2FA for users in management API (#15607)

* Added 2FA management endpoints * Ensure not found do not lead to forbidden results * Do not inherit the requirement to have access to users, from the current user base class * Updated OpenApi.json * Handle 2FA in login scenario (only backend) * Added the endpoint to use for client to post 2FA code * Fixed tests and allow injecting the authentication type settings * fix test build * Fallback to use Constants.Security.BackOfficeAuthenticationType * remove unused variable * Review fixes * Build fix * Update src/Umbraco.Cms.Api.Management/Controllers/User/Current/DisableTwoFactorProviderCurrentUserController.cs Co-authored-by: Sven Geusens <geusens@gmail.com> * Handle case where 2fa provider is already setup --------- Co-authored-by: Sven Geusens <geusens@gmail.com>
2024-01-23 18:07:21 +01:00
parent bfb500612a
commit aaca7a5ff4
52 changed files with 1563 additions and 307 deletions
--- a/tests/Umbraco.Tests.Integration/Umbraco.Examine.Lucene/UmbracoExamine/BackOfficeExamineSearcherTests.cs
+++ b/tests/Umbraco.Tests.Integration/Umbraco.Examine.Lucene/UmbracoExamine/BackOfficeExamineSearcherTests.cs
@@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using Moq;
 using NUnit.Framework;
+using Umbraco.Cms.Api.Management.DependencyInjection;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.Models;
@@ -70,6 +71,7 @@ public class BackOfficeExamineSearcherTests : ExamineBaseTest
        builder.AddNotificationHandler<ContentCacheRefresherNotification, ContentIndexingNotificationHandler>();
        builder.AddExamineIndexes();
        builder.AddBackOfficeIdentity();
+        BackOfficeAuthBuilderExtensions.AddBackOfficeAuthentication(builder);
        builder.Services.AddHostedService<QueuedHostedService>();
    }

--- a/tests/Umbraco.Tests.Integration/Umbraco.Examine.Lucene/UmbracoExamine/ExamineExternalIndexTests.cs
+++ b/tests/Umbraco.Tests.Integration/Umbraco.Examine.Lucene/UmbracoExamine/ExamineExternalIndexTests.cs
@@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using Moq;
 using NUnit.Framework;
+using Umbraco.Cms.Api.Management.DependencyInjection;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.Models.ContentEditing;
@@ -72,6 +73,7 @@ public class ExamineExternalIndexTests : ExamineBaseTest
        builder.AddNotificationHandler<ContentCacheRefresherNotification, ContentIndexingNotificationHandler>();
        builder.AddExamineIndexes();
        builder.AddBackOfficeIdentity();
+        BackOfficeAuthBuilderExtensions.AddBackOfficeAuthentication(builder);
        builder.Services.AddHostedService<QueuedHostedService>();
    }

--- a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/BackOffice/BackOfficeClaimsPrincipalFactoryTests.cs
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/BackOffice/BackOfficeClaimsPrincipalFactoryTests.cs
@@ -56,18 +56,21 @@ public class BackOfficeClaimsPrincipalFactoryTests
    public void Ctor_When_UserManager_Is_Null_Expect_ArgumentNullException()
        => Assert.Throws<ArgumentNullException>(() => new BackOfficeClaimsPrincipalFactory(
            null,
-            new OptionsWrapper<BackOfficeIdentityOptions>(new BackOfficeIdentityOptions())));
+            new OptionsWrapper<BackOfficeIdentityOptions>(new BackOfficeIdentityOptions()),
+            new OptionsWrapper<BackOfficeAuthenticationTypeSettings>(new BackOfficeAuthenticationTypeSettings())
+            ));

    [Test]
    public void Ctor_When_Options_Are_Null_Expect_ArgumentNullException()
        => Assert.Throws<ArgumentNullException>(() =>
-            new BackOfficeClaimsPrincipalFactory(GetMockedUserManager().Object, null));
+            new BackOfficeClaimsPrincipalFactory(GetMockedUserManager().Object, null, new OptionsWrapper<BackOfficeAuthenticationTypeSettings>(new BackOfficeAuthenticationTypeSettings()))
+            );

    [Test]
    public void Ctor_When_Options_Value_Is_Null_Expect_ArgumentException()
        => Assert.Throws<ArgumentException>(() => new BackOfficeClaimsPrincipalFactory(
            GetMockedUserManager().Object,
-            new OptionsWrapper<BackOfficeIdentityOptions>(null)));
+            new OptionsWrapper<BackOfficeIdentityOptions>(null), new OptionsWrapper<BackOfficeAuthenticationTypeSettings>(new BackOfficeAuthenticationTypeSettings())));

    [Test]
    public void CreateAsync_When_User_Is_Null_Expect_ArgumentNullException()
@@ -158,5 +161,5 @@ public class BackOfficeClaimsPrincipalFactoryTests

    private BackOfficeClaimsPrincipalFactory CreateSut() => new(
        _mockUserManager.Object,
-        new OptionsWrapper<BackOfficeIdentityOptions>(new BackOfficeIdentityOptions()));
+        new OptionsWrapper<BackOfficeIdentityOptions>(new BackOfficeIdentityOptions()), new OptionsWrapper<BackOfficeAuthenticationTypeSettings>(new BackOfficeAuthenticationTypeSettings()));
 }