mirror of
https://github.com/bitwarden/server.git
synced 2025-04-05 05:00:19 -05:00
[Key Connector] Add event logging for first SSO login (#1724)
* Add null checks to fix logging from SSO controller * Add FirstSsoLogin event logging
This commit is contained in:
Thomas Rittson
GitHub
parent
6008715abc
commit
cfd6123974
@ -459,11 +459,8 @@ namespace Bit.Sso.Controllers
|
|||||||
throw new Exception(_i18nService.T("UserAlreadyInvited", email, organization.Name));
|
throw new Exception(_i18nService.T("UserAlreadyInvited", email, organization.Name));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Delete existing SsoUser (if any) - avoids error if providerId has changed and the sso link is stale
|
|
||||||
await DeleteExistingSsoUserRecord(existingUser.Id, orgId, orgUser);
|
|
||||||
|
|
||||||
// Accepted or Confirmed - create SSO link and return;
|
// Accepted or Confirmed - create SSO link and return;
|
||||||
await CreateSsoUserRecord(providerUserId, existingUser.Id, orgId);
|
await CreateSsoUserRecord(providerUserId, existingUser.Id, orgId, orgUser);
|
||||||
return existingUser;
|
return existingUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -540,11 +537,8 @@ namespace Bit.Sso.Controllers
|
|||||||
await _organizationUserRepository.ReplaceAsync(orgUser);
|
await _organizationUserRepository.ReplaceAsync(orgUser);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Delete any stale user record to be safe
|
|
||||||
await DeleteExistingSsoUserRecord(user.Id, orgId, orgUser);
|
|
||||||
|
|
||||||
// Create sso user record
|
// Create sso user record
|
||||||
await CreateSsoUserRecord(providerUserId, user.Id, orgId);
|
await CreateSsoUserRecord(providerUserId, user.Id, orgId, orgUser);
|
||||||
|
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
@ -595,18 +589,21 @@ namespace Bit.Sso.Controllers
|
|||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
private async Task DeleteExistingSsoUserRecord(Guid userId, Guid orgId, OrganizationUser orgUser)
|
private async Task CreateSsoUserRecord(string providerUserId, Guid userId, Guid orgId, OrganizationUser orgUser)
|
||||||
{
|
{
|
||||||
|
// Delete existing SsoUser (if any) - avoids error if providerId has changed and the sso link is stale
|
||||||
var existingSsoUser = await _ssoUserRepository.GetByUserIdOrganizationIdAsync(orgId, userId);
|
var existingSsoUser = await _ssoUserRepository.GetByUserIdOrganizationIdAsync(orgId, userId);
|
||||||
if (existingSsoUser != null)
|
if (existingSsoUser != null)
|
||||||
{
|
{
|
||||||
await _ssoUserRepository.DeleteAsync(userId, orgId);
|
await _ssoUserRepository.DeleteAsync(userId, orgId);
|
||||||
await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_ResetSsoLink);
|
await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_ResetSsoLink);
|
||||||
}
|
}
|
||||||
}
|
else
|
||||||
|
{
|
||||||
|
// If no stale user, this is the user's first Sso login ever
|
||||||
|
await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_FirstSsoLogin);
|
||||||
|
}
|
||||||
|
|
||||||
private async Task CreateSsoUserRecord(string providerUserId, Guid userId, Guid orgId)
|
|
||||||
{
|
|
||||||
var ssoUser = new SsoUser
|
var ssoUser = new SsoUser
|
||||||
{
|
{
|
||||||
ExternalId = providerUserId,
|
ExternalId = providerUserId,
|
||||||
|
|||||||
@ -392,13 +392,13 @@ namespace Bit.Core.Context
|
|||||||
|
|
||||||
public async Task<Guid?> ProviderIdForOrg(Guid orgId)
|
public async Task<Guid?> ProviderIdForOrg(Guid orgId)
|
||||||
{
|
{
|
||||||
if (Organizations.Any(org => org.Id == orgId))
|
if (Organizations?.Any(org => org.Id == orgId) ?? false)
|
||||||
{
|
{
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
var po = (await GetProviderOrganizations())
|
var po = (await GetProviderOrganizations())
|
||||||
.FirstOrDefault(po => po.OrganizationId == orgId);
|
?.FirstOrDefault(po => po.OrganizationId == orgId);
|
||||||
|
|
||||||
return po?.ProviderId;
|
return po?.ProviderId;
|
||||||
}
|
}
|
||||||
@ -465,7 +465,7 @@ namespace Bit.Core.Context
|
|||||||
|
|
||||||
protected async Task<IEnumerable<ProviderUserOrganizationDetails>> GetProviderOrganizations()
|
protected async Task<IEnumerable<ProviderUserOrganizationDetails>> GetProviderOrganizations()
|
||||||
{
|
{
|
||||||
if (_providerUserOrganizations == null)
|
if (_providerUserOrganizations == null && UserId.HasValue)
|
||||||
{
|
{
|
||||||
_providerUserOrganizations = await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(UserId.Value, ProviderUserStatusType.Confirmed);
|
_providerUserOrganizations = await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(UserId.Value, ProviderUserStatusType.Confirmed);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -50,6 +50,7 @@
|
|||||||
OrganizationUser_ResetPassword_Withdraw = 1507,
|
OrganizationUser_ResetPassword_Withdraw = 1507,
|
||||||
OrganizationUser_AdminResetPassword = 1508,
|
OrganizationUser_AdminResetPassword = 1508,
|
||||||
OrganizationUser_ResetSsoLink = 1509,
|
OrganizationUser_ResetSsoLink = 1509,
|
||||||
|
OrganizationUser_FirstSsoLogin = 1510,
|
||||||
|
|
||||||
Organization_Updated = 1600,
|
Organization_Updated = 1600,
|
||||||
Organization_PurgedVault = 1601,
|
Organization_PurgedVault = 1601,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user