1
0
mirror of https://github.com/bitwarden/server.git synced 2025-07-07 02:52:50 -05:00
Commit Graph

73 Commits

Author SHA1 Message Date
525174068f feat (opaque-ke) : moved endpoints to Identity. 2025-03-20 14:59:34 -04:00
7f997246e5 Merge branch 'innovation/opaque-wanna-try-catch-son' into innovation/opaque 2025-03-20 14:43:55 -04:00
8f25ab6d73 fix : add try catch blocks 2025-03-20 13:55:11 -04:00
36c52a1e75 Add todos and stuff 2025-03-20 11:56:29 -04:00
5a8bf4c890 Innovation/opaque grant validator (#5533)
* Add grant validator

* Fix 2fa

* Add featureflag

* Add comments

* Cleanup

* Set active endpoint

* Fix test
2025-03-20 15:13:05 +01:00
9848d53683 feat : fix database script; add comments. 2025-03-19 22:54:23 -04:00
7a8ee710da [PM-19279] Add prelogin response (#5511)
* Add prelogin response

* Fix test

* Fix more tests

* Fix tests

* Fix SQL warnings

* Fix difference between migration and sql SP

* Attempt to fix tests

* Attempt to fix tests

* Attempt to fix

* Fix namespace

* Attempt to fix error

* Fix different SP / migration

* Attempt to fix migration

* Fix

* Fix
2025-03-19 11:34:33 +01:00
Ike
b03e3c3b8c Innovation/pm 18992/add credential table (#5499)
* feat(OPAQUE-KE): added entity

* innovation(opaque-ke) : inital database changes

* innovation(opaque-ke) : dapper implementation. Key rotation WIP.

* Updating credential repository

* feat : updating service to use repository to save credential

* Fix table creation and make registration work

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
2025-03-17 13:48:30 +01:00
d617004435 Update opaque login with password and update cipherconfig model 2025-03-14 16:22:53 +01:00
0b34f09fc7 Add demo authentication and cleanup controller 2025-03-14 14:16:47 +01:00
3cd3495a45 Extract opaque logic to service 2025-03-13 14:47:20 +01:00
b7673cd450 Update api models 2025-03-13 14:00:54 +01:00
e5e5b3c1ca Update to latest bindings 2025-03-13 11:59:01 +01:00
a713ba8040 Make registration work 2025-03-12 15:20:20 +01:00
377dad6852 Add basic opaque usage 2025-03-12 13:40:04 +01:00
ac25ec4519 [PM-19002] Extract billing code from AccountsController (#5477) 2025-03-10 18:14:22 +01:00
6e7c5b172c [PM-18087] Add cipher permissions to response models (#5418)
* Add Manage permission to UserCipherDetails and CipherDetails_ReadByIdUserId

* Add Manage property to CipherDetails and UserCipherDetailsQuery

* Add integration test for CipherRepository Manage permission rules

* Update CipherDetails_ReadWithoutOrganizationsByUserId to include Manage permission

* Refactor UserCipherDetailsQuery to include detailed permission and organization properties

* Refactor CipherRepositoryTests to improve test organization and readability

- Split large test method into smaller, focused methods
- Added helper methods for creating test data and performing assertions
- Improved test coverage for cipher permissions in different scenarios
- Maintained existing test logic while enhancing code structure

* Refactor CipherRepositoryTests to consolidate cipher permission tests

- Removed redundant helper methods for permission assertions
- Simplified test methods for GetCipherPermissionsForOrganizationAsync, GetManyByUserIdAsync, and GetByIdAsync
- Maintained existing test coverage for cipher manage permissions
- Improved code readability and reduced code duplication

* Add integration test for CipherRepository group collection manage permissions

- Added new test method GetCipherPermissionsForOrganizationAsync_ManageProperty_RespectsCollectionGroupRules
- Implemented helper method CreateCipherInOrganizationCollectionWithGroup to support group-based collection permission testing
- Verified manage permissions are correctly applied based on group collection access settings

* Add @Manage parameter to Cipher stored procedures

- Updated CipherDetails_Create, CipherDetails_CreateWithCollections, and CipherDetails_Update stored procedures
- Added @Manage parameter with comment "-- not used"
- Included new stored procedure implementations in migration script
- Consistent with previous work on adding Manage property to cipher details

* Update UserCipherDetails functions to reorder Manage and ViewPassword columns

* [PM-18086] Add CanRestore and CanDelete authorization methods.

* [PM-18086] Address code review feedback.

* [PM-18086] Add missing part.

* [PM-18087] Add CipherPermissionsResponseModel for cipher permissions

* Add GetManyOrganizationAbilityAsync method to application cache service

* Add organization ability context to cipher response models

This change introduces organization ability context to various cipher response models across multiple controllers. The modifications include:

- Updating CipherResponseModel to include permissions based on user and organization ability
- Modifying CiphersController methods to fetch and pass organization abilities
- Updating SyncController to include organization abilities in sync response
- Adding organization ability context to EmergencyAccessController response generation

* Remove organization ability context from EmergencyAccessController

This change simplifies the EmergencyAccessController by removing unnecessary organization ability fetching and passing. Since emergency access only retrieves personal ciphers, the organization ability context is no longer needed in the response generation.

* Remove unused IApplicationCacheService from EmergencyAccessController

* Refactor EmergencyAccessViewResponseModel constructor

Remove unnecessary JsonConstructor attribute and simplify constructor initialization for EmergencyAccessViewResponseModel

* Refactor organization ability retrieval in CiphersController

Extract methods to simplify organization ability fetching for ciphers, reducing code duplication and improving readability. Added two private helper methods:
- GetOrganizationAbilityAsync: Retrieves organization ability for a single cipher
- GetManyOrganizationAbilitiesAsync: Retrieves organization abilities for multiple ciphers

* Update CiphersControllerTests to use GetUserByPrincipalAsync

Modify test methods to:
- Replace GetProperUserId with GetUserByPrincipalAsync
- Use User object instead of separate userId
- Update mocking to return User object
- Ensure user ID is correctly set in test scenarios

* Refactor CipherPermissionsResponseModel to use constructor-based initialization

* Refactor CipherPermissionsResponseModel to use record type and init-only properties

* [PM-18086] Undo files

* [PM-18086] Undo files

* Refactor organization abilities retrieval in cipher-related controllers and models

- Update CiphersController to use GetOrganizationAbilitiesAsync instead of individual methods
- Modify CipherResponseModel and CipherDetailsResponseModel to accept organization abilities dictionary
- Update CipherPermissionsResponseModel to handle organization abilities lookup
- Remove deprecated organization ability retrieval methods
- Simplify sync and emergency access response model handling of organization abilities

* Remove GetManyOrganizationAbilityAsync method

- Delete unused method from IApplicationCacheService interface
- Remove corresponding implementation in InMemoryApplicationCacheService
- Continues cleanup of organization ability retrieval methods

* Update CiphersControllerTests to include organization abilities retrieval

- Add organization abilities retrieval in test setup for PutCollections_vNext method
- Ensure consistent mocking of IApplicationCacheService in test scenarios

* Update error message for missing organization ability

---------

Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com>
2025-03-10 15:27:30 +00:00
6ca98df721 Ac/pm 17449/add managed user validation to email token (#5437) 2025-02-24 10:42:04 -05:00
Ike
b00f11fc43 [PM-17645] : update email for new email multi factor tokens (#5428)
* feat(newDeviceVerification) : Initial update to email

* fix : email copying over extra whitespace when using keyboard short cuts

* test : Fixing tests for new device verificaiton email format
2025-02-21 11:12:31 -05:00
06c96a96c5 [PM-17449] Add logic to handle email updates for managed users. (#5422) 2025-02-20 15:38:59 -05:00
ac6bc40d85 feat(2FA): [PM-17129] Login with 2FA Recovery Code
* feat(2FA): [PM-17129] Login with 2FA Recovery Code - Login with Recovery Code working.

* feat(2FA): [PM-17129] Login with 2FA Recovery Code - Feature flagged implementation.

* style(2FA): [PM-17129] Login with 2FA Recovery Code - Code cleanup.

* test(2FA): [PM-17129] Login with 2FA Recovery Code - Tests.
2025-02-13 15:51:36 -05:00
58d2a7ddaa [PM-17210] Prevent unintentionally corrupting private keys (#5285)
* Prevent unintentionally corrupting private keys

* Deny key update only when replacing existing keys

* Fix incorrect use of existing user public/encrypted private key

* Fix test

* Fix tests

* Re-add test

* Pass through error for set-password

* Fix test

* Increase test coverage and simplify checks
2025-02-06 20:38:50 +00:00
f7d882d760 Remove feature flag from endpoint (#5342) 2025-02-06 14:37:15 -05:00
Ike
a84ef0724c [PM-15614] Allow Users to opt out of new device verification (#5176)
feat(NewDeviceVerification) : 
* Created database migration scripts for VerifyDevices column in [dbo].[User].
* Updated DeviceValidator to check if user has opted out of device verification.
* Added endpoint to AccountsController.cs to allow editing of new User.VerifyDevices property.
* Added tests for new methods and endpoint.
* Updating queries to track [dbo].[User].[VerifyDevices].
* Updated DeviceValidator to set `User.EmailVerified` property during the New Device Verification flow.
2025-01-08 07:31:24 -08:00
97e11774e3 [PM-13999] show estimated tax for taxable countries (#5110) 2025-01-02 20:27:53 +01:00
Ike
c446ac86fe [PM-12512] Add Endpoint to allow users to request a new device otp (#5146)
feat(NewDeviceVerification): Added a resend new device OTP endpoint and method for the IUserService as well as wrote test for new methods for the user service.
2024-12-16 07:57:56 -08:00
fae8692d2a [PM-12607] Move key rotation & validators to km ownership (#4941)
* Move key rotation & validators to km ownership

* Fix build errors

* Fix build errors

* Fix import ordering

* Update validator namespace

* Move key rotation data to km ownership

* Fix linting

* Fix namespaces

* Fix namespace

* Fix namespaces

* Move rotateuserkeycommandtests to km ownership
2024-11-21 19:17:04 +01:00
Ike
516608560e Fixing organization Duo configuration verificaiton (#5047)
fix(TwoFactorAuthentication): Duo Configuration Validation method input order fixed for `ClientId`, `ClientSecret` from UpdateRequest object.
2024-11-19 09:41:08 -08:00
Ike
ab5d4738d6 [PM-8107] Remove Duo v2 from server (#4934)
refactor(TwoFactorAuthentication): Remove references to old Duo SDK version 2 code and replace them with the Duo SDK version 4 supported library DuoUniversal code.

Increased unit test coverage in the Two Factor Authentication code space. We opted to use DI instead of Inheritance for the Duo and OrganizaitonDuo two factor tokens to increase testability, since creating a testing mock of the Duo.Client was non-trivial.

Reviewed-by: @JaredSnider-Bitwarden
2024-11-18 15:58:05 -08:00
1dec51bf5a [PM-13014] - Add CanToggleStatus property to PolicyRepsonseModel based on Policy Validators (#4940)
* Adding CanToggleState to PoliciesControllers (api/public) endpoints. Added mappings wrapped in feature flag.

* Updated logic for determining CanToggle. Removed setting of toggle from List endpoint. Added new details model for single policy response. Validator now returns after first error.
2024-11-11 09:52:42 -06:00
4b76008245 [PM-11406] Account Management: Prevent a verified user from deleting their account (#4878)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Prevent deletion of accounts managed by an organization when Account Deprovisioning is enabled

* Add CannotDeleteManagedAccountViewModel and email templates

- Added CannotDeleteManagedAccountViewModel class to handle emails related to preventing deletion of accounts managed by an organization.
- Added HTML and text email templates for sending notifications about the inability to delete an account owned by an organization.
- Updated IMailService interface with a new method to send the cannot delete managed account email.
- Implemented the SendCannotDeleteManagedAccountEmailAsync method in HandlebarsMailService.
- Added a check in UserService to send the cannot delete managed account email if the user is managed by any organization.
- Added a no-op implementation for SendCannotDeleteManagedAccountEmailAsync in NoopMailService.

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update error message when unable to delete account when managed by organization

* Update error message in test for deleting organization-owned accounts
2024-11-04 16:37:21 +00:00
c126fee296 [PM-11405] Account Management: Prevent a verified user from changing their email address (#4875)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update expected error messages on unit tests

* Add TestFeatureService to Api.IntegrationTest.Helpers and use it on ApiApplicationFactory to be able to enable specific features for each test

* Add CreateVerifiedDomainAsync method to OrganizationTestHelpers

* Add tests to AccountsControllerTest to prevent changing email for managed accounts

* Remove setting the feature flag value in ApiApplicationFactory and set it on AccountsControllerTest

* Remove TestFeatureService class from Api.IntegrationTest.Helpers
2024-10-28 16:12:13 +00:00
d6cd73cfcc [PM-11404] Account Management: Prevent a verified user from purging their vault (#4853)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account
2024-10-17 16:06:32 +01:00
93e49ffe74 [AC-607] Extract IOrganizationService.DeleteUserAsync into IRemoveOrganizationUserCommand (#4803)
* Add HasConfirmedOwnersExceptQuery class, interface and unit tests

* Register IHasConfirmedOwnersExceptQuery for dependency injection

* Replace OrganizationService.HasConfirmedOwnersExceptAsync with HasConfirmedOwnersExceptQuery

* Refactor DeleteManagedOrganizationUserAccountCommand to use IHasConfirmedOwnersExceptQuery

* Fix unit tests

* Extract IOrganizationService.RemoveUserAsync into IRemoveOrganizationUserCommand; Update unit tests

* Extract IOrganizationService.RemoveUsersAsync into IRemoveOrganizationUserCommand; Update unit tests

* Refactor RemoveUserAsync(Guid organizationId, Guid userId) to use ValidateDeleteUser

* Refactor RemoveOrganizationUserCommandTests to use more descriptive method names

* Refactor controller actions to accept Guid directly instead of parsing strings

* Add unit tests for removing OrganizationUser by UserId

* Refactor remove OrganizationUser by UserId method

* Add summary to IHasConfirmedOwnersExceptQuery
2024-10-16 10:33:00 +01:00
d4c486e189 [PM-12429] Remove authenticator token flag from business logic on 2FA controller (#4868)
* Removed flag from business logic on 2FA controller

* Linting.
2024-10-09 13:47:14 -04:00
3f629e0a5a [PM-11334] Add managed status to sync data (#4791)
* Refactor UserService to add GetOrganizationManagingUserAsync method to retrive the organization that manages a user

* Refactor SyncController and AccountsController to include ManagedByOrganizationId in profile response
2024-09-26 11:21:51 +01:00
Ike
aba2f023cd [PM-9925] Tokenable for User Verification on Two Factor Authenticator settings (#4558)
* initial changes

* Fixing some bits

* fixing issue when feature flag is `false`; also names;

* consume OTP on read if FF true

* comment typo

* fix formatting

* check access code first to not consume token

* add docs

* revert checking access code first

* update error messages

* remove line number from comment

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-07-25 07:51:23 -07:00
28d45f91aa Remove FlexibleCollections feature flag (#4481) 2024-07-24 09:03:09 +10:00
ce185eb3df [PM-5963] Fix tde offboarding vault corruption (#4144)
* Attempt to fix tde to mp flow

* Move tde offboarding to dedicated flag

* Add tde offboarding password request

* Validate tde offboarding input

* Correctly check whether tde is active when building trusted device options

* Refactor Tde offboarding into a separate command

* Add unit tests for tde offboarding

* Update tde offboarding request model

* Fix tests

* Fix further tests

* Fix documentation

* Add validation for updatetdepasswordasync key/newmasterpassword

* Add comment explaining test

* Remove unrelated changes
2024-07-23 14:53:08 -04:00
fd90bf5f3d fix logic (#4550) 2024-07-22 19:43:14 +00:00
091c03a90c [PM-9826] Remove validation from 2fa GET and mask sensitive data (#4526)
* remove validation from 2fa GET and mask sensitive data

* skip verification check on put email

* disable verification on send-email and reenable on put email

* validate authenticator on set instead of get

* Revert "validate authenticator on set instead of get"

This reverts commit 7bf2084531.

* fix tests

* fix more tests

* Narrow scope of verify bypass

* Defaulted to false on VerifySecretAsync

* fix default param value

---------

Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2024-07-22 11:21:14 -04:00
29b47f72ca Auth/PM-3833 - Remove Deprecated Register and Prelogin endpoints from API (#4206)
* PM-3833 - API - AccountsController.cs && AccountsController.cs - remove prelogin and register endpoints.

* PM-3833 - Move Request and Response models that were used for Prelogin and PostRegister from API to Identity.

* PM-3833 - FIX LINT

* PM-3833 - Fix issues after merge conflict fixes.

* PM-3833 - Another test fix
2024-06-19 15:11:24 -04:00
3ad4bc1cab [PM-4371] Implement PRF key rotation (#4157)
* Send rotateable keyset on list webauthn keys

* Implement basic prf key rotation

* Add validator for webauthn rotation

* Fix accounts controller tests

* Add webauthn rotation validator tests

* Introduce separate request model

* Fix tests

* Remove extra empty line

* Remove filtering in validator

* Don't send encrypted private key

* Fix tests

* Implement delegated webauthn db transactions

* Add backward compatibility

* Fix query not working

* Update migration sql

* Update dapper query

* Remove unused helper

* Rename webauthn to WebAuthnLogin

* Fix linter errors

* Fix tests

* Fix tests
2024-06-17 20:46:57 +02:00
Ike
97b3f3e7ee [PM-5216] User and Organization Duo Request and Response Model refactor (#4126)
* inital changes

* add provider GatewayType migrations

* db provider migrations

* removed duo migrations added v2 metadata to duo response

* removed helper scripts

* remove signature from org duo

* added backward compatibility for Duo v2

* added tests for duo request + response models

* refactors to TwoFactorController

* updated test methods to be compartmentalized by usage

* fix organization add duo

* Assert.Empty() fix for validator
2024-06-05 11:42:02 -07:00
2b43cde99b [AC-1938] Update provider payment method (#4140)
* Refactored GET provider subscription

Refactoring this endpoint and its associated tests in preparation for the addition of more endpoints that share similar patterns

* Replaced StripePaymentService call in AccountsController, OrganizationsController

This was made in error during a previous PR. Since this is not related to Consolidated Billing, we want to try not to include it in these changes.

* Removing GetPaymentInformation call from ProviderBillingService

This method is a good call for the SubscriberService as we'll want to extend the functionality to all subscriber types

* Refactored GetTaxInformation to use Billing owned DTO

* Add UpdateTaxInformation to SubscriberService

* Added GetTaxInformation and UpdateTaxInformation endpoints to ProviderBillingController

* Added controller to manage creation of Stripe SetupIntents

With the deprecation of the Sources API, we need to move the bank account creation process to using SetupIntents. This controller brings both the creation of "card" and "us_bank_account" SetupIntents
under billing management.

* Added UpdatePaymentMethod method to SubscriberService

This method utilizes the SetupIntents created by the StripeController from the previous commit when a customer adds a card or us_bank_account payment method (Stripe). We need to cache the most recent SetupIntent for the subscriber so that we know which PaymentMethod is their most recent even when it hasn't been confirmed yet.

* Refactored GetPaymentMethod to use billing owned DTO and check setup intents

* Added GetPaymentMethod and UpdatePaymentMethod endpoints to ProviderBillingController

* Re-added GetPaymentInformation endpoint to consolidate API calls on the payment method page

* Added VerifyBankAccount endpoint to ProviderBillingController in order to finalize bank account payment methods

* Updated BitPayInvoiceRequestModel to support providers

* run dotnet format

* Conner's feedback

* Run dotnet format'
2024-06-03 11:00:52 -04:00
06910175e2 [AC-2576] Replace Billing commands and queries with services (#4070)
* Replace SubscriberQueries with SubscriberService

* Replace OrganizationBillingQueries with OrganizationBillingService

* Replace ProviderBillingQueries with ProviderBillingService, move to Commercial

* Replace AssignSeatsToClientOrganizationCommand with ProviderBillingService, move to commercial

* Replace ScaleSeatsCommand with ProviderBillingService and move to Commercial

* Replace CancelSubscriptionCommand with SubscriberService

* Replace CreateCustomerCommand with ProviderBillingService and move to Commercial

* Replace StartSubscriptionCommand with ProviderBillingService and moved to Commercial

* Replaced RemovePaymentMethodCommand with SubscriberService

* Formatting

* Used dotnet format this time

* Changing ProviderBillingService to scoped

* Found circular dependency'

* One more time with feeling

* Formatting

* Fix error in remove org from provider

* Missed test fix in conflit

* [AC-1937] Server: Implement endpoint to retrieve provider payment information (#4107)

* Move the gettax and paymentmethod from stripepayment class

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add the method to retrieve the tax and payment details

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add unit tests for the paymentInformation method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add the endpoint to retrieve paymentinformation

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add unit tests to the SubscriberService

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove the getTaxInfoAsync update reference

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
2024-05-23 10:17:00 -04:00
7f9d7c0c5d [PM-7029] Remove conditional logic for KeyRotationImprovements feature flag (#4002)
* Removed business logic that references flag

* Removed using statement.

* Undid accidental keystroke.

* Removed unused method.

* Removed unused imports.
2024-05-09 13:24:02 -04:00
2a535ac835 [PM-7919] return exception if trying to overwrite keypair (#4052)
* return exception if trying to overwrite keypair

* add feature flag
2024-05-06 08:49:18 -04:00
ffd988eeda [AC-1904] Implement endpoint to retrieve Provider subscription (#3921)
* Refactor Core.Billing prior to adding new logic

* Add ProviderBillingQueries.GetSubscriptionData

* Add ProviderBillingController.GetSubscriptionAsync
2024-03-28 08:46:12 -04:00
90a5862840 Remove FF 'AC-1607_present-user-offboarding-survey' and old cancel functionality (#3895) 2024-03-21 15:04:20 -04:00