US or EU Data Region Selection (#3752)

* add selection of data region for push

* fix cargo check + rewrite config + add check url

* fix clippy error

* add comment in .env.template, adapt config.rs

* Update .env.template

Co-authored-by: William Desportes <williamdes@wdes.fr>

* Update .env.template

Co-authored-by: William Desportes <williamdes@wdes.fr>

* Revert "Update .env.template"

This reverts commit 5bed974ba7b9f481792d2228834585f053d47dc3.

* Revert "Update .env.template"

This reverts commit 0760eff95dfaf2a9cf97bb25f6cf7660bdf55173.

* fix /connect/token to push identity

* fix /connect/token to push identity

* Fixed formatting when solving merge conflicts

---------

Co-authored-by: William Desportes <williamdes@wdes.fr>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
This commit is contained in:
THONY 2024-01-01 16:01:57 +01:00 committed by GitHub
parent a641b48884
commit d672ad3f76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 31 additions and 3 deletions

View File

@ -77,11 +77,13 @@
# WEBSOCKET_PORT=3012 # WEBSOCKET_PORT=3012
## Enables push notifications (requires key and id from https://bitwarden.com/host) ## Enables push notifications (requires key and id from https://bitwarden.com/host)
## If you choose "European Union" Data Region, uncomment PUSH_RELAY_URI and PUSH_IDENTITY_URI then replace .com by .eu
# PUSH_ENABLED=true # PUSH_ENABLED=true
# PUSH_INSTALLATION_ID=CHANGEME # PUSH_INSTALLATION_ID=CHANGEME
# PUSH_INSTALLATION_KEY=CHANGEME # PUSH_INSTALLATION_KEY=CHANGEME
## Don't change this unless you know what you're doing. ## Don't change this unless you know what you're doing.
# PUSH_RELAY_URI=https://push.bitwarden.com # PUSH_RELAY_URI=https://push.bitwarden.com
# PUSH_IDENTITY_URI=https://identity.bitwarden.com
## Controls whether users are allowed to create Bitwarden Sends. ## Controls whether users are allowed to create Bitwarden Sends.
## This setting applies globally to all users. ## This setting applies globally to all users.
@ -462,4 +464,4 @@
## HaveIBeenPwned API Key, request it here: https://haveibeenpwned.com/API/Key ## HaveIBeenPwned API Key, request it here: https://haveibeenpwned.com/API/Key
# HIBP_API_KEY= # HIBP_API_KEY=
# vim: syntax=ini # vim: syntax=ini

View File

@ -50,7 +50,11 @@ async fn get_auth_push_token() -> ApiResult<String> {
("client_secret", &client_secret), ("client_secret", &client_secret),
]; ];
let res = match get_reqwest_client().post("https://identity.bitwarden.com/connect/token").form(&params).send().await let res = match get_reqwest_client()
.post(&format!("{}/connect/token", CONFIG.push_identity_uri()))
.form(&params)
.send()
.await
{ {
Ok(r) => r, Ok(r) => r,
Err(e) => err!(format!("Error getting push token from bitwarden server: {e}")), Err(e) => err!(format!("Error getting push token from bitwarden server: {e}")),

View File

@ -380,8 +380,10 @@ make_config! {
push { push {
/// Enable push notifications /// Enable push notifications
push_enabled: bool, false, def, false; push_enabled: bool, false, def, false;
/// Push relay base uri /// Push relay uri
push_relay_uri: String, false, def, "https://push.bitwarden.com".to_string(); push_relay_uri: String, false, def, "https://push.bitwarden.com".to_string();
/// Push identity uri
push_identity_uri: String, false, def, "https://identity.bitwarden.com".to_string();
/// Installation id |> The installation id from https://bitwarden.com/host /// Installation id |> The installation id from https://bitwarden.com/host
push_installation_id: Pass, false, def, String::new(); push_installation_id: Pass, false, def, String::new();
/// Installation key |> The installation key from https://bitwarden.com/host /// Installation key |> The installation key from https://bitwarden.com/host
@ -754,6 +756,26 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
) )
} }
if cfg.push_enabled {
let push_relay_uri = cfg.push_relay_uri.to_lowercase();
if !push_relay_uri.starts_with("https://") {
err!("`PUSH_RELAY_URI` must start with 'https://'.")
}
if Url::parse(&push_relay_uri).is_err() {
err!("Invalid URL format for `PUSH_RELAY_URI`.");
}
let push_identity_uri = cfg.push_identity_uri.to_lowercase();
if !push_identity_uri.starts_with("https://") {
err!("`PUSH_IDENTITY_URI` must start with 'https://'.")
}
if Url::parse(&push_identity_uri).is_err() {
err!("Invalid URL format for `PUSH_IDENTITY_URI`.");
}
}
const KNOWN_FLAGS: &[&str] = const KNOWN_FLAGS: &[&str] =
&["autofill-overlay", "autofill-v2", "browser-fileless-import", "fido2-vault-credentials"]; &["autofill-overlay", "autofill-v2", "browser-fileless-import", "fido2-vault-credentials"];
for flag in parse_experimental_client_feature_flags(&cfg.experimental_client_feature_flags).keys() { for flag in parse_experimental_client_feature_flags(&cfg.experimental_client_feature_flags).keys() {