1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-04 14:13:28 +01:00
bitwarden-server/src/Core/Utilities/ServiceCollectionExtensions.cs

199 lines
9.2 KiB
C#
Raw Normal View History

using Bit.Core.Enums;
using Bit.Core.Identity;
using Bit.Core.IdentityServer;
using Bit.Core.Models.Table;
using Bit.Core.Repositories;
using Bit.Core.Services;
using IdentityModel;
using IdentityServer4.Services;
using IdentityServer4.Stores;
using IdentityServer4.Validation;
2017-07-21 18:53:26 +02:00
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Hosting;
2017-07-21 18:53:26 +02:00
using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.WindowsAzure.Storage;
2017-06-23 16:08:29 +02:00
using System;
using SqlServerRepos = Bit.Core.Repositories.SqlServer;
namespace Bit.Core.Utilities
{
public static class ServiceCollectionExtensions
{
public static void AddSqlServerRepositories(this IServiceCollection services)
{
services.AddSingleton<IUserRepository, SqlServerRepos.UserRepository>();
services.AddSingleton<ICipherRepository, SqlServerRepos.CipherRepository>();
services.AddSingleton<IDeviceRepository, SqlServerRepos.DeviceRepository>();
services.AddSingleton<IGrantRepository, SqlServerRepos.GrantRepository>();
services.AddSingleton<IOrganizationRepository, SqlServerRepos.OrganizationRepository>();
services.AddSingleton<IOrganizationUserRepository, SqlServerRepos.OrganizationUserRepository>();
services.AddSingleton<ICollectionRepository, SqlServerRepos.CollectionRepository>();
services.AddSingleton<IFolderRepository, SqlServerRepos.FolderRepository>();
services.AddSingleton<ICollectionCipherRepository, SqlServerRepos.CollectionCipherRepository>();
2017-05-08 20:08:44 +02:00
services.AddSingleton<IGroupRepository, SqlServerRepos.GroupRepository>();
2017-06-22 04:33:45 +02:00
services.AddSingleton<IU2fRepository, SqlServerRepos.U2fRepository>();
}
public static void AddBaseServices(this IServiceCollection services)
{
services.AddSingleton<ICipherService, CipherService>();
services.AddScoped<IUserService, UserService>();
services.AddSingleton<IDeviceService, DeviceService>();
services.AddSingleton<IOrganizationService, OrganizationService>();
services.AddSingleton<ICollectionService, CollectionService>();
2017-05-09 20:17:22 +02:00
services.AddSingleton<IGroupService, GroupService>();
}
public static void AddDefaultServices(this IServiceCollection services)
{
2017-06-27 20:05:50 +02:00
services.AddSingleton<IMailService, RazorViewMailService>();
2017-05-30 23:19:46 +02:00
services.AddSingleton<IMailDeliveryService, SendGridMailDeliveryService>();
#if NET461
2017-05-27 04:52:50 +02:00
services.AddSingleton<IPushNotificationService, NotificationHubPushNotificationService>();
services.AddSingleton<IPushRegistrationService, NotificationHubPushRegistrationService>();
#else
services.AddSingleton<IPushNotificationService, NoopPushNotificationService>();
services.AddSingleton<IPushRegistrationService, NoopPushRegistrationService>();
#endif
services.AddSingleton<IBlockIpService, AzureQueueBlockIpService>();
services.AddSingleton<IAttachmentStorageService, AzureAttachmentStorageService>();
}
public static void AddNoopServices(this IServiceCollection services)
{
services.AddSingleton<IMailService, NoopMailService>();
services.AddSingleton<IMailDeliveryService, NoopMailDeliveryService>();
2017-05-26 15:44:54 +02:00
services.AddSingleton<IPushNotificationService, NoopPushNotificationService>();
services.AddSingleton<IBlockIpService, NoopBlockIpService>();
services.AddSingleton<IPushRegistrationService, NoopPushRegistrationService>();
services.AddSingleton<IAttachmentStorageService, NoopAttachmentStorageService>();
}
public static IdentityBuilder AddCustomIdentityServices(
this IServiceCollection services, GlobalSettings globalSettings)
{
services.AddTransient<ILookupNormalizer, LowerInvariantLookupNormalizer>();
2017-06-23 16:08:29 +02:00
services.Configure<TwoFactorRememberTokenProviderOptions>(options =>
{
options.TokenLifespan = TimeSpan.FromDays(30);
});
var identityBuilder = services.AddIdentity<User, Role>(options =>
{
options.User = new UserOptions
{
RequireUniqueEmail = true,
AllowedUserNameCharacters = null // all
};
options.Password = new PasswordOptions
{
RequireDigit = false,
RequireLowercase = false,
RequiredLength = 8,
RequireNonAlphanumeric = false,
RequireUppercase = false
};
options.ClaimsIdentity = new ClaimsIdentityOptions
{
SecurityStampClaimType = "sstamp",
UserNameClaimType = JwtClaimTypes.Email,
UserIdClaimType = JwtClaimTypes.Subject,
};
options.Tokens.ChangeEmailTokenProvider = TokenOptions.DefaultEmailProvider;
});
identityBuilder
.AddUserStore<UserStore>()
.AddRoleStore<RoleStore>()
2017-07-05 21:35:46 +02:00
.AddTokenProvider<DataProtectorTokenProvider<User>>(TokenOptions.DefaultProvider)
.AddTokenProvider<AuthenticatorTokenProvider>(TwoFactorProviderType.Authenticator.ToString())
2017-06-15 04:40:33 +02:00
.AddTokenProvider<YubicoOtpTokenProvider>(TwoFactorProviderType.YubiKey.ToString())
2017-06-21 06:04:25 +02:00
.AddTokenProvider<DuoWebTokenProvider>(TwoFactorProviderType.Duo.ToString())
2017-06-23 04:14:51 +02:00
.AddTokenProvider<U2fTokenProvider>(TwoFactorProviderType.U2f.ToString())
2017-06-23 16:08:29 +02:00
.AddTokenProvider<TwoFactorRememberTokenProvider>(TwoFactorProviderType.Remember.ToString())
.AddTokenProvider<EmailTokenProvider<User>>(TokenOptions.DefaultEmailProvider);
return identityBuilder;
}
public static IIdentityServerBuilder AddCustomIdentityServerServices(
this IServiceCollection services, IHostingEnvironment env, GlobalSettings globalSettings)
{
var identityServerBuilder = services
.AddIdentityServer(options =>
{
options.Endpoints.EnableAuthorizeEndpoint = false;
options.Endpoints.EnableIntrospectionEndpoint = false;
options.Endpoints.EnableEndSessionEndpoint = false;
options.Endpoints.EnableUserInfoEndpoint = false;
options.Endpoints.EnableCheckSessionEndpoint = false;
options.Endpoints.EnableTokenRevocationEndpoint = false;
})
.AddInMemoryApiResources(ApiResources.GetApiResources())
.AddInMemoryClients(Clients.GetClients());
services.AddTransient<ICorsPolicyService, AllowAllCorsPolicyService>();
2017-07-14 19:29:52 +02:00
if(env.IsDevelopment())
{
2017-07-14 19:29:52 +02:00
identityServerBuilder.AddTemporarySigningCredential();
}
else
{
2017-07-14 19:29:52 +02:00
var identityServerCert = CoreHelpers.GetCertificate(globalSettings.IdentityServer.CertificateThumbprint);
identityServerBuilder.AddSigningCredential(identityServerCert);
}
services.AddScoped<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();
services.AddScoped<IProfileService, ProfileService>();
services.AddSingleton<IPersistedGrantStore, PersistedGrantStore>();
return identityServerBuilder;
}
public static void AddCustomDataProtectionServices(
this IServiceCollection services, IHostingEnvironment env, GlobalSettings globalSettings)
{
#if NET461
2017-07-14 19:29:52 +02:00
if(!env.IsDevelopment())
{
var dataProtectionCert = CoreHelpers.GetCertificate(globalSettings.DataProtection.CertificateThumbprint);
var storageAccount = CloudStorageAccount.Parse(globalSettings.Storage.ConnectionString);
services.AddDataProtection()
.PersistKeysToAzureBlobStorage(storageAccount, "aspnet-dataprotection/keys.xml")
.ProtectKeysWithCertificate(dataProtectionCert);
}
#endif
}
public static GlobalSettings AddGlobalSettingsServices(this IServiceCollection services,
IConfigurationRoot root)
{
var globalSettings = new GlobalSettings();
ConfigurationBinder.Bind(root.GetSection("GlobalSettings"), globalSettings);
services.AddSingleton(s => globalSettings);
return globalSettings;
}
2017-07-21 18:53:26 +02:00
public static void UseForwardedHeadersForAzure(this IApplicationBuilder app)
{
// ref: https://github.com/aspnet/Docs/issues/2384
var forwardOptions = new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto,
RequireHeaderSymmetry = false
};
forwardOptions.KnownNetworks.Clear();
forwardOptions.KnownProxies.Clear();
app.UseForwardedHeaders(forwardOptions);
}
}
}