src/Core/Constants.cs

// FIXME: Update this file to be null safe and then delete the line below
#nullable disable

using System.Reflection;

namespace Bit.Core;

public static class Constants
{
    public const int BypassFiltersEventId = 12482444;
    public const int FailedSecretVerificationDelay = 2000;

    /// <summary>
    /// Self-hosted max storage limit in GB (10 TB).
    /// </summary>
    public const short SelfHostedMaxStorageGb = 10240;

    // File size limits - give 1 MB extra for cushion.
    // Note: if request size limits are changed, 'client_max_body_size'
    // in nginx/proxy.conf may also need to be updated accordingly.
    public const long FileSize101mb = 101L * 1024L * 1024L;
    public const long FileSize501mb = 501L * 1024L * 1024L;
    public const string DatabaseFieldProtectorPurpose = "DatabaseFieldProtection";
    public const string DatabaseFieldProtectedPrefix = "P|";

    /// <summary>
    /// Default number of days an organization has to apply an updated license to their self-hosted installation after
    /// their subscription has expired.
    /// </summary>
    public const int OrganizationSelfHostSubscriptionGracePeriodDays = 60;

    public const string Fido2KeyCipherMinimumVersion = "2023.10.0";
    public const string SSHKeyCipherMinimumVersion = "2024.12.0";
    public const string DenyLegacyUserMinimumVersion = "2025.6.0";

    /// <summary>
    /// Used by IdentityServer to identify our own provider.
    /// </summary>
    public const string IdentityProvider = "bitwarden";

    /// <summary>
    /// Date identifier used in ProviderService to determine if a provider was created before Nov 6, 2023.
    /// If true, the organization plan assigned to that provider is updated to a 2020 plan.
    /// </summary>
    public static readonly DateTime ProviderCreatedPriorNov62023 = new DateTime(2023, 11, 6);

    /// <summary>
    /// When you set the ProrationBehavior to create_prorations,
    /// Stripe will automatically create prorations for any changes made to the subscription,
    /// such as changing the plan, adding or removing quantities, or applying discounts.
    /// </summary>
    public const string CreateProrations = "create_prorations";

    /// <summary>
    /// When you set the ProrationBehavior to always_invoice,
    /// Stripe will always generate an invoice when a subscription update occurs,
    /// regardless of whether there is a proration or not.
    /// </summary>
    public const string AlwaysInvoice = "always_invoice";

    /// <summary>
    /// Used primarily to determine whether a customer's business is inside or outside the United States
    /// for billing purposes.
    /// </summary>
    public static class CountryAbbreviations
    {
        /// <summary>
        /// Abbreviation for The United States.
        /// This value must match what Stripe uses for the `Country` field value for the United States.
        /// </summary>
        public const string UnitedStates = "US";
    }


    /// <summary>
    /// Constants for our browser extensions IDs
    /// </summary>
    public static class BrowserExtensions
    {
        public const string ChromeId = "chrome-extension://nngceckbapebfimnlniiiahkandclblb/";
        public const string EdgeId = "chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh/";
        public const string OperaId = "chrome-extension://ccnckbpmaceehanjmeomladnmlffdjgn/";
    }
}

public static class AuthConstants
{
    public static readonly RangeConstant PBKDF2_ITERATIONS = new(600_000, 2_000_000, 600_000);

    public static readonly RangeConstant ARGON2_ITERATIONS = new(2, 10, 3);
    public static readonly RangeConstant ARGON2_MEMORY = new(15, 1024, 64);
    public static readonly RangeConstant ARGON2_PARALLELISM = new(1, 16, 4);
    public static readonly string NewDeviceVerificationExceptionCacheKeyFormat = "NewDeviceVerificationException_{0}";
}

public class RangeConstant
{
    public int Default { get; }
    public int Min { get; }
    public int Max { get; }

    public RangeConstant(int min, int max, int defaultValue)
    {
        Default = defaultValue;
        Min = min;
        Max = max;

        if (Min > Max)
        {
            throw new ArgumentOutOfRangeException($"{Min} is larger than {Max}.");
        }

        if (!InsideRange(defaultValue))
        {
            throw new ArgumentOutOfRangeException($"{Default} is outside allowed range of {Min}-{Max}.");
        }
    }

    public bool InsideRange(int number)
    {
        return Min <= number && number <= Max;
    }
}

public static class TokenPurposes
{
    public const string LinkSso = "LinkSso";
}

public static class AuthenticationSchemes
{
    public const string BitwardenExternalCookieAuthenticationScheme = "bw.external";
}

public static class FeatureFlagKeys
{
    /* Admin Console Team */
    public const string PolicyRequirements = "pm-14439-policy-requirements";
    public const string ScimInviteUserOptimization = "pm-16811-optimize-invite-user-flow-to-fail-fast";
    public const string CreateDefaultLocation = "pm-19467-create-default-location";
    public const string AutomaticConfirmUsers = "pm-19934-auto-confirm-organization-users";
    public const string PM23845_VNextApplicationCache = "pm-24957-refactor-memory-application-cache";
    public const string BlockClaimedDomainAccountCreation = "pm-28297-block-uninvited-claimed-domain-registration";
    public const string IncreaseBulkReinviteLimitForCloud = "pm-28251-increase-bulk-reinvite-limit-for-cloud";
    public const string DefaultUserCollectionRestore = "pm-30883-my-items-restored-users";
    public const string PremiumAccessQuery = "pm-29495-refactor-premium-interface";
    public const string RefactorMembersComponent = "pm-29503-refactor-members-inheritance";

    /* Architecture */
    public const string DesktopMigrationMilestone1 = "desktop-ui-migration-milestone-1";
    public const string DesktopMigrationMilestone2 = "desktop-ui-migration-milestone-2";
    public const string DesktopMigrationMilestone3 = "desktop-ui-migration-milestone-3";
    public const string DesktopMigrationMilestone4 = "desktop-ui-migration-milestone-4";

    /* Auth Team */
    public const string TwoFactorExtensionDataPersistence = "pm-9115-two-factor-extension-data-persistence";
    public const string EmailVerification = "email-verification";
    public const string BrowserExtensionLoginApproval = "pm-14938-browser-extension-login-approvals";
    public const string SetInitialPasswordRefactor = "pm-16117-set-initial-password-refactor";
    public const string ChangeExistingPasswordRefactor = "pm-16117-change-existing-password-refactor";
    public const string Otp6Digits = "pm-18612-otp-6-digits";
    public const string PM24579_PreventSsoOnExistingNonCompliantUsers = "pm-24579-prevent-sso-on-existing-non-compliant-users";
    public const string DisableAlternateLoginMethods = "pm-22110-disable-alternate-login-methods";
    public const string MJMLBasedEmailTemplates = "mjml-based-email-templates";
    public const string PM2035PasskeyUnlock = "pm-2035-passkey-unlock";
    public const string MjmlWelcomeEmailTemplates = "pm-21741-mjml-welcome-email";
    public const string OrganizationConfirmationEmail = "pm-28402-update-confirmed-to-org-email-template";
    public const string MarketingInitiatedPremiumFlow = "pm-26140-marketing-initiated-premium-flow";
    public const string PrefetchPasswordPrelogin = "pm-23801-prefetch-password-prelogin";
    public const string SafariAccountSwitching = "pm-5594-safari-account-switching";
    public const string PM27086_UpdateAuthenticationApisForInputPassword = "pm-27086-update-authentication-apis-for-input-password";

    /* Autofill Team */
    public const string SSHAgent = "ssh-agent";
    public const string SSHAgentV2 = "ssh-agent-v2";
    public const string SSHVersionCheckQAOverride = "ssh-version-check-qa-override";
    public const string NotificationRefresh = "notification-refresh";
    public const string MacOsNativeCredentialSync = "macos-native-credential-sync";
    public const string WindowsDesktopAutotype = "windows-desktop-autotype";
    public const string WindowsDesktopAutotypeGA = "windows-desktop-autotype-ga";
    public const string NotificationUndeterminedCipherScenarioLogic = "undetermined-cipher-scenario-logic";

    /* Billing Team */
    public const string TrialPayment = "PM-8163-trial-payment";
    public const string PM25379_UseNewOrganizationMetadataStructure = "pm-25379-use-new-organization-metadata-structure";
    public const string PM24032_NewNavigationPremiumUpgradeButton = "pm-24032-new-navigation-premium-upgrade-button";
    public const string PM23713_PremiumBadgeOpensNewPremiumUpgradeDialog = "pm-23713-premium-badge-opens-new-premium-upgrade-dialog";
    public const string PM26793_FetchPremiumPriceFromPricingService = "pm-26793-fetch-premium-price-from-pricing-service";
    public const string PM23341_Milestone_2 = "pm-23341-milestone-2";
    public const string PM26462_Milestone_3 = "pm-26462-milestone-3";
    public const string PM28265_EnableReconcileAdditionalStorageJob = "pm-28265-enable-reconcile-additional-storage-job";
    public const string PM28265_ReconcileAdditionalStorageJobEnableLiveMode = "pm-28265-reconcile-additional-storage-job-enable-live-mode";
    public const string PM29594_UpdateIndividualSubscriptionPage = "pm-29594-update-individual-subscription-page";

    /* Key Management Team */
    public const string PrivateKeyRegeneration = "pm-12241-private-key-regeneration";
    public const string Argon2Default = "argon2-default";
    public const string SSHKeyItemVaultItem = "ssh-key-vault-item";
    public const string EnrollAeadOnKeyRotation = "enroll-aead-on-key-rotation";
    public const string ForceUpdateKDFSettings = "pm-18021-force-update-kdf-settings";
    public const string UnlockWithMasterPasswordUnlockData = "pm-23246-unlock-with-master-password-unlock-data";
    public const string WindowsBiometricsV2 = "pm-25373-windows-biometrics-v2";
    public const string LinuxBiometricsV2 = "pm-26340-linux-biometrics-v2";
    public const string NoLogoutOnKdfChange = "pm-23995-no-logout-on-kdf-change";
    public const string DisableType0Decryption = "pm-25174-disable-type-0-decryption";
    public const string ConsolidatedSessionTimeoutComponent = "pm-26056-consolidated-session-timeout-component";
    public const string V2RegistrationTDEJIT = "pm-27279-v2-registration-tde-jit";
    public const string DataRecoveryTool = "pm-28813-data-recovery-tool";
    public const string EnableAccountEncryptionV2KeyConnectorRegistration = "enable-account-encryption-v2-key-connector-registration";
    public const string SdkKeyRotation = "pm-30144-sdk-key-rotation";
    public const string EnableAccountEncryptionV2JitPasswordRegistration = "enable-account-encryption-v2-jit-password-registration";

    /* Mobile Team */
    public const string AndroidImportLoginsFlow = "import-logins-flow";
    public const string AndroidMutualTls = "mutual-tls";
    public const string SingleTapPasskeyCreation = "single-tap-passkey-creation";
    public const string SingleTapPasskeyAuthentication = "single-tap-passkey-authentication";
    public const string PM3503_MobileAnonAddySelfHostAlias = "anon-addy-self-host-alias";
    public const string PM3553_MobileSimpleLoginSelfHostAlias = "simple-login-self-host-alias";
    public const string MobileErrorReporting = "mobile-error-reporting";
    public const string AndroidChromeAutofill = "android-chrome-autofill";
    public const string UserManagedPrivilegedApps = "pm-18970-user-managed-privileged-apps";
    public const string SendAccess = "pm-19394-send-access-control";
    public const string CxpImportMobile = "cxp-import-mobile";
    public const string CxpExportMobile = "cxp-export-mobile";

    /* Platform Team */
    public const string WebPush = "web-push";
    public const string ContentScriptIpcFramework = "content-script-ipc-channel-framework";
    public const string PushNotificationsWhenLocked = "pm-19388-push-notifications-when-locked";
    public const string PushNotificationsWhenInactive = "pm-25130-receive-push-notifications-for-inactive-users";
    public const string WebAuthnRelatedOrigins = "pm-30529-webauthn-related-origins";

    /* Tools Team */
    /// <summary>
    /// Enable this flag to share the send view used by the web and browser clients
    /// on the desktop client.
    /// </summary>
    public const string UseSdkPasswordGenerators = "pm-19976-use-sdk-password-generators";
    public const string UseChromiumImporter = "pm-23982-chromium-importer";
    public const string ChromiumImporterWithABE = "pm-25855-chromium-importer-abe";
    public const string SendUIRefresh = "pm-28175-send-ui-refresh";
    public const string SendEmailOTP = "pm-19051-send-email-verification";

    /* Vault Team */
    public const string CipherKeyEncryption = "cipher-key-encryption";
    public const string PM19941MigrateCipherDomainToSdk = "pm-19941-migrate-cipher-domain-to-sdk";
    public const string PhishingDetection = "phishing-detection";
    public const string PM22134SdkCipherListView = "pm-22134-sdk-cipher-list-view";
    public const string PM22136_SdkCipherEncryption = "pm-22136-sdk-cipher-encryption";
    public const string PM23904_RiskInsightsForPremium = "pm-23904-risk-insights-for-premium";
    public const string PM25083_AutofillConfirmFromSearch = "pm-25083-autofill-confirm-from-search";
    public const string VaultLoadingSkeletons = "pm-25081-vault-skeleton-loaders";
    public const string BrowserPremiumSpotlight = "pm-23384-browser-premium-spotlight";
    public const string MigrateMyVaultToMyItems = "pm-20558-migrate-myvault-to-myitems";
    public const string PM27632_CipherCrudOperationsToSdk = "pm-27632-cipher-crud-operations-to-sdk";

    /* Innovation Team */
    public const string ArchiveVaultItems = "pm-19148-innovation-archive";

    /* DIRT Team */
    public const string EventManagementForDataDogAndCrowdStrike = "event-management-for-datadog-and-crowdstrike";
    public const string EventDiagnosticLogging = "pm-27666-siem-event-log-debugging";
    public const string EventManagementForHuntress = "event-management-for-huntress";
    public const string Milestone11AppPageImprovements = "pm-30538-dirt-milestone-11-app-page-improvements";

    /* UIF Team */
    public const string RouterFocusManagement = "router-focus-management";

    /* Secrets Manager Team */
    public const string SM1719_RemoveSecretsManagerAds = "sm-1719-remove-secrets-manager-ads";

    public static List<string> GetAllKeys()
    {
        return typeof(FeatureFlagKeys).GetFields(BindingFlags.Public | BindingFlags.Static | BindingFlags.FlattenHierarchy)
            .Where(fi => fi.IsLiteral && !fi.IsInitOnly && fi.FieldType == typeof(string))
            .Select(x => (string)x.GetRawConstantValue())
            .ToList();
    }

    public static Dictionary<string, string> GetLocalOverrideFlagValues()
    {
        // place overriding values when needed locally (offline), or return null
        return null;
    }
}
-												Add `#nullable disable` to platform code (#6057)


											
										
										
											2025-07-08 10:25:59 -04:00
+								// FIXME: Update this file to be null safe and then delete the line below
 								#nullable disable
 								using System.Reflection;
-												All feature state access through config API (#2785)


											
										
										
											2023-03-10 08:11:11 -05:00
 								namespace Bit.Core;
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												adjusted serilog inclusion predicate with bypassid

											
										
										
											2018-08-15 10:54:15 -04:00
+								public static class Constants
 								{
 								    public const int BypassFiltersEventId = 12482444;
-												Support for passkey registration (#2885)

* support for fido2 auth

* stub out registration implementations

* stub out assertion steps and token issuance

* verify token

* webauthn tokenable

* remove duplicate expiration set

* revert sqlproj changes

* update sqlproj target framework

* update new validator signature

* [PM-2014] Passkey registration (#2915)

* [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository`

* [PM-2014] fix: add missing service registration

* [PM-2014] feat: add user verification when fetching options

* [PM-2014] feat: create migration script for mssql

* [PM-2014] chore: append to todo comment

* [PM-2014] feat: add support for creation token

* [PM-2014] feat: implement credential saving

* [PM-2014] chore: add resident key TODO comment

* [PM-2014] feat: implement passkey listing

* [PM-2014] feat: implement deletion without user verification

* [PM-2014] feat: add user verification to delete

* [PM-2014] feat: implement passkey limit

* [PM-2014] chore: clean up todo comments

* [PM-2014] fix: add missing sql scripts

Missed staging them when commiting

* [PM-2014] feat: include options response model in swagger docs

* [PM-2014] chore: move properties after ctor

* [PM-2014] feat: use `Guid` directly as input paramter

* [PM-2014] feat: use nullable guid in token

* [PM-2014] chore: add new-line

* [PM-2014] feat: add support for feature flag

* [PM-2014] feat: start adding controller tests

* [PM-2014] feat: add user verification test

* [PM-2014] feat: add controller tests for token interaction

* [PM-2014] feat: add tokenable tests

* [PM-2014] chore: clean up commented premium check

* [PM-2014] feat: add user service test for credential limit

* [PM-2014] fix: run `dotnet format`

* [PM-2014] chore: remove trailing comma

* [PM-2014] chore: add `Async` suffix

* [PM-2014] chore: move delay to constant

* [PM-2014] chore: change `default` to `null`

* [PM-2014] chore: remove autogenerated weirdness

* [PM-2014] fix: lint

* Added check for PasswordlessLogin feature flag on new controller and methods. (#3284)

* Added check for PasswordlessLogin feature flag on new controller and methods.

* fix: build error from missing constructor argument

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>

* [PM-4171] Update DB to support PRF (#3321)

* [PM-4171] feat: update database to support PRF

* [PM-4171] feat: rename `DescriptorId` to `CredentialId`

* [PM-4171] feat: add PRF felds to domain object

* [PM-4171] feat: add `SupportsPrf` column

* [PM-4171] fix: add missing comma

* [PM-4171] fix: add comma

* [PM-3263] fix identity server tests for passkey registration (#3331)

* Added WebAuthnRepo to EF DI

* updated config to match current grant types

* Remove ExtensionGrantValidator (#3363)

* Linting

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
											
										
										
											2023-10-30 08:40:06 -05:00
+								    public const int FailedSecretVerificationDelay = 2000;
-												Fix upload limits for direct uploads (again) (#1479)

* Use constants to represent file size limits

* Allow uploads of up to 500mb for self-hosted

* Set nginx max body size to 505mb

* Add reminder about updating nginx/proxy.conf
											
										
										
											2021-08-04 09:00:30 +10:00
-												[PM-25088] - refactor premium purchase endpoint (#6262)

* [PM-25088] add feature flag for new premium subscription flow

* [PM-25088] refactor premium endpoint

* forgot the punctuation change in the test

* [PM-25088] - pr feedback

* [PM-25088] - pr feedback round two
											
										
										
											2025-09-10 10:08:22 -05:00
+								    /// <summary>
 								    /// Self-hosted max storage limit in GB (10 TB).
 								    /// </summary>
 								    public const short SelfHostedMaxStorageGb = 10240;
-												Fix upload limits for direct uploads (again) (#1479)

* Use constants to represent file size limits

* Allow uploads of up to 500mb for self-hosted

* Set nginx max body size to 505mb

* Add reminder about updating nginx/proxy.conf
											
										
										
											2021-08-04 09:00:30 +10:00
+								    // File size limits - give 1 MB extra for cushion.
 								    // Note: if request size limits are changed, 'client_max_body_size'
 								    // in nginx/proxy.conf may also need to be updated accordingly.
 								    public const long FileSize101mb = 101L * 1024L * 1024L;
 								    public const long FileSize501mb = 501L * 1024L * 1024L;
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								    public const string DatabaseFieldProtectorPurpose = "DatabaseFieldProtection";
 								    public const string DatabaseFieldProtectedPrefix = "P|";
-												[AC-358] Server changes for self host subscription page changes  (#2826)

* [AC-358] Add constant for grace period length

* [AC-358] Add SubscriptionExpiration to OrganizationLicense.cs and increment Current_License_File_Version

* [AC-358] Update org subscription response model

- Add new SelfHostSubscriptionExpiration field that does not include a grace period
- Add optional License argument to constructor for self host responses
- Use the License, if available, to populate the expiration/subscription expiration fields
- Maintain backwards compatability by falling back to organization expiration date

* [AC-358] Read organization license file for self hosted subscription response

* [AC-358] Decrement current license file version and add comment documenting why

* [AC-358] Clarify name for new expiration without grace period field
											
										
										
											2023-05-15 07:38:41 -07:00
 								    /// <summary>
 								    /// Default number of days an organization has to apply an updated license to their self-hosted installation after
 								    /// their subscription has expired.
 								    /// </summary>
 								    public const int OrganizationSelfHostSubscriptionGracePeriodDays = 60;
-												Individual Vault Item Encryption Feature (#3256)

* [SG-966] [SG-967] Add new cipher properties, update DB objects and create migrations (#2681)

* Updated cipher entity with two new columns

* Added sqlserver mifgration and updated applicable stored procedures and table

* Added EF Migrations

* Made changes to response model to include new column properties

* Fixed formatting

* Modified scripts to reflect suggestions made on PR

* Added column to cipher table using default

* Include constraint in create cipher table script

* Added key and forcerotatekey property to request model (#2716)

* Added key update on the Cipher_UpdateWithCollection stored procedure, ef (#2855)

* Added key and forceKeyRotation to BuildCiphersTable method (#2893)

* [PM-2211] Remove forceKeyRotation column (#2921)

* Removed forceKeyRotation column

* Adjusted date for migrtaion file

* Passed key column to update cipher script to update cipher key when it is rotated (#2967)

* [PM-2448] Update CipherDetails_Update SP to update attachment column (#2992)

* Updated the cipherdetails_update stored procedure to update the attachement column when encrypted with the cipher key

* Moved migration and renamed old migration file

* Fixed lint issues

* Fixed lint issues

* renamed sqlserver migration to have a more recent date

* [PM-2548] Added validation to edit and add attachments methods (#3130)

* PM-2548 Added validation to edit and add attachments methods

* PM-2548 Moved the validation to a private method

* PM-2548 Minor refactor

* Bumped up minimum version

* Bumped up minimum version

* Changed version for tests purposes

* Bumped up minimum version

* Updated encryption minimum version to match clients for QA.

* PM-3976 Passed Key column to update cipher on bulk edit (#3299)

* Updated minimum client version in preparation for release.

* Renamed migration with current date. (#3303)

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <cgoncalves@bitwarden.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
											
										
										
											2023-09-28 08:45:13 -04:00
-												[PM-1222] Passkeys in the Bitwarden vault (#2679)

* [EC-598] feat: add support for saving fido2 keys

* [EC-598] feat: add additional data

* [EC-598] feat: add counter, nonDiscoverableId; remove origin

* [EC-598] fix: previous incomplete commit

* [EC-598] fix: previous incomplete commit.. again

* [EC-598] fix: failed merge

* [EC-598] fix: move files around to match new structure

* [EC-598] feat: add implementation for non-discoverable credentials

* [EC-598] chore: remove some changes introduced by vs

* [EC-598] fix: linting issues

* [PM-1500] Add feature flag to enable pass keys (#2916)

* Added feature flag to enable pass keys

* Renamed enable pass keys to fido2 vault credentials

* only sync fido2key ciphers on clients >=2023.9.0 (#3244)

* Renamed fido2key property username to userDisplayName (#3172)

* [PM-1859] Renamed NonDiscoverableId to credentialId (#3198)

* PM-1859 Refactor to credentialId

* PM-1859 Removed unnecessary import

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>

* [PM-3807] Store all passkeys as login cipher type (#3261)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3807] fix: remove standadlone Fido2Key property that I missed

* [PM-3807] Store passkeys in array (#3268)

* [PM-3807] feat: store passkeys in array

* [PM-3807] amazing adventures with the c# linter

* [PM-3980] Added creationDate property to the Fido2Key object (#3279)

* Added creationDate property to the Fido2Key object

* Fixed lint issues

* fixed comments

* made createionDate required

* [PM-3808] [Storage v2] Add old client/new server backward compatibility (#3262)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3808] feat: add fido2 compatibility check before saving ciphers

* Resolved merge conflicts.

* Setting minimum version for QA.

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>

* [PM-4054] Rename Fido2Key to Fido2Credential (#3306)

* Add server version compatibility check for Fido2Credentials on sharing with org (#3328)

* Added compatibility checks.

* Refactored into separate methods for easier removal.

* Added check on ShareMany

* Updated method order to be consistent.

* Linting

* Updated minimum server version for release, as well as defaulting the feature on for self-hosted.

* Added trailing space.

* Removed extra assignment

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
											
										
										
											2023-10-17 18:17:13 +02:00
+								    public const string Fido2KeyCipherMinimumVersion = "2023.10.0";
-												[PM-10394] Add new item type ssh key (#4575)

* Add ssh key item type

* Add fingerprint

* Limit ssh key ciphers to new clients

* Fix enc string length for 4096 bit rsa keys

* Remove keyAlgorithm from ssh cipher

* Add featureflag and exclude mobile from sync

* Add ssh-agent flag
											
										
										
											2024-11-05 20:25:06 +01:00
+								    public const string SSHKeyCipherMinimumVersion = "2024.12.0";
-												[PM-20225] Block no-userkey legacy users (#5640)

* Block legacy users on all clients over 2025.5

* Update message

* Fix test

* Fix test

* Update blocked version
											
										
										
											2025-06-02 22:04:01 +02:00
+								    public const string DenyLegacyUserMinimumVersion = "2025.6.0";
-												[PM-1222] Passkeys in the Bitwarden vault (#2679)

* [EC-598] feat: add support for saving fido2 keys

* [EC-598] feat: add additional data

* [EC-598] feat: add counter, nonDiscoverableId; remove origin

* [EC-598] fix: previous incomplete commit

* [EC-598] fix: previous incomplete commit.. again

* [EC-598] fix: failed merge

* [EC-598] fix: move files around to match new structure

* [EC-598] feat: add implementation for non-discoverable credentials

* [EC-598] chore: remove some changes introduced by vs

* [EC-598] fix: linting issues

* [PM-1500] Add feature flag to enable pass keys (#2916)

* Added feature flag to enable pass keys

* Renamed enable pass keys to fido2 vault credentials

* only sync fido2key ciphers on clients >=2023.9.0 (#3244)

* Renamed fido2key property username to userDisplayName (#3172)

* [PM-1859] Renamed NonDiscoverableId to credentialId (#3198)

* PM-1859 Refactor to credentialId

* PM-1859 Removed unnecessary import

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>

* [PM-3807] Store all passkeys as login cipher type (#3261)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3807] fix: remove standadlone Fido2Key property that I missed

* [PM-3807] Store passkeys in array (#3268)

* [PM-3807] feat: store passkeys in array

* [PM-3807] amazing adventures with the c# linter

* [PM-3980] Added creationDate property to the Fido2Key object (#3279)

* Added creationDate property to the Fido2Key object

* Fixed lint issues

* fixed comments

* made createionDate required

* [PM-3808] [Storage v2] Add old client/new server backward compatibility (#3262)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3808] feat: add fido2 compatibility check before saving ciphers

* Resolved merge conflicts.

* Setting minimum version for QA.

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>

* [PM-4054] Rename Fido2Key to Fido2Credential (#3306)

* Add server version compatibility check for Fido2Credentials on sharing with org (#3328)

* Added compatibility checks.

* Refactored into separate methods for easier removal.

* Added check on ShareMany

* Updated method order to be consistent.

* Linting

* Updated minimum server version for release, as well as defaulting the feature on for self-hosted.

* Added trailing space.

* Removed extra assignment

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
											
										
										
											2023-10-17 18:17:13 +02:00
-												[PM-2032] Server endpoints to support authentication with a passkey (#3361)

* [PM-2032] feat: add assertion options tokenable

* [PM-2032] feat: add request and response models

* [PM-2032] feat: implement `assertion-options` identity endpoint

* [PM-2032] feat: implement authentication with passkey

* [PM-2032] chore: rename to `WebAuthnGrantValidator`

* [PM-2032] fix: add missing subsitute

* [PM-2032] feat: start adding builder

* [PM-2032] feat: add support for KeyConnector

* [PM-2032] feat: add first version of TDE

* [PM-2032] chore: refactor WithSso

* [PM-2023] feat: add support for TDE feature flag

* [PM-2023] feat: add support for approving devices

* [PM-2023] feat: add support for hasManageResetPasswordPermission

* [PM-2032] feat: add support for hasAdminApproval

* [PM-2032] chore: don't supply device if not necessary

* [PM-2032] chore: clean up imports

* [PM-2023] feat: extract interface

* [PM-2023] chore: add clarifying comment

* [PM-2023] feat: use new builder in production code

* [PM-2032] feat: add support for PRF

* [PM-2032] chore: clean-up todos

* [PM-2023] chore: remove token which is no longer used

* [PM-2032] chore: remove todo

* [PM-2032] feat: improve assertion error handling

* [PM-2032] fix: linting issues

* [PM-2032] fix: revert changes to `launchSettings.json`

* [PM-2023] chore: clean up assertion endpoint

* [PM-2032] feat: bypass 2FA

* [PM-2032] fix: rename prf option to singular

* [PM-2032] fix: lint

* [PM-2032] fix: typo

* [PM-2032] chore: improve builder tests

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>

* [PM-2032] chore: clarify why we don't require 2FA

* [PM-2023] feat: move `identityProvider` constant to common class

* [PM-2032] fix: lint

* [PM-2023] fix: move `IdentityProvider` to core.Constants

* [PM-2032] fix: missing import

* [PM-2032] chore: refactor token timespan to use `TimeSpan`

* [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync

* [PM-2032] chore: use `FromMinutes`

* [PM-2032] fix: change to 17 minutes to cover webauthn assertion

* [PM-2032] chore: do not use `async void`

* [PM-2032] fix: comment saying wrong amount of minutes

* [PM-2032] feat: put validator behind feature flag

* [PM-2032] fix: lint

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
											
										
										
											2023-11-20 15:55:31 +01:00
+								    /// <summary>
 								    /// Used by IdentityServer to identify our own provider.
 								    /// </summary>
 								    public const string IdentityProvider = "bitwarden";
-												[AC-1753] Automatically assign provider's pricing to new organizations (#3513)

* Initial commit

* resolve pr comment

* adding some unit test

* Resolve pr comments

* Adding some unit test

* Resolve pr comment

* changes to find the bug

* revert back changes on admin

* Fix the failing Test

* fix the bug
											
										
										
											2023-12-20 22:54:45 +01:00
 								    /// <summary>
 								    /// Date identifier used in ProviderService to determine if a provider was created before Nov 6, 2023.
 								    /// If true, the organization plan assigned to that provider is updated to a 2020 plan.
 								    /// </summary>
 								    public static readonly DateTime ProviderCreatedPriorNov62023 = new DateTime(2023, 11, 6);
-												[PM 5864] Resolve root cause of double-charging customers with implementation of PM-3892 (#3762)

* Getting dollar threshold to work

* Added billing cycle anchor to invoice upcoming call

* Added comments for further work

* add featureflag

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve pr comments

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve pr comment

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
											
										
										
											2024-02-13 20:28:14 +01:00
 								    /// <summary>
 								    /// When you set the ProrationBehavior to create_prorations,
 								    /// Stripe will automatically create prorations for any changes made to the subscription,
 								    /// such as changing the plan, adding or removing quantities, or applying discounts.
 								    /// </summary>
 								    public const string CreateProrations = "create_prorations";
 								    /// <summary>
 								    /// When you set the ProrationBehavior to always_invoice,
 								    /// Stripe will always generate an invoice when a subscription update occurs,
 								    /// regardless of whether there is a proration or not.
 								    /// </summary>
 								    public const string AlwaysInvoice = "always_invoice";
-												[PM-24350] fix tax calculation (#6251)


											
										
										
											2025-09-03 10:03:49 -05:00
 								    /// <summary>
 								    /// Used primarily to determine whether a customer's business is inside or outside the United States
 								    /// for billing purposes.
 								    /// </summary>
 								    public static class CountryAbbreviations
 								    {
 								        /// <summary>
 								        /// Abbreviation for The United States.
 								        /// This value must match what Stripe uses for the `Country` field value for the United States.
 								        /// </summary>
 								        public const string UnitedStates = "US";
 								    }
-												PM-13632: Add support for configuring multiple allowed origins (#6317)

* Add support for configuring multiple allowed origins

* Use if/else instead of union

* Add conditionals

* Added Chromium based extension ID's

* format

* Update src/Core/Constants.cs

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* remove chromedevelopmentid

* format

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
											
										
										
											2025-10-06 16:15:05 +02:00
 								    /// <summary>
 								    /// Constants for our browser extensions IDs
 								    /// </summary>
 								    public static class BrowserExtensions
 								    {
 								        public const string ChromeId = "chrome-extension://nngceckbapebfimnlniiiahkandclblb/";
 								        public const string EdgeId = "chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh/";
 								        public const string OperaId = "chrome-extension://ccnckbpmaceehanjmeomladnmlffdjgn/";
 								    }
-												adjusted serilog inclusion predicate with bypassid

											
										
										
											2018-08-15 10:54:15 -04:00
+								}
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
-												[PM-3565] Enforce higher minimum KDF (#3304)

Extract KDF logic into a new Range class. Increase minimum iterations for PBKDF.
											
										
										
											2023-12-05 17:21:46 +01:00
+								public static class AuthConstants
 								{
 								    public static readonly RangeConstant PBKDF2_ITERATIONS = new(600_000, 2_000_000, 600_000);
 								    public static readonly RangeConstant ARGON2_ITERATIONS = new(2, 10, 3);
 								    public static readonly RangeConstant ARGON2_MEMORY = new(15, 1024, 64);
 								    public static readonly RangeConstant ARGON2_PARALLELISM = new(1, 16, 4);
-												feat(NewDeviceVerification) : (#5153)

feat(NewDeviceVerification) :
Added constat for the cache key in Bit.Core because the cache key format needs to be shared between the Identity Server and the MVC Admin project.
Updated DeviceValidator class to handle checking cache for user information to allow pass through.
Updated and Added tests to handle new flow.
											
										
										
											2024-12-17 08:59:39 -08:00
+								    public static readonly string NewDeviceVerificationExceptionCacheKeyFormat = "NewDeviceVerificationException_{0}";
-												[PM-3565] Enforce higher minimum KDF (#3304)

Extract KDF logic into a new Range class. Increase minimum iterations for PBKDF.
											
										
										
											2023-12-05 17:21:46 +01:00
+								}
 								public class RangeConstant
 								{
 								    public int Default { get; }
 								    public int Min { get; }
 								    public int Max { get; }
 								    public RangeConstant(int min, int max, int defaultValue)
 								    {
 								        Default = defaultValue;
 								        Min = min;
 								        Max = max;
 								        if (Min > Max)
 								        {
 								            throw new ArgumentOutOfRangeException($"{Min} is larger than {Max}.");
 								        }
 								        if (!InsideRange(defaultValue))
 								        {
 								            throw new ArgumentOutOfRangeException($"{Default} is outside allowed range of {Min}-{Max}.");
 								        }
 								    }
 								    public bool InsideRange(int number)
 								    {
 								        return Min <= number && number <= Max;
 								    }
 								}
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								public static class TokenPurposes
 								{
 								    public const string LinkSso = "LinkSso";
 								}
-												Fix safari sso header size (#1065)

* Safari SSO header size fix - in progress

* Cleanup of memoryCacheTicketStore

* Redis cache ticket store + registration

* Revert some unecessary changes

* temp - distributed cookie: idsrv.external

* Ticket data cached storage added

* OIDC working w/ substantially reduced cookie size

* Added distributed cache cookie manager

* Removed hybrid OIDC flow

* Enable self-hosted folks to use Redis  for SSO

* Also allow self-hosted to use Redis cont...
											
										
										
											2021-01-11 11:03:46 -05:00
 								public static class AuthenticationSchemes
 								{
 								    public const string BitwardenExternalCookieAuthenticationScheme = "bw.external";
-												adjusted serilog inclusion predicate with bypassid

											
										
										
											2018-08-15 10:54:15 -04:00
+								}
-												[PM-1012] Feature access using context (#2764)

* Document online method

* Feature accessors with context

* Direct null assertion

* Establish a constants class for flag keys
											
										
										
											2023-03-07 13:46:52 -05:00
 								public static class FeatureFlagKeys
 								{
-												Group AC Team feature flags (#5309)


											
										
										
											2025-01-23 00:04:08 +10:00
+								    /* Admin Console Team */
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								    public const string PolicyRequirements = "pm-14439-policy-requirements";
-												[PM-16811] - SCIM Invite Users Optimizations (#5398)

* WIP changes for Invite User optimization from Scim

* feature flag string

* Added plan validation to PasswordManagerInviteUserValidation. Cleaned up a few things.

* Added Secrets Manager Validations and Tests.

* Added bulk procedure for saving users, collections and groups from inviting. Added test to validate Ef and Sproc

* Created SendOrganizationInvitesCommand and moved some tests from OrgServiceTests. Fixed some tests in org service in relation to moving out SendOrgInviteCommand code.

Added side effects to InviteOrganizationUsersCommand

* First test of new command.

* Added test to verify valid request with a user calls db method and sends the invite

* Added more tests for the updates

* Added integration test around enabling feature and sending invite via scim. Did a bit of refactoring on the SM validation. Fixed couple bugs found.

* Switching over to a local factory.

* created response model and split interface out.

* switched to initialization block

* Moved to private method. Made ScimInvite inherit the single invite base model. Moved create methods to constructors. A few more CR changes included.

* Moved `FromOrganization` mapper method to a constructor

* Updated to use new pricing client. Supressed null dereference errors.

* Fixing bad merge.

* Rename of OrgDto

* undoing this

* Moved into class

* turned into a switch statement

* Separated into separate files.

* Renamed dto and added ctor

* Dto rename. Moved from static methods to ctors

* Removed unused request model

* changes from main

* missed value

* Fixed some compilation errors.

* Fixed some changes.

* Removed comment

* fixed compiler warning.

* Refactored to use new ValidationResult pattern. added mapping method.

* Added throwing of Failure as the previous implementation would have.

* Cleaned up return.

* fixing test.

* Made HasSecretsManagerStandalone return if org doesn't have sm. Added overload for lighter weight model and moved common code to private method.

* Fixed tests.

* Made public method private. added some comments.

* Refactor validation parameter to improve clarity and consistency. Added XML doc

* fixed test

* Removed test only constructor from InviteOrganization

* Separated old and new code explicitly. Moved old code checks down into new code as well. Added error and mapper to Failure<T>

* Variable/Field/Property renames

* Renamed InviteUsersValidation to InviteUsersValidator

* Rename for InvitingUserOrganizationValidation to InvitingUserOrganizationValidator

* PasswordManagerInviteUserValidation to PasswordManagerInviteUserValidator

* Moved XML comment. Added check to see if additional seats are needed.

* Fixing name.

* Updated names.

* Corrected double negation.

* Added groups and collection and users checks.

* Fixed comment. Fixed multiple enumeration. Changed variable name.

* Cleaned up DTO models. Moved some validation steps around. A few quick fixes to address CR concerns. Still need to move a few things yet.

* Fixed naming in subscription update models.

* put back in the request for now.

* Quick rename

* Added provider email addresses as well.

* Removed valid wrapper to pass in to validation methods.

* fix tests

* Code Review changes.

* Removed unused classes

* Using GetPlanOrThrow instead.

* Switches to extension method

* Made Revert and Adjust Sm methods consistent. Corrected string comparer. Added comment for revert sm.

* Fixing compiler complaint.

* Adding XML docs

* Calculated seat addition for SM.

* Fixing compiler complaints.

* Renames for organization.

* Fixing comparison issue.

* Adding error and aligning message.

* fixing name of method.

* Made extension method.

* Rearranged some things. Fixed the tests.

* Added test around validating the revert.

* Added test to validate the provider email is sent if org is managed by a provider.

* Created new errors and removed references in business code to ErrorMessages property. This aligns Invite User code to use Errors instead of ErrorMessages

* Delayed the hasSecretsManagerStandalone call as long as possible.

* Corrected model name. Corrected SM seat calculation. Added test for it.

* Corrected logic and added more tests.
											
										
										
											2025-04-07 09:14:10 -05:00
+								    public const string ScimInviteUserOptimization = "pm-16811-optimize-invite-user-flow-to-fail-fast";
-												[PM-22098] Create default collection when organization member is confirmed (#5944)

* Add RequiresDefaultCollection method to PersonalOwnershipPolicyRequirement

* Add CreateDefaultLocation feature flag to Constants.cs

* Add DefaultUserCollectionName property to OrganizationUserConfirmRequestModel with encryption attributes

* Update PersonalOwnershipPolicyRequirement instantiation in tests to use constructor with parameters instead of property assignment

* Enhance ConfirmOrganizationUserCommand to support default user collection creation. Added logic to check if a default collection is required based on organization policies and feature flags. Updated ConfirmUserAsync method signature to include an optional defaultUserCollectionName parameter. Added corresponding tests to validate the new functionality.

* Refactor Confirm method in OrganizationUsersController to use Guid parameters directly, simplifying the code. Updated ConfirmUserAsync call to include DefaultUserCollectionName from the input model.

* Move logic for handling confirmation side effects into a separate method

* Refactor PersonalOwnershipPolicyRequirement to use enum for ownership state

- Introduced PersonalOwnershipState enum to represent allowed and restricted states.
- Updated PersonalOwnershipPolicyRequirement constructor and properties to utilize the new enum.
- Modified related classes and tests to reflect changes in ownership state handling.
											
										
										
											2025-06-17 12:20:22 +01:00
+								    public const string CreateDefaultLocation = "pm-19467-create-default-location";
-												[PM-26361] Add User Auto Confirmation (#6436)

* Adding AutoConfrim and migrations.

* Add value to Admin Page and update sproc to correct name.

* Correcting license constant.

* Adding feature check back in.

* Fixing sprocs :face_palm:

* Remove Coalesce

* Adding property to plan and model constructor

* Correcting name of column.  Cascading change throughout. Updating response models. Updating sprocs and views. Updating migrations

* fixing sproc

* Fixing up license stuff.

* Updating org view

* Code review changes and renames :face_palm:

* Refershing additional views

* Last two fixes.
											
										
										
											2025-10-20 07:27:18 -05:00
+								    public const string AutomaticConfirmUsers = "pm-19934-auto-confirm-organization-users";
-												[PM-23845] Update cache service to handle concurrency (#6170)


											
										
										
											2025-09-12 13:44:19 -04:00
+								    public const string PM23845_VNextApplicationCache = "pm-24957-refactor-memory-application-cache";
-												[PM-27766] Add policy for blocking account creation from claimed domains. (#6537)

* Add policy for blocking account creation from claimed domains.

* dotnet format

* check as part of email verification

* add feature flag

* fix tests

* try to fix dates on database integration tests

* PR feedback from claude

* remove claude local settings

* pr feedback

* format

* fix test

* create or alter

* PR feedback

* PR feedback

* Update src/Core/Constants.cs

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* fix merge issues

* fix tests

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
											
										
										
											2025-11-19 20:25:50 -05:00
+								    public const string BlockClaimedDomainAccountCreation = "pm-28297-block-uninvited-claimed-domain-registration";
-												[PM-28252] Add new feature flag for increasing bulk reinvite limit for cloud (#6624)


											
										
										
											2025-11-24 11:41:01 +00:00
+								    public const string IncreaseBulkReinviteLimitForCloud = "pm-28251-increase-bulk-reinvite-limit-for-cloud";
-												[PM-28627] Create Default Collection Restore (#6879)

* Add default collection name to call stack for restore user command

* Committing feature flag and request model.

* Added tests

* fix for tests.

* added empty string to test

* figured out the mystery commit.

* added vnext onto method name.

* updating tests and command to include feature flag

* moved event call

* last few changes.

* opting for null instead of empty string.
											
										
										
											2026-01-28 09:05:29 -06:00
+								    public const string DefaultUserCollectionRestore = "pm-30883-my-items-restored-users";
-												fix: feature flag key for PremiumAccessQuery, refs PM-21411 (#6834)


											
										
										
											2026-01-14 12:21:49 -06:00
+								    public const string PremiumAccessQuery = "pm-29495-refactor-premium-interface";
-												chore: add feature flag definition, refs PM-26463 (#6882)


											
										
										
											2026-01-22 11:23:18 -06:00
+								    public const string RefactorMembersComponent = "pm-29503-refactor-members-inheritance";
-												Group AC Team feature flags (#5309)


											
										
										
											2025-01-23 00:04:08 +10:00
-												Add feature flags for desktop-ui migration (#6548)


											
										
										
											2025-11-07 11:04:27 +01:00
+								    /* Architecture */
 								    public const string DesktopMigrationMilestone1 = "desktop-ui-migration-milestone-1";
 								    public const string DesktopMigrationMilestone2 = "desktop-ui-migration-milestone-2";
 								    public const string DesktopMigrationMilestone3 = "desktop-ui-migration-milestone-3";
-												Add desktop-migration-milestone-4 flag (#6881)


											
										
										
											2026-01-26 16:36:10 +01:00
+								    public const string DesktopMigrationMilestone4 = "desktop-ui-migration-milestone-4";
-												Add feature flags for desktop-ui migration (#6548)


											
										
										
											2025-11-07 11:04:27 +01:00
-												fix(device-approval-persistence): [PM-9112] Device Approval Persistence - Added feature flag. (#5495)


											
										
										
											2025-03-19 15:27:51 -04:00
+								    /* Auth Team */
-												[PM-9115] Add feature flag for 2FA persistence (#5583)

* Add new feature flag.

* Clarified name.
											
										
										
											2025-03-31 14:27:09 -04:00
+								    public const string TwoFactorExtensionDataPersistence = "pm-9115-two-factor-extension-data-persistence";
-												[PM-1449] Add email-verification flag (#4033)


											
										
										
											2024-04-30 12:43:12 -04:00
+								    public const string EmailVerification = "email-verification";
-												Auth/pm 17111/add browser to list of approving clients (#5825)

* refactor(update-auth-approving-clients): [PM-17111] Add Browser to List of Approving Clients - Refactored how it works to fit different priorities.
											
										
										
											2025-05-16 09:50:32 -04:00
+								    public const string BrowserExtensionLoginApproval = "pm-14938-browser-extension-login-approvals";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
+								    public const string SetInitialPasswordRefactor = "pm-16117-set-initial-password-refactor";
 								    public const string ChangeExistingPasswordRefactor = "pm-16117-change-existing-password-refactor";
-												feat(OTP): [PM-18612] Change email OTP to six digits

* Change email OTP to 6 digits

* Added comment on base class

* Added tests

* Renamed tests.

* Fixed tests

* Renamed file to match class
											
										
										
											2025-07-14 10:23:30 -04:00
+								    public const string Otp6Digits = "pm-18612-otp-6-digits";
-												feat(prevent-bad-existing-sso-user): [PM-24579] Prevent Existing Non Confirmed and Accepted SSO Users (#6348)

* feat(prevent-bad-existing-sso-user): [PM-24579] Precent Existing Non Confirmed and Accepted SSO Users - Added in logic to block existing sso org users who are not in the confirmed or accepted state.

* fix(prevent-bad-existing-sso-user): [PM-24579] Precent Existing Non Confirmed and Accepted SSO Users - Added docs as well as made clear what statuses are permissible.

* test(prevent-bad-existing-sso-user): [PM-24579] Precent Existing Non Confirmed and Accepted SSO Users - Added tests.
											
										
										
											2025-10-27 14:21:24 -04:00
+								    public const string PM24579_PreventSsoOnExistingNonCompliantUsers = "pm-24579-prevent-sso-on-existing-non-compliant-users";
-												chore(feature-flag) Added feature flag for pm-22110-disable-alternate-login-methods


											
										
										
											2025-09-24 15:30:43 -04:00
+								    public const string DisableAlternateLoginMethods = "pm-22110-disable-alternate-login-methods";
-												[PM-25240] Send Access OTP email in MJML format (#6411)

feat: Add MJML email templates for Send Email OTP
feat: Implement MJML-based email templates for Send OTP functionality
feat: Add feature flag support for Send Email OTP v2 emails
feat: Update email view models and call sites for Send Email OTP

fix: Modify the directory structure for MJML templates to have Auth directory for better team ownership
fix: Rename `hero.js` to `mj-bw-hero.js`

---
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
											
										
										
											2025-10-22 15:13:31 -04:00
+								    public const string MJMLBasedEmailTemplates = "mjml-based-email-templates";
-												PM-2035: PRF Unlock (#6401)

* Initial refactor

* Add WebauthnPRFOptions to syncResponse

* MAYBE: Use KM owned ResponseModel?

* REVERT ^- Keep using PrfUnlockOptions for simplicity

This reverts commit 5a34e7dfa8f3dfd473b916148078ec0923df22be.

* UserDecryptionOptions: Only send one credential

* format

* Update UserDecryptionOptions.cs

* format

* Added feature flag (#6600)
											
										
										
											2026-01-26 16:18:42 +01:00
+								    public const string PM2035PasskeyUnlock = "pm-2035-passkey-unlock";
-												Update MjmlWelcomeEmailTemplates Feature Flag Key (#6611)


											
										
										
											2025-11-20 14:51:38 -05:00
+								    public const string MjmlWelcomeEmailTemplates = "pm-21741-mjml-welcome-email";
-												[PM-27882] Add SendOrganizationConfirmationCommand (#6743)


											
										
										
											2026-01-06 16:43:36 -05:00
+								    public const string OrganizationConfirmationEmail = "pm-28402-update-confirmed-to-org-email-template";
-												feat(marketing-initiated-premium): Auth [PM-27551] Create feature flag (#6581)

Create a `"pm-26140-marketing-initiated-premium-flow"` feature flag in `Constants.cs`
											
										
										
											2025-11-17 11:25:22 -08:00
+								    public const string MarketingInitiatedPremiumFlow = "pm-26140-marketing-initiated-premium-flow";
-												chore(flags): Add pm-23801-prefetch-password-prelogin feature flag


											
										
										
											2026-01-07 17:28:34 -05:00
+								    public const string PrefetchPasswordPrelogin = "pm-23801-prefetch-password-prelogin";
-												feat(account-switching) [PM-5594]: Add Safari account-switching feature flag. (#6829)


											
										
										
											2026-01-27 14:26:07 -05:00
+								    public const string SafariAccountSwitching = "pm-5594-safari-account-switching";
-												chore(flag): add pm-27086-update-authentication-apis-for-input-password feature flag


											
										
										
											2026-01-15 06:00:31 -08:00
+								    public const string PM27086_UpdateAuthenticationApisForInputPassword = "pm-27086-update-authentication-apis-for-input-password";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
 								    /* Autofill Team */
 								    public const string SSHAgent = "ssh-agent";
-												Add SSHAgentV2 constant to Constants.cs (#6461)


											
										
										
											2025-10-22 01:11:40 +02:00
+								    public const string SSHAgentV2 = "ssh-agent-v2";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
+								    public const string SSHVersionCheckQAOverride = "ssh-version-check-qa-override";
-												add NotificationRefresh feature flag (#5262)

Co-authored-by: Evan Bassler <ebassler@livefront.com>
											
										
										
											2025-01-14 15:47:35 -05:00
+								    public const string NotificationRefresh = "notification-refresh";
-												feat: add credential sync feature flag (#5052)


											
										
										
											2024-11-28 09:49:09 +01:00
+								    public const string MacOsNativeCredentialSync = "macos-native-credential-sync";
-												[PM-22783] Add windows-desktop-autotype feature flag (#5990)


											
										
										
											2025-06-20 14:02:48 -04:00
+								    public const string WindowsDesktopAutotype = "windows-desktop-autotype";
-												Add feature flag for windows desktop autotype GA (#6717)


											
										
										
											2025-12-17 13:29:06 -07:00
+								    public const string WindowsDesktopAutotypeGA = "windows-desktop-autotype-ga";
-												Add NotificationUndeterminedCipherScenarioLogic feature flag (#6884)

* Add NotificationUndeterminedCipherScenarioLogic feature flag

* Remove whitespace
											
										
										
											2026-01-23 09:05:58 -05:00
+								    public const string NotificationUndeterminedCipherScenarioLogic = "undetermined-cipher-scenario-logic";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
 								    /* Billing Team */
 								    public const string TrialPayment = "PM-8163-trial-payment";
-												[PM-25379] Refactor org metadata (#6441)

* ignore serena

* removing unused properties from org metadata

* removing further properties that can already be fetched on the client side using available data

* new vnext endpoint for org metadata plus caching metadata first pass

including new feature flag

# Conflicts:
#	src/Core/Constants.cs

* [PM-25379] decided against cache and new query shouldn't use the service

* pr feedback

removing unneeded response model

* run dotnet format
											
										
										
											2025-10-13 10:49:55 -05:00
+								    public const string PM25379_UseNewOrganizationMetadataStructure = "pm-25379-use-new-organization-metadata-structure";
-												[PM-24032] new feature flag for premium button (#6404)


											
										
										
											2025-10-07 09:09:04 -05:00
+								    public const string PM24032_NewNavigationPremiumUpgradeButton = "pm-24032-new-navigation-premium-upgrade-button";
-												[PM-23713] new feature flag for premium badge interaction (#6425)


											
										
										
											2025-10-07 16:08:02 -05:00
+								    public const string PM23713_PremiumBadgeOpensNewPremiumUpgradeDialog = "pm-23713-premium-badge-opens-new-premium-upgrade-dialog";
-												[PM-26793] Fetch premium plan from pricing service (#6450)

* Fetch premium plan from pricing service

* Run dotnet format
											
										
										
											2025-10-22 14:13:16 -05:00
+								    public const string PM26793_FetchPremiumPriceFromPricingService = "pm-26793-fetch-premium-price-from-pricing-service";
-												Milestone 2b Update (#6515)

* feat(billing): add feature flag

* feat(billing): implement feature flag

* fix(billing): update logic

* fix(billing): revert spacing
											
										
										
											2025-10-29 13:12:16 -04:00
+								    public const string PM23341_Milestone_2 = "pm-23341-milestone-2";
-												[PM-24284] - milestone 3 (#6543)

* new feature flag

* first pass at changes

* safeguard against billing-pricing not being deployed yet

* handle families pre migration plan

* wrong stripe id

* tests

* unit tests
											
										
										
											2025-11-10 11:51:00 -06:00
+								    public const string PM26462_Milestone_3 = "pm-26462-milestone-3";
-												[PM-28265] storage reconciliation job (#6615)


											
										
										
											2025-11-24 16:11:52 -06:00
+								    public const string PM28265_EnableReconcileAdditionalStorageJob = "pm-28265-enable-reconcile-additional-storage-job";
 								    public const string PM28265_ReconcileAdditionalStorageJobEnableLiveMode = "pm-28265-reconcile-additional-storage-job-enable-live-mode";
-												[PM 29610]Update Account Storage Endpoint (#6750)

* update account storage endpoint

* Fix the failing test

* Added flag and refactor base on pr comments

* fix the lint error

* Resolve the pr comments

* Fix the failing test

* Fix the failing test

* Return none

* Resolve the lint error

* Fix the failing test

* Add the missing test

* Formatting issues fixed
											
										
										
											2026-01-05 17:52:52 +01:00
+								    public const string PM29594_UpdateIndividualSubscriptionPage = "pm-29594-update-individual-subscription-page";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
 								    /* Key Management Team */
 								    public const string PrivateKeyRegeneration = "pm-12241-private-key-regeneration";
 								    public const string Argon2Default = "argon2-default";
 								    public const string SSHKeyItemVaultItem = "ssh-key-vault-item";
-												[PM-21034] Feature Branch - "User Crypto V2" (#5982)

* [PM-21034] Database changes for signature keypairs (#5906)

* Add signing key repositories, models, and sql migration scripts

* Rename UserSigningKeys table to UserSigningKey

* Rename signedpublickeyownershipclaim to signedpublickey

* Move signedPublicKey to last parameter

* Add newline at end of file

* Rename to signature key pair

* Further rename to signaturekeypair

* Rename to UserSignatureKeyPairRepository

* Add newline

* Rename more instances to UserSignatureKeyPair

* Update parameter order

* Fix order

* Add more renames

* Cleanup

* Fix sql

* Add ef migrations

* Fix difference in SQL SP compared to migration SP

* Fix difference in SQL SP vs migration

* Fix difference in SQL SP vs migration

* Attempt to fix sql

* Rename migration to start later

* Address feedback

* Move UserSignatureKeyPair to KM codeownership

* Fix build

* Fix build

* Fix build

* Move out entitytypeconfiguration

* Use view for reading usersignaturekeypairs

* Fix migration script

* Fix migration script

* Drop view if exists

* Enable nullable

* Replace with create or alter view

* Switch go generatecomb

* Switch to generatecomb

* Move signature algorithm

* Move useresignaturekeypairentitytypeconfiguration to km ownership

* Move userSignatureKeyPair model

* Unswap file names

* Move sql files to km ownership

* Add index on userid for signature keys

* Fix wrong filename

* Remove string length limit

* Regenerate EF migrations

* Undo changes to program.cs

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Rename dbset to plural

* Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* [PM-21034] Implement api changes to retreive signing keys (#5932)

* Add signing key repositories, models, and sql migration scripts

* Rename UserSigningKeys table to UserSigningKey

* Rename signedpublickeyownershipclaim to signedpublickey

* Move signedPublicKey to last parameter

* Add newline at end of file

* Rename to signature key pair

* Further rename to signaturekeypair

* Rename to UserSignatureKeyPairRepository

* Add newline

* Rename more instances to UserSignatureKeyPair

* Update parameter order

* Fix order

* Add more renames

* Cleanup

* Fix sql

* Add ef migrations

* Fix difference in SQL SP compared to migration SP

* Fix difference in SQL SP vs migration

* Fix difference in SQL SP vs migration

* Attempt to fix sql

* Rename migration to start later

* Address feedback

* Move UserSignatureKeyPair to KM codeownership

* Fix build

* Fix build

* Fix build

* Move out entitytypeconfiguration

* Use view for reading usersignaturekeypairs

* Fix migration script

* Fix migration script

* Add initial get keys endpoint

* Add sync response

* Cleanup

* Add query and fix types

* Add tests and cleanup

* Fix test

* Drop view if exists

* Add km queries

* Cleanup

* Enable nullable

* Cleanup

* Cleanup

* Enable nullable

* Fix incorrect namespace

* Remove unused using

* Fix test build

* Fix build error

* Fix build

* Attempt to fix tests

* Attempt to fix tests

* Replace with create or alter view

* Attempt to fix tests

* Attempt to fix build

* Rename to include async suffix

* Fix test

* Rename repo

* Attempt to fix tests

* Cleanup

* Test

* Undo test

* Fix tests

* Fix test

* Switch go generatecomb

* Switch to generatecomb

* Move signature algorithm

* Move useresignaturekeypairentitytypeconfiguration to km ownership

* Move userSignatureKeyPair model

* Unswap file names

* Move sql files to km ownership

* Add index on userid for signature keys

* Fix wrong filename

* Fix build

* Remove string length limit

* Regenerate EF migrations

* Undo changes to program.cs

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Rename dbset to plural

* Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Controllers/UsersController.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Cleanup and move query to core

* Fix test

* Fix build

* Fix tests

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Switch away from primary constructor

* Use argumentNullException

* Add test

* Pass user account keys directly to profileresponsemodel

* Move registration to core

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove empty line

* Apply suggestions

* Fix tests

* Fix tests

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* [PM-22384] Implement key-rotation based enrollment to user-crypto v2 (#5934)

* Add signing key repositories, models, and sql migration scripts

* Rename UserSigningKeys table to UserSigningKey

* Rename signedpublickeyownershipclaim to signedpublickey

* Move signedPublicKey to last parameter

* Add newline at end of file

* Rename to signature key pair

* Further rename to signaturekeypair

* Rename to UserSignatureKeyPairRepository

* Add newline

* Rename more instances to UserSignatureKeyPair

* Update parameter order

* Fix order

* Add more renames

* Cleanup

* Fix sql

* Add ef migrations

* Fix difference in SQL SP compared to migration SP

* Fix difference in SQL SP vs migration

* Fix difference in SQL SP vs migration

* Attempt to fix sql

* Rename migration to start later

* Address feedback

* Move UserSignatureKeyPair to KM codeownership

* Fix build

* Fix build

* Fix build

* Move out entitytypeconfiguration

* Use view for reading usersignaturekeypairs

* Fix migration script

* Fix migration script

* Add initial get keys endpoint

* Add sync response

* Cleanup

* Add query and fix types

* Add tests and cleanup

* Fix test

* Drop view if exists

* Add km queries

* Cleanup

* Enable nullable

* Cleanup

* Cleanup

* Enable nullable

* Fix incorrect namespace

* Remove unused using

* Fix test build

* Fix build error

* Fix build

* Attempt to fix tests

* Attempt to fix tests

* Replace with create or alter view

* Attempt to fix tests

* Attempt to fix build

* Rename to include async suffix

* Fix test

* Rename repo

* Attempt to fix tests

* Cleanup

* Test

* Undo test

* Fix tests

* Fix test

* Switch go generatecomb

* Switch to generatecomb

* Move signature algorithm

* Move useresignaturekeypairentitytypeconfiguration to km ownership

* Move userSignatureKeyPair model

* Unswap file names

* Move sql files to km ownership

* Add index on userid for signature keys

* Fix wrong filename

* Fix build

* Remove string length limit

* Regenerate EF migrations

* Undo changes to program.cs

* Cleanup

* Add migration to user encryption v2

* Fix build

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Rename dbset to plural

* Cleanup

* Cleanup

* Fix build

* Fix test

* Add validation

* Fix test

* Apply fixes

* Fix tests

* Improve tests

* Add tests

* Add error message validation

* Fix tests

* Fix tests

* Fix test

* Add test

* Fix tests and errors

* Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Controllers/UsersController.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Cleanup and move query to core

* Fix test

* Fix build

* Fix tests

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Switch away from primary constructor

* Use argumentNullException

* Add test

* Pass user account keys directly to profileresponsemodel

* Fix build

* Fix namespace

* Make signedpublickey optional

* Remove unused file

* Fix cases for request data conversion

* Revert constructor change

* Undo comments change

* Apply fixes

* Move registration to core

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove empty line

* Apply suggestions

* Fix tests

* Fix tests

* Fix build of integration tests

* Attempt to fix tests

* Add test

* Move v2 encryption user async below public functions

* Add todo

* Rename to have async suffix

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Address feedback

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test coverage

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Split up validation from rotation

* Fix tests

* Increase test coverage

* Rename tests

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test for no signature keypair data

* Fix build

* Enable nullable

* Fix build

* Clean up data model

* Fix tests

* Cleanup

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Fix build

* [PM-22862] Account security version (#5995)

* Add signing key repositories, models, and sql migration scripts

* Rename UserSigningKeys table to UserSigningKey

* Rename signedpublickeyownershipclaim to signedpublickey

* Move signedPublicKey to last parameter

* Add newline at end of file

* Rename to signature key pair

* Further rename to signaturekeypair

* Rename to UserSignatureKeyPairRepository

* Add newline

* Rename more instances to UserSignatureKeyPair

* Update parameter order

* Fix order

* Add more renames

* Cleanup

* Fix sql

* Add ef migrations

* Fix difference in SQL SP compared to migration SP

* Fix difference in SQL SP vs migration

* Fix difference in SQL SP vs migration

* Attempt to fix sql

* Rename migration to start later

* Address feedback

* Move UserSignatureKeyPair to KM codeownership

* Fix build

* Fix build

* Fix build

* Move out entitytypeconfiguration

* Use view for reading usersignaturekeypairs

* Fix migration script

* Fix migration script

* Add initial get keys endpoint

* Add sync response

* Cleanup

* Add query and fix types

* Add tests and cleanup

* Fix test

* Drop view if exists

* Add km queries

* Cleanup

* Enable nullable

* Cleanup

* Cleanup

* Enable nullable

* Fix incorrect namespace

* Remove unused using

* Fix test build

* Fix build error

* Fix build

* Attempt to fix tests

* Attempt to fix tests

* Replace with create or alter view

* Attempt to fix tests

* Attempt to fix build

* Rename to include async suffix

* Fix test

* Rename repo

* Attempt to fix tests

* Cleanup

* Test

* Undo test

* Fix tests

* Fix test

* Switch go generatecomb

* Switch to generatecomb

* Move signature algorithm

* Move useresignaturekeypairentitytypeconfiguration to km ownership

* Move userSignatureKeyPair model

* Unswap file names

* Move sql files to km ownership

* Add index on userid for signature keys

* Fix wrong filename

* Fix build

* Remove string length limit

* Regenerate EF migrations

* Undo changes to program.cs

* Cleanup

* Add migration to user encryption v2

* Fix build

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Rename dbset to plural

* Cleanup

* Cleanup

* Fix build

* Fix test

* Add validation

* Fix test

* Apply fixes

* Fix tests

* Improve tests

* Add tests

* Add error message validation

* Fix tests

* Fix tests

* Fix test

* Add test

* Fix tests and errors

* Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Controllers/UsersController.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Cleanup and move query to core

* Fix test

* Fix build

* Fix tests

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Switch away from primary constructor

* Use argumentNullException

* Add test

* Pass user account keys directly to profileresponsemodel

* Fix build

* Fix namespace

* Make signedpublickey optional

* Remove unused file

* Fix cases for request data conversion

* Revert constructor change

* Undo comments change

* Apply fixes

* Move registration to core

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove empty line

* Apply suggestions

* Fix tests

* Fix tests

* Fix build of integration tests

* Attempt to fix tests

* Add test

* Move v2 encryption user async below public functions

* Add todo

* Rename to have async suffix

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Address feedback

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test coverage

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Split up validation from rotation

* Fix tests

* Increase test coverage

* Rename tests

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test for no signature keypair data

* Fix build

* Enable nullable

* Fix build

* Clean up data model

* Fix tests

* Merge branch 'km/signing-upgrade-rotation' into km/account-security-version

* Add security state to rotation

* Update tests

* Update tests and check for security state in v2 model

* Cleanup

* Add tests

* Add security state data to integration test

* Re-sort and remove limit

* Update migrations

* Fix sql

* Fix sql

* Fix sql

* Fix fixture

* Fix test

* Fix test

* Fix test

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* [PM-22853] Add feature flag (#6090)

* Add signing key repositories, models, and sql migration scripts

* Rename UserSigningKeys table to UserSigningKey

* Rename signedpublickeyownershipclaim to signedpublickey

* Move signedPublicKey to last parameter

* Add newline at end of file

* Rename to signature key pair

* Further rename to signaturekeypair

* Rename to UserSignatureKeyPairRepository

* Add newline

* Rename more instances to UserSignatureKeyPair

* Update parameter order

* Fix order

* Add more renames

* Cleanup

* Fix sql

* Add ef migrations

* Fix difference in SQL SP compared to migration SP

* Fix difference in SQL SP vs migration

* Fix difference in SQL SP vs migration

* Attempt to fix sql

* Rename migration to start later

* Address feedback

* Move UserSignatureKeyPair to KM codeownership

* Fix build

* Fix build

* Fix build

* Move out entitytypeconfiguration

* Use view for reading usersignaturekeypairs

* Fix migration script

* Fix migration script

* Add initial get keys endpoint

* Add sync response

* Cleanup

* Add query and fix types

* Add tests and cleanup

* Fix test

* Drop view if exists

* Add km queries

* Cleanup

* Enable nullable

* Cleanup

* Cleanup

* Enable nullable

* Fix incorrect namespace

* Remove unused using

* Fix test build

* Fix build error

* Fix build

* Attempt to fix tests

* Attempt to fix tests

* Replace with create or alter view

* Attempt to fix tests

* Attempt to fix build

* Rename to include async suffix

* Fix test

* Rename repo

* Attempt to fix tests

* Cleanup

* Test

* Undo test

* Fix tests

* Fix test

* Switch go generatecomb

* Switch to generatecomb

* Move signature algorithm

* Move useresignaturekeypairentitytypeconfiguration to km ownership

* Move userSignatureKeyPair model

* Unswap file names

* Move sql files to km ownership

* Add index on userid for signature keys

* Fix wrong filename

* Fix build

* Remove string length limit

* Regenerate EF migrations

* Undo changes to program.cs

* Cleanup

* Add migration to user encryption v2

* Fix build

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Rename dbset to plural

* Cleanup

* Cleanup

* Fix build

* Fix test

* Add validation

* Fix test

* Apply fixes

* Fix tests

* Improve tests

* Add tests

* Add error message validation

* Fix tests

* Fix tests

* Fix test

* Add test

* Fix tests and errors

* Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Controllers/UsersController.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Cleanup and move query to core

* Fix test

* Fix build

* Fix tests

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Switch away from primary constructor

* Use argumentNullException

* Add test

* Pass user account keys directly to profileresponsemodel

* Fix build

* Fix namespace

* Make signedpublickey optional

* Remove unused file

* Fix cases for request data conversion

* Revert constructor change

* Undo comments change

* Apply fixes

* Move registration to core

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove empty line

* Apply suggestions

* Fix tests

* Fix tests

* Fix build of integration tests

* Attempt to fix tests

* Add test

* Move v2 encryption user async below public functions

* Add todo

* Rename to have async suffix

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Address feedback

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test coverage

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Split up validation from rotation

* Fix tests

* Increase test coverage

* Rename tests

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test for no signature keypair data

* Fix build

* Enable nullable

* Fix build

* Clean up data model

* Fix tests

* Merge branch 'km/signing-upgrade-rotation' into km/account-security-version

* Add security state to rotation

* Update tests

* Add feature flag

* Update tests and check for security state in v2 model

* Cleanup

* Add tests

* Add security state data to integration test

* Re-sort and remove limit

* Update migrations

* Fix sql

* Fix sql

* Fix sql

* Fix fixture

* Fix test

* Fix test

* Fix test

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* [PM-23222] Update revision date on key rotation (#6038)

* Add signing key repositories, models, and sql migration scripts

* Rename UserSigningKeys table to UserSigningKey

* Rename signedpublickeyownershipclaim to signedpublickey

* Move signedPublicKey to last parameter

* Add newline at end of file

* Rename to signature key pair

* Further rename to signaturekeypair

* Rename to UserSignatureKeyPairRepository

* Add newline

* Rename more instances to UserSignatureKeyPair

* Update parameter order

* Fix order

* Add more renames

* Cleanup

* Fix sql

* Add ef migrations

* Fix difference in SQL SP compared to migration SP

* Fix difference in SQL SP vs migration

* Fix difference in SQL SP vs migration

* Attempt to fix sql

* Rename migration to start later

* Address feedback

* Move UserSignatureKeyPair to KM codeownership

* Fix build

* Fix build

* Fix build

* Move out entitytypeconfiguration

* Use view for reading usersignaturekeypairs

* Fix migration script

* Fix migration script

* Add initial get keys endpoint

* Add sync response

* Cleanup

* Add query and fix types

* Add tests and cleanup

* Fix test

* Drop view if exists

* Add km queries

* Cleanup

* Enable nullable

* Cleanup

* Cleanup

* Enable nullable

* Fix incorrect namespace

* Remove unused using

* Fix test build

* Fix build error

* Fix build

* Attempt to fix tests

* Attempt to fix tests

* Replace with create or alter view

* Attempt to fix tests

* Attempt to fix build

* Rename to include async suffix

* Fix test

* Rename repo

* Attempt to fix tests

* Cleanup

* Test

* Undo test

* Fix tests

* Fix test

* Switch go generatecomb

* Switch to generatecomb

* Move signature algorithm

* Move useresignaturekeypairentitytypeconfiguration to km ownership

* Move userSignatureKeyPair model

* Unswap file names

* Move sql files to km ownership

* Add index on userid for signature keys

* Fix wrong filename

* Fix build

* Remove string length limit

* Regenerate EF migrations

* Undo changes to program.cs

* Cleanup

* Add migration to user encryption v2

* Fix build

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Rename dbset to plural

* Cleanup

* Cleanup

* Fix build

* Fix test

* Add validation

* Fix test

* Apply fixes

* Fix tests

* Improve tests

* Add tests

* Add error message validation

* Fix tests

* Fix tests

* Fix test

* Add test

* Fix tests and errors

* Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Controllers/UsersController.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Cleanup and move query to core

* Fix test

* Fix build

* Fix tests

* Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Switch away from primary constructor

* Use argumentNullException

* Add test

* Pass user account keys directly to profileresponsemodel

* Fix build

* Fix namespace

* Make signedpublickey optional

* Remove unused file

* Fix cases for request data conversion

* Revert constructor change

* Undo comments change

* Apply fixes

* Move registration to core

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/Startup.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove empty line

* Apply suggestions

* Fix tests

* Fix tests

* Fix build of integration tests

* Attempt to fix tests

* Add test

* Move v2 encryption user async below public functions

* Add todo

* Rename to have async suffix

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Address feedback

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test coverage

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Split up validation from rotation

* Fix tests

* Increase test coverage

* Rename tests

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update src/Core/KeyManagement/UserKey/Implementations/RotateUserAccountkeysCommand.cs

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Add test for no signature keypair data

* Fix build

* Enable nullable

* Fix build

* Clean up data model

* Fix tests

* Merge branch 'km/signing-upgrade-rotation' into km/account-security-version

* Add security state to rotation

* Update tests

* Update revision date on key rotation

* Update tests and check for security state in v2 model

* Cleanup

* Add tests

* Add security state data to integration test

* Re-sort and remove limit

* Update migrations

* Fix sql

* Fix sql

* Fix sql

* Fix fixture

* Fix test

* Fix test

* Fix test

* Add test for change date

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Fix signing keys

* Update sql migrations

* Fix tests

* Add keys to identity token response

* Fix tests

* Fix tests

* Fix formatting

* Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Infrastructure.Dapper/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Controllers/UsersController.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Models/Requests/SignatureKeyPairRequestModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/KeyManagement/Models/Requests/PublicKeyEncryptionKeyPairRequestModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Entities/UserSignatureKeyPair.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Repositories/IUserSignatureKeyPairRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Queries/UserAccountKeysQuery.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Data/PublicKeyEncryptionKeyPairData.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Entities/UserSignatureKeyPair.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Data/RotateUserAccountKeysData.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Data/SignatureKeyPairData.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Data/SecurityStateData.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Data/UserAccountKeysData.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Request/SecurityStateModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Response/PrivateKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Response/PublicKeysResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Response/PublicKeyEncryptionKeyPairResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Queries/Interfaces/IUserAcountKeysQuery.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/KeyManagement/Models/Response/SignatureKeyPairResponseModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove unnecessary file

* Add eof spacing

* Move models

* Fix build

* Move models to API subdirectory

* Rename model

* Remove migrations

* Add new ef migrations

* Remove empty line

* Only query account keys if the user has keys

* Dotnet format

* Fix test

* Update test/Identity.Test/IdentityServer/BaseRequestValidatorTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Apply suggestion

* Fix whitespace

* Force camel case on response models

* Address feedback for sql files

* Fix build

* Make index unique

* Add contstraints

* Fix sql

* Fix order

* Cleanup

* Fix build

* Update migrations

* Update EF migrations

* Change parameters to nvarchar

* Update to Varchar

* Apply feedback

* Move refresh view

* Attempt to fix build

* Undo sql changes

* Apply feedback about varchar

* Apply feedback about refresh view

* Apply feedback about new lines

* Address SQL feedback

* Re-sort columns

* Fix build

* Fix order

* Fix build

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
											
										
										
											2025-10-20 12:51:08 +02:00
+								    public const string EnrollAeadOnKeyRotation = "enroll-aead-on-key-rotation";
-												Feature flag for ForceUpdateKDFSettings (#6087)


											
										
										
											2025-07-15 16:12:09 +02:00
+								    public const string ForceUpdateKDFSettings = "pm-18021-force-update-kdf-settings";
-												[PM-25384] Add feature flag (#6271)


											
										
										
											2025-09-02 15:02:02 -05:00
+								    public const string UnlockWithMasterPasswordUnlockData = "pm-23246-unlock-with-master-password-unlock-data";
-												[PM-25373] Add feature flag (#6358)


											
										
										
											2025-09-22 11:05:16 -05:00
+								    public const string WindowsBiometricsV2 = "pm-25373-windows-biometrics-v2";
-												Add feature flag (#6399)


											
										
										
											2025-10-14 17:41:27 +02:00
+								    public const string LinuxBiometricsV2 = "pm-26340-linux-biometrics-v2";
-												adds `pm-23995-no-logout-on-kdf-change` feature flag (#6397)


											
										
										
											2025-09-29 21:00:09 +02:00
+								    public const string NoLogoutOnKdfChange = "pm-23995-no-logout-on-kdf-change";
-												Add feature flag (#6453)


											
										
										
											2025-10-15 14:36:51 +02:00
+								    public const string DisableType0Decryption = "pm-25174-disable-type-0-decryption";
-												Add `pm-26056-consolidated-session-timeout-component` feature flag (#6470)


											
										
										
											2025-10-20 17:52:38 +02:00
+								    public const string ConsolidatedSessionTimeoutComponent = "pm-26056-consolidated-session-timeout-component";
-												[PM-27279] Implement TDE Registration with V2 Keys (#6671)

* Implement TDE v2 signup

* Clean up fallback logic for account keys

* Fix broken v2 logic

* Add comment

* Update comment
											
										
										
											2025-12-15 17:48:37 +01:00
+								    public const string V2RegistrationTDEJIT = "pm-27279-v2-registration-tde-jit";
-												Add data recovery tool flag (#6659)


											
										
										
											2025-12-03 19:19:46 +01:00
+								    public const string DataRecoveryTool = "pm-28813-data-recovery-tool";
-												[PM-27280] Support v2 encryption on key-connector signups (#6712)

* account v2 registration for key connector

* use new user repository functions

* test coverage

* integration test coverage

* documentation

* code review

* missing test coverage

* fix failing test

* failing test

* incorrect ticket number

* moved back request model to Api, created dedicated data class in Core

* sql stored procedure type mismatch, simplification

* key connector authorization handler
											
										
										
											2025-12-18 19:43:03 +01:00
+								    public const string EnableAccountEncryptionV2KeyConnectorRegistration = "enable-account-encryption-v2-key-connector-registration";
-												Add feature flag (#6820)


											
										
										
											2026-01-13 15:47:22 +01:00
+								    public const string SdkKeyRotation = "pm-30144-sdk-key-rotation";
-												[PM-27281] Support v2 account encryption on JIT master password signups (#6777)

* V2 prep, rename existing SSO JIT MP command to V1

* set initial master password for account registraton V2

* later removel docs

* TDE MP onboarding split

* revert separate TDE onboarding controller api

* Server side hash of the user master password hash

* use `ValidationResult` instead for validation errors

* unit test coverage

* integration test coverage

* update sql migration script date

* revert validate password change

* better requests validation

* explicit error message when org sso identifier invalid

* more unit test coverage

* renamed onboarding to set, hash naming clarifications

* update db sql script, formatting

* use raw json as request instead of request models for integration test

* v1 integration test coverage

* change of name
											
										
										
											2026-01-09 09:17:45 +01:00
+								    public const string EnableAccountEncryptionV2JitPasswordRegistration = "enable-account-encryption-v2-jit-password-registration";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
 								    /* Mobile Team */
 								    public const string AndroidImportLoginsFlow = "import-logins-flow";
 								    public const string AndroidMutualTls = "mutual-tls";
-												[PM-15906] Add feature flags for Android single tap passkey flows (#5334)

Add feature flags to control single tap passkey creation and authentication in the Android client.
											
										
										
											2025-01-28 13:39:19 -05:00
+								    public const string SingleTapPasskeyCreation = "single-tap-passkey-creation";
 								    public const string SingleTapPasskeyAuthentication = "single-tap-passkey-authentication";
-												[PM-3503] Feature flag: Mobile AnonAddy self host alias generation (#5387)


											
										
										
											2025-02-12 10:21:12 -05:00
+								    public const string PM3503_MobileAnonAddySelfHostAlias = "anon-addy-self-host-alias";
-												[PM-3553] Feature flag: Mobile SimpleLogin self host alias generation (#5392)


											
										
										
											2025-03-14 13:22:22 -04:00
+								    public const string PM3553_MobileSimpleLoginSelfHostAlias = "simple-login-self-host-alias";
-												Add mobile feature flags (#5629)

* Add mobile feature flags

* Update Constants.cs
											
										
										
											2025-04-09 12:17:04 -04:00
+								    public const string MobileErrorReporting = "mobile-error-reporting";
-												Add android-chrome-autofill flag (#5668)


											
										
										
											2025-04-18 12:47:54 -04:00
+								    public const string AndroidChromeAutofill = "android-chrome-autofill";
-												[PM-22458] Add user managed privileged apps FF for Android (#5935)


											
										
										
											2025-06-17 10:48:11 -04:00
+								    public const string UserManagedPrivilegedApps = "pm-18970-user-managed-privileged-apps";
-												[PM-20592] [PM-22737] [PM-22738] Send grant validator (#6151)

**feat**: create `SendGrantValidator` and initial `SendPasswordValidator` for Send access grants  
**feat**: add feature flag to toggle Send grant validation logic  
**feat**: add Send client to Identity and update `ApiClient` to generic `Client`  
**feat**: register Send services in DI pipeline  
**feat**: add claims management support to `ProfileService`  
**feat**: distinguish between invalid grant and invalid request in `SendAccessGrantValidator`

**fix**: update parsing of `send_id` from request  
**fix**: add early return when feature flag is disabled  
**fix**: rename and organize Send access scope and grant type  
**fix**: dotnet format

**test**: add unit and integration tests for `SendGrantValidator`  
**test**: update OpenID configuration and API resource claims

**doc**: move documentation to interfaces and update inline comments  

**chore**: add TODO for future support of `CustomGrantTypes`
											
										
										
											2025-08-13 18:38:00 -04:00
+								    public const string SendAccess = "pm-19394-send-access-control";
-												Add mobile CXP feature flags (#6343)


											
										
										
											2025-09-15 20:57:13 +01:00
+								    public const string CxpImportMobile = "cxp-import-mobile";
 								    public const string CxpExportMobile = "cxp-export-mobile";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
 								    /* Platform Team */
-												[PM-28025] Revert "chore(feature-flag): [PM-19665] Remove web-push feature flag" (#6779)

This reverts commit 1c60b805bf80c190332f954e0922d7544eb77284.
											
										
										
											2025-12-26 16:44:34 -06:00
+								    public const string WebPush = "web-push";
-												chore(flags): [PM-31326] Rename ipc-channel-framework feature flag


											
										
										
											2026-01-28 08:25:46 -05:00
+								    public const string ContentScriptIpcFramework = "content-script-ipc-channel-framework";
-												chore(feature-flag): Adding feature flag for push notifications on locked account


											
										
										
											2025-07-10 20:07:57 -04:00
+								    public const string PushNotificationsWhenLocked = "pm-19388-push-notifications-when-locked";
-												fix(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Added feature flag. (#6270)


											
										
										
											2025-09-02 12:44:28 -04:00
+								    public const string PushNotificationsWhenInactive = "pm-25130-receive-push-notifications-for-inactive-users";
-												chore(flags): Add pm-30529-webauthn-related-origins feature flag


											
										
										
											2026-01-27 16:46:43 -05:00
+								    public const string WebAuthnRelatedOrigins = "pm-30529-webauthn-related-origins";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
 								    /* Tools Team */
-												[PM-21918] update send api models to support new `email` field (#5895)

* update send api models to support new `email` field

* normalize authentication field evaluation order

* document send response converters

* add FIXME to remove unused constructor argument

* add FIXME to remove unused constructor argument

* introduce `tools-send-email-otp-listing` feature flag

* add `ISendOwnerQuery` to dependency graph

* fix broken tests

* added AuthType prop to send related models with test coverage and debt cleanup

* dotnet format

* add migrations

* dotnet format

* make SendsController null safe (tech debt)

* add AuthType col to Sends table, change Emails col length to 4000, and run migrations

* dotnet format

* update SPs to expect AuthType

* include SP updates in migrations

* remove migrations not intended for merge

* Revert "remove migrations not intended for merge"

This reverts commit 7df56e346ab3402387bebffc1d112d73214632fa.

undo migrations removal

* extract AuthType inference to util method and remove SQLite file

* fix lints

* address review comments

* fix incorrect assignment and adopt SQL conventions

* fix column assignment order in Send_Update.sql

* remove space added to email list

* assign SQL default value of NULL to AuthType

* update SPs to match migration changes

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
Co-authored-by: John Harrington <84741727+harr1424@users.noreply.github.com>
											
										
										
											2025-12-31 15:37:42 -05:00
+								    /// <summary>
 								    /// Enable this flag to share the send view used by the web and browser clients
 								    /// on the desktop client.
 								    /// </summary>
-												Add feature flag for using sdk password generators (#6082)


											
										
										
											2025-07-15 07:38:14 -04:00
+								    public const string UseSdkPasswordGenerators = "pm-19976-use-sdk-password-generators";
-												Revert feature flag removal for Chromium importers (#6526)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
											
										
										
											2025-10-31 18:40:54 +01:00
+								    public const string UseChromiumImporter = "pm-23982-chromium-importer";
-												Add feature flag for chromium importer with ABE (#6464)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
											
										
										
											2025-10-17 20:44:04 +02:00
+								    public const string ChromiumImporterWithABE = "pm-25855-chromium-importer-abe";
-												[PM-28177] Add feature flag for Send UI refresh (#6708)


											
										
										
											2025-12-09 10:37:09 -05:00
+								    public const string SendUIRefresh = "pm-28175-send-ui-refresh";
-												[PM-29780] Add feature flag for Send email OTP verification (#6742)


											
										
										
											2025-12-18 14:12:56 -05:00
+								    public const string SendEmailOTP = "pm-19051-send-email-verification";
-												Complete feature flag grouping by team (#5574)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Linting

* Moved flag.

* Moved ssh-key-vault-item to KM.
											
										
										
											2025-03-30 16:03:09 -04:00
 								    /* Vault Team */
 								    public const string CipherKeyEncryption = "cipher-key-encryption";
-												Added feature flag (#5632)


											
										
										
											2025-04-10 14:55:40 -04:00
+								    public const string PM19941MigrateCipherDomainToSdk = "pm-19941-migrate-cipher-domain-to-sdk";
-												[Innovation Sprint] Phishing Detection (#5516)

* Initial stubbing out of the phishing service

* Add the phishing domain controller

* Add changes for the phishing domain get

* Add distributed cache to the phishing domain

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Rename the variable name

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Removed IPhishingDomainService

* Feature/phishing detection cronjob (#5512)

* Added caching to EF implementation. Added error handling and logging

* Refactored update method to use sqlbulkcopy instead of performing a round trip for each new insert

* Initial implementation for quartz job to get list of phishing domains

* Updated phishing domain settings to be its own interface

* Add phishing domain detection with checksum-based updates

* Updated auth for phishing domain endpoints to either require api, or licensing claims to support both web and browser clients, and selfhost api clients

* [Innovation Sprint] Updated Phishing domains to rely on blob storage (#5517)

* Updated phishing detection data layer to rely on azure blob storage instead of sql server

* dotnet format

* Took rider refactors

* Ensuring phishing.testcategory.com exists to test against

* Added redis to dev's docker-compose

* Removed redis from cloud profile

* Remove the Authorize attribute

* error whitespace fix whitespace formatting

* error WHITESPACE: Fix whitespace formatting

* Wrapped phishing detection feature behind feature flag (#5532)

* Increased timeout for fetching source list a bunch

* Removed PhishingDomains policy

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Cy Okeke <cokeke@bitwarden.com>
											
										
										
											2025-04-30 11:03:59 -04:00
+								    public const string PhishingDetection = "phishing-detection";
-												add `PM22134SdkCipherListView` feature flag (#5980)


											
										
										
											2025-06-18 09:29:48 -05:00
+								    public const string PM22134SdkCipherListView = "pm-22134-sdk-cipher-list-view";
-												[PM-22136] Add SDK Cipher Encryption feature flag (#6070)


											
										
										
											2025-07-09 08:26:49 -07:00
+								    public const string PM22136_SdkCipherEncryption = "pm-22136-sdk-cipher-encryption";
-												[PM-23904] Add risk insights for premium feature flag (#6491)


											
										
										
											2025-10-24 06:42:10 -07:00
+								    public const string PM23904_RiskInsightsForPremium = "pm-23904-risk-insights-for-premium";
-												[PM-27554] - add autofill confirm from search flag (#6511)

* add autofill confirm from search flag

* move flag
											
										
										
											2025-10-28 15:08:03 -07:00
+								    public const string PM25083_AutofillConfirmFromSearch = "pm-25083-autofill-confirm-from-search";
-												add vault skeleton loader feature flag (#6566)


											
										
										
											2025-11-11 14:29:55 -06:00
+								    public const string VaultLoadingSkeletons = "pm-25081-vault-skeleton-loaders";
-												add feature flag (#6693)


											
										
										
											2025-12-05 11:06:09 -08:00
+								    public const string BrowserPremiumSpotlight = "pm-23384-browser-premium-spotlight";
-												Added feature flag (#6694)


											
										
										
											2025-12-08 22:08:23 -05:00
+								    public const string MigrateMyVaultToMyItems = "pm-20558-migrate-myvault-to-myitems";
-												[PM-27632] Add feature flag pm-27632-cipher-crud-operations-to-sdk (#6790)


											
										
										
											2026-01-06 14:26:32 -08:00
+								    public const string PM27632_CipherCrudOperationsToSdk = "pm-27632-cipher-crud-operations-to-sdk";
-												Fix linting issue on Constants from adding feature flag (#4715)


											
										
										
											2024-08-30 16:45:38 -04:00
-												[PM-19151] [PM-19161] Innovation/archive/server (#5672)

* Added the ArchivedDate to cipher entity and response model
* Created migration scripts for sqlserver and ef core migration to add the ArchivedDate column

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Shane <smelton@bitwarden.com>
Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com>
Co-authored-by: jng <jng@bitwarden.com>
											
										
										
											2025-09-12 13:24:30 -04:00
+								    /* Innovation Team */
 								    public const string ArchiveVaultItems = "pm-19148-innovation-archive";
-												PM-25870 Activity tab feature flag (#6360)


											
										
										
											2025-09-22 10:36:19 -05:00
+								    /* DIRT Team */
-												PM-27204 feature flag for dataDog and crowdStrike (#6473)


											
										
										
											2025-10-22 10:10:44 -05:00
+								    public const string EventManagementForDataDogAndCrowdStrike = "event-management-for-datadog-and-crowdstrike";
-												[PM-26401] Add logging logic (#6523)


											
										
										
											2025-10-31 14:47:22 -04:00
+								    public const string EventDiagnosticLogging = "pm-27666-siem-event-log-debugging";
-												PM-30879 added feature flag for huntress (#6883)


											
										
										
											2026-01-23 13:36:27 -06:00
+								    public const string EventManagementForHuntress = "event-management-for-huntress";
-												PM-30538 Add feature flag for Milestone 11 DIRT (#6916)


											
										
										
											2026-01-28 13:57:06 -06:00
+								    public const string Milestone11AppPageImprovements = "pm-30538-dirt-milestone-11-app-page-improvements";
-												PM-25870 Activity tab feature flag (#6360)


											
										
										
											2025-09-22 10:36:19 -05:00
-												[CL-923] Add feature flag for router focus mgmt (#6623)


											
										
										
											2025-11-25 13:13:36 -05:00
+								    /* UIF Team */
 								    public const string RouterFocusManagement = "router-focus-management";
-												[SM-1570] Adding new item to organization license to disable SM ads for users (#6482)

* Adding new item to organization license

* fixing whitespace issues

* fixing missing comment

* fixing merge conflicts

* merge fix

* db merge fixes

* fix

* Updating SM to Sm, and adding more view refreshes

* fixing merge conflicts

* Redoing migration

* Update OrganizationLicense.cs

* Update OrganizationLicense.cs

* fixes

* fixes

* fixing db issues

* fix

* rearranging sql after merge conflicts

* Merge conflicts with dbscripts are fixed, adding missing usedisableSMadsForUsers where needed

* removing incorrect merge fix

* fixes

* adding feature flag to disable sm ads

---------

Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
											
										
										
											2026-01-07 11:42:10 -05:00
+								    /* Secrets Manager Team */
 								    public const string SM1719_RemoveSecretsManagerAds = "sm-1719-remove-secrets-manager-ads";
-												All feature state access through config API (#2785)


											
										
										
											2023-03-10 08:11:11 -05:00
+								    public static List<string> GetAllKeys()
 								    {
 								        return typeof(FeatureFlagKeys).GetFields(BindingFlags.Public | BindingFlags.Static | BindingFlags.FlattenHierarchy)
 								            .Where(fi => fi.IsLiteral && !fi.IsInitOnly && fi.FieldType == typeof(string))
 								            .Select(x => (string)x.GetRawConstantValue())
 								            .ToList();
 								    }
-												[PM-3708] Allow local overrides for flag values (#3243)

* Allow local overrides for flag values

* Rename helper method
											
										
										
											2023-09-01 07:06:21 -04:00
 								    public static Dictionary<string, string> GetLocalOverrideFlagValues()
 								    {
 								        // place overriding values when needed locally (offline), or return null
-												[PM-19691] Remove duo-redirect feature flag (#5576)

* Completed grouping of feature flags by team.

* Completed grouping feature flags by team.

* Remove email delay feature flag

* Removed feature flag

* Fixed reference.

* Remove flag after merge.
											
										
										
											2025-04-21 12:36:38 -04:00
+								        return null;
-												[PM-3708] Allow local overrides for flag values (#3243)

* Allow local overrides for flag values

* Rename helper method
											
										
										
											2023-09-01 07:06:21 -04:00
+								    }
-												[PM-1012] Feature access using context (#2764)

* Document online method

* Feature accessors with context

* Direct null assertion

* Establish a constants class for flag keys
											
										
										
											2023-03-07 13:46:52 -05:00
+								}