src/Api/Controllers/AccountsController.cs

using Bit.Api.AdminConsole.Models.Response;
using Bit.Api.Auth.Models.Request.Accounts;
using Bit.Api.Models.Request;
using Bit.Api.Models.Request.Accounts;
using Bit.Api.Models.Response;
using Bit.Api.Utilities;
using Bit.Core;
using Bit.Core.Auth.Models.Api.Request.Accounts;
using Bit.Core.Auth.Models.Api.Response.Accounts;
using Bit.Core.Auth.Services;
using Bit.Core.Auth.Utilities;
using Bit.Core.Enums;
using Bit.Core.Enums.Provider;
using Bit.Core.Exceptions;
using Bit.Core.Models.Api.Response;
using Bit.Core.Models.Business;
using Bit.Core.Models.Data;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Tools.Entities;
using Bit.Core.Tools.Repositories;
using Bit.Core.Tools.Services;
using Bit.Core.Utilities;
using Bit.Core.Vault.Entities;
using Bit.Core.Vault.Repositories;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace Bit.Api.Controllers;

[Route("accounts")]
[Authorize("Application")]
public class AccountsController : Controller
{
    private readonly GlobalSettings _globalSettings;
    private readonly ICipherRepository _cipherRepository;
    private readonly IFolderRepository _folderRepository;
    private readonly IOrganizationService _organizationService;
    private readonly IOrganizationUserRepository _organizationUserRepository;
    private readonly IProviderUserRepository _providerUserRepository;
    private readonly IPaymentService _paymentService;
    private readonly IUserRepository _userRepository;
    private readonly IUserService _userService;
    private readonly ISendRepository _sendRepository;
    private readonly ISendService _sendService;
    private readonly ICaptchaValidationService _captchaValidationService;
    private readonly IPolicyService _policyService;

    public AccountsController(
        GlobalSettings globalSettings,
        ICipherRepository cipherRepository,
        IFolderRepository folderRepository,
        IOrganizationService organizationService,
        IOrganizationUserRepository organizationUserRepository,
        IProviderUserRepository providerUserRepository,
        IPaymentService paymentService,
        IUserRepository userRepository,
        IUserService userService,
        ISendRepository sendRepository,
        ISendService sendService,
        ICaptchaValidationService captchaValidationService,
        IPolicyService policyService)
    {
        _cipherRepository = cipherRepository;
        _folderRepository = folderRepository;
        _globalSettings = globalSettings;
        _organizationService = organizationService;
        _organizationUserRepository = organizationUserRepository;
        _providerUserRepository = providerUserRepository;
        _paymentService = paymentService;
        _userRepository = userRepository;
        _userService = userService;
        _sendRepository = sendRepository;
        _sendService = sendService;
        _captchaValidationService = captchaValidationService;
        _policyService = policyService;
    }

    #region DEPRECATED (Moved to Identity Service)

    [Obsolete("TDL-136 Moved to Identity (2022-01-12 cloud, 2022-09-19 self-hosted), left for backwards compatability with older clients.")]
    [HttpPost("prelogin")]
    [AllowAnonymous]
    public async Task<PreloginResponseModel> PostPrelogin([FromBody] PreloginRequestModel model)
    {
        var kdfInformation = await _userRepository.GetKdfInformationByEmailAsync(model.Email);
        if (kdfInformation == null)
        {
            kdfInformation = new UserKdfInformation
            {
                Kdf = KdfType.PBKDF2_SHA256,
                KdfIterations = 100000,
            };
        }
        return new PreloginResponseModel(kdfInformation);
    }

    [Obsolete("TDL-136 Moved to Identity (2022-01-12 cloud, 2022-09-19 self-hosted), left for backwards compatability with older clients.")]
    [HttpPost("register")]
    [AllowAnonymous]
    [CaptchaProtected]
    public async Task<RegisterResponseModel> PostRegister([FromBody] RegisterRequestModel model)
    {
        var user = model.ToUser();
        var result = await _userService.RegisterUserAsync(user, model.MasterPasswordHash,
            model.Token, model.OrganizationUserId);
        if (result.Succeeded)
        {
            var captchaBypassToken = _captchaValidationService.GenerateCaptchaBypassToken(user);
            return new RegisterResponseModel(captchaBypassToken);
        }

        foreach (var error in result.Errors.Where(e => e.Code != "DuplicateUserName"))
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    #endregion

    [HttpPost("password-hint")]
    [AllowAnonymous]
    public async Task PostPasswordHint([FromBody] PasswordHintRequestModel model)
    {
        await _userService.SendMasterPasswordHintAsync(model.Email);
    }

    [HttpPost("email-token")]
    public async Task PostEmailToken([FromBody] EmailTokenRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        if (user.UsesKeyConnector)
        {
            throw new BadRequestException("You cannot change your email when using Key Connector.");
        }

        if (!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
        {
            await Task.Delay(2000);
            throw new BadRequestException("MasterPasswordHash", "Invalid password.");
        }

        await _userService.InitiateEmailChangeAsync(user, model.NewEmail);
    }

    [HttpPost("email")]
    public async Task PostEmail([FromBody] EmailRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        if (user.UsesKeyConnector)
        {
            throw new BadRequestException("You cannot change your email when using Key Connector.");
        }

        var result = await _userService.ChangeEmailAsync(user, model.MasterPasswordHash, model.NewEmail,
            model.NewMasterPasswordHash, model.Token, model.Key);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpPost("verify-email")]
    public async Task PostVerifyEmail()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        await _userService.SendEmailVerificationAsync(user);
    }

    [HttpPost("verify-email-token")]
    [AllowAnonymous]
    public async Task PostVerifyEmailToken([FromBody] VerifyEmailRequestModel model)
    {
        var user = await _userService.GetUserByIdAsync(new Guid(model.UserId));
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }
        var result = await _userService.ConfirmEmailAsync(user, model.Token);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpPost("password")]
    public async Task PostPassword([FromBody] PasswordRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.ChangePasswordAsync(user, model.MasterPasswordHash,
            model.NewMasterPasswordHash, model.MasterPasswordHint, model.Key);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpPost("set-password")]
    public async Task PostSetPasswordAsync([FromBody] SetPasswordRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.SetPasswordAsync(model.ToUser(user), model.MasterPasswordHash, model.Key,
            model.OrgIdentifier);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        throw new BadRequestException(ModelState);
    }

    [HttpPost("verify-password")]
    public async Task<MasterPasswordPolicyResponseModel> PostVerifyPassword([FromBody] SecretVerificationRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        if (await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
        {
            var policyData = await _policyService.GetMasterPasswordPolicyForUserAsync(user);

            return new MasterPasswordPolicyResponseModel(policyData);
        }

        ModelState.AddModelError(nameof(model.MasterPasswordHash), "Invalid password.");
        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpPost("set-key-connector-key")]
    public async Task PostSetKeyConnectorKeyAsync([FromBody] SetKeyConnectorKeyRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.SetKeyConnectorKeyAsync(model.ToUser(user), model.Key, model.OrgIdentifier);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        throw new BadRequestException(ModelState);
    }

    [HttpPost("convert-to-key-connector")]
    public async Task PostConvertToKeyConnector()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.ConvertToKeyConnectorAsync(user);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        throw new BadRequestException(ModelState);
    }

    [HttpPost("kdf")]
    public async Task PostKdf([FromBody] KdfRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.ChangeKdfAsync(user, model.MasterPasswordHash,
            model.NewMasterPasswordHash, model.Key, model.Kdf.Value, model.KdfIterations.Value, model.KdfMemory, model.KdfParallelism);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpPost("key")]
    public async Task PostKey([FromBody] UpdateKeyRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var ciphers = new List<Cipher>();
        if (model.Ciphers.Any())
        {
            var existingCiphers = await _cipherRepository.GetManyByUserIdAsync(user.Id);
            ciphers.AddRange(existingCiphers
                .Join(model.Ciphers, c => c.Id, c => c.Id, (existing, c) => c.ToCipher(existing)));
        }

        var folders = new List<Folder>();
        if (model.Folders.Any())
        {
            var existingFolders = await _folderRepository.GetManyByUserIdAsync(user.Id);
            folders.AddRange(existingFolders
                .Join(model.Folders, f => f.Id, f => f.Id, (existing, f) => f.ToFolder(existing)));
        }

        var sends = new List<Send>();
        if (model.Sends?.Any() == true)
        {
            var existingSends = await _sendRepository.GetManyByUserIdAsync(user.Id);
            sends.AddRange(existingSends
                .Join(model.Sends, s => s.Id, s => s.Id, (existing, s) => s.ToSend(existing, _sendService)));
        }

        var result = await _userService.UpdateKeyAsync(
            user,
            model.MasterPasswordHash,
            model.Key,
            model.PrivateKey,
            ciphers,
            folders,
            sends);

        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpPost("security-stamp")]
    public async Task PostSecurityStamp([FromBody] SecretVerificationRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.RefreshSecurityStampAsync(user, model.Secret);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpGet("profile")]
    public async Task<ProfileResponseModel> GetProfile()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var organizationUserDetails = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id,
            OrganizationUserStatusType.Confirmed);
        var providerUserDetails = await _providerUserRepository.GetManyDetailsByUserAsync(user.Id,
            ProviderUserStatusType.Confirmed);
        var providerUserOrganizationDetails =
            await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(user.Id,
                ProviderUserStatusType.Confirmed);
        var response = new ProfileResponseModel(user, organizationUserDetails, providerUserDetails,
            providerUserOrganizationDetails, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
        return response;
    }

    [HttpGet("organizations")]
    public async Task<ListResponseModel<ProfileOrganizationResponseModel>> GetOrganizations()
    {
        var userId = _userService.GetProperUserId(User);
        var organizationUserDetails = await _organizationUserRepository.GetManyDetailsByUserAsync(userId.Value,
            OrganizationUserStatusType.Confirmed);
        var responseData = organizationUserDetails.Select(o => new ProfileOrganizationResponseModel(o));
        return new ListResponseModel<ProfileOrganizationResponseModel>(responseData);
    }

    [HttpPut("profile")]
    [HttpPost("profile")]
    public async Task<ProfileResponseModel> PutProfile([FromBody] UpdateProfileRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        await _userService.SaveUserAsync(model.ToUser(user));
        var response = new ProfileResponseModel(user, null, null, null, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
        return response;
    }

    [HttpPut("avatar")]
    [HttpPost("avatar")]
    public async Task<ProfileResponseModel> PutAvatar([FromBody] UpdateAvatarRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }
        await _userService.SaveUserAsync(model.ToUser(user), true);
        var response = new ProfileResponseModel(user, null, null, null, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
        return response;
    }

    [HttpGet("revision-date")]
    public async Task<long?> GetAccountRevisionDate()
    {
        var userId = _userService.GetProperUserId(User);
        long? revisionDate = null;
        if (userId.HasValue)
        {
            var date = await _userService.GetAccountRevisionDateByIdAsync(userId.Value);
            revisionDate = CoreHelpers.ToEpocMilliseconds(date);
        }

        return revisionDate;
    }

    [HttpPost("keys")]
    public async Task<KeysResponseModel> PostKeys([FromBody] KeysRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        await _userService.SaveUserAsync(model.ToUser(user));
        return new KeysResponseModel(user);
    }

    [HttpGet("keys")]
    public async Task<KeysResponseModel> GetKeys()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        return new KeysResponseModel(user);
    }

    [HttpDelete]
    [HttpPost("delete")]
    public async Task Delete([FromBody] SecretVerificationRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        if (!await _userService.VerifySecretAsync(user, model.Secret))
        {
            ModelState.AddModelError(string.Empty, "User verification failed.");
            await Task.Delay(2000);
        }
        else
        {
            var result = await _userService.DeleteAsync(user);
            if (result.Succeeded)
            {
                return;
            }

            foreach (var error in result.Errors)
            {
                ModelState.AddModelError(string.Empty, error.Description);
            }
        }

        throw new BadRequestException(ModelState);
    }

    [AllowAnonymous]
    [HttpPost("delete-recover")]
    public async Task PostDeleteRecover([FromBody] DeleteRecoverRequestModel model)
    {
        await _userService.SendDeleteConfirmationAsync(model.Email);
    }

    [HttpPost("delete-recover-token")]
    [AllowAnonymous]
    public async Task PostDeleteRecoverToken([FromBody] VerifyDeleteRecoverRequestModel model)
    {
        var user = await _userService.GetUserByIdAsync(new Guid(model.UserId));
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.DeleteAsync(user, model.Token);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        await Task.Delay(2000);
        throw new BadRequestException(ModelState);
    }

    [HttpPost("iap-check")]
    public async Task PostIapCheck([FromBody] IapCheckRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }
        await _userService.IapCheckAsync(user, model.PaymentMethodType.Value);
    }

    [HttpPost("premium")]
    public async Task<PaymentResponseModel> PostPremium(PremiumRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var valid = model.Validate(_globalSettings);
        UserLicense license = null;
        if (valid && _globalSettings.SelfHosted)
        {
            license = await ApiHelpers.ReadJsonFileFromBody<UserLicense>(HttpContext, model.License);
        }

        if (!valid && !_globalSettings.SelfHosted && string.IsNullOrWhiteSpace(model.Country))
        {
            throw new BadRequestException("Country is required.");
        }

        if (!valid || (_globalSettings.SelfHosted && license == null))
        {
            throw new BadRequestException("Invalid license.");
        }

        var result = await _userService.SignUpPremiumAsync(user, model.PaymentToken,
            model.PaymentMethodType.Value, model.AdditionalStorageGb.GetValueOrDefault(0), license,
            new TaxInfo
            {
                BillingAddressCountry = model.Country,
                BillingAddressPostalCode = model.PostalCode,
            });
        var profile = new ProfileResponseModel(user, null, null, null, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
        return new PaymentResponseModel
        {
            UserProfile = profile,
            PaymentIntentClientSecret = result.Item2,
            Success = result.Item1
        };
    }

    [HttpGet("subscription")]
    public async Task<SubscriptionResponseModel> GetSubscription()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        if (!_globalSettings.SelfHosted && user.Gateway != null)
        {
            var subscriptionInfo = await _paymentService.GetSubscriptionAsync(user);
            var license = await _userService.GenerateLicenseAsync(user, subscriptionInfo);
            return new SubscriptionResponseModel(user, subscriptionInfo, license);
        }
        else if (!_globalSettings.SelfHosted)
        {
            var license = await _userService.GenerateLicenseAsync(user);
            return new SubscriptionResponseModel(user, license);
        }
        else
        {
            return new SubscriptionResponseModel(user);
        }
    }

    [HttpPost("payment")]
    [SelfHosted(NotSelfHostedOnly = true)]
    public async Task PostPayment([FromBody] PaymentRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        await _userService.ReplacePaymentMethodAsync(user, model.PaymentToken, model.PaymentMethodType.Value,
            new TaxInfo
            {
                BillingAddressCountry = model.Country,
                BillingAddressPostalCode = model.PostalCode,
            });
    }

    [HttpPost("storage")]
    [SelfHosted(NotSelfHostedOnly = true)]
    public async Task<PaymentResponseModel> PostStorage([FromBody] StorageRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.AdjustStorageAsync(user, model.StorageGbAdjustment.Value);
        return new PaymentResponseModel
        {
            Success = true,
            PaymentIntentClientSecret = result
        };
    }

    [HttpPost("license")]
    [SelfHosted(SelfHostedOnly = true)]
    public async Task PostLicense(LicenseRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var license = await ApiHelpers.ReadJsonFileFromBody<UserLicense>(HttpContext, model.License);
        if (license == null)
        {
            throw new BadRequestException("Invalid license");
        }

        await _userService.UpdateLicenseAsync(user, license);
    }

    [HttpPost("cancel-premium")]
    [SelfHosted(NotSelfHostedOnly = true)]
    public async Task PostCancel()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        await _userService.CancelPremiumAsync(user);
    }

    [HttpPost("reinstate-premium")]
    [SelfHosted(NotSelfHostedOnly = true)]
    public async Task PostReinstate()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        await _userService.ReinstatePremiumAsync(user);
    }

    [HttpGet("tax")]
    [SelfHosted(NotSelfHostedOnly = true)]
    public async Task<TaxInfoResponseModel> GetTaxInfo()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var taxInfo = await _paymentService.GetTaxInfoAsync(user);
        return new TaxInfoResponseModel(taxInfo);
    }

    [HttpPut("tax")]
    [SelfHosted(NotSelfHostedOnly = true)]
    public async Task PutTaxInfo([FromBody] TaxInfoUpdateRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var taxInfo = new TaxInfo
        {
            BillingAddressPostalCode = model.PostalCode,
            BillingAddressCountry = model.Country,
        };
        await _paymentService.SaveTaxInfoAsync(user, taxInfo);
    }

    [HttpDelete("sso/{organizationId}")]
    public async Task DeleteSsoUser(string organizationId)
    {
        var userId = _userService.GetProperUserId(User);
        if (!userId.HasValue)
        {
            throw new NotFoundException();
        }

        await _organizationService.DeleteSsoUserAsync(userId.Value, new Guid(organizationId));
    }

    [HttpGet("sso/user-identifier")]
    public async Task<string> GetSsoUserIdentifier()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        var token = await _userService.GenerateSignInTokenAsync(user, TokenPurposes.LinkSso);
        var userIdentifier = $"{user.Id},{token}";
        return userIdentifier;
    }

    [HttpPost("api-key")]
    public async Task<ApiKeyResponseModel> ApiKey([FromBody] SecretVerificationRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        if (!await _userService.VerifySecretAsync(user, model.Secret))
        {
            await Task.Delay(2000);
            throw new BadRequestException(string.Empty, "User verification failed.");
        }

        return new ApiKeyResponseModel(user);
    }

    [HttpPost("rotate-api-key")]
    public async Task<ApiKeyResponseModel> RotateApiKey([FromBody] SecretVerificationRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        if (!await _userService.VerifySecretAsync(user, model.Secret))
        {
            await Task.Delay(2000);
            throw new BadRequestException(string.Empty, "User verification failed.");
        }

        await _userService.RotateApiKeyAsync(user);
        var response = new ApiKeyResponseModel(user);
        return response;
    }

    [HttpPut("update-temp-password")]
    public async Task PutUpdateTempPasswordAsync([FromBody] UpdateTempPasswordRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);
        if (user == null)
        {
            throw new UnauthorizedAccessException();
        }

        var result = await _userService.UpdateTempPasswordAsync(user, model.NewMasterPasswordHash, model.Key, model.MasterPasswordHint);
        if (result.Succeeded)
        {
            return;
        }

        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }

        throw new BadRequestException(ModelState);
    }

    [HttpPost("request-otp")]
    public async Task PostRequestOTP()
    {
        var user = await _userService.GetUserByPrincipalAsync(User);

        await _userService.SendOTPAsync(user);
    }

    [HttpPost("verify-otp")]
    public async Task VerifyOTP([FromBody] VerifyOTPRequestModel model)
    {
        var user = await _userService.GetUserByPrincipalAsync(User);

        if (!await _userService.VerifyOTPAsync(user, model.OTP))
        {
            await Task.Delay(2000);
            throw new BadRequestException("Token", "Invalid token");
        }
    }
}
-												AC Team code ownership moves - Api project (#3351)


											
										
										
											2023-10-19 01:27:56 +10:00
+								using Bit.Api.AdminConsole.Models.Response;
 								using Bit.Api.Auth.Models.Request.Accounts;
-												[PM-1188] Server owner auth migration (#2825)

* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings
											
										
										
											2023-04-14 13:25:56 -04:00
+								using Bit.Api.Models.Request;
-												Move request/response models (#1754)


											
										
										
											2021-12-14 15:05:07 +00:00
+								using Bit.Api.Models.Request.Accounts;
 								using Bit.Api.Models.Response;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								using Bit.Api.Utilities;
-												refactor for addtnl. payment service (braintree)

											
										
										
											2017-07-28 12:09:12 -04:00
+								using Bit.Core;
-												[PM-1188] Server owner auth migration (#2825)

* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings
											
										
										
											2023-04-14 13:25:56 -04:00
+								using Bit.Core.Auth.Models.Api.Request.Accounts;
 								using Bit.Core.Auth.Models.Api.Response.Accounts;
 								using Bit.Core.Auth.Services;
 								using Bit.Core.Auth.Utilities;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								using Bit.Core.Enums;
-												[Provider] Setup provider (#1378)


											
										
										
											2021-06-30 09:35:26 +02:00
+								using Bit.Core.Enums.Provider;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								using Bit.Core.Exceptions;
-												[AC-1070] Enforce master password policy on login  (#2714)

* [EC-1070] Add API endpoint to retrieve all policies for the current user

The additional API endpoint is required to avoid forcing a full sync call before every login for master password policy enforcement on login.

* [EC-1070] Add MasterPasswordPolicyData model

* [EC-1070] Move PolicyResponseModel to Core project

The response model is used by both the Identity and Api projects.

* [EC-1070] Supply master password polices as a custom identity token response

* [EC-1070] Include master password policies in 2FA token response

* [EC-1070] Add response model to verify-password endpoint that includes master password policies

* [AC-1070] Introduce MasterPasswordPolicyResponseModel

* [AC-1070] Add policy service method to retrieve a user's master password policy

* [AC-1070] User new policy service method

- Update BaseRequestValidator
- Update AccountsController for /verify-password endpoint
- Update VerifyMasterPasswordResponseModel to accept MasterPasswordPolicyData

* [AC-1070] Cleanup new policy service method

- Use User object instead of Guid
- Remove TODO message
- Use `PolicyRepository.GetManyByTypeApplicableToUserIdAsync` instead of filtering locally

* [AC-1070] Cleanup MasterPasswordPolicy models

- Remove default values from both models
- Add missing `RequireLower`
- Fix mismatched properties in `CombineWith` method
- Make properties nullable in response model

* [AC-1070] Remove now un-used GET /policies endpoint

* [AC-1070] Update policy service method to use GetManyByUserIdAsync

* [AC-1070] Ensure existing value is not null before comparison

* [AC-1070] Remove redundant VerifyMasterPasswordResponse model

* [AC-1070] Fix service typo in constructor
											
										
										
											2023-04-17 07:35:47 -07:00
+								using Bit.Core.Models.Api.Response;
-												premium signup with license file

											
										
										
											2017-08-11 17:06:31 -04:00
+								using Bit.Core.Models.Business;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								using Bit.Core.Models.Data;
 								using Bit.Core.Repositories;
 								using Bit.Core.Services;
-												Use sas token for attachment downloads (#1153)

* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
											
										
										
											2021-02-22 15:35:16 -06:00
+								using Bit.Core.Settings;
-												[PM-328] Move files for team-tools (#2857)

* Extract Import-Api endpoints into separate controller

Moved ciphers/import and ciphers/import-organization into new ImportController
Paths have been kept intact for now (no changes on clients needed)
Moved request-models used for import into tools-subfolder

* Update CODEOWNERS for team-tools-dev

* Move HibpController (reports) to tools

* Moving files related to Send

* Moving files related to ReferenceEvent

* Removed unneeded newline
											
										
										
											2023-04-18 14:05:17 +02:00
+								using Bit.Core.Tools.Entities;
 								using Bit.Core.Tools.Repositories;
 								using Bit.Core.Tools.Services;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								using Bit.Core.Utilities;
-												[SG-998] Move files to Vault folders (#2724)

* Move Api files

* Move Core files

* Move Infrastructure files

* Move Sql Files

* Move Api Sync files to Vault

* Move test vault files

* Update Sql.sqlproj paths

* Update Codeowners

* Fix vault file paths in sqlproj

* Update CipherDetails.sql path in sqlproj

* Update Core models and entities namespaces

* Update namespaces Core Services and Repositories

* Missed service namespaces

* Update Api namespaces

* Update Infrastructure namespaces

* Move infrastructure queries that were missed

* Tests namespace updates

* Admin and Events namespace updates

* Remove unused usings

* Remove extra CiphersController usings

* Rename folder

* Fix CipherDetails namespace

* Sqlproj fixes

* Move stored procs into folders by table

* using order fix
											
										
										
											2023-03-02 13:23:38 -05:00
+								using Bit.Core.Vault.Entities;
 								using Bit.Core.Vault.Repositories;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								using Microsoft.AspNetCore.Authorization;
 								using Microsoft.AspNetCore.Mvc;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
 								namespace Bit.Api.Controllers;
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								[Route("accounts")]
 								[Authorize("Application")]
 								public class AccountsController : Controller
 								{
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								    private readonly GlobalSettings _globalSettings;
-												support for attachments keys

load existing items and set attachments on key update

											
										
										
											2018-11-14 17:19:04 -05:00
+								    private readonly ICipherRepository _cipherRepository;
 								    private readonly IFolderRepository _folderRepository;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								    private readonly IOrganizationService _organizationService;
-												org user details apis

											
										
										
											2017-03-06 20:51:13 -05:00
+								    private readonly IOrganizationUserRepository _organizationUserRepository;
-												[Provider] Setup provider (#1378)


											
										
										
											2021-06-30 09:35:26 +02:00
+								    private readonly IProviderUserRepository _providerUserRepository;
-												inject stripepaymentservice

											
										
										
											2019-02-08 23:53:09 -05:00
+								    private readonly IPaymentService _paymentService;
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								    private readonly IUserRepository _userRepository;
 								    private readonly IUserService _userService;
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								    private readonly ISendRepository _sendRepository;
 								    private readonly ISendService _sendService;
-												Update API endpoint to use RegisterResponseModel (#2282)


											
										
										
											2022-09-19 09:35:57 -04:00
+								    private readonly ICaptchaValidationService _captchaValidationService;
-												[AC-1070] Enforce master password policy on login  (#2714)

* [EC-1070] Add API endpoint to retrieve all policies for the current user

The additional API endpoint is required to avoid forcing a full sync call before every login for master password policy enforcement on login.

* [EC-1070] Add MasterPasswordPolicyData model

* [EC-1070] Move PolicyResponseModel to Core project

The response model is used by both the Identity and Api projects.

* [EC-1070] Supply master password polices as a custom identity token response

* [EC-1070] Include master password policies in 2FA token response

* [EC-1070] Add response model to verify-password endpoint that includes master password policies

* [AC-1070] Introduce MasterPasswordPolicyResponseModel

* [AC-1070] Add policy service method to retrieve a user's master password policy

* [AC-1070] User new policy service method

- Update BaseRequestValidator
- Update AccountsController for /verify-password endpoint
- Update VerifyMasterPasswordResponseModel to accept MasterPasswordPolicyData

* [AC-1070] Cleanup new policy service method

- Use User object instead of Guid
- Remove TODO message
- Use `PolicyRepository.GetManyByTypeApplicableToUserIdAsync` instead of filtering locally

* [AC-1070] Cleanup MasterPasswordPolicy models

- Remove default values from both models
- Add missing `RequireLower`
- Fix mismatched properties in `CombineWith` method
- Make properties nullable in response model

* [AC-1070] Remove now un-used GET /policies endpoint

* [AC-1070] Update policy service method to use GetManyByUserIdAsync

* [AC-1070] Ensure existing value is not null before comparison

* [AC-1070] Remove redundant VerifyMasterPasswordResponse model

* [AC-1070] Fix service typo in constructor
											
										
										
											2023-04-17 07:35:47 -07:00
+								    private readonly IPolicyService _policyService;
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    public AccountsController(
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        GlobalSettings globalSettings,
-												support for attachments keys

load existing items and set attachments on key update

											
										
										
											2018-11-14 17:19:04 -05:00
+								        ICipherRepository cipherRepository,
 								        IFolderRepository folderRepository,
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        IOrganizationService organizationService,
-												org user details apis

											
										
										
											2017-03-06 20:51:13 -05:00
+								        IOrganizationUserRepository organizationUserRepository,
-												[Provider] Setup provider (#1378)


											
										
										
											2021-06-30 09:35:26 +02:00
+								        IProviderUserRepository providerUserRepository,
-												inject stripepaymentservice

											
										
										
											2019-02-08 23:53:09 -05:00
+								        IPaymentService paymentService,
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        IUserRepository userRepository,
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								        IUserService userService,
 								        ISendRepository sendRepository,
-												Update API endpoint to use RegisterResponseModel (#2282)


											
										
										
											2022-09-19 09:35:57 -04:00
+								        ISendService sendService,
-												[AC-1070] Enforce master password policy on login  (#2714)

* [EC-1070] Add API endpoint to retrieve all policies for the current user

The additional API endpoint is required to avoid forcing a full sync call before every login for master password policy enforcement on login.

* [EC-1070] Add MasterPasswordPolicyData model

* [EC-1070] Move PolicyResponseModel to Core project

The response model is used by both the Identity and Api projects.

* [EC-1070] Supply master password polices as a custom identity token response

* [EC-1070] Include master password policies in 2FA token response

* [EC-1070] Add response model to verify-password endpoint that includes master password policies

* [AC-1070] Introduce MasterPasswordPolicyResponseModel

* [AC-1070] Add policy service method to retrieve a user's master password policy

* [AC-1070] User new policy service method

- Update BaseRequestValidator
- Update AccountsController for /verify-password endpoint
- Update VerifyMasterPasswordResponseModel to accept MasterPasswordPolicyData

* [AC-1070] Cleanup new policy service method

- Use User object instead of Guid
- Remove TODO message
- Use `PolicyRepository.GetManyByTypeApplicableToUserIdAsync` instead of filtering locally

* [AC-1070] Cleanup MasterPasswordPolicy models

- Remove default values from both models
- Add missing `RequireLower`
- Fix mismatched properties in `CombineWith` method
- Make properties nullable in response model

* [AC-1070] Remove now un-used GET /policies endpoint

* [AC-1070] Update policy service method to use GetManyByUserIdAsync

* [AC-1070] Ensure existing value is not null before comparison

* [AC-1070] Remove redundant VerifyMasterPasswordResponse model

* [AC-1070] Fix service typo in constructor
											
										
										
											2023-04-17 07:35:47 -07:00
+								        ICaptchaValidationService captchaValidationService,
 								        IPolicyService policyService)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								        _cipherRepository = cipherRepository;
-												Move identity endpoints to Identity service (#1807)


											
										
										
											2022-01-17 13:21:51 +01:00
+								        _folderRepository = folderRepository;
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        _globalSettings = globalSettings;
-												return default kdf info

											
										
										
											2019-09-07 14:08:19 -04:00
+								        _organizationService = organizationService;
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        _organizationUserRepository = organizationUserRepository;
-												Move identity endpoints to Identity service (#1807)


											
										
										
											2022-01-17 13:21:51 +01:00
+								        _providerUserRepository = providerUserRepository;
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        _paymentService = paymentService;
 								        _userRepository = userRepository;
 								        _userService = userService;
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        _sendRepository = sendRepository;
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								        _sendService = sendService;
-												Update API endpoint to use RegisterResponseModel (#2282)


											
										
										
											2022-09-19 09:35:57 -04:00
+								        _captchaValidationService = captchaValidationService;
-												[AC-1070] Enforce master password policy on login  (#2714)

* [EC-1070] Add API endpoint to retrieve all policies for the current user

The additional API endpoint is required to avoid forcing a full sync call before every login for master password policy enforcement on login.

* [EC-1070] Add MasterPasswordPolicyData model

* [EC-1070] Move PolicyResponseModel to Core project

The response model is used by both the Identity and Api projects.

* [EC-1070] Supply master password polices as a custom identity token response

* [EC-1070] Include master password policies in 2FA token response

* [EC-1070] Add response model to verify-password endpoint that includes master password policies

* [AC-1070] Introduce MasterPasswordPolicyResponseModel

* [AC-1070] Add policy service method to retrieve a user's master password policy

* [AC-1070] User new policy service method

- Update BaseRequestValidator
- Update AccountsController for /verify-password endpoint
- Update VerifyMasterPasswordResponseModel to accept MasterPasswordPolicyData

* [AC-1070] Cleanup new policy service method

- Use User object instead of Guid
- Remove TODO message
- Use `PolicyRepository.GetManyByTypeApplicableToUserIdAsync` instead of filtering locally

* [AC-1070] Cleanup MasterPasswordPolicy models

- Remove default values from both models
- Add missing `RequireLower`
- Fix mismatched properties in `CombineWith` method
- Make properties nullable in response model

* [AC-1070] Remove now un-used GET /policies endpoint

* [AC-1070] Update policy service method to use GetManyByUserIdAsync

* [AC-1070] Ensure existing value is not null before comparison

* [AC-1070] Remove redundant VerifyMasterPasswordResponse model

* [AC-1070] Fix service typo in constructor
											
										
										
											2023-04-17 07:35:47 -07:00
+								        _policyService = policyService;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    }
 								    #region DEPRECATED (Moved to Identity Service)
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
-												Update deprecation message for register and prelogin (#2288)


											
										
										
											2022-09-19 17:15:53 +02:00
+								    [Obsolete("TDL-136 Moved to Identity (2022-01-12 cloud, 2022-09-19 self-hosted), left for backwards compatability with older clients.")]
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								    [HttpPost("prelogin")]
 								    [AllowAnonymous]
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    public async Task<PreloginResponseModel> PostPrelogin([FromBody] PreloginRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        var kdfInformation = await _userRepository.GetKdfInformationByEmailAsync(model.Email);
 								        if (kdfInformation == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            kdfInformation = new UserKdfInformation
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            {
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								                Kdf = KdfType.PBKDF2_SHA256,
 								                KdfIterations = 100000,
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								            };
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        return new PreloginResponseModel(kdfInformation);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												Update deprecation message for register and prelogin (#2288)


											
										
										
											2022-09-19 17:15:53 +02:00
+								    [Obsolete("TDL-136 Moved to Identity (2022-01-12 cloud, 2022-09-19 self-hosted), left for backwards compatability with older clients.")]
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    [HttpPost("register")]
 								    [AllowAnonymous]
-												Protect user registration with captcha (#1480)

* Protect user registration with captcha

* PR feedback
											
										
										
											2021-07-22 12:29:06 -05:00
+								    [CaptchaProtected]
-												Update API endpoint to use RegisterResponseModel (#2282)


											
										
										
											2022-09-19 09:35:57 -04:00
+								    public async Task<RegisterResponseModel> PostRegister([FromBody] RegisterRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Update API endpoint to use RegisterResponseModel (#2282)


											
										
										
											2022-09-19 09:35:57 -04:00
+								        var user = model.ToUser();
 								        var result = await _userService.RegisterUserAsync(user, model.MasterPasswordHash,
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            model.Token, model.OrganizationUserId);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (result.Succeeded)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												Update API endpoint to use RegisterResponseModel (#2282)


											
										
										
											2022-09-19 09:35:57 -04:00
+								            var captchaBypassToken = _captchaValidationService.GenerateCaptchaBypassToken(user);
 								            return new RegisterResponseModel(captchaBypassToken);
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        foreach (var error in result.Errors.Where(e => e.Code != "DuplicateUserName"))
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        await Task.Delay(2000);
 								        throw new BadRequestException(ModelState);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								    }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								    #endregion
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								    [HttpPost("password-hint")]
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								    [AllowAnonymous]
 								    public async Task PostPasswordHint([FromBody] PasswordHintRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								        await _userService.SendMasterPasswordHintAsync(model.Email);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								    [HttpPost("email-token")]
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								    public async Task PostEmailToken([FromBody] EmailTokenRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								            throw new UnauthorizedAccessException();
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								        if (user.UsesKeyConnector)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								            throw new BadRequestException("You cannot change your email when using Key Connector.");
 								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        if (!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
 								        {
 								            await Task.Delay(2000);
 								            throw new BadRequestException("MasterPasswordHash", "Invalid password.");
 								        }
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								        await _userService.InitiateEmailChangeAsync(user, model.NewEmail);
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    }
-												Added POST route endpoints for all PUT and DELETE operations to allow for vault to avoid preflight.

											
										
										
											2016-07-13 21:43:48 -04:00
+								    [HttpPost("email")]
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    public async Task PostEmail([FromBody] EmailRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        if (user.UsesKeyConnector)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            throw new BadRequestException("You cannot change your email when using Key Connector.");
 								        }
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								        var result = await _userService.ChangeEmailAsync(user, model.MasterPasswordHash, model.NewEmail,
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								            model.NewMasterPasswordHash, model.Token, model.Key);
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								        if (result.Succeeded)
 								        {
 								            return;
 								        }
 								        foreach (var error in result.Errors)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								        await Task.Delay(2000);
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								        throw new BadRequestException(ModelState);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								    [HttpPost("verify-email")]
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								    public async Task PostVerifyEmail()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								        {
 								            throw new UnauthorizedAccessException();
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								        }
 								        await _userService.SendEmailVerificationAsync(user);
 								    }
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								    [HttpPost("verify-email-token")]
 								    [AllowAnonymous]
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								    public async Task PostVerifyEmailToken([FromBody] VerifyEmailRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								        var user = await _userService.GetUserByIdAsync(new Guid(model.UserId));
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								            throw new UnauthorizedAccessException();
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        }
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								        var result = await _userService.ConfirmEmailAsync(user, model.Token);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (result.Succeeded)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
 								            return;
-												verify email apis and emails

											
										
										
											2017-07-01 23:20:19 -04:00
+								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								        foreach (var error in result.Errors)
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								        {
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								        await Task.Delay(2000);
-												[SG-199] Move MP hint to MP change form (#2080)

* chore: backend changes

* fixed: test

* fix: lint
											
										
										
											2022-07-11 09:28:14 -04:00
+								        throw new BadRequestException(ModelState);
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								    }
 								    [HttpPost("password")]
 								    public async Task PostPassword([FromBody] PasswordRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        var result = await _userService.ChangePasswordAsync(user, model.MasterPasswordHash,
 								            model.NewMasterPasswordHash, model.MasterPasswordHint, model.Key);
 								        if (result.Succeeded)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
 								            return;
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								        }
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
-												Update APIs to collect other set password info (#870)


											
										
										
											2020-08-17 10:40:35 -04:00
+								        foreach (var error in result.Errors)
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
+								        {
 								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
-												Added OrgIdentifer to SetPasswordAsync // Added jit user two factor provider (#1009)


											
										
										
											2020-11-22 08:46:44 -06:00
+								        await Task.Delay(2000);
 								        throw new BadRequestException(ModelState);
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
+								    }
 								    [HttpPost("set-password")]
 								    public async Task PostSetPasswordAsync([FromBody] SetPasswordRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        var result = await _userService.SetPasswordAsync(model.ToUser(user), model.MasterPasswordHash, model.Key,
 								            model.OrgIdentifier);
 								        if (result.Succeeded)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
 								            return;
-												SSO support (#862)

* [SSO] Added change password API (#836)

* Created API for updating password with no current comparison

* Changed name of method and request // Added user has password error flow

* Updated user service method name // Updated string null/empty check

* Replaced hardcoded sso domain hints with config loader (#850)

* Replaced hardcoded sso domain hints with config loader

* use async/await for sso config loader

* Update AccountsController.cs

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
											
										
										
											2020-08-12 17:03:09 -04:00
+								        }
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        foreach (var error in result.Errors)
-												sso integrations (#822)

* stub out hybrid sso

* support for PKCE authorization_code clients

* sso service urls

* sso client key

* abstract request validator

* support for verifying password

* custom AuthorizationCodeStore that does not remove codes

* cleanup

* comment

* created master password

* ResetMasterPassword

* rename Sso client to OidcIdentity

* update env builder

* bitwarden sso project in docker-compose

* sso path in nginx config
											
										
										
											2020-07-16 08:01:39 -04:00
+								        {
 								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
 								        throw new BadRequestException(ModelState);
 								    }
 								    [HttpPost("verify-password")]
-												[AC-1070] Enforce master password policy on login  (#2714)

* [EC-1070] Add API endpoint to retrieve all policies for the current user

The additional API endpoint is required to avoid forcing a full sync call before every login for master password policy enforcement on login.

* [EC-1070] Add MasterPasswordPolicyData model

* [EC-1070] Move PolicyResponseModel to Core project

The response model is used by both the Identity and Api projects.

* [EC-1070] Supply master password polices as a custom identity token response

* [EC-1070] Include master password policies in 2FA token response

* [EC-1070] Add response model to verify-password endpoint that includes master password policies

* [AC-1070] Introduce MasterPasswordPolicyResponseModel

* [AC-1070] Add policy service method to retrieve a user's master password policy

* [AC-1070] User new policy service method

- Update BaseRequestValidator
- Update AccountsController for /verify-password endpoint
- Update VerifyMasterPasswordResponseModel to accept MasterPasswordPolicyData

* [AC-1070] Cleanup new policy service method

- Use User object instead of Guid
- Remove TODO message
- Use `PolicyRepository.GetManyByTypeApplicableToUserIdAsync` instead of filtering locally

* [AC-1070] Cleanup MasterPasswordPolicy models

- Remove default values from both models
- Add missing `RequireLower`
- Fix mismatched properties in `CombineWith` method
- Make properties nullable in response model

* [AC-1070] Remove now un-used GET /policies endpoint

* [AC-1070] Update policy service method to use GetManyByUserIdAsync

* [AC-1070] Ensure existing value is not null before comparison

* [AC-1070] Remove redundant VerifyMasterPasswordResponse model

* [AC-1070] Fix service typo in constructor
											
										
										
											2023-04-17 07:35:47 -07:00
+								    public async Task<MasterPasswordPolicyResponseModel> PostVerifyPassword([FromBody] SecretVerificationRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												sso integrations (#822)

* stub out hybrid sso

* support for PKCE authorization_code clients

* sso service urls

* sso client key

* abstract request validator

* support for verifying password

* custom AuthorizationCodeStore that does not remove codes

* cleanup

* comment

* created master password

* ResetMasterPassword

* rename Sso client to OidcIdentity

* update env builder

* bitwarden sso project in docker-compose

* sso path in nginx config
											
										
										
											2020-07-16 08:01:39 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												sso integrations (#822)

* stub out hybrid sso

* support for PKCE authorization_code clients

* sso service urls

* sso client key

* abstract request validator

* support for verifying password

* custom AuthorizationCodeStore that does not remove codes

* cleanup

* comment

* created master password

* ResetMasterPassword

* rename Sso client to OidcIdentity

* update env builder

* bitwarden sso project in docker-compose

* sso path in nginx config
											
										
										
											2020-07-16 08:01:39 -04:00
+								            throw new UnauthorizedAccessException();
 								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        if (await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
 								        {
-												[AC-1070] Enforce master password policy on login  (#2714)

* [EC-1070] Add API endpoint to retrieve all policies for the current user

The additional API endpoint is required to avoid forcing a full sync call before every login for master password policy enforcement on login.

* [EC-1070] Add MasterPasswordPolicyData model

* [EC-1070] Move PolicyResponseModel to Core project

The response model is used by both the Identity and Api projects.

* [EC-1070] Supply master password polices as a custom identity token response

* [EC-1070] Include master password policies in 2FA token response

* [EC-1070] Add response model to verify-password endpoint that includes master password policies

* [AC-1070] Introduce MasterPasswordPolicyResponseModel

* [AC-1070] Add policy service method to retrieve a user's master password policy

* [AC-1070] User new policy service method

- Update BaseRequestValidator
- Update AccountsController for /verify-password endpoint
- Update VerifyMasterPasswordResponseModel to accept MasterPasswordPolicyData

* [AC-1070] Cleanup new policy service method

- Use User object instead of Guid
- Remove TODO message
- Use `PolicyRepository.GetManyByTypeApplicableToUserIdAsync` instead of filtering locally

* [AC-1070] Cleanup MasterPasswordPolicy models

- Remove default values from both models
- Add missing `RequireLower`
- Fix mismatched properties in `CombineWith` method
- Make properties nullable in response model

* [AC-1070] Remove now un-used GET /policies endpoint

* [AC-1070] Update policy service method to use GetManyByUserIdAsync

* [AC-1070] Ensure existing value is not null before comparison

* [AC-1070] Remove redundant VerifyMasterPasswordResponse model

* [AC-1070] Fix service typo in constructor
											
										
										
											2023-04-17 07:35:47 -07:00
+								            var policyData = await _policyService.GetMasterPasswordPolicyForUserAsync(user);
 								            return new MasterPasswordPolicyResponseModel(policyData);
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        }
 								        ModelState.AddModelError(nameof(model.MasterPasswordHash), "Invalid password.");
 								        await Task.Delay(2000);
 								        throw new BadRequestException(ModelState);
 								    }
 								    [HttpPost("set-key-connector-key")]
 								    public async Task PostSetKeyConnectorKeyAsync([FromBody] SetKeyConnectorKeyRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        var result = await _userService.SetKeyConnectorKeyAsync(model.ToUser(user), model.Key, model.OrgIdentifier);
 								        if (result.Succeeded)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
 								            return;
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        }
 								        foreach (var error in result.Errors)
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
+								        {
 								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        throw new BadRequestException(ModelState);
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
+								    }
 								    [HttpPost("convert-to-key-connector")]
 								    public async Task PostConvertToKeyConnector()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
 								        {
 								            throw new UnauthorizedAccessException();
 								        }
 								        var result = await _userService.ConvertToKeyConnectorAsync(user);
 								        if (result.Succeeded)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
 								            return;
-												Add support for crypto agent (#1623)


											
										
										
											2021-10-25 15:09:14 +02:00
+								        }
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        foreach (var error in result.Errors)
 								        {
 								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
 								        throw new BadRequestException(ModelState);
 								    }
 								    [HttpPost("kdf")]
 								    public async Task PostKdf([FromBody] KdfRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        var result = await _userService.ChangeKdfAsync(user, model.MasterPasswordHash,
-												[PS-2267] Add KdfMemory and KDFParallelism fields (#2583)

* Add KdfMemory and KDFParallelism fields

* Revise argon2 support

This pull request makes the new attribues for argon2, kdfMemory and
kdfParallelism optional. Furthermore it adds checks for the argon2
parametrs and improves the database migration script.

* Add validation for argon2 in RegisterRequestModel

* update validation messages

* update sql scripts

* register data protection with migration factories

* add ef migrations

* update kdf option validation

* adjust validation

* Centralize and Test KDF Validation

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-25 13:56:54 +01:00
+								            model.NewMasterPasswordHash, model.Key, model.Kdf.Value, model.KdfIterations.Value, model.KdfMemory, model.KdfParallelism);
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        if (result.Succeeded)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
 								            return;
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        }
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								        foreach (var error in result.Errors)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								        await Task.Delay(2000);
 								        throw new BadRequestException(ModelState);
-												support for attachments keys

load existing items and set attachments on key update

											
										
										
											2018-11-14 17:19:04 -05:00
+								    }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								    [HttpPost("key")]
 								    public async Task PostKey([FromBody] UpdateKeyRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        var ciphers = new List<Cipher>();
 								        if (model.Ciphers.Any())
 								        {
 								            var existingCiphers = await _cipherRepository.GetManyByUserIdAsync(user.Id);
 								            ciphers.AddRange(existingCiphers
 								                .Join(model.Ciphers, c => c.Id, c => c.Id, (existing, c) => c.ToCipher(existing)));
-												support for attachments keys

load existing items and set attachments on key update

											
										
										
											2018-11-14 17:19:04 -05:00
+								        }
-												backwards compat issues with change email/password

											
										
										
											2017-04-28 16:49:40 -04:00
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								        var folders = new List<Folder>();
 								        if (model.Folders.Any())
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												"user key" schema and api changes

											
										
										
											2017-05-31 09:54:32 -04:00
+								            var existingFolders = await _folderRepository.GetManyByUserIdAsync(user.Id);
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								            folders.AddRange(existingFolders
 								                .Join(model.Folders, f => f.Id, f => f.Id, (existing, f) => f.ToFolder(existing)));
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								        var sends = new List<Send>();
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (model.Sends?.Any() == true)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
 								            var existingSends = await _sendRepository.GetManyByUserIdAsync(user.Id);
-												[send.key] Update send.key when account encryption key is rotated (#1417)

* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca568ce7eb2b5dd85a33a3b38dcab339e4.

* Fix style (use AddRange instead of reassignment)
											
										
										
											2021-07-02 06:27:03 +10:00
+								            sends.AddRange(existingSends
 								                .Join(model.Sends, s => s.Id, s => s.Id, (existing, s) => s.ToSend(existing, _sendService)));
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        var result = await _userService.UpdateKeyAsync(
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            user,
 								            model.MasterPasswordHash,
 								            model.Key,
 								            model.PrivateKey,
 								            ciphers,
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								            folders,
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            sends);
 								        if (result.Succeeded)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            return;
 								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        foreach (var error in result.Errors)
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        {
 								            ModelState.AddModelError(string.Empty, error.Description);
 								        }
 								        await Task.Delay(2000);
 								        throw new BadRequestException(ModelState);
 								    }
-												Added POST route endpoints for all PUT and DELETE operations to allow for vault to avoid preflight.

											
										
										
											2016-07-13 21:43:48 -04:00
+								    [HttpPost("security-stamp")]
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								    public async Task PostSecurityStamp([FromBody] SecretVerificationRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								            throw new UnauthorizedAccessException();
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								        }
-												org user details apis

											
										
										
											2017-03-06 20:51:13 -05:00
+								        var result = await _userService.RefreshSecurityStampAsync(user, model.Secret);
 								        if (result.Succeeded)
 								        {
-												update libs and cleanup

											
										
										
											2017-07-14 09:05:15 -04:00
+								            return;
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								        }
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
+								        foreach (var error in result.Errors)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
+								            ModelState.AddModelError(string.Empty, error.Description);
-												re-working claims for aspnet core identity integration and backwards compat

											
										
										
											2017-01-11 21:46:36 -05:00
+								        }
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
-												change revision date API to query only for data needed

											
										
										
											2017-01-28 02:15:07 -05:00
+								        await Task.Delay(2000);
 								        throw new BadRequestException(ModelState);
 								    }
-												fire up events for identityserver validation scheme

											
										
										
											2017-01-16 22:02:12 -05:00
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    [HttpGet("profile")]
-												change revision date API to query only for data needed

											
										
										
											2017-01-28 02:15:07 -05:00
+								    public async Task<ProfileResponseModel> GetProfile()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												change revision date API to query only for data needed

											
										
										
											2017-01-28 02:15:07 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												change revision date API to query only for data needed

											
										
										
											2017-01-28 02:15:07 -05:00
+								            throw new UnauthorizedAccessException();
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
+								        }
-												equivalent domains APIs and data models

											
										
										
											2017-01-09 22:20:34 -05:00
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								        var organizationUserDetails = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id,
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								            OrganizationUserStatusType.Confirmed);
 								        var providerUserDetails = await _providerUserRepository.GetManyDetailsByUserAsync(user.Id,
 								            ProviderUserStatusType.Confirmed);
-												[Provider] Create and access child organizations (#1427)


											
										
										
											2021-07-08 17:05:32 +02:00
+								        var providerUserOrganizationDetails =
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								            await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(user.Id,
 								                ProviderUserStatusType.Confirmed);
 								        var response = new ProfileResponseModel(user, organizationUserDetails, providerUserDetails,
 								            providerUserOrganizationDetails, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
 								        return response;
-												public and private keys added to db and user domain. added account APIs got getting and putting keys.

											
										
										
											2017-02-11 23:00:55 -05:00
+								    }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    [HttpGet("organizations")]
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
+								    public async Task<ListResponseModel<ProfileOrganizationResponseModel>> GetOrganizations()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								        var userId = _userService.GetProperUserId(User);
 								        var organizationUserDetails = await _organizationUserRepository.GetManyDetailsByUserAsync(userId.Value,
-												filter status

											
										
										
											2017-03-25 21:53:32 -04:00
+								            OrganizationUserStatusType.Confirmed);
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								        var responseData = organizationUserDetails.Select(o => new ProfileOrganizationResponseModel(o));
 								        return new ListResponseModel<ProfileOrganizationResponseModel>(responseData);
 								    }
-												change revision date API to query only for data needed

											
										
										
											2017-01-28 02:15:07 -05:00
+								    [HttpPut("profile")]
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
+								    [HttpPost("profile")]
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								    public async Task<ProfileResponseModel> PutProfile([FromBody] UpdateProfileRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												public and private keys added to db and user domain. added account APIs got getting and putting keys.

											
										
										
											2017-02-11 23:00:55 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												change revision date API to query only for data needed

											
										
										
											2017-01-28 02:15:07 -05:00
+								        if (user == null)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												public and private keys added to db and user domain. added account APIs got getting and putting keys.

											
										
										
											2017-02-11 23:00:55 -05:00
+								            throw new UnauthorizedAccessException();
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        await _userService.SaveUserAsync(model.ToUser(user));
-												react to contact changes not being set from identity

											
										
										
											2017-01-24 22:46:54 -05:00
+								        var response = new ProfileResponseModel(user, null, null, null, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								        return response;
 								    }
-												[SG-58] Avatar color selector (#2330)

* chore: backend work

* changed typing to match efc

* Update User_Update.sql

* fix: script cleanup

* fix: adjust max length

* fix: adjust max length

* fix: added missing script changes

* fix: use short form for creating objects

* add: mysql migrations

* chore: add mysql script

* chore: posgres migrations

* chore: postgres migrations

* fix: lint

* Update 20221115034053_AvatarColor.cs

* fix: removed gravatar inline (#2447)

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
											
										
										
											2023-01-01 11:28:59 -05:00
+								    [HttpPut("avatar")]
 								    [HttpPost("avatar")]
 								    public async Task<ProfileResponseModel> PutAvatar([FromBody] UpdateAvatarRequestModel model)
 								    {
 								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
 								        {
 								            throw new UnauthorizedAccessException();
 								        }
 								        await _userService.SaveUserAsync(model.ToUser(user), true);
 								        var response = new ProfileResponseModel(user, null, null, null, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
 								        return response;
 								    }
-												public and private keys added to db and user domain. added account APIs got getting and putting keys.

											
										
										
											2017-02-11 23:00:55 -05:00
+								    [HttpGet("revision-date")]
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								    public async Task<long?> GetAccountRevisionDate()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Added account delete.

											
										
										
											2015-12-27 00:14:56 -05:00
+								        var userId = _userService.GetProperUserId(User);
 								        long? revisionDate = null;
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (userId.HasValue)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												Added account delete.

											
										
										
											2015-12-27 00:14:56 -05:00
+								            var date = await _userService.GetAccountRevisionDateByIdAsync(userId.Value);
 								            revisionDate = CoreHelpers.ToEpocMilliseconds(date);
 								        }
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								        return revisionDate;
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												public and private keys added to db and user domain. added account APIs got getting and putting keys.

											
										
										
											2017-02-11 23:00:55 -05:00
+								    [HttpPost("keys")]
-												Added account delete.

											
										
										
											2015-12-27 00:14:56 -05:00
+								    public async Task<KeysResponseModel> PostKeys([FromBody] KeysRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Added account delete.

											
										
										
											2015-12-27 00:14:56 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Added account delete.

											
										
										
											2015-12-27 00:14:56 -05:00
+								            throw new UnauthorizedAccessException();
 								        }
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								        await _userService.SaveUserAsync(model.ToUser(user));
 								        return new KeysResponseModel(user);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								    }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Added account delete.

											
										
										
											2015-12-27 00:14:56 -05:00
+								    [HttpGet("keys")]
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								    public async Task<KeysResponseModel> GetKeys()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        return new KeysResponseModel(user);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								    [HttpDelete]
-												iap pre-check

											
										
										
											2019-09-19 08:53:33 -04:00
+								    [HttpPost("delete")]
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								    public async Task Delete([FromBody] SecretVerificationRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								        {
 								            throw new UnauthorizedAccessException();
 								        }
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
-												fixes for meta repo and iapcheck model

											
										
										
											2019-09-19 09:23:48 -04:00
+								        if (!await _userService.VerifySecretAsync(user, model.Secret))
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								            ModelState.AddModelError(string.Empty, "User verification failed.");
 								            await Task.Delay(2000);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        }
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								        else
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								            var result = await _userService.DeleteAsync(user);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								            if (result.Succeeded)
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								            {
 								                return;
 								            }
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								            foreach (var error in result.Errors)
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								            {
 								                ModelState.AddModelError(string.Empty, error.Description);
 								            }
-												iap pre-check

											
										
										
											2019-09-19 08:53:33 -04:00
+								        }
 								        throw new BadRequestException(ModelState);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								    [AllowAnonymous]
-												Consistency on TaxInfo use in service params

											
										
										
											2020-06-18 10:41:55 -04:00
+								    [HttpPost("delete-recover")]
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    public async Task PostDeleteRecover([FromBody] DeleteRecoverRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												payment intent/method support for incomplete status

											
										
										
											2019-08-09 23:56:26 -04:00
+								        await _userService.SendDeleteConfirmationAsync(model.Email);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												account recovery to delete via email

											
										
										
											2017-08-09 10:53:42 -04:00
+								    [HttpPost("delete-recover-token")]
 								    [AllowAnonymous]
-												payment intent/method support for incomplete status

											
										
										
											2019-08-09 23:56:26 -04:00
+								    public async Task PostDeleteRecoverToken([FromBody] VerifyDeleteRecoverRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												verify email apis

											
										
										
											2017-07-05 15:35:46 -04:00
+								        var user = await _userService.GetUserByIdAsync(new Guid(model.UserId));
-												payment intent/method support for incomplete status

											
										
										
											2019-08-09 23:56:26 -04:00
+								        if (user == null)
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        {
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
+								            throw new UnauthorizedAccessException();
-												premium signup with license file

											
										
										
											2017-08-11 17:06:31 -04:00
+								        }
-												Consistency on TaxInfo use in service params

											
										
										
											2020-06-18 10:41:55 -04:00
 								        var result = await _userService.DeleteAsync(user, model.Token);
 								        if (result.Succeeded)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Consistency on TaxInfo use in service params

											
										
										
											2020-06-18 10:41:55 -04:00
+								            return;
-												premium signup with license file

											
										
										
											2017-08-11 17:06:31 -04:00
+								        }
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
+								        foreach (var error in result.Errors)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
+								            ModelState.AddModelError(string.Empty, error.Description);
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        }
 								        await Task.Delay(2000);
 								        throw new BadRequestException(ModelState);
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
+								    }
 								    [HttpPost("iap-check")]
 								    public async Task PostIapCheck([FromBody] IapCheckRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
+								            throw new UnauthorizedAccessException();
 								        }
-												iap pre-check

											
										
										
											2019-09-19 08:53:33 -04:00
+								        await _userService.IapCheckAsync(user, model.PaymentMethodType.Value);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								    [HttpPost("premium")]
 								    public async Task<PaymentResponseModel> PostPremium(PremiumRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												billing info when self hosted with no gateway info

											
										
										
											2017-08-11 23:23:50 -04:00
+								        {
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
+								            throw new UnauthorizedAccessException();
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        var valid = model.Validate(_globalSettings);
 								        UserLicense license = null;
 								        if (valid && _globalSettings.SelfHosted)
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        {
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								            license = await ApiHelpers.ReadJsonFileFromBody<UserLicense>(HttpContext, model.License);
 								        }
-												Consistency on TaxInfo use in service params

											
										
										
											2020-06-18 10:41:55 -04:00
+								        if (!valid && !_globalSettings.SelfHosted && string.IsNullOrWhiteSpace(model.Country))
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Consistency on TaxInfo use in service params

											
										
										
											2020-06-18 10:41:55 -04:00
+								            throw new BadRequestException("Country is required.");
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        }
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								        if (!valid || (_globalSettings.SelfHosted && license == null))
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        {
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								            throw new BadRequestException("Invalid license.");
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        }
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								        var result = await _userService.SignUpPremiumAsync(user, model.PaymentToken,
 								            model.PaymentMethodType.Value, model.AdditionalStorageGb.GetValueOrDefault(0), license,
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								            new TaxInfo
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								            {
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								                BillingAddressCountry = model.Country,
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								                BillingAddressPostalCode = model.PostalCode,
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								            });
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        var profile = new ProfileResponseModel(user, null, null, null, await _userService.TwoFactorIsEnabledAsync(user), await _userService.HasPremiumFromOrganization(user));
 								        return new PaymentResponseModel
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								            UserProfile = profile,
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
+								            PaymentIntentClientSecret = result.Item2,
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								            Success = result.Item1
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        };
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								    }
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								    [HttpGet("subscription")]
 								    public async Task<SubscriptionResponseModel> GetSubscription()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
 								        {
 								            throw new UnauthorizedAccessException();
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        }
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								        if (!_globalSettings.SelfHosted && user.Gateway != null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								            var subscriptionInfo = await _paymentService.GetSubscriptionAsync(user);
 								            var license = await _userService.GenerateLicenseAsync(user, subscriptionInfo);
 								            return new SubscriptionResponseModel(user, subscriptionInfo, license);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        }
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								        else if (!_globalSettings.SelfHosted)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								            var license = await _userService.GenerateLicenseAsync(user);
 								            return new SubscriptionResponseModel(user, license);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        }
 								        else
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        {
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								            return new SubscriptionResponseModel(user);
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								    [HttpPost("payment")]
 								    [SelfHosted(NotSelfHostedOnly = true)]
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								    public async Task PostPayment([FromBody] PaymentRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								        {
 								            throw new UnauthorizedAccessException();
 								        }
-												create org with license file

											
										
										
											2017-08-14 20:57:45 -04:00
+								        await _userService.ReplacePaymentMethodAsync(user, model.PaymentToken, model.PaymentMethodType.Value,
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								            new TaxInfo
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								            {
 								                BillingAddressCountry = model.Country,
 								                BillingAddressPostalCode = model.PostalCode,
 								            });
 								    }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								    [HttpPost("storage")]
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								    [SelfHosted(NotSelfHostedOnly = true)]
 								    public async Task<PaymentResponseModel> PostStorage([FromBody] StorageRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        var result = await _userService.AdjustStorageAsync(user, model.StorageGbAdjustment.Value);
 								        return new PaymentResponseModel
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        {
 								            Success = true,
 								            PaymentIntentClientSecret = result
 								        };
 								    }
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								    [HttpPost("license")]
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								    [SelfHosted(SelfHostedOnly = true)]
-												cancel sub completely if past exp date

											
										
										
											2018-12-31 13:34:02 -05:00
+								    public async Task PostLicense(LicenseRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												cancel sub completely if past exp date

											
										
										
											2018-12-31 13:34:02 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
+								            throw new UnauthorizedAccessException();
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        }
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								        var license = await ApiHelpers.ReadJsonFileFromBody<UserLicense>(HttpContext, model.License);
-												additional rate limiting on email endpoints

											
										
										
											2017-09-27 20:53:29 -04:00
+								        if (license == null)
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        {
-												apis for subscription vs billing

											
										
										
											2019-02-18 15:40:47 -05:00
+								            throw new BadRequestException("Invalid license");
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        }
-												Consistency on TaxInfo use in service params

											
										
										
											2020-06-18 10:41:55 -04:00
+								        await _userService.UpdateLicenseAsync(user, license);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								    [HttpPost("cancel-premium")]
 								    [SelfHosted(NotSelfHostedOnly = true)]
 								    public async Task PostCancel()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												APIs for premium. Billing helpers.

											
										
										
											2017-07-06 14:55:58 -04:00
+								        if (user == null)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								            throw new UnauthorizedAccessException();
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        }
-												user null checks for unauthorized

											
										
										
											2017-06-02 13:17:46 -04:00
+								        await _userService.CancelPremiumAsync(user);
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								    }
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								    [HttpPost("reinstate-premium")]
 								    [SelfHosted(NotSelfHostedOnly = true)]
 								    public async Task PostReinstate()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								            throw new UnauthorizedAccessException();
 								        }
 								        await _userService.ReinstatePremiumAsync(user);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								    [HttpGet("tax")]
-												update premium license and self host attr checks

											
										
										
											2017-08-14 12:08:57 -04:00
+								    [SelfHosted(NotSelfHostedOnly = true)]
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								    public async Task<TaxInfoResponseModel> GetTaxInfo()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								        if (user == null)
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
+								        {
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								            throw new UnauthorizedAccessException();
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        }
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        var taxInfo = await _paymentService.GetTaxInfoAsync(user);
 								        return new TaxInfoResponseModel(taxInfo);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								    [HttpPut("tax")]
-												adjust storage with payment intent/method handling

											
										
										
											2019-08-10 12:59:32 -04:00
+								    [SelfHosted(NotSelfHostedOnly = true)]
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								    public async Task PutTaxInfo([FromBody] TaxInfoUpdateRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								            throw new UnauthorizedAccessException();
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								        }
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
 								        var taxInfo = new TaxInfo
 								        {
 								            BillingAddressPostalCode = model.PostalCode,
-												API updates for tax info collection

											
										
										
											2020-06-08 17:40:18 -04:00
+								            BillingAddressCountry = model.Country,
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        };
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        await _paymentService.SaveTaxInfoAsync(user, taxInfo);
 								    }
 								    [HttpDelete("sso/{organizationId}")]
 								    public async Task DeleteSsoUser(string organizationId)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        var userId = _userService.GetProperUserId(User);
 								        if (!userId.HasValue)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								            throw new NotFoundException();
 								        }
-												[EC-243] Grant premium status when member accepts org invite (#2043)


											
										
										
											2022-06-17 06:30:50 +10:00
+								        await _organizationService.DeleteSsoUserAsync(userId.Value, new Guid(organizationId));
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								    [HttpGet("sso/user-identifier")]
 								    public async Task<string> GetSsoUserIdentifier()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        var token = await _userService.GenerateSignInTokenAsync(user, TokenPurposes.LinkSso);
 								        var userIdentifier = $"{user.Id},{token}";
 								        return userIdentifier;
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								    [HttpPost("api-key")]
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								    public async Task<ApiKeyResponseModel> ApiKey([FromBody] SecretVerificationRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Create sso user api (#886)

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* Update AccountsController.cs

* facilitate linking/unlinking existing users from an sso enabled org

* added user_identifier to identity methods for sso

* moved sso user delete method to account controller

* fixed a broken test

* added a token to the existing user sso link flow

* added a token to the existing user sso link flow

* fixed a typo

* added an event log for unlink ssoUser records

* fixed a merge issue

* fixed a busted test

* fixed a busted test

* ran a formatter over everything & changed .vscode settings in .gitignore

* chagned a variable to use string interpolation

* removed a blank line

* Changed TokenPurpose enum to a static class of strings

* code review cleanups

* formatting fix

* Changed parameters & logging for delete sso user

* changed th method used to get organization user for deleting sso user records

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
											
										
										
											2020-08-26 14:12:04 -04:00
+								        {
 								            throw new UnauthorizedAccessException();
 								        }
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        if (!await _userService.VerifySecretAsync(user, model.Secret))
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        {
 								            await Task.Delay(2000);
 								            throw new BadRequestException(string.Empty, "User verification failed.");
 								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        return new ApiKeyResponseModel(user);
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								    }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								    [HttpPost("rotate-api-key")]
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								    public async Task<ApiKeyResponseModel> RotateApiKey([FromBody] SecretVerificationRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								            throw new UnauthorizedAccessException();
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        if (!await _userService.VerifySecretAsync(user, model.Secret))
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        {
 								            await Task.Delay(2000);
 								            throw new BadRequestException(string.Empty, "User verification failed.");
 								        }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        await _userService.RotateApiKeyAsync(user);
 								        var response = new ApiKeyResponseModel(user);
 								        return response;
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								    }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								    [HttpPut("update-temp-password")]
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								    public async Task PutUpdateTempPasswordAsync([FromBody] UpdateTempPasswordRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (user == null)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								            throw new UnauthorizedAccessException();
-												Implement User-based API Keys (#981)

* added column ApiKey to dbo.User

* added dbo.User.ApiKey to User_Update

* added dbo.User.ApiKey to User_Create

* wrote migration script for implementing dbo.User.ApiKey

* Added ApiKey prop to the User table model

* Created AccountsController method for getting a user's API Key

* Created AccountsController method for rotating a user API key

* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli

* Added a new conditional to ClientStore to account for user API keys

* Wrote unit tests for new user API Key methods

* Added a refresh of dbo.UserView to new migration script for ApiKey

* Let client_credentials grants into the custom token logic

* Cleanup for ApiKey auth in the CLI feature

* Created user API key on registration

* Removed uneeded code for user API keys

* Changed a .Contains() to a .StartsWith() in ClientStore

* Changed index that an array is searched on

* Added more claims to the user apikey clients

* Moved some claim finding logic to a helper method
											
										
										
											2020-11-10 15:15:29 -05:00
+								        }
-												Run dotnet format (#1764)


											
										
										
											2021-12-16 15:35:09 +01:00
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								        var result = await _userService.UpdateTempPasswordAsync(user, model.NewMasterPasswordHash, model.Key, model.MasterPasswordHint);
 								        if (result.Succeeded)
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								        {
 								            return;
 								        }
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								        foreach (var error in result.Errors)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								        {
-												[Reset Password v1] Updated force password reset models (#1492)


											
										
										
											2021-08-05 13:00:24 -05:00
+								            ModelState.AddModelError(string.Empty, error.Description);
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								        }
 								        throw new BadRequestException(ModelState);
 								    }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								    [HttpPost("request-otp")]
-												[Reset Password v1] Update Temporary Password API (#1481)

* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
											
										
										
											2021-07-22 09:20:14 -05:00
+								    public async Task PostRequestOTP()
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        await _userService.SendOTPAsync(user);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								    }
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								    [HttpPost("verify-otp")]
 								    public async Task VerifyOTP([FromBody] VerifyOTPRequestModel model)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Add support for Key Connector OTP and account migration (#1663)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
											
										
										
											2021-11-09 16:37:32 +01:00
+								        var user = await _userService.GetUserByPrincipalAsync(User);
 								        if (!await _userService.VerifyOTPAsync(user, model.OTP))
 								        {
 								            await Task.Delay(2000);
 								            throw new BadRequestException("Token", "Invalid token");
 								        }
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    }
 								}