Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-25 12:45:18 +01:00
Code Issues Projects Releases Wiki Activity
3,473 Commits 297 Branches 181 Tags 66 MiB
1cad0268c0
Commit Graph

2522 Commits

Author SHA1 Message Date
Vincent Salucci
70f5fd5030
[Policy] Personal Ownership (#1013) 
* Initial commit of disable personal vault policy

* Added new sproc // updated policy check (was missing conditionals)

* Updated DeMorgan's law logic
 2020-12-11 10:45:26 -06:00
Addison Beck
fee5c932db
started charging sales tax on seat/storage upgrades and auto renewals (#1034) 
* started charging sales tax on seat/storage upgrades and auto renewals

* Code review fixes for auto-renewing subscriptions charging sales tax
 2020-12-09 14:04:46 -05:00
Kyle Spearrin
01d4d97ef1
Ensure that users are confirmed status (#1033) 2020-12-09 12:04:14 -05:00
Matt Gibson
7eaf7ab770
[Bug] Fix cipher clone yielding incorrect RevisionDate (#1031) 
* Fix cipher clone yielding incorrect RevisionDate

* PR fixes

Co-authored-by: Matt Gibson <mdgibson@Matts-MBP.lan>
 2020-12-07 19:35:34 -06:00
Addison Beck
085987d2f1
fixed a broken link and removed a duplicate property (#1029) 2020-12-07 09:18:25 -05:00
Vincent Salucci
09aea4ed38
[Bug] Improve SSO user provision flow (#1022) 
* Initial commit of provisioning updates

* Updated strings

* removed extra BANG

* Separated orgUsers db lookup - prioritized existing user Id

* Updated create sso record method // Added sproc for org/email retrieval
 2020-12-04 16:45:54 -06:00
Addison Beck
ea5ce21e50
added sales tax table and procedure to sql project (#1026) 2020-12-04 12:39:28 -05:00
Addison Beck
b877c25234
Implemented tax collection for subscriptions (#1017) 
* Implemented tax collection for subscriptions

* Cleanup for Sales Tax

* Cleanup for Sales Tax

* Changes a constraint to an index for checking purposes

* Added and implemented a ReadById method for TaxRate

* Code review fixes for Tax Rate implementation

* Code review fixes for Tax Rate implementation

* Made the SalesTax migration script rerunnable
 2020-12-04 12:05:16 -05:00
Chad Scharf
9e1bf3d584
version bump 1.38.2 (#1023) 2020-12-03 22:06:36 -05:00
Chad Scharf
77e704e620
ensure fail isn't overwritten with success result (#1018) 2020-12-02 17:15:21 -05:00
Chad Scharf
36195eb0c9
disable send for release (#1019) 2020-12-02 17:15:08 -05:00
Kyle Spearrin
c0781db333
return ProfileOrganizationResponseModel for /organizations (#1016) 2020-12-01 16:43:07 -05:00
Kyle Spearrin
c0defd8971
require device info when authing (#1014) 2020-12-01 16:42:41 -05:00
Matt Gibson
edf30974dc
Validate cipher updates with revision date (#994) 
* Add last updated validation to cipher replacements

* Add AutoFixture scaffolding.

AutoDataAttributes and ICustomizations are meant to automatically
produce valid test input. Examples are the Cipher customizations,
which enforce the model's mutual exclusivity of UserId and
OrganizationId.

FixtureExtensions create a fluent way to generate SUTs. We currently
use parameter injection to fascilitate service testing, which is nicely
handled by AutoNSubstitute. However, in order to gain access to the
substitutions, we need to Freeze them onto the Fixture. The For fluent
method allows specifying a Freeze to a specific type's constructor and
optionally to a parameter name in that constructor.

* Unit tests for single Cipher update version checks

* Fix test runner

Test runner requires Microsoft.NET.Test.Sdk

* Move to provider model for SUT generation

This model differs from previous in that you no longer need to specify
which dependencies you would like access to. Instead, all are
remembered and can be queried through the sutProvider.

* User cipher provided by Put method reads

Every put method already reads all relevant ciphers from database,
there's no need to re-read them.

JSON serialization of datetimes seems to leave truncate at second
precision. Verify last known date time is within one second rather than
exact.

* validate revision date for share many requests

* Update build script to use Github environment path

Co-authored-by: Matt Gibson <mdgibson@Matts-MBP.lan>
 2020-11-23 08:48:05 -06:00
Vincent Salucci
f311f40d93
Added OrgIdentifer to SetPasswordAsync // Added jit user two factor provider (#1009) 2020-11-22 08:46:44 -06:00
Kyle Spearrin
58eb0510ca
add sends to sync response (#1002) 2020-11-18 13:55:50 -05:00
Chad Scharf
faf909479e
re-enable send (#1004) 2020-11-18 12:43:58 -05:00
Kyle Spearrin
7405ccb007 bump version 2020-11-18 10:24:02 -05:00
Chad Scharf
80f2bf9260
Fix null email parameter from missing email claim (#993) 2020-11-13 11:26:05 -05:00
Addison Beck
fefa0e2dea
Dont run custom token logic for org based client_ids explicitly (#992) 
* Dont run custom token logic for org based client_ids explicitly

* org to organization
 2020-11-13 10:07:49 -05:00
Addison Beck
e35faf1335
Performed some null checks (#991) 2020-11-13 08:53:36 -05:00
Kyle Spearrin
ac1defc97a bump versions and disabled send creation 2020-11-12 21:43:10 -05:00
Addison Beck
dc69f4bd46
Changed the return type for BuildIdentityClaims() (#989) 2020-11-11 10:56:22 -05:00
Addison Beck
25a9991908
Implement User-based API Keys (#981) 
* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
 2020-11-10 15:15:29 -05:00
Vincent Salucci
d9cd7551fe
[Exemption] Updated policy messages (#984) 
* Updated messages // added exemption message // added callout

* updated strings - futureproofing
 2020-11-10 09:53:44 -06:00
Kyle Spearrin
26fb6fc3b7 remove premium checks for internal testing 2020-11-05 12:43:08 -05:00
Kyle Spearrin
82dd364e65
Send APIs (#979) 
* send work

* fix sql proj file

* update

* updates

* access id

* delete job

* fix delete job

* local send storage

* update sprocs for null checks
 2020-11-02 15:55:49 -05:00
Vincent Salucci
a5db233e51
[Require SSO] Added service layer dependent policy check (#977) 
* Added service layer dependent policy check

* Updated to SingleOrg
 2020-10-27 14:08:19 -05:00
Addison Beck
0eccfb8784
changed all OnlyOrg wording to be SingleOrg instead (#974) 
* changed all OnlyOrg wording to be SingleOrg instead

* missed an OnlyOrg to change to SingleOrg
 2020-10-27 10:28:41 -04:00
Vincent Salucci
66e44759f0
[Require SSO] Enterprise policy enforcement (#970) 
* Initial commit of require sso authentication policy enforcement

* Updated sproc to send UseSso flag // Updated base validator to send back error message // Added changes to EntityFramework (just so its there for the future

* Update policy name // adjusted conditional to demorgan's

* Updated sproc // Added migrator script

* Added .sql file extension to DeleteOrgUserWithOrg migrator script

* Added policy // edit // strings // validation to business portal

* Change requests from review // Added Owner & Admin exemption

* Updated repository function used to get org user's type

* Updated with requested changes
 2020-10-26 11:56:16 -05:00
Addison Beck
e872b4df9d
Only org policy (#962) 
* added OnlyOrg to PolicyType enum

* blocked accepting new org invitations if OnlyOrg is relevant to the userOrg

* blocked creating new orgs if already in an org with OnlyOrg enabled

* created email alert for OnlyOrg policy

* removed users & sent alerts when appropriate for the OnlyOrg policy

* added method to noop mail service

* cleanup for OnlyOrg policy server logic

* blocked confirming new org users if they have violated the OnlyOrg policy since accepting

* added localization strings needed for the OnlyOrg policy

* allowed OnlyOrg policy configuration from the portal

* used correct localization key for onlyorg

* formatting and messaging changes for OnlyOrg

* formatting

* messaging change

* code review changes for onlyorg

* slimmed down a conditional

* optimized getting many orgUser records from many userIds

* removed a test file

* sql formatting

* weirdness

* trying to resolve git diff formatting issues
 2020-10-20 02:48:10 -04:00
Vincent Salucci
50cf16a3fb
[SSO] New user provision flow (#945) 
* Initial commit of accept user during set password flow

* changed new org user from accepted to invited // moved another check to token accept function

* Revised some white space // Moved business logic to UserService

* Fixed UserServiceTest

* Removed some white-space

* Removed more white-space

* Final white-space issues
 2020-10-13 15:00:33 -05:00
Addison Beck
dfe5c571b9
Delete OrgUsers When Deleting An Org (#964) 
* deleted orgUsers when deleting an org

* sql formatting
 2020-10-13 11:26:55 -04:00
Chad Scharf
6227ddf304
Bump version: v1.37.2 (#961) 
* Bump version: v1.37.2

* Revert Docker version
 2020-10-09 10:48:11 -04:00
Addison Beck
9848f12638
enabled SSO when needed when upgrading from a free plan (#960) 2020-10-07 15:03:47 -04:00
Chad Scharf
a74778de3a
Update ACS path to embed Organization ID (#955) 2020-10-01 15:05:09 -04:00
Chad Scharf
3b8cbe631f
Implemented new OIDC redirect behavior (#954) 2020-09-29 17:06:17 -04:00
Kyle Spearrin
aa6bc164bb
support log filters for portal and sso (#948) 2020-09-22 10:32:14 -04:00
Addison Beck
845f9f5245
Fixed storage issue when upgrading from a free plan (#942) 2020-09-18 14:10:30 -04:00
Chad Scharf
a75077d703
Fixed resource and err msg for user provisioning (#939) 2020-09-16 15:02:18 -04:00
Kyle Spearrin
cf4fddfa21 bump version 2020-09-15 17:06:10 -04:00
Kyle Spearrin
1c6c599b8d
Created sso config service with save (#936) 2020-09-15 10:17:44 -04:00
Chad Scharf
692b3970af
SSO config revision date not updating fix (#934) 2020-09-14 21:22:24 -04:00
Vincent Salucci
c0e99d4047
Removed security stamp rotation during set-password SSO flow (#933) 2020-09-14 14:27:30 -05:00
Addison Beck
1880889325
added localization variables to sso account controller (#930) 
* added localization variables to sso account controller

* Used the correct method for server side localization
 2020-09-11 19:36:49 -04:00
Kyle Spearrin
82b6216e95
SetIdentityServerOrigin for all non-dev (#925) 2020-09-09 14:47:52 -04:00
Addison Beck
d7e45fe0a3
added server validation for plan selection (#924) 2020-09-09 12:10:33 -04:00
Chad Scharf
b429f6908d
Added X.509 cert validation copy value buttons (#923) 2020-09-09 11:32:33 -04:00
Kyle Spearrin
55e0f82139
use custom DiscoveryResponseGenerator on cloud too (#921) 2020-09-08 13:57:52 -04:00
Chad Scharf
a997440e3d
Added SP ACS URL to Config Screen (#920) 2020-09-08 13:04:26 -04:00
Kyle Spearrin
44c3dc4786 fix base seats on teams 2019 2020-09-07 09:19:33 -04:00
Addison Beck
a8277cc58b
updated stripe plan id for family (#916) 
* updated stripe plan id for family

* updated famiies 2020 plan plan id
 2020-09-06 00:48:04 -04:00
Kyle Spearrin
8deddfb466 add authenticatioon to fix DI errors 2020-09-05 23:38:47 -04:00
Chad Scharf
f27df01158
update portal landing page with tiles (#915) 2020-09-05 23:06:15 -04:00
Chad Scharf
c11af22010
version bump (#914) 
* version bump

* version bump
 2020-09-05 21:31:26 -04:00
Addison Beck
4b3abe6fb0
stopped manually encoding the SSO user_identifier (#913) 2020-09-04 14:16:49 -04:00
Kyle Spearrin
1c8744e4eb UseDeveloperExceptionPage only on dev 2020-09-04 12:32:18 -04:00
Chad Scharf
ed99b99bc1
Move SSO core to Core lib, new resource strings (#911) 
* Move SSO core to Core lib, new resource strings

* Missed resource strings for lookup
 2020-09-04 10:42:47 -04:00
Chad Scharf
43619ed933
Update favicon to new standard (#910) 2020-09-03 17:03:13 -04:00
Kyle Spearrin
ff4a025984
change response mode to form_post (#908) 2020-09-03 14:17:19 -04:00
Addison Beck
5842284915
added custom plan item to the static store (#907) 2020-09-02 15:52:45 -04:00
Chad Scharf
f15768db62
GlobalSettings SSO cache timeout setting in sec (#906) 
* GlobalSettings SSO cache timeout setting in sec

* Rename cache duration/lifetime property
 2020-09-02 14:51:53 -04:00
Chad Scharf
055fa4b86f
New resource strings for SSO and Redirect pages (#905) 2020-09-02 14:13:27 -04:00
Kyle Spearrin
8510a753a8
delete sso config when deleting org (#904) 
* delete ssouser on org and user delete

* delete sso config when deleting org
 2020-09-02 10:48:15 -04:00
Kyle Spearrin
47224913d4
delete ssouser on org and user delete (#902) 2020-09-01 16:05:37 -04:00
Kyle Spearrin
9faa9406a6
delete sso user when deleting org user (#901) 2020-09-01 15:07:47 -04:00
Kyle Spearrin
4439e6b25e use internal URL 2020-09-01 12:28:03 -04:00
Kyle Spearrin
c6aaa1276d AdjustIdentityServerConfig for authorization_endpoint 2020-09-01 12:13:08 -04:00
Kyle Spearrin
44e886ae44 debugging 2020-09-01 11:39:06 -04:00
Kyle Spearrin
ba84c59b5d custom DiscoveryResponseGenerator and helpers 2020-09-01 07:38:36 -04:00
Kyle Spearrin
3ad1672f8a revert Authority to InternalSso 2020-08-31 21:03:33 -04:00
Kyle Spearrin
1f086a1193 get rid of SetIdentityServerOrigin 2020-08-31 20:22:47 -04:00
Kyle Spearrin
613edab908 adjusting config 2020-08-31 18:25:27 -04:00
Kyle Spearrin
aa67de64c4 dont set SetIdentityServerOrigin for identity 2020-08-31 18:19:23 -04:00
Kyle Spearrin
ed9599b9fc fix SetIdentityServerOrigin 2020-08-31 16:19:34 -04:00
Kyle Spearrin
41908b7b68 SetIdentityServerOrigin 2020-08-31 16:06:24 -04:00
Kyle Spearrin
31e4db250b init OpenIdConnectConfiguration 2020-08-31 15:43:47 -04:00
Kyle Spearrin
9b02c2adb5 try explicitly setting AuthorizationEndpoint 2020-08-31 15:35:13 -04:00
Kyle Spearrin
b848e9e22c fix MetadataAddress 2020-08-28 21:28:47 -04:00
Kyle Spearrin
5a5b9163bf use internal sso for metadata address 2020-08-28 21:14:03 -04:00
Kyle Spearrin
f831e1f0f0 use sso external URL 2020-08-28 20:52:06 -04:00
Kyle Spearrin
39df8611e1 swap around sso service uris 2020-08-28 20:36:02 -04:00
Kyle Spearrin
7a72da5725 fix deprecated mailkit MailboxAddress ctor 2020-08-28 14:21:16 -04:00
Kyle Spearrin
9be30793b9 UsePathBase for identity server 2020-08-28 13:46:38 -04:00
Kyle Spearrin
38728143d8
Added static client store (#899) 2020-08-28 13:32:15 -04:00
Chad Scharf
db7d05b52f
Added PreValidate endpoint on Account controller (#896) 
* Added PreValidate endpoint on Account controller

* Fixed IHttpClientFactory implementation

* Core localization and org sproc fix

* Pass culture, fixed sso middleware bug
 2020-08-28 12:14:23 -04:00
Kyle Spearrin
303b9a7875
Allow org update api on self hosted for identifier only (#898) 2020-08-28 11:22:19 -04:00
Matt Smith
00a1e8e833
Add UseBusinessPortal to OrgUserOrgDetails. (#894) 2020-08-27 11:11:59 -05:00
Kyle Spearrin
614859a8bc add missing baseServiceUris 2020-08-26 15:09:51 -04:00
Addison Beck
59f8467f7c
Create sso user api (#886) 
* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
 2020-08-26 14:12:04 -04:00
Kyle Spearrin
7cc9ce7bd5
check bitpay invoice status of complete (#892) 2020-08-26 11:35:38 -04:00
Chad Scharf
1c04e30689
Requested configuration cleanup for sso (#891) 2020-08-26 08:45:10 -04:00
Kyle Spearrin
2cd6d4f61a
plan adjustments (#890) 2020-08-25 14:23:36 -04:00
Chad Scharf
2fb18d8cf2
Extracted logic to get Identity cert (#889) 2020-08-25 13:15:59 -04:00
Kyle Spearrin
66e67d2172
map plantype to old strings for license hash (#882) 2020-08-21 17:44:45 -04:00
Kyle Spearrin
e41aca81de
allows dev runs to load a common idserv cert (#881) 2020-08-21 11:58:22 -04:00
Kyle Spearrin
a8c20d1c32
pass down version properly to generate license (#880) 2020-08-20 10:12:27 -04:00
Contribucious
8383a0866f
Add Yandex to global equivalent domains list (#876) 
* [enum] Add Yandex to global equivalent domains list

Exhaustive list of Yandex domain names obtained by contacting their support.

* [Dictionary] Add Yandex to global equivalent domains list

Exhaustive list of Yandex domain names obtained by contacting their support.
 2020-08-19 18:09:39 -04:00
Chad Scharf
8884157427
Added get for sso config repo by revision date (#878) 2020-08-19 13:35:17 -04:00
Contribucious
80f57d22a7
Remove amazon.co.nz from Amazon equivalent domains (redirect) (#875) 
After further research, amazon.co.nz has never been more than a redirect (in order: to amazon.com, amazon.co.uk then back to amazon.com). See PR for more information.
 2020-08-18 18:42:10 -04:00
Kyle Spearrin
2872bda6fe
tool to generate licenses (#874) 
* tool to generate licenses

* code review feedback
 2020-08-18 17:00:21 -04:00
Addison Beck
c65c52d997
Plan updates cleanup (#872) 
* updated teams feature set for new plans

* removed whitespace

* alphabatized some properties
 2020-08-17 10:45:37 -04:00
Kyle Spearrin
d190c4bd0f
Update APIs to collect other set password info (#870) 2020-08-17 10:40:35 -04:00
Contribucious
af85e17486
[Equivalent domains] Fix for the special case "eBay India" (#871) 
See explanations in the PR.
 2020-08-17 09:46:17 -04:00
Contribucious
2c430190cb
Add all missing entries to Ebay equivalent domains (#869) 
(+ sort the Ebay list alphabetically)
 2020-08-14 09:54:05 -04:00
Chad Scharf
38f7fff2f9
Added new SAML2 enums for configuration (#868) 2020-08-13 20:11:23 -04:00
Contribucious
6aed80a67d
Add amazon.{com.br, sa} to Amazon equivalent domains (#864) 
(+ sort the Amazon list alphabetically)
 2020-08-13 17:38:32 -04:00
Kyle Spearrin
cd926ca8f6
allow user registration for sso (#865) 2020-08-13 17:30:10 -04:00
Kyle Spearrin
4d8090d75e
Fix 2fa dictionary on identity response (#863) 2020-08-13 16:04:50 -04:00
Kyle Spearrin
783b4804ec
SSO support (#862) 
* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
 2020-08-12 17:03:09 -04:00
Kyle Spearrin
056b4b9bf4
add api support for updating org identifier (#861) 
* add api support for updating org identifier

* add identifier to response as well

* implement in EF repo
 2020-08-12 16:38:22 -04:00
Addison Beck
c8220fdfa6
Plan And Price Updates (#859) 
* Expanded the Plan model to make plan & product data a bit more dynamic 
* Created a Product enum to track versioned instances of the same plan
* Created and API call and Response model for getting plan & product data from the server
 2020-08-11 14:19:56 -04:00
Timo N
61b11e398b
Added netcup to global equivalent domains list (#600) 2020-08-11 09:06:57 -04:00
Chad Scharf
5878d1b0db
Ref event should be base64 encoded (#853) 2020-08-06 20:29:35 -04:00
Jeremy Lin
562082e9ca
Add a complete list of Eventbrite equivalent domains (#851) 
This list was extracted using:

$ curl -s https://www.eventbrite.com/ |
    tr '"' '\n' |
    grep -o 'www\.eventbrite\.[^/]*' |
    sed 's/www\.//' |
    sort -u
 2020-08-06 14:07:45 -04:00
Kyle Spearrin
004e3c58ee
added more client redirect uris for clis (#849) 2020-08-05 10:53:55 -04:00
Kyle Spearrin
44717b2d4c remove non-verified eventbrite equivalent domains 2020-08-04 08:02:44 -04:00
Chad Scharf
b5ac20ec9f
Correct connection string for res queue (#847) 2020-08-03 15:22:38 -04:00
David Lemayian
ca224c1782
update welcome email download urls (#844) 
* update welcome email download urls

Very cool service! Noticed the download urls in the welcome email didn't take me to the downloads. Hope this fixes it?

* Update Welcome.html.hbs

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
 2020-08-01 16:18:40 -04:00
Kyle Spearrin
4df363aaa1
identityserver v4 cleanup (#843) 
* v4 cleanup

* idToken
 2020-07-31 09:45:36 -04:00
Kyle Spearrin
623cd36bd4
upgrade identity server 4 to v4 (#842) 
* upgrade identity server 4 to v4

* remove script ref
 2020-07-30 17:00:13 -04:00
Kyle Spearrin
f431b4ff67 version 1.36.1 bump 2020-07-29 10:35:12 -04:00
Kyle Spearrin
cf303f2f97
catch errors when trying to resolve DNS (#841) 2020-07-28 23:22:02 -04:00
Kyle Spearrin
aa1665065d
add missing RedirectUris (#840) 2020-07-28 22:49:13 -04:00
Kyle Spearrin
c53e8cbf9d
return if org user has sso binding (#839) 2020-07-28 21:11:45 -04:00
Kyle Spearrin
2c4752f4ac
Sso user table, model and repo stubbed out (#837) 
* Sso user table, model and repo stubbed out

* switch to nullable org id, bigint id

* update GetBySsoUserAsync

* cleanup migrator file

* fix EF user repo

* fix pg repo

* is `IS NULL` checks

* unique indexes

* update migration scripts

* add another unique index

* remove old script
 2020-07-28 10:03:09 -04:00
Kyle Spearrin
69e8860767
Assign usepolicies when upgrading (#838) 2020-07-28 09:28:11 -04:00
Kyle Spearrin
ca52da8698 bump version 2020-07-27 20:36:52 -04:00
Kyle Spearrin
5de236f294 update libs 2020-07-27 20:36:17 -04:00
Addison Beck
229478adae
Feature.web.534.allow multi select in org vault (#830) 
* Set up API methods for bulk admin delete
 2020-07-22 11:38:53 -05:00
Matt Portune
51fd87df0b
Added UseSso bool to Organization (#834) 
* Added UseSso bool to org

* Update fields in migration script

* bump version & check enabled flag on ssoConfig
 2020-07-22 09:38:39 -04:00
Kyle Spearrin
7bf559b4b6
Return continuation token (#833) 2020-07-21 20:19:53 -04:00
Chad Scharf
83e9468502
Transition reference id to data (#828) 
* Transition reference id to data

* field length and request model updates
 2020-07-20 15:19:46 -04:00
Kyle Spearrin
036b402e9f
update ip IsInternal() to account for missed ranges (#827) 
* update ip IsInternal() to account for missed ranges

* update with `::`
 2020-07-18 08:08:57 -04:00
François Van Ingelgom
aab6095073
Add support building from path that contains space (#815) 2020-07-17 08:28:31 -04:00
Kyle Spearrin
5892d52ed5 fix protocol 2020-07-16 08:03:57 -04:00
Kyle Spearrin
0d0c6c7167
sso integrations (#822) 
* stub out hybrid sso

* support for PKCE authorization_code clients

* sso service urls

* sso client key

* abstract request validator

* support for verifying password

* custom AuthorizationCodeStore that does not remove codes

* cleanup

* comment

* created master password

* ResetMasterPassword

* rename Sso client to OidcIdentity

* update env builder

* bitwarden sso project in docker-compose

* sso path in nginx config
 2020-07-16 08:01:39 -04:00
Chad Scharf
2742b414fd
reference event changes and cleanup (#823) 2020-07-15 12:38:45 -04:00
Vincent Salucci
a2b46daf59
Updated Kestrel application url to use IIS port (#820) 2020-07-14 09:36:38 -05:00
Matt Portune
92238eb0a9
Additional changes for enterprise portal sso config (#819) 
* Additional changes for enterprise portal sso config

* Requested changes

* rename enum to Saml2

* Limit to one SSO config per org
 2020-07-13 15:58:59 -04:00
Kyle Spearrin
8a46fcd301
Resolve host to check for private IP address (#812) 2020-07-07 19:47:12 -04:00
Chad Scharf
7af50172e0
Reference event service implementation (#811) 
* Reference event service implementation

* Fix IReferenceable implementation of Id

* add structure to event body
 2020-07-07 12:01:34 -04:00
Vincent Salucci
b4524fbcb6
Added BusinessPortal property for use on client side (#810) 2020-07-06 12:59:57 -05:00
Mart124
b6bea86216
Run jobs in local timezone (#808) 
* Run jobs in local timezone

* Run jobs in local timezone
 2020-07-03 22:48:40 -04:00
Chad Scharf
a37706eba1
Restore original collection method (#804) 2020-06-30 11:52:50 -04:00
Chad Scharf
d7b00f6c27
Subscription update to maintain auto charge (#803) 2020-06-29 20:29:19 -04:00
Kyle Spearrin
a64f4dd413 bump patch version 2020-06-29 10:17:09 -04:00
Kyle Spearrin
cc9d18f6d2
add missing [ViewPassword] true (#799) 2020-06-27 15:09:04 -04:00
Kyle Spearrin
6bc7a3cdc0
adjust cors origin checks (#800) 
* allow cors from bitwarden.com on cloud

* allow file:// cors for safari extension

* fix missing paren
 2020-06-27 15:08:50 -04:00
Matt Portune
0b1e49bc0a Remove Id from SsoConfig_Create sproc 2020-06-26 16:47:41 -04:00
Kyle Spearrin
b524029e5c bump dependency versions 2020-06-26 16:17:46 -04:00
Kyle Spearrin
1413eed32a bump version 2020-06-26 16:04:13 -04:00
Matt Portune
da9b81d552
Merge pull request #796 from bitwarden/sso-dal 
Additional SSO & Org Identifier work
 2020-06-26 10:47:17 -04:00
Matt Portune
bc5ea25d0b removed ssoConfig request/response models 2020-06-26 10:03:25 -04:00
Matt Portune
9f919bbea9 move Id assignment to after insert 2020-06-25 18:28:08 -04:00
Matt Portune
f46023f2f5 requested changes 2020-06-25 18:06:27 -04:00
Matt Portune
39a81af3e9 DAL & CRUD for SSO 2020-06-25 16:42:29 -04:00
Chad Scharf
47a6e607c6 Fixed validation error for Free org accounts 2020-06-25 15:58:08 -04:00
Chad Scharf
fca7b162bf Reference id storage and signup 2020-06-25 12:28:22 -04:00
Kyle Spearrin
f23a8edc45
Update stripe lib (#793) 2020-06-24 21:24:19 -04:00
Kyle Spearrin
8559e144c6 bump dependency minor/patch versions 2020-06-24 16:37:23 -04:00
Matt Portune
0f008435ba sproc tweak 2020-06-24 13:59:00 -04:00
Matt Portune
05891f2122 Requested updates 2020-06-24 12:24:36 -04:00
Matt Portune
09df3f64d3 Updates to SSO config DB setup 2020-06-23 23:54:27 -04:00
Kyle Spearrin
cf70a5e480
set cors policies to only allow web vault origin (#787) 
* set cors policy to only allow web vault

* vault cors policy service
 2020-06-23 18:47:53 -04:00
Matt Portune
6f53ef4847 formatting 2020-06-22 09:36:40 -04:00
Matt Portune
519226f824 formatting 2020-06-21 23:42:27 -04:00
Matt Portune
8e7cb082ad DB support for SSO config 2020-06-21 23:35:42 -04:00
Mike Hanson
398867a839 Parameterize AmazonSQSClient to allow testing 2020-06-18 10:16:23 -07:00
Chad Scharf
61b15c55d0
Merge pull request #782 from bitwarden/feature/tax-info-collection 
Combined tax updates with other operations
 2020-06-18 11:26:58 -04:00
Chad Scharf
0f28ac45f9 Consistency on TaxInfo use in service params 2020-06-18 10:41:55 -04:00
Kyle Spearrin
aeb6e4e7d4 formatting 2020-06-18 09:57:24 -04:00
Mike Hanson
dc42be710a
Add unit test coverage for AmazonSesMailDeliveryService (#783) 
* Parameterize AmazonSimpleEmailServiceClient to allow testing

* Add unit test coverage for AmazonSesMailDeliveryService
 2020-06-18 09:55:46 -04:00
Chad Scharf
1b027cab59 Remove erroneous whitespace 2020-06-17 20:02:38 -04:00
Chad Scharf
b7a500eb63 combined tax updates with other operations 2020-06-17 19:49:27 -04:00
Chad Scharf
f7e5f1f15e
Merge pull request #776 from bitwarden/feature/tax-info-collection 
Feature/tax info collection
 2020-06-17 10:49:54 -04:00
Hinton
7145e3ea88 On create default ViewPassword to true. 2020-06-15 18:54:32 +02:00
Chad Scharf
b2cb9a2f69 Billing addr line1 fix, pr feedback 2020-06-15 09:12:03 -04:00
Chad Scharf
1552ff7b29 Collect tax info, correct line1 2020-06-12 19:35:17 -04:00
Pedro Lamas
21834223fd
Adds extra Amazon equivalent domains (#775) 2020-06-12 10:25:08 -04:00
Chad Scharf
5b3f81f47e
Merge pull request #743 from Hinton/feature/hide-passwords 
Add support collection access, hide passwords
 2020-06-11 14:24:04 -04:00
Kyle Spearrin
f695b1e7fc
update gulp to v4 and remove old packages (#774) 
* update gulp to v4 and remove old packages

* desc

* update project name
 2020-06-11 14:23:23 -04:00
Code
d2625e47e1
Remove trailing comma and adjust formatting of some of the equivalent domain strings to match the rest (#773) 2020-06-09 16:53:48 -04:00
Kyle Spearrin
a7d7736806
Add i18nservice abstraction (#770) 2020-06-09 10:25:37 -04:00
Chad Scharf
d88838f19e API updates for tax info collection 2020-06-08 17:40:18 -04:00
Connor Gibson
cad7cf0200
Add office.com to Microsoft default equivalent domains. (#769) 2020-06-06 21:08:26 -04:00
Kyle Spearrin
4bd3e01a80
abstract context building to overrideable SetContextAsync (#766) 
* abstract context building to overrideable SetContextAsync

* update method calls
 2020-06-04 14:14:43 -04:00
André Paulo
e1a0d59fd1
Added Discord to Global Equivalent Domain (#752) 
* add Discord to GlobalEquivalentDomainsType

* added discord domains to global domains
 2020-05-28 19:48:51 -04:00
Matt Portune
0d156776cb
Merge pull request #737 from bitwarden/self-hosted-exp-email 
License expiration email for self-hosted org/premium accounts
 2020-05-27 09:07:47 -04:00
hinton
14a8224a99 Be explicit about AccessAll for ViewPassword 2020-05-23 11:06:41 +02:00
hinton
1c0095b122 Be explicit with AccessAll and fix bug in create/update cipher 2020-05-23 10:36:35 +02:00
Roman V
a421be731c
Add syslog suport for sending application logs to a Syslog server (#742) 
* Add syslog suport for sending application logs to a Syslog server

* Rename SyslogSettings.Certificate to SyslogSettings.CertificatePath
 2020-05-22 21:19:59 -04:00
hinton
f2348d2264 Resolve review comments 2020-05-22 22:16:01 +02:00
hinton
28fe86ecff Merge branch 'master' of https://github.com/bitwarden/server into feature/hide-passwords 
# Conflicts:
#	src/Sql/dbo/Stored Procedures/CollectionUser_UpdateUsers.sql
#	src/Sql/dbo/Stored Procedures/OrganizationUser_UpdateWithCollections.sql
 2020-05-22 21:42:29 +02:00
Kyle Spearrin
beb40eb682
Update swagger config to use proper URL scheme (#744) 2020-05-21 15:00:03 -04:00
Kyle Spearrin
343ef92a20
Sproc tweaks (#730) 
* do not follow local hosts or ip addresses

* remove cron from mssql

* migration script

* Use joins instead of temp tables

* update migration script with join changes
 2020-05-21 11:35:00 -04:00
hinton
36f15c67d0 Add support for new collection access, hide passwords 2020-05-21 15:38:57 +02:00
Matt Portune
545948220a additional formatting & inclusion of org name 2020-05-19 18:22:03 -04:00
Matt Portune
9bf3a467fa formatting 2020-05-19 12:37:45 -04:00
Kyle Spearrin
0cd90be83a bump version for release 2020-05-18 21:58:12 -04:00
Kyle Spearrin
c205bf72e6 update some libs 2020-05-18 21:57:14 -04:00
Matt Portune
2cf7f18858 License expiration email for self-hosted org/premium accounts 2020-05-18 16:06:34 -04:00
Chad Scharf
d49cc18a41 Stripe not crediting customer balance after void 2020-05-18 12:38:00 -04:00
Kyle Spearrin
d22992451c
updated bootstrap and colors (#733) 2020-05-15 13:24:25 -04:00
Chad Scharf
97158d607a
Merge pull request #727 from bitwarden/subscription-change-invoicing 
Subscription change, invoice process update
 2020-05-13 10:24:46 -04:00
Chad Scharf
cdfde692a6 Fixed SDK reference issue in Billing proj 2020-05-13 09:58:17 -04:00
Chad Scharf
9ef39bcadb Removed payment_behavior, errant whitespace 2020-05-13 09:54:10 -04:00
Kyle Spearrin
5c8c915f4e
Increase limits set by importer to 2k (#729) 2020-05-13 09:23:59 -04:00
Chad Scharf
a024b43cea Updated code style and PR feedback 2020-05-12 17:22:04 -04:00
Kyle Spearrin
10a6e12d09
generate signin token for enterprise portal (#728) 2020-05-12 15:36:33 -04:00
Chad Scharf
a9a7003bfc Subscription change, invoice process update 2020-05-12 12:48:21 -04:00
Chad Scharf
9a2d8e96e4 Updated Stripe API SDK version to 36.9.0 2020-05-08 10:15:48 -04:00
Kyle Spearrin
3c5cd0ffb2 brand color updates 2020-05-05 17:08:53 -04:00
Kyle Spearrin
9cb103e6aa update comment 2020-05-01 11:09:44 -04:00
Kyle Spearrin
7abfefd167 replace ip regex with IPAddress.Parse 2020-05-01 11:08:47 -04:00
Kyle Spearrin
3462613f49 Do not request local hosts or ip addresses 2020-04-30 11:41:30 -04:00
Kyle Spearrin
68901437ba only fetch icons from http(s) with default ports 2020-04-30 11:23:40 -04:00
Kyle Spearrin
fae4a335dc
public API for organization import (#707) 2020-04-23 11:29:19 -04:00
Kyle Spearrin
c177714799
Remove www. URL from alibaba (#701) 2020-04-16 10:38:39 -04:00
Chad Scharf
145dcabba6 [Soft Delete] bulk import fails if DeletedDate null 2020-04-10 13:43:51 -04:00
Chad Scharf
45e1e1a01b [Soft Delete] - cleanup whitespace in Cipher_Restore 2020-04-10 13:22:09 -04:00
Chad Scharf
32f19e9f90 [Soft Delete] - Add not null/is null filters to soft delete and restore sprocs 2020-04-10 13:22:09 -04:00
Chad Scharf
4defd13395 [Soft Delete] - fix Upsert calls based on cipher supertype 2020-04-08 16:18:22 -04:00
Kyle Spearrin
b106fd22fb
Only set channel prefix. Use machine name on counter (#687) 2020-04-03 08:39:59 -04:00
Kyle Spearrin
d6ed8291e6
Only apply count restriction to non-deleted users (#685) 2020-04-02 20:31:02 -04:00
Chad Scharf
7f22088d5f Fix delcaration of @UtcNow variable 2020-04-02 14:08:19 -04:00
Chad Scharf
3d786cbf28
Update Cipher_SoftDelete.sql 
Co-Authored-By: Kyle Spearrin <kspearrin@users.noreply.github.com>
 2020-04-02 14:06:15 -04:00
Chad Scharf
eb34cc49c6 Fixed date time precision assignment for DeletedDate and RevisionDate (performance + match/data quality) 2020-04-02 13:45:53 -04:00
Chad Scharf
c0019e7abc [Soft Delete] Update assignment of deleted and revision date to 1-liner 2020-04-02 10:56:22 -04:00
Chad Scharf
d07f27f274 [Soft-Delete] Simplify the data-tier, removed extra sprocs and reuse update 2020-04-01 16:39:27 -04:00
Chad Scharf
f6044f0d00 Missed one other PR comment fix 2020-04-01 15:47:10 -04:00
Chad Scharf
1d04803bd0 Resolved PR comments, spacing and controller code-line reversion 2020-04-01 14:55:14 -04:00
Chad Scharf
d014a597dd [Soft Delete] - API updates for soft delete + retrieval 2020-04-01 13:00:25 -04:00
Kyle Spearrin
fef512bad1
use message codes in query string (#681) 2020-03-29 23:41:31 -04:00
Chad Scharf
9800b752c0 Changed all C# control flow block statements to include space between keyword and open paren 2020-03-27 14:36:37 -04:00
Chad Scharf
55b937ff68 Updated PR comments, changed smart defaults for behavior, updated Cipher table index 2020-03-27 10:23:37 -04:00
Chad Scharf
bc46eccf70 Deleted date on Cipher table, related sprocs and repositories updated 2020-03-26 19:32:37 -04:00
Kyle Spearrin
132016bca4 ChannelPrefix 2020-03-21 00:22:14 -04:00
Kyle Spearrin
c8e249b05e client name 2020-03-20 23:05:08 -04:00
Kyle Spearrin
fccbeddac8 check for SettingHasValue 2020-03-20 20:19:46 -04:00
Kyle Spearrin
119a950141 bump version 2020-03-19 19:48:44 -04:00
Kyle Spearrin
1331cc90f7 check SettingHasValue instead of empty 2020-03-19 11:10:23 -04:00
Kyle Spearrin
981d6a0526 pad checkboxes some more 2020-03-17 12:17:13 -04:00
Kyle Spearrin
9520a646ad UserId added to MemberResponseModel 2020-03-17 12:05:06 -04:00
David Roth
b7b06d77df
Use correct sentry integration package. Fixes #669 (#670) 2020-03-16 08:25:46 -04:00
Kyle Spearrin
7dc959c058 return empty policies array if none 2020-03-12 15:05:46 -04:00
Kyle Spearrin
0f9ec8d64f check user has 2fa enabled when confirming 2020-03-09 15:13:40 -04:00
Kyle Spearrin
218fec52f1 allow maintenance tasks to take 48 hours 2020-03-08 20:59:03 -04:00
Kyle Spearrin
4a0071f721 only show ip-related headers 2020-03-07 21:41:53 -05:00
Kyle Spearrin
6341937c7c local build scripts 2020-03-06 22:05:50 -05:00
Kyle Spearrin
844238d31c show exception message 2020-03-05 21:50:39 -05:00
Kyle Spearrin
01ea3e995b add newrelic to identity server 2020-03-05 20:36:11 -05:00
Kyle Spearrin
499ca656a4 bitpay is now called token 2020-03-05 20:23:52 -05:00
Kyle Spearrin
518e94f60f upgrade more lgos. remove sendgrid 2020-03-05 10:33:44 -05:00
Kyle Spearrin
cd0ec26b07 upgrade libs 2020-03-04 22:01:28 -05:00
Kyle Spearrin
172525bf86 Merge branch 'master' of github.com:bitwarden/server 2020-03-04 21:57:50 -05:00
Kyle Spearrin
c8d7f04826 signalr redis support. remove old azure signalr refs 2020-03-04 21:57:42 -05:00
Alex Knight
d2fcf8f572
Additional Equivalent Domains Fix #649 (#662) 
* Additional Equivalent Domains Fix #649

* Remove infinitysrv.com as resolves to 127.0.0.1
 2020-03-04 10:55:58 -05:00
Kyle Spearrin
7b91fe55f0 set UsePolicies on license update 2020-03-03 22:32:59 -05:00
Kyle Spearrin
d5aa7b5624 allow configuring the validation urls for yubico otp servers 2020-03-03 08:32:50 -05:00
Kyle Spearrin
4a67780b3e only return eneabled policies by token 2020-03-02 11:30:44 -05:00
Kyle Spearrin
57472c9f82
API to get org policies by invite token (#661) 
* API to get org policies by invite token

* from query attr
 2020-03-02 10:17:32 -05:00
Kyle Spearrin
71d9ffdd9d
CheckPoliciesOnTwoFactorRemoval for 2fa recovery (#659) 2020-02-28 10:23:19 -05:00
Kyle Spearrin
ae893c72bd formatting 2020-02-28 09:15:47 -05:00
Kyle Spearrin
621192b701
enable email 2fa if joining an org with policy (#658) 2020-02-28 09:14:33 -05:00
Kyle Spearrin
0b9125be9c add column mapping to sql bulk copies 2020-02-27 22:45:43 -05:00
Kyle Spearrin
f54ebfdc75
email user whenever they're removed from org because of 2fa policy (#657) 2020-02-27 09:30:03 -05:00
Kyle Spearrin
153709fe3b remove agentEnabled="false" from newrelic.config 2020-02-25 17:46:30 -05:00
Kyle Spearrin
5b598b811e
Add additional meta data to org view (#655) 
* Add additional meta data to org view

* null check policies and groups
 2020-02-25 14:28:41 -05:00
Kyle Spearrin
927f073362 add newrelic agent to API 2020-02-25 14:08:12 -05:00
Kyle Spearrin
81424a8526
Enforce 2fa policy (#654) 2020-02-19 14:56:16 -05:00
Kyle Spearrin
6b6c2d862d 8bit => bitwarden 2020-02-18 22:22:32 -05:00
Kyle Spearrin
e69fc3620e tool to promote admin user to org owner 2020-02-14 20:13:25 -05:00
Kyle Spearrin
57b246df20 preserve existing tags 2020-02-10 22:32:25 -05:00
Kyle Spearrin
ee18933fd1 fixes to freshdesk hook 2020-02-10 15:30:17 -05:00
Kyle Spearrin
d91d67c78c no reply bitwarden emails 2020-02-07 16:42:55 -05:00
Kyle Spearrin
71995b21ee add check type to payment methods 2020-02-07 16:38:33 -05:00
Kyle Spearrin
16f718f2be freshdesk updates 2020-02-06 22:25:02 -05:00
Kyle Spearrin
abe624b739 leave a note on new tickets 2020-02-06 16:45:14 -05:00
Kyle Spearrin
726ce2510f freshdesk webhook improvements 2020-02-06 16:32:48 -05:00
Kyle Spearrin
b679c2b2db fixes for freshdesk endpoint 2020-02-06 16:28:44 -05:00
Kyle Spearrin
7dddf9fd8b freshdesk webhook endpoint 2020-02-06 16:03:02 -05:00
Tristan Berger
b6274ac728
Add Envato network to equivalent domain sets (#647) 
* Add Envato network to equivalent domain sets

Envato is an Alexa top 500 website that asks you to use the same login on many different domains. The login forms are on those domains, not envato.com.

For my use case, account-level domain equivalence rules don’t work because I want to share this with a team, and multiple URLs per login is duplicative because we have multiple Envato logins.

tutsplus.com is another Envato domain that accepts Envato logins, but I believe it also accepts tutsplus.com-specific logins, making it not fully equivalent.

* Add Envato to GlobalEquivalentDomainsType
 2020-02-01 15:31:40 -05:00
Kyle Spearrin
725522128c sync org policies to client devices 2020-01-28 15:33:32 -05:00
Kyle Spearrin
82be2ae06b parse cancellation dates to detect refunds 2020-01-28 09:24:00 -05:00
Mario Limonciello
2c68e01e14 Add Docusign to equivalent domains (#642) 2020-01-23 22:10:23 -05:00
Kyle Spearrin
9266546d60 only 1 policy event 2020-01-20 09:02:41 -05:00
Kyle Spearrin
f3f1ac57d2 refactor policy apis 2020-01-20 08:53:15 -05:00
Kyle Spearrin
c5ae1b8283 prevent duplicate paypal charges 2020-01-17 21:16:26 -05:00
Kyle Spearrin
ff8731c82f add usepolicies to org profile object 2020-01-15 15:17:32 -05:00
Kyle Spearrin
0790f9859e usepolicies check 2020-01-15 15:01:31 -05:00
Kyle Spearrin
e8054df5b4 use policies property for orgs 2020-01-15 15:00:54 -05:00
Kyle Spearrin
58faf5266b policy events 2020-01-15 09:43:49 -05:00
Kyle Spearrin
3f9b44f493 public policy apis 2020-01-15 09:19:55 -05:00
Kyle Spearrin
df4abea345 use policy service 2020-01-15 09:19:49 -05:00
Kyle Spearrin
937bb4359f policy service 2020-01-15 09:19:28 -05:00
Kyle Spearrin
85f32f450b policy controller 2020-01-15 08:35:53 -05:00
Kyle Spearrin
0628fb682e rename policy types 2020-01-15 08:19:47 -05:00
Kyle Spearrin
c117d109b4 get rid of web.config 2020-01-15 08:18:09 -05:00
Kyle Spearrin
dda3c3a123 Async GetEmbeddedCertificate 2020-01-13 15:35:50 -05:00
Kyle Spearrin
3f4a4bac2a copytoasync 2020-01-13 15:32:22 -05:00
Kyle Spearrin
13370e011f fix admin cookie expiration 2020-01-13 12:03:10 -05:00
Kyle Spearrin
b1e8d16b9d update some libs 2020-01-13 09:33:12 -05:00
Kyle Spearrin
bc0901348b calculate storage updates 2020-01-10 20:05:58 -05:00
Kyle Spearrin
5bb440563f just type mapping for json docs 2020-01-10 18:54:44 -05:00
Kyle Spearrin
d653629e79 EF repo fixes 2020-01-10 18:14:45 -05:00
Kyle Spearrin
fa1322599f remove using 2020-01-10 16:24:16 -05:00
Kyle Spearrin
77180e0c82 update DisableFormValueModelBindingAttribute 2020-01-10 16:23:56 -05:00
Kyle Spearrin
47b50e48ef update libs 2020-01-10 16:14:16 -05:00
Mart124
f7512445e4 Add windowsazure.com to eq domains (#637) 
* Add windowsazure.com to eq domains

* Add azure.com to eq domains
 2020-01-10 11:53:11 -05:00
Kyle Spearrin
e13f022c90 upgrade swagger 2020-01-10 09:36:12 -05:00
Kyle Spearrin
f71433d09a remove libcurl3 2020-01-10 08:55:22 -05:00
Kyle Spearrin
7fd6e4359d fix warnings 2020-01-10 08:47:58 -05:00
Kyle Spearrin
29580684a3 upgrade to aspnet core 3.1 2020-01-10 08:33:13 -05:00
Kyle Spearrin
8026912eeb fixes for databasecontext and json types 2020-01-09 07:57:33 -05:00
Kyle Spearrin
002efaafd4 map json columns for org and user 2020-01-08 21:38:32 -05:00
Kyle Spearrin
9fa7f335bd org repo 2020-01-08 21:34:49 -05:00
Kyle Spearrin
46c258428e delete typoed class 2020-01-08 20:31:31 -05:00
Kyle Spearrin
7c5be176fa Stub out EF repo base with user repo 2020-01-08 20:28:16 -05:00
Kyle Spearrin
9caaab0537 stub out policy models and repos 2020-01-06 14:27:16 -05:00
Kyle Spearrin
4e4644e17d stub out organization policy db schema 2020-01-06 14:26:48 -05:00
Kyle Spearrin
36e97ccbd2 update 2fa recovery email copy 2019-12-23 15:31:55 -05:00
Kyle Spearrin
ad010f6080 Merge branch 'master' of github.com:bitwarden/server 2019-12-23 15:26:47 -05:00
Brian Becker
0be86072f7 Add email notification on Two Factor recovery use (#625) 
* Add email notification on Two Factor recovery use

* A user who has lost their 2fa device can clear out the
  2fa settings using a recovery code.  When this happens
  it gets logged but no notification to the user occurs.
* Add a notification to be sent when 2fa recovery code is
  used

* Add email message templates
 2019-12-23 15:26:39 -05:00
Kyle Spearrin
e2d65e5b08 switch to official bitpay light library 2019-12-19 10:27:06 -05:00
Papina
665e78ec1c PostgreSQL - Functions (#578) 
* PostgreSQL initial commit of translation from SQL Server to PostgreSQL

* snake_case added.
set search path for schema.  schema qualified name no longer needed for creation and access of functions.

* Table DDL for PostgreSQL

* Rename User.sql to user.sql

* PostgreSQL views, 
snake_case column fix for user_create, 
rename of users.sql file to lowercase

* user_update function

* remove tabs

* cast types, and table DDL changed to match

* case

* resolve casting issues. casting is done inside function

* update views

* more functions

* more functions

* removed casting

* spelling mistake

* spelling

* changes to functions, added replace
 2019-12-02 08:28:18 -05:00
Kyle Spearrin
9e470c1f7a log startup 2019-11-27 14:42:24 -05:00
Kyle Spearrin
a5b809f477 update rolling file settings for LogRollBySizeLimit 2019-11-25 11:40:04 -05:00
Kyle Spearrin
654eb5e15f further validate email for org users 2019-11-25 10:57:55 -05:00
Kyle Spearrin
c7d34a7ac6 fix typo. roll 2019-11-22 10:36:17 -05:00
Kyle Spearrin
d270311393 config for rolling log files by size limit 2019-11-22 10:33:57 -05:00
Kyle Spearrin
2693ffeab0 include ip in log message. only for self host 2019-11-22 10:23:11 -05:00
Kyle Spearrin
d022517762 login failed log message 2019-11-22 07:30:32 -05:00
Kyle Spearrin
9da83cbdc3 remove alive job 2019-11-04 07:43:15 -05:00
Kyle Spearrin
72750cf298 org re-invite api 2019-10-07 16:23:38 -04:00
Kyle Spearrin
19b8c385d2 npm audit fix 2019-10-07 16:01:27 -04:00
Kyle Spearrin
28adefe50a EventsProcessor csproj 2019-10-04 13:54:35 -04:00
Kyle Spearrin
e7625eda86 build script 2019-10-04 13:46:46 -04:00
Kyle Spearrin
904c29809b placeholders 2019-10-01 09:13:00 -04:00
Kyle Spearrin
47fed7ab80 date range search on logs 2019-10-01 09:02:36 -04:00
Kyle Spearrin
b99f6cdbc1 allow long urls on admin 2019-10-01 08:57:56 -04:00
Kyle Spearrin
5bd43478c7 handle reversed transactions 2019-10-01 08:19:01 -04:00
Kyle Spearrin
5fd9df3beb app in review flag for iap receipt validation 2019-09-29 20:42:53 -04:00
Kyle Spearrin
7b75e134d8 AppleReceiptNotification class 2019-09-25 10:12:42 -04:00
Kyle Spearrin
e4c58b1d5c relax rate limiting on invites 2019-09-24 08:18:14 -04:00
Kyle Spearrin
091d6d318c fix info logger for apple iap 2019-09-23 14:30:04 -04:00
Kyle Spearrin
5e7ac0a9bc handle appleReceipt already existing on customer 2019-09-23 10:27:14 -04:00
Kyle Spearrin
d04d92bb89 AttemptToPayInvoiceWithAppleReceipt 2019-09-23 09:03:18 -04:00
Kyle Spearrin
b72744eafc alloe sub cancellation when deleting account 2019-09-20 13:45:47 -04:00
Kyle Spearrin
6f8fff59e7 bump version 2019-09-20 07:43:04 -04:00
Kyle Spearrin
784c86893f throw apple iap exceptions 2019-09-20 00:01:35 -04:00
Kyle Spearrin
ff5a0ff0ce payment service support for iap 2019-09-19 23:30:16 -04:00
Kyle Spearrin
eee4dd9877 ANCMPreConfiguredForIIS 2019-09-19 17:00:39 -04:00
Kyle Spearrin
8d29eefb3a log json formatted 2019-09-19 16:43:06 -04:00
Kyle Spearrin
8340b22c2a UsingInAppPurchase prop on sub models 2019-09-19 16:31:11 -04:00
Kyle Spearrin
ad95dd6bb2 check for valid transaction as well 2019-09-19 10:04:15 -04:00
Kyle Spearrin
62f4e67e8a save userId with receipt data 2019-09-19 09:36:26 -04:00
Kyle Spearrin
43f26925d1 fixes for meta repo and iapcheck model 2019-09-19 09:23:48 -04:00
Kyle Spearrin
d73e2da7a4 iap pre-check 2019-09-19 08:53:33 -04:00
Kyle Spearrin
e9174ba9f4 iap pre-purchase check 2019-09-19 08:46:26 -04:00
Kyle Spearrin
9ddfe3e947 fix json serialization of receipt status 2019-09-18 17:43:17 -04:00
Kyle Spearrin
bed2a0ab7b no additional storage for premium 2019-09-18 10:52:53 -04:00
Kyle Spearrin
b39d1e13d7 set owner context for org api 2019-09-18 10:47:36 -04:00
Kyle Spearrin
4ec05e111c fix typo 2019-09-18 09:47:42 -04:00
Kyle Spearrin
1495f6e507 fix typo 2019-09-18 09:47:25 -04:00
Kyle Spearrin
3af2fbd4e9 register new services 2019-09-18 09:46:26 -04:00
Kyle Spearrin
68b5ba6474 update to apple iap service 2019-09-17 22:58:38 -04:00
Kyle Spearrin
ed7da76bac add helpers and renewal info to receipt model 2019-09-17 22:58:06 -04:00
Kyle Spearrin
8290ddbb94 apple iap service 2019-09-17 19:48:40 -04:00
Kyle Spearrin
7a2e86c2ba new payment method types 2019-09-17 17:08:46 -04:00
Kyle Spearrin
64ddcaaf0f isUser function 2019-09-17 16:55:40 -04:00
Kyle Spearrin
dcbe30b80f noop 2019-09-17 16:09:23 -04:00
Kyle Spearrin
2c319af95b object name for meta data repo 2019-09-17 10:15:59 -04:00
Kyle Spearrin
c82947a5f8 update receipt object 2019-09-16 16:23:07 -04:00
Kyle Spearrin
9e51eaea28 Apple Iap service 2019-09-16 09:22:22 -04:00
Kyle Spearrin
d009aa57c0 noop meta data repo 2019-09-13 16:10:20 -04:00
Kyle Spearrin
3037b95920 metadata repository for table storage 2019-09-13 16:02:01 -04:00
Kyle Spearrin
e1e147b78f log apple status update 2019-09-13 10:00:20 -04:00
Kyle Spearrin
a370dd1149 apple webhook key 2019-09-13 09:58:30 -04:00
Kyle Spearrin
2f7cd3ee95 stub out apple iap webhook 2019-09-13 09:56:01 -04:00
Papina
79ffda0377 #453 PostgreSQL - Views (#560) 
* PostgreSQL initial commit of translation from SQL Server to PostgreSQL

* snake_case added.
set search path for schema.  schema qualified name no longer needed for creation and access of functions.

* Table DDL for PostgreSQL

* Rename User.sql to user.sql

* PostgreSQL views, 
snake_case column fix for user_create, 
rename of users.sql file to lowercase
 2019-09-12 07:59:07 -04:00
Kyle Spearrin
ba6baa3caa clean up pgsql 2019-09-11 13:44:56 -04:00
Papina
5000de6fa8 #453 Added PostgreSQL initial db scripts (User) (#556) 
* PostgreSQL initial commit of translation from SQL Server to PostgreSQL

* snake_case added.
set search path for schema.  schema qualified name no longer needed for creation and access of functions.

* Table DDL for PostgreSQL
 2019-09-11 13:38:46 -04:00
Kyle Spearrin
12c8e4b124 format pg params object 2019-09-11 13:32:55 -04:00
Kyle Spearrin
e8375335ac fix alive endpoint on notifications 2019-09-08 22:14:15 -04:00
Kyle Spearrin
5d047d52c3 return default kdf info 2019-09-07 14:08:19 -04:00
Kyle Spearrin
294a6dbba5 set/use default payment method on customer 2019-09-06 08:47:36 -04:00
Kyle Spearrin
920debf2c9 upper card brand 2019-09-05 20:45:01 -04:00
Kyle Spearrin
44956b3994 fixes to exception logging 2019-09-04 12:54:19 -04:00
Kyle Spearrin
cf9c8d8fe9 support PaymentMethodDetails in stripe webhook 2019-09-03 17:00:05 -04:00
Kyle Spearrin
1be6e2008b qty is only 1 if re-creating after proration 2019-09-03 16:49:25 -04:00
Kyle Spearrin
aca274a49b add new properties to LogContext 2019-09-03 14:44:22 -04:00
Kyle Spearrin
72310701d2 move ip address method to core helpers 2019-09-03 14:08:08 -04:00
Kyle Spearrin
4982c21c37 qty should be 1 when restoring invoice items 2019-09-03 12:48:42 -04:00
Kyle Spearrin
54162d6531 fix credit card bug for premium 2019-09-02 20:23:43 -04:00
Kyle Spearrin
62732fa002 gateway check 2019-09-02 08:53:59 -04:00
Kyle Spearrin
ed86a5f9d5 add a delay to invoice.payment_succeeded hook 2019-09-02 08:41:06 -04:00
Kyle Spearrin
f37f335120 allow alive check on cloud an self host 2019-08-31 12:22:42 -04:00
Kyle Spearrin
32247fec2b filter log: Failed writing message 2019-08-31 08:22:30 -04:00
Kyle Spearrin
a3b30595f5 null check paymentToken 2019-08-31 00:33:29 -04:00
Kyle Spearrin
81d2da8df4 update packages 2019-08-30 10:20:40 -04:00
Kyle Spearrin
c31e377f32 America/New_York timezone on non-windows 2019-08-27 23:30:53 -04:00
Kyle Spearrin
9c90358aa1 nodocker flag for build scripts 2019-08-27 15:52:04 -04:00
Kyle Spearrin
d0abd413ba log keepalive task 2019-08-27 15:19:10 -04:00
Kyle Spearrin
a9da624b1d bump version 2019-08-27 09:27:52 -04:00
Kyle Spearrin
235e796fff upgrade serilogs 2019-08-27 09:24:58 -04:00
Kyle Spearrin
25a8640d80 get rid of old smtp mail delivery service 2019-08-27 09:23:03 -04:00
Kyle Spearrin
1db442a5bf update libs 2019-08-27 09:21:08 -04:00
Kyle Spearrin
53ba5fe324 all host origins allowed 2019-08-22 15:05:00 -04:00
Kyle Spearrin
19850631f6 allow cors origin wildcard 2019-08-22 12:00:10 -04:00
Kyle Spearrin
669a7c00d8 load fresh sub and invoices on webhooks 2019-08-20 11:09:02 -04:00
Kyle Spearrin
7957707559 add xbox to eq domains for microsoft 2019-08-13 22:53:17 -04:00
Kyle Spearrin
fa3bb0c081 set customer source and method earlier 2019-08-12 11:15:05 -04:00
Kyle Spearrin
18e6149329 handle incomplete status in webhook 2019-08-12 10:45:05 -04:00
Kyle Spearrin
5c3bf78226 handle sub incomplete status 2019-08-12 10:42:14 -04:00
Kyle Spearrin
41f9f6a7f0 only refund captured charges 2019-08-12 10:33:06 -04:00
Kyle Spearrin
157cafa551 PaymentResponseModel for storage and seat adjustments 2019-08-12 10:03:50 -04:00
Kyle Spearrin
74bbeae776 adjust storage with payment intent/method handling 2019-08-10 12:59:32 -04:00
Kyle Spearrin
e60f1a4f50 add missing sub create options 2019-08-10 12:07:24 -04:00
Kyle Spearrin
bc5322f4cf support for payment intent/method on org signup 2019-08-10 11:58:44 -04:00
Kyle Spearrin
00e808d731 payment intent/method support for incomplete status 2019-08-09 23:56:26 -04:00
Kyle Spearrin
efcf626999 update payment method with stripe card payment method 2019-08-09 16:29:23 -04:00
Kyle Spearrin
b11fd2fab8 handle PaymentMethods for PaymentSource billing info 2019-08-09 15:53:01 -04:00
Kyle Spearrin
9686b4bf2b process off session payment methods 2019-08-09 14:06:07 -04:00
Kyle Spearrin
3aea61cb63 remove unused service 2019-08-09 11:09:37 -04:00
Kyle Spearrin
ae386bfee4 remove old service refs 2019-08-08 23:22:46 -04:00
Kyle Spearrin
48ec345702 update stripe SDK 2019-08-08 17:36:41 -04:00
Kyle Spearrin
6d4e34b229 use SettingHasValue for smtp services 2019-08-07 19:39:37 -04:00
Kyle Spearrin
db7d586ee6 admin keep alive job 2019-08-04 20:37:05 -04:00
Kyle Spearrin
379d1b60bd fix npm install from build scripts 2019-08-04 20:24:46 -04:00
Kyle Spearrin
f43e954a31 Starting informational with bypass 2019-08-04 20:04:04 -04:00
Kyle Spearrin
aae60aaca2 log admin job tasks 2019-08-04 20:02:31 -04:00
Kyle Spearrin
00d1bbf0ee GetAlive for icons server 2019-08-03 23:26:34 -04:00
Kyle Spearrin
928e1b6ad4 alive endpoint and logging 2019-08-03 23:16:31 -04:00
Kyle Spearrin
35dbcb87d3 bump version 2019-07-27 22:20:00 -04:00
Kyle Spearrin
6640e64876 HaveIBeenPwned API key not set. 2019-07-27 12:29:20 -04:00
Kyle Spearrin
8d09a7ad13 org license are version 5 2019-07-26 21:56:48 -04:00
Kyle Spearrin
f78b212aa8 health checks for docker 2019-07-26 11:59:42 -04:00
Kyle Spearrin
d9d2dea784 bump version 2019-07-25 22:10:20 -04:00
Kyle Spearrin
71202cbdc3 remove environnment variables from web config 2019-07-25 22:02:35 -04:00
Kyle Spearrin
edd49c7e67 show pii on api 2019-07-25 21:17:58 -04:00
André Paulo
34eba3c465 Added AskUbuntu.com to StackExchange Domains (#538) 
To make sure I wasn't missing any links, compiled a list of all the websites that you can check [here](https://gist.github.com/andre-paulo98/8cca381d09f2078b5eddc4e8516de3b4). [This is the source](https://stackexchange.com/sites?view=list#traffic)
 2019-07-25 20:35:18 -04:00
Kyle Spearrin
fcdac6415a cache ciphers on events lookup 2019-07-25 16:29:34 -04:00
Kyle Spearrin
6a91fd6be9 batch events 2019-07-25 15:50:13 -04:00
Kyle Spearrin
675b22cc9f single event for delete and share bulk operations 2019-07-25 15:39:25 -04:00
Kyle Spearrin
0f0cd3beeb handle bulk cipher events more efficiently 2019-07-25 15:34:14 -04:00
Kyle Spearrin
f6da38f931 allow web vault origin for cors requests 2019-07-25 15:05:03 -04:00
Kyle Spearrin
a0da6b3886 azure build scripts 2019-07-24 21:59:14 -04:00
Kyle Spearrin
48fd3062b6 rate limits on prelogin 2019-07-23 17:26:44 -04:00
Kyle Spearrin
a23e081397 update some libs 2019-07-23 16:58:40 -04:00
Kyle Spearrin
94188fa0b5 update to net core 2.2 2019-07-23 16:38:49 -04:00
Kyle Spearrin
b21e89f264 hibp api v3 2019-07-22 21:23:09 -04:00
Kyle Spearrin
2c80e337ae Organization_ClientExportedVault event 2019-07-12 17:12:36 -04:00
Kyle Spearrin
7c41da494f signalr heartbeat 2019-07-11 23:06:30 -04:00
Kyle Spearrin
51e4c5e1b7 filter out heartbeat warning log 2019-07-11 21:55:57 -04:00
Kyle Spearrin
05f876e61c stopping service log 2019-07-11 21:48:44 -04:00
Kyle Spearrin
aedbfcce50 register global settings 2019-07-11 21:45:14 -04:00
Kyle Spearrin
2f300107ce Remove error log on send 2019-07-11 21:12:20 -04:00
Kyle Spearrin
a6bd55e7a5 more logging 2019-07-11 16:19:38 -04:00
Kyle Spearrin
21d5417e92 done processing warning 2019-07-11 15:46:42 -04:00
Kyle Spearrin
ba2c7fe67d catch any unhandled exceptions in event processor 2019-07-11 15:43:20 -04:00
Kyle Spearrin
242e509b9d set en-US as default current culture 2019-07-11 15:03:17 -04:00
Kyle Spearrin
d61957d2de tz id for linux vs windows 2019-07-10 22:16:24 -04:00
Kyle Spearrin
b5d2a1da75 load certs from azure storage 2019-07-10 20:05:07 -04:00
Kyle Spearrin
f97539d558 build events container into docker deployment 2019-07-09 14:49:34 -04:00
Kyle Spearrin
da5c385d4a new client event types, pass date to event funcs 2019-07-09 11:44:09 -04:00
Kyle Spearrin
f7be870bfe up KDF max to 2 million 2019-07-06 23:34:10 -04:00
Kyle Spearrin
bc2621f45f log httpclient send exceptions 2019-07-05 14:20:16 -04:00
Kyle Spearrin
f9a43288a9 collect events in bulk 2019-07-03 12:11:40 -04:00
Kyle Spearrin
db41a1bd13 collect many events 2019-07-03 08:58:18 -04:00
Kyle Spearrin
69731ecb9d Add event types 2019-06-20 08:56:10 -04:00
Kyle Spearrin
e242539b84 check if already paid 2019-06-17 08:19:26 -04:00
Kyle Spearrin
377e6ff697 handle invoice already paid error 2019-06-17 08:15:56 -04:00
Kyle Spearrin
7b27443e5f update app cache when editing orgs from admin 2019-06-13 00:31:50 -04:00
Kyle Spearrin
6f0d64119a keep application cache in sync with service bus 2019-06-13 00:10:37 -04:00
Kyle Spearrin
2d63732085 normalize billing email 2019-06-12 22:09:32 -04:00
Kyle Spearrin
1c57492028 trim and tolower billing email 2019-06-12 22:08:53 -04:00
Kyle Spearrin
ad7c4b89c4 back to corehelpers 2019-06-11 17:17:23 -04:00
Kyle Spearrin
6ab2f4ff87 org invite exp hours configurable 2019-06-11 16:44:59 -04:00
Julien Brochet
da4918b4aa Fix Flickr equivalent domain with Yahoo (#512) 2019-06-05 08:00:49 -04:00
Kyle Spearrin
621f43c5cd fix token refresh logic 2019-05-30 23:06:02 -04:00
Kyle Spearrin
35804e10cf collection cipher query improvements 2019-05-28 23:55:47 -04:00
Sandro Jäckel
3feaaf8f01 Replace company.com with example.com (#502) 2019-05-22 20:07:39 -04:00
Kyle Spearrin
d34cde7579 group name fix 2019-05-15 22:38:52 -04:00
Kyle Spearrin
cac0295af0 bump version 2019-05-15 22:12:59 -04:00
Kyle Spearrin
2ac62ecadb bump version 2019-05-14 13:11:06 -04:00
Kyle Spearrin
92505a2d4f dont remove owners when syncing directory 2019-05-14 13:09:56 -04:00
Kyle Spearrin
889d770cec formatting 2019-05-14 11:16:30 -04:00
Kyle Spearrin
6381634a92 update libs 2019-05-11 20:56:49 -04:00
Kyle Spearrin
4e65275a2f catch errors when processing notification messages 2019-05-07 22:06:05 -04:00
Kyle Spearrin
1c38fcda85 version bump 2019-05-07 11:16:02 -04:00
Kyle Spearrin
33845d372f bump dockerfile dep versions 2019-05-07 11:14:37 -04:00
Kyle Spearrin
0c760cf9e1 overwrite existing users on import 2019-05-06 21:31:36 -04:00
Kyle Spearrin
b4148d3532 fix issues on cipher admin endpoints 2019-05-01 09:38:13 -04:00
Kyle Spearrin
a416f5a912 support X-Real-IP 2019-04-26 11:02:38 -04:00
Kyle Spearrin
43eeebdc21 trim ip 2019-04-26 09:56:22 -04:00
Kyle Spearrin
e6baa1490c UseForwardedHeaders with known proxies 2019-04-26 09:52:54 -04:00
Kyle Spearrin
8b80478a97 otp can be >= 32 <= 48 2019-04-24 17:47:26 -04:00
Kyle Spearrin
271b9fa246 update mailkit 2019-04-16 13:22:54 -04:00
Kyle Spearrin
9ed52da2f5 rearrange file 2019-04-14 22:45:58 -04:00