[PS 1045] bw login with apikey argument fails on cli (#3959)
* Add fix for bw login with apikey argument fails bug * Changes after running the prettier * Revert chnages on the launch.json file * Changes after running a lint * Renaming a filename to remove capital letters * Resolving the error on test run * Renaming file names due lint errors * Renaming new files to conform to snake case * Remove the test for user api login strategy * Adding the user api login test and file renaming * Rename file name to organization-api-login.spec.ts * Fixing the lint error on PR * Adding the apiLogIn.strategy to whitelist-capital-letters * Removing all the apiLogIn.strategy in whitelist-capital-letters. * Fixing PR comment relating OrganizationApiTokenRequest * Resolve PR comment on OrganizationApiTokenRequest model * Fixing PR comment of separating organization token model * fixing the lint error message * Fixing the lint error * Reverting the changes on lunch.js * revert the actual content on launch.json * Reverting changes relating to organization api login * Removing the OrganizationIdentityTokenResponse file * Removing OrganizationIdentityTokenResponse file Co-authored-by: dynwee <onwudiweokeke@gmail.com>
This commit is contained in:
parent
b5e927c2c8
commit
cba0f31937
|
@ -36,7 +36,6 @@
|
|||
./libs/angular/src/interfaces/selectOptions.ts
|
||||
./libs/components/src/stories/Introduction.stories.mdx
|
||||
./libs/common/spec/misc/logInStrategies/logIn.strategy.spec.ts
|
||||
./libs/common/spec/misc/logInStrategies/apiLogIn.strategy.spec.ts
|
||||
./libs/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts
|
||||
./libs/common/spec/misc/logInStrategies/ssoLogIn.strategy.spec.ts
|
||||
./libs/common/spec/web/services/webCryptoFunction.service.spec.ts
|
||||
|
@ -60,7 +59,6 @@
|
|||
./libs/common/spec/services/consoleLog.service.spec.ts
|
||||
./libs/common/src/misc/logInStrategies/ssoLogin.strategy.ts
|
||||
./libs/common/src/misc/logInStrategies/passwordLogin.strategy.ts
|
||||
./libs/common/src/misc/logInStrategies/apiLogin.strategy.ts
|
||||
./libs/common/src/misc/logInStrategies/passwordlessLogin.strategy.ts
|
||||
./libs/common/src/misc/logInStrategies/logIn.strategy.ts
|
||||
./libs/common/src/misc/nodeUtils.ts
|
||||
|
|
|
@ -281,12 +281,12 @@ export class TwoFactorComponent extends CaptchaProtectedComponent implements OnI
|
|||
return (
|
||||
this.authService.authingWithPassword() ||
|
||||
this.authService.authingWithSso() ||
|
||||
this.authService.authingWithApiKey() ||
|
||||
this.authService.authingWithUserApiKey() ||
|
||||
this.authService.authingWithPasswordless()
|
||||
);
|
||||
}
|
||||
|
||||
get needsLock(): boolean {
|
||||
return this.authService.authingWithSso() || this.authService.authingWithApiKey();
|
||||
return this.authService.authingWithSso() || this.authService.authingWithUserApiKey();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -12,13 +12,13 @@ import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUti
|
|||
import { StateService } from "@bitwarden/common/abstractions/state.service";
|
||||
import { TokenService } from "@bitwarden/common/abstractions/token.service";
|
||||
import { TwoFactorService } from "@bitwarden/common/abstractions/twoFactor.service";
|
||||
import { ApiLogInStrategy } from "@bitwarden/common/misc/logInStrategies/apiLogin.strategy";
|
||||
import { UserApiLogInStrategy } from "@bitwarden/common/misc/logInStrategies/user-api-login.strategy";
|
||||
import { Utils } from "@bitwarden/common/misc/utils";
|
||||
import { ApiLogInCredentials } from "@bitwarden/common/models/domain/log-in-credentials";
|
||||
import { UserApiLogInCredentials } from "@bitwarden/common/models/domain/log-in-credentials";
|
||||
|
||||
import { identityTokenResponseFactory } from "./logIn.strategy.spec";
|
||||
|
||||
describe("ApiLogInStrategy", () => {
|
||||
describe("UserApiLogInStrategy", () => {
|
||||
let cryptoService: SubstituteOf<CryptoService>;
|
||||
let apiService: SubstituteOf<ApiService>;
|
||||
let tokenService: SubstituteOf<TokenService>;
|
||||
|
@ -31,8 +31,8 @@ describe("ApiLogInStrategy", () => {
|
|||
let stateService: SubstituteOf<StateService>;
|
||||
let twoFactorService: SubstituteOf<TwoFactorService>;
|
||||
|
||||
let apiLogInStrategy: ApiLogInStrategy;
|
||||
let credentials: ApiLogInCredentials;
|
||||
let apiLogInStrategy: UserApiLogInStrategy;
|
||||
let credentials: UserApiLogInCredentials;
|
||||
|
||||
const deviceId = Utils.newGuid();
|
||||
const keyConnectorUrl = "KEY_CONNECTOR_URL";
|
||||
|
@ -55,7 +55,7 @@ describe("ApiLogInStrategy", () => {
|
|||
appIdService.getAppId().resolves(deviceId);
|
||||
tokenService.getTwoFactorToken().resolves(null);
|
||||
|
||||
apiLogInStrategy = new ApiLogInStrategy(
|
||||
apiLogInStrategy = new UserApiLogInStrategy(
|
||||
cryptoService,
|
||||
apiService,
|
||||
tokenService,
|
||||
|
@ -69,7 +69,7 @@ describe("ApiLogInStrategy", () => {
|
|||
keyConnectorService
|
||||
);
|
||||
|
||||
credentials = new ApiLogInCredentials(apiClientId, apiClientSecret);
|
||||
credentials = new UserApiLogInCredentials(apiClientId, apiClientSecret);
|
||||
});
|
||||
|
||||
it("sends api key credentials to the server", async () => {
|
|
@ -24,9 +24,9 @@ import { EmergencyAccessUpdateRequest } from "../models/request/emergency-access
|
|||
import { EventRequest } from "../models/request/event.request";
|
||||
import { GroupRequest } from "../models/request/group.request";
|
||||
import { IapCheckRequest } from "../models/request/iap-check.request";
|
||||
import { ApiTokenRequest } from "../models/request/identity-token/api-token.request";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
|
||||
import { UserApiTokenRequest } from "../models/request/identity-token/user-api-token.request";
|
||||
import { ImportCiphersRequest } from "../models/request/import-ciphers.request";
|
||||
import { ImportOrganizationCiphersRequest } from "../models/request/import-organization-ciphers.request";
|
||||
import { KdfRequest } from "../models/request/kdf.request";
|
||||
|
@ -175,7 +175,7 @@ export abstract class ApiService {
|
|||
) => Promise<any>;
|
||||
|
||||
postIdentityToken: (
|
||||
request: PasswordTokenRequest | SsoTokenRequest | ApiTokenRequest
|
||||
request: PasswordTokenRequest | SsoTokenRequest | UserApiTokenRequest
|
||||
) => Promise<IdentityTokenResponse | IdentityTwoFactorResponse | IdentityCaptchaResponse>;
|
||||
refreshIdentityToken: () => Promise<any>;
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@ import { Observable } from "rxjs";
|
|||
import { AuthenticationStatus } from "../enums/authenticationStatus";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import {
|
||||
ApiLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
PasswordlessLogInCredentials,
|
||||
|
@ -20,7 +20,7 @@ export abstract class AuthService {
|
|||
|
||||
logIn: (
|
||||
credentials:
|
||||
| ApiLogInCredentials
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
|
@ -31,7 +31,7 @@ export abstract class AuthService {
|
|||
) => Promise<AuthResult>;
|
||||
logOut: (callback: () => void) => void;
|
||||
makePreloginKey: (masterPassword: string, email: string) => Promise<SymmetricCryptoKey>;
|
||||
authingWithApiKey: () => boolean;
|
||||
authingWithUserApiKey: () => boolean;
|
||||
authingWithSso: () => boolean;
|
||||
authingWithPassword: () => boolean;
|
||||
authingWithPasswordless: () => boolean;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
export enum AuthenticationType {
|
||||
Password = 0,
|
||||
Sso = 1,
|
||||
Api = 2,
|
||||
UserApi = 2,
|
||||
Passwordless = 3,
|
||||
}
|
||||
|
|
|
@ -11,23 +11,23 @@ import { TwoFactorProviderType } from "../../enums/twoFactorProviderType";
|
|||
import { Account, AccountProfile, AccountTokens } from "../../models/domain/account";
|
||||
import { AuthResult } from "../../models/domain/auth-result";
|
||||
import {
|
||||
ApiLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
PasswordlessLogInCredentials,
|
||||
} from "../../models/domain/log-in-credentials";
|
||||
import { DeviceRequest } from "../../models/request/device.request";
|
||||
import { ApiTokenRequest } from "../../models/request/identity-token/api-token.request";
|
||||
import { PasswordTokenRequest } from "../../models/request/identity-token/password-token.request";
|
||||
import { SsoTokenRequest } from "../../models/request/identity-token/sso-token.request";
|
||||
import { TokenTwoFactorRequest } from "../../models/request/identity-token/token-two-factor.request";
|
||||
import { UserApiTokenRequest } from "../../models/request/identity-token/user-api-token.request";
|
||||
import { KeysRequest } from "../../models/request/keys.request";
|
||||
import { IdentityCaptchaResponse } from "../../models/response/identity-captcha.response";
|
||||
import { IdentityTokenResponse } from "../../models/response/identity-token.response";
|
||||
import { IdentityTwoFactorResponse } from "../../models/response/identity-two-factor.response";
|
||||
|
||||
export abstract class LogInStrategy {
|
||||
protected abstract tokenRequest: ApiTokenRequest | PasswordTokenRequest | SsoTokenRequest;
|
||||
protected abstract tokenRequest: UserApiTokenRequest | PasswordTokenRequest | SsoTokenRequest;
|
||||
protected captchaBypassToken: string = null;
|
||||
|
||||
constructor(
|
||||
|
@ -44,7 +44,7 @@ export abstract class LogInStrategy {
|
|||
|
||||
abstract logIn(
|
||||
credentials:
|
||||
| ApiLogInCredentials
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
|
|
|
@ -9,14 +9,14 @@ import { PlatformUtilsService } from "../../abstractions/platformUtils.service";
|
|||
import { StateService } from "../../abstractions/state.service";
|
||||
import { TokenService } from "../../abstractions/token.service";
|
||||
import { TwoFactorService } from "../../abstractions/twoFactor.service";
|
||||
import { ApiLogInCredentials } from "../../models/domain/log-in-credentials";
|
||||
import { ApiTokenRequest } from "../../models/request/identity-token/api-token.request";
|
||||
import { UserApiLogInCredentials } from "../../models/domain/log-in-credentials";
|
||||
import { UserApiTokenRequest } from "../../models/request/identity-token/user-api-token.request";
|
||||
import { IdentityTokenResponse } from "../../models/response/identity-token.response";
|
||||
|
||||
import { LogInStrategy } from "./logIn.strategy";
|
||||
|
||||
export class ApiLogInStrategy extends LogInStrategy {
|
||||
tokenRequest: ApiTokenRequest;
|
||||
export class UserApiLogInStrategy extends LogInStrategy {
|
||||
tokenRequest: UserApiTokenRequest;
|
||||
|
||||
constructor(
|
||||
cryptoService: CryptoService,
|
||||
|
@ -51,8 +51,8 @@ export class ApiLogInStrategy extends LogInStrategy {
|
|||
}
|
||||
}
|
||||
|
||||
async logIn(credentials: ApiLogInCredentials) {
|
||||
this.tokenRequest = new ApiTokenRequest(
|
||||
async logIn(credentials: UserApiLogInCredentials) {
|
||||
this.tokenRequest = new UserApiTokenRequest(
|
||||
credentials.clientId,
|
||||
credentials.clientSecret,
|
||||
await this.buildTwoFactor(),
|
|
@ -26,8 +26,8 @@ export class SsoLogInCredentials {
|
|||
) {}
|
||||
}
|
||||
|
||||
export class ApiLogInCredentials {
|
||||
readonly type = AuthenticationType.Api;
|
||||
export class UserApiLogInCredentials {
|
||||
readonly type = AuthenticationType.UserApi;
|
||||
|
||||
constructor(public clientId: string, public clientSecret: string) {}
|
||||
}
|
||||
|
|
|
@ -42,10 +42,12 @@ export abstract class TokenRequest {
|
|||
obj.authRequest = this.passwordlessAuthRequest;
|
||||
}
|
||||
|
||||
if (this.twoFactor.token && this.twoFactor.provider != null) {
|
||||
obj.twoFactorToken = this.twoFactor.token;
|
||||
obj.twoFactorProvider = this.twoFactor.provider;
|
||||
obj.twoFactorRemember = this.twoFactor.remember ? "1" : "0";
|
||||
if (this.twoFactor) {
|
||||
if (this.twoFactor.token && this.twoFactor.provider != null) {
|
||||
obj.twoFactorToken = this.twoFactor.token;
|
||||
obj.twoFactorProvider = this.twoFactor.provider;
|
||||
obj.twoFactorRemember = this.twoFactor.remember ? "1" : "0";
|
||||
}
|
||||
}
|
||||
|
||||
return obj;
|
||||
|
|
|
@ -3,7 +3,7 @@ import { DeviceRequest } from "../device.request";
|
|||
import { TokenTwoFactorRequest } from "./token-two-factor.request";
|
||||
import { TokenRequest } from "./token.request";
|
||||
|
||||
export class ApiTokenRequest extends TokenRequest {
|
||||
export class UserApiTokenRequest extends TokenRequest {
|
||||
constructor(
|
||||
public clientId: string,
|
||||
public clientSecret: string,
|
|
@ -31,10 +31,10 @@ import { EmergencyAccessUpdateRequest } from "../models/request/emergency-access
|
|||
import { EventRequest } from "../models/request/event.request";
|
||||
import { GroupRequest } from "../models/request/group.request";
|
||||
import { IapCheckRequest } from "../models/request/iap-check.request";
|
||||
import { ApiTokenRequest } from "../models/request/identity-token/api-token.request";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
|
||||
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
|
||||
import { UserApiTokenRequest } from "../models/request/identity-token/user-api-token.request";
|
||||
import { ImportCiphersRequest } from "../models/request/import-ciphers.request";
|
||||
import { ImportOrganizationCiphersRequest } from "../models/request/import-organization-ciphers.request";
|
||||
import { KdfRequest } from "../models/request/kdf.request";
|
||||
|
@ -206,7 +206,7 @@ export class ApiService implements ApiServiceAbstraction {
|
|||
// Auth APIs
|
||||
|
||||
async postIdentityToken(
|
||||
request: ApiTokenRequest | PasswordTokenRequest | SsoTokenRequest
|
||||
request: UserApiTokenRequest | PasswordTokenRequest | SsoTokenRequest
|
||||
): Promise<IdentityTokenResponse | IdentityTwoFactorResponse | IdentityCaptchaResponse> {
|
||||
const headers = new Headers({
|
||||
"Content-Type": "application/x-www-form-urlencoded; charset=utf-8",
|
||||
|
@ -219,7 +219,7 @@ export class ApiService implements ApiServiceAbstraction {
|
|||
request.alterIdentityTokenHeaders(headers);
|
||||
|
||||
const identityToken =
|
||||
request instanceof ApiTokenRequest
|
||||
request instanceof UserApiTokenRequest
|
||||
? request.toIdentityToken()
|
||||
: request.toIdentityToken(this.platformUtilsService.getClientType());
|
||||
|
||||
|
@ -2271,8 +2271,7 @@ export class ApiService implements ApiServiceAbstraction {
|
|||
|
||||
const appId = await this.appIdService.getAppId();
|
||||
const deviceRequest = new DeviceRequest(appId, this.platformUtilsService);
|
||||
|
||||
const tokenRequest = new ApiTokenRequest(
|
||||
const tokenRequest = new UserApiTokenRequest(
|
||||
clientId,
|
||||
clientSecret,
|
||||
new TokenTwoFactorRequest(),
|
||||
|
|
|
@ -17,13 +17,13 @@ import { AuthenticationStatus } from "../enums/authenticationStatus";
|
|||
import { AuthenticationType } from "../enums/authenticationType";
|
||||
import { KdfType } from "../enums/kdfType";
|
||||
import { KeySuffixOptions } from "../enums/keySuffixOptions";
|
||||
import { ApiLogInStrategy } from "../misc/logInStrategies/apiLogin.strategy";
|
||||
import { PasswordLogInStrategy } from "../misc/logInStrategies/passwordLogin.strategy";
|
||||
import { PasswordlessLogInStrategy } from "../misc/logInStrategies/passwordlessLogin.strategy";
|
||||
import { SsoLogInStrategy } from "../misc/logInStrategies/ssoLogin.strategy";
|
||||
import { UserApiLogInStrategy } from "../misc/logInStrategies/user-api-login.strategy";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import {
|
||||
ApiLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
PasswordlessLogInCredentials,
|
||||
|
@ -67,7 +67,7 @@ export class AuthService implements AuthServiceAbstraction {
|
|||
}
|
||||
|
||||
private logInStrategy:
|
||||
| ApiLogInStrategy
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy;
|
||||
|
@ -92,7 +92,7 @@ export class AuthService implements AuthServiceAbstraction {
|
|||
|
||||
async logIn(
|
||||
credentials:
|
||||
| ApiLogInCredentials
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
|
@ -100,7 +100,7 @@ export class AuthService implements AuthServiceAbstraction {
|
|||
this.clearState();
|
||||
|
||||
let strategy:
|
||||
| ApiLogInStrategy
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy;
|
||||
|
@ -134,8 +134,8 @@ export class AuthService implements AuthServiceAbstraction {
|
|||
this.keyConnectorService
|
||||
);
|
||||
break;
|
||||
case AuthenticationType.Api:
|
||||
strategy = new ApiLogInStrategy(
|
||||
case AuthenticationType.UserApi:
|
||||
strategy = new UserApiLogInStrategy(
|
||||
this.cryptoService,
|
||||
this.apiService,
|
||||
this.tokenService,
|
||||
|
@ -203,8 +203,8 @@ export class AuthService implements AuthServiceAbstraction {
|
|||
this.messagingService.send("loggedOut");
|
||||
}
|
||||
|
||||
authingWithApiKey(): boolean {
|
||||
return this.logInStrategy instanceof ApiLogInStrategy;
|
||||
authingWithUserApiKey(): boolean {
|
||||
return this.logInStrategy instanceof UserApiLogInStrategy;
|
||||
}
|
||||
|
||||
authingWithSso(): boolean {
|
||||
|
@ -272,7 +272,7 @@ export class AuthService implements AuthServiceAbstraction {
|
|||
|
||||
private saveState(
|
||||
strategy:
|
||||
| ApiLogInStrategy
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy
|
||||
|
|
|
@ -21,7 +21,7 @@ import { NodeUtils } from "@bitwarden/common/misc/nodeUtils";
|
|||
import { Utils } from "@bitwarden/common/misc/utils";
|
||||
import { AuthResult } from "@bitwarden/common/models/domain/auth-result";
|
||||
import {
|
||||
ApiLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
} from "@bitwarden/common/models/domain/log-in-credentials";
|
||||
|
@ -160,7 +160,12 @@ export class LoginCommand {
|
|||
|
||||
let response: AuthResult = null;
|
||||
if (clientId != null && clientSecret != null) {
|
||||
response = await this.authService.logIn(new ApiLogInCredentials(clientId, clientSecret));
|
||||
if (!clientId.startsWith("user")) {
|
||||
return Response.error("Invalid API Key; Organization API Key currently not supported");
|
||||
}
|
||||
response = await this.authService.logIn(
|
||||
new UserApiLogInCredentials(clientId, clientSecret)
|
||||
);
|
||||
} else if (ssoCode != null && ssoCodeVerifier != null) {
|
||||
response = await this.authService.logIn(
|
||||
new SsoLogInCredentials(
|
||||
|
|
Loading…
Reference in New Issue