nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-14 09:38:16 -05:00
Code
5,650 Commits 375 Branches 196 Tags
Commit Graph

5650 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ike
85b299ccfc
feat : matching request email to session email (#5541) 
* feat : matching request email to session email

* feat : implement AuthRequestHeaderValidator

* fix : matching table definitions between migrator and sql project.

* fix : fixing tests
 2025-03-21 18:18:17 -04:00
Bernd Schoolmann
6d4d7c7968
Move migration and prevent failure 2025-03-21 18:00:30 +01:00
Bernd Schoolmann
8073d0e0c3
Merge branch 'main' into innovation/opaque 2025-03-21 17:49:16 +01:00
Bernd Schoolmann
cb40e5ab27
Fix test 2025-03-21 17:47:00 +01:00
Ike
4bd446dd66
Update OpaqueKeyExchangeGrantValidator.cs (#5540) 
fix : DI fix for feature service
 2025-03-21 11:01:49 -04:00
Ike Kottlowski
ac8bf0f3dc
feat : add feature flag to grant validator; 
fix : authed user flag stays in sessions for 5 minutes to account for 2FA
 2025-03-21 10:50:04 -04:00
Brandon Treston
c7c6528faa
Ac/pm 18240 implement policy requirement for reset password policy (#5521) 
* wip

* fix test

* fix test

* refactor

* fix factory method and tests

* cleanup

* refactor

* update copy

* cleanup
 2025-03-21 10:07:55 -04:00
Bernd Schoolmann
77206b12a9
Fake responses for non-existent users (#5538) 2025-03-21 13:49:34 +01:00
Github Actions
5d549402c7 Bumped version to 2025.3.3 2025-03-21 10:15:22 +00:00
Bernd Schoolmann
5016ece4ff
[Innovation/OPAQUE] Add entity framework impl (#5523) 
* Add prelogin response

* Fix test

* Fix more tests

* Fix tests

* Fix SQL warnings

* Fix difference between migration and sql SP

* Attempt to fix tests

* Attempt to fix tests

* Attempt to fix

* Fix namespace

* Attempt to fix error

* Fix different SP / migration

* Attempt to fix migration

* Fix

* Fix

* Add ef impl
 2025-03-21 10:24:37 +01:00
Ike Kottlowski
c1614bf3a6
fix : dotnet format 2025-03-20 18:36:33 -04:00
Ike Kottlowski
474b37d10e
fix : added feature flagging to method calls; removed some todos; cleaned up implementation in account service; registration lives in API to access Authorize middleware; Login lives in Identity; 2025-03-20 18:00:43 -04:00
Nick Krantz
948d8f707d
[PM-18858] Security Task email bugs (#5536) 
* make "Review at-risk passwords" bold

* add owner and admin email address to the bottom of the security notification email

* fix plurality of text email
 2025-03-20 14:41:58 -05:00
Ike Kottlowski
dae1bf088d
Merge branch 'innovation/opaque' of https://github.com/bitwarden/server into innovation/opaque 2025-03-20 15:03:41 -04:00
Ike Kottlowski
525174068f
feat (opaque-ke) : moved endpoints to Identity. 2025-03-20 14:59:34 -04:00
Ike Kottlowski
7f997246e5
Merge branch 'innovation/opaque-wanna-try-catch-son' into innovation/opaque 2025-03-20 14:43:55 -04:00
Jared Snider
2741b04e88
Update UserDecryptionOptions.cs to add BuildOpaqueOption 2025-03-20 14:18:35 -04:00
Ike Kottlowski
8f25ab6d73
fix : add try catch blocks 2025-03-20 13:55:11 -04:00
Github Actions
2d02ad3f61 Bumped version to 2025.3.2 2025-03-20 17:30:55 +00:00
Github Actions
bb674b8990 Bumped version to 2025.3.1 2025-03-20 17:14:35 +00:00
Jared Snider
9b7c14c2df
OpaqueKeyExchangeCredential.cs - tweak comment 2025-03-20 12:45:38 -04:00
Jared Snider
4edd3da4cf
OpaqueKeyExchangeCredential.cs - add docs on keys 2025-03-20 12:45:00 -04:00
Jared Snider
36c52a1e75
Add todos and stuff 2025-03-20 11:56:29 -04:00
Bernd Schoolmann
5a8bf4c890
Innovation/opaque grant validator (#5533) 
* Add grant validator

* Fix 2fa

* Add featureflag

* Add comments

* Cleanup

* Set active endpoint

* Fix test
 2025-03-20 15:13:05 +01:00
Jared McCannon
f6cc140fde
Switched from .Any to Count. Remove unreachable code. (#5519) 2025-03-20 09:12:39 -05:00
Ike Kottlowski
9848d53683
feat : fix database script; add comments. 2025-03-19 22:54:23 -04:00
Patrick-Pimentel-Bitwarden
db3151160a
fix(device-approval-persistence): [PM-9112] Device Approval Persistence - Added feature flag. (#5495) 2025-03-19 15:27:51 -04:00
Nick Krantz
3422f4cd50
[PM-18971] Special Characters in Org Names (#5514) 
* sanitize organization name for email to avoid encoding

* fix spelling mistake in variable name
 2025-03-19 13:55:30 -05:00
Jason Ng
481df89cf0
[PM-19342] Onboarding Nudges Feature Flag (#5530) 2025-03-19 14:24:12 -04:00
Jordan Aasen
21717ec71e
[PM-17733] - [Privilege Escalation] - Unauthorised access allows limited access user to change password of Items (#5452) 
* prevent view-only users from updating passwords

* revert change to licensing service

* add tests

* check if organizationId is there

* move logic to private method

* move logic to private method

* move logic into method

* revert change to licensing service

* throw exception when cipher key is created by hidden password users

* fix tests

* don't allow totp or passkeys changes from hidden password users

* add tests

* revert change to licensing service
 2025-03-19 11:13:38 -07:00
Todd Martin
fc827ed209
feat(set password) [PM-17647] Add set/change password feature flags 
* Added flag values

* Added flag values

* Removed extra space

* Linting
 2025-03-19 13:49:02 -04:00
Daniel García
11fcb26778
Update bindings to 0.1.0-beta.3 2025-03-19 17:21:57 +01:00
Rui Tomé
bb3ec6aca1
[PM-16888] Refactor OrganizationUser status update procedure to use a GuidIdArray parameter and remove JSON parsing logic (#5237) 
* Refactor OrganizationUser status update procedure to use a GuidIdArray parameter and remove JSON parsing logic

* Fix OrganizationUser_SetStatusForUsersById procedure and bump script date

* Restore OrganizationUser_SetStatusForUsersById for possible server version rollback. Add new version with the name OrganizationUser_SetStatusForUsersByGuidIdArray

* Add migration script to add stored procedure OrganizationUser_SetStatusForUsersByGuidIdArray to update user status by GUID array
 2025-03-19 11:01:06 +00:00
Bernd Schoolmann
7a8ee710da
[PM-19279] Add prelogin response (#5511) 
* Add prelogin response

* Fix test

* Fix more tests

* Fix tests

* Fix SQL warnings

* Fix difference between migration and sql SP

* Attempt to fix tests

* Attempt to fix tests

* Attempt to fix

* Fix namespace

* Attempt to fix error

* Fix different SP / migration

* Attempt to fix migration

* Fix

* Fix
 2025-03-19 11:34:33 +01:00
Daniel García
2fd1b25580
Update Bitwarden.Opaque 2025-03-18 23:20:25 +01:00
Vince Grassia
7f0dd6d1c3
Update FROM directive in Dockerfile (#5522) 2025-03-18 20:02:39 +00:00
renovate[bot]
508bf2c9f8
[deps] Vault: Update AngleSharp to 1.2.0 (#5220) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-18 14:26:29 -04:00
Jared Snider
f8a072db6a
Add OpaqueKeyExchange feature flag 2025-03-18 13:22:26 -04:00
Alex Morask
87cdb923a5
[PM-17901] Replaced hard-coded Bitwarden Vault URLs (#5458) 
* Replaced hard-coded Bitwarden Vault URLs

* Jared's feedback
 2025-03-18 11:44:36 -04:00
renovate[bot]
43d0f1052b
[deps] Tools: Update MailKit to 4.11.0 (#5515) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-18 14:04:54 +01:00
Todd Martin
d3f8a99fa6
[PM-18175] Remove flag check for 2FA recovery code login (#5513) 
* Remove server-side flagging

* Linting

* Linting.
 2025-03-17 16:20:51 -04:00
Daniel García
a2e93b0cda
Update Opaque to use published version 2025-03-17 19:23:28 +01:00
Ike
abfdf6f5cb
Revert "[PM-18944] Update error response from invalid OTP" (#5504) 
* Revert "[PM-18944] Update error response from invalid OTP (#5485)"

This reverts commit 1b90bfe2a114e73b583100e955e57ac48b9733b9.
 2025-03-17 12:37:34 -04:00
Bernd Schoolmann
ce003e8efc
Add distributed cache support 2025-03-17 14:12:02 +01:00
Ike
b03e3c3b8c
Innovation/pm 18992/add credential table (#5499) 
* feat(OPAQUE-KE): added entity

* innovation(opaque-ke) : inital database changes

* innovation(opaque-ke) : dapper implementation. Key rotation WIP.

* Updating credential repository

* feat : updating service to use repository to save credential

* Fix table creation and make registration work

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
 2025-03-17 13:48:30 +01:00
Patrick Honkonen
27606e2d33
[PM-3553] Feature flag: Mobile SimpleLogin self host alias generation (#5392) 2025-03-14 13:22:22 -04:00
Jared McCannon
488a9847ea
Partial<T> for CommandResult<T> (#5482) 
* Example of how a partial success/failure command result would look.

* Fixed code.

* Added Validator and ValidationResult

* Moved errors into their own files.

* Fixing tests

* fixed import.

* Forgot mock error.
 2025-03-14 12:00:58 -05:00
Alex Morask
7daf6cfad4
[PM-18794] Allow provider payment method (#5500) 
* Add PaymentSource to ProviderSubscriptionResponse

* Add UpdatePaymentMethod to ProviderBillingController

* Add GetTaxInformation to ProviderBillingController

* Add VerifyBankAccount to ProviderBillingController

* Add feature flag
 2025-03-14 11:33:24 -04:00
Bernd Schoolmann
d617004435
Update opaque login with password and update cipherconfig model 2025-03-14 16:22:53 +01:00
Bernd Schoolmann
0b34f09fc7
Add demo authentication and cleanup controller 2025-03-14 14:16:47 +01:00