bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-16 00:03:54 +00:00
Code Issues Releases Wiki Activity
6,366 Commits 477 Branches 221 Tags
a1be1ae40b7023126dcce7f89afb925149ea58e8
Commit Graph

12 Commits

Author SHA1 Message Date
Ike
3b54fea309 [PM-22696] send enumeration protection (#6352) 
* feat: add static enumeration helper class
* test: add enumeration helper class unit tests

* feat: implement NeverAuthenticateValidator
* test: unit and integration tests SendNeverAuthenticateValidator

* test: use static class for common integration test setup for Send Access unit and integration tests
* test: update tests to use static helper
 2025-09-23 06:38:22 -04:00
Ike
96fe09af89 [PM-25415] move files into better place for code ownership (#6275) 
* chore: move files into better place for code ownership

* fix: import correct namespace
 2025-09-04 10:08:03 -04:00
Ike
d2d3e0f11b [PM-22678] Send email otp authentication method (#6255) 
feat(auth): email OTP validation, and generalize authentication interface

- Generalized send authentication method interface
- Made validate method async
- Added email mail support for Handlebars
- Modified email templates to match future implementation

fix(auth): update constants, naming conventions, and error handling

- Renamed constants for clarity
- Updated claims naming convention
- Fixed error message generation
- Added customResponse for Rust consumption

test(auth): add and fix tests for validators and email

- Added tests for SendEmailOtpRequestValidator
- Updated tests for SendAccessGrantValidator

chore: apply dotnet formatting
 2025-09-02 16:48:57 -04:00
Ike
3097e7f223 [PM- 22675] Send password auth method (#6228) 
* feat: add Passwordvalidation
* fix: update strings to constants
* fix: add customResponse for rust consumption
* test: add tests for SendPasswordValidator. fix: update tests for SendAccessGrantValidator
* feat: update send access constants.
 2025-08-22 18:02:37 -04:00
Ike
43d753dcb1 [PM-20592] [PM-22737] [PM-22738] Send grant validator (#6151) 
**feat**: create `SendGrantValidator` and initial `SendPasswordValidator` for Send access grants  
**feat**: add feature flag to toggle Send grant validation logic  
**feat**: add Send client to Identity and update `ApiClient` to generic `Client`  
**feat**: register Send services in DI pipeline  
**feat**: add claims management support to `ProfileService`  
**feat**: distinguish between invalid grant and invalid request in `SendAccessGrantValidator`

**fix**: update parsing of `send_id` from request  
**fix**: add early return when feature flag is disabled  
**fix**: rename and organize Send access scope and grant type  
**fix**: dotnet format

**test**: add unit and integration tests for `SendGrantValidator`  
**test**: update OpenID configuration and API resource claims

**doc**: move documentation to interfaces and update inline comments  

**chore**: add TODO for future support of `CustomGrantTypes`
 2025-08-13 18:38:00 -04:00
Jared Snider
531af410f9 pm-24210 (#6142) 2025-07-30 12:18:27 -04:00
bitwarden-charlie
67f745ebc4 chore/SRE-583 Deprecate usage of Auth-Email Header (#5709) 
* chore/SRE-583 Deprecate usage of Auth-Email Header

* SRE-583 cleanup function and references

* SRE-583 cleanup tests

---------

Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com>
 2025-05-16 07:45:04 -06:00
Ike
1399b1417e PM-6675 - Remove old registration endpoint (#5585) 
* feat : remove old registration endpoint

* fix: update integration test user registration to match current registration; We need to keep the IRegistrationCommand.RegisterUser method to JIT user.

* fix: updating accounts/profile tests to match current implementations
 2025-04-16 15:46:49 -04:00
Ike
867fa848dd [PM-8220] New Device Verification (#5084) 
* feat(BaseRequestValidator): 
Add global setting for new device verification.
Refactor BaseRequestValidator enabling better self-documenting code and better single responsibility principle for validators.
Updated DeviceValidator to handle new device verification, behind a feature flag.
Moved IDeviceValidator interface to separate file.
Updated CustomRequestValidator to act as the conduit by which *Validators communicate authentication context between themselves and the RequestValidators.
Adding new test for DeviceValidator class.
Updated tests for BaseRequestValidator as some functionality was moved to the DeviceValidator class.
 2024-12-12 09:08:11 -08:00
Ike
c028c68d9c [PM-6666] Two factor Validator refactor (#4894) 
* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* Fixing some tests

* renaming and reorganizing

* refactored two factor flows

* fixed a possible issue with object mapping.

* Update TwoFactorAuthenticationValidator.cs

removed unused code
 2024-10-24 10:41:25 -07:00
Ike
22dd957543 [PM-10742] Pull Device verification into testable service (#4851) 
* initial device removal

* Unit Testing

* Added unit tests fixed validator null checks

* Finalized tests

* formatting

* fixed test

* lint

* addressing review notes

* comments
 2024-10-10 17:26:17 -07:00
Ike
fa5d6712c5 [PM-6664] Base Request Validator Unit Tests and Resource Owner integration Tests (#4582) 
* intial commit

* Some UnitTests for the VerifyAsync flows

* WIP org two factor

* removed useless tests

* added ResourceOwnerValidation integration tests

* fixing formatting

* addressing comments

* removed comment
 2024-09-05 11:17:15 -07:00