1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-29 13:25:17 +01:00
Commit Graph

107 Commits

Author SHA1 Message Date
Chad Scharf
6cc317c4ba
SSO - Added custom scopes and claim types for OIDC (#1133)
* SSO - Added custom scopes and claim types for OIDC

* Removed redundant field labels

* Added acr_values to OIDC config + request
2021-02-10 12:00:12 -05:00
Matt Gibson
edd4bc2623
Add disable send policy (#1130)
* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
Chad Scharf
6d8e37ebf6
Patch release version bump, 1.39.4 (#1124) 2021-02-01 18:43:32 -05:00
Chad Scharf
2380bba577
version bump 1.39.3 (#1113) 2021-01-27 17:00:56 -05:00
Chad Scharf
85edc03461
Add SAML 2.0 metadata export for dynamic SPs (#1094) 2021-01-21 15:54:46 -05:00
Chad Scharf
5778a903c6
Version bump, v1.39.0 (#1095) 2021-01-19 16:09:43 -05:00
Vincent Salucci
96cc88aafc
[Policy] Update Personal Ownership checkbox description (#1076)
* Initial commit of checkbox description update

* refactored property name
2021-01-12 11:37:33 -06:00
Addison Beck
63fcdc1418
Implemented Custom role and permissions (#1057)
* Implemented Custom role and permissions

* Converted permissions columns to a json blob

* Code review fixes for Permissions

* sql build fix

* Update Permissions.cs

* formatting

* Update IOrganizationService.cs

* reworked a conditional

* built out tests for relevant organization service methods

* removed unused usings

* fixed a broken test and a bad empty string init

* removed 'Attribute' from some attribute instances
2021-01-12 11:02:39 -05:00
Chad Scharf
99b95b5330
Fix safari sso header size (#1065)
* Safari SSO header size fix - in progress

* Cleanup of memoryCacheTicketStore

* Redis cache ticket store + registration

* Revert some unecessary changes

* temp - distributed cookie: idsrv.external

* Ticket data cached storage added

* OIDC working w/ substantially reduced cookie size

* Added distributed cache cookie manager

* Removed hybrid OIDC flow

* Enable self-hosted folks to use Redis  for SSO

* Also allow self-hosted to use Redis cont...
2021-01-11 11:03:46 -05:00
Chad Scharf
246cac1a33
Allow SHA1 inbound sigs from Idp (#1047) 2020-12-18 11:26:52 -05:00
Chad Scharf
fd293dd183
Added OIDC scope management (#1049)
* added OIDC scope management

* Remove errant code comment
2020-12-18 11:07:31 -05:00
Vincent Salucci
037757a740
Added missing enum type (#1046) 2020-12-17 14:20:23 -06:00
Chad Scharf
c390c46b3e
Version bump 1.38.4 (#1045) 2020-12-17 12:43:47 -05:00
Chad Scharf
1b8d5a8ee8
version bump to 1.38.3 (#1043) 2020-12-17 10:49:52 -05:00
Vincent Salucci
136c39fa50
Initial commit of SingleOrg downstream policy checks (#1038) 2020-12-16 16:02:54 -06:00
Vincent Salucci
70f5fd5030
[Policy] Personal Ownership (#1013)
* Initial commit of disable personal vault policy

* Added new sproc // updated policy check (was missing conditionals)

* Updated DeMorgan's law logic
2020-12-11 10:45:26 -06:00
Kyle Spearrin
01d4d97ef1
Ensure that users are confirmed status (#1033) 2020-12-09 12:04:14 -05:00
Vincent Salucci
09aea4ed38
[Bug] Improve SSO user provision flow (#1022)
* Initial commit of provisioning updates

* Updated strings

* removed extra BANG

* Separated orgUsers db lookup - prioritized existing user Id

* Updated create sso record method // Added sproc for org/email retrieval
2020-12-04 16:45:54 -06:00
Chad Scharf
9e1bf3d584
version bump 1.38.2 (#1023) 2020-12-03 22:06:36 -05:00
Vincent Salucci
f311f40d93
Added OrgIdentifer to SetPasswordAsync // Added jit user two factor provider (#1009) 2020-11-22 08:46:44 -06:00
Kyle Spearrin
7405ccb007 bump version 2020-11-18 10:24:02 -05:00
Addison Beck
2e6368d11a
Set user API key on account creation through SSO auto provision (#1003) 2020-11-18 10:20:59 -05:00
Vincent Salucci
028ad46c47
Bugfix: pulled back correct policy (#999) 2020-11-17 17:04:29 -06:00
Kyle Spearrin
ac1defc97a bump versions and disabled send creation 2020-11-12 21:43:10 -05:00
Vincent Salucci
d9cd7551fe
[Exemption] Updated policy messages (#984)
* Updated messages // added exemption message // added callout

* updated strings - futureproofing
2020-11-10 09:53:44 -06:00
Addison Beck
0eccfb8784
changed all OnlyOrg wording to be SingleOrg instead (#974)
* changed all OnlyOrg wording to be SingleOrg instead

* missed an OnlyOrg to change to SingleOrg
2020-10-27 10:28:41 -04:00
Vincent Salucci
66e44759f0
[Require SSO] Enterprise policy enforcement (#970)
* Initial commit of require sso authentication policy enforcement

* Updated sproc to send UseSso flag // Updated base validator to send back error message // Added changes to EntityFramework (just so its there for the future

* Update policy name // adjusted conditional to demorgan's

* Updated sproc // Added migrator script

* Added .sql file extension to DeleteOrgUserWithOrg migrator script

* Added policy // edit // strings // validation to business portal

* Change requests from review // Added Owner & Admin exemption

* Updated repository function used to get org user's type

* Updated with requested changes
2020-10-26 11:56:16 -05:00
Addison Beck
e872b4df9d
Only org policy (#962)
* added OnlyOrg to PolicyType enum

* blocked accepting new org invitations if OnlyOrg is relevant to the userOrg

* blocked creating new orgs if already in an org with OnlyOrg enabled

* created email alert for OnlyOrg policy

* removed users & sent alerts when appropriate for the OnlyOrg policy

* added method to noop mail service

* cleanup for OnlyOrg policy server logic

* blocked confirming new org users if they have violated the OnlyOrg policy since accepting

* added localization strings needed for the OnlyOrg policy

* allowed OnlyOrg policy configuration from the portal

* used correct localization key for onlyorg

* formatting and messaging changes for OnlyOrg

* formatting

* messaging change

* code review changes for onlyorg

* slimmed down a conditional

* optimized getting many orgUser records from many userIds

* removed a test file

* sql formatting

* weirdness

* trying to resolve git diff formatting issues
2020-10-20 02:48:10 -04:00
Vincent Salucci
50cf16a3fb
[SSO] New user provision flow (#945)
* Initial commit of accept user during set password flow

* changed new org user from accepted to invited // moved another check to token accept function

* Revised some white space // Moved business logic to UserService

* Fixed UserServiceTest

* Removed some white-space

* Removed more white-space

* Final white-space issues
2020-10-13 15:00:33 -05:00
Chad Scharf
6227ddf304
Bump version: v1.37.2 (#961)
* Bump version: v1.37.2

* Revert Docker version
2020-10-09 10:48:11 -04:00
Chad Scharf
bf04b9f940
Fix null ref exception for new org SSO (#963) 2020-10-08 13:49:05 -04:00
Chad Scharf
a74778de3a
Update ACS path to embed Organization ID (#955) 2020-10-01 15:05:09 -04:00
Chad Scharf
3b8cbe631f
Implemented new OIDC redirect behavior (#954) 2020-09-29 17:06:17 -04:00
Addison Beck
34034829b4
fixed faulty conditional logic for showing enabled policy labels (#952) 2020-09-24 11:47:57 -04:00
Chad Scharf
a75077d703
Fixed resource and err msg for user provisioning (#939) 2020-09-16 15:02:18 -04:00
Kyle Spearrin
cf4fddfa21 bump version 2020-09-15 17:06:10 -04:00
Chad Scharf
143e34766d
Handle nameID as email w/o email attribute (#938) 2020-09-15 12:50:25 -04:00
Kyle Spearrin
1c6c599b8d
Created sso config service with save (#936) 2020-09-15 10:17:44 -04:00
Chad Scharf
692b3970af
SSO config revision date not updating fix (#934) 2020-09-14 21:22:24 -04:00
Addison Beck
1880889325
added localization variables to sso account controller (#930)
* added localization variables to sso account controller

* Used the correct method for server side localization
2020-09-11 19:36:49 -04:00
Chad Scharf
8c7e7d1f6b
Remove referer header match from middleware (#928) 2020-09-10 16:06:22 -04:00
Kyle Spearrin
dce8332561 remove test exception page 2020-09-09 15:44:29 -04:00
Kyle Spearrin
4cb6ff395b test exception 2020-09-09 15:15:55 -04:00
Chad Scharf
a28a68889d
Null ref exception when saving config fix (#927) 2020-09-09 15:01:00 -04:00
Kyle Spearrin
82b6216e95
SetIdentityServerOrigin for all non-dev (#925) 2020-09-09 14:47:52 -04:00
Chad Scharf
b429f6908d
Added X.509 cert validation copy value buttons (#923) 2020-09-09 11:32:33 -04:00
Chad Scharf
1c3ba46246
Filled custom error handling gaps for SSO (#922)
* Filled custom error handling gaps for SSO

* Removed explicit logger from HomeController
2020-09-09 10:07:31 -04:00
Kyle Spearrin
55e0f82139
use custom DiscoveryResponseGenerator on cloud too (#921) 2020-09-08 13:57:52 -04:00
Chad Scharf
a997440e3d
Added SP ACS URL to Config Screen (#920) 2020-09-08 13:04:26 -04:00
Chad Scharf
6574d083fe
SAML NameID Policy AllowCreate should be null (#918)
* SAML NameID Policy AllowCreate should be null

* Determine if transient, then null, otherwise true
2020-09-08 10:43:07 -04:00
Chad Scharf
f27df01158
update portal landing page with tiles (#915) 2020-09-05 23:06:15 -04:00
Chad Scharf
c11af22010
version bump (#914)
* version bump

* version bump
2020-09-05 21:31:26 -04:00
Addison Beck
4b3abe6fb0
stopped manually encoding the SSO user_identifier (#913) 2020-09-04 14:16:49 -04:00
Kyle Spearrin
4ce572ae48 cleanup project files 2020-09-04 14:02:59 -04:00
Kyle Spearrin
0a58ec0bc8 delete compiled assets that should be ignored 2020-09-04 14:02:17 -04:00
Kyle Spearrin
84c85a90e8 Merge SSO and Portal projects 2020-09-04 13:56:08 -04:00
Kyle Spearrin
61dff9c758
split license file out to support bitwarden licensed code (#912)
* split license file out to support bitwarden licensed code

* Update LICENSE_BITWARDEN.txt

* Update LICENSE_BITWARDEN.txt
2020-09-04 13:36:22 -04:00