[PM-17562] Add HEC integration support (#6010)

* [PM-17562] Add HEC integration support * Re-ordered parameters per PR suggestion * Apply suggestions from code review Co-authored-by: Matt Bishop <mbishop@bitwarden.com> * Refactored webhook request model validation to be more clear --------- Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2026-01-06 02:23:51 +00:00 · 2025-07-01 08:52:38 -04:00
parent e8ad23c8bc
commit f6cd661e8e
22 changed files with 302 additions and 67 deletions
--- a/test/Api.Test/AdminConsole/Models/Request/Organizations/OrganizationIntegrationConfigurationRequestModelTests.cs
+++ b/test/Api.Test/AdminConsole/Models/Request/Organizations/OrganizationIntegrationConfigurationRequestModelTests.cs
@@ -17,13 +17,13 @@ public class OrganizationIntegrationConfigurationRequestModelTests
            Template = "template"
        };

-        Assert.False(model.IsValidForType(IntegrationType.CloudBillingSync));
+        Assert.False(condition: model.IsValidForType(IntegrationType.CloudBillingSync));
    }

    [Theory]
-    [InlineData(null)]
-    [InlineData("")]
-    [InlineData("    ")]
+    [InlineData(data: null)]
+    [InlineData(data: "")]
+    [InlineData(data: "    ")]
    public void IsValidForType_EmptyConfiguration_ReturnsFalse(string? config)
    {
        var model = new OrganizationIntegrationConfigurationRequestModel
@@ -32,25 +32,55 @@ public class OrganizationIntegrationConfigurationRequestModelTests
            Template = "template"
        };

-        var result = model.IsValidForType(IntegrationType.Slack);
-
-        Assert.False(result);
+        Assert.False(condition: model.IsValidForType(IntegrationType.Slack));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Webhook));
    }

    [Theory]
-    [InlineData(null)]
-    [InlineData("")]
-    [InlineData("    ")]
+    [InlineData(data: "")]
+    [InlineData(data: "    ")]
+    public void IsValidForType_EmptyNonNullHecConfiguration_ReturnsFalse(string? config)
+    {
+        var model = new OrganizationIntegrationConfigurationRequestModel
+        {
+            Configuration = config,
+            Template = "template"
+        };
+
+        Assert.False(condition: model.IsValidForType(IntegrationType.Hec));
+    }
+
+    [Fact]
+    public void IsValidForType_NullHecConfiguration_ReturnsTrue()
+    {
+        var model = new OrganizationIntegrationConfigurationRequestModel
+        {
+            Configuration = null,
+            Template = "template"
+        };
+
+        Assert.True(condition: model.IsValidForType(IntegrationType.Hec));
+    }
+
+    [Theory]
+    [InlineData(data: null)]
+    [InlineData(data: "")]
+    [InlineData(data: "    ")]
    public void IsValidForType_EmptyTemplate_ReturnsFalse(string? template)
    {
-        var config = JsonSerializer.Serialize(new WebhookIntegrationConfiguration("https://example.com", "Bearer", "AUTH-TOKEN"));
+        var config = JsonSerializer.Serialize(value: new WebhookIntegrationConfiguration(
+            Uri: new Uri("https://localhost"),
+            Scheme: "Bearer",
+            Token: "AUTH-TOKEN"));
        var model = new OrganizationIntegrationConfigurationRequestModel
        {
            Configuration = config,
            Template = template
        };

-        Assert.False(model.IsValidForType(IntegrationType.Webhook));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Slack));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Webhook));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Hec));
    }

    [Fact]
@@ -62,14 +92,16 @@ public class OrganizationIntegrationConfigurationRequestModelTests
            Template = "template"
        };

-        Assert.False(model.IsValidForType(IntegrationType.Webhook));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Slack));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Webhook));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Hec));
    }


    [Fact]
    public void IsValidForType_InvalidJsonFilters_ReturnsFalse()
    {
-        var config = JsonSerializer.Serialize(new WebhookIntegrationConfiguration("https://example.com"));
+        var config = JsonSerializer.Serialize(new WebhookIntegrationConfiguration(Uri: new Uri("https://example.com")));
        var model = new OrganizationIntegrationConfigurationRequestModel
        {
            Configuration = config,
@@ -89,13 +121,13 @@ public class OrganizationIntegrationConfigurationRequestModelTests
            Template = "template"
        };

-        Assert.False(model.IsValidForType(IntegrationType.Scim));
+        Assert.False(condition: model.IsValidForType(IntegrationType.Scim));
    }

    [Fact]
    public void IsValidForType_ValidSlackConfiguration_ReturnsTrue()
    {
-        var config = JsonSerializer.Serialize(new SlackIntegrationConfiguration("C12345"));
+        var config = JsonSerializer.Serialize(value: new SlackIntegrationConfiguration(ChannelId: "C12345"));

        var model = new OrganizationIntegrationConfigurationRequestModel
        {
@@ -103,7 +135,7 @@ public class OrganizationIntegrationConfigurationRequestModelTests
            Template = "template"
        };

-        Assert.True(model.IsValidForType(IntegrationType.Slack));
+        Assert.True(condition: model.IsValidForType(IntegrationType.Slack));
    }

    [Fact]
@@ -136,33 +168,39 @@ public class OrganizationIntegrationConfigurationRequestModelTests
    [Fact]
    public void IsValidForType_ValidNoAuthWebhookConfiguration_ReturnsTrue()
    {
-        var config = JsonSerializer.Serialize(new WebhookIntegrationConfiguration("https://example.com"));
+        var config = JsonSerializer.Serialize(value: new WebhookIntegrationConfiguration(Uri: new Uri("https://localhost")));
        var model = new OrganizationIntegrationConfigurationRequestModel
        {
            Configuration = config,
            Template = "template"
        };

-        Assert.True(model.IsValidForType(IntegrationType.Webhook));
+        Assert.True(condition: model.IsValidForType(IntegrationType.Webhook));
    }

    [Fact]
    public void IsValidForType_ValidWebhookConfiguration_ReturnsTrue()
    {
-        var config = JsonSerializer.Serialize(new WebhookIntegrationConfiguration("https://example.com", "Bearer", "AUTH-TOKEN"));
+        var config = JsonSerializer.Serialize(value: new WebhookIntegrationConfiguration(
+            Uri: new Uri("https://localhost"),
+            Scheme: "Bearer",
+            Token: "AUTH-TOKEN"));
        var model = new OrganizationIntegrationConfigurationRequestModel
        {
            Configuration = config,
            Template = "template"
        };

-        Assert.True(model.IsValidForType(IntegrationType.Webhook));
+        Assert.True(condition: model.IsValidForType(IntegrationType.Webhook));
    }

    [Fact]
    public void IsValidForType_ValidWebhookConfigurationWithFilters_ReturnsTrue()
    {
-        var config = JsonSerializer.Serialize(new WebhookIntegrationConfiguration("https://example.com", "Bearer", "AUTH-TOKEN"));
+        var config = JsonSerializer.Serialize(new WebhookIntegrationConfiguration(
+            Uri: new Uri("https://example.com"),
+            Scheme: "Bearer",
+            Token: "AUTH-TOKEN"));
        var filters = JsonSerializer.Serialize(new IntegrationFilterGroup()
        {
            AndOperator = true,
@@ -197,6 +235,6 @@ public class OrganizationIntegrationConfigurationRequestModelTests

        var unknownType = (IntegrationType)999;

-        Assert.False(model.IsValidForType(unknownType));
+        Assert.False(condition: model.IsValidForType(unknownType));
    }
 }
--- a/test/Api.Test/AdminConsole/Models/Request/Organizations/OrganizationIntegrationRequestModelTests.cs
+++ b/test/Api.Test/AdminConsole/Models/Request/Organizations/OrganizationIntegrationRequestModelTests.cs
@@ -1,5 +1,7 @@
 using System.ComponentModel.DataAnnotations;
+using System.Text.Json;
 using Bit.Api.AdminConsole.Models.Request.Organizations;
+using Bit.Core.AdminConsole.Models.Data.EventIntegrations;
 using Bit.Core.Enums;
 using Xunit;

@@ -70,7 +72,7 @@ public class OrganizationIntegrationRequestModelTests
    }

    [Fact]
-    public void Validate_Webhook_WithConfiguration_ReturnsConfigurationError()
+    public void Validate_Webhook_WithInvalidConfiguration_ReturnsConfigurationError()
    {
        var model = new OrganizationIntegrationRequestModel
        {
@@ -82,7 +84,67 @@ public class OrganizationIntegrationRequestModelTests

        Assert.Single(results);
        Assert.Contains(nameof(model.Configuration), results[0].MemberNames);
-        Assert.Contains("must not include configuration", results[0].ErrorMessage);
+        Assert.Contains("must include valid configuration", results[0].ErrorMessage);
+    }
+
+    [Fact]
+    public void Validate_Webhook_WithValidConfiguration_ReturnsNoErrors()
+    {
+        var model = new OrganizationIntegrationRequestModel
+        {
+            Type = IntegrationType.Webhook,
+            Configuration = JsonSerializer.Serialize(new WebhookIntegration(new Uri("https://example.com")))
+        };
+
+        var results = model.Validate(new ValidationContext(model)).ToList();
+
+        Assert.Empty(results);
+    }
+
+    [Fact]
+    public void Validate_Hec_WithNullConfiguration_ReturnsError()
+    {
+        var model = new OrganizationIntegrationRequestModel
+        {
+            Type = IntegrationType.Hec,
+            Configuration = null
+        };
+
+        var results = model.Validate(new ValidationContext(model)).ToList();
+
+        Assert.Single(results);
+        Assert.Contains(nameof(model.Configuration), results[0].MemberNames);
+        Assert.Contains("must include valid configuration", results[0].ErrorMessage);
+    }
+
+    [Fact]
+    public void Validate_Hec_WithInvalidConfiguration_ReturnsError()
+    {
+        var model = new OrganizationIntegrationRequestModel
+        {
+            Type = IntegrationType.Hec,
+            Configuration = "Not valid"
+        };
+
+        var results = model.Validate(new ValidationContext(model)).ToList();
+
+        Assert.Single(results);
+        Assert.Contains(nameof(model.Configuration), results[0].MemberNames);
+        Assert.Contains("must include valid configuration", results[0].ErrorMessage);
+    }
+
+    [Fact]
+    public void Validate_Hec_WithValidConfiguration_ReturnsNoErrors()
+    {
+        var model = new OrganizationIntegrationRequestModel
+        {
+            Type = IntegrationType.Hec,
+            Configuration = JsonSerializer.Serialize(new HecIntegration(Uri: new Uri("http://localhost"), Scheme: "Bearer", Token: "Token"))
+        };
+
+        var results = model.Validate(new ValidationContext(model)).ToList();
+
+        Assert.Empty(results);
    }

    [Fact]