Push after rebase (#1) #2
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add support for external icon services
As requested in dani-garcia#2136, some small changes on the type of log messages and wording used. Resolves dani-garcia#2136
Small changes to icon log messages.
Sync global_domains.json
- Using my own rust-musl build containers we now support all database types for both Debian and Alpine. - Added new Alpine containers for armv6 and arm64/aarch64 - The Debian builds can also be done wihout dpkg magic stuff, probably some fixes in Rust regarding linking (Or maybe OpenSSL or Diesel), in any case, it works now without hacking dpkg and apt. - Updated toolchain and crates
…arden into BlackDex-multi-db-dockers
Browsers are rather smart, but also dumb. This uses the `Expires` header alongside `cache-control` to better prompt the browser to actually cache. Unfortunately, firefox still tries to "race" its own cache, in an attempt to respond to requests faster, so still ends up making a bunch of requests which could have been cached. Doesn't appear there's any way around this.
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
…header Set `Expires` header when caching responses
The default code is 307 (temporary) to make it easier to test different icon services, but once a service has been decided on, users should ideally switch to using permanent redirects for cacheability.
For emergency access invitations we need to check if invites are allowed, not if sign-ups are allowed.
The CLI seems to send a String instead of an Integer for the maximum access count. It now accepts both types and converts it to an i32 in all cases. Fixes dani-garcia#2196
Add config option to set the HTTP redirect code for external icons
Fix issue with Bitwarden CLI.
If a new user gets invited it should check if the user is invited via emergency access, if so, allow that user to register.
At least on Android, it seems the Bitwarden mobile client responds to HTTP 307, but not to HTTP 308 for some reason.
Convert old, soon to be defunct, Feature-Policy with its replacement Permissions-Policy
This is mainly useful for CLI-based login automation.
API key logins use a scope of `api`, not `api offline_access`. Since `offline_access` is not requested, no `refresh_token` is returned either.
Squashed commit of the following: commit 1bdf1c7954e0731c95703d10118f3874ab5155d3 Merge: 8ba6e61 7257251 Author: Daniel García <dani-garcia@users.noreply.github.com> Date: Sun Jan 23 23:40:17 2022 +0100 Merge branch 'remove-bwrs' of https://github.com/RealOrangeOne/vaultwarden into RealOrangeOne-remove-bwrs commit 7257251 Author: Jake Howard <git@theorangeone.net> Date: Thu Jan 6 17:48:18 2022 +0000 Use `or_else` to save potentially unnecessary function call commit 40ae81d Author: Jake Howard <git@theorangeone.net> Date: Wed Jan 5 21:18:24 2022 +0000 Move $BWRS_VERSION fallback into build.rs commit 743ef74 Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 23:08:27 2022 +0000 Revert "Add feature to enable use of `Option::or` in const context" This reverts commit fe8e043. We want to run on stable soon, where these features are not supported commit a1f0da6 Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 13:04:47 2022 +0000 Rename web vault version file dani-garcia/bw_web_builds#58 commit fe8e043 Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 12:56:44 2022 +0000 Add feature to enable use of `Option::or` in const context commit 687435c Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 12:27:28 2022 +0000 Continue to allow using `$BWRS_VERSION` commit 8e2f708 Author: Jake Howard <git@theorangeone.net> Date: Fri Dec 31 11:41:34 2021 +0000 Remove references to "bwrs" The only remaining one is getting the version of the web vault, which requires coordinating with the web vault patching.
Currently the branch protection is set on specific workflows which needs to be run every time a PR is created (or a push). Because it isn't possible to tell the branch protection only to do it's job if specific files are touched or not, we just need to make sure these jobs are always started. Also, because we now check the builds for an MSRV, and the title would change all the time, that would cause the branch protection to be updated everytime the MSRV would change. This is now also addressed by naming that job 'msrv' instead of the version number.
This PR adds support for the Send v2 API. It should prevent 404 errors which could cause some issues with some configurations on some reverse proxies. In the long run, we can probably remove the old file upload API, but for now lets leave it there, since Bitwarden also still has this endpoint in the code. Might fixes dani-garcia#2753
- Updated to Rust v1.64.0 - Updated all libararies - Updated multer-rs to be based upon the latest version - Updated Dockerfiles to match the Rust version
Currently the branch protection is set on specific workflows which needs to be run every time a PR is created (or a push). Because it isn't possible to tell the branch protection only to do it's job if specific files are touched or not, we just need to make sure these jobs are always started. Also, because we now check the builds for an MSRV, and the title would change all the time, that would cause the branch protection to be updated everytime the MSRV would change. This is now also addressed by naming that job 'msrv' instead of the version number.
This PR adds support for the Send v2 API. It should prevent 404 errors which could cause some issues with some configurations on some reverse proxies. In the long run, we can probably remove the old file upload API, but for now lets leave it there, since Bitwarden also still has this endpoint in the code. Might fixes dani-garcia#2753
- Updated to Rust v1.64.0 - Updated all libararies - Updated multer-rs to be based upon the latest version - Updated Dockerfiles to match the Rust version
Since v2022.9.x it seems they changed the export endpoint and way of working. This PR fixes this by adding the export endpoint. Also, it looks like the clients can't handle uppercase first JSON key's. Because of this there now is a function which converts all the key's to lowercase first. I have an issue reported at Bitwarden if this is expected behavior: bitwarden/clients#3606 Fixes dani-garcia#2760 Fixes dani-garcia#2764
pinpox
force-pushed
the
rebase-oidc
branch
13 times, most recently
from
c4d1e87 to
6591fd5
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
add required fields to schema/org form
working sso login
policy enforcement - multiple devices
cleanup
safe handling of RawStrs
comment updates
add web-vault-sso.patch
remove changes for local development
trivial PR feedback - missing files from web-vault patch
use migrations properly, avoid panics
nullable fields
use String instead of &RawStr
inline error responses. Cover more cases in prevalidate
add sso_nonce to database, with checking
add missing files
split sso_config into own table
avoid panics
updated webvault patch
Co-authored-by: Stuart Heap sheap13@gmail.com