nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Fix/identity service model validation (#1837)

Browse Source 
* Fix indentation

* Fix comment

* Extract ModelStateValidationFilter add to Indentity MVC opts

* Remove unnecessary base constructor call
This commit is contained in:
Matt Gibson 2022-02-02 14:26:15 -05:00 committed by GitHub
parent 9e074bca49
commit 5f2da6e4b7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 47 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Api/Startup.cs
View File

@ -124,7 +124,7 @@ namespace Bit.Api
services.AddCoreLocalizationServices();
#if OSS
services.AddOosServices();
services.AddOosServices();
#else
services.AddCommCoreServices();
#endif

21
src/Api/Utilities/ModelStateValidationFilterAttribute.cs
View File

@ -6,7 +6,7 @@ using InternalApi = Bit.Core.Models.Api;
namespace Bit.Api.Utilities
{
public class ModelStateValidationFilterAttribute : ActionFilterAttribute
public class ModelStateValidationFilterAttribute : SharedWeb.Utilities.ModelStateValidationFilterAttribute
{
private readonly bool _publicApi;
@ -15,24 +15,15 @@ namespace Bit.Api.Utilities
_publicApi = publicApi;
}
public override void OnActionExecuting(ActionExecutingContext context)
protected override void OnModelStateInvalid(ActionExecutingContext context)
{
var model = context.ActionArguments.FirstOrDefault(a => a.Key == "model");
if (model.Key == "model" && model.Value == null)
if (_publicApi)
{
context.ModelState.AddModelError(string.Empty, "Body is empty.");
context.Result = new BadRequestObjectResult(new ErrorResponseModel(context.ModelState));
}
if (!context.ModelState.IsValid)
else
{
if (_publicApi)
{
context.Result = new BadRequestObjectResult(new ErrorResponseModel(context.ModelState));
}
else
{
context.Result = new BadRequestObjectResult(new InternalApi.ErrorResponseModel(context.ModelState));
}
context.Result = new BadRequestObjectResult(new InternalApi.ErrorResponseModel(context.ModelState));
}
}
}

4
src/Identity/Controllers/AccountsController.cs
View File

@ -30,7 +30,7 @@ namespace Bit.Identity.Controllers
_userService = userService;
}
// Moved from API, If you modify this endpoint, please update Identity as well.
// Moved from API, If you modify this endpoint, please update API as well.
[HttpPost("register")]
[CaptchaProtected]
public async Task PostRegister([FromBody] RegisterRequestModel model)
@ -51,7 +51,7 @@ namespace Bit.Identity.Controllers
throw new BadRequestException(ModelState);
}
// Moved from API, If you modify this endpoint, please update Identity as well.
// Moved from API, If you modify this endpoint, please update API as well.
[HttpPost("prelogin")]
public async Task<PreloginResponseModel> PostPrelogin([FromBody] PreloginRequestModel model)
{

6
src/Identity/Startup.cs
View File

@ -58,7 +58,11 @@ namespace Bit.Identity
services.AddMemoryCache();
// Mvc
services.AddMvc();
// MVC
services.AddMvc(config =>
{
config.Filters.Add(new ModelStateValidationFilterAttribute());
});
if (!globalSettings.SelfHosted)
{

33
src/SharedWeb/Utilities/ModelStateValidationFilterAttribute.cs Normal file
View File

@ -0,0 +1,33 @@
using System.Linq;
using Bit.Core.Models.Api;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
namespace Bit.SharedWeb.Utilities
{
public class ModelStateValidationFilterAttribute : ActionFilterAttribute
{
public ModelStateValidationFilterAttribute()
{
}
public override void OnActionExecuting(ActionExecutingContext context)
{
var model = context.ActionArguments.FirstOrDefault(a => a.Key == "model");
if (model.Key == "model" && model.Value == null)
{
context.ModelState.AddModelError(string.Empty, "Body is empty.");
}
if (!context.ModelState.IsValid)
{
OnModelStateInvalid(context);
}
}
protected virtual void OnModelStateInvalid(ActionExecutingContext context)
{
context.Result = new BadRequestObjectResult(new ErrorResponseModel(context.ModelState));
}
}
}