Add support for V2 keys

2025-12-22 03:03:33 +00:00 · 2025-12-02 16:56:45 +01:00
parent 9015bc8169
commit e8be7bf2c9
2 changed files with 19 additions and 2 deletions
--- a/src/Api/Auth/Controllers/AccountsController.cs
+++ b/src/Api/Auth/Controllers/AccountsController.cs
@@ -17,6 +17,7 @@ using Bit.Core.Auth.UserFeatures.TwoFactorAuth.Interfaces;
 using Bit.Core.Auth.UserFeatures.UserMasterPassword.Interfaces;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
+using Bit.Core.KeyManagement.Commands;
 using Bit.Core.KeyManagement.Kdf;
 using Bit.Core.KeyManagement.Queries.Interfaces;
 using Bit.Core.Models.Api.Response;
@@ -44,6 +45,7 @@ public class AccountsController : Controller
    private readonly IUserAccountKeysQuery _userAccountKeysQuery;
    private readonly ITwoFactorEmailService _twoFactorEmailService;
    private readonly IChangeKdfCommand _changeKdfCommand;
+    private readonly SetAccountKeysForUserCommand _setAccountKeysForUserCommand;

    public AccountsController(
        IOrganizationService organizationService,
@@ -57,7 +59,8 @@ public class AccountsController : Controller
        IFeatureService featureService,
        IUserAccountKeysQuery userAccountKeysQuery,
        ITwoFactorEmailService twoFactorEmailService,
-        IChangeKdfCommand changeKdfCommand
+        IChangeKdfCommand changeKdfCommand,
+        SetAccountKeysForUserCommand setAccountKeysForUserCommand
        )
    {
        _organizationService = organizationService;
@@ -72,6 +75,7 @@ public class AccountsController : Controller
        _userAccountKeysQuery = userAccountKeysQuery;
        _twoFactorEmailService = twoFactorEmailService;
        _changeKdfCommand = changeKdfCommand;
+        _setAccountKeysForUserCommand = setAccountKeysForUserCommand;
    }


@@ -440,7 +444,15 @@ public class AccountsController : Controller
            }
        }

+        if (model.AccountKeys != null)
+        {
+            await _setAccountKeysForUserCommand.SetAccountKeysForUserAsync(user.Id, model.AccountKeys);
+        }
+        else
+        {
            await _userService.SaveUserAsync(model.ToUser(user));
+        }
+
        return new KeysResponseModel(user);
    }

--- a/src/Core/Auth/Models/Api/Request/Accounts/KeysRequestModel.cs
+++ b/src/Core/Auth/Models/Api/Request/Accounts/KeysRequestModel.cs
@@ -3,17 +3,22 @@

 using System.ComponentModel.DataAnnotations;
 using Bit.Core.Entities;
+using Bit.Core.KeyManagement.Models.Api.Request;
 using Bit.Core.Utilities;

 namespace Bit.Core.Auth.Models.Api.Request.Accounts;

 public class KeysRequestModel
 {
+    [Obsolete("Use AccountKeys.AccountPublicKey instead")]
    [Required]
    public string PublicKey { get; set; }
+    [Obsolete("Use AccountKeys.UserKeyEncryptedAccountPrivateKey instead")]
    [Required]
    public string EncryptedPrivateKey { get; set; }
+    public AccountKeysRequestModel AccountKeys { get; set; }

+    [Obsolete("Use SetAccountKeysForUserCommand instead")]
    public User ToUser(User existingUser)
    {
        if (string.IsNullOrWhiteSpace(PublicKey) || string.IsNullOrWhiteSpace(EncryptedPrivateKey))