nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-25 14:52:21 -05:00
Code
4,937 Commits 378 Branches 198 Tags
Commit Graph

3551 Commits

Author SHA1 Message Date
Thomas Rittson
cfd6123974
[Key Connector] Add event logging for first SSO login (#1724) 
* Add null checks to fix logging from SSO controller

* Add FirstSsoLogin event logging
 2021-11-19 07:42:35 +10:00
Oscar Hinton
6008715abc
Add check to ensure admins or owners arn't enrolled in key connector (#1725) 2021-11-18 21:56:13 +01:00
Thomas Rittson
2dc29e51d1
Fix bug preventing user from leaving org (#1721) 2021-11-18 21:15:22 +10:00
Thomas Rittson
9f96e4ce90
Disable EA Takeover if grantor uses Key Connector (#1718) 2021-11-18 07:47:43 +10:00
Oscar Hinton
f866b25e43
Key Connector feature toggle (#1716) 2021-11-17 11:46:35 +01:00
Thomas Rittson
cdb622d4aa
Add ApiUseKeyConnector flag to token response (#1710) 2021-11-16 06:54:28 +10:00
Thomas Rittson
e3143271d7
[Key Connector] Prevent user from leaving org (#1715) 
* Block user from leaving org using Key Connector

* Add tests
 2021-11-15 19:46:13 +10:00
Thomas Rittson
c2975b003d
[Key Connector] Fix policy checks and other pre-reqs (#1711) 
* Require SSO Policy to enable Key Connector

* Require that SSO is enabled to use Key Connector

* Fix error messages

"Key Connector" instead of "KeyConnector"

* Refactor dependent policy checks to handle expansion

* Block disabling Sso Policy if using Key Connector

* Update tests for policies required by Key Connector

* Fix tests

* Add test for Key Connector to require Sso Policy

* Add test: Sso config must be enabled to use Key Connector
 2021-11-15 19:25:10 +10:00
Oscar Hinton
f1c41257b3
Allow disabling key connector if no user is enrolled (#1712) 2021-11-12 14:38:31 +01:00
Kyle Spearrin
77f9f5fe72
remove dynamic names from admin confirm dialogs (#1703) 2021-11-09 12:13:23 -05:00
Kyle Spearrin
327e784336
Added middleware for general security headers (#1700) 2021-11-09 11:37:14 -05:00
Kyle Spearrin
f26a235964
set MaxResponseContentBufferSize to 5 MB (#1702) 2021-11-09 11:32:23 -05:00
Kyle Spearrin
2f0638ce8c
sanitize notification hub tag inputs (#1697) 2021-11-09 11:25:18 -05:00
Kyle Spearrin
fcc1a4e10c
add missing csrf token validation to admin (#1696) 2021-11-09 11:22:08 -05:00
Kyle Spearrin
9582e94232
add ::ffff: to internal ip check (#1701) 
* add ::ffff: to internal ip check

* check StartsWith
 2021-11-09 11:16:54 -05:00
Oscar Hinton
fd37cb5a12
Add support for Key Connector OTP and account migration (#1663) 
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
 2021-11-09 16:37:32 +01:00
Kyle Spearrin
7cc7b84eaf
use fixed-time comparison of secrets (#1698) 2021-11-08 15:55:42 -05:00
Kyle Spearrin
5aa492e886
validate service url schema (#1695) 2021-11-08 11:47:03 -05:00
Oscar Hinton
1aa25f2712
Add checks for vault timeout policy (#1694) 2021-11-08 14:37:40 +01:00
Kyle Spearrin
10c5a29c47
Prevent XSS possibility from SSO SAML Service URLs (#1691) 
* validate sso service urls for HTML meta chars

* also check for double quotes
 2021-11-05 14:49:45 -04:00
Joseph Flinn
68e20fe649
Updating the swashbuckle package in Api (#1685) 2021-11-04 09:29:19 -07:00
Thomas Rittson
0cb8da2fd8
Add Field.LinkedId (#1617) 2021-11-04 07:27:15 +10:00
Thomas Rittson
e57bef6af4
Fix policy enforcement against invited users (#1680) 2021-11-03 07:08:13 +10:00
Justin Baur
4c9d9b248c
Fix bug in TaxInfo (#1682) 
* Fixed bug in TaxInfo

* Added a few more tests to TaxInfoTests

* Added tests for HasTaxId
 2021-11-01 12:13:31 -04:00
Matt Gibson
cb815c2f14
Allow managers to create self-assigned collections (#1672) 2021-10-27 13:06:23 -05:00
Matt Gibson
8f0115e62f
Check canScale when scaling for sso (#1661) 
* Check canScale when scaling for sso

* PR review

Use AutoAddSeats to add seats in a consistent way.
This requires moving user check out of that method.

* User logic moved out of method
 2021-10-25 10:19:37 -05:00
Oscar Hinton
c5d5601464
Add support for crypto agent (#1623) 2021-10-25 15:09:14 +02:00
Daniel James Smith
dea694193f
Add teams trial button to Edit Org Page (#1662) 
* Add teams trial button to Edit Org Page

* Fix formatting
 2021-10-25 14:28:17 +02:00
Vince Grassia
7da15af92f
Add New Relic monitoring package to Notifications project (#1643) 2021-10-22 10:22:25 -04:00
Matt Gibson
5d163eb5bd
Only check assigned collections if lacking privs for all (#1657) 2021-10-20 16:17:40 -05:00
Kyle Spearrin
de3f1005fc
add various status counts to org information (#1647) 2021-10-20 17:10:51 -04:00
Matt Gibson
216395f541
Create collections allows view all access (#1653) 
* Create collections allows view all access

* Add missing permission to read users
 2021-10-20 10:31:17 -05:00
Joseph Flinn
c04c4e6e4a
Bumping the SqlClient version (#1646) 2021-10-19 11:56:05 -07:00
Matt Gibson
5b1d8c723a
Early return default on null user (#1645) 
Clearly, no known device exists for an unknown user.
 2021-10-19 09:48:23 -05:00
Matt Gibson
18006591fc
Add autoscale to SSO auto provision (#1642) 2021-10-19 07:00:44 -05:00
Oscar Hinton
4fee17fdde
Add logic to handle providers password reseting users (#1632) 2021-10-14 17:44:20 +02:00
Oscar Hinton
964e262d44
Simplify development environment setup (#1588) 2021-10-13 19:30:03 +02:00
Matt Gibson
44f30e7948
Remove erroneous not (#1629) 2021-10-11 09:53:19 -05:00
Vince Grassia
fd6cdd019e
Update code to log to Azure Cosmos DB (#1624) 
* Update code to log to Azure Cosmos DB using latest SDK.
 2021-10-11 10:16:19 -04:00
Matt Gibson
8a5a371a8f
Allow bypass of captcha token if the device is known (#1626) 2021-10-08 18:59:35 -05:00
Joseph Flinn
ee7b608a46
revamping the build scripts (#1620) 2021-10-08 09:53:56 -07:00
വചൻ
00312716c2
Update web vault link on mail template (#1606) 
* Update OrganizationUserAccepted.html.hbs

* Update OrganizationUserAccepted.html.hbs

* oops remove extra web vault
 2021-10-07 08:11:59 -05:00
Matt Gibson
5a2d988375
Correct seat counts (#1621) 2021-10-07 08:05:02 -05:00
Oscar Hinton
f63a0711dc
Add some missing defaults to SSO Api (#1619) 2021-10-06 19:36:03 +02:00
Oscar Hinton
79447b6671
Remove Business Portal (#1614) 2021-10-06 10:39:13 +02:00
Matt Gibson
bd297fb7a2
SqlServer split manage collection permission (#1594) 
* SqlServer split manage collection permission

* Clarify names

* Test claims generation

* Test permission serialization

* Simplify claims building

* Use new collections permissions

* Throw on use of deprecated permissions

* Lower case all claims

* Remove todos

* Clean nonexistent project from test solution

* JsonIgnore for both system and newtonsoft json

* Make migrations more robust to multiple runs

* remove duplicate usings

* Remove obsolete permissions

* Test solutions separately to detect failures

* Handle dos line endings

* Fix collections create/update permissions

* Change restore cipher to edit permissions

* Improve formatting

* Simplify map

* Refactor test
 2021-10-05 11:12:05 -05:00
Kyle Spearrin
f58b9fcab4
uncomment to require auth-email header (#1604) 2021-09-30 11:24:29 -04:00
Matt Gibson
9de9be8f20
Only test canScale is an org needs to scale for an invite (#1608) 2021-09-28 15:18:44 -05:00
Oscar Hinton
63c8070b01
Add Stripe Adapter and IBraintreeGateway to DI (#1596) 2021-09-27 23:01:13 +02:00
Thomas Rittson
66629b2f1c
Refactor policy checks (#1536) 
* Move policy checking logic inside PolicyService

* Refactor to use currentContext.ManagePolicies

* Make orgUser status check more semantic

* Fix single org user checks

* Use CoreHelper implementation to deserialize json

* Refactor policy checks to use db query

* Use new db query for enforcing 2FA Policy

* Add Policy_ReadByTypeApplicableToUser

* Stub out EF implementations

* Refactor: use PolicyRepository only

* Refactor tests

* Copy SQL queries to proj and update sqlproj file

* Refactor importCiphersAsync to use new method

* Add EF implementations and tests

* Refactor SQL to remove unnecessary operations
 2021-09-28 06:54:28 +10:00