Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PM-3807] Store all passkeys as login cipher type #3261

Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 2 additions & 18 deletions src/Api/Vault/Controllers/SyncController.cs
Original file line number Diff line number Diff line change
@@ -1,6 +1,4 @@
using Bit.Api.Vault.Models.Response;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Enums.Provider;
Expand All @@ -10,7 +8,6 @@
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Tools.Repositories;
using Bit.Core.Vault.Models.Data;
using Bit.Core.Vault.Repositories;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
Expand All @@ -31,8 +28,6 @@ public class SyncController : Controller
private readonly IPolicyRepository _policyRepository;
private readonly ISendRepository _sendRepository;
private readonly GlobalSettings _globalSettings;
private readonly ICurrentContext _currentContext;
private readonly Version _fido2KeyCipherMinimumVersion = new Version(Constants.Fido2KeyCipherMinimumVersion);

public SyncController(
IUserService userService,
Expand All @@ -44,8 +39,7 @@ public SyncController(
IProviderUserRepository providerUserRepository,
IPolicyRepository policyRepository,
ISendRepository sendRepository,
GlobalSettings globalSettings,
ICurrentContext currentContext)
GlobalSettings globalSettings)
{
_userService = userService;
_folderRepository = folderRepository;
Expand All @@ -57,7 +51,6 @@ public SyncController(
_policyRepository = policyRepository;
_sendRepository = sendRepository;
_globalSettings = globalSettings;
_currentContext = currentContext;
}

[HttpGet("")]
Expand All @@ -79,7 +72,7 @@ await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(user.Id,
var hasEnabledOrgs = organizationUserDetails.Any(o => o.Enabled);
var folders = await _folderRepository.GetManyByUserIdAsync(user.Id);
var allCiphers = await _cipherRepository.GetManyByUserIdAsync(user.Id, hasEnabledOrgs);
var ciphers = FilterFidoKeys(allCiphers);
var ciphers = allCiphers;
var sends = await _sendRepository.GetManyByUserIdAsync(user.Id);

IEnumerable<CollectionDetails> collections = null;
Expand All @@ -100,13 +93,4 @@ await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(user.Id,
collectionCiphersGroupDict, excludeDomains, policies, sends);
return response;
}

private ICollection<CipherDetails> FilterFidoKeys(ICollection<CipherDetails> ciphers)
{
if (_currentContext.ClientVersion >= _fido2KeyCipherMinimumVersion)
{
return ciphers;
}
return ciphers.Where(c => c.Type != Core.Vault.Enums.CipherType.Fido2Key).ToList();
}
}
19 changes: 5 additions & 14 deletions src/Api/Vault/Models/CipherFido2KeyModel.cs
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,6 @@ public class CipherFido2KeyModel
{
public CipherFido2KeyModel() { }

public CipherFido2KeyModel(CipherFido2KeyData data)
{
CredentialId = data.CredentialId;
KeyType = data.KeyType;
KeyAlgorithm = data.KeyAlgorithm;
KeyCurve = data.KeyCurve;
KeyValue = data.KeyValue;
RpId = data.RpId;
RpName = data.RpName;
UserHandle = data.UserHandle;
UserDisplayName = data.UserDisplayName;
Counter = data.Counter;
}

public CipherFido2KeyModel(CipherLoginFido2KeyData data)
{
CredentialId = data.CredentialId;
Expand All @@ -33,6 +19,7 @@ public CipherFido2KeyModel(CipherLoginFido2KeyData data)
UserHandle = data.UserHandle;
UserDisplayName = data.UserDisplayName;
Counter = data.Counter;
Discoverable = data.Discoverable;
}

[EncryptedString]
Expand Down Expand Up @@ -65,6 +52,9 @@ public CipherFido2KeyModel(CipherLoginFido2KeyData data)
[EncryptedString]
[EncryptedStringLength(1000)]
public string Counter { get; set; }
[EncryptedString]
[EncryptedStringLength(1000)]
public string Discoverable { get; set; }

public CipherLoginFido2KeyData ToCipherLoginFido2KeyData()
{
Expand All @@ -80,6 +70,7 @@ public CipherLoginFido2KeyData ToCipherLoginFido2KeyData()
UserHandle = UserHandle,
UserDisplayName = UserDisplayName,
Counter = Counter,
Discoverable = Discoverable
};
}
}
25 changes: 0 additions & 25 deletions src/Api/Vault/Models/Request/CipherRequestModel.cs
Original file line number Diff line number Diff line change
Expand Up @@ -82,9 +82,6 @@ public Cipher ToCipher(Cipher existingCipher)
case CipherType.SecureNote:
existingCipher.Data = JsonSerializer.Serialize(ToCipherSecureNoteData(), JsonHelpers.IgnoreWritingNull);
break;
case CipherType.Fido2Key:
existingCipher.Data = JsonSerializer.Serialize(ToCipherFido2KeyData(), JsonHelpers.IgnoreWritingNull);
break;
default:
throw new ArgumentException("Unsupported type: " + nameof(Type) + ".");
}
Expand Down Expand Up @@ -232,28 +229,6 @@ private CipherSecureNoteData ToCipherSecureNoteData()
Type = SecureNote.Type,
};
}

private CipherFido2KeyData ToCipherFido2KeyData()
{
return new CipherFido2KeyData
{
Name = Name,
Notes = Notes,
Fields = Fields?.Select(f => f.ToCipherFieldData()),
PasswordHistory = PasswordHistory?.Select(ph => ph.ToCipherPasswordHistoryData()),

CredentialId = Fido2Key.CredentialId,
KeyAlgorithm = Fido2Key.KeyAlgorithm,
KeyType = Fido2Key.KeyType,
KeyCurve = Fido2Key.KeyCurve,
KeyValue = Fido2Key.KeyValue,
RpId = Fido2Key.RpId,
RpName = Fido2Key.RpName,
UserHandle = Fido2Key.UserHandle,
UserDisplayName = Fido2Key.UserDisplayName,
Counter = Fido2Key.Counter
};
}
}

public class CipherWithIdRequestModel : CipherRequestModel
Expand Down
6 changes: 0 additions & 6 deletions src/Api/Vault/Models/Response/CipherResponseModel.cs
Original file line number Diff line number Diff line change
Expand Up @@ -48,12 +48,6 @@ public CipherMiniResponseModel(Cipher cipher, IGlobalSettings globalSettings, bo
cipherData = identityData;
Identity = new CipherIdentityModel(identityData);
break;
case CipherType.Fido2Key:
var fido2KeyData = JsonSerializer.Deserialize<CipherFido2KeyData>(cipher.Data);
Data = fido2KeyData;
cipherData = fido2KeyData;
Fido2Key = new CipherFido2KeyModel(fido2KeyData);
break;
default:
throw new ArgumentException("Unsupported " + nameof(Type) + ".");
}
Expand Down
1 change: 0 additions & 1 deletion src/Core/Constants.cs
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ public static class Constants
/// their subscription has expired.
/// </summary>
public const int OrganizationSelfHostSubscriptionGracePeriodDays = 60;
public const string Fido2KeyCipherMinimumVersion = "2023.9.0";
}

public static class TokenPurposes
Expand Down
1 change: 0 additions & 1 deletion src/Core/Vault/Enums/CipherType.cs
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,4 @@ public enum CipherType : byte
SecureNote = 2,
Card = 3,
Identity = 4,
Fido2Key = 5,
}
17 changes: 0 additions & 17 deletions src/Core/Vault/Models/Data/CipherFido2KeyData.cs

This file was deleted.

1 change: 1 addition & 0 deletions src/Core/Vault/Models/Data/CipherLoginFido2KeyData.cs
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,5 @@ public CipherLoginFido2KeyData() { }
public string UserHandle { get; set; }
public string UserDisplayName { get; set; }
public string Counter { get; set; }
public string Discoverable { get; set; }
}