Implement User-based API Keys (#981)

* added column ApiKey to dbo.User * added dbo.User.ApiKey to User_Update * added dbo.User.ApiKey to User_Create * wrote migration script for implementing dbo.User.ApiKey * Added ApiKey prop to the User table model * Created AccountsController method for getting a user's API Key * Created AccountsController method for rotating a user API key * Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli * Added a new conditional to ClientStore to account for user API keys * Wrote unit tests for new user API Key methods * Added a refresh of dbo.UserView to new migration script for ApiKey * Let client_credentials grants into the custom token logic * Cleanup for ApiKey auth in the CLI feature * Created user API key on registration * Removed uneeded code for user API keys * Changed a .Contains() to a .StartsWith() in ClientStore * Changed index that an array is searched on * Added more claims to the user apikey clients * Moved some claim finding logic to a helper method
2025-07-01 08:02:49 -05:00 · 2020-11-10 15:15:29 -05:00
parent d9cd7551fe
commit 25a9991908
14 changed files with 540 additions and 59 deletions
--- a/src/Core/Models/Api/Response/ApiKeyResponseModel.cs
+++ b/src/Core/Models/Api/Response/ApiKeyResponseModel.cs
@ -15,6 +15,16 @@ namespace Bit.Core.Models.Api
            ApiKey = organization.ApiKey;
        }

+        public ApiKeyResponseModel(User user, string obj = "apiKey")
+            : base(obj)
+        {
+            if (user == null)
+            {
+                throw new ArgumentNullException(nameof(user));
+            }
+            ApiKey = user.ApiKey;
+        }
+
        public string ApiKey { get; set; }
    }
 }
--- a/src/Core/Models/Table/User.cs
+++ b/src/Core/Models/Table/User.cs
@ -3,8 +3,6 @@ using Bit.Core.Enums;
 using Bit.Core.Utilities;
 using System.Collections.Generic;
 using Newtonsoft.Json;
-using Bit.Core.Services;
-using Bit.Core.Exceptions;
 using Microsoft.AspNetCore.Identity;

 namespace Bit.Core.Models.Table
@ -39,6 +37,7 @@ namespace Bit.Core.Models.Table
        public string GatewaySubscriptionId { get; set; }
        public string ReferenceData { get; set; }
        public string LicenseKey { get; set; }
+        public string ApiKey { get; set; }
        public KdfType Kdf { get; set; } = KdfType.PBKDF2_SHA256;
        public int KdfIterations { get; set; } = 5000;
        public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;