GitHub-Bitwarden
/
server
mirror of https://github.com/bitwarden/server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

stub out signalr sync hub

pull/335/head
Kyle Spearrin 7 years ago
parent
14956f6383
commit
8b53ab2945
13 changed files with 460 additions and 84 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      bitwarden-core.sln
  2. 100
      src/Core/CurrentContext.cs
  3. 86
      src/Core/Utilities/CurrentContextMiddleware.cs
  4. 25
      src/Hub/Controllers/EventsController.cs
  5. 19
      src/Hub/Hub.csproj
  6. 17
      src/Hub/Program.cs
  7. 27
      src/Hub/Properties/launchSettings.json
  8. 121
      src/Hub/Startup.cs
  9. 13
      src/Hub/SubjectUserIdProvider.cs
  10. 33
      src/Hub/SyncHub.cs
  11. 47
      src/Hub/TimedHostedService.cs
  12. 14
      src/Hub/appsettings.Production.json
  13. 35
      src/Hub/appsettings.json

7
bitwarden-core.sln
Unescape View File

@ -49,6 +49,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "EventsProcessor", "src\Even
EndProject EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Admin", "src\Admin\Admin.csproj", "{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}" Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Admin", "src\Admin\Admin.csproj", "{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}"
EndProject EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Hub", "src\Hub\Hub.csproj", "{28635027-20E5-42FA-B218-B6C878DE5350}"
EndProject
Global Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU Debug|Any CPU = Debug|Any CPU
@ -113,6 +115,10 @@ Global
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Debug|Any CPU.Build.0 = Debug|Any CPU {B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Debug|Any CPU.Build.0 = Debug|Any CPU
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Release|Any CPU.ActiveCfg = Release|Any CPU {B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Release|Any CPU.ActiveCfg = Release|Any CPU
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Release|Any CPU.Build.0 = Release|Any CPU {B131CEF3-89FB-4C90-ADB0-9E9C4246EB56}.Release|Any CPU.Build.0 = Release|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Debug|Any CPU.Build.0 = Debug|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Release|Any CPU.ActiveCfg = Release|Any CPU
{28635027-20E5-42FA-B218-B6C878DE5350}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection EndGlobalSection
GlobalSection(SolutionProperties) = preSolution GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE HideSolutionNode = FALSE
@ -132,6 +138,7 @@ Global
{994DD611-F266-4BD3-8072-3B1B57267ED5} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D} {994DD611-F266-4BD3-8072-3B1B57267ED5} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
{2235D24F-E607-47F4-81AD-BB4504ADF9C6} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D} {2235D24F-E607-47F4-81AD-BB4504ADF9C6} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
{B131CEF3-89FB-4C90-ADB0-9E9C4246EB56} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D} {B131CEF3-89FB-4C90-ADB0-9E9C4246EB56} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
{28635027-20E5-42FA-B218-B6C878DE5350} = {DD5BD056-4AAE-43EF-BBD2-0B569B8DA84D}
EndGlobalSection EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {E01CBF68-2E20-425F-9EDB-E0A6510CA92F} SolutionGuid = {E01CBF68-2E20-425F-9EDB-E0A6510CA92F}

100
src/Core/CurrentContext.cs
Unescape View File

@ -6,11 +6,14 @@ using Bit.Core.Enums;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Bit.Core.Repositories; using Bit.Core.Repositories;
using System.Threading.Tasks; using System.Threading.Tasks;
using System.Security.Claims;
namespace Bit.Core namespace Bit.Core
{ {
public class CurrentContext public class CurrentContext
{ {
private bool _builtHttpContext;
private bool _builtClaimsPrincipal;
private string _ip; private string _ip;
private Dictionary<Guid, ICollection<OrganizationUser>> _orgUsers = private Dictionary<Guid, ICollection<OrganizationUser>> _orgUsers =
new Dictionary<Guid, ICollection<OrganizationUser>>(); new Dictionary<Guid, ICollection<OrganizationUser>>();
@ -25,6 +28,93 @@ namespace Bit.Core
new List<CurrentContentOrganization>(); new List<CurrentContentOrganization>();
public virtual Guid? InstallationId { get; set; } public virtual Guid? InstallationId { get; set; }
public void Build(HttpContext httpContext)
{
if(_builtHttpContext)
{
return;
}
_builtHttpContext = true;
HttpContext = httpContext;
Build(httpContext.User);
if(DeviceIdentifier == null && httpContext.Request.Headers.ContainsKey("Device-Identifier"))
{
DeviceIdentifier = httpContext.Request.Headers["Device-Identifier"];
}
if(httpContext.Request.Headers.ContainsKey("Device-Type") &&
Enum.TryParse(httpContext.Request.Headers["Device-Type"].ToString(), out DeviceType dType))
{
DeviceType = dType;
}
}
public void Build(ClaimsPrincipal user)
{
if(_builtClaimsPrincipal)
{
return;
}
_builtClaimsPrincipal = true;
if(user == null || !user.Claims.Any())
{
return;
}
var claimsDict = user.Claims.GroupBy(c => c.Type).ToDictionary(c => c.Key, c => c.Select(v => v));
var subject = GetClaimValue(claimsDict, "sub");
if(Guid.TryParse(subject, out var subIdGuid))
{
UserId = subIdGuid;
}
var clientId = GetClaimValue(claimsDict, "client_id");
var clientSubject = GetClaimValue(claimsDict, "client_sub");
if((clientId?.StartsWith("installation.") ?? false) && clientSubject != null)
{
if(Guid.TryParse(clientSubject, out var idGuid))
{
InstallationId = idGuid;
}
}
DeviceIdentifier = GetClaimValue(claimsDict, "device");
if(claimsDict.ContainsKey("orgowner"))
{
Organizations.AddRange(claimsDict["orgowner"].Select(c =>
new CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Owner
}));
}
if(claimsDict.ContainsKey("orgadmin"))
{
Organizations.AddRange(claimsDict["orgadmin"].Select(c =>
new CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Admin
}));
}
if(claimsDict.ContainsKey("orguser"))
{
Organizations.AddRange(claimsDict["orguser"].Select(c =>
new CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.User
}));
}
}
public bool OrganizationUser(Guid orgId) public bool OrganizationUser(Guid orgId)
{ {
return Organizations.Any(o => o.Id == orgId); return Organizations.Any(o => o.Id == orgId);
@ -70,6 +160,16 @@ namespace Bit.Core
return _ip; return _ip;
} }
private string GetClaimValue(Dictionary<string, IEnumerable<Claim>> claims, string type)
{
if(!claims.ContainsKey(type))
{
return null;
}
return claims[type].FirstOrDefault()?.Value;
}
public class CurrentContentOrganization public class CurrentContentOrganization
{ {
public Guid Id { get; set; } public Guid Id { get; set; }

86
src/Core/Utilities/CurrentContextMiddleware.cs
Unescape View File

@ -1,9 +1,4 @@
using Bit.Core.Enums; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Bit.Core.Utilities namespace Bit.Core.Utilities
@ -19,85 +14,8 @@ namespace Bit.Core.Utilities
public async Task Invoke(HttpContext httpContext, CurrentContext currentContext) public async Task Invoke(HttpContext httpContext, CurrentContext currentContext)
{ {
currentContext.HttpContext = httpContext; currentContext.Build(httpContext);
if(httpContext.User != null && httpContext.User.Claims.Any())
{
var claimsDict = httpContext.User.Claims
.GroupBy(c => c.Type)
.ToDictionary(c => c.Key, c => c.Select(v => v));
var subject = GetClaimValue(claimsDict, "sub");
if(Guid.TryParse(subject, out var subIdGuid))
{
currentContext.UserId = subIdGuid;
}
var clientId = GetClaimValue(claimsDict, "client_id");
var clientSubject = GetClaimValue(claimsDict, "client_sub");
if((clientId?.StartsWith("installation.") ?? false) && clientSubject != null)
{
if(Guid.TryParse(clientSubject, out var idGuid))
{
currentContext.InstallationId = idGuid;
}
}
currentContext.DeviceIdentifier = GetClaimValue(claimsDict, "device");
if(claimsDict.ContainsKey("orgowner"))
{
currentContext.Organizations.AddRange(claimsDict["orgowner"].Select(c =>
new CurrentContext.CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Owner
}));
}
if(claimsDict.ContainsKey("orgadmin"))
{
currentContext.Organizations.AddRange(claimsDict["orgadmin"].Select(c =>
new CurrentContext.CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.Admin
}));
}
if(claimsDict.ContainsKey("orguser"))
{
currentContext.Organizations.AddRange(claimsDict["orguser"].Select(c =>
new CurrentContext.CurrentContentOrganization
{
Id = new Guid(c.Value),
Type = OrganizationUserType.User
}));
}
}
if(currentContext.DeviceIdentifier == null && httpContext.Request.Headers.ContainsKey("Device-Identifier"))
{
currentContext.DeviceIdentifier = httpContext.Request.Headers["Device-Identifier"];
}
if(httpContext.Request.Headers.ContainsKey("Device-Type") &&
Enum.TryParse(httpContext.Request.Headers["Device-Type"].ToString(), out DeviceType dType))
{
currentContext.DeviceType = dType;
}
await _next.Invoke(httpContext); await _next.Invoke(httpContext);
} }
private string GetClaimValue(Dictionary<string, IEnumerable<Claim>> claims, string type)
{
if(!claims.ContainsKey(type))
{
return null;
}
return claims[type].FirstOrDefault()?.Value;
}
} }
} }

25
src/Hub/Controllers/EventsController.cs
Unescape View File

@ -0,0 +1,25 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.SignalR;
namespace Bit.Hub
{
[Authorize("Application")]
public class EventsController : Controller
{
private readonly IHubContext<SyncHub> _syncHubContext;
public EventsController(IHubContext<SyncHub> syncHubContext)
{
_syncHubContext = syncHubContext;
}
[HttpGet("~/events")]
public async Task GetTest()
{
await _syncHubContext.Clients.All.SendAsync("ReceiveMessage", "From API.");
}
}
}

19
src/Hub/Hub.csproj
Unescape View File

@ -0,0 +1,19 @@
<Project Sdk="Microsoft.NET.Sdk.Web">
<PropertyGroup>
<Version>1.22.0</Version>
<TargetFramework>netcoreapp2.1</TargetFramework>
<RootNamespace>Bit.Hub</RootNamespace>
<UserSecretsId>bitwarden-Hub</UserSecretsId>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="IdentityServer4.AccessTokenValidation" Version="2.6.0" />
<PackageReference Include="Microsoft.AspNetCore.App" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\Core\Core.csproj" />
</ItemGroup>
</Project>

17
src/Hub/Program.cs
Unescape View File

@ -0,0 +1,17 @@
using Microsoft.AspNetCore;
using Microsoft.AspNetCore.Hosting;
namespace Bit.Hub
{
public class Program
{
public static void Main(string[] args)
{
WebHost
.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.Build()
.Run();
}
}
}

27
src/Hub/Properties/launchSettings.json
Unescape View File

@ -0,0 +1,27 @@
{
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:61840",
"sslPort": 0
}
},
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"Bit.Hub": {
"commandName": "Project",
"launchBrowser": true,
"applicationUrl": "http://localhost:5000",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}

121
src/Hub/Startup.cs
Unescape View File

@ -0,0 +1,121 @@
using System.Security.Claims;
using Bit.Core;
using Bit.Core.IdentityServer;
using Bit.Core.Services;
using Bit.Core.Utilities;
using IdentityModel;
using IdentityServer4.AccessTokenValidation;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.SignalR;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.IdentityModel.Logging;
using Serilog.Events;
namespace Bit.Hub
{
public class Startup
{
public Startup(IHostingEnvironment env, IConfiguration configuration)
{
Configuration = configuration;
Environment = env;
}
public IConfiguration Configuration { get; }
public IHostingEnvironment Environment { get; set; }
public void ConfigureServices(IServiceCollection services)
{
// Options
services.AddOptions();
// Settings
var globalSettings = services.AddGlobalSettingsServices(Configuration);
// Repositories
services.AddSqlServerRepositories(globalSettings);
// Context
services.AddScoped<CurrentContext>();
// Identity
services
.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = globalSettings.BaseServiceUri.InternalIdentity;
options.RequireHttpsMetadata = !Environment.IsDevelopment() &&
globalSettings.BaseServiceUri.InternalIdentity.StartsWith("https");
options.TokenRetriever = TokenRetrieval.FromAuthorizationHeaderOrQueryString();
options.NameClaimType = ClaimTypes.Email;
options.SupportedTokens = SupportedTokens.Jwt;
});
services.AddAuthorization(config =>
{
config.AddPolicy("Application", policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.AuthenticationMethod, "Application");
});
});
// SignalR
services.AddSignalR();
services.AddSingleton<IUserIdProvider, SubjectUserIdProvider>();
// Mvc
services.AddMvc();
// Hosted Services
services.AddHostedService<TimedHostedService>();
}
public void Configure(
IApplicationBuilder app,
IHostingEnvironment env,
ILoggerFactory loggerFactory,
IApplicationLifetime appLifetime,
GlobalSettings globalSettings)
{
IdentityModelEventSource.ShowPII = true;
loggerFactory.AddSerilog(app, env, appLifetime, globalSettings, (e) =>
{
var context = e.Properties["SourceContext"].ToString();
if(context.Contains("IdentityServer4.Validation.TokenValidator") ||
context.Contains("IdentityServer4.Validation.TokenRequestValidator"))
{
return e.Level > LogEventLevel.Error;
}
return e.Level >= LogEventLevel.Error;
});
if(env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
// Default Middleware
app.UseDefaultMiddleware(env);
// Add Cors
app.UseCors(policy => policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials());
// Add authentication to the request pipeline.
app.UseAuthentication();
// Add SignlarR
app.UseSignalR(routes =>
{
routes.MapHub<SyncHub>("/sync");
});
// Add MVC to the request pipeline.
app.UseMvc();
}
}
}

13
src/Hub/SubjectUserIdProvider.cs
Unescape View File

@ -0,0 +1,13 @@
using IdentityModel;
using Microsoft.AspNetCore.SignalR;
namespace Bit.Hub
{
public class SubjectUserIdProvider : IUserIdProvider
{
public string GetUserId(HubConnectionContext connection)
{
return connection.User?.FindFirst(JwtClaimTypes.Subject)?.Value;
}
}
}

33
src/Hub/SyncHub.cs
Unescape View File

@ -0,0 +1,33 @@
using System;
using System.Threading.Tasks;
using Bit.Core;
using Microsoft.AspNetCore.Authorization;
namespace Bit.Hub
{
[Authorize("Application")]
public class SyncHub : Microsoft.AspNetCore.SignalR.Hub
{
public override async Task OnConnectedAsync()
{
var currentContext = new CurrentContext();
currentContext.Build(Context.User);
foreach(var org in currentContext.Organizations)
{
await Groups.AddToGroupAsync(Context.ConnectionId, $"Organization_{org.Id}");
}
await base.OnConnectedAsync();
}
public override async Task OnDisconnectedAsync(Exception exception)
{
var currentContext = new CurrentContext();
currentContext.Build(Context.User);
foreach(var org in currentContext.Organizations)
{
await Groups.RemoveFromGroupAsync(Context.ConnectionId, $"Organization_{org.Id}");
}
await base.OnDisconnectedAsync(exception);
}
}
}

47
src/Hub/TimedHostedService.cs
Unescape View File

@ -0,0 +1,47 @@
using System;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.AspNetCore.SignalR;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
namespace Bit.Hub
{
public class TimedHostedService : IHostedService, IDisposable
{
private readonly ILogger _logger;
private readonly IHubContext<SyncHub> _hubContext;
private Timer _timer;
public TimedHostedService(ILogger<TimedHostedService> logger, IHubContext<SyncHub> hubContext)
{
_logger = logger;
_hubContext = hubContext;
}
public Task StartAsync(CancellationToken cancellationToken)
{
_logger.LogInformation("Timed Background Service is starting.");
_timer = new Timer(DoWork, null, TimeSpan.Zero, TimeSpan.FromSeconds(5));
return Task.CompletedTask;
}
private void DoWork(object state)
{
_logger.LogInformation("Timed Background Service is working.");
_hubContext.Clients.All.SendAsync("ReceiveMessage", "From BG!!");
}
public Task StopAsync(CancellationToken cancellationToken)
{
_logger.LogInformation("Timed Background Service is stopping.");
_timer?.Change(Timeout.Infinite, 0);
return Task.CompletedTask;
}
public void Dispose()
{
_timer?.Dispose();
}
}
}

14
src/Hub/appsettings.Production.json
Unescape View File

@ -0,0 +1,14 @@
{
"globalSettings": {
"baseServiceUri": {
"vault": "https://vault.bitwarden.com",
"api": "https://api.bitwarden.com",
"identity": "https://identity.bitwarden.com",
"admin": "https://admin.bitwarden.com",
"internalAdmin": "https://admin.bitwarden.com",
"internalIdentity": "https://identity.bitwarden.com",
"internalApi": "https://api.bitwarden.com",
"internalVault": "https://vault.bitwarden.com"
}
}
}

35
src/Hub/appsettings.json
Unescape View File

@ -0,0 +1,35 @@
{
"globalSettings": {
"selfHosted": false,
"projectName": "Hub",
"baseServiceUri": {
"vault": "https://localhost:8080",
"api": "http://localhost:4000",
"identity": "http://localhost:33656",
"admin": "http://localhost:62911",
"internalAdmin": "http://localhost:62911",
"internalIdentity": "http://localhost:33656",
"internalApi": "http://localhost:4000",
"internalVault": "http://localhost:4001"
},
"sqlServer": {
"connectionString": "SECRET"
},
"identityServer": {
"certificateThumbprint": "SECRET"
},
"storage": {
"connectionString": "SECRET"
},
"events": {
"connectionString": "SECRET"
},
"documentDb": {
"uri": "SECRET",
"key": "SECRET"
},
"sentry": {
"dsn": "SECRET"
}
}
}
Write Preview
Loading…
Cancel
Save