bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-25 12:43:14 +00:00
Code Issues Releases Wiki Activity
6,304 Commits 480 Branches 222 Tags
685ee37e37944ed16f71a34d5bc4eaba5cd960bf
Commit Graph

4623 Commits

Author SHA1 Message Date
Bernd Schoolmann
ff092a031e [PM-23229] Add extra validation to kdf changes + authentication data + unlock data (#6121) 
* Added MasterPasswordUnlock to UserDecryptionOptions as part of identity response

* Implement support for authentication data and unlock data in kdf change

* Extract to kdf command and add tests

* Fix namespace

* Delete empty file

* Fix build

* Clean up tests

* Fix tests

* Add comments

* Cleanup

* Cleanup

* Cleanup

* Clean-up and fix build

* Address feedback; force new parameters on KDF change request

* Clean-up and add tests

* Re-add logger

* Update logger to interface

* Clean up, remove Kdf Request Model

* Remove kdf request model tests

* Fix types in test

* Address feedback to rename request model and re-add tests

* Fix namespace

* Move comments

* Rename InnerKdfRequestModel to KdfRequestModel

---------

Co-authored-by: Maciej Zieniuk <mzieniuk@bitwarden.com>
 2025-09-23 16:10:46 -04:00
Ike
3b54fea309 [PM-22696] send enumeration protection (#6352) 
* feat: add static enumeration helper class
* test: add enumeration helper class unit tests

* feat: implement NeverAuthenticateValidator
* test: unit and integration tests SendNeverAuthenticateValidator

* test: use static class for common integration test setup for Send Access unit and integration tests
* test: update tests to use static helper
 2025-09-23 06:38:22 -04:00
Daniel Riera
c6f5d5e36e [PM-25986] Add server side enum type for AutotypeDefaultSetting policy (#6356) 
* PM-25986 Add server side enum type for AutotypeDefaultSetting policy

* Update PolicyType.cs

remove space
 2025-09-22 15:39:15 -04:00
Stephon Brown
ed5e4271df [PM-25123] Remove VerifyBankAsync Code (#6355) 
* refactor: remove VerifyBankAsync from interface and implementation

* refactor: remove controller endpoint
 2025-09-22 13:51:36 -04:00
Thomas Avery
0b6b93048b [PM-25373] Add feature flag (#6358) 2025-09-22 11:05:16 -05:00
Vijay Oommen
fe7e96eb6a PM-25870 Activity tab feature flag (#6360) 2025-09-22 10:36:19 -05:00
SmithThe4th
d384c0cfe6 [PM-7730] Deprecate type-specific cipher properties in favor of opaque Data string (#6354) 
* Marked structured fields as obsolete and add Data field to the request model

* Fixed lint issues

* Deprecated properties

* Changed to 1mb
 2025-09-19 16:17:32 -04:00
Alex Morask
3ac3b8c8d9 Remove FF (#6302) 2025-09-19 12:27:12 -05:00
Alex Morask
14b307c15b [PM-25205] Don't respond with a tax ID warning for US customers (#6310) 
* Don't respond with a Tax ID warning for US customers

* Only show provider tax ID warning for non-US based providers
 2025-09-19 10:26:22 -05:00
rr-bw
d2c2ae5b4d fix(invalid-auth-request-approvals): Auth/[PM-3387] Better Error Handling for Invalid Auth Request Approval (#6264) 
If a user approves an invalid auth request, on the Requesting Device they currently they get stuck on the `LoginViaAuthRequestComponent` with a spinning wheel.

This PR makes it so that when an Approving Device attempts to approve an invalid auth request, the Approving Device receives an error toast and the `UpdateAuthRequestAsync()` operation is blocked.
 2025-09-18 17:30:05 -07:00
Vincent Salucci
7e4dac9837 chore: remove FF, references, and restructure code, refs PM-24373 (#6353) 2025-09-18 15:08:47 -05:00
Jared McCannon
9d3d35e0bf removing status from org name. (#6350) 2025-09-18 11:22:22 -05:00
renovate[bot]
c93c346473 [deps] Platform: Update LaunchDarkly.ServerSdk to 8.10.1 (#6210) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-18 13:50:24 +02:00
Daniel García
866a572d26 Enable custom IDs for bindings (#6340) 
* Enable custom IDs for bindings

* Remove description
 2025-09-18 13:41:19 +02:00
Thomas Rittson
780400fcf9 [PM-25138] Reduce db locking when creating default collections (#6308) 
* Use single method for default collection creation

* Use GenerateComb to create sequential guids

* Pre-sort data for SqlBulkCopy

* Add SqlBulkCopy options per dbops recommendations
 2025-09-18 14:50:36 +10:00
Ben Brooks
e46365ac20 feat(policies): add URI Match Defaults organizational policy (#6294) 
* feat(policies): add URI Match Defaults organizational policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* feat(policies): remove unecessary model and org feature

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

---------

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
 2025-09-17 14:36:00 -07:00
Patrick-Pimentel-Bitwarden
26e574e8d7 Auth/pm 25453/support n users auth request (#6347) 
* fix(pending-auth-request-view): [PM-25453] Bugfix Auth Requests Multiple Users Same Device - fixed view to allow for multiple users for each device when partitioning for the auth request view.
 2025-09-17 17:14:00 -04:00
Rui Tomé
d83395aeb0 [PM-25372] Filter out DefaultUserCollections from CiphersController.GetAssignedOrganizationCiphers (#6274) 
Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com>
 2025-09-17 12:43:27 -04:00
Dave
57f891f391 feat(sso): [auth/pm-17719] Make SSO identifier errors consistent (#6345) 
* feat(sso-account-controller): Make SSO identifiers consistent - align all return messages from prevalidate.

* feat(shared-resources): Make SSO identifiers consistent - remove unused string resources, add new consistent error message.

* feat(sso-account-controller): Make SSO identifiers consistent - Add logging.
 2025-09-16 15:01:23 -04:00
Jordan Aasen
6e309c6e04 fix cipher org details with collections task (#6342) 2025-09-16 09:00:32 -07:00
SmithThe4th
da48603c18 Revert "Remove archive date from create request (#6341)" (#6346) 
This reverts commit 2dd89b488d.
 2025-09-16 11:16:00 -04:00
Vincent Salucci
4b3ac2ea61 chore: resolve merge conflict to delete dc user removal feature flag, refs PM-24596 (#6344) 2025-09-15 16:00:07 -05:00
Álison Fernandes
6c512f1bc2 Add mobile CXP feature flags (#6343) 2025-09-15 20:57:13 +01:00
SmithThe4th
2dd89b488d Remove archive date from create request (#6341) 2025-09-15 14:11:25 -04:00
Daniel García
a173e7e2da [PM-25182] Improve Swagger OperationIDs for Vault (#6240) 
* Improve Swagger OperationIDs for Vault

* Some renames
 2025-09-15 18:05:06 +02:00
Conner Turnbull
0ee307a027 [PM-25533][BEEEP] Refactor license date calculations into extensions (#6295) 
* Refactor license date calculations into extensions

* `dotnet format`

* Handling case when expirationWithoutGracePeriod is null

* Removed extra UseAdminSponsoredFamilies claim
 2025-09-15 10:56:33 -04:00
Daniel García
981ff51d57 Update swashbuckle to fix API docs (#6319) 2025-09-15 16:49:46 +02:00
Vijay Oommen
b249c4e4d7 [PM-23761] Auto-reply to tickets in Freskdesk with help from Onyx AI (#6315) 2025-09-15 08:22:39 -05:00
Oscar Hinton
b4a0555a72 Change swagger docs to refer to main (#6337) 2025-09-15 15:02:40 +02:00
Jordan Aasen
6ade09312f [PM-21044] - optimize security task ReadByUserIdStatus (#5779) 
* optimize security task ReadByUserIdStatus

* fix AccessibleCiphers query

* fix error

* add migrator file

* fix migration

* update sproc

* mirror sprocs

* revert change to sproc

* add indexes. update filename. add GO statement

* move index declarations to appropriate files

* add missing GO statement

* select view. add existance checks for index

* update indexes

* revert changes

* rename file

* update security task

* update sproc

* update script file

* bump migration date

* add filtered index. update statistics, update description with perf metics

* rename file

* reordering

* remove update statistics

* remove update statistics

* add missing index

* fix sproc

* update timestamp

* improve sproc with de-dupe and views

* fix syntax error

* add missing inner join

* sync up index

* fix indentation

* update file timestamp

* remove unnecessary indexes. update sql to match guidelines.

* add comment for status

* add comment for status
 2025-09-12 11:49:40 -07:00
Jimmy Vo
854abb0993 [PM-23845] Update cache service to handle concurrency (#6170) 2025-09-12 13:44:19 -04:00
Patrick-Pimentel-Bitwarden
4e64d35f89 [PM-19151] [PM-19161] Innovation/archive/server (#5672) 
* Added the ArchivedDate to cipher entity and response model
* Created migration scripts for sqlserver and ef core migration to add the ArchivedDate column

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Shane <smelton@bitwarden.com>
Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com>
Co-authored-by: jng <jng@bitwarden.com>
 2025-09-12 13:24:30 -04:00
Jared McCannon
18aed0bd79 Added conditional subject and button text to invite email. (#6304) 
* Added conditional subject and button text to invite email.

* Added feature flag.
 2025-09-12 10:41:53 -05:00
Ike
7eb5035d94 [PM-22740] Update current context to jive with Send Access Tokens (#6307) 
* feat: modify current context to not include user information
* fix: circular dependency for feature check in current context. Successfully tested client isn't affected with feature flag off.
* test: whole bunch of tests for current context
 2025-09-12 10:53:11 -04:00
cyprain-okeke
c2cf290054 [PM-21938] Fix: Invoice Payment Issues After Payment Method Updates (#6306) 
* Resolve the unpaid issue after valid payment method is added

* Removed the draft status

* Remove draft from the logger msg
 2025-09-11 16:04:05 +01:00
Vincent Salucci
aab50ef5c4 [PM-24595] [PM-24596] Remove feature flag usage/definition for deleting users with no mp on import (#6313) 
* chore: remove dc prevent non-mp users from being deleted feature flag, refs PM-24596

* chore: format, refs PM-24596
 2025-09-11 08:25:57 -05:00
Nick Krantz
51c9958ff1 update global settings for icons service so URIs are available internally (#6303) 2025-09-11 08:21:04 -05:00
Thomas Rittson
2c860df34b [PM-15621] Refactor delete claimed user command (#6221) 
- create vNext command
- restructure command to simplify logic
- move validation to a separate class
- implement result types using OneOf library and demo
  their use here
 2025-09-11 13:58:32 +10:00
Thomas Rittson
bd1745a50d [PM-24192] Add OrganizationContext in API project (#6291) 2025-09-11 07:37:45 +10:00
Derek Nance
04cb7820a6 [PM-25088] Fix collision with PM-24964 (#6312) 
`ISetupIntentCache.Remove` (used in #6262) was renamed to
`RemoveSetupIntentForSubscriber` with 3dd5acc in #6263.
 2025-09-10 16:34:10 -05:00
Brant DeBow
e57569ad57 Alter Integration Template processing to remove keys when encountering null values (#6309) 2025-09-10 14:17:45 -04:00
Kyle Denney
a458db319e [PM-25088] - refactor premium purchase endpoint (#6262) 
* [PM-25088] add feature flag for new premium subscription flow

* [PM-25088] refactor premium endpoint

* forgot the punctuation change in the test

* [PM-25088] - pr feedback

* [PM-25088] - pr feedback round two
 2025-09-10 10:08:22 -05:00
Jimmy Vo
d43b00dad9 [PM-24279] Add vnext policy endpoint (#6253) 2025-09-10 10:13:04 -04:00
renovate[bot]
52045b89fa [deps]: Lock file maintenance (#5876) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
 2025-09-10 08:55:21 -04:00
Daniel García
5f76804f47 Improve Swagger OperationIDs for AC (#6236) 2025-09-10 01:00:07 +02:00
renovate[bot]
48a262ff1e [deps] Auth: Update sass to v1.91.0 (#6206) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-09 17:15:47 -04:00
renovate[bot]
3283e6c1a6 [deps] Auth: Update webpack to v5.101.3 (#6208) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
 2025-09-09 17:14:44 -04:00
renovate[bot]
4f4b35e4bf [deps] Auth: Update DuoUniversal to 1.3.1 (#5862) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-09 16:55:31 -04:00
Kyle Spearrin
c4f22a4508 [PM-25381] Add env variables for controlling refresh token lifetimes (#6276) 
* add env variables for controlling refresh token lifetimes

* fix whitespace

* added setting for adjusting refresh token expiration policy

* format
 2025-09-09 15:30:58 -04:00
Jared McCannon
2986a883eb [PM-25126] Add Bulk Policy Details (#6256) 
* Added new bulk get for policy details

* Query improvements to avoid unnecessary look-ups.
 2025-09-09 13:43:14 -05:00