1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-11 15:17:44 +01:00
Commit Graph

223 Commits

Author SHA1 Message Date
Matt Gibson
c8c9b32904
Add logging to tokenables (#2298)
* Add logging to token usages

* Add settings manipulation of log levels

* Maintain no logging for dev

* Log exception causing Token failure in TryUnprotect

* dotnet format 🤖

* Added deconstruction operator on new debug logs.

* Split off log level settings into separate files

* Improve log messages

* dotnet format 🤖

* Fix token serialization

* Final review notes

Co-authored-by: Todd Martin <>
2022-09-26 14:22:02 -05:00
Colton Hurst
ed1406acc2
[SM-90] Add Config Endpoint Phase 1 (#2130)
* Add config endpoint with version and gitHash in response

* Remove gitHash from version, formatting and other improvements

* change name of variable in ConfigController

* Update to properly get gitHash

* SM-94: Add global settings for api url

* SM-94: ConfigController cleanup

* SM-94: Make version and gitHash available for all projects, using AssemblyHelper

* Update ConfigResponseModel GetVersion() call

* Change AssemblyHelpers.cs to use the UTF-8 charset

* SM-94: Use AssemblyHelpers.GetVersion and deprecate CoreHelpers.GetVersion

* SM-90: Add other BaseServiceUriSettings urls

* SM-94: Fix dotnet format issue

* remove old GetVersion method

* Add back the linebreak

* Fix typo in Directory.Build.props

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2022-09-05 11:19:04 -04:00
Justin Baur
7f5f010e1e
Run formatting (#2230) 2022-08-29 16:06:55 -04:00
Justin Baur
bae03feffe
Revert filescoped (#2227)
* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2a.
2022-08-29 15:53:48 -04:00
Justin Baur
34fb4cca2a
Turn on file scoped namespaces (#2225) 2022-08-29 14:53:16 -04:00
Oscar Hinton
194c695cd0
[SM-151] Move EF Dapper tests to Infrastructure.EFIntegration.Test (#2204) 2022-08-29 09:40:59 -04:00
Chad Scharf
37641ba08b
Cherry pick/stripe sdk fixes (#2170)
* update stripe sdk (#2166)

* Bump version to 2022.8.1 (#2167)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
(cherry picked from commit eaca9a5864)

* added setting to toggle stripe api version errors (#2168)

* Bump version to 2022.8.2 (#2169)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
(cherry picked from commit 3d7e5e165c)

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-08-09 09:32:18 -04:00
Matt Gibson
dad666fc96
Add Microsoft.Data.SqlClient back as quartz dependency (#2161) 2022-08-02 17:52:34 -05:00
Shane Melton
4e3d8172ff
Re-evaluate lock files to ensure they match project dependencies (#2132) 2022-07-20 09:10:08 -07:00
Shane Melton
7d40b38352
[PS-93] Distributed Ip rate limiting (#2060)
* Upgrade AspNetCoreRateLimiter and enable redis distributed cache for rate limiting.

- Upgrades AspNetCoreRateLimiter to 4.0.2, which required updating NewtonSoft.Json to 13.0.1.
- Replaces Microsoft.Extensions.Caching.Redis with Microsoft.Extensions.Caching.StackExchangeRedis as the original was deprecated and conflicted with the latest AspNetCoreRateLimiter
- Adds startup task to Program.cs for Api/Identity projects to support AspNetCoreRateLimiters breaking changes for seeding its stores.
- Adds a Redis connection string option to GlobalSettings

Signed-off-by: Shane Melton <smelton@bitwarden.com>

* Cleanup Redis distributed cache registration

- Add new AddDistributedCache service collection extension to add either a Memory or Redis distributed cache.
- Remove distributed cache registration from Identity service collection extension.
- Add IpRateLimitSeedStartupService.cs to run at application startup to seed the Ip rate limiting policies.

Signed-off-by: Shane Melton <smelton@bitwarden.com>

* Add caching configuration to SSO Startup.cs

Signed-off-by: Shane Melton <smelton@bitwarden.com>

* Add ProjectName as an instance name for Redis options

Signed-off-by: Shane Melton <smelton@bitwarden.com>

* Use distributed cache in CustomIpRateLimitMiddleware.cs

Signed-off-by: Shane Melton <smelton@bitwarden.com>

* Undo changes to Program.cs and launchSettings.json

* Move new service collection extensions to SharedWeb

* Upgrade Caching.StackExchangeRedis package to v6

* Cleanup and fix leftover merge conflicts

* Remove use of Newtonsoft.Json in distributed cache extensions

* Cleanup more formatting

* Fix formatting

* Fix startup issue caused by merge and fix integration test

Signed-off-by: Shane Melton <smelton@bitwarden.com>

* Linting fix

Signed-off-by: Shane Melton <smelton@bitwarden.com>
2022-07-19 11:58:32 -07:00
Oscar Hinton
113627dcd5
Add Swagger generation for Identity (#2058) 2022-07-04 12:05:46 +02:00
Justin Baur
231eb84e69
Turn On ImplicitUsings (#2079)
* Turn on ImplicitUsings

* Fix formatting

* Run linter
2022-06-29 19:46:41 -04:00
Justin Baur
daeaa42851
[PS-40] Upgrade to .NET 6 (#2056)
* Bump to .NET 6

* Update Docker images

* Update docs

* Update workflow for linter

* Add all common versions to props file

* Update tools manifest

* Update csproj files

* Update packages.lock.json files

* Switch to setup-dotnet

* Remove msbuild

* Fix deps breaking changes

* Manually install msbuild

* Use msbuild for build

* Fix verbosity switch

* Remove unused exceptions

* Address linter feedback

* Make Obsolete warnings suggestions for now.

* Force Evaluate

* Format on tests

* Run formatting again.

* Use windows 2022

* force evaluate

* Fix restore

* Fix linter

* Skip test

* Update Directory.Build.props

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Address PR feedback

* Add IntegationTest for Rate limiter

* Fix test

* Reenable test

* Reorder test

* Skip test again

* Add tracking link

* Update .github/workflows/build.yml

Co-authored-by: Micaiah Martin <77340197+mimartin12@users.noreply.github.com>

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Micaiah Martin <77340197+mimartin12@users.noreply.github.com>
2022-06-24 10:39:34 -04:00
Carlos J. Muentes
14302efa2c
CSA-2 - Require user interaction for SSO redirect (#1948)
* CSA-2 - adding validation before redirecting for SSO login

* Updating server to use generated and signed JWT for SSO redirect

* Removing erroneous file

* Removing erroneous file

* Updating for PR feedback, adding domain_hint to Login and fixing invalid domain_hint name reference

* Some code styling changes from PR feedback

* Removing unnecessary JSON serialization

* Couple small changes from PR feedback

* Fixing linting errors

* Update formatting in AccountController.cs

* Remove unused dependency

* Add token lifetime to settings

* Use tokenable directly

* Return defined models

* Revert sso proj file changes

* Check expiration validity when validating org

* Show error message with expired token

* Formatting fixes

* Add SsoTokenLifetime to Sso settings

* Fix build errors

* Fix sql warnings

Co-authored-by: Carlos J. Muentes <cmuentes@bitwarden.com>
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-06-01 12:23:52 -05:00
Justin Baur
719abc7e61
[BEEEP] Integration tests (#1945)
* Add api integration tests

* Add some stuff

* Make program mockable

* Work on IntegrationTests for Identity

* Formatting

* Update packages.lock.json

* Update more packages.lock.json

* Update all packages.lock.json

* Fix InMemory configuration

* Actually fix test configuration

* Fix tests for CI

* Fix event service

* Force EF EventRepository

* Add client_credentials test

* Remove Api.IntegrationTest

* Remove Api Program changes

* Cleanup

* Add more Auth-Email tests

* Run formatting

* Address some PR feedback

* Move integration stuff to it's own common project

* Ran linter

* Add shared project to test solution

* Remove sln changes

* Clean usings

* Add more coverage

* Address PR feedback
2022-05-20 15:24:59 -04:00
Matt Gibson
4814cef245
Feature/self hosted development (#1921)
* Add self-host option to migration runner

* Add Self-host launch options

* Add self-hosted settings override

Let's a single secrets/env config file control both
cloud and self-hosted settings by allowing
overrides to cloud settings with self-hosted

* Allow dev-signed licenses on dev self-hosted

* Allow setting bitwarden cloud api url

Useful for testing api integration between installations and cloud

* Remove testing echoes

* Remove run config property groups

* Use `getopts` for options

* Pass in full environment
2022-03-21 17:13:00 -05:00
Kyle Spearrin
4cbe05da3c
SendGrid Mail Delivery Provider (#1892)
* add sendgrid mail delivery service

* <

* remove duplicate code

* fix test by using ISendGridClient interface
2022-03-01 19:09:51 -05:00
Oscar Hinton
8d6c49f656
Add lock files for NuGet (#1855) 2022-02-10 15:40:31 +01:00
Vincent Salucci
452677e441
[Icons] Update not found image (#1836) 2022-02-01 23:09:24 -06:00
Oscar Hinton
e4a10aae27
Split out repositories to Infrastructure.Dapper / EntityFramework (#1759) 2022-01-11 10:40:51 +01:00
Oscar Hinton
23b0a1f9df
Run dotnet format (#1764) 2021-12-16 15:35:09 +01:00
Vince Grassia
2ec10cfd2a
Standardize '/version' endpoint on all services (#1755) 2021-12-09 15:45:45 -05:00
Kyle Spearrin
327e784336
Added middleware for general security headers (#1700) 2021-11-09 11:37:14 -05:00
Kyle Spearrin
f26a235964
set MaxResponseContentBufferSize to 5 MB (#1702) 2021-11-09 11:32:23 -05:00
Kyle Spearrin
9582e94232
add ::ffff: to internal ip check (#1701)
* add ::ffff: to internal ip check

* check StartsWith
2021-11-09 11:16:54 -05:00
Joseph Flinn
ee7b608a46
revamping the build scripts (#1620) 2021-10-08 09:53:56 -07:00
Joseph Flinn
d07a68e3cc
Add configuration support for QA cloud environment (#1572)
* Adding a QA environment specific configuration

* separating the bitwarden environment and stripe environment checks

* adding a logging statement for the PayPal webhook key check

* adding more logging

* switched logging type

* Changing the log level on the PayPal webhook. Removing the debugging log from the Stripe Controller
2021-09-08 13:09:54 -07:00
Joseph Flinn
f1238d7b4a
Increasing production log level (#1477)
* increasing the log levels on all of the services to prevent logging successes

* resetting the default logging and adding in constraints in logging in Production
2021-07-21 09:15:59 -07:00
Addison Beck
b13dda2799
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)

* scaffolding for ef support

* deleted old postgres repos

* added tables to oncreate

* updated all the things to .NET 5

* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to  5.0 (#1223)

* Migrated DockerFiles from dotnet/3.1 to  5.0

* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)

* Updated requirements in README.md

* Updated link to documentation of app-secrets

* upgraded dotnet version to 5.0

* Ef database support implementation examples (#1265)

* mostly finished testing the user repo

* finished testing user repo

* finished org, user, ssoconfig, and ssouser ef implementations

* removed unused prop

* fixed a sql file

* fixed a spacing issue

* fixed a spacing issue

* removed extra database creation

* refactoring

* MsSql => SqlServer

* refactoring

* code review fixes

* build fix

* code review

* continued attempts to fix the the build

* skipped another test

* finished all create test

* initial pass at several repos

* continued building out repos

* initial pass at several repos

* initial pass at device repo

* initial pass at collection repo

* initial run of all Entity Framework implementations

* signup, signin, create/edit ciphers works

* sync working

* all web vault pages seem to load with 100% 200s

* bulkcopy, folders, and favorites

* group and collection management

* sso, groups, emergency access, send

* get basic creates matching on all repos

* got everything building again post merge

* removed some IDE config files

* cleanup

* no more notimplemented methods in the cipher repo

* no more not implementeds everywhere

* cleaned up schema/navigation properties and fixed tests

* removed a sql comment that was written in c# style

* fixed build issues from merge

* removed unsupported db providers

* formatting

* code review refactors

* naming cleanup for queries

* added provider methods

* cipher repo cleanup

* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage

* fixed the build

* added a null check

* consolidated some cipher repo methods

* formatting fix

* cleaned up indentation of queries

* removed .idea file

* generated postgres migrations

* added mysql migrations

* formatting

* Bug Fixes & Formatting

* Formatting

* fixed a bug with bulk import when using MySql

* code review fixes

* fixed the build

* implemented new methods

* formatting

* fixed the build

* cleaned up select statements in ef queries

* formatting

* formatting

* formatting

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 16:35:48 +00:00
Oscar Hinton
1796b1dd8e
Disable launchBrowser launchSetting (#1400) 2021-06-16 18:36:23 +02:00
Vince Grassia
21003c61ab
Update output directory for dotnet builds (#1358)
* Update output directory for dotnet builds

* Update Dotnet build output path
2021-05-27 12:16:12 -04:00
Justin Baur
d21ca83a20
Add Directory.Build.props (#1314)
* Add Directory.Build.props

* Remove unneeded props
2021-05-12 13:03:21 -04:00
Chad Scharf
7cae9d5e47
Version bump, 1.41.2 (#1305) 2021-05-05 12:33:11 -04:00
Thomas Rittson
df7a035d9b
Minor release version bump 1.40.0 (#1199) 2021-03-10 11:19:40 -05:00
Matt Gibson
5537470703
Use sas token for attachment downloads (#1153)
* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
2021-02-22 15:35:16 -06:00
Kyle Spearrin
78606d5f13
endpoint to display config settings (#1150) 2021-02-18 15:15:08 -05:00
Kyle Spearrin
1ca6e917af
return fa-globe icon when not found (#1149) 2021-02-18 12:18:50 -05:00
Chad Scharf
6d8e37ebf6
Patch release version bump, 1.39.4 (#1124) 2021-02-01 18:43:32 -05:00
Chad Scharf
2380bba577
version bump 1.39.3 (#1113) 2021-01-27 17:00:56 -05:00
Chad Scharf
5778a903c6
Version bump, v1.39.0 (#1095) 2021-01-19 16:09:43 -05:00
Chad Scharf
c390c46b3e
Version bump 1.38.4 (#1045) 2020-12-17 12:43:47 -05:00
Chad Scharf
1b8d5a8ee8
version bump to 1.38.3 (#1043) 2020-12-17 10:49:52 -05:00
Chad Scharf
9e1bf3d584
version bump 1.38.2 (#1023) 2020-12-03 22:06:36 -05:00
Kyle Spearrin
7405ccb007 bump version 2020-11-18 10:24:02 -05:00
Kyle Spearrin
ac1defc97a bump versions and disabled send creation 2020-11-12 21:43:10 -05:00
Chad Scharf
6227ddf304
Bump version: v1.37.2 (#961)
* Bump version: v1.37.2

* Revert Docker version
2020-10-09 10:48:11 -04:00
Kyle Spearrin
cf4fddfa21 bump version 2020-09-15 17:06:10 -04:00
Chad Scharf
c11af22010
version bump (#914)
* version bump

* version bump
2020-09-05 21:31:26 -04:00
Kyle Spearrin
f431b4ff67 version 1.36.1 bump 2020-07-29 10:35:12 -04:00
Kyle Spearrin
cf303f2f97
catch errors when trying to resolve DNS (#841) 2020-07-28 23:22:02 -04:00