bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2026-01-04 09:33:16 +00:00
Code Issues Releases Wiki Activity

[SSO] Auto enroll during set password (#1520)

Browse Source 
* [SSO] Auto enroll during set password

* Updated with requested changes
This commit is contained in:
Vincent Salucci
2021-09-08 12:43:24 -05:00
committed by GitHub
parent 8866fc6322
commit d3f00340fb
17 changed files with 158 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Core/Abstractions/IApiService.cs
View File

@@ -58,6 +58,9 @@ namespace Bit.Core.Abstractions
Task PostTwoFactorEmailAsync(TwoFactorEmailRequest request);
Task PutDeviceTokenAsync(string identifier, DeviceTokenRequest request);
Task PostEventsCollectAsync(IEnumerable<EventRequest> request);
Task<OrganizationKeysResponse> GetOrganizationKeysAsync(string id);
Task PutOrganizationUserResetPasswordEnrollmentAsync(string orgId, string userId,
OrganizationUserResetPasswordEnrollmentRequest request);
Task<SendResponse> GetSendAsync(string id);
Task<SendResponse> PostSendAsync(SendRequest request);

3
src/Core/Abstractions/IPolicyService.cs
View File

@@ -1,3 +1,4 @@
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Bit.Core.Enums;
@@ -15,5 +16,7 @@ namespace Bit.Core.Abstractions
Task<MasterPasswordPolicyOptions> GetMasterPasswordPolicyOptions(IEnumerable<Policy> policies = null);
Task<bool> EvaluateMasterPassword(int passwordStrength, string newPassword,
MasterPasswordPolicyOptions enforcedPolicyOptions);
Tuple<ResetPasswordPolicyOptions, bool> GetResetPasswordPolicyOptions(IEnumerable<Policy> policies,
string orgId);
}
}

1
src/Core/Abstractions/IUserService.cs
View File

@@ -16,6 +16,7 @@ namespace Bit.Core.Abstractions
Task<KdfType?> GetKdfAsync();
Task<int?> GetKdfIterationsAsync();
Task<Organization> GetOrganizationAsync(string id);
Task<Organization> GetOrganizationByIdentifierAsync(string identifier);
Task<string> GetSecurityStampAsync();
Task<bool> GetEmailVerifiedAsync();
Task<string> GetUserIdAsync();

1
src/Core/Enums/PolicyType.cs
View File

@@ -10,5 +10,6 @@
PersonalOwnership = 5, // Disables personal vault ownership for adding/cloning items
DisableSend = 6, // Disables the ability to create and edit Sends
SendOptions = 7, // Sets restrictions or defaults for Bitwarden Sends
ResetPassword = 8, // Allows orgs to use reset password : also can enable auto-enrollment during invite flow
}
}

5
src/Core/Models/Data/OrganizationData.cs
View File

@@ -1,4 +1,5 @@
using Bit.Core.Enums;
using System.Data.Common;
using Bit.Core.Enums;
using Bit.Core.Models.Response;
namespace Bit.Core.Models.Data
@@ -27,6 +28,7 @@ namespace Bit.Core.Models.Data
MaxCollections = response.MaxCollections;
MaxStorageGb = response.MaxStorageGb;
Permissions = response.Permissions ?? new Permissions();
Identifier = response.Identifier;
}
public string Id { get; set; }
@@ -47,5 +49,6 @@ namespace Bit.Core.Models.Data
public short? MaxCollections { get; set; }
public short? MaxStorageGb { get; set; }
public Permissions Permissions { get; set; } = new Permissions();
public string Identifier { get; set; }
}
}

5
src/Core/Models/Domain/Organization.cs
View File

@@ -1,4 +1,5 @@
using Bit.Core.Enums;
using System.Data.Common;
using Bit.Core.Enums;
using Bit.Core.Models.Data;
namespace Bit.Core.Models.Domain
@@ -27,6 +28,7 @@ namespace Bit.Core.Models.Domain
MaxCollections = obj.MaxCollections;
MaxStorageGb = obj.MaxStorageGb;
Permissions = obj.Permissions ?? new Permissions();
Identifier = obj.Identifier;
}
public string Id { get; set; }
@@ -47,6 +49,7 @@ namespace Bit.Core.Models.Domain
public short? MaxCollections { get; set; }
public short? MaxStorageGb { get; set; }
public Permissions Permissions { get; set; } = new Permissions();
public string Identifier { get; set; }
public bool CanAccess
{

7
src/Core/Models/Domain/ResetPasswordPolicyOptions.cs Normal file
View File

@@ -0,0 +1,7 @@
namespace Bit.Core.Models.Domain
{
public class ResetPasswordPolicyOptions
{
public bool AutoEnrollEnabled { get; set; }
}
}

7
src/Core/Models/Request/OrganizationUserResetPasswordEnrollmentRequest.cs Normal file
View File

@@ -0,0 +1,7 @@
namespace Bit.Core.Models.Request
{
public class OrganizationUserResetPasswordEnrollmentRequest
{
public string ResetPasswordKey { get; set; }
}
}

8
src/Core/Models/Response/OrganizationKeysResponse.cs Normal file
View File

@@ -0,0 +1,8 @@
namespace Bit.Core.Models.Response
{
public class OrganizationKeysResponse
{
public string PrivateKey { get; set; }
public string PublicKey { get; set; }
}
}

1
src/Core/Models/Response/ProfileOrganizationResponse.cs
View File

@@ -24,5 +24,6 @@ namespace Bit.Core.Models.Response
public OrganizationUserType Type { get; set; }
public bool Enabled { get; set; }
public Permissions Permissions { get; set; } = new Permissions();
public string Identifier { get; set; }
}
}

22
src/Core/Services/ApiService.cs
View File

@@ -177,7 +177,7 @@ namespace Bit.Core.Services
return SendAsync<PasswordVerificationRequest, object>(HttpMethod.Post, "/accounts/verify-password", request,
true, false);
}
#endregion
#region Folder APIs
@@ -402,6 +402,26 @@ namespace Bit.Core.Services
string.Concat("/hibp/breach?username=", username), null, true, true);
}
#endregion
#region Organizations APIs
public Task<OrganizationKeysResponse> GetOrganizationKeysAsync(string id)
{
return SendAsync<object, OrganizationKeysResponse>(HttpMethod.Get, $"/organizations/{id}/keys", null, true, true);
}
#endregion
#region Organization User APIs
public Task PutOrganizationUserResetPasswordEnrollmentAsync(string orgId, string userId,
OrganizationUserResetPasswordEnrollmentRequest request)
{
return SendAsync<OrganizationUserResetPasswordEnrollmentRequest, object>(HttpMethod.Put,
$"/organizations/{orgId}/users/{userId}/reset-password-enrollment", request, true, false);
}
#endregion
#region Helpers

20
src/Core/Services/PolicyService.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
@@ -180,6 +181,23 @@ namespace Bit.Core.Services
return true;
}
public Tuple<ResetPasswordPolicyOptions, bool> GetResetPasswordPolicyOptions(IEnumerable<Policy> policies,
string orgId)
{
var resetPasswordPolicyOptions = new ResetPasswordPolicyOptions();
if (policies == null || orgId == null)
{
return new Tuple<ResetPasswordPolicyOptions, bool>(resetPasswordPolicyOptions, false);
}
var policy = policies.FirstOrDefault(p =>
p.OrganizationId == orgId && p.Type == PolicyType.ResetPassword && p.Enabled);
resetPasswordPolicyOptions.AutoEnrollEnabled = GetPolicyBool(policy, "autoEnrollEnabled") ?? false;
return new Tuple<ResetPasswordPolicyOptions, bool>(resetPasswordPolicyOptions, policy != null);
}
private int? GetPolicyInt(Policy policy, string key)
{
if (policy.Data.ContainsKey(key))

13
src/Core/Services/UserService.cs
View File

@@ -167,6 +167,19 @@ namespace Bit.Core.Services
}
return new Organization(organizations[id]);
}
public async Task<Organization> GetOrganizationByIdentifierAsync(string identifier)
{
var userId = await GetUserIdAsync();
var organizations = await GetAllOrganizationAsync();
if (organizations == null || organizations.Count == 0)
{
return null;
}
return organizations.FirstOrDefault(o => o.Identifier == identifier);
}
public async Task<List<Organization>> GetAllOrganizationAsync()
{