bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2026-01-06 10:34:07 +00:00
Code Issues Releases Wiki Activity

Added SSO flows and functionality (#1047)

Browse Source 
* SSO login flow for pre-existing user and no 2FA

* 2FA progress

* 2FA support

* Added SSO flows and functionality

* Handle webauthenticator cancellation gracefully

* updates & bugfixes

* Added state validation to web auth response handling

* SSO auth, account registration, and environment settings support for iOS extensions

* Added SSO prevalidation to auth process

* prevalidation now hitting identity service base url

* additional error handling

* Requested changes

* fixed case
This commit is contained in:
Matt Portune
2020-09-03 12:30:40 -04:00
committed by GitHub
parent 3af08a4727
commit f1419a75f6
46 changed files with 4368 additions and 4072 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Core/Models/Domain/AuthResult.cs
View File

@@ -6,6 +6,7 @@ namespace Bit.Core.Models.Domain
public class AuthResult
{
public bool TwoFactor { get; set; }
public bool ResetMasterPassword { get; set; }
public Dictionary<TwoFactorProviderType, Dictionary<string, object>> TwoFactorProviders { get; set; }
}
}

22
src/Core/Models/Domain/MasterPasswordPolicyOptions.cs Normal file
View File

@@ -0,0 +1,22 @@
namespace Bit.Core.Models.Domain
{
public class MasterPasswordPolicyOptions
{
public int MinComplexity { get; set; }
public int MinLength { get; set; }
public bool RequireUpper { get; set; }
public bool RequireLower { get; set; }
public bool RequireNumbers { get; set; }
public bool RequireSpecial { get; set; }
public bool InEffect()
{
return MinComplexity > 0 ||
MinLength > 0 ||
RequireUpper ||
RequireLower ||
RequireNumbers ||
RequireSpecial;
}
}
}

7
src/Core/Models/Request/PasswordVerificationRequest.cs Normal file
View File

@@ -0,0 +1,7 @@
namespace Bit.Core.Models.Request
{
public class PasswordVerificationRequest
{
public string MasterPasswordHash { get; set; }
}
}

14
src/Core/Models/Request/SetPasswordRequest.cs Normal file
View File

@@ -0,0 +1,14 @@
using Bit.Core.Enums;
namespace Bit.Core.Models.Request
{
public class SetPasswordRequest
{
public string MasterPasswordHash { get; set; }
public string Key { get; set; }
public string MasterPasswordHint { get; set; }
public KeysRequest Keys { get; set; }
public KdfType Kdf { get; set; }
public int KdfIterations { get; set; }
}
}

51
src/Core/Models/Request/TokenRequest.cs
View File

@@ -9,21 +9,60 @@ namespace Bit.Core.Models.Request
{
public string Email { get; set; }
public string MasterPasswordHash { get; set; }
public string Code { get; set; }
public string CodeVerifier { get; set; }
public string RedirectUri { get; set; }
public string Token { get; set; }
public TwoFactorProviderType? Provider { get; set; }
public bool Remember { get; set; }
public bool? Remember { get; set; }
public DeviceRequest Device { get; set; }
public TokenRequest(string[] credentials, string[] codes, TwoFactorProviderType? provider, string token,
bool? remember, DeviceRequest device = null)
{
if (credentials != null && credentials.Length > 1)
{
Email = credentials[0];
MasterPasswordHash = credentials[1];
}
else if (codes != null && codes.Length > 2)
{
Code = codes[0];
CodeVerifier = codes[1];
RedirectUri = codes[2];
}
Token = token;
Provider = provider;
Remember = remember;
Device = device;
}
public Dictionary<string, string> ToIdentityToken(string clientId)
{
var obj = new Dictionary<string, string>
{
["grant_type"] = "password",
["username"] = Email,
["password"] = MasterPasswordHash,
["scope"] = "api offline_access",
["client_id"] = clientId
};
if (MasterPasswordHash != null && Email != null)
{
obj.Add("grant_type", "password");
obj.Add("username", Email);
obj.Add("password", MasterPasswordHash);
}
else if (Code != null && CodeVerifier != null && RedirectUri != null)
{
obj.Add("grant_type", "authorization_code");
obj.Add("code", Code);
obj.Add("code_verifier", CodeVerifier);
obj.Add("redirect_uri", RedirectUri);
}
else
{
throw new Exception("must provide credentials or codes");
}
if (Device != null)
{
obj.Add("deviceType", ((int)Device.Type).ToString());
@@ -31,11 +70,11 @@ namespace Bit.Core.Models.Request
obj.Add("deviceName", Device.Name);
obj.Add("devicePushToken", Device.PushToken);
}
if (!string.IsNullOrWhiteSpace(Token) && Provider != null)
if (!string.IsNullOrWhiteSpace(Token) && Provider != null && Remember.HasValue)
{
obj.Add("twoFactorToken", Token);
obj.Add("twoFactorProvider", ((int)Provider.Value).ToString());
obj.Add("twoFactorRemember", Remember ? "1" : "0");
obj.Add("twoFactorRemember", Remember.GetValueOrDefault() ? "1" : "0");
}
return obj;
}

7
src/Core/Models/Response/IdentityTokenResponse.cs
View File

@@ -1,4 +1,5 @@
using Newtonsoft.Json;
using Bit.Core.Enums;
using Newtonsoft.Json;
namespace Bit.Core.Models.Response
{
@@ -12,8 +13,12 @@ namespace Bit.Core.Models.Response
public string RefreshToken { get; set; }
[JsonProperty("token_type")]
public string TokenType { get; set; }
public bool ResetMasterPassword { get; set; }
public string PrivateKey { get; set; }
public string Key { get; set; }
public string TwoFactorToken { get; set; }
public KdfType Kdf { get; set; }
public int KdfIterations { get; set; }
}
}