Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00
Code Issues Projects Releases Wiki Activity

Provide anonymous user context for unauthenticated requests using LaunchDarkly (#2819)

Browse Source
This commit is contained in:
Matt Bishop 2023-03-22 11:05:09 -04:00 committed by GitHub
parent d7b091d7d6
commit 39f884ddcc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 47 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/Core/Services/Implementations/LaunchDarklyFeatureService.cs
View File

@ -8,6 +8,7 @@ namespace Bit.Core.Services;
public class LaunchDarklyFeatureService : IFeatureService, IDisposable
{
private readonly LdClient _client;
private const string _anonymousUser = "25a15cac-58cf-4ac0-ad0f-b17c4bd92294";
public LaunchDarklyFeatureService(
IGlobalSettings globalSettings)
@ -108,7 +109,18 @@ public class LaunchDarklyFeatureService : IFeatureService, IDisposable
{
case Identity.ClientType.User:
{
var ldUser = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString());
LaunchDarkly.Sdk.ContextBuilder ldUser;
if (currentContext.UserId.HasValue)
{
ldUser = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString());
}
else
{
// group all unauthenticated activity under one anonymous user key and mark as such
ldUser = LaunchDarkly.Sdk.Context.Builder(_anonymousUser);
ldUser.Anonymous(true);
}
ldUser.Kind(LaunchDarkly.Sdk.ContextKind.Default);
if (currentContext.Organizations?.Any() ?? false)
@ -123,21 +135,30 @@ public class LaunchDarklyFeatureService : IFeatureService, IDisposable
case Identity.ClientType.Organization:
{
var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString());
ldOrg.Kind("organization");
builder.Add(ldOrg.Build());
if (currentContext.OrganizationId.HasValue)
{
var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString());
ldOrg.Kind("organization");
builder.Add(ldOrg.Build());
}
}
break;
case Identity.ClientType.ServiceAccount:
{
var ldServiceAccount = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString());
ldServiceAccount.Kind("service-account");
builder.Add(ldServiceAccount.Build());
if (currentContext.UserId.HasValue)
{
var ldServiceAccount = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString());
ldServiceAccount.Kind("service-account");
builder.Add(ldServiceAccount.Build());
}
var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString());
ldOrg.Kind("organization");
builder.Add(ldOrg.Build());
if (currentContext.OrganizationId.HasValue)
{
var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString());
ldOrg.Kind("organization");
builder.Add(ldOrg.Build());
}
}
break;
}

17
test/Api.IntegrationTest/Controllers/ConfigControllerTests.cs
View File

@ -41,8 +41,23 @@ public class ConfigControllerTests : IClassFixture<ApiApplicationFactory>, IAsyn
}
[Fact]
public async Task GetConfigs()
public async Task GetConfigs_Unauthenticated()
{
_client.DefaultRequestHeaders.Authorization = null;
var response = await _client.GetAsync("/config");
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<ConfigResponseModel>();
Assert.NotNull(result);
Assert.NotEmpty(result!.Version);
}
[Fact]
public async Task GetConfigs_Authenticated()
{
await LoginAsync();
var response = await _client.GetAsync("/config");
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<ConfigResponseModel>();