public async Task <Client> FindClientByIdAsync(string clientId) { if (clientId.StartsWith("installation.")) { var idParts = clientId.Split('.'); if (idParts.Length > 1 && Guid.TryParse(idParts[1], out Guid id)) { var installation = await _installationRepository.GetByIdAsync(id); if (installation != null) { return(new Client { ClientId = $"installation.{installation.Id}", RequireClientSecret = true, ClientSecrets = { new Secret(installation.Key.Sha256()) }, AllowedScopes = new string[] { "api.push", "api.licensing" }, AllowedGrantTypes = GrantTypes.ClientCredentials, AccessTokenLifetime = 3600 * 24, Enabled = installation.Enabled, Claims = new List <Claim> { new Claim(JwtClaimTypes.Subject, installation.Id.ToString()) } }); } } } return(_apiClients.ContainsKey(clientId) ? _apiClients[clientId] : null); }
public Task <Compte> GetByInstallationIdAsync(int id) { Installation installation = installationRepository.GetByIdAsync(id).Result; return(_SolutionCleanCabloPlusContext.Comptes .Include(c => c.installations) .Where(c => c.installations.Contains(installation)) .FirstOrDefaultAsync()); }
public async Task <Client> FindClientByIdAsync(string clientId) { if (!_globalSettings.SelfHosted && clientId.StartsWith("installation.")) { var idParts = clientId.Split('.'); if (idParts.Length > 1 && Guid.TryParse(idParts[1], out Guid id)) { var installation = await _installationRepository.GetByIdAsync(id); if (installation != null) { return(new Client { ClientId = $"installation.{installation.Id}", RequireClientSecret = true, ClientSecrets = { new Secret(installation.Key.Sha256()) }, AllowedScopes = new string[] { "api.push", "api.licensing" }, AllowedGrantTypes = GrantTypes.ClientCredentials, AccessTokenLifetime = 3600 * 24, Enabled = installation.Enabled, Claims = new List <Claim> { new Claim(JwtClaimTypes.Subject, installation.Id.ToString()) } }); } } } else if (_globalSettings.SelfHosted && clientId.StartsWith("internal.") && CoreHelpers.SettingHasValue(_globalSettings.InternalIdentityKey)) { var idParts = clientId.Split('.'); if (idParts.Length > 1) { var id = idParts[1]; if (!string.IsNullOrWhiteSpace(id)) { return(new Client { ClientId = $"internal.{id}", RequireClientSecret = true, ClientSecrets = { new Secret(_globalSettings.InternalIdentityKey.Sha256()) }, AllowedScopes = new string[] { "internal" }, AllowedGrantTypes = GrantTypes.ClientCredentials, AccessTokenLifetime = 3600 * 24, Enabled = true, Claims = new List <Claim> { new Claim(JwtClaimTypes.Subject, id) } }); } } } return(_apiClients.ContainsKey(clientId) ? _apiClients[clientId] : null); }
public async Task <InstallationResponseModel> Get(Guid id) { var installation = await _installationRepository.GetByIdAsync(id); if (installation == null) { throw new NotFoundException(); } return(new InstallationResponseModel(installation, false)); }
public async Task <IActionResult> GenerateLicense(LicenseModel model) { if (!ModelState.IsValid) { return(View(model)); } User user = null; Organization organization = null; if (model.UserId.HasValue) { user = await _userService.GetUserByIdAsync(model.UserId.Value); if (user == null) { ModelState.AddModelError(nameof(model.UserId), "User Id not found."); } } else if (model.OrganizationId.HasValue) { organization = await _organizationRepository.GetByIdAsync(model.OrganizationId.Value); if (organization == null) { ModelState.AddModelError(nameof(model.OrganizationId), "Organization not found."); } else if (!organization.Enabled) { ModelState.AddModelError(nameof(model.OrganizationId), "Organization is disabled."); } } if (model.InstallationId.HasValue) { var installation = await _installationRepository.GetByIdAsync(model.InstallationId.Value); if (installation == null) { ModelState.AddModelError(nameof(model.InstallationId), "Installation not found."); } else if (!installation.Enabled) { ModelState.AddModelError(nameof(model.OrganizationId), "Installation is disabled."); } } if (!ModelState.IsValid) { return(View(model)); } if (organization != null) { var license = await _organizationService.GenerateLicenseAsync(organization, model.InstallationId.Value, model.Version); return(File(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(license, Formatting.Indented)), "text/plain", "bitwarden_organization_license.json")); } else if (user != null) { var license = await _userService.GenerateLicenseAsync(user, null, model.Version); return(File(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(license, Formatting.Indented)), "text/plain", "bitwarden_premium_license.json")); } else { throw new Exception("No license to generate."); } }
public async Task <Client> FindClientByIdAsync(string clientId) { if (!_globalSettings.SelfHosted && clientId.StartsWith("installation.")) { var idParts = clientId.Split('.'); if (idParts.Length > 1 && Guid.TryParse(idParts[1], out Guid id)) { var installation = await _installationRepository.GetByIdAsync(id); if (installation != null) { return(new Client { ClientId = $"installation.{installation.Id}", RequireClientSecret = true, ClientSecrets = { new Secret(installation.Key.Sha256()) }, AllowedScopes = new string[] { "api.push", "api.licensing" }, AllowedGrantTypes = GrantTypes.ClientCredentials, AccessTokenLifetime = 3600 * 24, Enabled = installation.Enabled, Claims = new List <ClientClaim> { new ClientClaim(JwtClaimTypes.Subject, installation.Id.ToString()) } }); } } } else if (_globalSettings.SelfHosted && clientId.StartsWith("internal.") && CoreHelpers.SettingHasValue(_globalSettings.InternalIdentityKey)) { var idParts = clientId.Split('.'); if (idParts.Length > 1) { var id = idParts[1]; if (!string.IsNullOrWhiteSpace(id)) { return(new Client { ClientId = $"internal.{id}", RequireClientSecret = true, ClientSecrets = { new Secret(_globalSettings.InternalIdentityKey.Sha256()) }, AllowedScopes = new string[] { "internal" }, AllowedGrantTypes = GrantTypes.ClientCredentials, AccessTokenLifetime = 3600 * 24, Enabled = true, Claims = new List <ClientClaim> { new ClientClaim(JwtClaimTypes.Subject, id) } }); } } } else if (clientId.StartsWith("organization.")) { var idParts = clientId.Split('.'); if (idParts.Length > 1 && Guid.TryParse(idParts[1], out var id)) { var org = await _organizationRepository.GetByIdAsync(id); if (org != null) { return(new Client { ClientId = $"organization.{org.Id}", RequireClientSecret = true, ClientSecrets = { new Secret(org.ApiKey.Sha256()) }, AllowedScopes = new string[] { "api.organization" }, AllowedGrantTypes = GrantTypes.ClientCredentials, AccessTokenLifetime = 3600 * 1, Enabled = org.Enabled && org.UseApi, Claims = new List <ClientClaim> { new ClientClaim(JwtClaimTypes.Subject, org.Id.ToString()) } }); } } } else if (clientId.StartsWith("user.")) { var idParts = clientId.Split('.'); if (idParts.Length > 1 && Guid.TryParse(idParts[1], out var id)) { var user = await _userRepository.GetByIdAsync(id); if (user != null) { var claims = new Collection <ClientClaim>() { new ClientClaim(JwtClaimTypes.Subject, user.Id.ToString()), new ClientClaim(JwtClaimTypes.AuthenticationMethod, "Application", "external") }; var orgs = await _currentContext.OrganizationMembershipAsync(_organizationUserRepository, user.Id); var isPremium = await _licensingService.ValidateUserPremiumAsync(user); foreach (var claim in CoreHelpers.BuildIdentityClaims(user, orgs, isPremium)) { var upperValue = claim.Value.ToUpperInvariant(); var isBool = upperValue == "TRUE" || upperValue == "FALSE"; claims.Add(isBool ? new ClientClaim(claim.Key, claim.Value, ClaimValueTypes.Boolean) : new ClientClaim(claim.Key, claim.Value) ); } return(new Client { ClientId = clientId, RequireClientSecret = true, ClientSecrets = { new Secret(user.ApiKey.Sha256()) }, AllowedScopes = new string[] { "api" }, AllowedGrantTypes = GrantTypes.ClientCredentials, AccessTokenLifetime = 3600 * 1, ClientClaimsPrefix = null, Claims = claims }); } } } return(_staticClientStore.ApiClients.ContainsKey(clientId) ? _staticClientStore.ApiClients[clientId] : null); }
public async Task <IActionResult> GenerateLicense(LicenseModel model) { if (!ModelState.IsValid) { return(View(model)); } User user = null; Organization organization = null; if (model.UserId.HasValue) { user = await _userService.GetUserByIdAsync(model.UserId.Value); if (user == null) { ModelState.AddModelError(nameof(model.UserId), "User Id not found."); } } else if (model.OrganizationId.HasValue) { organization = await _organizationRepository.GetByIdAsync(model.OrganizationId.Value); if (organization == null) { ModelState.AddModelError(nameof(model.OrganizationId), "Organization not found."); } else if (!organization.Enabled) { ModelState.AddModelError(nameof(model.OrganizationId), "Organization is disabled."); } } if (model.InstallationId.HasValue) { var installation = await _installationRepository.GetByIdAsync(model.InstallationId.Value); if (installation == null) { ModelState.AddModelError(nameof(model.InstallationId), "Installation not found."); } else if (!installation.Enabled) { ModelState.AddModelError(nameof(model.OrganizationId), "Installation is disabled."); } } if (!ModelState.IsValid) { return(View(model)); } if (organization != null) { var license = await _organizationService.GenerateLicenseAsync(organization, model.InstallationId.Value, model.Version); var ms = new MemoryStream(); await JsonSerializer.SerializeAsync(ms, license, JsonHelpers.Indented); ms.Seek(0, SeekOrigin.Begin); return(File(ms, "text/plain", "bitwarden_organization_license.json")); } else if (user != null) { var license = await _userService.GenerateLicenseAsync(user, null, model.Version); var ms = new MemoryStream(); ms.Seek(0, SeekOrigin.Begin); await JsonSerializer.SerializeAsync(ms, license, JsonHelpers.Indented); ms.Seek(0, SeekOrigin.Begin); return(File(ms, "text/plain", "bitwarden_premium_license.json")); } else { throw new Exception("No license to generate."); } }