nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-02 16:42:50 -05:00
Code Activity

[AC-1585] Automatically verify managed members on an organization with a verified domain (#3207)

Browse Source
This commit is contained in:
Rui Tomé
2023-08-30 07:23:45 +01:00
committed by GitHub
parent 6d078851dc
commit e679d3127a
3 changed files with 55 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
bitwarden_license/src/Sso/Controllers/AccountController.cs
View File

@ -47,6 +47,7 @@ public class AccountController : Controller
private readonly IGlobalSettings _globalSettings;
private readonly Core.Services.IEventService _eventService;
private readonly IDataProtectorTokenFactory<SsoTokenable> _dataProtector;
private readonly IOrganizationDomainRepository _organizationDomainRepository;
public AccountController(
IAuthenticationSchemeProvider schemeProvider,
@ -65,7 +66,8 @@ public class AccountController : Controller
UserManager<User> userManager,
IGlobalSettings globalSettings,
Core.Services.IEventService eventService,
IDataProtectorTokenFactory<SsoTokenable> dataProtector)
IDataProtectorTokenFactory<SsoTokenable> dataProtector,
IOrganizationDomainRepository organizationDomainRepository)
{
_schemeProvider = schemeProvider;
_clientStore = clientStore;
@ -84,6 +86,7 @@ public class AccountController : Controller
_eventService = eventService;
_globalSettings = globalSettings;
_dataProtector = dataProtector;
_organizationDomainRepository = organizationDomainRepository;
}
[HttpGet]
@ -513,11 +516,21 @@ public class AccountController : Controller
}
}
// If the email domain is verified, we can mark the email as verified
var emailVerified = false;
var emailDomain = CoreHelpers.GetEmailDomain(email);
if (!string.IsNullOrWhiteSpace(emailDomain))
{
var organizationDomain = await _organizationDomainRepository.GetDomainByOrgIdAndDomainNameAsync(orgId, emailDomain);
emailVerified = organizationDomain?.VerifiedDate.HasValue ?? false;
}
// Create user record - all existing user flows are handled above
var user = new User
{
Name = name,
Email = email,
EmailVerified = emailVerified,
ApiKey = CoreHelpers.SecureRandomString(30)
};
await _userService.RegisterUserAsync(user);