* PM-32413 - Add hasPassword guard for future use.
* PM-32413 - Web - PasswordSettingsComp - add TODO for using new guard.
* PM-32413 - ChangePasswordComp - Add output emitter for when a password has been changed successfully.
* PM-32413 - Add feature flag
* PM-32413 - Desktop - implement change password component in a dialog.
* PM-32413 - Add change password to extension
* PM-32413 - Fix translations
* PM-32413 - Desktop - menu - add clean up todo
* PM-32413 - Feature flags - reset hardcoded true values
* PM-32413 - Add clean up todos
* PM-32413 - Extension Routing module - add hasPassword guard
* PM-32413 - add todo
* PM-32413 - Desktop / Extension - use InputPasswordFlow.ChangePassword instead of InputPasswordFlow.ChangePasswordWithOptionalUserKeyRotation
* PM-32413 - Finish last AI review items
* PM-32413 - Per PR feedback, update change-password-dialog title translation to one that we don't plan on removing.
* PM-32413 - Per PR feedback, update menu item id
* PM-32413 - Per local claud review - modify has-password to use UrlTree pattern.
* PM-32413 - ChangePassword comp - add this.passwordChanged.emit(); in newly flagged code branch
Updates the `ChangePasswordService` (`changePassword()` and `changePasswordForAccountRecovery()`) to use the new KM data types :
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`
This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.
Also moves current password validation into the default and web change password services.
Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
* adds premium-upsell service
* adds and updates tests
* changes name and type in test file
* fixes strict ts
* Update libs/angular/src/vault/services/premium-upsell.service.spec.ts
fix import
Co-authored-by: Jordan Aasen <166539328+jaasen-livefront@users.noreply.github.com>
* change initial value and fix import order
---------
Co-authored-by: Jordan Aasen <166539328+jaasen-livefront@users.noreply.github.com>
* fix(register): [PM-27085] Account Register Uses New Data Types - Initial changes.
* test(register): [PM-27085] Account Register Uses New Data Types - Fixed tests.
* test(register): [PM-27085] Account Register Uses New Data Types - Updated tests.
* feat(register): [PM-27085] Account Register Uses New Data Types - Added feature flag.
* fix(register): [PM-27085] Account Register Uses New Data Types - Removed unnecessary part of the payload.
* fix(register): [PM-27085] Account Register Uses New Data Types - Changed the feature flag to be gated with the other password input changes.
* fix(register): [PM-27085] Account Register Uses New Data Types - Added protection for feature flagged state.
* fix(register): [PM-27085] Account Register Uses New Data Types - Removed unnecessary comment.
* fix(register): [PM-27085] Account Register Uses New Data Types - Addressed feedback.
* fix(register): [PM-27085] Account Register Uses New Data Types - Fixed tests and added comment.
* fix(register): [PM-27085] Account Register Uses New Data Types - Fixed another test.
* fix(register): [PM-27085] Account Register Uses New Data Types - And last test fix.
* fix(register): [PM-27085] Account Register Uses New Data Types - Removed unneeded code.
* fix(register): [PM-27085] Account Register Uses New Data Types - Updated comments and fixed code from feedback.
* fix(register): [PM-27085] Account Register Uses New Data Types - Updated comments again with small styling fix.
* fix(register): [PM-27085] Account Register Uses New Data Types - Switched to snapshot testing and explicit checks for unlock and authentication data for feature flag on. Also addressed pr comments.
* test(register): [PM-27085] Account Register Uses New Data Types - Made explicit checks for critical pieces of data in tests.
* fix(feature-flag): [PM-27085] Account Register Uses New Data Types - Added in feedback from comments. Default registration tests have snapshots now and web registration has more dry code.
* Make TwoFactorIconComponent standalone
* Angular updates to TwoFactorIconComponent
- Migrate TwoFactorProviderType from enum to const (ADR25)
- Migrate Inputs to Signals
- Make provider a required input
- Use new Control Flow syntax
- Use OnPush change detection
- Memoize function for legacy providers (providers with png image)
- Add documentation
- Remove @ts-strict-ignore
- Fix type in TwoFactorSetupDuoComponent as it would default to number because of the migration of TwoFactorProviderType (enum to const). Now it can be overridden with any value of TwoFactorProviderType
* Add type guard for TwoFactorProviderType and fix CLI
* PM-32915 - Update TwoFactorProviderType to mark U2f as deprecated in favor of WebAuthn
* PM-32915 - TwoFactorIconComp - refactor to eliminate legacy providers and just use new, already available duo and yubikey SVG icons.
* PM-32915 - Add TODOs for cleaning up mfaType usages.
* PM-32915 - Remove unncessary ng-container
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
With the replacement of the vault cipher view and add-edit views on the desktop client, we no longer require the ColorPasswordCountPipe or the ColorPasswordPipe, as these are now handled by the ColorPasswordComponent from the Bitwarden component library
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Updates the `setInitialPasswordTdeOffboarding` path to use new KM data types:
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`
This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.
Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
* PM-31804 - WIP
* PM-31804 - Profile Component - fix missing translation
* PM-31804 - Web - Emergency Access Takeover Dialog Comp - remove screen reader only span as arialabel on spinner should be sufficient
* PM-31804 - Web - EmergencyAccessViewComp - remove redundant span as aria label handles accessibility.
* PM-31804 - Web - EmergencyAccessViewComp - Remove redundant sr only span - replaced w/ aria label
* PM-31804 - Web - EmergencyAccessViewComp - Remove redundant sr only span - replaced w/ aria label
* PM-31804 - EmergencyAccessComp - Replace redundant sr only span with aria label
* PM-31804 - two-factor-setup.component.html - Replace redundant sr only spans with aria labels
* PM-31804 - WebauthnLoginSettingsModule - remove unnecessary IconModule - it's imported via SharedModule
* PM-31804 - web - emergency-access.component.html - Replace redundant sr only span with aria label
* PM-31804 - LoginDecryptionOptionsComponent - Replace redundant sr only span with aria label
* PM-31804 - ChangePasswordComp - Replace redundant sr only span with aria label
* PM-31804 - AccountComponent - add BitwardenIcon type to satisfy template type requirements for name property.
* PM-31804 - Browser Account Security Component - replace nonexistent chevron icon with existing angle right icon.
* PM-31804 - Fix A11y issues with missing aria labels
* PM-31804 - Remove remaining redundant sr only spans since we now have aria labels
Remove the fully-enabled feature flag and simplify the billing metadata
API to always use the vNext endpoints. The legacy API path is removed
since the server will no longer serve it.
- Remove FeatureFlag.PM25379_UseNewOrganizationMetadataStructure enum and default
- Delete legacy getOrganizationBillingMetadata() API method (old /billing/metadata path)
- Rename vNext methods to remove VNext suffix
- Simplify OrganizationMetadataService to always use cached vNext path
- Remove ConfigService dependency from OrganizationMetadataService
- Update tests to remove feature flag branching
Updates the SetInitialPasswordService TDE + Permission user flow to use the new KM data types:
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`
This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.
The new `setInitialPasswordTdeUserWithPermission()` method essentially takes the existing deprecated `setInitialPassword()` method and:
- Removes logic that is specific to a `JIT_PROVISIONED_MP_ORG_USER` case. This way the method only handles `TDE_ORG_USER_RESET_PASSWORD_PERMISSION_REQUIRES_MP` cases.
- Updates the logic to use `MasterPasswordAuthenticationData` and `MasterPasswordUnlockData`
Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
* add notification handler for auto confirm
* add missing state check
* fix test
* isolate angular specific code from shared lib code
* clean up
* use autoconfirm method
* fix test
* enforce strict types on folders
* fix folder api service
* fix tests
* fix test
* fix type issue
* fix test
* add extra checks for folders. add specs
* fix folder.id checks
* fix id logic
* remove unecessary check
* name name and id optional in folder model
* fix tests
* Update folder and folderview
* fix folder with id export
* fix tests
* fix tests
* more defensive typing
* fix tests
* no need to check for presence
* check for empty name in folder toDomain
* fixes to folder
* initialize id in folder constructor. fix failing tests
* remove optional param to folder constructor
* fix folder
* fix test
* remove remaining checks for null folder id
* fix logic
* pass null for empty folder ids
* make id more explicit
* fix failing test
* fix failing test
* fix "No Folder" filter
* [PM-31685] Removing email hashes
* [PM-31685] fixing tests, which are now passing
* [PM-31685] removing anon access emails field and reusing emails field
* [PM-31685] fixing missed tests
* [PM-31685] fixing missed tests
* [PM-31685] code review changes
* [PM-31685] do not encrypt emails by use of domain functionality
* [PM-31685] test fixes
* Remove inividual user key states and migrate to account cryptographic state
* Fix browser
* Fix tests
* Clean up migration
* Remove key-pair creation from login strategy
* Add clearing for the account cryptographic state
* Add migration
* Cleanup
* Fix linting
* feat(billing): update cart-summary logic
Add functionality to hide breakdown and allow translation params
* tests(cart-summary): update tests and stories
* feat(pricing): Add quantity support to discount labels
* feat(pricing): discount quantity story
* Revert "feat(pricing): discount quantity story"
This reverts commit 2c00891f1f.
* Revert "feat(pricing): Add quantity support to discount labels"
This reverts commit 8350fdd90f.
* fix(cart-summary): Adjust discount text styling
* feat(pricing): adds support for hidden discount amounts
Allows hiding the formatted amount for discounts in the cart summary.
This is useful for scenarios where the discount amount is displayed
elsewhere or is not relevant to the user.
Updates the storybook to include a story demonstrating this feature.
* feat(pricing): conditionally format currency amounts to show or hide decimals
* Revert "feat(pricing): adds support for hidden discount amounts"
This reverts commit 076724276c.
* Revert "fix(cart-summary): Adjust discount text styling"
This reverts commit d02c12fc2a.
* Revert "discount translation"
* feat(pricing): add credit type to cart summary
* feat(pricing-card): Add i18n and icon component infrastructure
* feat(pricing-card): Apply i18n pipe to pricing card template
* refactor(pricing-card): Replace `<i>` tags with `<bit-icon>` in template
* test(pricing-card): Update tests for i18n and icon component changes
* docs(pricing-card): Enhance Storybook and documentation for new features
* feat(pricing-card): Adds "per user" translation key
* refactor(pricing-card): use property binding for bit-icon name
* docs(pricing-card): expand price cadence options in MDX
* fix(icon): update exports for icon types
* feat(billing): Use strongly typed BitwardenIcon for pricing card buttons
* refactor(pricing): Remove unused I18nService from PricingCardComponent
* fix(pricing): Improve pricing card button icon template null-safety
* fix(pricing-card): format update
Clarifies the description of the `price` property within the PricingCard component documentation.
No functional code changes are included.
* refactor: Update discount label typography in cart summary
* refactor(stories): Rename account credit translation key to premium subscription credit
* feat(pricing-card): update spacing for card without button
- Updates `InputPasswordComponent` to emit raw data instead of generating cryptographic properties (`newMasterKey`, `newServerMasterKeyHash`, `newLocalMasterKeyHash`).
- This helps us in moving away from using the deprecated `makeMasterKey()` method in the component (which takes email as salt) as we seek to eventually separate the email from the salt.
- Updates the `JIT_PROVISIONED_MP_ORG_USER` case of the switch to handle the flow when the `PM27086_UpdateAuthenticationApisForInputPassword` flag is on.
Feature Flag: `PM27086_UpdateAuthenticationApisForInputPassword`
* Migrate create and edit operations to use SDK for ciphers
* WIP: Adds admin call to edit ciphers with SDK
* Add client version to SDK intialization settings
* Remove console.log statements
* Adds originalCipherId and collectionIds to updateCipher
* Update tests for new cipehrService interfaces
* Rename SdkCipherOperations feature flag
* Add call to Admin edit SDK if flag is passed
* Add tests for SDK path
* Revert changes to .npmrc
* Remove outdated comments
* Fix feature flag name
* Fix UUID format in cipher.service.spec.ts
* Update calls to cipherService.updateWithServer and .createWithServer to new interface
* Update CLI and Desktop to use new cipherSErvice interfaces
* Fix tests for new cipherService interface change
* Bump sdk-internal and commercial-sdk-internal versions to 0.2.0-main.439
* Fix linting errors
* Fix typescript errors impacted by this chnage
* Fix caching issue on browser extension when using SDK cipher ops.
* Remove commented code
* Fix bug causing race condition due to not consuming / awaiting observable.
* Add missing 'await' to decrypt call
* Clean up unnecessary else statements and fix function naming
* Add comments for this.clearCache
* Add tests for SDK CipherView conversion functions
* Replace sdkservice with cipher-sdk.service
* Fix import issues in browser
* Fix import issues in cli
* Fix type issues
* Fix type issues
* Fix type issues
* Fix test that fails sporadically due to timing issue
* PM-13632: Enable sign in with passkeys in the browser extension
* Refactor component + Icon fix
This commit refactors the login-via-webauthn commit as per @JaredSnider-Bitwarden suggestions. It also fixes an existing issue where Icons are not displayed properly on the web vault.
Remove old one.
Rename the file
Working refactor
Removed the icon from the component
Fixed icons not showing. Changed layout to be 'embedded'
* Add tracking links
* Update app.module.ts
* Remove default Icons on load
* Remove login.module.ts
* Add env changer to the passkey component
* Remove leftover dependencies
* PRF Unlock
Cleanup and testes
* Workaround prf type missing
* Fix any type
* Undo accidental cleanup to keep PR focused
* Undo accidental cleanup to keep PR focused
* Cleaned up public interface
* Use UserId type
* Typed UserId and improved isPrfUnlockAvailable
* Rename key and use zero challenge array
* logservice
* Cleanup rpId handling
* Refactor to separate component + icon
* Moved the prf unlock service impl.
* Fix broken test
* fix tests
* Use isChromium
* Update services.module.ts
* missing , in locales
* Update desktop-lock-component.service.ts
* Fix more desktoptests
* Expect a single UnlockOption from IdTokenResponse, but multiple from sync
* Missing s
* remove catches
* Use new control flow in unlock-via-prf.component.ts
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Changed throw behaviour of unlockVaultWithPrf
* remove timeout comment
* refactired webauthm-prf-unlock.service internally
* WebAuthnPrfUnlockServiceAbstraction -> WebAuthnPrfUnlockService
* Fixed any and bad import
* Fix errors after merge
* Added missing PinServiceAbstraction
* Fixed format
* Removed @Inject()
* Fix broken tests after Inject removal
* Return userkey instead of setting it
* Used input/output signals
* removed duplicate MessageSender registration
* nit: Made import relative
* Disable onPush requirement because it would need refactoring the component
* Added feature flag (#17494)
* Fixed ById from main
* Import feature flag from file
* Add missing test providers for MasterPasswordLockComponent
Add WebAuthnPrfUnlockService and DialogService mocks to fix test failures
caused by UnlockViaPrfComponent dependencies.
---------
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Support v2 encryption for JIT Password signups
* TDE set master password split
* update sdk-internal dependency
* moved encryption v2 to InitializeJitPasswordUserService
* remove account cryptographic state legacy states from #18164
* legacy state comments
* sdk update
* unit test coverage
* consolidate do SetInitialPasswordService
* replace legacy master key with setLegacyMasterKeyFromUnlockData
* typo
* web and desktop overrides with unit tests
* early return
* compact validation
* simplify super prototype
* [PM-30906] Refactor AutoConfirmNudgeService to be Browser specific and add additional documentation detailing when this is necessary
* [PM-30906] Add README.md for custom nudge services
Migrated vault filters to new v3 vault's navigation
* Decoupled existing vault filtering from vault component by using routed params with routed-vault-filter-bridge
* Converted vault filters to standalone components
* Removed extending filter Base Components from deprecated /libs/angular library and handled logic directly
* Moved shared 'models' and 'services' directories from web-vault into /libs/vault
