Commit Graph

51 Commits

Author SHA1 Message Date
nicolas.dorier
ad4dbdad6d
Fix the PermissionJsonConverter 2020-03-20 19:57:00 +09:00
nicolas.dorier
a0e638d500
Switch from System.Text.Json to Newtonsoft, typify the BTCPayServer.Client 2020-03-20 14:01:51 +09:00
nicolas.dorier
318d826694
Rename Permissions.Can.. to Policies.Can.. 2020-03-20 13:41:47 +09:00
nicolas.dorier
29a807696b
Refactor permissions of GreenField 2020-03-19 23:43:51 +09:00
Kukks
6e1f3989e8 remove special case 2020-03-18 08:10:35 +01:00
Kukks
e99767c7e2 Greenfield API: Create User
Slightly big PR because I started refactoring to reduce code duplication between the UI based business logic and the api one.
2020-03-17 08:21:27 +01:00
Kukks
0c065df4bd Greenfield API: God Mode
When the `ServerManagement` permission is granted, you should be able to do everything in the system.
Maybe I should rename it to GodMode as a permission to not have any confusion with managing server settings (currently `ServerManagement`)?
2020-03-12 18:43:57 +01:00
Kukks
8173296c96 Greenfield API: Get current User
Builds on #1368
This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later)
It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later)
2020-03-12 14:59:24 +01:00
Kukks
233fa8a4a1 BTCPayServer.Client library + Revoke API Key 2020-03-11 16:54:53 +01:00
Andrew Camilleri
276a9a95f9
Remove OpenIddict (#1244) 2020-02-25 00:40:04 +09:00
Andrew Camilleri
fa51180dfa
Api keys with openiddict (#1262)
* Remove OpenIddict

* Add API Key system

* Revert removing OpenIddict

* fix rebase

* fix tests

* pr changes

* fix tests

* fix apikey test

* pr change

* fix db

* add migration attrs

* fix migration error

* PR Changes

* Fix sqlite migration

* change api key to use Authorization Header

* add supportAddForeignKey

* use tempdata status message

* fix add api key css

* remove redirect url + app identifier feature :(
2020-02-24 22:36:15 +09:00
Andrew Camilleri
34702d2633
Revoke Legacy Api Keys (#1344)
closes #1333
2020-02-21 13:40:00 +09:00
nicolas.dorier
60e0f775ed
Remove useless dependencies 2020-01-12 16:05:01 +09:00
nicolas.dorier
6c2fdecebe
Rewrite EF query for 3.1 compatibility 2020-01-11 13:12:40 +09:00
nicolas.dorier
a816e37621
Update libs 2020-01-11 13:12:24 +09:00
nicolas.dorier
48fa11759f
Missing files 2019-10-19 00:54:43 +09:00
nicolas.dorier
eac4c91820
Move Bitpay authentication class in BTCPayServer.Security 2019-10-19 00:54:20 +09:00
nicolas.dorier
da2e8665a1
Remove unused scope, assert policy on store listing 2019-10-18 23:42:06 +09:00
nicolas.dorier
c5ba063edf
Move OpenId folder 2019-10-18 21:36:32 +09:00
nicolas.dorier
3c9b58916b
Update to OpenIddict3.0 2019-10-18 19:02:23 +09:00
nicolas.dorier
281a2461ad
Refactor authorizations 2019-10-14 00:24:41 +09:00
nicolas.dorier
fda6a1a77b
Use ClaimTransformer instead of Authentication's JWT 2019-10-10 19:46:29 +09:00
nicolas.dorier
536f98b566
Fix entity framework queries to work in netcoreapp3.0 2019-10-06 15:48:12 +09:00
nicolas.dorier
aaa05eb5ec
Fix build 2019-10-03 17:37:10 +09:00
rockstardev
56e85b68d9 Csproj cleanup, reorganizing namespaces, fixing tests 2019-10-02 22:41:53 -05:00
nicolas.dorier
f257f9f91d
[Refactor] Move SQL classes in their own assembly 2019-08-30 18:22:13 +09:00
Andrew Camilleri
4055eda757 Part3: OpenIddict: Add Flows Event Handlers (#568)
* Part 1 & Part 2 squashed commits

pr changes


pr fixes


remove config for openid -- no need for it for now


Part 1: OpenIddict - Minor Changes & Config prep


Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies


pr changes


fix merge 


fix compile


fix compile #2


Part 1: OpenIddict - Minor Changes & Config prep


add missing nuget


Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies

* Part3: OpenIddict: Add Flows Event Handlers

* pr changes

* fix merge

* fix rebase

* fix imports

* cleanup

* do not allow u2f enabled accounts to log in

* start better tests for flows

* add tests

* fixes

* reintroduce dynamic policy as policies on jwt do not work without it

* reduce logs

* fix incorrect endpoint definitions

* Add implicit flow e2e test

* add code flow and refresh flow

* do not allow jwt bearer auth for all requests( only those under /api)

* remove commentedt code

* make sure authorize attr is marked with scheme

* remove dynamic policy and set claims in jwt handler

* cleanup

* change serversettings policy to not need a claim

* Add test to checkadmin verification

* revert server setting claim removal

* fix test

* switch back to claim

* unit test fixes

* try fix build with weird references to csprojes

* start fixing rebase

* remove https requirement to handle tor

* reformat tests correctly

* fix csproj

* fix ut formatting

* PR Changes

* do not show selenium browser
2019-07-01 12:39:25 +09:00
nicolas.dorier
5d8bf196a8
Fix: Allow get rate unauthenticated 2019-06-11 18:40:47 +09:00
nicolas.dorier
e5ba7b9e69
Refactor authentication handlers 2019-06-09 01:36:54 +09:00
Andrew Camilleri
ef9c2e8af1 Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies (#567)
* Part 1: OpenIddict - Minor Changes & Config prep

* Part 1: OpenIddict - Minor Changes & Config prep

* Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies

* pr changes

* pr changes

* fix merge

* pr fixes

* remove config for openid -- no need for it for now

* fix compile

* fix compile #2

* remove extra ns using

* Update Startup.cs

* compile

* adjust settings a bit

* remove duplicate

* remove external login provider placeholder html

* remove unused directives

* regenerate db snapshot model

* Remove dynamic policy
2019-05-24 15:17:02 +09:00
Andrew Camilleri
cf436e11ae Part 1: OpenIddict - Minor Changes & Config prep (#566)
* Part 1: OpenIddict - Minor Changes & Config prep

* add missing nuget

* pr changes

* pr fixes

* remove config for openid -- no need for it for now

* remove unused extension

* Add tests

* use pay tester http client

* check redirecturl in tests
2019-05-15 00:46:43 +09:00
nicolas.dorier
e169b851ee Remove another warning 2019-05-02 21:44:16 +09:00
nicolas.dorier
4067d4b00f Remove the Facade concept 2019-04-11 23:55:20 +09:00
nicolas.dorier
a09c6d51e6 fix exception which can be thrown if the store is not found 2019-03-25 12:24:48 +09:00
nicolas.dorier
312c7b7193 Fix anonymous bitpay api access 2019-03-25 12:22:17 +09:00
nicolas.dorier
ee733fee28 If AnyoneCanInvoice and the storeId is passed as a parameter to the Bitpay API, then allow request 2019-03-25 12:18:39 +09:00
nicolas.dorier
4d7e9d3f8a Rewrite the BitpayAuthHandler more clearly 2019-03-25 12:09:18 +09:00
nicolas.dorier
4c83ecd06a Remove unused code 2019-01-15 21:56:33 +09:00
nicolas.dorier
25e226d219 Clarify the code 2018-12-07 14:37:07 +09:00
nicolas.dorier
8198f98376 Code simplification 2018-12-06 12:26:42 +09:00
nicolas.dorier
65b4697229 Properly error 401 if request is not signed correctly 2018-12-06 12:22:05 +09:00
GameXG
db40c7bc32 Solving the new version of btcpayserver caused btcpay-python not to create an order problem (#327) 2018-10-11 23:50:28 +09:00
nicolas.dorier
fed53661b3 Add btcpay.store.cancreateinvoice claim, and use that for the store 2018-09-08 14:53:41 +09:00
nicolas.dorier
976d9d0cda Add CSP (Disable it if custom theming) 2018-07-12 17:38:21 +09:00
nicolas.dorier
04174b7431 Fix authentication 2018-06-06 16:02:37 +09:00
nicolas.dorier
01cf579530 Use proper custom authentication handler for bitpay 2018-06-04 12:00:03 +09:00
nicolas.dorier
6f07849e1d Use policies security for controlling access to bitpay api 2018-05-11 17:16:18 +09:00
nicolas.dorier
eb975bf8fc Isolate Bitpay's code outside of middleware inside BitpayClaimsFilter 2018-04-30 22:28:00 +09:00
nicolas.dorier
21bbf49640 Rewrite authorization enforcement and simplify the code 2018-04-30 22:00:43 +09:00
nicolas.dorier
af0eb831a2 Remove useless code and rename file 2018-04-30 02:37:32 +09:00