fix(auth-validator): [PM-22975] Client Version Validator - Took in feedback from km. Removed IsV2User in favor of checking the security version on the user.

2026-01-02 16:43:25 +00:00 · 2025-12-03 09:46:00 -05:00
parent c1bc10bf40
commit 753670d26f
10 changed files with 36 additions and 125 deletions
--- a/test/Core.Test/KeyManagement/Queries/GetMinimumClientVersionForUserQueryTests.cs
+++ b/test/Core.Test/KeyManagement/Queries/GetMinimumClientVersionForUserQueryTests.cs
@@ -1,32 +1,30 @@
 using Bit.Core.Entities;
 using Bit.Core.KeyManagement.Queries;
-using Bit.Core.KeyManagement.Queries.Interfaces;
 using Xunit;

 namespace Bit.Core.Test.KeyManagement.Queries;

 public class GetMinimumClientVersionForUserQueryTests
 {
-    private class FakeIsV2Query : IIsV2EncryptionUserQuery
-    {
-        private readonly bool _isV2;
-        public FakeIsV2Query(bool isV2) { _isV2 = isV2; }
-        public Task<bool> Run(User user) => Task.FromResult(_isV2);
-    }
-
    [Fact]
    public async Task Run_ReturnsMinVersion_ForV2User()
    {
-        var sut = new GetMinimumClientVersionForUserQuery(new FakeIsV2Query(true));
-        var version = await sut.Run(new User());
+        var sut = new GetMinimumClientVersionForUserQuery();
+        var version = await sut.Run(new User
+        {
+            SecurityVersion = 2
+        });
        Assert.Equal(Core.KeyManagement.Constants.MinimumClientVersionForV2Encryption, version);
    }

    [Fact]
    public async Task Run_ReturnsNull_ForV1User()
    {
-        var sut = new GetMinimumClientVersionForUserQuery(new FakeIsV2Query(false));
-        var version = await sut.Run(new User());
+        var sut = new GetMinimumClientVersionForUserQuery();
+        var version = await sut.Run(new User
+        {
+            SecurityVersion = 1
+        });
        Assert.Null(version);
    }
 }
--- a/test/Core.Test/KeyManagement/Queries/IsV2EncryptionUserQueryTests.cs
+++ b/test/Core.Test/KeyManagement/Queries/IsV2EncryptionUserQueryTests.cs
@@ -1,64 +0,0 @@
-using Bit.Core.Entities;
-using Bit.Core.KeyManagement.Entities;
-using Bit.Core.KeyManagement.Enums;
-using Bit.Core.KeyManagement.Models.Data;
-using Bit.Core.KeyManagement.Queries;
-using Bit.Core.KeyManagement.Repositories;
-using Bit.Core.KeyManagement.UserKey;
-using Bit.Test.Common.Constants;
-using Xunit;
-
-namespace Bit.Core.Test.KeyManagement.Queries;
-
-public class IsV2EncryptionUserQueryTests
-{
-    private class FakeUserSignatureKeyPairRepository : IUserSignatureKeyPairRepository
-    {
-        private readonly bool _hasKeys;
-        public FakeUserSignatureKeyPairRepository(bool hasKeys) { _hasKeys = hasKeys; }
-        public Task<SignatureKeyPairData?> GetByUserIdAsync(Guid userId)
-            => Task.FromResult(_hasKeys ? new SignatureKeyPairData(SignatureAlgorithm.Ed25519, TestEncryptionConstants.V2WrappedSigningKey, TestEncryptionConstants.V2VerifyingKey) : null);
-
-        // Unused in tests
-        public Task<IEnumerable<UserSignatureKeyPair>> GetManyAsync(IEnumerable<Guid> ids) => throw new NotImplementedException();
-        public Task<UserSignatureKeyPair> GetByIdAsync(Guid id) => throw new NotImplementedException();
-        public Task<UserSignatureKeyPair> CreateAsync(UserSignatureKeyPair obj) => throw new NotImplementedException();
-        public Task ReplaceAsync(UserSignatureKeyPair obj) => throw new NotImplementedException();
-        public Task UpsertAsync(UserSignatureKeyPair obj) => throw new NotImplementedException();
-        public Task DeleteAsync(UserSignatureKeyPair obj) => throw new NotImplementedException();
-        public Task DeleteAsync(Guid id) => throw new NotImplementedException();
-        public UpdateEncryptedDataForKeyRotation UpdateForKeyRotation(Guid grantorId, SignatureKeyPairData signatureKeyPair) => throw new NotImplementedException();
-        public UpdateEncryptedDataForKeyRotation SetUserSignatureKeyPair(Guid userId, SignatureKeyPairData signatureKeyPair) => throw new NotImplementedException();
-    }
-
-    [Fact]
-    public async Task Run_ReturnsTrue_ForV2State()
-    {
-        var user = new User { Id = Guid.NewGuid(), PrivateKey = TestEncryptionConstants.V2PrivateKey };
-        var sut = new IsV2EncryptionUserQuery(new FakeUserSignatureKeyPairRepository(true));
-
-        var result = await sut.Run(user);
-
-        Assert.True(result);
-    }
-
-    [Fact]
-    public async Task Run_ReturnsFalse_ForV1State()
-    {
-        var user = new User { Id = Guid.NewGuid(), PrivateKey = TestEncryptionConstants.V1EncryptedBase64 };
-        var sut = new IsV2EncryptionUserQuery(new FakeUserSignatureKeyPairRepository(false));
-
-        var result = await sut.Run(user);
-
-        Assert.False(result);
-    }
-
-    [Fact]
-    public async Task Run_ThrowsForInvalidMixedState()
-    {
-        var user = new User { Id = Guid.NewGuid(), PrivateKey = TestEncryptionConstants.V2PrivateKey };
-        var sut = new IsV2EncryptionUserQuery(new FakeUserSignatureKeyPairRepository(false));
-
-        await Assert.ThrowsAsync<InvalidOperationException>(async () => await sut.Run(user));
-    }
-}