[AZ-197] Remove hardware ID binding from resource flow

Sealed-Jetson + SaaS architecture eliminates the credential-reuse-across- machines threat that motivated hardware fingerprint binding. The binding's only remaining effect was a real production failure mode on legitimate hardware events. Production: - Drop PUT /users/hardware/set and POST /resources/check. - Simplify POST /resources/get/{dataFolder?} (no Hardware field). - Remove CheckHardwareHash, UpdateHardware, Security.GetHWHash. - GetApiEncryptionKey signature: (email, password) — no hardwareHash. - Drop SetHWRequest DTO and Hardware property from GetResourceRequest. - Remove HardwareIdMismatch (40) and BadHardware (45) ExceptionEnum entries; numeric codes left as a gap, not for reuse. Wire-compat policy: drop entirely (no Loader; no in-flight legacy clients). Stale callers will see 404s, which is the right loud failure. Tombstones: - User.Hardware DB column kept (nullable, unused) — separate cleanup ticket for the migration per workspace "no rename without confirmation". - User.LastLogin is now never written by app code (only writer was inside the deleted CheckHardwareHash); flagged in batch_06_review for a future ticket. Tests: - Delete e2e HardwareBindingTests (165 lines) and Azaion.Test UserServiceTest (sole test was CheckHardwareHashTest). - Drop Hardware payloads + /resources/check preconditions from e2e ResourceTests, SecurityTests, ResilienceTests; drop hardwareId arg from Azaion.Test SecurityTest. - Add SecurityTests.Hardware_endpoints_are_removed_AZ_197 (AC-2 regression asserting both removed routes return 404). Docs: - architecture.md: System Context note, ADR-003 new key formula, ADR-004 retired with rationale. - diagrams/flows/flow_hardware_check.md: tombstoned. Also archives the four batch-1+batch-2 task files into _docs/02_tasks/done/ (file moves were missed by the batch_05 commit). Code review: PASS — see _docs/03_implementation/reviews/batch_06_review.md. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-22 22:21:09 +00:00 · 2026-05-13 04:46:39 +03:00
parent 5ca9ccab2c
commit 5e90512987
22 changed files with 359 additions and 490 deletions
@@ -57,7 +57,7 @@ public sealed class SecurityTests
            r.StatusCode.Should().Be(HttpStatusCode.Unauthorized);

        using (var r = await client.PostAsync("/resources/get",
-                new { password = "irrelevant1", hardware = "h", fileName = "f.bin" }))
+                new { password = "irrelevant1", fileName = "f.bin" }))
            r.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
    }

@@ -151,8 +151,6 @@ public sealed class SecurityTests
        var email1 = $"{Guid.NewGuid():N}@sectest.example.com";
        var email2 = $"{Guid.NewGuid():N}@sectest.example.com";
        const string password = "TestPwd12345";
-        var hw1 = $"hw-{Guid.NewGuid():N}";
-        var hw2 = $"hw-{Guid.NewGuid():N}";

        try
        {
@@ -170,22 +168,20 @@ public sealed class SecurityTests
                up.IsSuccessStatusCode.Should().BeTrue();
            }

-            async Task<byte[]> DownloadForAsync(string email, string hardware)
+            async Task<byte[]> DownloadForAsync(string email)
            {
                using var api = _fixture.CreateApiClient();
                var token = await api.LoginAsync(email, password);
                api.SetAuthToken(token);
-                using var check = await api.PostAsync("/resources/check", new { hardware });
-                check.IsSuccessStatusCode.Should().BeTrue();
                using var get = await api.PostAsync($"/resources/get/{folder}",
-                    new { password, hardware, fileName });
+                    new { password, fileName });
                get.IsSuccessStatusCode.Should().BeTrue();
                return await get.Content.ReadAsByteArrayAsync();
            }

            // Act
-            var bytes1 = await DownloadForAsync(email1, hw1);
-            var bytes2 = await DownloadForAsync(email2, hw2);
+            var bytes1 = await DownloadForAsync(email1);
+            var bytes2 = await DownloadForAsync(email2);

            // Assert
            bytes1.Should().NotBeEquivalentTo(bytes2);
@@ -202,6 +198,21 @@ public sealed class SecurityTests
        }
    }

+    [Fact]
+    public async Task Hardware_endpoints_are_removed_AZ_197()
+    {
+        // Arrange
+        using var admin = _fixture.CreateAuthenticatedClient(_fixture.AdminToken);
+
+        // Act
+        using var setHw = await admin.PutAsync("/users/hardware/set", new { Email = "x@y.com", Hardware = "any" });
+        using var checkHw = await admin.PostAsync("/resources/check", new { Hardware = "any" });
+
+        // Assert
+        setHw.StatusCode.Should().Be(HttpStatusCode.NotFound);
+        checkHw.StatusCode.Should().Be(HttpStatusCode.NotFound);
+    }
+
    [Fact]
    public async Task Disabled_user_cannot_log_in()
    {