FIDO U2F facet fiel headers

2025-02-22 02:51:33 +01:00 · 2017-08-08 12:29:59 -04:00 · 2017-08-08 12:29:59 -04:00 · e70323b59e
commit e70323b59e
parent 0a12006d32
2 changed files with 35 additions and 0 deletions
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@ -125,6 +125,11 @@ http {
  # for the check. It is best if you enable this in a location{} block for
  # a specific directory, or on an individual server{} level.
  # gzip_static on;
+  
+  # Content type for FIDO U2F facets
+  map $uri $fido_content_type {
+    default "application/fido.trusted-apps+json";
+  }

  # Include files in the sites-enabled folder. server{} configuration files should be
  # placed in the sites-available folder, and then the configuration should be enabled
--- a/util/Setup/Program.cs
+++ b/util/Setup/Program.cs
@ -145,6 +145,13 @@ server {{
        proxy_redirect off;
    }}

+    location = /app-id.json {{
+        proxy_pass http://web/app-id.json;
+        proxy_hide_header Content-Type;
+        add_header Content-Type $fido_content_type;
+        proxy_redirect off;
+    }}
+
    location /api/ {{
        proxy_pass http://api/;
        proxy_set_header X-Real-IP $remote_addr;
@ -209,6 +216,29 @@ SA_PASSWORD={dbPass}");
            }
        }

+        private static void BuildAppId()
+        {
+            Directory.CreateDirectory("/bitwarden/web/");
+            using(var sw = File.CreateText("/bitwarden/web/app-id.json"))
+            {
+                sw.Write($@"{{
+  ""trustedFacets"": [
+    {{
+      ""version"": {{
+        ""major"": 1,
+        ""minor"": 0
+      }},
+      ""ids"": [
+        ""{_url}"",
+        ""ios:bundle-id:com.8bit.bitwarden"",
+        ""android:apk-key-hash:dUGFzUzf3lmHSLBDBIv+WaFyZMI""
+      ]
+    }}
+  ]
+}}");
+            }
+        }
+
        private static IDictionary<string, string> ParseParameters()
        {
            var dict = new Dictionary<string, string>();