src/Core/Services/Implementations/UserService.cs

using System.Security.Claims;
using System.Text.Json;
using Bit.Core.Context;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Models;
using Bit.Core.Models.Business;
using Bit.Core.Repositories;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Fido2NetLib;
using Fido2NetLib.Objects;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using File = System.IO.File;

namespace Bit.Core.Services
{
    public class UserService : UserManager<User>, IUserService, IDisposable
    {
        private const string PremiumPlanId = "premium-annually";
        private const string StoragePlanId = "storage-gb-annually";

        private readonly IUserRepository _userRepository;
        private readonly ICipherRepository _cipherRepository;
        private readonly IOrganizationUserRepository _organizationUserRepository;
        private readonly IOrganizationRepository _organizationRepository;
        private readonly IMailService _mailService;
        private readonly IPushNotificationService _pushService;
        private readonly IdentityErrorDescriber _identityErrorDescriber;
        private readonly IdentityOptions _identityOptions;
        private readonly IPasswordHasher<User> _passwordHasher;
        private readonly IEnumerable<IPasswordValidator<User>> _passwordValidators;
        private readonly ILicensingService _licenseService;
        private readonly IEventService _eventService;
        private readonly IApplicationCacheService _applicationCacheService;
        private readonly IPaymentService _paymentService;
        private readonly IPolicyRepository _policyRepository;
        private readonly IDataProtector _organizationServiceDataProtector;
        private readonly IReferenceEventService _referenceEventService;
        private readonly IFido2 _fido2;
        private readonly ICurrentContext _currentContext;
        private readonly IGlobalSettings _globalSettings;
        private readonly IOrganizationService _organizationService;
        private readonly IProviderUserRepository _providerUserRepository;
        private readonly IDeviceRepository _deviceRepository;
        private readonly IStripeSyncService _stripeSyncService;

        public UserService(
            IUserRepository userRepository,
            ICipherRepository cipherRepository,
            IOrganizationUserRepository organizationUserRepository,
            IOrganizationRepository organizationRepository,
            IMailService mailService,
            IPushNotificationService pushService,
            IUserStore<User> store,
            IOptions<IdentityOptions> optionsAccessor,
            IPasswordHasher<User> passwordHasher,
            IEnumerable<IUserValidator<User>> userValidators,
            IEnumerable<IPasswordValidator<User>> passwordValidators,
            ILookupNormalizer keyNormalizer,
            IdentityErrorDescriber errors,
            IServiceProvider services,
            ILogger<UserManager<User>> logger,
            ILicensingService licenseService,
            IEventService eventService,
            IApplicationCacheService applicationCacheService,
            IDataProtectionProvider dataProtectionProvider,
            IPaymentService paymentService,
            IPolicyRepository policyRepository,
            IReferenceEventService referenceEventService,
            IFido2 fido2,
            ICurrentContext currentContext,
            IGlobalSettings globalSettings,
            IOrganizationService organizationService,
            IProviderUserRepository providerUserRepository,
            IDeviceRepository deviceRepository,
            IStripeSyncService stripeSyncService)
            : base(
                  store,
                  optionsAccessor,
                  passwordHasher,
                  userValidators,
                  passwordValidators,
                  keyNormalizer,
                  errors,
                  services,
                  logger)
        {
            _userRepository = userRepository;
            _cipherRepository = cipherRepository;
            _organizationUserRepository = organizationUserRepository;
            _organizationRepository = organizationRepository;
            _mailService = mailService;
            _pushService = pushService;
            _identityOptions = optionsAccessor?.Value ?? new IdentityOptions();
            _identityErrorDescriber = errors;
            _passwordHasher = passwordHasher;
            _passwordValidators = passwordValidators;
            _licenseService = licenseService;
            _eventService = eventService;
            _applicationCacheService = applicationCacheService;
            _paymentService = paymentService;
            _policyRepository = policyRepository;
            _organizationServiceDataProtector = dataProtectionProvider.CreateProtector(
                "OrganizationServiceDataProtector");
            _referenceEventService = referenceEventService;
            _fido2 = fido2;
            _currentContext = currentContext;
            _globalSettings = globalSettings;
            _organizationService = organizationService;
            _providerUserRepository = providerUserRepository;
            _deviceRepository = deviceRepository;
            _stripeSyncService = stripeSyncService;
        }

        public Guid? GetProperUserId(ClaimsPrincipal principal)
        {
            if (!Guid.TryParse(GetUserId(principal), out var userIdGuid))
            {
                return null;
            }

            return userIdGuid;
        }

        public async Task<User> GetUserByIdAsync(string userId)
        {
            if (_currentContext?.User != null &&
                string.Equals(_currentContext.User.Id.ToString(), userId, StringComparison.InvariantCultureIgnoreCase))
            {
                return _currentContext.User;
            }

            if (!Guid.TryParse(userId, out var userIdGuid))
            {
                return null;
            }

            _currentContext.User = await _userRepository.GetByIdAsync(userIdGuid);
            return _currentContext.User;
        }

        public async Task<User> GetUserByIdAsync(Guid userId)
        {
            if (_currentContext?.User != null && _currentContext.User.Id == userId)
            {
                return _currentContext.User;
            }

            _currentContext.User = await _userRepository.GetByIdAsync(userId);
            return _currentContext.User;
        }

        public async Task<User> GetUserByPrincipalAsync(ClaimsPrincipal principal)
        {
            var userId = GetProperUserId(principal);
            if (!userId.HasValue)
            {
                return null;
            }

            return await GetUserByIdAsync(userId.Value);
        }

        public async Task<DateTime> GetAccountRevisionDateByIdAsync(Guid userId)
        {
            return await _userRepository.GetAccountRevisionDateAsync(userId);
        }

        public async Task SaveUserAsync(User user, bool push = false)
        {
            if (user.Id == default(Guid))
            {
                throw new ApplicationException("Use register method to create a new user.");
            }

            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
            await _userRepository.ReplaceAsync(user);

            if (push)
            {
                // push
                await _pushService.PushSyncSettingsAsync(user.Id);
            }
        }

        public override async Task<IdentityResult> DeleteAsync(User user)
        {
            // Check if user is the only owner of any organizations.
            var onlyOwnerCount = await _organizationUserRepository.GetCountByOnlyOwnerAsync(user.Id);
            if (onlyOwnerCount > 0)
            {
                var deletedOrg = false;
                var orgs = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id,
                    OrganizationUserStatusType.Confirmed);
                if (orgs.Count == 1)
                {
                    var org = await _organizationRepository.GetByIdAsync(orgs.First().OrganizationId);
                    if (org != null && (!org.Enabled || string.IsNullOrWhiteSpace(org.GatewaySubscriptionId)))
                    {
                        var orgCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(org.Id);
                        if (orgCount <= 1)
                        {
                            await _organizationRepository.DeleteAsync(org);
                            deletedOrg = true;
                        }
                    }
                }

                if (!deletedOrg)
                {
                    return IdentityResult.Failed(new IdentityError
                    {
                        Description = "Cannot delete this user because it is the sole owner of at least one organization. Please delete these organizations or upgrade another user.",
                    });
                }
            }

            var onlyOwnerProviderCount = await _providerUserRepository.GetCountByOnlyOwnerAsync(user.Id);
            if (onlyOwnerProviderCount > 0)
            {
                return IdentityResult.Failed(new IdentityError
                {
                    Description = "Cannot delete this user because it is the sole owner of at least one provider. Please delete these providers or upgrade another user.",
                });
            }

            if (!string.IsNullOrWhiteSpace(user.GatewaySubscriptionId))
            {
                try
                {
                    await CancelPremiumAsync(user, null, true);
                }
                catch (GatewayException) { }
            }

            await _userRepository.DeleteAsync(user);
            await _referenceEventService.RaiseEventAsync(
                new ReferenceEvent(ReferenceEventType.DeleteAccount, user));
            await _pushService.PushLogOutAsync(user.Id);
            return IdentityResult.Success;
        }

        public async Task<IdentityResult> DeleteAsync(User user, string token)
        {
            if (!(await VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "DeleteAccount", token)))
            {
                return IdentityResult.Failed(ErrorDescriber.InvalidToken());
            }

            return await DeleteAsync(user);
        }

        public async Task SendDeleteConfirmationAsync(string email)
        {
            var user = await _userRepository.GetByEmailAsync(email);
            if (user == null)
            {
                // No user exists.
                return;
            }

            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "DeleteAccount");
            await _mailService.SendVerifyDeleteEmailAsync(user.Email, user.Id, token);
        }

        public async Task<IdentityResult> RegisterUserAsync(User user, string masterPassword,
            string token, Guid? orgUserId)
        {
            var tokenValid = false;
            if (_globalSettings.DisableUserRegistration && !string.IsNullOrWhiteSpace(token) && orgUserId.HasValue)
            {
                tokenValid = CoreHelpers.UserInviteTokenIsValid(_organizationServiceDataProtector, token,
                    user.Email, orgUserId.Value, _globalSettings);
            }

            if (_globalSettings.DisableUserRegistration && !tokenValid)
            {
                throw new BadRequestException("Open registration has been disabled by the system administrator.");
            }

            if (orgUserId.HasValue)
            {
                var orgUser = await _organizationUserRepository.GetByIdAsync(orgUserId.Value);
                if (orgUser != null)
                {
                    var twoFactorPolicy = await _policyRepository.GetByOrganizationIdTypeAsync(orgUser.OrganizationId,
                        PolicyType.TwoFactorAuthentication);
                    if (twoFactorPolicy != null && twoFactorPolicy.Enabled)
                    {
                        user.SetTwoFactorProviders(new Dictionary<TwoFactorProviderType, TwoFactorProvider>
                        {

                            [TwoFactorProviderType.Email] = new TwoFactorProvider
                            {
                                MetaData = new Dictionary<string, object> { ["Email"] = user.Email.ToLowerInvariant() },
                                Enabled = true
                            }
                        });
                        SetTwoFactorProvider(user, TwoFactorProviderType.Email);
                    }
                }
            }

            user.ApiKey = CoreHelpers.SecureRandomString(30);
            var result = await base.CreateAsync(user, masterPassword);
            if (result == IdentityResult.Success)
            {
                await _mailService.SendWelcomeEmailAsync(user);
                await _referenceEventService.RaiseEventAsync(new ReferenceEvent(ReferenceEventType.Signup, user));
            }

            return result;
        }

        public async Task<IdentityResult> RegisterUserAsync(User user)
        {
            var result = await base.CreateAsync(user);
            if (result == IdentityResult.Success)
            {
                await _mailService.SendWelcomeEmailAsync(user);
                await _referenceEventService.RaiseEventAsync(new ReferenceEvent(ReferenceEventType.Signup, user));
            }

            return result;
        }

        public async Task SendMasterPasswordHintAsync(string email)
        {
            var user = await _userRepository.GetByEmailAsync(email);
            if (user == null)
            {
                // No user exists. Do we want to send an email telling them this in the future?
                return;
            }

            if (string.IsNullOrWhiteSpace(user.MasterPasswordHint))
            {
                await _mailService.SendNoMasterPasswordHintEmailAsync(email);
                return;
            }

            await _mailService.SendMasterPasswordHintEmailAsync(email, user.MasterPasswordHint);
        }

        public async Task SendTwoFactorEmailAsync(User user, bool isBecauseNewDeviceLogin = false)
        {
            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
            if (provider == null || provider.MetaData == null || !provider.MetaData.ContainsKey("Email"))
            {
                throw new ArgumentNullException("No email.");
            }

            var email = ((string)provider.MetaData["Email"]).ToLowerInvariant();
            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
                "2faEmail:" + email);

            if (isBecauseNewDeviceLogin)
            {
                await _mailService.SendNewDeviceLoginTwoFactorEmailAsync(email, token);
            }
            else
            {
                await _mailService.SendTwoFactorEmailAsync(email, token);
            }
        }

        public async Task<bool> VerifyTwoFactorEmailAsync(User user, string token)
        {
            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
            if (provider == null || provider.MetaData == null || !provider.MetaData.ContainsKey("Email"))
            {
                throw new ArgumentNullException("No email.");
            }

            var email = ((string)provider.MetaData["Email"]).ToLowerInvariant();
            return await base.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
                "2faEmail:" + email, token);
        }

        public async Task<CredentialCreateOptions> StartWebAuthnRegistrationAsync(User user)
        {
            var providers = user.GetTwoFactorProviders();
            if (providers == null)
            {
                providers = new Dictionary<TwoFactorProviderType, TwoFactorProvider>();
            }
            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.WebAuthn);
            if (provider == null)
            {
                provider = new TwoFactorProvider
                {
                    Enabled = false
                };
            }
            if (provider.MetaData == null)
            {
                provider.MetaData = new Dictionary<string, object>();
            }

            var fidoUser = new Fido2User
            {
                DisplayName = user.Name,
                Name = user.Email,
                Id = user.Id.ToByteArray(),
            };

            var excludeCredentials = provider.MetaData
                .Where(k => k.Key.StartsWith("Key"))
                .Select(k => new TwoFactorProvider.WebAuthnData((dynamic)k.Value).Descriptor)
                .ToList();

            var authenticatorSelection = new AuthenticatorSelection
            {
                AuthenticatorAttachment = null,
                RequireResidentKey = false,
                UserVerification = UserVerificationRequirement.Discouraged
            };
            var options = _fido2.RequestNewCredential(fidoUser, excludeCredentials, authenticatorSelection, AttestationConveyancePreference.None);

            provider.MetaData["pending"] = options.ToJson();
            providers[TwoFactorProviderType.WebAuthn] = provider;
            user.SetTwoFactorProviders(providers);
            await UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn, false);

            return options;
        }

        public async Task<bool> CompleteWebAuthRegistrationAsync(User user, int id, string name, AuthenticatorAttestationRawResponse attestationResponse)
        {
            var keyId = $"Key{id}";

            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.WebAuthn);
            if (!provider?.MetaData?.ContainsKey("pending") ?? true)
            {
                return false;
            }

            var options = CredentialCreateOptions.FromJson((string)provider.MetaData["pending"]);

            // Callback to ensure credential id is unique. Always return true since we don't care if another
            // account uses the same 2fa key.
            IsCredentialIdUniqueToUserAsyncDelegate callback = args => Task.FromResult(true);

            var success = await _fido2.MakeNewCredentialAsync(attestationResponse, options, callback);

            provider.MetaData.Remove("pending");
            provider.MetaData[keyId] = new TwoFactorProvider.WebAuthnData
            {
                Name = name,
                Descriptor = new PublicKeyCredentialDescriptor(success.Result.CredentialId),
                PublicKey = success.Result.PublicKey,
                UserHandle = success.Result.User.Id,
                SignatureCounter = success.Result.Counter,
                CredType = success.Result.CredType,
                RegDate = DateTime.Now,
                AaGuid = success.Result.Aaguid
            };

            var providers = user.GetTwoFactorProviders();
            providers[TwoFactorProviderType.WebAuthn] = provider;
            user.SetTwoFactorProviders(providers);
            await UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn);

            return true;
        }

        public async Task<bool> DeleteWebAuthnKeyAsync(User user, int id)
        {
            var providers = user.GetTwoFactorProviders();
            if (providers == null)
            {
                return false;
            }

            var keyName = $"Key{id}";
            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.WebAuthn);
            if (!provider?.MetaData?.ContainsKey(keyName) ?? true)
            {
                return false;
            }

            if (provider.MetaData.Count < 2)
            {
                return false;
            }

            provider.MetaData.Remove(keyName);
            providers[TwoFactorProviderType.WebAuthn] = provider;
            user.SetTwoFactorProviders(providers);
            await UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn);
            return true;
        }

        public async Task SendEmailVerificationAsync(User user)
        {
            if (user.EmailVerified)
            {
                throw new BadRequestException("Email already verified.");
            }

            var token = await base.GenerateEmailConfirmationTokenAsync(user);
            await _mailService.SendVerifyEmailEmailAsync(user.Email, user.Id, token);
        }

        public async Task InitiateEmailChangeAsync(User user, string newEmail)
        {
            var existingUser = await _userRepository.GetByEmailAsync(newEmail);
            if (existingUser != null)
            {
                await _mailService.SendChangeEmailAlreadyExistsEmailAsync(user.Email, newEmail);
                return;
            }

            var token = await base.GenerateChangeEmailTokenAsync(user, newEmail);
            await _mailService.SendChangeEmailEmailAsync(newEmail, token);
        }

        public async Task<IdentityResult> ChangeEmailAsync(User user, string masterPassword, string newEmail,
            string newMasterPassword, string token, string key)
        {
            var verifyPasswordResult = _passwordHasher.VerifyHashedPassword(user, user.MasterPassword, masterPassword);
            if (verifyPasswordResult == PasswordVerificationResult.Failed)
            {
                return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
            }

            if (!await base.VerifyUserTokenAsync(user, _identityOptions.Tokens.ChangeEmailTokenProvider,
                GetChangeEmailTokenPurpose(newEmail), token))
            {
                return IdentityResult.Failed(_identityErrorDescriber.InvalidToken());
            }

            var existingUser = await _userRepository.GetByEmailAsync(newEmail);
            if (existingUser != null && existingUser.Id != user.Id)
            {
                return IdentityResult.Failed(_identityErrorDescriber.DuplicateEmail(newEmail));
            }

            var previousState = new
            {
                Key = user.Key,
                MasterPassword = user.MasterPassword,
                SecurityStamp = user.SecurityStamp,
                Email = user.Email
            };

            var result = await UpdatePasswordHash(user, newMasterPassword);
            if (!result.Succeeded)
            {
                return result;
            }

            user.Key = key;
            user.Email = newEmail;
            user.EmailVerified = true;
            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
            await _userRepository.ReplaceAsync(user);

            if (user.Gateway == GatewayType.Stripe)
            {

                try
                {
                    await _stripeSyncService.UpdateCustomerEmailAddress(user.GatewayCustomerId,
                        user.BillingEmailAddress());
                }
                catch (Exception ex)
                {
                    //if sync to strip fails, update email and securityStamp to previous
                    user.Key = previousState.Key;
                    user.Email = previousState.Email;
                    user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
                    user.MasterPassword = previousState.MasterPassword;
                    user.SecurityStamp = previousState.SecurityStamp;

                    await _userRepository.ReplaceAsync(user);
                    return IdentityResult.Failed(new IdentityError
                    {
                        Description = ex.Message
                    });
                }
            }

            await _pushService.PushLogOutAsync(user.Id);

            return IdentityResult.Success;
        }

        public override Task<IdentityResult> ChangePasswordAsync(User user, string masterPassword, string newMasterPassword)
        {
            throw new NotImplementedException();
        }

        public async Task<IdentityResult> ChangePasswordAsync(User user, string masterPassword, string newMasterPassword, string passwordHint,
            string key)
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (await CheckPasswordAsync(user, masterPassword))
            {
                var result = await UpdatePasswordHash(user, newMasterPassword);
                if (!result.Succeeded)
                {
                    return result;
                }

                user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
                user.Key = key;
                user.MasterPasswordHint = passwordHint;

                await _userRepository.ReplaceAsync(user);
                await _eventService.LogUserEventAsync(user.Id, EventType.User_ChangedPassword);
                await _pushService.PushLogOutAsync(user.Id);

                return IdentityResult.Success;
            }

            Logger.LogWarning("Change password failed for user {userId}.", user.Id);
            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
        }

        public async Task<IdentityResult> SetPasswordAsync(User user, string masterPassword, string key,
            string orgIdentifier = null)
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (!string.IsNullOrWhiteSpace(user.MasterPassword))
            {
                Logger.LogWarning("Change password failed for user {userId} - already has password.", user.Id);
                return IdentityResult.Failed(_identityErrorDescriber.UserAlreadyHasPassword());
            }

            var result = await UpdatePasswordHash(user, masterPassword, true, false);
            if (!result.Succeeded)
            {
                return result;
            }

            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
            user.Key = key;

            await _userRepository.ReplaceAsync(user);
            await _eventService.LogUserEventAsync(user.Id, EventType.User_ChangedPassword);

            if (!string.IsNullOrWhiteSpace(orgIdentifier))
            {
                await _organizationService.AcceptUserAsync(orgIdentifier, user, this);
            }

            return IdentityResult.Success;
        }

        public async Task<IdentityResult> SetKeyConnectorKeyAsync(User user, string key, string orgIdentifier)
        {
            var identityResult = CheckCanUseKeyConnector(user);
            if (identityResult != null)
            {
                return identityResult;
            }

            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
            user.Key = key;
            user.UsesKeyConnector = true;

            await _userRepository.ReplaceAsync(user);
            await _eventService.LogUserEventAsync(user.Id, EventType.User_MigratedKeyToKeyConnector);

            await _organizationService.AcceptUserAsync(orgIdentifier, user, this);

            return IdentityResult.Success;
        }

        public async Task<IdentityResult> ConvertToKeyConnectorAsync(User user)
        {
            var identityResult = CheckCanUseKeyConnector(user);
            if (identityResult != null)
            {
                return identityResult;
            }

            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
            user.MasterPassword = null;
            user.UsesKeyConnector = true;

            await _userRepository.ReplaceAsync(user);
            await _eventService.LogUserEventAsync(user.Id, EventType.User_MigratedKeyToKeyConnector);

            return IdentityResult.Success;
        }

        private IdentityResult CheckCanUseKeyConnector(User user)
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (user.UsesKeyConnector)
            {
                Logger.LogWarning("Already uses Key Connector.");
                return IdentityResult.Failed(_identityErrorDescriber.UserAlreadyHasPassword());
            }

            if (_currentContext.Organizations.Any(u =>
                    u.Type is OrganizationUserType.Owner or OrganizationUserType.Admin))
            {
                throw new BadRequestException("Cannot use Key Connector when admin or owner of an organization.");
            }

            return null;
        }

        public async Task<IdentityResult> AdminResetPasswordAsync(OrganizationUserType callingUserType, Guid orgId, Guid id, string newMasterPassword, string key)
        {
            // Org must be able to use reset password
            var org = await _organizationRepository.GetByIdAsync(orgId);
            if (org == null || !org.UseResetPassword)
            {
                throw new BadRequestException("Organization does not allow password reset.");
            }

            // Enterprise policy must be enabled
            var resetPasswordPolicy =
                await _policyRepository.GetByOrganizationIdTypeAsync(orgId, PolicyType.ResetPassword);
            if (resetPasswordPolicy == null || !resetPasswordPolicy.Enabled)
            {
                throw new BadRequestException("Organization does not have the password reset policy enabled.");
            }

            // Org User must be confirmed and have a ResetPasswordKey
            var orgUser = await _organizationUserRepository.GetByIdAsync(id);
            if (orgUser == null || orgUser.Status != OrganizationUserStatusType.Confirmed ||
                orgUser.OrganizationId != orgId || string.IsNullOrEmpty(orgUser.ResetPasswordKey) ||
                !orgUser.UserId.HasValue)
            {
                throw new BadRequestException("Organization User not valid");
            }

            // Calling User must be of higher/equal user type to reset user's password
            var canAdjustPassword = false;
            switch (callingUserType)
            {
                case OrganizationUserType.Owner:
                    canAdjustPassword = true;
                    break;
                case OrganizationUserType.Admin:
                    canAdjustPassword = orgUser.Type != OrganizationUserType.Owner;
                    break;
                case OrganizationUserType.Custom:
                    canAdjustPassword = orgUser.Type != OrganizationUserType.Owner &&
                        orgUser.Type != OrganizationUserType.Admin;
                    break;
            }

            if (!canAdjustPassword)
            {
                throw new BadRequestException("Calling user does not have permission to reset this user's master password");
            }

            var user = await GetUserByIdAsync(orgUser.UserId.Value);
            if (user == null)
            {
                throw new NotFoundException();
            }

            if (user.UsesKeyConnector)
            {
                throw new BadRequestException("Cannot reset password of a user with Key Connector.");
            }

            var result = await UpdatePasswordHash(user, newMasterPassword);
            if (!result.Succeeded)
            {
                return result;
            }

            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
            user.Key = key;
            user.ForcePasswordReset = true;

            await _userRepository.ReplaceAsync(user);
            await _mailService.SendAdminResetPasswordEmailAsync(user.Email, user.Name, org.Name);
            await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_AdminResetPassword);
            await _pushService.PushLogOutAsync(user.Id);

            return IdentityResult.Success;
        }

        public async Task<IdentityResult> UpdateTempPasswordAsync(User user, string newMasterPassword, string key, string hint)
        {
            if (!user.ForcePasswordReset)
            {
                throw new BadRequestException("User does not have a temporary password to update.");
            }

            var result = await UpdatePasswordHash(user, newMasterPassword);
            if (!result.Succeeded)
            {
                return result;
            }

            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
            user.ForcePasswordReset = false;
            user.Key = key;
            user.MasterPasswordHint = hint;

            await _userRepository.ReplaceAsync(user);
            await _mailService.SendUpdatedTempPasswordEmailAsync(user.Email, user.Name);
            await _eventService.LogUserEventAsync(user.Id, EventType.User_UpdatedTempPassword);
            await _pushService.PushLogOutAsync(user.Id);

            return IdentityResult.Success;
        }

        public async Task<IdentityResult> ChangeKdfAsync(User user, string masterPassword, string newMasterPassword,
            string key, KdfType kdf, int kdfIterations)
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (await CheckPasswordAsync(user, masterPassword))
            {
                var result = await UpdatePasswordHash(user, newMasterPassword);
                if (!result.Succeeded)
                {
                    return result;
                }

                user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
                user.Key = key;
                user.Kdf = kdf;
                user.KdfIterations = kdfIterations;
                await _userRepository.ReplaceAsync(user);
                await _pushService.PushLogOutAsync(user.Id);
                return IdentityResult.Success;
            }

            Logger.LogWarning("Change KDF failed for user {userId}.", user.Id);
            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
        }

        public async Task<IdentityResult> UpdateKeyAsync(User user, string masterPassword, string key, string privateKey,
            IEnumerable<Cipher> ciphers, IEnumerable<Folder> folders, IEnumerable<Send> sends)
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (await CheckPasswordAsync(user, masterPassword))
            {
                user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
                user.SecurityStamp = Guid.NewGuid().ToString();
                user.Key = key;
                user.PrivateKey = privateKey;
                if (ciphers.Any() || folders.Any() || sends.Any())
                {
                    await _cipherRepository.UpdateUserKeysAndCiphersAsync(user, ciphers, folders, sends);
                }
                else
                {
                    await _userRepository.ReplaceAsync(user);
                }

                await _pushService.PushLogOutAsync(user.Id);
                return IdentityResult.Success;
            }

            Logger.LogWarning("Update key failed for user {userId}.", user.Id);
            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
        }

        public async Task<IdentityResult> RefreshSecurityStampAsync(User user, string secret)
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (await VerifySecretAsync(user, secret))
            {
                var result = await base.UpdateSecurityStampAsync(user);
                if (!result.Succeeded)
                {
                    return result;
                }

                await SaveUserAsync(user);
                await _pushService.PushLogOutAsync(user.Id);
                return IdentityResult.Success;
            }

            Logger.LogWarning("Refresh security stamp failed for user {userId}.", user.Id);
            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
        }

        public async Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type, bool setEnabled = true, bool logEvent = true)
        {
            SetTwoFactorProvider(user, type, setEnabled);
            await SaveUserAsync(user);
            if (logEvent)
            {
                await _eventService.LogUserEventAsync(user.Id, EventType.User_Updated2fa);
            }
        }

        public async Task DisableTwoFactorProviderAsync(User user, TwoFactorProviderType type,
            IOrganizationService organizationService)
        {
            var providers = user.GetTwoFactorProviders();
            if (!providers?.ContainsKey(type) ?? true)
            {
                return;
            }

            providers.Remove(type);
            user.SetTwoFactorProviders(providers);
            await SaveUserAsync(user);
            await _eventService.LogUserEventAsync(user.Id, EventType.User_Disabled2fa);

            if (!await TwoFactorIsEnabledAsync(user))
            {
                await CheckPoliciesOnTwoFactorRemovalAsync(user, organizationService);
            }
        }

        public async Task<bool> RecoverTwoFactorAsync(string email, string secret, string recoveryCode,
            IOrganizationService organizationService)
        {
            var user = await _userRepository.GetByEmailAsync(email);
            if (user == null)
            {
                // No user exists. Do we want to send an email telling them this in the future?
                return false;
            }

            if (!await VerifySecretAsync(user, secret))
            {
                return false;
            }

            if (!CoreHelpers.FixedTimeEquals(user.TwoFactorRecoveryCode, recoveryCode))
            {
                return false;
            }

            user.TwoFactorProviders = null;
            user.TwoFactorRecoveryCode = CoreHelpers.SecureRandomString(32, upper: false, special: false);
            await SaveUserAsync(user);
            await _mailService.SendRecoverTwoFactorEmail(user.Email, DateTime.UtcNow, _currentContext.IpAddress);
            await _eventService.LogUserEventAsync(user.Id, EventType.User_Recovered2fa);
            await CheckPoliciesOnTwoFactorRemovalAsync(user, organizationService);

            return true;
        }

        public async Task<Tuple<bool, string>> SignUpPremiumAsync(User user, string paymentToken,
            PaymentMethodType paymentMethodType, short additionalStorageGb, UserLicense license,
            TaxInfo taxInfo)
        {
            if (user.Premium)
            {
                throw new BadRequestException("Already a premium user.");
            }

            if (additionalStorageGb < 0)
            {
                throw new BadRequestException("You can't subtract storage!");
            }

            if ((paymentMethodType == PaymentMethodType.GoogleInApp ||
                paymentMethodType == PaymentMethodType.AppleInApp) && additionalStorageGb > 0)
            {
                throw new BadRequestException("You cannot add storage with this payment method.");
            }

            string paymentIntentClientSecret = null;
            IPaymentService paymentService = null;
            if (_globalSettings.SelfHosted)
            {
                if (license == null || !_licenseService.VerifyLicense(license))
                {
                    throw new BadRequestException("Invalid license.");
                }

                if (!license.CanUse(user))
                {
                    throw new BadRequestException("This license is not valid for this user.");
                }

                var dir = $"{_globalSettings.LicenseDirectory}/user";
                Directory.CreateDirectory(dir);
                using var fs = File.OpenWrite(Path.Combine(dir, $"{user.Id}.json"));
                await JsonSerializer.SerializeAsync(fs, license, JsonHelpers.Indented);
            }
            else
            {
                paymentIntentClientSecret = await _paymentService.PurchasePremiumAsync(user, paymentMethodType,
                    paymentToken, additionalStorageGb, taxInfo);
            }

            user.Premium = true;
            user.RevisionDate = DateTime.UtcNow;

            if (_globalSettings.SelfHosted)
            {
                user.MaxStorageGb = 10240; // 10 TB
                user.LicenseKey = license.LicenseKey;
                user.PremiumExpirationDate = license.Expires;
            }
            else
            {
                user.MaxStorageGb = (short)(1 + additionalStorageGb);
                user.LicenseKey = CoreHelpers.SecureRandomString(20);
            }

            try
            {
                await SaveUserAsync(user);
                await _pushService.PushSyncVaultAsync(user.Id);
                await _referenceEventService.RaiseEventAsync(
                    new ReferenceEvent(ReferenceEventType.UpgradePlan, user)
                    {
                        Storage = user.MaxStorageGb,
                        PlanName = PremiumPlanId,
                    });
            }
            catch when (!_globalSettings.SelfHosted)
            {
                await paymentService.CancelAndRecoverChargesAsync(user);
                throw;
            }
            return new Tuple<bool, string>(string.IsNullOrWhiteSpace(paymentIntentClientSecret),
                paymentIntentClientSecret);
        }

        public async Task IapCheckAsync(User user, PaymentMethodType paymentMethodType)
        {
            if (paymentMethodType != PaymentMethodType.AppleInApp)
            {
                throw new BadRequestException("Payment method not supported for in-app purchases.");
            }

            if (user.Premium)
            {
                throw new BadRequestException("Already a premium user.");
            }

            if (!string.IsNullOrWhiteSpace(user.GatewayCustomerId))
            {
                var customerService = new Stripe.CustomerService();
                var customer = await customerService.GetAsync(user.GatewayCustomerId);
                if (customer != null && customer.Balance != 0)
                {
                    throw new BadRequestException("Customer balance cannot exist when using in-app purchases.");
                }
            }
        }

        public async Task UpdateLicenseAsync(User user, UserLicense license)
        {
            if (!_globalSettings.SelfHosted)
            {
                throw new InvalidOperationException("Licenses require self hosting.");
            }

            if (license?.LicenseType != null && license.LicenseType != LicenseType.User)
            {
                throw new BadRequestException("Organization licenses cannot be applied to a user. "
                    + "Upload this license from the Organization settings page.");
            }

            if (license == null || !_licenseService.VerifyLicense(license))
            {
                throw new BadRequestException("Invalid license.");
            }

            if (!license.CanUse(user))
            {
                throw new BadRequestException("This license is not valid for this user.");
            }

            var dir = $"{_globalSettings.LicenseDirectory}/user";
            Directory.CreateDirectory(dir);
            using var fs = File.OpenWrite(Path.Combine(dir, $"{user.Id}.json"));
            await JsonSerializer.SerializeAsync(fs, license, JsonHelpers.Indented);

            user.Premium = license.Premium;
            user.RevisionDate = DateTime.UtcNow;
            user.MaxStorageGb = _globalSettings.SelfHosted ? 10240 : license.MaxStorageGb; // 10 TB
            user.LicenseKey = license.LicenseKey;
            user.PremiumExpirationDate = license.Expires;
            await SaveUserAsync(user);
        }

        public async Task<string> AdjustStorageAsync(User user, short storageAdjustmentGb)
        {
            if (user == null)
            {
                throw new ArgumentNullException(nameof(user));
            }

            if (!user.Premium)
            {
                throw new BadRequestException("Not a premium user.");
            }

            var secret = await BillingHelpers.AdjustStorageAsync(_paymentService, user, storageAdjustmentGb,
                StoragePlanId);
            await _referenceEventService.RaiseEventAsync(
                new ReferenceEvent(ReferenceEventType.AdjustStorage, user)
                {
                    Storage = storageAdjustmentGb,
                    PlanName = StoragePlanId,
                });
            await SaveUserAsync(user);
            return secret;
        }

        public async Task ReplacePaymentMethodAsync(User user, string paymentToken, PaymentMethodType paymentMethodType, TaxInfo taxInfo)
        {
            if (paymentToken.StartsWith("btok_"))
            {
                throw new BadRequestException("Invalid token.");
            }

            var updated = await _paymentService.UpdatePaymentMethodAsync(user, paymentMethodType, paymentToken, taxInfo: taxInfo);
            if (updated)
            {
                await SaveUserAsync(user);
            }
        }

        public async Task CancelPremiumAsync(User user, bool? endOfPeriod = null, bool accountDelete = false)
        {
            var eop = endOfPeriod.GetValueOrDefault(true);
            if (!endOfPeriod.HasValue && user.PremiumExpirationDate.HasValue &&
                user.PremiumExpirationDate.Value < DateTime.UtcNow)
            {
                eop = false;
            }
            await _paymentService.CancelSubscriptionAsync(user, eop, accountDelete);
            await _referenceEventService.RaiseEventAsync(
                new ReferenceEvent(ReferenceEventType.CancelSubscription, user)
                {
                    EndOfPeriod = eop,
                });
        }

        public async Task ReinstatePremiumAsync(User user)
        {
            await _paymentService.ReinstateSubscriptionAsync(user);
            await _referenceEventService.RaiseEventAsync(
                new ReferenceEvent(ReferenceEventType.ReinstateSubscription, user));
        }

        public async Task EnablePremiumAsync(Guid userId, DateTime? expirationDate)
        {
            var user = await _userRepository.GetByIdAsync(userId);
            await EnablePremiumAsync(user, expirationDate);
        }

        public async Task EnablePremiumAsync(User user, DateTime? expirationDate)
        {
            if (user != null && !user.Premium && user.Gateway.HasValue)
            {
                user.Premium = true;
                user.PremiumExpirationDate = expirationDate;
                user.RevisionDate = DateTime.UtcNow;
                await _userRepository.ReplaceAsync(user);
            }
        }

        public async Task DisablePremiumAsync(Guid userId, DateTime? expirationDate)
        {
            var user = await _userRepository.GetByIdAsync(userId);
            await DisablePremiumAsync(user, expirationDate);
        }

        public async Task DisablePremiumAsync(User user, DateTime? expirationDate)
        {
            if (user != null && user.Premium)
            {
                user.Premium = false;
                user.PremiumExpirationDate = expirationDate;
                user.RevisionDate = DateTime.UtcNow;
                await _userRepository.ReplaceAsync(user);
            }
        }

        public async Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate)
        {
            var user = await _userRepository.GetByIdAsync(userId);
            if (user != null)
            {
                user.PremiumExpirationDate = expirationDate;
                user.RevisionDate = DateTime.UtcNow;
                await _userRepository.ReplaceAsync(user);
            }
        }

        public async Task<UserLicense> GenerateLicenseAsync(User user, SubscriptionInfo subscriptionInfo = null,
            int? version = null)
        {
            if (user == null)
            {
                throw new NotFoundException();
            }

            if (subscriptionInfo == null && user.Gateway != null)
            {
                subscriptionInfo = await _paymentService.GetSubscriptionAsync(user);
            }

            return subscriptionInfo == null ? new UserLicense(user, _licenseService) :
                new UserLicense(user, subscriptionInfo, _licenseService);
        }

        public override async Task<bool> CheckPasswordAsync(User user, string password)
        {
            if (user == null)
            {
                return false;
            }

            var result = await base.VerifyPasswordAsync(Store as IUserPasswordStore<User>, user, password);
            if (result == PasswordVerificationResult.SuccessRehashNeeded)
            {
                await UpdatePasswordHash(user, password, false, false);
                user.RevisionDate = DateTime.UtcNow;
                await _userRepository.ReplaceAsync(user);
            }

            var success = result != PasswordVerificationResult.Failed;
            if (!success)
            {
                Logger.LogWarning(0, "Invalid password for user {userId}.", user.Id);
            }
            return success;
        }

        public async Task<bool> CanAccessPremium(ITwoFactorProvidersUser user)
        {
            var userId = user.GetUserId();
            if (!userId.HasValue)
            {
                return false;
            }

            return user.GetPremium() || await this.HasPremiumFromOrganization(user);
        }

        public async Task<bool> HasPremiumFromOrganization(ITwoFactorProvidersUser user)
        {
            var userId = user.GetUserId();
            if (!userId.HasValue)
            {
                return false;
            }

            // orgUsers in the Invited status are not associated with a userId yet, so this will get
            // orgUsers in Accepted and Confirmed states only
            var orgUsers = await _organizationUserRepository.GetManyByUserAsync(userId.Value);

            if (!orgUsers.Any())
            {
                return false;
            }

            var orgAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
            return orgUsers.Any(ou =>
                orgAbilities.TryGetValue(ou.OrganizationId, out var orgAbility) &&
                orgAbility.UsersGetPremium &&
                orgAbility.Enabled);
        }

        public async Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user)
        {
            var providers = user.GetTwoFactorProviders();
            if (providers == null)
            {
                return false;
            }

            foreach (var p in providers)
            {
                if (p.Value?.Enabled ?? false)
                {
                    if (!TwoFactorProvider.RequiresPremium(p.Key))
                    {
                        return true;
                    }
                    if (await CanAccessPremium(user))
                    {
                        return true;
                    }
                }
            }
            return false;
        }

        public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user)
        {
            var providers = user.GetTwoFactorProviders();
            if (providers == null || !providers.ContainsKey(provider) || !providers[provider].Enabled)
            {
                return false;
            }

            if (!TwoFactorProvider.RequiresPremium(provider))
            {
                return true;
            }

            return await CanAccessPremium(user);
        }

        public async Task<string> GenerateSignInTokenAsync(User user, string purpose)
        {
            var token = await GenerateUserTokenAsync(user, Options.Tokens.PasswordResetTokenProvider,
                purpose);
            return token;
        }

        private async Task<IdentityResult> UpdatePasswordHash(User user, string newPassword,
            bool validatePassword = true, bool refreshStamp = true)
        {
            if (validatePassword)
            {
                var validate = await ValidatePasswordInternal(user, newPassword);
                if (!validate.Succeeded)
                {
                    return validate;
                }
            }

            user.MasterPassword = _passwordHasher.HashPassword(user, newPassword);
            if (refreshStamp)
            {
                user.SecurityStamp = Guid.NewGuid().ToString();
            }

            return IdentityResult.Success;
        }

        private async Task<IdentityResult> ValidatePasswordInternal(User user, string password)
        {
            var errors = new List<IdentityError>();
            foreach (var v in _passwordValidators)
            {
                var result = await v.ValidateAsync(this, user, password);
                if (!result.Succeeded)
                {
                    errors.AddRange(result.Errors);
                }
            }

            if (errors.Count > 0)
            {
                Logger.LogWarning("User {userId} password validation failed: {errors}.", await GetUserIdAsync(user),
                    string.Join(";", errors.Select(e => e.Code)));
                return IdentityResult.Failed(errors.ToArray());
            }

            return IdentityResult.Success;
        }

        public void SetTwoFactorProvider(User user, TwoFactorProviderType type, bool setEnabled = true)
        {
            var providers = user.GetTwoFactorProviders();
            if (!providers?.ContainsKey(type) ?? true)
            {
                return;
            }

            if (setEnabled)
            {
                providers[type].Enabled = true;
            }
            user.SetTwoFactorProviders(providers);

            if (string.IsNullOrWhiteSpace(user.TwoFactorRecoveryCode))
            {
                user.TwoFactorRecoveryCode = CoreHelpers.SecureRandomString(32, upper: false, special: false);
            }
        }

        private async Task CheckPoliciesOnTwoFactorRemovalAsync(User user, IOrganizationService organizationService)
        {
            var twoFactorPolicies = await _policyRepository.GetManyByTypeApplicableToUserIdAsync(user.Id,
                PolicyType.TwoFactorAuthentication);

            var removeOrgUserTasks = twoFactorPolicies.Select(async p =>
            {
                await organizationService.DeleteUserAsync(p.OrganizationId, user.Id);
                var organization = await _organizationRepository.GetByIdAsync(p.OrganizationId);
                await _mailService.SendOrganizationUserRemovedForPolicyTwoStepEmailAsync(
                    organization.Name, user.Email);
            }).ToArray();

            await Task.WhenAll(removeOrgUserTasks);
        }

        public override async Task<IdentityResult> ConfirmEmailAsync(User user, string token)
        {
            var result = await base.ConfirmEmailAsync(user, token);
            if (result.Succeeded)
            {
                await _referenceEventService.RaiseEventAsync(
                    new ReferenceEvent(ReferenceEventType.ConfirmEmailAddress, user));
            }
            return result;
        }

        public async Task RotateApiKeyAsync(User user)
        {
            user.ApiKey = CoreHelpers.SecureRandomString(30);
            user.RevisionDate = DateTime.UtcNow;
            await _userRepository.ReplaceAsync(user);
        }

        public async Task SendOTPAsync(User user)
        {
            if (user.Email == null)
            {
                throw new BadRequestException("No user email.");
            }

            if (!user.UsesKeyConnector)
            {
                throw new BadRequestException("Not using Key Connector.");
            }

            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
                "otp:" + user.Email);
            await _mailService.SendOTPEmailAsync(user.Email, token);
        }

        public Task<bool> VerifyOTPAsync(User user, string token)
        {
            return base.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
                "otp:" + user.Email, token);
        }

        public async Task<bool> VerifySecretAsync(User user, string secret)
        {
            return user.UsesKeyConnector
                ? await VerifyOTPAsync(user, secret)
                : await CheckPasswordAsync(user, secret);
        }

        public async Task<bool> Needs2FABecauseNewDeviceAsync(User user, string deviceIdentifier, string grantType)
        {
            return CanEditDeviceVerificationSettings(user)
                   && user.UnknownDeviceVerificationEnabled
                   && grantType != "authorization_code"
                   && await IsNewDeviceAndNotTheFirstOneAsync(user, deviceIdentifier);
        }

        public bool CanEditDeviceVerificationSettings(User user)
        {
            return _globalSettings.TwoFactorAuth.EmailOnNewDeviceLogin
                   && user.EmailVerified
                   && !user.UsesKeyConnector
                   && !(user.GetTwoFactorProviders()?.Any() ?? false);
        }

        private async Task<bool> IsNewDeviceAndNotTheFirstOneAsync(User user, string deviceIdentifier)
        {
            if (user == null)
            {
                return default;
            }

            var devices = await _deviceRepository.GetManyByUserIdAsync(user.Id);
            if (!devices.Any())
            {
                return false;
            }

            return !devices.Any(d => d.Identifier == deviceIdentifier);
        }
    }
}
-												Turn On `ImplicitUsings` (#2079)

* Turn on ImplicitUsings

* Fix formatting

* Run linter
											
										
										
											2022-06-29 19:46:41 -04:00
+								using System.Security.Claims;
-												Start Migration from Newtonsoft.Json to System.Text.Json (#1803)

* Start switch to System.Text.Json

* Work on switching to System.Text.Json

* Main work on STJ refactor

* Fix build errors

* Run formatting

* Delete unused file

* Use legacy for two factor providers

* Run formatter

* Add TokenProviderTests

* Run formatting

* Fix merge issues

* Switch to use JsonSerializer

* Address PR feedback

* Fix formatting

* Ran formatter

* Switch to async

* Ensure Enums are serialized as strings

* Fix formatting

* Enqueue single items as arrays

* Remove CreateAsync method on AzureQueueService
											
										
										
											2022-01-21 09:36:25 -05:00
+								using System.Text.Json;
-												Add disable send policy (#1130)

* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
											
										
										
											2021-02-04 12:54:21 -06:00
+								using Bit.Core.Context;
-												Split out repositories to Infrastructure.Dapper / EntityFramework (#1759)


											
										
										
											2022-01-11 10:40:51 +01:00
+								using Bit.Core.Entities;
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								using Bit.Core.Enums;
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								using Bit.Core.Exceptions;
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								using Bit.Core.Models;
 								using Bit.Core.Models.Business;
 								using Bit.Core.Repositories;
-												Use sas token for attachment downloads (#1153)

* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
											
										
										
											2021-02-22 15:35:16 -06:00
+								using Bit.Core.Settings;
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								using Bit.Core.Utilities;
-												WebAuthn (#903)


											
										
										
											2021-03-22 23:21:43 +01:00
+								using Fido2NetLib;
 								using Fido2NetLib.Objects;
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								using Microsoft.AspNetCore.DataProtection;
 								using Microsoft.AspNetCore.Identity;
 								using Microsoft.Extensions.Logging;
 								using Microsoft.Extensions.Options;
 								using File = System.IO.File;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								namespace Bit.Core.Services
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								{
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								    public class UserService : UserManager<User>, IUserService, IDisposable
 								    {
 								        private const string PremiumPlanId = "premium-annually";
 								        private const string StoragePlanId = "storage-gb-annually";
 								        private readonly IUserRepository _userRepository;
 								        private readonly ICipherRepository _cipherRepository;
 								        private readonly IOrganizationUserRepository _organizationUserRepository;
 								        private readonly IOrganizationRepository _organizationRepository;
 								        private readonly IMailService _mailService;
 								        private readonly IPushNotificationService _pushService;
 								        private readonly IdentityErrorDescriber _identityErrorDescriber;
 								        private readonly IdentityOptions _identityOptions;
 								        private readonly IPasswordHasher<User> _passwordHasher;
 								        private readonly IEnumerable<IPasswordValidator<User>> _passwordValidators;
 								        private readonly ILicensingService _licenseService;
 								        private readonly IEventService _eventService;
 								        private readonly IApplicationCacheService _applicationCacheService;
 								        private readonly IPaymentService _paymentService;
 								        private readonly IPolicyRepository _policyRepository;
 								        private readonly IDataProtector _organizationServiceDataProtector;
 								        private readonly IReferenceEventService _referenceEventService;
 								        private readonly IFido2 _fido2;
 								        private readonly ICurrentContext _currentContext;
 								        private readonly IGlobalSettings _globalSettings;
 								        private readonly IOrganizationService _organizationService;
 								        private readonly IProviderUserRepository _providerUserRepository;
 								        private readonly IDeviceRepository _deviceRepository;
 								        private readonly IStripeSyncService _stripeSyncService;
 								        public UserService(
 								            IUserRepository userRepository,
 								            ICipherRepository cipherRepository,
 								            IOrganizationUserRepository organizationUserRepository,
 								            IOrganizationRepository organizationRepository,
 								            IMailService mailService,
 								            IPushNotificationService pushService,
 								            IUserStore<User> store,
 								            IOptions<IdentityOptions> optionsAccessor,
 								            IPasswordHasher<User> passwordHasher,
 								            IEnumerable<IUserValidator<User>> userValidators,
 								            IEnumerable<IPasswordValidator<User>> passwordValidators,
 								            ILookupNormalizer keyNormalizer,
 								            IdentityErrorDescriber errors,
 								            IServiceProvider services,
 								            ILogger<UserManager<User>> logger,
 								            ILicensingService licenseService,
 								            IEventService eventService,
 								            IApplicationCacheService applicationCacheService,
 								            IDataProtectionProvider dataProtectionProvider,
 								            IPaymentService paymentService,
 								            IPolicyRepository policyRepository,
 								            IReferenceEventService referenceEventService,
 								            IFido2 fido2,
 								            ICurrentContext currentContext,
 								            IGlobalSettings globalSettings,
 								            IOrganizationService organizationService,
 								            IProviderUserRepository providerUserRepository,
 								            IDeviceRepository deviceRepository,
 								            IStripeSyncService stripeSyncService)
 								            : base(
 								                  store,
 								                  optionsAccessor,
 								                  passwordHasher,
 								                  userValidators,
 								                  passwordValidators,
 								                  keyNormalizer,
 								                  errors,
 								                  services,
 								                  logger)
 								        {
 								            _userRepository = userRepository;
 								            _cipherRepository = cipherRepository;
 								            _organizationUserRepository = organizationUserRepository;
 								            _organizationRepository = organizationRepository;
 								            _mailService = mailService;
 								            _pushService = pushService;
 								            _identityOptions = optionsAccessor?.Value ?? new IdentityOptions();
 								            _identityErrorDescriber = errors;
 								            _passwordHasher = passwordHasher;
 								            _passwordValidators = passwordValidators;
 								            _licenseService = licenseService;
 								            _eventService = eventService;
 								            _applicationCacheService = applicationCacheService;
 								            _paymentService = paymentService;
 								            _policyRepository = policyRepository;
 								            _organizationServiceDataProtector = dataProtectionProvider.CreateProtector(
 								                "OrganizationServiceDataProtector");
 								            _referenceEventService = referenceEventService;
 								            _fido2 = fido2;
 								            _currentContext = currentContext;
 								            _globalSettings = globalSettings;
 								            _organizationService = organizationService;
 								            _providerUserRepository = providerUserRepository;
 								            _deviceRepository = deviceRepository;
 								            _stripeSyncService = stripeSyncService;
 								        }
 								        public Guid? GetProperUserId(ClaimsPrincipal principal)
 								        {
 								            if (!Guid.TryParse(GetUserId(principal), out var userIdGuid))
 								            {
 								                return null;
 								            }
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return userIdGuid;
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												Move claims issuance and security stamp checks out into profile service. moved context sets out of identity implementations and into get methods.

											
										
										
											2017-01-24 22:15:21 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<User> GetUserByIdAsync(string userId)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (_currentContext?.User != null &&
 								                string.Equals(_currentContext.User.Id.ToString(), userId, StringComparison.InvariantCultureIgnoreCase))
 								            {
 								                return _currentContext.User;
 								            }
 								            if (!Guid.TryParse(userId, out var userIdGuid))
 								            {
 								                return null;
 								            }
 								            _currentContext.User = await _userRepository.GetByIdAsync(userIdGuid);
-												Move claims issuance and security stamp checks out into profile service. moved context sets out of identity implementations and into get methods.

											
										
										
											2017-01-24 22:15:21 -05:00
+								            return _currentContext.User;
-												re-working claims for aspnet core identity integration and backwards compat

											
										
										
											2017-01-11 21:46:36 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<User> GetUserByIdAsync(Guid userId)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (_currentContext?.User != null && _currentContext.User.Id == userId)
 								            {
 								                return _currentContext.User;
 								            }
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            _currentContext.User = await _userRepository.GetByIdAsync(userId);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								            return _currentContext.User;
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<User> GetUserByPrincipalAsync(ClaimsPrincipal principal)
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var userId = GetProperUserId(principal);
 								            if (!userId.HasValue)
 								            {
 								                return null;
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return await GetUserByIdAsync(userId.Value);
 								        }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<DateTime> GetAccountRevisionDateByIdAsync(Guid userId)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return await _userRepository.GetAccountRevisionDateAsync(userId);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												Transactionally safe user password and email change updates.

											
										
										
											2016-02-21 00:15:17 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task SaveUserAsync(User user, bool push = false)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user.Id == default(Guid))
 								            {
 								                throw new ApplicationException("Use register method to create a new user.");
 								            }
 								            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								            await _userRepository.ReplaceAsync(user);
 								            if (push)
 								            {
 								                // push
 								                await _pushService.PushSyncSettingsAsync(user.Id);
 								            }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public override async Task<IdentityResult> DeleteAsync(User user)
-												handle user delete scenarios when part of org

											
										
										
											2017-04-27 17:28:39 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            // Check if user is the only owner of any organizations.
 								            var onlyOwnerCount = await _organizationUserRepository.GetCountByOnlyOwnerAsync(user.Id);
 								            if (onlyOwnerCount > 0)
-												handle user delete scenarios when part of org

											
										
										
											2017-04-27 17:28:39 -04:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                var deletedOrg = false;
 								                var orgs = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id,
 								                    OrganizationUserStatusType.Confirmed);
 								                if (orgs.Count == 1)
-												handle user delete scenarios when part of org

											
										
										
											2017-04-27 17:28:39 -04:00
+								                {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                    var org = await _organizationRepository.GetByIdAsync(orgs.First().OrganizationId);
 								                    if (org != null && (!org.Enabled || string.IsNullOrWhiteSpace(org.GatewaySubscriptionId)))
-												sometimes delete org on user delete

											
										
										
											2018-12-03 10:56:55 -05:00
+								                    {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                        var orgCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(org.Id);
 								                        if (orgCount <= 1)
 								                        {
 								                            await _organizationRepository.DeleteAsync(org);
 								                            deletedOrg = true;
 								                        }
-												sometimes delete org on user delete

											
										
										
											2018-12-03 10:56:55 -05:00
+								                    }
 								                }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
 								                if (!deletedOrg)
 								                {
 								                    return IdentityResult.Failed(new IdentityError
 								                    {
 								                        Description = "Cannot delete this user because it is the sole owner of at least one organization. Please delete these organizations or upgrade another user.",
 								                    });
 								                }
-												handle user delete scenarios when part of org

											
										
										
											2017-04-27 17:28:39 -04:00
+								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var onlyOwnerProviderCount = await _providerUserRepository.GetCountByOnlyOwnerAsync(user.Id);
 								            if (onlyOwnerProviderCount > 0)
-												Resolve error when deleting an account connected to a provider (#1580)


											
										
										
											2021-09-15 20:34:06 +02:00
+								            {
 								                return IdentityResult.Failed(new IdentityError
 								                {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                    Description = "Cannot delete this user because it is the sole owner of at least one provider. Please delete these providers or upgrade another user.",
-												Resolve error when deleting an account connected to a provider (#1580)


											
										
										
											2021-09-15 20:34:06 +02:00
+								                });
 								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!string.IsNullOrWhiteSpace(user.GatewaySubscriptionId))
-												cancel any subscriptions when deleting account

											
										
										
											2017-07-11 11:19:58 -04:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                try
 								                {
 								                    await CancelPremiumAsync(user, null, true);
 								                }
 								                catch (GatewayException) { }
 								            }
 								            await _userRepository.DeleteAsync(user);
 								            await _referenceEventService.RaiseEventAsync(
 								                new ReferenceEvent(ReferenceEventType.DeleteAccount, user));
 								            await _pushService.PushLogOutAsync(user.Id);
 								            return IdentityResult.Success;
-												handle user delete scenarios when part of org

											
										
										
											2017-04-27 17:28:39 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> DeleteAsync(User user, string token)
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!(await VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "DeleteAccount", token)))
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                return IdentityResult.Failed(ErrorDescriber.InvalidToken());
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return await DeleteAsync(user);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task SendDeleteConfirmationAsync(string email)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var user = await _userRepository.GetByEmailAsync(email);
 								            if (user == null)
 								            {
 								                // No user exists.
 								                return;
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "DeleteAccount");
 								            await _mailService.SendVerifyDeleteEmailAsync(user.Email, user.Id, token);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												allow org user reg. when reg. is disabled

											
										
										
											2018-05-24 16:53:07 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> RegisterUserAsync(User user, string masterPassword,
 								            string token, Guid? orgUserId)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var tokenValid = false;
 								            if (_globalSettings.DisableUserRegistration && !string.IsNullOrWhiteSpace(token) && orgUserId.HasValue)
 								            {
 								                tokenValid = CoreHelpers.UserInviteTokenIsValid(_organizationServiceDataProtector, token,
 								                    user.Email, orgUserId.Value, _globalSettings);
 								            }
-												allow to disable user registration from env

											
										
										
											2017-08-28 07:50:57 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (_globalSettings.DisableUserRegistration && !tokenValid)
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                throw new BadRequestException("Open registration has been disabled by the system administrator.");
 								            }
 								            if (orgUserId.HasValue)
 								            {
 								                var orgUser = await _organizationUserRepository.GetByIdAsync(orgUserId.Value);
 								                if (orgUser != null)
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								                {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                    var twoFactorPolicy = await _policyRepository.GetByOrganizationIdTypeAsync(orgUser.OrganizationId,
 								                        PolicyType.TwoFactorAuthentication);
 								                    if (twoFactorPolicy != null && twoFactorPolicy.Enabled)
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								                    {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                        user.SetTwoFactorProviders(new Dictionary<TwoFactorProviderType, TwoFactorProvider>
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								                        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
 								                            [TwoFactorProviderType.Email] = new TwoFactorProvider
 								                            {
 								                                MetaData = new Dictionary<string, object> { ["Email"] = user.Email.ToLowerInvariant() },
 								                                Enabled = true
 								                            }
 								                        });
 								                        SetTwoFactorProvider(user, TwoFactorProviderType.Email);
 								                    }
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								                }
 								            }
-												allow user registration for sso (#865)


											
										
										
											2020-08-13 17:30:10 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.ApiKey = CoreHelpers.SecureRandomString(30);
 								            var result = await base.CreateAsync(user, masterPassword);
 								            if (result == IdentityResult.Success)
 								            {
 								                await _mailService.SendWelcomeEmailAsync(user);
 								                await _referenceEventService.RaiseEventAsync(new ReferenceEvent(ReferenceEventType.Signup, user));
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return result;
-												allow user registration for sso (#865)


											
										
										
											2020-08-13 17:30:10 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> RegisterUserAsync(User user)
-												allow user registration for sso (#865)


											
										
										
											2020-08-13 17:30:10 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var result = await base.CreateAsync(user);
 								            if (result == IdentityResult.Success)
 								            {
 								                await _mailService.SendWelcomeEmailAsync(user);
 								                await _referenceEventService.RaiseEventAsync(new ReferenceEvent(ReferenceEventType.Signup, user));
 								            }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return result;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task SendMasterPasswordHintAsync(string email)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var user = await _userRepository.GetByEmailAsync(email);
 								            if (user == null)
 								            {
 								                // No user exists. Do we want to send an email telling them this in the future?
 								                return;
 								            }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (string.IsNullOrWhiteSpace(user.MasterPasswordHint))
 								            {
 								                await _mailService.SendNoMasterPasswordHintEmailAsync(email);
 								                return;
 								            }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _mailService.SendMasterPasswordHintEmailAsync(email, user.MasterPasswordHint);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task SendTwoFactorEmailAsync(User user, bool isBecauseNewDeviceLogin = false)
-												two factor email setup

											
										
										
											2017-06-20 09:21:35 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
 								            if (provider == null || provider.MetaData == null || !provider.MetaData.ContainsKey("Email"))
 								            {
 								                throw new ArgumentNullException("No email.");
 								            }
-												two factor email setup

											
										
										
											2017-06-20 09:21:35 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var email = ((string)provider.MetaData["Email"]).ToLowerInvariant();
 								            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
 								                "2faEmail:" + email);
-												Email verification for new devices (#1931)

* PS-56 Added Email 2FA on login with new devices that don't have any 2FA enabled

* PS-56 Fixed wrong argument in VerifyTwoFactor call
											
										
										
											2022-04-01 17:08:47 -03:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (isBecauseNewDeviceLogin)
-												two factor email setup

											
										
										
											2017-06-20 09:21:35 -04:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                await _mailService.SendNewDeviceLoginTwoFactorEmailAsync(email, token);
 								            }
 								            else
 								            {
 								                await _mailService.SendTwoFactorEmailAsync(email, token);
 								            }
-												two factor email setup

											
										
										
											2017-06-20 09:21:35 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> VerifyTwoFactorEmailAsync(User user, string token)
-												initiating u2f registration

											
										
										
											2017-06-21 22:33:45 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
 								            if (provider == null || provider.MetaData == null || !provider.MetaData.ContainsKey("Email"))
 								            {
 								                throw new ArgumentNullException("No email.");
 								            }
-												initiating u2f registration

											
										
										
											2017-06-21 22:33:45 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var email = ((string)provider.MetaData["Email"]).ToLowerInvariant();
 								            return await base.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
 								                "2faEmail:" + email, token);
 								        }
-												initiating u2f registration

											
										
										
											2017-06-21 22:33:45 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<CredentialCreateOptions> StartWebAuthnRegistrationAsync(User user)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var providers = user.GetTwoFactorProviders();
 								            if (providers == null)
 								            {
 								                providers = new Dictionary<TwoFactorProviderType, TwoFactorProvider>();
 								            }
 								            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.WebAuthn);
 								            if (provider == null)
 								            {
 								                provider = new TwoFactorProvider
 								                {
 								                    Enabled = false
 								                };
 								            }
 								            if (provider.MetaData == null)
 								            {
 								                provider.MetaData = new Dictionary<string, object>();
 								            }
-												add support for multiple u2f keys

											
										
										
											2018-10-08 14:38:11 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var fidoUser = new Fido2User
 								            {
 								                DisplayName = user.Name,
 								                Name = user.Email,
 								                Id = user.Id.ToByteArray(),
 								            };
-												add support for multiple u2f keys

											
										
										
											2018-10-08 14:38:11 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var excludeCredentials = provider.MetaData
 								                .Where(k => k.Key.StartsWith("Key"))
 								                .Select(k => new TwoFactorProvider.WebAuthnData((dynamic)k.Value).Descriptor)
 								                .ToList();
-												catch u2f exceptions

											
										
										
											2018-10-10 15:21:54 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var authenticatorSelection = new AuthenticatorSelection
 								            {
 								                AuthenticatorAttachment = null,
 								                RequireResidentKey = false,
 								                UserVerification = UserVerificationRequirement.Discouraged
 								            };
 								            var options = _fido2.RequestNewCredential(fidoUser, excludeCredentials, authenticatorSelection, AttestationConveyancePreference.None);
-												WebAuthn (#903)


											
										
										
											2021-03-22 23:21:43 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            provider.MetaData["pending"] = options.ToJson();
 								            providers[TwoFactorProviderType.WebAuthn] = provider;
 								            user.SetTwoFactorProviders(providers);
 								            await UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn, false);
-												WebAuthn (#903)


											
										
										
											2021-03-22 23:21:43 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return options;
 								        }
-												WebAuthn (#903)


											
										
										
											2021-03-22 23:21:43 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> CompleteWebAuthRegistrationAsync(User user, int id, string name, AuthenticatorAttestationRawResponse attestationResponse)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var keyId = $"Key{id}";
-												WebAuthn (#903)


											
										
										
											2021-03-22 23:21:43 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.WebAuthn);
 								            if (!provider?.MetaData?.ContainsKey("pending") ?? true)
 								            {
 								                return false;
 								            }
-												WebAuthn (#903)


											
										
										
											2021-03-22 23:21:43 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var options = CredentialCreateOptions.FromJson((string)provider.MetaData["pending"]);
-												WebAuthn (#903)


											
										
										
											2021-03-22 23:21:43 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            // Callback to ensure credential id is unique. Always return true since we don't care if another
 								            // account uses the same 2fa key.
 								            IsCredentialIdUniqueToUserAsyncDelegate callback = args => Task.FromResult(true);
-												initiating u2f registration

											
										
										
											2017-06-21 22:33:45 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var success = await _fido2.MakeNewCredentialAsync(attestationResponse, options, callback);
-												add support for multiple u2f keys

											
										
										
											2018-10-08 14:38:11 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            provider.MetaData.Remove("pending");
 								            provider.MetaData[keyId] = new TwoFactorProvider.WebAuthnData
 								            {
 								                Name = name,
 								                Descriptor = new PublicKeyCredentialDescriptor(success.Result.CredentialId),
 								                PublicKey = success.Result.PublicKey,
 								                UserHandle = success.Result.User.Id,
 								                SignatureCounter = success.Result.Counter,
 								                CredType = success.Result.CredType,
 								                RegDate = DateTime.Now,
 								                AaGuid = success.Result.Aaguid
 								            };
-												add support for multiple u2f keys

											
										
										
											2018-10-08 14:38:11 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var providers = user.GetTwoFactorProviders();
 								            providers[TwoFactorProviderType.WebAuthn] = provider;
 								            user.SetTwoFactorProviders(providers);
 								            await UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn);
-												add support for multiple u2f keys

											
										
										
											2018-10-08 14:38:11 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return true;
-												initiating u2f registration

											
										
										
											2017-06-21 22:33:45 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> DeleteWebAuthnKeyAsync(User user, int id)
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var providers = user.GetTwoFactorProviders();
 								            if (providers == null)
 								            {
 								                return false;
 								            }
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var keyName = $"Key{id}";
 								            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.WebAuthn);
 								            if (!provider?.MetaData?.ContainsKey(keyName) ?? true)
 								            {
 								                return false;
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (provider.MetaData.Count < 2)
 								            {
 								                return false;
 								            }
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            provider.MetaData.Remove(keyName);
 								            providers[TwoFactorProviderType.WebAuthn] = provider;
 								            user.SetTwoFactorProviders(providers);
 								            await UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.WebAuthn);
 								            return true;
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task SendEmailVerificationAsync(User user)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user.EmailVerified)
 								            {
 								                throw new BadRequestException("Email already verified.");
 								            }
 								            var token = await base.GenerateEmailConfirmationTokenAsync(user);
 								            await _mailService.SendVerifyEmailEmailAsync(user.Email, user.Id, token);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task InitiateEmailChangeAsync(User user, string newEmail)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var existingUser = await _userRepository.GetByEmailAsync(newEmail);
 								            if (existingUser != null)
 								            {
 								                await _mailService.SendChangeEmailAlreadyExistsEmailAsync(user.Email, newEmail);
 								                return;
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var token = await base.GenerateChangeEmailTokenAsync(user, newEmail);
 								            await _mailService.SendChangeEmailEmailAsync(newEmail, token);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> ChangeEmailAsync(User user, string masterPassword, string newEmail,
 								            string newMasterPassword, string token, string key)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var verifyPasswordResult = _passwordHasher.VerifyHashedPassword(user, user.MasterPassword, masterPassword);
 								            if (verifyPasswordResult == PasswordVerificationResult.Failed)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!await base.VerifyUserTokenAsync(user, _identityOptions.Tokens.ChangeEmailTokenProvider,
 								                GetChangeEmailTokenPurpose(newEmail), token))
 								            {
 								                return IdentityResult.Failed(_identityErrorDescriber.InvalidToken());
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var existingUser = await _userRepository.GetByEmailAsync(newEmail);
 								            if (existingUser != null && existingUser.Id != user.Id)
 								            {
 								                return IdentityResult.Failed(_identityErrorDescriber.DuplicateEmail(newEmail));
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var previousState = new
 								            {
 								                Key = user.Key,
 								                MasterPassword = user.MasterPassword,
 								                SecurityStamp = user.SecurityStamp,
 								                Email = user.Email
 								            };
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Transactionally safe user password and email change updates.

											
										
										
											2016-02-21 00:15:17 -05:00
+								            var result = await UpdatePasswordHash(user, newMasterPassword);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								            if (!result.Succeeded)
-												Transactionally safe user password and email change updates.

											
										
										
											2016-02-21 00:15:17 -05:00
+								            {
 								                return result;
 								            }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								            user.Key = key;
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.Email = newEmail;
 								            user.EmailVerified = true;
 								            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								            await _userRepository.ReplaceAsync(user);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
 								            if (user.Gateway == GatewayType.Stripe)
 								            {
 								                try
 								                {
 								                    await _stripeSyncService.UpdateCustomerEmailAddress(user.GatewayCustomerId,
 								                        user.BillingEmailAddress());
 								                }
 								                catch (Exception ex)
 								                {
 								                    //if sync to strip fails, update email and securityStamp to previous
 								                    user.Key = previousState.Key;
 								                    user.Email = previousState.Email;
 								                    user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								                    user.MasterPassword = previousState.MasterPassword;
 								                    user.SecurityStamp = previousState.SecurityStamp;
 								                    await _userRepository.ReplaceAsync(user);
 								                    return IdentityResult.Failed(new IdentityError
 								                    {
 								                        Description = ex.Message
 								                    });
 								                }
 								            }
-												add push events throughout user service actions

											
										
										
											2018-08-28 08:29:54 -04:00
+								            await _pushService.PushLogOutAsync(user.Id);
-												If no ciphers yet, just save user when changing password/email

											
										
										
											2016-10-05 22:03:02 -04:00
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            return IdentityResult.Success;
 								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public override Task<IdentityResult> ChangePasswordAsync(User user, string masterPassword, string newMasterPassword)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            throw new NotImplementedException();
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> ChangePasswordAsync(User user, string masterPassword, string newMasterPassword, string passwordHint,
 								            string key)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
 								            {
 								                throw new ArgumentNullException(nameof(user));
 								            }
-												user revision date updates

											
										
										
											2016-02-21 01:10:31 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (await CheckPasswordAsync(user, masterPassword))
 								            {
 								                var result = await UpdatePasswordHash(user, newMasterPassword);
 								                if (!result.Succeeded)
 								                {
 								                    return result;
 								                }
-												log user events

											
										
										
											2017-12-01 10:07:14 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								                user.Key = key;
 								                user.MasterPasswordHint = passwordHint;
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                await _userRepository.ReplaceAsync(user);
 								                await _eventService.LogUserEventAsync(user.Id, EventType.User_ChangedPassword);
 								                await _pushService.PushLogOutAsync(user.Id);
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                return IdentityResult.Success;
 								            }
-												allow user registration for sso (#865)


											
										
										
											2020-08-13 17:30:10 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            Logger.LogWarning("Change password failed for user {userId}.", user.Id);
 								            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
 								        }
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> SetPasswordAsync(User user, string masterPassword, string key,
 								            string orgIdentifier = null)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
 								            {
 								                throw new ArgumentNullException(nameof(user));
 								            }
-												allow user registration for sso (#865)


											
										
										
											2020-08-13 17:30:10 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!string.IsNullOrWhiteSpace(user.MasterPassword))
 								            {
 								                Logger.LogWarning("Change password failed for user {userId} - already has password.", user.Id);
 								                return IdentityResult.Failed(_identityErrorDescriber.UserAlreadyHasPassword());
 								            }
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var result = await UpdatePasswordHash(user, masterPassword, true, false);
 								            if (!result.Succeeded)
 								            {
 								                return result;
 								            }
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								            user.Key = key;
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _userRepository.ReplaceAsync(user);
 								            await _eventService.LogUserEventAsync(user.Id, EventType.User_ChangedPassword);
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!string.IsNullOrWhiteSpace(orgIdentifier))
 								            {
 								                await _organizationService.AcceptUserAsync(orgIdentifier, user, this);
 								            }
 								            return IdentityResult.Success;
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
+								        }
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> SetKeyConnectorKeyAsync(User user, string key, string orgIdentifier)
 								        {
 								            var identityResult = CheckCanUseKeyConnector(user);
 								            if (identityResult != null)
 								            {
 								                return identityResult;
 								            }
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								            user.Key = key;
 								            user.UsesKeyConnector = true;
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _userRepository.ReplaceAsync(user);
 								            await _eventService.LogUserEventAsync(user.Id, EventType.User_MigratedKeyToKeyConnector);
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _organizationService.AcceptUserAsync(orgIdentifier, user, this);
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return IdentityResult.Success;
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> ConvertToKeyConnectorAsync(User user)
-												Add check to ensure admins or owners arn't enrolled in key connector (#1725)


											
										
										
											2021-11-18 21:56:13 +01:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var identityResult = CheckCanUseKeyConnector(user);
 								            if (identityResult != null)
 								            {
 								                return identityResult;
 								            }
-												Add check to ensure admins or owners arn't enrolled in key connector (#1725)


											
										
										
											2021-11-18 21:56:13 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								            user.MasterPassword = null;
 								            user.UsesKeyConnector = true;
-												Add check to ensure admins or owners arn't enrolled in key connector (#1725)


											
										
										
											2021-11-18 21:56:13 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _userRepository.ReplaceAsync(user);
 								            await _eventService.LogUserEventAsync(user.Id, EventType.User_MigratedKeyToKeyConnector);
-												Add check to ensure admins or owners arn't enrolled in key connector (#1725)


											
										
										
											2021-11-18 21:56:13 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return IdentityResult.Success;
-												Add check to ensure admins or owners arn't enrolled in key connector (#1725)


											
										
										
											2021-11-18 21:56:13 +01:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        private IdentityResult CheckCanUseKeyConnector(User user)
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
 								            {
 								                throw new ArgumentNullException(nameof(user));
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user.UsesKeyConnector)
 								            {
 								                Logger.LogWarning("Already uses Key Connector.");
 								                return IdentityResult.Failed(_identityErrorDescriber.UserAlreadyHasPassword());
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (_currentContext.Organizations.Any(u =>
 								                    u.Type is OrganizationUserType.Owner or OrganizationUserType.Admin))
 								            {
 								                throw new BadRequestException("Cannot use Key Connector when admin or owner of an organization.");
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return null;
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> AdminResetPasswordAsync(OrganizationUserType callingUserType, Guid orgId, Guid id, string newMasterPassword, string key)
-												[Reset Password] Admin reset actions (#1272)

* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
											
										
										
											2021-04-20 16:58:57 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            // Org must be able to use reset password
 								            var org = await _organizationRepository.GetByIdAsync(orgId);
 								            if (org == null || !org.UseResetPassword)
 								            {
 								                throw new BadRequestException("Organization does not allow password reset.");
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            // Enterprise policy must be enabled
 								            var resetPasswordPolicy =
 								                await _policyRepository.GetByOrganizationIdTypeAsync(orgId, PolicyType.ResetPassword);
 								            if (resetPasswordPolicy == null || !resetPasswordPolicy.Enabled)
 								            {
 								                throw new BadRequestException("Organization does not have the password reset policy enabled.");
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            // Org User must be confirmed and have a ResetPasswordKey
 								            var orgUser = await _organizationUserRepository.GetByIdAsync(id);
 								            if (orgUser == null || orgUser.Status != OrganizationUserStatusType.Confirmed ||
 								                orgUser.OrganizationId != orgId || string.IsNullOrEmpty(orgUser.ResetPasswordKey) ||
 								                !orgUser.UserId.HasValue)
 								            {
 								                throw new BadRequestException("Organization User not valid");
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            // Calling User must be of higher/equal user type to reset user's password
 								            var canAdjustPassword = false;
 								            switch (callingUserType)
 								            {
 								                case OrganizationUserType.Owner:
 								                    canAdjustPassword = true;
 								                    break;
 								                case OrganizationUserType.Admin:
 								                    canAdjustPassword = orgUser.Type != OrganizationUserType.Owner;
 								                    break;
 								                case OrganizationUserType.Custom:
 								                    canAdjustPassword = orgUser.Type != OrganizationUserType.Owner &&
 								                        orgUser.Type != OrganizationUserType.Admin;
 								                    break;
 								            }
-												[Reset Password] Get/Post Org Keys and API updates (#1323)

* [Reset Password] Organization Keys APIs

* Updated details response to include private key and added more security checks for reset password methods

* Added org type and policy security checks to the enrollment api

* Updated based on PR feedback

* Added org user type permission checks

* Added TODO for email to user

* Removed unecessary policyRepository object
											
										
										
											2021-05-19 09:40:32 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!canAdjustPassword)
 								            {
 								                throw new BadRequestException("Calling user does not have permission to reset this user's master password");
 								            }
-												[Reset Password] Get/Post Org Keys and API updates (#1323)

* [Reset Password] Organization Keys APIs

* Updated details response to include private key and added more security checks for reset password methods

* Added org type and policy security checks to the enrollment api

* Updated based on PR feedback

* Added org user type permission checks

* Added TODO for email to user

* Removed unecessary policyRepository object
											
										
										
											2021-05-19 09:40:32 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var user = await GetUserByIdAsync(orgUser.UserId.Value);
 								            if (user == null)
 								            {
 								                throw new NotFoundException();
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user.UsesKeyConnector)
 								            {
 								                throw new BadRequestException("Cannot reset password of a user with Key Connector.");
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var result = await UpdatePasswordHash(user, newMasterPassword);
 								            if (!result.Succeeded)
 								            {
 								                return result;
 								            }
-												[Reset Password] Admin reset actions (#1272)

* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
											
										
										
											2021-04-20 16:58:57 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								            user.Key = key;
 								            user.ForcePasswordReset = true;
-												[Reset Password] Admin reset actions (#1272)

* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
											
										
										
											2021-04-20 16:58:57 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _userRepository.ReplaceAsync(user);
 								            await _mailService.SendAdminResetPasswordEmailAsync(user.Email, user.Name, org.Name);
 								            await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_AdminResetPassword);
 								            await _pushService.PushLogOutAsync(user.Id);
-												[Reset Password] Admin reset actions (#1272)

* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
											
										
										
											2021-04-20 16:58:57 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return IdentityResult.Success;
-												[Reset Password] Admin reset actions (#1272)

* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
											
										
										
											2021-04-20 16:58:57 -05:00
+								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> UpdateTempPasswordAsync(User user, string newMasterPassword, string key, string hint)
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!user.ForcePasswordReset)
 								            {
 								                throw new BadRequestException("User does not have a temporary password to update.");
 								            }
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								            var result = await UpdatePasswordHash(user, newMasterPassword);
 								            if (!result.Succeeded)
 								            {
 								                return result;
 								            }
 								            user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.ForcePasswordReset = false;
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								            user.Key = key;
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.MasterPasswordHint = hint;
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								            await _userRepository.ReplaceAsync(user);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _mailService.SendUpdatedTempPasswordEmailAsync(user.Email, user.Name);
 								            await _eventService.LogUserEventAsync(user.Id, EventType.User_UpdatedTempPassword);
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								            await _pushService.PushLogOutAsync(user.Id);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								            return IdentityResult.Success;
 								        }
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> ChangeKdfAsync(User user, string masterPassword, string newMasterPassword,
 								            string key, KdfType kdf, int kdfIterations)
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
 								            {
 								                throw new ArgumentNullException(nameof(user));
 								            }
 								            if (await CheckPasswordAsync(user, masterPassword))
 								            {
 								                var result = await UpdatePasswordHash(user, newMasterPassword);
 								                if (!result.Succeeded)
 								                {
 								                    return result;
 								                }
 								                user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								                user.Key = key;
 								                user.Kdf = kdf;
 								                user.KdfIterations = kdfIterations;
 								                await _userRepository.ReplaceAsync(user);
 								                await _pushService.PushLogOutAsync(user.Id);
 								                return IdentityResult.Success;
 								            }
 								            Logger.LogWarning("Change KDF failed for user {userId}.", user.Id);
 								            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> UpdateKeyAsync(User user, string masterPassword, string key, string privateKey,
 								            IEnumerable<Cipher> ciphers, IEnumerable<Folder> folders, IEnumerable<Send> sends)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                throw new ArgumentNullException(nameof(user));
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
 								            if (await CheckPasswordAsync(user, masterPassword))
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow;
 								                user.SecurityStamp = Guid.NewGuid().ToString();
 								                user.Key = key;
 								                user.PrivateKey = privateKey;
 								                if (ciphers.Any() || folders.Any() || sends.Any())
 								                {
 								                    await _cipherRepository.UpdateUserKeysAndCiphersAsync(user, ciphers, folders, sends);
 								                }
 								                else
 								                {
 								                    await _userRepository.ReplaceAsync(user);
 								                }
 								                await _pushService.PushLogOutAsync(user.Id);
 								                return IdentityResult.Success;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            Logger.LogWarning("Update key failed for user {userId}.", user.Id);
 								            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<IdentityResult> RefreshSecurityStampAsync(User user, string secret)
 								        {
 								            if (user == null)
 								            {
 								                throw new ArgumentNullException(nameof(user));
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (await VerifySecretAsync(user, secret))
 								            {
 								                var result = await base.UpdateSecurityStampAsync(user);
 								                if (!result.Succeeded)
 								                {
 								                    return result;
 								                }
 								                await SaveUserAsync(user);
 								                await _pushService.PushLogOutAsync(user.Id);
 								                return IdentityResult.Success;
 								            }
 								            Logger.LogWarning("Refresh security stamp failed for user {userId}.", user.Id);
 								            return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch());
 								        }
 								        public async Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type, bool setEnabled = true, bool logEvent = true)
-												refactor code to with user TwoFactorProviders

											
										
										
											2017-06-07 14:14:34 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            SetTwoFactorProvider(user, type, setEnabled);
 								            await SaveUserAsync(user);
 								            if (logEvent)
 								            {
 								                await _eventService.LogUserEventAsync(user.Id, EventType.User_Updated2fa);
 								            }
-												refactor to a new two-factor controller

											
										
										
											2017-06-19 22:08:10 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task DisableTwoFactorProviderAsync(User user, TwoFactorProviderType type,
 								            IOrganizationService organizationService)
-												refactor to a new two-factor controller

											
										
										
											2017-06-19 22:08:10 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var providers = user.GetTwoFactorProviders();
 								            if (!providers?.ContainsKey(type) ?? true)
-												refactor to a new two-factor controller

											
										
										
											2017-06-19 22:08:10 -04:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                return;
-												refactor to a new two-factor controller

											
										
										
											2017-06-19 22:08:10 -04:00
+								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            providers.Remove(type);
 								            user.SetTwoFactorProviders(providers);
-												user revision date updates

											
										
										
											2016-02-21 01:10:31 -05:00
+								            await SaveUserAsync(user);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _eventService.LogUserEventAsync(user.Id, EventType.User_Disabled2fa);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!await TwoFactorIsEnabledAsync(user))
 								            {
 								                await CheckPoliciesOnTwoFactorRemovalAsync(user, organizationService);
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												Adjusted two factor recovery model and moved functionality to user service

											
										
										
											2016-11-14 23:32:15 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> RecoverTwoFactorAsync(string email, string secret, string recoveryCode,
 								            IOrganizationService organizationService)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var user = await _userRepository.GetByEmailAsync(email);
 								            if (user == null)
 								            {
 								                // No user exists. Do we want to send an email telling them this in the future?
 								                return false;
 								            }
-												Adjusted two factor recovery model and moved functionality to user service

											
										
										
											2016-11-14 23:32:15 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!await VerifySecretAsync(user, secret))
 								            {
 								                return false;
 								            }
-												Adjusted two factor recovery model and moved functionality to user service

											
										
										
											2016-11-14 23:32:15 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!CoreHelpers.FixedTimeEquals(user.TwoFactorRecoveryCode, recoveryCode))
 								            {
 								                return false;
 								            }
 								            user.TwoFactorProviders = null;
 								            user.TwoFactorRecoveryCode = CoreHelpers.SecureRandomString(32, upper: false, special: false);
 								            await SaveUserAsync(user);
 								            await _mailService.SendRecoverTwoFactorEmail(user.Email, DateTime.UtcNow, _currentContext.IpAddress);
 								            await _eventService.LogUserEventAsync(user.Id, EventType.User_Recovered2fa);
-												`CheckPoliciesOnTwoFactorRemoval` for 2fa recovery (#659)


											
										
										
											2020-02-28 10:23:19 -05:00
+								            await CheckPoliciesOnTwoFactorRemovalAsync(user, organizationService);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
 								            return true;
-												Adjusted two factor recovery model and moved functionality to user service

											
										
										
											2016-11-14 23:32:15 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<Tuple<bool, string>> SignUpPremiumAsync(User user, string paymentToken,
 								            PaymentMethodType paymentMethodType, short additionalStorageGb, UserLicense license,
 								            TaxInfo taxInfo)
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user.Premium)
 								            {
 								                throw new BadRequestException("Already a premium user.");
 								            }
 								            if (additionalStorageGb < 0)
 								            {
 								                throw new BadRequestException("You can't subtract storage!");
 								            }
 								            if ((paymentMethodType == PaymentMethodType.GoogleInApp ||
 								                paymentMethodType == PaymentMethodType.AppleInApp) && additionalStorageGb > 0)
 								            {
 								                throw new BadRequestException("You cannot add storage with this payment method.");
 								            }
 								            string paymentIntentClientSecret = null;
 								            IPaymentService paymentService = null;
 								            if (_globalSettings.SelfHosted)
 								            {
 								                if (license == null || !_licenseService.VerifyLicense(license))
 								                {
 								                    throw new BadRequestException("Invalid license.");
 								                }
 								                if (!license.CanUse(user))
 								                {
 								                    throw new BadRequestException("This license is not valid for this user.");
 								                }
 								                var dir = $"{_globalSettings.LicenseDirectory}/user";
 								                Directory.CreateDirectory(dir);
 								                using var fs = File.OpenWrite(Path.Combine(dir, $"{user.Id}.json"));
 								                await JsonSerializer.SerializeAsync(fs, license, JsonHelpers.Indented);
 								            }
 								            else
 								            {
 								                paymentIntentClientSecret = await _paymentService.PurchasePremiumAsync(user, paymentMethodType,
 								                    paymentToken, additionalStorageGb, taxInfo);
 								            }
 								            user.Premium = true;
 								            user.RevisionDate = DateTime.UtcNow;
 								            if (_globalSettings.SelfHosted)
 								            {
 								                user.MaxStorageGb = 10240; // 10 TB
 								                user.LicenseKey = license.LicenseKey;
 								                user.PremiumExpirationDate = license.Expires;
 								            }
 								            else
 								            {
 								                user.MaxStorageGb = (short)(1 + additionalStorageGb);
 								                user.LicenseKey = CoreHelpers.SecureRandomString(20);
 								            }
-												more premium licensing

											
										
										
											2017-08-11 22:55:25 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            try
 								            {
 								                await SaveUserAsync(user);
 								                await _pushService.PushSyncVaultAsync(user.Id);
 								                await _referenceEventService.RaiseEventAsync(
 								                    new ReferenceEvent(ReferenceEventType.UpgradePlan, user)
 								                    {
 								                        Storage = user.MaxStorageGb,
 								                        PlanName = PremiumPlanId,
 								                    });
 								            }
 								            catch when (!_globalSettings.SelfHosted)
 								            {
 								                await paymentService.CancelAndRecoverChargesAsync(user);
 								                throw;
 								            }
 								            return new Tuple<bool, string>(string.IsNullOrWhiteSpace(paymentIntentClientSecret),
 								                paymentIntentClientSecret);
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task IapCheckAsync(User user, PaymentMethodType paymentMethodType)
-												iap pre-purchase check

											
										
										
											2019-09-19 08:46:26 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (paymentMethodType != PaymentMethodType.AppleInApp)
 								            {
 								                throw new BadRequestException("Payment method not supported for in-app purchases.");
 								            }
-												iap pre-purchase check

											
										
										
											2019-09-19 08:46:26 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user.Premium)
 								            {
 								                throw new BadRequestException("Already a premium user.");
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!string.IsNullOrWhiteSpace(user.GatewayCustomerId))
 								            {
 								                var customerService = new Stripe.CustomerService();
 								                var customer = await customerService.GetAsync(user.GatewayCustomerId);
 								                if (customer != null && customer.Balance != 0)
 								                {
 								                    throw new BadRequestException("Customer balance cannot exist when using in-app purchases.");
 								                }
 								            }
-												iap pre-purchase check

											
										
										
											2019-09-19 08:46:26 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task UpdateLicenseAsync(User user, UserLicense license)
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!_globalSettings.SelfHosted)
 								            {
 								                throw new InvalidOperationException("Licenses require self hosting.");
 								            }
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (license?.LicenseType != null && license.LicenseType != LicenseType.User)
 								            {
 								                throw new BadRequestException("Organization licenses cannot be applied to a user. "
 								                    + "Upload this license from the Organization settings page.");
 								            }
-												[BEEEP] Add explicit error message when uploading the wrong license type (#1831)


											
										
										
											2022-02-07 09:43:00 +01:00
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								            if (license == null || !_licenseService.VerifyLicense(license))
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								            {
 								                throw new BadRequestException("Invalid license.");
 								            }
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								            if (!license.CanUse(user))
-												better error handling around license updates.

											
										
										
											2017-08-16 15:43:11 -04:00
+								            {
 								                throw new BadRequestException("This license is not valid for this user.");
 								            }
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								            var dir = $"{_globalSettings.LicenseDirectory}/user";
 								            Directory.CreateDirectory(dir);
-												Start Migration from Newtonsoft.Json to System.Text.Json (#1803)

* Start switch to System.Text.Json

* Work on switching to System.Text.Json

* Main work on STJ refactor

* Fix build errors

* Run formatting

* Delete unused file

* Use legacy for two factor providers

* Run formatter

* Add TokenProviderTests

* Run formatting

* Fix merge issues

* Switch to use JsonSerializer

* Address PR feedback

* Fix formatting

* Ran formatter

* Switch to async

* Ensure Enums are serialized as strings

* Fix formatting

* Enqueue single items as arrays

* Remove CreateAsync method on AzureQueueService
											
										
										
											2022-01-21 09:36:25 -05:00
+								            using var fs = File.OpenWrite(Path.Combine(dir, $"{user.Id}.json"));
 								            await JsonSerializer.SerializeAsync(fs, license, JsonHelpers.Indented);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.Premium = license.Premium;
 								            user.RevisionDate = DateTime.UtcNow;
 								            user.MaxStorageGb = _globalSettings.SelfHosted ? 10240 : license.MaxStorageGb; // 10 TB
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								            user.LicenseKey = license.LicenseKey;
 								            user.PremiumExpirationDate = license.Expires;
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await SaveUserAsync(user);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												add support for passing payment method type

											
										
										
											2019-02-19 17:13:21 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<string> AdjustStorageAsync(User user, short storageAdjustmentGb)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
 								            {
 								                throw new ArgumentNullException(nameof(user));
 								            }
 								            if (!user.Premium)
 								            {
 								                throw new BadRequestException("Not a premium user.");
 								            }
 								            var secret = await BillingHelpers.AdjustStorageAsync(_paymentService, user, storageAdjustmentGb,
 								                StoragePlanId);
-												Reference event service implementation (#811)

* Reference event service implementation

* Fix IReferenceable implementation of Id

* add structure to event body
											
										
										
											2020-07-07 12:01:34 -04:00
+								            await _referenceEventService.RaiseEventAsync(
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                new ReferenceEvent(ReferenceEventType.AdjustStorage, user)
-												Reference event service implementation (#811)

* Reference event service implementation

* Fix IReferenceable implementation of Id

* add structure to event body
											
										
										
											2020-07-07 12:01:34 -04:00
+								                {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                    Storage = storageAdjustmentGb,
 								                    PlanName = StoragePlanId,
-												Reference event service implementation (#811)

* Reference event service implementation

* Fix IReferenceable implementation of Id

* add structure to event body
											
										
										
											2020-07-07 12:01:34 -04:00
+								                });
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await SaveUserAsync(user);
 								            return secret;
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												do not accept bank tokens for premium

											
										
										
											2017-08-13 00:33:37 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task ReplacePaymentMethodAsync(User user, string paymentToken, PaymentMethodType paymentMethodType, TaxInfo taxInfo)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (paymentToken.StartsWith("btok_"))
 								            {
 								                throw new BadRequestException("Invalid token.");
 								            }
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var updated = await _paymentService.UpdatePaymentMethodAsync(user, paymentMethodType, paymentToken, taxInfo: taxInfo);
 								            if (updated)
-												cancel sub completely if past exp date

											
										
										
											2018-12-31 13:34:02 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                await SaveUserAsync(user);
-												cancel sub completely if past exp date

											
										
										
											2018-12-31 13:34:02 -05:00
+								            }
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task CancelPremiumAsync(User user, bool? endOfPeriod = null, bool accountDelete = false)
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var eop = endOfPeriod.GetValueOrDefault(true);
 								            if (!endOfPeriod.HasValue && user.PremiumExpirationDate.HasValue &&
 								                user.PremiumExpirationDate.Value < DateTime.UtcNow)
 								            {
 								                eop = false;
 								            }
 								            await _paymentService.CancelSubscriptionAsync(user, eop, accountDelete);
 								            await _referenceEventService.RaiseEventAsync(
 								                new ReferenceEvent(ReferenceEventType.CancelSubscription, user)
 								                {
 								                    EndOfPeriod = eop,
 								                });
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task ReinstatePremiumAsync(User user)
-												payment intent/method support for incomplete status

											
										
										
											2019-08-09 23:56:26 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await _paymentService.ReinstateSubscriptionAsync(user);
 								            await _referenceEventService.RaiseEventAsync(
 								                new ReferenceEvent(ReferenceEventType.ReinstateSubscription, user));
-												payment intent/method support for incomplete status

											
										
										
											2019-08-09 23:56:26 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task EnablePremiumAsync(Guid userId, DateTime? expirationDate)
-												payment intent/method support for incomplete status

											
										
										
											2019-08-09 23:56:26 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var user = await _userRepository.GetByIdAsync(userId);
 								            await EnablePremiumAsync(user, expirationDate);
-												payment intent/method support for incomplete status

											
										
										
											2019-08-09 23:56:26 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task EnablePremiumAsync(User user, DateTime? expirationDate)
-												disable premium membership

											
										
										
											2017-07-25 09:04:22 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user != null && !user.Premium && user.Gateway.HasValue)
 								            {
 								                user.Premium = true;
 								                user.PremiumExpirationDate = expirationDate;
 								                user.RevisionDate = DateTime.UtcNow;
 								                await _userRepository.ReplaceAsync(user);
 								            }
-												verify and disable premium from license check

											
										
										
											2017-08-16 17:08:20 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task DisablePremiumAsync(Guid userId, DateTime? expirationDate)
-												verify and disable premium from license check

											
										
										
											2017-08-16 17:08:20 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var user = await _userRepository.GetByIdAsync(userId);
 								            await DisablePremiumAsync(user, expirationDate);
-												update expiration dates

											
										
										
											2017-08-12 22:16:42 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task DisablePremiumAsync(User user, DateTime? expirationDate)
-												update expiration dates

											
										
										
											2017-08-12 22:16:42 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user != null && user.Premium)
-												added licensing apis, refactored some services

											
										
										
											2017-08-30 11:23:55 -04:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                user.Premium = false;
 								                user.PremiumExpirationDate = expirationDate;
 								                user.RevisionDate = DateTime.UtcNow;
 								                await _userRepository.ReplaceAsync(user);
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												added licensing apis, refactored some services

											
										
										
											2017-08-30 11:23:55 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var user = await _userRepository.GetByIdAsync(userId);
 								            if (user != null)
 								            {
 								                user.PremiumExpirationDate = expirationDate;
 								                user.RevisionDate = DateTime.UtcNow;
 								                await _userRepository.ReplaceAsync(user);
 								            }
-												added licensing apis, refactored some services

											
										
										
											2017-08-30 11:23:55 -04:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<UserLicense> GenerateLicenseAsync(User user, SubscriptionInfo subscriptionInfo = null,
 								            int? version = null)
-												dont cycle security token on re-hash

											
										
										
											2018-04-17 08:10:17 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
-												dont cycle security token on re-hash

											
										
										
											2018-04-17 08:10:17 -04:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                throw new NotFoundException();
 								            }
-												dont cycle security token on re-hash

											
										
										
											2018-04-17 08:10:17 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (subscriptionInfo == null && user.Gateway != null)
 								            {
 								                subscriptionInfo = await _paymentService.GetSubscriptionAsync(user);
 								            }
-												dont cycle security token on re-hash

											
										
										
											2018-04-17 08:10:17 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return subscriptionInfo == null ? new UserLicense(user, _licenseService) :
 								                new UserLicense(user, subscriptionInfo, _licenseService);
 								        }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public override async Task<bool> CheckPasswordAsync(User user, string password)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user == null)
 								            {
 								                return false;
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var result = await base.VerifyPasswordAsync(Store as IUserPasswordStore<User>, user, password);
 								            if (result == PasswordVerificationResult.SuccessRehashNeeded)
 								            {
 								                await UpdatePasswordHash(user, password, false, false);
 								                user.RevisionDate = DateTime.UtcNow;
 								                await _userRepository.ReplaceAsync(user);
 								            }
-												dont cycle security token on re-hash

											
										
										
											2018-04-17 08:10:17 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var success = result != PasswordVerificationResult.Failed;
 								            if (!success)
 								            {
 								                Logger.LogWarning(0, "Invalid password for user {userId}.", user.Id);
 								            }
 								            return success;
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> CanAccessPremium(ITwoFactorProvidersUser user)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var userId = user.GetUserId();
 								            if (!userId.HasValue)
 								            {
 								                return false;
 								            }
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return user.GetPremium() || await this.HasPremiumFromOrganization(user);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> HasPremiumFromOrganization(ITwoFactorProvidersUser user)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var userId = user.GetUserId();
 								            if (!userId.HasValue)
 								            {
 								                return false;
 								            }
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            // orgUsers in the Invited status are not associated with a userId yet, so this will get
 								            // orgUsers in Accepted and Confirmed states only
 								            var orgUsers = await _organizationUserRepository.GetManyByUserAsync(userId.Value);
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!orgUsers.Any())
 								            {
 								                return false;
 								            }
-												CanAccessPremium checks instead of User.Premium

											
										
										
											2018-08-28 16:23:58 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var orgAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
 								            return orgUsers.Any(ou =>
 								                orgAbilities.TryGetValue(ou.OrganizationId, out var orgAbility) &&
 								                orgAbility.UsersGetPremium &&
 								                orgAbility.Enabled);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												move some 2fa logic functions to userService

											
										
										
											2018-12-19 10:47:53 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var providers = user.GetTwoFactorProviders();
 								            if (providers == null)
 								            {
 								                return false;
 								            }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            foreach (var p in providers)
 								            {
 								                if (p.Value?.Enabled ?? false)
 								                {
 								                    if (!TwoFactorProvider.RequiresPremium(p.Key))
 								                    {
 								                        return true;
 								                    }
 								                    if (await CanAccessPremium(user))
 								                    {
 								                        return true;
 								                    }
 								                }
 								            }
-												move some 2fa logic functions to userService

											
										
										
											2018-12-19 10:47:53 -05:00
+								            return false;
 								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user)
-												move some 2fa logic functions to userService

											
										
										
											2018-12-19 10:47:53 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var providers = user.GetTwoFactorProviders();
 								            if (providers == null || !providers.ContainsKey(provider) || !providers[provider].Enabled)
 								            {
 								                return false;
 								            }
-												move some 2fa logic functions to userService

											
										
										
											2018-12-19 10:47:53 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!TwoFactorProvider.RequiresPremium(provider))
 								            {
 								                return true;
 								            }
-												move some 2fa logic functions to userService

											
										
										
											2018-12-19 10:47:53 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return await CanAccessPremium(user);
-												move some 2fa logic functions to userService

											
										
										
											2018-12-19 10:47:53 -05:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<string> GenerateSignInTokenAsync(User user, string purpose)
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var token = await GenerateUserTokenAsync(user, Options.Tokens.PasswordResetTokenProvider,
 								                purpose);
 								            return token;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        private async Task<IdentityResult> UpdatePasswordHash(User user, string newPassword,
 								            bool validatePassword = true, bool refreshStamp = true)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (validatePassword)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                var validate = await ValidatePasswordInternal(user, newPassword);
 								                if (!validate.Succeeded)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								                {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                    return validate;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								                }
 								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.MasterPassword = _passwordHasher.HashPassword(user, newPassword);
 								            if (refreshStamp)
 								            {
 								                user.SecurityStamp = Guid.NewGuid().ToString();
 								            }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return IdentityResult.Success;
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        private async Task<IdentityResult> ValidatePasswordInternal(User user, string password)
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var errors = new List<IdentityError>();
 								            foreach (var v in _passwordValidators)
 								            {
 								                var result = await v.ValidateAsync(this, user, password);
 								                if (!result.Succeeded)
 								                {
 								                    errors.AddRange(result.Errors);
 								                }
 								            }
 								            if (errors.Count > 0)
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                Logger.LogWarning("User {userId} password validation failed: {errors}.", await GetUserIdAsync(user),
 								                    string.Join(";", errors.Select(e => e.Code)));
 								                return IdentityResult.Failed(errors.ToArray());
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								            }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
 								            return IdentityResult.Success;
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public void SetTwoFactorProvider(User user, TwoFactorProviderType type, bool setEnabled = true)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var providers = user.GetTwoFactorProviders();
 								            if (!providers?.ContainsKey(type) ?? true)
 								            {
 								                return;
 								            }
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (setEnabled)
 								            {
 								                providers[type].Enabled = true;
 								            }
 								            user.SetTwoFactorProviders(providers);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (string.IsNullOrWhiteSpace(user.TwoFactorRecoveryCode))
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								            {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								                user.TwoFactorRecoveryCode = CoreHelpers.SecureRandomString(32, upper: false, special: false);
-												enable email 2fa if joining an org with policy (#658)


											
										
										
											2020-02-28 09:14:33 -05:00
+								            }
 								        }
-												`CheckPoliciesOnTwoFactorRemoval` for 2fa recovery (#659)


											
										
										
											2020-02-28 10:23:19 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        private async Task CheckPoliciesOnTwoFactorRemovalAsync(User user, IOrganizationService organizationService)
-												`CheckPoliciesOnTwoFactorRemoval` for 2fa recovery (#659)


											
										
										
											2020-02-28 10:23:19 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var twoFactorPolicies = await _policyRepository.GetManyByTypeApplicableToUserIdAsync(user.Id,
 								                PolicyType.TwoFactorAuthentication);
-												Refactor policy checks (#1536)

* Move policy checking logic inside PolicyService

* Refactor to use currentContext.ManagePolicies

* Make orgUser status check more semantic

* Fix single org user checks

* Use CoreHelper implementation to deserialize json

* Refactor policy checks to use db query

* Use new db query for enforcing 2FA Policy

* Add Policy_ReadByTypeApplicableToUser

* Stub out EF implementations

* Refactor: use PolicyRepository only

* Refactor tests

* Copy SQL queries to proj and update sqlproj file

* Refactor importCiphersAsync to use new method

* Add EF implementations and tests

* Refactor SQL to remove unnecessary operations
											
										
										
											2021-09-28 06:54:28 +10:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var removeOrgUserTasks = twoFactorPolicies.Select(async p =>
 								            {
 								                await organizationService.DeleteUserAsync(p.OrganizationId, user.Id);
 								                var organization = await _organizationRepository.GetByIdAsync(p.OrganizationId);
 								                await _mailService.SendOrganizationUserRemovedForPolicyTwoStepEmailAsync(
 								                    organization.Name, user.Email);
 								            }).ToArray();
-												Refactor policy checks (#1536)

* Move policy checking logic inside PolicyService

* Refactor to use currentContext.ManagePolicies

* Make orgUser status check more semantic

* Fix single org user checks

* Use CoreHelper implementation to deserialize json

* Refactor policy checks to use db query

* Use new db query for enforcing 2FA Policy

* Add Policy_ReadByTypeApplicableToUser

* Stub out EF implementations

* Refactor: use PolicyRepository only

* Refactor tests

* Copy SQL queries to proj and update sqlproj file

* Refactor importCiphersAsync to use new method

* Add EF implementations and tests

* Refactor SQL to remove unnecessary operations
											
										
										
											2021-09-28 06:54:28 +10:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            await Task.WhenAll(removeOrgUserTasks);
-												`CheckPoliciesOnTwoFactorRemoval` for 2fa recovery (#659)


											
										
										
											2020-02-28 10:23:19 -05:00
+								        }
-												reference event changes and cleanup (#823)


											
										
										
											2020-07-15 12:38:45 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public override async Task<IdentityResult> ConfirmEmailAsync(User user, string token)
-												reference event changes and cleanup (#823)


											
										
										
											2020-07-15 12:38:45 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var result = await base.ConfirmEmailAsync(user, token);
 								            if (result.Succeeded)
 								            {
 								                await _referenceEventService.RaiseEventAsync(
 								                    new ReferenceEvent(ReferenceEventType.ConfirmEmailAddress, user));
 								            }
 								            return result;
-												reference event changes and cleanup (#823)


											
										
										
											2020-07-15 12:38:45 -04:00
+								        }
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task RotateApiKeyAsync(User user)
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            user.ApiKey = CoreHelpers.SecureRandomString(30);
 								            user.RevisionDate = DateTime.UtcNow;
 								            await _userRepository.ReplaceAsync(user);
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task SendOTPAsync(User user)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (user.Email == null)
 								            {
 								                throw new BadRequestException("No user email.");
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            if (!user.UsesKeyConnector)
 								            {
 								                throw new BadRequestException("Not using Key Connector.");
 								            }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
 								                "otp:" + user.Email);
 								            await _mailService.SendOTPEmailAsync(user.Email, token);
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public Task<bool> VerifyOTPAsync(User user, string token)
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return base.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
 								                "otp:" + user.Email, token);
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        }
-												PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977)


											
										
										
											2022-04-28 13:14:09 -03:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> VerifySecretAsync(User user, string secret)
-												PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977)


											
										
										
											2022-04-28 13:14:09 -03:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return user.UsesKeyConnector
 								                ? await VerifyOTPAsync(user, secret)
 								                : await CheckPasswordAsync(user, secret);
-												PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977)


											
										
										
											2022-04-28 13:14:09 -03:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public async Task<bool> Needs2FABecauseNewDeviceAsync(User user, string deviceIdentifier, string grantType)
-												[PS-589] Fix emergency contact takeover device verification and endpoints for its settings (#2016)

* Added UnknownDeviceVerificationEnabled on User that is turned off when emergency contact takes over the account. Also added endpoints to get and update 2fa device verification settings. And Updated migrations & tests

* Applied dotnet format

* Fixed method rename call on TwoFactorController

* PS-589 Format fixes

* PS-589 changed UnknownDeviceVerificationEnabled to be non-nullable
											
										
										
											2022-06-06 14:52:50 -03:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return CanEditDeviceVerificationSettings(user)
 								                   && user.UnknownDeviceVerificationEnabled
 								                   && grantType != "authorization_code"
 								                   && await IsNewDeviceAndNotTheFirstOneAsync(user, deviceIdentifier);
-												[PS-589] Fix emergency contact takeover device verification and endpoints for its settings (#2016)

* Added UnknownDeviceVerificationEnabled on User that is turned off when emergency contact takes over the account. Also added endpoints to get and update 2fa device verification settings. And Updated migrations & tests

* Applied dotnet format

* Fixed method rename call on TwoFactorController

* PS-589 Format fixes

* PS-589 changed UnknownDeviceVerificationEnabled to be non-nullable
											
										
										
											2022-06-06 14:52:50 -03:00
+								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        public bool CanEditDeviceVerificationSettings(User user)
-												PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977)


											
										
										
											2022-04-28 13:14:09 -03:00
+								        {
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            return _globalSettings.TwoFactorAuth.EmailOnNewDeviceLogin
 								                   && user.EmailVerified
 								                   && !user.UsesKeyConnector
 								                   && !(user.GetTwoFactorProviders()?.Any() ?? false);
-												PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977)


											
										
										
											2022-04-28 13:14:09 -03:00
+								        }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        private async Task<bool> IsNewDeviceAndNotTheFirstOneAsync(User user, string deviceIdentifier)
 								        {
 								            if (user == null)
 								            {
 								                return default;
 								            }
 								            var devices = await _deviceRepository.GetManyByUserIdAsync(user.Id);
 								            if (!devices.Any())
 								            {
 								                return false;
 								            }
 								            return !devices.Any(d => d.Identifier == deviceIdentifier);
 								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    }
 								}