diff --git a/src/Api/Controllers/SettingsController.cs b/src/Api/Controllers/SettingsController.cs index d4887c25da..01329f8aad 100644 --- a/src/Api/Controllers/SettingsController.cs +++ b/src/Api/Controllers/SettingsController.cs @@ -42,7 +42,7 @@ namespace Bit.Api.Controllers throw new UnauthorizedAccessException(); } - await _userService.SaveUserAsync(model.ToUser(user)); + await _userService.SaveUserAsync(model.ToUser(user), true); var response = new DomainsResponseModel(user); return response; diff --git a/src/Core/Models/Business/OrganizationLicense.cs b/src/Core/Models/Business/OrganizationLicense.cs index 4dc847d85b..2baecb85f8 100644 --- a/src/Core/Models/Business/OrganizationLicense.cs +++ b/src/Core/Models/Business/OrganizationLicense.cs @@ -12,9 +12,10 @@ namespace Bit.Core.Models.Business public OrganizationLicense() { } - public OrganizationLicense(Organization org) + public OrganizationLicense(Organization org, Guid installationId) { LicenseKey = ""; + InstallationId = installationId; Id = org.Id; Name = org.Name; Enabled = org.Enabled; @@ -29,6 +30,7 @@ namespace Bit.Core.Models.Business } public string LicenseKey { get; set; } + public Guid InstallationId { get; set; } public Guid Id { get; set; } public string Name { get; set; } public bool Enabled { get; set; } @@ -53,11 +55,12 @@ namespace Bit.Core.Models.Business string data = null; if(Version == 1) { - data = string.Format("organization:{0}_{1}_{2}_{3}_{4}_{5}_{6}_{7}_{8}_{9}_{10}_{11}_{12}_{13}", + data = string.Format("organization:{0}_{1}_{2}_{3}_{4}_{5}_{6}_{7}_{8}_{9}_{10}_{11}_{12}_{13}_{14}", Version, Utilities.CoreHelpers.ToEpocSeconds(Issued), Expires.HasValue ? Utilities.CoreHelpers.ToEpocSeconds(Expires.Value).ToString() : null, LicenseKey, + InstallationId, Id, Enabled, PlanType, @@ -76,7 +79,29 @@ namespace Bit.Core.Models.Business return Encoding.UTF8.GetBytes(data); } - + + public bool CanUse(Guid installationId) + { + if(Issued > DateTime.UtcNow) + { + return false; + } + + if(Expires < DateTime.UtcNow) + { + return false; + } + + if(Version == 1) + { + return InstallationId == installationId; + } + else + { + throw new NotSupportedException($"Version {Version} is not supported."); + } + } + public bool VerifyData(Organization organization) { if(Issued > DateTime.UtcNow) @@ -99,7 +124,7 @@ namespace Bit.Core.Models.Business organization.MaxCollections == MaxCollections && organization.UseGroups == UseGroups && organization.UseDirectory == UseDirectory && - organization.UseTotp == UseTotp && + organization.UseTotp == UseTotp && organization.SelfHost == SelfHost; } else diff --git a/src/Core/Models/Business/UserLicense.cs b/src/Core/Models/Business/UserLicense.cs index 17032dc414..492314ba6d 100644 --- a/src/Core/Models/Business/UserLicense.cs +++ b/src/Core/Models/Business/UserLicense.cs @@ -65,6 +65,28 @@ namespace Bit.Core.Models.Business return Encoding.UTF8.GetBytes(data); } + public bool CanUse(User user) + { + if(Issued > DateTime.UtcNow) + { + return false; + } + + if(Expires < DateTime.UtcNow) + { + return false; + } + + if(Version == 1) + { + return user.Email.Equals(Email, StringComparison.InvariantCultureIgnoreCase); + } + else + { + throw new NotSupportedException($"Version {Version} is not supported."); + } + } + public bool VerifyData(User user) { if(Issued > DateTime.UtcNow) diff --git a/src/Core/Services/IUserService.cs b/src/Core/Services/IUserService.cs index e7dd286a2a..469c0edaf3 100644 --- a/src/Core/Services/IUserService.cs +++ b/src/Core/Services/IUserService.cs @@ -17,7 +17,7 @@ namespace Bit.Core.Services Task GetUserByIdAsync(Guid userId); Task GetUserByPrincipalAsync(ClaimsPrincipal principal); Task GetAccountRevisionDateByIdAsync(Guid userId); - Task SaveUserAsync(User user); + Task SaveUserAsync(User user, bool push = false); Task RegisterUserAsync(User user, string masterPassword); Task SendMasterPasswordHintAsync(string email); Task SendTwoFactorEmailAsync(User user); diff --git a/src/Core/Services/Implementations/BaseRelayPushNotificationService.cs b/src/Core/Services/Implementations/BaseRelayPushNotificationService.cs index c8701b1370..16c023b42b 100644 --- a/src/Core/Services/Implementations/BaseRelayPushNotificationService.cs +++ b/src/Core/Services/Implementations/BaseRelayPushNotificationService.cs @@ -8,6 +8,7 @@ using Newtonsoft.Json.Linq; using Bit.Core.Utilities; using System.Net; using System.Net.Http.Headers; +using Microsoft.Extensions.Logging; namespace Bit.Core.Services { @@ -15,10 +16,13 @@ namespace Bit.Core.Services { private dynamic _decodedToken; private DateTime? _nextAuthAttempt = null; + private readonly ILogger _logger; public BaseRelayPushNotificationService( - GlobalSettings globalSettings) + GlobalSettings globalSettings, + ILogger logger) { + _logger = logger; GlobalSettings = globalSettings; PushClient = new HttpClient @@ -65,8 +69,17 @@ namespace Bit.Core.Services }) }; - var response = await IdentityClient.SendAsync(requestMessage); - if(!response.IsSuccessStatusCode) + HttpResponseMessage response = null; + try + { + response = await IdentityClient.SendAsync(requestMessage); + } + catch(Exception e) + { + _logger.LogError(12339, e, "Unable to auth for push."); + } + + if(response == null || !response.IsSuccessStatusCode) { if(response.StatusCode == HttpStatusCode.BadRequest) { diff --git a/src/Core/Services/Implementations/RelayPushNotificationService.cs b/src/Core/Services/Implementations/RelayPushNotificationService.cs index d08503bf68..a770f7b58e 100644 --- a/src/Core/Services/Implementations/RelayPushNotificationService.cs +++ b/src/Core/Services/Implementations/RelayPushNotificationService.cs @@ -6,19 +6,23 @@ using Microsoft.AspNetCore.Http; using Bit.Core.Models; using System.Net.Http; using Bit.Core.Models.Api; +using Microsoft.Extensions.Logging; namespace Bit.Core.Services { public class RelayPushNotificationService : BaseRelayPushNotificationService, IPushNotificationService { private readonly IHttpContextAccessor _httpContextAccessor; + private readonly ILogger _logger; public RelayPushNotificationService( GlobalSettings globalSettings, - IHttpContextAccessor httpContextAccessor) - : base(globalSettings) + IHttpContextAccessor httpContextAccessor, + ILogger logger) + : base(globalSettings, logger) { _httpContextAccessor = httpContextAccessor; + _logger = logger; } public async Task PushSyncCipherCreateAsync(Cipher cipher) @@ -166,7 +170,15 @@ namespace Bit.Core.Services Method = HttpMethod.Post, RequestUri = new Uri(string.Concat(PushClient.BaseAddress, "/push/send")) }; - await PushClient.SendAsync(message); + + try + { + await PushClient.SendAsync(message); + } + catch(Exception e) + { + _logger.LogError(12334, e, "Unable to send push notification."); + } } private void ExcludeCurrentContext(PushSendRequestModel request) diff --git a/src/Core/Services/Implementations/RelayPushRegistrationService.cs b/src/Core/Services/Implementations/RelayPushRegistrationService.cs index 04d0bcb7ba..89839c2d53 100644 --- a/src/Core/Services/Implementations/RelayPushRegistrationService.cs +++ b/src/Core/Services/Implementations/RelayPushRegistrationService.cs @@ -5,14 +5,21 @@ using System; using Bit.Core.Models.Api; using Bit.Core.Enums; using System.Linq; +using Microsoft.Extensions.Logging; namespace Bit.Core.Services { public class RelayPushRegistrationService : BaseRelayPushNotificationService, IPushRegistrationService { - public RelayPushRegistrationService(GlobalSettings globalSettings) - : base(globalSettings) - { } + private readonly ILogger _logger; + + public RelayPushRegistrationService( + GlobalSettings globalSettings, + ILogger logger) + : base(globalSettings, logger) + { + _logger = logger; + } public async Task CreateOrUpdateRegistrationAsync(string pushToken, string deviceId, string userId, string identifier, DeviceType type) @@ -37,7 +44,15 @@ namespace Bit.Core.Services Method = HttpMethod.Post, RequestUri = new Uri(string.Concat(PushClient.BaseAddress, "/push/register")) }; - await PushClient.SendAsync(message); + + try + { + await PushClient.SendAsync(message); + } + catch(Exception e) + { + _logger.LogError(12335, e, "Unable to create push registration."); + } } public async Task DeleteRegistrationAsync(string deviceId) @@ -53,7 +68,15 @@ namespace Bit.Core.Services Method = HttpMethod.Delete, RequestUri = new Uri(string.Concat(PushClient.BaseAddress, "/push/", deviceId)) }; - await PushClient.SendAsync(message); + + try + { + await PushClient.SendAsync(message); + } + catch(Exception e) + { + _logger.LogError(12336, e, "Unable to delete push registration."); + } } public async Task AddUserRegistrationOrganizationAsync(IEnumerable deviceIds, string organizationId) @@ -75,7 +98,15 @@ namespace Bit.Core.Services Method = HttpMethod.Put, RequestUri = new Uri(string.Concat(PushClient.BaseAddress, "/push/add-organization")) }; - await PushClient.SendAsync(message); + + try + { + await PushClient.SendAsync(message); + } + catch(Exception e) + { + _logger.LogError(12337, e, "Unable to add user org push registration."); + } } public async Task DeleteUserRegistrationOrganizationAsync(IEnumerable deviceIds, string organizationId) @@ -97,7 +128,15 @@ namespace Bit.Core.Services Method = HttpMethod.Put, RequestUri = new Uri(string.Concat(PushClient.BaseAddress, "/push/delete-organization")) }; - await PushClient.SendAsync(message); + + try + { + await PushClient.SendAsync(message); + } + catch(Exception e) + { + _logger.LogError(12338, e, "Unable to delete user org push registration."); + } } } } diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs index 5556f5f7ef..0d758134ad 100644 --- a/src/Core/Services/Implementations/UserService.cs +++ b/src/Core/Services/Implementations/UserService.cs @@ -142,7 +142,7 @@ namespace Bit.Core.Services return await _userRepository.GetAccountRevisionDateAsync(userId); } - public async Task SaveUserAsync(User user) + public async Task SaveUserAsync(User user, bool push = false) { if(user.Id == default(Guid)) { @@ -152,8 +152,11 @@ namespace Bit.Core.Services user.RevisionDate = user.AccountRevisionDate = DateTime.UtcNow; await _userRepository.ReplaceAsync(user); - // push - await _pushService.PushSyncSettingsAsync(user.Id); + if(push) + { + // push + await _pushService.PushSyncSettingsAsync(user.Id); + } } public override async Task DeleteAsync(User user) @@ -540,7 +543,7 @@ namespace Bit.Core.Services IPaymentService paymentService = null; if(_globalSettings.SelfHosted) { - if(license == null || !_licenseService.VerifyLicense(license)) + if(license == null || !_licenseService.VerifyLicense(license) || !license.CanUse(user)) { throw new BadRequestException("Invalid license."); } @@ -605,7 +608,7 @@ namespace Bit.Core.Services throw new InvalidOperationException("Licenses require self hosting."); } - if(license == null || !_licenseService.VerifyLicense(license)) + if(license == null || !_licenseService.VerifyLicense(license) || !license.CanUse(user)) { throw new BadRequestException("Invalid license."); } diff --git a/util/Setup/Program.cs b/util/Setup/Program.cs index 0fd9d12e4c..58ae4ee6d4 100644 --- a/util/Setup/Program.cs +++ b/util/Setup/Program.cs @@ -303,7 +303,8 @@ SA_PASSWORD={dbPass}"); identityUri: ""{_url}/identity"", stripeKey: null, braintreeKey: null, - whitelistDomains: [""{_domain}""] + whitelistDomains: [""{_domain}""], + selfHosted: true }};"); } }