US or EU Data Region Selection (dani-garcia#3752)

* add selection of data region for push * fix cargo check + rewrite config + add check url * fix clippy error * add comment in .env.template, adapt config.rs * Update .env.template Co-authored-by: William Desportes <[email protected]> * Update .env.template Co-authored-by: William Desportes <[email protected]> * Revert "Update .env.template" This reverts commit 5bed974. * Revert "Update .env.template" This reverts commit 0760eff. * fix /connect/token to push identity * fix /connect/token to push identity * Fixed formatting when solving merge conflicts --------- Co-authored-by: William Desportes <[email protected]> Co-authored-by: Daniel García <[email protected]>
lumpsoid · Jan 14, 2024 · 1752561 · 1752561
1 parent 76c2c6c
commit 1752561
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 3 deletions.
diff --git a/.env.template b/.env.template
@@ -77,11 +77,13 @@
 # WEBSOCKET_PORT=3012
 
 ## Enables push notifications (requires key and id from https://bitwarden.com/host)
+## If you choose "European Union" Data Region, uncomment PUSH_RELAY_URI and PUSH_IDENTITY_URI then replace .com by .eu
 # PUSH_ENABLED=true
 # PUSH_INSTALLATION_ID=CHANGEME
 # PUSH_INSTALLATION_KEY=CHANGEME
 ## Don't change this unless you know what you're doing.
 # PUSH_RELAY_URI=https://push.bitwarden.com
+# PUSH_IDENTITY_URI=https://identity.bitwarden.com
 
 ## Controls whether users are allowed to create Bitwarden Sends.
 ## This setting applies globally to all users.
@@ -462,4 +464,4 @@
 ## HaveIBeenPwned API Key, request it here: https://haveibeenpwned.com/API/Key
 # HIBP_API_KEY=
 
-# vim: syntax=ini
+# vim: syntax=ini
diff --git a/src/api/push.rs b/src/api/push.rs
@@ -50,7 +50,11 @@ async fn get_auth_push_token() -> ApiResult<String> {
         ("client_secret", &client_secret),
     ];
 
-    let res = match get_reqwest_client().post("https://identity.bitwarden.com/connect/token").form(&params).send().await
+    let res = match get_reqwest_client()
+        .post(&format!("{}/connect/token", CONFIG.push_identity_uri()))
+        .form(&params)
+        .send()
+        .await
     {
         Ok(r) => r,
         Err(e) => err!(format!("Error getting push token from bitwarden server: {e}")),

diff --git a/src/config.rs b/src/config.rs
@@ -380,8 +380,10 @@ make_config! {
     push {
         /// Enable push notifications
         push_enabled:           bool,   false,  def,    false;
-        /// Push relay base uri
+        /// Push relay uri
         push_relay_uri:         String, false,  def,    "https://push.bitwarden.com".to_string();
+        /// Push identity uri
+        push_identity_uri:      String, false,  def,    "https://identity.bitwarden.com".to_string();
         /// Installation id |> The installation id from https://bitwarden.com/host
         push_installation_id:   Pass,   false,  def,    String::new();
         /// Installation key |> The installation key from https://bitwarden.com/host
@@ -754,6 +756,26 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
         )
     }
 
+    if cfg.push_enabled {
+        let push_relay_uri = cfg.push_relay_uri.to_lowercase();
+        if !push_relay_uri.starts_with("https://") {
+            err!("`PUSH_RELAY_URI` must start with 'https://'.")
+        }
+
+        if Url::parse(&push_relay_uri).is_err() {
+            err!("Invalid URL format for `PUSH_RELAY_URI`.");
+        }
+
+        let push_identity_uri = cfg.push_identity_uri.to_lowercase();
+        if !push_identity_uri.starts_with("https://") {
+            err!("`PUSH_IDENTITY_URI` must start with 'https://'.")
+        }
+
+        if Url::parse(&push_identity_uri).is_err() {
+            err!("Invalid URL format for `PUSH_IDENTITY_URI`.");
+        }
+    }
+
     const KNOWN_FLAGS: &[&str] =
         &["autofill-overlay", "autofill-v2", "browser-fileless-import", "fido2-vault-credentials"];
     for flag in parse_experimental_client_feature_flags(&cfg.experimental_client_feature_flags).keys() {