nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 07:36:14 -05:00
Code Activity

Move identity endpoints to Identity service (#1807)

Browse Source
This commit is contained in:
Oscar Hinton
2022-01-17 13:21:51 +01:00
committed by GitHub
parent 56ee3bd290
commit 0def1830af
13 changed files with 246 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/Api/Controllers/AccountsController.cs
View File

@ -11,6 +11,8 @@ using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Enums.Provider;
using Bit.Core.Exceptions;
using Bit.Core.Models.Api.Request.Accounts;
using Bit.Core.Models.Api.Response.Accounts;
using Bit.Core.Models.Business;
using Bit.Core.Models.Data;
using Bit.Core.Repositories;
@ -64,6 +66,9 @@ namespace Bit.Api.Controllers
_sendService = sendService;
}
#region DEPRECATED (Moved to Identity Service)
[Obsolete("2022-01-12 Moved to Identity, left for backwards compatability with older clients")]
[HttpPost("prelogin")]
[AllowAnonymous]
public async Task<PreloginResponseModel> PostPrelogin([FromBody] PreloginRequestModel model)
@ -74,12 +79,13 @@ namespace Bit.Api.Controllers
kdfInformation = new UserKdfInformation
{
Kdf = KdfType.PBKDF2_SHA256,
KdfIterations = 100000
KdfIterations = 100000,
};
}
return new PreloginResponseModel(kdfInformation);
}
[Obsolete("2022-01-12 Moved to Identity, left for backwards compatability with older clients")]
[HttpPost("register")]
[AllowAnonymous]
[CaptchaProtected]
@ -101,6 +107,8 @@ namespace Bit.Api.Controllers
throw new BadRequestException(ModelState);
}
#endregion
[HttpPost("password-hint")]
[AllowAnonymous]
public async Task PostPasswordHint([FromBody] PasswordHintRequestModel model)

1
src/Api/Models/Request/Accounts/SetKeyConnectorKeyRequestModel.cs
View File

@ -1,6 +1,7 @@
using System.ComponentModel.DataAnnotations;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Models.Api.Request.Accounts;
namespace Bit.Api.Models.Request.Accounts
{

1
src/Api/Models/Request/Accounts/SetPasswordRequestModel.cs
View File

@ -1,6 +1,7 @@
using System.ComponentModel.DataAnnotations;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Models.Api.Request.Accounts;
namespace Bit.Api.Models.Request.Accounts
{

2
src/Api/Models/Request/Accounts/KeysRequestModel.cs → src/Core/Models/Api/Request/Accounts/KeysRequestModel.cs
View File

@ -1,7 +1,7 @@
using System.ComponentModel.DataAnnotations;
using Bit.Core.Entities;
namespace Bit.Api.Models.Request.Accounts
namespace Bit.Core.Models.Api.Request.Accounts
{
public class KeysRequestModel
{

2
src/Api/Models/Request/Accounts/PreloginRequestModel.cs → src/Core/Models/Api/Request/Accounts/PreloginRequestModel.cs
View File

@ -1,6 +1,6 @@
using System.ComponentModel.DataAnnotations;
namespace Bit.Api.Models.Request.Accounts
namespace Bit.Core.Models.Api.Request.Accounts
{
public class PreloginRequestModel
{

3
src/Api/Models/Request/Accounts/RegisterRequestModel.cs → src/Core/Models/Api/Request/Accounts/RegisterRequestModel.cs
View File

@ -3,11 +3,10 @@ using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Models.Api;
using Bit.Core.Utilities;
using Newtonsoft.Json;
namespace Bit.Api.Models.Request.Accounts
namespace Bit.Core.Models.Api.Request.Accounts
{
public class RegisterRequestModel : IValidatableObject, ICaptchaProtectedModel
{

2
src/Api/Models/Response/PreloginResponseModel.cs → src/Core/Models/Api/Response/Accounts/PreloginResponseModel.cs
View File

@ -1,7 +1,7 @@
using Bit.Core.Enums;
using Bit.Core.Models.Data;
namespace Bit.Api.Models.Response
namespace Bit.Core.Models.Api.Response.Accounts
{
public class PreloginResponseModel
{

70
src/Identity/Controllers/AccountsController.cs Normal file
View File

@ -0,0 +1,70 @@
using System.Linq;
using System.Threading.Tasks;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Models.Api.Request.Accounts;
using Bit.Core.Models.Api.Response.Accounts;
using Bit.Core.Models.Data;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
namespace Bit.Identity.Controllers
{
[Route("accounts")]
public class AccountsController : Controller
{
private readonly ILogger<AccountsController> _logger;
private readonly IUserRepository _userRepository;
private readonly IUserService _userService;
public AccountsController(
ILogger<AccountsController> logger,
IUserRepository userRepository,
IUserService userService)
{
_logger = logger;
_userRepository = userRepository;
_userService = userService;
}
// Moved from API, If you modify this endpoint, please update Identity as well.
[HttpPost("register")]
[CaptchaProtected]
public async Task PostRegister([FromBody] RegisterRequestModel model)
{
var result = await _userService.RegisterUserAsync(model.ToUser(), model.MasterPasswordHash,
model.Token, model.OrganizationUserId);
if (result.Succeeded)
{
return;
}
foreach (var error in result.Errors.Where(e => e.Code != "DuplicateUserName"))
{
ModelState.AddModelError(string.Empty, error.Description);
}
await Task.Delay(2000);
throw new BadRequestException(ModelState);
}
// Moved from API, If you modify this endpoint, please update Identity as well.
[HttpPost("prelogin")]
public async Task<PreloginResponseModel> PostPrelogin([FromBody] PreloginRequestModel model)
{
var kdfInformation = await _userRepository.GetKdfInformationByEmailAsync(model.Email);
if (kdfInformation == null)
{
kdfInformation = new UserKdfInformation
{
Kdf = KdfType.PBKDF2_SHA256,
KdfIterations = 100000,
};
}
return new PreloginResponseModel(kdfInformation);
}
}
}

20
src/Identity/Controllers/AccountController.cs → src/Identity/Controllers/SsoController.cs
View File

@ -11,7 +11,6 @@ using Bit.Identity.Models;
using IdentityModel;
using IdentityServer4;
using IdentityServer4.Services;
using IdentityServer4.Stores;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Localization;
@ -20,31 +19,28 @@ using Microsoft.Extensions.Logging;
namespace Bit.Identity.Controllers
{
public class AccountController : Controller
// TODO: 2022-01-12, Remove account alias
[Route("account/[action]")]
[Route("sso/[action]")]
public class SsoController : Controller
{
private readonly IClientStore _clientStore;
private readonly IIdentityServerInteractionService _interaction;
private readonly ILogger<AccountController> _logger;
private readonly ILogger<SsoController> _logger;
private readonly ISsoConfigRepository _ssoConfigRepository;
private readonly IUserRepository _userRepository;
private readonly IOrganizationRepository _organizationRepository;
private readonly IHttpClientFactory _clientFactory;
public AccountController(
IClientStore clientStore,
public SsoController(
IIdentityServerInteractionService interaction,
ILogger<AccountController> logger,
ILogger<SsoController> logger,
ISsoConfigRepository ssoConfigRepository,
IUserRepository userRepository,
IOrganizationRepository organizationRepository,
IHttpClientFactory clientFactory)
{
_clientStore = clientStore;
_interaction = interaction;
_logger = logger;
_ssoConfigRepository = ssoConfigRepository;
_userRepository = userRepository;
_organizationRepository = organizationRepository;
_clientFactory = clientFactory;
}
@ -272,7 +268,7 @@ namespace Bit.Identity.Controllers
}
}
public bool IsNativeClient(IdentityServer4.Models.AuthorizationRequest context)
private bool IsNativeClient(IdentityServer4.Models.AuthorizationRequest context)
{
return !context.RedirectUri.StartsWith("https", StringComparison.Ordinal)
&& !context.RedirectUri.StartsWith("http", StringComparison.Ordinal);