Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-24 12:35:25 +01:00
Code Issues Projects Releases Wiki Activity
f2fad5513d
bitwarden-server/src/Identity
History
Shane Melton f2fad5513d
[AC-1070] Enforce master password policy on login (#2714) 
* [EC-1070] Add API endpoint to retrieve all policies for the current user

The additional API endpoint is required to avoid forcing a full sync call before every login for master password policy enforcement on login.

* [EC-1070] Add MasterPasswordPolicyData model

* [EC-1070] Move PolicyResponseModel to Core project

The response model is used by both the Identity and Api projects.

* [EC-1070] Supply master password polices as a custom identity token response

* [EC-1070] Include master password policies in 2FA token response

* [EC-1070] Add response model to verify-password endpoint that includes master password policies

* [AC-1070] Introduce MasterPasswordPolicyResponseModel

* [AC-1070] Add policy service method to retrieve a user's master password policy

* [AC-1070] User new policy service method

- Update BaseRequestValidator
- Update AccountsController for /verify-password endpoint
- Update VerifyMasterPasswordResponseModel to accept MasterPasswordPolicyData

* [AC-1070] Cleanup new policy service method

- Use User object instead of Guid
- Remove TODO message
- Use `PolicyRepository.GetManyByTypeApplicableToUserIdAsync` instead of filtering locally

* [AC-1070] Cleanup MasterPasswordPolicy models

- Remove default values from both models
- Add missing `RequireLower`
- Fix mismatched properties in `CombineWith` method
- Make properties nullable in response model

* [AC-1070] Remove now un-used GET /policies endpoint

* [AC-1070] Update policy service method to use GetManyByUserIdAsync

* [AC-1070] Ensure existing value is not null before comparison

* [AC-1070] Remove redundant VerifyMasterPasswordResponse model

* [AC-1070] Fix service typo in constructor
2023-04-17 07:35:47 -07:00
..
Controllers [PM-1188] Server owner auth migration (#2825) 2023-04-14 13:25:56 -04:00
IdentityServer [AC-1070] Enforce master password policy on login (#2714) 2023-04-17 07:35:47 -07:00
Models Update API endpoint to use RegisterResponseModel (#2282) 2022-09-19 09:35:57 -04:00
Properties Fix swapped launch settings default (#1925) 2022-03-25 16:11:01 -04:00
Utilities [SM-394] Secrets Manager (#2164) 2023-01-13 15:02:53 +01:00
Views/Shared sso integrations (#822) 2020-07-16 08:01:39 -04:00
.dockerignore Update output directory for dotnet builds (#1358) 2021-05-27 12:16:12 -04:00
appsettings.Development.json Log swallowed HttpRequestExceptions (#1866) 2022-04-07 12:37:11 +02:00
appsettings.json [EC-502] Rate Limiting Improvements (#2231) 2022-08-31 14:17:29 -07:00
appsettings.Production.json [EC-261] SCIM (#2105) 2022-07-14 15:58:48 -04:00
appsettings.QA.json [EC-261] SCIM (#2105) 2022-07-14 15:58:48 -04:00
appsettings.SelfHosted.json [EC-261] SCIM (#2105) 2022-07-14 15:58:48 -04:00
build.ps1 local build scripts 2020-03-06 22:05:50 -05:00
build.sh revamping the build scripts (#1620) 2021-10-08 09:53:56 -07:00
Dockerfile [PS-40] Upgrade to .NET 6 (#2056) 2022-06-24 10:39:34 -04:00
entrypoint.sh update entry.sh file for bw apps (#2771) 2023-03-09 14:20:46 +00:00
Identity.csproj Upgrade Swagger (#2611) 2023-01-24 12:10:00 -05:00
packages.lock.json Update Azure.Extensions.AspNetCore.DataProtection.Blobs (#2821) 2023-04-10 12:10:11 -04:00
Program.cs Add logging to tokenables (#2298) 2022-09-26 14:22:02 -05:00
Startup.cs [PM-1188] Server owner auth migration (#2825) 2023-04-14 13:25:56 -04:00