admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-02-01 14:43:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
890e6bb48a9e2d680218046517e00929c62bc7fd
server/src/Core/IdentityServer/ConfigureOpenIdConnectDistributedOptions.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

55 lines
2.1 KiB
C#
Raw Normal View History

Fix safari sso header size (#1065) * Safari SSO header size fix - in progress * Cleanup of memoryCacheTicketStore * Redis cache ticket store + registration * Revert some unecessary changes * temp - distributed cookie: idsrv.external * Ticket data cached storage added * OIDC working w/ substantially reduced cookie size * Added distributed cache cookie manager * Removed hybrid OIDC flow * Enable self-hosted folks to use Redis for SSO * Also allow self-hosted to use Redis cont...
2021-01-11 11:03:46 -05:00
using System;
Use sas token for attachment downloads (#1153) * Get limited life attachment download URL This change limits url download to a 1min lifetime. This requires moving to a new container to allow for non-public blob access. Clients will have to call GetAttachmentData api function to receive the download URL. For backwards compatibility, attachment URLs are still present, but will not work for attachments stored in non-public access blobs. * Make GlobalSettings interface for testing * Test LocalAttachmentStorageService equivalence * Remove comment * Add missing globalSettings using * Simplify default attachment container * Default to attachments containe for existing methods A new upload method will be made for uploading to attachments-v2. For compatibility for clients which don't use these new methods, we need to still use the old container. The new container will be used only for new uploads * Remove Default MetaData fixture. * Keep attachments container blob-level security for all instances * Close unclosed FileStream * Favor default value for noop services
2021-02-22 15:35:16 -06:00
using Bit.Core.Settings;
Fix safari sso header size (#1065) * Safari SSO header size fix - in progress * Cleanup of memoryCacheTicketStore * Redis cache ticket store + registration * Revert some unecessary changes * temp - distributed cookie: idsrv.external * Ticket data cached storage added * OIDC working w/ substantially reduced cookie size * Added distributed cache cookie manager * Removed hybrid OIDC flow * Enable self-hosted folks to use Redis for SSO * Also allow self-hosted to use Redis cont...
2021-01-11 11:03:46 -05:00
using IdentityServer4.Configuration;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Caching.Redis;
using Microsoft.Extensions.Options;
namespace Bit.Core.IdentityServer
{
public class ConfigureOpenIdConnectDistributedOptions : IPostConfigureOptions<CookieAuthenticationOptions>
{
private readonly IdentityServerOptions _idsrv;
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly GlobalSettings _globalSettings;
public ConfigureOpenIdConnectDistributedOptions(IHttpContextAccessor httpContextAccessor, GlobalSettings globalSettings,
IdentityServerOptions idsrv)
{
_httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
_globalSettings = globalSettings;
_idsrv = idsrv;
}
public void PostConfigure(string name, CookieAuthenticationOptions options)
{
options.CookieManager = new DistributedCacheCookieManager();
if (name != AuthenticationSchemes.BitwardenExternalCookieAuthenticationScheme)
{
// Ignore
return;
}
options.Cookie.Name = AuthenticationSchemes.BitwardenExternalCookieAuthenticationScheme;
options.Cookie.IsEssential = true;
options.Cookie.SameSite = _idsrv.Authentication.CookieSameSiteMode;
options.TicketDataFormat = new DistributedCacheTicketDataFormatter(_httpContextAccessor, name);
if (string.IsNullOrWhiteSpace(_globalSettings.IdentityServer?.RedisConnectionString))
{
options.SessionStore = new MemoryCacheTicketStore();
}
else
{
var redisOptions = new RedisCacheOptions
{
Configuration = _globalSettings.IdentityServer.RedisConnectionString,
};
options.SessionStore = new RedisCacheTicketStore(redisOptions);
}
}
}
}
Reference in New Issue Copy Permalink