bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-31 07:33:43 +00:00
Code Issues Releases Wiki Activity
6,400 Commits 475 Branches 222 Tags
07c838773b4fa2c4a8fe1e7653fc670f6ebdee90
Commit Graph

482 Commits

Author SHA1 Message Date
Jake Fink
b072fc56b1 [PM-6794] block legacy users from authN (#4088) 
* block legacy users from authN

* undo change to GetDeviceFromRequest

* lint

* add feature flag

* format

* add web vault url to error message

* fix test

* format
 2024-06-03 09:19:56 -04:00
Jake Fink
3bb8cce2e6 add login redirect url to identity server (#4092) 2024-05-16 15:47:44 -04:00
Ike
479f8319c2 remove alias (#4058) 2024-05-09 08:43:43 -07:00
renovate[bot]
79a4cbaa09 [PM-7335] [deps] Auth: Update Duende.IdentityServer to v7 (#3709) 
* [deps] Auth: Update Duende.IdentityServer to v7

* Fixes for upgrade incompatibility

* Update configuration file used in a test

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
 2024-04-30 09:50:36 -07:00
Matt Bishop
d46527899e Remove DocumentDB settings placeholders (#3943) 2024-03-29 13:28:16 -04:00
Todd Martin
611a65e0a9 [PM-5437] Handle client_credentials clientId that is not a valid GUID (#3616) 
* Return null if the clientId is not a valid Guid.

* Linting
 2024-03-19 10:21:15 -04:00
Justin Baur
70fac808b0 Use FrozenDictionary in StaticClientStore (#3833) 
* Add Benchmark

* Use FrozenDictionary

* Use TryGetValue

* Format
 2024-02-21 10:29:59 -05:00
Todd Martin
1a3146f776 [PM-5800] Remove feature flag checks for PasswordlessLogin (#3713) 
* Removed feature flag checks for PasswordlessLogin

* Removed unused reference.
 2024-02-13 11:15:24 -05:00
Kyle Spearrin
17118bc74f [PM-6208] Move TOTP cache validation logic to providers (#3779) 
* move totp cache validation logic to providers

* remove unused usings

* reduce TTL
 2024-02-09 12:44:31 -08:00
Kyle Spearrin
6174df0874 [PM-6196] Cleanup distributed cache for identity (#3704) 
* cleanup distributed cache for identity

* removed unused using

* use persistent IDistributedCache
 2024-02-09 07:43:28 -05:00
Oscar Hinton
0766806279 [PM-6165] Add x-enum-varnames to improve swagger generation (#3767) 
Improves code generation of enums for the server bindings in the sdk. Bindings will now use the appropiate variable name from the server.

Works by adding a filter which appends x-enum-varnames to enums with the name from c#.
 2024-02-09 09:47:03 +01:00
Kyle Spearrin
707347ce3e [PM-3570] Adjust refresh token lifetimes (#3697) 
* adjust refresh token lifetimes

* fix broken grant delete

* Update ApiClient.cs

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
 2024-02-08 21:36:15 +00:00
Kyle Spearrin
f0a8fd63ca remove the redis grant store (#3757) 2024-02-07 14:50:23 -05:00
Matt Bishop
ae1fdb0992 [PM-5052] Upgrade to .NET 8 (#3461) 
* Upgrade to .NET 8

* Linting

* Clean up old JSON deserialization code

* More .NET 8-oriented linting

* Light feedback

* Get rid of old test we don't know the root issue for

* Fix a new test

* Remove now-unnecessary Renovate constraint

* Use Any()

* Somehow a 6.0 tooling config we don't need snuck back in

* Space out properties that always change per release

* Bump a few core packages since the last update
 2024-02-05 13:03:42 -05:00
Ike
0deb13791a [PM-4614] Updating Duo to SDK v4 for Universal Prompt (#3664) 
* added v4 updates

* Fixed packages.

* Null checks and OrganizationDuo

* enable backwards compatibility support

* updated validation

* Update DuoUniversalPromptService.cs

add JIRA ticket for cleanup

* Update BaseRequestValidator.cs

* updates to names and comments

* fixed tests

* fixed validation errros and authURL

* updated naming

* Filename change

* Update BaseRequestValidator.cs
 2024-01-24 10:13:00 -08:00
Matt Bishop
974d23efdd Establish IFeatureService as scoped (#3679) 
* Establish IFeatureService as scoped

* Lint

* Feedback around injection
 2024-01-18 09:47:34 -05:00
Todd Martin
956efbdb39 [PM-2260] Remove TDE feature flag (#3614) 
* Remove TDE feature flag.

* Removed references to feature service from decryption options builder.

* Removed redundant references.

* Removed test that is no longer valid, as it was testing the feature flag.

* Removed remainder of TDE feature check.
 2024-01-10 12:33:19 -05:00
Kyle Spearrin
a6db79f613 [PM-5645] Cosmos DB Grant Storage (#3634) 
* table storage grants

* simple shard on storage accounts

* use is not

* cosmos grant repo

* remove single storage connection string

* some fixes to dapper grant repo

* pattern matching

* add fallback to base PersistedGrantStore

* service collection extension cleanup

* cleanup

* remove unused Id

* empty string rowkey

* fix sharding method logic

* ttl for cosmos

* make ttl an int

* fixes to cosmos implementation

* fix partition key values

* catch notfound exceptions

* indenting

* update grantitem with custom serialization

* use new transform helpers

* grantloader perf test tool

* ref

* remove grant loader project

* remove table storage implementation

* remove table storage stuff

* all redis fallback to build to null

* revert sln file change

* EOF new line

* remove trailing comma

* lint fixes

* add grant to names

* move cosmos serilaizer to utils

* add some .net 8 keyed service comments

* EnableContentResponseOnWrite

* Fix type in EF grant repository
 2024-01-10 12:59:16 +00:00
Thomas Rittson
af7811ba9a [AC-1971] Add SwaggerUI to CORS policy (#3583) 
* Allow SwaggerUI authorize requests if in development
 2023-12-19 11:51:46 +10:00
Justin Baur
1b705df958 [PM-5293] Redis for Grants (#3577) 
* Add Initial Redis Implementation

* Format

* Add Key to PersistedGrant

* Reference Identity In Microbenchmark Project

* Allow Filterable Benchmarks

* Use Shorter Key And Cast to RedisKey Once

* Add RedisPersistedGrantStore Benchmarks

* Run restore

* Format

* Update ID4 References

* Make RedisGrantStore Singleton

* Use MessagePack

* Use Cached Options

* Turn off Compression

* Minor Feedback

* Add Docs to StorablePersistedGrant

* Use existing Identity Redis

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
 2023-12-15 10:53:00 -05:00
Andreas Coroiu
d63c917c95 [PM-4619] Rewrite UserService methods as commands (#3432) 
* [PM-4619] feat: scaffold new create options command

* [PM-4169] feat: implement credential create options command

* [PM-4619] feat: create command for credential creation

* [PM-4619] feat: create assertion options command

* [PM-4619] chore: clean-up unused argument

* [PM-4619] feat: implement assertion command

* [PM-4619] feat: migrate to commands

* [PM-4619] fix: lint

* [PM-4169] fix: use constant

* [PM-4619] fix: lint

I have no idea what this commit acutally changes, but the file seems to have some character encoding issues. This fix was generated by `dotnet format`
 2023-12-14 09:35:52 +01:00
Matt Bishop
52cb253c9a Add IdentityServer license (#3552) 2023-12-12 13:08:49 -05:00
Matt Bishop
890a09804f Stop using lockfiles (#3550) 2023-12-12 09:09:42 -05:00
Justin Baur
8d36dfa5d3 Make development easier (#3504) 
* Remove Certificate Steps from Setup

* Add Helpers to VSCode Tasks

* Force Ephermal Key in Integration Tests

* Add Property to Interface
 2023-12-08 15:14:49 -05:00
renovate[bot]
43eea0d297 [deps] Billing: Update Braintree to v5.21.0 (#3537) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-12-08 14:46:39 -05:00
renovate[bot]
62bf2a146f [deps] Tools: Update MailKit to v4.3.0 (#3533) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-12-08 18:21:26 +01:00
renovate[bot]
baafbe4576 [deps] Tools: Update SendGrid to v9.28.1 (#3534) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-12-08 18:07:33 +01:00
renovate[bot]
3e323ae3d9 [deps] Platform: Update dotnet monorepo to v6.0.25 (#3507) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-12-08 12:04:13 -05:00
renovate[bot]
3ecec808b6 [deps] Billing: Update Serilog.Extensions.Logging.File to v3 (#3069) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-12-08 11:54:20 -05:00
Oscar Hinton
eedc96263a [PM-3565] Enforce higher minimum KDF (#3304) 
Extract KDF logic into a new Range class. Increase minimum iterations for PBKDF.
 2023-12-05 17:21:46 +01:00
github-actions[bot]
26e6093c14 Bumped version to 2023.12.0 (#3519) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2023-12-05 10:55:20 -05:00
renovate[bot]
b05bdbac01 [deps] SM: Update Dapper to v2.1.24 (#3482) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-12-04 16:36:54 -06:00
renovate[bot]
333a51b3f2 [deps] Tools: Update Handlebars.Net to v2.1.4 (#3508) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-12-04 12:02:30 +01:00
renovate[bot]
85df9716d8 [deps] SM: Update EntityFrameworkCore (#3494) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-11-30 16:49:15 -06:00
Thomas Rittson
9021236d61 AC Team code ownership moves: Organization pt. 1 (#3472) 
* move Organization.cs files to AC Team code ownership
 2023-11-28 17:18:08 -06:00
renovate[bot]
14bd7d1415 [deps] Billing: Update Newtonsoft.Json to v13.0.3 (#3439) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-11-28 08:47:04 -05:00
renovate[bot]
959b2393b3 [deps] Billing: Update Serilog.Sinks.SyslogMessages to v2.0.9 (#3456) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-11-28 08:41:44 -05:00
Thomas Rittson
42cec31d07 [AC-1287] AC Team code ownership moves: Policies (1/2) (#3383) 
* note: IPolicyData and EntityFramework Policy.cs are moved without any
  changes to namespace or content in order to preserve git history.
 2023-11-22 16:07:37 -05:00
Andreas Coroiu
ef50e4dbcd [PM-2041] Finish adding FIDO2 Authentication (#3467) 2023-11-22 13:24:19 -05:00
github-actions[bot]
636a7646a3 Bumped version to 2023.10.3 (#3462) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2023-11-21 11:43:57 -05:00
Matt Bishop
87fd4ad97d [PM-3569] Upgrade to Duende.Identity (#3185) 
* Upgrade to Duende.Identity

* Linting

* Get rid of last IdentityServer4 package

* Fix identity test since Duende returns additional configuration

* Use Configure

PostConfigure is ran after ASP.NET's PostConfigure
so ConfigurationManager was already configured and our HttpHandler wasn't
being respected.

* Regenerate lockfiles

* Move to 6.0.4 for patches

* fixes with testing

* Add additional grant type supported in 6.0.4 and beautify

* Lockfile refresh

* Reapply lockfiles

* Apply change to new WebAuthn logic

* When automated merging fails me

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
 2023-11-20 16:32:23 -05:00
Andreas Coroiu
80740aa4ba [PM-2032] Server endpoints to support authentication with a passkey (#3361) 
* [PM-2032] feat: add assertion options tokenable

* [PM-2032] feat: add request and response models

* [PM-2032] feat: implement `assertion-options` identity endpoint

* [PM-2032] feat: implement authentication with passkey

* [PM-2032] chore: rename to `WebAuthnGrantValidator`

* [PM-2032] fix: add missing subsitute

* [PM-2032] feat: start adding builder

* [PM-2032] feat: add support for KeyConnector

* [PM-2032] feat: add first version of TDE

* [PM-2032] chore: refactor WithSso

* [PM-2023] feat: add support for TDE feature flag

* [PM-2023] feat: add support for approving devices

* [PM-2023] feat: add support for hasManageResetPasswordPermission

* [PM-2032] feat: add support for hasAdminApproval

* [PM-2032] chore: don't supply device if not necessary

* [PM-2032] chore: clean up imports

* [PM-2023] feat: extract interface

* [PM-2023] chore: add clarifying comment

* [PM-2023] feat: use new builder in production code

* [PM-2032] feat: add support for PRF

* [PM-2032] chore: clean-up todos

* [PM-2023] chore: remove token which is no longer used

* [PM-2032] chore: remove todo

* [PM-2032] feat: improve assertion error handling

* [PM-2032] fix: linting issues

* [PM-2032] fix: revert changes to `launchSettings.json`

* [PM-2023] chore: clean up assertion endpoint

* [PM-2032] feat: bypass 2FA

* [PM-2032] fix: rename prf option to singular

* [PM-2032] fix: lint

* [PM-2032] fix: typo

* [PM-2032] chore: improve builder tests

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>

* [PM-2032] chore: clarify why we don't require 2FA

* [PM-2023] feat: move `identityProvider` constant to common class

* [PM-2032] fix: lint

* [PM-2023] fix: move `IdentityProvider` to core.Constants

* [PM-2032] fix: missing import

* [PM-2032] chore: refactor token timespan to use `TimeSpan`

* [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync

* [PM-2032] chore: use `FromMinutes`

* [PM-2032] fix: change to 17 minutes to cover webauthn assertion

* [PM-2032] chore: do not use `async void`

* [PM-2032] fix: comment saying wrong amount of minutes

* [PM-2032] feat: put validator behind feature flag

* [PM-2032] fix: lint

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
 2023-11-20 15:55:31 +01:00
Matt Bishop
fb89e07df7 Provide LaunchDarkly application info (#3435) 
* Upgrade to SDK v8

* Provide application properties

* Test adjustments

* Clean up tests

* Ensure project name is set

* Add a 'v' for Git tagging support
 2023-11-13 14:46:39 -05:00
Daniel James Smith
95680b434b Update lockfiles by running dotnet restore --force-evaluate (#3430) 
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
 2023-11-09 14:48:18 +01:00
Justin Baur
81868dc5a3 Add Explicit Reference to Azure.Identity (#3426) 2023-11-08 12:58:42 -05:00
github-actions[bot]
3f7ff52f0b Bumped version to 2023.10.2 (#3415) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2023-11-06 20:21:47 -05:00
github-actions[bot]
a66528cf46 Bumped version to 2023.10.1 (#3408) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2023-11-02 14:21:55 -04:00
github-actions[bot]
1800e6ffd3 Bumped version to 2023.10.0 (#3396) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2023-10-31 09:32:34 -04:00
Kyle Spearrin
44c559c723 Support for passkey registration (#2885) 
* support for fido2 auth

* stub out registration implementations

* stub out assertion steps and token issuance

* verify token

* webauthn tokenable

* remove duplicate expiration set

* revert sqlproj changes

* update sqlproj target framework

* update new validator signature

* [PM-2014] Passkey registration (#2915)

* [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository`

* [PM-2014] fix: add missing service registration

* [PM-2014] feat: add user verification when fetching options

* [PM-2014] feat: create migration script for mssql

* [PM-2014] chore: append to todo comment

* [PM-2014] feat: add support for creation token

* [PM-2014] feat: implement credential saving

* [PM-2014] chore: add resident key TODO comment

* [PM-2014] feat: implement passkey listing

* [PM-2014] feat: implement deletion without user verification

* [PM-2014] feat: add user verification to delete

* [PM-2014] feat: implement passkey limit

* [PM-2014] chore: clean up todo comments

* [PM-2014] fix: add missing sql scripts

Missed staging them when commiting

* [PM-2014] feat: include options response model in swagger docs

* [PM-2014] chore: move properties after ctor

* [PM-2014] feat: use `Guid` directly as input paramter

* [PM-2014] feat: use nullable guid in token

* [PM-2014] chore: add new-line

* [PM-2014] feat: add support for feature flag

* [PM-2014] feat: start adding controller tests

* [PM-2014] feat: add user verification test

* [PM-2014] feat: add controller tests for token interaction

* [PM-2014] feat: add tokenable tests

* [PM-2014] chore: clean up commented premium check

* [PM-2014] feat: add user service test for credential limit

* [PM-2014] fix: run `dotnet format`

* [PM-2014] chore: remove trailing comma

* [PM-2014] chore: add `Async` suffix

* [PM-2014] chore: move delay to constant

* [PM-2014] chore: change `default` to `null`

* [PM-2014] chore: remove autogenerated weirdness

* [PM-2014] fix: lint

* Added check for PasswordlessLogin feature flag on new controller and methods. (#3284)

* Added check for PasswordlessLogin feature flag on new controller and methods.

* fix: build error from missing constructor argument

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>

* [PM-4171] Update DB to support PRF (#3321)

* [PM-4171] feat: update database to support PRF

* [PM-4171] feat: rename `DescriptorId` to `CredentialId`

* [PM-4171] feat: add PRF felds to domain object

* [PM-4171] feat: add `SupportsPrf` column

* [PM-4171] fix: add missing comma

* [PM-4171] fix: add comma

* [PM-3263] fix identity server tests for passkey registration (#3331)

* Added WebAuthnRepo to EF DI

* updated config to match current grant types

* Remove ExtensionGrantValidator (#3363)

* Linting

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
 2023-10-30 09:40:06 -04:00
Thomas Rittson
26dd8b0e47 [AC-1284] AC Team code ownership moves - Provider (#3359) 2023-10-26 13:38:29 -04:00