nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-23 22:15:10 -05:00
Code
4,371 Commits 377 Branches 198 Tags
Commit Graph

120 Commits

Author SHA1 Message Date
Addison Beck
fefa0e2dea
Dont run custom token logic for org based client_ids explicitly (#992) 
* Dont run custom token logic for org based client_ids explicitly

* org to organization
 2020-11-13 10:07:49 -05:00
Addison Beck
e35faf1335
Performed some null checks (#991) 2020-11-13 08:53:36 -05:00
Addison Beck
25a9991908
Implement User-based API Keys (#981) 
* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
 2020-11-10 15:15:29 -05:00
Vincent Salucci
66e44759f0
[Require SSO] Enterprise policy enforcement (#970) 
* Initial commit of require sso authentication policy enforcement

* Updated sproc to send UseSso flag // Updated base validator to send back error message // Added changes to EntityFramework (just so its there for the future

* Update policy name // adjusted conditional to demorgan's

* Updated sproc // Added migrator script

* Added .sql file extension to DeleteOrgUserWithOrg migrator script

* Added policy // edit // strings // validation to business portal

* Change requests from review // Added Owner & Admin exemption

* Updated repository function used to get org user's type

* Updated with requested changes
 2020-10-26 11:56:16 -05:00
Kyle Spearrin
38728143d8
Added static client store (#899) 2020-08-28 13:32:15 -04:00
Kyle Spearrin
4d8090d75e
Fix 2fa dictionary on identity response (#863) 2020-08-13 16:04:50 -04:00
Kyle Spearrin
004e3c58ee
added more client redirect uris for clis (#849) 2020-08-05 10:53:55 -04:00
Kyle Spearrin
623cd36bd4
upgrade identity server 4 to v4 (#842) 
* upgrade identity server 4 to v4

* remove script ref
 2020-07-30 17:00:13 -04:00
Kyle Spearrin
aa1665065d
add missing RedirectUris (#840) 2020-07-28 22:49:13 -04:00
Kyle Spearrin
5892d52ed5 fix protocol 2020-07-16 08:03:57 -04:00
Kyle Spearrin
0d0c6c7167
sso integrations (#822) 
* stub out hybrid sso

* support for PKCE authorization_code clients

* sso service urls

* sso client key

* abstract request validator

* support for verifying password

* custom AuthorizationCodeStore that does not remove codes

* cleanup

* comment

* created master password

* ResetMasterPassword

* rename Sso client to OidcIdentity

* update env builder

* bitwarden sso project in docker-compose

* sso path in nginx config
 2020-07-16 08:01:39 -04:00
Kyle Spearrin
6bc7a3cdc0
adjust cors origin checks (#800) 
* allow cors from bitwarden.com on cloud

* allow file:// cors for safari extension

* fix missing paren
 2020-06-27 15:08:50 -04:00
Kyle Spearrin
cf70a5e480
set cors policies to only allow web vault origin (#787) 
* set cors policy to only allow web vault

* vault cors policy service
 2020-06-23 18:47:53 -04:00
Chad Scharf
9800b752c0 Changed all C# control flow block statements to include space between keyword and open paren 2020-03-27 14:36:37 -04:00
Kyle Spearrin
a5b809f477 update rolling file settings for LogRollBySizeLimit 2019-11-25 11:40:04 -05:00
Kyle Spearrin
2693ffeab0 include ip in log message. only for self host 2019-11-22 10:23:11 -05:00
Kyle Spearrin
d022517762 login failed log message 2019-11-22 07:30:32 -05:00
Kyle Spearrin
7d47dac65f DisableEmailNewDevice 2019-04-01 08:28:36 -04:00
Kyle Spearrin
6c86996ab3 disable new device emails env variable. 2019-04-01 08:27:37 -04:00
Kyle Spearrin
15cb0ad4c3 implement useapi and apikey 2019-03-02 15:09:33 -05:00
Kyle Spearrin
b6696df055 set secret for dev 2019-02-28 00:03:11 -05:00
Kyle Spearrin
5923b4c9bd org API clients 2019-02-26 17:01:33 -05:00
Kyle Spearrin
b19628c6f8 new device logged in email notification 2019-01-24 22:37:49 -05:00
Kyle Spearrin
951e8f562e email token provider 2018-12-19 22:27:45 -05:00
Kyle Spearrin
ac7c7b5077 move some 2fa logic functions to userService 2018-12-19 10:47:53 -05:00
Kyle Spearrin
7db36e0005 api adjustments for manager role and collections 2018-10-17 14:58:45 -04:00
Kyle Spearrin
d10d25afea add null check 2018-10-13 16:06:54 -04:00
Kyle Spearrin
006cfffab3 new "Challenge" token for U2f 2018-10-10 17:51:38 -04:00
Kyle Spearrin
2562d5a40d reference OrganizationMembership instead 2018-08-31 17:05:27 -04:00
Kyle Spearrin
c41a1e0936 CanAccessPremium checks instead of User.Premium 2018-08-28 16:23:58 -04:00
Kyle Spearrin
030f85278c add internal api resource 2018-08-16 12:22:20 -04:00
Kyle Spearrin
ff01ce5ca7 internal identity authorization 2018-08-15 18:43:26 -04:00
Kyle Spearrin
5eff4c6a40 make web refresh tokens good for 30 days 2018-07-23 19:50:26 -04:00
Kyle Spearrin
ecf75c2a66 add cli client 2018-05-28 09:44:14 -04:00
Kyle Spearrin
e350ef650a dont cycle security token on re-hash 2018-04-17 08:10:17 -04:00
Kyle Spearrin
389512d51e added org duo to 2fa flow 2018-04-03 14:31:33 -04:00
Kyle Spearrin
64277f54f8 token retrieval from header or qs 2018-03-09 11:02:31 -05:00
Kyle Spearrin
87497a5608 update libs 2018-02-21 22:31:33 -05:00
Kyle Spearrin
f61acdd3b9 remove old token retrieval schemes 2018-01-03 14:11:56 -05:00
Kyle Spearrin
9cb1047f2b setup to receive & process event postings 2017-12-04 10:59:07 -05:00
Kyle Spearrin
0662fc2163 log events to various organization indexes as well 2017-12-01 12:14:46 -05:00
Kyle Spearrin
d94c2a8f50 log user events 2017-12-01 10:07:14 -05:00
Kyle Spearrin
f2183246d2 update libs, aspnet core 20, & id server 2.0 2017-10-06 11:38:47 -04:00
Kyle Spearrin
8b947cafaf added licensing apis, refactored some services 2017-08-30 11:23:55 -04:00
Kyle Spearrin
94693ec408 create jobs controller running system tasks 2017-08-17 09:41:23 -04:00
Kyle Spearrin
4585af5a85 validate organization licenses 2017-08-17 00:12:11 -04:00
Kyle Spearrin
b14f6d080e verify and disable premium from license check 2017-08-16 17:08:20 -04:00
Kyle Spearrin
a9b9094b9c refactored logic around remember me token 2017-08-15 08:19:20 -04:00
Kyle Spearrin
0ad76a5487 added installation id to current context. 2017-08-10 15:26:05 -04:00
Kyle Spearrin
e538817eb6 added installations, push scoped tokens, push api 2017-08-10 14:39:11 -04:00