[PM-11516] Initial license file refactor (#5002)

* Added the ability to create a JWT on an organization license that contains all license properties as claims * Added the ability to create a JWT on a user license that contains all license properties as claims * Added ability to consume JWT licenses * Resolved generic type issues when getting claim value * Now validating the jwt signature, exp, and iat * Moved creation of ClaimsPrincipal outside of licenses given dependecy on cert * Ran dotnet format. Resolved identity error * Updated claim types to use string constants * Updated jwt expires to be one year * Fixed bug requiring email verification to be on the token * dotnet format * Patch build process --------- Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2025-07-02 08:32:50 -05:00 · 2024-12-05 09:31:14 -05:00
parent 0e32dcccad
commit 04cf513d78
23 changed files with 846 additions and 106 deletions
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -908,7 +908,9 @@ public class UserService : UserManager<User>, IUserService, IDisposable
                throw new BadRequestException("Invalid license.");
            }

-            if (!license.CanUse(user, out var exceptionMessage))
+            var claimsPrincipal = _licenseService.GetClaimsPrincipalFromLicense(license);
+
+            if (!license.CanUse(user, claimsPrincipal, out var exceptionMessage))
            {
                throw new BadRequestException(exceptionMessage);
            }
@ -987,7 +989,9 @@ public class UserService : UserManager<User>, IUserService, IDisposable
            throw new BadRequestException("Invalid license.");
        }

-        if (!license.CanUse(user, out var exceptionMessage))
+        var claimsPrincipal = _licenseService.GetClaimsPrincipalFromLicense(license);
+
+        if (!license.CanUse(user, claimsPrincipal, out var exceptionMessage))
        {
            throw new BadRequestException(exceptionMessage);
        }
@ -1111,7 +1115,9 @@ public class UserService : UserManager<User>, IUserService, IDisposable
        }
    }

-    public async Task<UserLicense> GenerateLicenseAsync(User user, SubscriptionInfo subscriptionInfo = null,
+    public async Task<UserLicense> GenerateLicenseAsync(
+        User user,
+        SubscriptionInfo subscriptionInfo = null,
        int? version = null)
    {
        if (user == null)
@ -1124,8 +1130,13 @@ public class UserService : UserManager<User>, IUserService, IDisposable
            subscriptionInfo = await _paymentService.GetSubscriptionAsync(user);
        }

-        return subscriptionInfo == null ? new UserLicense(user, _licenseService) :
-            new UserLicense(user, subscriptionInfo, _licenseService);
+        var userLicense = subscriptionInfo == null
+            ? new UserLicense(user, _licenseService)
+            : new UserLicense(user, subscriptionInfo, _licenseService);
+
+        userLicense.Token = await _licenseService.CreateUserTokenAsync(user, subscriptionInfo);
+
+        return userLicense;
    }

    public override async Task<bool> CheckPasswordAsync(User user, string password)