test(register): [PM-27084] Account Register Uses New Data Types - Added validation tests and ToUser no longer throws bad request.

2026-02-20 03:13:35 +00:00 · 2026-01-09 09:27:12 -05:00
parent b5dadcd1d3
commit 9e43ca2442
3 changed files with 180 additions and 119 deletions
--- a/test/Identity.Test/Controllers/AccountsControllerTests.cs
+++ b/test/Identity.Test/Controllers/AccountsControllerTests.cs
@@ -927,119 +927,6 @@ public class AccountsControllerTests : IDisposable
            emailVerificationToken);
    }

-    [Theory, BitAutoData]
-    public async Task PostRegisterFinish_WhenKdfMissingInAllSources_ShouldReturnBadRequest(
-        string email,
-        string emailVerificationToken,
-        string masterPasswordHash,
-        string masterKeyWrappedUserKey,
-        int iterations,
-        string publicKey,
-        string encryptedPrivateKey)
-    {
-        // Arrange: No KDF at root, and no unlock-data present
-        var model = new RegisterFinishRequestModel
-        {
-            Email = email,
-            EmailVerificationToken = emailVerificationToken,
-            MasterPasswordAuthentication = new MasterPasswordAuthenticationDataRequestModel
-            {
-                // present but ToUser does not source KDF from here
-                Kdf = new KdfRequestModel { KdfType = KdfType.Argon2id, Iterations = iterations },
-                MasterPasswordAuthenticationHash = masterPasswordHash,
-                Salt = email
-            },
-            MasterPasswordUnlock = null,
-            Kdf = null,
-            KdfIterations = iterations,
-            UserSymmetricKey = masterKeyWrappedUserKey,
-            UserAsymmetricKeys = new KeysRequestModel
-            {
-                PublicKey = publicKey,
-                EncryptedPrivateKey = encryptedPrivateKey
-            }
-        };
-
-        // Act & Assert
-        var ex = await Assert.ThrowsAsync<BadRequestException>(() => _sut.PostRegisterFinish(model));
-        Assert.Equal("KdfType couldn't be found on either the MasterPasswordUnlock or the Kdf property passed in.", ex.Message);
-    }
-
-    [Theory, BitAutoData]
-    public async Task PostRegisterFinish_WhenKdfIterationsMissingInAllSources_ShouldReturnBadRequest(
-        string email,
-        string emailVerificationToken,
-        string masterPasswordHash,
-        string masterKeyWrappedUserKey,
-        KdfType kdfType,
-        string publicKey,
-        string encryptedPrivateKey)
-    {
-        // Arrange: No KdfIterations at root, and no unlock-data present
-        var model = new RegisterFinishRequestModel
-        {
-            Email = email,
-            EmailVerificationToken = emailVerificationToken,
-            MasterPasswordAuthentication = new MasterPasswordAuthenticationDataRequestModel
-            {
-                // present but ToUser does not source iterations from here
-                Kdf = new KdfRequestModel { KdfType = kdfType, Iterations = AuthConstants.PBKDF2_ITERATIONS.Default },
-                MasterPasswordAuthenticationHash = masterPasswordHash,
-                Salt = email
-            },
-            MasterPasswordUnlock = null,
-            Kdf = kdfType,
-            KdfIterations = null,
-            UserSymmetricKey = masterKeyWrappedUserKey,
-            UserAsymmetricKeys = new KeysRequestModel
-            {
-                PublicKey = publicKey,
-                EncryptedPrivateKey = encryptedPrivateKey
-            }
-        };
-
-        // Act & Assert
-        var ex = await Assert.ThrowsAsync<BadRequestException>(() => _sut.PostRegisterFinish(model));
-        Assert.Equal("KdfIterations couldn't be found on either the MasterPasswordUnlock or the KdfIterations property passed in.", ex.Message);
-    }
-
-    [Theory, BitAutoData]
-    public async Task PostRegisterFinish_WhenKeyMissingInAllSources_ShouldReturnBadRequest(
-        string email,
-        string emailVerificationToken,
-        string masterPasswordHash,
-        int iterations,
-        KdfType kdfType,
-        string publicKey,
-        string encryptedPrivateKey)
-    {
-        // Arrange: No key at root, and no unlock-data present
-        var model = new RegisterFinishRequestModel
-        {
-            Email = email,
-            EmailVerificationToken = emailVerificationToken,
-            MasterPasswordAuthentication = new MasterPasswordAuthenticationDataRequestModel
-            {
-                Kdf = new KdfRequestModel { KdfType = kdfType, Iterations = iterations },
-                MasterPasswordAuthenticationHash = masterPasswordHash,
-                Salt = email
-            },
-            MasterPasswordUnlock = null,
-            Kdf = kdfType,
-            KdfIterations = iterations,
-            UserSymmetricKey = null,
-            UserAsymmetricKeys = new KeysRequestModel
-            {
-                PublicKey = publicKey,
-                EncryptedPrivateKey = encryptedPrivateKey
-            }
-        };
-
-        // Act & Assert
-        var ex = await Assert.ThrowsAsync<BadRequestException>(() => _sut.PostRegisterFinish(model));
-        Assert.Equal("MasterKeyWrappedUserKey couldn't be found on either the MasterPasswordUnlockData or the UserSymmetricKey property passed in.", ex.Message);
-    }
-
    [Theory, BitAutoData]
    public void RegisterFinishRequestModel_Validate_Throws_WhenUnlockAndAuthDataMismatch(
        string email,