* feat: add full middleware pipeline support
* Retrieve cookies from storage and attach cookies using Electron session
* Register middleware to act on fetch redirect to acquire cookie for SSO
* Add missing tests
* fix: acquireCookies call
* fix: cookies not getting set
* feat: add vaultUrl to server communication config
* feat: adapt to receiving vaultUrl in acquireCookies
* fix: remove localhost connector override
* Fix requests can't be re-used
* Add small delay to ensure cookies are saved before retrying requests
* Fix vaultUrl being set twice
* Add mock clone method
* Fix sso-cookie.main tests
* Remove old FIXME
* Re-use request and fix test
* Add missing coverage checking that needsBootsrap is called
* In case the hostname can't be extracted, the response is returned
* Only check the responseType instead of also checking statuscodes for redirects
* Bump the sdk-version
* Prepend https:// if necessary before launching the connector url
* Add dialog to cookie acquisition
* Fix tests
* Add handling the user choosing cancel, which will now cancel the cookie acquisition
* Do not retry if needsBootstrap returns false
* Fix tests that hadn't been updated seen https:// was appended
* Move the sso cookie feature fully into desktop
* Move prompt to acquire cookie into ServerCommunicationConfigPlatformApiService and ensures that concurrent calls are dedupes during the callback await and when the dialog is open but no option has been chosen yet
* Fix broken import on sso-cookie.main.spec
* Update test suite, due to moving the dialog into the ServerCommunicationConfigPlatformApiService
* Fix import, that I missed from the move
* feat: move subscription into init function
---------
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* feat: add full middleware pipeline support
* Retrieve cookies from storage and attach cookies using Electron session
* Register middleware to act on fetch redirect to acquire cookie for SSO
* Add missing tests
* fix: acquireCookies call
* fix: cookies not getting set
* feat: add vaultUrl to server communication config
* feat: adapt to receiving vaultUrl in acquireCookies
* fix: remove localhost connector override
* Fix requests can't be re-used
* Add small delay to ensure cookies are saved before retrying requests
* Fix vaultUrl being set twice
* Add mock clone method
* Fix sso-cookie.main tests
* Remove old FIXME
* Re-use request and fix test
* Add missing coverage checking that needsBootsrap is called
* In case the hostname can't be extracted, the response is returned
* Only check the responseType instead of also checking statuscodes for redirects
* Bump the sdk-version
* Prepend https:// if necessary before launching the connector url
* Do not retry if needsBootstrap returns false
---------
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Updates the `ChangePasswordService` (`changePassword()` and `changePasswordForAccountRecovery()`) to use the new KM data types :
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`
This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.
Also moves current password validation into the default and web change password services.
Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
* fix(uif): only apply macOS extra top padding to nav logo in overlay mode
The macOS extra top padding was unconditionally applied to the nav logo.
Now it only applies when the side nav is in overlay mode (open but not push mode).
Building upon the prior SSH agent v2 commits, this PR introduces the high level interfaces between the napi layer, the agent, and the underlying server.
Two traits are defined to act as abstraction layers:
AuthPolicy allows the underlying server to externally request authorization to complete the various ssh operation requests it receives. The implementation of this in the BitwardenSshAgent is effectively the agent's business logic, and has unit tests accordingly.
ApprovalRequester allows the agent to externally request approval for those authorization requests.
These interfaces allow better unit test-ability and integration test-ability, and additionally are context-independent from each other; meaning the ssh agent server doesn't know about vault items, or that there is an electron app at all. Similarly, the agent knows it needs to request approval, but it doesn't have to be from an Electron app.
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
Updates import statements in vault-related files to use direct imports
instead of re-exported paths. This prepares for removal of re-exporting
files in a follow-up PR.
Part of PM-33381
* refactor decline and leave to be a link button rather than a secondary button
* update supporting text for transfer dialog
* add aria-label for learn more link
* Add cookie acquisition to ServerCommunicationConfigService
* Fix DI for ServerCommunicationConfigPlatformApiService
* Rename param for acquireCookie from hostname to url
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* PM-24047: Make popout windows respect vault timeout when unfocused
Replace the heartbeat message-passing mechanism for popup detection
with direct browser API queries (getContexts on MV3, getExtensionViews
on MV2/Safari) that can distinguish focused from unfocused popout
windows. Unfocused popout windows no longer prevent vault timeout.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* PM-24047: Add isAnyViewFocused(), revert isPopupOpen() to simple popup detection
Addresses PR review feedback by separating focus-aware logic from the
isPopupOpen() semantics, which other callers depend on for simple
popup detection:
- BrowserApi.isPopupOpen(): reverted to return views.length > 0 for
popup-type views only (original behavior)
- BrowserApi.isAnyViewFocused(): new method that checks popup views
(always focused), sidebar tab views (always focused), and popout
tab views (focused only if document.hasFocus() is true)
- BrowserPlatformUtilsService.isPopupOpen(): simplified MV3 path
uses getContexts({ contextTypes: ['POPUP'] })
- BrowserPlatformUtilsService.isAnyViewFocused(): new method with
MV3 (POPUP/SIDE_PANEL/focused TAB) and MV2/Safari paths
- PlatformUtilsService: adds isAnyViewFocused() to the interface
- Web/Desktop/CLI stubs return false (no popout windows)
- VaultTimeoutService now calls isAnyViewFocused() instead of
isPopupOpen() so unfocused popouts don't block vault timeout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Move MV3/MV2 routing into BrowserApi
isPopupOpen() and isAnyViewFocused() now use feature detection for
chrome.runtime.getContexts to select the right API internally,
rather than having the routing in BrowserPlatformUtilsService.
This means BrowserApi is the single owner of view-detection logic,
and the service methods are simple one-line delegations.
Using typeof getContexts === "function" rather than isManifestVersion()
handles Safari naturally: if Safari doesn't support getContexts it
falls back to getExtensionViews, without needing an explicit isSafari()
exclusion.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Scope MV3/MV2 routing refactor to isAnyViewFocused only
isPopupOpen() keeps its existing pattern (MV3/MV2 routing in the
service, simple getExtensionViews in BrowserApi) to avoid touching
unrelated code. Only isAnyViewFocused() has its routing moved into
BrowserApi via feature detection.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Restore isPopupOpen to main branch implementation
isPopupOpen() and its tests are restored exactly to the main branch
version (heartbeat-based approach). Only isAnyViewFocused is new code.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Refactor isPopupOpen() to use getContexts/getViews instead of heartbeat
Replaces the message-passing heartbeat approach with the same
chrome.runtime.getContexts() (MV3) / chrome.extension.getViews() (MV2/Safari)
introspection pattern used by isAnyViewFocused(). This eliminates the need
for a heartbeat listener in the popup and makes both methods consistent.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Simplify isAnyViewFocused() using Array.some()
Collapse the two separate POPUP/SIDE_PANEL checks into a single .some()
call, and replace the synchronous MV2/Safari tab view loop with .some().
The async TAB/popout window check stays as a for loop.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: improve tabs loop readability somewhat
* PM-24047: Fix MV3 popout focus check using wrong uilocation filter
The TAB context filter was checking for `uilocation=sidebar` instead of
`uilocation=popout`. In MV3, sidebars are SIDE_PANEL contexts (already
handled above), so this filter never matched, causing focused popout
windows to be silently ignored and the vault to timeout while a user was
actively viewing one.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Rename isViewOpen to isViewFocused for semantic accuracy
The variable and parameter previously named isViewOpen reflected
the old "is any view open?" semantics. After the refactor to
isAnyViewFocused(), the naming is updated to match the actual
behavior: checking whether a view is focused, not merely open.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* Add state- and key-definitions for persisting serverCommunicationConfig(s)
* Add implementation of the SDK-defined ServerCommunicationConfigRepository
* Add ServerCommunicationConfigService
* Add state- and key-definitions for persisting serverCommunicationConfig(s)
* Add implementation of the SDK-defined ServerCommunicationConfigRepository
* Add ServerCommunicationConfigService
* Fix instantiation of ServerCommunicationConfigClient due to additional dependency on ServerCommunicationConfigPlatformApi
* Fix broken tests
* Fix ts-strict error
* Call setCommunicationType when ConfigService.serverCommunicationConfig$ emits (#19218)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Move service instantiation to desktop's service.module
* Deleted unused tests
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove unused templates from desktops app.component
* Remove all unused services from ctor
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
With the replacement of the vault cipher view and add-edit views on the desktop client, we no longer require the ColorPasswordCountPipe or the ColorPasswordPipe, as these are now handled by the ColorPasswordComponent from the Bitwarden component library
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* fix: add TypeScript 5.9 type compatibility fixes for auth-owned code
Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.
* Fix type errors
* Fix test
* Fix tests
* Fix typing in auth tests
* Also change unlock service to uint8array<arraybuffer>
* Fix types
* Prettier
* Apply fixes for jest spy type
NAPI modules are all in one file. We use nested modules to define types within TypeScript namespaces, and NAPI requires nested modules to be inline due to rust proc-macro limitations.
However, we can still split these into multiple files and repeat the nested module name for the namespace.
This will improve the ability to set code ownership and navigate the data.
This PR splits the NAPI module files without further modification and assigns code ownership to @bitwarden/team-autofill-desktop-dev for the autofill, autotype and sshagent modules. I verified locally that the generated index.d.ts file does not change at all with this PR; all types are generated exactly the same.
* moved account switcher into page header
* Added 'header-actions' slot for AnonLayout
* removed 'standalone: true'
* cleanup
* more cleanup
* fixed lint error
* use 'app-avatar' in dropdown
* fixed account avatar vertical centering
* revert back to `standalone: false`
* moved new account switcher behind 'desktop-ui-migration-milestone-4' FF
* - added to default FF
- fixed template formatting
- removed type of 'configService'
- renamed to 'account-switcher-v2'
* fixed test
* moved 'account-switcher-v2' into '/auth'
* updated class and style from 'v3' to 'v2'
* removed ts-strict-ignore
* added back `ts-strict-ignore`
* added `aria-label` to `bit-avatar`
* fixed page load issue after clearing local session data
* fixed 'Access denied' toast appearing when milestone4 FF is false
* fixed new account switcher missing from 'locked vaults' and other 'AnonLayouts'
* fixed styles for non-logged in account-switcher button
* fixed duplicate account switcher bug
* lint fix
* updated 'account switcher' anon layout styles/colors
* fixed color from `bg-brand-strong` to `bg-brand`
---------
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>