fix(base-request-validator) [PM-21153] Recovery Code Not Functioning for SSO-required Users (#6481)

* chore(feature-flag-keys) [PM-21153]: Add feature flag key for BaseRequestValidator changes. * fix(base-request-validator) [PM-21153]: Add validation state model for composable validation scenarios. * fix(base-request-validator) [PM-21153]: Update BaseRequestValidator to allow validation scenarios to be composable. * fix(base-request-validator) [PM-21153]: Remove validation state object in favor of validator context, per team discussion. * feat(base-request-validator) [PM-21153]: Update tests to use issue feature flag, both execution paths. * fix(base-request-validator) [PM-21153]: Fix a null dictionary check. * chore(base-request-validator) [PM-21153]: Add unit tests around behavior addressed in this feature. * chore(base-request-validator) [PM-21153]: Update comments for clarity. * chore(base-request-validator-tests) [PM-21153]: Update verbiage for tests. * fix(base-request-validator) [PM-21153]: Update validators to no longer need completed scheme management, use 2FA flag for recovery scenarios. * fix(base-request-validator-tests) [PM-21153]: Customize CustomValidatorRequestContext fixture to allow for setting of request-specific flags as part of the request validation (not eagerly truthy).
2025-12-15 15:53:59 +00:00 · 2025-11-03 12:24:00 -05:00
parent b329305b77
commit bda2bd8ac1
5 changed files with 933 additions and 194 deletions
--- a/test/Identity.Test/AutoFixture/RequestValidationFixtures.cs
+++ b/test/Identity.Test/AutoFixture/RequestValidationFixtures.cs
@@ -1,6 +1,7 @@
 using System.Reflection;
 using AutoFixture;
 using AutoFixture.Xunit2;
+using Bit.Identity.IdentityServer;
 using Duende.IdentityServer.Validation;

 namespace Bit.Identity.Test.AutoFixture;
@@ -8,7 +9,8 @@ namespace Bit.Identity.Test.AutoFixture;
 internal class ValidatedTokenRequestCustomization : ICustomization
 {
    public ValidatedTokenRequestCustomization()
-    { }
+    {
+    }

    public void Customize(IFixture fixture)
    {
@@ -22,10 +24,45 @@ internal class ValidatedTokenRequestCustomization : ICustomization
 public class ValidatedTokenRequestAttribute : CustomizeAttribute
 {
    public ValidatedTokenRequestAttribute()
-    { }
+    {
+    }

    public override ICustomization GetCustomization(ParameterInfo parameter)
    {
        return new ValidatedTokenRequestCustomization();
    }
 }
+
+internal class CustomValidatorRequestContextCustomization : ICustomization
+{
+    public CustomValidatorRequestContextCustomization()
+    {
+    }
+
+    /// <summary>
+    /// Specific context members like <see cref="CustomValidatorRequestContext.RememberMeRequested" />,
+    /// <see cref="CustomValidatorRequestContext.TwoFactorRecoveryRequested"/>, and
+    /// <see cref="CustomValidatorRequestContext.SsoRequired" /> should initialize false,
+    /// and are made truthy in context upon evaluation of a request. Do not allow AutoFixture to eagerly make these
+    /// truthy; that is the responsibility of the <see cref="Bit.Identity.IdentityServer.RequestValidators.BaseRequestValidator{T}" />
+    /// </summary>
+    public void Customize(IFixture fixture)
+    {
+        fixture.Customize<CustomValidatorRequestContext>(composer => composer
+            .With(o => o.RememberMeRequested, false)
+            .With(o => o.TwoFactorRecoveryRequested, false)
+            .With(o => o.SsoRequired, false));
+    }
+}
+
+public class CustomValidatorRequestContextAttribute : CustomizeAttribute
+{
+    public CustomValidatorRequestContextAttribute()
+    {
+    }
+
+    public override ICustomization GetCustomization(ParameterInfo parameter)
+    {
+        return new CustomValidatorRequestContextCustomization();
+    }
+}