nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-08 06:28:14 -05:00
Code

Extracted logic to get Identity cert (#889)

Browse Source
This commit is contained in:
Chad Scharf 2020-08-25 13:15:59 -04:00 committed by GitHub
parent 66e67d2172
commit 2fb18d8cf2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 31 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/Core/Utilities/CoreHelpers.cs
View File

@ -188,13 +188,13 @@ namespace Bit.Core.Utilities
{ {
var blobClient = cloudStorageAccount.CreateCloudBlobClient(); var blobClient = cloudStorageAccount.CreateCloudBlobClient();
var containerRef = blobClient.GetContainerReference(container); var containerRef = blobClient.GetContainerReference(container);
if (await containerRef.ExistsAsync()) if (await containerRef.ExistsAsync().ConfigureAwait(false))
{ {
var blobRef = containerRef.GetBlobReference(file); var blobRef = containerRef.GetBlobReference(file);
if (await blobRef.ExistsAsync()) if (await blobRef.ExistsAsync().ConfigureAwait(false))
{ {
var blobBytes = new byte[blobRef.Properties.Length]; var blobBytes = new byte[blobRef.Properties.Length];
await blobRef.DownloadToByteArrayAsync(blobBytes, 0); await blobRef.DownloadToByteArrayAsync(blobBytes, 0).ConfigureAwait(false);
return new X509Certificate2(blobBytes, password); return new X509Certificate2(blobBytes, password);
} }
} }
@ -621,5 +621,30 @@ namespace Bit.Core.Utilities
// Product website // Product website
(!globalSettings.SelfHosted && origin == "https://bitwarden.com"); (!globalSettings.SelfHosted && origin == "https://bitwarden.com");
} }
public static X509Certificate2 GetIdentityServerCertificate(GlobalSettings globalSettings)
{
if (globalSettings.SelfHosted &&
SettingHasValue(globalSettings.IdentityServer.CertificatePassword)
&& File.Exists("identity.pfx"))
{
return GetCertificate("identity.pfx",
globalSettings.IdentityServer.CertificatePassword);
}
else if (SettingHasValue(globalSettings.IdentityServer.CertificateThumbprint))
{
return GetCertificate(
globalSettings.IdentityServer.CertificateThumbprint);
}
else if (!globalSettings.SelfHosted &&
SettingHasValue(globalSettings.Storage?.ConnectionString) &&
SettingHasValue(globalSettings.IdentityServer.CertificatePassword))
{
var storageAccount = CloudStorageAccount.Parse(globalSettings.Storage.ConnectionString);
return GetBlobCertificateAsync(storageAccount, "certificates",
"identity.pfx", globalSettings.IdentityServer.CertificatePassword).GetAwaiter().GetResult();
}
return null;
}
} }
} }

24
src/Core/Utilities/ServiceCollectionExtensions.cs
View File

@ -375,28 +375,10 @@ namespace Bit.Core.Utilities
public static IIdentityServerBuilder AddIdentityServerCertificate( public static IIdentityServerBuilder AddIdentityServerCertificate(
this IIdentityServerBuilder identityServerBuilder, IWebHostEnvironment env, GlobalSettings globalSettings) this IIdentityServerBuilder identityServerBuilder, IWebHostEnvironment env, GlobalSettings globalSettings)
{ {
if (globalSettings.SelfHosted && var certificate = CoreHelpers.GetIdentityServerCertificate(globalSettings);
CoreHelpers.SettingHasValue(globalSettings.IdentityServer.CertificatePassword) if (certificate != null)
&& File.Exists("identity.pfx"))
{ {
var identityServerCert = CoreHelpers.GetCertificate("identity.pfx", identityServerBuilder.AddSigningCredential(certificate);
globalSettings.IdentityServer.CertificatePassword);
identityServerBuilder.AddSigningCredential(identityServerCert);
}
else if (CoreHelpers.SettingHasValue(globalSettings.IdentityServer.CertificateThumbprint))
{
var identityServerCert = CoreHelpers.GetCertificate(
globalSettings.IdentityServer.CertificateThumbprint);
identityServerBuilder.AddSigningCredential(identityServerCert);
}
else if (!globalSettings.SelfHosted &&
CoreHelpers.SettingHasValue(globalSettings.Storage?.ConnectionString) &&
CoreHelpers.SettingHasValue(globalSettings.IdentityServer.CertificatePassword))
{
var storageAccount = CloudStorageAccount.Parse(globalSettings.Storage.ConnectionString);
var identityServerCert = CoreHelpers.GetBlobCertificateAsync(storageAccount, "certificates",
"identity.pfx", globalSettings.IdentityServer.CertificatePassword).GetAwaiter().GetResult();
identityServerBuilder.AddSigningCredential(identityServerCert);
} }
else if (env.IsDevelopment()) else if (env.IsDevelopment())
{ {