bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-20 18:23:44 +00:00
Code Issues Releases Wiki Activity

CSA-2 - Require user interaction for SSO redirect (#1948)

Browse Source 
* CSA-2 - adding validation before redirecting for SSO login

* Updating server to use generated and signed JWT for SSO redirect

* Removing erroneous file

* Removing erroneous file

* Updating for PR feedback, adding domain_hint to Login and fixing invalid domain_hint name reference

* Some code styling changes from PR feedback

* Removing unnecessary JSON serialization

* Couple small changes from PR feedback

* Fixing linting errors

* Update formatting in AccountController.cs

* Remove unused dependency

* Add token lifetime to settings

* Use tokenable directly

* Return defined models

* Revert sso proj file changes

* Check expiration validity when validating org

* Show error message with expired token

* Formatting fixes

* Add SsoTokenLifetime to Sso settings

* Fix build errors

* Fix sql warnings

Co-authored-by: Carlos J. Muentes <cmuentes@bitwarden.com>
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
This commit is contained in:
Carlos J. Muentes
2022-06-01 13:23:52 -04:00
committed by GitHub
parent c27645265c
commit 14302efa2c
16 changed files with 267 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Core/Settings/GlobalSettings.cs
View File

@@ -67,7 +67,7 @@ namespace Bit.Core.Settings
public virtual AmazonSettings Amazon { get; set; } = new AmazonSettings();
public virtual ServiceBusSettings ServiceBus { get; set; } = new ServiceBusSettings();
public virtual AppleIapSettings AppleIap { get; set; } = new AppleIapSettings();
public virtual SsoSettings Sso { get; set; } = new SsoSettings();
public virtual ISsoSettings Sso { get; set; } = new SsoSettings();
public virtual StripeSettings Stripe { get; set; } = new StripeSettings();
public virtual ITwoFactorAuthSettings TwoFactorAuth { get; set; } = new TwoFactorAuthSettings();
@@ -461,9 +461,10 @@ namespace Bit.Core.Settings
public bool AppInReview { get; set; }
}
public class SsoSettings
public class SsoSettings : ISsoSettings
{
public int CacheLifetimeInSeconds { get; set; } = 60;
public double SsoTokenLifetimeInSeconds { get; set; } = 5;
}
public class CaptchaSettings