nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-05-28 23:04:50 -05:00
Code

Added OrgIdentifer to SetPasswordAsync // Added jit user two factor provider (#1009)

Browse Source
This commit is contained in:
Vincent Salucci 2020-11-22 08:46:44 -06:00 committed by GitHub
parent 58eb0510ca
commit f311f40d93
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
bitwarden_license/src/Sso/Controllers/AccountController.cs
View File

@ -20,6 +20,7 @@ using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Bit.Core.Models;
using Bit.Core.Models.Api; using Bit.Core.Models.Api;
using Bit.Core.Utilities; using Bit.Core.Utilities;
@ -37,6 +38,7 @@ namespace Bit.Sso.Controllers
private readonly ISsoConfigRepository _ssoConfigRepository; private readonly ISsoConfigRepository _ssoConfigRepository;
private readonly ISsoUserRepository _ssoUserRepository; private readonly ISsoUserRepository _ssoUserRepository;
private readonly IUserRepository _userRepository; private readonly IUserRepository _userRepository;
private readonly IPolicyRepository _policyRepository;
private readonly IUserService _userService; private readonly IUserService _userService;
private readonly II18nService _i18nService; private readonly II18nService _i18nService;
private readonly UserManager<User> _userManager; private readonly UserManager<User> _userManager;
@ -51,6 +53,7 @@ namespace Bit.Sso.Controllers
ISsoConfigRepository ssoConfigRepository, ISsoConfigRepository ssoConfigRepository,
ISsoUserRepository ssoUserRepository, ISsoUserRepository ssoUserRepository,
IUserRepository userRepository, IUserRepository userRepository,
IPolicyRepository policyRepository,
IUserService userService, IUserService userService,
II18nService i18nService, II18nService i18nService,
UserManager<User> userManager) UserManager<User> userManager)
@ -64,6 +67,7 @@ namespace Bit.Sso.Controllers
_userRepository = userRepository; _userRepository = userRepository;
_ssoConfigRepository = ssoConfigRepository; _ssoConfigRepository = ssoConfigRepository;
_ssoUserRepository = ssoUserRepository; _ssoUserRepository = ssoUserRepository;
_policyRepository = policyRepository;
_userService = userService; _userService = userService;
_i18nService = i18nService; _i18nService = i18nService;
_userManager = userManager; _userManager = userManager;
@ -461,6 +465,22 @@ namespace Bit.Sso.Controllers
if (orgId.HasValue) if (orgId.HasValue)
{ {
// If the organization has 2fa policy enabled, make sure to default jit user 2fa to email
var twoFactorPolicy =
await _policyRepository.GetByOrganizationIdTypeAsync(orgId.Value, PolicyType.TwoFactorAuthentication);
if (twoFactorPolicy != null && twoFactorPolicy.Enabled)
{
user.SetTwoFactorProviders(new Dictionary<TwoFactorProviderType, TwoFactorProvider>
{
[TwoFactorProviderType.Email] = new TwoFactorProvider
{
MetaData = new Dictionary<string, object> { ["Email"] = user.Email.ToLowerInvariant() },
Enabled = true
}
});
await _userService.UpdateTwoFactorProviderAsync(user, TwoFactorProviderType.Email);
}
// Create organization user record // Create organization user record
orgUser = new OrganizationUser orgUser = new OrganizationUser
{ {

3
src/Api/Controllers/AccountsController.cs
View File

@ -210,7 +210,8 @@ namespace Bit.Api.Controllers
throw new UnauthorizedAccessException(); throw new UnauthorizedAccessException();
} }
var result = await _userService.SetPasswordAsync(model.ToUser(user), model.MasterPasswordHash, model.Key); var result = await _userService.SetPasswordAsync(model.ToUser(user), model.MasterPasswordHash, model.Key,
model.OrgIdentifier);
if (result.Succeeded) if (result.Succeeded)
{ {
return; return;