1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-10 15:13:29 +01:00
Commit Graph

2759 Commits

Author SHA1 Message Date
Matt Gibson
5a2d988375
Correct seat counts (#1621) 2021-10-07 08:05:02 -05:00
Oscar Hinton
f63a0711dc
Add some missing defaults to SSO Api (#1619) 2021-10-06 19:36:03 +02:00
Oscar Hinton
79447b6671
Remove Business Portal (#1614) 2021-10-06 10:39:13 +02:00
Matt Gibson
bd297fb7a2
SqlServer split manage collection permission (#1594)
* SqlServer split manage collection permission

* Clarify names

* Test claims generation

* Test permission serialization

* Simplify claims building

* Use new collections permissions

* Throw on use of deprecated permissions

* Lower case all claims

* Remove todos

* Clean nonexistent project from test solution

* JsonIgnore for both system and newtonsoft json

* Make migrations more robust to multiple runs

* remove duplicate usings

* Remove obsolete permissions

* Test solutions separately to detect failures

* Handle dos line endings

* Fix collections create/update permissions

* Change restore cipher to edit permissions

* Improve formatting

* Simplify map

* Refactor test
2021-10-05 11:12:05 -05:00
Kyle Spearrin
f58b9fcab4
uncomment to require auth-email header (#1604) 2021-09-30 11:24:29 -04:00
Matt Gibson
9de9be8f20
Only test canScale is an org needs to scale for an invite (#1608) 2021-09-28 15:18:44 -05:00
Oscar Hinton
63c8070b01
Add Stripe Adapter and IBraintreeGateway to DI (#1596) 2021-09-27 23:01:13 +02:00
Thomas Rittson
66629b2f1c
Refactor policy checks (#1536)
* Move policy checking logic inside PolicyService

* Refactor to use currentContext.ManagePolicies

* Make orgUser status check more semantic

* Fix single org user checks

* Use CoreHelper implementation to deserialize json

* Refactor policy checks to use db query

* Use new db query for enforcing 2FA Policy

* Add Policy_ReadByTypeApplicableToUser

* Stub out EF implementations

* Refactor: use PolicyRepository only

* Refactor tests

* Copy SQL queries to proj and update sqlproj file

* Refactor importCiphersAsync to use new method

* Add EF implementations and tests

* Refactor SQL to remove unnecessary operations
2021-09-28 06:54:28 +10:00
Matt Gibson
3d74f514ad
Early return zero or negative amount invoices (#1595)
Stripe handles these by immediately finalizing as paid and crediting
their account the appropriate amount.
2021-09-27 09:20:47 -05:00
Addison Beck
bccd7eb0ba
add web fonts directly to styles for web apps (#1598) 2021-09-24 15:55:18 -04:00
Matt Gibson
d39f45c81c
Organization autoscaling (#1585)
* Add autoscale fields to Organization

* Add autoscale setting changes

* Autoscale organizations

updates InviteUsersAsync to support all invite sources.

sends an email to org owners when organization autoscaled

* All organizations autoscale

Disabling autoscaling can be done by setting max seats to current seats.

We only warn about autoscaling on the first autoscaling event.

* Fix tests

* Bug fixes

* Simplify subscription update logic

* Void invoices that fail to delete

Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client.

* Notify org owners when their subscription runs out of seats

* Use datetime for notifications

Allows for later re-sending email if we want to periodically remind
owners

* Do not update subscription if it already matches new quatity

* Include all migrations

* Remove unnecessary inline styling

* SubscriptionUpdate handles update decisions

* Remove unnecessary html setter

* PR review

* Use minimum access for class methods
2021-09-23 05:36:08 -05:00
Matt Gibson
62a0ca881f
Process collections client-side (#1591)
CollectionDetails is not an entity and so cannot be processed server-side
2021-09-21 13:18:11 -05:00
Joseph Flinn
cd321f2267
updating the dotnet framework for the eventsprocessor docker conatiner for the QA environment (#1590) 2021-09-20 13:44:38 -07:00
Oscar Hinton
c22e48c1b4
Resolve error when deleting an account connected to a provider (#1580) 2021-09-15 20:34:06 +02:00
Vincent Salucci
00332e72e4
[SSO Auto Enroll] Add API for auto enroll status retrieval (#1583)
* [SSO Auto Enroll] Add API for auto enroll status retrieval

* Add another user check to API

* Updated vague boolean name
2021-09-15 12:23:47 -05:00
Matt Gibson
97b27220dd
Use invoice to pay if subscription set to invoice (#1571)
* Use invoice to pay if subscription set to invoice

* Apply suggestions from code review

Co-authored-by: Addison Beck <abeck@bitwarden.com>

* PR review

Move to subscriber model for subscription updates.

Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-09-14 08:18:06 -05:00
Oscar Hinton
e070a0a5c1
Add policy for DisablePersonalVaultExport (#1577) 2021-09-13 11:20:53 +02:00
Thomas Rittson
d8e9357e74
Add Linked type to custom field types (#1540) 2021-09-13 16:34:26 +10:00
Vincent Salucci
c0f53d7371
[Reset Password] ForcePasswordReset in AuthResult (#1576) 2021-09-10 16:51:46 -05:00
Oscar Hinton
57dd6c7294
Retry quartz initialization (#1570) 2021-09-09 18:13:48 +02:00
Joseph Flinn
d07a68e3cc
Add configuration support for QA cloud environment (#1572)
* Adding a QA environment specific configuration

* separating the bitwarden environment and stripe environment checks

* adding a logging statement for the PayPal webhook key check

* adding more logging

* switched logging type

* Changing the log level on the PayPal webhook. Removing the debugging log from the Stripe Controller
2021-09-08 13:09:54 -07:00
Thomas Rittson
01f0b6184f
Enforce Personal Ownership policy when importing (#1565) 2021-09-08 07:20:05 +10:00
Oscar Hinton
18adbc9c74
Add Maximum Vault Timeout Policy (#1559) 2021-09-07 20:18:34 +02:00
Oscar Hinton
02866623f2
Add OrganizationUser_ReadByMinimumRole to Sql.sqlproj (#1555) 2021-09-07 15:42:44 +02:00
Thomas Rittson
8f27f21ce0
Remove stale SsoUser objects from database (#1560)
* Add SsoUser_ReadByUserIdOrganizationId

* Automatically reset stale/duplicate Sso links

* Fix typo

* Check for stale Sso link in existing user flow

* Delete any stale user record before provisioning new user

* Check for existing db query before creating

* PR feedback updates

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-09-03 10:54:41 -04:00
Matt Gibson
db0ef226c4
Fix stripe invoice time on seat adjust (#1564)
* Finalize and void subscription updates

Stripe does not allow deletion of invoices created as subscription updates.
Instead, finalize it and void it out without sending to the customer.

* Store and Restore invoice days until due

Currently, we're overwriting customer invoice lead times whenever they
attempt to update their seat count. Changes are now updated to previous
behavior after our seat adjustment work

* PR Comments
2021-09-03 08:55:29 -05:00
Daniel James Smith
f803e7664e
Updated nuget packages to use newest .Net 5.0.9 (#1547) 2021-09-01 11:36:37 +02:00
Vincent Salucci
f2520ed7be
[Reset Password] Enable force password reset (#1557) 2021-08-31 14:23:06 -05:00
Thomas Rittson
e1908cd6b5
Add support for international domain names (IDN) in email addresses (#1512)
* Adjust email address checking to handle unicode

* ASCII only in local part
* allow unicode in second-level and top-level domain

* Add PunyEncoding/Decoding methods and tests

* Use PunyEncoding for outbound email recipients

* Use MailKit for punycode, handle edge cases

* Punyencode all email addresses in mailServices

* Remove punyencoding from HandlebarsMailService

* Add to punyencoding tests

* Use more inclusive e-mail error

* Fix comment wording

* Apply StrictEmail checking to emergency access invite

* Remove punyDecode helper
2021-08-31 13:49:11 +10:00
Oscar Hinton
b815813dba
Remove providerUserRepository from currentContext in NotificationsHub. (#1549) 2021-08-30 18:19:46 +02:00
Thomas Rittson
4bc683c38d
Increase sales tax precision from 2 to 3 decimal places (#1525)
* Allow for tax rates with 3 decimal places

* Update input validation

* Increase precision of create procedure
2021-08-24 06:52:59 +10:00
Oscar Hinton
bc003c4449
Add support for managing organizations through providers using the business portal (#1521) 2021-08-23 07:32:29 -05:00
Luc
74218d4639
Include admin reset on trial (#1530)
Objective
The "Enterprise Trial button" was missing the admin reset feature on press. Add the checkbox to selected features when pressed.

Code Changes
Add checked property for UseResetPassword
2021-08-20 15:57:50 -04:00
Thomas Rittson
a735bdd027
Fix sales tax error if using PayPal or credit (#1524)
Add sales tax information to previewInvoice, which is used to calculate
the amount of the PayPal or account credit charge. Without this, the
charged amount and Stripe subscription amounts are different and throws
an error.
2021-08-19 15:21:06 +10:00
Addison Beck
4400fdf57d
changed the value of the DirectorySynced event (#1520) 2021-08-17 16:19:15 -04:00
Oscar Hinton
34995ead1f
Refactor email template to resolve logo not being centred (#1516) 2021-08-17 20:54:06 +02:00
Addison Beck
4645914383
Reference Events Fixups (#1518)
* made salesAssistedTrialStarted nullable

* removed conditional logic surrounding directory sync events

* changed the value of the CipherCreated reference event enum
2021-08-17 13:12:55 -04:00
Matt Gibson
1779d33a66
Verify Send file does not exist before saving file (#1515)
* Verify Send file does not exist before saving file

* Fix flaky test
2021-08-17 08:37:00 -05:00
Matt Gibson
48aa54949b
Allow api key as captcha token (#1513)
This allows legitimate users to permanently bypass captcha once
they've successfully logged in. Will allow unmonitored scripts more
resilience to captcha requirements
2021-08-13 08:52:52 -05:00
Addison Beck
824645250e
toggled the force password reset flow off (#1510)
* toggled the force password reset flow off

* Update UserService.cs
2021-08-12 13:09:08 -04:00
Addison Beck
f55708d748
built out the organization edit event from the admin portal (#1508)
* built out the organization edit event from the admin portal

* removed unneeded override

* added some space

* fixed the space
2021-08-11 12:44:30 -04:00
Thomas Rittson
eb6aaad57a
Use RequestSizeLimit for all file upload endpoints (#1507)
* Enforce upload size limits via RequestSizeLimit instead of if statements
* 101mb limit for legacy uploads, 501mb limit for all other
* Only allow v2 local storage for self-hosted instances
2021-08-11 08:14:28 +10:00
Thomas Rittson
f92628fb80
Use UrlB64 encoding for auth-email header (#1503) 2021-08-11 06:21:46 +10:00
Vince Grassia
179543d790
Add 'alive' endpoint to Admin and Identity services (#1505)
* Add 'alive' endpoint to Admin and Identity services

* Move 'alive' endpoint for Admin to Home Controller
2021-08-10 15:29:13 -04:00
Addison Beck
7928b25796
Added Several New Reference Events (#1500)
* added enum values for new events

* hooked up directory sync event

* upgraded the OrganizationUpgrade ReferenceEvent

* Added metadata to the OrganizationUserInvited event noting if this is the first event sent from an organization

* Added metadata to the AdjustedSeats event

* Implemented vaultImported event

* Implemented FirstGroupAdded event

* Implemented FirstCollectionAdded event

* Implemented FirstSecretAdded event type

* Implemented SalesAssisted reference event

* changed events to match updated requirements

* renamed an event enum
2021-08-10 14:38:58 -04:00
Joseph Flinn
2e1df91232
Update qa env (#1504)
* deploying directly to the production slot of the App Service

* Update Azure Service Bus package

* adding a app service shutdown to qa

* reverting QA env deploy change

* Update qa-deploy workflow with debugging statement

* Disable start/stop in QA deploy workflow

* Fix UserKdf and UserApiKey migrations to only update null values (#1494)

* Add proper New Relic NuGet package for .NET 5

* Test NewRelic changes

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-08-10 11:15:16 -07:00
Matt Gibson
842a1c2e37
Tweak provider views (#1499)
* Add Organizations to provider views

Remove enabled/disabled toggle from provider. It's currently not used.

* Remove provider Delete

There are implications to deleting providers on the organizations they manage.
We want to think through this flow before allowing delete from the
admin portal.

* Use toastr to display production exception messages.

Update build actions to upgrade npm to v7.

Use a custom error handler in production which displays a toast of the
exception message and redirect to the offending page

* Clarify provider create error message
2021-08-10 11:28:00 -05:00
Matt Gibson
5dc6013e37
Provider qa feedback (#1501)
* Title case buttons

* Throw if provider tries to add a non-business organization

* Allow only one admin OR owner roll in a free org per user

Boolean operators were not properly assocated
and ownership of an org was precluding confirmation into any other
organization

* Limit email length

* Require email domain with top level domain

* Do not allow email domains to end in invalid characters

* Fix free org tests
2021-08-10 11:16:10 -05:00
Addison Beck
b726b08ea1
added a status check to the read by minimum role proc (#1498) 2021-08-10 06:59:54 -04:00
Vincent Salucci
53a93ffcea
[Reset Password v1] Updated force password reset models (#1492) 2021-08-05 13:00:24 -05:00
Addison Beck
152f1f7a9b
Allow Resending Provider Setup Emails From The Admin Portal (#1497)
* Added a button for resending provider setup emails

* Fixed a case typo in a stored procedure

* Turned a couple lines of code into a method call

* Added service level validation against inviting users for MSP invites

* Code review improvements for provider invites

created a factory for provider user invites

wrote tests for provider invite permissions"

* changed a few exception types
2021-08-05 10:39:05 -04:00
Matt Gibson
cfc7fa071b
Record when a provider user accesses a clients vault (#1496)
* Record when a provider user accesses a clients vault

* Do not allow removal from provider unless owner exists

* PR Review

* Null safe event processing
* append `Async` to async methods
2021-08-05 07:50:41 -05:00
Thomas Rittson
b1ed6d2c21
Fix upload limits for direct uploads (again) (#1479)
* Use constants to represent file size limits

* Allow uploads of up to 500mb for self-hosted

* Set nginx max body size to 505mb

* Add reminder about updating nginx/proxy.conf
2021-08-04 09:00:30 +10:00
Matt Gibson
f37c87c0e1
Change display name of provider view properties (#1491)
Note, ProviderAdmin info section is being updated in another PR
2021-08-02 13:19:26 -05:00
Matt Gibson
282d6a9007
Change set up to two words (#1490) 2021-08-02 11:20:04 -05:00
Thomas Rittson
8d2b36d187
Fix conflicting group permissions (#1473)
* Return collection with highest permission levels

* Revert "Return collection with highest permission levels"

This reverts commit 06e0f3b73e.

* Combine duplicate collectionDetails

* Update EF to combine duplicate CollectionDetails

* Delete unneeded using statements
2021-08-02 11:49:27 +10:00
Thomas Rittson
28df4fddb7
Support RSA 4096 keys in password history (#1407)
* Support RSA 4096 keys in password history

* Increase password length to 5000 for RSA4096 keys
2021-08-02 11:39:43 +10:00
Matt Gibson
2298c96e30
Invite Client owner at time of client org creation (#1488) 2021-07-30 08:10:58 -05:00
Matt Gibson
71daef2588
Always enable events for providers (#1487) 2021-07-27 15:44:54 -05:00
Oscar Hinton
eb846f7627
[Provider] Resolve email not being url encoded (#1483) 2021-07-23 10:22:59 +02:00
Oscar Hinton
792fb377dd
[Provider] Prevent including pending organizations in SyncResponse (#1482) 2021-07-22 22:18:34 +02:00
Thomas Rittson
757102fd96
Fixes for StrictEmailAddressAttribute (#1474)
* Use StrictEmail validation for changing email

* Add trailing symbols to illegal chars in emails

* Add semicolon as always illegal

* Replace regex with MimeKit parsing, add unit test

* Add more unit tests

* Fix linting
2021-07-23 05:59:10 +10:00
Matt Gibson
7a135ae7cd
Protect user registration with captcha (#1480)
* Protect user registration with captcha

* PR feedback
2021-07-22 12:29:06 -05:00
Vincent Salucci
46fa6f6673
[Reset Password v1] Update Temporary Password API (#1481)
* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
2021-07-22 09:20:14 -05:00
Matt Gibson
8e1e2fa2fe
Feature/sync Enable hcaptcha on login (#1469)
* Share globalSettings hcaptcha public key with clients

* Require captcha valid only prior to two factor

users with two factor will have already solved captcha is necessary.
Users without two factor will have`TwoFactorVerified` set to false

* Do not require CaptchaResponse on two-factor requests

* Add option to always require captcha for testing purposes

* Allow for self-hosted instances if they want to use it

* Move refresh suggestion to correct error

* Expect lifetime in helper method

* Add captcha bypass token to successful captcha validations

* Remove twofactorValidated

* PR Feedback
2021-07-21 13:42:06 -05:00
Oscar Hinton
259bf8d760
Add events for Creating, Adding and Removing ProviderOrganizations (#1475) 2021-07-21 19:40:38 +02:00
Vincent Salucci
4e486e5f5d
[Reset Password v1] Update DB for Forced Reset (#1467)
* [Reset Password v1] Force Temp Password Changes

* Updated EF migrations/scripts

* Updating user sprocs with default bit value
2021-07-21 11:47:11 -05:00
Addison Beck
8e97b924d4
addressed bugs and concerns around special characters in email templates (#1478)
* addressed bugs and concerns around special characters in email templates

* Modified email sanitization rules
2021-07-21 12:43:28 -04:00
Joseph Flinn
f1238d7b4a
Increasing production log level (#1477)
* increasing the log levels on all of the services to prevent logging successes

* resetting the default logging and adding in constraints in logging in Production
2021-07-21 09:15:59 -07:00
Oscar Hinton
19c2b025d1
[Provider] Include disabled providers in sync response (#1471) 2021-07-19 19:50:29 +02:00
Addison Beck
745068686b
Add Expiration Date To Organization Invite Emails (#1466)
* Added an expiration date to the organization user invite email

* Added a period

* moved property assignment around

* fixed date offset
2021-07-16 14:17:24 -04:00
Addison Beck
5ec37b96b4
Organization User Accepted Invite Email Notifications (#1465) 2021-07-16 13:49:27 -04:00
Thomas Rittson
7abb053914
Refactor email attributes (#1458)
* Add StrictEmailAddress attribute

* Remove duplicate checks, use attributes instead

* Rename EmailAddressListAttribute
2021-07-16 08:01:51 +10:00
Oscar Hinton
f6ebb20847
[Provider] Add support for events (#1447) 2021-07-15 16:37:27 +02:00
Oscar Hinton
8ac2dc50af
[Provider] Send email on removal (#1463) 2021-07-15 16:37:16 +02:00
Kyle Spearrin
9bb29e08a9 delete old postgres work that was never used 2021-07-12 09:58:36 -04:00
Addison Beck
4a828ad440
Migration Fix (#1448)
* created stubs for missing ef provider methods

* fixed the initial postgres migration
2021-07-08 19:46:13 +00:00
Addison Beck
b13dda2799
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)

* scaffolding for ef support

* deleted old postgres repos

* added tables to oncreate

* updated all the things to .NET 5

* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to  5.0 (#1223)

* Migrated DockerFiles from dotnet/3.1 to  5.0

* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)

* Updated requirements in README.md

* Updated link to documentation of app-secrets

* upgraded dotnet version to 5.0

* Ef database support implementation examples (#1265)

* mostly finished testing the user repo

* finished testing user repo

* finished org, user, ssoconfig, and ssouser ef implementations

* removed unused prop

* fixed a sql file

* fixed a spacing issue

* fixed a spacing issue

* removed extra database creation

* refactoring

* MsSql => SqlServer

* refactoring

* code review fixes

* build fix

* code review

* continued attempts to fix the the build

* skipped another test

* finished all create test

* initial pass at several repos

* continued building out repos

* initial pass at several repos

* initial pass at device repo

* initial pass at collection repo

* initial run of all Entity Framework implementations

* signup, signin, create/edit ciphers works

* sync working

* all web vault pages seem to load with 100% 200s

* bulkcopy, folders, and favorites

* group and collection management

* sso, groups, emergency access, send

* get basic creates matching on all repos

* got everything building again post merge

* removed some IDE config files

* cleanup

* no more notimplemented methods in the cipher repo

* no more not implementeds everywhere

* cleaned up schema/navigation properties and fixed tests

* removed a sql comment that was written in c# style

* fixed build issues from merge

* removed unsupported db providers

* formatting

* code review refactors

* naming cleanup for queries

* added provider methods

* cipher repo cleanup

* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage

* fixed the build

* added a null check

* consolidated some cipher repo methods

* formatting fix

* cleaned up indentation of queries

* removed .idea file

* generated postgres migrations

* added mysql migrations

* formatting

* Bug Fixes & Formatting

* Formatting

* fixed a bug with bulk import when using MySql

* code review fixes

* fixed the build

* implemented new methods

* formatting

* fixed the build

* cleaned up select statements in ef queries

* formatting

* formatting

* formatting

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 16:35:48 +00:00
Vincent Salucci
be13eb153a
[Reset Password v1] - Make auto enrollment required when enabled (#1412)
* [Reset Password v1] - Make auto enrollment required when enabled

* Removed unnecessary imports
2021-07-08 10:48:43 -05:00
Oscar Hinton
feb3106f37
[Provider] Create and access child organizations (#1427) 2021-07-08 17:05:32 +02:00
Davis Templeton
a6128c781a
Fix minor typo in logging (#1444) 2021-07-08 12:40:47 +10:00
Oscar Hinton
8f0ef49d7f
Organization Service permission refactor fix (#1432) 2021-07-07 17:08:18 +02:00
Chad Scharf
898c7baf89
Fix queue message encoding for Azure (UTF-16 in XML) (#1439)
* Revert "Encode into b64 to avoid illegal xml encoding when sending to Azure (#1425)"

This reverts commit 2c9a5bb4ab.

* Azure queue to use base64 encoding universally

* Ensure byte size calc is using encoded byte count

* Remove message text extension from blockIP svc

* Remove unused using on blockIp hosted service
2021-07-07 10:49:59 -04:00
Thomas Rittson
908e1504af
Fix bulk fingerprints (#1442)
* Fix fingerprint phrases in bulk confirm modal

* Fix indentation
2021-07-07 20:21:52 +10:00
Matt Gibson
2c9a5bb4ab
Encode into b64 to avoid illegal xml encoding when sending to Azure (#1425)
* Encode into b64 to avoid illegal xml encoding when sending to Azure

* Revert "Encode into b64 to avoid illegal xml encoding when sending to Azure"

This reverts commit d50de941da.

* HtmlEncode strings if they use multi-byte characters

* Add serializer to event processor

* Rename to used class

* Formatting

* PR feedback
2021-07-02 16:11:33 -05:00
Thomas Rittson
86a12efa76
[send.key] Update send.key when account encryption key is rotated (#1417)
* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca56.

* Fix style (use AddRange instead of reassignment)
2021-07-02 06:27:03 +10:00
Matt Gibson
30ea8b728d
Split dev env settings to development settings file (#1424)
* Move dev urls to appsettings.Development.json

* Move bitwarden license dev urls
2021-07-01 11:11:02 -05:00
Matt Gibson
0cf0748086
Move localhost services settings to development settings file (#1423) 2021-07-01 09:04:30 -05:00
Oscar Hinton
a733257bc6
Refactor permission checks in OrganizationsService to use currentContext (#1420) 2021-07-01 14:31:05 +02:00
Oscar Hinton
43f7271147
[Provider] Setup provider (#1378) 2021-06-30 09:35:26 +02:00
Oscar Hinton
08f508f536
Extract single-org policy check to OrganizationService (#1410) 2021-06-30 09:21:41 +02:00
Matt Gibson
98415026b7
Avoid sql connection timeout (#1414)
* Creat TVP prior to opening sql connection

Data Table creation is slow. connection may be timing out while we create it.

* USe MARS-enabled connections to fix connection issue

https://github.com/dotnet/SqlClient/issues/54
2021-06-25 13:36:59 -05:00
Thomas Rittson
ee1223b8d3
Remove default request size limit for direct uploads (#1406)
* Remove default request size limit - direct upload

* Disable size limit for self-hosted attachments
2021-06-25 10:10:24 +10:00
Matt Gibson
61e41190b2
Creat TVP prior to opening sql connection (#1411)
Data Table creation is slow. connection may be timing out while we create it.
2021-06-24 18:40:46 -05:00
Matt Gibson
ee66d64c99
Avoid sql connection timeout (#1409)
* Read known emails to memory so we can close connection.

* Use ICollection as return

* Fix null reference if ip and date aren't set
2021-06-24 14:31:03 -05:00
Matt Gibson
601bf5416d Read known emails to memory so we can close connection. (#1408) 2021-06-24 09:38:33 -05:00
Vincent Salucci
15d863459e
[Reset Password] - BUG - Upgrade request model Keys null check (#1403) 2021-06-22 15:14:26 -05:00
Matt Gibson
b1d1607f50
Redefine cipher "share" to "move to organization" (#1401)
Do not imply users can share with organizations. Organizations share
with users. Users share _using_ organizations
2021-06-21 18:27:11 -05:00
Kyle Spearrin
d2e48a5c2c
hcaptcha validation on password login (#1398) 2021-06-16 12:47:41 -04:00
Oscar Hinton
1796b1dd8e
Disable launchBrowser launchSetting (#1400) 2021-06-16 18:36:23 +02:00
Justin Baur
58413e2ff0
Policy Service Tests (#1344)
* Added SsoConfigService tests

* Cleanup whitespace in SsoConfigServiceTests

* Work on PolicyServiceTests

* Refactor PolicyService to remove uneeded calls

* Implement Code Coverage

* Continued work on PolicyServiceTests

* Revert "Implement Code Coverage"

This reverts commit 4ada179ada.

* Fix PolicyServiceTests after rebasing

* Cleanup unused namespaces

* Added assertions that saving or logging of save aren't happening on exceptions
2021-06-11 10:33:32 -05:00
Vincent Salucci
b06462e90a
[Business Portal] BUG Fix localization (#1385) 2021-06-09 09:56:29 -05:00
Thomas Rittson
e2ff13aa14
Require valid Send-Id header for access requests (#1381)
* Require valid Send-Id header for access requests

* Require valid Send-Id header for Send file access

* Add ICurrentContext to Send controller test
2021-06-09 07:34:36 +10:00
Vincent Salucci
30611bd78b
[Reset Password] Fixed helper utility for org user updates (#1382) 2021-06-08 12:29:56 -05:00
Vincent Salucci
f6236bea6f
[Reset Password] Admin page updates (#1379) 2021-06-07 09:08:34 -05:00
Oscar Hinton
fe1ffb6a22
[Provider] Server entities and models (#1370)
* Mock out provider models and service

* Implement CreateAsync, CompleteSetupAsync, UpdateAsync, InviteUserAsync and ResendInvitesAsync

* Implement AcceptUserAsync and ConfirmUsersAsync

* Implement SaveUserAsync and DeleteUserAsync

* Add email templates

* Add admin operations for providers

* Fix mail template names

* Rename roles

* Verify provider has provideradmin

* Add self hosted check to admin controller

* Resolve review comments

* Update sql queries

* Change create provider to use email instead of userId
2021-06-03 18:58:29 +02:00
Jens Spanier
58954f161e
Fix attachments typo (#1374) 2021-06-02 12:12:17 -04:00
Matt Gibson
a7d700f1cb
Explicitly set quoted identifier on for problem objects (#1360) 2021-06-01 14:52:22 -05:00
Vince Grassia
99ed04552c
Fix directory issue in Api and Events Dockerfiles (#1371) 2021-06-01 13:46:39 -04:00
Kyle Spearrin
52dea4c2a4
commented code to validate auth-email header (#1361)
* commented code to validate auth-email header

* format comment more
2021-05-28 16:04:58 -04:00
Vince Grassia
21003c61ab
Update output directory for dotnet builds (#1358)
* Update output directory for dotnet builds

* Update Dotnet build output path
2021-05-27 12:16:12 -04:00
Vincent Salucci
c56dd04096
[Reset Password] Email template (#1353) 2021-05-26 16:54:25 -05:00
Vincent Salucci
d7f3507d44
[Reset Password] Added new event type for admin password reset (#1350) 2021-05-26 15:51:54 -05:00
Oscar Hinton
d4cf6d929a
Bulk Confirm (#1345)
* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
2021-05-25 19:23:47 +02:00
Thomas Rittson
93fd1c9c9a
Prevent sole owner from downgrading permissions (#1348) 2021-05-25 08:14:11 +10:00
Oscar Hinton
61307e11b0
Provider: Initial db structure (#1309)
* Initial db structure
2021-05-20 14:39:26 +02:00
Vincent Salucci
c7f88ae430
[Reset Password] Get/Post Org Keys and API updates (#1323)
* [Reset Password] Organization Keys APIs

* Updated details response to include private key and added more security checks for reset password methods

* Added org type and policy security checks to the enrollment api

* Updated based on PR feedback

* Added org user type permission checks

* Added TODO for email to user

* Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
Thomas Rittson
982e26cbfd
"Auto-fill on page load" options (#986)
* add autofill on page load options to login models

* Remove autofillOnPageLoadOptions enum
2021-05-18 10:08:42 +10:00
Matt Gibson
6ace7daf53
Abbreviate long transaction names (#1339) 2021-05-17 14:30:56 -05:00
Oscar Hinton
2b6c5bcd31
Fix bulk api (#1335) 2021-05-17 20:07:41 +02:00
Matt Gibson
785e788cb6
Support large organization sync (#1311)
* Increase organization max seat size from 30k to 2b (#1274)

* Increase organization max seat size from 30k to 2b

* PR review. Do not modify unless state matches expected

* Organization sync simultaneous event reporting (#1275)

* Split up azure messages according to max size

* Allow simultaneous login of organization user events

* Early resolve small event lists

* Clarify logic

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Improve readability

This comes at the cost of multiple serializations, but the
 improvement in wire-time should more than make up for this
 on message where serialization time matters

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Queue emails (#1286)

* Extract common Azure queue methods

* Do not use internal entity framework namespace

* Prefer IEnumerable to IList unless needed

All of these implementations were just using `Count == 1`,
which is easily replicated. This will be used when abstracting Azure queues

* Add model for azure queue message

* Abstract Azure queue for reuse

* Creat service to enqueue mail messages for later processing

Azure queue mail service uses Azure queues.
Blocking just blocks until all the work is done -- This is
how emailing works today

* Provide mail queue service to DI

* Queue organization invite emails for later processing

All emails can later be added to this queue

* Create Admin hosted service to process enqueued mail messages

* Prefer constructors to static generators

* Mass delete organization users (#1287)

* Add delete many to Organization Users

* Correct formatting

* Remove erroneous migration

* Clarify parameter name

* Formatting fixes

* Simplify bump account revision sproc

* Formatting fixes

* Match file names to objects

* Indicate if large import is expected

* Early pull all existing users we were planning on inviting (#1290)

* Early pull all existing users we were planning on inviting

* Improve sproc name

* Batch upsert org users (#1289)

* Add UpsertMany sprocs to OrganizationUser

* Add method to create TVPs from any object.

Uses DbOrder attribute to generate.
Sproc will fail unless TVP column order matches that of the db type

* Combine migrations

* Correct formatting

* Include sql objects in sql project

* Keep consisten parameter names

* Batch deletes for performance

* Correct formatting

* consolidate migrations

* Use batch methods in OrganizationImport

* Declare @BatchSize

* Transaction names limited to 32 chars

Drop sproc before creating it if it exists

* Update import tests

* Allow for more users in org upgrades

* Fix formatting

* Improve class hierarchy structure

* Use name tuple types

* Fix formatting

* Front load all reflection

* Format constructor

* Simplify ToTvp as class-specific extension

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-05-17 09:43:02 -05:00
Oscar Hinton
7a7668b754
Add API for bulk removal of org users (#1320)
* Add API for bulk removal of org users

* Refactor OrganizationService, extract some common code.

* Add tests for DeleteUserAsync

* Add tests for DeleteUsers

* Formating

* Update test/Core.Test/Services/OrganizationServiceTests.cs

added a space

Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
Oscar Hinton
4258076bae
Prevent error when using WebAuthn as non premium user (#1331) 2021-05-17 09:39:40 +02:00
Contribucious
785705342c
Add amazon.{pl,se} to Amazon equivalent domains (#1219) 2021-05-15 15:27:31 -04:00
chi
ebf12ecfca
Update EmergencyAccessConfirmed.html.hbs (#1329)
Corrected type in emergency access confirmation message body.
2021-05-14 18:19:46 -04:00
Justin Baur
0e1ab99e25
Cleanup Projects (#1324)
* Update bitwarden_license projects

* Added tests to verify resource names

* Remove unneeded assembly attributes

* Standardized namespace

* Remove .GetTypeInfo()
2021-05-13 17:14:56 -04:00
Kyle Spearrin
b150f5977e
add support for postal and multi service mail delivery (#1326)
* adds suppose for postal and multi service mail delivery

* adjust tags

* dont need settings checks in multi-service
2021-05-13 15:18:42 -04:00
Vincent Salucci
ae38c33e05
[Reset Password] Enterprise Policy (#1315)
* [Reset Password] Enterprise Policy

* Created UI for policy/edit policy // Updated TODOs for policy dependent checks

* Updated reset password data model field name to be more descriptive

* Update title to Master Password Reset

* Updated PoliciesModel, Policy Model spacing, and strings
2021-05-12 14:47:00 -05:00
Oscar Hinton
a47b86a995
Remove U2F APIs again (#1319)
* Revert "U2F (#1304)"

This reverts commit ce4f025a0c.

* Avoid removing WebAuthn fixes
2021-05-12 19:48:00 +02:00
Justin Baur
d21ca83a20
Add Directory.Build.props (#1314)
* Add Directory.Build.props

* Remove unneeded props
2021-05-12 13:03:21 -04:00
Oscar Hinton
cb9ed50248
Discourage user verification on WebAuthn enroll (#1322) 2021-05-12 18:46:35 +02:00
Oscar Hinton
e2f633dace
Bulk re-invite of org users (#1316)
* Add APIs for Bulk reinvinte

* Resolve review comments.
2021-05-12 11:18:25 +02:00
Matt Gibson
354ff6e2cb
Fix skip sso for apikey login (#1308)
* Improve mixing SSO login error

* Skip SSO requirement for API key logins

* Bypass MFA for apikey logins
2021-05-10 11:13:37 -05:00
Vincent Salucci
70ab5b25a1
[Reset Password] Organization Key Pair (#1292)
* [Reset Password] Organization Key Pair

* Fixed type in Organization_ReadAbilites sproc

* Fixed broken unit test by making sure premium addon was false

* Updated PublicKey decorator and removed unecessary validation
2021-05-06 14:53:12 -05:00
Oscar Hinton
cae204cb7c
Refactor WebAuthn IoC container (#1302)
* Refactor WebAuthn IoC container

* Move to AddDefaultServices
2021-05-06 10:17:12 +02:00
Chad Scharf
7cae9d5e47
Version bump, 1.41.2 (#1305) 2021-05-05 12:33:11 -04:00
Oscar Hinton
ce4f025a0c
U2F (#1304)
* Delete U2F tokens alongside WebAuthn

* Bring back u2f apis
2021-05-05 16:14:49 +02:00
Chad Scharf
fc146d27ce
Added fido2 registration to other services (#1299) 2021-05-04 23:43:16 -04:00
Oscar Hinton
6ada46f906
Fix password re-prompt not working in org view (#1296)
* Fix password reprompt not working in org view

* Also fix Cipher_UpdateWithCollections and CipherDetails_CreateWithCollections. Rename migration script
2021-05-04 20:36:35 +02:00
Oscar Hinton
2054e5a926
Password re-prompt (#1269)
* Add support for password re-prompt
2021-04-29 15:43:44 +02:00
Chad Scharf
17db94190e
Test 1: add acr_values return validation value (#1285)
* Part 1: add acr_values return validation value

* Update acr return value validation from OIDC specs

* acr validation prompt clarification
2021-04-27 15:17:03 -04:00
Matt Gibson
1bd515e8f0
Refuse upload renew if a file is validated (#1284)
Download should return regardless of file validation state
2021-04-26 14:36:06 -05:00
Vincent Salucci
477f679fc6
[Reset Password] Admin reset actions (#1272)
* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
Joseph Flinn
ba36afe69c
Adding the events processor container image (#1271) 2021-04-15 08:28:55 -07:00
Matt Gibson
b68c841e56
Move renew endpoint to fix overlapping endpoint issue (#1266) 2021-04-12 09:44:45 -05:00
Kyle Spearrin
83e68bce06
enable default appsettings for self hosted installs (#1263)
* enable default appsettings for self hosted installs

* change setters to use arrow functions

* fix tests

* fix global settings ref
2021-04-09 09:48:43 -04:00
Thomas Rittson
c1ceeace95
Require user to verify email to use file Send (#1262) 2021-04-08 06:42:12 +10:00
Matt Gibson
79f3dabaac
Throw if collection Id does not exist on the organization (#1259)
Otherwise, we're just saving strings for fun. This makes it clear the
user's specified collection won't do anything.
2021-04-05 15:20:13 -05:00
Vincent Salucci
7a35813dfd
[Reset Password] Manage Reset Password permission (#1252) 2021-04-05 09:45:17 -05:00
Thomas Rittson
4b98361684
Fix server 500 error when enabling 2FA policy from Portal (#1254)
* Fix illegal chars in senderTag

* add null check
2021-04-05 08:33:19 +10:00
Kyle Spearrin
597fa01344
job to delete trashed ciphers nightly (#1243)
* job to delete trashed items nightly

* remove script from migration project file

* admin setting for controlling trash deleting dates
2021-04-02 11:14:21 -04:00
Chad Scharf
1b8b9b7539
Email length in IdSv4 config needed to be 256 (#1255) 2021-04-01 10:56:55 -04:00
Oscar Hinton
10d9e6c687
Change UserVerificationRequirement to Discouraged (#1250) 2021-03-31 16:20:15 +02:00
Matt Gibson
022e404cc5
Attachment blob upload (#1229)
* Add Cipher attachment upload endpoints

* Add validation bool to attachment storage data

This bool is used to determine whether or not to renew upload links

* Add model to request a new attachment to be made for later upload

* Add model to respond with created attachment.

The two cipher properties represent the two different
cipher model types that can be returned. Cipher Response from
personal items and mini response from organizations

* Create Azure SAS-authorized upload links for both one-shot and block uploads

* Add service methods to handle delayed upload and file size validation

* Add emergency access method for downloading attachments direct from Azure

* Add new attachment storage methods to other services

* Update service interfaces

* Log event grid exceptions

* Limit Send and Attachment Size to 500MB

* capitalize Key property

* Add key validation to Azure Event Grid endpoint

* Delete blob for unexpected blob creation events

* Set Event Grid key at API startup

* Change renew attachment upload url request path to match Send

* Shore up attachment cleanup method.

As long as we have the required information, we should always delete
attachments from each the Repository, the cipher in memory, and the
file storage service to ensure they're all synched.
2021-03-30 18:41:14 -05:00
Anish Krishnaswamy
7b2273c46a
Adding logout message when logging out of business portal (#1249) 2021-03-30 16:55:29 -04:00
Daniel Brown
261916daf6
add stackapps.com in global equivalent domains (#1209)
stackapps.com belongs to Stack Exchange
see https://stackexchange.com/sites
2021-03-30 16:40:08 -04:00
Vincent Salucci
296e3d881d
[Reset Password] Enrollment API, Service, and Model updates (#1245)
* [Reset Password] Enrollment API, Service and Model updates

* Added conditional check for calling User's ID
2021-03-30 09:48:52 -05:00
Thomas Rittson
688cc00d48
Hide email address in Sends (#1234)
* Add send HideEmail to tables and models

* Respect HideEmail setting for Sends

* Recreate SendView to include new HideEmail column

* Enforce new Send policy

* Insert default value for new HideEmail column

* Delete c95d7598-71cc-4eab-8b08-aced0045198b.json

* Remove unrelated files

* Revert disableSendPolicy, add sendOptionsPolicy

* Minor style fixes

* Update SQL project with Send.HideEmail column

* unit test SendOptionsPolicy.DisableHideEmail

* Add SendOptionsPolicy to Portal

* Make HideEmail nullable, fix migrator script

* Remove NOT NULL constraint from HideEmail

* Fix style

* Make HideEmail nullable

* minor fixes to model and error message

* Move SendOptionsExemption banner

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-29 07:56:56 +10:00
Daniel James Smith
e6902179f8
Fixes: #1101 - Fixed ModelValidators and validation methods (#1242)
* Extend StringLength attributes for emails to 256 char

* Modified validations to check email lengths > 256
2021-03-25 14:21:23 -04:00
Matt Gibson
584d3e771c
Throw error if not enough seats available for a sync (#1241)
* BadRequest if a sync cannot be completed due to seat count

* Comment the reason for the suppressed exception
2021-03-25 08:42:04 -05:00
Chad Scharf
c09ae5f906
ReferenceEvent Rebilled missing data (#1240) 2021-03-24 15:27:16 -04:00
Matt Gibson
7e127cec13
Support encrypted RSA 4096 keys (#1236)
Testing showed 4096 keys with minimal comments resulted in 4680
characters. Round to 5000 for a buffer.
2021-03-23 16:40:28 -05:00
Vincent Salucci
0cfd50382d
[Reset Password] Update all existing tables/sprocs/migrator scripts (#1235) 2021-03-23 16:04:11 -05:00
Oscar Hinton
07f37d1f74
WebAuthn (#903) 2021-03-22 23:21:43 +01:00
Oscar Hinton
905b4b06da
Add identifiers to Triggers and Jobs (#1230) 2021-03-22 20:54:12 +01:00
curlew
455e4b25cf
Add protonmail/protonvpn global equivalent domains (#1224) 2021-03-22 11:08:34 -04:00
Matt Gibson
989d4df599
Direct upload to Azure/Local (#1188)
* Direct upload to azure

To validate file sizes in the event of a rogue client, Azure event webhooks
will be hooked up to AzureValidateFile.
Sends outside of a grace size will be deleted as non-compliant.

TODO: LocalSendFileStorageService direct upload method/endpoint.

* Quick respond to no-body event calls

These shouldn't happen, but might if some errant get requests occur

* Event Grid only POSTS to webhook

* Enable local storage direct file upload

* Increase file size difference leeway

* Upload through service

* Fix LocalFileSendStorage

It turns out that multipartHttpStreams do not have a length
until read. this causes all long files to be "invalid". We need to
write the entire stream, then validate length, just like Azure.

the difference is, We can return an exception to local storage
admonishing the client for lying

* Update src/Api/Utilities/ApiHelpers.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Do not delete directory if it has files

* Allow large uploads for self hosted instances

* Fix formatting

* Re-verfiy access and increment access count on download of Send File

* Update src/Core/Services/Implementations/SendService.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Add back in original Send upload

* Update size and mark as validated upon Send file validation

* Log azure file validation errors

* Lint fix

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-21 23:01:19 -05:00
Thomas Rittson
694347e8d3
Fix no licence expiration date on self-hosted (#1217)
* Use our expiration date if no next billing date

* Remove unnecessary null checks

* Remove null check
2021-03-19 08:05:57 +10:00
Daniel James Smith
aea85ea0eb
Fixes #1101: Extend email column length to 256 characters (MSSQL) (#1191)
* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - Installation

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - User

* Fixes bitwarden/server/#1101 - Extended length of BillingEmail column to 256 characters - Organization

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - OrganizationUser

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - EmergencyAccess

* Fixes bitwarden/server/bitwarden#1101 - Fixed issues after PR review
2021-03-18 16:43:49 -04:00
Thomas Rittson
d0f7750650
Don't use dev licensing cert if self-hosted (#1216) 2021-03-18 07:21:00 +10:00
Daniel James Smith
0f7e8dc806
Fixes #1101: Extend email column length to 256 characters (Postgres) (#1192) 2021-03-12 14:28:30 -05:00
Thomas Rittson
df7a035d9b
Minor release version bump 1.40.0 (#1199) 2021-03-10 11:19:40 -05:00
Matt Gibson
a83cbf965e
MultiplartSectionBody streams have 0 length until read. (#1196) 2021-03-09 10:49:49 -06:00
Matt Gibson
7d5b835a79
Use Any from Linq, not internal Entity Framework Any (#1194) 2021-03-08 15:13:43 -06:00
Matt Gibson
edb13bbba8
Push syncs on Send Access (#1190)
* Push syncs on Send Access

* Revert "Push syncs on Send Access"

This reverts commit 6a3eb7af4f.

* Push update of Send directly since we can't use SaveSendAsync method
2021-03-05 18:36:20 -06:00
Thomas Rittson
a18e1b7dca
Exempt owners and admins from single org and 2FA policy (#1171)
* Fix single org policy when creating organization

Exclude owners and admins from policy when creating new org

* Fix single org and 2FA policy on accepting invite

Exclude owners and admins from policies

* Remove looped async calls

* Fix code style and formatting
2021-03-03 08:15:42 +10:00
Matt Gibson
c2d34d7271
Fix send file length always zero (#1175)
* HttpStream must be read prior to knowing it length

We also need to create the send prior to saving the stream so we
have well defined save location. Solve chicken-and-egg problem by saving
the Send twice. This also allows for validation that the stream received
is the same length as that promissed by the content-length header

* Get encrypted file length from request
2021-03-02 09:27:11 -06:00
Matt Gibson
8d5fc21b51
Prepare for send direct upload (#1174)
* Add sendId to path

Event Grid returns the blob path, which will be used to grab a Send and verify file size

* Re-validate access upon file download

Increment access count only when file is downloaded. File
name and size are leaked, but this is a good first step toward
solving the access-download race
2021-03-01 15:01:04 -06:00
vachan-maker
13f12aaf58
Update EmergencyAccessConfirmed.text.hbs (#1172) 2021-03-01 10:49:13 -05:00
Thomas Rittson
3850f0e400
Fix empty grantee or grantor names in emergency access emails (#1162)
* Fix empty grantee or grantor names in emails

* Add migrator dbscript for changes to ReadToNotify
2021-02-26 08:11:58 +10:00
Addison Beck
b21c9042ca
added expiration date and creator identifier to the Send access response model (#1166) 2021-02-25 17:04:53 -05:00
Chad Scharf
2f7c2a64e0
Reference events for Send (#1165) 2021-02-25 13:40:26 -05:00
Vincent Salucci
07427623b3
[Email] Updated welcome email button (#1164) 2021-02-25 11:24:05 -06:00
Matt Gibson
73346b01d1
Add factory to IGlobalSettings DI singleton (#1163)
It turns out Singleton DI of interfaces does not use the specified
instance's Singleton, but just creates its own. This fixes the bug
where classes expecting an IGlobalSettings were given an empty GlobaSettings
instance
2021-02-25 07:00:28 -06:00
Matt Gibson
e350daeeee
Use sas token for send downloads (#1157)
* Remove Url from SendFileModel

Url is now generated on the fly with limited lifetime.

New model houses the download url generated

* Create API endpoint for getting Send file download url

* Generate limited-life Azure download urls

* Lint fix
2021-02-24 13:03:16 -06:00
Addison Beck
f8940e4be5
Checked Emergency Access access type on access initiation (#1160)
* also updated the View method

* removed old code

* naming refactor

* used the right type

* also checked PasswordAsync()

* also checked GetPolicies()
2021-02-23 17:12:52 -05:00
Thomas Rittson
499c30a805
Fix error message if already accepted EA invite (#1159)
* Fix error message if already accepted EA invite

* Fix error message wording depending on EA status
2021-02-24 05:46:52 +10:00
Matt Gibson
5537470703
Use sas token for attachment downloads (#1153)
* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
2021-02-22 15:35:16 -06:00
Kyle Spearrin
78606d5f13
endpoint to display config settings (#1150) 2021-02-18 15:15:08 -05:00
Kyle Spearrin
1ca6e917af
return fa-globe icon when not found (#1149) 2021-02-18 12:18:50 -05:00
Kyle Spearrin
cd2834cc15 Revert "remove premium checks for internal testing"
This reverts commit 26fb6fc3b7.
2021-02-17 13:16:01 -05:00
Thomas Rittson
ad6abaccc8
Fix error message if user already accepted invite (#1140)
* Fix error message if already accepted invitation

* Improve error message wording

* Use consistent capitalization of organization
2021-02-17 09:28:49 +10:00
Oscar Hinton
979eb4a842
Run Quartz in clustered mode (#1123) 2021-02-12 13:49:11 +01:00
Thomas Rittson
61ee3f1e45
Let Manage Users permission see group membership (#1135) 2021-02-12 08:14:00 +10:00
Chad Scharf
f3bff938c4
Added ability to bulk-upload tax rates (#1139) 2021-02-11 16:39:27 -05:00
Kyle Spearrin
c3a99402f8
adjust date validation for send (#1137) 2021-02-11 14:39:21 -05:00
Kyle Spearrin
7c9ea83ad2
HTML encode sanitized inputs for email templates (#1138) 2021-02-11 14:39:13 -05:00
Chad Scharf
6cc317c4ba
SSO - Added custom scopes and claim types for OIDC (#1133)
* SSO - Added custom scopes and claim types for OIDC

* Removed redundant field labels

* Added acr_values to OIDC config + request
2021-02-10 12:00:12 -05:00
Thomas Rittson
9f42357705
Improved handling of grantor access to organizations after takeover (refactored) (#1134)
* Revert "Only return policy in TakeoverResponse if Owner"

This reverts commit b20e6f5e85.

* Revert "Return grantor policy info in TakeoverResponse"

This reverts commit 204217a5e0.

* Add endpoint to get grantor policies on takeover
2021-02-10 09:06:42 +10:00
Thomas Rittson
d51b592cb5
Improved handling of grantor access to organizations after takeover (#1132)
* Remove grantor from orgs after takeover

* Return grantor policy info in TakeoverResponse

* Only return policy in TakeoverResponse if Owner
2021-02-09 06:33:03 +10:00
Matt Gibson
79cc6df0fd
Delete sends belonging to user on user delete (#1116)
* Delete sends belonging to user on user delete

* Update User_DeleteById.sql

* Clean up bad autoformats

Co-authored-by: Addison Beck <abeck@bitwarden.com>

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-02-05 12:37:55 -06:00
Matt Gibson
edd4bc2623
Add disable send policy (#1130)
* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
Addison Beck
cf84453492
added a few global domains (#1129)
* added a few global domains

* fixed a domain
2021-02-02 11:15:33 -05:00
Chad Scharf
6d8e37ebf6
Patch release version bump, 1.39.4 (#1124) 2021-02-01 18:43:32 -05:00
Addison Beck
00853bc250
Import Invite Error (#1121)
* throw error if user is already invited on import

* added back the single InviteUser OrgService method
2021-01-30 17:56:37 -05:00
Oscar Hinton
3ba832b440
Changed Emergency Access job frequency to hourly (#1120) 2021-01-29 23:32:00 +01:00
Chad Scharf
2380bba577
version bump 1.39.3 (#1113) 2021-01-27 17:00:56 -05:00
Chad Scharf
e869b4df63
Add external amr to auth method claims accepted (#1112) 2021-01-27 10:53:27 -05:00
Addison Beck
445ce33c47
check that SingleOrg policy is enabled before saying users cant create new orgs (#1110)
* check that SingleOrg policy is enabled before saying users cant create new orgs

* fixed org user kick check for SingleOrg

* code review cleanup
2021-01-25 11:19:33 -05:00
Addison Beck
bc4eeff604
changed the address data used to pull sales tax for premium subscriptions (#1109)
* changed the address data used to pull sales tax for premium subscriptions

* nulled checked for extra safety

* fixes null check
2021-01-25 09:56:53 -05:00
Addison Beck
b8a2158626
enabled send and added send sync notifications (#1106) 2021-01-22 16:16:40 -05:00
Vincent Salucci
3555b15b91
[Email] Update welcome content (#1092)
* Initial commit of welcome email update

* Final revisions and updated hosted image urls

* added dynamic year // updated verbiage // fixed typo in text template

* Updated verbiage // changed mustache accessor // updated how year is generated
2021-01-21 14:57:13 -06:00
Chad Scharf
85edc03461
Add SAML 2.0 metadata export for dynamic SPs (#1094) 2021-01-21 15:54:46 -05:00
Oscar Hinton
48d14e8521
Handle name == null in Emergency Access (#1100) 2021-01-20 13:50:07 -05:00
Addison Beck
001bbf2f2b
null checked Stripe.Customer.Address for org seat and storage upgrades (#1099) 2021-01-20 12:40:45 -05:00
Addison Beck
fe4c36c04a
null checked all permissions checks in CurrentContext (#1097) 2021-01-19 23:28:38 -05:00
Chad Scharf
dd207aa840
disable send (#1096) 2021-01-19 16:46:59 -05:00
Chad Scharf
5778a903c6
Version bump, v1.39.0 (#1095) 2021-01-19 16:09:43 -05:00
Kyle Spearrin
61675342c3
added duofederal.com to allowed duo domains (#1091) 2021-01-15 16:59:51 -05:00
Oscar Hinton
adbfd0e107
Fix premium check for emergency access (#1090) 2021-01-15 15:56:17 -05:00
Addison Beck
9b80d97c19
fixed something shameful (#1088) 2021-01-14 18:05:17 -05:00
Addison Beck
c9cab74476
Sales Tax for Premium signups (#1087)
* Started charging sales tax on Premium signups

* added a line break
2021-01-14 17:53:37 -05:00
Addison Beck
9f938f5efd
Permissions bugs (#1083)
* Null checked org invite collections

* Null checked permissions on org invite

* Gave a static seat count to org invite fixture

* Null checked the right way
2021-01-13 15:14:28 -05:00
Vincent Salucci
96cc88aafc
[Policy] Update Personal Ownership checkbox description (#1076)
* Initial commit of checkbox description update

* refactored property name
2021-01-12 11:37:33 -06:00
Addison Beck
63fcdc1418
Implemented Custom role and permissions (#1057)
* Implemented Custom role and permissions

* Converted permissions columns to a json blob

* Code review fixes for Permissions

* sql build fix

* Update Permissions.cs

* formatting

* Update IOrganizationService.cs

* reworked a conditional

* built out tests for relevant organization service methods

* removed unused usings

* fixed a broken test and a bad empty string init

* removed 'Attribute' from some attribute instances
2021-01-12 11:02:39 -05:00
Chad Scharf
99b95b5330
Fix safari sso header size (#1065)
* Safari SSO header size fix - in progress

* Cleanup of memoryCacheTicketStore

* Redis cache ticket store + registration

* Revert some unecessary changes

* temp - distributed cookie: idsrv.external

* Ticket data cached storage added

* OIDC working w/ substantially reduced cookie size

* Added distributed cache cookie manager

* Removed hybrid OIDC flow

* Enable self-hosted folks to use Redis  for SSO

* Also allow self-hosted to use Redis cont...
2021-01-11 11:03:46 -05:00
Matt Gibson
5aba9f7549
Add cipher response to restore (#1072)
* Return revised ciphers on restore api call

* Return restored date from restore sproc

* Test Restore updates passed in ciphers

This is necessary for CipherController to appropriately return the
up-to-date ciphers without an extra db call to read them.

* Add missing SELECT
2021-01-08 08:52:42 -06:00
Justin Baur
aad36496e4
Added Services and Utilities Tests to Core.Test project (#1068)
* Sorted usings

* Added CoreHelpersTests

* Added CloneObject test

* Added comments to SelfHostedAttributeTests

* Changed private variable declaration to be inline with the rest of the project

* Changed to SUT naming scheme

* Scaffolded AppleIapServiceTests

* Scaffolded I18nServiceTests.cs

* Scaffolded I18nViewLocalizerTests

* Scaffolded LocalSendStorageServiceTests

* Added tests to ReadableBytesSize_Success

* Add more CleanCertificateThumbprint tests

* Added more tests for the ExtendQuery method

* Removed AppleIapServiceTests

* Removed I18nServiceTests

* Removed I18nViewLocalizerTests

* Removed LocalSendStorageServiceTests

* Converted Batch_Success to theory with InlineData

* Simplified Batch_Success so there is less branching and more accuracy

* Switched to using size variable to format readable bytes for any number lower than 1024

* Fixed test data to work in all locales
2021-01-06 12:49:28 -06:00
Kyle Spearrin
d96da37e2a
validate send model parameters (#1067) 2020-12-30 16:25:00 -05:00
Chad Scharf
5c5544a4f4
Update forgot password help URL (#1050) 2020-12-18 11:44:15 -05:00
Chad Scharf
246cac1a33
Allow SHA1 inbound sigs from Idp (#1047) 2020-12-18 11:26:52 -05:00
Chad Scharf
c390c46b3e
Version bump 1.38.4 (#1045) 2020-12-17 12:43:47 -05:00
Matt Gibson
a46d678d6e
Fix Organization put drops cipher updates (#1044) 2020-12-17 11:19:14 -06:00
Chad Scharf
1b8d5a8ee8
version bump to 1.38.3 (#1043) 2020-12-17 10:49:52 -05:00
Vincent Salucci
136c39fa50
Initial commit of SingleOrg downstream policy checks (#1038) 2020-12-16 16:02:54 -06:00
Oscar Hinton
0f1af2333e
Add support for Emergency Access (#1000)
* Add support for Emergency Access

* Add migration script

* Review comments

* Ensure grantor has premium when inviting new grantees.

* Resolve review comments

* Remove two factor references
2020-12-16 14:36:47 -05:00
Kyle Spearrin
25dff79527 enable send 2020-12-11 16:44:39 -05:00
Vincent Salucci
70f5fd5030
[Policy] Personal Ownership (#1013)
* Initial commit of disable personal vault policy

* Added new sproc // updated policy check (was missing conditionals)

* Updated DeMorgan's law logic
2020-12-11 10:45:26 -06:00
Addison Beck
fee5c932db
started charging sales tax on seat/storage upgrades and auto renewals (#1034)
* started charging sales tax on seat/storage upgrades and auto renewals

* Code review fixes for auto-renewing subscriptions charging sales tax
2020-12-09 14:04:46 -05:00
Kyle Spearrin
01d4d97ef1
Ensure that users are confirmed status (#1033) 2020-12-09 12:04:14 -05:00
Matt Gibson
7eaf7ab770
[Bug] Fix cipher clone yielding incorrect RevisionDate (#1031)
* Fix cipher clone yielding incorrect RevisionDate

* PR fixes

Co-authored-by: Matt Gibson <mdgibson@Matts-MBP.lan>
2020-12-07 19:35:34 -06:00
Addison Beck
085987d2f1
fixed a broken link and removed a duplicate property (#1029) 2020-12-07 09:18:25 -05:00
Vincent Salucci
09aea4ed38
[Bug] Improve SSO user provision flow (#1022)
* Initial commit of provisioning updates

* Updated strings

* removed extra BANG

* Separated orgUsers db lookup - prioritized existing user Id

* Updated create sso record method // Added sproc for org/email retrieval
2020-12-04 16:45:54 -06:00
Addison Beck
ea5ce21e50
added sales tax table and procedure to sql project (#1026) 2020-12-04 12:39:28 -05:00
Addison Beck
b877c25234
Implemented tax collection for subscriptions (#1017)
* Implemented tax collection for subscriptions

* Cleanup for Sales Tax

* Cleanup for Sales Tax

* Changes a constraint to an index for checking purposes

* Added and implemented a ReadById method for TaxRate

* Code review fixes for Tax Rate implementation

* Code review fixes for Tax Rate implementation

* Made the SalesTax migration script rerunnable
2020-12-04 12:05:16 -05:00
Chad Scharf
9e1bf3d584
version bump 1.38.2 (#1023) 2020-12-03 22:06:36 -05:00
Chad Scharf
77e704e620
ensure fail isn't overwritten with success result (#1018) 2020-12-02 17:15:21 -05:00
Chad Scharf
36195eb0c9
disable send for release (#1019) 2020-12-02 17:15:08 -05:00
Kyle Spearrin
c0781db333
return ProfileOrganizationResponseModel for /organizations (#1016) 2020-12-01 16:43:07 -05:00
Kyle Spearrin
c0defd8971
require device info when authing (#1014) 2020-12-01 16:42:41 -05:00
Matt Gibson
edf30974dc
Validate cipher updates with revision date (#994)
* Add last updated validation to cipher replacements

* Add AutoFixture scaffolding.

AutoDataAttributes and ICustomizations are meant to automatically
produce valid test input. Examples are the Cipher customizations,
which enforce the model's mutual exclusivity of UserId and
OrganizationId.

FixtureExtensions create a fluent way to generate SUTs. We currently
use parameter injection to fascilitate service testing, which is nicely
handled by AutoNSubstitute. However, in order to gain access to the
substitutions, we need to Freeze them onto the Fixture. The For fluent
method allows specifying a Freeze to a specific type's constructor and
optionally to a parameter name in that constructor.

* Unit tests for single Cipher update version checks

* Fix test runner

Test runner requires Microsoft.NET.Test.Sdk

* Move to provider model for SUT generation

This model differs from previous in that you no longer need to specify
which dependencies you would like access to. Instead, all are
remembered and can be queried through the sutProvider.

* User cipher provided by Put method reads

Every put method already reads all relevant ciphers from database,
there's no need to re-read them.

JSON serialization of datetimes seems to leave truncate at second
precision. Verify last known date time is within one second rather than
exact.

* validate revision date for share many requests

* Update build script to use Github environment path

Co-authored-by: Matt Gibson <mdgibson@Matts-MBP.lan>
2020-11-23 08:48:05 -06:00
Vincent Salucci
f311f40d93
Added OrgIdentifer to SetPasswordAsync // Added jit user two factor provider (#1009) 2020-11-22 08:46:44 -06:00
Kyle Spearrin
58eb0510ca
add sends to sync response (#1002) 2020-11-18 13:55:50 -05:00
Chad Scharf
faf909479e
re-enable send (#1004) 2020-11-18 12:43:58 -05:00
Kyle Spearrin
7405ccb007 bump version 2020-11-18 10:24:02 -05:00
Chad Scharf
80f2bf9260
Fix null email parameter from missing email claim (#993) 2020-11-13 11:26:05 -05:00
Addison Beck
fefa0e2dea
Dont run custom token logic for org based client_ids explicitly (#992)
* Dont run custom token logic for org based client_ids explicitly

* org to organization
2020-11-13 10:07:49 -05:00
Addison Beck
e35faf1335
Performed some null checks (#991) 2020-11-13 08:53:36 -05:00
Kyle Spearrin
ac1defc97a bump versions and disabled send creation 2020-11-12 21:43:10 -05:00
Addison Beck
dc69f4bd46
Changed the return type for BuildIdentityClaims() (#989) 2020-11-11 10:56:22 -05:00
Addison Beck
25a9991908
Implement User-based API Keys (#981)
* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
2020-11-10 15:15:29 -05:00
Vincent Salucci
d9cd7551fe
[Exemption] Updated policy messages (#984)
* Updated messages // added exemption message // added callout

* updated strings - futureproofing
2020-11-10 09:53:44 -06:00
Kyle Spearrin
26fb6fc3b7 remove premium checks for internal testing 2020-11-05 12:43:08 -05:00
Kyle Spearrin
82dd364e65
Send APIs (#979)
* send work

* fix sql proj file

* update

* updates

* access id

* delete job

* fix delete job

* local send storage

* update sprocs for null checks
2020-11-02 15:55:49 -05:00
Vincent Salucci
a5db233e51
[Require SSO] Added service layer dependent policy check (#977)
* Added service layer dependent policy check

* Updated to SingleOrg
2020-10-27 14:08:19 -05:00
Addison Beck
0eccfb8784
changed all OnlyOrg wording to be SingleOrg instead (#974)
* changed all OnlyOrg wording to be SingleOrg instead

* missed an OnlyOrg to change to SingleOrg
2020-10-27 10:28:41 -04:00
Vincent Salucci
66e44759f0
[Require SSO] Enterprise policy enforcement (#970)
* Initial commit of require sso authentication policy enforcement

* Updated sproc to send UseSso flag // Updated base validator to send back error message // Added changes to EntityFramework (just so its there for the future

* Update policy name // adjusted conditional to demorgan's

* Updated sproc // Added migrator script

* Added .sql file extension to DeleteOrgUserWithOrg migrator script

* Added policy // edit // strings // validation to business portal

* Change requests from review // Added Owner & Admin exemption

* Updated repository function used to get org user's type

* Updated with requested changes
2020-10-26 11:56:16 -05:00
Addison Beck
e872b4df9d
Only org policy (#962)
* added OnlyOrg to PolicyType enum

* blocked accepting new org invitations if OnlyOrg is relevant to the userOrg

* blocked creating new orgs if already in an org with OnlyOrg enabled

* created email alert for OnlyOrg policy

* removed users & sent alerts when appropriate for the OnlyOrg policy

* added method to noop mail service

* cleanup for OnlyOrg policy server logic

* blocked confirming new org users if they have violated the OnlyOrg policy since accepting

* added localization strings needed for the OnlyOrg policy

* allowed OnlyOrg policy configuration from the portal

* used correct localization key for onlyorg

* formatting and messaging changes for OnlyOrg

* formatting

* messaging change

* code review changes for onlyorg

* slimmed down a conditional

* optimized getting many orgUser records from many userIds

* removed a test file

* sql formatting

* weirdness

* trying to resolve git diff formatting issues
2020-10-20 02:48:10 -04:00
Vincent Salucci
50cf16a3fb
[SSO] New user provision flow (#945)
* Initial commit of accept user during set password flow

* changed new org user from accepted to invited // moved another check to token accept function

* Revised some white space // Moved business logic to UserService

* Fixed UserServiceTest

* Removed some white-space

* Removed more white-space

* Final white-space issues
2020-10-13 15:00:33 -05:00
Addison Beck
dfe5c571b9
Delete OrgUsers When Deleting An Org (#964)
* deleted orgUsers when deleting an org

* sql formatting
2020-10-13 11:26:55 -04:00
Chad Scharf
6227ddf304
Bump version: v1.37.2 (#961)
* Bump version: v1.37.2

* Revert Docker version
2020-10-09 10:48:11 -04:00
Addison Beck
9848f12638
enabled SSO when needed when upgrading from a free plan (#960) 2020-10-07 15:03:47 -04:00
Chad Scharf
a74778de3a
Update ACS path to embed Organization ID (#955) 2020-10-01 15:05:09 -04:00
Chad Scharf
3b8cbe631f
Implemented new OIDC redirect behavior (#954) 2020-09-29 17:06:17 -04:00
Kyle Spearrin
aa6bc164bb
support log filters for portal and sso (#948) 2020-09-22 10:32:14 -04:00
Addison Beck
845f9f5245
Fixed storage issue when upgrading from a free plan (#942) 2020-09-18 14:10:30 -04:00
Chad Scharf
a75077d703
Fixed resource and err msg for user provisioning (#939) 2020-09-16 15:02:18 -04:00
Kyle Spearrin
cf4fddfa21 bump version 2020-09-15 17:06:10 -04:00
Kyle Spearrin
1c6c599b8d
Created sso config service with save (#936) 2020-09-15 10:17:44 -04:00
Chad Scharf
692b3970af
SSO config revision date not updating fix (#934) 2020-09-14 21:22:24 -04:00
Vincent Salucci
c0e99d4047
Removed security stamp rotation during set-password SSO flow (#933) 2020-09-14 14:27:30 -05:00
Addison Beck
1880889325
added localization variables to sso account controller (#930)
* added localization variables to sso account controller

* Used the correct method for server side localization
2020-09-11 19:36:49 -04:00
Kyle Spearrin
82b6216e95
SetIdentityServerOrigin for all non-dev (#925) 2020-09-09 14:47:52 -04:00
Addison Beck
d7e45fe0a3
added server validation for plan selection (#924) 2020-09-09 12:10:33 -04:00
Chad Scharf
b429f6908d
Added X.509 cert validation copy value buttons (#923) 2020-09-09 11:32:33 -04:00
Kyle Spearrin
55e0f82139
use custom DiscoveryResponseGenerator on cloud too (#921) 2020-09-08 13:57:52 -04:00
Chad Scharf
a997440e3d
Added SP ACS URL to Config Screen (#920) 2020-09-08 13:04:26 -04:00
Kyle Spearrin
44c3dc4786 fix base seats on teams 2019 2020-09-07 09:19:33 -04:00
Addison Beck
a8277cc58b
updated stripe plan id for family (#916)
* updated stripe plan id for family

* updated famiies 2020 plan plan id
2020-09-06 00:48:04 -04:00
Kyle Spearrin
8deddfb466 add authenticatioon to fix DI errors 2020-09-05 23:38:47 -04:00
Chad Scharf
f27df01158
update portal landing page with tiles (#915) 2020-09-05 23:06:15 -04:00
Chad Scharf
c11af22010
version bump (#914)
* version bump

* version bump
2020-09-05 21:31:26 -04:00
Addison Beck
4b3abe6fb0
stopped manually encoding the SSO user_identifier (#913) 2020-09-04 14:16:49 -04:00
Kyle Spearrin
1c8744e4eb UseDeveloperExceptionPage only on dev 2020-09-04 12:32:18 -04:00
Chad Scharf
ed99b99bc1
Move SSO core to Core lib, new resource strings (#911)
* Move SSO core to Core lib, new resource strings

* Missed resource strings for lookup
2020-09-04 10:42:47 -04:00
Chad Scharf
43619ed933
Update favicon to new standard (#910) 2020-09-03 17:03:13 -04:00
Kyle Spearrin
ff4a025984
change response mode to form_post (#908) 2020-09-03 14:17:19 -04:00
Addison Beck
5842284915
added custom plan item to the static store (#907) 2020-09-02 15:52:45 -04:00
Chad Scharf
f15768db62
GlobalSettings SSO cache timeout setting in sec (#906)
* GlobalSettings SSO cache timeout setting in sec

* Rename cache duration/lifetime property
2020-09-02 14:51:53 -04:00
Chad Scharf
055fa4b86f
New resource strings for SSO and Redirect pages (#905) 2020-09-02 14:13:27 -04:00
Kyle Spearrin
8510a753a8
delete sso config when deleting org (#904)
* delete ssouser on org and user delete

* delete sso config when deleting org
2020-09-02 10:48:15 -04:00
Kyle Spearrin
47224913d4
delete ssouser on org and user delete (#902) 2020-09-01 16:05:37 -04:00
Kyle Spearrin
9faa9406a6
delete sso user when deleting org user (#901) 2020-09-01 15:07:47 -04:00
Kyle Spearrin
4439e6b25e use internal URL 2020-09-01 12:28:03 -04:00
Kyle Spearrin
c6aaa1276d AdjustIdentityServerConfig for authorization_endpoint 2020-09-01 12:13:08 -04:00
Kyle Spearrin
44e886ae44 debugging 2020-09-01 11:39:06 -04:00
Kyle Spearrin
ba84c59b5d custom DiscoveryResponseGenerator and helpers 2020-09-01 07:38:36 -04:00
Kyle Spearrin
3ad1672f8a revert Authority to InternalSso 2020-08-31 21:03:33 -04:00
Kyle Spearrin
1f086a1193 get rid of SetIdentityServerOrigin 2020-08-31 20:22:47 -04:00
Kyle Spearrin
613edab908 adjusting config 2020-08-31 18:25:27 -04:00
Kyle Spearrin
aa67de64c4 dont set SetIdentityServerOrigin for identity 2020-08-31 18:19:23 -04:00
Kyle Spearrin
ed9599b9fc fix SetIdentityServerOrigin 2020-08-31 16:19:34 -04:00
Kyle Spearrin
41908b7b68 SetIdentityServerOrigin 2020-08-31 16:06:24 -04:00
Kyle Spearrin
31e4db250b init OpenIdConnectConfiguration 2020-08-31 15:43:47 -04:00
Kyle Spearrin
9b02c2adb5 try explicitly setting AuthorizationEndpoint 2020-08-31 15:35:13 -04:00
Kyle Spearrin
b848e9e22c fix MetadataAddress 2020-08-28 21:28:47 -04:00
Kyle Spearrin
5a5b9163bf use internal sso for metadata address 2020-08-28 21:14:03 -04:00
Kyle Spearrin
f831e1f0f0 use sso external URL 2020-08-28 20:52:06 -04:00
Kyle Spearrin
39df8611e1 swap around sso service uris 2020-08-28 20:36:02 -04:00
Kyle Spearrin
7a72da5725 fix deprecated mailkit MailboxAddress ctor 2020-08-28 14:21:16 -04:00
Kyle Spearrin
9be30793b9 UsePathBase for identity server 2020-08-28 13:46:38 -04:00
Kyle Spearrin
38728143d8
Added static client store (#899) 2020-08-28 13:32:15 -04:00
Chad Scharf
db7d05b52f
Added PreValidate endpoint on Account controller (#896)
* Added PreValidate endpoint on Account controller

* Fixed IHttpClientFactory implementation

* Core localization and org sproc fix

* Pass culture, fixed sso middleware bug
2020-08-28 12:14:23 -04:00
Kyle Spearrin
303b9a7875
Allow org update api on self hosted for identifier only (#898) 2020-08-28 11:22:19 -04:00
Matt Smith
00a1e8e833
Add UseBusinessPortal to OrgUserOrgDetails. (#894) 2020-08-27 11:11:59 -05:00
Kyle Spearrin
614859a8bc add missing baseServiceUris 2020-08-26 15:09:51 -04:00
Addison Beck
59f8467f7c
Create sso user api (#886)
* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2020-08-26 14:12:04 -04:00
Kyle Spearrin
7cc9ce7bd5
check bitpay invoice status of complete (#892) 2020-08-26 11:35:38 -04:00
Chad Scharf
1c04e30689
Requested configuration cleanup for sso (#891) 2020-08-26 08:45:10 -04:00
Kyle Spearrin
2cd6d4f61a
plan adjustments (#890) 2020-08-25 14:23:36 -04:00
Chad Scharf
2fb18d8cf2
Extracted logic to get Identity cert (#889) 2020-08-25 13:15:59 -04:00
Kyle Spearrin
66e67d2172
map plantype to old strings for license hash (#882) 2020-08-21 17:44:45 -04:00
Kyle Spearrin
e41aca81de
allows dev runs to load a common idserv cert (#881) 2020-08-21 11:58:22 -04:00
Kyle Spearrin
a8c20d1c32
pass down version properly to generate license (#880) 2020-08-20 10:12:27 -04:00
Contribucious
8383a0866f
Add Yandex to global equivalent domains list (#876)
* [enum] Add Yandex to global equivalent domains list

Exhaustive list of Yandex domain names obtained by contacting their support.

* [Dictionary] Add Yandex to global equivalent domains list

Exhaustive list of Yandex domain names obtained by contacting their support.
2020-08-19 18:09:39 -04:00
Chad Scharf
8884157427
Added get for sso config repo by revision date (#878) 2020-08-19 13:35:17 -04:00
Contribucious
80f57d22a7
Remove amazon.co.nz from Amazon equivalent domains (redirect) (#875)
After further research, amazon.co.nz has never been more than a redirect (in order: to amazon.com, amazon.co.uk then back to amazon.com). See PR for more information.
2020-08-18 18:42:10 -04:00
Kyle Spearrin
2872bda6fe
tool to generate licenses (#874)
* tool to generate licenses

* code review feedback
2020-08-18 17:00:21 -04:00
Addison Beck
c65c52d997
Plan updates cleanup (#872)
* updated teams feature set for new plans

* removed whitespace

* alphabatized some properties
2020-08-17 10:45:37 -04:00
Kyle Spearrin
d190c4bd0f
Update APIs to collect other set password info (#870) 2020-08-17 10:40:35 -04:00
Contribucious
af85e17486
[Equivalent domains] Fix for the special case "eBay India" (#871)
See explanations in the PR.
2020-08-17 09:46:17 -04:00
Contribucious
2c430190cb
Add all missing entries to Ebay equivalent domains (#869)
(+ sort the Ebay list alphabetically)
2020-08-14 09:54:05 -04:00
Chad Scharf
38f7fff2f9
Added new SAML2 enums for configuration (#868) 2020-08-13 20:11:23 -04:00
Contribucious
6aed80a67d
Add amazon.{com.br, sa} to Amazon equivalent domains (#864)
(+ sort the Amazon list alphabetically)
2020-08-13 17:38:32 -04:00
Kyle Spearrin
cd926ca8f6
allow user registration for sso (#865) 2020-08-13 17:30:10 -04:00
Kyle Spearrin
4d8090d75e
Fix 2fa dictionary on identity response (#863) 2020-08-13 16:04:50 -04:00
Kyle Spearrin
783b4804ec
SSO support (#862)
* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
2020-08-12 17:03:09 -04:00
Kyle Spearrin
056b4b9bf4
add api support for updating org identifier (#861)
* add api support for updating org identifier

* add identifier to response as well

* implement in EF repo
2020-08-12 16:38:22 -04:00
Addison Beck
c8220fdfa6
Plan And Price Updates (#859)
* Expanded the Plan model to make plan & product data a bit more dynamic 
* Created a Product enum to track versioned instances of the same plan
* Created and API call and Response model for getting plan & product data from the server
2020-08-11 14:19:56 -04:00
Timo N
61b11e398b
Added netcup to global equivalent domains list (#600) 2020-08-11 09:06:57 -04:00
Chad Scharf
5878d1b0db
Ref event should be base64 encoded (#853) 2020-08-06 20:29:35 -04:00
Jeremy Lin
562082e9ca
Add a complete list of Eventbrite equivalent domains (#851)
This list was extracted using:

$ curl -s https://www.eventbrite.com/ |
    tr '"' '\n' |
    grep -o 'www\.eventbrite\.[^/]*' |
    sed 's/www\.//' |
    sort -u
2020-08-06 14:07:45 -04:00
Kyle Spearrin
004e3c58ee
added more client redirect uris for clis (#849) 2020-08-05 10:53:55 -04:00
Kyle Spearrin
44717b2d4c remove non-verified eventbrite equivalent domains 2020-08-04 08:02:44 -04:00
Chad Scharf
b5ac20ec9f
Correct connection string for res queue (#847) 2020-08-03 15:22:38 -04:00
David Lemayian
ca224c1782
update welcome email download urls (#844)
* update welcome email download urls

Very cool service! Noticed the download urls in the welcome email didn't take me to the downloads. Hope this fixes it?

* Update Welcome.html.hbs

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2020-08-01 16:18:40 -04:00
Kyle Spearrin
4df363aaa1
identityserver v4 cleanup (#843)
* v4 cleanup

* idToken
2020-07-31 09:45:36 -04:00
Kyle Spearrin
623cd36bd4
upgrade identity server 4 to v4 (#842)
* upgrade identity server 4 to v4

* remove script ref
2020-07-30 17:00:13 -04:00
Kyle Spearrin
f431b4ff67 version 1.36.1 bump 2020-07-29 10:35:12 -04:00
Kyle Spearrin
cf303f2f97
catch errors when trying to resolve DNS (#841) 2020-07-28 23:22:02 -04:00
Kyle Spearrin
aa1665065d
add missing RedirectUris (#840) 2020-07-28 22:49:13 -04:00
Kyle Spearrin
c53e8cbf9d
return if org user has sso binding (#839) 2020-07-28 21:11:45 -04:00
Kyle Spearrin
2c4752f4ac
Sso user table, model and repo stubbed out (#837)
* Sso user table, model and repo stubbed out

* switch to nullable org id, bigint id

* update GetBySsoUserAsync

* cleanup migrator file

* fix EF user repo

* fix pg repo

* is `IS NULL` checks

* unique indexes

* update migration scripts

* add another unique index

* remove old script
2020-07-28 10:03:09 -04:00
Kyle Spearrin
69e8860767
Assign usepolicies when upgrading (#838) 2020-07-28 09:28:11 -04:00
Kyle Spearrin
ca52da8698 bump version 2020-07-27 20:36:52 -04:00
Kyle Spearrin
5de236f294 update libs 2020-07-27 20:36:17 -04:00
Addison Beck
229478adae
Feature.web.534.allow multi select in org vault (#830)
* Set up API methods for bulk admin delete
2020-07-22 11:38:53 -05:00
Matt Portune
51fd87df0b
Added UseSso bool to Organization (#834)
* Added UseSso bool to org

* Update fields in migration script

* bump version & check enabled flag on ssoConfig
2020-07-22 09:38:39 -04:00
Kyle Spearrin
7bf559b4b6
Return continuation token (#833) 2020-07-21 20:19:53 -04:00
Chad Scharf
83e9468502
Transition reference id to data (#828)
* Transition reference id to data

* field length and request model updates
2020-07-20 15:19:46 -04:00
Kyle Spearrin
036b402e9f
update ip IsInternal() to account for missed ranges (#827)
* update ip IsInternal() to account for missed ranges

* update with `::`
2020-07-18 08:08:57 -04:00
François Van Ingelgom
aab6095073
Add support building from path that contains space (#815) 2020-07-17 08:28:31 -04:00
Kyle Spearrin
5892d52ed5 fix protocol 2020-07-16 08:03:57 -04:00
Kyle Spearrin
0d0c6c7167
sso integrations (#822)
* stub out hybrid sso

* support for PKCE authorization_code clients

* sso service urls

* sso client key

* abstract request validator

* support for verifying password

* custom AuthorizationCodeStore that does not remove codes

* cleanup

* comment

* created master password

* ResetMasterPassword

* rename Sso client to OidcIdentity

* update env builder

* bitwarden sso project in docker-compose

* sso path in nginx config
2020-07-16 08:01:39 -04:00
Chad Scharf
2742b414fd
reference event changes and cleanup (#823) 2020-07-15 12:38:45 -04:00
Vincent Salucci
a2b46daf59
Updated Kestrel application url to use IIS port (#820) 2020-07-14 09:36:38 -05:00
Matt Portune
92238eb0a9
Additional changes for enterprise portal sso config (#819)
* Additional changes for enterprise portal sso config

* Requested changes

* rename enum to Saml2

* Limit to one SSO config per org
2020-07-13 15:58:59 -04:00
Kyle Spearrin
8a46fcd301
Resolve host to check for private IP address (#812) 2020-07-07 19:47:12 -04:00
Chad Scharf
7af50172e0
Reference event service implementation (#811)
* Reference event service implementation

* Fix IReferenceable implementation of Id

* add structure to event body
2020-07-07 12:01:34 -04:00
Vincent Salucci
b4524fbcb6
Added BusinessPortal property for use on client side (#810) 2020-07-06 12:59:57 -05:00
Mart124
b6bea86216
Run jobs in local timezone (#808)
* Run jobs in local timezone

* Run jobs in local timezone
2020-07-03 22:48:40 -04:00
Chad Scharf
a37706eba1
Restore original collection method (#804) 2020-06-30 11:52:50 -04:00
Chad Scharf
d7b00f6c27
Subscription update to maintain auto charge (#803) 2020-06-29 20:29:19 -04:00
Kyle Spearrin
a64f4dd413 bump patch version 2020-06-29 10:17:09 -04:00
Kyle Spearrin
cc9d18f6d2
add missing [ViewPassword] true (#799) 2020-06-27 15:09:04 -04:00
Kyle Spearrin
6bc7a3cdc0
adjust cors origin checks (#800)
* allow cors from bitwarden.com on cloud

* allow file:// cors for safari extension

* fix missing paren
2020-06-27 15:08:50 -04:00
Matt Portune
0b1e49bc0a Remove Id from SsoConfig_Create sproc 2020-06-26 16:47:41 -04:00
Kyle Spearrin
b524029e5c bump dependency versions 2020-06-26 16:17:46 -04:00
Kyle Spearrin
1413eed32a bump version 2020-06-26 16:04:13 -04:00
Matt Portune
da9b81d552
Merge pull request #796 from bitwarden/sso-dal
Additional SSO & Org Identifier work
2020-06-26 10:47:17 -04:00
Matt Portune
bc5ea25d0b removed ssoConfig request/response models 2020-06-26 10:03:25 -04:00
Matt Portune
9f919bbea9 move Id assignment to after insert 2020-06-25 18:28:08 -04:00
Matt Portune
f46023f2f5 requested changes 2020-06-25 18:06:27 -04:00
Matt Portune
39a81af3e9 DAL & CRUD for SSO 2020-06-25 16:42:29 -04:00
Chad Scharf
47a6e607c6 Fixed validation error for Free org accounts 2020-06-25 15:58:08 -04:00
Chad Scharf
fca7b162bf Reference id storage and signup 2020-06-25 12:28:22 -04:00
Kyle Spearrin
f23a8edc45
Update stripe lib (#793) 2020-06-24 21:24:19 -04:00
Kyle Spearrin
8559e144c6 bump dependency minor/patch versions 2020-06-24 16:37:23 -04:00
Matt Portune
0f008435ba sproc tweak 2020-06-24 13:59:00 -04:00
Matt Portune
05891f2122 Requested updates 2020-06-24 12:24:36 -04:00
Matt Portune
09df3f64d3 Updates to SSO config DB setup 2020-06-23 23:54:27 -04:00
Kyle Spearrin
cf70a5e480
set cors policies to only allow web vault origin (#787)
* set cors policy to only allow web vault

* vault cors policy service
2020-06-23 18:47:53 -04:00
Matt Portune
6f53ef4847 formatting 2020-06-22 09:36:40 -04:00
Matt Portune
519226f824 formatting 2020-06-21 23:42:27 -04:00
Matt Portune
8e7cb082ad DB support for SSO config 2020-06-21 23:35:42 -04:00
Mike Hanson
398867a839 Parameterize AmazonSQSClient to allow testing 2020-06-18 10:16:23 -07:00
Chad Scharf
61b15c55d0
Merge pull request #782 from bitwarden/feature/tax-info-collection
Combined tax updates with other operations
2020-06-18 11:26:58 -04:00
Chad Scharf
0f28ac45f9 Consistency on TaxInfo use in service params 2020-06-18 10:41:55 -04:00
Kyle Spearrin
aeb6e4e7d4 formatting 2020-06-18 09:57:24 -04:00
Mike Hanson
dc42be710a
Add unit test coverage for AmazonSesMailDeliveryService (#783)
* Parameterize AmazonSimpleEmailServiceClient to allow testing

* Add unit test coverage for AmazonSesMailDeliveryService
2020-06-18 09:55:46 -04:00
Chad Scharf
1b027cab59 Remove erroneous whitespace 2020-06-17 20:02:38 -04:00
Chad Scharf
b7a500eb63 combined tax updates with other operations 2020-06-17 19:49:27 -04:00
Chad Scharf
f7e5f1f15e
Merge pull request #776 from bitwarden/feature/tax-info-collection
Feature/tax info collection
2020-06-17 10:49:54 -04:00
Hinton
7145e3ea88 On create default ViewPassword to true. 2020-06-15 18:54:32 +02:00
Chad Scharf
b2cb9a2f69 Billing addr line1 fix, pr feedback 2020-06-15 09:12:03 -04:00
Chad Scharf
1552ff7b29 Collect tax info, correct line1 2020-06-12 19:35:17 -04:00
Pedro Lamas
21834223fd
Adds extra Amazon equivalent domains (#775) 2020-06-12 10:25:08 -04:00
Chad Scharf
5b3f81f47e
Merge pull request #743 from Hinton/feature/hide-passwords
Add support collection access, hide passwords
2020-06-11 14:24:04 -04:00
Kyle Spearrin
f695b1e7fc
update gulp to v4 and remove old packages (#774)
* update gulp to v4 and remove old packages

* desc

* update project name
2020-06-11 14:23:23 -04:00
Code
d2625e47e1
Remove trailing comma and adjust formatting of some of the equivalent domain strings to match the rest (#773) 2020-06-09 16:53:48 -04:00
Kyle Spearrin
a7d7736806
Add i18nservice abstraction (#770) 2020-06-09 10:25:37 -04:00
Chad Scharf
d88838f19e API updates for tax info collection 2020-06-08 17:40:18 -04:00
Connor Gibson
cad7cf0200
Add office.com to Microsoft default equivalent domains. (#769) 2020-06-06 21:08:26 -04:00
Kyle Spearrin
4bd3e01a80
abstract context building to overrideable SetContextAsync (#766)
* abstract context building to overrideable SetContextAsync

* update method calls
2020-06-04 14:14:43 -04:00
André Paulo
e1a0d59fd1
Added Discord to Global Equivalent Domain (#752)
* add Discord to GlobalEquivalentDomainsType

* added discord domains to global domains
2020-05-28 19:48:51 -04:00
Matt Portune
0d156776cb
Merge pull request #737 from bitwarden/self-hosted-exp-email
License expiration email for self-hosted org/premium accounts
2020-05-27 09:07:47 -04:00
hinton
14a8224a99 Be explicit about AccessAll for ViewPassword 2020-05-23 11:06:41 +02:00
hinton
1c0095b122 Be explicit with AccessAll and fix bug in create/update cipher 2020-05-23 10:36:35 +02:00
Roman V
a421be731c
Add syslog suport for sending application logs to a Syslog server (#742)
* Add syslog suport for sending application logs to a Syslog server

* Rename SyslogSettings.Certificate to SyslogSettings.CertificatePath
2020-05-22 21:19:59 -04:00
hinton
f2348d2264 Resolve review comments 2020-05-22 22:16:01 +02:00
hinton
28fe86ecff Merge branch 'master' of https://github.com/bitwarden/server into feature/hide-passwords
# Conflicts:
#	src/Sql/dbo/Stored Procedures/CollectionUser_UpdateUsers.sql
#	src/Sql/dbo/Stored Procedures/OrganizationUser_UpdateWithCollections.sql
2020-05-22 21:42:29 +02:00
Kyle Spearrin
beb40eb682
Update swagger config to use proper URL scheme (#744) 2020-05-21 15:00:03 -04:00
Kyle Spearrin
343ef92a20
Sproc tweaks (#730)
* do not follow local hosts or ip addresses

* remove cron from mssql

* migration script

* Use joins instead of temp tables

* update migration script with join changes
2020-05-21 11:35:00 -04:00
hinton
36f15c67d0 Add support for new collection access, hide passwords 2020-05-21 15:38:57 +02:00
Matt Portune
545948220a additional formatting & inclusion of org name 2020-05-19 18:22:03 -04:00
Matt Portune
9bf3a467fa formatting 2020-05-19 12:37:45 -04:00
Kyle Spearrin
0cd90be83a bump version for release 2020-05-18 21:58:12 -04:00
Kyle Spearrin
c205bf72e6 update some libs 2020-05-18 21:57:14 -04:00
Matt Portune
2cf7f18858 License expiration email for self-hosted org/premium accounts 2020-05-18 16:06:34 -04:00
Chad Scharf
d49cc18a41 Stripe not crediting customer balance after void 2020-05-18 12:38:00 -04:00
Kyle Spearrin
d22992451c
updated bootstrap and colors (#733) 2020-05-15 13:24:25 -04:00
Chad Scharf
97158d607a
Merge pull request #727 from bitwarden/subscription-change-invoicing
Subscription change, invoice process update
2020-05-13 10:24:46 -04:00
Chad Scharf
cdfde692a6 Fixed SDK reference issue in Billing proj 2020-05-13 09:58:17 -04:00
Chad Scharf
9ef39bcadb Removed payment_behavior, errant whitespace 2020-05-13 09:54:10 -04:00
Kyle Spearrin
5c8c915f4e
Increase limits set by importer to 2k (#729) 2020-05-13 09:23:59 -04:00
Chad Scharf
a024b43cea Updated code style and PR feedback 2020-05-12 17:22:04 -04:00
Kyle Spearrin
10a6e12d09
generate signin token for enterprise portal (#728) 2020-05-12 15:36:33 -04:00
Chad Scharf
a9a7003bfc Subscription change, invoice process update 2020-05-12 12:48:21 -04:00
Chad Scharf
9a2d8e96e4 Updated Stripe API SDK version to 36.9.0 2020-05-08 10:15:48 -04:00
Kyle Spearrin
3c5cd0ffb2 brand color updates 2020-05-05 17:08:53 -04:00
Kyle Spearrin
9cb103e6aa update comment 2020-05-01 11:09:44 -04:00
Kyle Spearrin
7abfefd167 replace ip regex with IPAddress.Parse 2020-05-01 11:08:47 -04:00
Kyle Spearrin
3462613f49 Do not request local hosts or ip addresses 2020-04-30 11:41:30 -04:00
Kyle Spearrin
68901437ba only fetch icons from http(s) with default ports 2020-04-30 11:23:40 -04:00
Kyle Spearrin
fae4a335dc
public API for organization import (#707) 2020-04-23 11:29:19 -04:00
Kyle Spearrin
c177714799
Remove www. URL from alibaba (#701) 2020-04-16 10:38:39 -04:00
Chad Scharf
145dcabba6 [Soft Delete] bulk import fails if DeletedDate null 2020-04-10 13:43:51 -04:00
Chad Scharf
45e1e1a01b [Soft Delete] - cleanup whitespace in Cipher_Restore 2020-04-10 13:22:09 -04:00
Chad Scharf
32f19e9f90 [Soft Delete] - Add not null/is null filters to soft delete and restore sprocs 2020-04-10 13:22:09 -04:00
Chad Scharf
4defd13395 [Soft Delete] - fix Upsert calls based on cipher supertype 2020-04-08 16:18:22 -04:00
Kyle Spearrin
b106fd22fb
Only set channel prefix. Use machine name on counter (#687) 2020-04-03 08:39:59 -04:00
Kyle Spearrin
d6ed8291e6
Only apply count restriction to non-deleted users (#685) 2020-04-02 20:31:02 -04:00
Chad Scharf
7f22088d5f Fix delcaration of @UtcNow variable 2020-04-02 14:08:19 -04:00
Chad Scharf
3d786cbf28
Update Cipher_SoftDelete.sql
Co-Authored-By: Kyle Spearrin <kspearrin@users.noreply.github.com>
2020-04-02 14:06:15 -04:00
Chad Scharf
eb34cc49c6 Fixed date time precision assignment for DeletedDate and RevisionDate (performance + match/data quality) 2020-04-02 13:45:53 -04:00
Chad Scharf
c0019e7abc [Soft Delete] Update assignment of deleted and revision date to 1-liner 2020-04-02 10:56:22 -04:00
Chad Scharf
d07f27f274 [Soft-Delete] Simplify the data-tier, removed extra sprocs and reuse update 2020-04-01 16:39:27 -04:00
Chad Scharf
f6044f0d00 Missed one other PR comment fix 2020-04-01 15:47:10 -04:00
Chad Scharf
1d04803bd0 Resolved PR comments, spacing and controller code-line reversion 2020-04-01 14:55:14 -04:00
Chad Scharf
d014a597dd [Soft Delete] - API updates for soft delete + retrieval 2020-04-01 13:00:25 -04:00
Kyle Spearrin
fef512bad1
use message codes in query string (#681) 2020-03-29 23:41:31 -04:00
Chad Scharf
9800b752c0 Changed all C# control flow block statements to include space between keyword and open paren 2020-03-27 14:36:37 -04:00
Chad Scharf
55b937ff68 Updated PR comments, changed smart defaults for behavior, updated Cipher table index 2020-03-27 10:23:37 -04:00
Chad Scharf
bc46eccf70 Deleted date on Cipher table, related sprocs and repositories updated 2020-03-26 19:32:37 -04:00
Kyle Spearrin
132016bca4 ChannelPrefix 2020-03-21 00:22:14 -04:00
Kyle Spearrin
c8e249b05e client name 2020-03-20 23:05:08 -04:00
Kyle Spearrin
fccbeddac8 check for SettingHasValue 2020-03-20 20:19:46 -04:00
Kyle Spearrin
119a950141 bump version 2020-03-19 19:48:44 -04:00
Kyle Spearrin
1331cc90f7 check SettingHasValue instead of empty 2020-03-19 11:10:23 -04:00
Kyle Spearrin
981d6a0526 pad checkboxes some more 2020-03-17 12:17:13 -04:00
Kyle Spearrin
9520a646ad UserId added to MemberResponseModel 2020-03-17 12:05:06 -04:00
David Roth
b7b06d77df
Use correct sentry integration package. Fixes #669 (#670) 2020-03-16 08:25:46 -04:00
Kyle Spearrin
7dc959c058 return empty policies array if none 2020-03-12 15:05:46 -04:00
Kyle Spearrin
0f9ec8d64f check user has 2fa enabled when confirming 2020-03-09 15:13:40 -04:00
Kyle Spearrin
218fec52f1 allow maintenance tasks to take 48 hours 2020-03-08 20:59:03 -04:00
Kyle Spearrin
4a0071f721 only show ip-related headers 2020-03-07 21:41:53 -05:00
Kyle Spearrin
6341937c7c local build scripts 2020-03-06 22:05:50 -05:00
Kyle Spearrin
844238d31c show exception message 2020-03-05 21:50:39 -05:00
Kyle Spearrin
01ea3e995b add newrelic to identity server 2020-03-05 20:36:11 -05:00
Kyle Spearrin
499ca656a4 bitpay is now called token 2020-03-05 20:23:52 -05:00
Kyle Spearrin
518e94f60f upgrade more lgos. remove sendgrid 2020-03-05 10:33:44 -05:00
Kyle Spearrin
cd0ec26b07 upgrade libs 2020-03-04 22:01:28 -05:00
Kyle Spearrin
172525bf86 Merge branch 'master' of github.com:bitwarden/server 2020-03-04 21:57:50 -05:00
Kyle Spearrin
c8d7f04826 signalr redis support. remove old azure signalr refs 2020-03-04 21:57:42 -05:00
Alex Knight
d2fcf8f572
Additional Equivalent Domains Fix #649 (#662)
* Additional Equivalent Domains Fix #649

* Remove infinitysrv.com as resolves to 127.0.0.1
2020-03-04 10:55:58 -05:00
Kyle Spearrin
7b91fe55f0 set UsePolicies on license update 2020-03-03 22:32:59 -05:00
Kyle Spearrin
d5aa7b5624 allow configuring the validation urls for yubico otp servers 2020-03-03 08:32:50 -05:00
Kyle Spearrin
4a67780b3e only return eneabled policies by token 2020-03-02 11:30:44 -05:00
Kyle Spearrin
57472c9f82
API to get org policies by invite token (#661)
* API to get org policies by invite token

* from query attr
2020-03-02 10:17:32 -05:00
Kyle Spearrin
71d9ffdd9d
CheckPoliciesOnTwoFactorRemoval for 2fa recovery (#659) 2020-02-28 10:23:19 -05:00