From 17525613faa23b02eacbc913b9c9e3506ef3208e Mon Sep 17 00:00:00 2001 From: THONY <85445598+toto-xoxo@users.noreply.github.com> Date: Mon, 1 Jan 2024 16:01:57 +0100 Subject: [PATCH] US or EU Data Region Selection (#3752) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * add selection of data region for push * fix cargo check + rewrite config + add check url * fix clippy error * add comment in .env.template, adapt config.rs * Update .env.template Co-authored-by: William Desportes * Update .env.template Co-authored-by: William Desportes * Revert "Update .env.template" This reverts commit 5bed974ba7b9f481792d2228834585f053d47dc3. * Revert "Update .env.template" This reverts commit 0760eff95dfaf2a9cf97bb25f6cf7660bdf55173. * fix /connect/token to push identity * fix /connect/token to push identity * Fixed formatting when solving merge conflicts --------- Co-authored-by: William Desportes Co-authored-by: Daniel GarcĂ­a --- .env.template | 4 +++- src/api/push.rs | 6 +++++- src/config.rs | 24 +++++++++++++++++++++++- 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/.env.template b/.env.template index ee78161973f..70b1fd6cfcb 100644 --- a/.env.template +++ b/.env.template @@ -77,11 +77,13 @@ # WEBSOCKET_PORT=3012 ## Enables push notifications (requires key and id from https://bitwarden.com/host) +## If you choose "European Union" Data Region, uncomment PUSH_RELAY_URI and PUSH_IDENTITY_URI then replace .com by .eu # PUSH_ENABLED=true # PUSH_INSTALLATION_ID=CHANGEME # PUSH_INSTALLATION_KEY=CHANGEME ## Don't change this unless you know what you're doing. # PUSH_RELAY_URI=https://push.bitwarden.com +# PUSH_IDENTITY_URI=https://identity.bitwarden.com ## Controls whether users are allowed to create Bitwarden Sends. ## This setting applies globally to all users. @@ -462,4 +464,4 @@ ## HaveIBeenPwned API Key, request it here: https://haveibeenpwned.com/API/Key # HIBP_API_KEY= -# vim: syntax=ini +# vim: syntax=ini \ No newline at end of file diff --git a/src/api/push.rs b/src/api/push.rs index 3b0a573bee3..7497b2490c1 100644 --- a/src/api/push.rs +++ b/src/api/push.rs @@ -50,7 +50,11 @@ async fn get_auth_push_token() -> ApiResult { ("client_secret", &client_secret), ]; - let res = match get_reqwest_client().post("https://identity.bitwarden.com/connect/token").form(¶ms).send().await + let res = match get_reqwest_client() + .post(&format!("{}/connect/token", CONFIG.push_identity_uri())) + .form(¶ms) + .send() + .await { Ok(r) => r, Err(e) => err!(format!("Error getting push token from bitwarden server: {e}")), diff --git a/src/config.rs b/src/config.rs index c1821798889..116adc98042 100644 --- a/src/config.rs +++ b/src/config.rs @@ -380,8 +380,10 @@ make_config! { push { /// Enable push notifications push_enabled: bool, false, def, false; - /// Push relay base uri + /// Push relay uri push_relay_uri: String, false, def, "https://push.bitwarden.com".to_string(); + /// Push identity uri + push_identity_uri: String, false, def, "https://identity.bitwarden.com".to_string(); /// Installation id |> The installation id from https://bitwarden.com/host push_installation_id: Pass, false, def, String::new(); /// Installation key |> The installation key from https://bitwarden.com/host @@ -754,6 +756,26 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { ) } + if cfg.push_enabled { + let push_relay_uri = cfg.push_relay_uri.to_lowercase(); + if !push_relay_uri.starts_with("https://") { + err!("`PUSH_RELAY_URI` must start with 'https://'.") + } + + if Url::parse(&push_relay_uri).is_err() { + err!("Invalid URL format for `PUSH_RELAY_URI`."); + } + + let push_identity_uri = cfg.push_identity_uri.to_lowercase(); + if !push_identity_uri.starts_with("https://") { + err!("`PUSH_IDENTITY_URI` must start with 'https://'.") + } + + if Url::parse(&push_identity_uri).is_err() { + err!("Invalid URL format for `PUSH_IDENTITY_URI`."); + } + } + const KNOWN_FLAGS: &[&str] = &["autofill-overlay", "autofill-v2", "browser-fileless-import", "fido2-vault-credentials"]; for flag in parse_experimental_client_feature_flags(&cfg.experimental_client_feature_flags).keys() {