Upstream/bitwarden-mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile.git synced 2024-09-29 04:07:37 +02:00
Code Issues Projects Releases Wiki Activity
427ff09af0
bitwarden-mobile/src/Core/Services/ApiService.cs

739 lines
29 KiB
C#
Raw Normal View History

stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
using Bit.Core.Abstractions;
Client & Version headers (#1757)
2022-02-08 17:43:40 +01:00
using Bit.Core.Enums;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
using Bit.Core.Exceptions;
using Bit.Core.Models.Domain;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
using Bit.Core.Models.Request;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
using Bit.Core.Models.Response;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
using Newtonsoft.Json;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
using Newtonsoft.Json.Linq;
account apis
2019-04-10 21:35:23 +02:00
using Newtonsoft.Json.Serialization;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
using System;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
using System.Collections.Generic;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
using System.Net;
using System.Net.Http;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
using System.Text;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
using System.Threading.Tasks;
namespace Bit.Core.Services
{
api service interface
2019-04-12 05:57:05 +02:00
public class ApiService : IApiService
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
account apis
2019-04-10 21:35:23 +02:00
private readonly JsonSerializerSettings _jsonSettings = new JsonSerializerSettings
{
ContractResolver = new CamelCasePropertyNamesContractResolver()
};
action extension project
2019-06-27 02:28:23 +02:00
private readonly HttpClient _httpClient = new HttpClient();
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
private readonly ITokenService _tokenService;
private readonly IPlatformUtilsService _platformUtilsService;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
private readonly Func<bool, Task> _logoutCallbackAsync;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
public ApiService(
ITokenService tokenService,
auth apis and api helpers
2019-04-10 21:03:09 +02:00
IPlatformUtilsService platformUtilsService,
device user agent
2019-09-04 17:52:32 +02:00
Func<bool, Task> logoutCallbackAsync,
string customUserAgent = null)
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
_tokenService = tokenService;
_platformUtilsService = platformUtilsService;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
_logoutCallbackAsync = logoutCallbackAsync;
device type should be int
2019-09-05 03:08:08 +02:00
var device = (int)_platformUtilsService.GetDevice();
device user agent
2019-09-04 17:52:32 +02:00
_httpClient.DefaultRequestHeaders.Add("Device-Type", device.ToString());
Client & Version headers (#1757)
2022-02-08 17:43:40 +01:00
_httpClient.DefaultRequestHeaders.Add("Bitwarden-Client-Name", _platformUtilsService.GetClientType().GetString());
_httpClient.DefaultRequestHeaders.Add("Bitwarden-Client-Version", _platformUtilsService.GetApplicationVersion());
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (!string.IsNullOrWhiteSpace(customUserAgent))
device user agent
2019-09-04 17:52:32 +02:00
{
_httpClient.DefaultRequestHeaders.UserAgent.ParseAdd(customUserAgent);
}
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
}
public bool UrlsSet { get; private set; }
public string ApiBaseUrl { get; set; }
public string IdentityBaseUrl { get; set; }
events url
2019-06-25 22:36:21 +02:00
public string EventsBaseUrl { get; set; }
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
public void SetUrls(EnvironmentUrls urls)
{
UrlsSet = true;
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (!string.IsNullOrWhiteSpace(urls.Base))
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
ApiBaseUrl = urls.Base + "/api";
IdentityBaseUrl = urls.Base + "/identity";
events url
2019-06-25 22:36:21 +02:00
EventsBaseUrl = urls.Base + "/events";
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
return;
}
events url
2019-06-25 22:36:21 +02:00
ApiBaseUrl = urls.Api;
IdentityBaseUrl = urls.Identity;
EventsBaseUrl = urls.Events;
// Production
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (string.IsNullOrWhiteSpace(ApiBaseUrl))
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
events url
2019-06-25 22:36:21 +02:00
ApiBaseUrl = "https://api.bitwarden.com";
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (string.IsNullOrWhiteSpace(IdentityBaseUrl))
events url
2019-06-25 22:36:21 +02:00
{
IdentityBaseUrl = "https://identity.bitwarden.com";
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (string.IsNullOrWhiteSpace(EventsBaseUrl))
events url
2019-06-25 22:36:21 +02:00
{
EventsBaseUrl = "https://events.bitwarden.com";
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
}
}
#region Auth APIs
Feature/use hcaptcha if bot (#1476) * Add captcha to login models and methods * Add captcha web auth to login * Extract captcha to abstract base class * Add Captcha to register * Null out captcha token after each successful challenge * Cancel > close
2021-08-04 21:47:23 +02:00
public async Task<IdentityResponse> PostIdentityTokenAsync(TokenRequest request)
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
auth apis and api helpers
2019-04-10 21:03:09 +02:00
var requestMessage = new HttpRequestMessage
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
try setting http version 1.0
2019-11-05 15:14:55 +01:00
Version = new Version(1, 0),
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
RequestUri = new Uri(string.Concat(IdentityBaseUrl, "/connect/token")),
auth apis and api helpers
2019-04-10 21:03:09 +02:00
Method = HttpMethod.Post,
Client & Version headers (#1757)
2022-02-08 17:43:40 +01:00
Content = new FormUrlEncodedContent(request.ToIdentityToken(_platformUtilsService.GetClientType().GetString()))
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
};
auth apis and api helpers
2019-04-10 21:03:09 +02:00
requestMessage.Headers.Add("Accept", "application/json");
add `auth-email` header to auth request (#1414)
2021-05-28 20:06:42 +02:00
request.AlterIdentityTokenHeaders(requestMessage.Headers);
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
api error detection updates
2019-04-19 15:11:17 +02:00
HttpResponseMessage response;
try
{
response = await _httpClient.SendAsync(requestMessage);
}
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
catch (Exception e)
api error detection updates
2019-04-19 15:11:17 +02:00
{
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
throw new ApiException(HandleWebError(e));
api error detection updates
2019-04-19 15:11:17 +02:00
}
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
JObject responseJObject = null;
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (IsJsonResponse(response))
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
var responseJsonString = await response.Content.ReadAsStringAsync();
responseJObject = JObject.Parse(responseJsonString);
}
Feature/use hcaptcha if bot (#1476) * Add captcha to login models and methods * Add captcha web auth to login * Extract captcha to abstract base class * Add Captcha to register * Null out captcha token after each successful challenge * Cancel > close
2021-08-04 21:47:23 +02:00
var identityResponse = new IdentityResponse(response.StatusCode, responseJObject);
if (identityResponse.FailedToParse)
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
{
Feature/use hcaptcha if bot (#1476) * Add captcha to login models and methods * Add captcha web auth to login * Extract captcha to abstract base class * Add Captcha to register * Null out captcha token after each successful challenge * Cancel > close
2021-08-04 21:47:23 +02:00
throw new ApiException(new ErrorResponse(responseJObject, response.StatusCode, true));
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
}
Feature/use hcaptcha if bot (#1476) * Add captcha to login models and methods * Add captcha web auth to login * Extract captcha to abstract base class * Add Captcha to register * Null out captcha token after each successful challenge * Cancel > close
2021-08-04 21:47:23 +02:00
return identityResponse;
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
}
auth apis and api helpers
2019-04-10 21:03:09 +02:00
public async Task RefreshIdentityTokenAsync()
{
try
{
await DoRefreshTokenAsync();
}
catch
{
throw new ApiException();
}
}
#endregion
account apis
2019-04-10 21:35:23 +02:00
#region Account APIs
new api endpoints
2019-04-16 17:07:44 +02:00
public Task<ProfileResponse> GetProfileAsync()
account apis
2019-04-10 21:35:23 +02:00
{
new api endpoints
2019-04-16 17:07:44 +02:00
return SendAsync<object, ProfileResponse>(HttpMethod.Get, "/accounts/profile", null, true, true);
account apis
2019-04-10 21:35:23 +02:00
}
new api endpoints
2019-04-16 17:07:44 +02:00
public Task<PreloginResponse> PostPreloginAsync(PreloginRequest request)
account apis
2019-04-10 21:35:23 +02:00
{
new api endpoints
2019-04-16 17:07:44 +02:00
return SendAsync<PreloginRequest, PreloginResponse>(HttpMethod.Post, "/accounts/prelogin",
account apis
2019-04-10 21:35:23 +02:00
request, false, true);
}
new api endpoints
2019-04-16 17:07:44 +02:00
public Task<long> GetAccountRevisionDateAsync()
account apis
2019-04-10 21:35:23 +02:00
{
new api endpoints
2019-04-16 17:07:44 +02:00
return SendAsync<object, long>(HttpMethod.Get, "/accounts/revision-date", null, true, true);
account apis
2019-04-10 21:35:23 +02:00
}
new api endpoints
2019-04-16 17:07:44 +02:00
public Task PostPasswordHintAsync(PasswordHintRequest request)
account apis
2019-04-10 21:35:23 +02:00
{
new api endpoints
2019-04-16 17:07:44 +02:00
return SendAsync<PasswordHintRequest, object>(HttpMethod.Post, "/accounts/password-hint",
account apis
2019-04-10 21:35:23 +02:00
request, false, false);
}
Added SSO flows and functionality (#1047) * SSO login flow for pre-existing user and no 2FA * 2FA progress * 2FA support * Added SSO flows and functionality * Handle webauthenticator cancellation gracefully * updates & bugfixes * Added state validation to web auth response handling * SSO auth, account registration, and environment settings support for iOS extensions * Added SSO prevalidation to auth process * prevalidation now hitting identity service base url * additional error handling * Requested changes * fixed case
2020-09-03 18:30:40 +02:00
public Task SetPasswordAsync(SetPasswordRequest request)
{
return SendAsync<SetPasswordRequest, object>(HttpMethod.Post, "/accounts/set-password", request, true,
false);
}
new api endpoints
2019-04-16 17:07:44 +02:00
public Task PostRegisterAsync(RegisterRequest request)
account apis
2019-04-10 21:35:23 +02:00
{
new api endpoints
2019-04-16 17:07:44 +02:00
return SendAsync<RegisterRequest, object>(HttpMethod.Post, "/accounts/register", request, false, false);
account apis
2019-04-10 21:35:23 +02:00
}
new api endpoints
2019-04-16 17:07:44 +02:00
public Task PostAccountKeysAsync(KeysRequest request)
account apis
2019-04-10 21:35:23 +02:00
{
new api endpoints
2019-04-16 17:07:44 +02:00
return SendAsync<KeysRequest, object>(HttpMethod.Post, "/accounts/keys", request, true, false);
}
Added SSO flows and functionality (#1047) * SSO login flow for pre-existing user and no 2FA * 2FA progress * 2FA support * Added SSO flows and functionality * Handle webauthenticator cancellation gracefully * updates & bugfixes * Added state validation to web auth response handling * SSO auth, account registration, and environment settings support for iOS extensions * Added SSO prevalidation to auth process * prevalidation now hitting identity service base url * additional error handling * Requested changes * fixed case
2020-09-03 18:30:40 +02:00
public Task PostAccountVerifyPasswordAsync(PasswordVerificationRequest request)
{
return SendAsync<PasswordVerificationRequest, object>(HttpMethod.Post, "/accounts/verify-password", request,
true, false);
}
[Reset Password v1] Update Temp Password (#1492) * [Reset Password v1] Update Temp Password * fixed order of operations for reset temp password flow * Refactored bool with auth result * Finished removal of temp password flow from set password * iOS extension support plus extension bugfixes Co-authored-by: addison <addisonbeck1@gmail.com> Co-authored-by: Matt Portune <mportune@bitwarden.com>
2021-09-24 20:14:26 +02:00
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
public Task PostAccountRequestOTP()
{
Account Deletion on SSO with CME (#1721) * WIP Added Verification Code page and a verification flow helper to coordinate things * Improved Verification Code page verification flow helper and fix some issues, also added flag ApiService to choose whether to logout on Unanuthorized * Improved Verification Code page UI/UX verification flow helper and fix some issues and made some cleanups * Fix spelling
2022-01-24 17:25:46 +01:00
return SendAsync<object, object>(HttpMethod.Post, "/accounts/request-otp", null, true, false, false);
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
}
public Task PostAccountVerifyOTPAsync(VerifyOTPRequest request)
{
return SendAsync<VerifyOTPRequest, object>(HttpMethod.Post, "/accounts/verify-otp", request,
Account Deletion on SSO with CME (#1721) * WIP Added Verification Code page and a verification flow helper to coordinate things * Improved Verification Code page verification flow helper and fix some issues, also added flag ApiService to choose whether to logout on Unanuthorized * Improved Verification Code page UI/UX verification flow helper and fix some issues and made some cleanups * Fix spelling
2022-01-24 17:25:46 +01:00
true, false, false);
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
}
[Reset Password v1] Update Temp Password (#1492) * [Reset Password v1] Update Temp Password * fixed order of operations for reset temp password flow * Refactored bool with auth result * Finished removal of temp password flow from set password * iOS extension support plus extension bugfixes Co-authored-by: addison <addisonbeck1@gmail.com> Co-authored-by: Matt Portune <mportune@bitwarden.com>
2021-09-24 20:14:26 +02:00
public Task PutUpdateTempPasswordAsync(UpdateTempPasswordRequest request)
{
return SendAsync<UpdateTempPasswordRequest, object>(HttpMethod.Put, "/accounts/update-temp-password",
request, true, false);
}
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
Added account deletion feature on settings (#1621) * Added account deletion feature on settings * Disabled using Microsoft.AppCenter.Crashes for FDroid * Moved drawable on Android.csproj to be with the others Co-authored-by: Federico Maccaroni <fmaccaroni@bitwarden.com>
2021-11-24 20:09:39 +01:00
public Task DeleteAccountAsync(DeleteAccountRequest request)
{
return SendAsync<DeleteAccountRequest, object>(HttpMethod.Delete, "/accounts", request, true, false);
}
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
public Task PostConvertToKeyConnector()
{
return SendAsync<object, object>(HttpMethod.Post, "/accounts/convert-to-key-connector", null, true, false);
}
public Task PostSetKeyConnectorKey(SetKeyConnectorKeyRequest request)
{
return SendAsync<SetKeyConnectorKeyRequest>(HttpMethod.Post, "/accounts/set-key-connector-key", request, true);
}
new api endpoints
2019-04-16 17:07:44 +02:00
#endregion
#region Folder APIs
public Task<FolderResponse> GetFolderAsync(string id)
{
return SendAsync<object, FolderResponse>(HttpMethod.Get, string.Concat("/folders/", id),
null, true, true);
}
public Task<FolderResponse> PostFolderAsync(FolderRequest request)
{
return SendAsync<FolderRequest, FolderResponse>(HttpMethod.Post, "/folders", request, true, true);
}
public async Task<FolderResponse> PutFolderAsync(string id, FolderRequest request)
{
return await SendAsync<FolderRequest, FolderResponse>(HttpMethod.Put, string.Concat("/folders/", id),
request, true, true);
}
public Task DeleteFolderAsync(string id)
{
return SendAsync<object, object>(HttpMethod.Delete, string.Concat("/folders/", id), null, true, false);
}
#endregion
Port send jslib to mobile (#1219) * Expand Hkdf crypto functions * Add tests for hkdf crypto functions Took the testing infrastructure from bitwarden/server * Move Hkdf to cryptoFunctionService * Port changes from bitwarden/jslib#192 * Port changes from bitwarden/jslib#205 * Make Send Expiration Optional implement changes from bitwarden/jslib#242 * Bug fixes found by testing * Test helpers * Test conversion between model types * Test SendService These are mostly happy-path tests to ensure a reasonably correct implementation * Add run tests step to GitHub Actions * Test send decryption * Test Request generation from Send * Constructor dependencies on separate lines * Remove unused testing infrastructure * Rename to match class name * Move fat arrows to previous lines * Handle exceptions in App layer * PR review cleanups * Throw when attempting to save an unkown Send Type I think it's best to only throw on unknown send types here. I don't think we want to throw whenever we encounter one since that would do bad things like lock up Sync if clients get out of date relative to servers. Instead, keep the client from ruining saved data by complaining last minute that it doesn't know what it's doing.
2021-01-25 21:27:38 +01:00
#region Send APIs
public Task<SendResponse> GetSendAsync(string id) =>
SendAsync<object, SendResponse>(HttpMethod.Get, $"/sends/{id}", null, true, true);
public Task<SendResponse> PostSendAsync(SendRequest request) =>
SendAsync<SendRequest, SendResponse>(HttpMethod.Post, "/sends", request, true, true);
Send azure upload (#1334) * Add direct upload api endpoints * Create azure upload service * Update max file size * Update send file upload test * Move internationalization string to correct document * Allow for one shot blob uploads * Remove unused helper * Use FileUploadService Fallback to legacy method on old server implementations.
2021-03-29 16:45:04 +02:00
public Task<SendFileUploadDataResponse> PostFileTypeSendAsync(SendRequest request) =>
SendAsync<SendRequest, SendFileUploadDataResponse>(HttpMethod.Post, "/sends/file/v2", request, true, true);
public Task PostSendFileAsync(string sendId, string fileId, MultipartFormDataContent data) =>
SendAsync<MultipartFormDataContent, object>(HttpMethod.Post, $"/sends/{sendId}/file/{fileId}", data, true, false);
[Obsolete("Mar 25 2021: This method has been deprecated in favor of direct uploads. This method still exists for backward compatibility with old server versions.")]
Port send jslib to mobile (#1219) * Expand Hkdf crypto functions * Add tests for hkdf crypto functions Took the testing infrastructure from bitwarden/server * Move Hkdf to cryptoFunctionService * Port changes from bitwarden/jslib#192 * Port changes from bitwarden/jslib#205 * Make Send Expiration Optional implement changes from bitwarden/jslib#242 * Bug fixes found by testing * Test helpers * Test conversion between model types * Test SendService These are mostly happy-path tests to ensure a reasonably correct implementation * Add run tests step to GitHub Actions * Test send decryption * Test Request generation from Send * Constructor dependencies on separate lines * Remove unused testing infrastructure * Rename to match class name * Move fat arrows to previous lines * Handle exceptions in App layer * PR review cleanups * Throw when attempting to save an unkown Send Type I think it's best to only throw on unknown send types here. I don't think we want to throw whenever we encounter one since that would do bad things like lock up Sync if clients get out of date relative to servers. Instead, keep the client from ruining saved data by complaining last minute that it doesn't know what it's doing.
2021-01-25 21:27:38 +01:00
public Task<SendResponse> PostSendFileAsync(MultipartFormDataContent data) =>
SendAsync<MultipartFormDataContent, SendResponse>(HttpMethod.Post, "/sends/file", data, true, true);
Send azure upload (#1334) * Add direct upload api endpoints * Create azure upload service * Update max file size * Update send file upload test * Move internationalization string to correct document * Allow for one shot blob uploads * Remove unused helper * Use FileUploadService Fallback to legacy method on old server implementations.
2021-03-29 16:45:04 +02:00
public Task<SendFileUploadDataResponse> RenewFileUploadUrlAsync(string sendId, string fileId) =>
SendAsync<object, SendFileUploadDataResponse>(HttpMethod.Get, $"/sends/{sendId}/file/{fileId}", null, true, true);
Port send jslib to mobile (#1219) * Expand Hkdf crypto functions * Add tests for hkdf crypto functions Took the testing infrastructure from bitwarden/server * Move Hkdf to cryptoFunctionService * Port changes from bitwarden/jslib#192 * Port changes from bitwarden/jslib#205 * Make Send Expiration Optional implement changes from bitwarden/jslib#242 * Bug fixes found by testing * Test helpers * Test conversion between model types * Test SendService These are mostly happy-path tests to ensure a reasonably correct implementation * Add run tests step to GitHub Actions * Test send decryption * Test Request generation from Send * Constructor dependencies on separate lines * Remove unused testing infrastructure * Rename to match class name * Move fat arrows to previous lines * Handle exceptions in App layer * PR review cleanups * Throw when attempting to save an unkown Send Type I think it's best to only throw on unknown send types here. I don't think we want to throw whenever we encounter one since that would do bad things like lock up Sync if clients get out of date relative to servers. Instead, keep the client from ruining saved data by complaining last minute that it doesn't know what it's doing.
2021-01-25 21:27:38 +01:00
public Task<SendResponse> PutSendAsync(string id, SendRequest request) =>
SendAsync<SendRequest, SendResponse>(HttpMethod.Put, $"/sends/{id}", request, true, true);
public Task<SendResponse> PutSendRemovePasswordAsync(string id) =>
Send feature for mobile (#1256) * Send feature for mobile * added fallback for KdfIterations * additional property exclusions for tests * support encryptedFileData as byte array comparison in SendServiceTests * formatting * requested changes * additional changes * change position of send service registration to match declaration order
2021-02-11 01:50:10 +01:00
SendAsync<object, SendResponse>(HttpMethod.Put, $"/sends/{id}/remove-password", null, true, true);
Port send jslib to mobile (#1219) * Expand Hkdf crypto functions * Add tests for hkdf crypto functions Took the testing infrastructure from bitwarden/server * Move Hkdf to cryptoFunctionService * Port changes from bitwarden/jslib#192 * Port changes from bitwarden/jslib#205 * Make Send Expiration Optional implement changes from bitwarden/jslib#242 * Bug fixes found by testing * Test helpers * Test conversion between model types * Test SendService These are mostly happy-path tests to ensure a reasonably correct implementation * Add run tests step to GitHub Actions * Test send decryption * Test Request generation from Send * Constructor dependencies on separate lines * Remove unused testing infrastructure * Rename to match class name * Move fat arrows to previous lines * Handle exceptions in App layer * PR review cleanups * Throw when attempting to save an unkown Send Type I think it's best to only throw on unknown send types here. I don't think we want to throw whenever we encounter one since that would do bad things like lock up Sync if clients get out of date relative to servers. Instead, keep the client from ruining saved data by complaining last minute that it doesn't know what it's doing.
2021-01-25 21:27:38 +01:00
public Task DeleteSendAsync(string id) =>
SendAsync<object, object>(HttpMethod.Delete, $"/sends/{id}", null, true, false);
#endregion
new api endpoints
2019-04-16 17:07:44 +02:00
#region Cipher APIs
public Task<CipherResponse> GetCipherAsync(string id)
{
return SendAsync<object, CipherResponse>(HttpMethod.Get, string.Concat("/ciphers/", id),
null, true, true);
}
public Task<CipherResponse> PostCipherAsync(CipherRequest request)
{
return SendAsync<CipherRequest, CipherResponse>(HttpMethod.Post, "/ciphers", request, true, true);
}
public Task<CipherResponse> PostCipherCreateAsync(CipherCreateRequest request)
{
return SendAsync<CipherCreateRequest, CipherResponse>(HttpMethod.Post, "/ciphers/create",
request, true, true);
}
public Task<CipherResponse> PutCipherAsync(string id, CipherRequest request)
{
return SendAsync<CipherRequest, CipherResponse>(HttpMethod.Put, string.Concat("/ciphers/", id),
request, true, true);
}
public Task<CipherResponse> PutShareCipherAsync(string id, CipherShareRequest request)
{
return SendAsync<CipherShareRequest, CipherResponse>(HttpMethod.Put,
string.Concat("/ciphers/", id, "/share"), request, true, true);
}
public Task PutCipherCollectionsAsync(string id, CipherCollectionsRequest request)
{
return SendAsync<CipherCollectionsRequest, object>(HttpMethod.Put,
string.Concat("/ciphers/", id, "/collections"), request, true, false);
}
public Task DeleteCipherAsync(string id)
{
return SendAsync<object, object>(HttpMethod.Delete, string.Concat("/ciphers/", id), null, true, false);
}
Soft delete feature (#890) * [Soft Delete] Added trash folder to mobile (#856) * [Soft Delete] Added trash folder to mobile * [Soft Delete] - Revert send to trash label Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com> * [Soft Delete] - Fix for iOS autofill index behavior (#859) * [Soft Delete] Added trash folder to mobile * [Soft Delete] - Revert send to trash label * [Soft Delete] - iOS autofill index behavior fix Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com> Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com>
2020-05-20 19:35:20 +02:00
public Task PutDeleteCipherAsync(string id)
{
return SendAsync<object, object>(HttpMethod.Put, string.Concat("/ciphers/", id, "/delete"), null, true, false);
}
Update revision date from server on restore (#1211)
2021-01-08 15:53:45 +01:00
public Task<CipherResponse> PutRestoreCipherAsync(string id)
Soft delete feature (#890) * [Soft Delete] Added trash folder to mobile (#856) * [Soft Delete] Added trash folder to mobile * [Soft Delete] - Revert send to trash label Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com> * [Soft Delete] - Fix for iOS autofill index behavior (#859) * [Soft Delete] Added trash folder to mobile * [Soft Delete] - Revert send to trash label * [Soft Delete] - iOS autofill index behavior fix Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com> Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com>
2020-05-20 19:35:20 +02:00
{
Update revision date from server on restore (#1211)
2021-01-08 15:53:45 +01:00
return SendAsync<object, CipherResponse>(HttpMethod.Put, string.Concat("/ciphers/", id, "/restore"), null, true, true);
Soft delete feature (#890) * [Soft Delete] Added trash folder to mobile (#856) * [Soft Delete] Added trash folder to mobile * [Soft Delete] - Revert send to trash label Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com> * [Soft Delete] - Fix for iOS autofill index behavior (#859) * [Soft Delete] Added trash folder to mobile * [Soft Delete] - Revert send to trash label * [Soft Delete] - iOS autofill index behavior fix Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com> Co-authored-by: Chad Scharf <cscharf@users.noreply.github.com>
2020-05-20 19:35:20 +02:00
}
new api endpoints
2019-04-16 17:07:44 +02:00
#endregion
#region Attachments APIs
Attachment azure upload blobs (#1345) * Update Size limits * Add new Api paths for direct upload of Cipher Attachments * Add Attachment upload to fileUploadService * Save with direct upload and fallback to legacy uplaod CipherID is required for direct upload to request an upload URL * Inform on when to remove legacy code * Test Attachment upload
2021-03-31 01:42:43 +02:00
[Obsolete("Mar 25 2021: This method has been deprecated in favor of direct uploads. This method still exists for backward compatibility with old server versions.")]
public Task<CipherResponse> PostCipherAttachmentLegacyAsync(string id, MultipartFormDataContent data)
new apis
2019-04-16 23:21:04 +02:00
{
return SendAsync<MultipartFormDataContent, CipherResponse>(HttpMethod.Post,
string.Concat("/ciphers/", id, "/attachment"), data, true, true);
}
Attachment azure upload blobs (#1345) * Update Size limits * Add new Api paths for direct upload of Cipher Attachments * Add Attachment upload to fileUploadService * Save with direct upload and fallback to legacy uplaod CipherID is required for direct upload to request an upload URL * Inform on when to remove legacy code * Test Attachment upload
2021-03-31 01:42:43 +02:00
public Task<AttachmentUploadDataResponse> PostCipherAttachmentAsync(string id, AttachmentRequest request)
{
return SendAsync<AttachmentRequest, AttachmentUploadDataResponse>(HttpMethod.Post,
$"/ciphers/{id}/attachment/v2", request, true, true);
}
public Task<AttachmentResponse> GetAttachmentData(string cipherId, string attachmentId) =>
SendAsync<AttachmentResponse>(HttpMethod.Get, $"/ciphers/{cipherId}/attachment/{attachmentId}", true);
new api endpoints
2019-04-16 17:07:44 +02:00
public Task DeleteCipherAttachmentAsync(string id, string attachmentId)
{
Attachment azure upload blobs (#1345) * Update Size limits * Add new Api paths for direct upload of Cipher Attachments * Add Attachment upload to fileUploadService * Save with direct upload and fallback to legacy uplaod CipherID is required for direct upload to request an upload URL * Inform on when to remove legacy code * Test Attachment upload
2021-03-31 01:42:43 +02:00
return SendAsync(HttpMethod.Delete,
string.Concat("/ciphers/", id, "/attachment/", attachmentId), true);
new api endpoints
2019-04-16 17:07:44 +02:00
}
new apis
2019-04-16 23:21:04 +02:00
public Task PostShareCipherAttachmentAsync(string id, string attachmentId, MultipartFormDataContent data,
string organizationId)
{
return SendAsync<MultipartFormDataContent, object>(HttpMethod.Post,
string.Concat("/ciphers/", id, "/attachment/", attachmentId, "/share?organizationId=", organizationId),
data, true, false);
}
Attachment azure upload blobs (#1345) * Update Size limits * Add new Api paths for direct upload of Cipher Attachments * Add Attachment upload to fileUploadService * Save with direct upload and fallback to legacy uplaod CipherID is required for direct upload to request an upload URL * Inform on when to remove legacy code * Test Attachment upload
2021-03-31 01:42:43 +02:00
public Task<AttachmentUploadDataResponse> RenewAttachmentUploadUrlAsync(string cipherId, string attachmentId) =>
Move renew endpoint to fix overlapping endpoint issue (#1362)
2021-04-12 16:45:17 +02:00
SendAsync<AttachmentUploadDataResponse>(HttpMethod.Get, $"/ciphers/{cipherId}/attachment/{attachmentId}/renew", true);
Attachment azure upload blobs (#1345) * Update Size limits * Add new Api paths for direct upload of Cipher Attachments * Add Attachment upload to fileUploadService * Save with direct upload and fallback to legacy uplaod CipherID is required for direct upload to request an upload URL * Inform on when to remove legacy code * Test Attachment upload
2021-03-31 01:42:43 +02:00
public Task PostAttachmentFileAsync(string cipherId, string attachmentId, MultipartFormDataContent data) =>
SendAsync(HttpMethod.Post,
$"/ciphers/{cipherId}/attachment/{attachmentId}", data, true);
new api endpoints
2019-04-16 17:07:44 +02:00
#endregion
#region Sync APIs
sync service
2019-04-17 18:12:43 +02:00
public Task<SyncResponse> GetSyncAsync()
new api endpoints
2019-04-16 17:07:44 +02:00
{
return SendAsync<object, SyncResponse>(HttpMethod.Get, "/sync", null, true, true);
account apis
2019-04-10 21:35:23 +02:00
}
auth apis and api helpers
2019-04-10 21:03:09 +02:00
account apis
2019-04-10 21:35:23 +02:00
#endregion
auth apis and api helpers
2019-04-10 21:03:09 +02:00
stub our 2fa page backend
2019-05-27 16:28:38 +02:00
#region Two Factor APIs
public Task PostTwoFactorEmailAsync(TwoFactorEmailRequest request)
{
return SendAsync<TwoFactorEmailRequest, object>(
HttpMethod.Post, "/two-factor/send-email-login", request, false, false);
}
#endregion
push notification services
2019-05-28 18:01:55 +02:00
#region Device APIs
public Task PutDeviceTokenAsync(string identifier, DeviceTokenRequest request)
{
return SendAsync<DeviceTokenRequest, object>(
fix route for device token PUT
2019-05-28 22:20:24 +02:00
HttpMethod.Put, $"/devices/identifier/{identifier}/token", request, true, false);
push notification services
2019-05-28 18:01:55 +02:00
}
#endregion
events url
2019-06-25 22:36:21 +02:00
#region Event APIs
add event service
2019-07-11 15:30:25 +02:00
public async Task PostEventsCollectAsync(IEnumerable<EventRequest> request)
events url
2019-06-25 22:36:21 +02:00
{
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
using (var requestMessage = new HttpRequestMessage())
events url
2019-06-25 22:36:21 +02:00
{
try setting http version 1.0
2019-11-05 15:14:55 +01:00
requestMessage.Version = new Version(1, 0);
events url
2019-06-25 22:36:21 +02:00
requestMessage.Method = HttpMethod.Post;
requestMessage.RequestUri = new Uri(string.Concat(EventsBaseUrl, "/collect"));
var authHeader = await GetActiveBearerTokenAsync();
requestMessage.Headers.Add("Authorization", string.Concat("Bearer ", authHeader));
requestMessage.Content = new StringContent(JsonConvert.SerializeObject(request, _jsonSettings),
Encoding.UTF8, "application/json");
HttpResponseMessage response;
try
{
response = await _httpClient.SendAsync(requestMessage);
}
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
catch (Exception e)
events url
2019-06-25 22:36:21 +02:00
{
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
throw new ApiException(HandleWebError(e));
events url
2019-06-25 22:36:21 +02:00
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (!response.IsSuccessStatusCode)
events url
2019-06-25 22:36:21 +02:00
{
Port send jslib to mobile (#1219) * Expand Hkdf crypto functions * Add tests for hkdf crypto functions Took the testing infrastructure from bitwarden/server * Move Hkdf to cryptoFunctionService * Port changes from bitwarden/jslib#192 * Port changes from bitwarden/jslib#205 * Make Send Expiration Optional implement changes from bitwarden/jslib#242 * Bug fixes found by testing * Test helpers * Test conversion between model types * Test SendService These are mostly happy-path tests to ensure a reasonably correct implementation * Add run tests step to GitHub Actions * Test send decryption * Test Request generation from Send * Constructor dependencies on separate lines * Remove unused testing infrastructure * Rename to match class name * Move fat arrows to previous lines * Handle exceptions in App layer * PR review cleanups * Throw when attempting to save an unkown Send Type I think it's best to only throw on unknown send types here. I don't think we want to throw whenever we encounter one since that would do bad things like lock up Sync if clients get out of date relative to servers. Instead, keep the client from ruining saved data by complaining last minute that it doesn't know what it's doing.
2021-01-25 21:27:38 +01:00
var error = await HandleErrorAsync(response, false, false);
events url
2019-06-25 22:36:21 +02:00
throw new ApiException(error);
}
}
}
#endregion
audit service
2019-04-17 23:10:21 +02:00
#region HIBP APIs
public Task<List<BreachAccountResponse>> GetHibpBreachAsync(string username)
{
return SendAsync<object, List<BreachAccountResponse>>(HttpMethod.Get,
string.Concat("/hibp/breach?username=", username), null, true, true);
}
[SSO] Auto enroll during set password (#1520) * [SSO] Auto enroll during set password * Updated with requested changes
2021-09-08 19:43:24 +02:00
#endregion
#region Organizations APIs
public Task<OrganizationKeysResponse> GetOrganizationKeysAsync(string id)
{
return SendAsync<object, OrganizationKeysResponse>(HttpMethod.Get, $"/organizations/{id}/keys", null, true, true);
}
[SSO Auto Enroll] Auto Enroll status retrieval (#1540) * [SSO Auto Enroll] Auto Enroll status retrieval * Updated object property to match server
2021-09-15 19:27:27 +02:00
public Task<OrganizationAutoEnrollStatusResponse> GetOrganizationAutoEnrollStatusAsync(string identifier)
{
return SendAsync<object, OrganizationAutoEnrollStatusResponse>(HttpMethod.Get,
$"/organizations/{identifier}/auto-enroll-status", null, true, true);
}
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
public Task PostLeaveOrganization(string id)
{
return SendAsync<object, object>(HttpMethod.Post, $"/organizations/{id}/leave", null, true, false);
}
[SSO] Auto enroll during set password (#1520) * [SSO] Auto enroll during set password * Updated with requested changes
2021-09-08 19:43:24 +02:00
#endregion
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
[SSO] Auto enroll during set password (#1520) * [SSO] Auto enroll during set password * Updated with requested changes
2021-09-08 19:43:24 +02:00
#region Organization User APIs
public Task PutOrganizationUserResetPasswordEnrollmentAsync(string orgId, string userId,
OrganizationUserResetPasswordEnrollmentRequest request)
{
return SendAsync<OrganizationUserResetPasswordEnrollmentRequest, object>(HttpMethod.Put,
$"/organizations/{orgId}/users/{userId}/reset-password-enrollment", request, true, false);
}
[KeyConnector] Add support for key connector OTP (#1633) * initial commit - add UsesKeyConnector to UserService - add models - begin work on authentication * finish auth workflow for key connector sso login - finish api call for get user key - start api calls for posts to key connector * Bypass lock page if already unlocked * Move logic to KeyConnectorService, log out if no pin or biometric is set * Disable password reprompt when using key connector * hide password reprompt checkbox when editing or adding cipher * add PostUserKey and PostSetKeyConnector calls * add ConvertMasterPasswordPage * add functionality to RemoveMasterPasswordPage - rename Convert to Remove * Hide Change Master Password button if using key connector * Add OTP verification for export component * Update src/App/Pages/Vault/AddEditPage.xaml.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove toolbar item "close" * Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * remove new line in resource string - format warning as two labels - set label in code behind for loading simultaneously * implement GetAndSetKey in KeyConnectorService - ignore EnvironmentService call * remove unnecesary orgIdentifier * move RemoveMasterPasswordPage call to LockPage * add spacing to export vault page * log out if no PIN or bio on lock page with key connector * Delete excessive whitespace * Delete excessive whitespace * Change capitalisation of OTP * add default value to models for backwards compatibility * remove this keyword * actually handle exceptions * move RemoveMasterPasswordPage to TabPage using messaging service * add minor improvements * remove 'this.' Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2021-11-11 02:46:48 +01:00
#endregion
#region Key Connector
public async Task<KeyConnectorUserKeyResponse> GetUserKeyFromKeyConnector(string keyConnectorUrl)
{
using (var requestMessage = new HttpRequestMessage())
{
var authHeader = await GetActiveBearerTokenAsync();
requestMessage.Version = new Version(1, 0);
requestMessage.Method = HttpMethod.Get;
requestMessage.RequestUri = new Uri(string.Concat(keyConnectorUrl, "/user-keys"));
requestMessage.Headers.Add("Authorization", string.Concat("Bearer ", authHeader));
HttpResponseMessage response;
try
{
response = await _httpClient.SendAsync(requestMessage);
}
catch (Exception e)
{
throw new ApiException(HandleWebError(e));
}
if (!response.IsSuccessStatusCode)
{
var error = await HandleErrorAsync(response, false, true);
throw new ApiException(error);
}
var responseJsonString = await response.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<KeyConnectorUserKeyResponse>(responseJsonString);
}
}
public async Task PostUserKeyToKeyConnector(string keyConnectorUrl, KeyConnectorUserKeyRequest request)
{
using (var requestMessage = new HttpRequestMessage())
{
var authHeader = await GetActiveBearerTokenAsync();
requestMessage.Version = new Version(1, 0);
requestMessage.Method = HttpMethod.Post;
requestMessage.RequestUri = new Uri(string.Concat(keyConnectorUrl, "/user-keys"));
requestMessage.Headers.Add("Authorization", string.Concat("Bearer ", authHeader));
requestMessage.Content = new StringContent(JsonConvert.SerializeObject(request, _jsonSettings),
Encoding.UTF8, "application/json");
HttpResponseMessage response;
try
{
response = await _httpClient.SendAsync(requestMessage);
}
catch (Exception e)
{
throw new ApiException(HandleWebError(e));
}
if (!response.IsSuccessStatusCode)
{
var error = await HandleErrorAsync(response, false, true);
throw new ApiException(error);
}
}
}
audit service
2019-04-17 23:10:21 +02:00
#endregion
auth apis and api helpers
2019-04-10 21:03:09 +02:00
#region Helpers
public async Task<string> GetActiveBearerTokenAsync()
{
var accessToken = await _tokenService.GetTokenAsync();
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (_tokenService.TokenNeedsRefresh())
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
var tokenResponse = await DoRefreshTokenAsync();
accessToken = tokenResponse.AccessToken;
}
return accessToken;
}
Added SSO flows and functionality (#1047) * SSO login flow for pre-existing user and no 2FA * 2FA progress * 2FA support * Added SSO flows and functionality * Handle webauthenticator cancellation gracefully * updates & bugfixes * Added state validation to web auth response handling * SSO auth, account registration, and environment settings support for iOS extensions * Added SSO prevalidation to auth process * prevalidation now hitting identity service base url * additional error handling * Requested changes * fixed case
2020-09-03 18:30:40 +02:00
public async Task<object> PreValidateSso(string identifier)
{
var path = "/account/prevalidate?domainHint=" + WebUtility.UrlEncode(identifier);
using (var requestMessage = new HttpRequestMessage())
{
requestMessage.Version = new Version(1, 0);
requestMessage.Method = HttpMethod.Get;
requestMessage.RequestUri = new Uri(string.Concat(IdentityBaseUrl, path));
requestMessage.Headers.Add("Accept", "application/json");
HttpResponseMessage response;
try
{
response = await _httpClient.SendAsync(requestMessage);
}
catch (Exception e)
{
throw new ApiException(HandleWebError(e));
}
if (!response.IsSuccessStatusCode)
{
Port send jslib to mobile (#1219) * Expand Hkdf crypto functions * Add tests for hkdf crypto functions Took the testing infrastructure from bitwarden/server * Move Hkdf to cryptoFunctionService * Port changes from bitwarden/jslib#192 * Port changes from bitwarden/jslib#205 * Make Send Expiration Optional implement changes from bitwarden/jslib#242 * Bug fixes found by testing * Test helpers * Test conversion between model types * Test SendService These are mostly happy-path tests to ensure a reasonably correct implementation * Add run tests step to GitHub Actions * Test send decryption * Test Request generation from Send * Constructor dependencies on separate lines * Remove unused testing infrastructure * Rename to match class name * Move fat arrows to previous lines * Handle exceptions in App layer * PR review cleanups * Throw when attempting to save an unkown Send Type I think it's best to only throw on unknown send types here. I don't think we want to throw whenever we encounter one since that would do bad things like lock up Sync if clients get out of date relative to servers. Instead, keep the client from ruining saved data by complaining last minute that it doesn't know what it's doing.
2021-01-25 21:27:38 +01:00
var error = await HandleErrorAsync(response, false, true);
Added SSO flows and functionality (#1047) * SSO login flow for pre-existing user and no 2FA * 2FA progress * 2FA support * Added SSO flows and functionality * Handle webauthenticator cancellation gracefully * updates & bugfixes * Added state validation to web auth response handling * SSO auth, account registration, and environment settings support for iOS extensions * Added SSO prevalidation to auth process * prevalidation now hitting identity service base url * additional error handling * Requested changes * fixed case
2020-09-03 18:30:40 +02:00
throw new ApiException(error);
}
return null;
}
}
Attachment azure upload blobs (#1345) * Update Size limits * Add new Api paths for direct upload of Cipher Attachments * Add Attachment upload to fileUploadService * Save with direct upload and fallback to legacy uplaod CipherID is required for direct upload to request an upload URL * Inform on when to remove legacy code * Test Attachment upload
2021-03-31 01:42:43 +02:00
public Task SendAsync(HttpMethod method, string path, bool authed) =>
SendAsync<object, object>(method, path, null, authed, false);
public Task SendAsync<TRequest>(HttpMethod method, string path, TRequest body, bool authed) =>
SendAsync<TRequest, object>(method, path, body, authed, false);
public Task<TResponse> SendAsync<TResponse>(HttpMethod method, string path, bool authed) =>
SendAsync<object, TResponse>(method, path, null, authed, true);
auth apis and api helpers
2019-04-10 21:03:09 +02:00
public async Task<TResponse> SendAsync<TRequest, TResponse>(HttpMethod method, string path, TRequest body,
Account Deletion on SSO with CME (#1721) * WIP Added Verification Code page and a verification flow helper to coordinate things * Improved Verification Code page verification flow helper and fix some issues, also added flag ApiService to choose whether to logout on Unanuthorized * Improved Verification Code page UI/UX verification flow helper and fix some issues and made some cleanups * Fix spelling
2022-01-24 17:25:46 +01:00
bool authed, bool hasResponse, bool logoutOnUnauthorized = true)
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
using (var requestMessage = new HttpRequestMessage())
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
try setting http version 1.0
2019-11-05 15:14:55 +01:00
requestMessage.Version = new Version(1, 0);
new apis
2019-04-16 23:21:04 +02:00
requestMessage.Method = method;
requestMessage.RequestUri = new Uri(string.Concat(ApiBaseUrl, path));
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (body != null)
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
new apis
2019-04-16 23:21:04 +02:00
var bodyType = body.GetType();
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (bodyType == typeof(string))
new apis
2019-04-16 23:21:04 +02:00
{
requestMessage.Content = new StringContent((object)bodyType as string, Encoding.UTF8,
"application/x-www-form-urlencoded; charset=utf-8");
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
else if (bodyType == typeof(MultipartFormDataContent))
new apis
2019-04-16 23:21:04 +02:00
{
requestMessage.Content = body as MultipartFormDataContent;
}
else
{
requestMessage.Content = new StringContent(JsonConvert.SerializeObject(body, _jsonSettings),
Encoding.UTF8, "application/json");
}
auth apis and api helpers
2019-04-10 21:03:09 +02:00
}
new apis
2019-04-16 23:21:04 +02:00
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (authed)
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
new apis
2019-04-16 23:21:04 +02:00
var authHeader = await GetActiveBearerTokenAsync();
requestMessage.Headers.Add("Authorization", string.Concat("Bearer ", authHeader));
auth apis and api helpers
2019-04-10 21:03:09 +02:00
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (hasResponse)
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
new apis
2019-04-16 23:21:04 +02:00
requestMessage.Headers.Add("Accept", "application/json");
auth apis and api helpers
2019-04-10 21:03:09 +02:00
}
api error detection updates
2019-04-19 15:11:17 +02:00
HttpResponseMessage response;
try
{
response = await _httpClient.SendAsync(requestMessage);
}
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
catch (Exception e)
api error detection updates
2019-04-19 15:11:17 +02:00
{
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
throw new ApiException(HandleWebError(e));
api error detection updates
2019-04-19 15:11:17 +02:00
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (hasResponse && response.IsSuccessStatusCode)
new apis
2019-04-16 23:21:04 +02:00
{
var responseJsonString = await response.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<TResponse>(responseJsonString);
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
else if (!response.IsSuccessStatusCode)
new apis
2019-04-16 23:21:04 +02:00
{
Account Deletion on SSO with CME (#1721) * WIP Added Verification Code page and a verification flow helper to coordinate things * Improved Verification Code page verification flow helper and fix some issues, also added flag ApiService to choose whether to logout on Unanuthorized * Improved Verification Code page UI/UX verification flow helper and fix some issues and made some cleanups * Fix spelling
2022-01-24 17:25:46 +01:00
var error = await HandleErrorAsync(response, false, authed, logoutOnUnauthorized);
new apis
2019-04-16 23:21:04 +02:00
throw new ApiException(error);
}
return (TResponse)(object)null;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
}
}
public async Task<IdentityTokenResponse> DoRefreshTokenAsync()
{
var refreshToken = await _tokenService.GetRefreshTokenAsync();
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (string.IsNullOrWhiteSpace(refreshToken))
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
throw new ApiException();
}
var decodedToken = _tokenService.DecodeToken();
var requestMessage = new HttpRequestMessage
{
try setting http version 1.0
2019-11-05 15:14:55 +01:00
Version = new Version(1, 0),
auth apis and api helpers
2019-04-10 21:03:09 +02:00
RequestUri = new Uri(string.Concat(IdentityBaseUrl, "/connect/token")),
Method = HttpMethod.Post,
Content = new FormUrlEncodedContent(new Dictionary<string, string>
{
["grant_type"] = "refresh_token",
["client_id"] = decodedToken.GetValue("client_id")?.Value<string>(),
["refresh_token"] = refreshToken
})
};
requestMessage.Headers.Add("Accept", "application/json");
api error detection updates
2019-04-19 15:11:17 +02:00
HttpResponseMessage response;
try
{
response = await _httpClient.SendAsync(requestMessage);
}
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
catch (Exception e)
api error detection updates
2019-04-19 15:11:17 +02:00
{
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
throw new ApiException(HandleWebError(e));
api error detection updates
2019-04-19 15:11:17 +02:00
}
Changed all C# control flow block statements to include space between keyword and open paren (#800)
2020-03-28 14:16:28 +01:00
if (response.IsSuccessStatusCode)
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
var responseJsonString = await response.Content.ReadAsStringAsync();
var tokenResponse = JsonConvert.DeserializeObject<IdentityTokenResponse>(responseJsonString);
await _tokenService.SetTokensAsync(tokenResponse.AccessToken, tokenResponse.RefreshToken);
return tokenResponse;
}
else
{
Port send jslib to mobile (#1219) * Expand Hkdf crypto functions * Add tests for hkdf crypto functions Took the testing infrastructure from bitwarden/server * Move Hkdf to cryptoFunctionService * Port changes from bitwarden/jslib#192 * Port changes from bitwarden/jslib#205 * Make Send Expiration Optional implement changes from bitwarden/jslib#242 * Bug fixes found by testing * Test helpers * Test conversion between model types * Test SendService These are mostly happy-path tests to ensure a reasonably correct implementation * Add run tests step to GitHub Actions * Test send decryption * Test Request generation from Send * Constructor dependencies on separate lines * Remove unused testing infrastructure * Rename to match class name * Move fat arrows to previous lines * Handle exceptions in App layer * PR review cleanups * Throw when attempting to save an unkown Send Type I think it's best to only throw on unknown send types here. I don't think we want to throw whenever we encounter one since that would do bad things like lock up Sync if clients get out of date relative to servers. Instead, keep the client from ruining saved data by complaining last minute that it doesn't know what it's doing.
2021-01-25 21:27:38 +01:00
var error = await HandleErrorAsync(response, true, true);
auth apis and api helpers
2019-04-10 21:03:09 +02:00
throw new ApiException(error);
}
}
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
private ErrorResponse HandleWebError(Exception e)
api error detection updates
2019-04-19 15:11:17 +02:00
{
return new ErrorResponse
{
StatusCode = HttpStatusCode.BadGateway,
Show exception message from Api errors
2019-11-15 14:55:22 +01:00
Message = "Exception message: " + e.Message
api error detection updates
2019-04-19 15:11:17 +02:00
};
}
Account Deletion on SSO with CME (#1721) * WIP Added Verification Code page and a verification flow helper to coordinate things * Improved Verification Code page verification flow helper and fix some issues, also added flag ApiService to choose whether to logout on Unanuthorized * Improved Verification Code page UI/UX verification flow helper and fix some issues and made some cleanups * Fix spelling
2022-01-24 17:25:46 +01:00
private async Task<ErrorResponse> HandleErrorAsync(HttpResponseMessage response, bool tokenError,
bool authed, bool logoutOnUnauthorized = true)
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
Account Deletion on SSO with CME (#1721) * WIP Added Verification Code page and a verification flow helper to coordinate things * Improved Verification Code page verification flow helper and fix some issues, also added flag ApiService to choose whether to logout on Unanuthorized * Improved Verification Code page UI/UX verification flow helper and fix some issues and made some cleanups * Fix spelling
2022-01-24 17:25:46 +01:00
if (authed
&&
(
(tokenError && response.StatusCode == HttpStatusCode.BadRequest)
||
(logoutOnUnauthorized && response.StatusCode == HttpStatusCode.Unauthorized)
||
response.StatusCode == HttpStatusCode.Forbidden
))
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
await _logoutCallbackAsync(true);
return null;
}
Added SSO flows and functionality (#1047) * SSO login flow for pre-existing user and no 2FA * 2FA progress * 2FA support * Added SSO flows and functionality * Handle webauthenticator cancellation gracefully * updates & bugfixes * Added state validation to web auth response handling * SSO auth, account registration, and environment settings support for iOS extensions * Added SSO prevalidation to auth process * prevalidation now hitting identity service base url * additional error handling * Requested changes * fixed case
2020-09-03 18:30:40 +02:00
try
auth apis and api helpers
2019-04-10 21:03:09 +02:00
{
Added SSO flows and functionality (#1047) * SSO login flow for pre-existing user and no 2FA * 2FA progress * 2FA support * Added SSO flows and functionality * Handle webauthenticator cancellation gracefully * updates & bugfixes * Added state validation to web auth response handling * SSO auth, account registration, and environment settings support for iOS extensions * Added SSO prevalidation to auth process * prevalidation now hitting identity service base url * additional error handling * Requested changes * fixed case
2020-09-03 18:30:40 +02:00
JObject responseJObject = null;
if (IsJsonResponse(response))
{
var responseJsonString = await response.Content.ReadAsStringAsync();
responseJObject = JObject.Parse(responseJsonString);
}
return new ErrorResponse(responseJObject, response.StatusCode, tokenError);
}
catch
{
return null;
auth apis and api helpers
2019-04-10 21:03:09 +02:00
}
}
private bool IsJsonResponse(HttpResponseMessage response)
{
api error detection updates
2019-04-19 15:11:17 +02:00
return (response.Content?.Headers?.ContentType?.MediaType ?? string.Empty) == "application/json";
auth apis and api helpers
2019-04-10 21:03:09 +02:00
}
stub out beginnings of apiservice
2019-04-10 16:49:24 +02:00
#endregion
}
}
Reference in New Issue Copy Permalink