admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-02-13 04:13:42 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
3533f82d0ff8da19b6b3587ae3fafea585c08c71
server/src/Identity/IdentityServer/RequestValidators/IDeviceValidator.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

25 lines
1.3 KiB
C#
Raw Normal View History

[PM-8220] New Device Verification (#5084) * feat(BaseRequestValidator): Add global setting for new device verification. Refactor BaseRequestValidator enabling better self-documenting code and better single responsibility principle for validators. Updated DeviceValidator to handle new device verification, behind a feature flag. Moved IDeviceValidator interface to separate file. Updated CustomRequestValidator to act as the conduit by which *Validators communicate authentication context between themselves and the RequestValidators. Adding new test for DeviceValidator class. Updated tests for BaseRequestValidator as some functionality was moved to the DeviceValidator class.
2024-12-12 09:08:11 -08:00
using Bit.Core.Entities;
using Duende.IdentityServer.Validation;
namespace Bit.Identity.IdentityServer.RequestValidators;
public interface IDeviceValidator
{
/// <summary>
/// Fetches device from the database using the Device Identifier and the User Id to know if the user
/// has ever tried to authenticate with this specific instance of Bitwarden.
/// </summary>
/// <param name="user">user attempting to authenticate</param>
/// <param name="device">current instance of Bitwarden the user is interacting with</param>
/// <returns>null or Device</returns>
Task<Device> GetKnownDeviceAsync(User user, Device device);
/// <summary>
/// Validate the requesting device. Modifies the ValidatorRequestContext with error result if any.
/// </summary>
/// <param name="request">The Request is used to check for the NewDeviceOtp and for the raw device data</param>
/// <param name="context">Contains two factor and sso context that are important for decisions on new device verification</param>
/// <returns>returns true if device is valid and no other action required; if false modifies the context with an error result to be returned;</returns>
Task<bool> ValidateRequestDeviceAsync(ValidatedTokenRequest request, CustomValidatorRequestContext context);
}
Reference in New Issue Copy Permalink