Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add server version compatibility check for Fido2Credentials on sharing with org #3328

Merged
merged 5 commits into from
Oct 6, 2023
Merged

Add server version compatibility check for Fido2Credentials on sharing with org #3328

merged 5 commits into from
Oct 6, 2023

Conversation

trmartin4
Copy link
Member

@trmartin4 trmartin4 commented Oct 5, 2023
edited
Loading

Type of change

- [ ] Bug fix
- [X] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

We need to ensure that a Login cipher that is updated from an old client doesn't overwrite a Fido2Credential that exists in the Data property from a newer client.

This should be done:

  • When updating a cipher
  • When moving a cipher to an org
  • When moving multiple ciphers to an org

Code changes

CiphersController.cs:

  • Refactored Fido2Credential version check into a separate method for reuse on multiple methods.
  • Added check to additional methods.
  • Added missing check for vault item encryption on PutShareMany() as well.

Before you submit

  • Please check for formatting errors (dotnet format --verify-no-changes) (required)
  • If making database changes - make sure you also update Entity Framework queries and/or migrations
  • Please add unit tests where it makes sense to do so (encouraged but not required)
  • If this change requires a documentation update - notify the documentation team
  • If this change has particular deployment requirements - notify the DevOps team

@trmartin4 trmartin4 changed the title Added compatibility checks. Add server version compatibility check for Fido2Credentials on sharing with org Oct 6, 2023
@trmartin4 trmartin4 marked this pull request as ready for review October 6, 2023 01:34
@trmartin4 trmartin4 requested a review from a team as a code owner October 6, 2023 01:34
@trmartin4 trmartin4 requested review from LRNcardozoWDF and removed request for a team October 6, 2023 01:34
LRNcardozoWDF
LRNcardozoWDF approved these changes Oct 6, 2023
View reviewed changes
Copy link
Member

@LRNcardozoWDF LRNcardozoWDF left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@trmartin4 trmartin4 merged commit 96ef1b0 into EC-598-beeep-properly-store-passkeys-in-bitwarden Oct 6, 2023
41 checks passed
@trmartin4 trmartin4 deleted the PM-3808-add-additional-compatiblity branch October 6, 2023 15:11
trmartin4 added a commit that referenced this pull request Oct 17, 2023
@coroiu @gbubemismith
@trmartin4 @kspearrin @LRNcardozoWDF @Hinton
[PM-1222] Passkeys in the Bitwarden vault (#2679)
8c77c65 
* [EC-598] feat: add support for saving fido2 keys

* [EC-598] feat: add additional data

* [EC-598] feat: add counter, nonDiscoverableId; remove origin

* [EC-598] fix: previous incomplete commit

* [EC-598] fix: previous incomplete commit.. again

* [EC-598] fix: failed merge

* [EC-598] fix: move files around to match new structure

* [EC-598] feat: add implementation for non-discoverable credentials

* [EC-598] chore: remove some changes introduced by vs

* [EC-598] fix: linting issues

* [PM-1500] Add feature flag to enable pass keys (#2916)

* Added feature flag to enable pass keys

* Renamed enable pass keys to fido2 vault credentials

* only sync fido2key ciphers on clients >=2023.9.0 (#3244)

* Renamed fido2key property username to userDisplayName (#3172)

* [PM-1859] Renamed NonDiscoverableId to credentialId (#3198)

* PM-1859 Refactor to credentialId

* PM-1859 Removed unnecessary import

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>

* [PM-3807] Store all passkeys as login cipher type (#3261)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3807] fix: remove standadlone Fido2Key property that I missed

* [PM-3807] Store passkeys in array (#3268)

* [PM-3807] feat: store passkeys in array

* [PM-3807] amazing adventures with the c# linter

* [PM-3980] Added creationDate property to the Fido2Key object (#3279)

* Added creationDate property to the Fido2Key object

* Fixed lint issues

* fixed comments

* made createionDate required

* [PM-3808] [Storage v2] Add old client/new server backward compatibility (#3262)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3808] feat: add fido2 compatibility check before saving ciphers

* Resolved merge conflicts.

* Setting minimum version for QA.

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>

* [PM-4054] Rename Fido2Key to Fido2Credential (#3306)

* Add server version compatibility check for Fido2Credentials on sharing with org (#3328)

* Added compatibility checks.

* Refactored into separate methods for easier removal.

* Added check on ShareMany

* Updated method order to be consistent.

* Linting

* Updated minimum server version for release, as well as defaulting the feature on for self-hosted.

* Added trailing space.

* Removed extra assignment

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LRNcardozoWDF LRNcardozoWDF LRNcardozoWDF approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@trmartin4 @LRNcardozoWDF