admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-02-05 08:33:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
da4f436a714d21916e70a19effe131509e74ff71
server/src/Identity/Controllers/AccountsController.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

143 lines
5.6 KiB
C#
Raw Normal View History

Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
using Bit.Core;
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
using Bit.Core.Auth.Enums;
Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
using Bit.Core.Auth.Models.Api.Request.Accounts;
[PM-1188] Server owner auth migration (#2825) * [PM-1188] add sso project to auth * [PM-1188] move sso api models to auth * [PM-1188] fix sso api model namespace & imports * [PM-1188] move core files to auth * [PM-1188] fix core sso namespace & models * [PM-1188] move sso repository files to auth * [PM-1188] fix sso repo files namespace & imports * [PM-1188] move sso sql files to auth folder * [PM-1188] move sso test files to auth folders * [PM-1188] fix sso tests namespace & imports * [PM-1188] move auth api files to auth folder * [PM-1188] fix auth api files namespace & imports * [PM-1188] move auth core files to auth folder * [PM-1188] fix auth core files namespace & imports * [PM-1188] move auth email templates to auth folder * [PM-1188] move auth email folder back into shared directory * [PM-1188] fix auth email names * [PM-1188] move auth core models to auth folder * [PM-1188] fix auth model namespace & imports * [PM-1188] add entire Identity project to auth codeowners * [PM-1188] fix auth orm files namespace & imports * [PM-1188] move auth orm files to auth folder * [PM-1188] move auth sql files to auth folder * [PM-1188] move auth tests to auth folder * [PM-1188] fix auth test files namespace & imports * [PM-1188] move emergency access api files to auth folder * [PM-1188] fix emergencyaccess api files namespace & imports * [PM-1188] move emergency access core files to auth folder * [PM-1188] fix emergency access core files namespace & imports * [PM-1188] move emergency access orm files to auth folder * [PM-1188] fix emergency access orm files namespace & imports * [PM-1188] move emergency access sql files to auth folder * [PM-1188] move emergencyaccess test files to auth folder * [PM-1188] fix emergency access test files namespace & imports * [PM-1188] move captcha files to auth folder * [PM-1188] fix captcha files namespace & imports * [PM-1188] move auth admin files into auth folder * [PM-1188] fix admin auth files namespace & imports - configure mvc to look in auth folders for views * [PM-1188] remove extra imports and formatting * [PM-1188] fix ef auth model imports * [PM-1188] fix DatabaseContextModelSnapshot paths * [PM-1188] fix grant import in ef * [PM-1188] update sqlproj * [PM-1188] move missed sqlproj files * [PM-1188] move auth ef models out of auth folder * [PM-1188] fix auth ef models namespace * [PM-1188] remove auth ef models unused imports * [PM-1188] fix imports for auth ef models * [PM-1188] fix more ef model imports * [PM-1188] fix file encodings
2023-04-14 13:25:56 -04:00
using Bit.Core.Auth.Models.Api.Response.Accounts;
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
using Bit.Core.Auth.Models.Business.Tokenables;
[PM-1188] Server owner auth migration (#2825) * [PM-1188] add sso project to auth * [PM-1188] move sso api models to auth * [PM-1188] fix sso api model namespace & imports * [PM-1188] move core files to auth * [PM-1188] fix core sso namespace & models * [PM-1188] move sso repository files to auth * [PM-1188] fix sso repo files namespace & imports * [PM-1188] move sso sql files to auth folder * [PM-1188] move sso test files to auth folders * [PM-1188] fix sso tests namespace & imports * [PM-1188] move auth api files to auth folder * [PM-1188] fix auth api files namespace & imports * [PM-1188] move auth core files to auth folder * [PM-1188] fix auth core files namespace & imports * [PM-1188] move auth email templates to auth folder * [PM-1188] move auth email folder back into shared directory * [PM-1188] fix auth email names * [PM-1188] move auth core models to auth folder * [PM-1188] fix auth model namespace & imports * [PM-1188] add entire Identity project to auth codeowners * [PM-1188] fix auth orm files namespace & imports * [PM-1188] move auth orm files to auth folder * [PM-1188] move auth sql files to auth folder * [PM-1188] move auth tests to auth folder * [PM-1188] fix auth test files namespace & imports * [PM-1188] move emergency access api files to auth folder * [PM-1188] fix emergencyaccess api files namespace & imports * [PM-1188] move emergency access core files to auth folder * [PM-1188] fix emergency access core files namespace & imports * [PM-1188] move emergency access orm files to auth folder * [PM-1188] fix emergency access orm files namespace & imports * [PM-1188] move emergency access sql files to auth folder * [PM-1188] move emergencyaccess test files to auth folder * [PM-1188] fix emergency access test files namespace & imports * [PM-1188] move captcha files to auth folder * [PM-1188] fix captcha files namespace & imports * [PM-1188] move auth admin files into auth folder * [PM-1188] fix admin auth files namespace & imports - configure mvc to look in auth folders for views * [PM-1188] remove extra imports and formatting * [PM-1188] fix ef auth model imports * [PM-1188] fix DatabaseContextModelSnapshot paths * [PM-1188] fix grant import in ef * [PM-1188] update sqlproj * [PM-1188] move missed sqlproj files * [PM-1188] move auth ef models out of auth folder * [PM-1188] fix auth ef models namespace * [PM-1188] remove auth ef models unused imports * [PM-1188] fix imports for auth ef models * [PM-1188] fix more ef model imports * [PM-1188] fix file encodings
2023-04-14 13:25:56 -04:00
using Bit.Core.Auth.Services;
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
using Bit.Core.Auth.UserFeatures.Registration;
[PM-4619] Rewrite `UserService` methods as commands (#3432) * [PM-4619] feat: scaffold new create options command * [PM-4169] feat: implement credential create options command * [PM-4619] feat: create command for credential creation * [PM-4619] feat: create assertion options command * [PM-4619] chore: clean-up unused argument * [PM-4619] feat: implement assertion command * [PM-4619] feat: migrate to commands * [PM-4619] fix: lint * [PM-4169] fix: use constant * [PM-4619] fix: lint I have no idea what this commit acutally changes, but the file seems to have some character encoding issues. This fix was generated by `dotnet format`
2023-12-14 09:35:52 +01:00
using Bit.Core.Auth.UserFeatures.WebAuthnLogin;
[PM-1188] Server owner auth migration (#2825) * [PM-1188] add sso project to auth * [PM-1188] move sso api models to auth * [PM-1188] fix sso api model namespace & imports * [PM-1188] move core files to auth * [PM-1188] fix core sso namespace & models * [PM-1188] move sso repository files to auth * [PM-1188] fix sso repo files namespace & imports * [PM-1188] move sso sql files to auth folder * [PM-1188] move sso test files to auth folders * [PM-1188] fix sso tests namespace & imports * [PM-1188] move auth api files to auth folder * [PM-1188] fix auth api files namespace & imports * [PM-1188] move auth core files to auth folder * [PM-1188] fix auth core files namespace & imports * [PM-1188] move auth email templates to auth folder * [PM-1188] move auth email folder back into shared directory * [PM-1188] fix auth email names * [PM-1188] move auth core models to auth folder * [PM-1188] fix auth model namespace & imports * [PM-1188] add entire Identity project to auth codeowners * [PM-1188] fix auth orm files namespace & imports * [PM-1188] move auth orm files to auth folder * [PM-1188] move auth sql files to auth folder * [PM-1188] move auth tests to auth folder * [PM-1188] fix auth test files namespace & imports * [PM-1188] move emergency access api files to auth folder * [PM-1188] fix emergencyaccess api files namespace & imports * [PM-1188] move emergency access core files to auth folder * [PM-1188] fix emergency access core files namespace & imports * [PM-1188] move emergency access orm files to auth folder * [PM-1188] fix emergency access orm files namespace & imports * [PM-1188] move emergency access sql files to auth folder * [PM-1188] move emergencyaccess test files to auth folder * [PM-1188] fix emergency access test files namespace & imports * [PM-1188] move captcha files to auth folder * [PM-1188] fix captcha files namespace & imports * [PM-1188] move auth admin files into auth folder * [PM-1188] fix admin auth files namespace & imports - configure mvc to look in auth folders for views * [PM-1188] remove extra imports and formatting * [PM-1188] fix ef auth model imports * [PM-1188] fix DatabaseContextModelSnapshot paths * [PM-1188] fix grant import in ef * [PM-1188] update sqlproj * [PM-1188] move missed sqlproj files * [PM-1188] move auth ef models out of auth folder * [PM-1188] fix auth ef models namespace * [PM-1188] remove auth ef models unused imports * [PM-1188] fix imports for auth ef models * [PM-1188] fix more ef model imports * [PM-1188] fix file encodings
2023-04-14 13:25:56 -04:00
using Bit.Core.Auth.Utilities;
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
using Bit.Core.Context;
[PM-1188] Server owner auth migration (#2825) * [PM-1188] add sso project to auth * [PM-1188] move sso api models to auth * [PM-1188] fix sso api model namespace & imports * [PM-1188] move core files to auth * [PM-1188] fix core sso namespace & models * [PM-1188] move sso repository files to auth * [PM-1188] fix sso repo files namespace & imports * [PM-1188] move sso sql files to auth folder * [PM-1188] move sso test files to auth folders * [PM-1188] fix sso tests namespace & imports * [PM-1188] move auth api files to auth folder * [PM-1188] fix auth api files namespace & imports * [PM-1188] move auth core files to auth folder * [PM-1188] fix auth core files namespace & imports * [PM-1188] move auth email templates to auth folder * [PM-1188] move auth email folder back into shared directory * [PM-1188] fix auth email names * [PM-1188] move auth core models to auth folder * [PM-1188] fix auth model namespace & imports * [PM-1188] add entire Identity project to auth codeowners * [PM-1188] fix auth orm files namespace & imports * [PM-1188] move auth orm files to auth folder * [PM-1188] move auth sql files to auth folder * [PM-1188] move auth tests to auth folder * [PM-1188] fix auth test files namespace & imports * [PM-1188] move emergency access api files to auth folder * [PM-1188] fix emergencyaccess api files namespace & imports * [PM-1188] move emergency access core files to auth folder * [PM-1188] fix emergency access core files namespace & imports * [PM-1188] move emergency access orm files to auth folder * [PM-1188] fix emergency access orm files namespace & imports * [PM-1188] move emergency access sql files to auth folder * [PM-1188] move emergencyaccess test files to auth folder * [PM-1188] fix emergency access test files namespace & imports * [PM-1188] move captcha files to auth folder * [PM-1188] fix captcha files namespace & imports * [PM-1188] move auth admin files into auth folder * [PM-1188] fix admin auth files namespace & imports - configure mvc to look in auth folders for views * [PM-1188] remove extra imports and formatting * [PM-1188] fix ef auth model imports * [PM-1188] fix DatabaseContextModelSnapshot paths * [PM-1188] fix grant import in ef * [PM-1188] update sqlproj * [PM-1188] move missed sqlproj files * [PM-1188] move auth ef models out of auth folder * [PM-1188] fix auth ef models namespace * [PM-1188] remove auth ef models unused imports * [PM-1188] fix imports for auth ef models * [PM-1188] fix more ef model imports * [PM-1188] fix file encodings
2023-04-14 13:25:56 -04:00
using Bit.Core.Enums;
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.Repositories;
using Bit.Core.Services;
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
using Bit.Core.Tokens;
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
using Bit.Core.Tools.Enums;
using Bit.Core.Tools.Models.Business;
using Bit.Core.Tools.Services;
using Bit.Core.Utilities;
Auth/PM-3833 - Remove Deprecated Register and Prelogin endpoints from API (#4206) * PM-3833 - API - AccountsController.cs && AccountsController.cs - remove prelogin and register endpoints. * PM-3833 - Move Request and Response models that were used for Prelogin and PostRegister from API to Identity. * PM-3833 - FIX LINT * PM-3833 - Fix issues after merge conflict fixes. * PM-3833 - Another test fix
2024-06-19 15:11:24 -04:00
using Bit.Identity.Models.Request.Accounts;
using Bit.Identity.Models.Response.Accounts;
Add error handling to identity accounts controller (#1909)
2022-03-14 20:08:01 -05:00
using Bit.SharedWeb.Utilities;
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
using Microsoft.AspNetCore.Mvc;
namespace Bit.Identity.Controllers;
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
[Route("accounts")]
[ExceptionHandlerFilter]
public class AccountsController : Controller
{
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
private readonly ICurrentContext _currentContext;
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
private readonly ILogger<AccountsController> _logger;
private readonly IUserRepository _userRepository;
private readonly IUserService _userService;
[SG-656] Send a captcha bypass token back from the register endpoint (#2278) * Send a captcha bypass token back from the register endpoint * [review] Use existing user * [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
private readonly ICaptchaValidationService _captchaValidationService;
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
private readonly IDataProtectorTokenFactory<WebAuthnLoginAssertionOptionsTokenable> _assertionOptionsDataProtector;
[PM-4619] Rewrite `UserService` methods as commands (#3432) * [PM-4619] feat: scaffold new create options command * [PM-4169] feat: implement credential create options command * [PM-4619] feat: create command for credential creation * [PM-4619] feat: create assertion options command * [PM-4619] chore: clean-up unused argument * [PM-4619] feat: implement assertion command * [PM-4619] feat: migrate to commands * [PM-4619] fix: lint * [PM-4169] fix: use constant * [PM-4619] fix: lint I have no idea what this commit acutally changes, but the file seems to have some character encoding issues. This fix was generated by `dotnet format`
2023-12-14 09:35:52 +01:00
private readonly IGetWebAuthnLoginCredentialAssertionOptionsCommand _getWebAuthnLoginCredentialAssertionOptionsCommand;
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
private readonly ISendVerificationEmailForRegistrationCommand _sendVerificationEmailForRegistrationCommand;
private readonly IReferenceEventService _referenceEventService;
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
public AccountsController(
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
ICurrentContext currentContext,
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
ILogger<AccountsController> logger,
IUserRepository userRepository,
[SG-656] Send a captcha bypass token back from the register endpoint (#2278) * Send a captcha bypass token back from the register endpoint * [review] Use existing user * [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
IUserService userService,
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
ICaptchaValidationService captchaValidationService,
[PM-4619] Rewrite `UserService` methods as commands (#3432) * [PM-4619] feat: scaffold new create options command * [PM-4169] feat: implement credential create options command * [PM-4619] feat: create command for credential creation * [PM-4619] feat: create assertion options command * [PM-4619] chore: clean-up unused argument * [PM-4619] feat: implement assertion command * [PM-4619] feat: migrate to commands * [PM-4619] fix: lint * [PM-4169] fix: use constant * [PM-4619] fix: lint I have no idea what this commit acutally changes, but the file seems to have some character encoding issues. This fix was generated by `dotnet format`
2023-12-14 09:35:52 +01:00
IDataProtectorTokenFactory<WebAuthnLoginAssertionOptionsTokenable> assertionOptionsDataProtector,
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
IGetWebAuthnLoginCredentialAssertionOptionsCommand getWebAuthnLoginCredentialAssertionOptionsCommand,
ISendVerificationEmailForRegistrationCommand sendVerificationEmailForRegistrationCommand,
IReferenceEventService referenceEventService
)
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
{
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
_currentContext = currentContext;
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
_logger = logger;
_userRepository = userRepository;
_userService = userService;
[SG-656] Send a captcha bypass token back from the register endpoint (#2278) * Send a captcha bypass token back from the register endpoint * [review] Use existing user * [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
_captchaValidationService = captchaValidationService;
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
_assertionOptionsDataProtector = assertionOptionsDataProtector;
[PM-4619] Rewrite `UserService` methods as commands (#3432) * [PM-4619] feat: scaffold new create options command * [PM-4169] feat: implement credential create options command * [PM-4619] feat: create command for credential creation * [PM-4619] feat: create assertion options command * [PM-4619] chore: clean-up unused argument * [PM-4619] feat: implement assertion command * [PM-4619] feat: migrate to commands * [PM-4619] fix: lint * [PM-4169] fix: use constant * [PM-4619] fix: lint I have no idea what this commit acutally changes, but the file seems to have some character encoding issues. This fix was generated by `dotnet format`
2023-12-14 09:35:52 +01:00
_getWebAuthnLoginCredentialAssertionOptionsCommand = getWebAuthnLoginCredentialAssertionOptionsCommand;
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
_sendVerificationEmailForRegistrationCommand = sendVerificationEmailForRegistrationCommand;
_referenceEventService = referenceEventService;
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
[HttpPost("register")]
[CaptchaProtected]
[SG-656] Send a captcha bypass token back from the register endpoint (#2278) * Send a captcha bypass token back from the register endpoint * [review] Use existing user * [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
public async Task<RegisterResponseModel> PostRegister([FromBody] RegisterRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[SG-656] Send a captcha bypass token back from the register endpoint (#2278) * Send a captcha bypass token back from the register endpoint * [review] Use existing user * [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
var user = model.ToUser();
var result = await _userService.RegisterUserAsync(user, model.MasterPasswordHash,
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
model.Token, model.OrganizationUserId);
if (result.Succeeded)
{
[SG-656] Send a captcha bypass token back from the register endpoint (#2278) * Send a captcha bypass token back from the register endpoint * [review] Use existing user * [review] Introduce ICaptcheProtectedResponseModel
2022-09-15 10:02:37 -04:00
var captchaBypassToken = _captchaValidationService.GenerateCaptchaBypassToken(user);
return new RegisterResponseModel(captchaBypassToken);
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
}
foreach (var error in result.Errors.Where(e => e.Code != "DuplicateUserName"))
{
ModelState.AddModelError(string.Empty, error.Description);
Revert filescoped (#2227) * Revert "Add git blame entry (#2226)" This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d. * Revert "Turn on file scoped namespaces (#2225)" This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
2022-08-29 15:53:48 -04:00
}
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
await Task.Delay(2000);
throw new BadRequestException(ModelState);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173) * PM-5092 - Add new EnableEmailVerification global setting. * PM-5092 - WIP - AccountsController.cs - create stub for new PostRegisterSendEmailVerification * PM-5092 - RegisterSendEmailVerificationRequestModel * PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP). * PM-5092 - EmailVerificationTokenable.cs finished + tests working. * PM-5092 - Add token data factory for new EmailVerificationTokenable factory. * PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email. * PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped. * PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token. * PM-5092 - Add new registration verify email method on mail service. * PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email. * PM-5092 - NoopMailService.cs needs to implement all interface methods. * PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place. * PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP * PM-5092 - SendVerificationEmailForRegistrationCommandTests * PM-5092 - Add integration tests for new acct controller method * PM-5092 - Cleanup unit tests * PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution. * PM-5092 - Rename to read better - send verification email > send email verification * PM-5092 - Revert primary constructor approach so DI works. * PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email. * PM-5092 - Fix email text * PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests * PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token. * PM-5092 - Per PR feedback, cleanup used dict. * PM-5092 - formatting pass (manual + dotnet format) * PM-5092 - Per PR feedback, log reference event after core business logic executes * PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional. * PM-5092 - Per PR feedback, add constructor validation for required tokenable data * PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key. * PM-5092 - Add fromEmail flag + some docs * PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable * PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback * PM-5092 - Per PR feedback, use default constructor and manually create reference event. * PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
[RequireFeature(FeatureFlagKeys.EmailVerification)]
[HttpPost("register/send-verification-email")]
public async Task<IActionResult> PostRegisterSendVerificationEmail([FromBody] RegisterSendVerificationEmailRequestModel model)
{
var token = await _sendVerificationEmailForRegistrationCommand.Run(model.Email, model.Name,
model.ReceiveMarketingEmails);
var refEvent = new ReferenceEvent
{
Type = ReferenceEventType.SignupEmailSubmit,
ClientId = _currentContext.ClientId,
ClientVersion = _currentContext.ClientVersion,
Source = ReferenceEventSource.RegistrationStart
};
await _referenceEventService.RaiseEventAsync(refEvent);
if (token != null)
{
return Ok(token);
}
return NoContent();
}
Update API endpoint to use RegisterResponseModel (#2282)
2022-09-19 09:35:57 -04:00
// Moved from API, If you modify this endpoint, please update API as well. Self hosted installs still use the API endpoints.
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
[HttpPost("prelogin")]
public async Task<PreloginResponseModel> PostPrelogin([FromBody] PreloginRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
var kdfInformation = await _userRepository.GetKdfInformationByEmailAsync(model.Email);
if (kdfInformation == null)
{
kdfInformation = new UserKdfInformation
{
Kdf = KdfType.PBKDF2_SHA256,
[PM-3565] Enforce higher minimum KDF (#3304) Extract KDF logic into a new Range class. Increase minimum iterations for PBKDF.
2023-12-05 17:21:46 +01:00
KdfIterations = AuthConstants.PBKDF2_ITERATIONS.Default,
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
};
}
return new PreloginResponseModel(kdfInformation);
}
Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
[PM-2041] Finish adding FIDO2 Authentication (#3467)
2023-11-22 19:24:19 +01:00
[HttpGet("webauthn/assertion-options")]
public WebAuthnLoginAssertionOptionsResponseModel GetWebAuthnLoginAssertionOptions()
Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
{
[PM-4619] Rewrite `UserService` methods as commands (#3432) * [PM-4619] feat: scaffold new create options command * [PM-4169] feat: implement credential create options command * [PM-4619] feat: create command for credential creation * [PM-4619] feat: create assertion options command * [PM-4619] chore: clean-up unused argument * [PM-4619] feat: implement assertion command * [PM-4619] feat: migrate to commands * [PM-4619] fix: lint * [PM-4169] fix: use constant * [PM-4619] fix: lint I have no idea what this commit acutally changes, but the file seems to have some character encoding issues. This fix was generated by `dotnet format`
2023-12-14 09:35:52 +01:00
var options = _getWebAuthnLoginCredentialAssertionOptionsCommand.GetWebAuthnLoginCredentialAssertionOptions();
Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
var tokenable = new WebAuthnLoginAssertionOptionsTokenable(WebAuthnLoginAssertionOptionsScope.Authentication, options);
var token = _assertionOptionsDataProtector.Protect(tokenable);
Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
return new WebAuthnLoginAssertionOptionsResponseModel
Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
{
[PM-2032] Server endpoints to support authentication with a passkey (#3361) * [PM-2032] feat: add assertion options tokenable * [PM-2032] feat: add request and response models * [PM-2032] feat: implement `assertion-options` identity endpoint * [PM-2032] feat: implement authentication with passkey * [PM-2032] chore: rename to `WebAuthnGrantValidator` * [PM-2032] fix: add missing subsitute * [PM-2032] feat: start adding builder * [PM-2032] feat: add support for KeyConnector * [PM-2032] feat: add first version of TDE * [PM-2032] chore: refactor WithSso * [PM-2023] feat: add support for TDE feature flag * [PM-2023] feat: add support for approving devices * [PM-2023] feat: add support for hasManageResetPasswordPermission * [PM-2032] feat: add support for hasAdminApproval * [PM-2032] chore: don't supply device if not necessary * [PM-2032] chore: clean up imports * [PM-2023] feat: extract interface * [PM-2023] chore: add clarifying comment * [PM-2023] feat: use new builder in production code * [PM-2032] feat: add support for PRF * [PM-2032] chore: clean-up todos * [PM-2023] chore: remove token which is no longer used * [PM-2032] chore: remove todo * [PM-2032] feat: improve assertion error handling * [PM-2032] fix: linting issues * [PM-2032] fix: revert changes to `launchSettings.json` * [PM-2023] chore: clean up assertion endpoint * [PM-2032] feat: bypass 2FA * [PM-2032] fix: rename prf option to singular * [PM-2032] fix: lint * [PM-2032] fix: typo * [PM-2032] chore: improve builder tests Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> * [PM-2032] chore: clarify why we don't require 2FA * [PM-2023] feat: move `identityProvider` constant to common class * [PM-2032] fix: lint * [PM-2023] fix: move `IdentityProvider` to core.Constants * [PM-2032] fix: missing import * [PM-2032] chore: refactor token timespan to use `TimeSpan` * [PM-2032] chore: make `StartWebAuthnLoginAssertion` sync * [PM-2032] chore: use `FromMinutes` * [PM-2032] fix: change to 17 minutes to cover webauthn assertion * [PM-2032] chore: do not use `async void` * [PM-2032] fix: comment saying wrong amount of minutes * [PM-2032] feat: put validator behind feature flag * [PM-2032] fix: lint --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-11-20 15:55:31 +01:00
Options = options,
Token = token
};
Support for passkey registration (#2885) * support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-10-30 08:40:06 -05:00
}
Move identity endpoints to Identity service (#1807)
2022-01-17 13:21:51 +01:00
}
Reference in New Issue Copy Permalink