nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 07:36:14 -05:00
Code Activity

Remove the u2f lib (#1820)

Browse Source
This commit is contained in:
Oscar Hinton
2022-01-24 12:14:04 +01:00
committed by GitHub
parent 5268f2781e
commit ac8ca46f0f
44 changed files with 3489 additions and 1247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

121
util/Migrator/DbScripts/2020-09-09_00-ScriptMigrateU2FToWebAuthn.cs
View File

@ -1,121 +0,0 @@
using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using Bit.Core.Enums;
using Bit.Core.Models;
using DbUp.Engine;
using Newtonsoft.Json;
namespace Bit.Migrator.DbScripts
{
class ScriptMigrateU2FToWebAuthn : IScript
{
public string ProvideScript(Func<IDbCommand> commandFactory)
{
var cmd = commandFactory();
cmd.CommandText = "SELECT Id, TwoFactorProviders FROM [dbo].[User] WHERE TwoFactorProviders IS NOT NULL";
var users = new List<object>();
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
var id = reader.GetGuid(0);
var twoFactorProviders = reader.GetString(1);
if (string.IsNullOrWhiteSpace(twoFactorProviders))
{
continue;
}
var providers = JsonConvert.DeserializeObject<Dictionary<TwoFactorProviderType, TwoFactorProvider>>(twoFactorProviders);
if (!providers.ContainsKey(TwoFactorProviderType.U2f))
{
continue;
}
var u2fProvider = providers[TwoFactorProviderType.U2f];
if (!u2fProvider.Enabled || !HasProperMetaData(u2fProvider))
{
continue;
}
var u2fKeys = LoadKeys(u2fProvider);
var webAuthnKeys = u2fKeys.Select(key => (key.Item1, key.Item2.ToWebAuthnData()));
var webAuthnProvider = new TwoFactorProvider
{
Enabled = true,
MetaData = webAuthnKeys.ToDictionary(x => x.Item1, x => (object)x.Item2)
};
providers[TwoFactorProviderType.WebAuthn] = webAuthnProvider;
users.Add(new User
{
Id = id,
TwoFactorProviders = JsonConvert.SerializeObject(providers),
});
}
}
foreach (User user in users)
{
var command = commandFactory();
command.CommandText = "UPDATE [dbo].[User] SET TwoFactorProviders = @twoFactorProviders WHERE Id = @id";
var idParameter = command.CreateParameter();
idParameter.ParameterName = "@id";
idParameter.Value = user.Id;
var twoFactorParameter = command.CreateParameter();
twoFactorParameter.ParameterName = "@twoFactorProviders";
twoFactorParameter.Value = user.TwoFactorProviders;
command.Parameters.Add(idParameter);
command.Parameters.Add(twoFactorParameter);
command.ExecuteNonQuery();
}
return "";
}
private bool HasProperMetaData(TwoFactorProvider provider)
{
return (provider?.MetaData?.Count ?? 0) > 0;
}
private List<Tuple<string, TwoFactorProvider.U2fMetaData>> LoadKeys(TwoFactorProvider provider)
{
var keys = new List<Tuple<string, TwoFactorProvider.U2fMetaData>>();
// Support up to 5 keys
for (var i = 1; i <= 5; i++)
{
var keyName = $"Key{i}";
if (provider.MetaData.ContainsKey(keyName))
{
var key = new TwoFactorProvider.U2fMetaData((dynamic)provider.MetaData[keyName]);
if (!key?.Compromised ?? false)
{
keys.Add(new Tuple<string, TwoFactorProvider.U2fMetaData>(keyName, key));
}
}
}
return keys;
}
private class User
{
public Guid Id { get; set; }
public string TwoFactorProviders { get; set; }
}
}
}

154
util/Migrator/DbScripts/2022-01-21_00_RemoveU2F.sql Normal file
View File

@ -0,0 +1,154 @@
IF OBJECT_ID('[dbo].[U2f_Create]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[U2f_Create]
END
GO
IF OBJECT_ID('[dbo].[U2f_DeleteByUserId]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[U2f_DeleteByUserId]
END
GO
IF OBJECT_ID('[dbo].[U2f_DeleteOld]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[U2f_DeleteOld]
END
GO
IF OBJECT_ID('[dbo].[U2f_ReadByUserId]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[U2f_ReadByUserId]
END
GO
IF OBJECT_ID('[dbo].[U2f_ReadById]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[U2f_ReadById]
END
GO
IF EXISTS(SELECT * FROM sys.views WHERE [Name] = 'U2fView')
BEGIN
DROP VIEW [dbo].[U2fView];
END
GO
IF OBJECT_ID('[dbo].[U2f]') IS NOT NULL
BEGIN
DROP TABLE [dbo].[U2f]
END
GO
IF OBJECT_ID('[dbo].[User_DeleteById]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[User_DeleteById]
END
GO
CREATE PROCEDURE [dbo].[User_DeleteById]
@Id UNIQUEIDENTIFIER
WITH RECOMPILE
AS
BEGIN
SET NOCOUNT ON
DECLARE @BatchSize INT = 100
-- Delete ciphers
WHILE @BatchSize > 0
BEGIN
BEGIN TRANSACTION User_DeleteById_Ciphers
DELETE TOP(@BatchSize)
FROM
[dbo].[Cipher]
WHERE
[UserId] = @Id
SET @BatchSize = @@ROWCOUNT
COMMIT TRANSACTION User_DeleteById_Ciphers
END
BEGIN TRANSACTION User_DeleteById
-- Delete folders
DELETE
FROM
[dbo].[Folder]
WHERE
[UserId] = @Id
-- Delete devices
DELETE
FROM
[dbo].[Device]
WHERE
[UserId] = @Id
-- Delete collection users
DELETE
CU
FROM
[dbo].[CollectionUser] CU
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = CU.[OrganizationUserId]
WHERE
OU.[UserId] = @Id
-- Delete group users
DELETE
GU
FROM
[dbo].[GroupUser] GU
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = GU.[OrganizationUserId]
WHERE
OU.[UserId] = @Id
-- Delete organization users
DELETE
FROM
[dbo].[OrganizationUser]
WHERE
[UserId] = @Id
-- Delete provider users
DELETE
FROM
[dbo].[ProviderUser]
WHERE
[UserId] = @Id
-- Delete SSO Users
DELETE
FROM
[dbo].[SsoUser]
WHERE
[UserId] = @Id
-- Delete Emergency Accesses
DELETE
FROM
[dbo].[EmergencyAccess]
WHERE
[GrantorId] = @Id
OR
[GranteeId] = @Id
-- Delete Sends
DELETE
FROM
[dbo].[Send]
WHERE
[UserId] = @Id
-- Finally, delete the user
DELETE
FROM
[dbo].[User]
WHERE
[Id] = @Id
COMMIT TRANSACTION User_DeleteById
END