mirror of
https://github.com/bitwarden/server.git
synced 2025-07-02 00:22:50 -05:00
80740aa4ba
* [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
90 lines
5.7 KiB
C#
90 lines
5.7 KiB
C#
using System.Security.Claims;
|
|
using Bit.Core.Auth.Entities;
|
|
using Bit.Core.Auth.Enums;
|
|
using Bit.Core.Auth.Models;
|
|
using Bit.Core.Entities;
|
|
using Bit.Core.Enums;
|
|
using Bit.Core.Models.Business;
|
|
using Bit.Core.Tools.Entities;
|
|
using Bit.Core.Vault.Entities;
|
|
using Fido2NetLib;
|
|
using Microsoft.AspNetCore.Identity;
|
|
|
|
namespace Bit.Core.Services;
|
|
|
|
public interface IUserService
|
|
{
|
|
Guid? GetProperUserId(ClaimsPrincipal principal);
|
|
Task<User> GetUserByIdAsync(string userId);
|
|
Task<User> GetUserByIdAsync(Guid userId);
|
|
Task<User> GetUserByPrincipalAsync(ClaimsPrincipal principal);
|
|
Task<DateTime> GetAccountRevisionDateByIdAsync(Guid userId);
|
|
Task SaveUserAsync(User user, bool push = false);
|
|
Task<IdentityResult> RegisterUserAsync(User user, string masterPassword, string token, Guid? orgUserId);
|
|
Task<IdentityResult> RegisterUserAsync(User user);
|
|
Task SendMasterPasswordHintAsync(string email);
|
|
Task SendTwoFactorEmailAsync(User user);
|
|
Task<bool> VerifyTwoFactorEmailAsync(User user, string token);
|
|
Task<CredentialCreateOptions> StartWebAuthnRegistrationAsync(User user);
|
|
Task<bool> DeleteWebAuthnKeyAsync(User user, int id);
|
|
Task<bool> CompleteWebAuthRegistrationAsync(User user, int value, string name, AuthenticatorAttestationRawResponse attestationResponse);
|
|
Task<CredentialCreateOptions> StartWebAuthnLoginRegistrationAsync(User user);
|
|
Task<bool> CompleteWebAuthLoginRegistrationAsync(User user, string name, CredentialCreateOptions options, AuthenticatorAttestationRawResponse attestationResponse, bool supportsPrf, string encryptedUserKey = null, string encryptedPublicKey = null, string encryptedPrivateKey = null);
|
|
AssertionOptions StartWebAuthnLoginAssertion();
|
|
Task<(User, WebAuthnCredential)> CompleteWebAuthLoginAssertionAsync(AssertionOptions options, AuthenticatorAssertionRawResponse assertionResponse);
|
|
Task SendEmailVerificationAsync(User user);
|
|
Task<IdentityResult> ConfirmEmailAsync(User user, string token);
|
|
Task InitiateEmailChangeAsync(User user, string newEmail);
|
|
Task<IdentityResult> ChangeEmailAsync(User user, string masterPassword, string newEmail, string newMasterPassword,
|
|
string token, string key);
|
|
Task<IdentityResult> ChangePasswordAsync(User user, string masterPassword, string newMasterPassword, string passwordHint, string key);
|
|
Task<IdentityResult> SetKeyConnectorKeyAsync(User user, string key, string orgIdentifier);
|
|
Task<IdentityResult> ConvertToKeyConnectorAsync(User user);
|
|
Task<IdentityResult> AdminResetPasswordAsync(OrganizationUserType type, Guid orgId, Guid id, string newMasterPassword, string key);
|
|
Task<IdentityResult> UpdateTempPasswordAsync(User user, string newMasterPassword, string key, string hint);
|
|
Task<IdentityResult> ChangeKdfAsync(User user, string masterPassword, string newMasterPassword, string key,
|
|
KdfType kdf, int kdfIterations, int? kdfMemory, int? kdfParallelism);
|
|
Task<IdentityResult> UpdateKeyAsync(User user, string masterPassword, string key, string privateKey,
|
|
IEnumerable<Cipher> ciphers, IEnumerable<Folder> folders, IEnumerable<Send> sends);
|
|
Task<IdentityResult> RefreshSecurityStampAsync(User user, string masterPasswordHash);
|
|
Task UpdateTwoFactorProviderAsync(User user, TwoFactorProviderType type, bool setEnabled = true, bool logEvent = true);
|
|
Task DisableTwoFactorProviderAsync(User user, TwoFactorProviderType type,
|
|
IOrganizationService organizationService);
|
|
Task<bool> RecoverTwoFactorAsync(string email, string masterPassword, string recoveryCode,
|
|
IOrganizationService organizationService);
|
|
Task<string> GenerateUserTokenAsync(User user, string tokenProvider, string purpose);
|
|
Task<IdentityResult> DeleteAsync(User user);
|
|
Task<IdentityResult> DeleteAsync(User user, string token);
|
|
Task SendDeleteConfirmationAsync(string email);
|
|
Task<Tuple<bool, string>> SignUpPremiumAsync(User user, string paymentToken,
|
|
PaymentMethodType paymentMethodType, short additionalStorageGb, UserLicense license,
|
|
TaxInfo taxInfo);
|
|
Task IapCheckAsync(User user, PaymentMethodType paymentMethodType);
|
|
Task UpdateLicenseAsync(User user, UserLicense license);
|
|
Task<string> AdjustStorageAsync(User user, short storageAdjustmentGb);
|
|
Task ReplacePaymentMethodAsync(User user, string paymentToken, PaymentMethodType paymentMethodType, TaxInfo taxInfo);
|
|
Task CancelPremiumAsync(User user, bool? endOfPeriod = null, bool accountDelete = false);
|
|
Task ReinstatePremiumAsync(User user);
|
|
Task EnablePremiumAsync(Guid userId, DateTime? expirationDate);
|
|
Task EnablePremiumAsync(User user, DateTime? expirationDate);
|
|
Task DisablePremiumAsync(Guid userId, DateTime? expirationDate);
|
|
Task DisablePremiumAsync(User user, DateTime? expirationDate);
|
|
Task UpdatePremiumExpirationAsync(Guid userId, DateTime? expirationDate);
|
|
Task<UserLicense> GenerateLicenseAsync(User user, SubscriptionInfo subscriptionInfo = null,
|
|
int? version = null);
|
|
Task<bool> CheckPasswordAsync(User user, string password);
|
|
Task<bool> CanAccessPremium(ITwoFactorProvidersUser user);
|
|
Task<bool> HasPremiumFromOrganization(ITwoFactorProvidersUser user);
|
|
Task<bool> TwoFactorIsEnabledAsync(ITwoFactorProvidersUser user);
|
|
Task<bool> TwoFactorProviderIsEnabledAsync(TwoFactorProviderType provider, ITwoFactorProvidersUser user);
|
|
Task<string> GenerateSignInTokenAsync(User user, string purpose);
|
|
|
|
Task<IdentityResult> UpdatePasswordHash(User user, string newPassword,
|
|
bool validatePassword = true, bool refreshStamp = true);
|
|
Task RotateApiKeyAsync(User user);
|
|
string GetUserName(ClaimsPrincipal principal);
|
|
Task SendOTPAsync(User user);
|
|
Task<bool> VerifyOTPAsync(User user, string token);
|
|
Task<bool> VerifySecretAsync(User user, string secret);
|
|
}
|