From 140f0017e32b652604204c1b7c6d92790a8b89d8 Mon Sep 17 00:00:00 2001 From: "M.A Heshmatkhah" Date: Thu, 29 Jun 2023 16:53:25 +0330 Subject: [PATCH 01/15] Fix problem with docker push (#2912) Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> --- scripts/build-docker | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/build-docker b/scripts/build-docker index b1c6433198..da8a82e864 100755 --- a/scripts/build-docker +++ b/scripts/build-docker @@ -25,7 +25,7 @@ docker_build() { docker build -t bitwarden/$project_name_lower:$docker_tag $project_dir if [ "$docker_push" == "1" ]; then - docker push bitwarden/$project_name_lower:$docker_tag $project_dir + docker push bitwarden/$project_name_lower:$docker_tag fi } From 3bffd480cb5c6e5b0cb1d8394e407c82c03493b5 Mon Sep 17 00:00:00 2001 From: Justin Baur <19896123+justindbaur@users.noreply.github.com> Date: Thu, 29 Jun 2023 09:37:58 -0400 Subject: [PATCH 02/15] Pin Microsoft.AspNetCore.Http (#3001) --- .../packages.lock.json | 2 +- bitwarden_license/src/Scim/packages.lock.json | 10 +- bitwarden_license/src/Sso/Sso.csproj | 3 + bitwarden_license/src/Sso/packages.lock.json | 35 ++-- .../Commercial.Core.Test/packages.lock.json | 8 +- .../Scim.IntegrationTest/packages.lock.json | 24 +-- .../test/Scim.Test/packages.lock.json | 16 +- src/Admin/packages.lock.json | 26 +-- src/Api/packages.lock.json | 108 ++++++------ src/Billing/packages.lock.json | 10 +- src/Events/packages.lock.json | 10 +- src/EventsProcessor/packages.lock.json | 10 +- src/Icons/packages.lock.json | 10 +- src/Identity/packages.lock.json | 10 +- src/Notifications/packages.lock.json | 10 +- src/SharedWeb/packages.lock.json | 4 +- test/Api.IntegrationTest/packages.lock.json | 164 ++++++++--------- test/Api.Test/packages.lock.json | 166 +++++++++--------- test/Billing.Test/packages.lock.json | 16 +- test/Core.Test/packages.lock.json | 2 +- test/Icons.Test/packages.lock.json | 14 +- .../packages.lock.json | 20 +-- test/Identity.Test/packages.lock.json | 16 +- .../packages.lock.json | 10 +- .../packages.lock.json | 4 +- test/IntegrationTestCommon/packages.lock.json | 16 +- util/MsSqlMigratorUtility/packages.lock.json | 2 +- util/MySqlMigrations/packages.lock.json | 2 +- util/PostgresMigrations/packages.lock.json | 2 +- util/Setup/packages.lock.json | 2 +- util/SqlServerEFScaffold/packages.lock.json | 134 +++++++------- util/SqliteMigrations/packages.lock.json | 2 +- 32 files changed, 436 insertions(+), 432 deletions(-) diff --git a/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/packages.lock.json b/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/packages.lock.json index 0f1a8e47ad..c684598044 100644 --- a/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/packages.lock.json +++ b/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/packages.lock.json @@ -2783,7 +2783,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", diff --git a/bitwarden_license/src/Scim/packages.lock.json b/bitwarden_license/src/Scim/packages.lock.json index 79daea5128..71a9369c47 100644 --- a/bitwarden_license/src/Scim/packages.lock.json +++ b/bitwarden_license/src/Scim/packages.lock.json @@ -2786,7 +2786,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2794,7 +2794,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2806,9 +2806,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/bitwarden_license/src/Sso/Sso.csproj b/bitwarden_license/src/Sso/Sso.csproj index 3573355483..7d93b89363 100644 --- a/bitwarden_license/src/Sso/Sso.csproj +++ b/bitwarden_license/src/Sso/Sso.csproj @@ -7,6 +7,9 @@ + + + diff --git a/bitwarden_license/src/Sso/packages.lock.json b/bitwarden_license/src/Sso/packages.lock.json index c2f6bc6a67..f2b5a69a99 100644 --- a/bitwarden_license/src/Sso/packages.lock.json +++ b/bitwarden_license/src/Sso/packages.lock.json @@ -2,6 +2,19 @@ "version": 1, "dependencies": { "net6.0": { + "Microsoft.AspNetCore.Http": { + "type": "Direct", + "requested": "[2.1.22, )", + "resolved": "2.1.22", + "contentHash": "+Blk++1JWqghbl8+3azQmKhiNZA5wAepL9dY2I6KVmu2Ri07MAcvAVC888qUvO7yd7xgRgZOMfihezKg14O/2A==", + "dependencies": { + "Microsoft.AspNetCore.Http.Abstractions": "2.1.1", + "Microsoft.AspNetCore.WebUtilities": "2.1.1", + "Microsoft.Extensions.ObjectPool": "2.1.1", + "Microsoft.Extensions.Options": "2.1.1", + "Microsoft.Net.Http.Headers": "2.1.1" + } + }, "Sustainsys.Saml2.AspNetCore2": { "type": "Direct", "requested": "[2.9.0, )", @@ -418,18 +431,6 @@ "resolved": "3.1.32", "contentHash": "MPL4iVyiaRxnOUY5VATHjvhDWaAEFb77KFiUxVRklv3Z3v+STofUr1UG/aCt1O9cgN7FVTDaC5A7U+zsLub8Xg==" }, - "Microsoft.AspNetCore.Http": { - "type": "Transitive", - "resolved": "2.1.1", - "contentHash": "pPDcCW8spnyibK3krpxrOpaFHf5fjV6k1Hsl6gfh77N/8gRYlLU7MOQDUnjpEwdlHmtxwJKQJNxZqVQOmJGRUw==", - "dependencies": { - "Microsoft.AspNetCore.Http.Abstractions": "2.1.1", - "Microsoft.AspNetCore.WebUtilities": "2.1.1", - "Microsoft.Extensions.ObjectPool": "2.1.1", - "Microsoft.Extensions.Options": "2.1.1", - "Microsoft.Net.Http.Headers": "2.1.1" - } - }, "Microsoft.AspNetCore.Http.Abstractions": { "type": "Transitive", "resolved": "2.1.1", @@ -2945,7 +2946,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2953,7 +2954,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2965,9 +2966,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/bitwarden_license/test/Commercial.Core.Test/packages.lock.json b/bitwarden_license/test/Commercial.Core.Test/packages.lock.json index daa76ebc37..6d412ff083 100644 --- a/bitwarden_license/test/Commercial.Core.Test/packages.lock.json +++ b/bitwarden_license/test/Commercial.Core.Test/packages.lock.json @@ -2818,7 +2818,7 @@ "commercial.core": { "type": "Project", "dependencies": { - "Core": "2023.4.3" + "Core": "2023.5.1" } }, "common": { @@ -2826,7 +2826,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -2880,8 +2880,8 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Common": "2023.4.3", - "Core": "2023.4.3", + "Common": "2023.5.1", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "Moq": "4.17.2", diff --git a/bitwarden_license/test/Scim.IntegrationTest/packages.lock.json b/bitwarden_license/test/Scim.IntegrationTest/packages.lock.json index 3e5ff59a26..3294c41416 100644 --- a/bitwarden_license/test/Scim.IntegrationTest/packages.lock.json +++ b/bitwarden_license/test/Scim.IntegrationTest/packages.lock.json @@ -3144,7 +3144,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -3196,15 +3196,15 @@ "identity": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "SharedWeb": "2023.4.3", + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", "Swashbuckle.AspNetCore.SwaggerGen": "6.5.0" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -3212,7 +3212,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -3224,8 +3224,8 @@ "integrationtestcommon": { "type": "Project", "dependencies": { - "Common": "2023.4.3", - "Identity": "2023.4.3", + "Common": "2023.5.1", + "Identity": "2023.5.1", "Microsoft.AspNetCore.Mvc.Testing": "6.0.5", "Microsoft.EntityFrameworkCore.InMemory": "6.0.5", "Microsoft.Extensions.Configuration": "6.0.1" @@ -3234,16 +3234,16 @@ "scim": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "SharedWeb": "2023.4.3" + "Core": "2023.5.1", + "SharedWeb": "2023.5.1" } }, "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/bitwarden_license/test/Scim.Test/packages.lock.json b/bitwarden_license/test/Scim.Test/packages.lock.json index 20d19ac81b..9a7b77fa94 100644 --- a/bitwarden_license/test/Scim.Test/packages.lock.json +++ b/bitwarden_license/test/Scim.Test/packages.lock.json @@ -2989,7 +2989,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -3041,7 +3041,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -3049,7 +3049,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -3061,16 +3061,16 @@ "scim": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "SharedWeb": "2023.4.3" + "Core": "2023.5.1", + "SharedWeb": "2023.5.1" } }, "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/Admin/packages.lock.json b/src/Admin/packages.lock.json index bd8b7ae705..b64086008f 100644 --- a/src/Admin/packages.lock.json +++ b/src/Admin/packages.lock.json @@ -2834,7 +2834,7 @@ "commercial.core": { "type": "Project", "dependencies": { - "Core": "2023.4.3" + "Core": "2023.5.1" } }, "core": { @@ -2882,7 +2882,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2890,7 +2890,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2902,7 +2902,7 @@ "migrator": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.Extensions.Logging": "6.0.0", "dbup-sqlserver": "5.0.8" } @@ -2910,30 +2910,30 @@ "mysqlmigrations": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } }, "postgresmigrations": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } }, "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } }, "sqlitemigrations": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/Api/packages.lock.json b/src/Api/packages.lock.json index 10b16441c0..2aa032d5c9 100644 --- a/src/Api/packages.lock.json +++ b/src/Api/packages.lock.json @@ -2907,85 +2907,85 @@ "commercial.core": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )" + "Core": "2023.5.1" } }, "commercial.infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } }, "core": { "type": "Project", "dependencies": { - "AWSSDK.SQS": "[3.7.2.47, )", - "AWSSDK.SimpleEmail": "[3.7.0.150, )", - "AspNetCoreRateLimit": "[4.0.2, )", - "AspNetCoreRateLimit.Redis": "[1.0.1, )", - "Azure.Extensions.AspNetCore.DataProtection.Blobs": "[1.3.2, )", - "Azure.Storage.Blobs": "[12.14.1, )", - "Azure.Storage.Queues": "[12.12.0, )", - "BitPay.Light": "[1.0.1907, )", - "Braintree": "[5.12.0, )", - "DnsClient": "[1.7.0, )", - "Fido2.AspNet": "[3.0.1, )", - "Handlebars.Net": "[2.1.2, )", - "IdentityServer4": "[4.1.2, )", - "IdentityServer4.AccessTokenValidation": "[3.0.1, )", - "LaunchDarkly.ServerSdk": "[7.0.0, )", - "MailKit": "[3.2.0, )", - "Microsoft.AspNetCore.Authentication.JwtBearer": "[6.0.4, )", - "Microsoft.Azure.Cosmos.Table": "[1.0.8, )", - "Microsoft.Azure.NotificationHubs": "[4.1.0, )", - "Microsoft.Azure.ServiceBus": "[5.2.0, )", - "Microsoft.Data.SqlClient": "[5.0.1, )", - "Microsoft.Extensions.Caching.StackExchangeRedis": "[6.0.6, )", - "Microsoft.Extensions.Configuration.EnvironmentVariables": "[6.0.1, )", - "Microsoft.Extensions.Configuration.UserSecrets": "[6.0.1, )", - "Microsoft.Extensions.Identity.Stores": "[6.0.4, )", - "Newtonsoft.Json": "[13.0.1, )", - "Otp.NET": "[1.2.2, )", - "Quartz": "[3.4.0, )", - "SendGrid": "[9.27.0, )", - "Sentry.Serilog": "[3.16.0, )", - "Serilog.AspNetCore": "[5.0.0, )", - "Serilog.Extensions.Logging": "[3.1.0, )", - "Serilog.Extensions.Logging.File": "[2.0.0, )", - "Serilog.Sinks.AzureCosmosDB": "[2.0.0, )", - "Serilog.Sinks.SyslogMessages": "[2.0.6, )", - "Stripe.net": "[40.0.0, )", - "YubicoDotNetClient": "[1.2.0, )" + "AWSSDK.SQS": "3.7.2.47", + "AWSSDK.SimpleEmail": "3.7.0.150", + "AspNetCoreRateLimit": "4.0.2", + "AspNetCoreRateLimit.Redis": "1.0.1", + "Azure.Extensions.AspNetCore.DataProtection.Blobs": "1.3.2", + "Azure.Storage.Blobs": "12.14.1", + "Azure.Storage.Queues": "12.12.0", + "BitPay.Light": "1.0.1907", + "Braintree": "5.12.0", + "DnsClient": "1.7.0", + "Fido2.AspNet": "3.0.1", + "Handlebars.Net": "2.1.2", + "IdentityServer4": "4.1.2", + "IdentityServer4.AccessTokenValidation": "3.0.1", + "LaunchDarkly.ServerSdk": "7.0.0", + "MailKit": "3.2.0", + "Microsoft.AspNetCore.Authentication.JwtBearer": "6.0.4", + "Microsoft.Azure.Cosmos.Table": "1.0.8", + "Microsoft.Azure.NotificationHubs": "4.1.0", + "Microsoft.Azure.ServiceBus": "5.2.0", + "Microsoft.Data.SqlClient": "5.0.1", + "Microsoft.Extensions.Caching.StackExchangeRedis": "6.0.6", + "Microsoft.Extensions.Configuration.EnvironmentVariables": "6.0.1", + "Microsoft.Extensions.Configuration.UserSecrets": "6.0.1", + "Microsoft.Extensions.Identity.Stores": "6.0.4", + "Newtonsoft.Json": "13.0.1", + "Otp.NET": "1.2.2", + "Quartz": "3.4.0", + "SendGrid": "9.27.0", + "Sentry.Serilog": "3.16.0", + "Serilog.AspNetCore": "5.0.0", + "Serilog.Extensions.Logging": "3.1.0", + "Serilog.Extensions.Logging.File": "2.0.0", + "Serilog.Sinks.AzureCosmosDB": "2.0.0", + "Serilog.Sinks.SyslogMessages": "2.0.6", + "Stripe.net": "40.0.0", + "YubicoDotNetClient": "1.2.0" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Dapper": "[2.0.123, )" + "Core": "2023.5.1", + "Dapper": "2.0.123" } }, "infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Microsoft.EntityFrameworkCore.Relational": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.SqlServer": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.Sqlite": "[6.0.12, )", - "Npgsql.EntityFrameworkCore.PostgreSQL": "[6.0.8, )", - "Pomelo.EntityFrameworkCore.MySql": "[6.0.2, )", - "linq2db.EntityFrameworkCore": "[6.11.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Microsoft.EntityFrameworkCore.Relational": "6.0.12", + "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", + "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", + "Npgsql.EntityFrameworkCore.PostgreSQL": "6.0.8", + "Pomelo.EntityFrameworkCore.MySql": "6.0.2", + "linq2db.EntityFrameworkCore": "6.11.0" } }, "sharedweb": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Infrastructure.Dapper": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/Billing/packages.lock.json b/src/Billing/packages.lock.json index 79daea5128..71a9369c47 100644 --- a/src/Billing/packages.lock.json +++ b/src/Billing/packages.lock.json @@ -2786,7 +2786,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2794,7 +2794,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2806,9 +2806,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/Events/packages.lock.json b/src/Events/packages.lock.json index 79daea5128..71a9369c47 100644 --- a/src/Events/packages.lock.json +++ b/src/Events/packages.lock.json @@ -2786,7 +2786,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2794,7 +2794,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2806,9 +2806,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/EventsProcessor/packages.lock.json b/src/EventsProcessor/packages.lock.json index 79daea5128..71a9369c47 100644 --- a/src/EventsProcessor/packages.lock.json +++ b/src/EventsProcessor/packages.lock.json @@ -2786,7 +2786,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2794,7 +2794,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2806,9 +2806,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/Icons/packages.lock.json b/src/Icons/packages.lock.json index 606ce3fc30..dfbc314b28 100644 --- a/src/Icons/packages.lock.json +++ b/src/Icons/packages.lock.json @@ -2796,7 +2796,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2804,7 +2804,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2816,9 +2816,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/Identity/packages.lock.json b/src/Identity/packages.lock.json index bcf1c0e8b4..2a7827b449 100644 --- a/src/Identity/packages.lock.json +++ b/src/Identity/packages.lock.json @@ -2808,7 +2808,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2816,7 +2816,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2828,9 +2828,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/Notifications/packages.lock.json b/src/Notifications/packages.lock.json index 4d16450e93..859220ef83 100644 --- a/src/Notifications/packages.lock.json +++ b/src/Notifications/packages.lock.json @@ -2836,7 +2836,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2844,7 +2844,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2856,9 +2856,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/src/SharedWeb/packages.lock.json b/src/SharedWeb/packages.lock.json index db03af92cd..706a2d2a66 100644 --- a/src/SharedWeb/packages.lock.json +++ b/src/SharedWeb/packages.lock.json @@ -2786,7 +2786,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2794,7 +2794,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", diff --git a/test/Api.IntegrationTest/packages.lock.json b/test/Api.IntegrationTest/packages.lock.json index 427d253dc9..4cc0a45507 100644 --- a/test/Api.IntegrationTest/packages.lock.json +++ b/test/Api.IntegrationTest/packages.lock.json @@ -3273,133 +3273,133 @@ "api": { "type": "Project", "dependencies": { - "AspNetCore.HealthChecks.AzureServiceBus": "[6.1.0, )", - "AspNetCore.HealthChecks.AzureStorage": "[6.1.2, )", - "AspNetCore.HealthChecks.Network": "[6.0.4, )", - "AspNetCore.HealthChecks.Redis": "[6.0.4, )", - "AspNetCore.HealthChecks.SendGrid": "[6.0.2, )", - "AspNetCore.HealthChecks.SqlServer": "[6.0.2, )", - "AspNetCore.HealthChecks.Uris": "[6.0.3, )", - "Azure.Messaging.EventGrid": "[4.10.0, )", - "Commercial.Core": "[2023.5.0, )", - "Commercial.Infrastructure.EntityFramework": "[2023.5.0, )", - "Core": "[2023.5.0, )", - "SharedWeb": "[2023.5.0, )", - "Swashbuckle.AspNetCore": "[6.5.0, )" + "AspNetCore.HealthChecks.AzureServiceBus": "6.1.0", + "AspNetCore.HealthChecks.AzureStorage": "6.1.2", + "AspNetCore.HealthChecks.Network": "6.0.4", + "AspNetCore.HealthChecks.Redis": "6.0.4", + "AspNetCore.HealthChecks.SendGrid": "6.0.2", + "AspNetCore.HealthChecks.SqlServer": "6.0.2", + "AspNetCore.HealthChecks.Uris": "6.0.3", + "Azure.Messaging.EventGrid": "4.10.0", + "Commercial.Core": "2023.5.1", + "Commercial.Infrastructure.EntityFramework": "2023.5.1", + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", + "Swashbuckle.AspNetCore": "6.5.0" } }, "commercial.core": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )" + "Core": "2023.5.1" } }, "commercial.infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } }, "common": { "type": "Project", "dependencies": { - "AutoFixture.AutoNSubstitute": "[4.17.0, )", - "AutoFixture.Xunit2": "[4.17.0, )", - "Core": "[2023.5.0, )", - "Kralizek.AutoFixture.Extensions.MockHttp": "[1.2.0, )", - "Microsoft.NET.Test.Sdk": "[17.1.0, )", - "NSubstitute": "[4.3.0, )", - "xunit": "[2.4.1, )" + "AutoFixture.AutoNSubstitute": "4.17.0", + "AutoFixture.Xunit2": "4.17.0", + "Core": "2023.5.1", + "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", + "Microsoft.NET.Test.Sdk": "17.1.0", + "NSubstitute": "4.3.0", + "xunit": "2.4.1" } }, "core": { "type": "Project", "dependencies": { - "AWSSDK.SQS": "[3.7.2.47, )", - "AWSSDK.SimpleEmail": "[3.7.0.150, )", - "AspNetCoreRateLimit": "[4.0.2, )", - "AspNetCoreRateLimit.Redis": "[1.0.1, )", - "Azure.Extensions.AspNetCore.DataProtection.Blobs": "[1.3.2, )", - "Azure.Storage.Blobs": "[12.14.1, )", - "Azure.Storage.Queues": "[12.12.0, )", - "BitPay.Light": "[1.0.1907, )", - "Braintree": "[5.12.0, )", - "DnsClient": "[1.7.0, )", - "Fido2.AspNet": "[3.0.1, )", - "Handlebars.Net": "[2.1.2, )", - "IdentityServer4": "[4.1.2, )", - "IdentityServer4.AccessTokenValidation": "[3.0.1, )", - "LaunchDarkly.ServerSdk": "[7.0.0, )", - "MailKit": "[3.2.0, )", - "Microsoft.AspNetCore.Authentication.JwtBearer": "[6.0.4, )", - "Microsoft.Azure.Cosmos.Table": "[1.0.8, )", - "Microsoft.Azure.NotificationHubs": "[4.1.0, )", - "Microsoft.Azure.ServiceBus": "[5.2.0, )", - "Microsoft.Data.SqlClient": "[5.0.1, )", - "Microsoft.Extensions.Caching.StackExchangeRedis": "[6.0.6, )", - "Microsoft.Extensions.Configuration.EnvironmentVariables": "[6.0.1, )", - "Microsoft.Extensions.Configuration.UserSecrets": "[6.0.1, )", - "Microsoft.Extensions.Identity.Stores": "[6.0.4, )", - "Newtonsoft.Json": "[13.0.1, )", - "Otp.NET": "[1.2.2, )", - "Quartz": "[3.4.0, )", - "SendGrid": "[9.27.0, )", - "Sentry.Serilog": "[3.16.0, )", - "Serilog.AspNetCore": "[5.0.0, )", - "Serilog.Extensions.Logging": "[3.1.0, )", - "Serilog.Extensions.Logging.File": "[2.0.0, )", - "Serilog.Sinks.AzureCosmosDB": "[2.0.0, )", - "Serilog.Sinks.SyslogMessages": "[2.0.6, )", - "Stripe.net": "[40.0.0, )", - "YubicoDotNetClient": "[1.2.0, )" + "AWSSDK.SQS": "3.7.2.47", + "AWSSDK.SimpleEmail": "3.7.0.150", + "AspNetCoreRateLimit": "4.0.2", + "AspNetCoreRateLimit.Redis": "1.0.1", + "Azure.Extensions.AspNetCore.DataProtection.Blobs": "1.3.2", + "Azure.Storage.Blobs": "12.14.1", + "Azure.Storage.Queues": "12.12.0", + "BitPay.Light": "1.0.1907", + "Braintree": "5.12.0", + "DnsClient": "1.7.0", + "Fido2.AspNet": "3.0.1", + "Handlebars.Net": "2.1.2", + "IdentityServer4": "4.1.2", + "IdentityServer4.AccessTokenValidation": "3.0.1", + "LaunchDarkly.ServerSdk": "7.0.0", + "MailKit": "3.2.0", + "Microsoft.AspNetCore.Authentication.JwtBearer": "6.0.4", + "Microsoft.Azure.Cosmos.Table": "1.0.8", + "Microsoft.Azure.NotificationHubs": "4.1.0", + "Microsoft.Azure.ServiceBus": "5.2.0", + "Microsoft.Data.SqlClient": "5.0.1", + "Microsoft.Extensions.Caching.StackExchangeRedis": "6.0.6", + "Microsoft.Extensions.Configuration.EnvironmentVariables": "6.0.1", + "Microsoft.Extensions.Configuration.UserSecrets": "6.0.1", + "Microsoft.Extensions.Identity.Stores": "6.0.4", + "Newtonsoft.Json": "13.0.1", + "Otp.NET": "1.2.2", + "Quartz": "3.4.0", + "SendGrid": "9.27.0", + "Sentry.Serilog": "3.16.0", + "Serilog.AspNetCore": "5.0.0", + "Serilog.Extensions.Logging": "3.1.0", + "Serilog.Extensions.Logging.File": "2.0.0", + "Serilog.Sinks.AzureCosmosDB": "2.0.0", + "Serilog.Sinks.SyslogMessages": "2.0.6", + "Stripe.net": "40.0.0", + "YubicoDotNetClient": "1.2.0" } }, "identity": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "SharedWeb": "[2023.5.0, )", - "Swashbuckle.AspNetCore.SwaggerGen": "[6.5.0, )" + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", + "Swashbuckle.AspNetCore.SwaggerGen": "6.5.0" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Dapper": "[2.0.123, )" + "Core": "2023.5.1", + "Dapper": "2.0.123" } }, "infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Microsoft.EntityFrameworkCore.Relational": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.SqlServer": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.Sqlite": "[6.0.12, )", - "Npgsql.EntityFrameworkCore.PostgreSQL": "[6.0.8, )", - "Pomelo.EntityFrameworkCore.MySql": "[6.0.2, )", - "linq2db.EntityFrameworkCore": "[6.11.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Microsoft.EntityFrameworkCore.Relational": "6.0.12", + "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", + "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", + "Npgsql.EntityFrameworkCore.PostgreSQL": "6.0.8", + "Pomelo.EntityFrameworkCore.MySql": "6.0.2", + "linq2db.EntityFrameworkCore": "6.11.0" } }, "integrationtestcommon": { "type": "Project", "dependencies": { - "Common": "[2023.5.0, )", - "Identity": "[2023.5.0, )", - "Microsoft.AspNetCore.Mvc.Testing": "[6.0.5, )", - "Microsoft.EntityFrameworkCore.InMemory": "[6.0.5, )", - "Microsoft.Extensions.Configuration": "[6.0.1, )" + "Common": "2023.5.1", + "Identity": "2023.5.1", + "Microsoft.AspNetCore.Mvc.Testing": "6.0.5", + "Microsoft.EntityFrameworkCore.InMemory": "6.0.5", + "Microsoft.Extensions.Configuration": "6.0.1" } }, "sharedweb": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Infrastructure.Dapper": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/test/Api.Test/packages.lock.json b/test/Api.Test/packages.lock.json index c5bde98fde..4ebe194cc4 100644 --- a/test/Api.Test/packages.lock.json +++ b/test/Api.Test/packages.lock.json @@ -3151,129 +3151,129 @@ "api": { "type": "Project", "dependencies": { - "AspNetCore.HealthChecks.AzureServiceBus": "[6.1.0, )", - "AspNetCore.HealthChecks.AzureStorage": "[6.1.2, )", - "AspNetCore.HealthChecks.Network": "[6.0.4, )", - "AspNetCore.HealthChecks.Redis": "[6.0.4, )", - "AspNetCore.HealthChecks.SendGrid": "[6.0.2, )", - "AspNetCore.HealthChecks.SqlServer": "[6.0.2, )", - "AspNetCore.HealthChecks.Uris": "[6.0.3, )", - "Azure.Messaging.EventGrid": "[4.10.0, )", - "Commercial.Core": "[2023.5.0, )", - "Commercial.Infrastructure.EntityFramework": "[2023.5.0, )", - "Core": "[2023.5.0, )", - "SharedWeb": "[2023.5.0, )", - "Swashbuckle.AspNetCore": "[6.5.0, )" + "AspNetCore.HealthChecks.AzureServiceBus": "6.1.0", + "AspNetCore.HealthChecks.AzureStorage": "6.1.2", + "AspNetCore.HealthChecks.Network": "6.0.4", + "AspNetCore.HealthChecks.Redis": "6.0.4", + "AspNetCore.HealthChecks.SendGrid": "6.0.2", + "AspNetCore.HealthChecks.SqlServer": "6.0.2", + "AspNetCore.HealthChecks.Uris": "6.0.3", + "Azure.Messaging.EventGrid": "4.10.0", + "Commercial.Core": "2023.5.1", + "Commercial.Infrastructure.EntityFramework": "2023.5.1", + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", + "Swashbuckle.AspNetCore": "6.5.0" } }, "commercial.core": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )" + "Core": "2023.5.1" } }, "commercial.infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } }, "common": { "type": "Project", "dependencies": { - "AutoFixture.AutoNSubstitute": "[4.17.0, )", - "AutoFixture.Xunit2": "[4.17.0, )", - "Core": "[2023.5.0, )", - "Kralizek.AutoFixture.Extensions.MockHttp": "[1.2.0, )", - "Microsoft.NET.Test.Sdk": "[17.1.0, )", - "NSubstitute": "[4.3.0, )", - "xunit": "[2.4.1, )" + "AutoFixture.AutoNSubstitute": "4.17.0", + "AutoFixture.Xunit2": "4.17.0", + "Core": "2023.5.1", + "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", + "Microsoft.NET.Test.Sdk": "17.1.0", + "NSubstitute": "4.3.0", + "xunit": "2.4.1" } }, "core": { "type": "Project", "dependencies": { - "AWSSDK.SQS": "[3.7.2.47, )", - "AWSSDK.SimpleEmail": "[3.7.0.150, )", - "AspNetCoreRateLimit": "[4.0.2, )", - "AspNetCoreRateLimit.Redis": "[1.0.1, )", - "Azure.Extensions.AspNetCore.DataProtection.Blobs": "[1.3.2, )", - "Azure.Storage.Blobs": "[12.14.1, )", - "Azure.Storage.Queues": "[12.12.0, )", - "BitPay.Light": "[1.0.1907, )", - "Braintree": "[5.12.0, )", - "DnsClient": "[1.7.0, )", - "Fido2.AspNet": "[3.0.1, )", - "Handlebars.Net": "[2.1.2, )", - "IdentityServer4": "[4.1.2, )", - "IdentityServer4.AccessTokenValidation": "[3.0.1, )", - "LaunchDarkly.ServerSdk": "[7.0.0, )", - "MailKit": "[3.2.0, )", - "Microsoft.AspNetCore.Authentication.JwtBearer": "[6.0.4, )", - "Microsoft.Azure.Cosmos.Table": "[1.0.8, )", - "Microsoft.Azure.NotificationHubs": "[4.1.0, )", - "Microsoft.Azure.ServiceBus": "[5.2.0, )", - "Microsoft.Data.SqlClient": "[5.0.1, )", - "Microsoft.Extensions.Caching.StackExchangeRedis": "[6.0.6, )", - "Microsoft.Extensions.Configuration.EnvironmentVariables": "[6.0.1, )", - "Microsoft.Extensions.Configuration.UserSecrets": "[6.0.1, )", - "Microsoft.Extensions.Identity.Stores": "[6.0.4, )", - "Newtonsoft.Json": "[13.0.1, )", - "Otp.NET": "[1.2.2, )", - "Quartz": "[3.4.0, )", - "SendGrid": "[9.27.0, )", - "Sentry.Serilog": "[3.16.0, )", - "Serilog.AspNetCore": "[5.0.0, )", - "Serilog.Extensions.Logging": "[3.1.0, )", - "Serilog.Extensions.Logging.File": "[2.0.0, )", - "Serilog.Sinks.AzureCosmosDB": "[2.0.0, )", - "Serilog.Sinks.SyslogMessages": "[2.0.6, )", - "Stripe.net": "[40.0.0, )", - "YubicoDotNetClient": "[1.2.0, )" + "AWSSDK.SQS": "3.7.2.47", + "AWSSDK.SimpleEmail": "3.7.0.150", + "AspNetCoreRateLimit": "4.0.2", + "AspNetCoreRateLimit.Redis": "1.0.1", + "Azure.Extensions.AspNetCore.DataProtection.Blobs": "1.3.2", + "Azure.Storage.Blobs": "12.14.1", + "Azure.Storage.Queues": "12.12.0", + "BitPay.Light": "1.0.1907", + "Braintree": "5.12.0", + "DnsClient": "1.7.0", + "Fido2.AspNet": "3.0.1", + "Handlebars.Net": "2.1.2", + "IdentityServer4": "4.1.2", + "IdentityServer4.AccessTokenValidation": "3.0.1", + "LaunchDarkly.ServerSdk": "7.0.0", + "MailKit": "3.2.0", + "Microsoft.AspNetCore.Authentication.JwtBearer": "6.0.4", + "Microsoft.Azure.Cosmos.Table": "1.0.8", + "Microsoft.Azure.NotificationHubs": "4.1.0", + "Microsoft.Azure.ServiceBus": "5.2.0", + "Microsoft.Data.SqlClient": "5.0.1", + "Microsoft.Extensions.Caching.StackExchangeRedis": "6.0.6", + "Microsoft.Extensions.Configuration.EnvironmentVariables": "6.0.1", + "Microsoft.Extensions.Configuration.UserSecrets": "6.0.1", + "Microsoft.Extensions.Identity.Stores": "6.0.4", + "Newtonsoft.Json": "13.0.1", + "Otp.NET": "1.2.2", + "Quartz": "3.4.0", + "SendGrid": "9.27.0", + "Sentry.Serilog": "3.16.0", + "Serilog.AspNetCore": "5.0.0", + "Serilog.Extensions.Logging": "3.1.0", + "Serilog.Extensions.Logging.File": "2.0.0", + "Serilog.Sinks.AzureCosmosDB": "2.0.0", + "Serilog.Sinks.SyslogMessages": "2.0.6", + "Stripe.net": "40.0.0", + "YubicoDotNetClient": "1.2.0" } }, "core.test": { "type": "Project", "dependencies": { - "AutoFixture.AutoNSubstitute": "[4.17.0, )", - "AutoFixture.Xunit2": "[4.17.0, )", - "Common": "[2023.5.0, )", - "Core": "[2023.5.0, )", - "Kralizek.AutoFixture.Extensions.MockHttp": "[1.2.0, )", - "Microsoft.NET.Test.Sdk": "[17.1.0, )", - "Moq": "[4.17.2, )", - "NSubstitute": "[4.3.0, )", - "xunit": "[2.4.1, )" + "AutoFixture.AutoNSubstitute": "4.17.0", + "AutoFixture.Xunit2": "4.17.0", + "Common": "2023.5.1", + "Core": "2023.5.1", + "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", + "Microsoft.NET.Test.Sdk": "17.1.0", + "Moq": "4.17.2", + "NSubstitute": "4.3.0", + "xunit": "2.4.1" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Dapper": "[2.0.123, )" + "Core": "2023.5.1", + "Dapper": "2.0.123" } }, "infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Microsoft.EntityFrameworkCore.Relational": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.SqlServer": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.Sqlite": "[6.0.12, )", - "Npgsql.EntityFrameworkCore.PostgreSQL": "[6.0.8, )", - "Pomelo.EntityFrameworkCore.MySql": "[6.0.2, )", - "linq2db.EntityFrameworkCore": "[6.11.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Microsoft.EntityFrameworkCore.Relational": "6.0.12", + "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", + "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", + "Npgsql.EntityFrameworkCore.PostgreSQL": "6.0.8", + "Pomelo.EntityFrameworkCore.MySql": "6.0.2", + "linq2db.EntityFrameworkCore": "6.11.0" } }, "sharedweb": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Infrastructure.Dapper": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/test/Billing.Test/packages.lock.json b/test/Billing.Test/packages.lock.json index 474bc52aec..48fba3d276 100644 --- a/test/Billing.Test/packages.lock.json +++ b/test/Billing.Test/packages.lock.json @@ -2988,8 +2988,8 @@ "billing": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "SharedWeb": "2023.4.3" + "Core": "2023.5.1", + "SharedWeb": "2023.5.1" } }, "common": { @@ -2997,7 +2997,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -3049,7 +3049,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -3057,7 +3057,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -3069,9 +3069,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/test/Core.Test/packages.lock.json b/test/Core.Test/packages.lock.json index dd605b4e62..18ad34e71c 100644 --- a/test/Core.Test/packages.lock.json +++ b/test/Core.Test/packages.lock.json @@ -2825,7 +2825,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", diff --git a/test/Icons.Test/packages.lock.json b/test/Icons.Test/packages.lock.json index 0c902100b4..98068b2988 100644 --- a/test/Icons.Test/packages.lock.json +++ b/test/Icons.Test/packages.lock.json @@ -2972,14 +2972,14 @@ "type": "Project", "dependencies": { "AngleSharp": "0.16.1", - "Core": "2023.4.3", - "SharedWeb": "2023.4.3" + "Core": "2023.5.1", + "SharedWeb": "2023.5.1" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2987,7 +2987,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -2999,9 +2999,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/test/Identity.IntegrationTest/packages.lock.json b/test/Identity.IntegrationTest/packages.lock.json index 471e1da6a5..51f1ebbca3 100644 --- a/test/Identity.IntegrationTest/packages.lock.json +++ b/test/Identity.IntegrationTest/packages.lock.json @@ -3144,7 +3144,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -3196,15 +3196,15 @@ "identity": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "SharedWeb": "2023.4.3", + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", "Swashbuckle.AspNetCore.SwaggerGen": "6.5.0" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -3212,7 +3212,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -3224,8 +3224,8 @@ "integrationtestcommon": { "type": "Project", "dependencies": { - "Common": "2023.4.3", - "Identity": "2023.4.3", + "Common": "2023.5.1", + "Identity": "2023.5.1", "Microsoft.AspNetCore.Mvc.Testing": "6.0.5", "Microsoft.EntityFrameworkCore.InMemory": "6.0.5", "Microsoft.Extensions.Configuration": "6.0.1" @@ -3234,9 +3234,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/test/Identity.Test/packages.lock.json b/test/Identity.Test/packages.lock.json index 7df7684529..40dba8cee1 100644 --- a/test/Identity.Test/packages.lock.json +++ b/test/Identity.Test/packages.lock.json @@ -3011,7 +3011,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -3063,15 +3063,15 @@ "identity": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "SharedWeb": "2023.4.3", + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", "Swashbuckle.AspNetCore.SwaggerGen": "6.5.0" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -3079,7 +3079,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -3091,9 +3091,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/test/Infrastructure.EFIntegration.Test/packages.lock.json b/test/Infrastructure.EFIntegration.Test/packages.lock.json index b0e5968c90..ee990347d5 100644 --- a/test/Infrastructure.EFIntegration.Test/packages.lock.json +++ b/test/Infrastructure.EFIntegration.Test/packages.lock.json @@ -3001,7 +3001,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -3055,8 +3055,8 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Common": "2023.4.3", - "Core": "2023.4.3", + "Common": "2023.5.1", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "Moq": "4.17.2", @@ -3067,7 +3067,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -3075,7 +3075,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", diff --git a/test/Infrastructure.IntegrationTest/packages.lock.json b/test/Infrastructure.IntegrationTest/packages.lock.json index 7ae6c2b8fb..057db6fb4e 100644 --- a/test/Infrastructure.IntegrationTest/packages.lock.json +++ b/test/Infrastructure.IntegrationTest/packages.lock.json @@ -2901,7 +2901,7 @@ "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -2909,7 +2909,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", diff --git a/test/IntegrationTestCommon/packages.lock.json b/test/IntegrationTestCommon/packages.lock.json index fee97803ee..1a4dfba239 100644 --- a/test/IntegrationTestCommon/packages.lock.json +++ b/test/IntegrationTestCommon/packages.lock.json @@ -3130,7 +3130,7 @@ "dependencies": { "AutoFixture.AutoNSubstitute": "4.17.0", "AutoFixture.Xunit2": "4.17.0", - "Core": "2023.4.3", + "Core": "2023.5.1", "Kralizek.AutoFixture.Extensions.MockHttp": "1.2.0", "Microsoft.NET.Test.Sdk": "17.1.0", "NSubstitute": "4.3.0", @@ -3182,15 +3182,15 @@ "identity": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "SharedWeb": "2023.4.3", + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", "Swashbuckle.AspNetCore.SwaggerGen": "6.5.0" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Dapper": "2.0.123" } }, @@ -3198,7 +3198,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", @@ -3210,9 +3210,9 @@ "sharedweb": { "type": "Project", "dependencies": { - "Core": "2023.4.3", - "Infrastructure.Dapper": "2023.4.3", - "Infrastructure.EntityFramework": "2023.4.3" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/util/MsSqlMigratorUtility/packages.lock.json b/util/MsSqlMigratorUtility/packages.lock.json index 7489bc4272..ff06c48e3f 100644 --- a/util/MsSqlMigratorUtility/packages.lock.json +++ b/util/MsSqlMigratorUtility/packages.lock.json @@ -2729,7 +2729,7 @@ "migrator": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.Extensions.Logging": "6.0.0", "dbup-sqlserver": "5.0.8" } diff --git a/util/MySqlMigrations/packages.lock.json b/util/MySqlMigrations/packages.lock.json index f15f8d717e..4e969b2fbd 100644 --- a/util/MySqlMigrations/packages.lock.json +++ b/util/MySqlMigrations/packages.lock.json @@ -2797,7 +2797,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", diff --git a/util/PostgresMigrations/packages.lock.json b/util/PostgresMigrations/packages.lock.json index f15f8d717e..4e969b2fbd 100644 --- a/util/PostgresMigrations/packages.lock.json +++ b/util/PostgresMigrations/packages.lock.json @@ -2797,7 +2797,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", diff --git a/util/Setup/packages.lock.json b/util/Setup/packages.lock.json index c2b4d660d8..46c8684cde 100644 --- a/util/Setup/packages.lock.json +++ b/util/Setup/packages.lock.json @@ -2706,7 +2706,7 @@ "migrator": { "type": "Project", "dependencies": { - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.Extensions.Logging": "6.0.0", "dbup-sqlserver": "5.0.8" } diff --git a/util/SqlServerEFScaffold/packages.lock.json b/util/SqlServerEFScaffold/packages.lock.json index f425d941ec..083eff6303 100644 --- a/util/SqlServerEFScaffold/packages.lock.json +++ b/util/SqlServerEFScaffold/packages.lock.json @@ -2913,103 +2913,103 @@ "api": { "type": "Project", "dependencies": { - "AspNetCore.HealthChecks.AzureServiceBus": "[6.1.0, )", - "AspNetCore.HealthChecks.AzureStorage": "[6.1.2, )", - "AspNetCore.HealthChecks.Network": "[6.0.4, )", - "AspNetCore.HealthChecks.Redis": "[6.0.4, )", - "AspNetCore.HealthChecks.SendGrid": "[6.0.2, )", - "AspNetCore.HealthChecks.SqlServer": "[6.0.2, )", - "AspNetCore.HealthChecks.Uris": "[6.0.3, )", - "Azure.Messaging.EventGrid": "[4.10.0, )", - "Commercial.Core": "[2023.5.0, )", - "Commercial.Infrastructure.EntityFramework": "[2023.5.0, )", - "Core": "[2023.5.0, )", - "SharedWeb": "[2023.5.0, )", - "Swashbuckle.AspNetCore": "[6.5.0, )" + "AspNetCore.HealthChecks.AzureServiceBus": "6.1.0", + "AspNetCore.HealthChecks.AzureStorage": "6.1.2", + "AspNetCore.HealthChecks.Network": "6.0.4", + "AspNetCore.HealthChecks.Redis": "6.0.4", + "AspNetCore.HealthChecks.SendGrid": "6.0.2", + "AspNetCore.HealthChecks.SqlServer": "6.0.2", + "AspNetCore.HealthChecks.Uris": "6.0.3", + "Azure.Messaging.EventGrid": "4.10.0", + "Commercial.Core": "2023.5.1", + "Commercial.Infrastructure.EntityFramework": "2023.5.1", + "Core": "2023.5.1", + "SharedWeb": "2023.5.1", + "Swashbuckle.AspNetCore": "6.5.0" } }, "commercial.core": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )" + "Core": "2023.5.1" } }, "commercial.infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } }, "core": { "type": "Project", "dependencies": { - "AWSSDK.SQS": "[3.7.2.47, )", - "AWSSDK.SimpleEmail": "[3.7.0.150, )", - "AspNetCoreRateLimit": "[4.0.2, )", - "AspNetCoreRateLimit.Redis": "[1.0.1, )", - "Azure.Extensions.AspNetCore.DataProtection.Blobs": "[1.3.2, )", - "Azure.Storage.Blobs": "[12.14.1, )", - "Azure.Storage.Queues": "[12.12.0, )", - "BitPay.Light": "[1.0.1907, )", - "Braintree": "[5.12.0, )", - "DnsClient": "[1.7.0, )", - "Fido2.AspNet": "[3.0.1, )", - "Handlebars.Net": "[2.1.2, )", - "IdentityServer4": "[4.1.2, )", - "IdentityServer4.AccessTokenValidation": "[3.0.1, )", - "LaunchDarkly.ServerSdk": "[7.0.0, )", - "MailKit": "[3.2.0, )", - "Microsoft.AspNetCore.Authentication.JwtBearer": "[6.0.4, )", - "Microsoft.Azure.Cosmos.Table": "[1.0.8, )", - "Microsoft.Azure.NotificationHubs": "[4.1.0, )", - "Microsoft.Azure.ServiceBus": "[5.2.0, )", - "Microsoft.Data.SqlClient": "[5.0.1, )", - "Microsoft.Extensions.Caching.StackExchangeRedis": "[6.0.6, )", - "Microsoft.Extensions.Configuration.EnvironmentVariables": "[6.0.1, )", - "Microsoft.Extensions.Configuration.UserSecrets": "[6.0.1, )", - "Microsoft.Extensions.Identity.Stores": "[6.0.4, )", - "Newtonsoft.Json": "[13.0.1, )", - "Otp.NET": "[1.2.2, )", - "Quartz": "[3.4.0, )", - "SendGrid": "[9.27.0, )", - "Sentry.Serilog": "[3.16.0, )", - "Serilog.AspNetCore": "[5.0.0, )", - "Serilog.Extensions.Logging": "[3.1.0, )", - "Serilog.Extensions.Logging.File": "[2.0.0, )", - "Serilog.Sinks.AzureCosmosDB": "[2.0.0, )", - "Serilog.Sinks.SyslogMessages": "[2.0.6, )", - "Stripe.net": "[40.0.0, )", - "YubicoDotNetClient": "[1.2.0, )" + "AWSSDK.SQS": "3.7.2.47", + "AWSSDK.SimpleEmail": "3.7.0.150", + "AspNetCoreRateLimit": "4.0.2", + "AspNetCoreRateLimit.Redis": "1.0.1", + "Azure.Extensions.AspNetCore.DataProtection.Blobs": "1.3.2", + "Azure.Storage.Blobs": "12.14.1", + "Azure.Storage.Queues": "12.12.0", + "BitPay.Light": "1.0.1907", + "Braintree": "5.12.0", + "DnsClient": "1.7.0", + "Fido2.AspNet": "3.0.1", + "Handlebars.Net": "2.1.2", + "IdentityServer4": "4.1.2", + "IdentityServer4.AccessTokenValidation": "3.0.1", + "LaunchDarkly.ServerSdk": "7.0.0", + "MailKit": "3.2.0", + "Microsoft.AspNetCore.Authentication.JwtBearer": "6.0.4", + "Microsoft.Azure.Cosmos.Table": "1.0.8", + "Microsoft.Azure.NotificationHubs": "4.1.0", + "Microsoft.Azure.ServiceBus": "5.2.0", + "Microsoft.Data.SqlClient": "5.0.1", + "Microsoft.Extensions.Caching.StackExchangeRedis": "6.0.6", + "Microsoft.Extensions.Configuration.EnvironmentVariables": "6.0.1", + "Microsoft.Extensions.Configuration.UserSecrets": "6.0.1", + "Microsoft.Extensions.Identity.Stores": "6.0.4", + "Newtonsoft.Json": "13.0.1", + "Otp.NET": "1.2.2", + "Quartz": "3.4.0", + "SendGrid": "9.27.0", + "Sentry.Serilog": "3.16.0", + "Serilog.AspNetCore": "5.0.0", + "Serilog.Extensions.Logging": "3.1.0", + "Serilog.Extensions.Logging.File": "2.0.0", + "Serilog.Sinks.AzureCosmosDB": "2.0.0", + "Serilog.Sinks.SyslogMessages": "2.0.6", + "Stripe.net": "40.0.0", + "YubicoDotNetClient": "1.2.0" } }, "infrastructure.dapper": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Dapper": "[2.0.123, )" + "Core": "2023.5.1", + "Dapper": "2.0.123" } }, "infrastructure.entityframework": { "type": "Project", "dependencies": { - "AutoMapper.Extensions.Microsoft.DependencyInjection": "[12.0.1, )", - "Core": "[2023.5.0, )", - "Microsoft.EntityFrameworkCore.Relational": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.SqlServer": "[6.0.12, )", - "Microsoft.EntityFrameworkCore.Sqlite": "[6.0.12, )", - "Npgsql.EntityFrameworkCore.PostgreSQL": "[6.0.8, )", - "Pomelo.EntityFrameworkCore.MySql": "[6.0.2, )", - "linq2db.EntityFrameworkCore": "[6.11.0, )" + "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", + "Core": "2023.5.1", + "Microsoft.EntityFrameworkCore.Relational": "6.0.12", + "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", + "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", + "Npgsql.EntityFrameworkCore.PostgreSQL": "6.0.8", + "Pomelo.EntityFrameworkCore.MySql": "6.0.2", + "linq2db.EntityFrameworkCore": "6.11.0" } }, "sharedweb": { "type": "Project", "dependencies": { - "Core": "[2023.5.0, )", - "Infrastructure.Dapper": "[2023.5.0, )", - "Infrastructure.EntityFramework": "[2023.5.0, )" + "Core": "2023.5.1", + "Infrastructure.Dapper": "2023.5.1", + "Infrastructure.EntityFramework": "2023.5.1" } } } diff --git a/util/SqliteMigrations/packages.lock.json b/util/SqliteMigrations/packages.lock.json index f15f8d717e..4e969b2fbd 100644 --- a/util/SqliteMigrations/packages.lock.json +++ b/util/SqliteMigrations/packages.lock.json @@ -2797,7 +2797,7 @@ "type": "Project", "dependencies": { "AutoMapper.Extensions.Microsoft.DependencyInjection": "12.0.1", - "Core": "2023.4.3", + "Core": "2023.5.1", "Microsoft.EntityFrameworkCore.Relational": "6.0.12", "Microsoft.EntityFrameworkCore.SqlServer": "6.0.12", "Microsoft.EntityFrameworkCore.Sqlite": "6.0.12", From 481004394f6596128f33b8b5ed1f7e93bdbf4dcf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 29 Jun 2023 11:41:11 -0400 Subject: [PATCH 03/15] Pin dependencies (#2968) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- bitwarden_license/src/Sso/package-lock.json | 14 +++++++------- bitwarden_license/src/Sso/package.json | 2 +- src/Admin/package-lock.json | 20 ++++++++++---------- src/Admin/package.json | 4 ++-- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/bitwarden_license/src/Sso/package-lock.json b/bitwarden_license/src/Sso/package-lock.json index 3df2f92377..c16b281055 100644 --- a/bitwarden_license/src/Sso/package-lock.json +++ b/bitwarden_license/src/Sso/package-lock.json @@ -17,7 +17,7 @@ "jquery": "3.5.1", "merge-stream": "2.0.0", "popper.js": "1.16.1", - "sass": "^1.49.7" + "sass": "1.49.7" } }, "node_modules/@nodelib/fs.scandir": { @@ -3924,9 +3924,9 @@ } }, "node_modules/sass/node_modules/anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", "dev": true, "dependencies": { "normalize-path": "^3.0.0", @@ -8158,9 +8158,9 @@ }, "dependencies": { "anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", "dev": true, "requires": { "normalize-path": "^3.0.0", diff --git a/bitwarden_license/src/Sso/package.json b/bitwarden_license/src/Sso/package.json index 585fa3d9b3..d5e454ce17 100644 --- a/bitwarden_license/src/Sso/package.json +++ b/bitwarden_license/src/Sso/package.json @@ -16,6 +16,6 @@ "jquery": "3.5.1", "merge-stream": "2.0.0", "popper.js": "1.16.1", - "sass": "^1.49.7" + "sass": "1.49.7" } } diff --git a/src/Admin/package-lock.json b/src/Admin/package-lock.json index 1d093044a6..b5b0d414b2 100644 --- a/src/Admin/package-lock.json +++ b/src/Admin/package-lock.json @@ -17,8 +17,8 @@ "jquery": "3.5.1", "merge-stream": "2.0.0", "popper.js": "1.16.1", - "sass": "^1.49.7", - "toastr": "^2.1.4" + "sass": "1.49.7", + "toastr": "2.1.4" } }, "node_modules/@nodelib/fs.scandir": { @@ -3925,9 +3925,9 @@ } }, "node_modules/sass/node_modules/anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", "dev": true, "dependencies": { "normalize-path": "^3.0.0", @@ -4694,7 +4694,7 @@ "node_modules/toastr": { "version": "2.1.4", "resolved": "https://registry.npmjs.org/toastr/-/toastr-2.1.4.tgz", - "integrity": "sha1-i0O+ZPudDEFIcURvLbjoyk6V8YE=", + "integrity": "sha512-LIy77F5n+sz4tefMmFOntcJ6HL0Fv3k1TDnNmFZ0bU/GcvIIfy6eG2v7zQmMiYgaalAiUv75ttFrPn5s0gyqlA==", "dev": true, "dependencies": { "jquery": ">=1.12.0" @@ -8168,9 +8168,9 @@ }, "dependencies": { "anymatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz", - "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==", + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==", "dev": true, "requires": { "normalize-path": "^3.0.0", @@ -8774,7 +8774,7 @@ "toastr": { "version": "2.1.4", "resolved": "https://registry.npmjs.org/toastr/-/toastr-2.1.4.tgz", - "integrity": "sha1-i0O+ZPudDEFIcURvLbjoyk6V8YE=", + "integrity": "sha512-LIy77F5n+sz4tefMmFOntcJ6HL0Fv3k1TDnNmFZ0bU/GcvIIfy6eG2v7zQmMiYgaalAiUv75ttFrPn5s0gyqlA==", "dev": true, "requires": { "jquery": ">=1.12.0" diff --git a/src/Admin/package.json b/src/Admin/package.json index f9e3b2b799..f479a2622e 100644 --- a/src/Admin/package.json +++ b/src/Admin/package.json @@ -16,7 +16,7 @@ "jquery": "3.5.1", "merge-stream": "2.0.0", "popper.js": "1.16.1", - "sass": "^1.49.7", - "toastr": "^2.1.4" + "sass": "1.49.7", + "toastr": "2.1.4" } } From 74ab7e86725ae1745934119be083f3d5c5819fa0 Mon Sep 17 00:00:00 2001 From: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> Date: Thu, 29 Jun 2023 11:42:44 -0500 Subject: [PATCH 04/15] [SM-771] Add new endpoint for bulk enabling users for Secrets Manager (#3020) * Add new endpoint for bulk enabling users for sm * Review updates --- .../OrganizationUsersController.cs | 27 +++++++ ...OrganizationServiceCollectionExtensions.cs | 3 + .../EnableAccessSecretsManagerCommand.cs | 43 ++++++++++ .../IEnableAccessSecretsManagerCommand.cs | 9 +++ .../EnableAccessSecretsManagerCommandTests.cs | 81 +++++++++++++++++++ 5 files changed, 163 insertions(+) create mode 100644 src/Core/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommand.cs create mode 100644 src/Core/SecretsManager/Commands/EnableAccessSecretsManager/Interfaces/IEnableAccessSecretsManagerCommand.cs create mode 100644 test/Core.Test/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommandTests.cs diff --git a/src/Api/Controllers/OrganizationUsersController.cs b/src/Api/Controllers/OrganizationUsersController.cs index 65d7b262d9..baaf9de6d5 100644 --- a/src/Api/Controllers/OrganizationUsersController.cs +++ b/src/Api/Controllers/OrganizationUsersController.cs @@ -9,6 +9,7 @@ using Bit.Core.Models.Business; using Bit.Core.Models.Data.Organizations.OrganizationUsers; using Bit.Core.Models.Data.Organizations.Policies; using Bit.Core.Repositories; +using Bit.Core.SecretsManager.Commands.EnableAccessSecretsManager.Interfaces; using Bit.Core.Services; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; @@ -19,6 +20,7 @@ namespace Bit.Api.Controllers; [Authorize("Application")] public class OrganizationUsersController : Controller { + private readonly IEnableAccessSecretsManagerCommand _enableAccessSecretsManagerCommand; private readonly IOrganizationRepository _organizationRepository; private readonly IOrganizationUserRepository _organizationUserRepository; private readonly IOrganizationService _organizationService; @@ -29,6 +31,7 @@ public class OrganizationUsersController : Controller private readonly ICurrentContext _currentContext; public OrganizationUsersController( + IEnableAccessSecretsManagerCommand enableAccessSecretsManagerCommand, IOrganizationRepository organizationRepository, IOrganizationUserRepository organizationUserRepository, IOrganizationService organizationService, @@ -38,6 +41,7 @@ public class OrganizationUsersController : Controller IPolicyRepository policyRepository, ICurrentContext currentContext) { + _enableAccessSecretsManagerCommand = enableAccessSecretsManagerCommand; _organizationRepository = organizationRepository; _organizationUserRepository = organizationUserRepository; _organizationService = organizationService; @@ -420,6 +424,29 @@ public class OrganizationUsersController : Controller return await RestoreOrRevokeUsersAsync(orgId, model, (orgId, orgUserIds, restoringUserId) => _organizationService.RestoreUsersAsync(orgId, orgUserIds, restoringUserId, _userService)); } + [HttpPatch("enable-secrets-manager")] + [HttpPut("enable-secrets-manager")] + public async Task> BulkEnableSecretsManagerAsync(Guid orgId, + [FromBody] OrganizationUserBulkRequestModel model) + { + if (!await _currentContext.ManageUsers(orgId)) + { + throw new NotFoundException(); + } + + var orgUsers = (await _organizationUserRepository.GetManyAsync(model.Ids)) + .Where(ou => ou.OrganizationId == orgId).ToList(); + if (orgUsers.Count == 0) + { + throw new BadRequestException("Users invalid."); + } + + var results = await _enableAccessSecretsManagerCommand.EnableUsersAsync(orgUsers); + + return new ListResponseModel(results.Select(r => + new OrganizationUserBulkResponseModel(r.organizationUser.Id, r.error))); + } + private async Task RestoreOrRevokeUserAsync( Guid orgId, Guid id, diff --git a/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs b/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs index 983fa3b352..9e36537797 100644 --- a/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs +++ b/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs @@ -15,6 +15,8 @@ using Bit.Core.OrganizationFeatures.OrganizationSponsorships.FamiliesForEnterpri using Bit.Core.OrganizationFeatures.OrganizationSponsorships.FamiliesForEnterprise.Cloud; using Bit.Core.OrganizationFeatures.OrganizationSponsorships.FamiliesForEnterprise.Interfaces; using Bit.Core.OrganizationFeatures.OrganizationSponsorships.FamiliesForEnterprise.SelfHosted; +using Bit.Core.SecretsManager.Commands.EnableAccessSecretsManager; +using Bit.Core.SecretsManager.Commands.EnableAccessSecretsManager.Interfaces; using Bit.Core.Services; using Bit.Core.Settings; using Bit.Core.Tokens; @@ -29,6 +31,7 @@ public static class OrganizationServiceCollectionExtensions public static void AddOrganizationServices(this IServiceCollection services, IGlobalSettings globalSettings) { services.AddScoped(); + services.AddScoped(); services.AddTokenizers(); services.AddOrganizationGroupCommands(); services.AddOrganizationConnectionCommands(); diff --git a/src/Core/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommand.cs b/src/Core/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommand.cs new file mode 100644 index 0000000000..fb172fbd16 --- /dev/null +++ b/src/Core/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommand.cs @@ -0,0 +1,43 @@ +using Bit.Core.Entities; +using Bit.Core.Repositories; +using Bit.Core.SecretsManager.Commands.EnableAccessSecretsManager.Interfaces; + +namespace Bit.Core.SecretsManager.Commands.EnableAccessSecretsManager; + +public class EnableAccessSecretsManagerCommand : IEnableAccessSecretsManagerCommand +{ + private readonly IOrganizationUserRepository _organizationUserRepository; + + public EnableAccessSecretsManagerCommand(IOrganizationUserRepository organizationUserRepository) + { + _organizationUserRepository = organizationUserRepository; + } + + public async Task> EnableUsersAsync( + IEnumerable organizationUsers) + { + var results = new List<(OrganizationUser organizationUser, string error)>(); + var usersToEnable = new List(); + + foreach (var orgUser in organizationUsers) + { + if (orgUser.AccessSecretsManager) + { + results.Add((orgUser, "User already has access to Secrets Manager")); + } + else + { + orgUser.AccessSecretsManager = true; + usersToEnable.Add(orgUser); + results.Add((orgUser, "")); + } + } + + if (usersToEnable.Any()) + { + await _organizationUserRepository.ReplaceManyAsync(usersToEnable); + } + + return results; + } +} diff --git a/src/Core/SecretsManager/Commands/EnableAccessSecretsManager/Interfaces/IEnableAccessSecretsManagerCommand.cs b/src/Core/SecretsManager/Commands/EnableAccessSecretsManager/Interfaces/IEnableAccessSecretsManagerCommand.cs new file mode 100644 index 0000000000..b7fa2150ce --- /dev/null +++ b/src/Core/SecretsManager/Commands/EnableAccessSecretsManager/Interfaces/IEnableAccessSecretsManagerCommand.cs @@ -0,0 +1,9 @@ +using Bit.Core.Entities; + +namespace Bit.Core.SecretsManager.Commands.EnableAccessSecretsManager.Interfaces; + +public interface IEnableAccessSecretsManagerCommand +{ + Task> EnableUsersAsync( + IEnumerable organizationUsers); +} diff --git a/test/Core.Test/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommandTests.cs b/test/Core.Test/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommandTests.cs new file mode 100644 index 0000000000..ae783bc547 --- /dev/null +++ b/test/Core.Test/SecretsManager/Commands/EnableAccessSecretsManager/EnableAccessSecretsManagerCommandTests.cs @@ -0,0 +1,81 @@ +using Bit.Core.Entities; +using Bit.Core.Repositories; +using Bit.Core.SecretsManager.Commands.EnableAccessSecretsManager; +using Bit.Test.Common.AutoFixture; +using Bit.Test.Common.AutoFixture.Attributes; +using Bit.Test.Common.Helpers; +using NSubstitute; +using Xunit; + +namespace Bit.Core.Test.SecretsManager.Commands.EnableAccessSecretsManager; + +[SutProviderCustomize] +public class EnableAccessSecretsManagerCommandTests +{ + [Theory] + [BitAutoData] + public async Task EnableUsers_UsersAlreadyEnabled_DoesNotCallRepository( + SutProvider sutProvider, ICollection data) + { + foreach (var item in data) + { + item.AccessSecretsManager = true; + } + + var result = await sutProvider.Sut.EnableUsersAsync(data); + + await sutProvider.GetDependency().DidNotReceiveWithAnyArgs() + .ReplaceManyAsync(default); + + Assert.Equal(data.Count, result.Count); + Assert.Equal(data.Count, + result.Where(x => x.error == "User already has access to Secrets Manager").ToList().Count); + } + + [Theory] + [BitAutoData] + public async Task EnableUsers_OneUserNotEnabled_CallsRepositoryForOne( + SutProvider sutProvider, ICollection data) + { + var firstUser = new List(); + foreach (var item in data) + { + if (item == data.First()) + { + item.AccessSecretsManager = false; + firstUser.Add(item); + } + else + { + item.AccessSecretsManager = true; + } + } + + var result = await sutProvider.Sut.EnableUsersAsync(data); + + await sutProvider.GetDependency().Received(1) + .ReplaceManyAsync(Arg.Is(AssertHelper.AssertPropertyEqual(firstUser))); + + Assert.Equal(data.Count, result.Count); + Assert.Equal(data.Count - 1, + result.Where(x => x.error == "User already has access to Secrets Manager").ToList().Count); + } + + [Theory] + [BitAutoData] + public async Task EnableUsers_Success( + SutProvider sutProvider, ICollection data) + { + foreach (var item in data) + { + item.AccessSecretsManager = false; + } + + var result = await sutProvider.Sut.EnableUsersAsync(data); + + await sutProvider.GetDependency().Received(1) + .ReplaceManyAsync(Arg.Is(AssertHelper.AssertPropertyEqual(data))); + + Assert.Equal(data.Count, result.Count); + } +} From c2b429c6de4ec132cc4b0a6bf7b9b53b314c3538 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 29 Jun 2023 15:39:50 -0600 Subject: [PATCH 05/15] Update bitwarden/gh-actions digest to 74f4ac0 (#2972) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 8 ++++---- .github/workflows/container-registry-purge.yml | 2 +- .github/workflows/release.yml | 12 ++++++------ .github/workflows/version-bump.yml | 4 ++-- .github/workflows/workflow-linter.yml | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 071e2ad6de..97d6422251 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -294,7 +294,7 @@ jobs: - name: Retrieve github PAT secrets id: retrieve-secret-pat - uses: bitwarden/gh-actions/get-keyvault-secrets@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/get-keyvault-secrets@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: keyvault: "bitwarden-ci" secrets: "github-pat-bitwarden-devops-bot-repo-scope" @@ -302,7 +302,7 @@ jobs: - name: Retrieve secrets if: ${{ env.is_publish_branch == 'true' }} id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/get-keyvault-secrets@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: keyvault: "bitwarden-ci" secrets: "docker-password, @@ -319,7 +319,7 @@ jobs: - name: Setup Docker Content Trust (DCT) if: ${{ env.is_publish_branch == 'true' }} - uses: bitwarden/gh-actions/setup-docker-trust@f955298c7a982b3fb5dbb73afd582c584fd5beec + uses: bitwarden/gh-actions/setup-docker-trust@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} azure-keyvault-name: "bitwarden-ci" @@ -586,7 +586,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/get-keyvault-secrets@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 if: failure() with: keyvault: "bitwarden-ci" diff --git a/.github/workflows/container-registry-purge.yml b/.github/workflows/container-registry-purge.yml index 13ab623125..c3f8f67db1 100644 --- a/.github/workflows/container-registry-purge.yml +++ b/.github/workflows/container-registry-purge.yml @@ -92,7 +92,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/get-keyvault-secrets@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 if: failure() with: keyvault: "bitwarden-ci" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e53313dbeb..fc6bee1375 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,7 +38,7 @@ jobs: - name: Check Release Version id: version - uses: bitwarden/gh-actions/release-version-check@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/release-version-check@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: release-type: ${{ github.event.inputs.release_type }} project-type: dotnet @@ -87,7 +87,7 @@ jobs: - name: Download latest Release ${{ matrix.name }} asset if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/download-artifacts@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: workflow: build.yml workflow_conclusion: success @@ -96,7 +96,7 @@ jobs: - name: Download latest Release ${{ matrix.name }} asset if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/download-artifacts@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: workflow: build.yml workflow_conclusion: success @@ -243,7 +243,7 @@ jobs: - name: Setup DCT id: setup-dct if: matrix.origin_docker_repo == 'bitwarden' - uses: bitwarden/gh-actions/setup-docker-trust@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/setup-docker-trust@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} azure-keyvault-name: "bitwarden-ci" @@ -340,7 +340,7 @@ jobs: steps: - name: Download latest Release docker-stub if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/download-artifacts@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: workflow: build.yml workflow_conclusion: success @@ -351,7 +351,7 @@ jobs: - name: Download latest Release docker-stub if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/download-artifacts@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: workflow: build.yml workflow_conclusion: success diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index 097b244072..af0d9ad6fc 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/get-keyvault-secrets@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: keyvault: "bitwarden-ci" secrets: "github-gpg-private-key, github-gpg-private-key-passphrase" @@ -40,7 +40,7 @@ jobs: run: git switch -c version_bump_${{ github.event.inputs.version_number }} - name: Bump Version - Props - uses: bitwarden/gh-actions/version-bump@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/version-bump@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 with: version: ${{ github.event.inputs.version_number }} file_path: "Directory.Build.props" diff --git a/.github/workflows/workflow-linter.yml b/.github/workflows/workflow-linter.yml index 39f2436b72..67d01f67da 100644 --- a/.github/workflows/workflow-linter.yml +++ b/.github/workflows/workflow-linter.yml @@ -8,4 +8,4 @@ on: jobs: call-workflow: - uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@c86ced0dc8c9daeecf057a6333e6f318db9c5a2b + uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@74f4ac01c9abe0a7331c9a5de822a558fd4a4710 From b87e6d4a38ac648bf353210cebf709381d80b0d8 Mon Sep 17 00:00:00 2001 From: SmithThe4th Date: Fri, 30 Jun 2023 12:57:13 -0400 Subject: [PATCH 06/15] [SG-497] Prevent registering health check on self hosted (#3058) * Prevent registering health check on self hosted * Fixed linting issues * Allow endpoint only when it is not self-hosted * Fixed linting issues --- src/Api/Startup.cs | 18 ++++++++++++------ .../Utilities/ServiceCollectionExtensions.cs | 13 +++++++------ 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/src/Api/Startup.cs b/src/Api/Startup.cs index c73175d01a..6070a91b29 100644 --- a/src/Api/Startup.cs +++ b/src/Api/Startup.cs @@ -136,7 +136,10 @@ public class Startup services.AddCoreLocalizationServices(); //health check - services.AddHealthChecks(globalSettings); + if (!globalSettings.SelfHosted) + { + services.AddHealthChecks(globalSettings); + } #if OSS services.AddOosServices(); @@ -215,12 +218,15 @@ public class Startup { endpoints.MapDefaultControllerRoute(); - endpoints.MapHealthChecks("/healthz"); - - endpoints.MapHealthChecks("/healthz/extended", new HealthCheckOptions + if (!globalSettings.SelfHosted) { - ResponseWriter = HealthCheckServiceExtensions.WriteResponse - }); + endpoints.MapHealthChecks("/healthz"); + + endpoints.MapHealthChecks("/healthz/extended", new HealthCheckOptions + { + ResponseWriter = HealthCheckServiceExtensions.WriteResponse + }); + } }); // Add Swagger diff --git a/src/Api/Utilities/ServiceCollectionExtensions.cs b/src/Api/Utilities/ServiceCollectionExtensions.cs index 1be9d54e19..af7fa0116f 100644 --- a/src/Api/Utilities/ServiceCollectionExtensions.cs +++ b/src/Api/Utilities/ServiceCollectionExtensions.cs @@ -1,5 +1,6 @@ using Bit.Core.IdentityServer; using Bit.Core.Settings; +using Bit.Core.Utilities; using Bit.SharedWeb.Health; using Microsoft.OpenApi.Models; @@ -80,35 +81,35 @@ public static class ServiceCollectionExtensions builder.AddUrlGroup(identityUri, "identity"); - if (!string.IsNullOrEmpty(globalSettings.SqlServer.ConnectionString)) + if (CoreHelpers.SettingHasValue(globalSettings.SqlServer.ConnectionString)) { builder.AddSqlServer(globalSettings.SqlServer.ConnectionString); } - if (!string.IsNullOrEmpty(globalSettings.Redis.ConnectionString)) + if (CoreHelpers.SettingHasValue(globalSettings.Redis.ConnectionString)) { builder.AddRedis(globalSettings.Redis.ConnectionString); } - if (!string.IsNullOrEmpty(globalSettings.Storage.ConnectionString)) + if (CoreHelpers.SettingHasValue(globalSettings.Storage.ConnectionString)) { builder.AddAzureQueueStorage(globalSettings.Storage.ConnectionString, name: "storage_queue") .AddAzureQueueStorage(globalSettings.Events.ConnectionString, name: "events_queue"); } - if (!string.IsNullOrEmpty(globalSettings.Notifications.ConnectionString)) + if (CoreHelpers.SettingHasValue(globalSettings.Notifications.ConnectionString)) { builder.AddAzureQueueStorage(globalSettings.Notifications.ConnectionString, name: "notifications_queue"); } - if (!string.IsNullOrEmpty(globalSettings.ServiceBus.ConnectionString)) + if (CoreHelpers.SettingHasValue(globalSettings.ServiceBus.ConnectionString)) { builder.AddAzureServiceBusTopic(_ => globalSettings.ServiceBus.ConnectionString, _ => globalSettings.ServiceBus.ApplicationCacheTopicName, name: "service_bus"); } - if (!string.IsNullOrEmpty(globalSettings.Mail.SendGridApiKey)) + if (CoreHelpers.SettingHasValue(globalSettings.Mail.SendGridApiKey)) { builder.AddSendGrid(globalSettings.Mail.SendGridApiKey); } From 3f3f52399bf84e7cdb91727204eaa01dad3ec53d Mon Sep 17 00:00:00 2001 From: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com> Date: Fri, 30 Jun 2023 13:17:41 -0400 Subject: [PATCH 07/15] [SM-716] Adding ability for service account to have write access (#3021) * adding ability for service account to have write access * Suggested changes * fixing tests * dotnet format changes * Adding RunAsServiceAccountWIthPermission logic to ProjectAuthorizationhandlerTests * Removing logic that prevents deleting and updating a secret. Adding Service Account logic to tests inside of secretAuthorizationhandlerTests. * Removing Service Account from CanUpdateSecret_NotSupportedClientTypes_DoesNotSuceed because it is a supported client type now :) * thomas sugested changes * using Arg.Any() instead of default in tests * merge conflict changes and code updates to remove service account tests that are outdated * fixing tests * removing extra spaces that lint hates --- .../Projects/ProjectAuthorizationHandler.cs | 6 +- .../Secrets/SecretAuthorizationHandler.cs | 29 +++++---- .../Commands/Projects/CreateProjectCommand.cs | 54 ++++++++++++---- .../Commands/Projects/DeleteProjectCommand.cs | 2 +- .../ProjectAuthorizationHandlerTests.cs | 11 +++- .../SecretAuthorizationHandlerTests.cs | 61 ++++++++++--------- .../Projects/CreateProjectCommandTests.cs | 3 +- .../SecretsManager/Enums/PermissionType.cs | 1 + .../Controllers/ProjectsController.cs | 3 +- .../Interfaces/ICreateProjectCommand.cs | 5 +- .../Controllers/ProjectsControllerTests.cs | 8 +-- 11 files changed, 113 insertions(+), 70 deletions(-) diff --git a/bitwarden_license/src/Commercial.Core/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandler.cs b/bitwarden_license/src/Commercial.Core/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandler.cs index 744942224f..689b4cb0e7 100644 --- a/bitwarden_license/src/Commercial.Core/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandler.cs +++ b/bitwarden_license/src/Commercial.Core/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandler.cs @@ -52,7 +52,7 @@ public class ProjectAuthorizationHandler : AuthorizationHandler true, AccessClientType.User => true, - AccessClientType.ServiceAccount => false, + AccessClientType.ServiceAccount => true, _ => false, }; @@ -67,10 +67,6 @@ public class ProjectAuthorizationHandler : AuthorizationHandler true, AccessClientType.User => (await _projectRepository.AccessToProjectAsync(project!.Id, userId, accessClient)) .Write, - AccessClientType.ServiceAccount => false, + AccessClientType.ServiceAccount => (await _projectRepository.AccessToProjectAsync(project!.Id, userId, accessClient)) + .Write, _ => false, }; @@ -84,6 +85,7 @@ public class SecretAuthorizationHandler : AuthorizationHandler GetAccessToUpdateSecretAsync(Secret resource, Guid userId, AccessClientType accessClient) + { + var newProject = resource.Projects?.FirstOrDefault(); + var access = (await _secretRepository.AccessToSecretAsync(resource.Id, userId, accessClient)).Write; + var accessToNew = newProject != null && + (await _projectRepository.AccessToProjectAsync(newProject.Id, userId, accessClient)) + .Write; + return access && accessToNew; + } } diff --git a/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/CreateProjectCommand.cs b/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/CreateProjectCommand.cs index 91bfc2960b..ad05ffc5ec 100644 --- a/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/CreateProjectCommand.cs +++ b/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/CreateProjectCommand.cs @@ -1,4 +1,7 @@ -using Bit.Core.Repositories; +using Bit.Core.Context; +using Bit.Core.Exceptions; +using Bit.Core.Identity; +using Bit.Core.Repositories; using Bit.Core.SecretsManager.Commands.Projects.Interfaces; using Bit.Core.SecretsManager.Entities; using Bit.Core.SecretsManager.Repositories; @@ -10,31 +13,58 @@ public class CreateProjectCommand : ICreateProjectCommand private readonly IAccessPolicyRepository _accessPolicyRepository; private readonly IOrganizationUserRepository _organizationUserRepository; private readonly IProjectRepository _projectRepository; + private readonly ICurrentContext _currentContext; + public CreateProjectCommand( IAccessPolicyRepository accessPolicyRepository, IOrganizationUserRepository organizationUserRepository, - IProjectRepository projectRepository) + IProjectRepository projectRepository, + ICurrentContext currentContext) { _accessPolicyRepository = accessPolicyRepository; _organizationUserRepository = organizationUserRepository; _projectRepository = projectRepository; + _currentContext = currentContext; } - public async Task CreateAsync(Project project, Guid userId) + public async Task CreateAsync(Project project, Guid id, ClientType clientType) { + if (clientType != ClientType.User && clientType != ClientType.ServiceAccount) + { + throw new NotFoundException(); + } + var createdProject = await _projectRepository.CreateAsync(project); - var orgUser = await _organizationUserRepository.GetByOrganizationAsync(createdProject.OrganizationId, - userId); - var accessPolicy = new UserProjectAccessPolicy() + if (clientType == ClientType.User) { - OrganizationUserId = orgUser.Id, - GrantedProjectId = createdProject.Id, - Read = true, - Write = true, - }; - await _accessPolicyRepository.CreateManyAsync(new List { accessPolicy }); + var orgUser = await _organizationUserRepository.GetByOrganizationAsync(createdProject.OrganizationId, id); + + var accessPolicy = new UserProjectAccessPolicy() + { + OrganizationUserId = orgUser.Id, + GrantedProjectId = createdProject.Id, + Read = true, + Write = true, + }; + + await _accessPolicyRepository.CreateManyAsync(new List { accessPolicy }); + + } + else if (clientType == ClientType.ServiceAccount) + { + var serviceAccountProjectAccessPolicy = new ServiceAccountProjectAccessPolicy() + { + ServiceAccountId = id, + GrantedProjectId = createdProject.Id, + Read = true, + Write = true, + }; + + await _accessPolicyRepository.CreateManyAsync(new List { serviceAccountProjectAccessPolicy }); + } + return createdProject; } } diff --git a/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/DeleteProjectCommand.cs b/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/DeleteProjectCommand.cs index 35cd19910d..a9f38a24a1 100644 --- a/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/DeleteProjectCommand.cs +++ b/bitwarden_license/src/Commercial.Core/SecretsManager/Commands/Projects/DeleteProjectCommand.cs @@ -55,7 +55,7 @@ public class DeleteProjectCommand : IDeleteProjectCommand foreach (var project in projects) { var access = await _projectRepository.AccessToProjectAsync(project.Id, userId, accessClient); - if (!access.Write || accessClient == AccessClientType.ServiceAccount) + if (!access.Write) { results.Add(new Tuple(project, "access denied")); } diff --git a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandlerTests.cs b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandlerTests.cs index 07feb35b88..eb07a34edc 100644 --- a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandlerTests.cs +++ b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Projects/ProjectAuthorizationHandlerTests.cs @@ -39,6 +39,11 @@ public class ProjectAuthorizationHandlerTests .ReturnsForAnyArgs( (AccessClientType.User, userId)); break; + case PermissionType.RunAsServiceAccountWithPermission: + sutProvider.GetDependency().GetAccessClientAsync(default, organizationId) + .ReturnsForAnyArgs( + (AccessClientType.ServiceAccount, userId)); + break; default: throw new ArgumentOutOfRangeException(nameof(permissionType), permissionType, null); } @@ -103,7 +108,6 @@ public class ProjectAuthorizationHandlerTests } [Theory] - [BitAutoData(AccessClientType.ServiceAccount)] [BitAutoData(AccessClientType.Organization)] public async Task CanCreateProject_NotSupportedClientTypes_DoesNotSucceed(AccessClientType clientType, SutProvider sutProvider, Project project, ClaimsPrincipal claimsPrincipal) @@ -125,6 +129,7 @@ public class ProjectAuthorizationHandlerTests [Theory] [BitAutoData(PermissionType.RunAsAdmin)] [BitAutoData(PermissionType.RunAsUserWithPermission)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission)] public async Task CanCreateProject_Success(PermissionType permissionType, SutProvider sutProvider, Project project, ClaimsPrincipal claimsPrincipal) { @@ -199,6 +204,8 @@ public class ProjectAuthorizationHandlerTests [Theory] [BitAutoData(PermissionType.RunAsUserWithPermission, true, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false)] public async Task CanUpdateProject_ShouldNotSucceed(PermissionType permissionType, bool read, bool write, SutProvider sutProvider, Project project, ClaimsPrincipal claimsPrincipal, Guid userId) @@ -221,6 +228,8 @@ public class ProjectAuthorizationHandlerTests [BitAutoData(PermissionType.RunAsAdmin, false, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true)] public async Task CanUpdateProject_Success(PermissionType permissionType, bool read, bool write, SutProvider sutProvider, Project project, ClaimsPrincipal claimsPrincipal, Guid userId) diff --git a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Secrets/SecretAuthorizationHandlerTests.cs b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Secrets/SecretAuthorizationHandlerTests.cs index 3e18a83493..682af8b023 100644 --- a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Secrets/SecretAuthorizationHandlerTests.cs +++ b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/AuthorizationHandlers/Secrets/SecretAuthorizationHandlerTests.cs @@ -41,6 +41,10 @@ public class SecretAuthorizationHandlerTests sutProvider.GetDependency().GetAccessClientAsync(default, organizationId).ReturnsForAnyArgs( (clientType, userId)); break; + case PermissionType.RunAsServiceAccountWithPermission: + sutProvider.GetDependency().GetAccessClientAsync(default, organizationId).ReturnsForAnyArgs( + (AccessClientType.ServiceAccount, userId)); + break; default: throw new ArgumentOutOfRangeException(nameof(permissionType), permissionType, null); } @@ -105,7 +109,6 @@ public class SecretAuthorizationHandlerTests } [Theory] - [BitAutoData(AccessClientType.ServiceAccount)] [BitAutoData(AccessClientType.Organization)] public async Task CanCreateSecret_NotSupportedClientTypes_DoesNotSucceed(AccessClientType clientType, SutProvider sutProvider, Secret secret, Guid userId, @@ -114,7 +117,7 @@ public class SecretAuthorizationHandlerTests var requirement = SecretOperations.Create; SetupPermission(sutProvider, PermissionType.RunAsUserWithPermission, secret.OrganizationId, userId, clientType); sutProvider.GetDependency() - .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, default).Returns( + .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, Arg.Any()).Returns( (true, true)); var authzContext = new AuthorizationHandlerContext(new List { requirement }, claimsPrincipal, secret); @@ -182,6 +185,8 @@ public class SecretAuthorizationHandlerTests [Theory] [BitAutoData(PermissionType.RunAsUserWithPermission, true, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false)] public async Task CanCreateSecret_DoesNotSucceed(PermissionType permissionType, bool read, bool write, SutProvider sutProvider, Secret secret, Guid userId, @@ -190,7 +195,7 @@ public class SecretAuthorizationHandlerTests var requirement = SecretOperations.Create; SetupPermission(sutProvider, permissionType, secret.OrganizationId, userId); sutProvider.GetDependency() - .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, default).Returns( + .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, Arg.Any()).ReturnsForAnyArgs( (read, write)); var authzContext = new AuthorizationHandlerContext(new List { requirement }, claimsPrincipal, secret); @@ -207,6 +212,8 @@ public class SecretAuthorizationHandlerTests [BitAutoData(PermissionType.RunAsAdmin, false, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true)] public async Task CanCreateSecret_Success(PermissionType permissionType, bool read, bool write, SutProvider sutProvider, Secret secret, Guid userId, @@ -215,7 +222,7 @@ public class SecretAuthorizationHandlerTests var requirement = SecretOperations.Create; SetupPermission(sutProvider, permissionType, secret.OrganizationId, userId); sutProvider.GetDependency() - .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, default).Returns( + .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, Arg.Any()).ReturnsForAnyArgs( (read, write)); var authzContext = new AuthorizationHandlerContext(new List { requirement }, claimsPrincipal, secret); @@ -243,7 +250,6 @@ public class SecretAuthorizationHandlerTests } [Theory] - [BitAutoData(AccessClientType.ServiceAccount)] [BitAutoData(AccessClientType.Organization)] public async Task CanUpdateSecret_NotSupportedClientTypes_DoesNotSucceed(AccessClientType clientType, SutProvider sutProvider, Secret secret, Guid userId, @@ -252,7 +258,7 @@ public class SecretAuthorizationHandlerTests var requirement = SecretOperations.Update; SetupPermission(sutProvider, PermissionType.RunAsUserWithPermission, secret.OrganizationId, userId, clientType); sutProvider.GetDependency() - .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, default).Returns( + .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, Arg.Any()).Returns( (true, true)); var authzContext = new AuthorizationHandlerContext(new List { requirement }, claimsPrincipal, secret); @@ -327,6 +333,15 @@ public class SecretAuthorizationHandlerTests [BitAutoData(PermissionType.RunAsUserWithPermission, true, false, true, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, false, false, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, false, false, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true, true, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true, false, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true, true, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true, false, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false, true, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false, false, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, true, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, false, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, false, false)] public async Task CanUpdateSecret_DoesNotSucceed(PermissionType permissionType, bool read, bool write, bool projectRead, bool projectWrite, SutProvider sutProvider, Secret secret, @@ -335,10 +350,10 @@ public class SecretAuthorizationHandlerTests { var requirement = SecretOperations.Update; SetupPermission(sutProvider, permissionType, secret.OrganizationId, userId); - sutProvider.GetDependency().AccessToSecretAsync(secret.Id, userId, default).Returns( + sutProvider.GetDependency().AccessToSecretAsync(secret.Id, userId, Arg.Any()).Returns( (read, write)); sutProvider.GetDependency() - .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, default).Returns( + .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, Arg.Any()).Returns( (projectRead, projectWrite)); var authzContext = new AuthorizationHandlerContext(new List { requirement }, claimsPrincipal, secret); @@ -355,6 +370,8 @@ public class SecretAuthorizationHandlerTests [BitAutoData(PermissionType.RunAsAdmin, false, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true)] public async Task CanUpdateSecret_Success(PermissionType permissionType, bool read, bool write, SutProvider sutProvider, Secret secret, Guid userId, @@ -362,10 +379,10 @@ public class SecretAuthorizationHandlerTests { var requirement = SecretOperations.Update; SetupPermission(sutProvider, permissionType, secret.OrganizationId, userId); - sutProvider.GetDependency().AccessToSecretAsync(secret.Id, userId, default).Returns( + sutProvider.GetDependency().AccessToSecretAsync(secret.Id, userId, Arg.Any()).Returns( (read, write)); sutProvider.GetDependency() - .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, default).Returns( + .AccessToProjectAsync(secret.Projects!.FirstOrDefault()!.Id, userId, Arg.Any()).Returns( (read, write)); var authzContext = new AuthorizationHandlerContext(new List { requirement }, claimsPrincipal, secret); @@ -409,32 +426,16 @@ public class SecretAuthorizationHandlerTests Assert.False(authzContext.HasSucceeded); } - [Theory] - [BitAutoData] - public async Task CanDeleteSecret_ServiceAccountClient_DoesNotSucceed( - SutProvider sutProvider, Secret secret, Guid userId, - ClaimsPrincipal claimsPrincipal) - { - var requirement = SecretOperations.Delete; - SetupPermission(sutProvider, PermissionType.RunAsUserWithPermission, secret.OrganizationId, userId, - AccessClientType.ServiceAccount); - sutProvider.GetDependency() - .AccessToSecretAsync(secret.Id, userId, Arg.Any()) - .Returns((true, true)); - var authzContext = new AuthorizationHandlerContext(new List { requirement }, - claimsPrincipal, secret); - - await sutProvider.Sut.HandleAsync(authzContext); - - Assert.False(authzContext.HasSucceeded); - } - [Theory] [BitAutoData(PermissionType.RunAsAdmin, true, true, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, false, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, false, true, true)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, false, false)] [BitAutoData(PermissionType.RunAsUserWithPermission, true, true, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, false, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, false, true, true)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, false, false)] + [BitAutoData(PermissionType.RunAsServiceAccountWithPermission, true, true, true)] public async Task CanDeleteProject_AccessCheck(PermissionType permissionType, bool read, bool write, bool expected, SutProvider sutProvider, Secret secret, diff --git a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Projects/CreateProjectCommandTests.cs b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Projects/CreateProjectCommandTests.cs index 9223e56d55..9f9fbf35e4 100644 --- a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Projects/CreateProjectCommandTests.cs +++ b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Projects/CreateProjectCommandTests.cs @@ -1,4 +1,5 @@ using Bit.Commercial.Core.SecretsManager.Commands.Projects; +using Bit.Core.Context; using Bit.Core.Entities; using Bit.Core.Repositories; using Bit.Core.SecretsManager.Entities; @@ -29,7 +30,7 @@ public class CreateProjectCommandTests .CreateAsync(Arg.Any()) .Returns(data); - await sutProvider.Sut.CreateAsync(data, userId); + await sutProvider.Sut.CreateAsync(data, userId, sutProvider.GetDependency().ClientType); await sutProvider.GetDependency().Received(1) .CreateAsync(Arg.Is(data)); diff --git a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Enums/PermissionType.cs b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Enums/PermissionType.cs index 1c4e88e91c..ce718b0618 100644 --- a/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Enums/PermissionType.cs +++ b/bitwarden_license/test/Commercial.Core.Test/SecretsManager/Enums/PermissionType.cs @@ -4,4 +4,5 @@ public enum PermissionType { RunAsAdmin, RunAsUserWithPermission, + RunAsServiceAccountWithPermission } diff --git a/src/Api/SecretsManager/Controllers/ProjectsController.cs b/src/Api/SecretsManager/Controllers/ProjectsController.cs index 7ee58e0d3e..e94da33a67 100644 --- a/src/Api/SecretsManager/Controllers/ProjectsController.cs +++ b/src/Api/SecretsManager/Controllers/ProjectsController.cs @@ -73,9 +73,8 @@ public class ProjectsController : Controller { throw new NotFoundException(); } - var userId = _userService.GetProperUserId(User).Value; - var result = await _createProjectCommand.CreateAsync(project, userId); + var result = await _createProjectCommand.CreateAsync(project, userId, _currentContext.ClientType); // Creating a project means you have read & write permission. return new ProjectResponseModel(result, true, true); diff --git a/src/Core/SecretsManager/Commands/Projects/Interfaces/ICreateProjectCommand.cs b/src/Core/SecretsManager/Commands/Projects/Interfaces/ICreateProjectCommand.cs index 50cd714cb8..3072528659 100644 --- a/src/Core/SecretsManager/Commands/Projects/Interfaces/ICreateProjectCommand.cs +++ b/src/Core/SecretsManager/Commands/Projects/Interfaces/ICreateProjectCommand.cs @@ -1,8 +1,9 @@ -using Bit.Core.SecretsManager.Entities; +using Bit.Core.Identity; +using Bit.Core.SecretsManager.Entities; namespace Bit.Core.SecretsManager.Commands.Projects.Interfaces; public interface ICreateProjectCommand { - Task CreateAsync(Project project, Guid userId); + Task CreateAsync(Project project, Guid userId, ClientType clientType); } diff --git a/test/Api.Test/SecretsManager/Controllers/ProjectsControllerTests.cs b/test/Api.Test/SecretsManager/Controllers/ProjectsControllerTests.cs index 951875b1b4..66578218c2 100644 --- a/test/Api.Test/SecretsManager/Controllers/ProjectsControllerTests.cs +++ b/test/Api.Test/SecretsManager/Controllers/ProjectsControllerTests.cs @@ -114,12 +114,12 @@ public class ProjectsControllerTests var resultProject = data.ToProject(orgId); - sutProvider.GetDependency().CreateAsync(default, default) + sutProvider.GetDependency().CreateAsync(default, default, sutProvider.GetDependency().ClientType) .ReturnsForAnyArgs(resultProject); await Assert.ThrowsAsync(() => sutProvider.Sut.CreateAsync(orgId, data)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs() - .CreateAsync(Arg.Any(), Arg.Any()); + .CreateAsync(Arg.Any(), Arg.Any(), sutProvider.GetDependency().ClientType); } [Theory] @@ -134,13 +134,13 @@ public class ProjectsControllerTests var resultProject = data.ToProject(orgId); - sutProvider.GetDependency().CreateAsync(default, default) + sutProvider.GetDependency().CreateAsync(default, default, sutProvider.GetDependency().ClientType) .ReturnsForAnyArgs(resultProject); await sutProvider.Sut.CreateAsync(orgId, data); await sutProvider.GetDependency().Received(1) - .CreateAsync(Arg.Any(), Arg.Any()); + .CreateAsync(Arg.Any(), Arg.Any(), sutProvider.GetDependency().ClientType); } [Theory] From 49e849deb9a8517e57b93fb848a9b61900815959 Mon Sep 17 00:00:00 2001 From: Justin Baur <19896123+justindbaur@users.noreply.github.com> Date: Fri, 30 Jun 2023 14:13:31 -0400 Subject: [PATCH 08/15] [PM-1198] Modify `AuthRequest` Purge Job (#3048) * Add PasswordlessAuth Settings * Update Repository Method to Take TimeSpan * Update AuthRequest_DeleteIfExpired - Take Configurable Expiration - Add Special Cases for AdminApproval AuthRequests * Add AuthRequestRepositoryTests * Run Formatting * Remove Comment * Fix Bug in EF Repo * Add Test Covering Expired Rejected AuthRequest * Use Longer Param Names * Use Longer Names in Test Helpers --- src/Admin/Auth/Jobs/DeleteAuthRequestsJob.cs | 11 ++- .../Repositories/IAuthRequestRepository.cs | 2 +- .../Settings/IPasswordlessAuthSettings.cs | 3 + src/Core/Settings/GlobalSettings.cs | 3 + .../Repositories/AuthRequestRepository.cs | 10 +- .../Repositories/AuthRequestRepository.cs | 13 ++- .../AuthRequest_DeleteIfExpired.sql | 17 +++- .../AuthRequestRepositoryTests.cs | 99 +++++++++++++++++++ ...-06-27_00_AuthRequestExpirationUpdates.sql | 25 +++++ 9 files changed, 172 insertions(+), 11 deletions(-) create mode 100644 test/Infrastructure.IntegrationTest/Auth/Repositories/AuthRequestRepositoryTests.cs create mode 100644 util/Migrator/DbScripts/2023-06-27_00_AuthRequestExpirationUpdates.sql diff --git a/src/Admin/Auth/Jobs/DeleteAuthRequestsJob.cs b/src/Admin/Auth/Jobs/DeleteAuthRequestsJob.cs index e1366ec248..71c2bfe777 100644 --- a/src/Admin/Auth/Jobs/DeleteAuthRequestsJob.cs +++ b/src/Admin/Auth/Jobs/DeleteAuthRequestsJob.cs @@ -1,6 +1,7 @@ using Bit.Core; using Bit.Core.Jobs; using Bit.Core.Repositories; +using Bit.Core.Settings; using Quartz; namespace Bit.Admin.Auth.Jobs; @@ -8,20 +9,26 @@ namespace Bit.Admin.Auth.Jobs; public class DeleteAuthRequestsJob : BaseJob { private readonly IAuthRequestRepository _authRepo; + private readonly IGlobalSettings _globalSettings; public DeleteAuthRequestsJob( IAuthRequestRepository authrepo, + IGlobalSettings globalSettings, ILogger logger) : base(logger) { _authRepo = authrepo; + _globalSettings = globalSettings; } protected async override Task ExecuteJobAsync(IJobExecutionContext context) { _logger.LogInformation(Constants.BypassFiltersEventId, "Execute job task: DeleteAuthRequestsJob: Start"); - var count = await _authRepo.DeleteExpiredAsync(); - _logger.LogInformation(Constants.BypassFiltersEventId, $"{count} records deleted from AuthRequests."); + var count = await _authRepo.DeleteExpiredAsync( + _globalSettings.PasswordlessAuth.UserRequestExpiration, + _globalSettings.PasswordlessAuth.AdminRequestExpiration, + _globalSettings.PasswordlessAuth.AfterAdminApprovalExpiration); + _logger.LogInformation(Constants.BypassFiltersEventId, "{Count} records deleted from AuthRequests.", count); _logger.LogInformation(Constants.BypassFiltersEventId, "Execute job task: DeleteAuthRequestsJob: End"); } } diff --git a/src/Core/Auth/Repositories/IAuthRequestRepository.cs b/src/Core/Auth/Repositories/IAuthRequestRepository.cs index 9b6624acd6..b414b2206b 100644 --- a/src/Core/Auth/Repositories/IAuthRequestRepository.cs +++ b/src/Core/Auth/Repositories/IAuthRequestRepository.cs @@ -5,7 +5,7 @@ namespace Bit.Core.Repositories; public interface IAuthRequestRepository : IRepository { - Task DeleteExpiredAsync(); + Task DeleteExpiredAsync(TimeSpan userRequestExpiration, TimeSpan adminRequestExpiration, TimeSpan afterAdminApprovalExpiration); Task> GetManyByUserIdAsync(Guid userId); Task> GetManyPendingByOrganizationIdAsync(Guid organizationId); Task> GetManyAdminApprovalRequestsByManyIdsAsync(Guid organizationId, IEnumerable ids); diff --git a/src/Core/Auth/Settings/IPasswordlessAuthSettings.cs b/src/Core/Auth/Settings/IPasswordlessAuthSettings.cs index c1437a5c9d..88b2f75f8e 100644 --- a/src/Core/Auth/Settings/IPasswordlessAuthSettings.cs +++ b/src/Core/Auth/Settings/IPasswordlessAuthSettings.cs @@ -3,4 +3,7 @@ public interface IPasswordlessAuthSettings { bool KnownDevicesOnly { get; set; } + TimeSpan UserRequestExpiration { get; set; } + TimeSpan AdminRequestExpiration { get; set; } + TimeSpan AfterAdminApprovalExpiration { get; set; } } diff --git a/src/Core/Settings/GlobalSettings.cs b/src/Core/Settings/GlobalSettings.cs index c2b7b4d456..3c3d3e0c55 100644 --- a/src/Core/Settings/GlobalSettings.cs +++ b/src/Core/Settings/GlobalSettings.cs @@ -534,6 +534,9 @@ public class GlobalSettings : IGlobalSettings public class PasswordlessAuthSettings : IPasswordlessAuthSettings { public bool KnownDevicesOnly { get; set; } = true; + public TimeSpan UserRequestExpiration { get; set; } = TimeSpan.FromMinutes(15); + public TimeSpan AdminRequestExpiration { get; set; } = TimeSpan.FromDays(7); + public TimeSpan AfterAdminApprovalExpiration { get; set; } = TimeSpan.FromHours(12); } public class DomainVerificationSettings : IDomainVerificationSettings diff --git a/src/Infrastructure.Dapper/Auth/Repositories/AuthRequestRepository.cs b/src/Infrastructure.Dapper/Auth/Repositories/AuthRequestRepository.cs index 107d16802e..67e636b4dd 100644 --- a/src/Infrastructure.Dapper/Auth/Repositories/AuthRequestRepository.cs +++ b/src/Infrastructure.Dapper/Auth/Repositories/AuthRequestRepository.cs @@ -19,13 +19,19 @@ public class AuthRequestRepository : Repository, IAuthRequest : base(connectionString, readOnlyConnectionString) { } - public async Task DeleteExpiredAsync() + public async Task DeleteExpiredAsync( + TimeSpan userRequestExpiration, TimeSpan adminRequestExpiration, TimeSpan afterAdminApprovalExpiration) { using (var connection = new SqlConnection(ConnectionString)) { return await connection.ExecuteAsync( $"[{Schema}].[AuthRequest_DeleteIfExpired]", - null, + new + { + UserExpirationSeconds = (int)userRequestExpiration.TotalSeconds, + AdminExpirationSeconds = (int)adminRequestExpiration.TotalSeconds, + AdminApprovalExpirationSeconds = (int)afterAdminApprovalExpiration.TotalSeconds, + }, commandType: CommandType.StoredProcedure); } } diff --git a/src/Infrastructure.EntityFramework/Auth/Repositories/AuthRequestRepository.cs b/src/Infrastructure.EntityFramework/Auth/Repositories/AuthRequestRepository.cs index 220019e8bd..af3ae195dc 100644 --- a/src/Infrastructure.EntityFramework/Auth/Repositories/AuthRequestRepository.cs +++ b/src/Infrastructure.EntityFramework/Auth/Repositories/AuthRequestRepository.cs @@ -15,15 +15,20 @@ public class AuthRequestRepository : Repository context.AuthRequests) { } - public async Task DeleteExpiredAsync() + public async Task DeleteExpiredAsync( + TimeSpan userRequestExpiration, TimeSpan adminRequestExpiration, TimeSpan afterAdminApprovalExpiration) { + using (var scope = ServiceScopeFactory.CreateScope()) { var dbContext = GetDatabaseContext(scope); - var expiredRequests = await dbContext.AuthRequests.Where(a => a.CreationDate < DateTime.Now.AddMinutes(-15)).ToListAsync(); + var expiredRequests = await dbContext.AuthRequests + .Where(a => (a.Type != AuthRequestType.AdminApproval && a.CreationDate.AddSeconds(userRequestExpiration.TotalSeconds) < DateTime.UtcNow) + || (a.Type == AuthRequestType.AdminApproval && a.Approved != true && a.CreationDate.AddSeconds(adminRequestExpiration.TotalSeconds) < DateTime.UtcNow) + || (a.Type == AuthRequestType.AdminApproval && a.Approved == true && a.ResponseDate.Value.AddSeconds(afterAdminApprovalExpiration.TotalSeconds) < DateTime.UtcNow)) + .ToListAsync(); dbContext.AuthRequests.RemoveRange(expiredRequests); - await dbContext.SaveChangesAsync(); - return 1; + return await dbContext.SaveChangesAsync(); } } diff --git a/src/Sql/Auth/dbo/Stored Procedures/AuthRequest_DeleteIfExpired.sql b/src/Sql/Auth/dbo/Stored Procedures/AuthRequest_DeleteIfExpired.sql index 736729c7b2..f471585ae0 100644 --- a/src/Sql/Auth/dbo/Stored Procedures/AuthRequest_DeleteIfExpired.sql +++ b/src/Sql/Auth/dbo/Stored Procedures/AuthRequest_DeleteIfExpired.sql @@ -1,6 +1,19 @@ -CREATE PROCEDURE [dbo].[AuthRequest_DeleteIfExpired] +-- UserExpirationSeconds to 15 minutes (15 * 60) +-- AdminExpirationSeconds to 7 days (7 * 24 * 60 * 60) +-- AdminApprovalExpirationSeconds to 12 hour (12 * 60 * 60) + +CREATE PROCEDURE [dbo].[AuthRequest_DeleteIfExpired] + @UserExpirationSeconds INT = 900, + @AdminExpirationSeconds INT = 604800, + @AdminApprovalExpirationSeconds INT = 43200 AS BEGIN SET NOCOUNT OFF - DELETE FROM [dbo].[AuthRequest] WHERE [CreationDate] < DATEADD(minute, -15, GETUTCDATE()); + DELETE FROM [dbo].[AuthRequest] + -- User requests expire after 15 minutes (by default) of their creation + WHERE ([Type] != 2 AND DATEADD(second, @UserExpirationSeconds, [CreationDate]) < GETUTCDATE()) + -- Admin requests expire after 7 days (by default) of their creation if they have not been approved + OR ([Type] = 2 AND ([Approved] IS NULL OR [Approved] = 0) AND DATEADD(second, @AdminExpirationSeconds,[CreationDate]) < GETUTCDATE()) + -- Admin requests expire after 12 hours (by default) of their approval + OR ([Type] = 2 AND [Approved] = 1 AND DATEADD(second, @AdminApprovalExpirationSeconds, [ResponseDate]) < GETUTCDATE()); END diff --git a/test/Infrastructure.IntegrationTest/Auth/Repositories/AuthRequestRepositoryTests.cs b/test/Infrastructure.IntegrationTest/Auth/Repositories/AuthRequestRepositoryTests.cs new file mode 100644 index 0000000000..b23b8ce4b8 --- /dev/null +++ b/test/Infrastructure.IntegrationTest/Auth/Repositories/AuthRequestRepositoryTests.cs @@ -0,0 +1,99 @@ +using Bit.Core.Auth.Entities; +using Bit.Core.Auth.Enums; +using Bit.Core.Entities; +using Bit.Core.Repositories; +using Xunit; + +namespace Bit.Infrastructure.IntegrationTest.Auth.Repositories; + +public class AuthRequestRepositoryTests +{ + private readonly static TimeSpan _userRequestExpiration = TimeSpan.FromMinutes(15); + private readonly static TimeSpan _adminRequestExpiration = TimeSpan.FromDays(6); + private readonly static TimeSpan _afterAdminApprovalExpiration = TimeSpan.FromHours(12); + + [DatabaseTheory, DatabaseData] + public async Task DeleteExpiredAsync_Works( + IAuthRequestRepository authRequestRepository, + IUserRepository userRepository, + ITestDatabaseHelper helper) + { + var user = await userRepository.CreateAsync(new User + { + Name = "Test User", + Email = $"test+{Guid.NewGuid()}@email.com", + ApiKey = "TEST", + SecurityStamp = "stamp", + }); + + // A user auth request type that has passed it's expiration time, should be deleted. + var userExpiredAuthRequest = await authRequestRepository.CreateAsync( + CreateAuthRequest(user.Id, AuthRequestType.AuthenticateAndUnlock, CreateExpiredDate(_userRequestExpiration))); + + // An AdminApproval request that hasn't had any action taken on it and has passed it's expiration time, should be deleted. + var adminApprovalExpiredAuthRequest = await authRequestRepository.CreateAsync( + CreateAuthRequest(user.Id, AuthRequestType.AdminApproval, CreateExpiredDate(_adminRequestExpiration))); + + // An AdminApproval request that was approved before it expired but the user has been approved for too long, should be deleted. + var adminApprovedExpiredAuthRequest = await authRequestRepository.CreateAsync( + CreateAuthRequest(user.Id, AuthRequestType.AdminApproval, DateTime.UtcNow.AddDays(-6), true, CreateExpiredDate(_afterAdminApprovalExpiration))); + + // An AdminApproval request that was rejected within it's allowed lifetime but has no gone past it's expiration time, should be deleted. + var adminRejectedExpiredAuthRequest = await authRequestRepository.CreateAsync( + CreateAuthRequest(user.Id, AuthRequestType.AdminApproval, CreateExpiredDate(_adminRequestExpiration), false, DateTime.UtcNow.AddHours(-1))); + + // A User AuthRequest that was created just a minute ago. + var notExpiredUserAuthRequest = await authRequestRepository.CreateAsync( + CreateAuthRequest(user.Id, AuthRequestType.Unlock, DateTime.UtcNow.AddMinutes(-1))); + + // An AdminApproval AuthRequest that was create 6 days 23 hours 59 minutes 59 seconds ago which is right on the edge of still being valid + var notExpiredAdminApprovalRequest = await authRequestRepository.CreateAsync( + CreateAuthRequest(user.Id, AuthRequestType.AdminApproval, DateTime.UtcNow.Add(new TimeSpan(days: 6, hours: 23, minutes: 59, seconds: 59)))); + + // An AdminApproval AuthRequest that was created a week ago but just approved 11 hours ago. + var notExpiredApprovedAdminApprovalRequest = await authRequestRepository.CreateAsync( + CreateAuthRequest(user.Id, AuthRequestType.AdminApproval, DateTime.UtcNow.AddDays(7), true, DateTime.UtcNow.AddHours(11))); + + helper.ClearTracker(); + + var numberOfDeleted = await authRequestRepository.DeleteExpiredAsync(_userRequestExpiration, _adminRequestExpiration, _afterAdminApprovalExpiration); + + // Ensure all the AuthRequests that should have been deleted, have been deleted. + Assert.Null(await authRequestRepository.GetByIdAsync(userExpiredAuthRequest.Id)); + Assert.Null(await authRequestRepository.GetByIdAsync(adminApprovalExpiredAuthRequest.Id)); + Assert.Null(await authRequestRepository.GetByIdAsync(adminApprovedExpiredAuthRequest.Id)); + Assert.Null(await authRequestRepository.GetByIdAsync(adminRejectedExpiredAuthRequest.Id)); + + // Ensure that all the AuthRequests that should have been left alone, were. + Assert.NotNull(await authRequestRepository.GetByIdAsync(notExpiredUserAuthRequest.Id)); + Assert.NotNull(await authRequestRepository.GetByIdAsync(notExpiredAdminApprovalRequest.Id)); + Assert.NotNull(await authRequestRepository.GetByIdAsync(notExpiredApprovedAdminApprovalRequest.Id)); + + // Ensure the repository responds with the amount of items it deleted and it deleted the right amount. + // NOTE: On local development this might fail on it's first run because the developer could have expired AuthRequests + // on their machine but aren't running the job that would delete them. The second run of this test should succeed. + Assert.Equal(4, numberOfDeleted); + } + + private static AuthRequest CreateAuthRequest(Guid userId, AuthRequestType authRequestType, DateTime creationDate, bool? approved = null, DateTime? responseDate = null) + { + return new AuthRequest + { + UserId = userId, + Type = authRequestType, + Approved = approved, + RequestDeviceIdentifier = "something", // TODO: EF Doesn't enforce this as not null + RequestIpAddress = "1.1.1.1", // TODO: EF Doesn't enforce this as not null + AccessCode = "test_access_code", // TODO: EF Doesn't enforce this as not null + PublicKey = "test_public_key", // TODO: EF Doesn't enforce this as not null + CreationDate = creationDate, + ResponseDate = responseDate, + }; + } + + private static DateTime CreateExpiredDate(TimeSpan expirationPeriod) + { + var exp = expirationPeriod + TimeSpan.FromMinutes(1); + return DateTime.UtcNow.Add(exp.Negate()); + } +} diff --git a/util/Migrator/DbScripts/2023-06-27_00_AuthRequestExpirationUpdates.sql b/util/Migrator/DbScripts/2023-06-27_00_AuthRequestExpirationUpdates.sql new file mode 100644 index 0000000000..cc6988f432 --- /dev/null +++ b/util/Migrator/DbScripts/2023-06-27_00_AuthRequestExpirationUpdates.sql @@ -0,0 +1,25 @@ +IF OBJECT_ID('[dbo].[AuthRequest_DeleteIfExpired]') IS NOT NULL + BEGIN + DROP PROCEDURE [dbo].[AuthRequest_DeleteIfExpired] + END +GO + +-- UserExpirationSeconds to 15 minutes (15 * 60) +-- AdminExpirationSeconds to 7 days (7 * 24 * 60 * 60) +-- AdminApprovalExpirationSeconds to 12 hour (12 * 60 * 60) + +CREATE PROCEDURE [dbo].[AuthRequest_DeleteIfExpired] + @UserExpirationSeconds INT = 900, + @AdminExpirationSeconds INT = 604800, + @AdminApprovalExpirationSeconds INT = 43200 +AS +BEGIN + SET NOCOUNT OFF + DELETE FROM [dbo].[AuthRequest] + -- User requests expire after 15 minutes (by default) of their creation + WHERE ([Type] != 2 AND DATEADD(second, @UserExpirationSeconds, [CreationDate]) < GETUTCDATE()) + -- Admin requests expire after 7 days (by default) of their creation if they have not been approved + OR ([Type] = 2 AND ([Approved] IS NULL OR [Approved] = 0) AND DATEADD(second, @AdminExpirationSeconds,[CreationDate]) < GETUTCDATE()) + -- Admin requests expire after 12 hours (by default) of their approval + OR ([Type] = 2 AND [Approved] = 1 AND DATEADD(second, @AdminApprovalExpirationSeconds, [ResponseDate]) < GETUTCDATE()); +END From b0214ae1be310a4fa2b8a70c475e5ffeebdb22bb Mon Sep 17 00:00:00 2001 From: Justin Baur <19896123+justindbaur@users.noreply.github.com> Date: Fri, 30 Jun 2023 18:41:11 -0400 Subject: [PATCH 09/15] [PM-863] Fix Organization Folders in EF Databases (#2856) * Fix Setting Organization Folders * Fix Formatting * Added ReplaceAsync Test * Fix SQL Server Test * Update Replace Call Also * Be Case Insensitive With Guids * Fix Assignment to Cipher --- .../Queries/UserCipherDetailsQuery.cs | 21 +++-- .../Vault/Repositories/CipherRepository.cs | 65 +++++++++------ .../Repositories/CipherRepositoryTests.cs | 83 ++++++++++++++++++- 3 files changed, 137 insertions(+), 32 deletions(-) diff --git a/src/Infrastructure.EntityFramework/Repositories/Queries/UserCipherDetailsQuery.cs b/src/Infrastructure.EntityFramework/Repositories/Queries/UserCipherDetailsQuery.cs index 25b8192ff7..faf84f4f97 100644 --- a/src/Infrastructure.EntityFramework/Repositories/Queries/UserCipherDetailsQuery.cs +++ b/src/Infrastructure.EntityFramework/Repositories/Queries/UserCipherDetailsQuery.cs @@ -50,7 +50,7 @@ public class UserCipherDetailsQuery : IQuery where ou.AccessAll || cu.CollectionId != null || g.AccessAll || cg.CollectionId != null - select new { c, ou, o, cc, cu, gu, g, cg }.c; + select c; var query2 = from c in dbContext.Ciphers where c.UserId == _userId @@ -79,14 +79,23 @@ public class UserCipherDetailsQuery : IQuery private static Guid? GetFolderId(Guid? userId, Cipher cipher) { - if (userId.HasValue && !string.IsNullOrWhiteSpace(cipher.Folders)) + try { - var folders = JsonSerializer.Deserialize>(cipher.Folders); - if (folders.TryGetValue(userId.Value, out var folder)) + if (userId.HasValue && !string.IsNullOrWhiteSpace(cipher.Folders)) { - return folder; + var folders = JsonSerializer.Deserialize>(cipher.Folders); + if (folders.TryGetValue(userId.Value, out var folder)) + { + return folder; + } } + + return null; + } + catch + { + // Some Folders might be in an invalid format like: '{ "", "" }' + return null; } - return null; } } diff --git a/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs b/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs index af21005ff3..cf2b5085d2 100644 --- a/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs +++ b/src/Infrastructure.EntityFramework/Vault/Repositories/CipherRepository.cs @@ -1,4 +1,6 @@ -using AutoMapper; +using System.Text.Json; +using System.Text.Json.Nodes; +using AutoMapper; using Bit.Core.Enums; using Bit.Core.Utilities; using Bit.Core.Vault.Enums; @@ -13,8 +15,8 @@ using Bit.Infrastructure.EntityFramework.Vault.Repositories.Queries; using LinqToDB.EntityFrameworkCore; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.DependencyInjection; -using Newtonsoft.Json; -using Newtonsoft.Json.Linq; +using NS = Newtonsoft.Json; +using NSL = Newtonsoft.Json.Linq; using User = Bit.Core.Entities.User; namespace Bit.Infrastructure.EntityFramework.Vault.Repositories; @@ -198,9 +200,9 @@ public class CipherRepository : Repository { var foldersJson = string.IsNullOrWhiteSpace(cipher.Folders) ? - new JObject() : - JObject.Parse(cipher.Folders); + new NSL.JObject() : + NSL.JObject.Parse(cipher.Folders); if (folderId.HasValue) { @@ -409,7 +411,7 @@ public class CipherRepository : Repository(cipher.UserId.Value.ToString(), true), + }); + cipher.Favorites = JsonSerializer.Serialize(jsonObject); } else { var favorites = CoreHelpers.LoadClassFromJsonData>(cipher.Favorites); favorites.Add(cipher.UserId.Value, true); - cipher.Favorites = JsonConvert.SerializeObject(favorites); + cipher.Favorites = JsonSerializer.Serialize(favorites); } } else @@ -447,32 +449,45 @@ public class CipherRepository : Repository>(cipher.Favorites); favorites.Remove(cipher.UserId.Value); - cipher.Favorites = JsonConvert.SerializeObject(favorites); + cipher.Favorites = JsonSerializer.Serialize(favorites); } } if (cipher.FolderId.HasValue) { if (cipher.Folders == null) { - cipher.Folders = $"{{{userIdKey}:\"{cipher.FolderId}\"}}"; + var jsonObject = new JsonObject(new[] + { + new KeyValuePair(cipher.UserId.Value.ToString(), cipher.FolderId), + }); + cipher.Folders = JsonSerializer.Serialize(jsonObject); } else { var folders = CoreHelpers.LoadClassFromJsonData>(cipher.Folders); folders.Add(cipher.UserId.Value, cipher.FolderId.Value); - cipher.Folders = JsonConvert.SerializeObject(folders); + cipher.Folders = JsonSerializer.Serialize(folders); } } else { if (cipher.Folders != null && cipher.Folders.Contains(cipher.UserId.Value.ToString())) { - var folders = CoreHelpers.LoadClassFromJsonData>(cipher.Favorites); + var folders = CoreHelpers.LoadClassFromJsonData>(cipher.Folders); folders.Remove(cipher.UserId.Value); - cipher.Favorites = JsonConvert.SerializeObject(folders); + cipher.Folders = JsonSerializer.Serialize(folders); } } - var mappedEntity = Mapper.Map((Core.Vault.Entities.Cipher)cipher); + + // Check if this cipher is a part of an organization, and if so do + // not save the UserId into the database. This must be done after we + // set the user specific data like Folders and Favorites because + // the UserId key is used for that + cipher.UserId = cipher.OrganizationId.HasValue ? + null : + cipher.UserId; + + var mappedEntity = Mapper.Map(cipher); dbContext.Entry(entity).CurrentValues.SetValues(mappedEntity); if (cipher.OrganizationId.HasValue) @@ -701,10 +716,10 @@ public class CipherRepository : Repository() : - JsonConvert.DeserializeObject>(cipher.Attachments); - var metaData = JsonConvert.DeserializeObject(attachment.AttachmentData); + NS.JsonConvert.DeserializeObject>(cipher.Attachments); + var metaData = NS.JsonConvert.DeserializeObject(attachment.AttachmentData); attachments[attachment.AttachmentId] = metaData; - cipher.Attachments = JsonConvert.SerializeObject(attachments); + cipher.Attachments = NS.JsonConvert.SerializeObject(attachments); await dbContext.SaveChangesAsync(); if (attachment.OrganizationId.HasValue) @@ -744,7 +759,7 @@ public class CipherRepository : Repository string.Equals(jp.Name, user.Id.ToString(), StringComparison.OrdinalIgnoreCase)); + + Assert.NotEqual(default, userProperty); + Assert.Equal(folder.Id, userProperty.Value.GetGuid()); + } } From 693f79c041ced68b33c143804033f4f903610b5d Mon Sep 17 00:00:00 2001 From: Matt Bishop Date: Mon, 3 Jul 2023 10:30:05 -0400 Subject: [PATCH 10/15] Add complexity to load tests via scenarios (#3034) --- perf/load/config.js | 34 +++++++++++++++++++++++++++------- perf/load/groups.js | 34 +++++++++++++++++++++++++++------- perf/load/login.js | 32 +++++++++++++++++++++++++------- 3 files changed, 79 insertions(+), 21 deletions(-) diff --git a/perf/load/config.js b/perf/load/config.js index 76a79b0919..16a7c7e64a 100644 --- a/perf/load/config.js +++ b/perf/load/config.js @@ -15,15 +15,35 @@ export const options = { name: "Config", }, }, - stages: [ - { duration: "30s", target: 10 }, - { duration: "1m", target: 20 }, - { duration: "2m", target: 25 }, - { duration: "30s", target: 0 }, - ], + scenarios: { + constant_load: { + executor: "constant-arrival-rate", + rate: 1, + timeUnit: "1s", // 1 request / second + duration: "10m", + preAllocatedVUs: 5, + }, + ramping_load: { + executor: "ramping-arrival-rate", + startRate: 60, + timeUnit: "1m", // 1 request / second to start + stages: [ + { duration: "30s", target: 60 }, + { duration: "2m", target: 150 }, + { duration: "1m", target: 90 }, + { duration: "2m", target: 200 }, + { duration: "2m", target: 120 }, + { duration: "1m", target: 180 }, + { duration: "30s", target: 250 }, + { duration: "30s", target: 90 }, + { duration: "30s", target: 0 }, + ], + preAllocatedVUs: 40, + }, + }, thresholds: { http_req_failed: ["rate<0.01"], - http_req_duration: ["p(95)<1000"], + http_req_duration: ["p(95)<750"], }, }; diff --git a/perf/load/groups.js b/perf/load/groups.js index 1ea4b5b0d8..d24f55e3e8 100644 --- a/perf/load/groups.js +++ b/perf/load/groups.js @@ -16,15 +16,35 @@ export const options = { name: "Groups", }, }, - stages: [ - { duration: "30s", target: 10 }, - { duration: "1m", target: 20 }, - { duration: "2m", target: 25 }, - { duration: "30s", target: 0 }, - ], + scenarios: { + constant_load: { + executor: "constant-arrival-rate", + rate: 30, + timeUnit: "1m", // 0.5 requests / second + duration: "10m", + preAllocatedVUs: 5, + }, + ramping_load: { + executor: "ramping-arrival-rate", + startRate: 30, + timeUnit: "1m", // 0.5 requests / second to start + stages: [ + { duration: "30s", target: 30 }, + { duration: "2m", target: 75 }, + { duration: "1m", target: 60 }, + { duration: "2m", target: 100 }, + { duration: "2m", target: 90 }, + { duration: "1m", target: 120 }, + { duration: "30s", target: 150 }, + { duration: "30s", target: 60 }, + { duration: "30s", target: 0 }, + ], + preAllocatedVUs: 20, + }, + }, thresholds: { http_req_failed: ["rate<0.01"], - http_req_duration: ["p(95)<1500"], + http_req_duration: ["p(95)<900"], }, }; diff --git a/perf/load/login.js b/perf/load/login.js index e95be6f513..d5ead94f56 100644 --- a/perf/load/login.js +++ b/perf/load/login.js @@ -12,15 +12,33 @@ export const options = { name: "Login", }, }, - stages: [ - { duration: "30s", target: 10 }, - { duration: "1m", target: 20 }, - { duration: "2m", target: 25 }, - { duration: "30s", target: 0 }, - ], + scenarios: { + constant_load: { + executor: "constant-arrival-rate", + rate: 2, + timeUnit: "1s", // 2 requests / second + duration: "10m", + preAllocatedVUs: 10, + }, + ramping_load: { + executor: "ramping-arrival-rate", + startRate: 60, + timeUnit: "1m", // 1 request / second to start + stages: [ + { duration: "30s", target: 60 }, + { duration: "5m", target: 120 }, + { duration: "2m", target: 150 }, + { duration: "1m", target: 180 }, + { duration: "30s", target: 200 }, + { duration: "30s", target: 90 }, + { duration: "30s", target: 0 }, + ], + preAllocatedVUs: 25, + }, + }, thresholds: { http_req_failed: ["rate<0.01"], - http_req_duration: ["p(95)<3000"], + http_req_duration: ["p(95)<1500"], }, }; From 3689fb701d20045c23ed74a1777ceea6eb131537 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Jul 2023 10:36:42 -0600 Subject: [PATCH 11/15] Update gh minor (#2974) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .../workflows/automatic-issue-responses.yml | 10 ++--- .github/workflows/build.yml | 44 +++++++++---------- .github/workflows/cleanup-after-pr.yml | 6 +-- .../workflows/container-registry-purge.yml | 4 +- .github/workflows/database.yml | 4 +- .github/workflows/infrastructure-tests.yml | 4 +- .github/workflows/protect-files.yml | 2 +- .github/workflows/release.yml | 12 ++--- .github/workflows/stale-bot.yml | 2 +- .github/workflows/stop-staging-slots.yml | 4 +- .github/workflows/version-bump.yml | 6 +-- 11 files changed, 49 insertions(+), 49 deletions(-) diff --git a/.github/workflows/automatic-issue-responses.yml b/.github/workflows/automatic-issue-responses.yml index 6ca8ec09ac..cfe999c80b 100644 --- a/.github/workflows/automatic-issue-responses.yml +++ b/.github/workflows/automatic-issue-responses.yml @@ -14,7 +14,7 @@ jobs: # Feature request - if: github.event.label.name == 'feature-request' name: Feature request - uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 + uses: peter-evans/close-issue@1373cadf1f0c96c1420bc000cfba2273ea307fd1 # v2.2.0 with: comment: | We use GitHub issues as a place to track bugs and other development related issues. The [Bitwarden Community Forums](https://community.bitwarden.com/) has a [Feature Requests](https://community.bitwarden.com/c/feature-requests) section for submitting, voting for, and discussing requests like this one. @@ -25,7 +25,7 @@ jobs: # Intended behavior - if: github.event.label.name == 'intended-behavior' name: Intended behaviour - uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 + uses: peter-evans/close-issue@1373cadf1f0c96c1420bc000cfba2273ea307fd1 # v2.2.0 with: comment: | Your issue appears to be describing the intended behavior of the software. If you want this to be changed, it would be a feature request. @@ -38,7 +38,7 @@ jobs: # Customer support request - if: github.event.label.name == 'customer-support' name: Customer Support request - uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 + uses: peter-evans/close-issue@1373cadf1f0c96c1420bc000cfba2273ea307fd1 # v2.2.0 with: comment: | We use GitHub issues as a place to track bugs and other development related issues. Your issue appears to be a support request, or would otherwise be better handled by our dedicated Customer Success team. @@ -49,14 +49,14 @@ jobs: # Resolved - if: github.event.label.name == 'resolved' name: Resolved - uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 + uses: peter-evans/close-issue@1373cadf1f0c96c1420bc000cfba2273ea307fd1 # v2.2.0 with: comment: | We’ve closed this issue, as it appears the original problem has been resolved. If this happens again or continues to be an problem, please respond to this issue with any additional detail to assist with reproduction and root cause analysis. # Stale - if: github.event.label.name == 'stale' name: Stale - uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 + uses: peter-evans/close-issue@1373cadf1f0c96c1420bc000cfba2273ea307fd1 # v2.2.0 with: comment: | As we haven’t heard from you about this problem in some time, this issue will now be closed. diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 97d6422251..6a739b798f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Install cloc run: | @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Verify Format run: dotnet format --verify-no-changes @@ -43,7 +43,7 @@ jobs: NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages steps: - name: Set up dotnet - uses: actions/setup-dotnet@9211491ffb35dd6a6657ca4f45d43dfe6e97c829 # v2.0.0 + uses: actions/setup-dotnet@a351d9ea84bc76ec7508debf02a39d88f8b6c0c0 # v2.1.1 with: dotnet-version: "6.0.x" @@ -55,7 +55,7 @@ jobs: echo "GitHub event: $GITHUB_EVENT" - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Restore run: dotnet restore --locked-mode @@ -131,10 +131,10 @@ jobs: dotnet: true steps: - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up Node - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: cache: "npm" cache-dependency-path: "**/package-lock.json" @@ -178,7 +178,7 @@ jobs: ls -atlh ../../../ - name: Upload project artifact - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: ${{ matrix.project_name }}.zip path: ${{ matrix.base_path }}/${{ matrix.project_name }}/${{ matrix.project_name }}.zip @@ -255,7 +255,7 @@ jobs: dotnet: true steps: - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Check Branch to Publish env: @@ -272,7 +272,7 @@ jobs: ########## ACRs ########## - name: Login to Azure - QA Subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} @@ -280,7 +280,7 @@ jobs: run: az acr login -n bitwardenqa - name: Login to Azure - PROD Subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} @@ -288,7 +288,7 @@ jobs: run: az acr login -n bitwardenprod - name: Login to Azure - CI Subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} @@ -351,7 +351,7 @@ jobs: - name: Get build artifact if: ${{ matrix.dotnet }} - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # v3.0.0 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ matrix.project_name }}.zip @@ -363,7 +363,7 @@ jobs: -d ${{ matrix.base_path }}/${{ matrix.project_name }}/obj/build-output/publish - name: Build Docker image - uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v3.2.0 + uses: docker/build-push-action@1104d471370f9806843c095c1db02b5a90c5f8b6 # v3.3.1 with: context: ${{ matrix.base_path }}/${{ matrix.project_name }} file: ${{ matrix.base_path }}/${{ matrix.project_name }}/Dockerfile @@ -393,12 +393,12 @@ jobs: needs: build-docker steps: - name: Set up dotnet - uses: actions/setup-dotnet@9211491ffb35dd6a6657ca4f45d43dfe6e97c829 # v3.0.3 + uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0 with: dotnet-version: "6.0.x" - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Restore run: dotnet tool restore @@ -431,7 +431,7 @@ jobs: - name: Upload Docker stub artifact if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix-rc' - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: docker-stub.zip path: docker-stub.zip @@ -439,7 +439,7 @@ jobs: - name: Upload Docker stub checksum artifact if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix-rc' - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: docker-stub-sha256.txt path: docker-stub-sha256.txt @@ -465,7 +465,7 @@ jobs: GLOBALSETTINGS__SQLSERVER__CONNECTIONSTRING: "placeholder" - name: Upload Swagger artifact - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: swagger.json path: swagger.json @@ -490,7 +490,7 @@ jobs: steps: - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Print environment run: | @@ -509,7 +509,7 @@ jobs: - name: Upload project artifact Windows if: ${{ contains(matrix.target, 'win') == true }} - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: MsSqlMigratorUtility-${{ matrix.target }} path: util/MsSqlMigratorUtility/obj/build-output/publish/MsSqlMigratorUtility.exe @@ -517,7 +517,7 @@ jobs: - name: Upload project artifact if: ${{ contains(matrix.target, 'win') == false }} - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: MsSqlMigratorUtility-${{ matrix.target }} path: util/MsSqlMigratorUtility/obj/build-output/publish/MsSqlMigratorUtility @@ -579,7 +579,7 @@ jobs: fi - name: Login to Azure - CI subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 if: failure() with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} diff --git a/.github/workflows/cleanup-after-pr.yml b/.github/workflows/cleanup-after-pr.yml index 0b9813a480..992343bfdf 100644 --- a/.github/workflows/cleanup-after-pr.yml +++ b/.github/workflows/cleanup-after-pr.yml @@ -11,11 +11,11 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout repo - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 ########## ACR ########## - name: Login to Azure - QA Subscription - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a # v1.3.0 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} @@ -23,7 +23,7 @@ jobs: run: az acr login -n bitwardenqa - name: Login to Azure - PROD Subscription - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a # v1.3.0 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} diff --git a/.github/workflows/container-registry-purge.yml b/.github/workflows/container-registry-purge.yml index c3f8f67db1..e6712acf77 100644 --- a/.github/workflows/container-registry-purge.yml +++ b/.github/workflows/container-registry-purge.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Login to Azure - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} @@ -85,7 +85,7 @@ jobs: fi - name: Login to Azure - CI subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 if: failure() with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} diff --git a/.github/workflows/database.yml b/.github/workflows/database.yml index ae8e87e8b1..850b73fc15 100644 --- a/.github/workflows/database.yml +++ b/.github/workflows/database.yml @@ -25,10 +25,10 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout repo - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up dotnet - uses: actions/setup-dotnet@9211491ffb35dd6a6657ca4f45d43dfe6e97c829 # v3.0.3 + uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0 with: dotnet-version: '6.0.x' diff --git a/.github/workflows/infrastructure-tests.yml b/.github/workflows/infrastructure-tests.yml index 08c052603e..978e933a34 100644 --- a/.github/workflows/infrastructure-tests.yml +++ b/.github/workflows/infrastructure-tests.yml @@ -38,10 +38,10 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout repo - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up dotnet - uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3 + uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0 with: dotnet-version: '6.0.x' diff --git a/.github/workflows/protect-files.yml b/.github/workflows/protect-files.yml index 7e703997d9..25a019c76d 100644 --- a/.github/workflows/protect-files.yml +++ b/.github/workflows/protect-files.yml @@ -30,7 +30,7 @@ jobs: label: "DB-migrations-changed" steps: - name: Checkout repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fc6bee1375..0b59a0a07d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,7 +34,7 @@ jobs: fi - name: Checkout repo - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Check Release Version id: version @@ -104,7 +104,7 @@ jobs: artifacts: ${{ matrix.name }}.zip - name: Login to Azure - CI subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} @@ -129,12 +129,12 @@ jobs: echo "publish-profile=$publish_profile" >> $GITHUB_OUTPUT - name: Login to Azure - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Deploy App - uses: azure/webapps-deploy@016bdd3f9b7cec60310bcf9da98f671628795644 # v2.2.4 + uses: azure/webapps-deploy@fb8292eb575db1bb18a90627e8959cd51dbb355c # v2.2.10 with: app-name: ${{ steps.retrieve-secrets.outputs.webapp-name }} publish-profile: ${{ steps.retrieve-secrets.outputs.publish-profile }} @@ -229,7 +229,7 @@ jobs: echo "Github Release Option: $RELEASE_OPTION" - name: Checkout repo - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Setup project name id: setup @@ -286,7 +286,7 @@ jobs: ########## ACR PROD ########## - name: Login to Azure - PROD Subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} diff --git a/.github/workflows/stale-bot.yml b/.github/workflows/stale-bot.yml index 5cd154cf28..86a4e0ccbc 100644 --- a/.github/workflows/stale-bot.yml +++ b/.github/workflows/stale-bot.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: 'Run stale action' - uses: actions/stale@3cc123766321e9f15a6676375c154ccffb12a358 # v5.0.0 + uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5.2.1 with: stale-issue-label: 'needs-reply' stale-pr-label: 'needs-changes' diff --git a/.github/workflows/stop-staging-slots.yml b/.github/workflows/stop-staging-slots.yml index 9d82da2abf..ca28a4db6b 100644 --- a/.github/workflows/stop-staging-slots.yml +++ b/.github/workflows/stop-staging-slots.yml @@ -29,7 +29,7 @@ jobs: echo "name_lower=$NAME_LOWER" >> $GITHUB_OUTPUT - name: Login to Azure - CI Subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} @@ -47,7 +47,7 @@ jobs: echo "webapp-name=$webapp_name" >> $GITHUB_OUTPUT - name: Login to Azure - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index af0d9ad6fc..1c9088a92c 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -14,10 +14,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout Branch - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Login to Azure - CI Subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf # v1.4.3 + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} @@ -29,7 +29,7 @@ jobs: secrets: "github-gpg-private-key, github-gpg-private-key-passphrase" - name: Import GPG key - uses: crazy-max/ghaction-import-gpg@111c56156bcc6918c056dbef52164cfa583dc549 # v5.2.0 + uses: crazy-max/ghaction-import-gpg@72b6676b71ab476b77e676928516f6982eef7a41 # v5.3.0 with: gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }} passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }} From 69ee329af8f678785bfd07654cb9f51b7c0d9553 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Jul 2023 10:40:49 -0600 Subject: [PATCH 12/15] Update actions/upload-artifact digest to 0b7f8ab (#2971) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/database.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/database.yml b/.github/workflows/database.yml index 850b73fc15..41ca7d6093 100644 --- a/.github/workflows/database.yml +++ b/.github/workflows/database.yml @@ -44,7 +44,7 @@ jobs: shell: pwsh - name: Upload DACPAC - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.1.2 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: sql.dacpac path: Sql.dacpac @@ -70,7 +70,7 @@ jobs: shell: pwsh - name: Upload Report - uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.1.2 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: report.xml path: | From 4e089286e503cb85a6c01d3590b74f61a7e10102 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Jul 2023 10:46:36 -0600 Subject: [PATCH 13/15] Update actions/setup-dotnet action to v3 (#2977) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6a739b798f..8b0d3b1fd5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,7 +43,7 @@ jobs: NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages steps: - name: Set up dotnet - uses: actions/setup-dotnet@a351d9ea84bc76ec7508debf02a39d88f8b6c0c0 # v2.1.1 + uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0 with: dotnet-version: "6.0.x" From b151605c28d3d0e6e24c843b903b97e1de42518a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rui=20Tom=C3=A9?= <108268980+r-tome@users.noreply.github.com> Date: Mon, 3 Jul 2023 21:43:13 +0100 Subject: [PATCH 14/15] [PM-2594] Added new property "CloudRegion" to GlobalSettings and ConfigResponseModel to be able to override the cloud url value for selfhost instances (#3024) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [PM-2594] Added new property "CloudVault" to GlobalSettings and ConfigResponseModel to be able to override this value for selfhost instances * [PM-2594] Renamed EnvironmentConfigResponseModel.CloudVault to CloudWebVault * [PM-2594] Added default value for globalSettings__baseServiceUri__cloudWebVault on EnvironmentFileBuilder * [PM-2594] Erased CloudWebVault environment variable and added CloudVaultRegion * [PM-2594] Changed var name on EnvironmentFileBuilder * [PM-2594] Renamed the env. variable and also the output property to CloudRegion --- src/Api/Models/Response/ConfigResponseModel.cs | 2 ++ src/Core/Settings/GlobalSettings.cs | 1 + src/Core/Settings/IBaseServiceUriSettings.cs | 1 + util/Setup/EnvironmentFileBuilder.cs | 1 + 4 files changed, 5 insertions(+) diff --git a/src/Api/Models/Response/ConfigResponseModel.cs b/src/Api/Models/Response/ConfigResponseModel.cs index 2e85a3a30d..e560271c00 100644 --- a/src/Api/Models/Response/ConfigResponseModel.cs +++ b/src/Api/Models/Response/ConfigResponseModel.cs @@ -28,6 +28,7 @@ public class ConfigResponseModel : ResponseModel GitHash = AssemblyHelpers.GetGitHash(); Environment = new EnvironmentConfigResponseModel { + CloudRegion = globalSettings.BaseServiceUri.CloudRegion, Vault = globalSettings.BaseServiceUri.Vault, Api = globalSettings.BaseServiceUri.Api, Identity = globalSettings.BaseServiceUri.Identity, @@ -46,6 +47,7 @@ public class ServerConfigResponseModel public class EnvironmentConfigResponseModel { + public string CloudRegion { get; set; } public string Vault { get; set; } public string Api { get; set; } public string Identity { get; set; } diff --git a/src/Core/Settings/GlobalSettings.cs b/src/Core/Settings/GlobalSettings.cs index 3c3d3e0c55..008bf46eff 100644 --- a/src/Core/Settings/GlobalSettings.cs +++ b/src/Core/Settings/GlobalSettings.cs @@ -143,6 +143,7 @@ public class GlobalSettings : IGlobalSettings _globalSettings = globalSettings; } + public string CloudRegion { get; set; } public string Vault { get; set; } public string VaultWithHash => $"{Vault}/#"; diff --git a/src/Core/Settings/IBaseServiceUriSettings.cs b/src/Core/Settings/IBaseServiceUriSettings.cs index 0550ae3e67..0acb504a2b 100644 --- a/src/Core/Settings/IBaseServiceUriSettings.cs +++ b/src/Core/Settings/IBaseServiceUriSettings.cs @@ -3,6 +3,7 @@ namespace Bit.Core.Settings; public interface IBaseServiceUriSettings { + string CloudRegion { get; set; } string Vault { get; set; } string VaultWithHash { get; } string Api { get; set; } diff --git a/util/Setup/EnvironmentFileBuilder.cs b/util/Setup/EnvironmentFileBuilder.cs index bba4180858..5babc6ca88 100644 --- a/util/Setup/EnvironmentFileBuilder.cs +++ b/util/Setup/EnvironmentFileBuilder.cs @@ -73,6 +73,7 @@ public class EnvironmentFileBuilder _globalOverrideValues = new Dictionary { ["globalSettings__baseServiceUri__vault"] = _context.Config.Url, + ["globalSettings__baseServiceUri__cloudVaultRegion"] = "US", ["globalSettings__sqlServer__connectionString"] = $"\"{dbConnectionString.Replace("\"", "\\\"")}\"", ["globalSettings__identityServer__certificatePassword"] = _context.Install?.IdentityCertPassword, ["globalSettings__internalIdentityKey"] = _context.Stub ? "RANDOM_IDENTITY_KEY" : From 62beb7d1e84c6d04e38addbc5bcaa1cc7d7b1417 Mon Sep 17 00:00:00 2001 From: Calum Lind Date: Tue, 4 Jul 2023 03:47:12 +0100 Subject: [PATCH 15/15] [PM-2300] Add Linux script to create dev certificates (#2941) * Add Linux script to create dev certificates A script based on the macOS script that can be used on Linux, either Debian or Red-hat derived distros. * Fix invalid trailing comma in secrets json example --- dev/create_certificates_linux.sh | 48 ++++++++++++++++++++++++++++++++ dev/secrets.json.example | 2 +- 2 files changed, 49 insertions(+), 1 deletion(-) create mode 100755 dev/create_certificates_linux.sh diff --git a/dev/create_certificates_linux.sh b/dev/create_certificates_linux.sh new file mode 100755 index 0000000000..1d42dc8595 --- /dev/null +++ b/dev/create_certificates_linux.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env bash +# Script for generating and installing the Bitwarden development certificates on Linux. + +IDENTITY_SERVER_KEY=identity_server_dev.key +IDENTITY_SERVER_CERT=identity_server_dev.crt +IDENTITY_SERVER_CN="Bitwarden Identity Server Dev" +DATA_PROTECTION_KEY=data_protection_dev.key +DATA_PROTECTION_CERT=data_protection_dev.crt +DATA_PROTECTION_CN="Bitwarden Data Protection Dev" + +# Detect management command to trust generated certificates. +if [ -x "$(command -v update-ca-certificates)" ]; then + # Debian based + CA_CERT_DIR=/usr/local/share/ca-certificates/ + UPDATE_CA_CMD=update-ca-certificates +elif [ -x "$(command -v update-ca-trust)" ]; then + # Redhat based + CA_CERT_DIR=/etc/pki/ca-trust/source/anchors/ + UPDATE_CA_CMD=update-ca-trust +else + echo 'Error: Update manager for CA certificates not found!' + exit 1 +fi + + +openssl req -x509 -newkey rsa:4096 -sha256 -nodes -days 3650 \ + -keyout $IDENTITY_SERVER_KEY \ + -out $IDENTITY_SERVER_CERT \ + -subj "/CN=$IDENTITY_SERVER_CN" + +sudo cp $IDENTITY_SERVER_CERT $CA_CERT_DIR + +openssl req -x509 -newkey rsa:4096 -sha256 -nodes -days 3650 \ + -keyout $DATA_PROTECTION_KEY \ + -out $DATA_PROTECTION_CERT \ + -subj "/CN=$DATA_PROTECTION_CN" + +sudo cp $DATA_PROTECTION_CERT $CA_CERT_DIR + +sudo $UPDATE_CA_CMD + +identity=($(openssl x509 -in $IDENTITY_SERVER_CERT -outform der | sha1sum | tr a-z A-Z)) +data=($(openssl x509 -in $DATA_PROTECTION_CERT -outform der | sha1sum | tr a-z A-Z)) + +echo "Certificate fingerprints:" + +echo "Identity Server Dev: ${identity}" +echo "Data Protection Dev: ${data}" diff --git a/dev/secrets.json.example b/dev/secrets.json.example index 5c9f901e2e..e296ffb7c0 100644 --- a/dev/secrets.json.example +++ b/dev/secrets.json.example @@ -15,7 +15,7 @@ "connectionString": "Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True" }, "postgreSql": { - "connectionString": "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev;Include Error Detail=true", + "connectionString": "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev;Include Error Detail=true" }, "mySql": { "connectionString": "server=localhost;uid=root;pwd=SET_A_PASSWORD_HERE_123;database=vault_dev"