Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PM-3808] [Storage v2] Add old client/new server backward compatibility #3262

10 changes: 10 additions & 0 deletions src/Api/Vault/Controllers/CiphersController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@ namespace Bit.Api.Vault.Controllers;
[Authorize("Application")]
public class CiphersController : Controller
{
private static readonly Version _fido2KeyCipherMinimumVersion = new Version(Constants.Fido2KeyCipherMinimumVersion);

private readonly ICipherRepository _cipherRepository;
private readonly ICollectionCipherRepository _collectionCipherRepository;
private readonly ICipherService _cipherService;
Expand Down Expand Up @@ -186,6 +188,14 @@ public async Task<CipherResponseModel> Put(Guid id, [FromBody] CipherRequestMode
"then try again.");
}

// Temporary protection against old clients overwriting and deleting Fido2Keys
// Response model used to re-use logic for parsing 'data' property
var cipherModel = new CipherResponseModel(cipher, _globalSettings);
if (cipherModel.Login?.Fido2Key != null && _currentContext.ClientVersion < _fido2KeyCipherMinimumVersion)
{
throw new BadRequestException("Please update your client to edit this item.");
}

await _cipherService.SaveDetailsAsync(model.ToCipherDetails(cipher), userId, model.LastKnownRevisionDate, collectionIds);

var response = new CipherResponseModel(cipher, _globalSettings);
Expand Down
20 changes: 2 additions & 18 deletions src/Api/Vault/Controllers/SyncController.cs
Original file line number Diff line number Diff line change
@@ -1,6 +1,4 @@
using Bit.Api.Vault.Models.Response;
using Bit.Core;
using Bit.Core.Context;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Enums.Provider;
Expand All @@ -10,7 +8,6 @@
using Bit.Core.Services;
using Bit.Core.Settings;
using Bit.Core.Tools.Repositories;
using Bit.Core.Vault.Models.Data;
using Bit.Core.Vault.Repositories;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
Expand All @@ -31,8 +28,6 @@ public class SyncController : Controller
private readonly IPolicyRepository _policyRepository;
private readonly ISendRepository _sendRepository;
private readonly GlobalSettings _globalSettings;
private readonly ICurrentContext _currentContext;
private readonly Version _fido2KeyCipherMinimumVersion = new Version(Constants.Fido2KeyCipherMinimumVersion);

public SyncController(
IUserService userService,
Expand All @@ -44,8 +39,7 @@ public SyncController(
IProviderUserRepository providerUserRepository,
IPolicyRepository policyRepository,
ISendRepository sendRepository,
GlobalSettings globalSettings,
ICurrentContext currentContext)
GlobalSettings globalSettings)
{
_userService = userService;
_folderRepository = folderRepository;
Expand All @@ -57,7 +51,6 @@ public SyncController(
_policyRepository = policyRepository;
_sendRepository = sendRepository;
_globalSettings = globalSettings;
_currentContext = currentContext;
}

[HttpGet("")]
Expand All @@ -79,7 +72,7 @@ await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(user.Id,
var hasEnabledOrgs = organizationUserDetails.Any(o => o.Enabled);
var folders = await _folderRepository.GetManyByUserIdAsync(user.Id);
var allCiphers = await _cipherRepository.GetManyByUserIdAsync(user.Id, hasEnabledOrgs);
var ciphers = FilterFidoKeys(allCiphers);
var ciphers = allCiphers;
var sends = await _sendRepository.GetManyByUserIdAsync(user.Id);

IEnumerable<CollectionDetails> collections = null;
Expand All @@ -100,13 +93,4 @@ await _providerUserRepository.GetManyOrganizationDetailsByUserAsync(user.Id,
collectionCiphersGroupDict, excludeDomains, policies, sends);
return response;
}

private ICollection<CipherDetails> FilterFidoKeys(ICollection<CipherDetails> ciphers)
{
if (_currentContext.ClientVersion >= _fido2KeyCipherMinimumVersion)
{
return ciphers;
}
return ciphers.Where(c => c.Type != Core.Vault.Enums.CipherType.Fido2Key).ToList();
}
}
19 changes: 5 additions & 14 deletions src/Api/Vault/Models/CipherFido2KeyModel.cs
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,6 @@ public class CipherFido2KeyModel
{
public CipherFido2KeyModel() { }

public CipherFido2KeyModel(CipherFido2KeyData data)
{
CredentialId = data.CredentialId;
KeyType = data.KeyType;
KeyAlgorithm = data.KeyAlgorithm;
KeyCurve = data.KeyCurve;
KeyValue = data.KeyValue;
RpId = data.RpId;
RpName = data.RpName;
UserHandle = data.UserHandle;
UserDisplayName = data.UserDisplayName;
Counter = data.Counter;
}

public CipherFido2KeyModel(CipherLoginFido2KeyData data)
{
CredentialId = data.CredentialId;
Expand All @@ -33,6 +19,7 @@ public CipherFido2KeyModel(CipherLoginFido2KeyData data)
UserHandle = data.UserHandle;
UserDisplayName = data.UserDisplayName;
Counter = data.Counter;
Discoverable = data.Discoverable;
}

[EncryptedString]
Expand Down Expand Up @@ -65,6 +52,9 @@ public CipherFido2KeyModel(CipherLoginFido2KeyData data)
[EncryptedString]
[EncryptedStringLength(1000)]
public string Counter { get; set; }
[EncryptedString]
[EncryptedStringLength(1000)]
public string Discoverable { get; set; }

public CipherLoginFido2KeyData ToCipherLoginFido2KeyData()
{
Expand All @@ -80,6 +70,7 @@ public CipherLoginFido2KeyData ToCipherLoginFido2KeyData()
UserHandle = UserHandle,
UserDisplayName = UserDisplayName,
Counter = Counter,
Discoverable = Discoverable
};
}
}
25 changes: 0 additions & 25 deletions src/Api/Vault/Models/Request/CipherRequestModel.cs
Original file line number Diff line number Diff line change
Expand Up @@ -82,9 +82,6 @@ public Cipher ToCipher(Cipher existingCipher)
case CipherType.SecureNote:
existingCipher.Data = JsonSerializer.Serialize(ToCipherSecureNoteData(), JsonHelpers.IgnoreWritingNull);
break;
case CipherType.Fido2Key:
existingCipher.Data = JsonSerializer.Serialize(ToCipherFido2KeyData(), JsonHelpers.IgnoreWritingNull);
break;
default:
throw new ArgumentException("Unsupported type: " + nameof(Type) + ".");
}
Expand Down Expand Up @@ -232,28 +229,6 @@ private CipherSecureNoteData ToCipherSecureNoteData()
Type = SecureNote.Type,
};
}

private CipherFido2KeyData ToCipherFido2KeyData()
{
return new CipherFido2KeyData
{
Name = Name,
Notes = Notes,
Fields = Fields?.Select(f => f.ToCipherFieldData()),
PasswordHistory = PasswordHistory?.Select(ph => ph.ToCipherPasswordHistoryData()),

CredentialId = Fido2Key.CredentialId,
KeyAlgorithm = Fido2Key.KeyAlgorithm,
KeyType = Fido2Key.KeyType,
KeyCurve = Fido2Key.KeyCurve,
KeyValue = Fido2Key.KeyValue,
RpId = Fido2Key.RpId,
RpName = Fido2Key.RpName,
UserHandle = Fido2Key.UserHandle,
UserDisplayName = Fido2Key.UserDisplayName,
Counter = Fido2Key.Counter
};
}
}

public class CipherWithIdRequestModel : CipherRequestModel
Expand Down
6 changes: 0 additions & 6 deletions src/Api/Vault/Models/Response/CipherResponseModel.cs
Original file line number Diff line number Diff line change
Expand Up @@ -48,12 +48,6 @@ public CipherMiniResponseModel(Cipher cipher, IGlobalSettings globalSettings, bo
cipherData = identityData;
Identity = new CipherIdentityModel(identityData);
break;
case CipherType.Fido2Key:
var fido2KeyData = JsonSerializer.Deserialize<CipherFido2KeyData>(cipher.Data);
Data = fido2KeyData;
cipherData = fido2KeyData;
Fido2Key = new CipherFido2KeyModel(fido2KeyData);
break;
default:
throw new ArgumentException("Unsupported " + nameof(Type) + ".");
}
Expand Down
1 change: 0 additions & 1 deletion src/Core/Vault/Enums/CipherType.cs
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,4 @@ public enum CipherType : byte
SecureNote = 2,
Card = 3,
Identity = 4,
Fido2Key = 5,
}
17 changes: 0 additions & 17 deletions src/Core/Vault/Models/Data/CipherFido2KeyData.cs

This file was deleted.

1 change: 1 addition & 0 deletions src/Core/Vault/Models/Data/CipherLoginFido2KeyData.cs
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,5 @@ public CipherLoginFido2KeyData() { }
public string UserHandle { get; set; }
public string UserDisplayName { get; set; }
public string Counter { get; set; }
public string Discoverable { get; set; }
}
Loading