mirror of
https://github.com/bitwarden/server.git
synced 2025-04-15 18:18:12 -05:00
added licensing apis, refactored some services
This commit is contained in:
Kyle Spearrin
parent
ccd6b784be
commit
8b947cafaf
@ -421,7 +421,8 @@ namespace Bit.Api.Controllers
|
|||||||
{
|
{
|
||||||
var paymentService = user.GetPaymentService(_globalSettings);
|
var paymentService = user.GetPaymentService(_globalSettings);
|
||||||
var billingInfo = await paymentService.GetBillingAsync(user);
|
var billingInfo = await paymentService.GetBillingAsync(user);
|
||||||
return new BillingResponseModel(user, billingInfo, _licenseService);
|
var license = await _userService.GenerateLicenseAsync(user, billingInfo);
|
||||||
|
return new BillingResponseModel(user, billingInfo, license);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|||||||
78
src/Api/Controllers/LicensesController.cs
Normal file
78
src/Api/Controllers/LicensesController.cs
Normal file
@ -0,0 +1,78 @@
|
|||||||
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
using Bit.Core.Services;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using Bit.Core;
|
||||||
|
using System.Threading.Tasks;
|
||||||
|
using Bit.Api.Utilities;
|
||||||
|
using Bit.Core.Models.Business;
|
||||||
|
using Bit.Core.Exceptions;
|
||||||
|
using Bit.Core.Repositories;
|
||||||
|
using System;
|
||||||
|
|
||||||
|
namespace Bit.Api.Controllers
|
||||||
|
{
|
||||||
|
[Route("licenses")]
|
||||||
|
[Authorize("Licensing")]
|
||||||
|
[SelfHosted(NotSelfHostedOnly = true)]
|
||||||
|
public class LicensesController : Controller
|
||||||
|
{
|
||||||
|
private readonly ILicensingService _licensingService;
|
||||||
|
private readonly IUserRepository _userRepository;
|
||||||
|
private readonly IUserService _userService;
|
||||||
|
private readonly IOrganizationRepository _organizationRepository;
|
||||||
|
private readonly IOrganizationService _organizationService;
|
||||||
|
private readonly CurrentContext _currentContext;
|
||||||
|
|
||||||
|
public LicensesController(
|
||||||
|
ILicensingService licensingService,
|
||||||
|
IUserRepository userRepository,
|
||||||
|
IUserService userService,
|
||||||
|
IOrganizationRepository organizationRepository,
|
||||||
|
IOrganizationService organizationService,
|
||||||
|
CurrentContext currentContext)
|
||||||
|
{
|
||||||
|
_licensingService = licensingService;
|
||||||
|
_userRepository = userRepository;
|
||||||
|
_userService = userService;
|
||||||
|
_organizationRepository = organizationRepository;
|
||||||
|
_organizationService = organizationService;
|
||||||
|
_currentContext = currentContext;
|
||||||
|
}
|
||||||
|
|
||||||
|
[HttpGet("user/{id}")]
|
||||||
|
public async Task<UserLicense> GetUser(string id, [FromQuery]string key)
|
||||||
|
{
|
||||||
|
var user = await _userRepository.GetByIdAsync(new Guid(id));
|
||||||
|
if(user == null)
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
else if(!user.LicenseKey.Equals(key))
|
||||||
|
{
|
||||||
|
await Task.Delay(2000);
|
||||||
|
throw new BadRequestException("Invalid license key.");
|
||||||
|
}
|
||||||
|
|
||||||
|
var license = await _userService.GenerateLicenseAsync(user, null);
|
||||||
|
return license;
|
||||||
|
}
|
||||||
|
|
||||||
|
[HttpGet("organization/{id}")]
|
||||||
|
public async Task<OrganizationLicense> GetOrganization(string id, [FromQuery]string key)
|
||||||
|
{
|
||||||
|
var org = await _organizationRepository.GetByIdAsync(new Guid(id));
|
||||||
|
if(org == null)
|
||||||
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
else if(!org.LicenseKey.Equals(key))
|
||||||
|
{
|
||||||
|
await Task.Delay(2000);
|
||||||
|
throw new BadRequestException("Invalid license key.");
|
||||||
|
}
|
||||||
|
|
||||||
|
var license = await _organizationService.GenerateLicenseAsync(org, _currentContext.InstallationId.Value);
|
||||||
|
return license;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -97,6 +97,11 @@ namespace Bit.Api
|
|||||||
policy.RequireAuthenticatedUser();
|
policy.RequireAuthenticatedUser();
|
||||||
policy.RequireClaim(JwtClaimTypes.Scope, "api.push");
|
policy.RequireClaim(JwtClaimTypes.Scope, "api.push");
|
||||||
});
|
});
|
||||||
|
config.AddPolicy("Licensing", policy =>
|
||||||
|
{
|
||||||
|
policy.RequireAuthenticatedUser();
|
||||||
|
policy.RequireClaim(JwtClaimTypes.Scope, "api.licensing");
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
services.AddScoped<AuthenticatorTokenProvider>();
|
services.AddScoped<AuthenticatorTokenProvider>();
|
||||||
@ -190,7 +195,7 @@ namespace Bit.Api
|
|||||||
var options = new IdentityServerAuthenticationOptions
|
var options = new IdentityServerAuthenticationOptions
|
||||||
{
|
{
|
||||||
Authority = globalSettings.BaseServiceUri.InternalIdentity,
|
Authority = globalSettings.BaseServiceUri.InternalIdentity,
|
||||||
AllowedScopes = new string[] { "api", "api.push" },
|
AllowedScopes = new string[] { "api", "api.push", "api.licensing" },
|
||||||
RequireHttpsMetadata = !env.IsDevelopment() && globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https"),
|
RequireHttpsMetadata = !env.IsDevelopment() && globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https"),
|
||||||
NameClaimType = ClaimTypes.Email,
|
NameClaimType = ClaimTypes.Email,
|
||||||
// Suffix until we retire the old jwt schemes.
|
// Suffix until we retire the old jwt schemes.
|
||||||
|
|||||||
@ -21,7 +21,8 @@ namespace Bit.Core.IdentityServer
|
|||||||
"orgadmin",
|
"orgadmin",
|
||||||
"orguser"
|
"orguser"
|
||||||
}),
|
}),
|
||||||
new ApiResource("api.push", new string[] { JwtClaimTypes.Subject })
|
new ApiResource("api.push", new string[] { JwtClaimTypes.Subject }),
|
||||||
|
new ApiResource("api.licensing", new string[] { JwtClaimTypes.Subject })
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -25,8 +25,7 @@ namespace Bit.Core.IdentityServer
|
|||||||
if(clientId.StartsWith("installation."))
|
if(clientId.StartsWith("installation."))
|
||||||
{
|
{
|
||||||
var idParts = clientId.Split('.');
|
var idParts = clientId.Split('.');
|
||||||
Guid id;
|
if(idParts.Length > 1 && Guid.TryParse(idParts[1], out Guid id))
|
||||||
if(idParts.Length > 1 && Guid.TryParse(idParts[1], out id))
|
|
||||||
{
|
{
|
||||||
var installation = await _installationRepository.GetByIdAsync(id);
|
var installation = await _installationRepository.GetByIdAsync(id);
|
||||||
if(installation != null)
|
if(installation != null)
|
||||||
@ -36,7 +35,7 @@ namespace Bit.Core.IdentityServer
|
|||||||
ClientId = $"installation.{installation.Id}",
|
ClientId = $"installation.{installation.Id}",
|
||||||
RequireClientSecret = true,
|
RequireClientSecret = true,
|
||||||
ClientSecrets = { new Secret(installation.Key.Sha256()) },
|
ClientSecrets = { new Secret(installation.Key.Sha256()) },
|
||||||
AllowedScopes = new string[] { "api.push" },
|
AllowedScopes = new string[] { "api.push", "api.licensing" },
|
||||||
AllowedGrantTypes = GrantTypes.ClientCredentials,
|
AllowedGrantTypes = GrantTypes.ClientCredentials,
|
||||||
AccessTokenLifetime = 3600 * 24,
|
AccessTokenLifetime = 3600 * 24,
|
||||||
Enabled = installation.Enabled,
|
Enabled = installation.Enabled,
|
||||||
|
|||||||
@ -4,13 +4,12 @@ using System.Collections.Generic;
|
|||||||
using Bit.Core.Models.Business;
|
using Bit.Core.Models.Business;
|
||||||
using Bit.Core.Models.Table;
|
using Bit.Core.Models.Table;
|
||||||
using Bit.Core.Enums;
|
using Bit.Core.Enums;
|
||||||
using Bit.Core.Services;
|
|
||||||
|
|
||||||
namespace Bit.Core.Models.Api
|
namespace Bit.Core.Models.Api
|
||||||
{
|
{
|
||||||
public class BillingResponseModel : ResponseModel
|
public class BillingResponseModel : ResponseModel
|
||||||
{
|
{
|
||||||
public BillingResponseModel(User user, BillingInfo billing, ILicensingService licenseService)
|
public BillingResponseModel(User user, BillingInfo billing, UserLicense license)
|
||||||
: base("billing")
|
: base("billing")
|
||||||
{
|
{
|
||||||
PaymentSource = billing.PaymentSource != null ? new BillingSource(billing.PaymentSource) : null;
|
PaymentSource = billing.PaymentSource != null ? new BillingSource(billing.PaymentSource) : null;
|
||||||
@ -20,7 +19,7 @@ namespace Bit.Core.Models.Api
|
|||||||
StorageName = user.Storage.HasValue ? Utilities.CoreHelpers.ReadableBytesSize(user.Storage.Value) : null;
|
StorageName = user.Storage.HasValue ? Utilities.CoreHelpers.ReadableBytesSize(user.Storage.Value) : null;
|
||||||
StorageGb = user.Storage.HasValue ? Math.Round(user.Storage.Value / 1073741824D, 2) : 0; // 1 GB
|
StorageGb = user.Storage.HasValue ? Math.Round(user.Storage.Value / 1073741824D, 2) : 0; // 1 GB
|
||||||
MaxStorageGb = user.MaxStorageGb;
|
MaxStorageGb = user.MaxStorageGb;
|
||||||
License = new UserLicense(user, billing, licenseService);
|
License = license;
|
||||||
Expiration = License.Expires;
|
Expiration = License.Expires;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -34,6 +34,24 @@ namespace Bit.Core.Models.Business
|
|||||||
Signature = Convert.ToBase64String(licenseService.SignLicense(this));
|
Signature = Convert.ToBase64String(licenseService.SignLicense(this));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public UserLicense(User user, ILicensingService licenseService)
|
||||||
|
{
|
||||||
|
LicenseKey = user.LicenseKey;
|
||||||
|
Id = user.Id;
|
||||||
|
Name = user.Name;
|
||||||
|
Email = user.Email;
|
||||||
|
Version = 1;
|
||||||
|
Premium = user.Premium;
|
||||||
|
MaxStorageGb = user.MaxStorageGb;
|
||||||
|
Issued = DateTime.UtcNow;
|
||||||
|
Expires = user.PremiumExpirationDate?.AddDays(7);
|
||||||
|
Refresh = user.PremiumExpirationDate?.Date;
|
||||||
|
Trial = false;
|
||||||
|
|
||||||
|
Hash = Convert.ToBase64String(ComputeHash());
|
||||||
|
Signature = Convert.ToBase64String(licenseService.SignLicense(this));
|
||||||
|
}
|
||||||
|
|
||||||
public string LicenseKey { get; set; }
|
public string LicenseKey { get; set; }
|
||||||
public Guid Id { get; set; }
|
public Guid Id { get; set; }
|
||||||
public string Name { get; set; }
|
public string Name { get; set; }
|
||||||
|
|||||||
@ -36,6 +36,7 @@ namespace Bit.Core.Services
|
|||||||
Task DeleteUserAsync(Guid organizationId, Guid organizationUserId, Guid deletingUserId);
|
Task DeleteUserAsync(Guid organizationId, Guid organizationUserId, Guid deletingUserId);
|
||||||
Task DeleteUserAsync(Guid organizationId, Guid userId);
|
Task DeleteUserAsync(Guid organizationId, Guid userId);
|
||||||
Task<OrganizationLicense> GenerateLicenseAsync(Guid organizationId, Guid installationId);
|
Task<OrganizationLicense> GenerateLicenseAsync(Guid organizationId, Guid installationId);
|
||||||
|
Task<OrganizationLicense> GenerateLicenseAsync(Organization organization, Guid installationId);
|
||||||
Task ImportAsync(Guid organizationId, Guid importingUserId, IEnumerable<ImportedGroup> groups,
|
Task ImportAsync(Guid organizationId, Guid importingUserId, IEnumerable<ImportedGroup> groups,
|
||||||
IEnumerable<ImportedOrganizationUser> newUsers, IEnumerable<string> removeUserExternalIds);
|
IEnumerable<ImportedOrganizationUser> newUsers, IEnumerable<string> removeUserExternalIds);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -49,5 +49,6 @@ namespace Bit.Core.Services
|
|||||||
Task DisablePremiumAsync(Guid userId, DateTime? expirationDate);
|
Task DisablePremiumAsync(Guid userId, DateTime? expirationDate);
|
||||||
Task DisablePremiumAsync(User user, DateTime? expirationDate);
|
Task DisablePremiumAsync(User user, DateTime? expirationDate);
|
||||||
Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate);
|
Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate);
|
||||||
|
Task<UserLicense> GenerateLicenseAsync(User user, BillingInfo billingInfo = null);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1039,6 +1039,11 @@ namespace Bit.Core.Services
|
|||||||
public async Task<OrganizationLicense> GenerateLicenseAsync(Guid organizationId, Guid installationId)
|
public async Task<OrganizationLicense> GenerateLicenseAsync(Guid organizationId, Guid installationId)
|
||||||
{
|
{
|
||||||
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
||||||
|
return await GenerateLicenseAsync(organization, installationId);
|
||||||
|
}
|
||||||
|
|
||||||
|
public async Task<OrganizationLicense> GenerateLicenseAsync(Organization organization, Guid installationId)
|
||||||
|
{
|
||||||
if(organization == null)
|
if(organization == null)
|
||||||
{
|
{
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
|
|||||||
@ -721,6 +721,23 @@ namespace Bit.Core.Services
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async Task<UserLicense> GenerateLicenseAsync(User user, BillingInfo billingInfo = null)
|
||||||
|
{
|
||||||
|
if(user == null)
|
||||||
|
{
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
|
||||||
|
if(billingInfo == null && user.Gateway != null)
|
||||||
|
{
|
||||||
|
var paymentService = user.GetPaymentService(_globalSettings);
|
||||||
|
billingInfo = await paymentService.GetBillingAsync(user);
|
||||||
|
}
|
||||||
|
|
||||||
|
return billingInfo == null ? new UserLicense(user, _licenseService) :
|
||||||
|
new UserLicense(user, billingInfo, _licenseService);
|
||||||
|
}
|
||||||
|
|
||||||
private async Task<IdentityResult> UpdatePasswordHash(User user, string newPassword, bool validatePassword = true)
|
private async Task<IdentityResult> UpdatePasswordHash(User user, string newPassword, bool validatePassword = true)
|
||||||
{
|
{
|
||||||
if(validatePassword)
|
if(validatePassword)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user