Asset Links for Android FIDO2

DestruidorPT · Apr 24, 2021 · cee9e5b · cee9e5b
1 parent edd4bc2
commit cee9e5b
Show file tree

Hide file tree

Showing 4 changed files with 82 additions and 0 deletions.
diff --git a/util/Setup/AssetLinksBuilder.cs b/util/Setup/AssetLinksBuilder.cs
@@ -0,0 +1,36 @@
+using System;
+using System.IO;
+
+namespace Bit.Setup
+{
+    public class AssetLinksBuilder
+    {
+        private readonly Context _context;
+
+        public AssetLinksBuilder(Context context)
+        {
+            _context = context;
+        }
+
+        public void Build()
+        {
+            var model = new TemplateModel
+            {
+                Url = _context.Config.Url
+            };
+
+            Helpers.WriteLine(_context, "Building Asset Links For Fido2.");
+            Directory.CreateDirectory("/bitwarden/web/");
+            var template = Helpers.ReadTemplate("AssetLinks");
+            using (var sw = File.CreateText("/bitwarden/web/assetlinks.json"))
+            {
+                sw.Write(template(model));
+            }
+        }
+
+        public class TemplateModel
+        {
+            public string Url { get; set; }
+        }
+    }
+}
diff --git a/util/Setup/Program.cs b/util/Setup/Program.cs
@@ -102,6 +102,9 @@ private static void Install()
             var appIdBuilder = new AppIdBuilder(_context);
             appIdBuilder.Build();
 
+            var assetLinksBuilder = new AssetLinksBuilder(_context);
+            assetLinksBuilder.Build();
+
             var dockerComposeBuilder = new DockerComposeBuilder(_context);
             dockerComposeBuilder.BuildForInstaller();
 
@@ -255,6 +258,9 @@ private static void RebuildConfigs()
             var appIdBuilder = new AppIdBuilder(_context);
             appIdBuilder.Build();
 
+            var assetLinksBuilder = new AssetLinksBuilder(_context);
+            assetLinksBuilder.Build();
+
             var dockerComposeBuilder = new DockerComposeBuilder(_context);
             dockerComposeBuilder.BuildForUpdater();
 

diff --git a/util/Setup/Templates/AssetLinks.hbs b/util/Setup/Templates/AssetLinks.hbs
@@ -0,0 +1,29 @@
+[
+    {
+        "relation":[
+            "delegate_permission/common.handle_all_urls",
+            "delegate_permission/common.get_login_creds"
+        ],
+        "target":{
+            "namespace":"web",
+            "site":"{{{Url}}}"
+        }
+    },
+    {
+        "relation":[
+            "delegate_permission/common.handle_all_urls",
+            "delegate_permission/common.get_login_creds"
+        ],
+        "target":{
+            "namespace":"android_app",
+            "package_name":"com.x8bit.bitwarden",
+            "md5_cert_fingerprints":[
+                "35:"
+            ],"sha1_cert_fingerprints":[
+                "3A:"
+            ],"sha256_cert_fingerprints":[
+                "2C:"
+            ]
+        }
+    }
+]
diff --git a/util/Setup/Templates/NginxConfig.hbs b/util/Setup/Templates/NginxConfig.hbs
@@ -84,6 +84,17 @@ server {
     add_header Content-Type $fido_content_type;
   }
 
+  location = /.well-known/assetlinks.json {
+    proxy_pass http://web:5000/assetlinks.json;
+{{#if Ssl}}
+    include /etc/nginx/security-headers-ssl.conf;
+{{/if}}
+    include /etc/nginx/security-headers.conf;    
+    proxy_hide_header Content-Type;
+    add_header Content-Type application/json;
+
+  }
+
   location = /duo-connector.html {
     proxy_pass http://web:5000/duo-connector.html;
   }