Merge branch 'main' into auth/pm-22975/client-version-validator

2026-02-02 07:03:11 +08:00 · 2026-01-30 19:06:01 -05:00
parent 19d43e9c98 51aa419585
commit 7e02b63486
559 changed files with 69161 additions and 4929 deletions
--- a/test/Identity.IntegrationTest/RequestValidation/SendAccess/SendEmailOtpReqestValidatorIntegrationTests.cs
+++ b/test/Identity.IntegrationTest/RequestValidation/SendAccess/SendEmailOtpReqestValidatorIntegrationTests.cs
@@ -3,6 +3,7 @@ using Bit.Core.Services;
 using Bit.Core.Tools.Models.Data;
 using Bit.Core.Tools.SendFeatures.Queries.Interfaces;
 using Bit.IntegrationTestCommon.Factories;
+using Bit.Test.Common.Helpers;
 using Duende.IdentityModel;
 using NSubstitute;
 using Xunit;
@@ -60,7 +61,7 @@ public class SendEmailOtpRequestValidatorIntegrationTests(IdentityApplicationFac

                var sendAuthQuery = Substitute.For<ISendAuthenticationQuery>();
                sendAuthQuery.GetAuthenticationMethod(sendId)
-                    .Returns(new EmailOtp([email]));
+                    .Returns(new EmailOtp([CryptographyHelper.HashAndEncode(email)]));
                services.AddSingleton(sendAuthQuery);

                // Mock OTP token provider
@@ -75,6 +76,7 @@ public class SendEmailOtpRequestValidatorIntegrationTests(IdentityApplicationFac
            });
        }).CreateClient();

+
        var requestBody = SendAccessTestUtilities.CreateTokenRequestBody(sendId, email: email); // Email but no OTP

        // Act
@@ -104,7 +106,7 @@ public class SendEmailOtpRequestValidatorIntegrationTests(IdentityApplicationFac

                var sendAuthQuery = Substitute.For<ISendAuthenticationQuery>();
                sendAuthQuery.GetAuthenticationMethod(sendId)
-                    .Returns(new EmailOtp(new[] { email }));
+                    .Returns(new EmailOtp(new[] { CryptographyHelper.HashAndEncode(email) }));
                services.AddSingleton(sendAuthQuery);

                // Mock OTP token provider to validate successfully
@@ -148,7 +150,7 @@ public class SendEmailOtpRequestValidatorIntegrationTests(IdentityApplicationFac

                var sendAuthQuery = Substitute.For<ISendAuthenticationQuery>();
                sendAuthQuery.GetAuthenticationMethod(sendId)
-                    .Returns(new EmailOtp(new[] { email }));
+                    .Returns(new EmailOtp(new[] { CryptographyHelper.HashAndEncode(email) }));
                services.AddSingleton(sendAuthQuery);

                // Mock OTP token provider to validate as false
@@ -190,7 +192,7 @@ public class SendEmailOtpRequestValidatorIntegrationTests(IdentityApplicationFac

                var sendAuthQuery = Substitute.For<ISendAuthenticationQuery>();
                sendAuthQuery.GetAuthenticationMethod(sendId)
-                    .Returns(new EmailOtp(new[] { email }));
+                    .Returns(new EmailOtp(new[] { CryptographyHelper.HashAndEncode(email) }));
                services.AddSingleton(sendAuthQuery);

                // Mock OTP token provider to fail generation