mirror of
https://github.com/bitwarden/server.git
synced 2025-06-19 18:38:03 -05:00
e8d8914fe2
* Add signing key repositories, models, and sql migration scripts * Rename UserSigningKeys table to UserSigningKey * Rename signedpublickeyownershipclaim to signedpublickey * Move signedPublicKey to last parameter * Add newline at end of file * Rename to signature key pair * Further rename to signaturekeypair * Rename to UserSignatureKeyPairRepository * Add newline * Rename more instances to UserSignatureKeyPair * Update parameter order * Fix order * Add more renames * Cleanup * Fix sql * Add ef migrations * Fix difference in SQL SP compared to migration SP * Fix difference in SQL SP vs migration * Fix difference in SQL SP vs migration * Attempt to fix sql * Rename migration to start later * Address feedback * Move UserSignatureKeyPair to KM codeownership * Fix build * Fix build * Fix build * Move out entitytypeconfiguration * Use view for reading usersignaturekeypairs * Fix migration script * Fix migration script * Add initial get keys endpoint * Add sync response * Cleanup * Add query and fix types * Add tests and cleanup * Fix test * Drop view if exists * Add km queries * Cleanup * Enable nullable * Cleanup * Cleanup * Enable nullable * Fix incorrect namespace * Remove unused using * Fix test build * Fix build error * Fix build * Attempt to fix tests * Attempt to fix tests * Replace with create or alter view * Attempt to fix tests * Attempt to fix build * Rename to include async suffix * Fix test * Rename repo * Attempt to fix tests * Cleanup * Test * Undo test * Fix tests * Fix test * Switch go generatecomb * Switch to generatecomb * Move signature algorithm * Move useresignaturekeypairentitytypeconfiguration to km ownership * Move userSignatureKeyPair model * Unswap file names * Move sql files to km ownership * Add index on userid for signature keys * Fix wrong filename * Fix build * Remove string length limit * Regenerate EF migrations * Undo changes to program.cs * Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update util/Migrator/DbScripts/2025-06-01_00_AddSignatureKeyPairTable.sql Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Rename dbset to plural * Update src/Infrastructure.EntityFramework/KeyManagement/Repositories/UserSignatureKeyPairRepository.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update src/Api/KeyManagement/Controllers/UsersController.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Cleanup and move query to core * Fix test * Fix build * Fix tests * Update src/Api/KeyManagement/Models/Response/PrivateKeysResponseModel.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Switch away from primary constructor * Use argumentNullException * Add test * Pass user account keys directly to profileresponsemodel * Move registration to core * Update src/Api/Startup.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Update src/Api/Startup.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Remove empty line * Apply suggestions * Fix tests * Fix tests --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
232 lines
7.9 KiB
C#
232 lines
7.9 KiB
C#
#nullable enable
|
|
|
|
using Bit.Api.KeyManagement.Queries.Interfaces;
|
|
using Bit.Api.Models.Request;
|
|
using Bit.Api.Models.Request.Accounts;
|
|
using Bit.Api.Models.Response;
|
|
using Bit.Api.Utilities;
|
|
using Bit.Core.Auth.UserFeatures.TwoFactorAuth.Interfaces;
|
|
using Bit.Core.Billing.Models;
|
|
using Bit.Core.Billing.Services;
|
|
using Bit.Core.Exceptions;
|
|
using Bit.Core.Models.Business;
|
|
using Bit.Core.Services;
|
|
using Bit.Core.Settings;
|
|
using Bit.Core.Utilities;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
namespace Bit.Api.Billing.Controllers;
|
|
|
|
[Route("accounts")]
|
|
[Authorize("Application")]
|
|
public class AccountsController(
|
|
IUserService userService,
|
|
ITwoFactorIsEnabledQuery twoFactorIsEnabledQuery,
|
|
IUserAccountKeysQuery userAccountKeysQuery) : Controller
|
|
{
|
|
[HttpPost("premium")]
|
|
public async Task<PaymentResponseModel> PostPremiumAsync(
|
|
PremiumRequestModel model,
|
|
[FromServices] GlobalSettings globalSettings)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
var valid = model.Validate(globalSettings);
|
|
UserLicense? license = null;
|
|
if (valid && globalSettings.SelfHosted)
|
|
{
|
|
license = await ApiHelpers.ReadJsonFileFromBody<UserLicense>(HttpContext, model.License);
|
|
}
|
|
|
|
if (!valid && !globalSettings.SelfHosted && string.IsNullOrWhiteSpace(model.Country))
|
|
{
|
|
throw new BadRequestException("Country is required.");
|
|
}
|
|
|
|
if (!valid || (globalSettings.SelfHosted && license == null))
|
|
{
|
|
throw new BadRequestException("Invalid license.");
|
|
}
|
|
|
|
var result = await userService.SignUpPremiumAsync(user, model.PaymentToken,
|
|
model.PaymentMethodType!.Value, model.AdditionalStorageGb.GetValueOrDefault(0), license,
|
|
new TaxInfo { BillingAddressCountry = model.Country, BillingAddressPostalCode = model.PostalCode });
|
|
|
|
var userTwoFactorEnabled = await twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user);
|
|
var userHasPremiumFromOrganization = await userService.HasPremiumFromOrganization(user);
|
|
var organizationIdsClaimingActiveUser = await GetOrganizationIdsClaimingUserAsync(user.Id);
|
|
var accountKeys = await userAccountKeysQuery.Run(user);
|
|
|
|
var profile = new ProfileResponseModel(user, accountKeys, null, null, null, userTwoFactorEnabled,
|
|
userHasPremiumFromOrganization, organizationIdsClaimingActiveUser);
|
|
return new PaymentResponseModel
|
|
{
|
|
UserProfile = profile,
|
|
PaymentIntentClientSecret = result.Item2,
|
|
Success = result.Item1
|
|
};
|
|
}
|
|
|
|
[HttpGet("subscription")]
|
|
public async Task<SubscriptionResponseModel> GetSubscriptionAsync(
|
|
[FromServices] GlobalSettings globalSettings,
|
|
[FromServices] IPaymentService paymentService)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
if (!globalSettings.SelfHosted && user.Gateway != null)
|
|
{
|
|
var subscriptionInfo = await paymentService.GetSubscriptionAsync(user);
|
|
var license = await userService.GenerateLicenseAsync(user, subscriptionInfo);
|
|
return new SubscriptionResponseModel(user, subscriptionInfo, license);
|
|
}
|
|
else if (!globalSettings.SelfHosted)
|
|
{
|
|
var license = await userService.GenerateLicenseAsync(user);
|
|
return new SubscriptionResponseModel(user, license);
|
|
}
|
|
else
|
|
{
|
|
return new SubscriptionResponseModel(user);
|
|
}
|
|
}
|
|
|
|
[HttpPost("payment")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task PostPaymentAsync([FromBody] PaymentRequestModel model)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
await userService.ReplacePaymentMethodAsync(user, model.PaymentToken, model.PaymentMethodType!.Value,
|
|
new TaxInfo
|
|
{
|
|
BillingAddressLine1 = model.Line1,
|
|
BillingAddressLine2 = model.Line2,
|
|
BillingAddressCity = model.City,
|
|
BillingAddressState = model.State,
|
|
BillingAddressCountry = model.Country,
|
|
BillingAddressPostalCode = model.PostalCode,
|
|
TaxIdNumber = model.TaxId
|
|
});
|
|
}
|
|
|
|
[HttpPost("storage")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task<PaymentResponseModel> PostStorageAsync([FromBody] StorageRequestModel model)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
var result = await userService.AdjustStorageAsync(user, model.StorageGbAdjustment!.Value);
|
|
return new PaymentResponseModel { Success = true, PaymentIntentClientSecret = result };
|
|
}
|
|
|
|
|
|
|
|
[HttpPost("license")]
|
|
[SelfHosted(SelfHostedOnly = true)]
|
|
public async Task PostLicenseAsync(LicenseRequestModel model)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
var license = await ApiHelpers.ReadJsonFileFromBody<UserLicense>(HttpContext, model.License);
|
|
if (license == null)
|
|
{
|
|
throw new BadRequestException("Invalid license");
|
|
}
|
|
|
|
await userService.UpdateLicenseAsync(user, license);
|
|
}
|
|
|
|
[HttpPost("cancel")]
|
|
public async Task PostCancelAsync(
|
|
[FromBody] SubscriptionCancellationRequestModel request,
|
|
[FromServices] ISubscriberService subscriberService)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
await subscriberService.CancelSubscription(user,
|
|
new OffboardingSurveyResponse { UserId = user.Id, Reason = request.Reason, Feedback = request.Feedback },
|
|
user.IsExpired());
|
|
}
|
|
|
|
[HttpPost("reinstate-premium")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task PostReinstateAsync()
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
await userService.ReinstatePremiumAsync(user);
|
|
}
|
|
|
|
[HttpGet("tax")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task<TaxInfoResponseModel> GetTaxInfoAsync(
|
|
[FromServices] IPaymentService paymentService)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
var taxInfo = await paymentService.GetTaxInfoAsync(user);
|
|
return new TaxInfoResponseModel(taxInfo);
|
|
}
|
|
|
|
[HttpPut("tax")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task PutTaxInfoAsync(
|
|
[FromBody] TaxInfoUpdateRequestModel model,
|
|
[FromServices] IPaymentService paymentService)
|
|
{
|
|
var user = await userService.GetUserByPrincipalAsync(User);
|
|
if (user == null)
|
|
{
|
|
throw new UnauthorizedAccessException();
|
|
}
|
|
|
|
var taxInfo = new TaxInfo
|
|
{
|
|
BillingAddressPostalCode = model.PostalCode,
|
|
BillingAddressCountry = model.Country,
|
|
};
|
|
await paymentService.SaveTaxInfoAsync(user, taxInfo);
|
|
}
|
|
|
|
private async Task<IEnumerable<Guid>> GetOrganizationIdsClaimingUserAsync(Guid userId)
|
|
{
|
|
var organizationsClaimingUser = await userService.GetOrganizationsClaimingUserAsync(userId);
|
|
return organizationsClaimingUser.Select(o => o.Id);
|
|
}
|
|
}
|