fix: remove TXT generation, separate save/verify steps, refs AC-2350 (#8540)

2024-04-08 14:32:14 -05:00 · 2024-04-08 14:32:14 -05:00 · c73372310b
parent 18ae698f8d
commit c73372310b
3 changed files with 10 additions and 20 deletions
--- a/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/domain-verification/domain-add-edit-dialog/domain-add-edit-dialog.component.html
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/domain-verification/domain-add-edit-dialog/domain-add-edit-dialog.component.html
@ -26,7 +26,7 @@
        <bit-hint>{{ "domainNameInputHint" | i18n }}</bit-hint>
      </bit-form-field>

-      <bit-form-field>
+      <bit-form-field *ngIf="data?.orgDomain">
        <bit-label>{{ "dnsTxtRecord" | i18n }}</bit-label>
        <input bitInput formControlName="txt" />
        <bit-hint>{{ "dnsTxtRecordInputHint" | i18n }}</bit-hint>
@ -42,7 +42,7 @@
      </bit-form-field>

      <bit-callout
-        *ngIf="!data?.orgDomain?.verifiedDate"
+        *ngIf="data?.orgDomain && !data?.orgDomain?.verifiedDate"
        type="info"
        title="{{ 'automaticDomainVerification' | i18n }}"
      >
@ -51,7 +51,10 @@
    </div>
    <ng-container bitDialogFooter>
      <button type="submit" bitButton bitFormButton buttonType="primary">
-        <span *ngIf="!data?.orgDomain?.verifiedDate">{{ "verifyDomain" | i18n }}</span>
+        <span *ngIf="!data?.orgDomain">{{ "next" | i18n }}</span>
+        <span *ngIf="data?.orgDomain && !data?.orgDomain?.verifiedDate">{{
+          "verifyDomain" | i18n
+        }}</span>
        <span *ngIf="data?.orgDomain?.verifiedDate">{{ "reverifyDomain" | i18n }}</span>
      </button>
      <button bitButton buttonType="secondary" (click)="dialogRef.close()" type="button">
--- a/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/domain-verification/domain-add-edit-dialog/domain-add-edit-dialog.component.ts
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/domain-verification/domain-add-edit-dialog/domain-add-edit-dialog.component.ts
@ -13,7 +13,6 @@ import { CryptoFunctionService as CryptoFunctionServiceAbstraction } from "@bitw
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
 import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
-import { Utils } from "@bitwarden/common/platform/misc/utils";
 import { DialogService } from "@bitwarden/components";

 import { domainNameValidator } from "./validators/domain-name.validator";
@ -90,17 +89,6 @@ export class DomainAddEditDialogComponent implements OnInit, OnDestroy {
      // Edit
      this.domainForm.patchValue(this.data.orgDomain);
      this.domainForm.disable();
-    } else {
-      // Add
-
-      // Figuring out the proper length of our DNS TXT Record value was fun.
-      // DNS-Based Service Discovery RFC: https://www.ietf.org/rfc/rfc6763.txt; see section 6.1
-      // Google uses 43 chars for their TXT record value: https://support.google.com/a/answer/2716802
-      // So, chose a magic # of 33 bytes to achieve at least that once converted to base 64 (47 char length).
-      const generatedTxt = `bw=${Utils.fromBufferToB64(
-        await this.cryptoFunctionService.randomBytes(33),
-      )}`;
-      this.txtCtrl.setValue(generatedTxt);
    }

    this.setupFormListeners();
@ -121,6 +109,7 @@ export class DomainAddEditDialogComponent implements OnInit, OnDestroy {
  // End Form methods

  // Async Form Actions
+  // Creates a new domain record. The DNS TXT Record will be generated server-side and returned in the response.
  saveDomain = async (): Promise<void> => {
    if (this.domainForm.invalid) {
      this.platformUtilsService.showToast("error", null, this.i18nService.t("domainFormInvalid"));
@ -130,14 +119,14 @@ export class DomainAddEditDialogComponent implements OnInit, OnDestroy {
    this.domainNameCtrl.disable();

    const request: OrganizationDomainRequest = new OrganizationDomainRequest(
-      this.txtCtrl.value,
      this.domainNameCtrl.value,
    );

    try {
      this.data.orgDomain = await this.orgDomainApiService.post(this.data.organizationId, request);
+      // Patch the DNS TXT Record that was generated server-side
+      this.domainForm.controls.txt.patchValue(this.data.orgDomain.txt);
      this.platformUtilsService.showToast("success", null, this.i18nService.t("domainSaved"));
-      await this.verifyDomain();
    } catch (e) {
      this.handleDomainSaveError(e);
    }
--- a/libs/common/src/admin-console/services/organization-domain/requests/organization-domain.request.ts
+++ b/libs/common/src/admin-console/services/organization-domain/requests/organization-domain.request.ts
@ -1,9 +1,7 @@
 export class OrganizationDomainRequest {
-  txt: string;
  domainName: string;

-  constructor(txt: string, domainName: string) {
-    this.txt = txt;
+  constructor(domainName: string) {
    this.domainName = domainName;
  }
 }