generate signin token for enterprise portal (#728)

2025-04-06 05:28:15 -05:00 · 2020-05-12 15:36:33 -04:00 · 2020-05-12 15:36:33 -04:00 · 10a6e12d09
commit 10a6e12d09
parent 00af142d63
4 changed files with 30 additions and 3 deletions
--- a/src/Api/Controllers/AccountsController.cs
+++ b/src/Api/Controllers/AccountsController.cs
@ -599,5 +599,24 @@ namespace Bit.Api.Controllers
            await _userService.ReinstatePremiumAsync(user);
        }
        [HttpGet("enterprise-portal-signin-token")]
        [Authorize("Web")]
        public async Task<string> GetEnterprisePortalSignInToken()
        {
            var user = await _userService.GetUserByPrincipalAsync(User);
            if (user == null)
            {
                throw new UnauthorizedAccessException();
            }
            var token = await _userService.GenerateEnterprisePortalSignInTokenAsync(user);
            if (token == null)
            {
                throw new BadRequestException("Cannot generate sign in token.");
            }
            return token;
        }
    }
 }
--- a/src/Core/Services/IUserService.cs
+++ b/src/Core/Services/IUserService.cs
@ -63,5 +63,6 @@ namespace Bit.Core.Services
        Task<bool> CanAccessPremium(ITwoFactorProvidersUser user);
        Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user);
        Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user);
        Task<string> GenerateEnterprisePortalSignInTokenAsync(User user);
    }
 }
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -1020,6 +1020,13 @@ namespace Bit.Core.Services
            return await CanAccessPremium(user);
        }
        public async Task<string> GenerateEnterprisePortalSignInTokenAsync(User user)
        {
            var token = await GenerateUserTokenAsync(user, Options.Tokens.PasswordResetTokenProvider,
                "EnterprisePortalTokenSignIn");
            return token;
        }
        private async Task<IdentityResult> UpdatePasswordHash(User user, string newPassword,
            bool validatePassword = true, bool refreshStamp = true)
        {
--- a/src/Core/Utilities/ServiceCollectionExtensions.cs
+++ b/src/Core/Utilities/ServiceCollectionExtensions.cs
@ -393,6 +393,7 @@ namespace Bit.Core.Utilities
        public static void AddCustomDataProtectionServices(
            this IServiceCollection services, IWebHostEnvironment env, GlobalSettings globalSettings)
        {
            var builder = services.AddDataProtection().SetApplicationName("Bitwarden");
            if (env.IsDevelopment())
            {
                return;
@ -400,8 +401,7 @@ namespace Bit.Core.Utilities
            if (globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.DataProtection.Directory))
            {
-                services.AddDataProtection()
+                builder.PersistKeysToFileSystem(new DirectoryInfo(globalSettings.DataProtection.Directory));
                    .PersistKeysToFileSystem(new DirectoryInfo(globalSettings.DataProtection.Directory));
            }
            if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Storage?.ConnectionString))
@ -419,7 +419,7 @@ namespace Bit.Core.Utilities
                        "dataprotection.pfx", globalSettings.DataProtection.CertificatePassword)
                        .GetAwaiter().GetResult();
                }
-                services.AddDataProtection()
+                builder
                    .PersistKeysToAzureBlobStorage(storageAccount, "aspnet-dataprotection/keys.xml")
                    .ProtectKeysWithCertificate(dataProtectionCert);
            }