fix(2fa): [PM-22323] Do not show 2FA warning for 2FA setup and login emails

* Added configuration to not display 2FA setup instruction * Refactored to new service. * Linting. * Dependency injection * Changed to scoped to have access to ICurrentContext. * Inverted logic for EmailTotpAction * Fixed tests. * Fixed tests. * More tests. * Fixed tests. * Linting. * Added tests at controller level. * Linting * Fixed error in test. * Review updates. * Accidentally deleted imports.
2025-12-25 12:43:14 +00:00 · 2025-07-07 10:56:59 -04:00
parent 240968ef4c
commit 79ad1dbda0
18 changed files with 491 additions and 288 deletions
--- a/src/Identity/IdentityServer/RequestValidators/DeviceValidator.cs
+++ b/src/Identity/IdentityServer/RequestValidators/DeviceValidator.cs
@@ -1,6 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using System.Reflection;
 using Bit.Core;
+using Bit.Core.Auth.Services;
 using Bit.Core.Context;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
@@ -22,6 +23,7 @@ public class DeviceValidator(
    ICurrentContext currentContext,
    IUserService userService,
    IDistributedCache distributedCache,
+    ITwoFactorEmailService twoFactorEmailService,
    ILogger<DeviceValidator> logger) : IDeviceValidator
 {
    private readonly IDeviceService _deviceService = deviceService;
@@ -32,6 +34,7 @@ public class DeviceValidator(
    private readonly IUserService _userService = userService;
    private readonly IDistributedCache distributedCache = distributedCache;
    private readonly ILogger<DeviceValidator> _logger = logger;
+    private readonly ITwoFactorEmailService _twoFactorEmailService = twoFactorEmailService;

    public async Task<bool> ValidateRequestDeviceAsync(ValidatedTokenRequest request, CustomValidatorRequestContext context)
    {
@@ -75,7 +78,7 @@ public class DeviceValidator(
                    BuildDeviceErrorResult(validationResult);
                if (validationResult == DeviceValidationResultType.NewDeviceVerificationRequired)
                {
-                    await _userService.SendNewDeviceVerificationEmailAsync(context.User);
+                    await _twoFactorEmailService.SendNewDeviceVerificationEmailAsync(context.User);
                }
                return false;
            }