nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-02 16:42:50 -05:00
Code Activity

PM-2128 Enforce one time use of TOTP (#3152)

Browse Source 
* enforcing one time MFA token use

* Updated cache TTL

* renamed the cache

* removed IP limit, added comment, updated cache Key

* fixed build errors
This commit is contained in:
Ike
2023-09-09 14:35:08 -07:00
committed by GitHub
parent 4b482f0a34
commit 917c657439
3 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Identity/IdentityServer/ResourceOwnerPasswordValidator.cs
View File

@ -13,6 +13,7 @@ using Bit.Core.Utilities;
using IdentityServer4.Models;
using IdentityServer4.Validation;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Caching.Distributed;
namespace Bit.Identity.IdentityServer;
@ -44,11 +45,12 @@ public class ResourceOwnerPasswordValidator : BaseRequestValidator<ResourceOwner
IPolicyService policyService,
IDataProtectorTokenFactory<SsoEmail2faSessionTokenable> tokenDataFactory,
IFeatureService featureService,
ISsoConfigRepository ssoConfigRepository)
ISsoConfigRepository ssoConfigRepository,
IDistributedCache distributedCache)
: base(userManager, deviceRepository, deviceService, userService, eventService,
organizationDuoWebTokenProvider, organizationRepository, organizationUserRepository,
applicationCacheService, mailService, logger, currentContext, globalSettings, userRepository, policyService,
tokenDataFactory, featureService, ssoConfigRepository)
tokenDataFactory, featureService, ssoConfigRepository, distributedCache)
{
_userManager = userManager;
_userService = userService;