[PS 1045] bw login with apikey argument fails on cli (#3959)

* Add fix for bw login with apikey argument fails bug

* Changes after running the prettier

* Revert chnages on the launch.json file

* Changes after running a lint

* Renaming a filename to remove capital letters

* Resolving the error on test run

* Renaming file names due lint errors

* Renaming new files to conform to snake case

* Remove the test for user api login strategy

* Adding the user api login test and file renaming

* Rename file name to organization-api-login.spec.ts

* Fixing the lint error on PR

* Adding the apiLogIn.strategy to whitelist-capital-letters

* Removing all the apiLogIn.strategy in whitelist-capital-letters.

* Fixing PR comment relating OrganizationApiTokenRequest

* Resolve PR comment on OrganizationApiTokenRequest model

* Fixing PR comment of separating organization token model

* fixing the lint error message

* Fixing the lint error

* Reverting the changes on lunch.js

* revert the actual content on launch.json

* Reverting changes relating to organization api login

* Removing the OrganizationIdentityTokenResponse file

* Removing OrganizationIdentityTokenResponse file

Co-authored-by: dynwee <onwudiweokeke@gmail.com>
This commit is contained in:
cyprain-okeke 2022-11-17 12:50:37 +01:00 committed by GitHub
parent b5e927c2c8
commit cba0f31937
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 55 additions and 51 deletions

View File

@ -36,7 +36,6 @@
./libs/angular/src/interfaces/selectOptions.ts
./libs/components/src/stories/Introduction.stories.mdx
./libs/common/spec/misc/logInStrategies/logIn.strategy.spec.ts
./libs/common/spec/misc/logInStrategies/apiLogIn.strategy.spec.ts
./libs/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts
./libs/common/spec/misc/logInStrategies/ssoLogIn.strategy.spec.ts
./libs/common/spec/web/services/webCryptoFunction.service.spec.ts
@ -60,7 +59,6 @@
./libs/common/spec/services/consoleLog.service.spec.ts
./libs/common/src/misc/logInStrategies/ssoLogin.strategy.ts
./libs/common/src/misc/logInStrategies/passwordLogin.strategy.ts
./libs/common/src/misc/logInStrategies/apiLogin.strategy.ts
./libs/common/src/misc/logInStrategies/passwordlessLogin.strategy.ts
./libs/common/src/misc/logInStrategies/logIn.strategy.ts
./libs/common/src/misc/nodeUtils.ts

View File

@ -281,12 +281,12 @@ export class TwoFactorComponent extends CaptchaProtectedComponent implements OnI
return (
this.authService.authingWithPassword() ||
this.authService.authingWithSso() ||
this.authService.authingWithApiKey() ||
this.authService.authingWithUserApiKey() ||
this.authService.authingWithPasswordless()
);
}
get needsLock(): boolean {
return this.authService.authingWithSso() || this.authService.authingWithApiKey();
return this.authService.authingWithSso() || this.authService.authingWithUserApiKey();
}
}

View File

@ -12,13 +12,13 @@ import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUti
import { StateService } from "@bitwarden/common/abstractions/state.service";
import { TokenService } from "@bitwarden/common/abstractions/token.service";
import { TwoFactorService } from "@bitwarden/common/abstractions/twoFactor.service";
import { ApiLogInStrategy } from "@bitwarden/common/misc/logInStrategies/apiLogin.strategy";
import { UserApiLogInStrategy } from "@bitwarden/common/misc/logInStrategies/user-api-login.strategy";
import { Utils } from "@bitwarden/common/misc/utils";
import { ApiLogInCredentials } from "@bitwarden/common/models/domain/log-in-credentials";
import { UserApiLogInCredentials } from "@bitwarden/common/models/domain/log-in-credentials";
import { identityTokenResponseFactory } from "./logIn.strategy.spec";
describe("ApiLogInStrategy", () => {
describe("UserApiLogInStrategy", () => {
let cryptoService: SubstituteOf<CryptoService>;
let apiService: SubstituteOf<ApiService>;
let tokenService: SubstituteOf<TokenService>;
@ -31,8 +31,8 @@ describe("ApiLogInStrategy", () => {
let stateService: SubstituteOf<StateService>;
let twoFactorService: SubstituteOf<TwoFactorService>;
let apiLogInStrategy: ApiLogInStrategy;
let credentials: ApiLogInCredentials;
let apiLogInStrategy: UserApiLogInStrategy;
let credentials: UserApiLogInCredentials;
const deviceId = Utils.newGuid();
const keyConnectorUrl = "KEY_CONNECTOR_URL";
@ -55,7 +55,7 @@ describe("ApiLogInStrategy", () => {
appIdService.getAppId().resolves(deviceId);
tokenService.getTwoFactorToken().resolves(null);
apiLogInStrategy = new ApiLogInStrategy(
apiLogInStrategy = new UserApiLogInStrategy(
cryptoService,
apiService,
tokenService,
@ -69,7 +69,7 @@ describe("ApiLogInStrategy", () => {
keyConnectorService
);
credentials = new ApiLogInCredentials(apiClientId, apiClientSecret);
credentials = new UserApiLogInCredentials(apiClientId, apiClientSecret);
});
it("sends api key credentials to the server", async () => {

View File

@ -24,9 +24,9 @@ import { EmergencyAccessUpdateRequest } from "../models/request/emergency-access
import { EventRequest } from "../models/request/event.request";
import { GroupRequest } from "../models/request/group.request";
import { IapCheckRequest } from "../models/request/iap-check.request";
import { ApiTokenRequest } from "../models/request/identity-token/api-token.request";
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
import { UserApiTokenRequest } from "../models/request/identity-token/user-api-token.request";
import { ImportCiphersRequest } from "../models/request/import-ciphers.request";
import { ImportOrganizationCiphersRequest } from "../models/request/import-organization-ciphers.request";
import { KdfRequest } from "../models/request/kdf.request";
@ -175,7 +175,7 @@ export abstract class ApiService {
) => Promise<any>;
postIdentityToken: (
request: PasswordTokenRequest | SsoTokenRequest | ApiTokenRequest
request: PasswordTokenRequest | SsoTokenRequest | UserApiTokenRequest
) => Promise<IdentityTokenResponse | IdentityTwoFactorResponse | IdentityCaptchaResponse>;
refreshIdentityToken: () => Promise<any>;

View File

@ -3,7 +3,7 @@ import { Observable } from "rxjs";
import { AuthenticationStatus } from "../enums/authenticationStatus";
import { AuthResult } from "../models/domain/auth-result";
import {
ApiLogInCredentials,
UserApiLogInCredentials,
PasswordLogInCredentials,
SsoLogInCredentials,
PasswordlessLogInCredentials,
@ -20,7 +20,7 @@ export abstract class AuthService {
logIn: (
credentials:
| ApiLogInCredentials
| UserApiLogInCredentials
| PasswordLogInCredentials
| SsoLogInCredentials
| PasswordlessLogInCredentials
@ -31,7 +31,7 @@ export abstract class AuthService {
) => Promise<AuthResult>;
logOut: (callback: () => void) => void;
makePreloginKey: (masterPassword: string, email: string) => Promise<SymmetricCryptoKey>;
authingWithApiKey: () => boolean;
authingWithUserApiKey: () => boolean;
authingWithSso: () => boolean;
authingWithPassword: () => boolean;
authingWithPasswordless: () => boolean;

View File

@ -1,6 +1,6 @@
export enum AuthenticationType {
Password = 0,
Sso = 1,
Api = 2,
UserApi = 2,
Passwordless = 3,
}

View File

@ -11,23 +11,23 @@ import { TwoFactorProviderType } from "../../enums/twoFactorProviderType";
import { Account, AccountProfile, AccountTokens } from "../../models/domain/account";
import { AuthResult } from "../../models/domain/auth-result";
import {
ApiLogInCredentials,
UserApiLogInCredentials,
PasswordLogInCredentials,
SsoLogInCredentials,
PasswordlessLogInCredentials,
} from "../../models/domain/log-in-credentials";
import { DeviceRequest } from "../../models/request/device.request";
import { ApiTokenRequest } from "../../models/request/identity-token/api-token.request";
import { PasswordTokenRequest } from "../../models/request/identity-token/password-token.request";
import { SsoTokenRequest } from "../../models/request/identity-token/sso-token.request";
import { TokenTwoFactorRequest } from "../../models/request/identity-token/token-two-factor.request";
import { UserApiTokenRequest } from "../../models/request/identity-token/user-api-token.request";
import { KeysRequest } from "../../models/request/keys.request";
import { IdentityCaptchaResponse } from "../../models/response/identity-captcha.response";
import { IdentityTokenResponse } from "../../models/response/identity-token.response";
import { IdentityTwoFactorResponse } from "../../models/response/identity-two-factor.response";
export abstract class LogInStrategy {
protected abstract tokenRequest: ApiTokenRequest | PasswordTokenRequest | SsoTokenRequest;
protected abstract tokenRequest: UserApiTokenRequest | PasswordTokenRequest | SsoTokenRequest;
protected captchaBypassToken: string = null;
constructor(
@ -44,7 +44,7 @@ export abstract class LogInStrategy {
abstract logIn(
credentials:
| ApiLogInCredentials
| UserApiLogInCredentials
| PasswordLogInCredentials
| SsoLogInCredentials
| PasswordlessLogInCredentials

View File

@ -9,14 +9,14 @@ import { PlatformUtilsService } from "../../abstractions/platformUtils.service";
import { StateService } from "../../abstractions/state.service";
import { TokenService } from "../../abstractions/token.service";
import { TwoFactorService } from "../../abstractions/twoFactor.service";
import { ApiLogInCredentials } from "../../models/domain/log-in-credentials";
import { ApiTokenRequest } from "../../models/request/identity-token/api-token.request";
import { UserApiLogInCredentials } from "../../models/domain/log-in-credentials";
import { UserApiTokenRequest } from "../../models/request/identity-token/user-api-token.request";
import { IdentityTokenResponse } from "../../models/response/identity-token.response";
import { LogInStrategy } from "./logIn.strategy";
export class ApiLogInStrategy extends LogInStrategy {
tokenRequest: ApiTokenRequest;
export class UserApiLogInStrategy extends LogInStrategy {
tokenRequest: UserApiTokenRequest;
constructor(
cryptoService: CryptoService,
@ -51,8 +51,8 @@ export class ApiLogInStrategy extends LogInStrategy {
}
}
async logIn(credentials: ApiLogInCredentials) {
this.tokenRequest = new ApiTokenRequest(
async logIn(credentials: UserApiLogInCredentials) {
this.tokenRequest = new UserApiTokenRequest(
credentials.clientId,
credentials.clientSecret,
await this.buildTwoFactor(),

View File

@ -26,8 +26,8 @@ export class SsoLogInCredentials {
) {}
}
export class ApiLogInCredentials {
readonly type = AuthenticationType.Api;
export class UserApiLogInCredentials {
readonly type = AuthenticationType.UserApi;
constructor(public clientId: string, public clientSecret: string) {}
}

View File

@ -42,10 +42,12 @@ export abstract class TokenRequest {
obj.authRequest = this.passwordlessAuthRequest;
}
if (this.twoFactor.token && this.twoFactor.provider != null) {
obj.twoFactorToken = this.twoFactor.token;
obj.twoFactorProvider = this.twoFactor.provider;
obj.twoFactorRemember = this.twoFactor.remember ? "1" : "0";
if (this.twoFactor) {
if (this.twoFactor.token && this.twoFactor.provider != null) {
obj.twoFactorToken = this.twoFactor.token;
obj.twoFactorProvider = this.twoFactor.provider;
obj.twoFactorRemember = this.twoFactor.remember ? "1" : "0";
}
}
return obj;

View File

@ -3,7 +3,7 @@ import { DeviceRequest } from "../device.request";
import { TokenTwoFactorRequest } from "./token-two-factor.request";
import { TokenRequest } from "./token.request";
export class ApiTokenRequest extends TokenRequest {
export class UserApiTokenRequest extends TokenRequest {
constructor(
public clientId: string,
public clientSecret: string,

View File

@ -31,10 +31,10 @@ import { EmergencyAccessUpdateRequest } from "../models/request/emergency-access
import { EventRequest } from "../models/request/event.request";
import { GroupRequest } from "../models/request/group.request";
import { IapCheckRequest } from "../models/request/iap-check.request";
import { ApiTokenRequest } from "../models/request/identity-token/api-token.request";
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
import { UserApiTokenRequest } from "../models/request/identity-token/user-api-token.request";
import { ImportCiphersRequest } from "../models/request/import-ciphers.request";
import { ImportOrganizationCiphersRequest } from "../models/request/import-organization-ciphers.request";
import { KdfRequest } from "../models/request/kdf.request";
@ -206,7 +206,7 @@ export class ApiService implements ApiServiceAbstraction {
// Auth APIs
async postIdentityToken(
request: ApiTokenRequest | PasswordTokenRequest | SsoTokenRequest
request: UserApiTokenRequest | PasswordTokenRequest | SsoTokenRequest
): Promise<IdentityTokenResponse | IdentityTwoFactorResponse | IdentityCaptchaResponse> {
const headers = new Headers({
"Content-Type": "application/x-www-form-urlencoded; charset=utf-8",
@ -219,7 +219,7 @@ export class ApiService implements ApiServiceAbstraction {
request.alterIdentityTokenHeaders(headers);
const identityToken =
request instanceof ApiTokenRequest
request instanceof UserApiTokenRequest
? request.toIdentityToken()
: request.toIdentityToken(this.platformUtilsService.getClientType());
@ -2271,8 +2271,7 @@ export class ApiService implements ApiServiceAbstraction {
const appId = await this.appIdService.getAppId();
const deviceRequest = new DeviceRequest(appId, this.platformUtilsService);
const tokenRequest = new ApiTokenRequest(
const tokenRequest = new UserApiTokenRequest(
clientId,
clientSecret,
new TokenTwoFactorRequest(),

View File

@ -17,13 +17,13 @@ import { AuthenticationStatus } from "../enums/authenticationStatus";
import { AuthenticationType } from "../enums/authenticationType";
import { KdfType } from "../enums/kdfType";
import { KeySuffixOptions } from "../enums/keySuffixOptions";
import { ApiLogInStrategy } from "../misc/logInStrategies/apiLogin.strategy";
import { PasswordLogInStrategy } from "../misc/logInStrategies/passwordLogin.strategy";
import { PasswordlessLogInStrategy } from "../misc/logInStrategies/passwordlessLogin.strategy";
import { SsoLogInStrategy } from "../misc/logInStrategies/ssoLogin.strategy";
import { UserApiLogInStrategy } from "../misc/logInStrategies/user-api-login.strategy";
import { AuthResult } from "../models/domain/auth-result";
import {
ApiLogInCredentials,
UserApiLogInCredentials,
PasswordLogInCredentials,
SsoLogInCredentials,
PasswordlessLogInCredentials,
@ -67,7 +67,7 @@ export class AuthService implements AuthServiceAbstraction {
}
private logInStrategy:
| ApiLogInStrategy
| UserApiLogInStrategy
| PasswordLogInStrategy
| SsoLogInStrategy
| PasswordlessLogInStrategy;
@ -92,7 +92,7 @@ export class AuthService implements AuthServiceAbstraction {
async logIn(
credentials:
| ApiLogInCredentials
| UserApiLogInCredentials
| PasswordLogInCredentials
| SsoLogInCredentials
| PasswordlessLogInCredentials
@ -100,7 +100,7 @@ export class AuthService implements AuthServiceAbstraction {
this.clearState();
let strategy:
| ApiLogInStrategy
| UserApiLogInStrategy
| PasswordLogInStrategy
| SsoLogInStrategy
| PasswordlessLogInStrategy;
@ -134,8 +134,8 @@ export class AuthService implements AuthServiceAbstraction {
this.keyConnectorService
);
break;
case AuthenticationType.Api:
strategy = new ApiLogInStrategy(
case AuthenticationType.UserApi:
strategy = new UserApiLogInStrategy(
this.cryptoService,
this.apiService,
this.tokenService,
@ -203,8 +203,8 @@ export class AuthService implements AuthServiceAbstraction {
this.messagingService.send("loggedOut");
}
authingWithApiKey(): boolean {
return this.logInStrategy instanceof ApiLogInStrategy;
authingWithUserApiKey(): boolean {
return this.logInStrategy instanceof UserApiLogInStrategy;
}
authingWithSso(): boolean {
@ -272,7 +272,7 @@ export class AuthService implements AuthServiceAbstraction {
private saveState(
strategy:
| ApiLogInStrategy
| UserApiLogInStrategy
| PasswordLogInStrategy
| SsoLogInStrategy
| PasswordlessLogInStrategy

View File

@ -21,7 +21,7 @@ import { NodeUtils } from "@bitwarden/common/misc/nodeUtils";
import { Utils } from "@bitwarden/common/misc/utils";
import { AuthResult } from "@bitwarden/common/models/domain/auth-result";
import {
ApiLogInCredentials,
UserApiLogInCredentials,
PasswordLogInCredentials,
SsoLogInCredentials,
} from "@bitwarden/common/models/domain/log-in-credentials";
@ -160,7 +160,12 @@ export class LoginCommand {
let response: AuthResult = null;
if (clientId != null && clientSecret != null) {
response = await this.authService.logIn(new ApiLogInCredentials(clientId, clientSecret));
if (!clientId.startsWith("user")) {
return Response.error("Invalid API Key; Organization API Key currently not supported");
}
response = await this.authService.logIn(
new UserApiLogInCredentials(clientId, clientSecret)
);
} else if (ssoCode != null && ssoCodeVerifier != null) {
response = await this.authService.logIn(
new SsoLogInCredentials(