1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-29 13:25:17 +01:00

update libs, aspnet core 20, & id server 2.0

This commit is contained in:
Kyle Spearrin 2017-10-06 11:38:47 -04:00
parent 5db8649b44
commit f2183246d2
12 changed files with 72 additions and 81 deletions

View File

@ -13,13 +13,13 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" /> <PackageReference Include="Microsoft.AspNetCore" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" /> <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.2" /> <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" /> <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="2.0.0" />
<PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="1.1.2" /> <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="2.0.0" />
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="1.2.1" /> <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.0.0" />
<PackageReference Include="System.Net.Http" Version="4.3.2" /> <PackageReference Include="System.Net.Http" Version="4.3.3" />
</ItemGroup> </ItemGroup>
<ItemGroup Condition=" '$(TargetFramework)' == 'net461' "> <ItemGroup Condition=" '$(TargetFramework)' == 'net461' ">

View File

@ -19,6 +19,7 @@ using Serilog.Events;
using Stripe; using Stripe;
using Bit.Core.Utilities; using Bit.Core.Utilities;
using IdentityModel; using IdentityModel;
using IdentityServer4.AccessTokenValidation;
namespace Bit.Api namespace Bit.Api
{ {
@ -75,18 +76,27 @@ namespace Bit.Api
// Identity // Identity
services.AddCustomIdentityServices(globalSettings); services.AddCustomIdentityServices(globalSettings);
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
options.NameClaimType = ClaimTypes.Email;
options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString("Bearer", "access_token");
});
services.AddAuthorization(config => services.AddAuthorization(config =>
{ {
config.AddPolicy("Application", policy => config.AddPolicy("Application", policy =>
{ {
policy.AddAuthenticationSchemes("Bearer", "Bearer3");
policy.RequireAuthenticatedUser(); policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application"); policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
policy.RequireClaim(JwtClaimTypes.Scope, "api"); policy.RequireClaim(JwtClaimTypes.Scope, "api");
}); });
config.AddPolicy("Web", policy => config.AddPolicy("Web", policy =>
{ {
policy.AddAuthenticationSchemes("Bearer", "Bearer3");
policy.RequireAuthenticatedUser(); policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application"); policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
policy.RequireClaim(JwtClaimTypes.Scope, "api"); policy.RequireClaim(JwtClaimTypes.Scope, "api");
@ -178,32 +188,11 @@ namespace Bit.Api
// Add Cors // Add Cors
app.UseCors("All"); app.UseCors("All");
// Add IdentityServer to the request pipeline.
app.UseIdentityServerAuthentication(GetIdentityOptions(env, globalSettings, string.Empty));
app.UseIdentityServerAuthentication(GetIdentityOptions(env, globalSettings, "3"));
// Add current context // Add current context
app.UseMiddleware<CurrentContextMiddleware>(); app.UseMiddleware<CurrentContextMiddleware>();
// Add MVC to the request pipeline. // Add MVC to the request pipeline.
app.UseMvc(); app.UseMvc();
} }
private IdentityServerAuthenticationOptions GetIdentityOptions(IHostingEnvironment env,
GlobalSettings globalSettings, string suffix)
{
var options = new IdentityServerAuthenticationOptions
{
Authority = globalSettings.BaseServiceUri.InternalIdentity,
AllowedScopes = new string[] { "api", "api.push", "api.licensing" },
RequireHttpsMetadata = !env.IsDevelopment() && globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https"),
NameClaimType = ClaimTypes.Email,
// Suffix until we retire the old jwt schemes.
AuthenticationScheme = $"Bearer{suffix}",
TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString($"Bearer{suffix}", $"access_token{suffix}")
};
return options;
}
} }
} }

View File

@ -5,6 +5,7 @@ using Microsoft.Net.Http.Headers;
using System; using System;
using System.IO; using System.IO;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.Extensions.Primitives;
namespace Bit.Api.Utilities namespace Bit.Api.Utilities
{ {
@ -30,7 +31,7 @@ namespace Bit.Api.Utilities
if(ContentDispositionHeaderValue.TryParse(section.ContentDisposition, out var content) && if(ContentDispositionHeaderValue.TryParse(section.ContentDisposition, out var content) &&
HasFileContentDisposition(content)) HasFileContentDisposition(content))
{ {
var fileName = HeaderUtilities.RemoveQuotes(content.FileName) ?? string.Empty; var fileName = HeaderUtilities.RemoveQuotes(content.FileName).ToString();
using(section.Body) using(section.Body)
{ {
await callback(section.Body, fileName); await callback(section.Body, fileName);
@ -52,7 +53,7 @@ namespace Bit.Api.Utilities
private static string GetBoundary(MediaTypeHeaderValue contentType, int lengthLimit) private static string GetBoundary(MediaTypeHeaderValue contentType, int lengthLimit)
{ {
var boundary = HeaderUtilities.RemoveQuotes(contentType.Boundary); var boundary = HeaderUtilities.RemoveQuotes(contentType.Boundary);
if(string.IsNullOrWhiteSpace(boundary)) if(StringSegment.IsNullOrEmpty(boundary))
{ {
throw new InvalidDataException("Missing content-type boundary."); throw new InvalidDataException("Missing content-type boundary.");
} }
@ -62,14 +63,14 @@ namespace Bit.Api.Utilities
throw new InvalidDataException($"Multipart boundary length limit {lengthLimit} exceeded."); throw new InvalidDataException($"Multipart boundary length limit {lengthLimit} exceeded.");
} }
return boundary; return boundary.ToString();
} }
private static bool HasFileContentDisposition(ContentDispositionHeaderValue content) private static bool HasFileContentDisposition(ContentDispositionHeaderValue content)
{ {
// Content-Disposition: form-data; name="myfile1"; filename="Misc 002.jpg" // Content-Disposition: form-data; name="myfile1"; filename="Misc 002.jpg"
return content != null && content.DispositionType.Equals("form-data") && return content != null && content.DispositionType.Equals("form-data") &&
(!string.IsNullOrEmpty(content.FileName) || !string.IsNullOrEmpty(content.FileNameStar)); (!StringSegment.IsNullOrEmpty(content.FileName) || !StringSegment.IsNullOrEmpty(content.FileNameStar));
} }
} }
} }

View File

@ -13,11 +13,11 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" /> <PackageReference Include="Microsoft.AspNetCore" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" /> <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" /> <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="2.0.0" />
<PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="1.1.2" /> <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="2.0.0" />
<PackageReference Include="System.Net.Http" Version="4.3.2" /> <PackageReference Include="System.Net.Http" Version="4.3.3" />
</ItemGroup> </ItemGroup>
<ItemGroup Condition=" '$(TargetFramework)' == 'net461' "> <ItemGroup Condition=" '$(TargetFramework)' == 'net461' ">

View File

@ -49,31 +49,31 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="AspNetCoreRateLimit" Version="1.0.5" /> <PackageReference Include="Microsoft.AspNetCore.DataProtection.AzureStorage" Version="2.0.0" />
<PackageReference Include="Braintree" Version="3.8.0" /> <PackageReference Include="Microsoft.AspNetCore.HttpOverrides" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Identity" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Abstractions" Version="2.0.0" />
<PackageReference Include="AspNetCoreRateLimit" Version="2.1.0" />
<PackageReference Include="Braintree" Version="3.9.0" />
<PackageReference Include="CommonMark.NET" Version="0.15.1" /> <PackageReference Include="CommonMark.NET" Version="0.15.1" />
<PackageReference Include="Dapper" Version="1.50.4-alpha1-00070" /> <PackageReference Include="Dapper" Version="1.50.4-alpha1-00070" />
<PackageReference Include="IdentityServer4" Version="1.5.2" /> <PackageReference Include="IdentityServer4" Version="2.0.0" />
<PackageReference Include="IdentityServer4.AspNetIdentity" Version="1.0.1" /> <PackageReference Include="IdentityServer4.AspNetIdentity" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.DataProtection.AzureStorage" Version="1.0.2" /> <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.HttpOverrides" Version="1.1.2" /> <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Identity" Version="1.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Abstractions" Version="1.1.3" />
<PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="1.1.2" />
<PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="1.1.2" />
<PackageReference Include="Newtonsoft.Json" Version="10.0.3" /> <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
<PackageReference Include="Portable.BouncyCastle" Version="1.8.1.2" /> <PackageReference Include="Portable.BouncyCastle" Version="1.8.1.3" />
<PackageReference Include="RazorLight" Version="1.1.0" /> <PackageReference Include="RazorLight" Version="1.1.0" />
<PackageReference Include="Sendgrid" Version="9.7.0" /> <PackageReference Include="Sendgrid" Version="9.9.0" />
<PackageReference Include="Serilog.Extensions.Logging" Version="1.4.0" /> <PackageReference Include="Serilog.Extensions.Logging" Version="2.0.2" />
<PackageReference Include="Serilog.Extensions.Logging.File" Version="1.1.0" /> <PackageReference Include="Serilog.Extensions.Logging.File" Version="1.1.0" />
<PackageReference Include="Serilog.Sinks.AzureDocumentDB" Version="3.6.1" /> <PackageReference Include="Serilog.Sinks.AzureDocumentDB" Version="3.7.0" />
<PackageReference Include="Stripe.net" Version="10.4.0" /> <PackageReference Include="Stripe.net" Version="10.4.0" />
<PackageReference Include="U2F.Core" Version="1.0.3" /> <PackageReference Include="U2F.Core" Version="1.0.3" />
<PackageReference Include="WindowsAzure.Storage" Version="8.3.0" /> <PackageReference Include="WindowsAzure.Storage" Version="8.4.0" />
<PackageReference Include="Otp.NET" Version="1.0.1" /> <PackageReference Include="Otp.NET" Version="1.1.0" />
<PackageReference Include="YubicoDotNetClient" Version="1.2.0" /> <PackageReference Include="YubicoDotNetClient" Version="1.2.0" />
</ItemGroup> </ItemGroup>
@ -82,7 +82,7 @@
<Reference Include="System.Data" /> <Reference Include="System.Data" />
<Reference Include="System" /> <Reference Include="System" />
<Reference Include="Microsoft.CSharp" /> <Reference Include="Microsoft.CSharp" />
<PackageReference Include="Microsoft.Azure.NotificationHubs" Version="1.0.8" /> <PackageReference Include="Microsoft.Azure.NotificationHubs" Version="1.0.9" />
</ItemGroup> </ItemGroup>
<ItemGroup Condition=" '$(TargetFramework)' == 'netcoreapp2.0' "> <ItemGroup Condition=" '$(TargetFramework)' == 'netcoreapp2.0' ">

View File

@ -5,9 +5,7 @@ using Bit.Core.Repositories;
using Bit.Core.Services; using Bit.Core.Services;
using System.Security.Claims; using System.Security.Claims;
using System.Collections.Generic; using System.Collections.Generic;
using Microsoft.AspNetCore.Builder;
using System.Linq; using System.Linq;
using Microsoft.Extensions.Options;
using System; using System;
using IdentityModel; using IdentityModel;
@ -19,20 +17,17 @@ namespace Bit.Core.IdentityServer
private readonly IUserRepository _userRepository; private readonly IUserRepository _userRepository;
private readonly IOrganizationUserRepository _organizationUserRepository; private readonly IOrganizationUserRepository _organizationUserRepository;
private readonly ILicensingService _licensingService; private readonly ILicensingService _licensingService;
private IdentityOptions _identityOptions;
public ProfileService( public ProfileService(
IUserRepository userRepository, IUserRepository userRepository,
IUserService userService, IUserService userService,
IOrganizationUserRepository organizationUserRepository, IOrganizationUserRepository organizationUserRepository,
ILicensingService licensingService, ILicensingService licensingService)
IOptions<IdentityOptions> identityOptionsAccessor)
{ {
_userRepository = userRepository; _userRepository = userRepository;
_userService = userService; _userService = userService;
_organizationUserRepository = organizationUserRepository; _organizationUserRepository = organizationUserRepository;
_licensingService = licensingService; _licensingService = licensingService;
_identityOptions = identityOptionsAccessor?.Value ?? new IdentityOptions();
} }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) public async Task GetProfileDataAsync(ProfileDataRequestContext context)
@ -49,7 +44,7 @@ namespace Bit.Core.IdentityServer
new Claim("premium", isPremium ? "true" : "false", ClaimValueTypes.Boolean), new Claim("premium", isPremium ? "true" : "false", ClaimValueTypes.Boolean),
new Claim(JwtClaimTypes.Email, user.Email), new Claim(JwtClaimTypes.Email, user.Email),
new Claim(JwtClaimTypes.EmailVerified, user.EmailVerified ? "true" : "false", ClaimValueTypes.Boolean), new Claim(JwtClaimTypes.EmailVerified, user.EmailVerified ? "true" : "false", ClaimValueTypes.Boolean),
new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp) new Claim("sstamp", user.SecurityStamp)
}); });
if(!string.IsNullOrWhiteSpace(user.Name)) if(!string.IsNullOrWhiteSpace(user.Name))
@ -101,14 +96,13 @@ namespace Bit.Core.IdentityServer
newClaims.AddRange(existingClaimsToKeep); newClaims.AddRange(existingClaimsToKeep);
if(newClaims.Any()) if(newClaims.Any())
{ {
context.AddFilteredClaims(newClaims); context.AddRequestedClaims(newClaims);
} }
} }
public async Task IsActiveAsync(IsActiveContext context) public async Task IsActiveAsync(IsActiveContext context)
{ {
var securityTokenClaim = context.Subject?.Claims.FirstOrDefault(c => var securityTokenClaim = context.Subject?.Claims.FirstOrDefault(c => c.Type == "sstamp");
c.Type == _identityOptions.ClaimsIdentity.SecurityStampClaimType);
var user = await _userService.GetUserByPrincipalAsync(context.Subject); var user = await _userService.GetUserByPrincipalAsync(context.Subject);
if(user != null && securityTokenClaim != null) if(user != null && securityTokenClaim != null)

View File

@ -204,7 +204,7 @@ namespace Bit.Core.Utilities
if(env.IsDevelopment()) if(env.IsDevelopment())
{ {
identityServerBuilder.AddTemporarySigningCredential(); identityServerBuilder.AddDeveloperSigningCredential(false);
} }
else if(!string.IsNullOrWhiteSpace(globalSettings.IdentityServer.CertificatePassword) else if(!string.IsNullOrWhiteSpace(globalSettings.IdentityServer.CertificatePassword)
&& File.Exists("identity.pfx")) && File.Exists("identity.pfx"))

View File

@ -13,9 +13,9 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" /> <PackageReference Include="Microsoft.AspNetCore" Version="2.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" /> <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="2.0.0" />
<PackageReference Include="System.Net.Http" Version="4.3.2" /> <PackageReference Include="System.Net.Http" Version="4.3.3" />
</ItemGroup> </ItemGroup>
</Project> </Project>

View File

@ -15,8 +15,8 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" /> <PackageReference Include="Microsoft.AspNetCore" Version="2.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" /> <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="2.0.0" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>

View File

@ -1,4 +1,6 @@
using Microsoft.AspNetCore.Hosting.Server; using System.Threading;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Hosting.Server;
using Microsoft.AspNetCore.Http.Features; using Microsoft.AspNetCore.Http.Features;
namespace Bit.Jobs namespace Bit.Jobs
@ -10,7 +12,14 @@ namespace Bit.Jobs
public void Dispose() public void Dispose()
{ } { }
public void Start<TContext>(IHttpApplication<TContext> application) public Task StartAsync<TContext>(IHttpApplication<TContext> application, CancellationToken cancellationToken)
{ } {
return Task.FromResult(0);
}
public Task StopAsync(CancellationToken cancellationToken)
{
return Task.FromResult(0);
}
} }
} }

View File

@ -4,7 +4,7 @@
<RootNamespace>Bit.Function</RootNamespace> <RootNamespace>Bit.Function</RootNamespace>
</PropertyGroup> </PropertyGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.NET.Sdk.Functions" Version="1.0.2" /> <PackageReference Include="Microsoft.NET.Sdk.Functions" Version="1.0.5" />
<PackageReference Include="Newtonsoft.Json" Version="10.0.3" /> <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>

View File

@ -13,9 +13,7 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Server.IISIntegration" Version="1.1.2" /> <PackageReference Include="Microsoft.AspNetCore.All" Version="2.0.0" />
<PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="1.1.2" />
<PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.2" />
</ItemGroup> </ItemGroup>
</Project> </Project>