1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
Commit Graph

3183 Commits

Author SHA1 Message Date
Thomas Rittson
cfd6123974
[Key Connector] Add event logging for first SSO login (#1724)
* Add null checks to fix logging from SSO controller

* Add FirstSsoLogin event logging
2021-11-19 07:42:35 +10:00
Oscar Hinton
6008715abc
Add check to ensure admins or owners arn't enrolled in key connector (#1725) 2021-11-18 21:56:13 +01:00
Thomas Rittson
2dc29e51d1
Fix bug preventing user from leaving org (#1721) 2021-11-18 21:15:22 +10:00
Thomas Rittson
9f96e4ce90
Disable EA Takeover if grantor uses Key Connector (#1718) 2021-11-18 07:47:43 +10:00
Micaiah Martin
faa8abb3dc
Updated SETUP.md to direct user with correct file name. (#1719) 2021-11-17 07:54:38 -07:00
Oscar Hinton
f866b25e43
Key Connector feature toggle (#1716) 2021-11-17 11:46:35 +01:00
Joseph Flinn
3a22f91ff5
Enable key connector selfhost (#1707)
* initial commit

* Add code for Key Connector feature

* Add help URL to config

* Fix folders for key-connector service

* Fix paths for key-connector

* fixing the env file builder when disabling the key connector

* swapping a variable name

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-11-16 09:52:02 -08:00
Thomas Rittson
cdb622d4aa
Add ApiUseKeyConnector flag to token response (#1710) 2021-11-16 06:54:28 +10:00
Vince Grassia
c660f8bf00
Fix Docker Notary (#1717) 2021-11-15 13:53:53 -05:00
Vince Grassia
27351762de
Upload Docker images to AWS ECR Nonprod Repositories (#1713) 2021-11-15 13:23:51 -05:00
Thomas Rittson
e3143271d7
[Key Connector] Prevent user from leaving org (#1715)
* Block user from leaving org using Key Connector

* Add tests
2021-11-15 19:46:13 +10:00
Thomas Rittson
c2975b003d
[Key Connector] Fix policy checks and other pre-reqs (#1711)
* Require SSO Policy to enable Key Connector

* Require that SSO is enabled to use Key Connector

* Fix error messages

"Key Connector" instead of "KeyConnector"

* Refactor dependent policy checks to handle expansion

* Block disabling Sso Policy if using Key Connector

* Update tests for policies required by Key Connector

* Fix tests

* Add test for Key Connector to require Sso Policy

* Add test: Sso config must be enabled to use Key Connector
2021-11-15 19:25:10 +10:00
Oscar Hinton
f1c41257b3
Allow disabling key connector if no user is enrolled (#1712) 2021-11-12 14:38:31 +01:00
Addison Beck
6b629feb03
[bug] Drop unused db column UsesCryptoAgent (#1704) 2021-11-09 12:33:18 -05:00
Kyle Spearrin
77f9f5fe72
remove dynamic names from admin confirm dialogs (#1703) 2021-11-09 12:13:23 -05:00
Kyle Spearrin
327e784336
Added middleware for general security headers (#1700) 2021-11-09 11:37:14 -05:00
Kyle Spearrin
f26a235964
set MaxResponseContentBufferSize to 5 MB (#1702) 2021-11-09 11:32:23 -05:00
Kyle Spearrin
2f0638ce8c
sanitize notification hub tag inputs (#1697) 2021-11-09 11:25:18 -05:00
Kyle Spearrin
fcc1a4e10c
add missing csrf token validation to admin (#1696) 2021-11-09 11:22:08 -05:00
Kyle Spearrin
9582e94232
add ::ffff: to internal ip check (#1701)
* add ::ffff: to internal ip check

* check StartsWith
2021-11-09 11:16:54 -05:00
Oscar Hinton
fd37cb5a12
Add support for Key Connector OTP and account migration (#1663)
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
Thomas Rittson
f6bc35b2d0
Fix typos in EF migrations (#1693)
* Fix typos in postgres migrations

* Fix extension of migration script
2021-11-09 07:40:01 +10:00
Kyle Spearrin
7cc7b84eaf
use fixed-time comparison of secrets (#1698) 2021-11-08 15:55:42 -05:00
Vince Grassia
c07794e907
Change Release workflow to allow releases from 'rc' and 'hotfix' branches (#1690) 2021-11-08 13:39:32 -05:00
Kyle Spearrin
5aa492e886
validate service url schema (#1695) 2021-11-08 11:47:03 -05:00
Oscar Hinton
1aa25f2712
Add checks for vault timeout policy (#1694) 2021-11-08 14:37:40 +01:00
Donald Nairn
7837a850eb
Fix minor typos in docs (#1692) 2021-11-08 12:43:14 +01:00
Kyle Spearrin
10c5a29c47
Prevent XSS possibility from SSO SAML Service URLs (#1691)
* validate sso service urls for HTML meta chars

* also check for double quotes
2021-11-05 14:49:45 -04:00
Joseph Flinn
68e20fe649
Updating the swashbuckle package in Api (#1685) 2021-11-04 09:29:19 -07:00
Thomas Rittson
0cb8da2fd8
Add Field.LinkedId (#1617) 2021-11-04 07:27:15 +10:00
Thomas Rittson
98c167b1c1
Improve local dev setup for SSO project (#1664)
* Add default SSO appsettings for development

* Add Sso project to setup_secrets.ps1 script

* Use hashmap instead of array
2021-11-03 07:12:43 +10:00
Thomas Rittson
e57bef6af4
Fix policy enforcement against invited users (#1680) 2021-11-03 07:08:13 +10:00
Chad Scharf
07b8e2a946
Self-Hosted Server Release v1.44.1 (#1683)
Self-Hosted Server Release v1.44.1 with Web v2.24.2
2021-11-02 13:22:17 -04:00
Joseph Flinn
630376400f
Dependency updates (#1681)
* fix: util/Nginx/Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406

* fix: util/Nginx/Dockerfile-k8s to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2021-11-02 09:49:00 -07:00
Thomas Rittson
7473a96b27
Update PR template to remind about EF migrations (#1679)
* Update PR template to remind about EF migrations

* Update wording
2021-11-02 08:22:17 +10:00
Justin Baur
4c9d9b248c
Fix bug in TaxInfo (#1682)
* Fixed bug in TaxInfo

* Added a few more tests to TaxInfoTests

* Added tests for HasTaxId
2021-11-01 12:13:31 -04:00
SudoEvan
dcc11e3819
Added unit tests for StrictEmailAddressListAttribute in Bit.Core.Utilities (#1652)
* Added unit tests for StrictEmailAddressListAttribute in Bit.Core.Utilities

* Fixed list format; added a null test on StrictEmailAddressListAttribute in Utilities
2021-10-29 12:24:53 -04:00
Justin Baur
114f58aa8e
Fix tests (#1675)
* Fix SendServiceTests that arose from merge

* Fixed SendService tests to be inline with spec

* Reorder usings
2021-10-28 15:47:58 -04:00
Justin Baur
d854332643
Unit Tests for hot spots (#1454)
* Add TaxInfoTests

* Add UserTests

* Add SendServicTests

* Added IconFetchingServicesTests

* Add endline
2021-10-28 14:30:41 -04:00
Joseph Flinn
7d6f7436a8
Version Bump 1.44.1 (#1674) 2021-10-27 15:35:55 -07:00
Joseph Flinn
19ca3ee374
Enabling deploys to the QA environment from branches with slashes in the name (#1673) 2021-10-27 12:44:54 -07:00
Matt Gibson
cb815c2f14
Allow managers to create self-assigned collections (#1672) 2021-10-27 13:06:23 -05:00
Joseph Flinn
52d1bade06
Hotfix/release workflow (#1671)
* fixing release workflow app service deploys

* adding the release branch as a conditional to the docker-stub build

* Add in missing 'if' statement for 'release' branch in Docker Stub step

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-10-27 08:45:33 -07:00
Thomas Rittson
818b3b5d9d
Add PR template (#1668) 2021-10-27 19:01:00 +10:00
Joseph Flinn
8683cbfe33
fixing parameter mismatch (#1670) 2021-10-26 19:18:54 -07:00
Joseph Flinn
fa1989bfed
fixing the error in the release workflow (#1669) 2021-10-26 18:56:06 -07:00
Joseph Flinn
e2c8fa7002
Replacing the DCT setup. There was a sneaky line that was different which is making our build of the EventsProcessor image break (#1667) 2021-10-26 15:02:19 -07:00
Joseph Flinn
9a629a410c
Allow Docker access to new release branching strategy (#1666)
* allowing the new release branch to push its docker images

* Switching to our action to set up DCT
2021-10-26 14:22:47 -07:00
Joseph Flinn
f783770fcd
Version bump to 1.44.0 (#1665) 2021-10-26 13:47:34 -07:00
Matt Gibson
8f0115e62f
Check canScale when scaling for sso (#1661)
* Check canScale when scaling for sso

* PR review

Use AutoAddSeats to add seats in a consistent way.
This requires moving user check out of that method.

* User logic moved out of method
2021-10-25 10:19:37 -05:00