Skip to content

PM-23639: Add CXF Import mappings #361

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 30 commits into
base: main
Choose a base branch
from
Open

PM-23639: Add CXF Import mappings #361

wants to merge 30 commits into from

Conversation

abergs
Copy link
Member

@abergs abergs commented Jul 25, 2025

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-23639

📔 Objective

This PR adds the CXF sample from the repo so that we can use it for reference in unit tests.

It also servers as the feature branch for adding CXF Import mappings for multiple CXF data types.

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation
    team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed
    issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@abergs abergs requested a review from a team as a code owner July 25, 2025 08:44
@abergs abergs requested review from addisonbeck, Hinton and dani-garcia and removed request for addisonbeck July 25, 2025 08:44
Copy link
Contributor

github-actions bot commented Jul 25, 2025

Logo
Checkmarx One – Scan Summary & Detailsce038653-0894-43cf-92b2-b4ecc862f372

Great job! No new security vulnerabilities introduced in this pull request

@abergs
Copy link
Member Author

abergs commented Jul 25, 2025

How do I tell Sonar to relax?

Copy link

codecov bot commented Jul 25, 2025

Codecov Report

❌ Patch coverage is 98.32849% with 23 lines in your changes missing coverage. Please review.
✅ Project coverage is 75.71%. Comparing base (bceb681) to head (97cdad2).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
...bitwarden-exporters/src/cxf/import_sample_tests.rs 95.65% 11 Missing ⚠️
crates/bitwarden-exporters/src/cxf/import.rs 97.44% 10 Missing ⚠️
...ates/bitwarden-exporters/src/cxf/editable_field.rs 97.05% 1 Missing ⚠️
crates/bitwarden-exporters/src/cxf/note.rs 98.90% 1 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #361      +/-   ##
==========================================
+ Coverage   74.19%   75.71%   +1.51%     
==========================================
  Files         253      257       +4     
  Lines       21897    23214    +1317     
==========================================
+ Hits        16247    17577    +1330     
+ Misses       5650     5637      -13     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@abergs abergs enabled auto-merge (squash) August 12, 2025 15:51
@abergs abergs requested a review from Hinton August 12, 2025 16:16
@abergs abergs disabled auto-merge August 12, 2025 17:08
@abergs abergs changed the title PM-23639: Add CXF Import sample PM-23639: Add CXF Import mappings Aug 13, 2025
@abergs abergs marked this pull request as draft August 13, 2025 08:32
{
"type": "ssh-key",
"keyType": "ssh-rsa",
"privateKey": "MC4CAQAwBQYDK2VwBCIEID-U9VakauO4Fsv4b_znpDHcdYg74U68siZjnWLPn7Q1",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We tweaked this again, let's see which ends up in the final example.

Hinton
Hinton previously approved these changes Aug 14, 2025
## 🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-23649
<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

## 📔 Objective

This PR maps the Note type, and adds mapping the note for existing vault
items.

Note: A separate task has been created to track that we're mapping notes
for all other cipheritems (some are not created yet).

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes
abergs and others added 12 commits August 14, 2025 17:12
… Identity (#363)

## 🎟️ Tracking

* https://bitwarden.atlassian.net/browse/PM-23648
* https://bitwarden.atlassian.net/browse/PM-23652
* https://bitwarden.atlassian.net/browse/PM-23651
* https://bitwarden.atlassian.net/browse/PM-23647
* https://bitwarden.atlassian.net/browse/PM-23642

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

## 📔 Objective

This PR maps multiple identity documents to Identity + custom fields. PR
was submitted in a rush, forgive me if it fails tests but would be
worthwhile to have early reviews on my approach.

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

---------

Co-authored-by: Oscar Hinton <[email protected]>
## 🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-23654

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

## 📔 Objective

This PR maps CXF totp during import

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

---------

Co-authored-by: Oscar Hinton <[email protected]>
@abergs abergs marked this pull request as ready for review August 14, 2025 17:01
@abergs abergs requested a review from Hinton August 14, 2025 17:01
@abergs abergs requested a review from Hinton August 15, 2025 10:43
## 🎟️ Tracking

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

https://bitwarden.atlassian.net/browse/PM-23645

## 📔 Objective

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->

Wrap up cards by supporting the fields not exposed in our data model as
custom fields.

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes
## 🎟️ Tracking

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

https://bitwarden.atlassian.net/browse/PM-23653

## 📔 Objective

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->

Adds support for importing ssh keys using CXF.

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Comment on lines +107 to +110
match &note_cipher.r#type {
CipherType::SecureNote(_) => (), // Successfully identified as SecureNote
_ => panic!("Expected SecureNote for standalone note credential"),
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We generally recommend using if let when you only care about a single branch. (This applies to most tests in this file)

Suggested change
match &note_cipher.r#type {
CipherType::SecureNote(_) => (), // Successfully identified as SecureNote
_ => panic!("Expected SecureNote for standalone note credential"),
}
let identity = if let CipherType::Identity(identity) = &address_cipher.r#type {
identity
} else {
panic!("Expected Identity cipher for address")
};

Comment on lines +340 to +370
// Check specific custom fields
let issuing_country = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Issuing Country"))
.expect("Should have Issuing Country");
assert_eq!(issuing_country.value, Some("US".to_string()));

let nationality = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Nationality"))
.expect("Should have Nationality");
assert_eq!(nationality.value, Some("American".to_string()));

let birth_place = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Birth Place"))
.expect("Should have Birth Place");
assert_eq!(birth_place.value, Some("New York, USA".to_string()));

let issuing_authority = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Issuing Authority"))
.expect("Should have Issuing Authority");
assert_eq!(
issuing_authority.value,
Some("Department of State".to_string())
);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Compare fields directly which checks more than just the value.

Suggested change
// Check specific custom fields
let issuing_country = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Issuing Country"))
.expect("Should have Issuing Country");
assert_eq!(issuing_country.value, Some("US".to_string()));
let nationality = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Nationality"))
.expect("Should have Nationality");
assert_eq!(nationality.value, Some("American".to_string()));
let birth_place = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Birth Place"))
.expect("Should have Birth Place");
assert_eq!(birth_place.value, Some("New York, USA".to_string()));
let issuing_authority = identity_document_cipher
.fields
.iter()
.find(|f| f.name.as_deref() == Some("Issuing Authority"))
.expect("Should have Issuing Authority");
assert_eq!(
issuing_authority.value,
Some("Department of State".to_string())
);
let expected_fields = vec![
Field {
name: Some("Issuing Country".to_string()),
value: Some("US".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
Field {
name: Some("Nationality".to_string()),
value: Some("American".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
Field {
name: Some("Birth Date".to_string()),
value: Some("1990-04-15".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
Field {
name: Some("Birth Place".to_string()),
value: Some("New York, USA".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
Field {
name: Some("Sex".to_string()),
value: Some("F".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
Field {
name: Some("Issue Date".to_string()),
value: Some("2020-01-01".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
Field {
name: Some("Expiry Date".to_string()),
value: Some("2030-01-01".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
Field {
name: Some("Issuing Authority".to_string()),
value: Some("Department of State".to_string()),
r#type: FieldType::Text as u8,
linked_id: None,
},
];
assert_eq!(identity_document_cipher.fields, expected_fields);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants