1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-26 17:37:36 +01:00
Commit Graph

2890 Commits

Author SHA1 Message Date
Matt Gibson
354ff6e2cb
Fix skip sso for apikey login (#1308)
* Improve mixing SSO login error

* Skip SSO requirement for API key logins

* Bypass MFA for apikey logins
2021-05-10 11:13:37 -05:00
Vincent Salucci
70ab5b25a1
[Reset Password] Organization Key Pair (#1292)
* [Reset Password] Organization Key Pair

* Fixed type in Organization_ReadAbilites sproc

* Fixed broken unit test by making sure premium addon was false

* Updated PublicKey decorator and removed unecessary validation
2021-05-06 14:53:12 -05:00
Oscar Hinton
cae204cb7c
Refactor WebAuthn IoC container (#1302)
* Refactor WebAuthn IoC container

* Move to AddDefaultServices
2021-05-06 10:17:12 +02:00
Chad Scharf
7cae9d5e47
Version bump, 1.41.2 (#1305) 2021-05-05 12:33:11 -04:00
Oscar Hinton
ce4f025a0c
U2F (#1304)
* Delete U2F tokens alongside WebAuthn

* Bring back u2f apis
2021-05-05 16:14:49 +02:00
Chad Scharf
f0baf7e6a4 Revert "Added fido2 registration to other services"
This reverts part of commit 8f64f4a99f.
2021-05-04 23:49:22 -04:00
Chad Scharf
fc146d27ce
Added fido2 registration to other services (#1299) 2021-05-04 23:43:16 -04:00
Joseph Flinn
5095d8eb49
removing the unused environment in the prod deploy (#1298) 2021-05-04 13:50:44 -07:00
Joseph Flinn
a6265885ad
Automating Server Release/Deploy for QA Env (#1281)
* initial success caching test

* updating status testing

* fixing the fail check

* fixing bash if syntax

* changing the way of testing since you can't change workflow inputs between re-runs

* trying out different bash syntax

* removing the export to env

* adding in last run status check

* switching up the last_run_status file handling since it doesn't look like it is working correctly

* adding push trigger

* fixing typo

* adding date to the cache key and adding a bit more logging

* fixing restore key

* trying a different way of logging both successes and failures

* fixing typo

* reorganizing the random success/fail

* trying different bash

* fixing binary operator

* adding in success flag checks

* increasing the odds of success

* trying to fix weird problem

* changing dquotes to squotes

* testing failure and always() flow

* adding in a release pipeline

* adding in the manual trigger for the release pipeline

* fixing the bash for loop for tagging and switching to the rc image for release

* adding docker trust to the pull task

* fixing bash array typo

* removing build task

* adding the dotnet tool restore back in to hopefully restore swagger

* adding an Api build to build the swagger docs

* working on build workflow

* testing cache between jobs

* Adding in steps

* fixing the last line

* updating the build workflow

* adding manual trigger for build workflow

* moving the matrix values to the env section of the task

* changing the envs

* using env template replacement

* removing the unique id since I don't think I need it

* testing the cache

* commenting out the docker push

* adding the env vars back to the cache task

* adding envs to test

* fixing the path issue

* resetting the build workflow back to serial build/docker

* Adding in the qa release workflow

* removing unneccessary dependency

* parameterizing the project file names

* forcing gulp install

* installing gulp globally

* reorganizing to see if gulp works

* removing the awkward paths

* fixing typo

* commenting out all non-api matrix for easier testing

* trying to zip the build for deploy

* adding in the base path for the test

* replacing the web app name

* adding a specific slotname

* adding the env into the package path for the deployment

* trying to fix the zip

* setting up all of the other deploys

* switching the secrets over to be environment secrets

* adding in production automation with the deploys commented out

* removing the master branch from the QA deploy

* adding in the dependancy on the setup

* changing the tag

* trying a different ref

* renaming the deployment slot to staging

* trying a different slot name

* resetting the qa deploy to the original

* moving the secrets

* updating the qa deploy with the db reset/update stubs

* updating the deploy task dependencies

* adding missing update-db command placeholder

* trying a string for the inputs

* moving the input check into the steps instead of the job level so that the job completes

* testing azure kv

* fixing typo

* Change id to retrieve-secrets

* Fix typo

* testing the rest of the QA app service deployments

* updating the name of the QA AZ creds secret and migrating the disabled prod deploy jobs to use the prod AZ secrets

* adding in the additional key vault secrets and fixing some other mistakes

* fixing one of the other preview versions

* removing newline for testing commit

* fixing typo

* fixing a secret name typo

* moving the secrets to the env to test their outputs

* adding missing k

* Update build workflow with environment variables for Docker Trust

* removing the unneeded env vars

* Update build and release workflow using Azure secrets as env variables

* Clean up output of NuGet version

* Fix capitalization

* Fix variable names for Docker Trust Setup

* fixing the dashes in the env ids

* switching the dev tag for qa when pushing

* commenting out the test for the pipeline testing

* removing all of the testing code and blockers

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-05-04 13:41:49 -07:00
Oscar Hinton
6ada46f906
Fix password re-prompt not working in org view (#1296)
* Fix password reprompt not working in org view

* Also fix Cipher_UpdateWithCollections and CipherDetails_CreateWithCollections. Rename migration script
2021-05-04 20:36:35 +02:00
Chad Scharf
179e6aa76b
enable default appsettings for self hosted - bwlic (#1288) 2021-04-30 15:00:57 -04:00
Oscar Hinton
2054e5a926
Password re-prompt (#1269)
* Add support for password re-prompt
2021-04-29 15:43:44 +02:00
Chad Scharf
17db94190e
Test 1: add acr_values return validation value (#1285)
* Part 1: add acr_values return validation value

* Update acr return value validation from OIDC specs

* acr validation prompt clarification
2021-04-27 15:17:03 -04:00
Matt Gibson
1bd515e8f0
Refuse upload renew if a file is validated (#1284)
Download should return regardless of file validation state
2021-04-26 14:36:06 -05:00
Thomas Rittson
de155c78ad Enforce SSO "Want assertions signed" option (#1270)
* Enforce SSO Want Assertions Signed option

* Simplify changes and code style

* Fix style

* Check Issuer entityID before assertion signature
2021-04-21 11:06:30 -04:00
Vincent Salucci
477f679fc6
[Reset Password] Admin reset actions (#1272)
* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
Joseph Flinn
ba36afe69c
Adding the events processor container image (#1271) 2021-04-15 08:28:55 -07:00
Matt Gibson
b68c841e56
Move renew endpoint to fix overlapping endpoint issue (#1266) 2021-04-12 09:44:45 -05:00
Kyle Spearrin
83e68bce06
enable default appsettings for self hosted installs (#1263)
* enable default appsettings for self hosted installs

* change setters to use arrow functions

* fix tests

* fix global settings ref
2021-04-09 09:48:43 -04:00
Thomas Rittson
c1ceeace95
Require user to verify email to use file Send (#1262) 2021-04-08 06:42:12 +10:00
Vince Grassia
0366c0efef
Add install-id, install-key, and skip-ssl flags to Setup Project (#1260)
* Add install-id, install-key, and skip-ssl flags

* Update util/Setup/CertBuilder.cs

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>

* Update util/Setup/Program.cs

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>

* Remove redundant variable assignment

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2021-04-06 14:39:27 -04:00
Matt Gibson
79f3dabaac
Throw if collection Id does not exist on the organization (#1259)
Otherwise, we're just saving strings for fun. This makes it clear the
user's specified collection won't do anything.
2021-04-05 15:20:13 -05:00
Vincent Salucci
7a35813dfd
[Reset Password] Manage Reset Password permission (#1252) 2021-04-05 09:45:17 -05:00
Thomas Rittson
4b98361684
Fix server 500 error when enabling 2FA policy from Portal (#1254)
* Fix illegal chars in senderTag

* add null check
2021-04-05 08:33:19 +10:00
Kyle Spearrin
597fa01344
job to delete trashed ciphers nightly (#1243)
* job to delete trashed items nightly

* remove script from migration project file

* admin setting for controlling trash deleting dates
2021-04-02 11:14:21 -04:00
Chad Scharf
1b8b9b7539
Email length in IdSv4 config needed to be 256 (#1255) 2021-04-01 10:56:55 -04:00
Oscar Hinton
10d9e6c687
Change UserVerificationRequirement to Discouraged (#1250) 2021-03-31 16:20:15 +02:00
Matt Gibson
022e404cc5
Attachment blob upload (#1229)
* Add Cipher attachment upload endpoints

* Add validation bool to attachment storage data

This bool is used to determine whether or not to renew upload links

* Add model to request a new attachment to be made for later upload

* Add model to respond with created attachment.

The two cipher properties represent the two different
cipher model types that can be returned. Cipher Response from
personal items and mini response from organizations

* Create Azure SAS-authorized upload links for both one-shot and block uploads

* Add service methods to handle delayed upload and file size validation

* Add emergency access method for downloading attachments direct from Azure

* Add new attachment storage methods to other services

* Update service interfaces

* Log event grid exceptions

* Limit Send and Attachment Size to 500MB

* capitalize Key property

* Add key validation to Azure Event Grid endpoint

* Delete blob for unexpected blob creation events

* Set Event Grid key at API startup

* Change renew attachment upload url request path to match Send

* Shore up attachment cleanup method.

As long as we have the required information, we should always delete
attachments from each the Repository, the cipher in memory, and the
file storage service to ensure they're all synched.
2021-03-30 18:41:14 -05:00
Thomas Rittson
908decac5e
Add unit test for hiding emails on sends (#1246)
* Add unit test for hiding emails on sends

* Fix dependencies
2021-03-31 07:21:46 +10:00
Thomas Rittson
ea9849245d
Add Fido2 to Portal services (#1248)
* Add Fido2 to Portal services

* Add Fido2 to Sso services
2021-03-31 07:13:59 +10:00
Anish Krishnaswamy
7b2273c46a
Adding logout message when logging out of business portal (#1249) 2021-03-30 16:55:29 -04:00
Daniel Brown
261916daf6
add stackapps.com in global equivalent domains (#1209)
stackapps.com belongs to Stack Exchange
see https://stackexchange.com/sites
2021-03-30 16:40:08 -04:00
Vincent Salucci
296e3d881d
[Reset Password] Enrollment API, Service, and Model updates (#1245)
* [Reset Password] Enrollment API, Service and Model updates

* Added conditional check for calling User's ID
2021-03-30 09:48:52 -05:00
Oscar Hinton
339292f536
Fix emergency access migration not working (#1244) 2021-03-29 17:28:36 +02:00
Thomas Rittson
688cc00d48
Hide email address in Sends (#1234)
* Add send HideEmail to tables and models

* Respect HideEmail setting for Sends

* Recreate SendView to include new HideEmail column

* Enforce new Send policy

* Insert default value for new HideEmail column

* Delete c95d7598-71cc-4eab-8b08-aced0045198b.json

* Remove unrelated files

* Revert disableSendPolicy, add sendOptionsPolicy

* Minor style fixes

* Update SQL project with Send.HideEmail column

* unit test SendOptionsPolicy.DisableHideEmail

* Add SendOptionsPolicy to Portal

* Make HideEmail nullable, fix migrator script

* Remove NOT NULL constraint from HideEmail

* Fix style

* Make HideEmail nullable

* minor fixes to model and error message

* Move SendOptionsExemption banner

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-29 07:56:56 +10:00
Kyle Spearrin
94249747b4
Update README.md 2021-03-26 14:18:03 -04:00
Kyle Spearrin
50ddec2504
Update LICENSE_FAQ.md 2021-03-26 14:16:19 -04:00
Kyle Spearrin
48f69b2644
Update LICENSE.txt 2021-03-26 14:09:28 -04:00
Kyle Spearrin
88aa742535
Update LICENSE_BITWARDEN.txt 2021-03-26 14:08:09 -04:00
Kyle Spearrin
d4ae409b04
Update TRADEMARK_GUIDELINES.md 2021-03-26 14:04:27 -04:00
Kyle Spearrin
abca64d822
Create TRADEMARK_GUIDELINES.md 2021-03-26 14:02:08 -04:00
Daniel James Smith
e6902179f8
Fixes: #1101 - Fixed ModelValidators and validation methods (#1242)
* Extend StringLength attributes for emails to 256 char

* Modified validations to check email lengths > 256
2021-03-25 14:21:23 -04:00
Matt Gibson
584d3e771c
Throw error if not enough seats available for a sync (#1241)
* BadRequest if a sync cannot be completed due to seat count

* Comment the reason for the suppressed exception
2021-03-25 08:42:04 -05:00
Chad Scharf
c09ae5f906
ReferenceEvent Rebilled missing data (#1240) 2021-03-24 15:27:16 -04:00
Chad Scharf
a2f33176aa
Fix column NULLness for OrganizationUser table (#1239)
Fix column `NULL`ness for OrganizationUser table in Upgrade script; prior PR I missed in the upgrade script submitted that the ALTER COLUMN statement incorrectly set the column to `NOT NULL` when the table definition had it correctly as `NULL`.
2021-03-24 12:50:57 -04:00
Daniel James Smith
41ec23631a
Fixed badge link to open workflows on master (#1238) 2021-03-24 10:13:37 -04:00
Matt Gibson
7e127cec13
Support encrypted RSA 4096 keys (#1236)
Testing showed 4096 keys with minimal comments resulted in 4680
characters. Round to 5000 for a buffer.
2021-03-23 16:40:28 -05:00
Vincent Salucci
0cfd50382d
[Reset Password] Update all existing tables/sprocs/migrator scripts (#1235) 2021-03-23 16:04:11 -05:00
Daniel James Smith
fccf5cc00e
Remove appveyor.yml and replaced badge in README.md (#1231)
* Remove appveyor.yml

* Replaced appveyor badge with GitHub workflow badge
2021-03-23 16:25:23 -04:00
Joseph Flinn
7bb26a7203
K8s Proxy CI Build (#1233)
* adding the new k8s-proxy container to the server build

* updating the file path fore the new dockerfile
2021-03-23 11:19:01 -07:00