1
0
mirror of https://github.com/bitwarden/server synced 2026-02-20 03:13:35 +00:00

fix(redirect): [PM-30810] Https Redirection for Cloud Users - Addressed reviewer feedback.

This commit is contained in:
Patrick Pimentel
2026-02-13 16:59:30 -05:00
parent d7431f438b
commit ae47e33ec0
3 changed files with 10 additions and 9 deletions

View File

@@ -166,9 +166,7 @@ public class DuoUniversalTokenService(
}
var normalizedHost = host.ToLowerInvariant();
return normalizedHost.EndsWith("bitwarden.com") ||
normalizedHost.EndsWith("bitwarden.eu") ||
normalizedHost.EndsWith("bitwarden.pw");
return Constants.BitwardenCloudDomains.Any(d => normalizedHost.EndsWith(d));
}
private static DuoDeeplinkScheme? GetDeeplinkSchemeOverride(HttpContext httpContext)

View File

@@ -33,6 +33,11 @@ public static class Constants
public const string SSHKeyCipherMinimumVersion = "2024.12.0";
public const string DenyLegacyUserMinimumVersion = "2025.6.0";
/// <summary>
/// Domain suffixes for Bitwarden cloud-hosted environments.
/// </summary>
public static readonly string[] BitwardenCloudDomains = ["bitwarden.com", "bitwarden.eu", "bitwarden.pw"];
/// <summary>
/// Used by IdentityServer to identify our own provider.
/// </summary>

View File

@@ -1,6 +1,7 @@
// FIXME: Update this file to be null safe and then delete the line below
#nullable disable
using Bit.Core;
using Bit.Core.Settings;
using Bit.Identity.IdentityServer.RequestValidators;
using Duende.IdentityServer.Models;
@@ -82,12 +83,9 @@ public class ApiClient : Client
}
else if (id == "mobile")
{
RedirectUris = new[] {
"bitwarden://sso-callback",
"https://bitwarden.com/sso-callback",
"https://bitwarden.eu/sso-callback",
"https://bitwarden.pw/sso-callback",
};
RedirectUris = new[] { "bitwarden://sso-callback" }
.Concat(Constants.BitwardenCloudDomains.Select(d => $"https://{d}/sso-callback"))
.ToArray();
PostLogoutRedirectUris = new[] { "bitwarden://logged-out" };
}