Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-02-18 02:11:22 +01:00
Code Issues Projects Releases Wiki Activity

Provide anonymous user context for unauthenticated requests using LaunchDarkly (#2819)

Browse Source
This commit is contained in:
Matt Bishop 2023-03-22 11:05:09 -04:00 committed by GitHub
parent d7b091d7d6
commit 39f884ddcc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 47 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/Core/Services/Implementations/LaunchDarklyFeatureService.cs
View File

@ -8,6 +8,7 @@ namespace Bit.Core.Services;
public class LaunchDarklyFeatureService : IFeatureService, IDisposable public class LaunchDarklyFeatureService : IFeatureService, IDisposable
{ {
private readonly LdClient _client; private readonly LdClient _client;
private const string _anonymousUser = "25a15cac-58cf-4ac0-ad0f-b17c4bd92294";
public LaunchDarklyFeatureService( public LaunchDarklyFeatureService(
IGlobalSettings globalSettings) IGlobalSettings globalSettings)
@ -108,7 +109,18 @@ public class LaunchDarklyFeatureService : IFeatureService, IDisposable
{ {
case Identity.ClientType.User: case Identity.ClientType.User:
{ {
var ldUser = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString()); LaunchDarkly.Sdk.ContextBuilder ldUser;
if (currentContext.UserId.HasValue)
{
ldUser = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString());
}
else
{
// group all unauthenticated activity under one anonymous user key and mark as such
ldUser = LaunchDarkly.Sdk.Context.Builder(_anonymousUser);
ldUser.Anonymous(true);
}
ldUser.Kind(LaunchDarkly.Sdk.ContextKind.Default); ldUser.Kind(LaunchDarkly.Sdk.ContextKind.Default);
if (currentContext.Organizations?.Any() ?? false) if (currentContext.Organizations?.Any() ?? false)
@ -123,21 +135,30 @@ public class LaunchDarklyFeatureService : IFeatureService, IDisposable
case Identity.ClientType.Organization: case Identity.ClientType.Organization:
{ {
var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString()); if (currentContext.OrganizationId.HasValue)
ldOrg.Kind("organization"); {
builder.Add(ldOrg.Build()); var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString());
ldOrg.Kind("organization");
builder.Add(ldOrg.Build());
}
} }
break; break;
case Identity.ClientType.ServiceAccount: case Identity.ClientType.ServiceAccount:
{ {
var ldServiceAccount = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString()); if (currentContext.UserId.HasValue)
ldServiceAccount.Kind("service-account"); {
builder.Add(ldServiceAccount.Build()); var ldServiceAccount = LaunchDarkly.Sdk.Context.Builder(currentContext.UserId.Value.ToString());
ldServiceAccount.Kind("service-account");
builder.Add(ldServiceAccount.Build());
}
var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString()); if (currentContext.OrganizationId.HasValue)
ldOrg.Kind("organization"); {
builder.Add(ldOrg.Build()); var ldOrg = LaunchDarkly.Sdk.Context.Builder(currentContext.OrganizationId.Value.ToString());
ldOrg.Kind("organization");
builder.Add(ldOrg.Build());
}
} }
break; break;
} }

17
test/Api.IntegrationTest/Controllers/ConfigControllerTests.cs
View File

@ -41,8 +41,23 @@ public class ConfigControllerTests : IClassFixture<ApiApplicationFactory>, IAsyn
} }
[Fact] [Fact]
public async Task GetConfigs() public async Task GetConfigs_Unauthenticated()
{ {
_client.DefaultRequestHeaders.Authorization = null;
var response = await _client.GetAsync("/config");
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<ConfigResponseModel>();
Assert.NotNull(result);
Assert.NotEmpty(result!.Version);
}
[Fact]
public async Task GetConfigs_Authenticated()
{
await LoginAsync();
var response = await _client.GetAsync("/config"); var response = await _client.GetAsync("/config");
response.EnsureSuccessStatusCode(); response.EnsureSuccessStatusCode();
var result = await response.Content.ReadFromJsonAsync<ConfigResponseModel>(); var result = await response.Content.ReadFromJsonAsync<ConfigResponseModel>();