1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-22 16:57:36 +01:00

stub out signalr sync hub

This commit is contained in:
Kyle Spearrin 2018-08-02 12:14:33 -04:00
parent 14956f6383
commit 8b53ab2945
13 changed files with 460 additions and 84 deletions

View File

@ -49,6 +49,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "EventsProcessor", "src\Even
EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Admin", "src\Admin\Admin.csproj", "{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Hub", "src\Hub\Hub.csproj", "{28635027-20E5-42FA-B218-B6C878DE5350}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
@ -113,6 +115,10 @@ Global
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Debug|Any CPU.Build.0 = Debug|Any CPU
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Release|Any CPU.ActiveCfg = Release|Any CPU
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Release|Any CPU.Build.0 = Release|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Debug|Any CPU.Build.0 = Debug|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Release|Any CPU.ActiveCfg = Release|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
@ -132,6 +138,7 @@ Global
{994DD611-F266-4BD3-8072-3B1B57267ED5} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
{2235D24F-E607-47F4-81AD-BB4504ADF9C6} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
{28635027-20E5-42FA-B218-B6C878DE5350} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {E01CBF68-2E20-425F-9EDB-E0A6510CA92F}

View File

@ -6,11 +6,14 @@ using Bit.Core.Enums;
using Microsoft.AspNetCore.Http;
using Bit.Core.Repositories;
using System.Threading.Tasks;
using System.Security.Claims;
namespace Bit.Core
{
public class CurrentContext
{
private bool _builtHttpContext;
private bool _builtClaimsPrincipal;
private string _ip;
private Dictionary<Guid, ICollection<OrganizationUser>> _orgUsers =
new Dictionary<Guid, ICollection<OrganizationUser>>();
@ -25,6 +28,93 @@ namespace Bit.Core
new List<CurrentContentOrganization>();
public virtual Guid? InstallationId { get; set; }
public void Build(HttpContext httpContext)
{
if(_builtHttpContext)
{
return;
}
_builtHttpContext = true;
HttpContext = httpContext;
Build(httpContext.User);
if(DeviceIdentifier == null && httpContext.Request.Headers.ContainsKey("Device-Identifier"))
{
DeviceIdentifier = httpContext.Request.Headers["Device-Identifier"];
}
if(httpContext.Request.Headers.ContainsKey("Device-Type") &&
Enum.TryParse(httpContext.Request.Headers["Device-Type"].ToString(), out DeviceType dType))
{
DeviceType = dType;
}
}
public void Build(ClaimsPrincipal user)
{
if(_builtClaimsPrincipal)
{
return;
}
_builtClaimsPrincipal = true;
if(user == null || !user.Claims.Any())
{
return;
}
var claimsDict = user.Claims.GroupBy(c => c.Type).ToDictionary(c => c.Key, c => c.Select(v => v));
var subject = GetClaimValue(claimsDict, "sub");
if(Guid.TryParse(subject, out var subIdGuid))
{
UserId = subIdGuid;
}
var clientId = GetClaimValue(claimsDict, "client_id");
var clientSubject = GetClaimValue(claimsDict, "client_sub");
if((clientId?.StartsWith("installation.") ?? false) && clientSubject != null)
{
if(Guid.TryParse(clientSubject, out var idGuid))
{
InstallationId = idGuid;
}
}
DeviceIdentifier = GetClaimValue(claimsDict, "device");
if(claimsDict.ContainsKey("orgowner"))
{
Organizations.AddRange(claimsDict["orgowner"].Select(c =>
new CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Owner
}));
}
if(claimsDict.ContainsKey("orgadmin"))
{
Organizations.AddRange(claimsDict["orgadmin"].Select(c =>
new CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Admin
}));
}
if(claimsDict.ContainsKey("orguser"))
{
Organizations.AddRange(claimsDict["orguser"].Select(c =>
new CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.User
}));
}
}
public bool OrganizationUser(Guid orgId)
{
return Organizations.Any(o => o.Id == orgId);
@ -70,6 +160,16 @@ namespace Bit.Core
return _ip;
}
private string GetClaimValue(Dictionary<string, IEnumerable<Claim>> claims, string type)
{
if(!claims.ContainsKey(type))
{
return null;
}
return claims[type].FirstOrDefault()?.Value;
}
public class CurrentContentOrganization
{
public Guid Id { get; set; }

View File

@ -1,9 +1,4 @@
using Bit.Core.Enums;
using Microsoft.AspNetCore.Http;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using Microsoft.AspNetCore.Http;
using System.Threading.Tasks;
namespace Bit.Core.Utilities
@ -19,85 +14,8 @@ namespace Bit.Core.Utilities
public async Task Invoke(HttpContext httpContext, CurrentContext currentContext)
{
currentContext.HttpContext = httpContext;
if(httpContext.User != null && httpContext.User.Claims.Any())
{
var claimsDict = httpContext.User.Claims
.GroupBy(c => c.Type)
.ToDictionary(c => c.Key, c => c.Select(v => v));
var subject = GetClaimValue(claimsDict, "sub");
if(Guid.TryParse(subject, out var subIdGuid))
{
currentContext.UserId = subIdGuid;
}
var clientId = GetClaimValue(claimsDict, "client_id");
var clientSubject = GetClaimValue(claimsDict, "client_sub");
if((clientId?.StartsWith("installation.") ?? false) && clientSubject != null)
{
if(Guid.TryParse(clientSubject, out var idGuid))
{
currentContext.InstallationId = idGuid;
}
}
currentContext.DeviceIdentifier = GetClaimValue(claimsDict, "device");
if(claimsDict.ContainsKey("orgowner"))
{
currentContext.Organizations.AddRange(claimsDict["orgowner"].Select(c =>
new CurrentContext.CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Owner
}));
}
if(claimsDict.ContainsKey("orgadmin"))
{
currentContext.Organizations.AddRange(claimsDict["orgadmin"].Select(c =>
new CurrentContext.CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Admin
}));
}
if(claimsDict.ContainsKey("orguser"))
{
currentContext.Organizations.AddRange(claimsDict["orguser"].Select(c =>
new CurrentContext.CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.User
}));
}
}
if(currentContext.DeviceIdentifier == null && httpContext.Request.Headers.ContainsKey("Device-Identifier"))
{
currentContext.DeviceIdentifier = httpContext.Request.Headers["Device-Identifier"];
}
if(httpContext.Request.Headers.ContainsKey("Device-Type") &&
Enum.TryParse(httpContext.Request.Headers["Device-Type"].ToString(), out DeviceType dType))
{
currentContext.DeviceType = dType;
}
currentContext.Build(httpContext);
await _next.Invoke(httpContext);
}
private string GetClaimValue(Dictionary<string, IEnumerable<Claim>> claims, string type)
{
if(!claims.ContainsKey(type))
{
return null;
}
return claims[type].FirstOrDefault()?.Value;
}
}
}

View File

@ -0,0 +1,25 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.SignalR;
namespace Bit.Hub
{
[Authorize("Application")]
public class EventsController : Controller
{
private readonly IHubContext<SyncHub> _syncHubContext;
public EventsController(IHubContext<SyncHub> syncHubContext)
{
_syncHubContext = syncHubContext;
}
[HttpGet("~/events")]
public async Task GetTest()
{
await _syncHubContext.Clients.All.SendAsync("ReceiveMessage", "From API.");
}
}
}

19
src/Hub/Hub.csproj Normal file
View File

@ -0,0 +1,19 @@
<Project Sdk="Microsoft.NET.Sdk.Web">
<PropertyGroup>
<Version>1.22.0</Version>
<TargetFramework>netcoreapp2.1</TargetFramework>
<RootNamespace>Bit.Hub</RootNamespace>
<UserSecretsId>bitwarden-Hub</UserSecretsId>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.6.0" />
<PackageReference Include="Microsoft.AspNetCore.App" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\Core\Core.csproj" />
</ItemGroup>
</Project>

17
src/Hub/Program.cs Normal file
View File

@ -0,0 +1,17 @@
using Microsoft.AspNetCore;
using Microsoft.AspNetCore.Hosting;
namespace Bit.Hub
{
public class Program
{
public static void Main(string[] args)
{
WebHost
.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.Build()
.Run();
}
}
}

View File

@ -0,0 +1,27 @@
{
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:61840",
"sslPort": 0
}
},
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"Bit.Hub": {
"commandName": "Project",
"launchBrowser": true,
"applicationUrl": "http://localhost:5000",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}

121
src/Hub/Startup.cs Normal file
View File

@ -0,0 +1,121 @@
using System.Security.Claims;
using Bit.Core;
using Bit.Core.IdentityServer;
using Bit.Core.Services;
using Bit.Core.Utilities;
using IdentityModel;
using IdentityServer4.AccessTokenValidation;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.SignalR;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.IdentityModel.Logging;
using Serilog.Events;
namespace Bit.Hub
{
public class Startup
{
public Startup(IHostingEnvironment env, IConfiguration configuration)
{
Configuration = configuration;
Environment = env;
}
public IConfiguration Configuration { get; }
public IHostingEnvironment Environment { get; set; }
public void ConfigureServices(IServiceCollection services)
{
// Options
services.AddOptions();
// Settings
var globalSettings = services.AddGlobalSettingsServices(Configuration);
// Repositories
services.AddSqlServerRepositories(globalSettings);
// Context
services.AddScoped<CurrentContext>();
// Identity
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
options.NameClaimType = ClaimTypes.Email;
options.SupportedTokens = SupportedTokens.Jwt;
});
services.AddAuthorization(config =>
{
config.AddPolicy("Application", policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
});
});
// SignalR
services.AddSignalR();
services.AddSingleton<IUserIdProvider, SubjectUserIdProvider>();
// Mvc
services.AddMvc();
// Hosted Services
services.AddHostedService<TimedHostedService>();
}
public void Configure(
IApplicationBuilder app,
IHostingEnvironment env,
ILoggerFactory loggerFactory,
IApplicationLifetime appLifetime,
GlobalSettings globalSettings)
{
IdentityModelEventSource.ShowPII = true;
loggerFactory.AddSerilog(app, env, appLifetime, globalSettings, (e) =>
{
var context = e.Properties["SourceContext"].ToString();
if(context.Contains("IdentityServer4.Validation.TokenValidator") ||
context.Contains("IdentityServer4.Validation.TokenRequestValidator"))
{
return e.Level > LogEventLevel.Error;
}
return e.Level >= LogEventLevel.Error;
});
if(env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
// Default Middleware
app.UseDefaultMiddleware(env);
// Add Cors
app.UseCors(policy => policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials());
// Add authentication to the request pipeline.
app.UseAuthentication();
// Add SignlarR
app.UseSignalR(routes =>
{
routes.MapHub<SyncHub>("/sync");
});
// Add MVC to the request pipeline.
app.UseMvc();
}
}
}

View File

@ -0,0 +1,13 @@
using IdentityModel;
using Microsoft.AspNetCore.SignalR;
namespace Bit.Hub
{
public class SubjectUserIdProvider : IUserIdProvider
{
public string GetUserId(HubConnectionContext connection)
{
return connection.User?.FindFirst(JwtClaimTypes.Subject)?.Value;
}
}
}

33
src/Hub/SyncHub.cs Normal file
View File

@ -0,0 +1,33 @@
using System;
using System.Threading.Tasks;
using Bit.Core;
using Microsoft.AspNetCore.Authorization;
namespace Bit.Hub
{
[Authorize("Application")]
public class SyncHub : Microsoft.AspNetCore.SignalR.Hub
{
public override async Task OnConnectedAsync()
{
var currentContext = new CurrentContext();
currentContext.Build(Context.User);
foreach(var org in currentContext.Organizations)
{
await Groups.AddToGroupAsync(Context.ConnectionId, $"Organization_{org.Id}");
}
await base.OnConnectedAsync();
}
public override async Task OnDisconnectedAsync(Exception exception)
{
var currentContext = new CurrentContext();
currentContext.Build(Context.User);
foreach(var org in currentContext.Organizations)
{
await Groups.RemoveFromGroupAsync(Context.ConnectionId, $"Organization_{org.Id}");
}
await base.OnDisconnectedAsync(exception);
}
}
}

View File

@ -0,0 +1,47 @@
using System;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.AspNetCore.SignalR;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
namespace Bit.Hub
{
public class TimedHostedService : IHostedService, IDisposable
{
private readonly ILogger _logger;
private readonly IHubContext<SyncHub> _hubContext;
private Timer _timer;
public TimedHostedService(ILogger<TimedHostedService> logger, IHubContext<SyncHub> hubContext)
{
_logger = logger;
_hubContext = hubContext;
}
public Task StartAsync(CancellationToken cancellationToken)
{
_logger.LogInformation("Timed Background Service is starting.");
_timer = new Timer(DoWork, null, TimeSpan.Zero, TimeSpan.FromSeconds(5));
return Task.CompletedTask;
}
private void DoWork(object state)
{
_logger.LogInformation("Timed Background Service is working.");
_hubContext.Clients.All.SendAsync("ReceiveMessage", "From BG!!");
}
public Task StopAsync(CancellationToken cancellationToken)
{
_logger.LogInformation("Timed Background Service is stopping.");
_timer?.Change(Timeout.Infinite, 0);
return Task.CompletedTask;
}
public void Dispose()
{
_timer?.Dispose();
}
}
}

View File

@ -0,0 +1,14 @@
{
"globalSettings": {
"baseServiceUri": {
"vault": "https://vault.bitwarden.com",
"api": "https://api.bitwarden.com",
"identity": "https://identity.bitwarden.com",
"admin": "https://admin.bitwarden.com",
"internalAdmin": "https://admin.bitwarden.com",
"internalIdentity": "https://identity.bitwarden.com",
"internalApi": "https://api.bitwarden.com",
"internalVault": "https://vault.bitwarden.com"
}
}
}

35
src/Hub/appsettings.json Normal file
View File

@ -0,0 +1,35 @@
{
"globalSettings": {
"selfHosted": false,
"projectName": "Hub",
"baseServiceUri": {
"vault": "https://localhost:8080",
"api": "http://localhost:4000",
"identity": "http://localhost:33656",
"admin": "http://localhost:62911",
"internalAdmin": "http://localhost:62911",
"internalIdentity": "http://localhost:33656",
"internalApi": "http://localhost:4000",
"internalVault": "http://localhost:4001"
},
"sqlServer": {
"connectionString": "SECRET"
},
"identityServer": {
"certificateThumbprint": "SECRET"
},
"storage": {
"connectionString": "SECRET"
},
"events": {
"connectionString": "SECRET"
},
"documentDb": {
"uri": "SECRET",
"key": "SECRET"
},
"sentry": {
"dsn": "SECRET"
}
}
}