[PM-1188] Server owner auth migration (#2825)

* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings

.github/CODEOWNERS

@@ -2,5 +2,10 @@
 #
 # https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
 
+## Auth team files ##
+**/Auth @bitwarden/team-auth-dev
+bitwarden_license/src/Sso @bitwarden/team-auth-dev
+src/Identity @bitwarden/team-auth-dev
+
 **/SecretsManager @bitwarden/team-secrets-manager-dev
 **/Vault @bitwarden/team-vault-dev

bitwarden_license/src/Sso/Controllers/AccountController.cs

@@ -1,11 +1,14 @@
 using System.Security.Claims;
 using Bit.Core;
+using Bit.Core.Auth.Entities;
+using Bit.Core.Auth.Enums;
+using Bit.Core.Auth.Models;
+using Bit.Core.Auth.Models.Business.Tokenables;
+using Bit.Core.Auth.Models.Data;
+using Bit.Core.Auth.Repositories;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
-using Bit.Core.Models;
 using Bit.Core.Models.Api;
-using Bit.Core.Models.Business.Tokenables;
-using Bit.Core.Models.Data;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
 using Bit.Core.Settings;

bitwarden_license/src/Sso/Controllers/MetadataController.cs

@@ -1,4 +1,4 @@
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
 using Bit.Sso.Utilities;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Mvc;

bitwarden_license/src/Sso/Utilities/DynamicAuthenticationScheme.cs

@@ -1,4 +1,4 @@
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 using Sustainsys.Saml2.AspNetCore2;

bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs

@@ -1,8 +1,8 @@
 using System.Security.Cryptography.X509Certificates;
-using Bit.Core.Entities;
+using Bit.Core.Auth.Entities;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Models.Data;
+using Bit.Core.Auth.Models.Data;
-using Bit.Core.Repositories;
+using Bit.Core.Auth.Repositories;
 using Bit.Core.Settings;
 using Bit.Core.Utilities;
 using Bit.Sso.Models;

bitwarden_license/src/Sso/Utilities/IDynamicAuthenticationScheme.cs

@@ -1,4 +1,4 @@
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
 using Microsoft.AspNetCore.Authentication;
 
 namespace Bit.Sso.Utilities;

bitwarden_license/src/Sso/Utilities/SsoAuthenticationMiddleware.cs

@@ -1,4 +1,4 @@
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 using Sustainsys.Saml2.AspNetCore2;

src/Admin/Auth/Controllers/LoginController.cs

@@ -1,9 +1,9 @@
-using Bit.Admin.IdentityServer;
+using Bit.Admin.Auth.IdentityServer;
-using Bit.Admin.Models;
+using Bit.Admin.Auth.Models;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 
-namespace Bit.Admin.Controllers;
+namespace Bit.Admin.Auth.Controllers;
 
 public class LoginController : Controller
 {

src/Admin/Auth/IdentityServer/PasswordlessSignInManager.cs

@@ -3,7 +3,7 @@ using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Options;
 
-namespace Bit.Admin.IdentityServer;
+namespace Bit.Admin.Auth.IdentityServer;
 
 public class PasswordlessSignInManager<TUser> : SignInManager<TUser> where TUser : class
 {

src/Admin/Auth/Jobs/DatabaseExpiredGrantsJob.cs

@@ -3,7 +3,7 @@ using Bit.Core.Jobs;
 using Bit.Core.Repositories;
 using Quartz;
 
-namespace Bit.Admin.Jobs;
+namespace Bit.Admin.Auth.Jobs;
 
 public class DatabaseExpiredGrantsJob : BaseJob
 {

src/Admin/Auth/Jobs/DeleteAuthRequestsJob.cs

@@ -3,7 +3,7 @@ using Bit.Core.Jobs;
 using Bit.Core.Repositories;
 using Quartz;
 
-namespace Bit.Admin.Jobs;
+namespace Bit.Admin.Auth.Jobs;
 
 public class DeleteAuthRequestsJob : BaseJob
 {

src/Admin/Auth/Models/LoginModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Admin.Models;
+namespace Bit.Admin.Auth.Models;
 
 public class LoginModel
 {

src/Admin/Auth/Views/_ViewImports.cshtml

@@ -0,0 +1,5 @@
+@using Microsoft.AspNetCore.Identity
+@using Bit.Admin.Auth
+@using Bit.Admin.Auth.Models
+@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
+@addTagHelper "*, Admin"

src/Admin/Auth/Views/_ViewStart.cshtml

@@ -0,0 +1,3 @@
+@{
+    Layout = "_Layout";
+}

src/Admin/IdentityServer/ServiceCollectionExtensions.cs

@@ -1,5 +1,6 @@
-using Bit.Core.Entities;
+using Bit.Admin.Auth.IdentityServer;
-using Bit.Core.Identity;
+using Bit.Core.Auth.Identity;
+using Bit.Core.Entities;
 using Bit.Core.Settings;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection.Extensions;

src/Admin/Jobs/DeleteSendsJob.cs

@@ -1,4 +1,5 @@
-using Bit.Core;
+using Bit.Admin.Auth.Jobs;
+using Bit.Core;
 using Bit.Core.Jobs;
 using Bit.Core.Repositories;
 using Bit.Core.Services;

src/Admin/Jobs/JobsHostedService.cs

@@ -1,4 +1,5 @@
 using System.Runtime.InteropServices;
+using Bit.Admin.Auth.Jobs;
 using Bit.Core.Jobs;
 using Bit.Core.Settings;
 using Quartz;

src/Admin/Startup.cs

@@ -6,6 +6,7 @@ using Bit.Core.Utilities;
 using Bit.SharedWeb.Utilities;
 using Microsoft.AspNetCore.Identity;
 using Stripe;
+using Microsoft.AspNetCore.Mvc.Razor;
 
 #if !OSS
 using Bit.Commercial.Core.Utilities;
@@ -95,6 +96,11 @@ public class Startup
         });
         services.Configure<RouteOptions>(options => options.LowercaseUrls = true);
 
+        services.Configure<RazorViewEngineOptions>(o =>
+         {
+             o.ViewLocationFormats.Add("/Auth/Views/{1}/{0}.cshtml");
+         });
+
         // Jobs service
         Jobs.JobsHostedService.AddJobsServices(services, globalSettings.SelfHosted);
         services.AddHostedService<Jobs.JobsHostedService>();

src/Api/Auth/Controllers/AuthRequestsController.cs

@@ -1,7 +1,9 @@
-using Bit.Api.Models.Request;
+using Bit.Api.Auth.Models.Request;
+using Bit.Api.Auth.Models.Response;
 using Bit.Api.Models.Response;
+using Bit.Core.Auth.Entities;
+using Bit.Core.Auth.Exceptions;
 using Bit.Core.Context;
-using Bit.Core.Entities;
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
@@ -10,7 +12,7 @@ using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
-namespace Bit.Api.Controllers;
+namespace Bit.Api.Auth.Controllers;
 
 [Route("auth-requests")]
 [Authorize("Application")]

src/Api/Auth/Controllers/EmergencyAccessController.cs

@@ -1,7 +1,9 @@
-using Bit.Api.Models.Request;
+using Bit.Api.Auth.Models.Request;
+using Bit.Api.Auth.Models.Response;
 using Bit.Api.Models.Request.Organizations;
 using Bit.Api.Models.Response;
 using Bit.Api.Vault.Models.Response;
+using Bit.Core.Auth.Services;
 using Bit.Core.Entities;
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
@@ -10,7 +12,7 @@ using Bit.Core.Settings;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
-namespace Bit.Api.Controllers;
+namespace Bit.Api.Auth.Controllers;
 
 [Route("emergency-access")]
 [Authorize("Application")]

src/Api/Auth/Controllers/TwoFactorController.cs

@@ -1,12 +1,14 @@
-using Bit.Api.Models.Request;
+using Bit.Api.Auth.Models.Request;
-using Bit.Api.Models.Request.Accounts;
+using Bit.Api.Auth.Models.Request.Accounts;
+using Bit.Api.Auth.Models.Response.TwoFactor;
+using Bit.Api.Models.Request;
 using Bit.Api.Models.Response;
-using Bit.Api.Models.Response.TwoFactor;
+using Bit.Core.Auth.Enums;
+using Bit.Core.Auth.LoginFeatures.PasswordlessLogin.Interfaces;
+using Bit.Core.Auth.Utilities;
 using Bit.Core.Context;
 using Bit.Core.Entities;
-using Bit.Core.Enums;
 using Bit.Core.Exceptions;
-using Bit.Core.LoginFeatures.PasswordlessLogin.Interfaces;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
 using Bit.Core.Settings;
@@ -16,7 +18,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 
-namespace Bit.Api.Controllers;
+namespace Bit.Api.Auth.Controllers;
 
 [Route("two-factor")]
 [Authorize("Web")]

src/Api/Auth/Jobs/EmergencyAccessNotificationJob.cs

@@ -1,8 +1,8 @@
-using Bit.Core.Jobs;
+using Bit.Core.Auth.Services;
-using Bit.Core.Services;
+using Bit.Core.Jobs;
 using Quartz;
 
-namespace Bit.Api.Jobs;
+namespace Bit.Api.Auth.Jobs;
 
 public class EmergencyAccessNotificationJob : BaseJob
 {

src/Api/Auth/Jobs/EmergencyAccessTimeoutJob.cs

@@ -1,8 +1,8 @@
-using Bit.Core.Jobs;
+using Bit.Core.Auth.Services;
-using Bit.Core.Services;
+using Bit.Core.Jobs;
 using Quartz;
 
-namespace Bit.Api.Jobs;
+namespace Bit.Api.Auth.Jobs;
 
 public class EmergencyAccessTimeoutJob : BaseJob
 {

src/Api/Auth/Models/Public/AssociationWithPermissionsBaseModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Public;
+namespace Bit.Api.Auth.Models.Public;
 
 public abstract class AssociationWithPermissionsBaseModel
 {

src/Api/Auth/Models/Public/Request/AssociationWithPermissionsRequestModel.cs

@@ -1,6 +1,6 @@
 using Bit.Core.Models.Data;
 
-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.Auth.Models.Public.Request;
 
 public class AssociationWithPermissionsRequestModel : AssociationWithPermissionsBaseModel
 {

src/Api/Auth/Models/Public/Response/AssociationWithPermissionsResponseModel.cs

@@ -1,6 +1,6 @@
 using Bit.Core.Models.Data;
 
-namespace Bit.Api.Models.Public.Response;
+namespace Bit.Api.Auth.Models.Public.Response;
 
 public class AssociationWithPermissionsResponseModel : AssociationWithPermissionsBaseModel
 {

src/Api/Auth/Models/Request/Accounts/DeleteRecoverRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class DeleteRecoverRequestModel
 {

src/Api/Auth/Models/Request/Accounts/EmailRequestModel.cs

@@ -1,7 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using Bit.Core.Utilities;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class EmailRequestModel : SecretVerificationRequestModel
 {

src/Api/Auth/Models/Request/Accounts/EmailTokenRequestModel.cs

@@ -1,7 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using Bit.Core.Utilities;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class EmailTokenRequestModel : SecretVerificationRequestModel
 {

src/Api/Auth/Models/Request/Accounts/KdfRequestModel.cs

@@ -2,7 +2,7 @@
 using Bit.Core.Enums;
 using Bit.Core.Utilities;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class KdfRequestModel : PasswordRequestModel, IValidatableObject
 {

src/Api/Auth/Models/Request/Accounts/PasswordHintRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class PasswordHintRequestModel
 {

src/Api/Auth/Models/Request/Accounts/PasswordRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class PasswordRequestModel : SecretVerificationRequestModel
 {

src/Api/Auth/Models/Request/Accounts/RegenerateTwoFactorRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class RegenerateTwoFactorRequestModel
 {

src/Api/Auth/Models/Request/Accounts/SecretVerificationRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class SecretVerificationRequestModel : IValidatableObject
 {

src/Api/Auth/Models/Request/Accounts/SetKeyConnectorKeyRequestModel.cs

@@ -1,10 +1,10 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.Auth.Models.Api.Request.Accounts;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
-using Bit.Core.Models.Api.Request.Accounts;
 using Bit.Core.Utilities;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class SetKeyConnectorKeyRequestModel : IValidatableObject
 {

src/Api/Auth/Models/Request/Accounts/SetPasswordRequestModel.cs

@@ -1,10 +1,10 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.Auth.Models.Api.Request.Accounts;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
-using Bit.Core.Models.Api.Request.Accounts;
 using Bit.Core.Utilities;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class SetPasswordRequestModel : IValidatableObject
 {

src/Api/Auth/Models/Request/Accounts/UpdateKeyRequestModel.cs

@@ -1,7 +1,8 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Api.Models.Request;
 using Bit.Api.Vault.Models.Request;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class UpdateKeyRequestModel
 {

src/Api/Auth/Models/Request/Accounts/UpdateProfileRequestModel.cs

@@ -1,7 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using Bit.Core.Entities;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class UpdateProfileRequestModel
 {

src/Api/Auth/Models/Request/Accounts/UpdateTempPasswordRequestModel.cs

@@ -1,7 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using Bit.Api.Models.Request.Organizations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class UpdateTempPasswordRequestModel : OrganizationUserResetPasswordRequestModel
 {

src/Api/Auth/Models/Request/Accounts/VerifyDeleteRecoverRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class VerifyDeleteRecoverRequestModel
 {

src/Api/Auth/Models/Request/Accounts/VerifyEmailRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class VerifyEmailRequestModel
 {

src/Api/Auth/Models/Request/Accounts/VerifyOTPRequestModel.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.Auth.Models.Request.Accounts;
 
 public class VerifyOTPRequestModel
 {

src/Api/Auth/Models/Request/AuthRequestRequestModel.cs

@@ -1,8 +1,8 @@
 using System.ComponentModel.DataAnnotations;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
 using Newtonsoft.Json;
 
-namespace Bit.Api.Models.Request;
+namespace Bit.Api.Auth.Models.Request;
 
 public class AuthRequestCreateRequestModel
 {

src/Api/Auth/Models/Request/EmergencyAccessRequstModels.cs

@@ -1,9 +1,9 @@
 using System.ComponentModel.DataAnnotations;
-using Bit.Core.Entities;
+using Bit.Core.Auth.Entities;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
 using Bit.Core.Utilities;
 
-namespace Bit.Api.Models.Request;
+namespace Bit.Api.Auth.Models.Request;
 
 public class EmergencyAccessInviteRequestModel
 {

src/Api/Auth/Models/Request/OrganizationSsoRequestModel.cs

@@ -2,15 +2,15 @@
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using System.Text.RegularExpressions;
-using Bit.Core.Entities;
+using Bit.Core.Auth.Entities;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Models.Data;
+using Bit.Core.Auth.Models.Data;
 using Bit.Core.Services;
 using Bit.Core.Sso;
 using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 
-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.Auth.Models.Request.Organizations;
 
 public class OrganizationSsoRequestModel
 {

src/Api/Auth/Models/Request/TwoFactorRequestModels.cs

@@ -1,12 +1,12 @@
 using System.ComponentModel.DataAnnotations;
-using Bit.Api.Models.Request.Accounts;
+using Bit.Api.Auth.Models.Request.Accounts;
+using Bit.Core.Auth.Enums;
+using Bit.Core.Auth.Models;
+using Bit.Core.Auth.Utilities;
 using Bit.Core.Entities;
-using Bit.Core.Enums;
-using Bit.Core.Models;
-using Bit.Core.Utilities;
 using Fido2NetLib;
 
-namespace Bit.Api.Models.Request;
+namespace Bit.Api.Auth.Models.Request;
 
 public class UpdateTwoFactorAuthenticatorRequestModel : SecretVerificationRequestModel
 {

src/Api/Auth/Models/Response/AuthRequestResponseModel.cs

@@ -1,9 +1,9 @@
 using System.ComponentModel.DataAnnotations;
 using System.Reflection;
-using Bit.Core.Entities;
+using Bit.Core.Auth.Entities;
 using Bit.Core.Models.Api;
 
-namespace Bit.Api.Models.Response;
+namespace Bit.Api.Auth.Models.Response;
 
 public class AuthRequestResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/EmergencyAccessResponseModel.cs

@@ -1,12 +1,14 @@
 using Bit.Api.Vault.Models.Response;
+using Bit.Core.Auth.Entities;
+using Bit.Core.Auth.Enums;
+using Bit.Core.Auth.Models.Data;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Api;
-using Bit.Core.Models.Data;
 using Bit.Core.Settings;
 using Bit.Core.Vault.Models.Data;
 
-namespace Bit.Api.Models.Response;
+namespace Bit.Api.Auth.Models.Response;
 
 public class EmergencyAccessResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/OrganizationSsoResponseModel.cs

@@ -1,9 +1,10 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Entities;
+using Bit.Core.Auth.Models.Data;
+using Bit.Core.Entities;
 using Bit.Core.Models.Api;
-using Bit.Core.Models.Data;
 using Bit.Core.Settings;
 
-namespace Bit.Api.Models.Response.Organizations;
+namespace Bit.Api.Auth.Models.Response.Organizations;
 
 public class OrganizationSsoResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/TwoFactor/TwoFactorAuthenticatorResponseModel.cs

@@ -1,9 +1,9 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 using OtpNet;
 
-namespace Bit.Api.Models.Response.TwoFactor;
+namespace Bit.Api.Auth.Models.Response.TwoFactor;
 
 public class TwoFactorAuthenticatorResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/TwoFactor/TwoFactorDuoResponseModel.cs

@@ -1,9 +1,9 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Models;
-using Bit.Core.Models;
+using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 
-namespace Bit.Api.Models.Response.TwoFactor;
+namespace Bit.Api.Auth.Models.Response.TwoFactor;
 
 public class TwoFactorDuoResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/TwoFactor/TwoFactorEmailResponseModel.cs

@@ -1,8 +1,8 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 
-namespace Bit.Api.Models.Response.TwoFactor;
+namespace Bit.Api.Auth.Models.Response.TwoFactor;
 
 public class TwoFactorEmailResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/TwoFactor/TwoFactorProviderResponseModel.cs

@@ -1,9 +1,9 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Models;
-using Bit.Core.Models;
+using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 
-namespace Bit.Api.Models.Response.TwoFactor;
+namespace Bit.Api.Auth.Models.Response.TwoFactor;
 
 public class TwoFactorProviderResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/TwoFactor/TwoFactorRecoverResponseModel.cs

@@ -1,7 +1,7 @@
 using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 
-namespace Bit.Api.Models.Response.TwoFactor;
+namespace Bit.Api.Auth.Models.Response.TwoFactor;
 
 public class TwoFactorRecoverResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/TwoFactor/TwoFactorWebAuthnResponseModel.cs

@@ -1,9 +1,9 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Models;
-using Bit.Core.Models;
+using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 
-namespace Bit.Api.Models.Response.TwoFactor;
+namespace Bit.Api.Auth.Models.Response.TwoFactor;
 
 public class TwoFactorWebAuthnResponseModel : ResponseModel
 {

src/Api/Auth/Models/Response/TwoFactor/TwoFactorYubiKeyResponseModel.cs

@@ -1,8 +1,8 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 
-namespace Bit.Api.Models.Response.TwoFactor;
+namespace Bit.Api.Auth.Models.Response.TwoFactor;
 
 public class TwoFactorYubiKeyResponseModel : ResponseModel
 {

src/Api/Controllers/AccountsController.cs

@@ -1,14 +1,17 @@
-using Bit.Api.Models.Request;
+using Bit.Api.Auth.Models.Request.Accounts;
+using Bit.Api.Models.Request;
 using Bit.Api.Models.Request.Accounts;
 using Bit.Api.Models.Response;
 using Bit.Api.Utilities;
 using Bit.Core;
+using Bit.Core.Auth.Models.Api.Request.Accounts;
+using Bit.Core.Auth.Models.Api.Response.Accounts;
+using Bit.Core.Auth.Services;
+using Bit.Core.Auth.Utilities;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Enums.Provider;
 using Bit.Core.Exceptions;
-using Bit.Core.Models.Api.Request.Accounts;
-using Bit.Core.Models.Api.Response.Accounts;
 using Bit.Core.Models.Business;
 using Bit.Core.Models.Data;
 using Bit.Core.Repositories;

src/Api/Controllers/OrganizationsController.cs

@@ -1,10 +1,15 @@
 using System.Text.Json;
+using Bit.Api.Auth.Models.Request.Accounts;
+using Bit.Api.Auth.Models.Request.Organizations;
+using Bit.Api.Auth.Models.Response.Organizations;
 using Bit.Api.Models.Request;
 using Bit.Api.Models.Request.Accounts;
 using Bit.Api.Models.Request.Organizations;
 using Bit.Api.Models.Response;
 using Bit.Api.Models.Response.Organizations;
 using Bit.Api.SecretsManager;
+using Bit.Core.Auth.Repositories;
+using Bit.Core.Auth.Services;
 using Bit.Core.Context;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;

src/Api/Jobs/JobsHostedService.cs

@@ -1,4 +1,5 @@
-using Bit.Core.Jobs;
+using Bit.Api.Auth.Jobs;
+using Bit.Core.Jobs;
 using Bit.Core.Settings;
 using Quartz;
 

src/Api/Models/Public/Request/CollectionUpdateRequestModel.cs

@@ -1,4 +1,5 @@
-using Bit.Core.Entities;
+using Bit.Api.Auth.Models.Public.Request;
+using Bit.Core.Entities;
 
 namespace Bit.Api.Models.Public.Request;
 

src/Api/Models/Public/Request/GroupCreateUpdateRequestModel.cs

@@ -1,4 +1,5 @@
-using Bit.Core.Entities;
+using Bit.Api.Auth.Models.Public.Request;
+using Bit.Core.Entities;
 
 namespace Bit.Api.Models.Public.Request;
 

src/Api/Models/Public/Request/MemberUpdateRequestModel.cs

@@ -1,4 +1,5 @@
-using Bit.Core.Entities;
+using Bit.Api.Auth.Models.Public.Request;
+using Bit.Core.Entities;
 
 namespace Bit.Api.Models.Public.Request;
 

src/Api/Models/Public/Response/CollectionResponseModel.cs

@@ -1,4 +1,5 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Api.Auth.Models.Public.Response;
 using Bit.Core.Entities;
 using Bit.Core.Models.Data;
 

src/Api/Models/Public/Response/GroupResponseModel.cs

@@ -1,4 +1,5 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Api.Auth.Models.Public.Response;
 using Bit.Core.Entities;
 using Bit.Core.Models.Data;
 

src/Api/Models/Public/Response/MemberResponseModel.cs

@@ -1,4 +1,5 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Api.Auth.Models.Public.Response;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data;

src/Api/Models/Request/Accounts/OrganizationApiKeyRequestModel.cs

@@ -1,4 +1,5 @@
-using Bit.Core.Enums;
+using Bit.Api.Auth.Models.Request.Accounts;
+using Bit.Core.Enums;
 
 namespace Bit.Api.Models.Request.Accounts;
 

src/Api/Models/Request/Organizations/OrganizationUserRequestModels.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 using System.Text.Json;
-using Bit.Api.Models.Request.Accounts;
+using Bit.Api.Auth.Models.Request.Accounts;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data;

src/Api/Models/Response/ProfileOrganizationResponseModel.cs

@@ -1,4 +1,5 @@
-using Bit.Core.Enums;
+using Bit.Core.Auth.Models.Data;
+using Bit.Core.Enums;
 using Bit.Core.Enums.Provider;
 using Bit.Core.Models.Api;
 using Bit.Core.Models.Data;

src/Api/Startup.cs

@@ -1,7 +1,6 @@
 using Bit.Api.Utilities;
 using Bit.Core;
 using Bit.Core.Context;
-using Bit.Core.Identity;
 using Bit.Core.Settings;
 using AspNetCoreRateLimit;
 using Stripe;
@@ -13,6 +12,7 @@ using Microsoft.IdentityModel.Logging;
 using Microsoft.OpenApi.Models;
 using Bit.SharedWeb.Utilities;
 using Microsoft.Extensions.DependencyInjection.Extensions;
+using Bit.Core.Auth.Identity;
 
 #if !OSS
 using Bit.Commercial.Core.SecretsManager;

src/Api/Vault/Controllers/CiphersController.cs

@@ -1,5 +1,6 @@
 using System.Text.Json;
 using Azure.Messaging.EventGrid;
+using Bit.Api.Auth.Models.Request.Accounts;
 using Bit.Api.Models.Request.Accounts;
 using Bit.Api.Models.Request.Organizations;
 using Bit.Api.Models.Response;

src/Core/Auth/Entities/AuthRequest.cs

@@ -1,7 +1,9 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.Entities;
+using Bit.Core.Enums;
 using Bit.Core.Utilities;
 
-namespace Bit.Core.Entities;
+namespace Bit.Core.Auth.Entities;
 
 public class AuthRequest : ITableObject<Guid>
 {
@@ -10,7 +12,7 @@ public class AuthRequest : ITableObject<Guid>
     public Enums.AuthRequestType Type { get; set; }
     [MaxLength(50)]
     public string RequestDeviceIdentifier { get; set; }
-    public Enums.DeviceType RequestDeviceType { get; set; }
+    public DeviceType RequestDeviceType { get; set; }
     [MaxLength(50)]
     public string RequestIpAddress { get; set; }
     public Guid? ResponseDeviceId { get; set; }

src/Core/Auth/Entities/EmergencyAccess.cs

@@ -1,8 +1,9 @@
 using System.ComponentModel.DataAnnotations;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Enums;
+using Bit.Core.Entities;
 using Bit.Core.Utilities;
 
-namespace Bit.Core.Entities;
+namespace Bit.Core.Auth.Entities;
 
 public class EmergencyAccess : ITableObject<Guid>
 {

src/Core/Auth/Entities/Grant.cs

@@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 
-namespace Bit.Core.Entities;
+namespace Bit.Core.Auth.Entities;
 
 public class Grant
 {

src/Core/Auth/Entities/SsoConfig.cs

@@ -1,6 +1,7 @@
-using Bit.Core.Models.Data;
+using Bit.Core.Auth.Models.Data;
+using Bit.Core.Entities;
 
-namespace Bit.Core.Entities;
+namespace Bit.Core.Auth.Entities;
 
 public class SsoConfig : ITableObject<long>
 {

src/Core/Auth/Entities/SsoUser.cs

@@ -1,6 +1,7 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.Entities;
 
-namespace Bit.Core.Entities;
+namespace Bit.Core.Auth.Entities;
 
 public class SsoUser : ITableObject<long>
 {

src/Core/Auth/Enums/AuthRequestType.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum AuthRequestType : byte
 {

src/Core/Auth/Enums/EmergencyAccessStatusType.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum EmergencyAccessStatusType : byte
 {

src/Core/Auth/Enums/EmergencyAccessType.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum EmergencyAccessType : byte
 {

src/Core/Auth/Enums/Saml2BindingType.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum Saml2BindingType : byte
 {

src/Core/Auth/Enums/Saml2NameIdFormat.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum Saml2NameIdFormat : byte
 {

src/Core/Auth/Enums/Saml2SigningBehavior.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum Saml2SigningBehavior : byte
 {

src/Core/Auth/Enums/SsoType.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum SsoType : byte
 {

src/Core/Auth/Enums/TwoFactorProviderType.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Enums;
+namespace Bit.Core.Auth.Enums;
 
 public enum TwoFactorProviderType : byte
 {

src/Core/Auth/Exceptions/DuplicateAuthRequestException.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.Exceptions;
+namespace Bit.Core.Auth.Exceptions;
 
 public class DuplicateAuthRequestException : Exception
 {

src/Core/Auth/Identity/AuthenticatorTokenProvider.cs

@@ -1,11 +1,11 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Entities;
 using Bit.Core.Services;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using OtpNet;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class AuthenticatorTokenProvider : IUserTwoFactorTokenProvider<User>
 {

src/Core/Auth/Identity/DuoWebTokenProvider.cs

@@ -1,13 +1,13 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Models;
-using Bit.Core.Models;
+using Bit.Core.Auth.Utilities.Duo;
+using Bit.Core.Entities;
 using Bit.Core.Services;
 using Bit.Core.Settings;
-using Bit.Core.Utilities.Duo;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class DuoWebTokenProvider : IUserTwoFactorTokenProvider<User>
 {

src/Core/Auth/Identity/EmailTokenProvider.cs

@@ -1,11 +1,11 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Models;
-using Bit.Core.Models;
+using Bit.Core.Entities;
 using Bit.Core.Services;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class EmailTokenProvider : IUserTwoFactorTokenProvider<User>
 {

src/Core/Auth/Identity/IOrganizationTwoFactorTokenProvider.cs

@@ -1,6 +1,6 @@
 using Bit.Core.Entities;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public interface IOrganizationTwoFactorTokenProvider
 {

src/Core/Auth/Identity/LowerInvariantLookupNormalizer.cs

@@ -1,6 +1,6 @@
 using Microsoft.AspNetCore.Identity;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class LowerInvariantLookupNormalizer : ILookupNormalizer
 {

src/Core/Auth/Identity/OrganizationDuoWebTokenProvider.cs

@@ -1,10 +1,10 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Auth.Models;
-using Bit.Core.Models;
+using Bit.Core.Auth.Utilities.Duo;
+using Bit.Core.Entities;
 using Bit.Core.Settings;
-using Bit.Core.Utilities.Duo;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public interface IOrganizationDuoWebTokenProvider : IOrganizationTwoFactorTokenProvider { }
 

src/Core/Auth/Identity/RoleStore.cs

@@ -1,7 +1,7 @@
 using Bit.Core.Entities;
 using Microsoft.AspNetCore.Identity;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class RoleStore : IRoleStore<Role>
 {

src/Core/Auth/Identity/TwoFactorRememberTokenProvider.cs

@@ -4,7 +4,7 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class TwoFactorRememberTokenProvider : DataProtectorTokenProvider<User>
 {

src/Core/Auth/Identity/UserStore.cs

@@ -5,7 +5,7 @@ using Bit.Core.Services;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class UserStore :
     IUserStore<User>,

src/Core/Auth/Identity/WebAuthnTokenProvider.cs

@@ -1,7 +1,7 @@
 using System.Text.Json;
+using Bit.Core.Auth.Enums;
+using Bit.Core.Auth.Models;
 using Bit.Core.Entities;
-using Bit.Core.Enums;
-using Bit.Core.Models;
 using Bit.Core.Services;
 using Bit.Core.Settings;
 using Bit.Core.Utilities;
@@ -10,7 +10,7 @@ using Fido2NetLib.Objects;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class WebAuthnTokenProvider : IUserTwoFactorTokenProvider<User>
 {

src/Core/Auth/Identity/YubicoOtpTokenProvider.cs

@@ -1,12 +1,12 @@
-using Bit.Core.Entities;
+using Bit.Core.Auth.Enums;
-using Bit.Core.Enums;
+using Bit.Core.Entities;
 using Bit.Core.Services;
 using Bit.Core.Settings;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using YubicoDotNetClient;
 
-namespace Bit.Core.Identity;
+namespace Bit.Core.Auth.Identity;
 
 public class YubicoOtpTokenProvider : IUserTwoFactorTokenProvider<User>
 {

src/Core/Auth/IdentityServer/TokenRetrieval.cs

@@ -1,6 +1,6 @@
 using Microsoft.AspNetCore.Http;
 
-namespace Bit.Core.IdentityServer;
+namespace Bit.Core.Auth.IdentityServer;
 
 public static class TokenRetrieval
 {

src/Core/Auth/LoginFeatures/LoginServiceCollectionExtensions.cs

@@ -1,8 +1,8 @@
-using Bit.Core.LoginFeatures.PasswordlessLogin;
+using Bit.Core.Auth.LoginFeatures.PasswordlessLogin;
-using Bit.Core.LoginFeatures.PasswordlessLogin.Interfaces;
+using Bit.Core.Auth.LoginFeatures.PasswordlessLogin.Interfaces;
 using Microsoft.Extensions.DependencyInjection;
 
-namespace Bit.Core.LoginFeatures;
+namespace Bit.Core.Auth.LoginFeatures;
 
 public static class LoginServiceCollectionExtensions
 {

src/Core/Auth/LoginFeatures/PasswordlessLogin/Interfaces/IVerifyAuthRequest.cs

@@ -1,4 +1,4 @@
-namespace Bit.Core.LoginFeatures.PasswordlessLogin.Interfaces;
+namespace Bit.Core.Auth.LoginFeatures.PasswordlessLogin.Interfaces;
 
 public interface IVerifyAuthRequestCommand
 {

src/Core/Auth/LoginFeatures/PasswordlessLogin/VerifyAuthRequest.cs

@@ -1,8 +1,8 @@
-using Bit.Core.LoginFeatures.PasswordlessLogin.Interfaces;
+using Bit.Core.Auth.LoginFeatures.PasswordlessLogin.Interfaces;
 using Bit.Core.Repositories;
 using Bit.Core.Utilities;
 
-namespace Bit.Core.LoginFeatures.PasswordlessLogin;
+namespace Bit.Core.Auth.LoginFeatures.PasswordlessLogin;
 
 public class VerifyAuthRequestCommand : IVerifyAuthRequestCommand
 {