[PS-93] Distributed Ip rate limiting (#2060)

* Upgrade AspNetCoreRateLimiter and enable redis distributed cache for rate limiting. - Upgrades AspNetCoreRateLimiter to 4.0.2, which required updating NewtonSoft.Json to 13.0.1. - Replaces Microsoft.Extensions.Caching.Redis with Microsoft.Extensions.Caching.StackExchangeRedis as the original was deprecated and conflicted with the latest AspNetCoreRateLimiter - Adds startup task to Program.cs for Api/Identity projects to support AspNetCoreRateLimiters breaking changes for seeding its stores. - Adds a Redis connection string option to GlobalSettings Signed-off-by: Shane Melton <smelton@bitwarden.com> * Cleanup Redis distributed cache registration - Add new AddDistributedCache service collection extension to add either a Memory or Redis distributed cache. - Remove distributed cache registration from Identity service collection extension. - Add IpRateLimitSeedStartupService.cs to run at application startup to seed the Ip rate limiting policies. Signed-off-by: Shane Melton <smelton@bitwarden.com> * Add caching configuration to SSO Startup.cs Signed-off-by: Shane Melton <smelton@bitwarden.com> * Add ProjectName as an instance name for Redis options Signed-off-by: Shane Melton <smelton@bitwarden.com> * Use distributed cache in CustomIpRateLimitMiddleware.cs Signed-off-by: Shane Melton <smelton@bitwarden.com> * Undo changes to Program.cs and launchSettings.json * Move new service collection extensions to SharedWeb * Upgrade Caching.StackExchangeRedis package to v6 * Cleanup and fix leftover merge conflicts * Remove use of Newtonsoft.Json in distributed cache extensions * Cleanup more formatting * Fix formatting * Fix startup issue caused by merge and fix integration test Signed-off-by: Shane Melton <smelton@bitwarden.com> * Linting fix Signed-off-by: Shane Melton <smelton@bitwarden.com>
2025-07-01 08:02:49 -05:00 · 2022-07-19 11:58:32 -07:00
parent 1764d2446e
commit 7d40b38352
39 changed files with 2331 additions and 1910 deletions
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@ -11,6 +11,7 @@ using System.Globalization;
 using Microsoft.IdentityModel.Logging;
 using Microsoft.OpenApi.Models;
 using Bit.SharedWeb.Utilities;
+using Microsoft.Extensions.DependencyInjection.Extensions;

 #if !OSS
 using Bit.CommCore.Utilities;
@ -61,22 +62,18 @@ namespace Bit.Api

            // Context
            services.AddScoped<ICurrentContext, CurrentContext>();
+            services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();

            // Caching
            services.AddMemoryCache();
+            services.AddDistributedCache(globalSettings);

            // BitPay
            services.AddSingleton<BitPayClient>();

            if (!globalSettings.SelfHosted)
            {
-                // Rate limiting
-                services.AddSingleton<IIpPolicyStore, MemoryCacheIpPolicyStore>();
-                services.AddSingleton<IRateLimitCounterStore, MemoryCacheRateLimitCounterStore>();
-                // Ref: https://github.com/stefanprodan/AspNetCoreRateLimit/issues/216
-                services.AddSingleton<IProcessingStrategy, AsyncKeyLockProcessingStrategy>();
-                // Ref: https://github.com/stefanprodan/AspNetCoreRateLimit/issues/66
-                services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>();
+                services.AddIpRateLimiting(globalSettings);
            }

            // Identity