Merge branch 'main' into auth/pm-34130/fix-device-auth-details-constructor-not-edd-compliant

Author: JaredSnider-Bitwarden

.github/workflows/build.yml

@@ -180,7 +180,7 @@ jobs:
 
       ########## Registries ##########
       - name: Log in to GHCR
-        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -322,7 +322,7 @@ jobs:
         uses: actions/setup-dotnet@baa11fbfe1d6520db94683bd5c7a3818018e4309 # v5.1.0
 
       - name: Log in to GHCR
-        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}

.github/workflows/publish.yml

@@ -111,7 +111,7 @@ jobs:
 
       ########## GHCR ##########
       - name: Log in to GHCR
-        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}

bitwarden_license/src/Commercial.Core/AdminConsole/Services/ProviderService.cs

@@ -57,7 +57,6 @@ public class ProviderService : IProviderService
     private readonly IOrganizationService _organizationService;
     private readonly ICurrentContext _currentContext;
     private readonly IStripeAdapter _stripeAdapter;
-    private readonly IFeatureService _featureService;
     private readonly IDataProtectorTokenFactory<ProviderDeleteTokenable> _providerDeleteTokenDataFactory;
     private readonly IApplicationCacheService _applicationCacheService;
     private readonly IProviderBillingService _providerBillingService;
@@ -70,7 +69,7 @@ public ProviderService(IProviderRepository providerRepository, IProviderUserRepo
         IUserService userService, IOrganizationService organizationService, IMailService mailService,
         IDataProtectionProvider dataProtectionProvider, IEventService eventService,
         IOrganizationRepository organizationRepository, GlobalSettings globalSettings,
-        ICurrentContext currentContext, IStripeAdapter stripeAdapter, IFeatureService featureService,
+        ICurrentContext currentContext, IStripeAdapter stripeAdapter,
         IDataProtectorTokenFactory<ProviderDeleteTokenable> providerDeleteTokenDataFactory,
         IApplicationCacheService applicationCacheService, IProviderBillingService providerBillingService, IPricingClient pricingClient,
         IProviderClientOrganizationSignUpCommand providerClientOrganizationSignUpCommand,
@@ -89,7 +88,6 @@ public ProviderService(IProviderRepository providerRepository, IProviderUserRepo
         _dataProtector = dataProtectionProvider.CreateProtector("ProviderServiceDataProtector");
         _currentContext = currentContext;
         _stripeAdapter = stripeAdapter;
-        _featureService = featureService;
         _providerDeleteTokenDataFactory = providerDeleteTokenDataFactory;
         _applicationCacheService = applicationCacheService;
         _providerBillingService = providerBillingService;
@@ -123,16 +121,13 @@ public async Task<Provider> CompleteSetupAsync(Provider provider, Guid ownerUser
             throw new BadRequestException("Invalid owner.");
         }
 
-        if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-        {
-            var organizationAutoConfirmPolicyRequirement = await _policyRequirementQuery
-                .GetAsync<AutomaticUserConfirmationPolicyRequirement>(ownerUserId);
+        var organizationAutoConfirmPolicyRequirement = await _policyRequirementQuery
+            .GetAsync<AutomaticUserConfirmationPolicyRequirement>(ownerUserId);
 
-            if (organizationAutoConfirmPolicyRequirement
-                .CannotCreateProvider())
-            {
-                throw new BadRequestException(new UserCannotJoinProvider().Message);
-            }
+        if (organizationAutoConfirmPolicyRequirement
+            .CannotCreateProvider())
+        {
+            throw new BadRequestException(new UserCannotJoinProvider().Message);
         }
 
         var customer = await _providerBillingService.SetupCustomer(provider, paymentMethod, billingAddress);
@@ -267,16 +262,13 @@ public async Task<ProviderUser> AcceptUserAsync(Guid providerUserId, User user,
             throw new BadRequestException("User email does not match invite.");
         }
 
-        if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-        {
-            var organizationAutoConfirmPolicyRequirement = await _policyRequirementQuery
-                .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id);
+        var organizationAutoConfirmPolicyRequirement = await _policyRequirementQuery
+            .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id);
 
-            if (organizationAutoConfirmPolicyRequirement
-                .CannotJoinProvider())
-            {
-                throw new BadRequestException(new UserCannotJoinProvider().Message);
-            }
+        if (organizationAutoConfirmPolicyRequirement
+            .CannotJoinProvider())
+        {
+            throw new BadRequestException(new UserCannotJoinProvider().Message);
         }
 
         providerUser.Status = ProviderUserStatusType.Accepted;
@@ -324,17 +316,14 @@ public async Task<List<Tuple<ProviderUser, string>>> ConfirmUsersAsync(Guid prov
                     throw new BadRequestException("Invalid user.");
                 }
 
-                if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-                {
-                    var organizationAutoConfirmPolicyRequirement = await _policyRequirementQuery
-                        .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id);
+                var organizationAutoConfirmPolicyRequirement = await _policyRequirementQuery
+                    .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id);
 
-                    if (organizationAutoConfirmPolicyRequirement
-                        .CannotJoinProvider())
-                    {
-                        result.Add(Tuple.Create(providerUser, new UserCannotJoinProvider().Message));
-                        continue;
-                    }
+                if (organizationAutoConfirmPolicyRequirement
+                    .CannotJoinProvider())
+                {
+                    result.Add(Tuple.Create(providerUser, new UserCannotJoinProvider().Message));
+                    continue;
                 }
 
                 providerUser.Status = ProviderUserStatusType.Confirmed;

bitwarden_license/src/Scim/Controllers/v2/UsersController.cs

@@ -1,21 +1,18 @@
 // FIXME: Update this file to be null safe and then delete the line below
 #nullable disable
 
-using Bit.Core;
 using Bit.Core.AdminConsole.Models.Data;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.RestoreUser.v1;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.RevokeUser.v2;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
-using Bit.Core.Services;
 using Bit.Scim.Models;
 using Bit.Scim.Users.Interfaces;
 using Bit.Scim.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
-using IRevokeOrganizationUserCommand = Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.RevokeUser.v1.IRevokeOrganizationUserCommand;
 using IRevokeOrganizationUserCommandV2 = Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.RevokeUser.v2.IRevokeOrganizationUserCommand;
 
 namespace Bit.Scim.Controllers.v2;
@@ -32,8 +29,6 @@ public class UsersController : Controller
     private readonly IPatchUserCommand _patchUserCommand;
     private readonly IPostUserCommand _postUserCommand;
     private readonly IRestoreOrganizationUserCommand _restoreOrganizationUserCommand;
-    private readonly IRevokeOrganizationUserCommand _revokeOrganizationUserCommand;
-    private readonly IFeatureService _featureService;
     private readonly IRevokeOrganizationUserCommandV2 _revokeOrganizationUserCommandV2;
 
     public UsersController(IOrganizationUserRepository organizationUserRepository,
@@ -42,8 +37,6 @@ public UsersController(IOrganizationUserRepository organizationUserRepository,
         IPatchUserCommand patchUserCommand,
         IPostUserCommand postUserCommand,
         IRestoreOrganizationUserCommand restoreOrganizationUserCommand,
-        IRevokeOrganizationUserCommand revokeOrganizationUserCommand,
-        IFeatureService featureService,
         IRevokeOrganizationUserCommandV2 revokeOrganizationUserCommandV2)
     {
         _organizationUserRepository = organizationUserRepository;
@@ -52,8 +45,6 @@ public UsersController(IOrganizationUserRepository organizationUserRepository,
         _patchUserCommand = patchUserCommand;
         _postUserCommand = postUserCommand;
         _restoreOrganizationUserCommand = restoreOrganizationUserCommand;
-        _revokeOrganizationUserCommand = revokeOrganizationUserCommand;
-        _featureService = featureService;
         _revokeOrganizationUserCommandV2 = revokeOrganizationUserCommandV2;
     }
 
@@ -111,32 +102,25 @@ public async Task<IActionResult> Put(Guid organizationId, Guid id, [FromBody] Sc
         }
         else if (!model.Active && orgUser.Status != OrganizationUserStatusType.Revoked)
         {
-            if (_featureService.IsEnabled(FeatureFlagKeys.ScimRevokeV2))
-            {
-                var results = await _revokeOrganizationUserCommandV2.RevokeUsersAsync(
-                    new RevokeOrganizationUsersRequest(
-                        organizationId,
-                        [id],
-                        new SystemUser(EventSystemUser.SCIM)));
+            var results = await _revokeOrganizationUserCommandV2.RevokeUsersAsync(
+                new RevokeOrganizationUsersRequest(
+                    organizationId,
+                    [id],
+                    new SystemUser(EventSystemUser.SCIM)));
 
-                var errors = results.Select(x => x.Result.Match(
-                    y => $"{y.Message} for user {x.Id}",
-                    _ => null))
-                    .Where(x => !string.IsNullOrWhiteSpace(x))
-                    .ToList();
+            var errors = results.Select(x => x.Result.Match(
+                y => $"{y.Message} for user {x.Id}",
+                _ => null))
+                .Where(x => !string.IsNullOrWhiteSpace(x))
+                .ToList();
 
-                if (errors.Count != 0)
-                {
-                    return new BadRequestObjectResult(new ScimErrorResponseModel
-                    {
-                        Status = 400,
-                        Detail = string.Join(", ", errors)
-                    });
-                }
-            }
-            else
+            if (errors.Count != 0)
             {
-                await _revokeOrganizationUserCommand.RevokeUserAsync(orgUser, EventSystemUser.SCIM);
+                return new BadRequestObjectResult(new ScimErrorResponseModel
+                {
+                    Status = 400,
+                    Detail = string.Join(", ", errors)
+                });
             }
         }