Branch:
akd
AC-1527-refactor-the-stripe-webhook-logic
AC-1601-require-sso-for-tde
AC-1833-2FA-Check-mark-still-visible
AC-2035-when-a-subscription-is-cancelled,-the-customer-cannot-self-server
ActivityDecorator
Add-MsSqlMigratorUtility-run-configuration-for-VS-Code
ApiKeyAuthInTheCli
Auth/PM-52-add-rbac-for-providers
Auth/pm-6333/remove-security-validation-exception
BEEEP/pm-26016/cache-authenticator-failures
BRE-1037/update-rc-deploy-trigger
BRE-193-demo
BRE-193-test
BRE-247-create-test-env
BRE-292-sync-ephemeral-env-on-build-test
BRE-443-get-major-repos-to-bwwl-lint-passing-stage
BRE-demo-ee-01
DEVOPS-1039-update-release-flow-dry-run-step-names
DEVOPS-1215-Build-Migrator-project-artifact
DEVOPS-1537-Update-dbo.Migrations-table-to-support-repeatable-migrations
DEVOPS-1551-test-branch-for-server3
DEVOPS-1594-pin-all-uses-of-bitwarden-gh-actions-to-master
EC-502-cherry-pick
Hinton-patch-1
MergePlanAndPriceUpdates
PM-11525-Estimated-tax-shown-to-customers-potentially-incorrect
PM-13128
PM-13446-Database-Add-IsMultiOrgEnterprise-column-to-Provider-table
PM-14163-Sales-Tax-Compliance
PM-14891-Sales-Tax-Estimation-For-Organizations
PM-14892-Sales-Tax-Estimation-For-Accounts
PM-14894-Drop-Sales-Tax-Database-Tables
PM-15404-Provider-portal-contains-incorrect-styling-for-the-table-filters
PM-15536-Unsupported-Provider-Type-Reseller-on-Create-New-Org-under-Reseller
PM-16196
PM-16682
PM-16921
PM-17132
PM-17732
PM-18018
PM-18881
PM-19147
PM-19147_2
PM-19147_3
PM-19562-remove-desktop-flag
PM-19643
PM-2014-passkey-registration
PM-2032-troubleshoot-actions
PM-22372
PM-2448
PM-25697
PM-27886
PM-2844-beeep-add-custom-error-codes-for-server-api-exceptions
PM-29660-continuationtokens
PM-30247-Defect-Previously-archived-items-do-not-return-to-Archive-when-importing
PM-30920-Server-changes-to-encrypt-send-access-email-list
PM-3203-update-environment-file-builder-variable-name-to-cloud-region
PM-3263-Fix-EF-tests-for-passkey-registration-and-test-EF-repository-implementation
PM-3807-store-all-passkeys-as-login-cipher-type
POC/cipher-versioning
PS-590
QA
Remove-Return-ValidateSponsorshipCommand.cs
SG-497/Health-checks
SG-660
SG-701
SM-1301-get-by-id-changes-events
SM-1548-SecretViewSlow
SM-1743-featureflag
SM-1800
SM-1805-OrgLic
SM-2-Organization
SM-249-Delete-Secrets
SM-381]-Access-Policy-Secrets
SM-73
SM-73-signed
SM-910-BasedOn923
SM-923-Issues
SRE-3019-using-claude-implement-the-azure-mail-queue-retry-feature
Secrets-Access
ac-1409/secrets_manager_subscription_stripe
ac-1427/add_new_organisation_properties
ac-1427/add_new_organisation_properties_update_db_objects_and_create_migration
ac-1753-automatically-assign-providers-pricing-to-new-organizations
ac-1779/fix-validation-for-expirationWithoutGracePeriod-in-organizationLicense
ac-2266-two-email-notifications-is-sent-when-creating-org-from-sm-Trial-page
ac-2306-Self-serve-upgrade-automatically-updates-subscription
ac-2310-dont-reset-billing-cycle-if-upcoming-invoice-exceeds-dollar-threshold
ac-2385-as-a-billing-system-I-need-to-handle-attempting-to-pay-an-invoice-with-braintree-for-a-provider
ac-2570-existing-providers-see-new-cb-experience-on-admin-console
ac-2957-delete-the-feature-flag-PM-5864-dollar-threshold
ac/ac-1174/master-bulk-collection-management
ac/ac-1174/testing-unidirectional-dataflow
ac/addison/pm-10863/turn-on-for-self-host
ac/addison/pw-10314/auto-enable-policy
ac/jmccannon/pm-12479-changing-groups-model
ac/jmccannon/pm-12488-pt2-refactor
ac/pm-15621/add-commandresultvalidator
ac/pm-15621/refactor-delete-command
ac/pm-17217/add-use-policy-check-for-accept-endpoint
ac/pm-20633/rename-remove-individual
ac/pm-21031/get-members-performance-optimization
ac/pm-21411/refactor-interface-for-determining-premium-status-and-features
ac/pm-21742/update-confirmed-to-org-family-free
ac/pm-22102/metadata-prototype
ac/pm-22108/add-bulk-interfaces-for-checking-policies
ac/pm-23768/server-public-api---add-restore/revoke-for-members
ac/pm-23845/fix-concurrent-access-feature-flag
ac/pm-24192/recover-account-command
ac/pm-24278/add-ipostsavepolicysideeffect
ac/pm-24278/prototype
ac/pm-24279/add-new-policy-endpoint
ac/pm-24279/vnext-policy-endpoint
ac/pm-24759/policy-requirements-collection-queries
ac/pm-25106/refactor-misleading-sproc-filters
ac/pm-26714/seat-count-increase-email-not-being-sent
ac/pm-27179/admin-portal-view-user-items-count-mismatch
ac/pm-28555/add-semaphore-table
ac/pm-28555/server-create-idempotent-sproc-for-creating-a-single-my-items-collection
ac/pm-28795/refactor-org-acceptinit
ac/pm-28842/cap-password-minimum-length
ac/pm-29045/collection-item-deletion-workflow-issue
ac/pm-29129/add-the-policy-readme
ac/pm-29246/policy-response-update
ac/pm-30610/fix-formatting
ac/pm-5966/fix-entity-framework-query
ac1191-tde-approval-email
ac1454-2fa-directory
acostarj-patch-1-cs-server
add-2017-to-db-test-script
add-backport-workflow
add-captcha-logging
add-encrypted-key-column
add-gitlens-settings
add-linux-cert-helper
add-needs-qa-label
add-notification-channels
add-notification-hub-logging
add-peer-dependency
additional-load-tests
aesgcm
ai/exercise-claude-code-review-do-not-merge
akd
anders/add-devcontainer-docs
anders/increase-passkey-limit
anders/prf-options
api-integration-tests
arch/emailers-razor
architecture/api-versioning
auth/add-cosmos-persisted-grant-to-sso
auth/context-rules
auth/deps/identity-7.1.0
auth/logging-admin-new-device-verification
auth/mjml-workflow
auth/pm-11537/increase-passkey-limit
auth/pm-17129/login-with-2fa-recovery-code-bugfix
auth/pm-18612
auth/pm-18720/change-password-component-non-dialog
auth/pm-18720/change-password-component-non-dialog-v3
auth/pm-18720/change-password-component-non-dialog-v4
auth/pm-19209/revert-to-original-message
auth/pm-19685/remove-email-delay-flag
auth/pm-20377/token-add-user-details
auth/pm-20532/tech-breakdown-poc-token-based-send-authn-and-authz
auth/pm-22975/client-version-validator
auth/pm-24207
auth/pm-24281/enhance-email
auth/pm-24579/prevent-existing-sso-rejected-users-nullish-fix
auth/pm-24617/throttling-report
auth/pm-24662/tech-breakdown-comments
auth/pm-26376/ea-delete-command
auth/pm-26578/http-redirect-cloud
auth/pm-27062/prelogin-new-data-types
auth/pm-27084/register-accepts-new-data-types
auth/pm-27084/register-accepts-new-data-types-repush
auth/pm-27510/prevent-existing-sso-rejected-users-nullish-fix
auth/pm-28768/bug-welcome-email-for-families
auth/pm-28877/remove-show-pii-config
auth/pm-29585/prevent-new-emergency-access
auth/pm-30613/mjml-based-email-templates
auth/pm-30613/remove-mjml-based-email-feature-flag
auth/pm-30810/http-redirect-cloud
auth/pm-3797/key-rotation-upgrades
auth/pm-4142/remove-old-invite-token-validation
auth/pm-5594/enabling-account-switching-causes-performance-issues-on-safari
auth/pm-5947/self-host-duo-redirect
auth/pm-6631/handle-webauthn-creation-exception
auth/pm-8882/add-logging-feature-flag
auth/pm-9826/2fa-get-remove-validation
auth/proto/webauthn-limit-increase
auth/remove-captcha
auth/remove-feature-flags
authreq
autoconfirm-single-org
autofill-feature-flag-cleanup
autofill/idp-auto-submit
autofill/pm-10418-expiration-date-on-cards-does-not-autofill-the-correct-format
azure-table-tests
beeep-autofixture-detect-param
beeep-lazy-user-currentcontext
beeep/dev-container
beeep/recipe-seeding
billing/AC-2379/webhook-update-provider-status
billing/AC-2515/stripe-upgrade
billing/PM-11516/license-stuff
billing/PM-27702/cant-purchase-subscription-with-PayPal
billing/PM-29599/upgrade-proration
billing/aspire
billing/codeowner-changes
billing/env-based-dev-container
billing/license-claims-data-type-expansion
billing/license-refactor
billing/pm-21643-create-stripe-webhook-endpoints-for-api-version-2025-04-30-basil
billing/pm-27603/initial-migration-for-storage-increase
billing/pm-28662-fix-duplicate-premium-subscriptions
billing/pm-28662/individual-Premium-automatically-disabled-due-to-duplicate-subscription-leftover
billing/pm-29595/user-that-upgraded-from-premium-reverts-an-organization-upgrade-during-the-trial-period
billing/pm-30908/correct-premium-subscription-status-handling
blazor
brant/move-organization-connection-to-integrations
brant/move-organization-connection-to-integrations-step-2
bre-1004_update-workflows-for-ghcr
bre-1241-ephemeral-environment-test
bre/th/dev
bsephem
bug/PS-2120-purge-vault-not-refreshing-items
build-tvp-arrays-outside-connection
collectiongroupsapi
community-pm-3309-fixes-for-kerberos-auth
community/pm-2242/add-kerberos-auth-to-docker
context-rules
copilot/add-sdk-key-rotation-flag
copilot/review-draft-pr-6748
cosmosevents
create-mailers
database-seeder
db-migration
dbops/dbops-31/csv-import
debug-self-hosted-passwordless
debug/push-notifications
demo/flexible-collections-v1
desktop-m4
devcontainer-updates
dirt/PM-23358/move-phishing-code-to-dirt-team
dirt/PM-25576/change-member-access-query-to-use-views
dirt/PM-29828/modify-dbseeder-to-make-test-data-quickly
dirt/access-intelligence-db-seeder
dirt/pm-20112_member_access_report_503error
dirt/pm-20577/report-summary-for-db
dirt/pm-20577/risk-insight-server-endpoints
dirt/pm-23030/add_report_key_for_key_rotation
dirt/pm-23044/organization-application-server-implementation
dirt/pm-23754/alter-org-report-table
dirt/pm-23754/organization-report-summary-table
duo-sdk-upgrade
ec-598
ee-db-seeder
ee-patch-01
ee-test-image-updater
ee/test/branch
enable-xunit-diagnostic-messages
ephem-test-01
ephemeral-environment-api-env
ephemeral-environment-hello-world
ephemeral-test-01
experiment/cipher-auth
external-dns-test
feat/SG-651-activate-org-with-stripe-activation
feat/passwordless
feature/additional-item-types
feature/decouple-icon-service
feature/dev-migrator-script-rerun-option
feature/org-admin-refresh-v3
feature/refactor-organization-service-to-feature-services
feature/seeder-crypto-abstraction
feature/self-hosted-F4E-sync
feature/self-hosted-f4e-orgsponsorship-migration
fedemkr-patch-1
fix-build
fix-identity-resource
fix-rc
fix-tde-provider-user
formatjan2023csp
hosting-env-change
hotfix-EC-529
hotfix-sendgrid
idphost
iinuwa/mobile-device-login-passkey
iinuwa/store-prf-secrets
innovation/opaque
innovation/seeded-csprng-fake-user
introduce-server-sdk-everywhere
jim-test
jmccannon/ac/pm-12474-org-user-auth-handlers
jmccannon/ac/pm-12487-restore-user-command
jmccannon/ac/pm-15547-revoke-user-remove-2fa
jmccannon/ac/pm-24462-seat-limit-ignored
jmccannon/ac/pm-28627/restore-create-default-collection
jmccannon/ac/pm-28627/restore-user-my-items
jmccannon/ac/pm-3175-send-invite-async
jmccannon/ac/transaction-attempt
jmccannon/ac/transaction-attempt-2
jmccannon/ac/validation-result-poc
jmccannon/testing-improvements
justindbaur-patch-1
justindbaur-patch-2
k8-alpine-test-bre-917
k8s/use-mounted-secrets
keyedcache
km/auto-enroll-name
km/auto-kdf-qa
km/beeep/qr-login
km/key-rotation-signing
km/km-10648/remove-reference-to-feature-flag
km/low-kdf-testing
km/main-broken-build
km/pm-10600-part2
km/pm-10600-part3
km/pm-24051-user-decryption-response-sdk-wasm-extension
km/pm-27278/register-password-based-account-v2
km/pm-29955-unable-to-trust-prompt-when-rotating-account-encryption
km/remove-old-ssh-flags
km/remove-unused-file
km/sdk-key-rotation
km/signing-keys
km/tde-offboarding-fix
linting-again
main
make-roles-change-at-runtime
metadata/badges
minimal-codespace
misc/use-host-environment
mobile/PM-18936-key-connector-ephemeral
move-azurite-scaffolding
move_old_DbScripts_future_to_DbScripts
mtmorgdomains
named-http-clients
notfoundcheck
notification-hub-debug-logging
null-operator-on-fido2keys
nullable-entities
orgapikeys
passwordless/add_fingerprintphrase_reponse
passwordless/getUserAuthRequests
passwordless/notifications
passwordless/signalR
patch/ee-bot-test
perfindexes
platform/add-messagepack
platform/addison/PM-11129/codeownership-assignments
platform/addison/PM-11129/implemetation
platform/pm-2182/harden-captcha-bypass-conditions
platform/pm-23123/test-cookie-endpoint
platform/pm-2944/make-entities-nullable
platform/pm-3626/write-collections-tests
platform/remove-storage-reseed-flag
pm-12071-only-verified-org-domain-sso
pm-13345-Add-Remove-Bitwarden-Families-policy-in-Admin-Console
pm-13347-web-app-impacts
pm-13429-Seat-Count-Increase-Email-Only-Sending-For-First-Auto-Scale-But-Not-Subsequent
pm-14496-non-root-self-hosted-images
pm-15625-disable-trial-send-verification-email-endpoint-for-self-host
pm-15808-Show-suspended-org-modals-for-orgs-in-unpaid-and-canceled-status
pm-15814-alert-owners-of-reseller-managed-orgs-to-renewal-events
pm-17592-remove-feature-flag-disable-free-families-sponsorship
pm-20084-add-trial-length-parameter-to-trial-send-verification-email-endpoint
pm-2023-fido2-authentication
pm-21106-remove-button-not-responsive
pm-22968-ui-when-MSP/BUP-is-suspended-feature-flag
pm-28973
pm-29144-communication-in-config-api
pm-3891-implement-time-based-threshold
pm-3892-implement-dollar-threshold-for-monthly-sub
pm-6768-error-autoscaling-when-organisation-is-subscription-is-still-trialing
pm-6774-reduce-the-dollar-threshold-from-500-to-300-dollars
pm-9162
pm/pm-30609/make-redis-required-for-local-cloud-development
poc/structurizr
policy-definition-save
policy-requirements
policy-requirements-redux
pre-tde-self-host
proxy-project
ps/TDL-136
ps/explore-required
ps/include-flag-context-in-config-response
ps/pm-11612/quartz-qa-branch
ps/pm-19659/add-notifications-readmes
ps/pm-21571/implement-smtp-oauth
ps/pm-2944/make-entities-nullable-auth
ps/pm-336/nullable-unowned-services
quexten-patch-1
rebase-demo-ex-2
remove-accept-org-user-method
renovate/anglesharp-1.x
renovate/azure-azure-sdk-for-net-monorepo
renovate/bitwarden.server.sdk-1.x
renovate/braintree-5.x
renovate/docker-compose-minor
renovate/dotnet-monorepo
renovate/duende.identityserver-7.x
renovate/fido2.aspnet-4.x
renovate/fusioncache-monorepo
renovate/kenchan0130-simplesamlphp-1.x
renovate/kralizek.autofixture.extensions.mockhttp-2.x
renovate/linq2db-6.x
renovate/linq2db.entityframeworkcore-10.x
renovate/linq2db.entityframeworkcore-8.x
renovate/lock-file-maintenance
renovate/major-aspnet-health-checks-monorepo
renovate/major-dotnet-monorepo
renovate/major-entityframeworkcore
renovate/major-swashbuckle-aspnetcore-monorepo
renovate/major-vstest-monorepo
renovate/mariadb-12.x
renovate/mcr.microsoft.com-devcontainers-dotnet-10.x
renovate/mcr.microsoft.com-mssql-server-2025.x
renovate/messagepack-3.x
renovate/microsoft.azure.cosmos-3.x
renovate/microsoft.build.sql-2.x
renovate/microsoft.data.sqlclient-6.x
renovate/mjml-4.x
renovate/mjml-core-4.x
renovate/npgsql.entityframeworkcore.postgresql-10.x
renovate/npgsql.entityframeworkcore.postgresql-8.x
renovate/pin-dependencies
renovate/pomelo.entityframeworkcore.mysql-9.x
renovate/postgres-18.x
renovate/prettier-3.x
renovate/rabbitmq.client-7.x
renovate/sigstore-cosign-installer-4.x
renovate/stripe.net-46.x
renovate/stripe.net-50.x
renovate/vstest-monorepo
renovate/yamldotnet-16.x
repository-management-workflow-fix
return-non-zero-exit-code-on-failure
revert-2346-SG-698
revert-2992-PM-2448
revert-3891-ac-2293-Two-email-notifications-is-sent-when-creating-org-from-SM-Trial-page
revert-6582-revert-6577-auth/pm-27062/prelogin-new-data-types
revert-6755-revert-6676-auth/pm-3287/tde-cleanup-remove-reset-master-password-from-token-response
sdk-decrypt
sg/SG-58
sm-10995-removefeatureflag
sm-910-923
sm-923
sm-add-bulk-move-to-project
sm/SM-518
sm/sm-873
sm/sm-904
sns
snyk-fix-261dbaccec3d4355caadddbd8dc44b4b
snyk-fix-6d56d7b220780f29826f4338d1631736
snyk-fix-8b823cd3ec0299ef141df1252a243e9b
snyk-fix-9a25996054355dc90914c1d4e62b99fc
snyk-fix-9ab4f8e979d891859939b5e19e825a45
snyk-fix-afde10973a7206485a89218280e291d8
snyk-fix-d0b5c3ca960136a116ca02dbf1b0b2b4
sre
sso-default-logging
sso-device-key-callback-poc
ssoconfig
strongly-typed-orgusers
task/BRE-128
task/BRE-342
test
test-docker-stuff
test-email-subject-automation
test-ephemeral-env-key-connector
test-image-updater-ee
test-new-trigger-ee
testing
th-ee-test
tools/AC-2496/graphql-experiment
tools/AC-2496/odata-init
tools/AC-2496/odata-test
tools/generator-modernization
tools/pm-16085/increase-import-limitations
tools/pm-8895/groups-controller-decouple
tools/pm-9709/group-details-query
tools/tech-debt/remove-unused-response-parameters
true-unified
trustmssql
tt-test-branch
update-renovate-for-auth
update-server-program
upgrade-npgsql-version
use-pr-for-release-version
util/support-dev-env-installations
vault/ac-2106/fix-provider-creating-collection
vault/delete-only-can-manage
vault/feature/cipher-versioning
vault/pm-20379/security-task-hidden-password
vault/pm-28190/sdk-sharing-feature-flag
vault/pm-4185/regression-testing
vault/pm-5072/update-minimum-server-version-for-cipher-key-encryption
verifypasswordhashonenrollment
vuln-252-check-run-least-priv
xunit-v3-full-upgrade
xunit-v3-migration
yubikey-logging
1.22.0
1.4.0
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.1.0
v1.10.0
v1.11.0
v1.11.1
v1.12.0
v1.12.1
v1.13.0
v1.13.1
v1.14.0
v1.14.1
v1.14.2
v1.15.0
v1.15.1
v1.16.0
v1.17.0
v1.17.1
v1.17.2
v1.18.0
v1.18.1
v1.19.0
v1.2.0
v1.20.0
v1.21.0
v1.23.0
v1.24.0
v1.25.0
v1.26.0
v1.27.0
v1.28.0
v1.29.0
v1.3.0
v1.3.1
v1.3.2
v1.3.3
v1.3.4
v1.30.0
v1.30.1
v1.30.2
v1.30.3
v1.30.4
v1.31.0
v1.31.1
v1.32.0
v1.33.0
v1.33.1
v1.34.0
v1.35.0
v1.35.1
v1.36.0
v1.36.1
v1.37.0
v1.37.1
v1.37.2
v1.38.0
v1.38.1
v1.38.2
v1.38.3
v1.38.4
v1.39.0
v1.39.1
v1.39.2
v1.39.3
v1.39.4
v1.4.1
v1.40.0
v1.41.0
v1.41.1
v1.41.2
v1.41.3
v1.41.4
v1.41.5
v1.41.6
v1.42.0
v1.42.1
v1.42.2
v1.42.3
v1.43.0
v1.43.1
v1.44.0
v1.44.1
v1.45.0
v1.45.1
v1.45.2
v1.45.3
v1.45.4
v1.46.0
v1.46.1
v1.46.2
v1.46.3
v1.47.0
v1.47.1
v1.48.0
v1.48.1
v1.5.0
v1.5.1
v1.6.0
v1.7.0
v1.8.0
v1.8.1
v1.8.2
v1.9.0
v2022.05.0
v2022.10.0
v2022.11.0
v2022.11.1
v2022.12.0
v2022.5.1
v2022.5.2
v2022.6.0
v2022.6.1
v2022.6.2
v2022.8.0
v2022.8.2
v2022.8.3
v2022.8.4
v2022.9.0
v2022.9.1
v2022.9.2
v2022.9.4
v2022.9.5
v2023.1.0
v2023.10.0
v2023.10.1
v2023.10.2
v2023.10.3
v2023.12.0
v2023.12.1
v2023.2.0
v2023.2.1
v2023.3.0
v2023.4.0
v2023.4.1
v2023.4.2
v2023.4.3
v2023.5.0
v2023.5.1
v2023.7.0
v2023.7.1
v2023.7.2
v2023.8.0
v2023.8.1
v2023.8.2
v2023.8.3
v2023.9.0
v2023.9.1
v2024.1.0
v2024.1.1
v2024.1.2
v2024.10.0
v2024.10.1
v2024.10.2
v2024.11.0
v2024.12.0
v2024.12.1
v2024.2.0
v2024.2.1
v2024.2.2
v2024.2.3
v2024.3.0
v2024.3.1
v2024.4.0
v2024.4.1
v2024.4.2
v2024.5.0
v2024.6.0
v2024.6.1
v2024.6.2
v2024.7.0
v2024.7.1
v2024.7.2
v2024.7.3
v2024.7.4
v2024.8.0
v2024.8.1
v2024.9.0
v2024.9.1
v2024.9.2
v2025.1.0
v2025.1.1
v2025.1.2
v2025.1.3
v2025.1.4
v2025.10.0
v2025.10.1
v2025.10.2
v2025.11.0
v2025.11.1
v2025.12.0
v2025.12.1
v2025.12.2
v2025.2.0
v2025.2.1
v2025.2.2
v2025.2.3
v2025.2.4
v2025.3.0
v2025.3.3
v2025.4.0
v2025.4.1
v2025.4.2
v2025.4.3
v2025.5.0
v2025.5.1
v2025.5.2
v2025.5.3
v2025.6.0
v2025.6.1
v2025.6.2
v2025.7.0
v2025.7.1
v2025.7.2
v2025.7.3
v2025.8.0
v2025.8.1
v2025.9.0
v2025.9.1
v2025.9.2
v2026.1.0
${ noResults }
9 Commits (akd)
| Author | SHA1 | Message | Date |
|---|---|---|---|
Rui Tomé
|
722fae81b3
|
[PM-18237] Add RequireSsoPolicyRequirement (#5655)
* Add RequireSsoPolicyRequirement and its factory to enforce SSO policies * Enhance WebAuthnController to support RequireSsoPolicyRequirement with feature flag integration. Update tests to validate behavior when SSO policies are applicable. * Integrate IPolicyRequirementQuery into request validators to support RequireSsoPolicyRequirement. Update validation logic to check SSO policies based on feature flag. * Refactor RequireSsoPolicyRequirementFactoryTests to improve test coverage for SSO policies. Add tests for handling both valid and invalid policies in CanUsePasskeyLogin and SsoRequired methods. * Remove ExemptStatuses property from RequireSsoPolicyRequirementFactory to use default values from BasePolicyRequirementFactory * Restore ValidateRequireSsoPolicyDisabledOrNotApplicable * Refactor RequireSsoPolicyRequirement to update CanUsePasskeyLogin and SsoRequired properties to use init-only setters * Refactor RequireSsoPolicyRequirementFactoryTests to enhance test clarity * Refactor BaseRequestValidatorTests to improve test clarity * Refactor WebAuthnController to replace SSO policy validation with PolicyRequirement check * Refactor BaseRequestValidator to replace SSO policy validation with PolicyRequirement check * Refactor WebAuthnControllerTests to update test method names and adjust policy requirement checks * Add tests for AttestationOptions and Post methods in WebAuthnControllerTests to validate scenario where SSO is not required * Refactor RequireSsoPolicyRequirement initialization * Refactor SSO requirement check for improved readability * Rename test methods in RequireSsoPolicyRequirementFactoryTests for clarity on exempt status conditions * Update RequireSsoPolicyRequirement to refine user status checks for SSO policy requirements |
9 months ago |
Bernd Schoolmann
|
3ad4bc1cab
|
[PM-4371] Implement PRF key rotation (#4157)
* Send rotateable keyset on list webauthn keys * Implement basic prf key rotation * Add validator for webauthn rotation * Fix accounts controller tests * Add webauthn rotation validator tests * Introduce separate request model * Fix tests * Remove extra empty line * Remove filtering in validator * Don't send encrypted private key * Fix tests * Implement delegated webauthn db transactions * Add backward compatibility * Fix query not working * Update migration sql * Update dapper query * Remove unused helper * Rename webauthn to WebAuthnLogin * Fix linter errors * Fix tests * Fix tests |
2 years ago |
Ike
|
767c58466c
|
[PM-4168] update keys for WebAuthnLoginCredential (#3506)
* allow update of webauthnlogincredential * Added Tests * fixed tests to use commands * addressing various feedback items |
2 years ago |
Andreas Coroiu
|
d63c917c95
|
[PM-4619] Rewrite `UserService` methods as commands (#3432)
* [PM-4619] feat: scaffold new create options command * [PM-4169] feat: implement credential create options command * [PM-4619] feat: create command for credential creation * [PM-4619] feat: create assertion options command * [PM-4619] chore: clean-up unused argument * [PM-4619] feat: implement assertion command * [PM-4619] feat: migrate to commands * [PM-4619] fix: lint * [PM-4169] fix: use constant * [PM-4619] fix: lint I have no idea what this commit acutally changes, but the file seems to have some character encoding issues. This fix was generated by `dotnet format` |
2 years ago |
Thomas Rittson
|
42cec31d07
|
[AC-1287] AC Team code ownership moves: Policies (1/2) (#3383)
* note: IPolicyData and EntityFramework Policy.cs are moved without any changes to namespace or content in order to preserve git history. |
2 years ago |
|
Andreas Coroiu
|
35500b197d
|
fix: broken webauthn controller tests (#3421)
|
2 years ago |
|
Andreas Coroiu
|
e401fc0983
|
[PM-4167] Add PRF attestation flow during passkey registration (#3339)
* [PM-4167] feat: add support for `SupportsPrf` * [PM-4167] feat: add `prfStatus` property * [PM-4167] feat: add support for storing PRF keys * [PM-4167] fix: allow credentials to be created without encryption support * [PM-4167] fix: broken test * [PM-4167] chore: remove whitespace * [PM-4167] fix: controller test * [PM-4167] chore: improve readability of `GetPrfStatus` * [PM-4167] fix: make prf optional * [PM-4167] fix: commit missing controller change * [PM-4167] fix: tests |
2 years ago |
Jared Snider
|
f5f64059c5
|
Auth/PM-3659 - Disable Passkey registration if Require SSO Policy Enabled (#3399)
* PM-3659 - WebAuthnController.cs - Passkey Creation - Add RequireSSO login policy validation to prevent users from creating passkeys if require SSO applies to them. * PM-3659 - per PR feedback, apply new require SSO validation to options call * PM-3659 - Remove unneeded comment * PM-3659 - Per PR feedback, add unit tests for new require SSO scenarios on both Post and Options endpoints on the WebAuthnController * Remove duplicated line * Remove extra whitespace |
2 years ago |
Kyle Spearrin
|
44c559c723
|
Support for passkey registration (#2885)
* support for fido2 auth * stub out registration implementations * stub out assertion steps and token issuance * verify token * webauthn tokenable * remove duplicate expiration set * revert sqlproj changes * update sqlproj target framework * update new validator signature * [PM-2014] Passkey registration (#2915) * [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository` * [PM-2014] fix: add missing service registration * [PM-2014] feat: add user verification when fetching options * [PM-2014] feat: create migration script for mssql * [PM-2014] chore: append to todo comment * [PM-2014] feat: add support for creation token * [PM-2014] feat: implement credential saving * [PM-2014] chore: add resident key TODO comment * [PM-2014] feat: implement passkey listing * [PM-2014] feat: implement deletion without user verification * [PM-2014] feat: add user verification to delete * [PM-2014] feat: implement passkey limit * [PM-2014] chore: clean up todo comments * [PM-2014] fix: add missing sql scripts Missed staging them when commiting * [PM-2014] feat: include options response model in swagger docs * [PM-2014] chore: move properties after ctor * [PM-2014] feat: use `Guid` directly as input paramter * [PM-2014] feat: use nullable guid in token * [PM-2014] chore: add new-line * [PM-2014] feat: add support for feature flag * [PM-2014] feat: start adding controller tests * [PM-2014] feat: add user verification test * [PM-2014] feat: add controller tests for token interaction * [PM-2014] feat: add tokenable tests * [PM-2014] chore: clean up commented premium check * [PM-2014] feat: add user service test for credential limit * [PM-2014] fix: run `dotnet format` * [PM-2014] chore: remove trailing comma * [PM-2014] chore: add `Async` suffix * [PM-2014] chore: move delay to constant * [PM-2014] chore: change `default` to `null` * [PM-2014] chore: remove autogenerated weirdness * [PM-2014] fix: lint * Added check for PasswordlessLogin feature flag on new controller and methods. (#3284) * Added check for PasswordlessLogin feature flag on new controller and methods. * fix: build error from missing constructor argument --------- Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> * [PM-4171] Update DB to support PRF (#3321) * [PM-4171] feat: update database to support PRF * [PM-4171] feat: rename `DescriptorId` to `CredentialId` * [PM-4171] feat: add PRF felds to domain object * [PM-4171] feat: add `SupportsPrf` column * [PM-4171] fix: add missing comma * [PM-4171] fix: add comma * [PM-3263] fix identity server tests for passkey registration (#3331) * Added WebAuthnRepo to EF DI * updated config to match current grant types * Remove ExtensionGrantValidator (#3363) * Linting --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com> Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com> Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com> Co-authored-by: Todd Martin <tmartin@bitwarden.com> |
2 years ago |