Thomas Rittson
cfd6123974
[Key Connector] Add event logging for first SSO login ( #1724 )
...
* Add null checks to fix logging from SSO controller
* Add FirstSsoLogin event logging
2021-11-19 07:42:35 +10:00
Oscar Hinton
6008715abc
Add check to ensure admins or owners arn't enrolled in key connector ( #1725 )
2021-11-18 21:56:13 +01:00
Thomas Rittson
2dc29e51d1
Fix bug preventing user from leaving org ( #1721 )
2021-11-18 21:15:22 +10:00
Thomas Rittson
9f96e4ce90
Disable EA Takeover if grantor uses Key Connector ( #1718 )
2021-11-18 07:47:43 +10:00
Micaiah Martin
faa8abb3dc
Updated SETUP.md to direct user with correct file name. ( #1719 )
2021-11-17 07:54:38 -07:00
Oscar Hinton
f866b25e43
Key Connector feature toggle ( #1716 )
2021-11-17 11:46:35 +01:00
Joseph Flinn
3a22f91ff5
Enable key connector selfhost ( #1707 )
...
* initial commit
* Add code for Key Connector feature
* Add help URL to config
* Fix folders for key-connector service
* Fix paths for key-connector
* fixing the env file builder when disabling the key connector
* swapping a variable name
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-11-16 09:52:02 -08:00
Thomas Rittson
cdb622d4aa
Add ApiUseKeyConnector flag to token response ( #1710 )
2021-11-16 06:54:28 +10:00
Vince Grassia
c660f8bf00
Fix Docker Notary ( #1717 )
2021-11-15 13:53:53 -05:00
Vince Grassia
27351762de
Upload Docker images to AWS ECR Nonprod Repositories ( #1713 )
2021-11-15 13:23:51 -05:00
Thomas Rittson
e3143271d7
[Key Connector] Prevent user from leaving org ( #1715 )
...
* Block user from leaving org using Key Connector
* Add tests
2021-11-15 19:46:13 +10:00
Thomas Rittson
c2975b003d
[Key Connector] Fix policy checks and other pre-reqs ( #1711 )
...
* Require SSO Policy to enable Key Connector
* Require that SSO is enabled to use Key Connector
* Fix error messages
"Key Connector" instead of "KeyConnector"
* Refactor dependent policy checks to handle expansion
* Block disabling Sso Policy if using Key Connector
* Update tests for policies required by Key Connector
* Fix tests
* Add test for Key Connector to require Sso Policy
* Add test: Sso config must be enabled to use Key Connector
2021-11-15 19:25:10 +10:00
Oscar Hinton
f1c41257b3
Allow disabling key connector if no user is enrolled ( #1712 )
2021-11-12 14:38:31 +01:00
Addison Beck
6b629feb03
[bug] Drop unused db column UsesCryptoAgent ( #1704 )
2021-11-09 12:33:18 -05:00
Kyle Spearrin
77f9f5fe72
remove dynamic names from admin confirm dialogs ( #1703 )
2021-11-09 12:13:23 -05:00
Kyle Spearrin
327e784336
Added middleware for general security headers ( #1700 )
2021-11-09 11:37:14 -05:00
Kyle Spearrin
f26a235964
set MaxResponseContentBufferSize to 5 MB ( #1702 )
2021-11-09 11:32:23 -05:00
Kyle Spearrin
2f0638ce8c
sanitize notification hub tag inputs ( #1697 )
2021-11-09 11:25:18 -05:00
Kyle Spearrin
fcc1a4e10c
add missing csrf token validation to admin ( #1696 )
2021-11-09 11:22:08 -05:00
Kyle Spearrin
9582e94232
add ::ffff: to internal ip check ( #1701 )
...
* add ::ffff: to internal ip check
* check StartsWith
2021-11-09 11:16:54 -05:00
Oscar Hinton
fd37cb5a12
Add support for Key Connector OTP and account migration ( #1663 )
...
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
Thomas Rittson
f6bc35b2d0
Fix typos in EF migrations ( #1693 )
...
* Fix typos in postgres migrations
* Fix extension of migration script
2021-11-09 07:40:01 +10:00
Kyle Spearrin
7cc7b84eaf
use fixed-time comparison of secrets ( #1698 )
2021-11-08 15:55:42 -05:00
Vince Grassia
c07794e907
Change Release workflow to allow releases from 'rc' and 'hotfix' branches ( #1690 )
2021-11-08 13:39:32 -05:00
Kyle Spearrin
5aa492e886
validate service url schema ( #1695 )
2021-11-08 11:47:03 -05:00
Oscar Hinton
1aa25f2712
Add checks for vault timeout policy ( #1694 )
2021-11-08 14:37:40 +01:00
Donald Nairn
7837a850eb
Fix minor typos in docs ( #1692 )
2021-11-08 12:43:14 +01:00
Kyle Spearrin
10c5a29c47
Prevent XSS possibility from SSO SAML Service URLs ( #1691 )
...
* validate sso service urls for HTML meta chars
* also check for double quotes
2021-11-05 14:49:45 -04:00
Joseph Flinn
68e20fe649
Updating the swashbuckle package in Api ( #1685 )
2021-11-04 09:29:19 -07:00
Thomas Rittson
0cb8da2fd8
Add Field.LinkedId ( #1617 )
2021-11-04 07:27:15 +10:00
Thomas Rittson
98c167b1c1
Improve local dev setup for SSO project ( #1664 )
...
* Add default SSO appsettings for development
* Add Sso project to setup_secrets.ps1 script
* Use hashmap instead of array
2021-11-03 07:12:43 +10:00
Thomas Rittson
e57bef6af4
Fix policy enforcement against invited users ( #1680 )
2021-11-03 07:08:13 +10:00
Chad Scharf
07b8e2a946
Self-Hosted Server Release v1.44.1 ( #1683 )
...
Self-Hosted Server Release v1.44.1 with Web v2.24.2
2021-11-02 13:22:17 -04:00
Joseph Flinn
630376400f
Dependency updates ( #1681 )
...
* fix: util/Nginx/Dockerfile to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406
* fix: util/Nginx/Dockerfile-k8s to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2021-11-02 09:49:00 -07:00
Thomas Rittson
7473a96b27
Update PR template to remind about EF migrations ( #1679 )
...
* Update PR template to remind about EF migrations
* Update wording
2021-11-02 08:22:17 +10:00
Justin Baur
4c9d9b248c
Fix bug in TaxInfo ( #1682 )
...
* Fixed bug in TaxInfo
* Added a few more tests to TaxInfoTests
* Added tests for HasTaxId
2021-11-01 12:13:31 -04:00
SudoEvan
dcc11e3819
Added unit tests for StrictEmailAddressListAttribute in Bit.Core.Utilities ( #1652 )
...
* Added unit tests for StrictEmailAddressListAttribute in Bit.Core.Utilities
* Fixed list format; added a null test on StrictEmailAddressListAttribute in Utilities
2021-10-29 12:24:53 -04:00
Justin Baur
114f58aa8e
Fix tests ( #1675 )
...
* Fix SendServiceTests that arose from merge
* Fixed SendService tests to be inline with spec
* Reorder usings
2021-10-28 15:47:58 -04:00
Justin Baur
d854332643
Unit Tests for hot spots ( #1454 )
...
* Add TaxInfoTests
* Add UserTests
* Add SendServicTests
* Added IconFetchingServicesTests
* Add endline
2021-10-28 14:30:41 -04:00
Joseph Flinn
7d6f7436a8
Version Bump 1.44.1 ( #1674 )
2021-10-27 15:35:55 -07:00
Joseph Flinn
19ca3ee374
Enabling deploys to the QA environment from branches with slashes in the name ( #1673 )
2021-10-27 12:44:54 -07:00
Matt Gibson
cb815c2f14
Allow managers to create self-assigned collections ( #1672 )
2021-10-27 13:06:23 -05:00
Joseph Flinn
52d1bade06
Hotfix/release workflow ( #1671 )
...
* fixing release workflow app service deploys
* adding the release branch as a conditional to the docker-stub build
* Add in missing 'if' statement for 'release' branch in Docker Stub step
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-10-27 08:45:33 -07:00
Thomas Rittson
818b3b5d9d
Add PR template ( #1668 )
2021-10-27 19:01:00 +10:00
Joseph Flinn
8683cbfe33
fixing parameter mismatch ( #1670 )
2021-10-26 19:18:54 -07:00
Joseph Flinn
fa1989bfed
fixing the error in the release workflow ( #1669 )
2021-10-26 18:56:06 -07:00
Joseph Flinn
e2c8fa7002
Replacing the DCT setup. There was a sneaky line that was different which is making our build of the EventsProcessor image break ( #1667 )
2021-10-26 15:02:19 -07:00
Joseph Flinn
9a629a410c
Allow Docker access to new release branching strategy ( #1666 )
...
* allowing the new release branch to push its docker images
* Switching to our action to set up DCT
2021-10-26 14:22:47 -07:00
Joseph Flinn
f783770fcd
Version bump to 1.44.0 ( #1665 )
2021-10-26 13:47:34 -07:00
Matt Gibson
8f0115e62f
Check canScale when scaling for sso ( #1661 )
...
* Check canScale when scaling for sso
* PR review
Use AutoAddSeats to add seats in a consistent way.
This requires moving user check out of that method.
* User logic moved out of method
2021-10-25 10:19:37 -05:00