1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-26 12:55:17 +01:00
Commit Graph

3760 Commits

Author SHA1 Message Date
Gbubemi Smith
f445edb315
updated authrequestId to string to allow null value from client (#2350) 2022-10-19 06:37:18 -06:00
Oscar Hinton
07a091503c
[SM-244] Resolve dotnet warnings (#2283) 2022-10-18 22:12:26 +02:00
Gbubemi Smith
4a26c55599
[SG-698] Refactored 2fa send email and identity to cater for passwordless (#2346)
* Allow for auth request validation for sending two factor emails

* Refactored 2fa send email and identity to cater for passwordless

* Refactored 2fa send email and identity to cater for passwordless

Signed-off-by: gbubemismith <gsmithwalter@gmail.com>

* Inform that we track issues outside of Github (#2331)

* Inform that we track issues outside of Github

* Use checkboxes for info acknowledgement

Signed-off-by: gbubemismith <gsmithwalter@gmail.com>

* Refactored 2fa send email and identity to cater for passwordless

* ran dotnet format

Signed-off-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: addison <addisonbeck1@gmail.com>
2022-10-18 19:50:48 +01:00
Seth Falco
864ab5231d
feat: add amazon.com.be domain to amazon (#2349) 2022-10-18 12:59:32 +02:00
Matt Gibson
8a22c0479e
Inform that we track issues outside of Github (#2331)
* Inform that we track issues outside of Github

* Use checkboxes for info acknowledgement
2022-10-17 09:39:11 -05:00
sneakernuts
52fd999b29
added ability to utilize signed commits (#2333)
* added ability to utilize signed commits

* added steps for az kv
2022-10-13 20:05:11 +00:00
David Frankel
0ea70f68f1
Add CreationDate to CipherResponse (#2142) 2022-10-11 20:20:48 -05:00
github-actions[bot]
3fc24d3264
Bump version to 2022.10.0 (#2336)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-10-11 13:06:19 -06:00
Vince Grassia
c6b2f19cd6
Switch to using get-keyvault-secrets action from our gh-actions repo (#2328) 2022-10-04 17:23:43 -04:00
Joseph Flinn
b59cc71424
Revert "Update deprecated Azure Key Vault in workflows (#2214)" (#2326)
This reverts commit 13e33cd789.
2022-10-04 18:23:08 +00:00
Addison Beck
54354237ba
[SG-686] Correctly format AuthRequestResponse.Origin (#2325)
* Remove hardcoded URL case from AuthRequestResponse

* Just use URI host for AuthRequestResponse.Origin
2022-10-04 11:06:01 -04:00
Rui Tomé
8325f0eed4
[EC-508] SCIM CQRS Refactor - Users/Get (#2266)
* [EC-390] Added Scim.Test unit tests project

* [EC-390] Added ConflictException type. Updated BadRequestException to have parameterless constructor. Updated NotFoundException to have constructor with a message parameter

* [EC-534] Implemented CQRS for Users Get and added unit tests

* [EC-508] Renamed GetUserCommand to GetUserQuery

* [EC-508] Created ScimServiceCollectionExtensions

* [EC-508] Renamed AddScimCommands to AddScimUserQueries

* [EC-508] Created ExceptionHandlerFilterAttribute on SCIM project

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2022-10-04 11:40:28 +10:00
Addison Beck
707a39972b
[SG-617] [SG-697] [SG-686] Fix various minor passwordless bugs (#2320)
* Only push auth request responses if the request is approved

* Add error message when an unknown device tries to send an auth request

* Send the vault URL for self hosted auth requests
2022-10-03 11:37:37 -04:00
Addison Beck
c8783ced6d
Use a user-based known device check (#2318) 2022-09-30 09:45:07 -04:00
Michał Chęciński
13e33cd789
Update deprecated Azure Key Vault in workflows (#2214) 2022-09-29 13:29:58 -07:00
Addison Beck
53f6ec0a71
[SG-692] Block unknown devices from using passwordless auth (#2315)
* Block unknown devices from initiating auth requests

* Rename anonymousHub route to anonymous-hub
2022-09-29 14:10:21 -04:00
Thomas Rittson
96fa8781f3
[EC-588] Add secrets override for dev logging (#2309) 2022-09-29 08:02:14 +10:00
Addison Beck
0629394cec
[SG-169] Add arguements to AuthRequest_Update.sql (#2313) 2022-09-28 14:46:07 -04:00
Michał Chęciński
65e9520d09
Update artifact download action (#2312) 2022-09-28 14:50:43 +02:00
github-actions[bot]
82c4d2ab95
Bumped version to 2022.9.5 (#2308)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-27 15:46:51 -07:00
Michał Chęciński
c45bbee4a3
Add renovate config (#2182)
* Add renovate config

* Update renovate.json

* Remove unnecassary config

* Update renovate.json

* Match only minor and patch updates

* Disable major updates
2022-09-27 19:07:29 +02:00
Oscar Hinton
c11a179332
[SM-220] Move identity specific files to identity (#2279) 2022-09-27 18:30:37 +02:00
Oscar Hinton
ea0087ee6f
Remove docker compose restart always (dev) (#2284) 2022-09-27 15:25:14 +02:00
Rui Tomé
a536d89264
[EC-447] Removed unneeded ScimUserRequestModel for Users DELETE endpoint as it was causing an error (#2294) 2022-09-27 09:50:29 +01:00
Matt Gibson
ddb683dbff
Set serilog min level (#2304) 2022-09-26 21:38:35 -05:00
github-actions[bot]
402f23054c
Bumped version to 2022.9.4 (#2302)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-26 17:14:21 -04:00
Matt Gibson
c8c9b32904
Add logging to tokenables (#2298)
* Add logging to token usages

* Add settings manipulation of log levels

* Maintain no logging for dev

* Log exception causing Token failure in TryUnprotect

* dotnet format 🤖

* Added deconstruction operator on new debug logs.

* Split off log level settings into separate files

* Improve log messages

* dotnet format 🤖

* Fix token serialization

* Final review notes

Co-authored-by: Todd Martin <>
2022-09-26 14:22:02 -05:00
Addison Beck
02bea3c48d
[SG-167] Implement Passwordless Authentication via Notifications (#2276)
* [SG-549] Commit Initial AuthRequest Repository (#2174)

* Model Passwordless

* Scaffold database for Passwordless

* Implement SQL Repository

* [SG-167] Base Passwordless API (#2185)

* Implement Passwordless notifications

* Implement Controller

* Add documentation to BaseRequestValidator

* Register AuthRequestRepo

* Remove ExpirationDate from the AuthRequest table

* [SG-407] Create job to delete expired requests (#2187)

* chore: init

* remove exp date

* fix: log name

* [SG-167] Added fingerprint phrase to response model. (#2233)

* Remove FailedLoginAttempt logic

* Block unknown devices

* Add EF Support for passwordless

* Got SignalR working for responses

* Added delete job method to EF repo

* Implement a GetMany API endpoint for AuthRequests

* Ran dotnet format

* Fix a merge issues

* Redated migration scripts

* tried sorting sqlproj

* Remove FailedLoginAttempts from SQL

* Groom Postgres script

* Remove extra commas from migration script

* Correct isSpent()

* [SG-167] Adde identity validation for passwordless requests. Registered IAuthRepository.

* [SG-167] Added origin of the request to response model

* Use display name for device identifier in response

* Add datetime conversions back to postgres migration script

* [SG-655] Add anonymous endpoint for checking if a device & user combo match

* [review] Consolidate error conditions

Co-authored-by: Brandon Maharaj <107377945+BrandonM-Bitwarden@users.noreply.github.com>
Co-authored-by: André Filipe da Silva Bispo <andrefsbispo@hotmail.com>
Co-authored-by: André Bispo <abispo@bitwarden.com>
2022-09-26 13:21:13 -04:00
Thomas Rittson
7c3637c8ba
[EC-387] Don't count revoked users towards occupied seat count (#2256)
Also autoscale seats when restoring user if required
2022-09-23 14:30:39 +10:00
github-actions[bot]
c494d344d2
Bumped version to 2022.9.3 (#2299)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-22 20:15:28 -04:00
github-actions[bot]
24a78519ad
Bumped version to 2022.9.2 (#2296)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-21 22:20:02 -04:00
Vince Grassia
add7b98231
Update Dockerfile for MSSQL image to 2019 (#2290) 2022-09-20 10:47:23 -04:00
Vince Grassia
b828faf30d
Fix run_migrations.sh script (#2289) 2022-09-19 18:57:18 -04:00
Oscar Hinton
893c4fbf6c
Update deprecation message for register and prelogin (#2288) 2022-09-19 17:15:53 +02:00
Addison Beck
d0c793c951
Update API endpoint to use RegisterResponseModel (#2282) 2022-09-19 09:35:57 -04:00
Michał Chęciński
26fc67eec6
Devops 905 publish event processor (#2239)
* Change to EventsProcessor

* COmment out for testing

* Comment out for testing

* Comment out branch check

* Comment version check

* Add info about origin registry

* FIx condition

* Uncomment after testing

* Release events
2022-09-15 17:21:00 +02:00
Oscar Hinton
3a8f344202
Fix swagger errors (#2277) 2022-09-15 17:14:35 +02:00
Addison Beck
287dc2e06b
[SG-656] Send a captcha bypass token back from the register endpoint (#2278)
* Send a captcha bypass token back from the register endpoint

* [review] Use existing user

* [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
Justin Baur
735ad264f1
Remove Batch (#2274) 2022-09-14 14:57:05 -04:00
github-actions[bot]
f848eb2477
Bump version to 2022.9.1 (#2260)
* Bumped version to 2022.9.1

* removing char from README try to force a run of EnforceLabels

* adding char back to README to try to force a run of EnforLabels

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Joseph Flinn <joseph.s.flinn@gmail.com>
2022-09-09 08:05:08 -07:00
Andreas Coroiu
e2b6f2a5bb
[EC-529] fix: missing constructor DI assignment (#2258)
* [EC-529] fix: missing constructor DI assignment

* [EC-239] fix: move logging to CiphersController
2022-09-09 13:20:59 +02:00
Oscar Hinton
70f16bc069
[SM-206] Update sqlproject to match migrations (#2246) 2022-09-08 21:42:02 +02:00
Oscar Hinton
d6ce41c837
[SM-205] Trigger Database job on PRs (#2255) 2022-09-08 21:26:26 +02:00
Oscar Hinton
98351f5693
[SM-205] Add CI job for validating the database (#2249) 2022-09-08 21:14:34 +02:00
Vincent Salucci
e7c1014f96
[EC-484] Remove getBilling API (#2250)
* [EC-484] Remove getBilling API

* Formatting
2022-09-08 10:20:36 -05:00
Colton Hurst
e2eb0de384
Remove the admin field from the config object (#2252) 2022-09-08 10:47:19 -04:00
Oscar Hinton
6a0e134129
[SM-195] Enable legacy timestamp for migrations (#2238) 2022-09-08 10:36:08 +02:00
Oscar Hinton
b612426782
Add git hook for formating (#2224) 2022-09-08 10:27:17 +02:00
Rui Tomé
5ecf7b9440
[EC-394] SCIM server integration tests (#2197)
* [EC-394] Added ScimApplicationFactory to handle tests for Scim controllers

* [EC-394] Added Scim.IntegrationTest project with GroupsControllerTests

* [EC-394] Fixed getting Guid Id from Operation Path

* [EC-394] Added tests for GroupsController Patch action

* [EC-394] Moved tests mock data setup to ScimApplicationFactory

* [EC-394] Updated IntegrationTestCommon packages.lock.json

* [EC-394] Updated ScimApplicationFactory and GroupsControllerTests; Added UsersController Tests

* [EC-394] dotnet format

* [EC-394] Updated Identity.IntegrationTest packages.lock.json

* [EC-394] Updated Scim.IntegrationTest packages.lock.json

* [EC-394] dotnet format

* [EC-394] Reverted change on getting GUID from GetOperationPathId

* [EC-394] Fixed sending userId on Patch_AddSingleMember_Success and Patch_RemoveSingleMember_Success

* [EC-394] Updated test to send request with two operations

* [EC-394] Removed Scim dependency from IntegrationTestCommon

* [EC-394] Reverted changes to packages.lock.json.
Ran dotnet format

* [EC-394] Updated Scim.IntegrationTest packages.lock.json

* [EC-394] Updated GroupsControllerTests and UsersControllerTests to implement IAsyncLifetime to cleanup database before each test

* [EC-394] Declared variables for GetList parameters

* [EC-394] Updated AssertHelper.AssertPropertyEqual to compare each item in an IEnumerable property

* [EC-394] Updated AssertHelper.AssertPropertyEqual to check if type is comparable

* [EC-394] Removed unused variable from ScimApplicationFactory

* Apply suggestions from code review

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [EC-394] Changed test users emails to domain example.com

* [EC-394] Restore solution file

* [EC-394] Added Scim.IntegrationTest to sln

* [EC-394] Updated integration tests to be clearer and check responses in detail

* [EC-394] Using NoopMailService to mock sending email invitations in tests

* [EC-394] Removed multiple references to the same variable ScimApplicationFactory.TestOrganizationId1

* [EC-394] Updated const variable names

* [EC-394] Using AssertPropertyEqualPredicate for IEnumerable properties

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2022-09-08 09:00:59 +01:00
Thomas Rittson
c085f5d49c
Add error message if revoked user tries to accept invite (#2241) 2022-09-08 07:54:58 +10:00