nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-05-24 04:51:03 -05:00
Code

Extract opaque logic to service

Browse Source
This commit is contained in:
Bernd Schoolmann 2025-03-13 14:47:20 +01:00
parent b7673cd450
commit 3cd3495a45
No known key found for this signature in database
6 changed files with 71 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Api.csproj
View File

@ -39,8 +39,4 @@
<PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" /> <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
</ItemGroup> </ItemGroup>
<ItemGroup>
<ProjectReference Include="../../../dotnet-extensions/extensions/Bitwarden.OPAQUE/src/Bitwarden.OPAQUE.csproj" />
</ItemGroup>
</Project> </Project>

37
src/Api/Auth/Controllers/OpaqueKeyExchangeController.cs
View File

@ -1,7 +1,7 @@
using Bit.Api.Auth.Models.Request.Opaque; using Bit.Api.Auth.Models.Request.Opaque;
using Bit.Api.Auth.Models.Response.Opaque; using Bit.Api.Auth.Models.Response.Opaque;
using Bit.Core.Auth.Services;
using Bit.Core.Services; using Bit.Core.Services;
using Bitwarden.OPAQUE;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
@ -11,54 +11,33 @@ namespace Bit.Api.Auth.Controllers;
[Authorize("Web")] [Authorize("Web")]
public class OpaqueKeyExchangeController : Controller public class OpaqueKeyExchangeController : Controller
{ {
private readonly IUserService _userService; private readonly IOpaqueKeyExchangeService _opaqueKeyExchangeService;
private readonly BitwardenOpaqueServer _bitwardenOpaque; IUserService _userService;
public OpaqueKeyExchangeController( public OpaqueKeyExchangeController(
IOpaqueKeyExchangeService opaqueKeyExchangeService,
IUserService userService IUserService userService
) )
{ {
_opaqueKeyExchangeService = opaqueKeyExchangeService;
_userService = userService; _userService = userService;
_bitwardenOpaque = new BitwardenOpaqueServer();
} }
[HttpPost("~/opaque/start-registration")] [HttpPost("~/opaque/start-registration")]
public async Task<OpaqueRegistrationStartResponse> StartRegistration([FromBody] OpaqueRegistrationStartRequest request) public async Task<OpaqueRegistrationStartResponse> StartRegistration([FromBody] OpaqueRegistrationStartRequest request)
{ {
var user = await _userService.GetUserByPrincipalAsync(User); var user = await _userService.GetUserByPrincipalAsync(User);
var registrationRequest = _bitwardenOpaque.StartRegistration(request.CipherConfiguration, null, System.Convert.FromBase64String(request.RegistrationRequest), user.Id.ToString()); var result = await _opaqueKeyExchangeService.StartRegistration(System.Convert.FromBase64String(request.RegistrationRequest), user, request.CipherConfiguration);
var message = registrationRequest.registrationResponse; return new OpaqueRegistrationStartResponse(result.Item1, System.Convert.ToBase64String(result.Item2));
var serverSetup = registrationRequest.serverSetup;
// persist server setup
var sessionId = Guid.NewGuid();
SessionStore.RegisterSessions.Add(sessionId, new RegisterSession() { SessionId = sessionId, ServerSetup = serverSetup, cipherConfiguration = request.CipherConfiguration });
return new OpaqueRegistrationStartResponse(sessionId, System.Convert.ToBase64String(message));
} }
[HttpPost("~/opaque/finish-registration")] [HttpPost("~/opaque/finish-registration")]
public async Task<String> FinishRegistration([FromBody] OpaqueRegistrationFinishRequest request) public async Task<String> FinishRegistration([FromBody] OpaqueRegistrationFinishRequest request)
{ {
await Task.Run(() => await Task.Run(() => { });
{
var registerSession = SessionStore.RegisterSessions[request.SessionId];
var registrationFinish = _bitwardenOpaque.FinishRegistration(registerSession.cipherConfiguration, System.Convert.FromBase64String(request.RegistrationUpload));
Console.WriteLine("Registration Finish: " + registrationFinish);
});
return ""; return "";
} }
} }
public class RegisterSession
{
public Guid SessionId { get; set; }
public byte[] ServerSetup { get; set; }
public CipherConfiguration cipherConfiguration { get; set; }
}
public class SessionStore()
{
public static Dictionary<Guid, RegisterSession> RegisterSessions = new Dictionary<Guid, RegisterSession>();
public static Dictionary<Guid, byte[]> LoginSessions = new Dictionary<Guid, byte[]>();
}

10
src/Core/Auth/Services/IOpaqueKeyExchangeService.cs Normal file
View File

@ -0,0 +1,10 @@
using Bit.Core.Entities;
using Bitwarden.OPAQUE;
namespace Bit.Core.Auth.Services;
public interface IOpaqueKeyExchangeService
{
public Task<(Guid, byte[])> StartRegistration(byte[] request, User user, CipherConfiguration cipherConfiguration);
public Task<bool> FinishRegistration(Guid sessionId, byte[] request, User user);
}

48
src/Core/Auth/Services/Implementations/OpaqueKeyExchangeService.cs Normal file
View File

@ -0,0 +1,48 @@
using Bit.Core.Entities;
using Bitwarden.OPAQUE;
namespace Bit.Core.Auth.Services;
public class OpaqueKeyExchangeService : IOpaqueKeyExchangeService
{
private readonly BitwardenOpaqueServer _bitwardenOpaque;
public OpaqueKeyExchangeService(
)
{
_bitwardenOpaque = new BitwardenOpaqueServer();
}
public async Task<(Guid, byte[])> StartRegistration(byte[] request, User user, CipherConfiguration cipherConfiguration)
{
var registrationRequest = _bitwardenOpaque.StartRegistration(cipherConfiguration, null, request, user.Id.ToString());
var message = registrationRequest.registrationResponse;
var serverSetup = registrationRequest.serverSetup;
// persist server setup
var sessionId = Guid.NewGuid();
SessionStore.RegisterSessions.Add(sessionId, new RegisterSession() { SessionId = sessionId, ServerSetup = serverSetup, cipherConfiguration = cipherConfiguration });
await Task.Run(() => { });
return (sessionId, message);
}
public async Task<bool> FinishRegistration(Guid sessionId, byte[] request, User user)
{
await Task.Run(() => { });
return true;
}
}
public class RegisterSession
{
public Guid SessionId { get; set; }
public byte[] ServerSetup { get; set; }
public CipherConfiguration cipherConfiguration { get; set; }
}
public class SessionStore()
{
public static Dictionary<Guid, RegisterSession> RegisterSessions = new Dictionary<Guid, RegisterSession>();
public static Dictionary<Guid, byte[]> LoginSessions = new Dictionary<Guid, byte[]>();
}

4
src/Core/Core.csproj
View File

@ -77,4 +77,8 @@
<Folder Include="Resources\" /> <Folder Include="Resources\" />
<Folder Include="Properties\" /> <Folder Include="Properties\" />
</ItemGroup> </ItemGroup>
<ItemGroup>
<ProjectReference Include="../../../dotnet-extensions/extensions/Bitwarden.OPAQUE/src/Bitwarden.OPAQUE.csproj" />
</ItemGroup>
</Project> </Project>

1
src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
View File

@ -118,6 +118,7 @@ public static class ServiceCollectionExtensions
services.AddScoped<IGroupService, GroupService>(); services.AddScoped<IGroupService, GroupService>();
services.AddScoped<IEventService, EventService>(); services.AddScoped<IEventService, EventService>();
services.AddScoped<IEmergencyAccessService, EmergencyAccessService>(); services.AddScoped<IEmergencyAccessService, EmergencyAccessService>();
services.AddScoped<IOpaqueKeyExchangeService, OpaqueKeyExchangeService>();
services.AddSingleton<IDeviceService, DeviceService>(); services.AddSingleton<IDeviceService, DeviceService>();
services.AddScoped<ISsoConfigService, SsoConfigService>(); services.AddScoped<ISsoConfigService, SsoConfigService>();
services.AddScoped<IAuthRequestService, AuthRequestService>(); services.AddScoped<IAuthRequestService, AuthRequestService>();