Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00
Code Issues Projects Releases Wiki Activity

Upgrade to ASP.NET Core RC2 release.

Browse Source
This commit is contained in:
Kyle Spearrin 2016-05-19 19:10:24 -04:00
parent d7cb3d47cb
commit 79f507fe68
33 changed files with 289 additions and 231 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
global.json
View File

@ -1,6 +1,6 @@
{
"projects": [ "src", "test" ],
"sdk": {
"version": "1.0.0-rc1-final"
"version": "1.0.0-preview1-002702"
}
}

9
src/Api/Api.xproj
View File

@ -4,16 +4,17 @@
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
<VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
</PropertyGroup>
<Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.Props" Condition="'$(VSToolsPath)' != ''" />
<Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.Props" Condition="'$(VSToolsPath)' != ''" />
<PropertyGroup Label="Globals">
<ProjectGuid>e8548ad6-7fb0-439a-8eb5-549a10336d2d</ProjectGuid>
<RootNamespace>Bit.Api</RootNamespace>
<BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">..\..\artifacts\obj\$(MSBuildProjectName)</BaseIntermediateOutputPath>
<OutputPath Condition="'$(OutputPath)'=='' ">..\..\artifacts\bin\$(MSBuildProjectName)\</OutputPath>
<BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">.\obj</BaseIntermediateOutputPath>
<OutputPath Condition="'$(OutputPath)'=='' ">.\bin\</OutputPath>
<TargetFrameworkVersion>v4.6</TargetFrameworkVersion>
</PropertyGroup>
<PropertyGroup>
<SchemaVersion>2.0</SchemaVersion>
<DevelopmentServerPort>4000</DevelopmentServerPort>
</PropertyGroup>
<Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.targets" Condition="'$(VSToolsPath)' != ''" />
<Import Project="$(VSToolsPath)\DotNet.Web\Microsoft.DotNet.Web.targets" Condition="'$(VSToolsPath)' != ''" />
</Project>

14
src/Api/Controllers/AccountsController.cs
View File

@ -1,11 +1,11 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Mvc;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Bit.Api.Models;
using Bit.Core.Exceptions;
using Bit.Core.Services;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Identity;
using Bit.Core.Domains;
using Bit.Core.Enums;
using Bit.Core;
@ -78,7 +78,7 @@ namespace Bit.Api.Controllers
{
// NOTE: It is assumed that the eventual repository call will make sure the updated
// ciphers belong to user making this call. Therefore, no check is done here.
var ciphers = CipherRequestModel.ToDynamicCiphers(model.Ciphers, User.GetUserId());
var ciphers = CipherRequestModel.ToDynamicCiphers(model.Ciphers, _userManager.GetUserId(User));
var result = await _userService.ChangeEmailAsync(
_currentContext.User,
@ -107,7 +107,7 @@ namespace Bit.Api.Controllers
{
// NOTE: It is assumed that the eventual repository call will make sure the updated
// ciphers belong to user making this call. Therefore, no check is done here.
var ciphers = CipherRequestModel.ToDynamicCiphers(model.Ciphers, User.GetUserId());
var ciphers = CipherRequestModel.ToDynamicCiphers(model.Ciphers, _userManager.GetUserId(User));
var result = await _userService.ChangePasswordAsync(
_currentContext.User,
@ -206,8 +206,8 @@ namespace Bit.Api.Controllers
public async Task PostImport([FromBody]ImportRequestModel model)
{
await _cipherService.ImportCiphersAsync(
model.Folders.Select(f => f.ToFolder(User.GetUserId())).ToList(),
model.Sites.Select(s => s.ToSite(User.GetUserId())).ToList(),
model.Folders.Select(f => f.ToFolder(_userManager.GetUserId(User))).ToList(),
model.Sites.Select(s => s.ToSite(_userManager.GetUserId(User))).ToList(),
model.SiteRelationships);
}

2
src/Api/Controllers/AliveController.cs
View File

@ -1,5 +1,5 @@
using System;
using Microsoft.AspNet.Mvc;
using Microsoft.AspNetCore.Mvc;
namespace Bit.Api.Controllers
{

4
src/Api/Controllers/AuthController.cs
View File

@ -1,9 +1,9 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNet.Mvc;
using Microsoft.AspNetCore.Mvc;
using Bit.Core.Identity;
using Bit.Api.Models;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNetCore.Authorization;
using Bit.Core.Exceptions;
using Bit.Core;

21
src/Api/Controllers/FoldersController.cs
View File

@ -2,13 +2,13 @@
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNet.Mvc;
using Microsoft.AspNetCore.Mvc;
using Bit.Core.Repositories;
using System.Security.Claims;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNetCore.Authorization;
using Bit.Api.Models;
using Bit.Core.Exceptions;
using Bit.Core.Domains;
using Microsoft.AspNetCore.Identity;
namespace Bit.Api.Controllers
{
@ -17,17 +17,20 @@ namespace Bit.Api.Controllers
public class FoldersController : Controller
{
private readonly IFolderRepository _folderRepository;
private readonly UserManager<User> _userManager;
public FoldersController(
IFolderRepository folderRepository)
IFolderRepository folderRepository,
UserManager<User> userManager)
{
_folderRepository = folderRepository;
_userManager = userManager;
}
[HttpGet("{id}")]
public async Task<FolderResponseModel> Get(string id)
{
var folder = await _folderRepository.GetByIdAsync(id, User.GetUserId());
var folder = await _folderRepository.GetByIdAsync(id, _userManager.GetUserId(User));
if(folder == null)
{
throw new NotFoundException();
@ -39,7 +42,7 @@ namespace Bit.Api.Controllers
[HttpGet("")]
public async Task<ListResponseModel<FolderResponseModel>> Get()
{
ICollection<Folder> folders = await _folderRepository.GetManyByUserIdAsync(User.GetUserId());
ICollection<Folder> folders = await _folderRepository.GetManyByUserIdAsync(_userManager.GetUserId(User));
var responses = folders.Select(f => new FolderResponseModel(f));
return new ListResponseModel<FolderResponseModel>(responses);
}
@ -47,7 +50,7 @@ namespace Bit.Api.Controllers
[HttpPost("")]
public async Task<FolderResponseModel> Post([FromBody]FolderRequestModel model)
{
var folder = model.ToFolder(User.GetUserId());
var folder = model.ToFolder(_userManager.GetUserId(User));
await _folderRepository.CreateAsync(folder);
return new FolderResponseModel(folder);
}
@ -55,7 +58,7 @@ namespace Bit.Api.Controllers
[HttpPut("{id}")]
public async Task<FolderResponseModel> Put(string id, [FromBody]FolderRequestModel model)
{
var folder = await _folderRepository.GetByIdAsync(id, User.GetUserId());
var folder = await _folderRepository.GetByIdAsync(id, _userManager.GetUserId(User));
if(folder == null)
{
throw new NotFoundException();
@ -68,7 +71,7 @@ namespace Bit.Api.Controllers
[HttpDelete("{id}")]
public async Task Delete(string id)
{
var folder = await _folderRepository.GetByIdAsync(id, User.GetUserId());
var folder = await _folderRepository.GetByIdAsync(id, _userManager.GetUserId(User));
if(folder == null)
{
throw new NotFoundException();

23
src/Api/Controllers/SitesController.cs
View File

@ -2,13 +2,13 @@
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNet.Mvc;
using Microsoft.AspNetCore.Mvc;
using Bit.Core.Repositories;
using System.Security.Claims;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNetCore.Authorization;
using Bit.Api.Models;
using Bit.Core.Exceptions;
using Bit.Core.Domains;
using Microsoft.AspNetCore.Identity;
namespace Bit.Api.Controllers
{
@ -18,19 +18,22 @@ namespace Bit.Api.Controllers
{
private readonly ISiteRepository _siteRepository;
private readonly IFolderRepository _folderRepository;
private readonly UserManager<User> _userManager;
public SitesController(
ISiteRepository siteRepository,
IFolderRepository folderRepository)
IFolderRepository folderRepository,
UserManager<User> userManager)
{
_siteRepository = siteRepository;
_folderRepository = folderRepository;
_userManager = userManager;
}
[HttpGet("{id}")]
public async Task<SiteResponseModel> Get(string id, string[] expand = null)
{
var site = await _siteRepository.GetByIdAsync(id, User.GetUserId());
var site = await _siteRepository.GetByIdAsync(id, _userManager.GetUserId(User));
if(site == null)
{
throw new NotFoundException();
@ -44,7 +47,7 @@ namespace Bit.Api.Controllers
[HttpGet("")]
public async Task<ListResponseModel<SiteResponseModel>> Get(string[] expand = null)
{
ICollection<Site> sites = await _siteRepository.GetManyByUserIdAsync(User.GetUserId());
ICollection<Site> sites = await _siteRepository.GetManyByUserIdAsync(_userManager.GetUserId(User));
var responses = sites.Select(s => new SiteResponseModel(s)).ToList();
await ExpandManyAsync(sites, responses, expand, null);
return new ListResponseModel<SiteResponseModel>(responses);
@ -53,7 +56,7 @@ namespace Bit.Api.Controllers
[HttpPost("")]
public async Task<SiteResponseModel> Post([FromBody]SiteRequestModel model, string[] expand = null)
{
var site = model.ToSite(User.GetUserId());
var site = model.ToSite(_userManager.GetUserId(User));
await _siteRepository.CreateAsync(site);
var response = new SiteResponseModel(site);
@ -64,7 +67,7 @@ namespace Bit.Api.Controllers
[HttpPut("{id}")]
public async Task<SiteResponseModel> Put(string id, [FromBody]SiteRequestModel model, string[] expand = null)
{
var site = await _siteRepository.GetByIdAsync(id, User.GetUserId());
var site = await _siteRepository.GetByIdAsync(id, _userManager.GetUserId(User));
if(site == null)
{
throw new NotFoundException();
@ -80,7 +83,7 @@ namespace Bit.Api.Controllers
[HttpDelete("{id}")]
public async Task Delete(string id)
{
var site = await _siteRepository.GetByIdAsync(id, User.GetUserId());
var site = await _siteRepository.GetByIdAsync(id, _userManager.GetUserId(User));
if(site == null)
{
throw new NotFoundException();
@ -118,7 +121,7 @@ namespace Bit.Api.Controllers
{
if(folders == null)
{
folders = await _folderRepository.GetManyByUserIdAsync(User.GetUserId());
folders = await _folderRepository.GetManyByUserIdAsync(_userManager.GetUserId(User));
}
if(folders != null && folders.Count() > 0)

2
src/Api/Models/Response/ErrorResponseModel.cs
View File

@ -1,6 +1,6 @@
using System.Linq;
using System.Collections.Generic;
using Microsoft.AspNet.Mvc.ModelBinding;
using Microsoft.AspNetCore.Mvc.ModelBinding;
namespace Bit.Api.Models.Response
{

20
src/Api/Program.cs Normal file
View File

@ -0,0 +1,20 @@
using System.IO;
using Microsoft.AspNetCore.Hosting;
namespace Bit.Api
{
public class Program
{
public static void Main(string[] args)
{
var host = new WebHostBuilder()
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup<Startup>()
.Build();
host.Run();
}
}
}

46
src/Api/Properties/launchSettings.json
View File

@ -1,25 +1,27 @@
{
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:4000",
"sslPort": 0
}
},
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"Hosting:Environment": "Development"
}
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:4000",
"sslPort": 0
}
},
"web": {
"commandName": "web",
"environmentVariables": {
"Hosting:Environment": "Development"
}
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
},
"Web": {
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "http://localhost:5000",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}
}

45
src/Api/Startup.cs
View File

@ -1,14 +1,15 @@
using System;
using System.Security.Claims;
using Microsoft.AspNet.Authentication.JwtBearer;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Hosting;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.OptionsModel;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using Bit.Api.Utilities;
using Bit.Core;
using Bit.Core.Domains;
@ -16,7 +17,8 @@ using Bit.Core.Identity;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Repos = Bit.Core.Repositories.SqlServer;
using Loggr.Extensions.Logging;
using System.Text;
//using Loggr.Extensions.Logging;
namespace Bit.Api
{
@ -25,6 +27,7 @@ namespace Bit.Api
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("settings.json")
.AddJsonFile($"settings.{env.EnvironmentName}.json", optional: true);
@ -42,14 +45,14 @@ namespace Bit.Api
public void ConfigureServices(IServiceCollection services)
{
services.Configure<GlobalSettings>(Configuration.GetSection("globalSettings"));
var provider = services.BuildServiceProvider();
// Options
services.AddOptions();
// Settings
var provider = services.BuildServiceProvider();
var globalSettings = provider.GetRequiredService<IOptions<GlobalSettings>>().Value;
var globalSettings = new GlobalSettings();
ConfigurationBinder.Bind(Configuration.GetSection("GlobalSettings"), globalSettings);
services.AddSingleton(s => globalSettings);
// Repositories
@ -75,7 +78,7 @@ namespace Bit.Api
RequireDigit = false,
RequireLowercase = false,
RequiredLength = 8,
RequireNonLetterOrDigit = false,
RequireNonAlphanumeric = false,
RequireUppercase = false
};
options.ClaimsIdentity = new ClaimsIdentityOptions
@ -90,9 +93,8 @@ namespace Bit.Api
jwtBearerOptions.Issuer = "bitwarden";
jwtBearerOptions.TokenLifetime = TimeSpan.FromDays(10 * 365);
jwtBearerOptions.TwoFactorTokenLifetime = TimeSpan.FromMinutes(10);
// TODO: Symmetric key
// waiting on https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/250
jwtBearerOptions.SigningCredentials = null;
var keyBytes = Encoding.ASCII.GetBytes(globalSettings.JwtSigningKey);
jwtBearerOptions.SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(keyBytes), SecurityAlgorithms.HmacSha256);
})
.AddUserStore<UserStore>()
.AddRoleStore<RoleStore>()
@ -138,21 +140,17 @@ namespace Bit.Api
ILoggerFactory loggerFactory,
GlobalSettings globalSettings)
{
loggerFactory.MinimumLevel = LogLevel.Information;
loggerFactory.AddConsole();
loggerFactory.AddDebug();
if(!env.IsDevelopment())
{
loggerFactory.AddLoggr(
LogLevel.Error,
globalSettings.Loggr.LogKey,
globalSettings.Loggr.ApiKey);
//loggerFactory.AddLoggr(
// LogLevel.Error,
// globalSettings.Loggr.LogKey,
// globalSettings.Loggr.ApiKey);
}
// Add the platform handler to the request pipeline.
app.UseIISPlatformHandler();
// Add static files to the request pipeline.
app.UseStaticFiles();
@ -165,8 +163,5 @@ namespace Bit.Api
// Add MVC to the request pipeline.
app.UseMvc();
}
// Entry point for the application.
public static void Main(string[] args) => WebApplication.Run<Startup>(args);
}
}

10
src/Api/Utilities/ExceptionHandlerFilterAttribute.cs
View File

@ -2,9 +2,9 @@
using System.IdentityModel.Tokens;
using Bit.Api.Models.Response;
using Bit.Core.Exceptions;
using Microsoft.AspNet.Hosting;
using Microsoft.AspNet.Mvc;
using Microsoft.AspNet.Mvc.Filters;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
@ -48,14 +48,14 @@ namespace Bit.Api.Utilities
}
else
{
var logger = context.HttpContext.ApplicationServices.GetRequiredService<ILogger<ExceptionHandlerFilterAttribute>>();
var logger = context.HttpContext.RequestServices.GetRequiredService<ILogger<ExceptionHandlerFilterAttribute>>();
logger.LogError(exception.Message, exception);
errorModel.Message = "An unhandled server error has occured.";
context.HttpContext.Response.StatusCode = 500;
}
var env = context.HttpContext.ApplicationServices.GetRequiredService<IHostingEnvironment>();
var env = context.HttpContext.RequestServices.GetRequiredService<IHostingEnvironment>();
if(env.IsDevelopment())
{
errorModel.ExceptionMessage = exception.Message;

4
src/Api/Utilities/ModelStateValidationFilterAttribute.cs
View File

@ -1,5 +1,5 @@
using Microsoft.AspNet.Mvc;
using Microsoft.AspNet.Mvc.Filters;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Bit.Api.Models.Response;
using System.Linq;

67
src/Api/project.json
View File

@ -1,42 +1,59 @@
{
"userSecretsId": "aspnet5-bitwarden-Api",
"version": "0.0.1-*",
"compilationOptions": {
"emitEntryPoint": true
},
"dependencies": {
"Core": {
"version": "0.0.1",
"target": "project"
},
"Microsoft.AspNet.IISPlatformHandler": "1.0.0-rc1-final",
"Microsoft.AspNet.Mvc": "6.0.0-rc1-final",
"Microsoft.AspNet.Server.Kestrel": "1.0.0-rc1-final",
"Microsoft.AspNet.StaticFiles": "1.0.0-rc1-final",
"Microsoft.Extensions.Configuration.UserSecrets": "1.0.0-rc1-final",
"Microsoft.Extensions.Logging": "1.0.0-rc1-final",
"Microsoft.Extensions.Logging.Console": "1.0.0-rc1-final",
"Microsoft.Extensions.Logging.Debug": "1.0.0-rc1-final",
"Microsoft.AspNet.Cors": "6.0.0-rc1-final",
"Microsoft.AspNet.Diagnostics": "1.0.0-rc1-final",
"Loggr.Extensions.Logging": "1.0.1-rc1-final"
"Microsoft.AspNetCore.Server.IISIntegration": "1.0.0-rc2-final",
"Microsoft.AspNetCore.Mvc": "1.0.0-rc2-final",
"Microsoft.AspNetCore.Server.Kestrel": "1.0.0-rc2-final",
"Microsoft.AspNetCore.StaticFiles": "1.0.0-rc2-final",
"Microsoft.Extensions.Configuration.UserSecrets": "1.0.0-rc2-final",
"Microsoft.Extensions.Logging": "1.0.0-rc2-final",
"Microsoft.Extensions.Logging.Console": "1.0.0-rc2-final",
"Microsoft.Extensions.Logging.Debug": "1.0.0-rc2-final",
"Microsoft.AspNetCore.Cors": "1.0.0-rc2-final",
"Microsoft.AspNetCore.Diagnostics": "1.0.0-rc2-final",
"Microsoft.Extensions.Configuration.EnvironmentVariables": "1.0.0-rc2-final",
"Microsoft.Extensions.Configuration.Binder": "1.0.0-rc2-final"
},
"commands": {
"web": "Microsoft.AspNet.Server.Kestrel"
"tools": {
"Microsoft.AspNetCore.Server.IISIntegration.Tools": {
"version": "1.0.0-preview1-final",
"imports": "portable-net45+win8+dnxcore50"
}
},
"frameworks": {
"dnx451": { }
"net46": { }
},
"exclude": [
"wwwroot",
"node_modules"
],
"publishExclude": [
"**.user",
"**.vspscc"
]
"buildOptions": {
"emitEntryPoint": true,
"preserveCompilationContext": true
},
"runtimeOptions": {
"gcServer": false,
"gcConcurrent": true
},
"publishOptions": {
"include": [
"wwwroot",
"Views",
"settings.json",
"settings.Production.json",
"settings.Staging.json",
"web.config"
]
},
"scripts": {
"postpublish": [ "dotnet publish-iis --publish-folder %publish:OutputPath% --framework %publish:FullTargetFramework%" ]
}
}

1
src/Api/settings.json
View File

@ -2,6 +2,7 @@
"globalSettings": {
"siteName": "bitwarden",
"baseVaultUri": "http://localhost:4001",
"jwtSigningKey": "THIS IS A SECRET. IT KEEPS YOUR TOKEN SAFE. :)",
"documentDB": {
"uri": "SECRET",
"key": "SECRET",

9
src/Api/web.config Normal file
View File

@ -0,0 +1,9 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
</system.webServer>
</configuration>

9
src/Api/wwwroot/web.config
View File

@ -1,9 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="httpPlatformHandler" path="*" verb="*" modules="httpPlatformHandler" resourceType="Unspecified" />
</handlers>
<httpPlatform processPath="%DNX_PATH%" arguments="%DNX_ARGS%" stdoutLogEnabled="false" startupTimeLimit="3600" />
</system.webServer>
</configuration>

9
src/Core/Core.xproj
View File

@ -4,15 +4,16 @@
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
<VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
</PropertyGroup>
<Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.Props" Condition="'$(VSToolsPath)' != ''" />
<Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.Props" Condition="'$(VSToolsPath)' != ''" />
<PropertyGroup Label="Globals">
<ProjectGuid>3973d21b-a692-4b60-9b70-3631c057423a</ProjectGuid>
<RootNamespace>Bit.Core</RootNamespace>
<BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">..\..\artifacts\obj\$(MSBuildProjectName)</BaseIntermediateOutputPath>
<OutputPath Condition="'$(OutputPath)'=='' ">..\..\artifacts\bin\$(MSBuildProjectName)\</OutputPath>
<BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">.\obj</BaseIntermediateOutputPath>
<OutputPath Condition="'$(OutputPath)'=='' ">.\bin\</OutputPath>
<TargetFrameworkVersion>v4.6</TargetFrameworkVersion>
</PropertyGroup>
<PropertyGroup>
<SchemaVersion>2.0</SchemaVersion>
</PropertyGroup>
<Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.targets" Condition="'$(VSToolsPath)' != ''" />
<Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project>

2
src/Core/Exceptions/BadRequestException.cs
View File

@ -1,5 +1,5 @@
using System;
using Microsoft.AspNet.Mvc.ModelBinding;
using Microsoft.AspNetCore.Mvc.ModelBinding;
namespace Bit.Core.Exceptions
{

1
src/Core/GlobalSettings.cs
View File

@ -7,6 +7,7 @@ namespace Bit.Core
{
public virtual string SiteName { get; set; }
public virtual string BaseVaultUri { get; set; }
public virtual string JwtSigningKey { get; set; }
public virtual DocumentDBSettings DocumentDB { get; set; } = new DocumentDBSettings();
public virtual SqlServerSettings SqlServer { get; set; } = new SqlServerSettings();
public virtual MailSettings Mail { get; set; } = new MailSettings();

4
src/Core/Identity/AuthenticatorTokenProvider.cs
View File

@ -1,14 +1,14 @@
using System;
using System.Threading.Tasks;
using Base32;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Identity;
using Bit.Core.Domains;
using Bit.Core.Enums;
using OtpSharp;
namespace Bit.Core.Identity
{
public class AuthenticatorTokenProvider : IUserTokenProvider<User>
public class AuthenticatorTokenProvider : IUserTwoFactorTokenProvider<User>
{
public Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<User> manager, User user)
{

60
src/Core/Identity/JwtBearerAppBuilderExtensions.cs Normal file
View File

@ -0,0 +1,60 @@
using System;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Microsoft.AspNetCore.Authentication.JwtBearer;
namespace Bit.Core.Identity
{
public static class JwtBearerAppBuilderExtensions
{
public static IApplicationBuilder UseJwtBearerIdentity(this IApplicationBuilder app)
{
if(app == null)
{
throw new ArgumentNullException(nameof(app));
}
var marker = app.ApplicationServices.GetService<IdentityMarkerService>();
if(marker == null)
{
throw new InvalidOperationException("Must Call AddJwtBearerIdentity");
}
var jwtOptions = app.ApplicationServices.GetRequiredService<IOptions<JwtBearerIdentityOptions>>().Value;
var options = new JwtBearerOptions();
// Basic settings - signing key to validate with, audience and issuer.
options.TokenValidationParameters.IssuerSigningKey = jwtOptions.SigningCredentials.Key;
options.TokenValidationParameters.ValidAudience = jwtOptions.Audience;
options.TokenValidationParameters.ValidIssuer = jwtOptions.Issuer;
options.TokenValidationParameters.RequireExpirationTime = true;
options.TokenValidationParameters.RequireSignedTokens = false;
// When receiving a token, check that we've signed it.
options.TokenValidationParameters.RequireSignedTokens = false;
//// When receiving a token, check that it is still valid.
options.TokenValidationParameters.ValidateLifetime = true;
// This defines the maximum allowable clock skew - i.e. provides a tolerance on the token expiry time
// when validating the lifetime. As we're creating the tokens locally and validating them on the same
// machines which should have synchronised time, this can be set to zero. Where external tokens are
// used, some leeway here could be useful.
options.TokenValidationParameters.ClockSkew = TimeSpan.FromMinutes(0);
options.Events = new JwtBearerEvents
{
OnTokenValidated = JwtBearerEventImplementations.ValidatedTokenAsync,
OnAuthenticationFailed = JwtBearerEventImplementations.AuthenticationFailedAsync
};
app.UseJwtBearerAuthentication(options);
return app;
}
}
}

59
src/Core/Identity/JwtBearerBuilderExtensions.cs
View File

@ -1,59 +0,0 @@
using System;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Identity;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.OptionsModel;
using Microsoft.AspNet.Authentication.JwtBearer;
namespace Bit.Core.Identity
{
public static class JwtBearerBuilderExtensions
{
public static IApplicationBuilder UseJwtBearerIdentity(this IApplicationBuilder app)
{
if(app == null)
{
throw new ArgumentNullException(nameof(app));
}
var marker = app.ApplicationServices.GetService<IdentityMarkerService>();
if(marker == null)
{
throw new InvalidOperationException("Must Call AddJwtBearerIdentity");
}
var jwtOptions = app.ApplicationServices.GetRequiredService<IOptions<JwtBearerIdentityOptions>>().Value;
var jwtSignInManager = app.ApplicationServices.GetRequiredService<JwtBearerSignInManager>();
app.UseJwtBearerAuthentication(options =>
{
// Basic settings - signing key to validate with, audience and issuer.
//options.TokenValidationParameters.IssuerSigningKey = key;
options.TokenValidationParameters.ValidAudience = jwtOptions.Audience;
options.TokenValidationParameters.ValidIssuer = jwtOptions.Issuer;
options.TokenValidationParameters.RequireExpirationTime = true;
options.TokenValidationParameters.RequireSignedTokens = false;
// When receiving a token, check that we've signed it.
options.TokenValidationParameters.ValidateSignature = false;
//// When receiving a token, check that it is still valid.
options.TokenValidationParameters.ValidateLifetime = true;
// This defines the maximum allowable clock skew - i.e. provides a tolerance on the token expiry time
// when validating the lifetime. As we're creating the tokens locally and validating them on the same
// machines which should have synchronised time, this can be set to zero. Where external tokens are
// used, some leeway here could be useful.
options.TokenValidationParameters.ClockSkew = TimeSpan.FromMinutes(0);
options.Events = new JwtBearerEvents
{
OnValidatedToken = JwtBearerEventImplementations.ValidatedTokenAsync,
OnAuthenticationFailed = JwtBearerEventImplementations.AuthenticationFailedAsync
};
});
return app;
}
}
}

21
src/Core/Identity/JwtBearerEventImplementations.cs
View File

@ -1,18 +1,20 @@
using System;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.DependencyInjection;
using System.IdentityModel.Tokens;
using Bit.Core.Repositories;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.IdentityModel.Tokens;
using Microsoft.AspNetCore.Identity;
using Bit.Core.Domains;
namespace Bit.Core.Identity
{
public static class JwtBearerEventImplementations
{
public async static Task ValidatedTokenAsync(ValidatedTokenContext context)
public async static Task ValidatedTokenAsync(TokenValidatedContext context)
{
if(context.HttpContext.RequestServices == null)
{
@ -20,13 +22,14 @@ namespace Bit.Core.Identity
}
var userRepository = context.HttpContext.RequestServices.GetRequiredService<IUserRepository>();
var manager = context.HttpContext.RequestServices.GetRequiredService<JwtBearerSignInManager>();
var userManager = context.HttpContext.RequestServices.GetRequiredService<UserManager<User>>();
var signInManager = context.HttpContext.RequestServices.GetRequiredService<JwtBearerSignInManager>();
var userId = context.AuthenticationTicket.Principal.GetUserId();
var userId = userManager.GetUserId(context.Ticket.Principal);
var user = await userRepository.GetByIdAsync(userId);
// validate security token
if(!await manager.ValidateSecurityStampAsync(user, context.AuthenticationTicket.Principal))
if(!await signInManager.ValidateSecurityStampAsync(user, context.Ticket.Principal))
{
throw new SecurityTokenValidationException("Bad security stamp.");
}
@ -41,7 +44,7 @@ namespace Bit.Core.Identity
if(!context.HttpContext.User.Identity.IsAuthenticated)
{
context.State = EventResultState.HandledResponse;
context.AuthenticationTicket = new AuthenticationTicket(context.HttpContext.User, new AuthenticationProperties(), context.Options.AuthenticationScheme);
context.Ticket = new AuthenticationTicket(context.HttpContext.User, new AuthenticationProperties(), context.Options.AuthenticationScheme);
}
return Task.FromResult(0);

2
src/Core/Identity/JwtBearerIdentityOptions.cs
View File

@ -1,5 +1,5 @@
using System;
using System.IdentityModel.Tokens;
using Microsoft.IdentityModel.Tokens;
namespace Bit.Core.Identity
{

8
src/Core/Identity/JwtBearerIdentityServiceCollectionExtensions.cs
View File

@ -1,14 +1,16 @@
using System;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Bit.Core.Domains;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
namespace Bit.Core.Identity
{
public static class JwtBearerIdentityServiceCollectionExtensions
{
public static IdentityBuilder AddJwtBearerIdentit(
public static IdentityBuilder AddJwtBearerIdentity(
this IServiceCollection services)
{
return services.AddJwtBearerIdentity(setupAction: null, jwtBearerSetupAction: null);
@ -23,6 +25,8 @@ namespace Bit.Core.Identity
services.AddOptions();
services.AddAuthentication();
// Hosting doesn't add IHttpContextAccessor by default
services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
// Identity services
services.TryAddSingleton<IdentityMarkerService>();
services.TryAddScoped<IUserValidator<User>, UserValidator<User>>();

25
src/Core/Identity/JwtBearerSignInManager.cs
View File

@ -2,12 +2,13 @@
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Authentication.JwtBearer;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.OptionsModel;
using Microsoft.Extensions.Options;
using Bit.Core.Domains;
using Microsoft.AspNetCore.Builder;
using Microsoft.IdentityModel.Tokens;
namespace Bit.Core.Identity
{
@ -123,12 +124,16 @@ namespace Bit.Core.Identity
}
}
var securityToken = handler.CreateToken(
issuer: JwtIdentityOptions.Issuer,
audience: JwtIdentityOptions.Audience,
signingCredentials: JwtIdentityOptions.SigningCredentials,
subject: userPrincipal.Identities.First(),
expires: tokenExpiration);
var descriptor = new SecurityTokenDescriptor
{
Issuer = JwtIdentityOptions.Issuer,
SigningCredentials = JwtIdentityOptions.SigningCredentials,
Audience = JwtIdentityOptions.Audience,
Subject = userPrincipal.Identities.First(),
Expires = tokenExpiration
};
var securityToken = handler.CreateToken(descriptor);
return handler.WriteToken(securityToken);
}

2
src/Core/Identity/LowerInvariantLookupNormalizer.cs
View File

@ -1,4 +1,4 @@
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Identity;
namespace Bit.Core.Identity
{

2
src/Core/Identity/RoleStore.cs
View File

@ -1,7 +1,7 @@
using System;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Identity;
using Bit.Core.Domains;
namespace Bit.Core.Identity

2
src/Core/Identity/UserStore.cs
View File

@ -4,7 +4,7 @@ using System.Linq;
using System.Security.Claims;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Identity;
using Bit.Core.Domains;
using Bit.Core.Repositories;
using Bit.Core.Services;

2
src/Core/Services/IUserService.cs
View File

@ -1,7 +1,7 @@
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Identity;
using Bit.Core.Domains;
namespace Bit.Core.Services

13
src/Core/Services/UserService.cs
View File

@ -1,15 +1,16 @@
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Identity;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.OptionsModel;
using Microsoft.Extensions.Options;
using Bit.Core.Domains;
using Bit.Core.Repositories;
using OtpSharp;
using Base32;
using System.Linq;
using Microsoft.AspNetCore.Builder;
namespace Bit.Core.Services
{
@ -35,8 +36,7 @@ namespace Bit.Core.Services
ILookupNormalizer keyNormalizer,
IdentityErrorDescriber errors,
IServiceProvider services,
ILogger<UserManager<User>> logger,
IHttpContextAccessor contextAccessor)
ILogger<UserManager<User>> logger)
: base(
store,
optionsAccessor,
@ -46,8 +46,7 @@ namespace Bit.Core.Services
keyNormalizer,
errors,
services,
logger,
contextAccessor)
logger)
{
_userRepository = userRepository;
_cipherRepository = cipherRepository;

20
src/Core/project.json
View File

@ -2,21 +2,23 @@
"version": "0.0.1-*",
"description": "bitwarden Core Library",
"authors": [ "Kyle Spearrin" ],
"tags": [ "" ],
"projectUrl": "",
"licenseUrl": "",
"dependencies": {
"Microsoft.AspNet.Identity": "3.0.0-rc1-final",
"Microsoft.AspNet.Authentication.JwtBearer": "1.0.0-rc1-final",
"Microsoft.AspNetCore.Identity": "1.0.0-rc2-final",
"Microsoft.AspNetCore.Authentication.JwtBearer": "1.0.0-rc2-final",
"OtpSharp": "1.3.0.4",
"Microsoft.AspNet.Mvc.Abstractions": "6.0.0-rc1-final",
"Sendgrid": "6.3.4",
"Microsoft.AspNetCore.Mvc.Abstractions": "1.0.0-rc2-final",
"Dapper": "1.42.0",
"DataTableProxy": "1.2.0"
"DataTableProxy": "1.2.0",
"Sendgrid": "6.3.4"
},
"frameworks": {
"dnx451": { }
"net46": {
"frameworkAssemblies": {
"System.ComponentModel.DataAnnotations": "4.0.0.0",
"System.Data": "4.0.0.0"
}
}
}
}