nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-02 16:42:50 -05:00
Code Activity

re-working claims for aspnet core identity integration and backwards compat

Browse Source
This commit is contained in:
Kyle Spearrin
2017-01-11 21:46:36 -05:00
parent 54711e634b
commit 038c98cfaf
8 changed files with 35 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Core/Identity/Resources.cs → src/Core/Identity/ApiResources.cs
View File

@ -1,18 +1,19 @@
using IdentityServer4.Models;
using System.Collections.Generic;
using System.Security.Claims;
namespace Bit.Core.Identity
{
public class Resources
public class ApiResources
{
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "Vault API", new string[] {
"authmethod",
"nameid",
"email",
ClaimTypes.AuthenticationMethod,
ClaimTypes.NameIdentifier,
ClaimTypes.Email,
"securitystamp"
})
};

2
src/Core/Identity/ProfileService.cs
View File

@ -21,7 +21,7 @@ namespace Bit.Core.Identity
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.AddFilteredClaims(context.IssuedClaims);
context.AddFilteredClaims(context.Subject.Claims);
return Task.FromResult(0);
}

15
src/Core/Identity/ResourceOwnerPasswordValidator.cs
View File

@ -1,7 +1,9 @@
using Bit.Core.Domains;
using IdentityServer4.Models;
using IdentityServer4.Validation;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;
using System.Security.Claims;
using System.Threading.Tasks;
@ -10,11 +12,14 @@ namespace Bit.Core.Identity
public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
{
private readonly UserManager<User> _userManager;
private readonly IdentityOptions _identityOptions;
public ResourceOwnerPasswordValidator(
UserManager<User> userManager)
UserManager<User> userManager,
IOptions<IdentityOptions> optionsAccessor)
{
_userManager = userManager;
_identityOptions = optionsAccessor?.Value ?? new IdentityOptions();
}
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
@ -27,10 +32,10 @@ namespace Bit.Core.Identity
context.Result = new GrantValidationResult(user.Id.ToString(), "Application", identityProvider: "bitwarden",
claims: new Claim[] {
// Deprecated claims for backwards compatability
new Claim("authmethod", "Application"),
new Claim("nameid", user.Id.ToString()),
new Claim("email", user.Email.ToString()),
new Claim("securitystamp", user.SecurityStamp)
new Claim(ClaimTypes.AuthenticationMethod, "Application"),
new Claim(_identityOptions.ClaimsIdentity.UserIdClaimType, user.Id.ToString()),
new Claim(_identityOptions.ClaimsIdentity.UserNameClaimType, user.Email.ToString()),
new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp)
});
return;
}

1
src/Core/Services/IUserService.cs
View File

@ -8,6 +8,7 @@ namespace Bit.Core.Services
{
public interface IUserService
{
Task<User> GetUserByIdAsync(string userId);
Task<User> GetUserByIdAsync(Guid userId);
Task SaveUserAsync(User user);
Task<IdentityResult> RegisterUserAsync(User user, string masterPassword);

11
src/Core/Services/Implementations/UserService.cs
View File

@ -57,6 +57,17 @@ namespace Bit.Core.Services
_passwordValidators = passwordValidators;
}
public async Task<User> GetUserByIdAsync(string userId)
{
Guid userIdGuid;
if(!Guid.TryParse(userId, out userIdGuid))
{
return null;
}
return await _userRepository.GetByIdAsync(userIdGuid);
}
public async Task<User> GetUserByIdAsync(Guid userId)
{
return await _userRepository.GetByIdAsync(userId);