mirror of
https://github.com/bitwarden/server.git
synced 2025-07-13 05:38:25 -05:00
[PM-3569] Upgrade to Duende.Identity (#3185)
* Upgrade to Duende.Identity * Linting * Get rid of last IdentityServer4 package * Fix identity test since Duende returns additional configuration * Use Configure PostConfigure is ran after ASP.NET's PostConfigure so ConfigurationManager was already configured and our HttpHandler wasn't being respected. * Regenerate lockfiles * Move to 6.0.4 for patches * fixes with testing * Add additional grant type supported in 6.0.4 and beautify * Lockfile refresh * Reapply lockfiles * Apply change to new WebAuthn logic * When automated merging fails me --------- Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
This commit is contained in:
@ -5,9 +5,9 @@ using Bit.Core.Entities;
|
||||
using Bit.Core.Models.Api;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Identity.Models;
|
||||
using Duende.IdentityServer;
|
||||
using Duende.IdentityServer.Services;
|
||||
using IdentityModel;
|
||||
using IdentityServer4;
|
||||
using IdentityServer4.Services;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Localization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
@ -267,7 +267,7 @@ public class SsoController : Controller
|
||||
}
|
||||
}
|
||||
|
||||
private bool IsNativeClient(IdentityServer4.Models.AuthorizationRequest context)
|
||||
private bool IsNativeClient(Duende.IdentityServer.Models.AuthorizationRequest context)
|
||||
{
|
||||
return !context.RedirectUri.StartsWith("https", StringComparison.Ordinal)
|
||||
&& !context.RedirectUri.StartsWith("http", StringComparison.Ordinal);
|
||||
|
@ -1,5 +1,5 @@
|
||||
using Bit.Core.Settings;
|
||||
using IdentityServer4.Models;
|
||||
using Duende.IdentityServer.Models;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
using Bit.Core.Identity;
|
||||
using Bit.Core.IdentityServer;
|
||||
using Duende.IdentityServer.Models;
|
||||
using IdentityModel;
|
||||
using IdentityServer4.Models;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
||||
|
@ -1,13 +1,12 @@
|
||||
using IdentityServer4;
|
||||
using IdentityServer4.Extensions;
|
||||
using IdentityServer4.Models;
|
||||
using IdentityServer4.Services;
|
||||
using IdentityServer4.Stores;
|
||||
using IdentityServer4.Stores.Serialization;
|
||||
using Duende.IdentityServer;
|
||||
using Duende.IdentityServer.Extensions;
|
||||
using Duende.IdentityServer.Models;
|
||||
using Duende.IdentityServer.Services;
|
||||
using Duende.IdentityServer.Stores;
|
||||
using Duende.IdentityServer.Stores.Serialization;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
||||
// ref: https://raw.githubusercontent.com/IdentityServer/IdentityServer4/3.1.3/src/IdentityServer4/src/Stores/Default/DefaultAuthorizationCodeStore.cs
|
||||
public class AuthorizationCodeStore : DefaultGrantStore<AuthorizationCode>, IAuthorizationCodeStore
|
||||
{
|
||||
public AuthorizationCodeStore(
|
||||
|
@ -22,7 +22,7 @@ using Bit.Core.Services;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Tokens;
|
||||
using Bit.Core.Utilities;
|
||||
using IdentityServer4.Validation;
|
||||
using Duende.IdentityServer.Validation;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Caching.Distributed;
|
||||
|
||||
|
@ -11,9 +11,9 @@ using Bit.Core.SecretsManager.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Utilities;
|
||||
using Duende.IdentityServer.Models;
|
||||
using Duende.IdentityServer.Stores;
|
||||
using IdentityModel;
|
||||
using IdentityServer4.Models;
|
||||
using IdentityServer4.Stores;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
||||
|
@ -10,9 +10,9 @@ using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Tokens;
|
||||
using Duende.IdentityServer.Extensions;
|
||||
using Duende.IdentityServer.Validation;
|
||||
using IdentityModel;
|
||||
using IdentityServer4.Extensions;
|
||||
using IdentityServer4.Validation;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Caching.Distributed;
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
using Bit.Core.Auth.Repositories;
|
||||
using IdentityServer4.Models;
|
||||
using IdentityServer4.Stores;
|
||||
using Duende.IdentityServer.Models;
|
||||
using Duende.IdentityServer.Stores;
|
||||
using Grant = Bit.Core.Auth.Entities.Grant;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
@ -5,8 +5,8 @@ using Bit.Core.Identity;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Utilities;
|
||||
using IdentityServer4.Models;
|
||||
using IdentityServer4.Services;
|
||||
using Duende.IdentityServer.Models;
|
||||
using Duende.IdentityServer.Services;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
||||
|
@ -11,8 +11,8 @@ using Bit.Core.Services;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Tokens;
|
||||
using Bit.Core.Utilities;
|
||||
using IdentityServer4.Models;
|
||||
using IdentityServer4.Validation;
|
||||
using Duende.IdentityServer.Models;
|
||||
using Duende.IdentityServer.Validation;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Caching.Distributed;
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Settings;
|
||||
using IdentityServer4.Models;
|
||||
using Duende.IdentityServer.Models;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Utilities;
|
||||
using IdentityServer4.Services;
|
||||
using Duende.IdentityServer.Services;
|
||||
|
||||
namespace Bit.Identity.IdentityServer;
|
||||
|
||||
|
@ -11,9 +11,9 @@ using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Tokens;
|
||||
using Duende.IdentityServer.Models;
|
||||
using Duende.IdentityServer.Validation;
|
||||
using Fido2NetLib;
|
||||
using IdentityServer4.Models;
|
||||
using IdentityServer4.Validation;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Caching.Distributed;
|
||||
|
||||
|
@ -29,8 +29,8 @@ public class Program
|
||||
return e.Level >= globalSettings.MinLogLevel.IdentitySettings.IpRateLimit;
|
||||
}
|
||||
|
||||
if (context.Contains("IdentityServer4.Validation.TokenValidator") ||
|
||||
context.Contains("IdentityServer4.Validation.TokenRequestValidator"))
|
||||
if (context.Contains("Duende.IdentityServer.Validation.TokenValidator") ||
|
||||
context.Contains("Duende.IdentityServer.Validation.TokenRequestValidator"))
|
||||
{
|
||||
return e.Level >= globalSettings.MinLogLevel.IdentitySettings.IdentityToken;
|
||||
}
|
||||
|
@ -10,7 +10,7 @@ using Bit.Core.Settings;
|
||||
using Bit.Core.Utilities;
|
||||
using Bit.Identity.Utilities;
|
||||
using Bit.SharedWeb.Utilities;
|
||||
using IdentityServer4.Extensions;
|
||||
using Duende.IdentityServer.Extensions;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
using Microsoft.IdentityModel.Logging;
|
||||
using Microsoft.OpenApi.Models;
|
||||
|
@ -1,13 +1,13 @@
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Utilities;
|
||||
using IdentityServer4.Configuration;
|
||||
using IdentityServer4.Services;
|
||||
using IdentityServer4.Stores;
|
||||
using IdentityServer4.Validation;
|
||||
using Duende.IdentityServer.Configuration;
|
||||
using Duende.IdentityServer.Services;
|
||||
using Duende.IdentityServer.Stores;
|
||||
using Duende.IdentityServer.Validation;
|
||||
|
||||
namespace Bit.Identity.Utilities;
|
||||
|
||||
public class DiscoveryResponseGenerator : IdentityServer4.ResponseHandling.DiscoveryResponseGenerator
|
||||
public class DiscoveryResponseGenerator : Duende.IdentityServer.ResponseHandling.DiscoveryResponseGenerator
|
||||
{
|
||||
private readonly GlobalSettings _globalSettings;
|
||||
|
||||
|
@ -2,9 +2,9 @@
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Identity.IdentityServer;
|
||||
using Bit.SharedWeb.Utilities;
|
||||
using IdentityServer4.ResponseHandling;
|
||||
using IdentityServer4.Services;
|
||||
using IdentityServer4.Stores;
|
||||
using Duende.IdentityServer.ResponseHandling;
|
||||
using Duende.IdentityServer.Services;
|
||||
using Duende.IdentityServer.Stores;
|
||||
|
||||
namespace Bit.Identity.Utilities;
|
||||
|
||||
@ -35,6 +35,7 @@ public static class ServiceCollectionExtensions
|
||||
options.Authentication.CookieSameSiteMode = Microsoft.AspNetCore.Http.SameSiteMode.Unspecified;
|
||||
}
|
||||
options.InputLengthRestrictions.UserName = 256;
|
||||
options.KeyManagement.Enabled = false;
|
||||
})
|
||||
.AddInMemoryCaching()
|
||||
.AddInMemoryApiResources(ApiResources.GetApiResources())
|
||||
|
@ -193,6 +193,24 @@
|
||||
"Microsoft.Win32.Registry": "5.0.0"
|
||||
}
|
||||
},
|
||||
"Duende.IdentityServer": {
|
||||
"type": "Transitive",
|
||||
"resolved": "6.0.4",
|
||||
"contentHash": "4HVjzx1F8v5J+U7oa8RGAQGj2QzmzNSu87r18Sh+dlh10uyZZL8teAaT/FaVLDObnfItGdPFvN8mwpF/HkI3Xw==",
|
||||
"dependencies": {
|
||||
"Duende.IdentityServer.Storage": "6.0.4",
|
||||
"Microsoft.AspNetCore.Authentication.OpenIdConnect": "6.0.0"
|
||||
}
|
||||
},
|
||||
"Duende.IdentityServer.Storage": {
|
||||
"type": "Transitive",
|
||||
"resolved": "6.0.4",
|
||||
"contentHash": "s5gAjfbpr2IMgI+fU2Nx+2AZdzstmbt9gpo13iX7GwvqSeSaBVqj9ZskAN0R2KF1OemPdZuGnfaTcevdXMUrrw==",
|
||||
"dependencies": {
|
||||
"IdentityModel": "6.0.0",
|
||||
"Microsoft.AspNetCore.DataProtection.Abstractions": "6.0.0"
|
||||
}
|
||||
},
|
||||
"Fido2": {
|
||||
"type": "Transitive",
|
||||
"resolved": "3.0.1",
|
||||
@ -229,49 +247,8 @@
|
||||
},
|
||||
"IdentityModel": {
|
||||
"type": "Transitive",
|
||||
"resolved": "4.4.0",
|
||||
"contentHash": "b18wrIx5wnZlMxAX7oVsE+nDtAJ4hajYlH0xPlaRvo4r/fz08K6pPeZvbiqS9nfNbzfIgLFmNX+FL9qR9ZR5PA==",
|
||||
"dependencies": {
|
||||
"Newtonsoft.Json": "11.0.2",
|
||||
"System.Text.Encodings.Web": "4.7.0"
|
||||
}
|
||||
},
|
||||
"IdentityModel.AspNetCore.OAuth2Introspection": {
|
||||
"type": "Transitive",
|
||||
"resolved": "4.0.1",
|
||||
"contentHash": "ZNdMZMaj9fqR3j50vYsu+1U3QGd6n8+fqwf+a8mCTcmXGor+HgFDfdq0mM34bsmD6uEgAQup7sv2ZW5kR36dbA==",
|
||||
"dependencies": {
|
||||
"IdentityModel": "4.0.0"
|
||||
}
|
||||
},
|
||||
"IdentityServer4": {
|
||||
"type": "Transitive",
|
||||
"resolved": "4.1.2",
|
||||
"contentHash": "blaxxGuOA7v/w1q+fxn97wZ+x2ecG1ZD4mc/N/ZOXMNeFZZhqv+4LF26Gecyik3nWrJPmbMEtQbLmRsKG8k61w==",
|
||||
"dependencies": {
|
||||
"IdentityModel": "4.4.0",
|
||||
"IdentityServer4.Storage": "4.1.2",
|
||||
"Microsoft.AspNetCore.Authentication.OpenIdConnect": "3.1.0",
|
||||
"Microsoft.IdentityModel.Protocols.OpenIdConnect": "5.6.0",
|
||||
"Newtonsoft.Json": "12.0.2"
|
||||
}
|
||||
},
|
||||
"IdentityServer4.AccessTokenValidation": {
|
||||
"type": "Transitive",
|
||||
"resolved": "3.0.1",
|
||||
"contentHash": "qu/M6UyN4o9NVep7q545Ms7hYAnsQqSdLbN1Fjjrn4m35lyBfeQPSSNzDryAKHbodyWOQfHaOqKEyMEJQ5Rpgw==",
|
||||
"dependencies": {
|
||||
"IdentityModel.AspNetCore.OAuth2Introspection": "4.0.1",
|
||||
"Microsoft.AspNetCore.Authentication.JwtBearer": "3.0.0"
|
||||
}
|
||||
},
|
||||
"IdentityServer4.Storage": {
|
||||
"type": "Transitive",
|
||||
"resolved": "4.1.2",
|
||||
"contentHash": "KoSffyZyyeCNTIyJiZnCuPakJ1QbCHlpty6gbWUj/7yl+w0PXIchgmmJnJSvddzBb8iZ2xew/vGlxWUIP17P2g==",
|
||||
"dependencies": {
|
||||
"IdentityModel": "4.4.0"
|
||||
}
|
||||
"resolved": "6.0.0",
|
||||
"contentHash": "eVHCR7a6m/dm5RFcBzE3qs/Jg5j9R5Rjpu8aTOv9e4AFvaQtBXb5ah7kmwU+YwA0ufRwz4wf1hnIvsD2hSnI4g=="
|
||||
},
|
||||
"LaunchDarkly.Cache": {
|
||||
"type": "Transitive",
|
||||
@ -363,10 +340,10 @@
|
||||
},
|
||||
"Microsoft.AspNetCore.Authentication.OpenIdConnect": {
|
||||
"type": "Transitive",
|
||||
"resolved": "3.1.0",
|
||||
"contentHash": "O1cAQYUTU8EfRqwc5/rfTns4E4hKlFlg59fuKRrST+PzsxI6H07KqRN/JjdYhAuVYxF8jPnIGbj+zuc5paOWUw==",
|
||||
"resolved": "6.0.0",
|
||||
"contentHash": "cJxdro36spFzk/K2OFCddM6vZ+yoj6ug8mTFRH3Gdv1Pul/buSuCtfb/FSCp31UmS5S4C1315dU7wX3ErLFuDg==",
|
||||
"dependencies": {
|
||||
"Microsoft.IdentityModel.Protocols.OpenIdConnect": "5.5.0"
|
||||
"Microsoft.IdentityModel.Protocols.OpenIdConnect": "6.10.0"
|
||||
}
|
||||
},
|
||||
"Microsoft.AspNetCore.Cryptography.Internal": {
|
||||
@ -399,8 +376,8 @@
|
||||
},
|
||||
"Microsoft.AspNetCore.DataProtection.Abstractions": {
|
||||
"type": "Transitive",
|
||||
"resolved": "3.1.32",
|
||||
"contentHash": "MPL4iVyiaRxnOUY5VATHjvhDWaAEFb77KFiUxVRklv3Z3v+STofUr1UG/aCt1O9cgN7FVTDaC5A7U+zsLub8Xg=="
|
||||
"resolved": "6.0.0",
|
||||
"contentHash": "Z/UU4NEBm5UgNufJmw+j5baW26ytCOIZ0G7sZocPaOzsUeBon1bkM3lSMNZQG2GmDjAIVP2XMSODf2jzSGbibw=="
|
||||
},
|
||||
"Microsoft.Azure.Amqp": {
|
||||
"type": "Transitive",
|
||||
@ -2639,10 +2616,9 @@
|
||||
"BitPay.Light": "[1.0.1907, )",
|
||||
"Braintree": "[5.19.0, )",
|
||||
"DnsClient": "[1.7.0, )",
|
||||
"Duende.IdentityServer": "[6.0.4, )",
|
||||
"Fido2.AspNet": "[3.0.1, )",
|
||||
"Handlebars.Net": "[2.1.2, )",
|
||||
"IdentityServer4": "[4.1.2, )",
|
||||
"IdentityServer4.AccessTokenValidation": "[3.0.1, )",
|
||||
"LaunchDarkly.ServerSdk": "[8.0.0, )",
|
||||
"MailKit": "[4.2.0, )",
|
||||
"Microsoft.AspNetCore.Authentication.JwtBearer": "[6.0.4, )",
|
||||
|
Reference in New Issue
Block a user