutProvider.Sut.RotateUserKeyAsync(user, model);
+
+        Assert.False(result.Succeeded);
+    }
+
+    [Theory, BitAutoData]
+    public async Task RotateUserKeyAsync_LogsOutUser(
+        SutProvider<RotateUserKeyCommand> sutProvider, User user, RotateUserKeyData model)
+    {
+        sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.MasterPasswordHash)
+            .Returns(true);
+        foreach (var webauthnCred in model.WebAuthnKeys)
+        {
+            var dbWebauthnCred = new WebAuthnCredential
+            {
+                EncryptedPublicKey = "encryptedPublicKey",
+                EncryptedUserKey = "encryptedUserKey"
+            };
+            sutProvider.GetDependency<IWebAuthnCredentialRepository>().GetByIdAsync(webauthnCred.Id, user.Id)
+                .Returns(dbWebauthnCred);
+        }
+
+        await sutProvider.Sut.RotateUserKeyAsync(user, model);
+
+        await sutProvider.GetDependency<IPushNotificationService>().ReceivedWithAnyArgs()
+            .PushLogOutAsync(default, default);
+    }
+
+}