bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-25 12:43:14 +00:00
Code Issues Releases Wiki Activity

Support use of organizationId parameter in authorization (#5758)

Browse Source
This commit is contained in:
Thomas Rittson
2025-05-02 07:00:48 +10:00
committed by GitHub
parent 9da98d8e97
commit 41001fefae
2 changed files with 55 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/Api/AdminConsole/Authorization/HttpContextExtensions.cs
View File

@@ -9,7 +9,7 @@ namespace Bit.Api.AdminConsole.Authorization;
public static class HttpContextExtensions
{
public const string NoOrgIdError =
"A route decorated with with '[Authorize<Requirement>]' must include a route value named 'orgId' either through the [Controller] attribute or through a '[Http*]' attribute.";
"A route decorated with with '[Authorize<Requirement>]' must include a route value named 'orgId' or 'organizationId' either through the [Controller] attribute or through a '[Http*]' attribute.";
/// <summary>
/// Returns the result of the callback, caching it in HttpContext.Features for the lifetime of the request.
@@ -61,19 +61,27 @@ public static class HttpContextExtensions
/// <summary>
/// Parses the {orgId} route parameter into a Guid, or throws if the {orgId} is not present or not a valid guid.
/// Parses the {orgId} or {organizationId} route parameter into a Guid, or throws if neither are present or are not valid guids.
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
/// <exception cref="InvalidOperationException"></exception>
public static Guid GetOrganizationId(this HttpContext httpContext)
{
httpContext.GetRouteData().Values.TryGetValue("orgId", out var orgIdParam);
if (orgIdParam == null || !Guid.TryParse(orgIdParam.ToString(), out var orgId))
var routeValues = httpContext.GetRouteData().Values;
routeValues.TryGetValue("orgId", out var orgIdParam);
if (orgIdParam != null && Guid.TryParse(orgIdParam.ToString(), out var orgId))
{
throw new InvalidOperationException(NoOrgIdError);
return orgId;
}
return orgId;
routeValues.TryGetValue("organizationId", out var organizationIdParam);
if (organizationIdParam != null && Guid.TryParse(organizationIdParam.ToString(), out var organizationId))
{
return organizationId;
}
throw new InvalidOperationException(NoOrgIdError);
}
}