fix(auth-validator): [PM-22975] Client Version Validator - Took in feedback from km. Removed IsV2User in favor of checking the security version on the user.

src/Core/KeyManagement/Constants.cs

@@ -2,5 +2,5 @@
 
 public static class Constants
 {
-    public static readonly Version MinimumClientVersionForV2Encryption = new Version("2025.11.0");
+    public static readonly Version MinimumClientVersionForV2Encryption = new("2025.11.0");
 }

src/Core/KeyManagement/KeyManagementServiceCollectionExtensions.cs

@@ -26,7 +26,6 @@ public static class KeyManagementServiceCollectionExtensions
     private static void AddKeyManagementQueries(this IServiceCollection services)
     {
         services.AddScoped<IUserAccountKeysQuery, UserAccountKeysQuery>();
-        services.AddScoped<IIsV2EncryptionUserQuery, IsV2EncryptionUserQuery>();
         services.AddScoped<IGetMinimumClientVersionForUserQuery, GetMinimumClientVersionForUserQuery>();
     }
 }

src/Core/KeyManagement/Queries/GetMinimumClientVersionForUserQuery.cs

@@ -3,21 +3,21 @@ using Bit.Core.KeyManagement.Queries.Interfaces;
 
 namespace Bit.Core.KeyManagement.Queries;
 
-public class GetMinimumClientVersionForUserQuery(IIsV2EncryptionUserQuery isV2EncryptionUserQuery)
+public class GetMinimumClientVersionForUserQuery()
     : IGetMinimumClientVersionForUserQuery
 {
-    public async Task<Version?> Run(User? user)
+    public Task<Version?> Run(User? user)
     {
         if (user == null)
         {
-            return null;
+            return Task.FromResult<Version?>(null);
         }
 
-        if (await isV2EncryptionUserQuery.Run(user))
+        if (user.IsSecurityVersionTwo())
         {
-            return Constants.MinimumClientVersionForV2Encryption;
+            return Task.FromResult(Constants.MinimumClientVersionForV2Encryption)!;
         }
 
-        return null;
+        return Task.FromResult<Version?>(null);
     }
 }

src/Core/KeyManagement/Queries/Interfaces/IIsV2EncryptionUserQuery.cs

@@ -1,8 +0,0 @@
-using Bit.Core.Entities;
-
-namespace Bit.Core.KeyManagement.Queries.Interfaces;
-
-public interface IIsV2EncryptionUserQuery
-{
-    Task<bool> Run(User user);
-}

src/Core/KeyManagement/Queries/IsV2EncryptionUserQuery.cs

@@ -1,31 +0,0 @@
-using Bit.Core.Entities;
-using Bit.Core.Enums;
-using Bit.Core.KeyManagement.Queries.Interfaces;
-using Bit.Core.KeyManagement.Repositories;
-using Bit.Core.KeyManagement.Utilities;
-
-namespace Bit.Core.KeyManagement.Queries;
-
-public class IsV2EncryptionUserQuery(IUserSignatureKeyPairRepository userSignatureKeyPairRepository)
-    : IIsV2EncryptionUserQuery
-{
-    public async Task<bool> Run(User user)
-    {
-        ArgumentNullException.ThrowIfNull(user);
-
-        var hasSignatureKeyPair = await userSignatureKeyPairRepository.GetByUserIdAsync(user.Id) != null;
-        var isPrivateKeyEncryptionV2 =
-            !string.IsNullOrWhiteSpace(user.PrivateKey) &&
-            EncryptionParsing.GetEncryptionType(user.PrivateKey) == EncryptionType.XChaCha20Poly1305_B64;
-
-        return hasSignatureKeyPair switch
-        {
-            // Valid v2 user
-            true when isPrivateKeyEncryptionV2 => true,
-            // Valid v1 user
-            false when !isPrivateKeyEncryptionV2 => false,
-            _ => throw new InvalidOperationException(
-                "User is in an invalid state for key rotation. User has a signature key pair, but the private key is not in v2 format, or vice versa.")
-        };
-    }
-}

src/Core/KeyManagement/Utilities/EncryptionParsing.cs

@@ -7,8 +7,10 @@ public static class EncryptionParsing
     /// <summary>
     /// Helper method to convert an encryption type string to an enum value.
     /// </summary>
-    public static EncryptionType GetEncryptionType(string encString)
+    public static EncryptionType GetEncryptionType(string? encString)
     {
+        ArgumentNullException.ThrowIfNull(encString);
+
         var parts = encString.Split('.');
         if (parts.Length == 1)
         {