bitwarden-server/src/Admin/Startup.cs

using System.Globalization;
using Bit.Core.Context;
using Bit.Core.Identity;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Bit.SharedWeb.Utilities;
using Microsoft.AspNetCore.Identity;
using Stripe;

#if !OSS
using Bit.CommCore.Utilities;
#endif

namespace Bit.Admin
{
    public class Startup
    {
        public Startup(IWebHostEnvironment env, IConfiguration configuration)
        {
            CultureInfo.DefaultThreadCurrentCulture = new CultureInfo("en-US");
            Configuration = configuration;
            Environment = env;
        }

        public IConfiguration Configuration { get; private set; }
        public IWebHostEnvironment Environment { get; set; }

        public void ConfigureServices(IServiceCollection services)
        {
            // Options
            services.AddOptions();

            // Settings
            var globalSettings = services.AddGlobalSettingsServices(Configuration, Environment);
            services.Configure<AdminSettings>(Configuration.GetSection("AdminSettings"));

            // Data Protection
            services.AddCustomDataProtectionServices(Environment, globalSettings);

            // Stripe Billing
            StripeConfiguration.ApiKey = globalSettings.Stripe.ApiKey;
            StripeConfiguration.MaxNetworkRetries = globalSettings.Stripe.MaxNetworkRetries;

            // Repositories
            services.AddSqlServerRepositories(globalSettings);

            // Context
            services.AddScoped<ICurrentContext, CurrentContext>();

            // Identity
            services.AddPasswordlessIdentityServices<ReadOnlyEnvIdentityUserStore>(globalSettings);
            services.Configure<SecurityStampValidatorOptions>(options =>
            {
                options.ValidationInterval = TimeSpan.FromMinutes(5);
            });
            if (globalSettings.SelfHosted)
            {
                services.ConfigureApplicationCookie(options =>
                {
                    options.Cookie.Path = "/admin";
                });
            }

            // Services
            services.AddBaseServices(globalSettings);
            services.AddDefaultServices(globalSettings);

#if OSS
                services.AddOosServices();
#else
            services.AddCommCoreServices();
#endif

            // Mvc
            services.AddMvc(config =>
            {
                config.Filters.Add(new LoggingExceptionHandlerFilterAttribute());
            });
            services.Configure<RouteOptions>(options => options.LowercaseUrls = true);

            // Jobs service
            Jobs.JobsHostedService.AddJobsServices(services, globalSettings.SelfHosted);
            services.AddHostedService<Jobs.JobsHostedService>();
            if (globalSettings.SelfHosted)
            {
                services.AddHostedService<HostedServices.DatabaseMigrationHostedService>();
            }
            else
            {
                if (CoreHelpers.SettingHasValue(globalSettings.Storage.ConnectionString))
                {
                    services.AddHostedService<HostedServices.AzureQueueBlockIpHostedService>();
                }
                else if (CoreHelpers.SettingHasValue(globalSettings.Amazon?.AccessKeySecret))
                {
                    services.AddHostedService<HostedServices.AmazonSqsBlockIpHostedService>();
                }
                if (CoreHelpers.SettingHasValue(globalSettings.Mail.ConnectionString))
                {
                    services.AddHostedService<HostedServices.AzureQueueMailHostedService>();
                }
            }
        }

        public void Configure(
            IApplicationBuilder app,
            IWebHostEnvironment env,
            IHostApplicationLifetime appLifetime,
            GlobalSettings globalSettings)
        {
            app.UseSerilog(env, appLifetime, globalSettings);

            // Add general security headers
            app.UseMiddleware<SecurityHeadersMiddleware>();

            if (globalSettings.SelfHosted)
            {
                app.UsePathBase("/admin");
                app.UseForwardedHeaders(globalSettings);
            }

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/error");
            }

            app.UseStaticFiles();
            app.UseRouting();
            app.UseAuthentication();
            app.UseAuthorization();
            app.UseEndpoints(endpoints => endpoints.MapDefaultControllerRoute());
        }
    }
}
-												Turn On `ImplicitUsings` (#2079)

* Turn on ImplicitUsings

* Fix formatting

* Run linter
											
										
										
											2022-06-30 01:46:41 +02:00
+								using System.Globalization;
-												Add disable send policy (#1130)

* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
											
										
										
											2021-02-04 19:54:21 +01:00
+								using Bit.Core.Context;
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								using Bit.Core.Identity;
-												Use sas token for attachment downloads (#1153)

* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
											
										
										
											2021-02-22 22:35:16 +01:00
+								using Bit.Core.Settings;
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								using Bit.Core.Utilities;
-												Split out repositories to Infrastructure.Dapper / EntityFramework (#1759)


											
										
										
											2022-01-11 10:40:51 +01:00
+								using Bit.SharedWeb.Utilities;
-												security stamp validation for passwordless login

											
										
										
											2019-01-17 22:07:24 +01:00
+								using Microsoft.AspNetCore.Identity;
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								using Stripe;
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
-												[Provider] Setup provider (#1378)


											
										
										
											2021-06-30 09:35:26 +02:00
+								#if !OSS
 								using Bit.CommCore.Utilities;
 								#endif
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								namespace Bit.Admin
 								{
 								    public class Startup
 								    {
-												upgrade to aspnet core 3.1

											
										
										
											2020-01-10 14:33:13 +01:00
+								        public Startup(IWebHostEnvironment env, IConfiguration configuration)
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								        {
-												set en-US as default current culture

											
										
										
											2019-07-11 21:03:17 +02:00
+								            CultureInfo.DefaultThreadCurrentCulture = new CultureInfo("en-US");
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								            Configuration = configuration;
-												chown nginx logs and data protect admin

											
										
										
											2018-03-28 03:37:35 +02:00
+								            Environment = env;
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								        }
-												chown nginx logs and data protect admin

											
										
										
											2018-03-28 03:37:35 +02:00
+								        public IConfiguration Configuration { get; private set; }
-												upgrade to aspnet core 3.1

											
										
										
											2020-01-10 14:33:13 +01:00
+								        public IWebHostEnvironment Environment { get; set; }
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
 								        public void ConfigureServices(IServiceCollection services)
 								        {
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								            // Options
 								            services.AddOptions();
 								            // Settings
-												Feature/self hosted development (#1921)

* Add self-host option to migration runner

* Add Self-host launch options

* Add self-hosted settings override

Let's a single secrets/env config file control both
cloud and self-hosted settings by allowing
overrides to cloud settings with self-hosted

* Allow dev-signed licenses on dev self-hosted

* Allow setting bitwarden cloud api url

Useful for testing api integration between installations and cloud

* Remove testing echoes

* Remove run config property groups

* Use `getopts` for options

* Pass in full environment
											
										
										
											2022-03-21 23:13:00 +01:00
+								            var globalSettings = services.AddGlobalSettingsServices(Configuration, Environment);
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								            services.Configure<AdminSettings>(Configuration.GetSection("AdminSettings"));
-												chown nginx logs and data protect admin

											
										
										
											2018-03-28 03:37:35 +02:00
+								            // Data Protection
 								            services.AddCustomDataProtectionServices(Environment, globalSettings);
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								            // Stripe Billing
-												Fix Stripe object lock timeouts (#1735)

* Fix Stripe object lock timeouts

* Move stripe config into globalSetting.stripe
* add MaxNetworkRetries config option with smart defaults

* Rename stripeApiKey to apiKey
											
										
										
											2021-11-29 01:01:51 +01:00
+								            StripeConfiguration.ApiKey = globalSettings.Stripe.ApiKey;
 								            StripeConfiguration.MaxNetworkRetries = globalSettings.Stripe.MaxNetworkRetries;
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
 								            // Repositories
 								            services.AddSqlServerRepositories(globalSettings);
 								            // Context
-												Add disable send policy (#1130)

* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
											
										
										
											2021-02-04 19:54:21 +01:00
+								            services.AddScoped<ICurrentContext, CurrentContext>();
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
 								            // Identity
 								            services.AddPasswordlessIdentityServices<ReadOnlyEnvIdentityUserStore>(globalSettings);
-												security stamp validation for passwordless login

											
										
										
											2019-01-17 22:07:24 +01:00
+								            services.Configure<SecurityStampValidatorOptions>(options =>
 								            {
 								                options.ValidationInterval = TimeSpan.FromMinutes(5);
 								            });
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 19:36:37 +01:00
+								            if (globalSettings.SelfHosted)
-												success/error messages for admin

											
										
										
											2018-03-28 16:38:01 +02:00
+								            {
 								                services.ConfigureApplicationCookie(options =>
 								                {
 								                    options.Cookie.Path = "/admin";
 								                });
 								            }
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
 								            // Services
-												Feature/self hosted families for enterprise (#1991)

* Families for enterprise/split up organization sponsorship service (#1829)

* Split OrganizationSponsorshipService into commands

* Use tokenable for token validation

* Use interfaces to set up for DI

* Use commands over services

* Move service tests to command tests

* Value types can't be null

* Run dotnet format

* Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs

Co-authored-by: Justin Baur <admin@justinbaur.com>

* Fix controller tests

Co-authored-by: Justin Baur <admin@justinbaur.com>

* Families for enterprise/split up organization sponsorship service (#1875)

* Split OrganizationSponsorshipService into commands

* Use tokenable for token validation

* Use interfaces to set up for DI

* Use commands over services

* Move service tests to command tests

* Value types can't be null

* Run dotnet format

* Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs

Co-authored-by: Justin Baur <admin@justinbaur.com>

* Fix controller tests

* Split create and send sponsorships

* Split up create sponsorship

* Add self hosted commands to dependency injection

* Add field to store cloud billing sync key on self host instances

* Fix typo

* Fix data protector purpose of sponsorship offers

* Split cloud and selfhosted sponsorship offer tokenable

* Generate offer from self hosted with all necessary auth data

* Add Required properties to constructor

* Split up cancel sponsorship command

* Split revoke sponsorship command between cloud and self hosted

* Fix/f4e multiple sponsorships (#1838)

* Use sponosorship from validate to redeem

* Update tests

* Format

* Remove sponsorship service

* Run dotnet format

* Fix self hosted only controller attribute

* Clean up file structure and fixes

* Remove unneeded tokenables

* Remove obsolete commands

* Do not require file/class prefix if unnecessary

* Update Organizaiton sprocs

* Remove unnecessary models

* Fix tests

* Generalize LicenseService path calculation

Use async file read and deserialization

* Use interfaces for testability

* Remove unused usings

* Correct test direction

* Test license reading

* remove unused usings

* Format

Co-authored-by: Justin Baur <admin@justinbaur.com>

* Improve DataProtectorTokenFactory test coverage (#1884)

* Add encstring to server

* Test factory

Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com>

* Format

* Remove SymmetricKeyProtectedString

Not needed

* Set ForcInvalid

Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com>

* Feature/self f4e/api keys (#1896)

* Add in ApiKey

* Work on API Key table

* Work on apikey table

* Fix response model

* Work on information for UI

* Work on last sync date

* Work on sync status

* Work on auth

* Work on tokenable

* Work on merge

* Add custom requirement

* Add policy

* Run formatting

* Work on EF Migrations

* Work on OrganizationConnection

* Work on database

* Work on additional database table

* Run formatting

* Small fixes

* More cleanup

* Cleanup

* Add RevisionDate

* Add GO

* Finish Sql project

* Add newlines

* Fix stored proc file

* Fix sqlproj

* Add newlines

* Fix table

* Add navigation property

* Delete Connections when organization is deleted

* Add connection validation

* Start adding ID column

* Work on ID column

* Work on SQL migration

* Work on migrations

* Run formatting

* Fix test build

* Fix sprocs

* Work on migrations

* Fix Create table

* Fix sproc

* Add prints to migration

* Add default value

* Update EF migrations

* Formatting

* Add to integration tests

* Minor fixes

* Formatting

* Cleanup

* Address PR feedback

* Address more PR feedback

* Fix formatting

* Fix formatting

* Fix

* Address PR feedback

* Remove accidential change

* Fix SQL build

* Run formatting

* Address PR feedback

* Add sync data to OrganizationUserOrgDetails

* Add comments

* Remove OrganizationConnectionService interface

* Remove unused using

* Address PR feedback

* Formatting

* Minor fix

* Feature/self f4e/update db (#1930)

* Fix migration

* Fix TimesRenewed

* Add comments

* Make two properties non-nullable

* Remove need for SponsoredOrg on SH (#1934)

* Remove need for SponsoredOrg on SH

* Add Family prefix

* Add check for enterprise org on BillingSync key (#1936)

* [PS-10] Feature/sponsorships removed at end of term (#1938)

* Rename commands to min unique names

* Inject revoke command based on self hosting

* WIP: Remove/Revoke marks to delete

* Complete WIP

* Improve remove/revoke tests

* PR review

* Fail validation if sponsorship has failed to sync for 6 months

* Feature/do not accept old self host sponsorships (#1939)

* Do not accept >6mo old self-hosted sponsorships

* Give disabled grace period of 3 months

* Fix issues of Sql.proj differing from migration outcome (#1942)

* Fix issues of Sql.proj differing from migration outcome

* Yoink int tests

* Add missing assert helpers

* Feature/org sponsorship sync (#1922)

* Self-hosted side sync first pass

TODO:
* flush out org sponsorship model
* implement cloud side
* process cloud-side response and update self-hosted records

* sync scaffolding second pass

* remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship

* allow authenticated http calls from server to return a result

* update models

* add logic for sync and change offer email template

* add billing sync key and hide CreateSponsorship without user

* fix tests

* add job scheduling

* add authorize attributes to endpoints

* separate models into data/model and request/response

* batch sync more, add EnableCloudCommunication for testing

* send emails in bulk

* make userId and sponsorshipType non nullable

* batch more on self hosted side of sync

* remove TODOs and formatting

* changed logic of cloud sync

* let BaseIdentityClientService handle all logging

* call sync from scheduled job on self host

* create bulk db operations for OrganizationSponsorships

* remove SponsoredOrgId from sync, return default from server http call

* validate BillingSyncKey during sync

revert changes to CreateSponsorshipCommand

* revert changes to ICreateSponsorshipCommand

* add some tests

* add DeleteExpiredSponsorshipsJob

* add cloud sync test

* remove extra method

* formatting

* prevent new sponsorships from disabled orgs

* update packages

* - pulled out send sponsorship command dependency from sync on cloud
- don't throw error when sponsorships are empty
- formatting

* formatting models

* more formatting

* remove licensingService dependency from selfhosted sync

* use installation urls and formatting

* create constructor for RequestModel and formatting

* add date parameter to OrganizationSponsorship_DeleteExpired

* add new migration

* formatting

* rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel

* prevent whole sync from failing if one sponsorship type is unsupported

* deserialize config and billingsynckey from org connection

* alter log message when sync disabled

* Add grace period to disabled orgs

* return early on self hosted if there are no sponsorships in database

* rename BillingSyncConfig

* send sponsorship offers from controller

* allow config to be a null object

* better exception handling in sync scheduler

* add ef migrations

* formatting

* fix tests

* fix validate test

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Fix OrganizationApiKey issues (#1941)

Co-authored-by: Justin Baur <admin@justinbaur.com>

* Feature/org sponsorship self hosted tests (#1947)

* Self-hosted side sync first pass

TODO:
* flush out org sponsorship model
* implement cloud side
* process cloud-side response and update self-hosted records

* sync scaffolding second pass

* remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship

* allow authenticated http calls from server to return a result

* update models

* add logic for sync and change offer email template

* add billing sync key and hide CreateSponsorship without user

* fix tests

* add job scheduling

* add authorize attributes to endpoints

* separate models into data/model and request/response

* batch sync more, add EnableCloudCommunication for testing

* send emails in bulk

* make userId and sponsorshipType non nullable

* batch more on self hosted side of sync

* remove TODOs and formatting

* changed logic of cloud sync

* let BaseIdentityClientService handle all logging

* call sync from scheduled job on self host

* create bulk db operations for OrganizationSponsorships

* remove SponsoredOrgId from sync, return default from server http call

* validate BillingSyncKey during sync

revert changes to CreateSponsorshipCommand

* revert changes to ICreateSponsorshipCommand

* add some tests

* add DeleteExpiredSponsorshipsJob

* add cloud sync test

* remove extra method

* formatting

* prevent new sponsorships from disabled orgs

* update packages

* - pulled out send sponsorship command dependency from sync on cloud
- don't throw error when sponsorships are empty
- formatting

* formatting models

* more formatting

* remove licensingService dependency from selfhosted sync

* use installation urls and formatting

* create constructor for RequestModel and formatting

* add date parameter to OrganizationSponsorship_DeleteExpired

* add new migration

* formatting

* rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel

* prevent whole sync from failing if one sponsorship type is unsupported

* deserialize config and billingsynckey from org connection

* add mockHttp nuget package and use httpclientfactory

* fix current tests

* WIP of creating tests

* WIP of new self hosted tests

* WIP self hosted tests

* finish self hosted tests

* formatting

* format of interface

* remove extra config file

* added newlines

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Fix Organization_DeleteById (#1950)

* Fix Organization_Delete

* Fix L

* [PS-4] block enterprise user from sponsoring itself (#1943)

* [PS-248] Feature/add connections enabled endpoint (#1953)

* Move Organization models to sub namespaces

* Add Organization Connection api endpoints

* Get all connections rather than just enabled ones

* Add missing services to DI

* pluralize private api endpoints

* Add type protection to org connection request/response

* Fix route

* Use nullable Id to signify no connection

* Test Get Connections enabled

* Fix data discoverer

* Also drop this sproc for rerunning

* Id is the OUTPUT of create sprocs

* Fix connection config parsing

* Linter fixes

* update sqlproj file name

* Use param xdocs on methods

* Simplify controller path attribute

* Use JsonDocument to avoid escaped json in our response/request strings

* Fix JsonDoc tests

* Linter fixes

* Fix ApiKey Command and add tests (#1949)

* Fix ApiKey command

* Formatting

* Fix test failures introduced in #1943 (#1957)

* Remove "Did you know?" copy from emails. (#1962)

* Remove "Did you know"

* Remove jsonIf helper

* Feature/fix send single sponsorship offer email (#1956)

* Fix sponsorship offer email

* Do not sanitize org name

* PR feedback

* Feature/f4e sync event [PS-75] (#1963)

* Create sponsorship sync event type

* Add InstallationId to Event model

* Add combinatorics-based test case generators

* Log sponsorships sync event on sync

* Linter and test fixes

* Fix failing test

* Migrate sprocs and view

* Remove unused `using`s

* [PS-190] Add manual sync trigger in self hosted (#1955)

* WIP add button to admin project for billing sync

* add connection table to view page

* minor fixes for self hosted side of sync

* fixes number of bugs for cloud side of sync

* deserialize before returning for some reason

* add json attributes to return models

* list of sponsorships parameter is immutable, add secondary list

* change sproc name

* add error handling

* Fix tests

* modify call to connection

* Update src/Admin/Controllers/OrganizationsController.cs

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* undo change to sproc name

* simplify logic

* Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/Cloud/CloudSyncSponsorshipsCommand.cs

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* register services despite if self hosted or cloud

* remove json properties

* revert merge conflict

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Update OrganizationSponsorship valid until when updating org expirati… (#1966)

* Update OrganizationSponsorship valid until when updating org expiration date

* Linter fixes

* [PS-7] change revert email copy and add ValidUntil to sponsorship (#1965)

* change revert email copy and add ValidUntil to sponsorship

* add 15 days if no ValidUntil

* Chore/merge/self hosted families for enterprise (#1972)

* Log swallowed HttpRequestExceptions (#1866)

Co-authored-by: Hinton <oscar@oscarhinton.com>

* Allow for utilization of  readonly db connection (#1937)

* Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952)

* Bumped version to 1.48.0 (#1958)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* [EC-160] Give Provider Users access to all org ciphers and collections (#1959)

* Bumped version to 1.48.1 (#1961)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* Avoid sending "user need confirmation" emails when there are no org admins (#1960)

* Remove noncompliant users for new policies (#1951)

* [PS-284] Allow installation clients to not need a user. (#1968)

* Allow installation clients to not need a user.

* Run formatting

Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com>
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Justin Baur <136baur@gmail.com>

* Fix/license file not found (#1974)

* Handle null license

* Throw hint message if license is not found by the admin project.

* Use CloudOrganizationId from Connection config

* Change test to support change

* Fix test

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Feature/f4e selfhosted rename migration to .sql (#1971)

* rename migration to .sql

* format

* Add unit tests to self host F4E (#1975)

* Work on tests

* Added more tests

* Run linting

* Address PR feedback

* Fix AssertRecent

* Linting

* Fixed empty tests

* Fix/misc self hosted f4e (#1973)

* Allow setting of ApiUri

* Return updates sponsorshipsData objects

* Bind arguments by name

* Greedy load sponsorships to email.

When upsert was called, it creates Ids on _all_ records, which meant
that the lazy-evaluation from this call always returned an empty list.

* add scope for sync command DI in job. simplify error logic

* update the sync job to get CloudOrgId from the BillingSyncKey

Co-authored-by: Jacob Fink <jfink@bitwarden.com>

* Chore/merge/self hosted families for enterprise (#1987)

* Log swallowed HttpRequestExceptions (#1866)

Co-authored-by: Hinton <oscar@oscarhinton.com>

* Allow for utilization of  readonly db connection (#1937)

* Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952)

* Bumped version to 1.48.0 (#1958)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* [EC-160] Give Provider Users access to all org ciphers and collections (#1959)

* Bumped version to 1.48.1 (#1961)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* Avoid sending "user need confirmation" emails when there are no org admins (#1960)

* Remove noncompliant users for new policies (#1951)

* [PS-284] Allow installation clients to not need a user. (#1968)

* Allow installation clients to not need a user.

* Run formatting

* Use accept flow for sponsorship offers (#1964)

* PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977)

* [Bug] Skip WebAuthn 2fa event logs during login flow (#1978)

* [Bug] Supress WebAuthn 2fa event logs during login process

* Formatting

* Simplified method call with new paramter input

* Update RealIps Description (#1980)

Describe the syntax of the real_ips configuration key with an example, to prevent type errors in the `setup` container when parsing `config.yml`

* add proper URI validation to duo host (#1984)

* captcha scores (#1967)

* captcha scores

* some api fixes

* check bot on captcha attribute

* Update src/Core/Services/Implementations/HCaptchaValidationService.cs

Co-authored-by: e271828- <e271828-@users.noreply.github.com>

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>

* ensure no path specific in duo host (#1985)

Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com>
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Justin Baur <136baur@gmail.com>
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>

* Address feedback (#1990)

Co-authored-by: Justin Baur <admin@justinbaur.com>
Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Justin Baur <136baur@gmail.com>
Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com>
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>
											
										
										
											2022-05-10 23:12:09 +02:00
+								            services.AddBaseServices(globalSettings);
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								            services.AddDefaultServices(globalSettings);
-												Run dotnet format (#1764)


											
										
										
											2021-12-16 15:35:09 +01:00
-												[Provider] Setup provider (#1378)


											
										
										
											2021-06-30 09:35:26 +02:00
+								#if OSS
 								                services.AddOosServices();
 								#else
 								            services.AddCommCoreServices();
 								#endif
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
 								            // Mvc
 								            services.AddMvc(config =>
 								            {
 								                config.Filters.Add(new LoggingExceptionHandlerFilterAttribute());
 								            });
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								            services.Configure<RouteOptions>(options => options.LowercaseUrls = true);
-												database maintenance jobs setup in admin

											
										
										
											2018-10-09 16:12:27 +02:00
 								            // Jobs service
-												remove alive job

											
										
										
											2019-11-04 13:43:15 +01:00
+								            Jobs.JobsHostedService.AddJobsServices(services, globalSettings.SelfHosted);
-												database maintenance jobs setup in admin

											
										
										
											2018-10-09 16:12:27 +02:00
+								            services.AddHostedService<Jobs.JobsHostedService>();
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 19:36:37 +01:00
+								            if (globalSettings.SelfHosted)
-												move migrations to migrator project

											
										
										
											2019-03-25 18:21:05 +01:00
+								            {
 								                services.AddHostedService<HostedServices.DatabaseMigrationHostedService>();
 								            }
 								            else
-												BlockIpHostedService to replace func

											
										
										
											2019-03-05 05:41:46 +01:00
+								            {
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 19:36:37 +01:00
+								                if (CoreHelpers.SettingHasValue(globalSettings.Storage.ConnectionString))
-												amazon sqs block ip queuing

											
										
										
											2019-03-18 21:23:37 +01:00
+								                {
 								                    services.AddHostedService<HostedServices.AzureQueueBlockIpHostedService>();
 								                }
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 19:36:37 +01:00
+								                else if (CoreHelpers.SettingHasValue(globalSettings.Amazon?.AccessKeySecret))
-												amazon sqs block ip queuing

											
										
										
											2019-03-18 21:23:37 +01:00
+								                {
 								                    services.AddHostedService<HostedServices.AmazonSqsBlockIpHostedService>();
 								                }
-												Support large organization sync (#1311)

* Increase organization max seat size from 30k to 2b (#1274)

* Increase organization max seat size from 30k to 2b

* PR review. Do not modify unless state matches expected

* Organization sync simultaneous event reporting (#1275)

* Split up azure messages according to max size

* Allow simultaneous login of organization user events

* Early resolve small event lists

* Clarify logic

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Improve readability

This comes at the cost of multiple serializations, but the
 improvement in wire-time should more than make up for this
 on message where serialization time matters

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Queue emails (#1286)

* Extract common Azure queue methods

* Do not use internal entity framework namespace

* Prefer IEnumerable to IList unless needed

All of these implementations were just using `Count == 1`,
which is easily replicated. This will be used when abstracting Azure queues

* Add model for azure queue message

* Abstract Azure queue for reuse

* Creat service to enqueue mail messages for later processing

Azure queue mail service uses Azure queues.
Blocking just blocks until all the work is done -- This is
how emailing works today

* Provide mail queue service to DI

* Queue organization invite emails for later processing

All emails can later be added to this queue

* Create Admin hosted service to process enqueued mail messages

* Prefer constructors to static generators

* Mass delete organization users (#1287)

* Add delete many to Organization Users

* Correct formatting

* Remove erroneous migration

* Clarify parameter name

* Formatting fixes

* Simplify bump account revision sproc

* Formatting fixes

* Match file names to objects

* Indicate if large import is expected

* Early pull all existing users we were planning on inviting (#1290)

* Early pull all existing users we were planning on inviting

* Improve sproc name

* Batch upsert org users (#1289)

* Add UpsertMany sprocs to OrganizationUser

* Add method to create TVPs from any object.

Uses DbOrder attribute to generate.
Sproc will fail unless TVP column order matches that of the db type

* Combine migrations

* Correct formatting

* Include sql objects in sql project

* Keep consisten parameter names

* Batch deletes for performance

* Correct formatting

* consolidate migrations

* Use batch methods in OrganizationImport

* Declare @BatchSize

* Transaction names limited to 32 chars

Drop sproc before creating it if it exists

* Update import tests

* Allow for more users in org upgrades

* Fix formatting

* Improve class hierarchy structure

* Use name tuple types

* Fix formatting

* Front load all reflection

* Format constructor

* Simplify ToTvp as class-specific extension

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
											
										
										
											2021-05-17 16:43:02 +02:00
+								                if (CoreHelpers.SettingHasValue(globalSettings.Mail.ConnectionString))
 								                {
 								                    services.AddHostedService<HostedServices.AzureQueueMailHostedService>();
 								                }
-												BlockIpHostedService to replace func

											
										
										
											2019-03-05 05:41:46 +01:00
+								            }
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								        }
-												passwordless sign in for admin

											
										
										
											2018-03-21 19:26:49 +01:00
+								        public void Configure(
 								            IApplicationBuilder app,
-												upgrade to aspnet core 3.1

											
										
										
											2020-01-10 14:33:13 +01:00
+								            IWebHostEnvironment env,
 								            IHostApplicationLifetime appLifetime,
-												update to net core 2.2

											
										
										
											2019-07-23 22:38:49 +02:00
+								            GlobalSettings globalSettings)
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								        {
-												update to net core 2.2

											
										
										
											2019-07-23 22:38:49 +02:00
+								            app.UseSerilog(env, appLifetime, globalSettings);
-												Revert "explicitly disable app insights telemetry"

This reverts commit 819a4e031d8e2b9e2257a373d01849afb347f585.

											
										
										
											2018-05-21 19:31:47 +02:00
-												Added middleware for general security headers (#1700)


											
										
										
											2021-11-09 17:37:14 +01:00
+								            // Add general security headers
 								            app.UseMiddleware<SecurityHeadersMiddleware>();
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 19:36:37 +01:00
+								            if (globalSettings.SelfHosted)
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								            {
-												proxypass to /admin

											
										
										
											2018-03-24 13:39:55 +01:00
+								                app.UsePathBase("/admin");
-												UseForwardedHeaders with known proxies

											
										
										
											2019-04-26 15:52:54 +02:00
+								                app.UseForwardedHeaders(globalSettings);
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								            }
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 19:36:37 +01:00
+								            if (env.IsDevelopment())
-												set base admin path for self host

											
										
										
											2018-03-24 04:27:33 +01:00
+								            {
-												proxypass to /admin

											
										
										
											2018-03-24 13:39:55 +01:00
+								                app.UseDeveloperExceptionPage();
-												set base admin path for self host

											
										
										
											2018-03-24 04:27:33 +01:00
+								            }
-												Tweak provider views (#1499)

* Add Organizations to provider views

Remove enabled/disabled toggle from provider. It's currently not used.

* Remove provider Delete

There are implications to deleting providers on the organizations they manage.
We want to think through this flow before allowing delete from the
admin portal.

* Use toastr to display production exception messages.

Update build actions to upgrade npm to v7.

Use a custom error handler in production which displays a toast of the
exception message and redirect to the offending page

* Clarify provider create error message
											
										
										
											2021-08-10 18:28:00 +02:00
+								            else
 								            {
 								                app.UseExceptionHandler("/error");
 								            }
-												set base admin path for self host

											
										
										
											2018-03-24 04:27:33 +01:00
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								            app.UseStaticFiles();
-												upgrade to aspnet core 3.1

											
										
										
											2020-01-10 14:33:13 +01:00
+								            app.UseRouting();
 								            app.UseAuthentication();
 								            app.UseAuthorization();
 								            app.UseEndpoints(endpoints => endpoints.MapDefaultControllerRoute());
-												setup new admin portal project

											
										
										
											2018-03-21 17:57:43 +01:00
+								        }
 								    }
 								}