Commit Graph

973 Commits

Author SHA1 Message Date
Kyle Denney
e1e3966cc2
[PM-23713] premium badge interaction (#16911)
* feature flag

* new upgrade dialog component and moved pricing service into libs

first draft

* moved pricing service to libs/common

removed toast service from the pricing service and implemented error handling in calling components

# Conflicts:
#	apps/web/src/app/billing/individual/upgrade/upgrade-payment/upgrade-payment.component.ts

* moved new premium upgrade dialog component to libs/angular

* badge opens new dialog in browser extension

* adds new dialog to desktop and fixes tests

* updates send dropdown to use premium prompt service

* styling and copy updates

* implement in web and desktop

* unit tests

* converting premium reports to use premium badge, and some cleanup

* fixes issue after merge

* linter errors

* pr feedback

* handle async promise correctly

* full sync after the premium upgrade is complete

* fixing test

* add padding to bottom of card in new dialog

* add support for self hosting

* fixing tests

* fix test

* Update has-premium.guard.ts

* pr feedback

* fix build and pr feedback

* fix build

* prettier

* fixing stories and making badge line height consistent

* pr feedback

* updated upgrade dialog to no longer use pricing card

* fixing incorrect markup and removing unused bits

* formatting

* pr feedback

removing unused message keys and adding back in code that was erroneously removed

* change detection

* close dialog when error

* claude pr feedback
2025-11-03 10:16:01 -06:00
Andreas Coroiu
48fb8b2bfe
[PM-25250] Prevent configuration and access of self hosted urls over http (#17095)
* feat: ban urls not using https

* feat: add exception for dev env

* feat: block fetching of insecure URLs

* feat: add exception for dev env

* feat: block notifications from using insecure URL

* fix: bug where submission was possible regardless of error

* feat: add exception for dev env

* fix: missing constructor param
2025-10-31 08:12:44 +01:00
Jared Snider
a1570fc8b1
feat(AuthRouteConstants): [Auth/PM-27370] Convert auth routes to use constants (#16980)
* PM-22663 WIP on auth route constants

* PM-22663 - Convert desktop & extension to use constants - first pass

* PM-22663 - Further clean up

* PM-22663 - catch more missed routes

* PM-22663 - add barrel files

* PM-22663 - Per PR feedback, add missing as const

* PM-22663 - Per PR feedback and TS docs, use same name for const enum like and derived type. Adjusted filenames to be singular.

* PM-22663 - Per PR feedback update desktop app routing module since auto rename didn't update it for whatever reason.
2025-10-29 19:28:21 -04:00
Oscar Hinton
d85b9986d0
[CL-901] [CL-903] Unowned - Prefer signal & change detection (#16949) 2025-10-29 13:42:19 -05:00
Brandon Treston
c1a988c2ab
fix DI (#17076) 2025-10-28 12:25:56 -04:00
Oscar Hinton
af6e19335d
Vault - Prefer signal & change detection (#16947) 2025-10-27 11:13:11 -04:00
Oscar Hinton
abc6e54bb9
Platform - Prefer signal & change detection (#16946) 2025-10-27 09:13:17 -05:00
Oscar Hinton
e3f943364f
Billing - Prefer signal & change detection (#16944) 2025-10-23 15:02:01 -05:00
Bernd Schoolmann
7e7107f165
[PM-27221] Update legacy kdf state on master password unlock sync (#16966)
* Update legacy kdf state on master password unlock sync

* Fix cli build

* Fix

* Fix build

* Fix cli

* Fix browser
2025-10-23 11:38:10 +02:00
Oscar Hinton
29dccd6352
Auth - Prefer signal & change detection (#16950)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
2025-10-22 21:28:47 -04:00
Bernd Schoolmann
5a307633bb
[PM-26778] Make VaultTimeoutService use LogoutService (#16820)
* Make vaulttimeoutservice use logoutservice

* Fix browser build

* Fix mv3 build

* Fix lint
2025-10-21 10:24:52 -05:00
Oscar Hinton
f23f3f87bd
Tools - Prefer signal & change detection (#16941) 2025-10-21 15:49:22 +02:00
Nick Krantz
22eb49aed1
[PM-19337] Desktop Archive (#16787)
* fix typescript errors

* add archive filter to desktop

* exclude archive items from search

* add left click menu options for archive

* add MP prompt checks for archive/unarchive

* assure that a cipher cannot be assigned to collections when archived

* move cipher from archive vault if a user loses premium

* ensure clone only shows when archive is active

* refactor right side footer actions to getter so it can be expanded

* add confirmation prompt for archiving cipher

* add utility service for archiving/unarchiving a cipher

* add archive/unarchive ability to footer of desktop

* add tests for utilities service

* handle null emission of `cipherViews$`

* use active user id directly from activeAccount

* remove unneeded load of vault items

* refresh internal cipher when archive is toggled - forcing the footer view to update

* refresh current cipher when archived from the left-click menu

* only show archive for viewing a cipher

* add cipher form tests

* clear archive date when soft deleting

* update success messages

* remove archive date when cloning

* fix crowdin message swap

* fix test

* move MP prompt before archive prompt - match PM-26994

* fix failing test

* add optional chaining

* move template logic into class

* condense logic

* `unArchive`
2025-10-20 10:04:32 -05:00
Bernd Schoolmann
fa584f76b4
[PM-24683] Move change kdf service to SDK implementation (#16001)
* Add new mp service api

* Fix tests

* Add test coverage

* Add newline

* Fix type

* Rename to "unwrapUserKeyFromMasterPasswordUnlockData"

* Fix build

* Fix build on cli

* Fix linting

* Re-sort spec

* Add tests

* Fix test and build issues

* Fix build

* Clean up

* Remove introduced function

* Clean up comments

* Fix abstract class types

* Fix comments

* Cleanup

* Cleanup

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/services/master-password.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add comments

* Fix build

* Add arg null check

* Cleanup

* Fix build

* Fix build on browser

* Implement KDF change service

* Deprecate encryptUserKeyWithMasterKey

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for null params

* Fix builds

* Cleanup and deprecate more functions

* Fix formatting

* Prettier

* Clean up

* Update libs/key-management/src/abstractions/key.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Make emailToSalt private and expose abstract saltForUser

* Add tests

* Add docs

* Fix build

* Fix tests

* Fix tests

* Address feedback and fix primitive obsession

* Consolidate active account checks in change kdf confirmation component

* Update libs/common/src/key-management/kdf/services/change-kdf-service.spec.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add defensive parameter checks

* Add tests

* Add comment for follow-up epic

* Move change kdf service, remove abstraction and add api service

* Fix test

* Drop redundant null check

* Address feedback

* Add throw on empty password

* Fix tests

* Mark change kdf service as internal

* Add abstract classes

* Switch to abstraction

* Move change kdf to sdk

* Update tests

* Fix tests

* Clean up sdk mapping

* Clean up tests

* Check the argument to make_update_kdf

* Fix mock data

* Fix tests

* Fix relative imports

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-10-20 10:37:19 +00:00
Maciej Zieniuk
8f0d509682
[PM-24377] Use PureCrypto for decryptUserKeyWithMasterKey on the master password service (#16522)
* use PureCrypto in master password service decryptUserKeyWithMasterKey

* test for legacy AES256-CBC

* update SDK version to include the `PureCrypto.decrypt_user_key_with_master_key`

* change from integration to unit tests, use fake state provider
2025-10-17 12:28:38 -05:00
Ben Brooks
91a661a025
feat(policies): PM-19311 Enforce URI Match Defaults organization policy (#16430)
* feat(policies): Add URI Match Default Policy enum

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* feat(policies): Add logic to read and set the default from policy data

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* In settings, set default, disable select and display hint

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Move applyUriMatchPolicy to writeValue function

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Remove code to disable individual options because we're disabling the entire select

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* WiP move resolved defaultUriMatch to Domain Settings Service

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Address local test failures related to null observables

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* add missing services

* Fix test to use new resolvedDefaultUriMatchStrategy$

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Move definition of defaultMatchDetection$ out of constructor

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Update cipher form story to use resolvedDefaultUriMatchStrategy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'pm-19310-uri-match-policy' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Fix incomplete storybook mock in cipher form stories

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add I18n key description

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add comment regarding potential memory leak in domain settings service

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add explicit check for null policy data

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add explicit check for undefined policy data

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'pm-19310-uri-match-policy' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Add shareReplay to address potential memory leak

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'pm-19310-uri-match-policy' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Merge branch 'main' of github.com:bitwarden/clients into pm-19310-uri-match-policy

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Remove outdated comment

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* Improve type safety/validation and null checks in DefaultDomainSettingsService

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

---------

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com>
2025-10-17 07:58:17 -07:00
Bernd Schoolmann
a860f218bd
[PM-24128] New Pin service, using PasswordProtectedKeyEnvelope (#15863)
* fix: broken SDK interface

* Fix all compile errors related to uuids

* Update usages of sdk to type-safe SDK type

* Update sdk version

* Update to "toSdk"

* Move pin service to km ownership

* Run format

* Eslint

* Fix tsconfig

* Fix imports and test

* Clean up imports

* Pin tmp

* Initial version of updated pin service

* Add tests

* Rename function

* Clean up logging

* Fix imports

* Fix cli build

* Fix browser desktop

* Fix tests

* Attempt to fix

* Fix build

* Fix tests

* Fix browser build

* Add missing empty line

* Fix linting

* Remove non-required change

* Missing newline

* Re-add comment

* Undo change to file

* Fix missing empty line

* Cleanup

* Cleanup

* Cleanup

* Cleanup

* Switch to replaysubject

* Add comments

* Fix tests

* Run prettier

* Undo change

* Fix browser

* Fix circular dependency on browser

* Add missing clear ephemeral pin

* Address feedback

* Update docs

* Simplify sdk usage in pin service

* Replace with mock sdk

* Update sdk

* Initialize pin service via unlock instead of listening to keyservice

* Cleanup

* Fix test

* Prevent race condition with userkey not being set

* Filter null userkeys

* [PM-24124] Pin State Service (#16641)

* add pin-state.service

* add remaining tests

* improve description for clearEphemeralPinState

* rename getUserKeyWrappedPin$ to userKeyWrappedPin$

* drop temp variable in setPinState

* add new test and remove copied one

* Fix dep cycle

* Fix tests and remaining build issues

* Fix cli build

* Add comments about functions not being public API

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
2025-10-17 16:30:29 +02:00
Patrick-Pimentel-Bitwarden
94cb1fe07b
feat(auth-tech-debt): [PM-24103] Remove Get User Key to UserKey$ (#16589)
* fix(auth-tech-debt): [PM-24103] Remove Get User Key to UserKey$ - Fixed and updated tests.

* fix(auth-tech-debt): [PM-24103] Remove Get User Key to UserKey$ - Fixed test variable being made more vague.
2025-10-16 14:30:10 -04:00
Dave
7943066724
Reapply feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Service (#16856) (#16884)
This reverts commit d082d336e7.
Feature branch was accidentally merged before QA testing completed.
2025-10-15 16:24:56 -04:00
Thomas Avery
aa9a276591
[PM-23246] Add unlock with master password unlock data for lock component (#16204)
* Add unlocking with MasterPasswordUnlockData for angular lock component
2025-10-15 11:56:46 -05:00
Will Martin
0713f90a06
[PM-25871] updated phishing warning UI (#16748)
* refactor phishing-warning.component

* add hideBackground input to anon-layout component

* add icon tile component to CL

* add storybook story; fix binding bug in template

* export icon-tile from CL

* update design of phishing warning page

* revert icon button to use string type; add comment to icon scss

* update callout to allow no icon/title on all variants

* update phishing warning styles

* fix defects

* crowdin messages cannot be changed, they must be replaced

* add global css override

* add phishing help link

* update icon used in tile

* tweak styles
2025-10-15 10:32:02 -04:00
John Harrington
64105e64e9
[PM-24105] Remove usage of getUserKey on keyService (#16626)
• prefer undefined over null
• obtain required UserId once per method, before branching
• guards moved to beginning of methods
* lift UserId retrieval to occur once during import
* remove redundant userId retrieval
2025-10-15 07:03:29 -07:00
Dave
d082d336e7
Revert "feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Se…" (#16856)
This reverts commit 886003ba88.
2025-10-13 14:22:49 -04:00
Dave
886003ba88
feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Service (#16747)
* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiServiceAbstraction.

* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiService implementation.

* feat(two-factor-api-service) [PM-26465]: Add test suite for TwoFactorApiService.

* feat(two-factor-api-service) [PM-26465]: Replace ApiService dependencies with TwoFactorApiService for all refactored methods.

* feat(two-factor-api-service) [PM-26465]: Finish removal of Two-Factor API methods from ApiService.

* fix(two-factor-api-service) [PM-26465]: Correct endpoint spelling.

* feat(two-factor-api-service) [PM-26465]: Update dependency support for CLI.

* fix(two-factor-api-service) [PM-26465]: Update tests/deps for corrected spelling.

* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiService to Browser services module.

* fix(two-factor-api-service) [PM-26465]: Re-spell dependencies to take *Abstraction throughout, move to JslibServices module for cleaner importing across clients.

* feat(two-factor-api-service) [PM-26465]: Move new services to a feature area, rename abstract and concrete/default.

* feat(two-factor-api-service) [PM-26465]: Move the feature area to common/auth, not auth/common.

* feat(two-factor-api-service) [PM-26465]: Remove now-unneeded include from auth/tsconfig.
2025-10-13 12:48:25 -04:00
Kyle Denney
6ee41343a5
[PM-25379] Refactor org metadata (#16759)
* removing unused properties from org metadata

* removing further properties from the response and replacing them with data already available

* [PM-25379] new org metadata service for new endpoint

* don't need strict ignore

* forgot unit tests

* added cache busting to metadata service

not used yet - waiting for a decision on moving a portion of this to AC
2025-10-13 10:49:52 -05:00
Bernd Schoolmann
cc8bd71775
[PM-21033/PM-22863] User Encryption v2 (#14942)
* Add new encrypt service functions

* Undo changes

* Cleanup

* Fix build

* Fix comments

* Switch encrypt service to use SDK functions

* Move remaining functions to PureCrypto

* Tests

* Increase test coverage

* Split up userkey rotation v2 and add tests

* Fix eslint

* Fix type errors

* Fix tests

* Implement signing keys

* Fix sdk init

* Remove key rotation v2 flag

* Fix parsing when user does not have signing keys

* Clear up trusted key naming

* Split up getNewAccountKeys

* Add trim and lowercase

* Replace user.email with masterKeySalt

* Add wasTrustDenied to verifyTrust in key rotation service

* Move testable userkey rotation service code to testable class

* Fix build

* Add comments

* Undo changes

* Fix incorrect behavior on aborting key rotation and fix import

* Fix tests

* Make members of userkey rotation service protected

* Fix type error

* Cleanup and add injectable annotation

* Fix tests

* Update apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove v1 rotation request

* Add upgrade to user encryption v2

* Fix types

* Update sdk method calls

* Update request models for new server api for rotation

* Fix build

* Update userkey rotation for new server API

* Update crypto client call for new sdk changes

* Fix rotation with signing keys

* Cargo lock

* Fix userkey rotation service

* Fix types

* Undo changes to feature flag service

* Fix linting

* [PM-22863] Account security state (#15309)

* Add account security state

* Update key rotation

* Rename

* Fix build

* Cleanup

* Further cleanup

* Tests

* Increase test coverage

* Add test

* Increase test coverage

* Fix builds and update sdk

* Fix build

* Fix tests

* Reset changes to encrypt service

* Cleanup

* Add comment

* Cleanup

* Cleanup

* Rename model

* Cleanup

* Fix build

* Clean up

* Fix types

* Cleanup

* Cleanup

* Cleanup

* Add test

* Simplify request model

* Rename and add comments

* Fix tests

* Update responses to use less strict typing

* Fix response parsing for v1 users

* Update libs/common/src/key-management/keys/response/private-keys.response.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/common/src/key-management/keys/response/private-keys.response.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Fix build

* Fix build

* Fix build

* Undo change

* Fix attachments not encrypting for v2 users

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
2025-10-10 23:04:47 +02:00
Oscar Hinton
095729d6fa
[PM-23189] Add client managed token provider (#15408)
* Add client managed token provider

* Change token service to accept user id

* Resolve breaking changes in the SDK

* Fix tests

* Update sdk

* Fix type

* Fix types

* Fix cli

* Fix browser

* Add optional userId to refreshIdentityToken

* Fix merge issues

* Fix tests
2025-10-08 16:47:30 -04:00
Nick Krantz
d747dc30a2
[PM-26648] Unarchive Icon (#16784)
* add unarchive icon to font

* fix cipher-form stories

* move unarchive to the proper section

* add premium icon
2025-10-08 14:14:22 -05:00
Anders Åberg
6cbdecef43
PM-13632: Enable sign in with passkeys in the browser extension for chromium browsers (#16385)
* PM-13632: Enable sign in with passkeys in the browser extension

* Refactor component + Icon fix

This commit refactors the login-via-webauthn commit as per @JaredSnider-Bitwarden suggestions. It also fixes an existing issue where Icons are not displayed properly on the web vault.

Remove old one.

Rename the file

Working refactor

Removed the icon from the component

Fixed icons not showing. Changed layout to be 'embedded'

* Add tracking links

* Update app.module.ts

* Remove default Icons on load

* Remove login.module.ts

* Add env changer to the passkey component

* Remove leftover dependencies

* use .isChromium()
2025-10-06 09:25:51 -04:00
Jordan Aasen
7a38b22667
[PM-24951] - update "My Items" icon to bwi-user (#16674)
* update "My Items" icon to bwi-user

* fix tests

* revert changse to reports. fix assign collections.

* revert remaining changes to reports
2025-10-02 14:39:13 -07:00
Jared Snider
4313dd2ecb
feat(SendAccess): [Auth/PM-22661] SendTokenService + SDK Integration (#16007)
* PM-22661 - Start bringing in code from original PR

* PM-22661 - SendTokenService - implement and test hash send password

* PM-22661 - Starting to pull in SDK state to SendTokenService

* PM-22661 - WIP on default send token service

* PM-22661 - Build out TS helpers for TryGetSendAccessTokenError

* PM-22661 - WIP

* PM-22661 - Decent progress on getting _tryGetSendAccessToken wired up

* PM-22661 - Finish service implementation (TODO: test)

* PM-22661 - DefaultSendTokenService - clear expired tokens

* PM-22661 - SendTokenService - tests for tryGetSendAccessToken$

* PM-22661 - DefaultSendTokenService - more tests.

* PM-22661 - Refactor to create domain facing type for send access creds so we can internally map to SDK models instead of exposing them.

* PM-22661 - DefaultSendTokenService tests - finish testing error scenarios

* PM-22661 - SendAccessToken - add threshold to expired check to prevent tokens from expiring in flight

* PM-22661 - clean up docs and add invalidateSendAccessToken

* PM-22661 - Add SendAccessToken tests

* PM-22661 - Build out barrel files and provide send token service in jslib-services.

* PM-22661 - Improve credential validation and test the scenarios

* PM-22661 - Add handling for otp_generation_failed

* PM-22661 - npm i sdk version 0.2.0-main.298 which has send access client stuff

* PM-22661 - Bump to latest sdk changes for send access for testing.

* PM-22661 - fix comment to be accurate

* PM-22661 - DefaultSendTokenService - hashSendPassword - to fix compile time error with passing a Uint8Array to Utils.fromBufferToB64, add new overloads to Utils.fromBufferToB64 to handle ArrayBuffer and ArrayBufferView (to allow for Uint8Arrays). Then, test new scenarios to ensure feature parity with old fromBufferToB64 method.

* PM-22661 - Utils.fromBufferToB64 - remove overloads so ordering doesn't break test spies.

* PM-22661 - utils.fromBufferToB64 - re-add overloads to see effects on tests

* PM-22661 - revert utils changes as they will be done in a separate PR.

* PM-22661 - SendTokenService tests - test invalidateSendAccessToken

* PM-22661 - DefaultSendTokenService - add some storage layer tests

* PM-22661 - Per PR feedback fix comment

* PM-22661 - Per PR feedback, optimize writes to state for send access tokens with shouldUpdate.

* PM-22661 - Per PR feedback, update clear to be immutable vs delete (mutation) based.

* PM-22661 - Per PR feedback, re-add should update for clear method.

* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

---------

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2025-10-02 08:55:04 -04:00
rr-bw
cae58232e5
feat(new-device-verification-screen): (Auth) [PM-17489] Back Button on New Device Verification Screen (#16599)
On Web and Desktop, show back button on `NewDeviceVerificationComponent` (route `/device-verification`). Do not show it on Extension, because Extension already has a back button in the header.
2025-10-01 12:57:41 -07:00
Alex Morask
d9d8050998
[PM-25463] Work towards complete usage of Payments domain (#16532)
* Use payment domain

* Fixing lint and test issue

* Fix organization plans tax issue

* PM-26297: Use existing billing address for tax calculation if it exists

* PM-26344: Check existing payment method on submit
2025-10-01 10:26:47 -05:00
Nick Krantz
727689d827
[PM-24534] Archive via CLI (#16502)
* refactor `canInteract` into a component level usage.

- The default service is going to be used in the CLI which won't make use of the UI-related aspects

* all nested entities to be imported from the vault

* initial add of archive command to the cli

* add archive to oss serve

* check for deleted cipher when attempting to archive

* add searchability/list functionality for archived ciphers

* restore an archived cipher

* unarchive a cipher when a user is editing it and has lost their premium status

* add missing feature flags

* re-export only needed services from the vault

* add needed await

* add prompt when applicable for editing an archived cipher

* move cipher archive service into `common/vault`

* fix testing code
2025-09-30 10:45:04 -04:00
Bernd Schoolmann
4b73198ce5
[PM-23230] Implement KDF Change Service (#15748)
* Add new mp service api

* Fix tests

* Add test coverage

* Add newline

* Fix type

* Rename to "unwrapUserKeyFromMasterPasswordUnlockData"

* Fix build

* Fix build on cli

* Fix linting

* Re-sort spec

* Add tests

* Fix test and build issues

* Fix build

* Clean up

* Remove introduced function

* Clean up comments

* Fix abstract class types

* Fix comments

* Cleanup

* Cleanup

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/services/master-password.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add comments

* Fix build

* Add arg null check

* Cleanup

* Fix build

* Fix build on browser

* Implement KDF change service

* Deprecate encryptUserKeyWithMasterKey

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for null params

* Fix builds

* Cleanup and deprecate more functions

* Fix formatting

* Prettier

* Clean up

* Update libs/key-management/src/abstractions/key.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Make emailToSalt private and expose abstract saltForUser

* Add tests

* Add docs

* Fix build

* Fix tests

* Fix tests

* Address feedback and fix primitive obsession

* Consolidate active account checks in change kdf confirmation component

* Update libs/common/src/key-management/kdf/services/change-kdf-service.spec.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add defensive parameter checks

* Add tests

* Add comment for follow-up epic

* Move change kdf service, remove abstraction and add api service

* Fix test

* Drop redundant null check

* Address feedback

* Add throw on empty password

* Fix tests

* Mark change kdf service as internal

* Add abstract classes

* Switch to abstraction

* use sdk EncString in MasterPasswordUnlockData

* fix remaining tests

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
2025-09-23 16:10:54 -04:00
Bryan Cunningham
9d82fc7dfc
[CL-95] loading spinner (#16363)
* add spiner from previous branch

* add loading spinner to button

* Add spinner to dialog

* Add spinner to icon button

* add spinner to multi select component

* fix spinner positioning

* Add mock i18n in stories where needed

* round stroke caps. Update classes

* fix ts error

* fix broken tests

* add missing translation keys to stories

* Add mising key for layout

* Add mising key for nav group

* Add mising key for spotlight

* Add mising key for product switcher

* Add mising key for dialog service

* add translation to copy click story
2025-09-23 15:36:18 -04:00
Jordan Aasen
6024f6eef2
[PM-25879][PM-25881] - [Defect] Premium badges missing reusable component (#16461)
* clean up premium badge component

* add provider to desktop settings

* rename prop.

* add provider to send component

* fix storybook

* fix test

* move dependency to new send dropdown component

* Revert "move dependency to new send dropdown component"

This reverts commit f134526279.

* remove hasPremium
2025-09-23 09:32:45 -07:00
rr-bw
3bbc6c564c
feat(SSO): (Auth/[PM-22110] Remove Alternate Login Options when SSO Required (#16340)
If a user is part of an org that has the `RequireSso` policy, when that user successfully logs in we add their email to a local `ssoRequiredCache` on their device. The next time this user goes to the `/login` screen on this device, we will use that cache to determine that for this email we should only show the "Use single sign-on" button and disable the alternate login buttons.

These changes are behind the flag: `PM22110_DisableAlternateLoginMethods`
2025-09-22 08:32:20 -07:00
Rui Tomé
b455cb5986
[PM-24146] Remove stateProvider.activeUserId from ProviderService (#16258)
* Refactor provider service calls to include userId parameter

- Updated multiple components and services to pass userId when fetching provider data.
- Adjusted the ProviderService interface to require userId for get, get$, and getAll methods.
- Ensured consistent handling of userId across various components, enhancing data retrieval based on active user context.

* Remove deprecated type safety comments and use the getById utility for fetching providers.

* Update ProviderService methods to return undefined for non-existent providers

- Modified the return types of get$ and get methods in ProviderService to allow for undefined values, enhancing type safety.
- Adjusted the providers$ method to return only defined Provider arrays, ensuring consistent handling of provider data.

* Enhance provider permissions guard tests to include userId parameter

- Updated test cases in provider-permissions.guard.spec.ts to pass userId when calling ProviderService methods.
- Mocked AccountService to provide active account details for improved test coverage.
- Ensured consistent handling of userId across all relevant test scenarios.

* remove promise based api's from provider service, continue refactor

* cleanup observable logic

* cleanup

---------

Co-authored-by: Brandon <btreston@bitwarden.com>
2025-09-22 11:06:28 -04:00
Jason Ng
dbec02cf8d
[PM-24533] Initialize Archive Feature (#16226)
* [PM-19237] Add Archive Filter Type (#13852)
* Browser can archive and unarchive items
* Create Archive Cipher Service
* Add flag and premium permissions to Archive 

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Shane <smelton@bitwarden.com>
Co-authored-by: Patrick Pimentel <ppimentel@bitwarden.com>
2025-09-22 11:06:02 -04:00
Alex
8531109081
[PM-25417] DIRT API Service Refactor (ADR-0005) (#16353)
* encode username for uri and add spec

* verify response from getHibpBreach method

* test/validate for BreachAccountResponse type and length instead of mock response

* - extract dirt api method out of global api service
- create new directory structure
- change imports accordingly
- extract breach account response
- put extracted code into new dirt dir

* codeowners and dep injection for new hibp service
2025-09-22 09:06:58 -05:00
Daniel James Smith
94764467e8
[PM-25918] Move required userId for export request up to component/command level (#14391)
* Require userId for KdfConfigService

* cleanup KdfConfigService unit tests

* Move required userId for export request up to component/command level

* Fix service creation/dependency injection

* Revert changes to kdf-config.service.spec cause by a bad rebase

* Fix linting issue

* Fix tests caused by bad rebase

* Validate provided userId to equal the current active user

* Create tests for vault-export.service

Deleted old tests which since have been replaced with individual-vault-export.service.spec.ts

---------

Co-authored-by: Thomas Avery <tavery@bitwarden.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-09-19 13:39:55 +02:00
Jordan Aasen
4b78da1623
[PM-21794] - remove RemoveCardItemTypePolicy flag (#16450)
* remove restricted item types flag

* fix RestrictedItemTypesService constructor
2025-09-18 09:53:01 -07:00
Daniel James Smith
ba817f0389
[PM-25503] Use org export api on encrypted and unencrypted org exports (#16290)
* Introduce a new vault-export-api.service to replace the existing getOrganizationExport method in apiService

* Use new vault-export-api.service instead of the ApiService to retrieve organizational export data

* Remove unused method from apiService

* Register VaultExportApiService on browser

* Fxi linting issue by executing `npm run prettier`

* Rename abstraction and implementation of VaultExportApiService

* Use undefined instead of null

* Rename file of default impl of vault-export-api-service

* Fix test broken with 1bcdd80eea

* Define type for exportPromises

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-09-17 22:22:12 +02:00
Jordan Aasen
db9061d120
[PM-25633] - [Defect] Fix premium badge in totp (#16373)
* fixes to premium upgrade

* revert change to dialog

* handle premium upgrade prompt redirect in AC

* use new input/output api
2025-09-11 12:15:29 -07:00
Vicki League
926f587ea2
[CL-581] Update svgs to new designs and make responsive (#16219) 2025-09-10 17:23:53 -04:00
Jordan Aasen
30af3d7035
[PM-24985][PM-24986][PM-25211][PM-24987] - [Vault] Migrate components to use Premium badge component (#16227)
* migrate all components to use PremiumBadgeComponent

* move badge component to vault

* move premium badge to vault

* move premium badge to billing

* fix import

* use premium badge in tools new send dropdown

* remove badge module import

* remove module
2025-09-09 13:39:24 -07:00
Vijay Oommen
45efd3e5ab
[PM-19996] added new icon for access-intelligence (#16315) 2025-09-09 10:01:05 -05:00
Patrick-Pimentel-Bitwarden
fe692acc07
Auth/pm 14943/auth request extension dialog approve (#16132)
* feat(notification-processing): [PM-19877] System Notification Implementation - Implemented the full feature set for device approval from extension.

* test(notification-processing): [PM-19877] System Notification Implementation - Updated tests.

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2025-09-05 13:27:16 -04:00
Patrick-Pimentel-Bitwarden
e3f55d793d
fix(signalr-premature-closure): [PM-25459] Signalr Closure - Installed the noop auth request answering service properly and made it into a noop. (#16297) 2025-09-04 16:57:34 -04:00
Stephon Brown
363d6bea44
[PM-24550] Remove Feature Flag Code for PM-12276 (#16173)
* tests: remove feature flag use in tests

* tests: remove breadcrumbingPolicyTests and add service tests

* refactor: remove event log use of flag from org-layout component

* refactor: remove new policy code from org-layout component

* refactor: remove event log use of flag from events component

* refactor: remove event log use from collection dialog component

* refactor: remove event log use from vault-header component

* refactor: remove event-log route logic for org-reporting

* refactor: remove logic from org-settings routing

* refactor: remove breadcrumbing function and from billing service

* refactor: remove ConfigService from DI for billing service

* refactor: remove new policy code from policy-edit component

* refactor: remove new policy code from policies component

* refactor: remove feature flag

* fix(Admin Console): revert to use of reactive observables pattern

* fix(Admin Console): remove type artifact from reversion
2025-09-03 19:28:15 +00:00
Maciej Zieniuk
3a62e9c2f1
[PM-21772] Show key connector domain for new sso users (#15381)
* Passed in userId on RemovePasswordComponent.

* Added userId on other references to KeyConnectorService methods

* remove password component refactor, test coverage, enabled strict

* explicit user id provided to key connector service

* redirect to / instead when user not logged in or not managing organization

* key connector service explicit user id

* key connector service no longer requires account service

* key connector service missing null type

* cli convert to key connector unit tests

* remove unnecessary SyncService

* error toast not showing on ErrorResponse

* bad import due to merge conflict

* bad import due to merge conflict

* missing loading in remove password component for browser extension

* error handling in remove password component

* organization observable race condition in key-connector

* usesKeyConnector always returns boolean

* unit test coverage

* key connector reactive

* reactive key connector service

* introducing convertAccountRequired$

* cli build fix

* moving message sending side effect to sync

* key connector service unit tests

* fix unit tests

* move key connector components to KM team ownership

* new unit tests in wrong place

* key connector domain shown in remove password component

* type safety improvements

* convert to key connector command localization

* key connector domain in convert to key connector command

* convert to key connector command unit tests with prompt assert

* organization name placement change in the remove password component

* unit test update

* show key connector domain for new sso users

* confirm key connector domain page does not require auth guard

* confirm key connector domain page showing correctly

* key connector url required to be provided when migrating user

* missing locales

* desktop styling

* have to sync and navigate to vault after key connector keys exchange

* logging verbosity

* splitting the web client

* splitting the browser client

* cleanup

* splitting the desktop client

* cleanup

* cleanup

* not necessary if condition

* key connector domain tests fix for sso componrnt and login strategy

* confirm key connector domain base component unit tests coverage

* confirm key connector domain command for cli

* confirm key connector domain command for cli unit tests

* design adjustments

removed repeated text, vertical buttons on desktop, wrong paddings on browser extension

* key connector service unit test coverage

* new linting rules fixes

* accept invitation to organization called twice results in error.

Web vault remembers it's original route destination, which we do not want in case of accepting invitation and Key Connector, since provisioning new user through SSO and Key Connector, the user is already accepted.

* moved required key connector domain confirmation into state

* revert redirect from auth guard

* cleanup

* sso-login.strategy unit test failing

* two-factor-auth.component unit test failing

* two-factor-auth.component unit test coverage

* cli unit test failing

* removal of redundant logs

* removal of un-necessary new lines

* consolidated component

* consolidated component css cleanup

* use KdfConfig type

* consolidate KDF into KdfConfig type in identity token response

* moving KC requiresDomainConfirmation lower in order, after successful auth

* simplification of trySetUserKeyWithMasterKey

* redirect to confirm key connector route when locked but can't unlock yet

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2025-09-03 21:16:40 +02:00
Shane Melton
b6ef7716da
[PM-24243] Load config service feature flag into SDK client (#15855)
* [PM-24243] Load config service feature flag into SDK client during initialization

* [PM-24243] Bump sdk version

* [PM-24243] Update load_flags to use generic Map instead of strongly typed object

* [PM-24243] Pass entire feature states object into SDK

* [PM-24243] Bump SDK version

* [PM-24243] Fix failing test
2025-09-03 13:56:55 -04:00
Justin Baur
73e8532ecc
feat(tokens): Allow Inactive user authenticated API calls 2025-09-03 10:09:02 -04:00
Oscar Hinton
e0da2671b4
[PM-13374] Update all SDK uuids (#14962)
* fix: broken SDK interface

* Fix all compile errors related to uuids

* Fix browser desktop

* Fix tests

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
2025-08-29 13:09:33 -04:00
Oscar Hinton
63af0ad711
[CL-836] Extract base css variables (#14733)
* Extract base variables

* Get tw to consume font css variables
2025-08-29 10:43:38 +02:00
Patrick-Pimentel-Bitwarden
c828b3c4f4
Auth/pm 23620/auth request answering service (#15760)
* feat(notification-processing): [PM-19877] System Notification Implementation - Implemented auth request answering service.

* test(notification-processing): [PM-19877] System Notification Implementation - Added tests.
2025-08-28 13:47:05 -04:00
Maciej Zieniuk
4c960906fa
Account Recovery with Key Connector enabled not working prior to removal of Master Password (#15616) 2025-08-27 16:32:18 +02:00
Todd Martin
ad2dfe1e99
feat(notifications): [PM-19388] Enable push notifications on locked clients
* Add back notifications connection on locked accounts

* Updated tests.

* Make sure web push connection service is started synchronously

* Fixed merge conflicts.

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2025-08-26 11:41:15 -04:00
Justin Baur
5f7f1d1924
Resolve state <-> state-test-utils circular dependency (#16093)
* Resolve state <-> state-test-utils circular dependency

* Fix type errors
2025-08-25 12:38:28 -04:00
Shane Melton
4676a122da
[PM-24143] Search performance improvements (#16070)
* [PM-24143] Add perUserCache$ to SearchService index$

* [PM-24143] Cleanup and optimize isSearchable

* [PM-24143] Remove unused search flags and subscription from the vault-items component

* [PM-24143] Add search text for desktop vault items. Consolidate SearchTextDebounceInterval constant to SearchService

* [PM-24143] Ensure cipher search indexing is non-blocking

* [PM-24143] Remove redundant index ciphers operation

* [PM-24143] Add search performance measurements

* [PM-24143] Remove artificial delay

* [PM-24143] Remove startWith from index$ to avoid basic search with lunr queries

* [PM-24143] Re-organize isSearchable to check long lunr queries for index existence
2025-08-22 09:32:36 -07:00
Daniel García
12df7def61
[PM-19479] Client-Managed SDK state definition (#14839)
* [PM-19479] Client-Managed SDK state definition

* Remove test code

* Update based on latest sdk

* Add DB config

* Remove uuid conversion step

* Move mapper into separate file

* Revert to client managed state

* Move mapper to Cipher

* Typo

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
2025-08-22 14:21:52 +02:00
Vicki League
805b6fe7aa
[CL-573] Move all svg icons to new libs/assets (#16020)
* create libs/assets

* treeshake lib and filter out non-icons from icon story

* update docs

* fix icon colors in browser and desktop

* better name for vault icon

* move illustrations
2025-08-21 11:35:59 -05:00
Patrick-Pimentel-Bitwarden
719a43d050
Feat PM-19877 System Notification Processing (#15611)
* feat(notification-processing): [PM-19877] System Notification Implementation - Minor changes to popup logic and removed content in login component.

* docs(notification-processing): [PM-19877] System Notification Implementation - Added more docs.

* docs(notification-processing): [PM-19877] System Notification Implementation - Added markdown document.

* fix(notification-processing): [PM-19877] System Notification Implementation - Updated condition for if notification is supported.

* fix(notification-processing): [PM-19877] System Notification Implementation - Updated services module with correct platform utils service.
2025-08-20 12:42:16 -04:00
Bryan Cunningham
4449d8baf6
[CL-689][CL-799] Fix Icon button a11y errors (#15750)
* Throw error if appA11yTitle is null in icon button

* Add required label input

* Fix icon button errors in CL components and storeis

* fix popover aria-label errors

* remove commented code

* add labels to icon buttons in browser

* add labels to icon buttons in web

* add labels to icon buttons in license

* add labels to icon buttons in send

* add labels to icon buttons in angular

* fix missing pipe error

* fix sso icon button missed in error

* update labels in vault

* add section expand button label

* Adding labels to icon buttons

* Add lint rule to not allow icon buttons without label input

* rename util file

* trigger updates on title change

* update eslint rule name and folder

* add edit collection label to vault headers

* fix web header story label

* add show/hide summary labels

* update summary message

* fix breadcrumbs label message

* fix JSDoc to use correct input

* remove commented code

* use label as aria-label always. Remove init function

* add moreBreadcrumbs translation message to other apps

* add @bitwarden/team-ui-foundation as code owner for component eslint rules

* switch title to const variable

* add jsdoc comment on what the label input is used for

* [PM-22415] Tax ID notifications for Organizations and Providers (#15996)

* [NO LOGIC] Rename BillableEntity to BitwardenSubscriber

This helps us maintain paraody with server where we call this choice type ISubscriber. I chose BitwardenSubscriber to avoid overlap with RxJS

* [NO LOGIC] Move subscriber-billing.client to clients folder

* [NO LOGIC] Move organization warnings under organization folder

* Move getWarnings from OrganizationBillingApiService to new OrganizationBillingClient

I'd like us to move away from stashing so much in libs and utilizing the JsLibServicesModule when it's not necessary to do so. These are invocations used exclusively by the Web Vault and, until that changes, they should be treated as such

* Refactor OrganizationWarningsService

There was a case added to the Inactive Subscription warning for a free trial, but free trials do not represent inactive subscriptions so this was semantically incorrect. This creates another method that pulls the free trial warning and shows a dialog asking the user to subscribe if they're on one.

* Implement Tax ID Warnings throughout Admin Console and Provider Portal

* Fix linting error

* Jimmy's feedback

* remove duplicate messages keys

* revert changes to popover stories

* add back dupe myItems key for now as it was already here

* fix directive type errors

* remove variable left in error from merge conflict

* revert unintentional change to reports layout

* add back reports change

---------

Co-authored-by: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
2025-08-19 15:15:41 -04:00
Justin Baur
939fd402c3
[PM-24677] Slim StateService down so it can be moved to state lib (#16021)
* Slim StateService down so it can be moved to state lib

* Fix accidental import changes

* Add `switchAccount` assertion

* Needs to use mock
2025-08-18 12:37:25 -04:00
Jonathan Prusik
0c166b3f94
remove BlockBrowserInjectionsByDomain feature flag (#16008) 2025-08-18 10:17:05 -04:00
Bernd Schoolmann
a60b7fed9a
[PM-17667] Move key-generation service to KM ownership (#16015)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
* Move key-generation service

* Update comment

* Add deprecation comments

* Fix firefox build

* Update comment

* Update DI import

* Update module imports
2025-08-15 23:49:49 +02:00
Nick Krantz
7f841a4f06
remove PM8851_BrowserOnboardingNudge feature flag (#15956) 2025-08-15 08:55:37 -05:00
Stephon Brown
642216a070
fix: add guard for undefined SimpleChange (#15998) 2025-08-14 15:48:00 +00:00
Dave
0b057f4c68
fix(environment-selector): [PM-21214] Extension and desktop server selector have incorrect styling (#15920)
* refactor(environment-selector): [PM-21214] Lib Environment Selector Styling - Make component standalone.

* refactor(environment-selector): [PM-21214] Lib Environment Selector Styling - Convert template to bit-menu.

* refactor(environment-selector): [PM-21214] Lib Environment Selector Styling - Move component to its own folder.

* fix(environment-selector): [PM-21214] Lib Environment Selector Styling - Fix button role redundancy.

* fix(environment-selector): [PM-21214] Lib Environment Selector Styling - Remove unneeded data-testid attributes.

* fix(environment-selector): [PM-21214] Lib Environment Selector Styling - Arrow glyph should not override link styling.
2025-08-12 13:57:52 -04:00
Stephon Brown
a75f9dc9f0
Billing/pm 22625/tax id should not be saved when hidden (#15905)
* fix: add logic for ngOnUpdate

* fix: use markAsTouched function

* tests: add component tests
2025-08-08 15:33:34 +00:00
rr-bw
c5e5417abf
fix(device-management-sorting): [Auth/PM-24046] Device Management Sorting (#15889)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
This PR makes it so the devices are always sorted in this order (by default):

1. Has Pending Auth Request (if any) comes first
2. Current Device comes second (or first if there are no pending auth requests)
3. First Login Date - the rest of the devices are sorted by first login date (newest to oldest)

This sort order is preserved even after a user approves/denies and auth request - that is, the approved/denied device will re-sort to its correct position according to it's first login date.

Feature Flag: `PM14938_BrowserExtensionLoginApproval`
2025-08-07 13:46:02 -07:00
Jason Ng
2ef8b1a6bf
[PM-18066] new item details view (#15311)
* update item details v2 in libs for new view design. targets web, browser, and desktop
2025-08-07 13:21:24 -04:00
Thomas Rittson
61cd0c4f51
[PM-23920] Admin Console - adopt strongly typed guids (#15814)
Update organization, collection and policy to use strongly typed IDs
2025-08-06 15:27:52 +10:00
Daniel Riera
2549afc45d
PM-23890 Update overlays when a cipher is deleted (#15800)
* PM-23890 WIP

* add messaging service references

* Revert "PM-19574 Browser Autofill overlay displays outdated data (#15624)"

This reverts commit 9eceaa3d4c.

* add test

* fix merge spacing

* Revert "Revert "PM-19574 Browser Autofill overlay displays outdated data (#15624)""

This reverts commit 0fc6ec4d0b.
2025-08-05 12:17:38 -04:00
Vicki League
26c0176e2e
[CL-712] Update icon button, components using it, and affected virtual scroll heights (#15683) 2025-08-05 10:58:49 -04:00
rr-bw
25ada6f80f
refactor(login-approval-component) [Auth/PM-14940] Update LoginApprovalComponent (#15511)
- Renames the `LoginApprovalComponent` to `LoginApprovalDialogComponent`
- Renames the property `notificationId` to `authRequestId` for clarity
- Updates text content on the component
2025-08-04 09:20:12 -07:00
Bernd Schoolmann
2e9a47721e
Remove legacy key support in vault code (#15348) 2025-08-04 08:15:26 -07:00
Bernd Schoolmann
6bd8638ad8
[PM-24126] Move pin service to km ownership (#15821)
* Move pin service to km ownership

* Run format

* Eslint

* Fix tsconfig

* Fix imports and test

* Clean up imports

* Remove unused dependency on PinService

* Fix comments

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-08-04 17:01:39 +02:00
Vicki League
f7cc937581
[CL-753] Fix popover spacing in client code (#15839) 2025-08-04 10:19:07 -04:00
Justin Baur
4f9b2b618f
[PM-24280] Remove account service from state (#15828)
* Introduce ActiveUserAccessor

* Use ActiveUserAccessor over AccountService

* Updates tests and testing utils to support ActiveUserAccessor

* Update all injection points

* Fix types test

* Use ternary instead
2025-07-31 09:09:14 -04:00
Bernd Schoolmann
5dae5267d9
[PM-22623] Remove most TS encryption code, remove service workers (#15153)
* Add new encrypt service functions

* Undo changes

* Cleanup

* Fix build

* Fix comments

* Switch encrypt service to use SDK functions

* Move remaining functions to PureCrypto

* Tests

* Increase test coverage

* Enforce sdk.ready and drop unused codepaths

* Delete unused code

* Delete unused code

* Delete more code

* Add forgotten sdk init logic

* Fix build

* Fix cli

* Fix tests

* Fix build

* Fix browser build

* Remove compare and add more comments / warnings

* Run prettier

* Remove unused feature flags

* Add hazmat warning to aesDecrypt

* Fix build

* Fix comment

* Fix test
2025-07-30 15:50:00 +02:00
Bernd Schoolmann
a7d3c0f5c2
[PM-23809] Add simplified interface to MP service (#15631)
* Add new mp service api

* Fix tests

* Add test coverage

* Add newline

* Fix type

* Rename to "unwrapUserKeyFromMasterPasswordUnlockData"

* Fix build

* Fix build on cli

* Fix linting

* Re-sort spec

* Add tests

* Fix test and build issues

* Fix build

* Clean up

* Remove introduced function

* Clean up comments

* Fix abstract class types

* Fix comments

* Cleanup

* Cleanup

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/services/master-password.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add comments

* Fix build

* Add arg null check

* Cleanup

* Fix build

* Fix build on browser

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for null params

* Cleanup and deprecate more functions

* Fix formatting

* Prettier

* Clean up

* Update libs/key-management/src/abstractions/key.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Make emailToSalt private and expose abstract saltForUser

* Add tests

* Add docs

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-07-29 18:53:17 +02:00
Daniel James Smith
d9480a8dab
[PM-17503] Delete old password-strength component (#15652)
* Removed flag and components.

* More cleanup

* Removed ChangePasswordComponent.

* Removed old EmergencyAccessTakeover

* Removed service initialization.

* Fixed test failures.

* Fixed tests.

* Test changes.

* Updated comments

* Delete old password-strength component

A PasswordStrengthV2Component had been created in July 2024 and now all usages of the old component have been replaced.

* Re-add canAccessFeature back into app-routing.module.
Messed up by merging main.

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-07-25 08:10:35 +00:00
Todd Martin
b3db1b79ce
chore(feature flags): [PM-19034] Remove feature flags and old components for Set/Change Password
* Removed flag and components.

* More cleanup

* Removed ChangePasswordComponent.

* Removed old EmergencyAccessTakeover

* Removed service initialization.

* Fixed test failures.

* Fixed tests.

* Test changes.

* Updated comments

* Fixed tests.

* Fixed tests.

* Fixed merge conflict.

* Removed style and routing references.

* Better comments.

* Removed ResetPasswordComponent
2025-07-24 12:46:18 -04:00
Brandon Treston
d0d1359ff4
[PM-12048] Wire up vNextCollectionService (#14871)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
* remove derived state, add cache in service. Fix ts strict errors

* cleanup

* promote vNextCollectionService

* wip

* replace callers in web WIP

* refactor tests for web

* update callers to use vNextCollectionServcie methods in CLI

* WIP make decryptMany public again, fix callers, imports

* wip cli

* wip desktop

* update callers in browser, fix tests

* remove in service cache

* cleanup

* fix test

* clean up

* address cr feedback

* remove duplicate userId

* clean up

* remove unused import

* fix vault-settings-import-nudge.service

* fix caching issue

* clean up

* refactor decryption, cleanup, update callers

* clean up

* Use in-memory statedefinition

* Ac/pm 12048 v next collection service pairing (#15239)

* Draft from pairing with Gibson

* Add todos

* Add comment

* wip

* refactor upsert

---------

Co-authored-by: Brandon <btreston@bitwarden.com>

* clean up

* fix state definitions

* fix linter error

* cleanup

* add test, fix shareReplay

* fix item-more-options component

* fix desktop build

* refactor state to account for null as an initial value, remove caching

* add proper cache, add unit test, update callers

* clean up

* fix routing when deleting collections

* cleanup

* use combineLatest

* fix ts-strict errors, fix error handling

* refactor Collection and CollectionView properties for ts-strict

* Revert "refactor Collection and CollectionView properties for ts-strict"

This reverts commit a5c63aab76.

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2025-07-23 19:05:15 -04:00
Bernd Schoolmann
7a24a538a4
[PM-23072] Remove legacy key support in auth code (#15350)
* Remove legacy key support in auth code

* Fix tests
2025-07-23 22:29:44 +02:00
Jared Snider
e47e1f79d9
fix(ChangePasswordComp): [Auth/PM-23913] Extension popout now closes after a password change (#15681) 2025-07-23 12:58:44 -04:00
Jason Ng
aee23f7206
[PM-23722] remove previous change for the account security badge (#15739) 2025-07-23 12:29:40 -04:00
Oscar Hinton
c2bbb7c031
Migrate vault abstract services to strict ts (#15731) 2025-07-22 21:59:42 +02:00
Brandon Treston
92bbe0a3c2
[PM-22100] Enforce restrictions based on collection type (#15336)
* enforce restrictions based on collection type, set default collection type

* fix ts strict errors

* fix default collection enforcement in vault header

* enforce default collection restrictions in vault collection row

* enforce default collection restrictions in AC vault header

* enforce default collection restriction for select all

* fix ts strict error

* switch to signal, fix feature flag

* fix story

* clean up

* remove feature flag, move check for defaultCollecion to CollecitonView

* fix test

* remove unused configService

* fix test: coerce null to undefined for collection Id

* clean up leaky abstraction for default collection

* fix ts-strict error

* fix parens

* rename defaultCollection getter

* clean up
2025-07-18 10:53:12 -04:00
rr-bw
9ca265c543
feat(redirectToVaultIfUnlockedGuard): [Auth/PM-20623] RedirectToVaultIfUnlocked Guard (#15236)
Adds a `redirect-to-vault-if-unlocked.guard.ts` that does the following:
- If there is no active user, allow access to the route
- If the user is specifically Unlocked, redirect the user to /vault
- Otherwise, allow access to the route (fallback/default)
2025-07-17 14:24:53 -07:00
Nick Krantz
b4120e0e3f
[PM-22134] Migrate list views to CipherListView from the SDK (#15174)
* add `CipherViewLike` and utilities to handle `CipherView` and `CipherViewLike`

* migrate libs needed for web vault to support `CipherViewLike`

* migrate web vault components to support

* add  for CipherView.  will have to be later

* fetch full CipherView for copying a password

* have only the cipher service utilize SDK migration flag

- This keeps feature flag logic away from the component
- Also cuts down on what is needed for other platforms

* strongly type CipherView for AC vault

- Probably temporary before migration of the AC vault to `CipherListView` SDK

* fix build icon tests by being more gracious with the uri structure

* migrate desktop components to CipherListViews$

* consume card from sdk

* add browser implementation for `CipherListView`

* update copy message for single copiable items

* refactor `getCipherViewLikeLogin` to `getLogin`

* refactor `getCipherViewLikeCard` to `getCard`

* add `hasFido2Credentials` helper

* add decryption failure to cipher like utils

* add todo with ticket

* fix decryption failure typing

* fix copy card messages

* fix addition of organizations and collections for `PopupCipherViewLike`

- accessors were being lost

* refactor to getters to fix re-rendering bug

* fix decryption failure helper

* fix sorting functions for `CipherViewLike`

* formatting

* add `CipherViewLikeUtils` tests

* refactor "copiable" to "copyable" to match SDK

* use `hasOldAttachments` from cipherlistview

* fix typing

* update SDK version

* add feature flag for cipher list view work

* use `CipherViewLikeUtils` for copyable values rather than referring to the cipher directly

* update restricted item type to support CipherViewLike

* add cipher support to `CipherViewLikeUtils`

* update `isCipherListView` check

* refactor CipherLike to a separate type

* refactor `getFullCipherView` into the cipher service

* add optional chaining for `uriChecksum`

* set empty array for decrypted CipherListView

* migrate nudge service to use `cipherListViews`

* update web vault to not depend on `cipherViews$`

* update popup list filters to use `CipherListView`

* fix storybook

* fix tests

* accept undefined as a MY VAULT filter value for cipher list views

* use `LoginUriView` for uri logic (#15530)

* filter out null ciphers from the `_allDecryptedCiphers$` (#15539)

* use `launchUri` to avoid any unexpected behavior in URIs - this appends `http://` when missing
2025-07-17 14:55:32 -05:00
Alec Rippberger
00b6b0224e
feat(extension-login-approvals): [Auth/PM-14939] devices list view for browser (#14620)
Creates a new `DeviceManagementComponent` that fetches devices and formats them before handing them off to a view component for display.

View components:

- `DeviceManagementTableComponent` - displays on medium to large screens
- `DeviceManagementItemGroupComponent` - displays on small screens

Feature flag: `PM14938_BrowserExtensionLoginApproval`
2025-07-17 10:43:49 -07:00
Jason Ng
0cebdd4581
[PM-23813] apply dismiss check when setting status inside nudge services addressing footer lag in FF. (#15639) 2025-07-16 15:32:06 -04:00
Ned Thompson
2086e7ae87
add data-testids to address and tax inputs (#15637) 2025-07-16 15:01:40 -04:00
Patrick-Pimentel-Bitwarden
35819aa2e3
fix(change-password): [PM-23811] Callout Missing Bug (#15638)
* fix(change-password): [PM-23811] Tooltip Missing Bug - Fixed import to show tooltip.

* fix(change-password-component): Change Password Update [18720] - Changed to use common module.
2025-07-16 14:14:03 -04:00
Bernd Schoolmann
60855c734f
[PM-17666] Move Encstring to KM ownership (#15457)
* Move Encstring to KM ownership

* Fix wrong import

* Fix build

* Fix remaining imports

* Fix tests
2025-07-16 11:15:24 -04:00
Jason Ng
ee598288d4
[PM-23722] Add missing account security badge (#15603)
* add account security nudge logic to settings v2 and badge check in nudges service
2025-07-16 09:58:07 -04:00
Jason Ng
ea6a9593b9
[PM-23720] add margin bottom to spotlight component (#15605) 2025-07-15 10:16:57 -04:00
Jared Snider
c9f642e491
feat(new SendPasswordService): [Auth/PM-23700] Create KM SendPasswordService (#15570)
* PM-23700 - SendPasswordService - create and test

* PM-23700 - SendPassword Service comment clean up

* PM-23700 - Use barrel file exports and register default service.

* PM-23700 - DefaultSendPasswordService - work with Bernd to deliver better service
2025-07-11 13:05:31 -04:00
SmithThe4th
3c6f763233
[PM-23306] "Show cards in autofill" is defaulting to on when the setting is enabled (#15534)
* disable card autofill

* Fixed dependency issues
2025-07-11 12:50:31 -04:00
Jason Ng
bf50160a47
[PM-19562] remove flag pm-18520-desktop-cipher-forms (#15524)
* removing the desktop flag and replacing the route in desktop app routing. removing code from old desktop
2025-07-10 15:30:23 -04:00
Todd Martin
c5be837b51
chore(feature-flag) [PM-22604] Remove 2FA persistence feature flag
* Removed flag.

* Fixed tests to no longer reference flag.

* Fixed test.

* Removed duplicate test class.

* Moved files into folders for yubikey and authenticator

* Removed TwoFactorAuthEmailComponentService since it is no longer needed

* Removed export

* Fixed export
2025-07-10 15:00:49 -04:00
Patrick-Pimentel-Bitwarden
1f60bcdcc0
feat(change-password): [PM-18720] (#5319) Change Password Implementation for Non Dialog Cases (#15319)
* feat(change-password-component): Change Password Update [18720] - Very close to complete.

* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Removed temp code to force the state I need to verify correctness.

* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Recover account working with change password component.

* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Made code more dry.

* fix(change-password-component): Change Password Update [18720] - Updates to routing and the extension. Extension is still a wip.

* fix(change-password-component): Change Password Update [18720] - Extension routing changes.

* feat(change-password-component): Change Password Update [18720] - More extension work

* feat(change-password-component): Change Password Update [18720] - Pausing work for now while we wait for product to hear back.

* feat(change-password-component): Change Password Update [18720] - Removed duplicated anon layouts.

* feat(change-password-component): Change Password Update [18720] - Tidied up code.

* feat(change-password-component): Change Password Update [18720] - Small fixes to the styling

* feat(change-password-component): Change Password Update [18720] - Adding more content for the routing.

* feat(change-password-component): Change Password Update [18720] - Removed circular loop for now.

* feat(change-password-component): Change Password Update [18720] - Made comments regarding the change password routing complexities with change-password and auth guard.

* feat(change-password-component): Change Password Update [18720] - Undid some changes because they will be conflicts later on.

* feat(change-password-component): Change Password Update [18720] - Small directive change.

* feat(change-password-component): Change Password Update [18720] - Small changes and added some clarification on where I'm blocked

* feat(change-password-component): Change Password Update [18720] - Org invite is seemingly working, found one bug to iron out.

* refactor(change-password-component): Change Password Update [18720] - Fixed up policy service to be made more clear.

* docs(change-password-component): Change Password Update [18720] - Updated documentation.

* refactor(change-password-component): Change Password Update [18720] - Routing changes and policy service changes.

* fix(change-password-component): Change Password Update [18720] - Wrapping up changes.

* feat(change-password-component): Change Password Update [18720] - Should be working fully

* feat(change-password-component): Change Password Update [18720] - Found a bug, working on password policy being present on login.

* feat(change-password-component): Change Password Update [18720] - Turned on auth guard on other clients for change-password route.

* feat(change-password-component): Change Password Update [18720] - Committing intermediate changes.

* feat(change-password-component): Change Password Update [18720] - The master password policy endpoint has been added! Should be working. Testing now.

* feat(change-password-component): Change Password Update [18720] - Minor fixes.

* feat(change-password-component): Change Password Update [18720] - Undid naming change.

* feat(change-password-component): Change Password Update [18720] - Removed comment.

* feat(change-password-component): Change Password Update [18720] - Removed unneeded code.

* fix(change-password-component): Change Password Update [18720] - Took org invite state out of service and made it accessible.

* fix(change-password-component): Change Password Update [18720] - Small changes.

* fix(change-password-component): Change Password Update [18720] - Split up org invite service into client specific implementations and have them injected into clients properly

* feat(change-password-component): Change Password Update [18720] - Stopping work and going to switch to a new branch to pare down some of the solutions that were made to get this over the finish line

* feat(change-password-component): Change Password Update [18720] - Started to remove functionality in the login.component and the password login strategy.

* feat(change-password-component): Change Password Update [18720] - Removed more unneded changes.

* feat(change-password-component): Change Password Update [18720] - Change password clearing state working properly.

* fix(change-password-component): Change Password Update [18720] - Added docs and moved web implementation.

* comments(change-password-component): Change Password Update [18720] - Added more notes.

* test(change-password-component): Change Password Update [18720] - Added in tests for policy service.

* comment(change-password-component): Change Password Update [18720] - Updated doc with correct ticket number.

* comment(change-password-component): Change Password Update [18720] - Fixed doc.

* test(change-password-component): Change Password Update [18720] - Fixed tests.

* test(change-password-component): Change Password Update [18720] - Fixed linting errors. Have more tests to fix.

* test(change-password-component): Change Password Update [18720] - Added back in ignore for typesafety.

* fix(change-password-component): Change Password Update [18720] - Fixed other type issues.

* test(change-password-component): Change Password Update [18720] - Fixed tests.

* test(change-password-component): Change Password Update [18720] - Fixed more tests.

* test(change-password-component): Change Password Update [18720] - Fixed tiny duplicate code.

* fix(change-password-component): Change Password Update [18720] - Fixed desktop component.

* fix(change-password-component): Change Password Update [18720] - Removed unused code

* fix(change-password-component): Change Password Update [18720] - Fixed locales.

* fix(change-password-component): Change Password Update [18720] - Removed tracing.

* fix(change-password-component): Change Password Update [18720] - Removed duplicative services module entry.

* fix(change-password-component): Change Password Update [18720] - Added comment.

* fix(change-password-component): Change Password Update [18720] - Fixed unneeded call in two factor to get user id.

* fix(change-password-component): Change Password Update [18720] - Fixed a couple of tiny things.

* fix(change-password-component): Change Password Update [18720] - Added comment for later fix.

* fix(change-password-component): Change Password Update [18720] - Fixed linting error.

* PM-18720 - AuthGuard - move call to get isChangePasswordFlagOn down after other conditions for efficiency.

* PM-18720 - PasswordLoginStrategy tests - test new feature flagged combine org invite policies logic for weak password evaluation.

* PM-18720 - CLI - fix dep issue

* PM-18720 - ChangePasswordComp - extract change password warning up out of input password component

* PM-18720 - InputPassword - remove unused dependency.

* PM-18720 - ChangePasswordComp - add callout dep

* PM-18720 - Revert all anon-layout changes

* PM-18720 - Anon Layout - finish reverting changes.

* PM-18720 - WIP move of change password out of libs/auth

* PM-18720 - Clean up remaining imports from moving change password out of libs/auth

* PM-18720 - Add change-password barrel file for better import grouping

* PM-18720 - Change Password comp - restore maxWidth

* PM-18720 - After merge, fix errors

* PM-18720 - Desktop - fix api service import

* PM-18720 - NDV - fix routing.

* PM-18720 - Change Password Comp - add logout service todo

* PM-18720 - PasswordSettings - per feedback, component is already feature flagged behind PM16117_ChangeExistingPasswordRefactor so we can just delete the replaced callout (new text is in change-password comp)

* PM-18720 - Routing Modules - properly flag new component behind feature flag.

* PM-18720 - SSO Login Strategy - fix config service import since it is now in shared deps from main merge.

* PM-18720 - Fix SSO login strategy tests

* PM-18720 - Default Policy Service - address AC PR feedback

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2025-07-10 09:08:25 -04:00
Jordan Aasen
9f1531a1b2
[PM-22375] - [Vault] [Clients] Sort My Items collection to the top of Vault collection filters (#15332)
* WIP - default collection sorting

* apply filtering to popup list filters service.

* add tests. add feature flag checks

* finalize my items collection filters

* fix type error

* re-add service

* re-add comment

* remove unused code

* fix sorting logic

* shorten variable name to fit one line

* fix error

* fix more errors

* abstract logic to vault filter service

* fix test

* export sort as function instead of adding to class

* fix more tests

* add collator arg

* remove ts-ignore. fix type errors

* remove optional param

* fix vault filter service
2025-07-09 09:37:38 -06:00
Jared Snider
b9f930a609
fix(tde-offboarding): Auth/PM-19165 - Handle TDE offboarding on an untrusted device with warning message (#15430)
When a user logs in via SSO after their org has offboarded from TDE, we now show them a helpful error message stating that they must either login on a Trusted device, or ask their admin to assign them a password.

Feature flag: `PM16117_SetInitialPasswordRefactor`
2025-07-08 09:58:03 -07:00
Todd Martin
d1c6b334b1
feat(DuckDuckGo): [PM-9388] Add new device type for DuckDuckGo browser
* Add new device type for DuckDuckGo browser

* Added feature support property for sync domains

* Added new features

* Added isDuckDuckGo() to CLI

* Addressed PR feedback.

* Renamed new property

* Fixed rename that missed CLI.
2025-07-03 11:27:28 -04:00
rr-bw
cc65f5efc6
feat(set-initial-password): [Auth/PM-18784] SetInitialPasswordComponent Handle TDE Offboarding (#14861)
This PR makes it so that `SetInitialPasswordComponent` handles the TDE offboarding flow where an org user now needs to set an initial master password.

Feature flag: `PM16117_SetInitialPasswordRefactor`
2025-07-02 07:23:45 -07:00
rr-bw
5639668d3f
feat:(set-initial-password): [Auth/PM-18457] Create SetInitialPasswordComponent (#14186)
Creates a `SetInitialPasswordComponent` to be used in scenarios where an existing and authed user must set an initial password.

Feature Flag: `PM16117_SetInitialPasswordRefactor`
2025-06-30 12:39:53 -07:00
SmithThe4th
62981a1bec
Migrate vault filter service from active user state to single user state (#15089) 2025-06-30 13:02:18 -04:00
rr-bw
031c9bc947
fix(auth-guard): [PM-22822] remove SsoNewJitProvisionedUser case (#15376)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
2025-06-27 15:24:12 -07:00
rr-bw
7500fe32bb
fix(auth-guard): [PM-22822] fix infinite redirect loop (#15371) 2025-06-27 11:19:13 -07:00
Jordan Aasen
62750a06ec
[PM-36] - [Tech Debt] Move SearchService to libs/common/vault (#15251)
* wip - migrate search service to vault

* fix import
2025-06-27 08:16:59 -07:00
Ike
7c9e95271d
[PM -20329] browser auth approval client api service (#15161)
* feat: Create methods for calling GET auth-request/pending endpoint.

* feat: update banner service on web, and desktop vault

* test: updated banner test to use auth request services

* fix: DI fixes

* feat: add RequestDeviceId to AuthRequestResponse

* fix: add Browser Approvals feature flags to desktop vault and web vault banner service

* test: fix tests for feature flag
2025-06-26 11:13:06 -04:00
rr-bw
cf6b087491
docs(password-management): [PM-18573] Document Master Password Management Flows (#15248)
Adds documentation for our set/change password flows (master password management flows)
2025-06-25 09:32:47 -07:00
Brandon Treston
1c237a3753
[PM-20633] rename personal ownership (#15228)
* sensible renames

* renames

* clean up comments
2025-06-24 09:31:40 -04:00
rr-bw
5bd4d1691e
refactor(auth-guard): [PM-22822] Update AuthGuard to explicitly handle each forceSetPasswordReason (#15252)
Update the `authGuard` to explicitly handle each `ForceSetPasswordReason`
2025-06-23 11:45:27 -07:00
SmithThe4th
e291e2df0a
[PM-21451] [Vault] [CLI] Changes to Enforce "Remove card item type policy" (#15187)
* Created new service to get restricted types for the CLI

* Created service for cli to get restricted types

* Utilized restriction service in commands

* Renamed function

* Refactored service and made it simpler to check when a cipher type is restricted or not

* Moved service to common so it can be utilized on the cli

* Refactored service to use restricted type service

* Removed userId passing from commands

* Exclude restrict types from export

* Added missing dependency

* Added missing dependency

* Added missing dependency

* Added service utils commit from desktop PR

* refactored to use reusable function

* updated reference

* updated reference

* Fixed merge conflicts

* Refactired services to use isCipherRestricted

* Refactored restricted item types service

* Updated services to use the reafctored item types service
2025-06-23 09:04:56 -07:00
Jordan Aasen
3b830faf09
fix logic for restrictedTypeFilter (#15253) 2025-06-18 16:08:13 -07:00
Jordan Aasen
5fa153e743
[PM-20643] - [Vault] [Desktop] Front End Changes to Enforce "Remove card item type policy" (#15176)
* add restricted item types to legacy vault components

* filter out restricted item types from new menu item in desktop

* use CIPHER_MENU_ITEMS

* use CIPHER_MENU_ITEMS. move restricted cipher service to common

* use move restricted item types service to libs. re-use cipher menu items

* add shareReplay. change variable name

* move restricted filter to search service. remove unecessary import

* add reusable service method

* clean up spec

* add optional chain

* remove duplicate import

* move isCipherViewRestricted to service module

* fix logic

* fix logic

* remove extra space

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2025-06-18 12:13:38 -07:00
rr-bw
9e76448188
docs(redirect-guard): [BEEEP] Document redirectGuard (#15196) 2025-06-18 10:12:21 -07:00
Jason Ng
71bc68444d
[PM-22419] dismiss account nudge when biometric unlock is set (#15139)
* update account-security-nudge service to look at biomentricUnlockEnabled$ observable, add success toast for biometric unlock
2025-06-17 14:47:10 -04:00
Vicki League
df4aae2fb2
[CL-700] Move auth-owned layout components to UIF ownership (#15093) 2025-06-17 13:33:01 -04:00
Jason Ng
8505686006
[PM-22520] Settings Berry will account for Autofill Badge (#15170) 2025-06-16 09:56:39 -04:00
Jared Snider
bfb0b874ed
fix(Multi-Account-Logout: [Auth/PM-19555] Fix multi account logout on lock screens not redirecting properly (#14630)
* PM-19555 - LogoutService - build abstraction, default, and extension service and register with service modules

* PM-19555 - Lock Comp - use logoutService

* PM-19555 - LoginDecryptionOptions - Use logout service which removed need for extension-login-decryption-options.service

* PM-19555 - AccountSwitcher logic update - (1) Use logout service + redirect guard routing (2) Remove logout method from account switcher service (3) use new NewActiveUser type

* PM-19555 - Extension - Acct Switcher comp - clean up TODOs

* PM-19555 - Add TODOs for remaining tech debt

* PM-19555 - Add tests for new logout services.

* PM-19555 - Extension - LoginInitiated - show acct switcher b/c user is AuthN

* PM-19555 - Add TODO to replace LogoutCallback with LogoutService

* PM-19555 WIP

* PM-19555 - Extension App Comp - account switching to account in TDE locked state works now.

* PM-19555 - Extension App Comp - add docs

* PM-19555 - Extension App Comp - add early return

* PM-19555 - Desktop App Comp - add handling for TDE lock case to switch account logic.

* PM-19555 - Extension - Account Component - if account unlocked go to vault

* PM-19555 - Per PR feedback, clean up unnecessary nullish coalescing operator.

* PM-19555 - Extension - AppComponent - fix everHadUserKey merge issue

* PM-19555 - PR feedback - refactor switchAccount and locked message handling on browser & desktop to require user id. I audited all callsites for both to ensure this *shouldn't* error.
2025-06-13 13:22:04 -04:00
Rui Tomé
b5bddd0b06
[PM-17154] Limit item deletion feature flag removal (#15094)
* Refactor components to remove limitItemDeletion feature flag usage

This commit simplifies the logic in various components by removing the limitItemDeletion feature flag. The conditions for displaying restore and delete actions are now based solely on the cipher's permissions, enhancing code clarity and maintainability.

* Refactor cipher deletion logic to remove the feature flag and collection ID dependency

This commit updates the cipher deletion logic across multiple components and services by removing the unnecessary dependency on collection IDs. The `canDeleteCipher$` method now solely relies on the cipher's permissions, simplifying the code and improving maintainability.

* Remove LimitItemDeletion feature flag from feature-flag enum and default values

* Remove configService from ServiceContainer and MainBackground constructor parameters

* Remove configService from RestoreCommand instantiation in OssServeConfigurator and VaultProgram classes
2025-06-10 09:57:34 +01:00
Justin Baur
b1f090e054
Add lang attr on desktop and browser (#14691) 2025-06-09 06:54:00 -04:00
Jason Ng
fdd4d4b9fe
[PM-22270] Only Show Generator Nudge For New Accounts (#15059)
* create new account nudge service to replace repeat nudge services checking for 30 day limit
2025-06-06 09:53:08 -04:00
Nick Krantz
92f3630fed
rework logic for empty vault nudge (#15013) 2025-06-05 09:18:43 -05:00
Nick Krantz
729d5d3134
[PM-21546] Migrate from enum to constant object (#14975)
* add generic `union-of-values` helper

* migrate `GeneratorDialogAction` to a constant

* migrate `VaultState` to a constant

* migrate `AtRiskCarouselDialogResult` to a constant

* migrate `CredentialGeneratorDialogAction` to a constant

* migrate `FolderAddEditDialogResult` to a constant

* migrate `ViewCipherDialogResult` to a constant

* migrate `VisibleVaultBanner` to a constant

* migrate `VaultFilterLabel` to a constant

* migrate `WebVaultGeneratorDialogResult` to a constant

* migrate `BulkDeleteDialogResult` to a constant

* migrate `BulkMoveDialogResult` to a constant

* migrate `AddEditCipherDialogResult` to a constant

* migrate `VaultItemDialogResult` to a constant

* migrate `BrowserPromptState` to a constant

* migrate `NudgeType` to a constant

* migrate `SecurityTaskStatus` to a constant

* migrate `CipherRepromptType` to a constant

* migrate `SecureNoteType` to a constant

* migrate `FieldType` to a constant

* migrate `LinkedIdType` to a constant

* migrate `CollectionAssignmentResult` to a constant

* migrate `AddEditFolderDialogResult` to a constant

* migrate `AttachmentDialogResult` to a constant

* fix CipherType in delete organization dialog

* fix `in` statement in VaultFilter

* Fix build errors across enum updates

* fix two more CipherType castings

* update CipherResponse `CipherType`

* define type for `fieldType` parameter

* refine how `cipherTypeNames` is generated and add utility function for grabbing cipher type name

* use `CipherType` rather than `number`

* add stricter typing for `FieldType`

* add fixme for `CipherType` to be ADR-0025 compliant

* remove error throw for `toCipherTypeName` and instead update typing to have `| undefined`

* add helpers for CipherType conversions

* prefer `undefined`
2025-06-05 08:45:52 -05:00
Oscar Hinton
e8e2181252
Migrate remaining components to standalone in libs/components (#15053)
Migrates the remaining non standalone components from libs/components. Also resolved some linting ignores and applying strict typescript.
2025-06-05 09:52:53 +02:00
Oscar Hinton
8f74eaea1c
Remove standalone true from auth (#15035)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-04 09:22:37 -04:00
Nick Krantz
1bd77fec7a
account for deleted ciphers for empty vault nudge (#15014) 2025-06-04 08:09:14 -05:00
Nick Krantz
65f4ff6909
[PM-21791] Nudge UI Bug Fixes (#15010)
* remove margin bottom from empty vault nudge

* update page title to vault options

* show badge on import of vault settings

* add margin between no items title and icon

* add mock to test

* add comment for destroying vault settings page

* fix logic for manage/create collection

* account for deleted ciphers when showing the import nudge

* refactor name of vault import nudge
2025-06-04 08:07:44 -05:00
SmithThe4th
2e66addd6a
[PM-19632] Remove security task flag - step 1 (#14904)
* Step 1- remove business logic

* removed dependency

* removed leftover flags
2025-06-03 12:20:29 -04:00
Nick Krantz
24ae013f71
[PM-22269] Generator/Send Nudge Updates (#15049)
* remove margin from the bottom of paragraph tag in generator spotlight

* update aria-label text to match translation key

* Remove `SendNudgeStatus` nudge type

* update web send page to use new title and description

* update old no sends title and description

* hide internal contents on generator nudge

* remove NudgeService from send-v2 test
2025-06-03 14:04:29 +00:00
Oscar Hinton
95856bf3cf
[CL-714] Remove standalone true from tools (#15039)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-03 09:55:58 +02:00
Bernd Schoolmann
23ec6bacc9
[PM-20225] Prevent legacy users without userkey from logging in (#14267)
* Prevent legacy users without userkey from logging in

* Remove further web-migration code for legacy users

* Add i18n for legacy user error message

* Update comment

* Remove migrate legacy component

* Remove i18n messages

* Remove migrate legacy encryption reference
2025-06-02 23:56:29 +02:00
Oscar Hinton
f3ff1e98ec
Remove standalone true from vault (#15040)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-02 13:22:57 -07:00
Oscar Hinton
26fb7effd3
Remove standalone true from platform and UIF (#15032)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-02 20:03:04 +02:00
Oscar Hinton
2fbc4c1578
[CL-525] Upgrade angular to v19 (#14815)
Upgrade Angular to v19 using the update guide.

- Add `standalone: false` to any missed component in stories or tests.
- Update jest.config to follow the new best practices.
2025-06-02 13:13:31 -04:00
Todd Martin
721657a5c3
Update syntax for Github. (#14845) 2025-05-30 15:31:44 -04:00
Matt Gibson
9f9cb0d13d
Add-userid-to-encryption-methods (#14844)
* Get userId from response if available

This is a small improvement for the Auth team which avoids inspection of the access token, sometimes.

* Initialize sdk clients with a userId

* return both Cipher and encryptedFor when encrypting a cipher

Update cipher api requests to include encryptedFor attribute

* Prefer named types with documentation

* Update sdk to latest

* Fixup types

* Fixup tests

* Revert getting userId from identity token response

---------

Co-authored-by: Shane <smelton@bitwarden.com>
2025-05-30 10:50:54 -07:00
Thomas Avery
895d54fd5e
[PM-21443] Require userId for KeyService's everHadUserKey$ (#14712)
* Require userId for KeyService's everHadUserKey$

* handle null active user in tdeDecryptionRequiredGuard
2025-05-30 11:40:55 -05:00
Addison Beck
56a3b14583
Introduce eslint errors for risky/circular imports (#14804)
* first draft at an idea dependency graph

* ignore existing errors

* remove conflicting rule regarding internal platform logic in libs

* review: allow components to import from platform
2025-05-23 08:01:25 -04:00
Jordan Aasen
57911f210b
[PM-21896] - prevent double reprompt for copy password in desktop cipher form (#14883)
* prevent double reprompt for copy password in desktop cipher form

* adjust name

* fix input name
2025-05-22 10:20:33 -07:00
Jason Ng
fd10a26df9
[PM-18804] generator nudges (#14705)
* added generator spotlight to credential generator component

* moved generator spotlight to browser component and add as slot in libs. update copy for send

* added an aria label for the generator nudge body content

* new copy and styles for browser send will be behind feature flag

* update featureflag call to observable in send-v2

* changed how nudge text is made in credential generator

* added new observable to vault nudges to return specific boolean. Update naming of vault types. update observable calls in credential-generator and send-v2

* update send-v2 and credential generator to use new renamed nudges

* update to create nudge generator spotlight component. using this inside the credential generator for nudge spotlight

* fix imports for Nudge related code

* add libs/angular to storybook

---------

Co-authored-by: Nick Krantz <nick@livefront.com>
2025-05-21 12:46:02 -05:00
Nick Krantz
1c4d851046
[PM-21005] Clear Add/Edit form cache when browser loses focus (#14634) 2025-05-21 08:00:49 -05:00