bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-12-11 13:53:48 -06:00
Code Issues Packages Projects Releases 211 Wiki Activity
server/src/Api/Utilities/ServiceCollectionExtensions.cs
Graham Walker b6830f65f3
PM-23358 removing phishing blocker code
2025-12-02 08:54:33 -06:00

114 lines
4.5 KiB
C#
Raw Blame History

using Bit.Api.AdminConsole.Authorization;
using Bit.Api.Tools.Authorization;
using Bit.Core.Auth.IdentityServer;
using Bit.Core.Settings;
using Bit.Core.Utilities;
using Bit.Core.Vault.Authorization.SecurityTasks;
using Bit.SharedWeb.Health;
using Bit.SharedWeb.Swagger;
using Microsoft.AspNetCore.Authorization;
using Microsoft.OpenApi.Models;
namespace Bit.Api.Utilities;
public static class ServiceCollectionExtensions
{
public static void AddSwagger(this IServiceCollection services, GlobalSettings globalSettings, IWebHostEnvironment environment)
{
services.AddSwaggerGen(config =>
{
config.SwaggerDoc("public", new OpenApiInfo
{
Title = "Bitwarden Public API",
Version = "latest",
Contact = new OpenApiContact
{
Name = "Bitwarden Support",
Url = new Uri("https://bitwarden.com"),
Email = "support@bitwarden.com"
},
Description = """
This schema documents the endpoints available to the Public API, which provides
organizations tools for managing members, collections, groups, event logs, and policies.
If you are looking for the Vault Management API, refer instead to
[this document](https://bitwarden.com/help/vault-management-api/).
""",
License = new OpenApiLicense
{
Name = "GNU Affero General Public License v3.0",
Url = new Uri("https://github.com/bitwarden/server/blob/master/LICENSE.txt")
}
});
config.SwaggerDoc("internal", new OpenApiInfo { Title = "Bitwarden Internal API", Version = "latest" });
config.AddSecurityDefinition("oauth2-client-credentials", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows
{
ClientCredentials = new OpenApiOAuthFlow
{
TokenUrl = new Uri($"{globalSettings.BaseServiceUri.Identity}/connect/token"),
Scopes = new Dictionary<string, string>
{
{ ApiScopes.ApiOrganization, "Organization APIs" },
},
}
},
});
config.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "oauth2-client-credentials"
},
},
new[] { ApiScopes.ApiOrganization }
}
});
config.DescribeAllParametersInCamelCase();
// config.UseReferencedDefinitionsForEnums();
config.InitializeSwaggerFilters(environment);
var apiFilePath = Path.Combine(AppContext.BaseDirectory, "Api.xml");
config.IncludeXmlComments(apiFilePath, true);
var coreFilePath = Path.Combine(AppContext.BaseDirectory, "Core.xml");
config.IncludeXmlComments(coreFilePath);
});
}
public static void AddHealthChecks(this IServiceCollection services, GlobalSettings globalSettings)
{
services.AddHealthCheckServices(globalSettings, builder =>
{
var identityUri = new Uri(globalSettings.BaseServiceUri.Identity
+ "/.well-known/openid-configuration");
builder.AddUrlGroup(identityUri, "identity");
if (CoreHelpers.SettingHasValue(globalSettings.SqlServer.ConnectionString))
{
builder.AddSqlServer(globalSettings.SqlServer.ConnectionString);
}
});
}
public static void AddAuthorizationHandlers(this IServiceCollection services)
{
services.AddScoped<IAuthorizationHandler, VaultExportAuthorizationHandler>();
services.AddScoped<IAuthorizationHandler, SecurityTaskAuthorizationHandler>();
services.AddScoped<IAuthorizationHandler, SecurityTaskOrganizationAuthorizationHandler>();
// Admin Console authorization handlers
services.AddAdminConsoleAuthorizationHandlers();
}
}
Reference in New Issue View Git Blame Copy Permalink