Commit Graph

973 Commits

Author SHA1 Message Date
Leslie Xiong
44bdaf71b3
Desktop/pm 18769/migrate vault filters (#17919)
Migrated vault filters to new v3 vault's navigation

* Decoupled existing vault filtering from vault component by using routed params with routed-vault-filter-bridge
* Converted vault filters to standalone components
* Removed extending filter Base Components from deprecated /libs/angular library and handled logic directly
* Moved shared 'models' and 'services' directories from web-vault into /libs/vault
2026-01-15 16:17:00 +01:00
bmbitwarden
27d43c500f
PM-28183 implemented new sends filter and search design (#17901)
* PM-28183 implemented new sends filter and search design

* PM-28183 resolved table issue fallout from merge conflict

* PM-28183 resolved browser paste url issue

* PM-28183 put new feature behind feature flag

* PM-28183 resolved feature flag

* PM-28183 resolved type-safe approach pr comment

* PM-28183 resolved DesktopSendUIRefresh feature flag is enabled. pr comment

* PM-28183 restored SendUIRefresh

* PM-28183 resolved query parameter subscription pr comment

* PM-28183 resolved pr comment re enum like objects

* PM-28183 resolved remove enum like objects  pr comment

* PM-28183 resolved pr comment re defining filteredSends member variable

* PM-28183 resolved pr comment re Code Duplication in syncCompleted Handler

* PM-28183 resolved pr comment re Floating Promise

* PM-28183 restored feature flag

* PM-28183 resolved pr comment re Dual Binding Pattern

* PM28183 resolved options cell button pr comment

* PM 28183 resolved pr comment re Incorrect CSS Class - Breaking Layout

* PM 28183 resolved pr comment re uery Param Update Causes Redundant Filter Application

* PM-28183 resolved lint issues

* PM 28183 resolved lint issues

* PM-28183 resolved type issue with import

* PM-28183 resolved import in failling test

* chore: rerun web build

* PM-28183 resolved build issues

* PM-28183 resolved build issues

* PM-28183 resolved lint issues
2026-01-12 13:26:50 -05:00
Stephon Brown
3707a6fc84
billing(fix): add initial focus to upgrade button (#18184) 2026-01-12 10:44:19 -06:00
Jason Ng
00882c331a
[PM-30611] show deleted archived items in trash (#18272) 2026-01-09 15:39:18 -05:00
Brandon Treston
bb318ee22e
Ac/pm 26364 extension UI for auto confirm (#17258)
* create nav link for auto confirm in settings page

* wip

* WIP

* create auto confirm library

* migrate auto confirm files to lib

* update imports

* fix tests

* fix nudge

* cleanup, add documentation

* clean up

* cleanup

* fix import

* fix more imports

* add tests

* design changes

* fix tests

* fix tw issue

* fix typo, add tests

* CR feedback

* more clean up, fix race condition

* CR feedback, cache policies, refactor tests

* run prettier with updated version

* clean up duplicate logic

* clean up

* fix test

* add missing prop for test mock

* clean up
2026-01-07 15:27:41 -05:00
Bernd Schoolmann
c2d42f286e
Add error toast for upgrade encryption step (#18161) 2026-01-07 16:20:23 +01:00
rr-bw
d6b23670aa
feat(auth-request-answering): [Auth / PM-26209] Use AuthRequestAnsweringService on Desktop (#16906)
Update Desktop to use the AuthRequestAnsweringService, bringing it into feature parity with the Extension.
2026-01-06 13:48:07 -08:00
Vincent Salucci
86764d807a
[PM-22434] Remove CreateDefaultLocation feature flag references and definition (#18057)
* chore: remove ff from vault-popup-list-filters.service, refs PM-22434

* chore: remove ff from confirm.command, refs PM-22434

* chore: remove ff from bulk-confirm-dialog.component, refs PM-22434

* chore: remove ff from member-actions.service and clean up leftover imports, refs PM-22434

* chore: remove ff from policy-edit-dialog.component, refs PM-22434

* chore: remove ff from organization-data-ownership.component, refs PM-22434

* chore: remove ff from vnext-organization-data-ownership.component, refs PM-22434

* chore: remove ff from vault-filter.service, refs PM-22434

* chore: remove ff from vault-filter.service (libs), refs PM-22434

* chore: remove ff from export.component, refs PM-22434

* chore: update observeMyItemsExclusionCriteria method documentation comments, refs PM-22434

* chore: remove ff from item-details-section.component, refs PM-22434

* chore: remove ff definition, refs PM-22434

* fix: remove configService from superclasses, refs PM-22434

* chore: update injection for VaultPopupListFilters service instantiation, refs PM-22434

* chore: update ConfirmCommand instantiation, refs PM-22434

* chore: update import order in member-actions.service, refs PM-22434

* fix: constructor argument update to amend merge conflict, refs PM-22434

* chore: remove unnecessary feature flag related tests for confirm user, refs PM-22434

* fix: remove unused services from member-actions.service.spec, refs PM-22434
2026-01-05 16:25:57 -06:00
Maciej Zieniuk
7fa1a6f07f
[PM-27236] account registration v2 for key connector (#17951)
* account registration v2 for key connector

* explicit naming

* test coverage

* missing AccountCryptographicStateService and DI dependencies

* redundant SdkLoadService.Ready

* update sdk version
2025-12-31 11:04:54 +01:00
Shane Melton
696c53fac7
[PM-29209] Fix persistent browser settings berry (#18113)
* [PM-29209] Introduce new autofill nudge service specific to the Browser client

* [PM-29209] Cleanup redundant browser setting checks

* [PM-29209] Ensure nudge is dismissed on nudge button click

* [PM-29209] Add spec file for browser autofill nudge service

* [PM-29209] Cleanup settings-v2 spec file
2025-12-29 16:41:42 -08:00
Dave
0064f18ccd
fix(set-initial-password) [PM-28494]: Newly created master password not accepted on unlock until after re-login on browser extension (#17930)
* fix(set-initial-password-service) [PM-28494]: Update MP data and decryption property sets to accommodate legacy and new paths for service.

* fix(set-initial-password-component) [PM-28494]: Add salt and mp data to credentials object.

* refactor(set-initial-password-service) [PM-28494]: Additional comments.

* test(set-initial-password-service) [PM-28494]: Update tests for added credential members.
2025-12-19 14:56:13 -05:00
Bernd Schoolmann
ea45c5d3c0
[PM-27315] Add account cryptographic state service (#17589)
* Update account init and save signed public key

* Add account cryptographic state service

* Fix build

* Cleanup

* Fix build

* Fix import

* Fix build on browser

* Fix

* Fix DI

* Fix

* Fix

* Fix

* Fix

* Fix

* Fix test

* Fix desktop build

* Fix

* Address nits

* Cleanup setting private key

* Add tests

* Add tests

* Add test coverage

* Relative imports

* Fix web build

* Cleanup setting of private key
2025-12-17 22:04:08 +01:00
Bernd Schoolmann
4846d217a9
[PM-28901] Fix master key not being set to state after kdf update (#17990)
* Fix master key not being set to state after kdf update

* Fix cli build

* Fix test error

* Fix hash purpose

* Add test for master key being set

* Fix incorrect variable name
2025-12-17 10:57:24 +01:00
Bernd Schoolmann
1edff74b30
Use proof of decryption (#17903) 2025-12-15 18:36:16 +01:00
Todd Martin
27d82aaf28
feat(accounts): Add creationDate of account to AccountInfo
* Add creationDate of account to AccountInfo

* Added initialization of creationDate.

* Removed extra changes.

* Fixed tests to initialize creation date

* Added helper method to abstract account initialization in tests.

* More test updates.

* Linting

* Additional test fixes.

* Fixed spec reference

* Fixed imports

* Linting.

* Fixed browser test.

* Modified tsconfig to reference spec file.

* Fixed import.

* Removed dependency on os.  This is necessary so that the @bitwarden/common/spec lib package can be referenced in tests without node.

* Revert "Removed dependency on os.  This is necessary so that the @bitwarden/common/spec lib package can be referenced in tests without node."

This reverts commit 669f6557b6.

* Updated stories to hard-code new field.

* Removed changes to tsconfig

* Revert "Removed changes to tsconfig"

This reverts commit b7d916e8dc.
2025-12-12 10:03:31 -05:00
Daniel James Smith
458da1adc0
[PM-29565] Delete deprecated callout component (#17895)
* Replace usages of app-callout with bit-callout

* Delete callout.component

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-12-11 14:38:33 +01:00
Bernd Schoolmann
bcc2bda417
Fix kdf prompt not working on browser (#17902) 2025-12-11 14:29:48 +01:00
Bernd Schoolmann
51d29f777e
[PM-24353] Drop legacy pin support (#17328)
* Drop legacy pin support

* Fix cli build

* Fix browser build

* Remove pin key

* Fix comment

* Fix CI / tests

* Add migration to remove key

* Inline export key

* Extract vault export key generation

* Cleanup

* Add migrator

* Fix mv2 build
2025-12-11 13:01:09 +01:00
Thomas Avery
fe4895d97e
[PM-28264] Consolidate and update the UI for key connector migration/confirmation (#17642)
* Consolidate the RemovePasswordComponent

* Add getting confirmation details for confirm key connector

* Add missing message
2025-12-10 15:24:20 -06:00
renovate[bot]
7f892cf26a
[deps] Autofill: Update prettier to v3.7.3 (#17853)
* [deps] Autofill: Update prettier to v3.6.2

* fix: [PM-23425] Fix prettier issues related to dependency updte

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* [deps] Autofill: Update prettier to v3.6.2

* [deps] Autofill: Update prettier to v3.7.3

* [PM-29379] Fix prettier issues found with the updated Prettier 3.7.3

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

---------

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ben Brooks <bbrooks@bitwarden.com>
2025-12-10 10:57:36 -06:00
Alex
5dbcb18b6a
[PM-25037] add optional size input to app-vault-icon to prevent zoom issues (#17640) 2025-12-09 12:16:21 -05:00
Kyle Denney
bbf9157ec0
[PM-24581] new styling for premium badge (#17793)
* [PM-24581] new styling for premium badge

* stories file

* translations for browser and desktop

* design review feedback

* color fixes, thanks claude
2025-12-09 09:27:37 -06:00
Kyle Denney
dfe2e283a0
[PM-29138] fix defect with pricing service on self host (#17819)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
* [PM-29138] fix defect with pricing service on self host

* use iscloud instead of manually checking region

* fixing strict compile issues

* spacing updates from design review

* final spacing edits

* pr feedback

* typechecking
2025-12-08 19:24:37 -06:00
Maciej Zieniuk
bbea11388a
[PM-26057] Enforce session timeout policy (#17424)
* enforce session timeout policy

* better angular validation

* lint fix

* missing switch break

* fallback when timeout not supported with highest available timeout

* failing unit tests

* incorrect policy message

* vault timeout type adjustments

* fallback to "on browser refresh" for browser, when policy is set to "on system locked", but not available (Safari)

* docs, naming improvements

* fallback for current user session timeout to "on refresh", when policy is set to "on system locked", but not available.

* don't display policy message when the policy does not affect available timeout options

* 8 hours default when changing from non-numeric timeout to Custom.

* failing unit test

* missing locales, changing functions access to private, docs

* removal of redundant magic number

* missing await

* await once for available timeout options

* adjusted messaging

* unit test coverage

* vault timeout numeric module exports

* unit test coverage
2025-12-05 14:55:59 +01:00
Nick Krantz
dab1a37bfe
PM-24535 Web premium upgrade path for archive (#16854)
* add premium badge to web filter when the user does not have access to premium

* remove feature flag pass through in favor of showing/hiding archive vault observable

* refactor archive observable to be more generic

* add archive premium badge for the web

* show premium badge inline for archive filter

* show premium subscription ended message when user has archived ciphers

* fix missing refactor

* remove unneeded can archive check

* reference observable directly

* reduce the number of firstValueFroms by combining observables into a single stream

* fix failing tests

* add import to storybook

* update variable naming for premium filters

* pass event to `promptForPremium`

* remove check for organization

* fix footer variable reference

* refactor back to `hasArchiveFlagEnabled$` - more straight forward to the underlying logic

* update archive service test with new feature flag format
2025-12-03 14:19:26 -06:00
Anders Åberg
28fbddb63f
fix(passkeys): [PM-28324] Add a guard that conditionally forces a popout depending on platform
* Add a guard that conditionally forces a popout depending on platform

* Test the routeguard

* Use mockImplementation instead.

* autoclose popout
2025-12-03 14:40:55 -05:00
Bernd Schoolmann
6e2203d6d4
[PM-18026] Implement forced, automatic KDF upgrades (#15937)
* Implement automatic kdf upgrades

* Fix kdf config not being updated

* Update legacy kdf state on master password unlock sync

* Fix cli build

* Fix

* Deduplicate prompts

* Fix dismiss time

* Fix default kdf setting

* Fix build

* Undo changes

* Fix test

* Fix prettier

* Fix test

* Update libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Only sync when there is at least one migration

* Relative imports

* Add tech debt comment

* Resolve inconsistent prefix

* Clean up

* Update docs

* Use default PBKDF2 iteratinos instead of custom threshold

* Undo type check

* Fix build

* Add comment

* Cleanup

* Cleanup

* Address component feedback

* Use isnullorwhitespace

* Fix tests

* Allow migration only on vault

* Fix tests

* Run prettier

* Fix tests

* Prevent await race condition

* Fix min and default values in kdf migration

* Run sync only when a migration was run

* Update libs/common/src/key-management/encrypted-migrator/default-encrypted-migrator.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Fix link not being blue

* Fix later button on browser

---------

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
2025-12-03 19:04:18 +01:00
Stephon Brown
a9bf66e689
[PM-27600] Replace Hard-Coded Storage amount (#17393)
* feat(billing): add provided as a required property to premium response

* fix(billing): replace hard coded storage variables with retrieved plan

* tests(billing): add tests to pricing-summary service

* feat(billing): add optional property.

* fix(billing): update storage logic

* fix(billing): remove optional check

* fix(billing): remove optionality

* fix(billing): remove optionality

* fix(billing): refactored storage calculation logic

* feat(billing): add provided amounts to subscription-pricing-service

* fix(billing): update cloud premium component

* fix(billing): update desktop premium component

* fix(billing): update org plans component

* fix(billing) update stories and tests

* fix(billing): update messages

* fix(billing): replace storage sizes

* fix(billing): update messages

* fix(billing): update components

* fix(billing): update components for pricing and storage retrieval

* fix(billing): revert self-hosted change
2025-12-02 10:49:55 -05:00
Vicki League
10424e227b
[CL-717][PM-27966] Update to Angular 20 and Storybook 9 (#17638) 2025-12-01 14:15:58 -05:00
Brandon Treston
b9d5724312
[PM-24011] Add handler for new policy sync push notification (#17465)
* add handler for new policy sync push notification

* fix story book build failure

* move logic into policy service, fix tests

* add account service

* add missing service to clie
2025-12-01 10:21:48 -05:00
Jordan Aasen
598bb0b0d7
[PM-23384] - adjust copy for monthly price in Premium Upgrade dialog (#17668)
* adjust copy for month/annual price

* use i18n pipe

* remove annually key

* change per month to month
2025-11-26 20:34:58 +00:00
Bernd Schoolmann
5c7e78a80f
[PM-27835] Implement register SDK service (#17632)
* Implement register SDK service

* Relative import

* Relative import

* Rename to registerClient

* Update libs/common/src/platform/abstractions/sdk/register-sdk.service.ts

Co-authored-by: Derek Nance <dnance@bitwarden.com>

* Rename

---------

Co-authored-by: Derek Nance <dnance@bitwarden.com>
2025-11-26 15:47:20 +01:00
Nick Krantz
273f04c6a3
[PM-26513] Desktop Archive Upgrade (#16964)
* always shows desktop archive filter regardless of the users premium status

* include spec files in tsconfig

* add upgrade path for desktop

* combine duplicate class instances

* remove optional chaining

* update tests to avoid null assertions

* add test files to the spec tsconfig

* implement signal for premium badge component

* remove badge template reference
2025-11-25 15:12:20 -06:00
Dave
cf6569bfea
feat(user-decryption-options) [PM-26413]: Remove ActiveUserState from UserDecryptionOptionsService (#16894)
* feat(user-decryption-options) [PM-26413]: Update UserDecryptionOptionsService and tests to use UserId-only APIs.

* feat(user-decryption-options) [PM-26413]: Update InternalUserDecryptionOptionsService call sites to use UserId-only API.

* feat(user-decryption-options) [PM-26413] Update userDecryptionOptions$ call sites to use the UserId-only API.

* feat(user-decryption-options) [PM-26413]: Update additional call sites.

* feat(user-decryption-options) [PM-26413]: Update dependencies and an additional call site.

* feat(user-verification-service) [PM-26413]: Replace where allowed by unrestricted imports invocation of UserVerificationService.hasMasterPassword (deprecated) with UserDecryptionOptions.hasMasterPasswordById$. Additional work to complete as tech debt tracked in PM-27009.

* feat(user-decryption-options) [PM-26413]: Update for non-null strict adherence.

* feat(user-decryption-options) [PM-26413]: Update type safety and defensive returns.

* chore(user-decryption-options) [PM-26413]: Comment cleanup.

* feat(user-decryption-options) [PM-26413]: Update tests.

* feat(user-decryption-options) [PM-26413]: Standardize null-checking on active account id for new API consumption.

* feat(vault-timeout-settings-service) [PM-26413]: Add test cases to illustrate null active account from AccountService.

* fix(fido2-user-verification-service-spec) [PM-26413]: Update test harness to use FakeAccountService.

* fix(downstream-components) [PM-26413]: Prefer use of the getUserId operator in all authenticated contexts for user id provided to UserDecryptionOptionsService.

---------

Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2025-11-25 11:23:22 -05:00
Jordan Aasen
43fd99b002
[PM-24722][PM-27695] - add persistent callout in settings for non-premium users (#17246)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
* add persistent callout in settings for non-premium users

* remove premium v2 component

* add spec

* remove premium-v2.component.html

* fix title

* fix typo

* conditionally render h2

* re-add pemiumv2component. change class prop to observable

* change from bold to semibold

* remove unecessary tw classes. use transform: booleanAttribute

* add spotlight specs

* code cleanup
2025-11-24 13:49:05 -08:00
Oscar Hinton
4c36a46ef2
Enable directive-class-suffix (#17385) 2025-11-24 18:03:16 +01:00
Dave
daf7b7d2ce
fix(two-factor) [PM-21204]: Users without premium cannot disable premium 2FA (#17134)
* refactor(two-factor-service) [PM-21204]: Stub API methods in TwoFactorService (domain).

* refactor(two-factor-service) [PM-21204]: Build out stubs and add documentation.

* refactor(two-factor-service) [PM-21204]: Update TwoFactorApiService call sites to use TwoFactorService.

* refactor(two-fatcor) [PM-21204]: Remove deprecated and unused formPromise methods.

* refactor(two-factor) [PM-21204]: Move 2FA-supporting services into common/auth/two-factor feature namespace.

* refactor(two-factor) [PM-21204]: Update imports for service/init containers.

* feat(two-factor) [PM-21204]: Add a disabling flow for Premium 2FA when enabled on a non-Premium account.

* fix(two-factor-service) [PM-21204]: Fix type-safety of module constants.

* fix(multiple) [PM-21204]: Prettier.

* fix(user-verification-dialog) [PM-21204]: Remove bodyText configuration for this use.

* fix(user-verification-dialog) [PM-21204]: Improve the error message displayed to the user.
2025-11-21 10:35:34 -05:00
Kyle Denney
fde1e26ad9
[PM-28370] fix defect for self-hosted metadata (#17464) 2025-11-18 15:24:36 -06:00
Jordan Aasen
670f3514ba
[PM-23384] - Browser extension spotlight directing to Premium signup in web (#17343)
* premium upgrade nudge

* add specs

* clean up vault template and specs

* fix date comparison. add more specs for date

* fix spec

* fix specs

* make prop private
2025-11-17 12:36:37 -08:00
Andreas Coroiu
ed2d8b9549
[PM-18046] Implement session storage (#17346)
* feat: add support for IPC client managed session storage

* feat: update SDK

* fix: using undecorated service in jslib module directly

* feat: add test case for web

* chore: document why we use any type

* fix: `ipc` too short

* typo: omg

* Revert "typo: omg"

This reverts commit 559b05eb5a.

* Revert "fix: `ipc` too short"

This reverts commit 35fc99e10b.

* fix: use camelCase
2025-11-14 08:51:38 +01:00
Mark Youssef
a55d0f02f2
[CL-672] update mobile design of dialog (#14828)
---------

Co-authored-by: Vicki League <vleague@bitwarden.com>
2025-11-13 21:59:03 -05:00
Thomas Avery
35f35c4361
[PM-26498] Add proofOfDecryption method to MasterPasswordUnlockService (#17322)
* Add proofOfDecryption method to MasterPasswordUnlockService
2025-11-13 14:06:56 -06:00
Thomas Avery
cfe2458935
[PM-24107] Migrate KM's usage of getUserKey from the key service (#17117)
* Remove internal use of getUserKey in the key service

* Move ownership of RotateableKeySet and remove usage of getUserKey

* Add input validation to createKeySet
2025-11-13 10:07:13 -06:00
Kyle Denney
f7899991a0
[PM-23713] always append query param to premium redirect (#17240) 2025-11-10 09:51:51 -06:00
Vicki League
c404ee210b
[PM-26984] Use medium instead of semibold or bold (#17191) 2025-11-06 11:27:46 -05:00
Vicki League
7cbfcd23a8
[PM-26984] Use medium instead of semibold or bold (#17194) 2025-11-06 09:09:17 -06:00
Bernd Schoolmann
3125f679d3
[PM-25206] Inject service instead of passing as param (#16801)
* Inject service instead of passing as param

* [PM-25206] Move locking logic to LockService (#16802)

* Move locking logic to lock service

* Fix tests

* Fix CLI

* Fix test

* FIx safari build

* Update call to lock service

* Remove locked callback

* Clean up lock service logic

* Add tests

* Fix cli build

* Add extension lock service

* Fix cli build

* Fix build

* Undo ac changes

* Undo ac changes

* Run prettier

* Fix build

* Remove duplicate call

* [PM-25206] Remove VaultTimeoutService lock logic (#16804)

* Move consumers off of vaulttimeoutsettingsservice lock

* Fix build

* Fix build

* Fix build

* Fix firefox build

* Fix test

* Fix ts strict errors

* Fix ts strict error

* Undo AC changes

* Cleanup

* Fix

* Fix missing service
2025-11-05 17:11:34 +01:00
Vicki League
9bd7b58f6b
[PM-26984] Use medium instead of semibold or bold (#17188) 2025-11-04 15:27:13 -05:00
Shane Melton
7e5f02f90c
[PM-24469] Implement Risk Insights for Premium in Cipher view component (#17012)
* [PM-24469] Refactor CipherViewComponent to use Angular signals and computed properties for improved reactivity

* [PM-24469] Refactor CipherViewComponent to utilize Angular signals for organization data retrieval

* [PM-24469] Refactor CipherViewComponent to utilize Angular signals for folder data retrieval

* [PM-24469] Cleanup organization signal

* [PM-24469] Refactor CipherViewComponent to replace signal for card expiration with computed property

* [PM-24469] Improve collections loading in CipherViewComponent

* [PM-24469] Remove redundant loadCipherData method

* [PM-24469] Refactor CipherViewComponent to replace signal with computed property for pending change password tasks

* [PM-24469] Refactor LoginCredentialsViewComponent to rename hadPendingChangePasswordTask to showChangePasswordLink for clarity

* [PM-24469] Introduce showChangePasswordLink computed property for improved readability

* [PM-24469] Initial RI for premium logic

* [PM-24469] Refactor checkPassword risk checking logic

* [PM-24469] Cleanup premium check

* [PM-24469] Cleanup UI visuals

* [PM-24469] Fix missing typography import

* [PM-24469] Cleanup docs

* [PM-24469] Add feature flag

* [PM-24469] Ensure password risk check is only performed when the feature is enabled, and the cipher is editable by the user, and it has a password

* [PM-24469] Refactor password risk evaluation logic and add unit tests for risk assessment

* [PM-24469] Fix mismatched CipherId type

* [PM-24469] Fix test dependencies

* [PM-24469] Fix config service mock in emergency view dialog spec

* [PM-24469] Wait for decrypted vault before calculating cipher risk

* [PM-24469] startWith(false) for passwordIsAtRisk signal to avoid showing stale values when cipher changes

* [PM-24469] Exclude organization owned ciphers from JIT risk analysis

* [PM-24469] Add initial cipher-view component test boilerplate

* [PM-24469] Add passwordIsAtRisk signal tests

* [PM-24469] Ignore soft deleted items for RI for premium feature

* [PM-24469] Fix tests
2025-11-04 12:15:53 -08:00
rr-bw
5c33b2dc89
(Billing) [PM-27562] Create PremiumInterestStateService (#17139)
Creates a `PremiumInterestStateService` that manages state which conveys whether or not a user intends to setup a premium subscription. Implemented in Web only. No-op for other clients.

This will apply for users who began the registration process on https://bitwarden.com/go/start-premium/, which is a marketing page designed to streamline users who intend to setup a premium subscription after registration.
2025-11-03 14:42:21 -08:00
Kyle Denney
e1e3966cc2
[PM-23713] premium badge interaction (#16911)
* feature flag

* new upgrade dialog component and moved pricing service into libs

first draft

* moved pricing service to libs/common

removed toast service from the pricing service and implemented error handling in calling components

# Conflicts:
#	apps/web/src/app/billing/individual/upgrade/upgrade-payment/upgrade-payment.component.ts

* moved new premium upgrade dialog component to libs/angular

* badge opens new dialog in browser extension

* adds new dialog to desktop and fixes tests

* updates send dropdown to use premium prompt service

* styling and copy updates

* implement in web and desktop

* unit tests

* converting premium reports to use premium badge, and some cleanup

* fixes issue after merge

* linter errors

* pr feedback

* handle async promise correctly

* full sync after the premium upgrade is complete

* fixing test

* add padding to bottom of card in new dialog

* add support for self hosting

* fixing tests

* fix test

* Update has-premium.guard.ts

* pr feedback

* fix build and pr feedback

* fix build

* prettier

* fixing stories and making badge line height consistent

* pr feedback

* updated upgrade dialog to no longer use pricing card

* fixing incorrect markup and removing unused bits

* formatting

* pr feedback

removing unused message keys and adding back in code that was erroneously removed

* change detection

* close dialog when error

* claude pr feedback
2025-11-03 10:16:01 -06:00
Andreas Coroiu
48fb8b2bfe
[PM-25250] Prevent configuration and access of self hosted urls over http (#17095)
* feat: ban urls not using https

* feat: add exception for dev env

* feat: block fetching of insecure URLs

* feat: add exception for dev env

* feat: block notifications from using insecure URL

* fix: bug where submission was possible regardless of error

* feat: add exception for dev env

* fix: missing constructor param
2025-10-31 08:12:44 +01:00
Jared Snider
a1570fc8b1
feat(AuthRouteConstants): [Auth/PM-27370] Convert auth routes to use constants (#16980)
* PM-22663 WIP on auth route constants

* PM-22663 - Convert desktop & extension to use constants - first pass

* PM-22663 - Further clean up

* PM-22663 - catch more missed routes

* PM-22663 - add barrel files

* PM-22663 - Per PR feedback, add missing as const

* PM-22663 - Per PR feedback and TS docs, use same name for const enum like and derived type. Adjusted filenames to be singular.

* PM-22663 - Per PR feedback update desktop app routing module since auto rename didn't update it for whatever reason.
2025-10-29 19:28:21 -04:00
Oscar Hinton
d85b9986d0
[CL-901] [CL-903] Unowned - Prefer signal & change detection (#16949) 2025-10-29 13:42:19 -05:00
Brandon Treston
c1a988c2ab
fix DI (#17076) 2025-10-28 12:25:56 -04:00
Oscar Hinton
af6e19335d
Vault - Prefer signal & change detection (#16947) 2025-10-27 11:13:11 -04:00
Oscar Hinton
abc6e54bb9
Platform - Prefer signal & change detection (#16946) 2025-10-27 09:13:17 -05:00
Oscar Hinton
e3f943364f
Billing - Prefer signal & change detection (#16944) 2025-10-23 15:02:01 -05:00
Bernd Schoolmann
7e7107f165
[PM-27221] Update legacy kdf state on master password unlock sync (#16966)
* Update legacy kdf state on master password unlock sync

* Fix cli build

* Fix

* Fix build

* Fix cli

* Fix browser
2025-10-23 11:38:10 +02:00
Oscar Hinton
29dccd6352
Auth - Prefer signal & change detection (#16950)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
2025-10-22 21:28:47 -04:00
Bernd Schoolmann
5a307633bb
[PM-26778] Make VaultTimeoutService use LogoutService (#16820)
* Make vaulttimeoutservice use logoutservice

* Fix browser build

* Fix mv3 build

* Fix lint
2025-10-21 10:24:52 -05:00
Oscar Hinton
f23f3f87bd
Tools - Prefer signal & change detection (#16941) 2025-10-21 15:49:22 +02:00
Nick Krantz
22eb49aed1
[PM-19337] Desktop Archive (#16787)
* fix typescript errors

* add archive filter to desktop

* exclude archive items from search

* add left click menu options for archive

* add MP prompt checks for archive/unarchive

* assure that a cipher cannot be assigned to collections when archived

* move cipher from archive vault if a user loses premium

* ensure clone only shows when archive is active

* refactor right side footer actions to getter so it can be expanded

* add confirmation prompt for archiving cipher

* add utility service for archiving/unarchiving a cipher

* add archive/unarchive ability to footer of desktop

* add tests for utilities service

* handle null emission of `cipherViews$`

* use active user id directly from activeAccount

* remove unneeded load of vault items

* refresh internal cipher when archive is toggled - forcing the footer view to update

* refresh current cipher when archived from the left-click menu

* only show archive for viewing a cipher

* add cipher form tests

* clear archive date when soft deleting

* update success messages

* remove archive date when cloning

* fix crowdin message swap

* fix test

* move MP prompt before archive prompt - match PM-26994

* fix failing test

* add optional chaining

* move template logic into class

* condense logic

* `unArchive`
2025-10-20 10:04:32 -05:00
Bernd Schoolmann
fa584f76b4
[PM-24683] Move change kdf service to SDK implementation (#16001)
* Add new mp service api

* Fix tests

* Add test coverage

* Add newline

* Fix type

* Rename to "unwrapUserKeyFromMasterPasswordUnlockData"

* Fix build

* Fix build on cli

* Fix linting

* Re-sort spec

* Add tests

* Fix test and build issues

* Fix build

* Clean up

* Remove introduced function

* Clean up comments

* Fix abstract class types

* Fix comments

* Cleanup

* Cleanup

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/services/master-password.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add comments

* Fix build

* Add arg null check

* Cleanup

* Fix build

* Fix build on browser

* Implement KDF change service

* Deprecate encryptUserKeyWithMasterKey

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for null params

* Fix builds

* Cleanup and deprecate more functions

* Fix formatting

* Prettier

* Clean up

* Update libs/key-management/src/abstractions/key.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Make emailToSalt private and expose abstract saltForUser

* Add tests

* Add docs

* Fix build

* Fix tests

* Fix tests

* Address feedback and fix primitive obsession

* Consolidate active account checks in change kdf confirmation component

* Update libs/common/src/key-management/kdf/services/change-kdf-service.spec.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add defensive parameter checks

* Add tests

* Add comment for follow-up epic

* Move change kdf service, remove abstraction and add api service

* Fix test

* Drop redundant null check

* Address feedback

* Add throw on empty password

* Fix tests

* Mark change kdf service as internal

* Add abstract classes

* Switch to abstraction

* Move change kdf to sdk

* Update tests

* Fix tests

* Clean up sdk mapping

* Clean up tests

* Check the argument to make_update_kdf

* Fix mock data

* Fix tests

* Fix relative imports

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-10-20 10:37:19 +00:00
Maciej Zieniuk
8f0d509682
[PM-24377] Use PureCrypto for decryptUserKeyWithMasterKey on the master password service (#16522)
* use PureCrypto in master password service decryptUserKeyWithMasterKey

* test for legacy AES256-CBC

* update SDK version to include the `PureCrypto.decrypt_user_key_with_master_key`

* change from integration to unit tests, use fake state provider
2025-10-17 12:28:38 -05:00
Ben Brooks
91a661a025
feat(policies): PM-19311 Enforce URI Match Defaults organization policy (#16430)
* feat(policies): Add URI Match Default Policy enum

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* feat(policies): Add logic to read and set the default from policy data

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* In settings, set default, disable select and display hint

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Move applyUriMatchPolicy to writeValue function

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Remove code to disable individual options because we're disabling the entire select

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* WiP move resolved defaultUriMatch to Domain Settings Service

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Address local test failures related to null observables

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* add missing services

* Fix test to use new resolvedDefaultUriMatchStrategy$

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Move definition of defaultMatchDetection$ out of constructor

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Update cipher form story to use resolvedDefaultUriMatchStrategy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'pm-19310-uri-match-policy' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Fix incomplete storybook mock in cipher form stories

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add I18n key description

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add comment regarding potential memory leak in domain settings service

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add explicit check for null policy data

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add explicit check for undefined policy data

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'pm-19310-uri-match-policy' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add shareReplay to address potential memory leak

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'pm-19310-uri-match-policy' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Remove outdated comment

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Improve type safety/validation and null checks in DefaultDomainSettingsService

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

---------

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com>
2025-10-17 07:58:17 -07:00
Bernd Schoolmann
a860f218bd
[PM-24128] New Pin service, using PasswordProtectedKeyEnvelope (#15863)
* fix: broken SDK interface

* Fix all compile errors related to uuids

* Update usages of sdk to type-safe SDK type

* Update sdk version

* Update to "toSdk"

* Move pin service to km ownership

* Run format

* Eslint

* Fix tsconfig

* Fix imports and test

* Clean up imports

* Pin tmp

* Initial version of updated pin service

* Add tests

* Rename function

* Clean up logging

* Fix imports

* Fix cli build

* Fix browser desktop

* Fix tests

* Attempt to fix

* Fix build

* Fix tests

* Fix browser build

* Add missing empty line

* Fix linting

* Remove non-required change

* Missing newline

* Re-add comment

* Undo change to file

* Fix missing empty line

* Cleanup

* Cleanup

* Cleanup

* Cleanup

* Switch to replaysubject

* Add comments

* Fix tests

* Run prettier

* Undo change

* Fix browser

* Fix circular dependency on browser

* Add missing clear ephemeral pin

* Address feedback

* Update docs

* Simplify sdk usage in pin service

* Replace with mock sdk

* Update sdk

* Initialize pin service via unlock instead of listening to keyservice

* Cleanup

* Fix test

* Prevent race condition with userkey not being set

* Filter null userkeys

* [PM-24124] Pin State Service (#16641)

* add pin-state.service

* add remaining tests

* improve description for clearEphemeralPinState

* rename getUserKeyWrappedPin$ to userKeyWrappedPin$

* drop temp variable in setPinState

* add new test and remove copied one

* Fix dep cycle

* Fix tests and remaining build issues

* Fix cli build

* Add comments about functions not being public API

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
2025-10-17 16:30:29 +02:00
Patrick-Pimentel-Bitwarden
94cb1fe07b
feat(auth-tech-debt): [PM-24103] Remove Get User Key to UserKey$ (#16589)
* fix(auth-tech-debt): [PM-24103] Remove Get User Key to UserKey$ - Fixed and updated tests.

* fix(auth-tech-debt): [PM-24103] Remove Get User Key to UserKey$ - Fixed test variable being made more vague.
2025-10-16 14:30:10 -04:00
Dave
7943066724
Reapply feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Service (#16856) (#16884)
This reverts commit d082d336e7.
Feature branch was accidentally merged before QA testing completed.
2025-10-15 16:24:56 -04:00
Thomas Avery
aa9a276591
[PM-23246] Add unlock with master password unlock data for lock component (#16204)
* Add unlocking with MasterPasswordUnlockData for angular lock component
2025-10-15 11:56:46 -05:00
Will Martin
0713f90a06
[PM-25871] updated phishing warning UI (#16748)
* refactor phishing-warning.component

* add hideBackground input to anon-layout component

* add icon tile component to CL

* add storybook story; fix binding bug in template

* export icon-tile from CL

* update design of phishing warning page

* revert icon button to use string type; add comment to icon scss

* update callout to allow no icon/title on all variants

* update phishing warning styles

* fix defects

* crowdin messages cannot be changed, they must be replaced

* add global css override

* add phishing help link

* update icon used in tile

* tweak styles
2025-10-15 10:32:02 -04:00
John Harrington
64105e64e9
[PM-24105] Remove usage of getUserKey on keyService (#16626)
• prefer undefined over null
• obtain required UserId once per method, before branching
• guards moved to beginning of methods
* lift UserId retrieval to occur once during import
* remove redundant userId retrieval
2025-10-15 07:03:29 -07:00
Dave
d082d336e7
Revert "feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Se…" (#16856)
This reverts commit 886003ba88.
2025-10-13 14:22:49 -04:00
Dave
886003ba88
feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Service (#16747)
* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiServiceAbstraction.

* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiService implementation.

* feat(two-factor-api-service) [PM-26465]: Add test suite for TwoFactorApiService.

* feat(two-factor-api-service) [PM-26465]: Replace ApiService dependencies with TwoFactorApiService for all refactored methods.

* feat(two-factor-api-service) [PM-26465]: Finish removal of Two-Factor API methods from ApiService.

* fix(two-factor-api-service) [PM-26465]: Correct endpoint spelling.

* feat(two-factor-api-service) [PM-26465]: Update dependency support for CLI.

* fix(two-factor-api-service) [PM-26465]: Update tests/deps for corrected spelling.

* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiService to Browser services module.

* fix(two-factor-api-service) [PM-26465]: Re-spell dependencies to take *Abstraction throughout, move to JslibServices module for cleaner importing across clients.

* feat(two-factor-api-service) [PM-26465]: Move new services to a feature area, rename abstract and concrete/default.

* feat(two-factor-api-service) [PM-26465]: Move the feature area to common/auth, not auth/common.

* feat(two-factor-api-service) [PM-26465]: Remove now-unneeded include from auth/tsconfig.
2025-10-13 12:48:25 -04:00
Kyle Denney
6ee41343a5
[PM-25379] Refactor org metadata (#16759)
* removing unused properties from org metadata

* removing further properties from the response and replacing them with data already available

* [PM-25379] new org metadata service for new endpoint

* don't need strict ignore

* forgot unit tests

* added cache busting to metadata service

not used yet - waiting for a decision on moving a portion of this to AC
2025-10-13 10:49:52 -05:00
Bernd Schoolmann
cc8bd71775
[PM-21033/PM-22863] User Encryption v2 (#14942)
* Add new encrypt service functions

* Undo changes

* Cleanup

* Fix build

* Fix comments

* Switch encrypt service to use SDK functions

* Move remaining functions to PureCrypto

* Tests

* Increase test coverage

* Split up userkey rotation v2 and add tests

* Fix eslint

* Fix type errors

* Fix tests

* Implement signing keys

* Fix sdk init

* Remove key rotation v2 flag

* Fix parsing when user does not have signing keys

* Clear up trusted key naming

* Split up getNewAccountKeys

* Add trim and lowercase

* Replace user.email with masterKeySalt

* Add wasTrustDenied to verifyTrust in key rotation service

* Move testable userkey rotation service code to testable class

* Fix build

* Add comments

* Undo changes

* Fix incorrect behavior on aborting key rotation and fix import

* Fix tests

* Make members of userkey rotation service protected

* Fix type error

* Cleanup and add injectable annotation

* Fix tests

* Update apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove v1 rotation request

* Add upgrade to user encryption v2

* Fix types

* Update sdk method calls

* Update request models for new server api for rotation

* Fix build

* Update userkey rotation for new server API

* Update crypto client call for new sdk changes

* Fix rotation with signing keys

* Cargo lock

* Fix userkey rotation service

* Fix types

* Undo changes to feature flag service

* Fix linting

* [PM-22863] Account security state (#15309)

* Add account security state

* Update key rotation

* Rename

* Fix build

* Cleanup

* Further cleanup

* Tests

* Increase test coverage

* Add test

* Increase test coverage

* Fix builds and update sdk

* Fix build

* Fix tests

* Reset changes to encrypt service

* Cleanup

* Add comment

* Cleanup

* Cleanup

* Rename model

* Cleanup

* Fix build

* Clean up

* Fix types

* Cleanup

* Cleanup

* Cleanup

* Add test

* Simplify request model

* Rename and add comments

* Fix tests

* Update responses to use less strict typing

* Fix response parsing for v1 users

* Update libs/common/src/key-management/keys/response/private-keys.response.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/common/src/key-management/keys/response/private-keys.response.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Fix build

* Fix build

* Fix build

* Undo change

* Fix attachments not encrypting for v2 users

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
2025-10-10 23:04:47 +02:00
Oscar Hinton
095729d6fa
[PM-23189] Add client managed token provider (#15408)
* Add client managed token provider

* Change token service to accept user id

* Resolve breaking changes in the SDK

* Fix tests

* Update sdk

* Fix type

* Fix types

* Fix cli

* Fix browser

* Add optional userId to refreshIdentityToken

* Fix merge issues

* Fix tests
2025-10-08 16:47:30 -04:00
Nick Krantz
d747dc30a2
[PM-26648] Unarchive Icon (#16784)
* add unarchive icon to font

* fix cipher-form stories

* move unarchive to the proper section

* add premium icon
2025-10-08 14:14:22 -05:00
Anders Åberg
6cbdecef43
PM-13632: Enable sign in with passkeys in the browser extension for chromium browsers (#16385)
* PM-13632: Enable sign in with passkeys in the browser extension

* Refactor component + Icon fix

This commit refactors the login-via-webauthn commit as per @JaredSnider-Bitwarden suggestions. It also fixes an existing issue where Icons are not displayed properly on the web vault.

Remove old one.

Rename the file

Working refactor

Removed the icon from the component

Fixed icons not showing. Changed layout to be 'embedded'

* Add tracking links

* Update app.module.ts

* Remove default Icons on load

* Remove login.module.ts

* Add env changer to the passkey component

* Remove leftover dependencies

* use .isChromium()
2025-10-06 09:25:51 -04:00
Jordan Aasen
7a38b22667
[PM-24951] - update "My Items" icon to bwi-user (#16674)
* update "My Items" icon to bwi-user

* fix tests

* revert changse to reports. fix assign collections.

* revert remaining changes to reports
2025-10-02 14:39:13 -07:00
Jared Snider
4313dd2ecb
feat(SendAccess): [Auth/PM-22661] SendTokenService + SDK Integration (#16007)
* PM-22661 - Start bringing in code from original PR

* PM-22661 - SendTokenService - implement and test hash send password

* PM-22661 - Starting to pull in SDK state to SendTokenService

* PM-22661 - WIP on default send token service

* PM-22661 - Build out TS helpers for TryGetSendAccessTokenError

* PM-22661 - WIP

* PM-22661 - Decent progress on getting _tryGetSendAccessToken wired up

* PM-22661 - Finish service implementation (TODO: test)

* PM-22661 - DefaultSendTokenService - clear expired tokens

* PM-22661 - SendTokenService - tests for tryGetSendAccessToken$

* PM-22661 - DefaultSendTokenService - more tests.

* PM-22661 - Refactor to create domain facing type for send access creds so we can internally map to SDK models instead of exposing them.

* PM-22661 - DefaultSendTokenService tests - finish testing error scenarios

* PM-22661 - SendAccessToken - add threshold to expired check to prevent tokens from expiring in flight

* PM-22661 - clean up docs and add invalidateSendAccessToken

* PM-22661 - Add SendAccessToken tests

* PM-22661 - Build out barrel files and provide send token service in jslib-services.

* PM-22661 - Improve credential validation and test the scenarios

* PM-22661 - Add handling for otp_generation_failed

* PM-22661 - npm i sdk version 0.2.0-main.298 which has send access client stuff

* PM-22661 - Bump to latest sdk changes for send access for testing.

* PM-22661 - fix comment to be accurate

* PM-22661 - DefaultSendTokenService - hashSendPassword - to fix compile time error with passing a Uint8Array to Utils.fromBufferToB64, add new overloads to Utils.fromBufferToB64 to handle ArrayBuffer and ArrayBufferView (to allow for Uint8Arrays). Then, test new scenarios to ensure feature parity with old fromBufferToB64 method.

* PM-22661 - Utils.fromBufferToB64 - remove overloads so ordering doesn't break test spies.

* PM-22661 - utils.fromBufferToB64 - re-add overloads to see effects on tests

* PM-22661 - revert utils changes as they will be done in a separate PR.

* PM-22661 - SendTokenService tests - test invalidateSendAccessToken

* PM-22661 - DefaultSendTokenService - add some storage layer tests

* PM-22661 - Per PR feedback fix comment

* PM-22661 - Per PR feedback, optimize writes to state for send access tokens with shouldUpdate.

* PM-22661 - Per PR feedback, update clear to be immutable vs delete (mutation) based.

* PM-22661 - Per PR feedback, re-add should update for clear method.

* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

---------

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2025-10-02 08:55:04 -04:00
rr-bw
cae58232e5
feat(new-device-verification-screen): (Auth) [PM-17489] Back Button on New Device Verification Screen (#16599)
On Web and Desktop, show back button on `NewDeviceVerificationComponent` (route `/device-verification`). Do not show it on Extension, because Extension already has a back button in the header.
2025-10-01 12:57:41 -07:00
Alex Morask
d9d8050998
[PM-25463] Work towards complete usage of Payments domain (#16532)
* Use payment domain

* Fixing lint and test issue

* Fix organization plans tax issue

* PM-26297: Use existing billing address for tax calculation if it exists

* PM-26344: Check existing payment method on submit
2025-10-01 10:26:47 -05:00
Nick Krantz
727689d827
[PM-24534] Archive via CLI (#16502)
* refactor `canInteract` into a component level usage.

- The default service is going to be used in the CLI which won't make use of the UI-related aspects

* all nested entities to be imported from the vault

* initial add of archive command to the cli

* add archive to oss serve

* check for deleted cipher when attempting to archive

* add searchability/list functionality for archived ciphers

* restore an archived cipher

* unarchive a cipher when a user is editing it and has lost their premium status

* add missing feature flags

* re-export only needed services from the vault

* add needed await

* add prompt when applicable for editing an archived cipher

* move cipher archive service into `common/vault`

* fix testing code
2025-09-30 10:45:04 -04:00
Bernd Schoolmann
4b73198ce5
[PM-23230] Implement KDF Change Service (#15748)
* Add new mp service api

* Fix tests

* Add test coverage

* Add newline

* Fix type

* Rename to "unwrapUserKeyFromMasterPasswordUnlockData"

* Fix build

* Fix build on cli

* Fix linting

* Re-sort spec

* Add tests

* Fix test and build issues

* Fix build

* Clean up

* Remove introduced function

* Clean up comments

* Fix abstract class types

* Fix comments

* Cleanup

* Cleanup

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/services/master-password.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add comments

* Fix build

* Add arg null check

* Cleanup

* Fix build

* Fix build on browser

* Implement KDF change service

* Deprecate encryptUserKeyWithMasterKey

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for null params

* Fix builds

* Cleanup and deprecate more functions

* Fix formatting

* Prettier

* Clean up

* Update libs/key-management/src/abstractions/key.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Make emailToSalt private and expose abstract saltForUser

* Add tests

* Add docs

* Fix build

* Fix tests

* Fix tests

* Address feedback and fix primitive obsession

* Consolidate active account checks in change kdf confirmation component

* Update libs/common/src/key-management/kdf/services/change-kdf-service.spec.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add defensive parameter checks

* Add tests

* Add comment for follow-up epic

* Move change kdf service, remove abstraction and add api service

* Fix test

* Drop redundant null check

* Address feedback

* Add throw on empty password

* Fix tests

* Mark change kdf service as internal

* Add abstract classes

* Switch to abstraction

* use sdk EncString in MasterPasswordUnlockData

* fix remaining tests

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
2025-09-23 16:10:54 -04:00
Bryan Cunningham
9d82fc7dfc
[CL-95] loading spinner (#16363)
* add spiner from previous branch

* add loading spinner to button

* Add spinner to dialog

* Add spinner to icon button

* add spinner to multi select component

* fix spinner positioning

* Add mock i18n in stories where needed

* round stroke caps. Update classes

* fix ts error

* fix broken tests

* add missing translation keys to stories

* Add mising key for layout

* Add mising key for nav group

* Add mising key for spotlight

* Add mising key for product switcher

* Add mising key for dialog service

* add translation to copy click story
2025-09-23 15:36:18 -04:00
Jordan Aasen
6024f6eef2
[PM-25879][PM-25881] - [Defect] Premium badges missing reusable component (#16461)
* clean up premium badge component

* add provider to desktop settings

* rename prop.

* add provider to send component

* fix storybook

* fix test

* move dependency to new send dropdown component

* Revert "move dependency to new send dropdown component"

This reverts commit f134526279.

* remove hasPremium
2025-09-23 09:32:45 -07:00
rr-bw
3bbc6c564c
feat(SSO): (Auth/[PM-22110] Remove Alternate Login Options when SSO Required (#16340)
If a user is part of an org that has the `RequireSso` policy, when that user successfully logs in we add their email to a local `ssoRequiredCache` on their device. The next time this user goes to the `/login` screen on this device, we will use that cache to determine that for this email we should only show the "Use single sign-on" button and disable the alternate login buttons.

These changes are behind the flag: `PM22110_DisableAlternateLoginMethods`
2025-09-22 08:32:20 -07:00
Rui Tomé
b455cb5986
[PM-24146] Remove stateProvider.activeUserId from ProviderService (#16258)
* Refactor provider service calls to include userId parameter

- Updated multiple components and services to pass userId when fetching provider data.
- Adjusted the ProviderService interface to require userId for get, get$, and getAll methods.
- Ensured consistent handling of userId across various components, enhancing data retrieval based on active user context.

* Remove deprecated type safety comments and use the getById utility for fetching providers.

* Update ProviderService methods to return undefined for non-existent providers

- Modified the return types of get$ and get methods in ProviderService to allow for undefined values, enhancing type safety.
- Adjusted the providers$ method to return only defined Provider arrays, ensuring consistent handling of provider data.

* Enhance provider permissions guard tests to include userId parameter

- Updated test cases in provider-permissions.guard.spec.ts to pass userId when calling ProviderService methods.
- Mocked AccountService to provide active account details for improved test coverage.
- Ensured consistent handling of userId across all relevant test scenarios.

* remove promise based api's from provider service, continue refactor

* cleanup observable logic

* cleanup

---------

Co-authored-by: Brandon <btreston@bitwarden.com>
2025-09-22 11:06:28 -04:00
Jason Ng
dbec02cf8d
[PM-24533] Initialize Archive Feature (#16226)
* [PM-19237] Add Archive Filter Type (#13852)
* Browser can archive and unarchive items
* Create Archive Cipher Service
* Add flag and premium permissions to Archive 

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Shane <smelton@bitwarden.com>
Co-authored-by: Patrick Pimentel <ppimentel@bitwarden.com>
2025-09-22 11:06:02 -04:00
Alex
8531109081
[PM-25417] DIRT API Service Refactor (ADR-0005) (#16353)
* encode username for uri and add spec

* verify response from getHibpBreach method

* test/validate for BreachAccountResponse type and length instead of mock response

* - extract dirt api method out of global api service
- create new directory structure
- change imports accordingly
- extract breach account response
- put extracted code into new dirt dir

* codeowners and dep injection for new hibp service
2025-09-22 09:06:58 -05:00
Daniel James Smith
94764467e8
[PM-25918] Move required userId for export request up to component/command level (#14391)
* Require userId for KdfConfigService

* cleanup KdfConfigService unit tests

* Move required userId for export request up to component/command level

* Fix service creation/dependency injection

* Revert changes to kdf-config.service.spec cause by a bad rebase

* Fix linting issue

* Fix tests caused by bad rebase

* Validate provided userId to equal the current active user

* Create tests for vault-export.service

Deleted old tests which since have been replaced with individual-vault-export.service.spec.ts

---------

Co-authored-by: Thomas Avery <tavery@bitwarden.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-09-19 13:39:55 +02:00
Jordan Aasen
4b78da1623
[PM-21794] - remove RemoveCardItemTypePolicy flag (#16450)
* remove restricted item types flag

* fix RestrictedItemTypesService constructor
2025-09-18 09:53:01 -07:00
Daniel James Smith
ba817f0389
[PM-25503] Use org export api on encrypted and unencrypted org exports (#16290)
* Introduce a new vault-export-api.service to replace the existing getOrganizationExport method in apiService

* Use new vault-export-api.service instead of the ApiService to retrieve organizational export data

* Remove unused method from apiService

* Register VaultExportApiService on browser

* Fxi linting issue by executing `npm run prettier`

* Rename abstraction and implementation of VaultExportApiService

* Use undefined instead of null

* Rename file of default impl of vault-export-api-service

* Fix test broken with 1bcdd80eea

* Define type for exportPromises

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-09-17 22:22:12 +02:00
Jordan Aasen
db9061d120
[PM-25633] - [Defect] Fix premium badge in totp (#16373)
* fixes to premium upgrade

* revert change to dialog

* handle premium upgrade prompt redirect in AC

* use new input/output api
2025-09-11 12:15:29 -07:00
Vicki League
926f587ea2
[CL-581] Update svgs to new designs and make responsive (#16219) 2025-09-10 17:23:53 -04:00
Jordan Aasen
30af3d7035
[PM-24985][PM-24986][PM-25211][PM-24987] - [Vault] Migrate components to use Premium badge component (#16227)
* migrate all components to use PremiumBadgeComponent

* move badge component to vault

* move premium badge to vault

* move premium badge to billing

* fix import

* use premium badge in tools new send dropdown

* remove badge module import

* remove module
2025-09-09 13:39:24 -07:00
Vijay Oommen
45efd3e5ab
[PM-19996] added new icon for access-intelligence (#16315) 2025-09-09 10:01:05 -05:00
Patrick-Pimentel-Bitwarden
fe692acc07
Auth/pm 14943/auth request extension dialog approve (#16132)
* feat(notification-processing): [PM-19877] System Notification Implementation - Implemented the full feature set for device approval from extension.

* test(notification-processing): [PM-19877] System Notification Implementation - Updated tests.

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2025-09-05 13:27:16 -04:00
Patrick-Pimentel-Bitwarden
e3f55d793d
fix(signalr-premature-closure): [PM-25459] Signalr Closure - Installed the noop auth request answering service properly and made it into a noop. (#16297) 2025-09-04 16:57:34 -04:00