nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-20 02:48:03 -05:00
Code

Add initial get keys endpoint

Browse Source
This commit is contained in:
Bernd Schoolmann 2025-06-05 12:43:25 +02:00
parent 042d924d19
commit 83c84a7cc0
No known key found for this signature in database
7 changed files with 139 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
src/Api/Controllers/UsersController.cs
View File

@ -1,33 +0,0 @@
using Bit.Api.Models.Response;
using Bit.Core.Exceptions;
using Bit.Core.Repositories;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace Bit.Api.Controllers;
[Route("users")]
[Authorize("Application")]
public class UsersController : Controller
{
private readonly IUserRepository _userRepository;
public UsersController(
IUserRepository userRepository)
{
_userRepository = userRepository;
}
[HttpGet("{id}/public-key")]
public async Task<UserKeyResponseModel> Get(string id)
{
var guidId = new Guid(id);
var key = await _userRepository.GetPublicKeyAsync(guidId);
if (key == null)
{
throw new NotFoundException();
}
return new UserKeyResponseModel(guidId, key);
}
}

54
src/Api/KeyManagement/Controllers/UsersController.cs Normal file
View File

@ -0,0 +1,54 @@
using Bit.Api.KeyManagement.Models.Response;
using Bit.Core.Exceptions;
using Bit.Core.KeyManagement.Repositories;
using Bit.Core.Repositories;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using UserKeyResponseModel = Bit.Api.Models.Response.UserKeyResponseModel;
namespace Bit.Api.Controllers;
[Route("users")]
[Authorize("Application")]
public class UsersController : Controller
{
private readonly IUserRepository _userRepository;
private readonly IUserSignatureKeyPairRepository _signatureKeyPairRepository;
public UsersController(
IUserRepository userRepository,
IUserSignatureKeyPairRepository signatureKeyPairRepository)
{
_userRepository = userRepository;
_signatureKeyPairRepository = signatureKeyPairRepository;
}
[HttpGet("{id}/public-key")]
public async Task<UserKeyResponseModel> Get(string id)
{
var guidId = new Guid(id);
var key = await _userRepository.GetPublicKeyAsync(guidId);
if (key == null)
{
throw new NotFoundException();
}
return new UserKeyResponseModel(guidId, key);
}
[HttpGet("{id}/keys")]
public async Task<PublicKeysResponseModel> GetAccountKeys(string id)
{
var guidId = new Guid(id);
var user = await _userRepository.GetByIdAsync(guidId);
if (user == null)
{
throw new NotFoundException();
}
var signingKeys = await _signatureKeyPairRepository.GetByUserIdAsync(guidId);
var verifyingKey = signingKeys?.VerifyingKey;
return new PublicKeysResponseModel(verifyingKey, user.PublicKey, null);
}
}

30
src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs Normal file
View File

@ -0,0 +1,30 @@
using Bit.Core.KeyManagement.Models.Data;
using Bit.Core.Models.Api;
namespace Bit.Api.Models.Response;
/// <summary>
/// This response model is used to return keys of a user - downstream of the user key - to the client.
/// This includes the private keys (signature/encryption), and proof tying one to another. This could
/// also be used to contain further user-owned keys in the future (per-vault keys, etc). This should
/// not be used to contain keys not just owned by the user (e.g. organization keys).
/// </summary>
public class PrivateAccountKeysResponseModel : ResponseModel
{
public PrivateAccountKeysResponseModel(UserAccountKeysData accountKeys) : base("accountKeys")
{
if (accountKeys != null)
{
SignatureKeyPair = accountKeys.signatureKeyPairData;
}
PublicKeyEncryptionKeyPair = accountKeys.PublicKeyEncryptionKeyPairData;
}
public PrivateAccountKeysResponseModel() : base("accountKeys")
{
}
public SignatureKeyPairData SignatureKeyPair { get; set; }
public PublicKeyEncryptionKeyPairData PublicKeyEncryptionKeyPair { get; set; }
}

23
src/Api/KeyManagement/Models/Response/PublicKeysResponseModel.cs Normal file
View File

@ -0,0 +1,23 @@
using Bit.Core.Models.Api;
namespace Bit.Api.KeyManagement.Models.Response;
/// <summary>
/// This response model is used to return the public keys of a user, to any other registered user or entity on the server.
/// It can contain public keys (signature/encryption), and proofs between the two. It does not contain (encrypted) private keys.
/// </summary>
public class PublicKeysResponseModel : ResponseModel
{
public PublicKeysResponseModel(string verifyingKey, string publicKey, string signedPublicKey)
: base("publicKeys")
{
VerifyingKey = verifyingKey;
SignedPublicKey = signedPublicKey;
PublicKey = publicKey;
}
public string VerifyingKey { get; set; }
public string SignedPublicKey { get; set; }
[System.Obsolete("Use SignedPublicKey for new code.")]
public string PublicKey { get; set; }
}

16
src/Api/KeyManagement/Models/Response/UserKeyResponseModel.cs Normal file
View File

@ -0,0 +1,16 @@
using Bit.Core.Models.Api;
namespace Bit.Api.KeyManagement.Models.Response;
public class UserKeyResponseModel : ResponseModel
{
public UserKeyResponseModel(Guid id, string key)
: base("userKey")
{
UserId = id;
PublicKey = key;
}
public Guid UserId { get; set; }
public string PublicKey { get; set; }
}

9
src/Core/KeyManagement/Models/Data/PublicKeyEncryptionKeyPairData.cs Normal file
View File

@ -0,0 +1,9 @@
namespace Bit.Core.KeyManagement.Models.Data;
public class PublicKeyEncryptionKeyPairData
{
public string WrappedPrivateKey { get; set; }
public string SignedPublicKey { get; set; }
[System.Obsolete("Use SignedPublicKey instead for new code.")]
public string PublicKey { get; set; }
}

7
src/Core/KeyManagement/Models/Data/UserAccountKeysData.cs Normal file
View File

@ -0,0 +1,7 @@
namespace Bit.Core.KeyManagement.Models.Data;
public class UserAccountKeysData
{
public PublicKeyEncryptionKeyPairData PublicKeyEncryptionKeyPairData { get; set; }
public SignatureKeyPairData signatureKeyPairData { get; set; }
}