mirror of
https://github.com/bitwarden/android.git
synced 2024-10-31 15:15:34 +03:00
Add ssoToken to limit lifetime of SSO redirect (#1965)
This commit is contained in:
parent
109aeb49e4
commit
6e2e613fee
4 changed files with 16 additions and 5 deletions
|
@ -81,10 +81,12 @@ namespace Bit.App.Pages
|
|||
}
|
||||
|
||||
await _deviceActionService.ShowLoadingAsync(AppResources.LoggingIn);
|
||||
string ssoToken;
|
||||
|
||||
try
|
||||
{
|
||||
await _apiService.PreValidateSso(OrgIdentifier);
|
||||
var response = await _apiService.PreValidateSso(OrgIdentifier);
|
||||
ssoToken = response.Token;
|
||||
}
|
||||
catch (ApiException e)
|
||||
{
|
||||
|
@ -112,7 +114,8 @@ namespace Bit.App.Pages
|
|||
"response_type=code&scope=api%20offline_access&" +
|
||||
"state=" + state + "&code_challenge=" + codeChallenge + "&" +
|
||||
"code_challenge_method=S256&response_mode=query&" +
|
||||
"domain_hint=" + Uri.EscapeDataString(OrgIdentifier);
|
||||
"domain_hint=" + Uri.EscapeDataString(OrgIdentifier) + "&" +
|
||||
"ssoToken=" + Uri.EscapeDataString(ssoToken);
|
||||
|
||||
WebAuthenticatorResult authResult = null;
|
||||
try
|
||||
|
|
|
@ -44,7 +44,7 @@ namespace Bit.Core.Abstractions
|
|||
Task PutDeleteCipherAsync(string id);
|
||||
Task<CipherResponse> PutRestoreCipherAsync(string id);
|
||||
Task RefreshIdentityTokenAsync();
|
||||
Task<object> PreValidateSso(string identifier);
|
||||
Task<SsoPrevalidateResponse> PreValidateSso(string identifier);
|
||||
Task<TResponse> SendAsync<TRequest, TResponse>(HttpMethod method, string path,
|
||||
TRequest body, bool authed, bool hasResponse, bool logoutOnUnauthorized = true);
|
||||
void SetUrls(EnvironmentUrls urls);
|
||||
|
|
7
src/Core/Models/Response/SsoPrevalidateResponse.cs
Normal file
7
src/Core/Models/Response/SsoPrevalidateResponse.cs
Normal file
|
@ -0,0 +1,7 @@
|
|||
namespace Bit.Core.Models.Response
|
||||
{
|
||||
public class SsoPrevalidateResponse
|
||||
{
|
||||
public string Token { get; set; }
|
||||
}
|
||||
}
|
|
@ -547,7 +547,7 @@ namespace Bit.Core.Services
|
|||
return accessToken;
|
||||
}
|
||||
|
||||
public async Task<object> PreValidateSso(string identifier)
|
||||
public async Task<SsoPrevalidateResponse> PreValidateSso(string identifier)
|
||||
{
|
||||
var path = "/account/prevalidate?domainHint=" + WebUtility.UrlEncode(identifier);
|
||||
using (var requestMessage = new HttpRequestMessage())
|
||||
|
@ -571,7 +571,8 @@ namespace Bit.Core.Services
|
|||
var error = await HandleErrorAsync(response, false, true);
|
||||
throw new ApiException(error);
|
||||
}
|
||||
return null;
|
||||
var responseJsonString = await response.Content.ReadAsStringAsync();
|
||||
return JsonConvert.DeserializeObject<SsoPrevalidateResponse>(responseJsonString);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue