Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-25 12:45:18 +01:00
Code Issues Projects Releases Wiki Activity

added correct backwards compat claims

Browse Source
This commit is contained in:
Kyle Spearrin 2017-01-11 18:48:16 -05:00
parent 77ca47a266
commit 54711e634b
3 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Core/Identity/ProfileService.cs
View File

@ -3,7 +3,6 @@ using System.Threading.Tasks;
using IdentityServer4.Models; using IdentityServer4.Models;
using Bit.Core.Repositories; using Bit.Core.Repositories;
using Bit.Core.Services; using Bit.Core.Services;
using System.Security.Claims;
namespace Bit.Core.Identity namespace Bit.Core.Identity
{ {
@ -22,8 +21,7 @@ namespace Bit.Core.Identity
public Task GetProfileDataAsync(ProfileDataRequestContext context) public Task GetProfileDataAsync(ProfileDataRequestContext context)
{ {
// TODO: load proper claims for user context.AddFilteredClaims(context.IssuedClaims);
context.AddFilteredClaims(new Claim[] { new Claim(ClaimTypes.AuthenticationMethod, "Application") });
return Task.FromResult(0); return Task.FromResult(0);
} }

17
src/Core/Identity/ResourceOwnerPasswordValidator.cs
View File

@ -1,5 +1,4 @@
using Bit.Core.Domains; using Bit.Core.Domains;
using Bit.Core.Repositories;
using IdentityServer4.Models; using IdentityServer4.Models;
using IdentityServer4.Validation; using IdentityServer4.Validation;
using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity;
@ -10,27 +9,29 @@ namespace Bit.Core.Identity
{ {
public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
{ {
private readonly IUserRepository _userRepository;
private readonly UserManager<User> _userManager; private readonly UserManager<User> _userManager;
public ResourceOwnerPasswordValidator( public ResourceOwnerPasswordValidator(
IUserRepository userRepository,
UserManager<User> userManager) UserManager<User> userManager)
{ {
_userRepository = userRepository;
_userManager = userManager; _userManager = userManager;
} }
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{ {
var user = await _userRepository.GetByEmailAsync(context.UserName.ToLowerInvariant()); var user = await _userManager.FindByEmailAsync(context.UserName.ToLowerInvariant());
if(user != null) if(user != null)
{ {
if(await _userManager.CheckPasswordAsync(user, context.Password)) if(await _userManager.CheckPasswordAsync(user, context.Password))
{ {
// TODO: proper claims and auth method context.Result = new GrantValidationResult(user.Id.ToString(), "Application", identityProvider: "bitwarden",
context.Result = new GrantValidationResult(subject: user.Id.ToString(), authenticationMethod: "Application", claims: new Claim[] {
identityProvider: "bitwarden", claims: new Claim[] { new Claim(ClaimTypes.AuthenticationMethod, "Application") }); // Deprecated claims for backwards compatability
new Claim("authmethod", "Application"),
new Claim("nameid", user.Id.ToString()),
new Claim("email", user.Email.ToString()),
new Claim("securitystamp", user.SecurityStamp)
});
return; return;
} }
} }

8
src/Core/Identity/Resources.cs
View File

@ -1,6 +1,5 @@
using IdentityServer4.Models; using IdentityServer4.Models;
using System.Collections.Generic; using System.Collections.Generic;
using System.Security.Claims;
namespace Bit.Core.Identity namespace Bit.Core.Identity
{ {
@ -10,7 +9,12 @@ namespace Bit.Core.Identity
{ {
return new List<ApiResource> return new List<ApiResource>
{ {
new ApiResource("api", "Vault API", new string[] { ClaimTypes.AuthenticationMethod }) new ApiResource("api", "Vault API", new string[] {
"authmethod",
"nameid",
"email",
"securitystamp"
})
}; };
} }
} }