1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-25 12:45:18 +01:00
Commit Graph

3650 Commits

Author SHA1 Message Date
Addison Beck
54354237ba
[SG-686] Correctly format AuthRequestResponse.Origin (#2325)
* Remove hardcoded URL case from AuthRequestResponse

* Just use URI host for AuthRequestResponse.Origin
2022-10-04 11:06:01 -04:00
Rui Tomé
8325f0eed4
[EC-508] SCIM CQRS Refactor - Users/Get (#2266)
* [EC-390] Added Scim.Test unit tests project

* [EC-390] Added ConflictException type. Updated BadRequestException to have parameterless constructor. Updated NotFoundException to have constructor with a message parameter

* [EC-534] Implemented CQRS for Users Get and added unit tests

* [EC-508] Renamed GetUserCommand to GetUserQuery

* [EC-508] Created ScimServiceCollectionExtensions

* [EC-508] Renamed AddScimCommands to AddScimUserQueries

* [EC-508] Created ExceptionHandlerFilterAttribute on SCIM project

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2022-10-04 11:40:28 +10:00
Addison Beck
707a39972b
[SG-617] [SG-697] [SG-686] Fix various minor passwordless bugs (#2320)
* Only push auth request responses if the request is approved

* Add error message when an unknown device tries to send an auth request

* Send the vault URL for self hosted auth requests
2022-10-03 11:37:37 -04:00
Addison Beck
c8783ced6d
Use a user-based known device check (#2318) 2022-09-30 09:45:07 -04:00
Michał Chęciński
13e33cd789
Update deprecated Azure Key Vault in workflows (#2214) 2022-09-29 13:29:58 -07:00
Addison Beck
53f6ec0a71
[SG-692] Block unknown devices from using passwordless auth (#2315)
* Block unknown devices from initiating auth requests

* Rename anonymousHub route to anonymous-hub
2022-09-29 14:10:21 -04:00
Thomas Rittson
96fa8781f3
[EC-588] Add secrets override for dev logging (#2309) 2022-09-29 08:02:14 +10:00
Addison Beck
0629394cec
[SG-169] Add arguements to AuthRequest_Update.sql (#2313) 2022-09-28 14:46:07 -04:00
Michał Chęciński
65e9520d09
Update artifact download action (#2312) 2022-09-28 14:50:43 +02:00
github-actions[bot]
82c4d2ab95
Bumped version to 2022.9.5 (#2308)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-27 15:46:51 -07:00
Michał Chęciński
c45bbee4a3
Add renovate config (#2182)
* Add renovate config

* Update renovate.json

* Remove unnecassary config

* Update renovate.json

* Match only minor and patch updates

* Disable major updates
2022-09-27 19:07:29 +02:00
Oscar Hinton
c11a179332
[SM-220] Move identity specific files to identity (#2279) 2022-09-27 18:30:37 +02:00
Oscar Hinton
ea0087ee6f
Remove docker compose restart always (dev) (#2284) 2022-09-27 15:25:14 +02:00
Rui Tomé
a536d89264
[EC-447] Removed unneeded ScimUserRequestModel for Users DELETE endpoint as it was causing an error (#2294) 2022-09-27 09:50:29 +01:00
Matt Gibson
ddb683dbff
Set serilog min level (#2304) 2022-09-26 21:38:35 -05:00
github-actions[bot]
402f23054c
Bumped version to 2022.9.4 (#2302)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-26 17:14:21 -04:00
Matt Gibson
c8c9b32904
Add logging to tokenables (#2298)
* Add logging to token usages

* Add settings manipulation of log levels

* Maintain no logging for dev

* Log exception causing Token failure in TryUnprotect

* dotnet format 🤖

* Added deconstruction operator on new debug logs.

* Split off log level settings into separate files

* Improve log messages

* dotnet format 🤖

* Fix token serialization

* Final review notes

Co-authored-by: Todd Martin <>
2022-09-26 14:22:02 -05:00
Addison Beck
02bea3c48d
[SG-167] Implement Passwordless Authentication via Notifications (#2276)
* [SG-549] Commit Initial AuthRequest Repository (#2174)

* Model Passwordless

* Scaffold database for Passwordless

* Implement SQL Repository

* [SG-167] Base Passwordless API (#2185)

* Implement Passwordless notifications

* Implement Controller

* Add documentation to BaseRequestValidator

* Register AuthRequestRepo

* Remove ExpirationDate from the AuthRequest table

* [SG-407] Create job to delete expired requests (#2187)

* chore: init

* remove exp date

* fix: log name

* [SG-167] Added fingerprint phrase to response model. (#2233)

* Remove FailedLoginAttempt logic

* Block unknown devices

* Add EF Support for passwordless

* Got SignalR working for responses

* Added delete job method to EF repo

* Implement a GetMany API endpoint for AuthRequests

* Ran dotnet format

* Fix a merge issues

* Redated migration scripts

* tried sorting sqlproj

* Remove FailedLoginAttempts from SQL

* Groom Postgres script

* Remove extra commas from migration script

* Correct isSpent()

* [SG-167] Adde identity validation for passwordless requests. Registered IAuthRepository.

* [SG-167] Added origin of the request to response model

* Use display name for device identifier in response

* Add datetime conversions back to postgres migration script

* [SG-655] Add anonymous endpoint for checking if a device & user combo match

* [review] Consolidate error conditions

Co-authored-by: Brandon Maharaj <107377945+BrandonM-Bitwarden@users.noreply.github.com>
Co-authored-by: André Filipe da Silva Bispo <andrefsbispo@hotmail.com>
Co-authored-by: André Bispo <abispo@bitwarden.com>
2022-09-26 13:21:13 -04:00
Thomas Rittson
7c3637c8ba
[EC-387] Don't count revoked users towards occupied seat count (#2256)
Also autoscale seats when restoring user if required
2022-09-23 14:30:39 +10:00
github-actions[bot]
c494d344d2
Bumped version to 2022.9.3 (#2299)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-22 20:15:28 -04:00
github-actions[bot]
24a78519ad
Bumped version to 2022.9.2 (#2296)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-21 22:20:02 -04:00
Vince Grassia
add7b98231
Update Dockerfile for MSSQL image to 2019 (#2290) 2022-09-20 10:47:23 -04:00
Vince Grassia
b828faf30d
Fix run_migrations.sh script (#2289) 2022-09-19 18:57:18 -04:00
Oscar Hinton
893c4fbf6c
Update deprecation message for register and prelogin (#2288) 2022-09-19 17:15:53 +02:00
Addison Beck
d0c793c951
Update API endpoint to use RegisterResponseModel (#2282) 2022-09-19 09:35:57 -04:00
Michał Chęciński
26fc67eec6
Devops 905 publish event processor (#2239)
* Change to EventsProcessor

* COmment out for testing

* Comment out for testing

* Comment out branch check

* Comment version check

* Add info about origin registry

* FIx condition

* Uncomment after testing

* Release events
2022-09-15 17:21:00 +02:00
Oscar Hinton
3a8f344202
Fix swagger errors (#2277) 2022-09-15 17:14:35 +02:00
Addison Beck
287dc2e06b
[SG-656] Send a captcha bypass token back from the register endpoint (#2278)
* Send a captcha bypass token back from the register endpoint

* [review] Use existing user

* [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
Justin Baur
735ad264f1
Remove Batch (#2274) 2022-09-14 14:57:05 -04:00
github-actions[bot]
f848eb2477
Bump version to 2022.9.1 (#2260)
* Bumped version to 2022.9.1

* removing char from README try to force a run of EnforceLabels

* adding char back to README to try to force a run of EnforLabels

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Joseph Flinn <joseph.s.flinn@gmail.com>
2022-09-09 08:05:08 -07:00
Andreas Coroiu
e2b6f2a5bb
[EC-529] fix: missing constructor DI assignment (#2258)
* [EC-529] fix: missing constructor DI assignment

* [EC-239] fix: move logging to CiphersController
2022-09-09 13:20:59 +02:00
Oscar Hinton
70f16bc069
[SM-206] Update sqlproject to match migrations (#2246) 2022-09-08 21:42:02 +02:00
Oscar Hinton
d6ce41c837
[SM-205] Trigger Database job on PRs (#2255) 2022-09-08 21:26:26 +02:00
Oscar Hinton
98351f5693
[SM-205] Add CI job for validating the database (#2249) 2022-09-08 21:14:34 +02:00
Vincent Salucci
e7c1014f96
[EC-484] Remove getBilling API (#2250)
* [EC-484] Remove getBilling API

* Formatting
2022-09-08 10:20:36 -05:00
Colton Hurst
e2eb0de384
Remove the admin field from the config object (#2252) 2022-09-08 10:47:19 -04:00
Oscar Hinton
6a0e134129
[SM-195] Enable legacy timestamp for migrations (#2238) 2022-09-08 10:36:08 +02:00
Oscar Hinton
b612426782
Add git hook for formating (#2224) 2022-09-08 10:27:17 +02:00
Rui Tomé
5ecf7b9440
[EC-394] SCIM server integration tests (#2197)
* [EC-394] Added ScimApplicationFactory to handle tests for Scim controllers

* [EC-394] Added Scim.IntegrationTest project with GroupsControllerTests

* [EC-394] Fixed getting Guid Id from Operation Path

* [EC-394] Added tests for GroupsController Patch action

* [EC-394] Moved tests mock data setup to ScimApplicationFactory

* [EC-394] Updated IntegrationTestCommon packages.lock.json

* [EC-394] Updated ScimApplicationFactory and GroupsControllerTests; Added UsersController Tests

* [EC-394] dotnet format

* [EC-394] Updated Identity.IntegrationTest packages.lock.json

* [EC-394] Updated Scim.IntegrationTest packages.lock.json

* [EC-394] dotnet format

* [EC-394] Reverted change on getting GUID from GetOperationPathId

* [EC-394] Fixed sending userId on Patch_AddSingleMember_Success and Patch_RemoveSingleMember_Success

* [EC-394] Updated test to send request with two operations

* [EC-394] Removed Scim dependency from IntegrationTestCommon

* [EC-394] Reverted changes to packages.lock.json.
Ran dotnet format

* [EC-394] Updated Scim.IntegrationTest packages.lock.json

* [EC-394] Updated GroupsControllerTests and UsersControllerTests to implement IAsyncLifetime to cleanup database before each test

* [EC-394] Declared variables for GetList parameters

* [EC-394] Updated AssertHelper.AssertPropertyEqual to compare each item in an IEnumerable property

* [EC-394] Updated AssertHelper.AssertPropertyEqual to check if type is comparable

* [EC-394] Removed unused variable from ScimApplicationFactory

* Apply suggestions from code review

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [EC-394] Changed test users emails to domain example.com

* [EC-394] Restore solution file

* [EC-394] Added Scim.IntegrationTest to sln

* [EC-394] Updated integration tests to be clearer and check responses in detail

* [EC-394] Using NoopMailService to mock sending email invitations in tests

* [EC-394] Removed multiple references to the same variable ScimApplicationFactory.TestOrganizationId1

* [EC-394] Updated const variable names

* [EC-394] Using AssertPropertyEqualPredicate for IEnumerable properties

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2022-09-08 09:00:59 +01:00
Thomas Rittson
c085f5d49c
Add error message if revoked user tries to accept invite (#2241) 2022-09-08 07:54:58 +10:00
Micaiah Martin
edcac759eb
Update enforce-labels.yml (#2248) 2022-09-07 09:22:04 -05:00
github-actions[bot]
1866ddb7b0
Bumped version to 2022.9.0 (#2244)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-09-06 14:00:23 -07:00
Colton Hurst
ed1406acc2
[SM-90] Add Config Endpoint Phase 1 (#2130)
* Add config endpoint with version and gitHash in response

* Remove gitHash from version, formatting and other improvements

* change name of variable in ConfigController

* Update to properly get gitHash

* SM-94: Add global settings for api url

* SM-94: ConfigController cleanup

* SM-94: Make version and gitHash available for all projects, using AssemblyHelper

* Update ConfigResponseModel GetVersion() call

* Change AssemblyHelpers.cs to use the UTF-8 charset

* SM-94: Use AssemblyHelpers.GetVersion and deprecate CoreHelpers.GetVersion

* SM-90: Add other BaseServiceUriSettings urls

* SM-94: Fix dotnet format issue

* remove old GetVersion method

* Add back the linebreak

* Fix typo in Directory.Build.props

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2022-09-05 11:19:04 -04:00
Shane Melton
9a12992b59
Reverse proxy / load balancer configuration for local development (#2097)
* Add server reverse proxy configuration example for docker compose

* Use n + 100 for Identity load balancer port
2022-08-31 17:21:40 -07:00
Shane Melton
2bf8438ff7
[EC-502] Rate Limiting Improvements (#2231)
* [EC-502] Add custom Redis IP rate limit processing strategy

* [EC-502] Formatting

* [EC-502] Add documentation and app setting config options

* [EC-502] Formatting

* [EC-502] Fix appsettings.json keys

* [EC-502] Replace magic string for cache key

* [EC-502] Add tests for custom processing strategy

* [EC-502] Formatting

* [EC-502] Use base class for custom processing strategy

* [EC-502] Fix failing test
2022-08-31 14:17:29 -07:00
Rui Tomé
e0f9d99b49
[EC-495] Updated GroupService.SaveAsync to check if collections are supplied and prevent deleting Group-to-Collection associations. Added unit test. (#2234) 2022-08-31 16:03:13 +01:00
Matt Gibson
a6d97118fa
Feature/bit auto data (#2219)
* Update ProviderService tests

* Use BitAutoData in CipherService tests

* Simplify UserCipher fixture

Because we use a single customizer for all ciphers, they all have the same userId.

* Clean up more cipher fixtures

* Swap Cipher Fixtures to BitCustomizeAttribute

* Clean up collection fixtures

* Clean up GroupFixtures

* Move SendService Tests to BitAutoData

* Clean up Organization Fixtures

TODO: The customize attributes should not be customizing more than one class

* Name files after the class they contain

* Clear up usage of CustomAutoDataAttribute in tests

* Clean up usages of InlineCustomAutoData

* format

* Manually merge with file-scoped-namespace changes
2022-08-31 08:38:35 -05:00
Thomas Rittson
2d9d6ad812
[EC-505] Update PR template (#2221) 2022-08-31 08:46:59 +10:00
Justin Baur
36aceed52a
Add instructions (#2232)
* Add instructions

* Add ignore revs

* PR feedback
2022-08-30 12:17:17 -04:00
Justin Baur
7f5f010e1e
Run formatting (#2230) 2022-08-29 16:06:55 -04:00