From 0eb68ec461fb9c2b343ec229d3173d95f7703423 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Thu, 10 Aug 2017 10:16:58 -0400 Subject: [PATCH] revert old bearer code. use bearer scheme again --- .../Abstractions/Services/ITokenService.cs | 2 - src/App/Models/Api/Request/TokenRequest.cs | 7 --- src/App/Repositories/BaseApiRepository.cs | 54 +------------------ src/App/Services/AuthService.cs | 4 +- src/App/Services/TokenService.cs | 37 ------------- src/App/Utilities/TokenHttpRequestMessage.cs | 15 +----- 6 files changed, 3 insertions(+), 116 deletions(-) diff --git a/src/App/Abstractions/Services/ITokenService.cs b/src/App/Abstractions/Services/ITokenService.cs index 931652682..f7cfed6f6 100644 --- a/src/App/Abstractions/Services/ITokenService.cs +++ b/src/App/Abstractions/Services/ITokenService.cs @@ -6,8 +6,6 @@ namespace Bit.App.Abstractions { string Token { get; set; } string RefreshToken { get; set; } - [Obsolete("Old auth scheme")] - string AuthBearer { get; set; } string GetTwoFactorToken(string email); void SetTwoFactorToken(string email, string token); DateTime TokenExpiration { get; } diff --git a/src/App/Models/Api/Request/TokenRequest.cs b/src/App/Models/Api/Request/TokenRequest.cs index d07a26003..535acf69c 100644 --- a/src/App/Models/Api/Request/TokenRequest.cs +++ b/src/App/Models/Api/Request/TokenRequest.cs @@ -10,8 +10,6 @@ namespace Bit.App.Models.Api public string MasterPasswordHash { get; set; } public string Token { get; set; } public TwoFactorProviderType? Provider { get; set; } - [Obsolete] - public string OldAuthBearer { get; set; } public DeviceRequest Device { get; set; } public bool Remember { get; set; } @@ -26,11 +24,6 @@ namespace Bit.App.Models.Api { "client_id", "mobile" } }; - if(OldAuthBearer != null) - { - dict.Add("OldAuthBearer", OldAuthBearer); - } - if(Device != null) { dict.Add("DeviceType", Device.Type.ToString()); diff --git a/src/App/Repositories/BaseApiRepository.cs b/src/App/Repositories/BaseApiRepository.cs index 6c7b5f5a1..7b5a13900 100644 --- a/src/App/Repositories/BaseApiRepository.cs +++ b/src/App/Repositories/BaseApiRepository.cs @@ -7,7 +7,6 @@ using Newtonsoft.Json; using Plugin.Connectivity.Abstractions; using Bit.App.Abstractions; using System.Net; -using XLabs.Ioc; using Newtonsoft.Json.Linq; namespace Bit.App.Repositories @@ -48,54 +47,7 @@ namespace Bit.App.Repositories private async Task HandleTokenStateAsync(Func success, Func webException, Func> error) { - if(!string.IsNullOrWhiteSpace(TokenService.AuthBearer) && string.IsNullOrWhiteSpace(TokenService.Token)) - { - // Migrate from old auth bearer to new access token - - var deviceInfoService = Resolver.Resolve(); - var appIdService = Resolver.Resolve(); - - using(var client = HttpService.IdentityClient) - { - var requestMessage = new HttpRequestMessage - { - Method = HttpMethod.Post, - RequestUri = new Uri(client.BaseAddress, "connect/token"), - Content = new FormUrlEncodedContent(new TokenRequest - { - Email = "abcdefgh", - MasterPasswordHash = "abcdefgh", - OldAuthBearer = TokenService.AuthBearer, - Device = new DeviceRequest(appIdService, deviceInfoService) - }.ToIdentityTokenRequest()) - }; - - try - { - var response = await client.SendAsync(requestMessage).ConfigureAwait(false); - if(!response.IsSuccessStatusCode) - { - if(response.StatusCode == HttpStatusCode.BadRequest) - { - response.StatusCode = HttpStatusCode.Unauthorized; - } - - return await error.Invoke(response).ConfigureAwait(false); - } - - var responseContent = await response.Content.ReadAsStringAsync().ConfigureAwait(false); - var tokenResponse = JsonConvert.DeserializeObject(responseContent); - TokenService.Token = tokenResponse.AccessToken; - TokenService.RefreshToken = tokenResponse.RefreshToken; - TokenService.AuthBearer = null; - } - catch - { - return webException.Invoke(); - } - } - } - else if(TokenService.TokenNeedsRefresh && !string.IsNullOrWhiteSpace(TokenService.RefreshToken)) + if(TokenService.TokenNeedsRefresh && !string.IsNullOrWhiteSpace(TokenService.RefreshToken)) { using(var client = HttpService.IdentityClient) { @@ -135,10 +87,6 @@ namespace Bit.App.Repositories } } } - else if(!string.IsNullOrWhiteSpace(TokenService.AuthBearer)) - { - TokenService.AuthBearer = null; - } return success.Invoke(); } diff --git a/src/App/Services/AuthService.cs b/src/App/Services/AuthService.cs index c7573813d..99d735704 100644 --- a/src/App/Services/AuthService.cs +++ b/src/App/Services/AuthService.cs @@ -150,8 +150,7 @@ namespace Bit.App.Services get { return _cryptoService.Key != null && - (!string.IsNullOrWhiteSpace(_tokenService.Token) || - !string.IsNullOrWhiteSpace(_tokenService.AuthBearer)) && + !string.IsNullOrWhiteSpace(_tokenService.Token) && !string.IsNullOrWhiteSpace(UserId); } } @@ -199,7 +198,6 @@ namespace Bit.App.Services { _tokenService.Token = null; _tokenService.RefreshToken = null; - _tokenService.AuthBearer = null; UserId = null; Email = null; _cryptoService.ClearKeys(); diff --git a/src/App/Services/TokenService.cs b/src/App/Services/TokenService.cs index 625c9cf77..9426661d2 100644 --- a/src/App/Services/TokenService.cs +++ b/src/App/Services/TokenService.cs @@ -11,14 +11,12 @@ namespace Bit.App.Services private const string TokenKey = "accessToken"; private const string RefreshTokenKey = "refreshToken"; private const string TwoFactorTokenKeyFormat = "twoFactorToken_{0}"; - private const string AuthBearerKey = "token"; private readonly ISecureStorageService _secureStorage; private string _token; private dynamic _decodedToken; private string _refreshToken; - private string _authBearer; public TokenService(ISecureStorageService secureStorage) { @@ -54,7 +52,6 @@ namespace Bit.App.Services { _secureStorage.Delete(TokenKey); RefreshToken = null; - AuthBearer = null; } _decodedToken = null; @@ -132,40 +129,6 @@ namespace Bit.App.Services } } - public string AuthBearer - { - get - { - if(_authBearer != null) - { - return _authBearer; - } - - var tokenBytes = _secureStorage.Retrieve(AuthBearerKey); - if(tokenBytes == null) - { - return null; - } - - _authBearer = Encoding.UTF8.GetString(tokenBytes, 0, tokenBytes.Length); - return _authBearer; - } - set - { - if(value != null) - { - var tokenBytes = Encoding.UTF8.GetBytes(value); - _secureStorage.Store(AuthBearerKey, tokenBytes); - } - else - { - _secureStorage.Delete(AuthBearerKey); - } - - _authBearer = value; - } - } - public string GetTwoFactorToken(string email) { var emailEncoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(email)); diff --git a/src/App/Utilities/TokenHttpRequestMessage.cs b/src/App/Utilities/TokenHttpRequestMessage.cs index 340e7ca4f..6d6dbd9e7 100644 --- a/src/App/Utilities/TokenHttpRequestMessage.cs +++ b/src/App/Utilities/TokenHttpRequestMessage.cs @@ -15,20 +15,7 @@ namespace Bit.App if(!string.IsNullOrWhiteSpace(tokenService.Token)) { - var httpService = Resolver.Resolve(); - - var bearerString = "Bearer"; - var tokenIssuer = tokenService.TokenIssuer; - if(tokenIssuer == httpService.ApiClient.BaseAddress.OriginalString) - { - bearerString = string.Concat(bearerString, "2"); - } - else if(tokenIssuer == httpService.IdentityClient.BaseAddress.OriginalString) - { - bearerString = string.Concat(bearerString, "3"); - } - - Headers.Add("Authorization", $"{bearerString} {tokenService.Token}"); + Headers.Add("Authorization", $"Bearer {tokenService.Token}"); } if(!string.IsNullOrWhiteSpace(appIdService.AppId)) {