PM-23358 removing phishing blocker code (#6668)

2026-02-17 09:59:14 +00:00 · 2025-12-15 12:12:07 -06:00
parent d554e4ef15
commit 7cfdb4ddfc
16 changed files with 0 additions and 593 deletions
--- a/src/Api/Controllers/PhishingDomainsController.cs
+++ b/src/Api/Controllers/PhishingDomainsController.cs
@@ -1,34 +0,0 @@
-using Bit.Core;
-using Bit.Core.Repositories;
-using Bit.Core.Services;
-using Microsoft.AspNetCore.Mvc;
-
-namespace Bit.Api.Controllers;
-
-[Route("phishing-domains")]
-public class PhishingDomainsController(IPhishingDomainRepository phishingDomainRepository, IFeatureService featureService) : Controller
-{
-    [HttpGet]
-    public async Task<ActionResult<ICollection<string>>> GetPhishingDomainsAsync()
-    {
-        if (!featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
-        {
-            return NotFound();
-        }
-
-        var domains = await phishingDomainRepository.GetActivePhishingDomainsAsync();
-        return Ok(domains);
-    }
-
-    [HttpGet("checksum")]
-    public async Task<ActionResult<string>> GetChecksumAsync()
-    {
-        if (!featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
-        {
-            return NotFound();
-        }
-
-        var checksum = await phishingDomainRepository.GetCurrentChecksumAsync();
-        return Ok(checksum);
-    }
-}
--- a/src/Api/Jobs/JobsHostedService.cs
+++ b/src/Api/Jobs/JobsHostedService.cs
@@ -59,13 +59,6 @@ public class JobsHostedService : BaseJobsHostedService
            .StartNow()
            .WithCronSchedule("0 0 * * * ?")
            .Build();
-        var updatePhishingDomainsTrigger = TriggerBuilder.Create()
-            .WithIdentity("UpdatePhishingDomainsTrigger")
-            .StartNow()
-            .WithSimpleSchedule(x => x
-                .WithIntervalInHours(24)
-                .RepeatForever())
-            .Build();
        var updateOrgSubscriptionsTrigger = TriggerBuilder.Create()
            .WithIdentity("UpdateOrgSubscriptionsTrigger")
            .StartNow()
@@ -81,7 +74,6 @@ public class JobsHostedService : BaseJobsHostedService
            new Tuple<Type, ITrigger>(typeof(ValidateUsersJob), everyTopOfTheSixthHourTrigger),
            new Tuple<Type, ITrigger>(typeof(ValidateOrganizationsJob), everyTwelfthHourAndThirtyMinutesTrigger),
            new Tuple<Type, ITrigger>(typeof(ValidateOrganizationDomainJob), validateOrganizationDomainTrigger),
-            new Tuple<Type, ITrigger>(typeof(UpdatePhishingDomainsJob), updatePhishingDomainsTrigger),
            new (typeof(OrganizationSubscriptionUpdateJob), updateOrgSubscriptionsTrigger),
        };

@@ -111,7 +103,6 @@ public class JobsHostedService : BaseJobsHostedService
        services.AddTransient<ValidateUsersJob>();
        services.AddTransient<ValidateOrganizationsJob>();
        services.AddTransient<ValidateOrganizationDomainJob>();
-        services.AddTransient<UpdatePhishingDomainsJob>();
        services.AddTransient<OrganizationSubscriptionUpdateJob>();
    }

--- a/src/Api/Jobs/UpdatePhishingDomainsJob.cs
+++ b/src/Api/Jobs/UpdatePhishingDomainsJob.cs
@@ -1,97 +0,0 @@
-using Bit.Core;
-using Bit.Core.Jobs;
-using Bit.Core.PhishingDomainFeatures.Interfaces;
-using Bit.Core.Repositories;
-using Bit.Core.Services;
-using Bit.Core.Settings;
-using Quartz;
-
-namespace Bit.Api.Jobs;
-
-public class UpdatePhishingDomainsJob : BaseJob
-{
-    private readonly GlobalSettings _globalSettings;
-    private readonly IPhishingDomainRepository _phishingDomainRepository;
-    private readonly ICloudPhishingDomainQuery _cloudPhishingDomainQuery;
-    private readonly IFeatureService _featureService;
-    public UpdatePhishingDomainsJob(
-        GlobalSettings globalSettings,
-        IPhishingDomainRepository phishingDomainRepository,
-        ICloudPhishingDomainQuery cloudPhishingDomainQuery,
-        IFeatureService featureService,
-        ILogger<UpdatePhishingDomainsJob> logger)
-        : base(logger)
-    {
-        _globalSettings = globalSettings;
-        _phishingDomainRepository = phishingDomainRepository;
-        _cloudPhishingDomainQuery = cloudPhishingDomainQuery;
-        _featureService = featureService;
-    }
-
-    protected override async Task ExecuteJobAsync(IJobExecutionContext context)
-    {
-        if (!_featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
-        {
-            _logger.LogInformation(Constants.BypassFiltersEventId, "Skipping phishing domain update. Feature flag is disabled.");
-            return;
-        }
-
-        if (string.IsNullOrWhiteSpace(_globalSettings.PhishingDomain?.UpdateUrl))
-        {
-            _logger.LogInformation(Constants.BypassFiltersEventId, "Skipping phishing domain update. No URL configured.");
-            return;
-        }
-
-        if (_globalSettings.SelfHosted && !_globalSettings.EnableCloudCommunication)
-        {
-            _logger.LogInformation(Constants.BypassFiltersEventId, "Skipping phishing domain update. Cloud communication is disabled in global settings.");
-            return;
-        }
-
-        var remoteChecksum = await _cloudPhishingDomainQuery.GetRemoteChecksumAsync();
-        if (string.IsNullOrWhiteSpace(remoteChecksum))
-        {
-            _logger.LogWarning(Constants.BypassFiltersEventId, "Could not retrieve remote checksum. Skipping update.");
-            return;
-        }
-
-        var currentChecksum = await _phishingDomainRepository.GetCurrentChecksumAsync();
-
-        if (string.Equals(currentChecksum, remoteChecksum, StringComparison.OrdinalIgnoreCase))
-        {
-            _logger.LogInformation(Constants.BypassFiltersEventId,
-                "Phishing domains list is up to date (checksum: {Checksum}). Skipping update.",
-                currentChecksum);
-            return;
-        }
-
-        _logger.LogInformation(Constants.BypassFiltersEventId,
-            "Checksums differ (current: {CurrentChecksum}, remote: {RemoteChecksum}). Fetching updated domains from {Source}.",
-            currentChecksum, remoteChecksum, _globalSettings.SelfHosted ? "Bitwarden cloud API" : "external source");
-
-        try
-        {
-            var domains = await _cloudPhishingDomainQuery.GetPhishingDomainsAsync();
-            if (!domains.Contains("phishing.testcategory.com", StringComparer.OrdinalIgnoreCase))
-            {
-                domains.Add("phishing.testcategory.com");
-            }
-
-            if (domains.Count > 0)
-            {
-                _logger.LogInformation(Constants.BypassFiltersEventId, "Updating {Count} phishing domains with checksum {Checksum}.",
-                    domains.Count, remoteChecksum);
-                await _phishingDomainRepository.UpdatePhishingDomainsAsync(domains, remoteChecksum);
-                _logger.LogInformation(Constants.BypassFiltersEventId, "Successfully updated phishing domains.");
-            }
-            else
-            {
-                _logger.LogWarning(Constants.BypassFiltersEventId, "No valid domains found in the response. Skipping update.");
-            }
-        }
-        catch (Exception ex)
-        {
-            _logger.LogError(Constants.BypassFiltersEventId, ex, "Error updating phishing domains.");
-        }
-    }
-}
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@@ -187,7 +187,6 @@ public class Startup
        services.AddBillingOperations();
        services.AddReportingServices();
        services.AddImportServices();
-        services.AddPhishingDomainServices(globalSettings);

        services.AddSendServices();

--- a/src/Api/Utilities/ServiceCollectionExtensions.cs
+++ b/src/Api/Utilities/ServiceCollectionExtensions.cs
@@ -1,9 +1,5 @@
 using Bit.Api.AdminConsole.Authorization;
 using Bit.Api.Tools.Authorization;
-using Bit.Core.PhishingDomainFeatures;
-using Bit.Core.PhishingDomainFeatures.Interfaces;
-using Bit.Core.Repositories;
-using Bit.Core.Repositories.Implementations;
 using Bit.Core.Settings;
 using Bit.Core.Utilities;
 using Bit.Core.Vault.Authorization.SecurityTasks;
@@ -103,25 +99,4 @@ public static class ServiceCollectionExtensions
        // Admin Console authorization handlers
        services.AddAdminConsoleAuthorizationHandlers();
    }
-
-    public static void AddPhishingDomainServices(this IServiceCollection services, GlobalSettings globalSettings)
-    {
-        services.AddHttpClient("PhishingDomains", client =>
-        {
-            client.DefaultRequestHeaders.Add("User-Agent", globalSettings.SelfHosted ? "Bitwarden Self-Hosted" : "Bitwarden");
-            client.Timeout = TimeSpan.FromSeconds(1000); // the source list is very slow
-        });
-
-        services.AddSingleton<AzurePhishingDomainStorageService>();
-        services.AddSingleton<IPhishingDomainRepository, AzurePhishingDomainRepository>();
-
-        if (globalSettings.SelfHosted)
-        {
-            services.AddScoped<ICloudPhishingDomainQuery, CloudPhishingDomainRelayQuery>();
-        }
-        else
-        {
-            services.AddScoped<ICloudPhishingDomainQuery, CloudPhishingDomainDirectQuery>();
-        }
-    }
 }
--- a/src/Api/appsettings.Development.json
+++ b/src/Api/appsettings.Development.json
@@ -38,10 +38,6 @@
    "storage": {
      "connectionString": "UseDevelopmentStorage=true"
    },
-    "phishingDomain": {
-      "updateUrl": "https://phish.co.za/latest/phishing-domains-ACTIVE.txt",
-      "checksumUrl": "https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-ACTIVE.txt.sha256"
-    },
    "pricingUri": "https://billingpricing.qa.bitwarden.pw"
  }
 }
--- a/src/Api/appsettings.json
+++ b/src/Api/appsettings.json
@@ -69,9 +69,6 @@
      "accessKeySecret": "SECRET",
      "region": "SECRET"
    },
-    "phishingDomain": {
-      "updateUrl": "SECRET"
-    },
    "distributedIpRateLimiting": {
      "enabled": true,
      "maxRedisTimeoutsThreshold": 10,