bitwarden/directory-connector
1
0
Fork 0
mirror of https://github.com/bitwarden/directory-connector synced 2025-12-05 23:53:21 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: bitwarden:v2025.6.1
Branches Tags
bitwarden:renovate/node-fetch-3.x bitwarden:renovate/jest-mock-extended-4.x bitwarden:renovate/major-eslint-monorepo bitwarden:renovate/electron-store-11.x bitwarden:renovate/cross-env-10.x bitwarden:renovate/node-24.x bitwarden:renovate/typescript-5.x bitwarden:renovate/type-fest-5.x bitwarden:renovate/sass-1.x bitwarden:renovate/node-22.x bitwarden:main bitwarden:BRE-1333/workflow-token-perms_directory-connector bitwarden:rc bitwarden:investigate-bad-build-artifacts bitwarden:googleapi-failure-test bitwarden:sugi bitwarden:ac/pm-24898/upgrade-yao bitwarden:jmccannon/test-dc bitwarden:split-build-release-workflows bitwarden:renovate/lock-file-maintenance bitwarden:jmccannon/github-node-upgrade bitwarden:feat/disable-suspended-google-accounts-ci bitwarden:ac/pm-15283/upgrade-angular-to-19 bitwarden:ac/pm-11803/deps-update-ldapjs-to-v3 bitwarden:vvolkgang-patch-2 bitwarden:vvolkgang-patch-1 bitwarden:version_bump_vgrassia/test-version-bump_2024-09-11 bitwarden:ac/addison/ac-2777/directory-connector-code-cleanup bitwarden:mimartin12-patch-1 bitwarden:AC-1743/upgrade-node bitwarden:AC-1743/Safe-Major-Upgrades bitwarden:husky-testing bitwarden:ac-1743 bitwarden:update-ast-action bitwarden:DEVOPS-1262-update-all-directory-connector-pipelines-to-use-the-new-ci-only-key-vault bitwarden:DEVOPS-1039-update-release-flow-dry-run-step-names bitwarden:DEVOPS-986-Update-download-artifacts bitwarden:refactor/injectable-services-2 bitwarden:update-ldapjs-2.9.8
bitwarden:v2025.11.0 bitwarden:v2025.10.0 bitwarden:v2025.9.0 bitwarden:v2025.8.0 bitwarden:v2025.7.0 bitwarden:v2025.6.1 bitwarden:v2025.6.0 bitwarden:v2025.5.0 bitwarden:v2025.4.0 bitwarden:v2025.3.0 bitwarden:v2025.1.0 bitwarden:v2024.10.0 bitwarden:v2024.9.0 bitwarden:v2024.3.2 bitwarden:v2023.10.0 bitwarden:v2022.11.0 bitwarden:v2022.6.0 bitwarden:v2.10.2 bitwarden:v2.10.1 bitwarden:v2.10.0 bitwarden:v2.9.10 bitwarden:v2.9.9 bitwarden:v2.9.8 bitwarden:v2.9.7 bitwarden:v2.9.6 bitwarden:v2.9.5 bitwarden:v2.9.4 bitwarden:v2.9.3 bitwarden:v2.9.2 bitwarden:v2.9.1 bitwarden:v2.9.0 bitwarden:v2.8.2 bitwarden:v2.8.1 bitwarden:v2.8.0 bitwarden:v2.7.0 bitwarden:v2.6.2 bitwarden:v2.6.1 bitwarden:v2.6.0 bitwarden:v2.5.3 bitwarden:v2.5.2 bitwarden:v2.5.1 bitwarden:v2.5.0 bitwarden:v2.4.0 bitwarden:v2.3.0 bitwarden:v2.2.0 bitwarden:v2.1.0 bitwarden:v2.0.4 bitwarden:v2.0.3 bitwarden:v2.0.2 bitwarden:v2.0.1 bitwarden:v2.0.0 bitwarden:v1.2.0 bitwarden:v1.1.3 bitwarden:v1.1.2 bitwarden:v1.1.1 bitwarden:v1.1.0 bitwarden:v1.0.0
..
compare: bitwarden:jmccannon/github-node-upgrade
Branches Tags
bitwarden:renovate/node-fetch-3.x bitwarden:renovate/jest-mock-extended-4.x bitwarden:renovate/major-eslint-monorepo bitwarden:renovate/electron-store-11.x bitwarden:renovate/cross-env-10.x bitwarden:renovate/node-24.x bitwarden:renovate/typescript-5.x bitwarden:renovate/type-fest-5.x bitwarden:renovate/sass-1.x bitwarden:renovate/node-22.x bitwarden:main bitwarden:BRE-1333/workflow-token-perms_directory-connector bitwarden:rc bitwarden:investigate-bad-build-artifacts bitwarden:googleapi-failure-test bitwarden:sugi bitwarden:ac/pm-24898/upgrade-yao bitwarden:jmccannon/test-dc bitwarden:split-build-release-workflows bitwarden:renovate/lock-file-maintenance bitwarden:jmccannon/github-node-upgrade bitwarden:feat/disable-suspended-google-accounts-ci bitwarden:ac/pm-15283/upgrade-angular-to-19 bitwarden:ac/pm-11803/deps-update-ldapjs-to-v3 bitwarden:vvolkgang-patch-2 bitwarden:vvolkgang-patch-1 bitwarden:version_bump_vgrassia/test-version-bump_2024-09-11 bitwarden:ac/addison/ac-2777/directory-connector-code-cleanup bitwarden:mimartin12-patch-1 bitwarden:AC-1743/upgrade-node bitwarden:AC-1743/Safe-Major-Upgrades bitwarden:husky-testing bitwarden:ac-1743 bitwarden:update-ast-action bitwarden:DEVOPS-1262-update-all-directory-connector-pipelines-to-use-the-new-ci-only-key-vault bitwarden:DEVOPS-1039-update-release-flow-dry-run-step-names bitwarden:DEVOPS-986-Update-download-artifacts bitwarden:refactor/injectable-services-2 bitwarden:update-ldapjs-2.9.8
bitwarden:v2025.11.0 bitwarden:v2025.10.0 bitwarden:v2025.9.0 bitwarden:v2025.8.0 bitwarden:v2025.7.0 bitwarden:v2025.6.1 bitwarden:v2025.6.0 bitwarden:v2025.5.0 bitwarden:v2025.4.0 bitwarden:v2025.3.0 bitwarden:v2025.1.0 bitwarden:v2024.10.0 bitwarden:v2024.9.0 bitwarden:v2024.3.2 bitwarden:v2023.10.0 bitwarden:v2022.11.0 bitwarden:v2022.6.0 bitwarden:v2.10.2 bitwarden:v2.10.1 bitwarden:v2.10.0 bitwarden:v2.9.10 bitwarden:v2.9.9 bitwarden:v2.9.8 bitwarden:v2.9.7 bitwarden:v2.9.6 bitwarden:v2.9.5 bitwarden:v2.9.4 bitwarden:v2.9.3 bitwarden:v2.9.2 bitwarden:v2.9.1 bitwarden:v2.9.0 bitwarden:v2.8.2 bitwarden:v2.8.1 bitwarden:v2.8.0 bitwarden:v2.7.0 bitwarden:v2.6.2 bitwarden:v2.6.1 bitwarden:v2.6.0 bitwarden:v2.5.3 bitwarden:v2.5.2 bitwarden:v2.5.1 bitwarden:v2.5.0 bitwarden:v2.4.0 bitwarden:v2.3.0 bitwarden:v2.2.0 bitwarden:v2.1.0 bitwarden:v2.0.4 bitwarden:v2.0.3 bitwarden:v2.0.2 bitwarden:v2.0.1 bitwarden:v2.0.0 bitwarden:v1.2.0 bitwarden:v1.1.3 bitwarden:v1.1.2 bitwarden:v1.1.1 bitwarden:v1.1.0 bitwarden:v1.0.0

2 Commits
v2025.6.1 ... jmccannon/

Author SHA1 Message Date
jrmccannon
376d4b1c22 upping pkg fetch. 
linting fixes.
 2025-05-23 15:09:58 -05:00
jrmccannon
7450163ff5 upping the node version to 22 2025-05-23 14:56:16 -05:00
21 changed files with 786 additions and 885 deletions
Expand all files Collapse all files

124
.github/workflows/build.yml vendored
View File

@@ -9,15 +9,10 @@ on:
- "hotfix-rc"
workflow_dispatch: {}
permissions:
contents: read
jobs:
cloc:
name: CLOC
runs-on: ubuntu-24.04
permissions:
contents: read
steps:
- name: Checkout repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -34,8 +29,6 @@ jobs:
setup:
name: Setup
runs-on: ubuntu-24.04
permissions:
contents: read
outputs:
package_version: ${{ steps.retrieve-version.outputs.package_version }}
steps:
@@ -55,10 +48,8 @@ jobs:
needs: setup
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_PKG_FETCH_NODE_VERSION: 18.5.0
_PKG_FETCH_VERSION: 3.4
permissions:
contents: read
_PKG_FETCH_NODE_VERSION: 22.13.1
_PKG_FETCH_VERSION: 3.5
steps:
- name: Checkout repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -68,7 +59,7 @@ jobs:
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: '18'
node-version: '22'
- name: Update NPM
run: |
@@ -104,6 +95,11 @@ jobs:
- name: Zip
run: zip -j dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip dist-cli/linux/bwdc keytar/linux/build/Release/keytar.node
- name: Create checksums
run: |
shasum -a 256 dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip | \
cut -d " " -f 1 > dist-cli/bwdc-linux-sha256-$_PACKAGE_VERSION.txt
- name: Version Test
run: |
sudo apt-get update
@@ -133,17 +129,22 @@ jobs:
path: ./dist-cli/bwdc-linux-${{ env._PACKAGE_VERSION }}.zip
if-no-files-found: error
- name: Upload Linux checksum to GitHub
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
path: ./dist-cli/bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
if-no-files-found: error
macos-cli:
name: Build Mac CLI
runs-on: macos-13
needs: setup
permissions:
contents: read
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_PKG_FETCH_NODE_VERSION: 18.5.0
_PKG_FETCH_VERSION: 3.4
_PKG_FETCH_NODE_VERSION: 22.13.1
_PKG_FETCH_VERSION: 3.5
steps:
- name: Checkout repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -153,7 +154,7 @@ jobs:
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: '18'
node-version: '22'
- name: Update NPM
run: |
@@ -189,6 +190,11 @@ jobs:
- name: Zip
run: zip -j dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip dist-cli/macos/bwdc keytar/macos/build/Release/keytar.node
- name: Create checksums
run: |
shasum -a 256 dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip | \
cut -d " " -f 1 > dist-cli/bwdc-macos-sha256-$_PACKAGE_VERSION.txt
- name: Version Test
run: |
mkdir -p test/macos
@@ -211,17 +217,21 @@ jobs:
path: ./dist-cli/bwdc-macos-${{ env._PACKAGE_VERSION }}.zip
if-no-files-found: error
- name: Upload Mac checksum to GitHub
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
path: ./dist-cli/bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
if-no-files-found: error
windows-cli:
name: Build Windows CLI
runs-on: windows-2022
needs: setup
permissions:
contents: read
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_WIN_PKG_FETCH_VERSION: 18.5.0
_WIN_PKG_VERSION: 3.4
_WIN_PKG_FETCH_VERSION: 22.13.1
_WIN_PKG_VERSION: 3.5
steps:
- name: Checkout repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -236,7 +246,7 @@ jobs:
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: '18'
node-version: '22'
- name: Update NPM
run: |
@@ -339,6 +349,11 @@ jobs:
Throw "Version test failed."
}
- name: Create checksums
run: |
checksum -f="./dist-cli/bwdc-windows-${env:_PACKAGE_VERSION}.zip" `
-t sha256 | Out-File ./dist-cli/bwdc-windows-sha256-${env:_PACKAGE_VERSION}.txt
- name: Upload Windows Zip to GitHub
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
@@ -346,14 +361,18 @@ jobs:
path: ./dist-cli/bwdc-windows-${{ env._PACKAGE_VERSION }}.zip
if-no-files-found: error
- name: Upload Windows checksum to GitHub
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
path: ./dist-cli/bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
if-no-files-found: error
windows-gui:
name: Build Windows GUI
runs-on: windows-2022
needs: setup
permissions:
contents: read
id-token: write
env:
NODE_OPTIONS: --max_old_space_size=4096
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
@@ -367,7 +386,7 @@ jobs:
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: '18'
node-version: '22'
- name: Update NPM
run: |
@@ -386,11 +405,9 @@ jobs:
run: npm install
- name: Login to Azure
uses: bitwarden/gh-actions/azure-login@main
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
@@ -403,9 +420,6 @@ jobs:
code-signing-client-secret,
code-signing-cert-name"
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Build & Sign
run: npm run dist:win
env:
@@ -449,8 +463,6 @@ jobs:
name: Build Linux GUI
runs-on: ubuntu-24.04
needs: setup
permissions:
contents: read
env:
NODE_OPTIONS: --max_old_space_size=4096
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
@@ -464,7 +476,7 @@ jobs:
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: '18'
node-version: '22'
- name: Update NPM
run: |
@@ -505,9 +517,6 @@ jobs:
name: Build MacOS GUI
runs-on: macos-13
needs: setup
permissions:
contents: read
id-token: write
env:
NODE_OPTIONS: --max_old_space_size=4096
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
@@ -521,7 +530,7 @@ jobs:
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: '18'
node-version: '22'
- name: Update NPM
run: |
@@ -536,18 +545,9 @@ jobs:
echo "GitHub event: $GITHUB_EVENT"
- name: Login to Azure
uses: bitwarden/gh-actions/azure-login@main
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
- name: Get Azure Key Vault secrets
id: get-kv-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: gh-directory-connector
secrets: "KEYCHAIN-PASSWORD,APP-STORE-CONNECT-AUTH-KEY,APP-STORE-CONNECT-TEAM-ISSUER"
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Get certificates
run: |
@@ -562,12 +562,9 @@ jobs:
az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/macdev-cert |
jq -r .value | base64 -d > $HOME/certificates/macdev-cert.p12
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Set up keychain
env:
KEYCHAIN_PASSWORD: ${{ steps.get-kv-secrets.outputs.KEYCHAIN-PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
security default-keychain -s build.keychain
@@ -601,13 +598,13 @@ jobs:
run: |
mkdir ~/private_keys
cat << EOF > ~/private_keys/AuthKey_UFD296548T.p8
${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-AUTH-KEY }}
${{ secrets.APP_STORE_CONNECT_AUTH_KEY }}
EOF
- name: Build application
run: npm run dist:mac
env:
APP_STORE_CONNECT_TEAM_ISSUER: ${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-TEAM-ISSUER }}
APP_STORE_CONNECT_TEAM_ISSUER: ${{ secrets.APP_STORE_CONNECT_TEAM_ISSUER }}
APP_STORE_CONNECT_AUTH_KEY: UFD296548T
APP_STORE_CONNECT_AUTH_KEY_PATH: ~/private_keys/AuthKey_UFD296548T.p8
CSC_FOR_PULL_REQUEST: true
@@ -653,8 +650,6 @@ jobs:
- windows-gui
- linux-gui
- macos-gui
permissions:
id-token: write
steps:
- name: Check if any job failed
if: |
@@ -664,13 +659,11 @@ jobs:
&& contains(needs.*.result, 'failure')
run: exit 1
- name: Log in to Azure
- name: Login to Azure - CI subscription
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
if: failure()
uses: bitwarden/gh-actions/azure-login@main
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
@@ -680,9 +673,6 @@ jobs:
keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url"
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Notify Slack on failure
uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d # v2.1.0
if: failure()

3
.github/workflows/enforce-labels.yml vendored
View File

@@ -3,9 +3,6 @@ name: Enforce PR labels
on:
pull_request:
types: [labeled, unlabeled, opened, edited, synchronize]
permissions:
contents: read
pull-requests: read
jobs:
enforce-label:
name: EnforceLabel

12
.github/workflows/release.yml vendored
View File

@@ -13,15 +13,10 @@ on:
- Redeploy
- Dry Run
permissions:
contents: read
jobs:
setup:
name: Setup
runs-on: ubuntu-24.04
permissions:
contents: read
outputs:
release_version: ${{ steps.version.outputs.version }}
steps:
@@ -50,10 +45,6 @@ jobs:
name: Release
runs-on: ubuntu-24.04
needs: setup
permissions:
actions: read
packages: read
contents: write
steps:
- name: Download all artifacts
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -80,6 +71,9 @@ jobs:
artifacts: "./bwdc-windows-${{ env.PKG_VERSION }}.zip,
./bwdc-macos-${{ env.PKG_VERSION }}.zip,
./bwdc-linux-${{ env.PKG_VERSION }}.zip,
./bwdc-windows-sha256-${{ env.PKG_VERSION }}.txt,
./bwdc-macos-sha256-${{ env.PKG_VERSION }}.txt,
./bwdc-linux-sha256-${{ env.PKG_VERSION }}.txt,
./Bitwarden-Connector-Portable-${{ env.PKG_VERSION }}.exe,
./Bitwarden-Connector-Installer-${{ env.PKG_VERSION }}.exe,
./Bitwarden-Connector-Installer-${{ env.PKG_VERSION }}.exe.blockmap,

58
.github/workflows/scan.yml vendored
View File

@@ -5,23 +5,13 @@ on:
push:
branches:
- "main"
pull_request:
types: [opened, synchronize, reopened]
branches-ignore:
- main
pull_request_target:
types: [opened, synchronize, reopened]
branches:
- main
permissions: {}
types: [opened, synchronize]
jobs:
check-run:
name: Check PR run
uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
permissions:
contents: read
sast:
name: SAST scan
@@ -31,7 +21,6 @@ jobs:
contents: read
pull-requests: write
security-events: write
id-token: write
steps:
- name: Check out repo
@@ -39,33 +28,16 @@ jobs:
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Log in to Azure
uses: bitwarden/gh-actions/azure-login@main
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
- name: Get Azure Key Vault secrets
id: get-kv-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: gh-org-bitwarden
secrets: "CHECKMARX-TENANT,CHECKMARX-CLIENT-ID,CHECKMARX-SECRET"
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Scan with Checkmarx
uses: checkmarx/ast-github-action@184bf2f64f55d1c93fd6636d539edf274703e434 # 2.0.41
env:
INCREMENTAL: "${{ contains(github.event_name, 'pull_request') && '--sast-incremental' || '' }}"
with:
project_name: ${{ github.repository }}
cx_tenant: ${{ steps.get-kv-secrets.outputs.CHECKMARX-TENANT }}
cx_tenant: ${{ secrets.CHECKMARX_TENANT }}
base_uri: https://ast.checkmarx.net/
cx_client_id: ${{ steps.get-kv-secrets.outputs.CHECKMARX-CLIENT-ID }}
cx_client_secret: ${{ steps.get-kv-secrets.outputs.CHECKMARX-SECRET }}
cx_client_id: ${{ secrets.CHECKMARX_CLIENT_ID }}
cx_client_secret: ${{ secrets.CHECKMARX_SECRET }}
additional_params: |
--report-format sarif \
--filter "state=TO_VERIFY;PROPOSED_NOT_EXPLOITABLE;CONFIRMED;URGENT" \
@@ -85,7 +57,6 @@ jobs:
permissions:
contents: read
pull-requests: write
id-token: write
steps:
- name: Check out repo
@@ -94,27 +65,10 @@ jobs:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Log in to Azure
uses: bitwarden/gh-actions/azure-login@main
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
- name: Get Azure Key Vault secrets
id: get-kv-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: gh-org-bitwarden
secrets: "SONAR-TOKEN"
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Scan with SonarCloud
uses: sonarsource/sonarqube-scan-action@2500896589ef8f7247069a56136f8dc177c27ccf # v5.2.0
uses: sonarsource/sonarqube-scan-action@bfd4e558cda28cda6b5defafb9232d191be8c203 # v4.2.1
env:
SONAR_TOKEN: ${{ steps.get-kv-secrets.outputs.SONAR-TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: >
-Dsonar.organization=${{ github.repository_owner }}

24
.github/workflows/version-bump.yml vendored
View File

@@ -12,9 +12,6 @@ jobs:
bump_version:
name: Bump Version
runs-on: ubuntu-24.04
permissions:
contents: write
id-token: write
steps:
- name: Validate version input
if: ${{ inputs.version_number_override != '' }}
@@ -22,29 +19,12 @@ jobs:
with:
version: ${{ inputs.version_number_override }}
- name: Log in to Azure
uses: bitwarden/gh-actions/azure-login@main
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
- name: Get Azure Key Vault secrets
id: get-kv-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: gh-org-bitwarden
secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Generate GH App token
uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
id: app-token
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
app-id: ${{ secrets.BW_GHAPP_ID }}
private-key: ${{ secrets.BW_GHAPP_KEY }}
- name: Checkout Branch
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

2
README.md
View File

@@ -9,7 +9,7 @@ Supported directories:
- Active Directory
- Any other LDAP-based directory
- Microsoft Entra ID
- Azure Active Directory
- G Suite (Google)
- Okta

1223
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

19
package.json
View File

@@ -2,7 +2,7 @@
"name": "@bitwarden/directory-connector",
"productName": "Bitwarden Directory Connector",
"description": "Sync your user directory to your Bitwarden organization.",
"version": "2025.6.1",
"version": "2025.5.0",
"keywords": [
"bitwarden",
"password",
@@ -78,7 +78,7 @@
"@angular-eslint/template-parser": "17.5.3",
"@angular/compiler-cli": "17.3.12",
"@electron/notarize": "2.5.0",
"@electron/rebuild": "3.7.2",
"@electron/rebuild": "3.7.1",
"@fluffy-spoon/substitute": "1.208.0",
"@microsoft/microsoft-graph-types": "2.40.0",
"@ngtools/webpack": "17.3.17",
@@ -100,7 +100,7 @@
"dotenv": "16.5.0",
"electron": "34.1.1",
"electron-builder": "24.13.3",
"electron-log": "5.4.1",
"electron-log": "5.2.4",
"electron-reload": "2.0.0-alpha.1",
"electron-store": "8.2.0",
"electron-updater": "6.6.2",
@@ -110,7 +110,7 @@
"eslint-plugin-import": "2.31.0",
"eslint-plugin-rxjs": "5.0.3",
"eslint-plugin-rxjs-angular": "2.0.1",
"form-data": "4.0.3",
"form-data": "4.0.1",
"html-loader": "5.1.0",
"html-webpack-plugin": "5.6.3",
"husky": "9.1.7",
@@ -120,7 +120,7 @@
"jest-preset-angular": "14.5.5",
"lint-staged": "15.5.2",
"mini-css-extract-plugin": "2.9.2",
"node-abi": "3.75.0",
"node-abi": "3.74.0",
"node-forge": "1.3.1",
"node-loader": "2.1.0",
"pkg": "5.8.1",
@@ -128,8 +128,8 @@
"rimraf": "6.0.1",
"rxjs": "7.8.2",
"sass": "1.79.4",
"sass-loader": "16.0.5",
"ts-jest": "29.4.0",
"sass-loader": "16.0.4",
"ts-jest": "29.2.5",
"ts-loader": "9.5.2",
"tsconfig-paths-webpack-plugin": "4.2.0",
"type-fest": "4.41.0",
@@ -157,7 +157,7 @@
"chalk": "4.1.2",
"commander": "13.1.0",
"core-js": "3.42.0",
"form-data": "4.0.3",
"form-data": "4.0.1",
"google-auth-library": "9.15.1",
"googleapis": "144.0.0",
"https-proxy-agent": "7.0.6",
@@ -170,8 +170,7 @@
"proper-lockfile": "4.1.2",
"rxjs": "7.8.2",
"tldjs": "2.3.1",
"zone.js": "0.14.10",
"parse5": "7.2.1"
"zone.js": "0.14.10"
},
"engines": {
"node": "~22.13.0",

8
src/abstractions/state.service.ts
View File

@@ -3,7 +3,7 @@ import { StorageOptions } from "@/jslib/common/src/models/domain/storageOptions"
import { DirectoryType } from "@/src/enums/directoryType";
import { Account } from "@/src/models/account";
import { EntraIdConfiguration } from "@/src/models/entraIdConfiguration";
import { AzureConfiguration } from "@/src/models/azureConfiguration";
import { GSuiteConfiguration } from "@/src/models/gsuiteConfiguration";
import { LdapConfiguration } from "@/src/models/ldapConfiguration";
import { OktaConfiguration } from "@/src/models/oktaConfiguration";
@@ -17,7 +17,7 @@ export abstract class StateService extends BaseStateServiceAbstraction<Account>
config:
| LdapConfiguration
| GSuiteConfiguration
| EntraIdConfiguration
| AzureConfiguration
| OktaConfiguration
| OneLoginConfiguration,
) => Promise<any>;
@@ -25,8 +25,8 @@ export abstract class StateService extends BaseStateServiceAbstraction<Account>
setLdapConfiguration: (value: LdapConfiguration, options?: StorageOptions) => Promise<void>;
getGsuiteConfiguration: (options?: StorageOptions) => Promise<GSuiteConfiguration>;
setGsuiteConfiguration: (value: GSuiteConfiguration, options?: StorageOptions) => Promise<void>;
getEntraConfiguration: (options?: StorageOptions) => Promise<EntraIdConfiguration>;
setEntraConfiguration: (value: EntraIdConfiguration, options?: StorageOptions) => Promise<void>;
getAzureConfiguration: (options?: StorageOptions) => Promise<AzureConfiguration>;
setAzureConfiguration: (value: AzureConfiguration, options?: StorageOptions) => Promise<void>;
getOktaConfiguration: (options?: StorageOptions) => Promise<OktaConfiguration>;
setOktaConfiguration: (value: OktaConfiguration, options?: StorageOptions) => Promise<void>;
getOneLoginConfiguration: (options?: StorageOptions) => Promise<OneLoginConfiguration>;

24
src/app/tabs/settings.component.html
View File

@@ -242,7 +242,7 @@
</div>
</div>
</div>
<div [hidden]="directory != directoryType.EntraID">
<div [hidden]="directory != directoryType.AzureActiveDirectory">
<div class="mb-3">
<label for="identityAuthority" class="form-label">{{
"identityAuthority" | i18n
@@ -251,10 +251,10 @@
class="form-select"
id="identityAuthority"
name="IdentityAuthority"
[(ngModel)]="entra.identityAuthority"
[(ngModel)]="azure.identityAuthority"
>
<option value="login.microsoftonline.com">Entra Id Public</option>
<option value="login.microsoftonline.us">Entra Id Government</option>
<option value="login.microsoftonline.com">Azure AD Public</option>
<option value="login.microsoftonline.us">Azure AD Government</option>
</select>
</div>
<div class="mb-3">
@@ -264,7 +264,7 @@
class="form-control"
id="tenant"
name="Tenant"
[(ngModel)]="entra.tenant"
[(ngModel)]="azure.tenant"
/>
<div class="form-text">{{ "ex" | i18n }} companyad.onmicrosoft.com</div>
</div>
@@ -275,29 +275,29 @@
class="form-control"
id="applicationId"
name="ApplicationId"
[(ngModel)]="entra.applicationId"
[(ngModel)]="azure.applicationId"
/>
</div>
<div class="mb-3">
<label for="secretKey" class="form-label">{{ "secretKey" | i18n }}</label>
<div class="input-group">
<input
type="{{ showEntraKey ? 'text' : 'password' }}"
type="{{ showAzureKey ? 'text' : 'password' }}"
class="form-control"
id="secretKey"
name="SecretKey"
[(ngModel)]="entra.key"
[(ngModel)]="azure.key"
/>
<button
type="button"
class="btn btn-outline-secondary"
appA11yTitle="{{ 'toggleVisibility' | i18n }}"
(click)="toggleEntraKey()"
(click)="toggleAzureKey()"
>
<i
class="bwi bwi-lg"
aria-hidden="true"
[ngClass]="showEntraKey ? 'bwi-eye-slash' : 'bwi-eye'"
[ngClass]="showAzureKey ? 'bwi-eye-slash' : 'bwi-eye'"
></i>
</button>
</div>
@@ -607,7 +607,7 @@
<div class="form-text" *ngIf="directory === directoryType.Ldap">
{{ "ex" | i18n }} (&amp;(givenName=John)(|(l=Dallas)(l=Austin)))
</div>
<div class="form-text" *ngIf="directory === directoryType.EntraID">
<div class="form-text" *ngIf="directory === directoryType.AzureActiveDirectory">
{{ "ex" | i18n }} exclude:joe&#64;company.com
</div>
<div class="form-text" *ngIf="directory === directoryType.Okta">
@@ -684,7 +684,7 @@
<div class="form-text" *ngIf="directory === directoryType.Ldap">
{{ "ex" | i18n }} (&amp;(objectClass=group)(!(cn=Sales*))(!(cn=IT*)))
</div>
<div class="form-text" *ngIf="directory === directoryType.EntraID">
<div class="form-text" *ngIf="directory === directoryType.AzureActiveDirectory">
{{ "ex" | i18n }} include:Sales,IT
</div>
<div class="form-text" *ngIf="directory === directoryType.Okta">

21
src/app/tabs/settings.component.ts
View File

@@ -5,7 +5,7 @@ import { LogService } from "@/jslib/common/src/abstractions/log.service";
import { StateService } from "../../abstractions/state.service";
import { DirectoryType } from "../../enums/directoryType";
import { EntraIdConfiguration } from "../../models/entraIdConfiguration";
import { AzureConfiguration } from "../../models/azureConfiguration";
import { GSuiteConfiguration } from "../../models/gsuiteConfiguration";
import { LdapConfiguration } from "../../models/ldapConfiguration";
import { OktaConfiguration } from "../../models/oktaConfiguration";
@@ -22,13 +22,13 @@ export class SettingsComponent implements OnInit, OnDestroy {
directoryType = DirectoryType;
ldap = new LdapConfiguration();
gsuite = new GSuiteConfiguration();
entra = new EntraIdConfiguration();
azure = new AzureConfiguration();
okta = new OktaConfiguration();
oneLogin = new OneLoginConfiguration();
sync = new SyncConfiguration();
directoryOptions: any[];
showLdapPassword = false;
showEntraKey = false;
showAzureKey = false;
showOktaKey = false;
showOneLoginSecret = false;
@@ -42,7 +42,7 @@ export class SettingsComponent implements OnInit, OnDestroy {
this.directoryOptions = [
{ name: this.i18nService.t("select"), value: null },
{ name: "Active Directory / LDAP", value: DirectoryType.Ldap },
{ name: "Entra ID", value: DirectoryType.EntraID },
{ name: "Azure Active Directory", value: DirectoryType.AzureActiveDirectory },
{ name: "G Suite (Google)", value: DirectoryType.GSuite },
{ name: "Okta", value: DirectoryType.Okta },
{ name: "OneLogin", value: DirectoryType.OneLogin },
@@ -56,9 +56,10 @@ export class SettingsComponent implements OnInit, OnDestroy {
this.gsuite =
(await this.stateService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
this.gsuite;
this.entra =
(await this.stateService.getDirectory<EntraIdConfiguration>(DirectoryType.EntraID)) ||
this.entra;
this.azure =
(await this.stateService.getDirectory<AzureConfiguration>(
DirectoryType.AzureActiveDirectory,
)) || this.azure;
this.okta =
(await this.stateService.getDirectory<OktaConfiguration>(DirectoryType.Okta)) || this.okta;
this.oneLogin =
@@ -79,7 +80,7 @@ export class SettingsComponent implements OnInit, OnDestroy {
await this.stateService.setDirectoryType(this.directory);
await this.stateService.setDirectory(DirectoryType.Ldap, this.ldap);
await this.stateService.setDirectory(DirectoryType.GSuite, this.gsuite);
await this.stateService.setDirectory(DirectoryType.EntraID, this.entra);
await this.stateService.setDirectory(DirectoryType.AzureActiveDirectory, this.azure);
await this.stateService.setDirectory(DirectoryType.Okta, this.okta);
await this.stateService.setDirectory(DirectoryType.OneLogin, this.oneLogin);
await this.stateService.setSync(this.sync);
@@ -134,8 +135,8 @@ export class SettingsComponent implements OnInit, OnDestroy {
document.getElementById("password").focus();
}
toggleEntraKey() {
this.showEntraKey = !this.showEntraKey;
toggleAzureKey() {
this.showAzureKey = !this.showAzureKey;
document.getElementById("secretKey").focus();
}

22
src/commands/config.command.ts
View File

@@ -8,7 +8,7 @@ import { MessageResponse } from "@/jslib/node/src/cli/models/response/messageRes
import { StateService } from "../abstractions/state.service";
import { DirectoryType } from "../enums/directoryType";
import { EntraIdConfiguration } from "../models/entraIdConfiguration";
import { AzureConfiguration } from "../models/azureConfiguration";
import { GSuiteConfiguration } from "../models/gsuiteConfiguration";
import { LdapConfiguration } from "../models/ldapConfiguration";
import { OktaConfiguration } from "../models/oktaConfiguration";
@@ -20,7 +20,7 @@ export class ConfigCommand {
private directory: DirectoryType;
private ldap = new LdapConfiguration();
private gsuite = new GSuiteConfiguration();
private entra = new EntraIdConfiguration();
private azure = new AzureConfiguration();
private okta = new OktaConfiguration();
private oneLogin = new OneLoginConfiguration();
private sync = new SyncConfiguration();
@@ -54,11 +54,8 @@ export class ConfigCommand {
case "gsuite.key":
await this.setGSuiteKey(value);
break;
// Azure Active Directory was renamed to Entra ID, but we've kept the old key name
// to be backwards compatible with existing configurations.
case "azure.key":
case "entra.key":
await this.setEntraIdKey(value);
await this.setAzureKey(value);
break;
case "okta.token":
await this.setOktaToken(value);
@@ -105,9 +102,9 @@ export class ConfigCommand {
await this.saveConfig();
}
private async setEntraIdKey(key: string) {
private async setAzureKey(key: string) {
await this.loadConfig();
this.entra.key = key;
this.azure.key = key;
await this.saveConfig();
}
@@ -130,9 +127,10 @@ export class ConfigCommand {
this.gsuite =
(await this.stateService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
this.gsuite;
this.entra =
(await this.stateService.getDirectory<EntraIdConfiguration>(DirectoryType.EntraID)) ||
this.entra;
this.azure =
(await this.stateService.getDirectory<AzureConfiguration>(
DirectoryType.AzureActiveDirectory,
)) || this.azure;
this.okta =
(await this.stateService.getDirectory<OktaConfiguration>(DirectoryType.Okta)) || this.okta;
this.oneLogin =
@@ -146,7 +144,7 @@ export class ConfigCommand {
await this.stateService.setDirectoryType(this.directory);
await this.stateService.setDirectory(DirectoryType.Ldap, this.ldap);
await this.stateService.setDirectory(DirectoryType.GSuite, this.gsuite);
await this.stateService.setDirectory(DirectoryType.EntraID, this.entra);
await this.stateService.setDirectory(DirectoryType.AzureActiveDirectory, this.azure);
await this.stateService.setDirectory(DirectoryType.Okta, this.okta);
await this.stateService.setDirectory(DirectoryType.OneLogin, this.oneLogin);
await this.stateService.setSync(this.sync);

2
src/enums/directoryType.ts
View File

@@ -1,6 +1,6 @@
export enum DirectoryType {
Ldap = 0,
EntraID = 1,
AzureActiveDirectory = 1,
GSuite = 2,
Okta = 3,
OneLogin = 4,

7
src/models/account.ts
View File

@@ -2,7 +2,7 @@ import { Account as BaseAccount } from "@/jslib/common/src/models/domain/account
import { DirectoryType } from "@/src/enums/directoryType";
import { EntraIdConfiguration } from "./entraIdConfiguration";
import { AzureConfiguration } from "./azureConfiguration";
import { GSuiteConfiguration } from "./gsuiteConfiguration";
import { LdapConfiguration } from "./ldapConfiguration";
import { OktaConfiguration } from "./oktaConfiguration";
@@ -29,10 +29,7 @@ export class ClientKeys {
export class DirectoryConfigurations {
ldap: LdapConfiguration;
gsuite: GSuiteConfiguration;
entra: EntraIdConfiguration;
// Azure Active Directory was renamed to Entra ID, but we've kept the old account property name
// to be backwards compatible with existing configurations.
azure: EntraIdConfiguration;
azure: AzureConfiguration;
okta: OktaConfiguration;
oneLogin: OneLoginConfiguration;
}

2
src/models/entraIdConfiguration.ts → src/models/azureConfiguration.ts
View File

@@ -1,6 +1,6 @@
import { IConfiguration } from "./IConfiguration";
export class EntraIdConfiguration implements IConfiguration {
export class AzureConfiguration implements IConfiguration {
identityAuthority: string;
tenant: string;
applicationId: string;

4
src/program.ts
View File

@@ -190,7 +190,7 @@ export class Program extends BaseProgram {
writeLn(" server - On-premise hosted installation URL.");
writeLn(" directory - The type of directory to use.");
writeLn(" ldap.password - The password for connection to this LDAP server.");
writeLn(" entra.key - The Entra Id secret key.");
writeLn(" azure.key - The Azure AD secret key.");
writeLn(" gsuite.key - The G Suite private key.");
writeLn(" okta.token - The Okta token.");
writeLn(" onelogin.secret - The OneLogin client secret.");
@@ -202,7 +202,7 @@ export class Program extends BaseProgram {
writeLn(" bwdc config directory 1");
writeLn(" bwdc config ldap.password <password>");
writeLn(" bwdc config ldap.password --secretenv LDAP_PWD");
writeLn(" bwdc config entra.key <key>");
writeLn(" bwdc config azure.key <key>");
writeLn(" bwdc config gsuite.key <key>");
writeLn(" bwdc config okta.token <token>");
writeLn(" bwdc config onelogin.secret <secret>");

5
src/scss/bootstrap.scss vendored
View File

@@ -8,8 +8,9 @@ $theme-colors: (
"secondary": #ced4da,
"secondary-alt": #1a3b66,
);
$font-family-sans-serif: "Open Sans", "Helvetica Neue", Helvetica, Arial, sans-serif,
"Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
$font-family-sans-serif:
"Open Sans", "Helvetica Neue", Helvetica, Arial, sans-serif, "Apple Color Emoji",
"Segoe UI Emoji", "Segoe UI Symbol";
$h1-font-size: 2rem;
$h2-font-size: 1.3rem;

34
src/services/entra-id-directory.service.ts → src/services/azure-directory.service.ts
View File

@@ -9,7 +9,7 @@ import { LogService } from "@/jslib/common/src/abstractions/log.service";
import { StateService } from "../abstractions/state.service";
import { DirectoryType } from "../enums/directoryType";
import { EntraIdConfiguration } from "../models/entraIdConfiguration";
import { AzureConfiguration } from "../models/azureConfiguration";
import { GroupEntry } from "../models/groupEntry";
import { SyncConfiguration } from "../models/syncConfiguration";
import { UserEntry } from "../models/userEntry";
@@ -17,10 +17,8 @@ import { UserEntry } from "../models/userEntry";
import { BaseDirectoryService } from "./baseDirectory.service";
import { IDirectoryService } from "./directory.service";
const EntraIdPublicIdentityAuthority = "login.microsoftonline.com";
const EntraIdPublicGraphEndpoint = "https://graph.microsoft.com";
const EntraIdGovernmentIdentityAuthority = "login.microsoftonline.us";
const EntraIdGovernmentGraphEndpoint = "https://graph.microsoft.us";
const AzurePublicIdentityAuhtority = "login.microsoftonline.com";
const AzureGovermentIdentityAuhtority = "login.microsoftonline.us";
const NextLink = "@odata.nextLink";
const DeltaLink = "@odata.deltaLink";
@@ -34,9 +32,9 @@ enum UserSetType {
ExcludeGroup,
}
export class EntraIdDirectoryService extends BaseDirectoryService implements IDirectoryService {
export class AzureDirectoryService extends BaseDirectoryService implements IDirectoryService {
private client: graph.Client;
private dirConfig: EntraIdConfiguration;
private dirConfig: AzureConfiguration;
private syncConfig: SyncConfiguration;
private accessToken: string;
private accessTokenExpiration: Date;
@@ -52,12 +50,12 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
async getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
const type = await this.stateService.getDirectoryType();
if (type !== DirectoryType.EntraID) {
if (type !== DirectoryType.AzureActiveDirectory) {
return;
}
this.dirConfig = await this.stateService.getDirectory<EntraIdConfiguration>(
DirectoryType.EntraID,
this.dirConfig = await this.stateService.getDirectory<AzureConfiguration>(
DirectoryType.AzureActiveDirectory,
);
if (this.dirConfig == null) {
return;
@@ -209,7 +207,7 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
if (keyword === "excludeadministrativeunit" || keyword === "includeadministrativeunit") {
for (const p of pieces) {
let auMembers = await this.client
.api(`${this.getGraphApiEndpoint()}/v1.0/directory/administrativeUnits/${p}/members`)
.api(`https://graph.microsoft.com/v1.0/directory/administrativeUnits/${p}/members`)
.get();
// eslint-disable-next-line
while (true) {
@@ -459,10 +457,10 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
const identityAuthority =
this.dirConfig.identityAuthority != null
? this.dirConfig.identityAuthority
: EntraIdPublicIdentityAuthority;
: AzurePublicIdentityAuhtority;
if (
identityAuthority !== EntraIdPublicIdentityAuthority &&
identityAuthority !== EntraIdGovernmentIdentityAuthority
identityAuthority !== AzurePublicIdentityAuhtority &&
identityAuthority !== AzureGovermentIdentityAuhtority
) {
done(new Error(this.i18nService.t("dirConfigIncomplete")), null);
return;
@@ -480,7 +478,7 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
client_id: this.dirConfig.applicationId,
client_secret: this.dirConfig.key,
grant_type: "client_credentials",
scope: `${this.getGraphApiEndpoint()}/.default`,
scope: "https://graph.microsoft.com/.default",
});
const req = https
@@ -544,10 +542,4 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
exp.setSeconds(exp.getSeconds() + expSeconds);
this.accessTokenExpiration = exp;
}
private getGraphApiEndpoint(): string {
return this.dirConfig.identityAuthority === EntraIdGovernmentIdentityAuthority
? EntraIdGovernmentGraphEndpoint
: EntraIdPublicGraphEndpoint;
}
}

6
src/services/directory-factory.service.ts
View File

@@ -5,7 +5,7 @@ import { DirectoryFactoryService } from "../abstractions/directory-factory.servi
import { StateService } from "../abstractions/state.service";
import { DirectoryType } from "../enums/directoryType";
import { EntraIdDirectoryService } from "./entra-id-directory.service";
import { AzureDirectoryService } from "./azure-directory.service";
import { GSuiteDirectoryService } from "./gsuite-directory.service";
import { LdapDirectoryService } from "./ldap-directory.service";
import { OktaDirectoryService } from "./okta-directory.service";
@@ -22,8 +22,8 @@ export class DefaultDirectoryFactoryService implements DirectoryFactoryService {
switch (directoryType) {
case DirectoryType.GSuite:
return new GSuiteDirectoryService(this.logService, this.i18nService, this.stateService);
case DirectoryType.EntraID:
return new EntraIdDirectoryService(this.logService, this.i18nService, this.stateService);
case DirectoryType.AzureActiveDirectory:
return new AzureDirectoryService(this.logService, this.i18nService, this.stateService);
case DirectoryType.Ldap:
return new LdapDirectoryService(this.logService, this.i18nService, this.stateService);
case DirectoryType.Okta:

57
src/services/state.service.ts
View File

@@ -11,7 +11,7 @@ import { StateService as StateServiceAbstraction } from "@/src/abstractions/stat
import { DirectoryType } from "@/src/enums/directoryType";
import { IConfiguration } from "@/src/models/IConfiguration";
import { Account } from "@/src/models/account";
import { EntraIdConfiguration } from "@/src/models/entraIdConfiguration";
import { AzureConfiguration } from "@/src/models/azureConfiguration";
import { GSuiteConfiguration } from "@/src/models/gsuiteConfiguration";
import { LdapConfiguration } from "@/src/models/ldapConfiguration";
import { OktaConfiguration } from "@/src/models/oktaConfiguration";
@@ -21,10 +21,7 @@ import { SyncConfiguration } from "@/src/models/syncConfiguration";
const SecureStorageKeys = {
ldap: "ldapPassword",
gsuite: "gsuitePrivateKey",
// Azure Active Directory was renamed to Entra ID, but we've kept the old property name
// to be backwards compatible with existing configurations.
azure: "azureKey",
entra: "entraKey",
okta: "oktaToken",
oneLogin: "oneLoginClientSecret",
userDelta: "userDeltaToken",
@@ -71,8 +68,8 @@ export class StateService
case DirectoryType.Ldap:
(configWithSecrets as any).password = await this.getLdapKey();
break;
case DirectoryType.EntraID:
(configWithSecrets as any).key = await this.getEntraKey();
case DirectoryType.AzureActiveDirectory:
(configWithSecrets as any).key = await this.getAzureKey();
break;
case DirectoryType.Okta:
(configWithSecrets as any).token = await this.getOktaKey();
@@ -96,7 +93,7 @@ export class StateService
config:
| LdapConfiguration
| GSuiteConfiguration
| EntraIdConfiguration
| AzureConfiguration
| OktaConfiguration
| OneLoginConfiguration,
): Promise<any> {
@@ -109,11 +106,11 @@ export class StateService
await this.setLdapConfiguration(ldapConfig);
break;
}
case DirectoryType.EntraID: {
const entraConfig = config as EntraIdConfiguration;
await this.setEntraKey(entraConfig.key);
entraConfig.key = StoredSecurely;
await this.setEntraConfiguration(entraConfig);
case DirectoryType.AzureActiveDirectory: {
const azureConfig = config as AzureConfiguration;
await this.setAzureKey(azureConfig.key);
azureConfig.key = StoredSecurely;
await this.setAzureConfiguration(azureConfig);
break;
}
case DirectoryType.Okta: {
@@ -190,32 +187,23 @@ export class StateService
);
}
private async getEntraKey(options?: StorageOptions): Promise<string> {
private async getAzureKey(options?: StorageOptions): Promise<string> {
options = this.reconcileOptions(options, await this.defaultSecureStorageOptions());
if (options?.userId == null) {
return null;
}
const entraKey = await this.secureStorageService.get<string>(
`${options.userId}_${SecureStorageKeys.entra}`,
);
if (entraKey != null) {
return entraKey;
}
return await this.secureStorageService.get<string>(
`${options.userId}_${SecureStorageKeys.azure}`,
);
}
private async setEntraKey(value: string, options?: StorageOptions): Promise<void> {
private async setAzureKey(value: string, options?: StorageOptions): Promise<void> {
options = this.reconcileOptions(options, await this.defaultSecureStorageOptions());
if (options?.userId == null) {
return;
}
await this.secureStorageService.save(
`${options.userId}_${SecureStorageKeys.entra}`,
`${options.userId}_${SecureStorageKeys.azure}`,
value,
options,
);
@@ -271,8 +259,8 @@ export class StateService
return await this.getLdapConfiguration();
case DirectoryType.GSuite:
return await this.getGsuiteConfiguration();
case DirectoryType.EntraID:
return await this.getEntraConfiguration();
case DirectoryType.AzureActiveDirectory:
return await this.getAzureConfiguration();
case DirectoryType.Okta:
return await this.getOktaConfiguration();
case DirectoryType.OneLogin:
@@ -317,28 +305,17 @@ export class StateService
);
}
async getEntraConfiguration(options?: StorageOptions): Promise<EntraIdConfiguration> {
const entraConfig = (
await this.getAccount(this.reconcileOptions(options, await this.defaultOnDiskOptions()))
)?.directoryConfigurations?.entra;
if (entraConfig != null) {
return entraConfig;
}
async getAzureConfiguration(options?: StorageOptions): Promise<AzureConfiguration> {
return (
await this.getAccount(this.reconcileOptions(options, await this.defaultOnDiskOptions()))
)?.directoryConfigurations?.azure;
}
async setEntraConfiguration(
value: EntraIdConfiguration,
options?: StorageOptions,
): Promise<void> {
async setAzureConfiguration(value: AzureConfiguration, options?: StorageOptions): Promise<void> {
const account = await this.getAccount(
this.reconcileOptions(options, await this.defaultOnDiskOptions()),
);
account.directoryConfigurations.entra = value;
account.directoryConfigurations.azure = value;
await this.saveAccount(
account,
this.reconcileOptions(options, await this.defaultOnDiskOptions()),

10
src/services/stateMigration.service.ts
View File

@@ -3,7 +3,7 @@ import { StateMigrationService as BaseStateMigrationService } from "@/jslib/comm
import { DirectoryType } from "@/src/enums/directoryType";
import { Account, DirectoryConfigurations, DirectorySettings } from "@/src/models/account";
import { EntraIdConfiguration } from "@/src/models/entraIdConfiguration";
import { AzureConfiguration } from "@/src/models/azureConfiguration";
import { GSuiteConfiguration } from "@/src/models/gsuiteConfiguration";
import { LdapConfiguration } from "@/src/models/ldapConfiguration";
import { OktaConfiguration } from "@/src/models/oktaConfiguration";
@@ -14,7 +14,6 @@ const SecureStorageKeys: { [key: string]: any } = {
ldap: "ldapPassword",
gsuite: "gsuitePrivateKey",
azure: "azureKey",
entra: "entraIdKey",
okta: "oktaToken",
oneLogin: "oneLoginClientSecret",
directoryConfigPrefix: "directoryConfig_",
@@ -105,16 +104,13 @@ export class StateMigrationService extends BaseStateMigrationService {
}
};
// Initialize typed objects from key/value pairs in storage to either be saved temporarily until an account is authed or applied to the active account
// Initilize typed objects from key/value pairs in storage to either be saved temporarily until an account is authed or applied to the active account
const getDirectoryConfig = async <T>(type: DirectoryType) =>
await this.get<T>(SecureStorageKeys.directoryConfigPrefix + type);
const directoryConfigs: DirectoryConfigurations = {
ldap: await getDirectoryConfig<LdapConfiguration>(DirectoryType.Ldap),
gsuite: await getDirectoryConfig<GSuiteConfiguration>(DirectoryType.GSuite),
// Azure Active Directory was renamed to Entra ID, but we've kept the old property name
// to be backwards compatible with existing configurations.
azure: await getDirectoryConfig<EntraIdConfiguration>(DirectoryType.EntraID),
entra: await getDirectoryConfig<EntraIdConfiguration>(DirectoryType.EntraID),
azure: await getDirectoryConfig<AzureConfiguration>(DirectoryType.AzureActiveDirectory),
okta: await getDirectoryConfig<OktaConfiguration>(DirectoryType.Okta),
oneLogin: await getDirectoryConfig<OneLoginConfiguration>(DirectoryType.OneLogin),
};