[PM-5157] Update duo metadata

[ike-kottlowski]

Type of change

- [ ] Bug fix
- [ ] New feature development
- [x] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

Rename Duo properties to match Duo version 4 updates.

⭐ Side Quest: Added entity Framework migration for Providers.GatewayType.

Code changes

• Various files have been changed adding ClientId and ClientSecret to duo responses and requests.
  • v2 changes will be removed once the database is in a stable state to handle Duo SDK v4 params.
• Added Entity Framework migrations for Provider.GatewayType

Before you submit

• Please check for formatting errors (dotnet format --verify-no-changes) (required)
• If making database changes - make sure you also update Entity Framework queries and/or migrations
• Please add unit tests where it makes sense to do so (encouraged but not required)
• If this change requires a documentation update - notify the documentation team
• If this change has particular deployment requirements - notify the DevOps team

[codecov]

Codecov Report

Attention: Patch coverage is 2.63158% with 37 lines in your changes are missing coverage. Please review.

Project coverage is 38.63%. Comparing base (fd173e8) to head (b374b8c).
Report is 1 commits behind head on main.

❗ Current head b374b8c differs from pull request most recent head 4ffe19c. Consider uploading reports for the commit 4ffe19c to get more accurate results

Files	Patch %	Lines
...ls/Response/TwoFactor/TwoFactorDuoResponseModel.cs	0.00%	18 Missing ⚠️
.../Api/Auth/Models/Request/TwoFactorRequestModels.cs	0.00%	11 Missing ⚠️
.../Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs	25.00%	2 Missing and 1 partial ⚠️
...rc/Identity/IdentityServer/BaseRequestValidator.cs	0.00%	2 Missing and 1 partial ⚠️
src/Api/Auth/Controllers/TwoFactorController.cs	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4071      +/-   ##
==========================================
- Coverage   38.66%   38.63%   -0.04%     
==========================================
  Files        1209     1209              
  Lines       58561    58577      +16     
  Branches     5594     5595       +1     
==========================================
- Hits        22643    22629      -14     
- Misses      34863    34896      +33     
+ Partials     1055     1052       -3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

Checkmarx One – Scan Summary & Details – dac3a522-8b65-4bf2-9176-b3d63a50dbf4

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Privacy_Violation	/src/Api/Controllers/DevicesController.cs: 155	Attack Vector
	Privacy_Violation	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 650	Attack Vector
	Privacy_Violation	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 703	Attack Vector
	Log_Forging	/src/Api/Controllers/DevicesController.cs: 146	Attack Vector
	Log_Forging	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 615	Attack Vector
	Log_Forging	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 678	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 607
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 607
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 607
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 607
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 132
	CSRF	/src/Api/AdminConsole/Controllers/ProvidersController.cs: 141
	CSRF	/src/Api/SecretsManager/Controllers/AccessPoliciesController.cs: 229
	CSRF	/src/Admin/AdminConsole/Controllers/ProvidersController.cs: 320
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 163
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 163
	CSRF	/src/Api/Billing/Controllers/ProviderClientsController.cs: 30
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 190
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 333
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 333
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 669
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 645
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 891
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 173
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 711
	CSRF	/src/Api/Vault/Controllers/FoldersController.cs: 45
	CSRF	/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs: 51
	CSRF	/src/Api/Controllers/UsersController.cs: 22
	CSRF	/src/Api/Controllers/DevicesController.cs: 70
	CSRF	/src/Api/Controllers/DevicesController.cs: 57
	CSRF	/src/Api/AdminConsole/Public/Controllers/PoliciesController.cs: 69
	CSRF	/src/Api/AdminConsole/Public/Controllers/PoliciesController.cs: 49
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 92
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 49
	CSRF	/src/Api/AdminConsole/Controllers/ProviderUsersController.cs: 142
	CSRF	/src/Api/AdminConsole/Controllers/PoliciesController.cs: 148
	CSRF	/src/Api/AdminConsole/Controllers/PoliciesController.cs: 78
	CSRF	/src/Api/AdminConsole/Controllers/PoliciesController.cs: 61
	CSRF	/bitwarden_license/src/Sso/Controllers/AccountController.cs: 163
	CSRF	/bitwarden_license/src/Sso/Controllers/AccountController.cs: 96
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/UsersController.cs: 50
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 161
	CSRF	/src/Api/Auth/Controllers/EmergencyAccessController.cs: 159
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 98
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 88
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 722
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 187
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 898
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 867
	CSRF	/src/Identity/Controllers/AccountsController.cs: 50
	CSRF	/src/Identity/Controllers/AccountsController.cs: 72
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 570
	CSRF	/src/Api/AdminConsole/Controllers/ProviderUsersController.cs: 175
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 246
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 144
	CSRF	/src/Api/Controllers/CollectionsController.cs: 411
	CSRF	/src/Api/Controllers/CollectionsController.cs: 375
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 286
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 583
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 583
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 222
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 572
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 361
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 570
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 748
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 246
	CSRF	/src/Api/Controllers/CollectionsController.cs: 411
	CSRF	/src/Api/Controllers/CollectionsController.cs: 375
	CSRF	/src/Api/Controllers/CollectionsController.cs: 303
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 286
	CSRF	/src/Api/AdminConsole/Controllers/ProviderUsersController.cs: 188
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 277
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1120
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 774
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 159
	CSRF	/src/Api/Controllers/CollectionsController.cs: 303
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 931
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 193
	CSRF	/src/Api/Controllers/SettingsController.cs: 36
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 407
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1100
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 432
	CSRF	/src/Admin/AdminConsole/Controllers/OrganizationsController.cs: 308
	CSRF	/src/Admin/AdminConsole/Controllers/ProvidersController.cs: 243
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 81
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 118
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 230
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 331
	CSRF	/src/Api/Controllers/CollectionsController.cs: 323
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 590
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 133
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 530
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 627
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 86
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 218
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 627
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 300
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 318
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1066
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1066
	CSRF	/src/Api/AdminConsole/Controllers/ProviderOrganizationsController.cs: 53
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 260
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 174
	CSRF	/src/Api/Auth/Controllers/TwoFactorController.cs: 403
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 926
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 287
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 193
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 786
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1043
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1043
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 59
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 127
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 519
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 590
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1017
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1017
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 222
	CSRF	/src/Api/Controllers/CollectionsController.cs: 156
	CSRF	/src/Api/Controllers/CollectionsController.cs: 187
	CSRF	/src/Api/Controllers/CollectionsController.cs: 196
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 150
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 150
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 811
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 312
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 301
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 449
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 545
	CSRF	/src/Api/Public/Controllers/CollectionsController.cs: 64
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 825
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 221
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 590
	CSRF	/src/Api/Tools/Controllers/ImportCiphersController.cs: 50
	CSRF	/src/Api/Tools/Controllers/ImportCiphersController.cs: 66
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 111
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 125
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 590
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 590
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 962
	CSRF	/src/Admin/AdminConsole/Controllers/ProviderOrganizationsController.cs: 40
	CSRF	/src/Api/Auth/Controllers/WebAuthnController.cs: 130
	CSRF	/src/Api/Auth/Controllers/WebAuthnController.cs: 101
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 679
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1120
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 93
	CSRF

More results are available on AST platform

[rkac-bw]

LGTM

[JaredSnider-Bitwarden]

Nice work! Some questions below (mostly around testing and ensuring that I understand what's going on)!

[JaredSnider-Bitwarden]

❓ was the removal of await duoApi.JSONApiCall("GET", "/auth/v2/check"); intentional?

[JaredSnider-Bitwarden]

❓ : Do we have tests for this controller which could cover these endpoints and these new scenarios?

[ike-kottlowski]

Testing the DuoApi proved to be tricky and not worth the trouble due to the removal of DuoApi in a later release.

[ike-kottlowski]

closing this PR to match the correct branch name and PR.