bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-01-04 01:23:25 +00:00
Code Issues Releases Wiki Activity

[PM-23249] Prevent log-out when changing KDF settings (#6349)

Browse Source 
* Prevent log-out when changing KDF settings with feature flag.

* validate salt unchanged for user to throw bad request (400), not internal server error (500)

* change kdf integration tests

* failing tests

* iuncorrect tests wording

* conditional logout

* log out reason as enum

* explicit naming
This commit is contained in:
Maciej Zieniuk
2025-10-21 19:03:25 +02:00
committed by GitHub
parent 8d52ae869c
commit 6324f692b8
18 changed files with 675 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
test/Identity.Test/IdentityServer/ProfileServiceTests.cs
View File

@@ -452,7 +452,8 @@ public class ProfileServiceTests
user.SecurityStamp = securityStamp;
context.Subject = new ClaimsPrincipal(new ClaimsIdentity([
new Claim("sub", user.Id.ToString()), new Claim(Claims.SecurityStamp, securityStamp)
new Claim("sub", user.Id.ToString()),
new Claim(Claims.SecurityStamp, securityStamp)
]));
_userService.GetUserByPrincipalAsync(context.Subject).Returns(user);
@@ -486,7 +487,8 @@ public class ProfileServiceTests
user.SecurityStamp = "current-security-stamp";
context.Subject = new ClaimsPrincipal(new ClaimsIdentity([
new Claim("sub", user.Id.ToString()), new Claim(Claims.SecurityStamp, "old-security-stamp")
new Claim("sub", user.Id.ToString()),
new Claim(Claims.SecurityStamp, "old-security-stamp")
]));
_userService.GetUserByPrincipalAsync(context.Subject).Returns(user);
@@ -517,7 +519,8 @@ public class ProfileServiceTests
user.SecurityStamp = "current-stamp";
context.Subject = new ClaimsPrincipal(new ClaimsIdentity([
new Claim("sub", user.Id.ToString()), new Claim(Claims.SecurityStamp, claimStamp)
new Claim("sub", user.Id.ToString()),
new Claim(Claims.SecurityStamp, claimStamp)
]));
_userService.GetUserByPrincipalAsync(context.Subject).Returns(user);
@@ -546,7 +549,8 @@ public class ProfileServiceTests
{
context.Client.ClientId = client;
context.Subject = new ClaimsPrincipal(new ClaimsIdentity([
new Claim("sub", user.Id.ToString()), new Claim("email", user.Email)
new Claim("sub", user.Id.ToString()),
new Claim("email", user.Email)
]));
_userService.GetUserByPrincipalAsync(context.Subject).Returns(user);