[PM-21917] Introduce SendAuthenticationQuery (#5857)

2026-01-20 01:13:18 +00:00 · 2025-05-27 08:25:27 -04:00
parent 542941818a
commit c989abdb82
19 changed files with 9874 additions and 5 deletions
--- a/src/Core/Tools/SendFeatures/Queries/Interfaces/ISendAuthenticationQuery.cs
+++ b/src/Core/Tools/SendFeatures/Queries/Interfaces/ISendAuthenticationQuery.cs
@@ -0,0 +1,20 @@
+using Bit.Core.Tools.Models.Data;
+
+#nullable enable
+
+namespace Bit.Core.Tools.SendFeatures.Queries.Interfaces;
+
+/// <summary>
+/// Integration with authentication layer for generating send access claims.
+/// </summary>
+public interface ISendAuthenticationQuery
+{
+    /// <summary>
+    /// Retrieves the authentication method of a Send.
+    /// </summary>
+    /// <param name="sendId">Identifies the send to inspect.</param>
+    /// <returns>
+    /// The authentication method that should be performed for the send.
+    /// </returns>
+    Task<SendAuthenticationMethod> GetAuthenticationMethod(Guid sendId);
+}
--- a/src/Core/Tools/SendFeatures/Queries/SendAuthenticationQuery.cs
+++ b/src/Core/Tools/SendFeatures/Queries/SendAuthenticationQuery.cs
@@ -0,0 +1,53 @@
+using Bit.Core.Tools.Models.Data;
+using Bit.Core.Tools.Repositories;
+using Bit.Core.Tools.SendFeatures.Queries.Interfaces;
+
+#nullable enable
+
+namespace Bit.Core.Tools.SendFeatures.Queries;
+
+/// <inheritdoc cref="ISendAuthenticationQuery"/>
+public class SendAuthenticationQuery : ISendAuthenticationQuery
+{
+    private static readonly NotAuthenticated NOT_AUTHENTICATED = new NotAuthenticated();
+    private static readonly NeverAuthenticate NEVER_AUTHENTICATE = new NeverAuthenticate();
+
+    private readonly ISendRepository _sendRepository;
+
+    /// <summary>
+    /// Instantiates the command
+    /// </summary>
+    /// <param name="sendRepository">
+    /// Retrieves send records
+    /// </param>
+    /// <exception cref="ArgumentNullException">
+    /// Thrown when <paramref name="sendRepository"/> is <see langword="null"/>.
+    /// </exception>
+    public SendAuthenticationQuery(ISendRepository sendRepository)
+    {
+        _sendRepository = sendRepository ?? throw new ArgumentNullException(nameof(sendRepository));
+    }
+
+    /// <inheritdoc cref="ISendAuthenticationQuery.GetAuthenticationMethod"/>
+    public async Task<SendAuthenticationMethod> GetAuthenticationMethod(Guid sendId)
+    {
+        var send = await _sendRepository.GetByIdAsync(sendId);
+
+        SendAuthenticationMethod method = send switch
+        {
+            null => NEVER_AUTHENTICATE,
+            var s when s.AccessCount >= s.MaxAccessCount => NEVER_AUTHENTICATE,
+            var s when s.Emails is not null => emailOtp(s.Emails),
+            var s when s.Password is not null => new ResourcePassword(s.Password),
+            _ => NOT_AUTHENTICATED
+        };
+
+        return method;
+    }
+
+    private EmailOtp emailOtp(string emails)
+    {
+        var list = emails.Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
+        return new EmailOtp(list);
+    }
+}
--- a/src/Core/Tools/SendFeatures/SendServiceCollectionExtension.cs
+++ b/src/Core/Tools/SendFeatures/SendServiceCollectionExtension.cs
@@ -1,5 +1,7 @@
 using Bit.Core.Tools.SendFeatures.Commands;
 using Bit.Core.Tools.SendFeatures.Commands.Interfaces;
+using Bit.Core.Tools.SendFeatures.Queries;
+using Bit.Core.Tools.SendFeatures.Queries.Interfaces;
 using Bit.Core.Tools.Services;
 using Microsoft.Extensions.DependencyInjection;

@@ -14,5 +16,6 @@ public static class SendServiceCollectionExtension
        services.AddScoped<ISendAuthorizationService, SendAuthorizationService>();
        services.AddScoped<ISendValidationService, SendValidationService>();
        services.AddScoped<ISendCoreHelperService, SendCoreHelperService>();
+        services.AddScoped<ISendAuthenticationQuery, SendAuthenticationQuery>();
    }
 }