[PM-1188] Server owner auth migration (#2825)

* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings

src/Core/Auth/Models/Data/EmergencyAccessDetails.cs

@@ -0,0 +1,14 @@
+
+using Bit.Core.Auth.Entities;
+
+namespace Bit.Core.Auth.Models.Data;
+
+public class EmergencyAccessDetails : EmergencyAccess
+{
+    public string GranteeName { get; set; }
+    public string GranteeEmail { get; set; }
+    public string GranteeAvatarColor { get; set; }
+    public string GrantorName { get; set; }
+    public string GrantorEmail { get; set; }
+    public string GrantorAvatarColor { get; set; }
+}

src/Core/Auth/Models/Data/EmergencyAccessNotify.cs

@@ -0,0 +1,11 @@
+
+using Bit.Core.Auth.Entities;
+
+namespace Bit.Core.Auth.Models.Data;
+
+public class EmergencyAccessNotify : EmergencyAccess
+{
+    public string GrantorEmail { get; set; }
+    public string GranteeName { get; set; }
+    public string GranteeEmail { get; set; }
+}

src/Core/Auth/Models/Data/EmergencyAccessViewData.cs

@@ -0,0 +1,10 @@
+using Bit.Core.Auth.Entities;
+using Bit.Core.Vault.Models.Data;
+
+namespace Bit.Core.Auth.Models.Data;
+
+public class EmergencyAccessViewData
+{
+    public EmergencyAccess EmergencyAccess { get; set; }
+    public IEnumerable<CipherDetails> Ciphers { get; set; }
+}

src/Core/Auth/Models/Data/SsoConfigurationData.cs

@@ -0,0 +1,125 @@
+using Bit.Core.Auth.Enums;
+using Bit.Core.Utilities;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+
+namespace Bit.Core.Auth.Models.Data;
+
+public class SsoConfigurationData
+{
+    private static string _oidcSigninPath = "/oidc-signin";
+    private static string _oidcSignedOutPath = "/oidc-signedout";
+    private static string _saml2ModulePath = "/saml2";
+
+    public static SsoConfigurationData Deserialize(string data)
+    {
+        return CoreHelpers.LoadClassFromJsonData<SsoConfigurationData>(data);
+    }
+
+    public string Serialize()
+    {
+        return CoreHelpers.ClassToJsonData(this);
+    }
+
+    public SsoType ConfigType { get; set; }
+
+    public bool KeyConnectorEnabled { get; set; }
+    public string KeyConnectorUrl { get; set; }
+
+    // OIDC
+    public string Authority { get; set; }
+    public string ClientId { get; set; }
+    public string ClientSecret { get; set; }
+    public string MetadataAddress { get; set; }
+    public OpenIdConnectRedirectBehavior RedirectBehavior { get; set; }
+    public bool GetClaimsFromUserInfoEndpoint { get; set; }
+    public string AdditionalScopes { get; set; }
+    public string AdditionalUserIdClaimTypes { get; set; }
+    public string AdditionalEmailClaimTypes { get; set; }
+    public string AdditionalNameClaimTypes { get; set; }
+    public string AcrValues { get; set; }
+    public string ExpectedReturnAcrValue { get; set; }
+
+    // SAML2 IDP
+    public string IdpEntityId { get; set; }
+    public string IdpSingleSignOnServiceUrl { get; set; }
+    public string IdpSingleLogoutServiceUrl { get; set; }
+    public string IdpX509PublicCert { get; set; }
+    public Saml2BindingType IdpBindingType { get; set; }
+    public bool IdpAllowUnsolicitedAuthnResponse { get; set; }
+    public string IdpArtifactResolutionServiceUrl { get => null; set { /*IGNORE*/ } }
+    public bool IdpDisableOutboundLogoutRequests { get; set; }
+    public string IdpOutboundSigningAlgorithm { get; set; }
+    public bool IdpWantAuthnRequestsSigned { get; set; }
+
+    // SAML2 SP
+    public Saml2NameIdFormat SpNameIdFormat { get; set; }
+    public string SpOutboundSigningAlgorithm { get; set; }
+    public Saml2SigningBehavior SpSigningBehavior { get; set; }
+    public bool SpWantAssertionsSigned { get; set; }
+    public bool SpValidateCertificates { get; set; }
+    public string SpMinIncomingSigningAlgorithm { get; set; }
+
+    public static string BuildCallbackPath(string ssoUri = null)
+    {
+        return BuildSsoUrl(_oidcSigninPath, ssoUri);
+    }
+
+    public static string BuildSignedOutCallbackPath(string ssoUri = null)
+    {
+        return BuildSsoUrl(_oidcSignedOutPath, ssoUri);
+    }
+
+    public static string BuildSaml2ModulePath(string ssoUri = null, string scheme = null)
+    {
+        return string.Concat(BuildSsoUrl(_saml2ModulePath, ssoUri),
+            string.IsNullOrWhiteSpace(scheme) ? string.Empty : $"/{scheme}");
+    }
+
+    public static string BuildSaml2AcsUrl(string ssoUri = null, string scheme = null)
+    {
+        return string.Concat(BuildSaml2ModulePath(ssoUri, scheme), "/Acs");
+    }
+
+    public static string BuildSaml2MetadataUrl(string ssoUri = null, string scheme = null)
+    {
+        return BuildSaml2ModulePath(ssoUri, scheme);
+    }
+
+    public IEnumerable<string> GetAdditionalScopes() => AdditionalScopes?
+        .Split(',')?
+        .Where(c => !string.IsNullOrWhiteSpace(c))?
+        .Select(c => c.Trim()) ??
+        Array.Empty<string>();
+
+    public IEnumerable<string> GetAdditionalUserIdClaimTypes() => AdditionalUserIdClaimTypes?
+        .Split(',')?
+        .Where(c => !string.IsNullOrWhiteSpace(c))?
+        .Select(c => c.Trim()) ??
+        Array.Empty<string>();
+
+    public IEnumerable<string> GetAdditionalEmailClaimTypes() => AdditionalEmailClaimTypes?
+        .Split(',')?
+        .Where(c => !string.IsNullOrWhiteSpace(c))?
+        .Select(c => c.Trim()) ??
+        Array.Empty<string>();
+
+    public IEnumerable<string> GetAdditionalNameClaimTypes() => AdditionalNameClaimTypes?
+        .Split(',')?
+        .Where(c => !string.IsNullOrWhiteSpace(c))?
+        .Select(c => c.Trim()) ??
+        Array.Empty<string>();
+
+    private static string BuildSsoUrl(string relativePath, string ssoUri)
+    {
+        if (string.IsNullOrWhiteSpace(ssoUri) ||
+            !Uri.IsWellFormedUriString(ssoUri, UriKind.Absolute))
+        {
+            return relativePath;
+        }
+        if (Uri.TryCreate(string.Concat(ssoUri.TrimEnd('/'), relativePath), UriKind.Absolute, out var newUri))
+        {
+            return newUri.ToString();
+        }
+        return relativePath;
+    }
+}