bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-27 05:33:17 +00:00
Code Issues Releases Wiki Activity

Auth/pm 17111/add browser to list of approving clients (#5792)

Browse Source 
* feat(update-auth-approving-clients): [PM-17111] Add Browser to List of Approving Clients - Initial changes.

* feat(update-auth-approving-clients): [PM-17111] Add Browser to List of Approving Clients - Updated tests.

* test(update-auth-approving-clients): [PM-17111] Add Browser to List of Approving Clients - Strengthened tests.
This commit is contained in:
Patrick-Pimentel-Bitwarden
2025-05-13 15:43:11 -04:00
committed by GitHub
parent 5700347e08
commit dd2ea41b74
4 changed files with 74 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Identity/IdentityServer/UserDecryptionOptionsBuilder.cs
View File

@@ -6,6 +6,7 @@ using Bit.Core.Context;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Repositories;
using Bit.Core.Utilities;
using Bit.Identity.Utilities;
namespace Bit.Identity.IdentityServer;
@@ -24,7 +25,7 @@ public class UserDecryptionOptionsBuilder : IUserDecryptionOptionsBuilder
private UserDecryptionOptions _options = new UserDecryptionOptions();
private User? _user;
private Core.Auth.Entities.SsoConfig? _ssoConfig;
private SsoConfig? _ssoConfig;
private Device? _device;
public UserDecryptionOptionsBuilder(
@@ -45,7 +46,7 @@ public class UserDecryptionOptionsBuilder : IUserDecryptionOptionsBuilder
return this;
}
public IUserDecryptionOptionsBuilder WithSso(Core.Auth.Entities.SsoConfig ssoConfig)
public IUserDecryptionOptionsBuilder WithSso(SsoConfig ssoConfig)
{
_ssoConfig = ssoConfig;
return this;
@@ -119,8 +120,7 @@ public class UserDecryptionOptionsBuilder : IUserDecryptionOptionsBuilder
// their current device.
// NOTE: this doesn't check for if the users have configured the devices to be capable of approving requests as that is a client side setting.
hasLoginApprovingDevice = allDevices
.Where(d => d.Identifier != _device.Identifier && LoginApprovingDeviceTypes.Types.Contains(d.Type))
.Any();
.Any(d => d.Identifier != _device.Identifier && LoginApprovingClientTypes.TypesThatCanApprove.Contains(DeviceTypes.ToClientType(d.Type)));
}
// Determine if user has manage reset password permission as post sso logic requires it for forcing users with this permission to set a MP