Add query for email verification link (#6984)

* Add query for email verification link

* PR comments

util/Seeder/IQuery.cs

@@ -4,8 +4,8 @@
 /// Base interface for query operations in the seeding system. The base interface should not be used directly, rather use `IQuery<TRequest, TResult>`.
 /// </summary>
 /// <remarks>
-/// Queries are synchronous, read-only operations that retrieve data from the seeding context.
-/// Unlike scenes which create data, queries fetch existing data based on request parameters.
+/// Queries are read-only operations that retrieve data from the seeding context.
+/// Unlike scenes, which create data, queries fetch existing data based on request parameters.
 /// They follow a type-safe pattern using generics to ensure proper request/response handling
 /// while maintaining a common non-generic interface for dynamic invocation.
 /// </remarks>
@@ -22,17 +22,17 @@ public interface IQuery
     /// </summary>
     /// <param name="request">The request object containing parameters for the query operation.</param>
     /// <returns>The query result data as an object.</returns>
-    object Execute(object request);
+    Task<object> Execute(object request);
 }
 
 /// <summary>
-/// Generic query interface for synchronous, read-only operations with specific request and result types.
+/// Generic query interface for read-only operations with specific request and result types.
 /// </summary>
 /// <typeparam name="TRequest">The type of request object this query accepts.</typeparam>
 /// <typeparam name="TResult">The type of data this query returns.</typeparam>
 /// <remarks>
 /// Use this interface when you need to retrieve existing data from the seeding context based on
-/// specific request parameters. Queries are synchronous and do not modify data - they only read
+/// specific request parameters. Queries do not modify data - they only read
 /// and return information. The explicit interface implementations allow dynamic invocation while
 /// maintaining type safety in the implementation.
 /// </remarks>
@@ -43,7 +43,7 @@ public interface IQuery<TRequest, TResult> : IQuery where TRequest : class where
     /// </summary>
     /// <param name="request">The request object containing parameters for the query operation.</param>
     /// <returns>The typed query result data.</returns>
-    TResult Execute(TRequest request);
+    Task<TResult> Execute(TRequest request);
 
     /// <summary>
     /// Gets the request type for this query.
@@ -56,5 +56,5 @@ public interface IQuery<TRequest, TResult> : IQuery where TRequest : class where
     /// </summary>
     /// <param name="request">The request object to cast and process.</param>
     /// <returns>The typed result cast to object.</returns>
-    object IQuery.Execute(object request) => Execute((TRequest)request);
+    async Task<object> IQuery.Execute(object request) => await Execute((TRequest)request);
 }

util/Seeder/Queries/EmergencyAccessInviteQuery.cs

@@ -19,7 +19,7 @@ public class EmergencyAccessInviteQuery(
         public required string Email { get; set; }
     }
 
-    public IEnumerable<string> Execute(Request request)
+    public Task<IEnumerable<string>> Execute(Request request)
     {
         var invites = db.EmergencyAccesses
             .Where(ea => ea.Email == request.Email).ToList().Select(ea =>
@@ -30,6 +30,6 @@ public class EmergencyAccessInviteQuery(
                 return $"/accept-emergency?id={ea.Id}&name=Dummy&email={ea.Email}&token={token}";
             });
 
-        return invites;
+        return Task.FromResult(invites);
     }
 }

util/Seeder/Queries/UserEmailVerificationQuery.cs

@@ -0,0 +1,54 @@
+using System.Globalization;
+using System.Net;
+using Bit.Core.Auth.Models.Business.Tokenables;
+using Bit.Core.Repositories;
+using Bit.Core.Tokens;
+
+namespace Bit.Seeder.Queries;
+
+public class UserEmailVerificationQuery(IUserRepository userRepository,
+    IDataProtectorTokenFactory<RegistrationEmailVerificationTokenable> dataProtectorTokenizer) : IQuery<UserEmailVerificationQuery.Request, UserEmailVerificationQuery.Response>
+{
+    public class Request
+    {
+        public string? Name { get; set; } = null;
+        public required string Email { get; set; }
+        public string? FromMarketing { get; set; } = null;
+        public bool ReceiveMarketingEmails { get; set; } = false;
+    }
+
+    public class Response
+    {
+        public required string Url { get; set; }
+        public required bool EmailVerified { get; set; }
+    }
+
+    public async Task<Response> Execute(Request request)
+    {
+        var user = await userRepository.GetByEmailAsync(request.Email);
+
+        var token = generateToken(request.Email, request.Name, request.ReceiveMarketingEmails);
+
+        return new()
+        {
+            Url = Url(token, request.Email, request.FromMarketing),
+            EmailVerified = user?.EmailVerified ?? false
+        };
+    }
+
+    private string Url(string token, string email, string? fromMarketing = null)
+    {
+        return string.Format(CultureInfo.InvariantCulture, "/redirect-connector.html#finish-signup?token={0}&email={1}&fromEmail=true{2}",
+            WebUtility.UrlEncode(token),
+            WebUtility.UrlEncode(email),
+            !string.IsNullOrEmpty(fromMarketing) ? $"&fromMarketing={fromMarketing}" : string.Empty);
+    }
+
+    private string generateToken(string email, string? name, bool receiveMarketingEmails)
+    {
+
+        return dataProtectorTokenizer.Protect(
+            new RegistrationEmailVerificationTokenable(email, name, receiveMarketingEmails)
+        );
+    }
+}

util/SeederApi/Controllers/QueryController.cs

@@ -9,13 +9,13 @@ namespace Bit.SeederApi.Controllers;
 public class QueryController(ILogger<QueryController> logger, IQueryExecutor queryExecutor) : Controller
 {
     [HttpPost]
-    public IActionResult Query([FromBody] QueryRequestModel request)
+    public async Task<IActionResult> Query([FromBody] QueryRequestModel request)
     {
         logger.LogInformation("Executing query: {Query}", request.Template);
 
         try
         {
-            var result = queryExecutor.Execute(request.Template, request.Arguments);
+            var result = await queryExecutor.Execute(request.Template, request.Arguments);
 
             return Json(result);
         }

util/SeederApi/Execution/IQueryExecutor.cs

@@ -18,5 +18,5 @@ public interface IQueryExecutor
     /// <returns>The result of the query execution</returns>
     /// <exception cref="Services.QueryNotFoundException">Thrown when the query is not found</exception>
     /// <exception cref="Services.QueryExecutionException">Thrown when there's an error executing the query</exception>
-    object Execute(string queryName, JsonElement? arguments);
+    Task<object> Execute(string queryName, JsonElement? arguments);
 }

util/SeederApi/Execution/QueryExecutor.cs

@@ -9,7 +9,7 @@ public class QueryExecutor(
     IServiceProvider serviceProvider) : IQueryExecutor
 {
 
-    public object Execute(string queryName, JsonElement? arguments)
+    public async Task<object> Execute(string queryName, JsonElement? arguments)
     {
         try
         {
@@ -18,7 +18,7 @@ public class QueryExecutor(
 
             var requestType = query.GetRequestType();
             var requestModel = DeserializeRequestModel(queryName, requestType, arguments);
-            var result = query.Execute(requestModel);
+            var result = await query.Execute(requestModel);
 
             logger.LogInformation("Successfully executed query: {QueryName}", queryName);
             return result;