2022-06-29 19:46:41 -04:00
|
|
|
|
using System.Reflection;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using System.Security.Claims;
|
|
|
|
|
|
using System.Security.Cryptography.X509Certificates;
|
2022-07-19 11:58:32 -07:00
|
|
|
|
using AspNetCoreRateLimit;
|
|
|
|
|
|
using AspNetCoreRateLimit.Redis;
|
2022-01-11 10:40:51 +01:00
|
|
|
|
using Bit.Core.Entities;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using Bit.Core.Enums;
|
2022-07-19 11:58:32 -07:00
|
|
|
|
using Bit.Core.HostedServices;
|
2017-05-05 20:57:33 -04:00
|
|
|
|
using Bit.Core.Identity;
|
|
|
|
|
|
using Bit.Core.IdentityServer;
|
2022-01-10 10:58:16 -05:00
|
|
|
|
using Bit.Core.Models.Business.Tokenables;
|
2022-05-10 17:12:09 -04:00
|
|
|
|
using Bit.Core.OrganizationFeatures;
|
2017-05-05 20:57:33 -04:00
|
|
|
|
using Bit.Core.Repositories;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using Bit.Core.Resources;
|
2017-05-05 20:57:33 -04:00
|
|
|
|
using Bit.Core.Services;
|
2021-02-22 15:35:16 -06:00
|
|
|
|
using Bit.Core.Settings;
|
2022-01-10 10:58:16 -05:00
|
|
|
|
using Bit.Core.Tokens;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using Bit.Core.Utilities;
|
2022-01-11 10:40:51 +01:00
|
|
|
|
using Bit.Infrastructure.Dapper;
|
|
|
|
|
|
using Bit.Infrastructure.EntityFramework;
|
2017-06-06 23:19:42 -04:00
|
|
|
|
using IdentityModel;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using IdentityServer4.AccessTokenValidation;
|
|
|
|
|
|
using IdentityServer4.Configuration;
|
|
|
|
|
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
|
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
2017-07-21 12:53:26 -04:00
|
|
|
|
using Microsoft.AspNetCore.Builder;
|
2017-05-05 20:57:33 -04:00
|
|
|
|
using Microsoft.AspNetCore.DataProtection;
|
|
|
|
|
|
using Microsoft.AspNetCore.Hosting;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using Microsoft.AspNetCore.Http;
|
|
|
|
|
|
using Microsoft.AspNetCore.HttpOverrides;
|
2017-05-05 20:57:33 -04:00
|
|
|
|
using Microsoft.AspNetCore.Identity;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using Microsoft.AspNetCore.Mvc.Localization;
|
2022-07-19 11:58:32 -07:00
|
|
|
|
using Microsoft.Extensions.Caching.Distributed;
|
|
|
|
|
|
using Microsoft.Extensions.Caching.StackExchangeRedis;
|
2017-05-05 20:57:33 -04:00
|
|
|
|
using Microsoft.Extensions.Configuration;
|
|
|
|
|
|
using Microsoft.Extensions.DependencyInjection;
|
2021-01-11 11:03:46 -05:00
|
|
|
|
using Microsoft.Extensions.DependencyInjection.Extensions;
|
|
|
|
|
|
using Microsoft.Extensions.Hosting;
|
|
|
|
|
|
using Microsoft.Extensions.Options;
|
|
|
|
|
|
using Serilog.Context;
|
2022-07-19 11:58:32 -07:00
|
|
|
|
using StackExchange.Redis;
|
2019-03-19 00:39:03 -04:00
|
|
|
|
using NoopRepos = Bit.Core.Repositories.Noop;
|
2022-07-19 11:58:32 -07:00
|
|
|
|
using Role = Bit.Core.Entities.Role;
|
2017-12-08 16:03:20 -05:00
|
|
|
|
using TableStorageRepos = Bit.Core.Repositories.TableStorage;
|
2017-05-05 20:57:33 -04:00
|
|
|
|
|
2022-01-11 10:40:51 +01:00
|
|
|
|
namespace Bit.SharedWeb.Utilities;
|
2022-08-29 14:53:16 -04:00
|
|
|
|
|
2022-01-11 10:40:51 +01:00
|
|
|
|
public static class ServiceCollectionExtensions
|
2017-05-05 20:57:33 -04:00
|
|
|
|
{
|
|
|
|
|
|
public static void AddSqlServerRepositories(this IServiceCollection services, GlobalSettings globalSettings)
|
|
|
|
|
|
{
|
2017-12-01 09:22:04 -05:00
|
|
|
|
var selectedDatabaseProvider = globalSettings.DatabaseProvider;
|
|
|
|
|
|
var provider = SupportedDatabaseProviders.SqlServer;
|
|
|
|
|
|
var connectionString = string.Empty;
|
|
|
|
|
|
if (!string.IsNullOrWhiteSpace(selectedDatabaseProvider))
|
2017-05-05 20:57:33 -04:00
|
|
|
|
{
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
switch (selectedDatabaseProvider.ToLowerInvariant())
|
|
|
|
|
|
{
|
|
|
|
|
|
case "postgres":
|
|
|
|
|
|
case "postgresql":
|
|
|
|
|
|
provider = SupportedDatabaseProviders.Postgres;
|
|
|
|
|
|
connectionString = globalSettings.PostgreSql.ConnectionString;
|
|
|
|
|
|
break;
|
|
|
|
|
|
case "mysql":
|
|
|
|
|
|
case "mariadb":
|
|
|
|
|
|
provider = SupportedDatabaseProviders.MySql;
|
|
|
|
|
|
connectionString = globalSettings.MySql.ConnectionString;
|
|
|
|
|
|
break;
|
|
|
|
|
|
default:
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
|
|
|
|
|
|
var useEf = (provider != SupportedDatabaseProviders.SqlServer);
|
2020-01-10 08:33:13 -05:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (useEf)
|
2019-01-15 22:07:13 -05:00
|
|
|
|
{
|
2022-01-11 10:40:51 +01:00
|
|
|
|
services.AddEFRepositories(globalSettings.SelfHosted, connectionString, provider);
|
2019-01-15 22:07:13 -05:00
|
|
|
|
}
|
2017-12-01 09:22:04 -05:00
|
|
|
|
else
|
|
|
|
|
|
{
|
2019-03-19 00:39:03 -04:00
|
|
|
|
services.AddDapperRepositories(globalSettings.SelfHosted);
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-05-10 17:12:09 -04:00
|
|
|
|
if (globalSettings.SelfHosted)
|
2022-01-10 10:58:16 -05:00
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IInstallationDeviceRepository, NoopRepos.InstallationDeviceRepository>();
|
|
|
|
|
|
services.AddSingleton<IMetaDataRepository, NoopRepos.MetaDataRepository>();
|
|
|
|
|
|
}
|
2021-09-27 23:01:13 +02:00
|
|
|
|
else
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2019-02-08 23:53:09 -05:00
|
|
|
|
services.AddSingleton<IEventRepository, TableStorageRepos.EventRepository>();
|
2019-06-13 00:10:37 -04:00
|
|
|
|
services.AddSingleton<IInstallationDeviceRepository, TableStorageRepos.InstallationDeviceRepository>();
|
|
|
|
|
|
services.AddSingleton<IMetaDataRepository, TableStorageRepos.MetaDataRepository>();
|
2021-05-13 15:18:42 -04:00
|
|
|
|
}
|
2017-08-08 17:27:01 -04:00
|
|
|
|
}
|
2017-08-07 16:31:00 -04:00
|
|
|
|
|
2018-08-02 17:23:37 -04:00
|
|
|
|
public static void AddBaseServices(this IServiceCollection services, IGlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-08-02 17:23:37 -04:00
|
|
|
|
services.AddScoped<ICipherService, CipherService>();
|
|
|
|
|
|
services.AddScoped<IUserService, UserService>();
|
|
|
|
|
|
services.AddOrganizationServices(globalSettings);
|
|
|
|
|
|
services.AddScoped<ICollectionService, CollectionService>();
|
2017-08-11 10:04:59 -04:00
|
|
|
|
services.AddScoped<IGroupService, GroupService>();
|
|
|
|
|
|
services.AddScoped<IPolicyService, PolicyService>();
|
2020-03-27 14:36:37 -04:00
|
|
|
|
services.AddScoped<IEventService, EventService>();
|
2020-12-16 20:36:47 +01:00
|
|
|
|
services.AddScoped<IEmergencyAccessService, EmergencyAccessService>();
|
2017-08-08 17:27:01 -04:00
|
|
|
|
services.AddSingleton<IDeviceService, DeviceService>();
|
2017-08-11 10:04:59 -04:00
|
|
|
|
services.AddSingleton<IAppleIapService, AppleIapService>();
|
|
|
|
|
|
services.AddScoped<ISsoConfigService, SsoConfigService>();
|
|
|
|
|
|
services.AddScoped<ISendService, SendService>();
|
|
|
|
|
|
}
|
2017-08-08 17:27:01 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
public static void AddTokenizers(this IServiceCollection services)
|
2017-08-07 16:31:00 -04:00
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IDataProtectorTokenFactory<EmergencyAccessInviteTokenable>>(serviceProvider =>
|
2022-01-10 10:58:16 -05:00
|
|
|
|
new DataProtectorTokenFactory<EmergencyAccessInviteTokenable>(
|
2017-08-07 16:31:00 -04:00
|
|
|
|
EmergencyAccessInviteTokenable.ClearTextPrefix,
|
2020-03-27 14:36:37 -04:00
|
|
|
|
EmergencyAccessInviteTokenable.DataProtectorPurpose,
|
|
|
|
|
|
serviceProvider.GetDataProtectionProvider())
|
2019-03-18 16:23:37 -04:00
|
|
|
|
);
|
|
|
|
|
|
services.AddSingleton<IDataProtectorTokenFactory<HCaptchaTokenable>>(serviceProvider =>
|
2022-01-10 10:58:16 -05:00
|
|
|
|
new DataProtectorTokenFactory<HCaptchaTokenable>(
|
|
|
|
|
|
HCaptchaTokenable.ClearTextPrefix,
|
2019-03-18 16:23:37 -04:00
|
|
|
|
HCaptchaTokenable.DataProtectorPurpose,
|
|
|
|
|
|
serviceProvider.GetDataProtectionProvider())
|
2017-08-07 16:31:00 -04:00
|
|
|
|
);
|
|
|
|
|
|
services.AddSingleton<IDataProtectorTokenFactory<SsoTokenable>>(serviceProvider =>
|
|
|
|
|
|
new DataProtectorTokenFactory<SsoTokenable>(
|
2022-06-01 13:23:52 -04:00
|
|
|
|
SsoTokenable.ClearTextPrefix,
|
2017-08-07 16:31:00 -04:00
|
|
|
|
SsoTokenable.DataProtectorPurpose,
|
|
|
|
|
|
serviceProvider.GetDataProtectionProvider()));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
public static void AddDefaultServices(this IServiceCollection services, GlobalSettings globalSettings)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Required for UserService
|
|
|
|
|
|
services.AddWebAuthn(globalSettings);
|
|
|
|
|
|
// Required for HTTP calls
|
|
|
|
|
|
services.AddHttpClient();
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
services.AddSingleton<IStripeAdapter, StripeAdapter>();
|
2017-12-08 16:03:20 -05:00
|
|
|
|
services.AddSingleton<Braintree.IBraintreeGateway>((serviceProvider) =>
|
|
|
|
|
|
{
|
|
|
|
|
|
return new Braintree.BraintreeGateway
|
|
|
|
|
|
{
|
2021-09-27 23:01:13 +02:00
|
|
|
|
Environment = globalSettings.Braintree.Production ?
|
|
|
|
|
|
Braintree.Environment.PRODUCTION : Braintree.Environment.SANDBOX,
|
|
|
|
|
|
MerchantId = globalSettings.Braintree.MerchantId,
|
|
|
|
|
|
PublicKey = globalSettings.Braintree.PublicKey,
|
2017-12-08 16:03:20 -05:00
|
|
|
|
PrivateKey = globalSettings.Braintree.PrivateKey
|
2022-08-29 14:53:16 -04:00
|
|
|
|
};
|
|
|
|
|
|
});
|
2017-12-08 16:03:20 -05:00
|
|
|
|
services.AddSingleton<IPaymentService, StripePaymentService>();
|
|
|
|
|
|
services.AddSingleton<IStripeSyncService, StripeSyncService>();
|
2018-08-03 23:04:47 -04:00
|
|
|
|
services.AddSingleton<IMailService, HandlebarsMailService>();
|
2017-08-22 15:27:29 -04:00
|
|
|
|
services.AddSingleton<ILicensingService, LicensingService>();
|
2022-01-10 10:58:16 -05:00
|
|
|
|
services.AddTokenizers();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (CoreHelpers.SettingHasValue(globalSettings.ServiceBus.ConnectionString) &&
|
2017-12-08 16:03:20 -05:00
|
|
|
|
CoreHelpers.SettingHasValue(globalSettings.ServiceBus.ApplicationCacheTopicName))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-06-16 12:47:41 -04:00
|
|
|
|
services.AddSingleton<IApplicationCacheService, InMemoryServiceBusApplicationCacheService>();
|
2017-12-08 16:03:20 -05:00
|
|
|
|
}
|
2022-08-29 14:53:16 -04:00
|
|
|
|
else
|
|
|
|
|
|
{
|
2021-06-16 12:47:41 -04:00
|
|
|
|
services.AddSingleton<IApplicationCacheService, InMemoryApplicationCacheService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2017-12-04 12:17:26 -05:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
var awsConfigured = CoreHelpers.SettingHasValue(globalSettings.Amazon?.AccessKeySecret);
|
|
|
|
|
|
if (awsConfigured && CoreHelpers.SettingHasValue(globalSettings.Mail?.SendGridApiKey))
|
2017-08-07 16:31:00 -04:00
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IMailDeliveryService, MultiServiceMailDeliveryService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2017-08-07 16:31:00 -04:00
|
|
|
|
else if (awsConfigured)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-08-07 16:31:00 -04:00
|
|
|
|
services.AddSingleton<IMailDeliveryService, AmazonSesMailDeliveryService>();
|
|
|
|
|
|
}
|
2020-03-27 14:36:37 -04:00
|
|
|
|
else if (CoreHelpers.SettingHasValue(globalSettings.Mail?.Smtp?.Host))
|
2017-08-08 17:27:01 -04:00
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IMailDeliveryService, MailKitSmtpMailDeliveryService>();
|
|
|
|
|
|
}
|
2017-08-07 16:31:00 -04:00
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IMailDeliveryService, NoopMailDeliveryService>();
|
|
|
|
|
|
}
|
2020-07-07 12:01:34 -04:00
|
|
|
|
|
2020-11-02 15:55:49 -05:00
|
|
|
|
services.AddSingleton<IPushNotificationService, MultiServicePushNotificationService>();
|
|
|
|
|
|
if (globalSettings.SelfHosted &&
|
|
|
|
|
|
CoreHelpers.SettingHasValue(globalSettings.PushRelayBaseUri) &&
|
2017-08-11 10:04:59 -04:00
|
|
|
|
globalSettings.Installation?.Id != null &&
|
2020-11-02 15:55:49 -05:00
|
|
|
|
CoreHelpers.SettingHasValue(globalSettings.Installation?.Key))
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IPushRegistrationService, RelayPushRegistrationService>();
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (!globalSettings.SelfHosted)
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IPushRegistrationService, NotificationHubPushRegistrationService>();
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IPushRegistrationService, NoopPushRegistrationService>();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-07-07 12:01:34 -04:00
|
|
|
|
if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Storage?.ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IBlockIpService, AzureQueueBlockIpService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2020-07-07 12:01:34 -04:00
|
|
|
|
else if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Amazon?.AccessKeySecret))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-05-05 20:57:33 -04:00
|
|
|
|
services.AddSingleton<IBlockIpService, AmazonSqsBlockIpService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
2020-07-07 12:01:34 -04:00
|
|
|
|
services.AddSingleton<IBlockIpService, NoopBlockIpService>();
|
|
|
|
|
|
}
|
2021-06-16 12:47:41 -04:00
|
|
|
|
|
2021-07-21 13:42:06 -05:00
|
|
|
|
if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Mail.ConnectionString))
|
2021-06-16 12:47:41 -04:00
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IMailEnqueuingService, AzureQueueMailService>();
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IMailEnqueuingService, BlockingMailEnqueuingService>();
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-06-30 09:35:26 +02:00
|
|
|
|
if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Events.ConnectionString))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-06-30 09:35:26 +02:00
|
|
|
|
services.AddSingleton<IEventWriteService, AzureQueueEventWriteService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2020-03-27 14:36:37 -04:00
|
|
|
|
else if (globalSettings.SelfHosted)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-06-30 09:35:26 +02:00
|
|
|
|
services.AddSingleton<IEventWriteService, RepositoryEventWriteService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
else
|
2021-06-30 09:35:26 +02:00
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IEventWriteService, NoopEventWriteService>();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-05 20:57:33 -04:00
|
|
|
|
if (CoreHelpers.SettingHasValue(globalSettings.Attachment.ConnectionString))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-05-05 20:57:33 -04:00
|
|
|
|
services.AddSingleton<IAttachmentStorageService, AzureAttachmentStorageService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2017-05-05 20:57:33 -04:00
|
|
|
|
else if (CoreHelpers.SettingHasValue(globalSettings.Attachment.BaseDirectory))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-05-05 20:57:33 -04:00
|
|
|
|
services.AddSingleton<IAttachmentStorageService, LocalAttachmentStorageService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
else
|
2017-05-05 20:57:33 -04:00
|
|
|
|
{
|
2017-06-15 15:34:12 -04:00
|
|
|
|
services.AddSingleton<IAttachmentStorageService, NoopAttachmentStorageService>();
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (CoreHelpers.SettingHasValue(globalSettings.Send.ConnectionString))
|
|
|
|
|
|
{
|
2018-04-03 14:31:33 -04:00
|
|
|
|
services.AddSingleton<ISendFileStorageService, AzureSendFileStorageService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2018-04-03 14:31:33 -04:00
|
|
|
|
else if (CoreHelpers.SettingHasValue(globalSettings.Send.BaseDirectory))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-04-03 14:31:33 -04:00
|
|
|
|
services.AddSingleton<ISendFileStorageService, LocalSendStorageService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2018-09-12 00:15:59 -04:00
|
|
|
|
else
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-06-23 10:08:29 -04:00
|
|
|
|
services.AddSingleton<ISendFileStorageService, NoopSendFileStorageService>();
|
|
|
|
|
|
}
|
2018-09-12 10:35:05 -04:00
|
|
|
|
|
2018-09-12 00:15:59 -04:00
|
|
|
|
if (globalSettings.SelfHosted)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-09-12 00:15:59 -04:00
|
|
|
|
services.AddSingleton<IReferenceEventService, NoopReferenceEventService>();
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddSingleton<IReferenceEventService, AzureQueueReferenceEventService>();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-09-12 00:15:59 -04:00
|
|
|
|
if (CoreHelpers.SettingHasValue(globalSettings.Captcha?.HCaptchaSecretKey) &&
|
|
|
|
|
|
CoreHelpers.SettingHasValue(globalSettings.Captcha?.HCaptchaSiteKey))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-09-12 00:15:59 -04:00
|
|
|
|
services.AddSingleton<ICaptchaValidationService, HCaptchaValidationService>();
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
2018-09-12 00:15:59 -04:00
|
|
|
|
else
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-09-12 00:15:59 -04:00
|
|
|
|
services.AddSingleton<ICaptchaValidationService, NoopCaptchaValidationService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2018-03-21 14:26:49 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-09-12 10:35:05 -04:00
|
|
|
|
public static void AddOosServices(this IServiceCollection services)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-03-21 14:26:49 -04:00
|
|
|
|
services.AddScoped<IProviderService, NoopProviderService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2018-03-21 14:26:49 -04:00
|
|
|
|
|
2018-09-12 10:35:05 -04:00
|
|
|
|
public static void AddNoopServices(this IServiceCollection services)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-05-05 20:57:33 -04:00
|
|
|
|
services.AddSingleton<IMailService, NoopMailService>();
|
2018-09-12 10:35:05 -04:00
|
|
|
|
services.AddSingleton<IMailDeliveryService, NoopMailDeliveryService>();
|
2017-05-26 09:44:54 -04:00
|
|
|
|
services.AddSingleton<IPushNotificationService, NoopPushNotificationService>();
|
2017-05-05 20:57:33 -04:00
|
|
|
|
services.AddSingleton<IBlockIpService, NoopBlockIpService>();
|
2018-09-12 10:35:05 -04:00
|
|
|
|
services.AddSingleton<IPushRegistrationService, NoopPushRegistrationService>();
|
|
|
|
|
|
services.AddSingleton<IAttachmentStorageService, NoopAttachmentStorageService>();
|
2017-08-11 22:55:25 -04:00
|
|
|
|
services.AddSingleton<ILicensingService, NoopLicensingService>();
|
2018-09-12 10:35:05 -04:00
|
|
|
|
services.AddSingleton<IEventWriteService, NoopEventWriteService>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2018-09-12 10:35:05 -04:00
|
|
|
|
|
2018-03-21 14:26:49 -04:00
|
|
|
|
public static IdentityBuilder AddCustomIdentityServices(
|
|
|
|
|
|
this IServiceCollection services, GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-03-21 14:26:49 -04:00
|
|
|
|
services.AddSingleton<IOrganizationDuoWebTokenProvider, OrganizationDuoWebTokenProvider>();
|
|
|
|
|
|
services.Configure<PasswordHasherOptions>(options => options.IterationCount = 100000);
|
|
|
|
|
|
services.Configure<TwoFactorRememberTokenProviderOptions>(options =>
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-03-21 14:26:49 -04:00
|
|
|
|
options.TokenLifespan = TimeSpan.FromDays(30);
|
2022-08-29 14:53:16 -04:00
|
|
|
|
});
|
2018-03-21 14:26:49 -04:00
|
|
|
|
|
|
|
|
|
|
var identityBuilder = services.AddIdentityWithoutCookieAuth<User, Role>(options =>
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-03-21 14:26:49 -04:00
|
|
|
|
options.User = new UserOptions
|
|
|
|
|
|
{
|
2017-05-05 20:57:33 -04:00
|
|
|
|
RequireUniqueEmail = true,
|
2018-03-21 14:26:49 -04:00
|
|
|
|
AllowedUserNameCharacters = null // all
|
|
|
|
|
|
};
|
|
|
|
|
|
options.Password = new PasswordOptions
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-03-21 14:26:49 -04:00
|
|
|
|
RequireDigit = false,
|
|
|
|
|
|
RequireLowercase = false,
|
|
|
|
|
|
RequiredLength = 8,
|
|
|
|
|
|
RequireNonAlphanumeric = false,
|
2017-05-05 20:57:33 -04:00
|
|
|
|
RequireUppercase = false
|
2018-03-28 10:38:01 -04:00
|
|
|
|
};
|
|
|
|
|
|
options.ClaimsIdentity = new ClaimsIdentityOptions
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-03-21 14:26:49 -04:00
|
|
|
|
SecurityStampClaimType = "sstamp",
|
|
|
|
|
|
UserNameClaimType = JwtClaimTypes.Email,
|
|
|
|
|
|
UserIdClaimType = JwtClaimTypes.Subject
|
2022-08-29 14:53:16 -04:00
|
|
|
|
};
|
2018-03-21 14:26:49 -04:00
|
|
|
|
options.Tokens.ChangeEmailTokenProvider = TokenOptions.DefaultEmailProvider;
|
2020-01-13 12:03:10 -05:00
|
|
|
|
});
|
2022-08-29 14:53:16 -04:00
|
|
|
|
|
2020-01-13 12:03:10 -05:00
|
|
|
|
identityBuilder
|
2018-03-21 14:26:49 -04:00
|
|
|
|
.AddUserStore<UserStore>()
|
2020-01-13 12:03:10 -05:00
|
|
|
|
.AddRoleStore<RoleStore>()
|
|
|
|
|
|
.AddTokenProvider<DataProtectorTokenProvider<User>>(TokenOptions.DefaultProvider)
|
2018-12-19 22:27:45 -05:00
|
|
|
|
.AddTokenProvider<AuthenticatorTokenProvider>(
|
2020-01-13 12:03:10 -05:00
|
|
|
|
CoreHelpers.CustomProviderName(TwoFactorProviderType.Authenticator))
|
2018-12-19 22:27:45 -05:00
|
|
|
|
.AddTokenProvider<EmailTokenProvider>(
|
2020-01-13 12:03:10 -05:00
|
|
|
|
CoreHelpers.CustomProviderName(TwoFactorProviderType.Email))
|
2018-03-21 14:26:49 -04:00
|
|
|
|
.AddTokenProvider<YubicoOtpTokenProvider>(
|
|
|
|
|
|
CoreHelpers.CustomProviderName(TwoFactorProviderType.YubiKey))
|
2018-12-19 22:27:45 -05:00
|
|
|
|
.AddTokenProvider<DuoWebTokenProvider>(
|
|
|
|
|
|
CoreHelpers.CustomProviderName(TwoFactorProviderType.Duo))
|
|
|
|
|
|
.AddTokenProvider<TwoFactorRememberTokenProvider>(
|
2018-03-21 14:26:49 -04:00
|
|
|
|
CoreHelpers.CustomProviderName(TwoFactorProviderType.Remember))
|
|
|
|
|
|
.AddTokenProvider<EmailTokenProvider<User>>(TokenOptions.DefaultEmailProvider)
|
2021-03-22 23:21:43 +01:00
|
|
|
|
.AddTokenProvider<WebAuthnTokenProvider>(
|
|
|
|
|
|
CoreHelpers.CustomProviderName(TwoFactorProviderType.WebAuthn));
|
2022-08-29 14:53:16 -04:00
|
|
|
|
|
2018-03-21 14:26:49 -04:00
|
|
|
|
return identityBuilder;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-09-12 10:35:05 -04:00
|
|
|
|
public static Tuple<IdentityBuilder, IdentityBuilder> AddPasswordlessIdentityServices<TUserStore>(
|
|
|
|
|
|
this IServiceCollection services, GlobalSettings globalSettings) where TUserStore : class
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-09-12 10:35:05 -04:00
|
|
|
|
services.TryAddTransient<ILookupNormalizer, LowerInvariantLookupNormalizer>();
|
|
|
|
|
|
services.Configure<DataProtectionTokenProviderOptions>(options =>
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-03-21 14:26:49 -04:00
|
|
|
|
options.TokenLifespan = TimeSpan.FromMinutes(15);
|
2022-08-29 14:53:16 -04:00
|
|
|
|
});
|
|
|
|
|
|
|
2018-09-12 10:35:05 -04:00
|
|
|
|
var passwordlessIdentityBuilder = services.AddIdentity<IdentityUser, Role>()
|
2018-03-21 14:26:49 -04:00
|
|
|
|
.AddUserStore<TUserStore>()
|
|
|
|
|
|
.AddRoleStore<RoleStore>()
|
2018-09-12 10:35:05 -04:00
|
|
|
|
.AddDefaultTokenProviders();
|
2018-03-21 14:26:49 -04:00
|
|
|
|
|
2018-08-15 09:26:19 -04:00
|
|
|
|
var regularIdentityBuilder = services.AddIdentityCore<User>()
|
2020-01-10 08:33:13 -05:00
|
|
|
|
.AddUserStore<UserStore>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
|
2020-01-10 08:33:13 -05:00
|
|
|
|
services.TryAddScoped<PasswordlessSignInManager<IdentityUser>, PasswordlessSignInManager<IdentityUser>>();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
|
2018-08-15 18:43:26 -04:00
|
|
|
|
services.ConfigureApplicationCookie(options =>
|
2018-08-15 09:26:19 -04:00
|
|
|
|
{
|
|
|
|
|
|
options.LoginPath = "/login";
|
|
|
|
|
|
options.LogoutPath = "/";
|
|
|
|
|
|
options.AccessDeniedPath = "/login?accessDenied=true";
|
|
|
|
|
|
options.Cookie.Name = $"Bitwarden_{globalSettings.ProjectName}";
|
|
|
|
|
|
options.Cookie.HttpOnly = true;
|
|
|
|
|
|
options.ExpireTimeSpan = TimeSpan.FromDays(2);
|
|
|
|
|
|
options.ReturnUrlParameter = "returnUrl";
|
|
|
|
|
|
options.SlidingExpiration = true;
|
2022-08-29 14:53:16 -04:00
|
|
|
|
});
|
|
|
|
|
|
|
2018-08-15 09:26:19 -04:00
|
|
|
|
return new Tuple<IdentityBuilder, IdentityBuilder>(passwordlessIdentityBuilder, regularIdentityBuilder);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-01-11 11:03:46 -05:00
|
|
|
|
public static void AddIdentityAuthenticationServices(
|
2020-03-27 14:36:37 -04:00
|
|
|
|
this IServiceCollection services, GlobalSettings globalSettings, IWebHostEnvironment environment,
|
|
|
|
|
|
Action<AuthorizationOptions> addAuthorization)
|
2018-08-15 09:26:19 -04:00
|
|
|
|
{
|
2018-08-15 18:43:26 -04:00
|
|
|
|
services
|
|
|
|
|
|
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
|
|
|
|
|
|
.AddIdentityServerAuthentication(options =>
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-08-15 18:43:26 -04:00
|
|
|
|
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
|
|
|
|
|
|
options.RequireHttpsMetadata = !environment.IsDevelopment() &&
|
2018-08-15 09:26:19 -04:00
|
|
|
|
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
|
2018-08-15 18:43:26 -04:00
|
|
|
|
options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
|
2018-08-15 09:26:19 -04:00
|
|
|
|
options.NameClaimType = ClaimTypes.Email;
|
|
|
|
|
|
options.SupportedTokens = SupportedTokens.Jwt;
|
2018-08-15 18:43:26 -04:00
|
|
|
|
});
|
2019-02-26 17:01:06 -05:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (addAuthorization != null)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
services.AddAuthorization(config =>
|
2019-02-26 17:01:06 -05:00
|
|
|
|
{
|
|
|
|
|
|
addAuthorization.Invoke(config);
|
|
|
|
|
|
});
|
2018-08-15 09:26:19 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-01-10 08:33:13 -05:00
|
|
|
|
if (environment.IsDevelopment())
|
2017-05-05 20:57:33 -04:00
|
|
|
|
{
|
2021-12-22 19:47:35 +01:00
|
|
|
|
Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2020-07-16 08:01:39 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static void AddCustomDataProtectionServices(
|
|
|
|
|
|
this IServiceCollection services, IWebHostEnvironment env, GlobalSettings globalSettings)
|
|
|
|
|
|
{
|
|
|
|
|
|
var builder = services.AddDataProtection(options => options.ApplicationDiscriminator = "Bitwarden");
|
|
|
|
|
|
if (env.IsDevelopment())
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2020-07-16 08:01:39 -04:00
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.DataProtection.Directory))
|
|
|
|
|
|
{
|
2021-12-22 19:47:35 +01:00
|
|
|
|
builder.PersistKeysToFileSystem(new DirectoryInfo(globalSettings.DataProtection.Directory));
|
2020-07-16 08:01:39 -04:00
|
|
|
|
}
|
2017-05-05 20:57:33 -04:00
|
|
|
|
|
2020-07-16 08:01:39 -04:00
|
|
|
|
if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Storage?.ConnectionString))
|
|
|
|
|
|
{
|
2020-08-25 13:15:59 -04:00
|
|
|
|
X509Certificate2 dataProtectionCert = null;
|
|
|
|
|
|
if (CoreHelpers.SettingHasValue(globalSettings.DataProtection.CertificateThumbprint))
|
2017-05-05 20:57:33 -04:00
|
|
|
|
{
|
2020-08-25 13:15:59 -04:00
|
|
|
|
dataProtectionCert = CoreHelpers.GetCertificate(
|
|
|
|
|
|
globalSettings.DataProtection.CertificateThumbprint);
|
2019-07-10 20:05:07 -04:00
|
|
|
|
}
|
2020-08-21 11:58:22 -04:00
|
|
|
|
else if (CoreHelpers.SettingHasValue(globalSettings.DataProtection.CertificatePassword))
|
|
|
|
|
|
{
|
|
|
|
|
|
dataProtectionCert = CoreHelpers.GetBlobCertificateAsync(globalSettings.Storage.ConnectionString, "certificates",
|
|
|
|
|
|
"dataprotection.pfx", globalSettings.DataProtection.CertificatePassword)
|
|
|
|
|
|
.GetAwaiter().GetResult();
|
|
|
|
|
|
}
|
2017-08-07 16:31:00 -04:00
|
|
|
|
//TODO djsmith85 Check if this is the correct container name
|
|
|
|
|
|
builder
|
|
|
|
|
|
.PersistKeysToAzureBlobStorage(globalSettings.Storage.ConnectionString, "aspnet-dataprotection", "keys.xml")
|
|
|
|
|
|
.ProtectKeysWithCertificate(dataProtectionCert);
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2017-05-05 20:57:33 -04:00
|
|
|
|
|
|
|
|
|
|
public static IIdentityServerBuilder AddIdentityServerCertificate(
|
|
|
|
|
|
this IIdentityServerBuilder identityServerBuilder, IWebHostEnvironment env, GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2022-03-21 18:13:00 -04:00
|
|
|
|
var certificate = CoreHelpers.GetIdentityServerCertificate(globalSettings);
|
|
|
|
|
|
if (certificate != null)
|
2017-05-05 20:57:33 -04:00
|
|
|
|
{
|
2017-10-19 00:08:09 -04:00
|
|
|
|
identityServerBuilder.AddSigningCredential(certificate);
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2017-10-19 00:08:09 -04:00
|
|
|
|
else if (env.IsDevelopment())
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-10-19 00:08:09 -04:00
|
|
|
|
identityServerBuilder.AddDeveloperSigningCredential(false);
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
2017-10-19 00:08:09 -04:00
|
|
|
|
throw new Exception("No identity certificate to use.");
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2017-10-19 00:08:09 -04:00
|
|
|
|
return identityServerBuilder;
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2022-03-21 18:13:00 -04:00
|
|
|
|
|
|
|
|
|
|
public static GlobalSettings AddGlobalSettingsServices(this IServiceCollection services,
|
|
|
|
|
|
IConfiguration configuration, IWebHostEnvironment environment)
|
|
|
|
|
|
{
|
|
|
|
|
|
var globalSettings = new GlobalSettings();
|
|
|
|
|
|
ConfigurationBinder.Bind(configuration.GetSection("GlobalSettings"), globalSettings);
|
|
|
|
|
|
|
2017-05-05 20:57:33 -04:00
|
|
|
|
if (environment.IsDevelopment() && configuration.GetValue<bool>("developSelfHosted"))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-05-05 20:57:33 -04:00
|
|
|
|
// Override settings with selfHostedOverride settings
|
2021-02-25 07:00:28 -06:00
|
|
|
|
ConfigurationBinder.Bind(configuration.GetSection("Dev:SelfHostOverride:GlobalSettings"), globalSettings);
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
2017-07-21 12:53:26 -04:00
|
|
|
|
|
2021-05-06 10:17:12 +02:00
|
|
|
|
services.AddSingleton(s => globalSettings);
|
|
|
|
|
|
services.AddSingleton<IGlobalSettings, GlobalSettings>(s => globalSettings);
|
2017-05-05 20:57:33 -04:00
|
|
|
|
return globalSettings;
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-09-03 14:44:22 -04:00
|
|
|
|
public static void UseDefaultMiddleware(this IApplicationBuilder app,
|
2020-01-10 08:33:13 -05:00
|
|
|
|
IWebHostEnvironment env, GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2019-09-03 14:44:22 -04:00
|
|
|
|
string GetHeaderValue(HttpContext httpContext, string header)
|
2017-07-21 12:53:26 -04:00
|
|
|
|
{
|
2019-09-03 14:44:22 -04:00
|
|
|
|
if (httpContext.Request.Headers.ContainsKey(header))
|
|
|
|
|
|
{
|
|
|
|
|
|
return httpContext.Request.Headers[header];
|
|
|
|
|
|
}
|
|
|
|
|
|
return null;
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2019-09-03 14:44:22 -04:00
|
|
|
|
|
2017-08-25 08:57:43 -04:00
|
|
|
|
// Add version information to response headers
|
|
|
|
|
|
app.Use(async (httpContext, next) =>
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (LogContext.PushProperty("IPAddress", httpContext.GetIpAddress(globalSettings)))
|
|
|
|
|
|
using (LogContext.PushProperty("UserAgent", GetHeaderValue(httpContext, "user-agent")))
|
|
|
|
|
|
using (LogContext.PushProperty("DeviceType", GetHeaderValue(httpContext, "device-type")))
|
|
|
|
|
|
using (LogContext.PushProperty("Origin", GetHeaderValue(httpContext, "origin")))
|
2017-08-25 08:57:43 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
httpContext.Response.OnStarting((state) =>
|
2017-08-25 08:57:43 -04:00
|
|
|
|
{
|
2019-09-03 14:44:22 -04:00
|
|
|
|
httpContext.Response.Headers.Append("Server-Version", CoreHelpers.GetVersion());
|
|
|
|
|
|
return Task.FromResult(0);
|
|
|
|
|
|
}, null);
|
|
|
|
|
|
await next.Invoke();
|
|
|
|
|
|
}
|
2017-08-25 08:57:43 -04:00
|
|
|
|
});
|
2017-07-21 12:53:26 -04:00
|
|
|
|
}
|
2019-04-26 09:52:54 -04:00
|
|
|
|
|
|
|
|
|
|
public static void UseForwardedHeaders(this IApplicationBuilder app, GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2019-04-26 09:52:54 -04:00
|
|
|
|
var options = new ForwardedHeadersOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
|
|
|
|
|
|
};
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!string.IsNullOrWhiteSpace(globalSettings.KnownProxies))
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2019-04-26 09:52:54 -04:00
|
|
|
|
var proxies = globalSettings.KnownProxies.Split(',');
|
2020-03-27 14:36:37 -04:00
|
|
|
|
foreach (var proxy in proxies)
|
2019-04-26 09:52:54 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (System.Net.IPAddress.TryParse(proxy.Trim(), out var ip))
|
2019-04-26 09:52:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
options.KnownProxies.Add(ip);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2020-08-28 12:14:23 -04:00
|
|
|
|
if (options.KnownProxies.Count > 1)
|
|
|
|
|
|
{
|
|
|
|
|
|
options.ForwardLimit = null;
|
|
|
|
|
|
}
|
2019-04-26 09:52:54 -04:00
|
|
|
|
app.UseForwardedHeaders(options);
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2020-08-28 12:14:23 -04:00
|
|
|
|
|
|
|
|
|
|
public static void AddCoreLocalizationServices(this IServiceCollection services)
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddTransient<II18nService, I18nService>();
|
|
|
|
|
|
services.AddLocalization(options => options.ResourcesPath = "Resources");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static IApplicationBuilder UseCoreLocalization(this IApplicationBuilder app)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2020-08-28 12:14:23 -04:00
|
|
|
|
var supportedCultures = new[] { "en" };
|
2021-12-22 19:47:35 +01:00
|
|
|
|
return app.UseRequestLocalization(options => options
|
2020-08-28 12:14:23 -04:00
|
|
|
|
.SetDefaultCulture(supportedCultures[0])
|
|
|
|
|
|
.AddSupportedCultures(supportedCultures)
|
|
|
|
|
|
.AddSupportedUICultures(supportedCultures));
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-28 12:14:23 -04:00
|
|
|
|
public static IMvcBuilder AddViewAndDataAnnotationLocalization(this IMvcBuilder mvc)
|
|
|
|
|
|
{
|
|
|
|
|
|
mvc.Services.AddTransient<IViewLocalizer, I18nViewLocalizer>();
|
|
|
|
|
|
return mvc.AddViewLocalization(options => options.ResourcesPath = "Resources")
|
2021-05-13 15:18:42 -04:00
|
|
|
|
.AddDataAnnotationsLocalization(options =>
|
2020-08-28 12:14:23 -04:00
|
|
|
|
options.DataAnnotationLocalizerProvider = (type, factory) =>
|
|
|
|
|
|
{
|
|
|
|
|
|
var assemblyName = new AssemblyName(typeof(SharedResources).GetTypeInfo().Assembly.FullName);
|
|
|
|
|
|
return factory.Create("SharedResources", assemblyName.Name);
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
2021-01-11 11:03:46 -05:00
|
|
|
|
|
|
|
|
|
|
public static IServiceCollection AddDistributedIdentityServices(this IServiceCollection services, GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-01-11 11:03:46 -05:00
|
|
|
|
services.AddOidcStateDataFormatterCache();
|
|
|
|
|
|
services.AddSession();
|
|
|
|
|
|
services.ConfigureApplicationCookie(configure => configure.CookieManager = new DistributedCacheCookieManager());
|
|
|
|
|
|
services.ConfigureExternalCookie(configure => configure.CookieManager = new DistributedCacheCookieManager());
|
|
|
|
|
|
services.AddSingleton<IPostConfigureOptions<CookieAuthenticationOptions>>(
|
|
|
|
|
|
svcs => new ConfigureOpenIdConnectDistributedOptions(
|
|
|
|
|
|
svcs.GetRequiredService<IHttpContextAccessor>(),
|
|
|
|
|
|
globalSettings,
|
|
|
|
|
|
svcs.GetRequiredService<IdentityServerOptions>())
|
2022-08-29 14:53:16 -04:00
|
|
|
|
);
|
|
|
|
|
|
|
2021-01-11 11:03:46 -05:00
|
|
|
|
return services;
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-06 10:17:12 +02:00
|
|
|
|
public static void AddWebAuthn(this IServiceCollection services, GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-05-06 10:17:12 +02:00
|
|
|
|
services.AddFido2(options =>
|
2021-01-11 11:03:46 -05:00
|
|
|
|
{
|
|
|
|
|
|
options.ServerDomain = new Uri(globalSettings.BaseServiceUri.Vault).Host;
|
|
|
|
|
|
options.ServerName = "Bitwarden";
|
|
|
|
|
|
options.Origins = new HashSet<string> { globalSettings.BaseServiceUri.Vault, };
|
|
|
|
|
|
options.TimestampDriftTolerance = 300000;
|
|
|
|
|
|
});
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2021-01-11 11:03:46 -05:00
|
|
|
|
|
2022-07-19 11:58:32 -07:00
|
|
|
|
/// <summary>
|
2021-01-11 11:03:46 -05:00
|
|
|
|
/// Adds either an in-memory or distributed IP rate limiter depending if a Redis connection string is available.
|
2022-07-19 11:58:32 -07:00
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="services"></param>
|
|
|
|
|
|
/// <param name="globalSettings"></param>
|
|
|
|
|
|
public static void AddIpRateLimiting(this IServiceCollection services,
|
|
|
|
|
|
GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-01-11 11:03:46 -05:00
|
|
|
|
services.AddHostedService<IpRateLimitSeedStartupService>();
|
|
|
|
|
|
services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>();
|
2021-05-06 10:17:12 +02:00
|
|
|
|
|
|
|
|
|
|
if (string.IsNullOrEmpty(globalSettings.Redis.ConnectionString))
|
|
|
|
|
|
{
|
2022-06-24 10:39:34 -04:00
|
|
|
|
services.AddInMemoryRateLimiting();
|
2021-05-06 10:17:12 +02:00
|
|
|
|
}
|
2022-07-19 11:58:32 -07:00
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddRedisRateLimiting(); // Requires a registered IConnectionMultiplexer
|
|
|
|
|
|
}
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2022-07-19 11:58:32 -07:00
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Adds an implementation of <see cref="IDistributedCache"/> to the service collection. Uses a memory
|
|
|
|
|
|
/// cache if self hosted or no Redis connection string is available in GlobalSettings.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public static void AddDistributedCache(
|
|
|
|
|
|
this IServiceCollection services,
|
|
|
|
|
|
GlobalSettings globalSettings)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2022-07-19 11:58:32 -07:00
|
|
|
|
if (globalSettings.SelfHosted || string.IsNullOrEmpty(globalSettings.Redis.ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
services.AddDistributedMemoryCache();
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Register the IConnectionMultiplexer explicitly so it can be accessed via DI
|
|
|
|
|
|
// (e.g. for the IP rate limiting store)
|
|
|
|
|
|
services.AddSingleton<IConnectionMultiplexer>(
|
|
|
|
|
|
_ => ConnectionMultiplexer.Connect(globalSettings.Redis.ConnectionString));
|
|
|
|
|
|
|
|
|
|
|
|
// Explicitly register IDistributedCache to re-use existing IConnectionMultiplexer
|
|
|
|
|
|
// to reduce the number of redundant connections to the Redis instance
|
|
|
|
|
|
services.AddSingleton<IDistributedCache>(s =>
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2022-07-19 11:58:32 -07:00
|
|
|
|
return new RedisCache(new RedisCacheOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
// Use "ProjectName:" as an instance name to namespace keys and avoid conflicts between projects
|
|
|
|
|
|
InstanceName = $"{globalSettings.ProjectName}:",
|
|
|
|
|
|
ConnectionMultiplexerFactory = () =>
|
|
|
|
|
|
Task.FromResult(s.GetRequiredService<IConnectionMultiplexer>())
|
|
|
|
|
|
});
|
|
|
|
|
|
});
|
2017-05-05 20:57:33 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|