diff --git a/src/Core/IdentityServer/OidcIdentityClient.cs b/bitwarden_license/src/Sso/IdentityServer/OidcIdentityClient.cs similarity index 78% rename from src/Core/IdentityServer/OidcIdentityClient.cs rename to bitwarden_license/src/Sso/IdentityServer/OidcIdentityClient.cs index 822ac56cd4..8629da07e7 100644 --- a/src/Core/IdentityServer/OidcIdentityClient.cs +++ b/bitwarden_license/src/Sso/IdentityServer/OidcIdentityClient.cs @@ -2,7 +2,7 @@ using IdentityServer4; using IdentityServer4.Models; -namespace Bit.Core.IdentityServer; +namespace Bit.Sso.IdentityServer; public class OidcIdentityClient : Client { @@ -11,8 +11,8 @@ public class OidcIdentityClient : Client ClientId = "oidc-identity"; RequireClientSecret = true; RequirePkce = true; - ClientSecrets = new List { new Secret(globalSettings.OidcIdentityClientKey.Sha256()) }; - AllowedScopes = new string[] + ClientSecrets = new List { new(globalSettings.OidcIdentityClientKey.Sha256()) }; + AllowedScopes = new[] { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile diff --git a/bitwarden_license/src/Sso/Utilities/ServiceCollectionExtensions.cs b/bitwarden_license/src/Sso/Utilities/ServiceCollectionExtensions.cs index d7a5e3b1b4..cd4aa707d6 100644 --- a/bitwarden_license/src/Sso/Utilities/ServiceCollectionExtensions.cs +++ b/bitwarden_license/src/Sso/Utilities/ServiceCollectionExtensions.cs @@ -1,8 +1,8 @@ using Bit.Core.Business.Sso; -using Bit.Core.IdentityServer; using Bit.Core.Settings; using Bit.Core.Utilities; using Bit.SharedWeb.Utilities; +using Bit.Sso.IdentityServer; using Bit.Sso.Models; using IdentityServer4.Models; using IdentityServer4.ResponseHandling; diff --git a/src/Admin/Controllers/LoginController.cs b/src/Admin/Controllers/LoginController.cs index 47f9d5b34a..a6ee8e37f2 100644 --- a/src/Admin/Controllers/LoginController.cs +++ b/src/Admin/Controllers/LoginController.cs @@ -1,5 +1,5 @@ -using Bit.Admin.Models; -using Bit.Core.Identity; +using Bit.Admin.IdentityServer; +using Bit.Admin.Models; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; diff --git a/src/Core/Identity/PasswordlessSignInManager.cs b/src/Admin/IdentityServer/PasswordlessSignInManager.cs similarity index 96% rename from src/Core/Identity/PasswordlessSignInManager.cs rename to src/Admin/IdentityServer/PasswordlessSignInManager.cs index 1ca010835b..6c346158ec 100644 --- a/src/Core/Identity/PasswordlessSignInManager.cs +++ b/src/Admin/IdentityServer/PasswordlessSignInManager.cs @@ -1,11 +1,9 @@ using Bit.Core.Services; using Microsoft.AspNetCore.Authentication; -using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Identity; -using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; -namespace Bit.Core.Identity; +namespace Bit.Admin.IdentityServer; public class PasswordlessSignInManager : SignInManager where TUser : class { diff --git a/src/Core/Identity/ReadOnlyEnvIdentityUserStore.cs b/src/Admin/IdentityServer/ReadOnlyEnvIdentityUserStore.cs similarity index 89% rename from src/Core/Identity/ReadOnlyEnvIdentityUserStore.cs rename to src/Admin/IdentityServer/ReadOnlyEnvIdentityUserStore.cs index 341bcd38a9..15b8d894b7 100644 --- a/src/Core/Identity/ReadOnlyEnvIdentityUserStore.cs +++ b/src/Admin/IdentityServer/ReadOnlyEnvIdentityUserStore.cs @@ -1,8 +1,7 @@ using Bit.Core.Utilities; using Microsoft.AspNetCore.Identity; -using Microsoft.Extensions.Configuration; -namespace Bit.Core.Identity; +namespace Bit.Admin.IdentityServer; public class ReadOnlyEnvIdentityUserStore : ReadOnlyIdentityUserStore { @@ -14,7 +13,7 @@ public class ReadOnlyEnvIdentityUserStore : ReadOnlyIdentityUserStore } public override Task FindByEmailAsync(string normalizedEmail, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { var usersCsv = _configuration["adminSettings:admins"]; if (!CoreHelpers.SettingHasValue(usersCsv)) @@ -59,7 +58,7 @@ public class ReadOnlyEnvIdentityUserStore : ReadOnlyIdentityUserStore } public override Task FindByIdAsync(string userId, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return FindByEmailAsync(userId, cancellationToken); } diff --git a/src/Core/Identity/ReadOnlyIdentityUserStore.cs b/src/Admin/IdentityServer/ReadOnlyIdentityUserStore.cs similarity index 67% rename from src/Core/Identity/ReadOnlyIdentityUserStore.cs rename to src/Admin/IdentityServer/ReadOnlyIdentityUserStore.cs index 50c42c8197..88f3a40b1a 100644 --- a/src/Core/Identity/ReadOnlyIdentityUserStore.cs +++ b/src/Admin/IdentityServer/ReadOnlyIdentityUserStore.cs @@ -1,108 +1,107 @@ using Microsoft.AspNetCore.Identity; -namespace Bit.Core.Identity; +namespace Bit.Admin.IdentityServer; public abstract class ReadOnlyIdentityUserStore : - IUserStore, IUserEmailStore, IUserSecurityStampStore { public void Dispose() { } public Task CreateAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { throw new NotImplementedException(); } public Task DeleteAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { throw new NotImplementedException(); } public abstract Task FindByEmailAsync(string normalizedEmail, - CancellationToken cancellationToken = default(CancellationToken)); + CancellationToken cancellationToken = default); public abstract Task FindByIdAsync(string userId, - CancellationToken cancellationToken = default(CancellationToken)); + CancellationToken cancellationToken = default); public async Task FindByNameAsync(string normalizedUserName, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return await FindByEmailAsync(normalizedUserName, cancellationToken); } public Task GetEmailAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return Task.FromResult(user.Email); } public Task GetEmailConfirmedAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return Task.FromResult(user.EmailConfirmed); } public Task GetNormalizedEmailAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return Task.FromResult(user.Email); } public Task GetNormalizedUserNameAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return Task.FromResult(user.Email); } public Task GetUserIdAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return Task.FromResult(user.Id); } public Task GetUserNameAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return Task.FromResult(user.Email); } public Task SetEmailAsync(IdentityUser user, string email, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { throw new NotImplementedException(); } public Task SetEmailConfirmedAsync(IdentityUser user, bool confirmed, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { throw new NotImplementedException(); } public Task SetNormalizedEmailAsync(IdentityUser user, string normalizedEmail, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { user.NormalizedEmail = normalizedEmail; return Task.FromResult(0); } public Task SetNormalizedUserNameAsync(IdentityUser user, string normalizedName, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { user.NormalizedUserName = normalizedName; return Task.FromResult(0); } public Task SetUserNameAsync(IdentityUser user, string userName, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { throw new NotImplementedException(); } public Task UpdateAsync(IdentityUser user, - CancellationToken cancellationToken = default(CancellationToken)) + CancellationToken cancellationToken = default) { return Task.FromResult(IdentityResult.Success); } diff --git a/src/Admin/IdentityServer/ServiceCollectionExtensions.cs b/src/Admin/IdentityServer/ServiceCollectionExtensions.cs new file mode 100644 index 0000000000..bf4ac66cc1 --- /dev/null +++ b/src/Admin/IdentityServer/ServiceCollectionExtensions.cs @@ -0,0 +1,44 @@ +using Bit.Core.Entities; +using Bit.Core.Identity; +using Bit.Core.Settings; +using Microsoft.AspNetCore.Identity; +using Microsoft.Extensions.DependencyInjection.Extensions; + +namespace Bit.Admin.IdentityServer; + +public static class ServiceCollectionExtensions +{ + public static Tuple AddPasswordlessIdentityServices( + this IServiceCollection services, GlobalSettings globalSettings) where TUserStore : class + { + services.TryAddTransient(); + services.Configure(options => + { + options.TokenLifespan = TimeSpan.FromMinutes(15); + }); + + var passwordlessIdentityBuilder = services.AddIdentity() + .AddUserStore() + .AddRoleStore() + .AddDefaultTokenProviders(); + + var regularIdentityBuilder = services.AddIdentityCore() + .AddUserStore(); + + services.TryAddScoped, PasswordlessSignInManager>(); + + services.ConfigureApplicationCookie(options => + { + options.LoginPath = "/login"; + options.LogoutPath = "/"; + options.AccessDeniedPath = "/login?accessDenied=true"; + options.Cookie.Name = $"Bitwarden_{globalSettings.ProjectName}"; + options.Cookie.HttpOnly = true; + options.ExpireTimeSpan = TimeSpan.FromDays(2); + options.ReturnUrlParameter = "returnUrl"; + options.SlidingExpiration = true; + }); + + return new Tuple(passwordlessIdentityBuilder, regularIdentityBuilder); + } +} diff --git a/src/Admin/Startup.cs b/src/Admin/Startup.cs index 37645873eb..d10a1d4453 100644 --- a/src/Admin/Startup.cs +++ b/src/Admin/Startup.cs @@ -1,6 +1,6 @@ using System.Globalization; +using Bit.Admin.IdentityServer; using Bit.Core.Context; -using Bit.Core.Identity; using Bit.Core.Settings; using Bit.Core.Utilities; using Bit.SharedWeb.Utilities; diff --git a/src/Core/Identity/ReadOnlyDatabaseIdentityUserStore.cs b/src/Core/Identity/ReadOnlyDatabaseIdentityUserStore.cs deleted file mode 100644 index 70d3da0072..0000000000 --- a/src/Core/Identity/ReadOnlyDatabaseIdentityUserStore.cs +++ /dev/null @@ -1,38 +0,0 @@ -using Bit.Core.Repositories; -using Bit.Core.Services; -using Microsoft.AspNetCore.Identity; - -namespace Bit.Core.Identity; - -public class ReadOnlyDatabaseIdentityUserStore : ReadOnlyIdentityUserStore -{ - private readonly IUserService _userService; - private readonly IUserRepository _userRepository; - - public ReadOnlyDatabaseIdentityUserStore( - IUserService userService, - IUserRepository userRepository) - { - _userService = userService; - _userRepository = userRepository; - } - - public override async Task FindByEmailAsync(string normalizedEmail, - CancellationToken cancellationToken = default(CancellationToken)) - { - var user = await _userRepository.GetByEmailAsync(normalizedEmail); - return user?.ToIdentityUser(await _userService.TwoFactorIsEnabledAsync(user)); - } - - public override async Task FindByIdAsync(string userId, - CancellationToken cancellationToken = default(CancellationToken)) - { - if (!Guid.TryParse(userId, out var userIdGuid)) - { - return null; - } - - var user = await _userRepository.GetByIdAsync(userIdGuid); - return user?.ToIdentityUser(await _userService.TwoFactorIsEnabledAsync(user)); - } -} diff --git a/src/Core/IdentityServer/ApiClient.cs b/src/Identity/IdentityServer/ApiClient.cs similarity index 98% rename from src/Core/IdentityServer/ApiClient.cs rename to src/Identity/IdentityServer/ApiClient.cs index b289da0015..8d2a294bec 100644 --- a/src/Core/IdentityServer/ApiClient.cs +++ b/src/Identity/IdentityServer/ApiClient.cs @@ -1,7 +1,7 @@ using Bit.Core.Settings; using IdentityServer4.Models; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class ApiClient : Client { diff --git a/src/Core/IdentityServer/ApiResources.cs b/src/Identity/IdentityServer/ApiResources.cs similarity index 96% rename from src/Core/IdentityServer/ApiResources.cs rename to src/Identity/IdentityServer/ApiResources.cs index 5a19fa2caf..07cb7b5014 100644 --- a/src/Core/IdentityServer/ApiResources.cs +++ b/src/Identity/IdentityServer/ApiResources.cs @@ -1,7 +1,7 @@ using IdentityModel; using IdentityServer4.Models; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class ApiResources { diff --git a/src/Core/IdentityServer/ApiScopes.cs b/src/Identity/IdentityServer/ApiScopes.cs similarity index 93% rename from src/Core/IdentityServer/ApiScopes.cs rename to src/Identity/IdentityServer/ApiScopes.cs index 2af512eb89..2e8fe983eb 100644 --- a/src/Core/IdentityServer/ApiScopes.cs +++ b/src/Identity/IdentityServer/ApiScopes.cs @@ -1,6 +1,6 @@ using IdentityServer4.Models; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class ApiScopes { diff --git a/src/Core/IdentityServer/AuthorizationCodeStore.cs b/src/Identity/IdentityServer/AuthorizationCodeStore.cs similarity index 95% rename from src/Core/IdentityServer/AuthorizationCodeStore.cs rename to src/Identity/IdentityServer/AuthorizationCodeStore.cs index fc07f7aa6e..da63d9c4ad 100644 --- a/src/Core/IdentityServer/AuthorizationCodeStore.cs +++ b/src/Identity/IdentityServer/AuthorizationCodeStore.cs @@ -4,9 +4,8 @@ using IdentityServer4.Models; using IdentityServer4.Services; using IdentityServer4.Stores; using IdentityServer4.Stores.Serialization; -using Microsoft.Extensions.Logging; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; // ref: https://raw.githubusercontent.com/IdentityServer/IdentityServer4/3.1.3/src/IdentityServer4/src/Stores/Default/DefaultAuthorizationCodeStore.cs public class AuthorizationCodeStore : DefaultGrantStore, IAuthorizationCodeStore diff --git a/src/Core/IdentityServer/BaseRequestValidator.cs b/src/Identity/IdentityServer/BaseRequestValidator.cs similarity index 99% rename from src/Core/IdentityServer/BaseRequestValidator.cs rename to src/Identity/IdentityServer/BaseRequestValidator.cs index d2c72c132b..c7d88e9e94 100644 --- a/src/Core/IdentityServer/BaseRequestValidator.cs +++ b/src/Identity/IdentityServer/BaseRequestValidator.cs @@ -2,6 +2,7 @@ using System.Reflection; using System.Security.Claims; using System.Text.Json; +using Bit.Core; using Bit.Core.Context; using Bit.Core.Entities; using Bit.Core.Enums; @@ -15,9 +16,8 @@ using Bit.Core.Settings; using Bit.Core.Utilities; using IdentityServer4.Validation; using Microsoft.AspNetCore.Identity; -using Microsoft.Extensions.Logging; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public abstract class BaseRequestValidator where T : class { diff --git a/src/Core/IdentityServer/ClientStore.cs b/src/Identity/IdentityServer/ClientStore.cs similarity index 99% rename from src/Core/IdentityServer/ClientStore.cs rename to src/Identity/IdentityServer/ClientStore.cs index 2e6fa06bde..b8fa2e421f 100644 --- a/src/Core/IdentityServer/ClientStore.cs +++ b/src/Identity/IdentityServer/ClientStore.cs @@ -10,7 +10,7 @@ using IdentityModel; using IdentityServer4.Models; using IdentityServer4.Stores; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class ClientStore : IClientStore { diff --git a/src/Core/IdentityServer/CustomTokenRequestValidator.cs b/src/Identity/IdentityServer/CustomTokenRequestValidator.cs similarity index 98% rename from src/Core/IdentityServer/CustomTokenRequestValidator.cs rename to src/Identity/IdentityServer/CustomTokenRequestValidator.cs index 1354af70a1..b9bf16f58a 100644 --- a/src/Core/IdentityServer/CustomTokenRequestValidator.cs +++ b/src/Identity/IdentityServer/CustomTokenRequestValidator.cs @@ -9,9 +9,8 @@ using IdentityModel; using IdentityServer4.Extensions; using IdentityServer4.Validation; using Microsoft.AspNetCore.Identity; -using Microsoft.Extensions.Logging; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class CustomTokenRequestValidator : BaseRequestValidator, ICustomTokenRequestValidator diff --git a/src/Core/IdentityServer/CustomValidatorRequestContext.cs b/src/Identity/IdentityServer/CustomValidatorRequestContext.cs similarity index 86% rename from src/Core/IdentityServer/CustomValidatorRequestContext.cs rename to src/Identity/IdentityServer/CustomValidatorRequestContext.cs index 66fdc1e7e9..faf40b7c43 100644 --- a/src/Core/IdentityServer/CustomValidatorRequestContext.cs +++ b/src/Identity/IdentityServer/CustomValidatorRequestContext.cs @@ -1,7 +1,7 @@ using Bit.Core.Entities; using Bit.Core.Models.Business; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class CustomValidatorRequestContext { diff --git a/src/Core/IdentityServer/PersistedGrantStore.cs b/src/Identity/IdentityServer/PersistedGrantStore.cs similarity index 98% rename from src/Core/IdentityServer/PersistedGrantStore.cs rename to src/Identity/IdentityServer/PersistedGrantStore.cs index a1b3294ba0..9671cba446 100644 --- a/src/Core/IdentityServer/PersistedGrantStore.cs +++ b/src/Identity/IdentityServer/PersistedGrantStore.cs @@ -3,7 +3,7 @@ using IdentityServer4.Models; using IdentityServer4.Stores; using Grant = Bit.Core.Entities.Grant; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class PersistedGrantStore : IPersistedGrantStore { diff --git a/src/Core/IdentityServer/ProfileService.cs b/src/Identity/IdentityServer/ProfileService.cs similarity index 98% rename from src/Core/IdentityServer/ProfileService.cs rename to src/Identity/IdentityServer/ProfileService.cs index 873ad6b5ab..6b66b1850e 100644 --- a/src/Core/IdentityServer/ProfileService.cs +++ b/src/Identity/IdentityServer/ProfileService.cs @@ -6,7 +6,7 @@ using Bit.Core.Utilities; using IdentityServer4.Models; using IdentityServer4.Services; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class ProfileService : IProfileService { diff --git a/src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs b/src/Identity/IdentityServer/ResourceOwnerPasswordValidator.cs similarity index 99% rename from src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs rename to src/Identity/IdentityServer/ResourceOwnerPasswordValidator.cs index 3cce62db1b..278baef06a 100644 --- a/src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs +++ b/src/Identity/IdentityServer/ResourceOwnerPasswordValidator.cs @@ -9,9 +9,8 @@ using Bit.Core.Utilities; using IdentityServer4.Models; using IdentityServer4.Validation; using Microsoft.AspNetCore.Identity; -using Microsoft.Extensions.Logging; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class ResourceOwnerPasswordValidator : BaseRequestValidator, IResourceOwnerPasswordValidator diff --git a/src/Core/IdentityServer/StaticClientStore.cs b/src/Identity/IdentityServer/StaticClientStore.cs similarity index 95% rename from src/Core/IdentityServer/StaticClientStore.cs rename to src/Identity/IdentityServer/StaticClientStore.cs index 92c124f26d..537f389925 100644 --- a/src/Core/IdentityServer/StaticClientStore.cs +++ b/src/Identity/IdentityServer/StaticClientStore.cs @@ -2,7 +2,7 @@ using Bit.Core.Settings; using IdentityServer4.Models; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class StaticClientStore { diff --git a/src/Core/IdentityServer/VaultCorsPolicyService.cs b/src/Identity/IdentityServer/VaultCorsPolicyService.cs similarity index 92% rename from src/Core/IdentityServer/VaultCorsPolicyService.cs rename to src/Identity/IdentityServer/VaultCorsPolicyService.cs index 49abcb4aad..867644c54b 100644 --- a/src/Core/IdentityServer/VaultCorsPolicyService.cs +++ b/src/Identity/IdentityServer/VaultCorsPolicyService.cs @@ -2,7 +2,7 @@ using Bit.Core.Utilities; using IdentityServer4.Services; -namespace Bit.Core.IdentityServer; +namespace Bit.Identity.IdentityServer; public class CustomCorsPolicyService : ICorsPolicyService { diff --git a/src/Identity/Utilities/ServiceCollectionExtensions.cs b/src/Identity/Utilities/ServiceCollectionExtensions.cs index df3a6dec82..46031c9cfa 100644 --- a/src/Identity/Utilities/ServiceCollectionExtensions.cs +++ b/src/Identity/Utilities/ServiceCollectionExtensions.cs @@ -1,5 +1,5 @@ -using Bit.Core.IdentityServer; -using Bit.Core.Settings; +using Bit.Core.Settings; +using Bit.Identity.IdentityServer; using Bit.SharedWeb.Utilities; using IdentityServer4.ResponseHandling; using IdentityServer4.Services; diff --git a/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs b/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs index 2ad8e2b2b8..63f2a332fe 100644 --- a/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs +++ b/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs @@ -33,7 +33,6 @@ using Microsoft.Extensions.Caching.Distributed; using Microsoft.Extensions.Caching.StackExchangeRedis; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; @@ -358,39 +357,7 @@ public static class ServiceCollectionExtensions return identityBuilder; } - public static Tuple AddPasswordlessIdentityServices( - this IServiceCollection services, GlobalSettings globalSettings) where TUserStore : class - { - services.TryAddTransient(); - services.Configure(options => - { - options.TokenLifespan = TimeSpan.FromMinutes(15); - }); - var passwordlessIdentityBuilder = services.AddIdentity() - .AddUserStore() - .AddRoleStore() - .AddDefaultTokenProviders(); - - var regularIdentityBuilder = services.AddIdentityCore() - .AddUserStore(); - - services.TryAddScoped, PasswordlessSignInManager>(); - - services.ConfigureApplicationCookie(options => - { - options.LoginPath = "/login"; - options.LogoutPath = "/"; - options.AccessDeniedPath = "/login?accessDenied=true"; - options.Cookie.Name = $"Bitwarden_{globalSettings.ProjectName}"; - options.Cookie.HttpOnly = true; - options.ExpireTimeSpan = TimeSpan.FromDays(2); - options.ReturnUrlParameter = "returnUrl"; - options.SlidingExpiration = true; - }); - - return new Tuple(passwordlessIdentityBuilder, regularIdentityBuilder); - } public static void AddIdentityAuthenticationServices( this IServiceCollection services, GlobalSettings globalSettings, IWebHostEnvironment environment, diff --git a/test/Identity.IntegrationTest/Endpoints/IdentityServerTests.cs b/test/Identity.IntegrationTest/Endpoints/IdentityServerTests.cs index 14600ba26e..3bcb45a696 100644 --- a/test/Identity.IntegrationTest/Endpoints/IdentityServerTests.cs +++ b/test/Identity.IntegrationTest/Endpoints/IdentityServerTests.cs @@ -3,6 +3,7 @@ using Bit.Core.Entities; using Bit.Core.Enums; using Bit.Core.Models.Api.Request.Accounts; using Bit.Core.Repositories; +using Bit.Identity.IdentityServer; using Bit.IntegrationTestCommon.Factories; using Bit.Test.Common.AutoFixture.Attributes; using Bit.Test.Common.Helpers; @@ -279,7 +280,7 @@ public class IdentityServerTests : IClassFixture /// /// This test currently does not test any code that is not covered by other tests but - /// it shows that we probably have some dead code in + /// it shows that we probably have some dead code in /// for installation, organization, and user they split on a '.' but have already checked that at least one /// '.' exists in the client_id by checking it with /// I believe that idParts.Length > 1 will ALWAYS return true