Add the route GET /bitwarden/api/config (#4454)

cozy · Sep 9, 2024 · 1fee126 · 1fee126
2 parents 621c4e3 + d2b599a
commit 1fee126
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 0 deletions.
diff --git a/docs/bitwarden.md b/docs/bitwarden.md
@@ -28,6 +28,42 @@ to `https://<instance>/bitwarden`.
 
 ## Routes for accounts and connect
 
+### GET /bitwarden/api/config
+
+Bitwarden clients require this route, even if the information could be guessed
+without it in Cozy case.
+
+#### Request
+
+```http
+GET /bitwarden/api/config HTTP/1.1
+Host: alice.example.com
+```
+
+#### Response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+```
+
+```json
+{
+  "version": "2024.0.0",
+  "gitHash": null,
+  "server": null,
+  "environment": {
+    "cloudRegion": "EU",
+    "vault": "https://alice.example.com",
+    "api": "https://alice.example.com",
+    "identity": "https://alice.example.com",
+    "notifications": "https://alice.example.com"
+  },
+  "featureStates": {},
+  "object": "config"
+}
+```
+
 ### POST /bitwarden/api/accounts/prelogin & POST /bitwarden/identity/accounts/prelogin
 
 It allows the client to know the number of KDF iterations to apply when hashing

diff --git a/web/bitwarden/bitwarden.go b/web/bitwarden/bitwarden.go
@@ -24,6 +24,30 @@ import (
 	"github.com/labstack/echo/v4"
 )
 
+// GetConfig is the handler for GET /bitwarden/api/config.
+func GetConfig(c echo.Context) error {
+	inst := middlewares.GetInstance(c)
+
+	// The "cipher key encryption" feature was introduced in 2024.2.0, and we
+	// don't support it. So, we need a version number before that.
+	version := "2024.0.0"
+
+	return c.JSON(http.StatusOK, echo.Map{
+		"version": version,
+		"gitHash": nil,
+		"server":  nil,
+		"environment": map[string]interface{}{
+			"cloudRegion":   "EU",
+			"vault":         inst.PageURL("", nil),
+			"api":           inst.PageURL("", nil),
+			"identity":      inst.PageURL("", nil),
+			"notifications": inst.PageURL("", nil),
+		},
+		"featureStates": map[string]interface{}{},
+		"object":        "config",
+	})
+}
+
 // Prelogin tells to the client how many KDF iterations it must apply when
 // hashing the master password.
 func Prelogin(c echo.Context) error {
@@ -515,6 +539,7 @@ func Routes(router *echo.Group) {
 	identity.POST("/accounts/prelogin", Prelogin)
 
 	api := router.Group("/api")
+	api.GET("/config", GetConfig)
 	api.GET("/sync", Sync)
 
 	accounts := api.Group("/accounts")