From 4fc5347f1538b050b6ea3c8693910c031905fac7 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Tue, 9 Aug 2022 12:14:17 -0400 Subject: [PATCH] respect allowanonymous on scim auth (#2173) --- bitwarden_license/src/Scim/Controllers/InfoController.cs | 2 ++ .../src/Scim/Utilities/ApiKeyAuthenticationHandler.cs | 7 +++++++ 2 files changed, 9 insertions(+) diff --git a/bitwarden_license/src/Scim/Controllers/InfoController.cs b/bitwarden_license/src/Scim/Controllers/InfoController.cs index 47063b8337..67967ed374 100644 --- a/bitwarden_license/src/Scim/Controllers/InfoController.cs +++ b/bitwarden_license/src/Scim/Controllers/InfoController.cs @@ -1,8 +1,10 @@ using Bit.Core.Utilities; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace Bit.Scim.Controllers { + [AllowAnonymous] public class InfoController : Controller { [HttpGet("~/alive")] diff --git a/bitwarden_license/src/Scim/Utilities/ApiKeyAuthenticationHandler.cs b/bitwarden_license/src/Scim/Utilities/ApiKeyAuthenticationHandler.cs index e5f75089a7..c1b08b1b9e 100644 --- a/bitwarden_license/src/Scim/Utilities/ApiKeyAuthenticationHandler.cs +++ b/bitwarden_license/src/Scim/Utilities/ApiKeyAuthenticationHandler.cs @@ -5,6 +5,7 @@ using Bit.Core.Repositories; using Bit.Scim.Context; using IdentityModel; using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authorization; using Microsoft.Extensions.Options; namespace Bit.Scim.Utilities @@ -32,6 +33,12 @@ namespace Bit.Scim.Utilities protected override async Task HandleAuthenticateAsync() { + var endpoint = Context.GetEndpoint(); + if (endpoint?.Metadata?.GetMetadata() != null) + { + return AuthenticateResult.NoResult(); + } + if (!_scimContext.OrganizationId.HasValue || _scimContext.Organization == null) { Logger.LogWarning("No organization.");