diff --git a/src/Api/Startup.cs b/src/Api/Startup.cs index a2a21fa09..e558a394f 100644 --- a/src/Api/Startup.cs +++ b/src/Api/Startup.cs @@ -66,9 +66,6 @@ namespace Bit.Api services.AddSingleton(); services.AddSingleton(); - // IdentityServer - services.AddCustomIdentityServerServices(Environment, globalSettings); - // Identity services.AddCustomIdentityServices(globalSettings); @@ -166,11 +163,8 @@ namespace Bit.Api app.UseCors("All"); // Add IdentityServer to the request pipeline. - app.UseIdentityServer(); - app.UseIdentityServerAuthentication( - GetIdentityOptions(env, IdentityServerAuthority(env, "identity", "33656"), "3")); - app.UseIdentityServerAuthentication( - GetIdentityOptions(env, IdentityServerAuthority(env, "api", "4000"), "2")); + app.UseIdentityServerAuthentication(GetIdentityOptions(env, globalSettings, string.Empty)); + app.UseIdentityServerAuthentication(GetIdentityOptions(env, globalSettings, "3")); // Add current context app.UseMiddleware(); @@ -180,39 +174,21 @@ namespace Bit.Api } private IdentityServerAuthenticationOptions GetIdentityOptions(IHostingEnvironment env, - string authority, string suffix) + GlobalSettings globalSettings, string suffix) { var options = new IdentityServerAuthenticationOptions { - Authority = authority, + Authority = globalSettings.BaseIdentityUri, AllowedScopes = new string[] { "api" }, RequireHttpsMetadata = !env.IsDevelopment(), ApiName = "api", NameClaimType = ClaimTypes.Email, // Suffix until we retire the old jwt schemes. AuthenticationScheme = $"Bearer{suffix}", - TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString( - $"Bearer{suffix}", $"access_token{suffix}") + TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString($"Bearer{suffix}", $"access_token{suffix}") }; return options; } - - private string IdentityServerAuthority(IHostingEnvironment env, string subdomain, string port) - { - if(env.IsProduction()) - { - return $"https://{subdomain}.bitwarden.com"; - } - else if(env.IsEnvironment("Preview")) - { - return $"https://preview-{subdomain}.bitwarden.com"; - } - else - { - return $"http://localhost:{port}"; - //return $"http://192.168.1.3:{port}"; // Desktop external - } - } } } diff --git a/src/Api/settings.Preview.json b/src/Api/settings.Preview.json index e3fd6e3a5..9529228dc 100644 --- a/src/Api/settings.Preview.json +++ b/src/Api/settings.Preview.json @@ -1,6 +1,8 @@ { "globalSettings": { "baseVaultUri": "https://preview-vault.bitwarden.com/#", + "baseApiUri": "https://preview-api.bitwarden.com", + "baseIdentityUri": "https://preview-identity.bitwarden.com", "u2f": { "appId": "https://preview-vault.bitwarden.com/app-id.json" } diff --git a/src/Api/settings.Production.json b/src/Api/settings.Production.json index 57d845382..8b5e6db1b 100644 --- a/src/Api/settings.Production.json +++ b/src/Api/settings.Production.json @@ -1,6 +1,8 @@ { "globalSettings": { "baseVaultUri": "https://vault.bitwarden.com/#", + "baseApiUri": "https://api.bitwarden.com", + "baseIdentityUri": "https://identity.bitwarden.com", "u2f": { "appId": "https://vault.bitwarden.com/app-id.json" }, diff --git a/src/Api/settings.Staging.json b/src/Api/settings.Staging.json index 08a068c6b..184f1d0f7 100644 --- a/src/Api/settings.Staging.json +++ b/src/Api/settings.Staging.json @@ -1,6 +1,8 @@ { "globalSettings": { "baseVaultUri": "https://vault.bitwarden.com/#", + "baseApiUri": "https://api.bitwarden.com", + "baseIdentityUri": "https://identity.bitwarden.com", "u2f": { "appId": "https://vault.bitwarden.com/app-id.json" } diff --git a/src/Api/settings.json b/src/Api/settings.json index cb93d9e9f..55b4e384a 100644 --- a/src/Api/settings.json +++ b/src/Api/settings.json @@ -2,6 +2,8 @@ "globalSettings": { "siteName": "bitwarden", "baseVaultUri": "http://localhost:4001/#", + "baseApiUri": "http://localhost:4000", + "baseIdentityUri": "http://localhost:33656", "stripeApiKey": "SECRET", "sqlServer": { "connectionString": "SECRET" diff --git a/src/Billing/settings.Production.json b/src/Billing/settings.Production.json index fe522cd4f..1bc0918eb 100644 --- a/src/Billing/settings.Production.json +++ b/src/Billing/settings.Production.json @@ -1,6 +1,8 @@ { "globalSettings": { "baseVaultUri": "https://vault.bitwarden.com/#", + "baseApiUri": "https://api.bitwarden.com", + "baseIdentityUri": "https://identity.bitwarden.com", "braintree": { "production": true } diff --git a/src/Billing/settings.json b/src/Billing/settings.json index 6b7af457a..bc815f507 100644 --- a/src/Billing/settings.json +++ b/src/Billing/settings.json @@ -2,6 +2,8 @@ "globalSettings": { "siteName": "bitwarden", "baseVaultUri": "http://localhost:4001/#", + "baseApiUri": "http://localhost:4000", + "baseIdentityUri": "http://localhost:33656", "stripeApiKey": "SECRET", "sqlServer": { "connectionString": "SECRET" diff --git a/src/Core/GlobalSettings.cs b/src/Core/GlobalSettings.cs index 1e761c83e..f21845544 100644 --- a/src/Core/GlobalSettings.cs +++ b/src/Core/GlobalSettings.cs @@ -4,6 +4,8 @@ { public virtual string SiteName { get; set; } public virtual string BaseVaultUri { get; set; } + public virtual string BaseApiUri { get; set; } + public virtual string BaseIdentityUri { get; set; } public virtual string StripeApiKey { get; set; } public virtual SqlServerSettings SqlServer { get; set; } = new SqlServerSettings(); public virtual MailSettings Mail { get; set; } = new MailSettings(); diff --git a/src/Identity/settings.Preview.json b/src/Identity/settings.Preview.json index e3fd6e3a5..9529228dc 100644 --- a/src/Identity/settings.Preview.json +++ b/src/Identity/settings.Preview.json @@ -1,6 +1,8 @@ { "globalSettings": { "baseVaultUri": "https://preview-vault.bitwarden.com/#", + "baseApiUri": "https://preview-api.bitwarden.com", + "baseIdentityUri": "https://preview-identity.bitwarden.com", "u2f": { "appId": "https://preview-vault.bitwarden.com/app-id.json" } diff --git a/src/Identity/settings.Production.json b/src/Identity/settings.Production.json index 57d845382..8b5e6db1b 100644 --- a/src/Identity/settings.Production.json +++ b/src/Identity/settings.Production.json @@ -1,6 +1,8 @@ { "globalSettings": { "baseVaultUri": "https://vault.bitwarden.com/#", + "baseApiUri": "https://api.bitwarden.com", + "baseIdentityUri": "https://identity.bitwarden.com", "u2f": { "appId": "https://vault.bitwarden.com/app-id.json" }, diff --git a/src/Identity/settings.Staging.json b/src/Identity/settings.Staging.json index 08a068c6b..184f1d0f7 100644 --- a/src/Identity/settings.Staging.json +++ b/src/Identity/settings.Staging.json @@ -1,6 +1,8 @@ { "globalSettings": { "baseVaultUri": "https://vault.bitwarden.com/#", + "baseApiUri": "https://api.bitwarden.com", + "baseIdentityUri": "https://identity.bitwarden.com", "u2f": { "appId": "https://vault.bitwarden.com/app-id.json" } diff --git a/src/Identity/settings.json b/src/Identity/settings.json index 076716345..10a8d0d49 100644 --- a/src/Identity/settings.json +++ b/src/Identity/settings.json @@ -2,6 +2,8 @@ "globalSettings": { "siteName": "bitwarden", "baseVaultUri": "http://localhost:4001/#", + "baseApiUri": "http://localhost:4000", + "baseIdentityUri": "http://localhost:33656", "stripeApiKey": "SECRET", "sqlServer": { "connectionString": "SECRET"