bitwarden
diff --git a/‎test/Core.Test/KeyManagement/Commands/SetKeyConnectorKeyCommandTests.cs‎
Lines changed: 56 additions & 24 deletions b/‎test/Core.Test/KeyManagement/Commands/SetKeyConnectorKeyCommandTests.cs‎
Lines changed: 56 additions & 24 deletions
diff --git a/‎…Auth/Repositories/UserRepositoryTests.cs‎ ‎…Test/Repositories/UserRepositoryTests.cs‎test/Infrastructure.IntegrationTest/Auth/Repositories/UserRepositoryTests.cs renamed to test/Infrastructure.IntegrationTest/Repositories/UserRepositoryTests.cs b/‎…Auth/Repositories/UserRepositoryTests.cs‎ ‎…Test/Repositories/UserRepositoryTests.cs‎test/Infrastructure.IntegrationTest/Auth/Repositories/UserRepositoryTests.cs renamed to test/Infrastructure.IntegrationTest/Repositories/UserRepositoryTests.cs
@@ -3,8 +3,10 @@
 using Bit.Core.Exceptions;
 using Bit.Core.KeyManagement.Commands;
 using Bit.Core.KeyManagement.Models.Api.Request;
+using Bit.Core.KeyManagement.Models.Data;
 using Bit.Core.KeyManagement.Queries.Interfaces;
 using Bit.Core.OrganizationFeatures.OrganizationUsers.Interfaces;
+using Bit.Core.Repositories;
 using Bit.Core.Services;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
@@ -23,33 +25,47 @@ public async Task SetKeyConnectorKeyForUserAsync_Success_SetsAccountKeys(
         SetKeyConnectorKeyRequestModel requestModel,
         SutProvider<SetKeyConnectorKeyCommand> sutProvider)
     {
+        // Set up valid V2 encryption data
+        if (requestModel.AccountKeys!.SignatureKeyPair != null)
+        {
+            requestModel.AccountKeys.SignatureKeyPair.SignatureAlgorithm = "ed25519";
+        }
+
+        var expectedAccountKeysData = requestModel.AccountKeys.ToAccountKeysData();
+
         // Arrange
-        var originalRevisionDate = user.RevisionDate;
-        var originalAccountRevisionDate = user.AccountRevisionDate;
-        var expectedTime = DateTime.UtcNow;
+        var userRepository = sutProvider.GetDependency<IUserRepository>();
+        var mockUpdateUserData = Substitute.For<UpdateUserData>();
+        userRepository.SetKeyConnectorUserKey(user.Id, requestModel.KeyConnectorKeyWrappedUserKey!)
+            .Returns(mockUpdateUserData);
 
         // Act
         await sutProvider.Sut.SetKeyConnectorKeyForUserAsync(user, requestModel);
 
         // Assert
-        Assert.Equal(requestModel.KeyConnectorKeyWrappedUserKey, user.Key);
-        Assert.True(user.UsesKeyConnector);
-        Assert.Equal(KdfType.Argon2id, user.Kdf);
-        Assert.Equal(3, user.KdfIterations);
-        Assert.Equal(64, user.KdfMemory);
-        Assert.Equal(4, user.KdfParallelism);
-        Assert.NotEqual(originalRevisionDate, user.RevisionDate);
-        Assert.NotEqual(originalAccountRevisionDate, user.AccountRevisionDate);
-        Assert.Equal(expectedTime, user.RevisionDate, precision: TimeSpan.FromMinutes(1));
-        Assert.Equal(expectedTime, user.AccountRevisionDate, precision: TimeSpan.FromMinutes(1));
-
         sutProvider.GetDependency<ICanUseKeyConnectorQuery>()
             .Received(1)
             .VerifyCanUseKeyConnector(user);
 
-        await sutProvider.GetDependency<ISetAccountKeysForUserCommand>()
+        userRepository
             .Received(1)
-            .SetAccountKeysForUserAsync(user, requestModel.AccountKeys);
+            .SetKeyConnectorUserKey(user.Id, requestModel.KeyConnectorKeyWrappedUserKey);
+
+        await userRepository
+            .Received(1)
+            .SetV2AccountCryptographicStateAsync(
+                user.Id,
+                Arg.Is<UserAccountKeysData>(data =>
+                    data.PublicKeyEncryptionKeyPairData.PublicKey == expectedAccountKeysData.PublicKeyEncryptionKeyPairData.PublicKey &&
+                    data.PublicKeyEncryptionKeyPairData.WrappedPrivateKey == expectedAccountKeysData.PublicKeyEncryptionKeyPairData.WrappedPrivateKey &&
+                    data.PublicKeyEncryptionKeyPairData.SignedPublicKey == expectedAccountKeysData.PublicKeyEncryptionKeyPairData.SignedPublicKey &&
+                    data.SignatureKeyPairData!.SignatureAlgorithm == expectedAccountKeysData.SignatureKeyPairData!.SignatureAlgorithm &&
+                    data.SignatureKeyPairData.WrappedSigningKey == expectedAccountKeysData.SignatureKeyPairData.WrappedSigningKey &&
+                    data.SignatureKeyPairData.VerifyingKey == expectedAccountKeysData.SignatureKeyPairData.VerifyingKey &&
+                    data.SecurityStateData!.SecurityState == expectedAccountKeysData.SecurityStateData!.SecurityState &&
+                    data.SecurityStateData.SecurityVersion == expectedAccountKeysData.SecurityStateData.SecurityVersion),
+                Arg.Is<IEnumerable<UpdateUserData>>(actions =>
+                    actions.Count() == 1 && actions.First() == mockUpdateUserData));
 
         await sutProvider.GetDependency<IEventService>()
             .Received(1)
@@ -75,9 +91,13 @@ public async Task SetKeyConnectorKeyForUserAsync_NullKeyConnectorKeyWrappedUserK
 
         Assert.Equal("KeyConnectorKeyWrappedUserKey and AccountKeys must be provided", exception.Message);
 
-        await sutProvider.GetDependency<ISetAccountKeysForUserCommand>()
+        sutProvider.GetDependency<IUserRepository>()
+            .DidNotReceiveWithAnyArgs()
+            .SetKeyConnectorUserKey(Arg.Any<Guid>(), Arg.Any<string>());
+
+        await sutProvider.GetDependency<IUserRepository>()
             .DidNotReceiveWithAnyArgs()
-            .SetAccountKeysForUserAsync(Arg.Any<User>(), Arg.Any<AccountKeysRequestModel>());
+            .SetV2AccountCryptographicStateAsync(Arg.Any<Guid>(), Arg.Any<UserAccountKeysData>(), Arg.Any<IEnumerable<UpdateUserData>>());
 
         await sutProvider.GetDependency<IEventService>()
             .DidNotReceiveWithAnyArgs()
@@ -103,9 +123,13 @@ public async Task SetKeyConnectorKeyForUserAsync_EmptyKeyConnectorKeyWrappedUser
 
         Assert.Equal("KeyConnectorKeyWrappedUserKey and AccountKeys must be provided", exception.Message);
 
-        await sutProvider.GetDependency<ISetAccountKeysForUserCommand>()
+        sutProvider.GetDependency<IUserRepository>()
             .DidNotReceiveWithAnyArgs()
-            .SetAccountKeysForUserAsync(Arg.Any<User>(), Arg.Any<AccountKeysRequestModel>());
+            .SetKeyConnectorUserKey(Arg.Any<Guid>(), Arg.Any<string>());
+
+        await sutProvider.GetDependency<IUserRepository>()
+            .DidNotReceiveWithAnyArgs()
+            .SetV2AccountCryptographicStateAsync(Arg.Any<Guid>(), Arg.Any<UserAccountKeysData>(), Arg.Any<IEnumerable<UpdateUserData>>());
 
         await sutProvider.GetDependency<IEventService>()
             .DidNotReceiveWithAnyArgs()
@@ -131,9 +155,13 @@ public async Task SetKeyConnectorKeyForUserAsync_NullAccountKeys_ThrowsBadReques
 
         Assert.Equal("KeyConnectorKeyWrappedUserKey and AccountKeys must be provided", exception.Message);
 
-        await sutProvider.GetDependency<ISetAccountKeysForUserCommand>()
+        sutProvider.GetDependency<IUserRepository>()
+            .DidNotReceiveWithAnyArgs()
+            .SetKeyConnectorUserKey(Arg.Any<Guid>(), Arg.Any<string>());
+
+        await sutProvider.GetDependency<IUserRepository>()
             .DidNotReceiveWithAnyArgs()
-            .SetAccountKeysForUserAsync(Arg.Any<User>(), Arg.Any<AccountKeysRequestModel>());
+            .SetV2AccountCryptographicStateAsync(Arg.Any<Guid>(), Arg.Any<UserAccountKeysData>(), Arg.Any<IEnumerable<UpdateUserData>>());
 
         await sutProvider.GetDependency<IEventService>()
             .DidNotReceiveWithAnyArgs()
@@ -162,9 +190,13 @@ public async Task SetKeyConnectorKeyForUserAsync_UserCannotUseKeyConnector_Throw
 
         Assert.Equal(expectedException.Message, exception.Message);
 
-        await sutProvider.GetDependency<ISetAccountKeysForUserCommand>()
+        sutProvider.GetDependency<IUserRepository>()
+            .DidNotReceiveWithAnyArgs()
+            .SetKeyConnectorUserKey(Arg.Any<Guid>(), Arg.Any<string>());
+
+        await sutProvider.GetDependency<IUserRepository>()
             .DidNotReceiveWithAnyArgs()
-            .SetAccountKeysForUserAsync(Arg.Any<User>(), Arg.Any<AccountKeysRequestModel>());
+            .SetV2AccountCryptographicStateAsync(Arg.Any<Guid>(), Arg.Any<UserAccountKeysData>(), Arg.Any<IEnumerable<UpdateUserData>>());
 
         await sutProvider.GetDependency<IEventService>()
             .DidNotReceiveWithAnyArgs()