sso integrations (#822)

* stub out hybrid sso * support for PKCE authorization_code clients * sso service urls * sso client key * abstract request validator * support for verifying password * custom AuthorizationCodeStore that does not remove codes * cleanup * comment * created master password * ResetMasterPassword * rename Sso client to OidcIdentity * update env builder * bitwarden sso project in docker-compose * sso path in nginx config
2025-06-30 15:42:48 -05:00 · 2020-07-16 08:01:39 -04:00
parent 2742b414fd
commit 0d0c6c7167
29 changed files with 1093 additions and 435 deletions
--- a/util/Setup/EnvironmentFileBuilder.cs
+++ b/util/Setup/EnvironmentFileBuilder.cs
@ -26,12 +26,14 @@ namespace Bit.Setup
                ["globalSettings__baseServiceUri__api"] = "http://localhost/api",
                ["globalSettings__baseServiceUri__identity"] = "http://localhost/identity",
                ["globalSettings__baseServiceUri__admin"] = "http://localhost/admin",
+                ["globalSettings__baseServiceUri__sso"] = "http://localhost/sso",
                ["globalSettings__baseServiceUri__notifications"] = "http://localhost/notifications",
                ["globalSettings__baseServiceUri__internalNotifications"] = "http://notifications:5000",
                ["globalSettings__baseServiceUri__internalAdmin"] = "http://admin:5000",
                ["globalSettings__baseServiceUri__internalIdentity"] = "http://identity:5000",
                ["globalSettings__baseServiceUri__internalApi"] = "http://api:5000",
                ["globalSettings__baseServiceUri__internalVault"] = "http://web:5000",
+                ["globalSettings__baseServiceUri__internalSso"] = "http://sso:5000",
                ["globalSettings__pushRelayBaseUri"] = "https://push.bitwarden.com",
                ["globalSettings__installation__identityUri"] = "https://identity.bitwarden.com",
            };
@ -89,6 +91,7 @@ namespace Bit.Setup
                ["globalSettings__baseServiceUri__identity"] = $"{_context.Config.Url}/identity",
                ["globalSettings__baseServiceUri__admin"] = $"{_context.Config.Url}/admin",
                ["globalSettings__baseServiceUri__notifications"] = $"{_context.Config.Url}/notifications",
+                ["globalSettings__baseServiceUri__sso"] = $"{_context.Config.Url}/sso",
                ["globalSettings__sqlServer__connectionString"] = $"\"{dbConnectionString}\"",
                ["globalSettings__identityServer__certificatePassword"] = _context.Install?.IdentityCertPassword,
                ["globalSettings__attachment__baseDirectory"] = $"{_context.OutputDir}/core/attachments",
@ -100,6 +103,8 @@ namespace Bit.Setup
                ["globalSettings__licenseDirectory"] = $"{_context.OutputDir}/core/licenses",
                ["globalSettings__internalIdentityKey"] = _context.Stub ? "RANDOM_IDENTITY_KEY" :
                    Helpers.SecureRandomString(64, alpha: true, numeric: true),
+                ["globalSettings__oidcIdentityClientKey"] = _context.Stub ? "RANDOM_IDENTITY_KEY" :
+                    Helpers.SecureRandomString(64, alpha: true, numeric: true),
                ["globalSettings__duo__aKey"] = _context.Stub ? "RANDOM_DUO_AKEY" :
                    Helpers.SecureRandomString(64, alpha: true, numeric: true),
                ["globalSettings__installation__id"] = _context.Install?.InstallationId.ToString(),