Added SSO flows and functionality (#1047)

* SSO login flow for pre-existing user and no 2FA * 2FA progress * 2FA support * Added SSO flows and functionality * Handle webauthenticator cancellation gracefully * updates & bugfixes * Added state validation to web auth response handling * SSO auth, account registration, and environment settings support for iOS extensions * Added SSO prevalidation to auth process * prevalidation now hitting identity service base url * additional error handling * Requested changes * fixed case
2025-12-20 02:03:49 +00:00 · 2020-09-03 12:30:40 -04:00
parent 3af08a4727
commit f1419a75f6
46 changed files with 4368 additions and 4072 deletions
--- a/src/App/Pages/Accounts/TwoFactorPageViewModel.cs
+++ b/src/App/Pages/Accounts/TwoFactorPageViewModel.cs
@@ -31,6 +31,7 @@ namespace Bit.App.Pages
        private TwoFactorProviderType? _selectedProviderType;
        private string _totpInstruction;
        private string _webVaultUrl = "https://vault.bitwarden.com";
+        private bool _authingWithSso = false;

        public TwoFactorPageViewModel()
        {
@@ -89,19 +90,21 @@ namespace Bit.App.Pages
            });
        }
        public Command SubmitCommand { get; }
-        public Action TwoFactorAction { get; set; }
+        public Action TwoFactorAuthSuccessAction { get; set; }
+        public Action StartSetPasswordAction { get; set; }
        public Action CloseAction { get; set; }

        public void Init()
        {
-            if (string.IsNullOrWhiteSpace(_authService.Email) ||
-                string.IsNullOrWhiteSpace(_authService.MasterPasswordHash) ||
+            if ((!_authService.AuthingWithSso() && !_authService.AuthingWithPassword()) ||
                _authService.TwoFactorProvidersData == null)
            {
                // TODO: dismiss modal?
                return;
            }

+            _authingWithSso = _authService.AuthingWithSso();
+
            if (!string.IsNullOrWhiteSpace(_environmentService.BaseUrl))
            {
                _webVaultUrl = _environmentService.BaseUrl;
@@ -204,14 +207,21 @@ namespace Bit.App.Pages
            try
            {
                await _deviceActionService.ShowLoadingAsync(AppResources.Validating);
-                await _authService.LogInTwoFactorAsync(SelectedProviderType.Value, Token, Remember);
-                await _deviceActionService.HideLoadingAsync();
+                var result = await _authService.LogInTwoFactorAsync(SelectedProviderType.Value, Token, Remember);
                var task = Task.Run(() => _syncService.FullSyncAsync(true));
+                await _deviceActionService.HideLoadingAsync();
                _messagingService.Send("listenYubiKeyOTP", false);
                _broadcasterService.Unsubscribe(nameof(TwoFactorPage));
-                var disableFavicon = await _storageService.GetAsync<bool?>(Constants.DisableFaviconKey);
-                await _stateService.SaveAsync(Constants.DisableFaviconKey, disableFavicon.GetValueOrDefault());
-                TwoFactorAction?.Invoke();
+                if (_authingWithSso && result.ResetMasterPassword)
+                {
+                    StartSetPasswordAction?.Invoke();
+                }
+                else
+                {
+                    var disableFavicon = await _storageService.GetAsync<bool?>(Constants.DisableFaviconKey);
+                    await _stateService.SaveAsync(Constants.DisableFaviconKey, disableFavicon.GetValueOrDefault());
+                    TwoFactorAuthSuccessAction?.Invoke();
+                }
            }
            catch (ApiException e)
            {