Commit Graph

878 Commits

Author SHA1 Message Date
Todd Martin
c5be837b51
chore(feature-flag) [PM-22604] Remove 2FA persistence feature flag
* Removed flag.

* Fixed tests to no longer reference flag.

* Fixed test.

* Removed duplicate test class.

* Moved files into folders for yubikey and authenticator

* Removed TwoFactorAuthEmailComponentService since it is no longer needed

* Removed export

* Fixed export
2025-07-10 15:00:49 -04:00
Patrick-Pimentel-Bitwarden
1f60bcdcc0
feat(change-password): [PM-18720] (#5319) Change Password Implementation for Non Dialog Cases (#15319)
* feat(change-password-component): Change Password Update [18720] - Very close to complete.

* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Removed temp code to force the state I need to verify correctness.

* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Recover account working with change password component.

* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Made code more dry.

* fix(change-password-component): Change Password Update [18720] - Updates to routing and the extension. Extension is still a wip.

* fix(change-password-component): Change Password Update [18720] - Extension routing changes.

* feat(change-password-component): Change Password Update [18720] - More extension work

* feat(change-password-component): Change Password Update [18720] - Pausing work for now while we wait for product to hear back.

* feat(change-password-component): Change Password Update [18720] - Removed duplicated anon layouts.

* feat(change-password-component): Change Password Update [18720] - Tidied up code.

* feat(change-password-component): Change Password Update [18720] - Small fixes to the styling

* feat(change-password-component): Change Password Update [18720] - Adding more content for the routing.

* feat(change-password-component): Change Password Update [18720] - Removed circular loop for now.

* feat(change-password-component): Change Password Update [18720] - Made comments regarding the change password routing complexities with change-password and auth guard.

* feat(change-password-component): Change Password Update [18720] - Undid some changes because they will be conflicts later on.

* feat(change-password-component): Change Password Update [18720] - Small directive change.

* feat(change-password-component): Change Password Update [18720] - Small changes and added some clarification on where I'm blocked

* feat(change-password-component): Change Password Update [18720] - Org invite is seemingly working, found one bug to iron out.

* refactor(change-password-component): Change Password Update [18720] - Fixed up policy service to be made more clear.

* docs(change-password-component): Change Password Update [18720] - Updated documentation.

* refactor(change-password-component): Change Password Update [18720] - Routing changes and policy service changes.

* fix(change-password-component): Change Password Update [18720] - Wrapping up changes.

* feat(change-password-component): Change Password Update [18720] - Should be working fully

* feat(change-password-component): Change Password Update [18720] - Found a bug, working on password policy being present on login.

* feat(change-password-component): Change Password Update [18720] - Turned on auth guard on other clients for change-password route.

* feat(change-password-component): Change Password Update [18720] - Committing intermediate changes.

* feat(change-password-component): Change Password Update [18720] - The master password policy endpoint has been added! Should be working. Testing now.

* feat(change-password-component): Change Password Update [18720] - Minor fixes.

* feat(change-password-component): Change Password Update [18720] - Undid naming change.

* feat(change-password-component): Change Password Update [18720] - Removed comment.

* feat(change-password-component): Change Password Update [18720] - Removed unneeded code.

* fix(change-password-component): Change Password Update [18720] - Took org invite state out of service and made it accessible.

* fix(change-password-component): Change Password Update [18720] - Small changes.

* fix(change-password-component): Change Password Update [18720] - Split up org invite service into client specific implementations and have them injected into clients properly

* feat(change-password-component): Change Password Update [18720] - Stopping work and going to switch to a new branch to pare down some of the solutions that were made to get this over the finish line

* feat(change-password-component): Change Password Update [18720] - Started to remove functionality in the login.component and the password login strategy.

* feat(change-password-component): Change Password Update [18720] - Removed more unneded changes.

* feat(change-password-component): Change Password Update [18720] - Change password clearing state working properly.

* fix(change-password-component): Change Password Update [18720] - Added docs and moved web implementation.

* comments(change-password-component): Change Password Update [18720] - Added more notes.

* test(change-password-component): Change Password Update [18720] - Added in tests for policy service.

* comment(change-password-component): Change Password Update [18720] - Updated doc with correct ticket number.

* comment(change-password-component): Change Password Update [18720] - Fixed doc.

* test(change-password-component): Change Password Update [18720] - Fixed tests.

* test(change-password-component): Change Password Update [18720] - Fixed linting errors. Have more tests to fix.

* test(change-password-component): Change Password Update [18720] - Added back in ignore for typesafety.

* fix(change-password-component): Change Password Update [18720] - Fixed other type issues.

* test(change-password-component): Change Password Update [18720] - Fixed tests.

* test(change-password-component): Change Password Update [18720] - Fixed more tests.

* test(change-password-component): Change Password Update [18720] - Fixed tiny duplicate code.

* fix(change-password-component): Change Password Update [18720] - Fixed desktop component.

* fix(change-password-component): Change Password Update [18720] - Removed unused code

* fix(change-password-component): Change Password Update [18720] - Fixed locales.

* fix(change-password-component): Change Password Update [18720] - Removed tracing.

* fix(change-password-component): Change Password Update [18720] - Removed duplicative services module entry.

* fix(change-password-component): Change Password Update [18720] - Added comment.

* fix(change-password-component): Change Password Update [18720] - Fixed unneeded call in two factor to get user id.

* fix(change-password-component): Change Password Update [18720] - Fixed a couple of tiny things.

* fix(change-password-component): Change Password Update [18720] - Added comment for later fix.

* fix(change-password-component): Change Password Update [18720] - Fixed linting error.

* PM-18720 - AuthGuard - move call to get isChangePasswordFlagOn down after other conditions for efficiency.

* PM-18720 - PasswordLoginStrategy tests - test new feature flagged combine org invite policies logic for weak password evaluation.

* PM-18720 - CLI - fix dep issue

* PM-18720 - ChangePasswordComp - extract change password warning up out of input password component

* PM-18720 - InputPassword - remove unused dependency.

* PM-18720 - ChangePasswordComp - add callout dep

* PM-18720 - Revert all anon-layout changes

* PM-18720 - Anon Layout - finish reverting changes.

* PM-18720 - WIP move of change password out of libs/auth

* PM-18720 - Clean up remaining imports from moving change password out of libs/auth

* PM-18720 - Add change-password barrel file for better import grouping

* PM-18720 - Change Password comp - restore maxWidth

* PM-18720 - After merge, fix errors

* PM-18720 - Desktop - fix api service import

* PM-18720 - NDV - fix routing.

* PM-18720 - Change Password Comp - add logout service todo

* PM-18720 - PasswordSettings - per feedback, component is already feature flagged behind PM16117_ChangeExistingPasswordRefactor so we can just delete the replaced callout (new text is in change-password comp)

* PM-18720 - Routing Modules - properly flag new component behind feature flag.

* PM-18720 - SSO Login Strategy - fix config service import since it is now in shared deps from main merge.

* PM-18720 - Fix SSO login strategy tests

* PM-18720 - Default Policy Service - address AC PR feedback

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2025-07-10 09:08:25 -04:00
Jordan Aasen
9f1531a1b2
[PM-22375] - [Vault] [Clients] Sort My Items collection to the top of Vault collection filters (#15332)
* WIP - default collection sorting

* apply filtering to popup list filters service.

* add tests. add feature flag checks

* finalize my items collection filters

* fix type error

* re-add service

* re-add comment

* remove unused code

* fix sorting logic

* shorten variable name to fit one line

* fix error

* fix more errors

* abstract logic to vault filter service

* fix test

* export sort as function instead of adding to class

* fix more tests

* add collator arg

* remove ts-ignore. fix type errors

* remove optional param

* fix vault filter service
2025-07-09 09:37:38 -06:00
Jared Snider
b9f930a609
fix(tde-offboarding): Auth/PM-19165 - Handle TDE offboarding on an untrusted device with warning message (#15430)
When a user logs in via SSO after their org has offboarded from TDE, we now show them a helpful error message stating that they must either login on a Trusted device, or ask their admin to assign them a password.

Feature flag: `PM16117_SetInitialPasswordRefactor`
2025-07-08 09:58:03 -07:00
Todd Martin
d1c6b334b1
feat(DuckDuckGo): [PM-9388] Add new device type for DuckDuckGo browser
* Add new device type for DuckDuckGo browser

* Added feature support property for sync domains

* Added new features

* Added isDuckDuckGo() to CLI

* Addressed PR feedback.

* Renamed new property

* Fixed rename that missed CLI.
2025-07-03 11:27:28 -04:00
rr-bw
cc65f5efc6
feat(set-initial-password): [Auth/PM-18784] SetInitialPasswordComponent Handle TDE Offboarding (#14861)
This PR makes it so that `SetInitialPasswordComponent` handles the TDE offboarding flow where an org user now needs to set an initial master password.

Feature flag: `PM16117_SetInitialPasswordRefactor`
2025-07-02 07:23:45 -07:00
rr-bw
5639668d3f
feat:(set-initial-password): [Auth/PM-18457] Create SetInitialPasswordComponent (#14186)
Creates a `SetInitialPasswordComponent` to be used in scenarios where an existing and authed user must set an initial password.

Feature Flag: `PM16117_SetInitialPasswordRefactor`
2025-06-30 12:39:53 -07:00
SmithThe4th
62981a1bec
Migrate vault filter service from active user state to single user state (#15089) 2025-06-30 13:02:18 -04:00
rr-bw
031c9bc947
fix(auth-guard): [PM-22822] remove SsoNewJitProvisionedUser case (#15376)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
2025-06-27 15:24:12 -07:00
rr-bw
7500fe32bb
fix(auth-guard): [PM-22822] fix infinite redirect loop (#15371) 2025-06-27 11:19:13 -07:00
Jordan Aasen
62750a06ec
[PM-36] - [Tech Debt] Move SearchService to libs/common/vault (#15251)
* wip - migrate search service to vault

* fix import
2025-06-27 08:16:59 -07:00
Ike
7c9e95271d
[PM -20329] browser auth approval client api service (#15161)
* feat: Create methods for calling GET auth-request/pending endpoint.

* feat: update banner service on web, and desktop vault

* test: updated banner test to use auth request services

* fix: DI fixes

* feat: add RequestDeviceId to AuthRequestResponse

* fix: add Browser Approvals feature flags to desktop vault and web vault banner service

* test: fix tests for feature flag
2025-06-26 11:13:06 -04:00
rr-bw
cf6b087491
docs(password-management): [PM-18573] Document Master Password Management Flows (#15248)
Adds documentation for our set/change password flows (master password management flows)
2025-06-25 09:32:47 -07:00
Brandon Treston
1c237a3753
[PM-20633] rename personal ownership (#15228)
* sensible renames

* renames

* clean up comments
2025-06-24 09:31:40 -04:00
rr-bw
5bd4d1691e
refactor(auth-guard): [PM-22822] Update AuthGuard to explicitly handle each forceSetPasswordReason (#15252)
Update the `authGuard` to explicitly handle each `ForceSetPasswordReason`
2025-06-23 11:45:27 -07:00
SmithThe4th
e291e2df0a
[PM-21451] [Vault] [CLI] Changes to Enforce "Remove card item type policy" (#15187)
* Created new service to get restricted types for the CLI

* Created service for cli to get restricted types

* Utilized restriction service in commands

* Renamed function

* Refactored service and made it simpler to check when a cipher type is restricted or not

* Moved service to common so it can be utilized on the cli

* Refactored service to use restricted type service

* Removed userId passing from commands

* Exclude restrict types from export

* Added missing dependency

* Added missing dependency

* Added missing dependency

* Added service utils commit from desktop PR

* refactored to use reusable function

* updated reference

* updated reference

* Fixed merge conflicts

* Refactired services to use isCipherRestricted

* Refactored restricted item types service

* Updated services to use the reafctored item types service
2025-06-23 09:04:56 -07:00
Jordan Aasen
3b830faf09
fix logic for restrictedTypeFilter (#15253) 2025-06-18 16:08:13 -07:00
Jordan Aasen
5fa153e743
[PM-20643] - [Vault] [Desktop] Front End Changes to Enforce "Remove card item type policy" (#15176)
* add restricted item types to legacy vault components

* filter out restricted item types from new menu item in desktop

* use CIPHER_MENU_ITEMS

* use CIPHER_MENU_ITEMS. move restricted cipher service to common

* use move restricted item types service to libs. re-use cipher menu items

* add shareReplay. change variable name

* move restricted filter to search service. remove unecessary import

* add reusable service method

* clean up spec

* add optional chain

* remove duplicate import

* move isCipherViewRestricted to service module

* fix logic

* fix logic

* remove extra space

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2025-06-18 12:13:38 -07:00
rr-bw
9e76448188
docs(redirect-guard): [BEEEP] Document redirectGuard (#15196) 2025-06-18 10:12:21 -07:00
Jason Ng
71bc68444d
[PM-22419] dismiss account nudge when biometric unlock is set (#15139)
* update account-security-nudge service to look at biomentricUnlockEnabled$ observable, add success toast for biometric unlock
2025-06-17 14:47:10 -04:00
Vicki League
df4aae2fb2
[CL-700] Move auth-owned layout components to UIF ownership (#15093) 2025-06-17 13:33:01 -04:00
Jason Ng
8505686006
[PM-22520] Settings Berry will account for Autofill Badge (#15170) 2025-06-16 09:56:39 -04:00
Jared Snider
bfb0b874ed
fix(Multi-Account-Logout: [Auth/PM-19555] Fix multi account logout on lock screens not redirecting properly (#14630)
* PM-19555 - LogoutService - build abstraction, default, and extension service and register with service modules

* PM-19555 - Lock Comp - use logoutService

* PM-19555 - LoginDecryptionOptions - Use logout service which removed need for extension-login-decryption-options.service

* PM-19555 - AccountSwitcher logic update - (1) Use logout service + redirect guard routing (2) Remove logout method from account switcher service (3) use new NewActiveUser type

* PM-19555 - Extension - Acct Switcher comp - clean up TODOs

* PM-19555 - Add TODOs for remaining tech debt

* PM-19555 - Add tests for new logout services.

* PM-19555 - Extension - LoginInitiated - show acct switcher b/c user is AuthN

* PM-19555 - Add TODO to replace LogoutCallback with LogoutService

* PM-19555 WIP

* PM-19555 - Extension App Comp - account switching to account in TDE locked state works now.

* PM-19555 - Extension App Comp - add docs

* PM-19555 - Extension App Comp - add early return

* PM-19555 - Desktop App Comp - add handling for TDE lock case to switch account logic.

* PM-19555 - Extension - Account Component - if account unlocked go to vault

* PM-19555 - Per PR feedback, clean up unnecessary nullish coalescing operator.

* PM-19555 - Extension - AppComponent - fix everHadUserKey merge issue

* PM-19555 - PR feedback - refactor switchAccount and locked message handling on browser & desktop to require user id. I audited all callsites for both to ensure this *shouldn't* error.
2025-06-13 13:22:04 -04:00
Rui Tomé
b5bddd0b06
[PM-17154] Limit item deletion feature flag removal (#15094)
* Refactor components to remove limitItemDeletion feature flag usage

This commit simplifies the logic in various components by removing the limitItemDeletion feature flag. The conditions for displaying restore and delete actions are now based solely on the cipher's permissions, enhancing code clarity and maintainability.

* Refactor cipher deletion logic to remove the feature flag and collection ID dependency

This commit updates the cipher deletion logic across multiple components and services by removing the unnecessary dependency on collection IDs. The `canDeleteCipher$` method now solely relies on the cipher's permissions, simplifying the code and improving maintainability.

* Remove LimitItemDeletion feature flag from feature-flag enum and default values

* Remove configService from ServiceContainer and MainBackground constructor parameters

* Remove configService from RestoreCommand instantiation in OssServeConfigurator and VaultProgram classes
2025-06-10 09:57:34 +01:00
Justin Baur
b1f090e054
Add lang attr on desktop and browser (#14691) 2025-06-09 06:54:00 -04:00
Jason Ng
fdd4d4b9fe
[PM-22270] Only Show Generator Nudge For New Accounts (#15059)
* create new account nudge service to replace repeat nudge services checking for 30 day limit
2025-06-06 09:53:08 -04:00
Nick Krantz
92f3630fed
rework logic for empty vault nudge (#15013) 2025-06-05 09:18:43 -05:00
Nick Krantz
729d5d3134
[PM-21546] Migrate from enum to constant object (#14975)
* add generic `union-of-values` helper

* migrate `GeneratorDialogAction` to a constant

* migrate `VaultState` to a constant

* migrate `AtRiskCarouselDialogResult` to a constant

* migrate `CredentialGeneratorDialogAction` to a constant

* migrate `FolderAddEditDialogResult` to a constant

* migrate `ViewCipherDialogResult` to a constant

* migrate `VisibleVaultBanner` to a constant

* migrate `VaultFilterLabel` to a constant

* migrate `WebVaultGeneratorDialogResult` to a constant

* migrate `BulkDeleteDialogResult` to a constant

* migrate `BulkMoveDialogResult` to a constant

* migrate `AddEditCipherDialogResult` to a constant

* migrate `VaultItemDialogResult` to a constant

* migrate `BrowserPromptState` to a constant

* migrate `NudgeType` to a constant

* migrate `SecurityTaskStatus` to a constant

* migrate `CipherRepromptType` to a constant

* migrate `SecureNoteType` to a constant

* migrate `FieldType` to a constant

* migrate `LinkedIdType` to a constant

* migrate `CollectionAssignmentResult` to a constant

* migrate `AddEditFolderDialogResult` to a constant

* migrate `AttachmentDialogResult` to a constant

* fix CipherType in delete organization dialog

* fix `in` statement in VaultFilter

* Fix build errors across enum updates

* fix two more CipherType castings

* update CipherResponse `CipherType`

* define type for `fieldType` parameter

* refine how `cipherTypeNames` is generated and add utility function for grabbing cipher type name

* use `CipherType` rather than `number`

* add stricter typing for `FieldType`

* add fixme for `CipherType` to be ADR-0025 compliant

* remove error throw for `toCipherTypeName` and instead update typing to have `| undefined`

* add helpers for CipherType conversions

* prefer `undefined`
2025-06-05 08:45:52 -05:00
Oscar Hinton
e8e2181252
Migrate remaining components to standalone in libs/components (#15053)
Migrates the remaining non standalone components from libs/components. Also resolved some linting ignores and applying strict typescript.
2025-06-05 09:52:53 +02:00
Oscar Hinton
8f74eaea1c
Remove standalone true from auth (#15035)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-04 09:22:37 -04:00
Nick Krantz
1bd77fec7a
account for deleted ciphers for empty vault nudge (#15014) 2025-06-04 08:09:14 -05:00
Nick Krantz
65f4ff6909
[PM-21791] Nudge UI Bug Fixes (#15010)
* remove margin bottom from empty vault nudge

* update page title to vault options

* show badge on import of vault settings

* add margin between no items title and icon

* add mock to test

* add comment for destroying vault settings page

* fix logic for manage/create collection

* account for deleted ciphers when showing the import nudge

* refactor name of vault import nudge
2025-06-04 08:07:44 -05:00
SmithThe4th
2e66addd6a
[PM-19632] Remove security task flag - step 1 (#14904)
* Step 1- remove business logic

* removed dependency

* removed leftover flags
2025-06-03 12:20:29 -04:00
Nick Krantz
24ae013f71
[PM-22269] Generator/Send Nudge Updates (#15049)
* remove margin from the bottom of paragraph tag in generator spotlight

* update aria-label text to match translation key

* Remove `SendNudgeStatus` nudge type

* update web send page to use new title and description

* update old no sends title and description

* hide internal contents on generator nudge

* remove NudgeService from send-v2 test
2025-06-03 14:04:29 +00:00
Oscar Hinton
95856bf3cf
[CL-714] Remove standalone true from tools (#15039)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-03 09:55:58 +02:00
Bernd Schoolmann
23ec6bacc9
[PM-20225] Prevent legacy users without userkey from logging in (#14267)
* Prevent legacy users without userkey from logging in

* Remove further web-migration code for legacy users

* Add i18n for legacy user error message

* Update comment

* Remove migrate legacy component

* Remove i18n messages

* Remove migrate legacy encryption reference
2025-06-02 23:56:29 +02:00
Addison Beck
26caeb3083
Implement and extend tsconfig.base across projects (#14554)
* Implement and extend tsconfig.base across projects

* fixup! Merge remote-tracking branch 'origin/main' into rename-tsconfig

* fix: import tsconfig.base from components

* fix: skip typechecking node modules

* fixing tests

* fix the tests for real

* undo accidentally change
2025-06-02 20:38:17 +00:00
Oscar Hinton
f3ff1e98ec
Remove standalone true from vault (#15040)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-02 13:22:57 -07:00
Oscar Hinton
26fb7effd3
Remove standalone true from platform and UIF (#15032)
Remove standalone: true from every instance since it's the default as of Angular 19.
2025-06-02 20:03:04 +02:00
Oscar Hinton
2fbc4c1578
[CL-525] Upgrade angular to v19 (#14815)
Upgrade Angular to v19 using the update guide.

- Add `standalone: false` to any missed component in stories or tests.
- Update jest.config to follow the new best practices.
2025-06-02 13:13:31 -04:00
Todd Martin
721657a5c3
Update syntax for Github. (#14845) 2025-05-30 15:31:44 -04:00
Matt Gibson
9f9cb0d13d
Add-userid-to-encryption-methods (#14844)
* Get userId from response if available

This is a small improvement for the Auth team which avoids inspection of the access token, sometimes.

* Initialize sdk clients with a userId

* return both Cipher and encryptedFor when encrypting a cipher

Update cipher api requests to include encryptedFor attribute

* Prefer named types with documentation

* Update sdk to latest

* Fixup types

* Fixup tests

* Revert getting userId from identity token response

---------

Co-authored-by: Shane <smelton@bitwarden.com>
2025-05-30 10:50:54 -07:00
Thomas Avery
895d54fd5e
[PM-21443] Require userId for KeyService's everHadUserKey$ (#14712)
* Require userId for KeyService's everHadUserKey$

* handle null active user in tdeDecryptionRequiredGuard
2025-05-30 11:40:55 -05:00
Addison Beck
56a3b14583
Introduce eslint errors for risky/circular imports (#14804)
* first draft at an idea dependency graph

* ignore existing errors

* remove conflicting rule regarding internal platform logic in libs

* review: allow components to import from platform
2025-05-23 08:01:25 -04:00
Jordan Aasen
57911f210b
[PM-21896] - prevent double reprompt for copy password in desktop cipher form (#14883)
* prevent double reprompt for copy password in desktop cipher form

* adjust name

* fix input name
2025-05-22 10:20:33 -07:00
Jason Ng
fd10a26df9
[PM-18804] generator nudges (#14705)
* added generator spotlight to credential generator component

* moved generator spotlight to browser component and add as slot in libs. update copy for send

* added an aria label for the generator nudge body content

* new copy and styles for browser send will be behind feature flag

* update featureflag call to observable in send-v2

* changed how nudge text is made in credential generator

* added new observable to vault nudges to return specific boolean. Update naming of vault types. update observable calls in credential-generator and send-v2

* update send-v2 and credential generator to use new renamed nudges

* update to create nudge generator spotlight component. using this inside the credential generator for nudge spotlight

* fix imports for Nudge related code

* add libs/angular to storybook

---------

Co-authored-by: Nick Krantz <nick@livefront.com>
2025-05-21 12:46:02 -05:00
Nick Krantz
1c4d851046
[PM-21005] Clear Add/Edit form cache when browser loses focus (#14634) 2025-05-21 08:00:49 -05:00
Jordan Aasen
7641dab0f0
[PM-18801] - account security nudge (#14771)
* account security nudge

* fix messages.json

* fix tests

* fix logic for account security item

* fix tests

* adjust account security nudge work to updated nudge service

* fix account security nudge

* remove unused code. do not show account security badge

* include ff and safari in link html

* fix import

* Revert "include ff and safari in link html"

This reverts commit cd12a36274.
2025-05-20 12:19:34 -07:00
Nick Krantz
83c4438efe
Refactor: Move NudgesService to libs/angular/vault (#14843)
* move NudgesService to libs/angular/vault to avoid circular dependencies

* remove fix for spotlight component in storybook
2025-05-19 15:21:14 -05:00
Alec Rippberger
72cfc0bca1
fix(environment-urls): [PM-19890] [Defect][Extension] Environment URLs are removed (#14821)
* Return early to avoid setEnvironment

* Remove ts-strict-ignore and update typing
2025-05-19 15:14:12 -04:00
Maciej Zieniuk
e73f902aee
[PM-18576] Fix missing user id on remove password (#13777)
* Passed in userId on RemovePasswordComponent.

* Added userId on other references to KeyConnectorService methods

* remove password component refactor, test coverage, enabled strict

* explicit user id provided to key connector service

* redirect to / instead when user not logged in or not managing organization

* key connector service explicit user id

* key connector service no longer requires account service

* key connector service missing null type

* cli convert to key connector unit tests

* remove unnecessary SyncService

* error toast not showing on ErrorResponse

* bad import due to merge conflict

* bad import due to merge conflict

* missing loading in remove password component for browser extension

* error handling in remove password component

* organization observable race condition in key-connector

* usesKeyConnector always returns boolean

* unit test coverage

* key connector reactive

* reactive key connector service

* introducing convertAccountRequired$

* cli build fix

* moving message sending side effect to sync

* key connector service unit tests

* fix unit tests

* unit tests in wrong place after KM code ownership move

* infinite page reload

* failing unit tests

* failing unit tests

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2025-05-19 08:51:46 +02:00
Todd Martin
2bde090b37
chore(view-cache): Rename view-cache docs to README to allow Github rendering
* Renamed documentation file

* Updated documentation link.
2025-05-16 15:52:51 -04:00
Alex Morask
d2cce5b997
Fix input errors on provider setup (#14799) 2025-05-16 14:47:42 -04:00
rr-bw
afbddeaf86
refactor(set-change-password): [Auth/PM-18458] Create new ChangePasswordComponent (#14226)
This PR creates a new ChangePasswordComponent. The first use-case of the ChangePasswordComponent is to place it inside a new PasswordSettingsComponent, which is accessed by going to Account Settings > Security.

The ChangePasswordComponent will be updated in future PRs to handle more change password scenarios.

Feature Flags: PM16117_ChangeExistingPasswordRefactor
2025-05-16 10:41:46 -07:00
Oscar Hinton
ac49e594c1
Add standalone false to all non migrated (#14797)
Adds standalone: false to all components since Angular is changing the default to true and we'd rather not have the angular PR change 300+ files.
2025-05-15 10:44:07 -04:00
SmithThe4th
ad3121f535
[PM-12423] Migrate Cipher Decryption to Use SDK (#14206)
* Created mappings for client domain object to SDK

* Add abstract decrypt observable

* Added todo for future consideration

* Added implementation to cipher service

* Added adapter and unit tests

* Created cipher encryption abstraction and service

* Register cipher encryption service

* Added tests for the cipher encryption service

* changed signature

* Updated feature flag name

* added new function to be used for decrypting ciphers

* Added new encryptedKey field

* added new function to be used for decrypting ciphers

* Manually set fields

* Added encrypted key in attachment view

* Fixed test

* Updated references to use decrypt with feature flag

* Added dependency

* updated package.json

* lint fix

* fixed tests

* Fixed small mapping issues

* Fixed test

* Added function to decrypt fido2 key value

* Added function to decrypt fido2 key value and updated test

* updated to use sdk function without prociding the key

* updated localdata sdk type change

* decrypt attachment content using sdk

* Fixed dependency issues

* updated package.json

* Refactored service to handle getting decrypted buffer using the legacy and sdk implementations

* updated services and component to use refactored version

* Updated decryptCiphersWithSdk to use decryptManyLegacy for batch decryption, ensuring the SDK is only called once per batch

* Fixed merge conflicts

* Fixed merge conflicts

* Fixed merge conflicts

* Fixed lint issues

* Moved getDecryptedAttachmentBuffer to cipher service

* Moved getDecryptedAttachmentBuffer to cipher service

* ensure CipherView properties are null instead of undefined

* Fixed test

* ensure AttachmentView properties are null instead of undefined

* Linked ticket in comment

* removed unused orgKey
2025-05-14 07:30:01 -07:00
cyprain-okeke
5fb46df341
[PM 21106]Remove button not responsive for admin Console Remove Sponorship (#14743)
* Resolve the remove button inactive

* Resolve the lint error
2025-05-13 16:49:06 +01:00
Patrick-Pimentel-Bitwarden
0b0397c3f0
fix(enums-eslint): Enum Rule for ESLint (#14650)
* fix(enums-eslint): Enum Rule for ESLint - Added enums in the warnings for eslint.

* fix(enums-eslint): Enum Rule for ESLint - Updated to error in both places for enums.

* fix(enums-eslint): Enum Rule for ESLint - Added new eslint plugin for warning on enums.

* fix(enums-eslint): Enum Rule for ESLint - Changed based on suggestion.

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* refactor(browser-platform-utils): Remove Deprecation and Fix Code - Changed usages of firefox to private and moved the usages to the preferred public method and removed the deprecations.

* fix(enums-eslint): Enum Rule for ESLint - Updated to error and added disable rules for all other places.

* fix(enums-eslint): Enum Rule for ESLint - Undid other changes by accident
2025-05-13 10:07:38 -04:00
Todd Martin
eed18c9294
chore(view-cache): [PM-21154] Move view-cache its own feature package and adjust imports
* Moved view-cache services to directory

* Fixed DI for browser extension.

* Fixed tests.
2025-05-12 14:26:52 -04:00
Bryan Cunningham
4d15f2d43c
[PM-16057] use Roboto as primary font (#14553)
* swap to using roboto variable font
2025-05-12 09:00:01 -04:00
Justin Baur
1b756df749
[PM-14484] ApiService showing html in error message (#14658)
* Make ApiService more testable

* Add ApiService tests

* Switch to only reading text/plain content
2025-05-09 20:21:25 -04:00
Todd Martin
4191bb9533
chore(captcha): [PM-15162] Remove handling of captcha enforcement and bypass token
* Removed captcha references.

* Removed connectors from webpack

* Fixed extra parameter.

* Resolve merge conflicts.

* Fixed extra argument.

* Fixed failing tests.

* Fixed failing test.

* Accessibility cookie cleanup

* Cleaned up accessibility component.

* Deleted old registration endpoint

* Remove unused register request object.

* Fixed merge error that changed font family.

* Fixed formatting from merge.

* Linting
2025-05-09 10:44:11 -04:00
Alec Rippberger
3030eb7552
[PM-19212] Consolidate password set routing to AuthGuard using ForceSetPasswordReason (#14356)
* Consolidates component routing, removing routing to update-temp-password from components. All routing to update-temp-password should happen in the AuthGuard now.

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2025-05-08 11:24:52 -05:00
Vicki League
8ecb32f30f
[CL-333] Icon Refresh Feature Branch (#14298)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
* [CL-571] Update icons to new fileset and metaphors (#14163)

* [CL-518] Convert icons docs to stories (#14299)

* [CL-574] Update inline autofill icons (#14379)

---------

Co-authored-by: William Martin <contact@willmartian.com>
2025-05-07 17:07:14 -04:00
Todd Martin
74b6bb15e8
Delete old SSO component. (#14604) 2025-05-07 13:22:57 -04:00
Bernd Schoolmann
744c1b1b49
[PM-21001] Move vault code to new encrypt service interface (#14546)
* Move vault code to new encrypt service interface

* Fix tests
2025-05-06 21:24:53 +00:00
Nick Krantz
46df5279a3
[PM-18485] Remove new device verification guard (#14417)
* remove NewDeviceVerificationGuard and all associated entities. New Device verification feature has rolled out in production, this guard is no longer needed.

* remove unused properties from the vault profile service
2025-05-06 13:08:30 -05:00
Brandon Treston
fd43222938
[PM-19383] admins unable to download attachments (#14363)
* add admin support for downloading attachments

* fix delete and upload

* fix delete admin to return a response

* fix upload

* add missing param

* use getCipherAdmin

* fix cli
2025-05-05 13:36:49 -04:00
Matt Gibson
013a34e042
[PM-17440] Use SDK for decryption (#14277)
* Improve dev logging

* Define decrypt with sdk flag

* Use SDK's pure crypto functions for decryption

feature flagged by `use-sdk-for-decryption`

* Avoid pushing decryption requests to web workers for SDK

web workers are able to use the SDK, but they require the SDK module to be initialized. If this is eventually seen as desired, we'll need client-specific worker scripts.

* Apply suggestions from code review

Co-authored-by: Bernd Schoolmann <mail@quexten.com>

* fixup! Apply suggestions from code review

* fixup: Update feature flag state in config callbacks

* Apply suggestions from code review

Co-authored-by: Bernd Schoolmann <mail@quexten.com>

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
2025-05-05 12:19:52 -04:00
cyprain-okeke
a7d04dc212
[PM-17775] Allow admin to send f4 e sponsorship (#14390)
* Added nav item for f4e in org admin console

* shotgun surgery for adding "useAdminSponsoredFamilies" feature from the org table

* Resolved issue with members nav item also being selected when f4e is selected

* Separated out billing's logic from the org layout component

* Removed unused observable

* Moved logic to existing f4e policy service and added unit tests

* Resolved script typescript error

* Resolved goofy switchMap

* Add changes for the issue orgs

* Added changes for the dialog

* Rename the files properly

* Remove the commented code

* Change the implement to align with design

* Add todo comments

* Remove the comment todo

* Fix the uni test error

* Resolve the unit test

* Resolve the unit test issue

* Resolve the pr comments on any and route

* remove the any

* remove the generic validator

* Resolve the unit test

* add validations for email

* Add changes for the autoscale

* Changes to allow admin to send F4E sponsorship

* Fix the lint errors

* Resolve the lint errors

* Fix the revokeAccount message

* Fix the lint runtime error

* Resolve the lint issues

* Remove unused components

* Changes to add isadminInitiated

* remove the FIXME comment

* Resolve the failing test

* Fix the pr comments

* Resolve the orgkey and other comments

* Resolve the lint error

* Resolve the lint error

* resolve the spelling error

* refactor the getStatus method

* Remove the deprecated method

* Resolve the unusual type casting

* revert the change

---------

Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
2025-05-01 16:36:00 +01:00
Thomas Avery
d43e4757df
[PM-7604] Require target UserID for KdfConfigService (#14380)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
* Require userId for KdfConfigService

* Update auth team callers

* Update tools team callers
2025-04-29 17:25:27 -05:00
Jordan Aasen
b589951c90
[PM-18520] - Update desktop cipher forms to use the same UI as web app and extension - (#13992)
* WIP - cipher form refactor

* cipher clone

* cipher clone

* finalize item view and form changes

* fix tests

* hide changes behind feature flag

* set flag to false

* create vault items v2. add button selector

* revert change to flag and vault items

* add attachments

* revert change to tsconfig

* move module

* fix modules

* cleanup

* fix import

* fix import

* fix import

* remove showForm

* update feature flag

* wip - cleanup

* fix up services

* cleanup

* fix type errors

* fix lint errors

* add dialog component

* revert changes to menu

* revert changes to menu

* fix vault-items-v2

* set feature flag to FALSE

* add missing i18n keys. fix collection state

* remove generator. update modules. bug fix

* fix restricted imports

* mark method as deprecated. add uri arg back

* fix shared.module

* fix shared.module

* fix shared.module

* add uri

* check and prompt for premium when opening attachments dialog

* move VaultItemDialogResult back

* fix import in spec file

* update copy functions

* fix MP reprompt issue
2025-04-23 11:13:44 -07:00
Bernd Schoolmann
e231286f37
[PM-19731] Refactor encrypt service to expose key wrapping (#14080)
* Refactor encrypt service to expose key wrapping

* Fix build

* Undo ts strict removal

* Fix wrong method being used to encrypt key material

* Rename parameters and remove todo

* Add summary to encrypt

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for unhappy paths

* Add test coverage

* Add links

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-04-22 13:56:39 +00:00
Shane Melton
d6bda3bcdf
[PM-20433] Add view cache options for view cache service signals to allow cached values to persist navigation events (#14348)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
2025-04-21 13:26:59 -07:00
Shane Melton
143473927e
[PM-10611] End user notification sync (#14116)
* [PM-10611] Remove Angular dependencies from Notifications module

* [PM-10611] Move end user notification service to /libs/common/vault/notifications

* [PM-10611] Implement listenForEndUserNotifications() for EndUserNotificationService

* [PM-10611] Add missing taskId to notification models

* [PM-10611] Add switch cases for end user notification payloads

* [PM-10611] Mark task related notifications as read when visiting the at-risk password page

* [PM-10611] Revert change to default-notifications service

* [PM-10611] Fix test

* [PM-10611] Fix tests and log warning in case more notifications than the default page size are available

* [PM-10611] Use separate feature flag for end user notifications

* [PM-10611] Fix test
2025-04-21 08:57:57 -07:00
Maciej Zieniuk
4da03821ce
move key connector components to KM team ownership (#14008) 2025-04-18 08:23:52 -07:00
Jonas Hendrickx
e026799071
[PM-13128] Enable Breadcrumb Policies (#13584)
* [PM-13128] Enable Breadcrumb Policies

* [PM-13128] Enable Breadcrumb Policies

* [PM-13128] wip

* [PM-13128] wip

* [PM-13128] wip

* [PM-13128] wip

* remove dead code

* wip

* wip

* wip

* refactor

* Fix for providers

* revert to functional auth guard

* change prerequisite to info variant

* address comment

* r

* r

* r

* tests

* r

* r

* fix tests

* feedback

* fix tests

* fix tests

* Rename upselling to breadcrumbing

* Address feedback

* Fix build & tests

* Make the guard callback use Observable instead of a promise

* Pm 13128 suggestions (#14041)

* Rename new enum value

* Show the upgrade button when breadcrumbing is enabled

* Show mouse pointer when cursor is hovered above badge

* Do not make the dialogs overlap

* Align badge middle

* Gap

* Badge should be a `button` instead of `span`

* missing button@type

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Alex Morask <amorask@bitwarden.com>
2025-04-18 09:57:27 -04:00
Shane Melton
8258ea39b0
[PM-18903] Desktop sync issues (#13681)
* [PM-18707] Use different BroadcasterSubscriptionId in base view component to avoid collision with desktop view component

* [PM-18707] Use userId instead of payloadUserId for cipher notification syncs

* [PM-19032] Live Sync on Desktop (#13851)

* migrate the vault-items to an observables rather than async/promises

- this helps keep data in sync with the service state and avoids race conditions

* migrate the view component to an observables rather than async/promises

- this helps keep data in sync with the service state and avoids race conditions

* decrypt saved cipher from server

* bump timeout for upserting ciphers

* mark `go` as async in desktop vault

- previously it was a floating promise

* Revert "mark `go` as async in desktop vault"

This reverts commit fd28f40b18.

* Revert "bump timeout for upserting ciphers"

This reverts commit e963acc377.

* move vault utilities to `common` rather than `lib` to avoid circular dependencies

* use `perUserCache$` for `cipherViews$` to avoid new subscriptions from being created

* use userId from observable rather than locally set to be the most up to date

* [PM-18707] Add clearBuffer$ input to perUserCache$ helper so that  the internal share replay buffers can be cleared

* [PM-18707] Rework forceCipherViews$ to clearBuffer$ refactor

- Add dependency for cipherDecryptionKeys$ for the cipherViews so that decryption is never attempted without keys

* [PM-18707] Add overload to perUserCache to satisfy type checker

* [PM-18707] Fix overloads

* [PM-18707] Add check for empty failed to decrypt ciphers

* [PM-18707] Mark vault component for check after observable emits.

The cipherViews$ observable now persists between subscriptions, meaning that updates via the sync push notifications can occur outside the AngularZone causing delays in updating the view.

---------

Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
Co-authored-by: Nick Krantz <nick@livefront.com>
2025-04-15 12:17:41 -07:00
Bernd Schoolmann
b09305577f
[PM-19603] Change asymmetric interface to only allow key encapsulation (#14046)
* Change asymmetric interface to only allow key encapsulation

* Fix naming

* Clean up naming

* Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Fix test

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-04-15 16:39:02 +02:00
Todd Martin
f7934b98c6
fix(login): [PM-11502] Support Remember Email option consistently
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
* Moved saving of SSO email outside of browser/desktop code

* Clarified comments.

* Tests

* Refactored login component services to manage state

* Fixed input on login component

* Fixed tests

* Linting

* Moved web setting in state into web override

* updated tests

* Fixed typing.

* Fixed type safety issues.

* Added comments and renamed for clarity.

* Removed method parameters that weren't used

* Added clarifying comments

* Added more comments.

* Removed test that is not necessary on base

* Test cleanup

* More comments.

* Linting

* Fixed test.

* Fixed base URL

* Fixed typechecking.

* Type checking

* Moved setting of email state to default service

* Added comments.

* Consolidated SSO URL formatting

* Updated comment

* Fixed reference.

* Fixed missing parameter.

* Initialized service.

* Added comments

* Added initialization of new service

* Made email optional due to CLI.

* Fixed comment on handleSsoClick.

* Added SSO email persistence to v1 component.

* Updated login email service.

* Updated setting of remember me

* Removed unnecessary input checking and rearranged functions

* Fixed name

* Added handling of Remember Email to old component for passkey click

* Updated v1 component to persist the email on Continue click

* Fix merge conflicts.

* Merge conflicts in login component.

* Persisted login email on v1 browser component.

* Merge conflicts

* fix(snap) [PM-17464][PM-17463][PM-15587] Allow Snap to use custom callback protocol

* Removed Snap from custom protocol workaround

* Fixed tests.

* Updated case numbers on test

* Resolved PR feedback.

* PM-11502 - LoginEmailSvcAbstraction - mark methods as abstract to satisfy strict ts.

* Removed test

* Changed to persist on leaving fields instead of button click.

* Fixed type checking.

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2025-04-10 18:58:49 -04:00
Bernd Schoolmann
5a1b0744f0
[PM-17665] Move cryptofunction service to km (#13285)
* Move cryptofunction service to km

* Fix formatting

* Fix import

* Fix build on desktop

* Fix build on browser and tests
2025-04-10 11:09:35 +02:00
rr-bw
a4040b6b6b
refactor(set-change-password): [Auth/PM-17649] Move CompareInputs Validator (#14173)
This PR
- Moves the `compareInputs` validator to `libs/auth` (with some minor updates to the validator)
- Adds unit tests for `compareInputs`
- Removes the deprecated input validators from `InputsFieldMatch` along with the `inputs-field-match.validator.ts` file
2025-04-08 12:42:41 -07:00
rr-bw
81350a2ee1
Revert "refactor(set-change-password): [Auth/PM-17649] Move and test compareI…" (#14171)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
This reverts commit ecb4b2d0b7.
2025-04-07 18:34:35 -07:00
rr-bw
ecb4b2d0b7
refactor(set-change-password): [Auth/PM-17649] Move and test compareInputs validator (#13553)
- Move the `compareInputs` validator to `libs/auth`
- Add tests for the `compareInputs` validator
- Delete the deprecated `InputsFieldMatch` class (inputs-field-match.validator.ts)
2025-04-07 15:04:24 -07:00
Kyle Spearrin
254cad29b3
[PM-8951] set pin validation to min length of 4 (#13312)
* set pin validation to min length of 4

* use reactive forms

* PM-8951 - SetPin - remove dialog close logic if pin is invalid so validation errors can be shown to the user.

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2025-04-07 10:39:26 -04:00
Shane Melton
a7fe4877d7
[PM-17563] Security task background synchronization (#14086)
* [PM-17563] Implement listenForTaskNotifications in default-task.service.ts

* [PM-17563] Update syncService to include userId in syncCompleted message payload

* [PM-17563] Update default-task.service to react to both pending task notifications and completed syncs

* [PM-17563] Add unit tests around task notification listening

* [PM-17563] Only check for at risk password tasks if tasks are enabled

* [PM-17563] Make userId required even if undefined

* [PM-17563] Use abstract TaskService instead of default implementation in MainBackground

* [PM-17563] Cleanup userId filtering
2025-04-04 13:42:44 -07:00
Patrick-Pimentel-Bitwarden
1af8fe2012
feat(device-approval-persistence): [PM-19380] Device Approval Persistence (#13958)
* feat(device-approval-persistence): [PM-19380] Device Approval Persistence - Added lookup on standard auth requests.

* fix(device-approval-persistence): [PM-19380] Device Approval Persistence - Fixed issue with null value trying to be parsed from the fromJSON function.




---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2025-04-04 15:44:48 -04:00
Bernd Schoolmann
1450a033b3
[PM-19469] Add logs for unlock time (#13972)
* Add logs for unlock time

* Undo local flag override

* Update message

* Update messages

* Fix build on chrome
2025-04-02 23:19:53 +02:00
Will Martin
76cb3fd38d
[CL-623] export CDK dialog deps from libs/components (#14074)
* add cdk dialog deps to CL dialog barrel file

* find and replace cdk dialog import

* run prettier
2025-04-02 15:08:38 -04:00
Jordan Aasen
538db63c50
[PM-432] - Protect entire item when Master Password Re-prompt is selected - desktop (#14035)
* prompt for MP on cipher view

* only keep reprompt while cipher is open

* reset cipher password prompt after opening another cipher
2025-04-02 11:52:49 -07:00
Brandon Treston
9b3c28fcea
[PM-19746] Add new permission check to browser (#14075)
* add new permisssions check to browser

* add permission logic to view

* fix tests

* cleanup

* fix permissions model for CLI and desktop

* feedback
2025-04-02 12:49:08 -04:00
Vicki League
575e8b691f
[CL-570] Deprecate old icons (#13663) 2025-04-01 11:34:04 -04:00
Shane Melton
c3e562e75d
[PM-17563] [PM-19754] Migrate Security Task Module to libs/common (#14036)
* [PM-17563] Remove references to Angular from TaskService

* [PM-17563] Move Task module to libs/common/vault to avoid Angular dependency

* [PM-17563] Fix bad imports

* [PM-17563] Fix a few more missed imports
2025-04-01 07:27:05 -07:00
Bernd Schoolmann
22039d038d
[PM-3475] Remove deprecated keys (#13266)
* Remove deprecated keys

* Fix cli build

* Fix build
2025-03-31 16:58:02 +02:00
Alec Rippberger
d5f033efa2
refactor(auth): [PM-9179] remove deprecated TwoFactorComponents
Remove deprecated TwoFactorComponentsV1 and TwoFactorOptionsComponentV1 components, related functionality (unauthUiRefreshSwap) and orphaned styles/translation messages.
2025-03-28 12:51:20 -05:00
Jason Ng
a3e01ad672
[PM-10610] push notification to end user notification service (#13876)
* use NotificationsService.notifictions$ for tracking inside default end user notification
2025-03-26 13:16:40 -04:00
Brandon Treston
0fd01ed7ee
[PM-18566] Wire up vNextPolicyService for Clients (#13678)
* wire up vNext impl

* wire up vNextPolicyService for browser

* wire up vNextPolicyService for desktop

* wire up vNextPolicyService for cli

* fix test

* fix missed caller

* cleanup

* fix missing property assignment

* fix QA bug for PM-19205

* fix QA bug for PM-19206

* fix QA bug for pm-19228

* cleanup
2025-03-25 11:30:47 -04:00
Bernd Schoolmann
27baa92fcf
[PM-10749] [BEEEP] New export format: Zip with attachments (#10465)
* Add new export format: zip

* Restrict zip export to just individual vaults

* Add tests

* Remove unused import

* Fix build error

* Fix tests

* Fix test

* Fix retrieval of ciphers by passing in activeUserId

* Guard feature behind `export-attachments`-feature-flag

* Extend cipher filter to also filter out any ciphers that are assigned to an organization

* Added apiService to retrieve AttachmentData (metaData) and then download the attachment

- Added ApiService as a depdency within DI for VaultExportService/IndividualVaultExportService
- Added unit tests for filtering ciphers
- Added unit test for downloading attachment metadata and attachments

* Moved attachment decryption into a separate method and added unit tests

* Added null check for creating the base attachment folder

* Move format check for zip within Org export into an early return/throw

* Add feature flag guard on the CLI

* Extend ExportScopeCallout to display an individual export will contain attachment when zip-format is selected

* Fix adding/removing the zip-export option based on selected vault and state of `export-attachments` feature-flag

* Separate AAA visually using whitespace within tests

* Remove unused error var

* Write test that verifies different http request failures when retrieving attachment data

* Remove uneeded ignore lint rule

* Rewrite test to actually check that ciphers assigned to an org are filtered out

* Introduce ExportedVault return type (#13842)

* Define ExportedVault type unioned by 2 new types that describe a plain-text export vs a blob-based zip-export

* Extend static getFileName to handle formats and add unit-tests

* Introduce new export return type throughout the vault export module

- Update abstractions
- Update return types within implementations
- Update callers/consumers to handle the new return value
- Fix all unit tests

* Add support for new export return type and fix download of blobs via CLI

* Add documentation to public methods

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-03-25 13:30:54 +01:00
Alex Morask
034112f42e
Hide bank account for provider when initial tax info is non-US (#13968) 2025-03-25 08:11:32 -04:00
rr-bw
7c0af6c8fb
fix(service): [Auth/PM-17648] Fix MasterPasswordApiService injection (#13886) 2025-03-18 14:41:43 -07:00
Jordan Aasen
70cfd33d96
Revert "collapse collections initially" (#13845)
This reverts commit 2e90a6af12.
2025-03-18 09:18:20 -07:00
Thomas Avery
a11536a424
[PM-17668] Move DeviceTrustService to KM ownership (#13194)
* move DeviceTrustService to KM ownership

* update codecov
2025-03-17 12:02:44 -05:00
Brandon Treston
4d68952ef3
[PM-18089] Update cipher permissions model and consumers (#13606)
* update cipher permissions model and consumers

* add new property to tests

* fix test, add property to toCipherData()

* add missing ConfigService

* fix story

* refactor

* fix error, cleanup

* revert refactor

* refactor

* remove uneeded test

* cleanup

* fix build error

* refactor

* clean up

* add tests

* move validation check to after featrue flagged logic

* iterate on feedback

* feedback
2025-03-14 09:51:40 -04:00
Alec Rippberger
e9c7cd11a3
refactor(auth): [PM-9722] remove deprecated LoginDecryptionOptionsComponent
- Remove LoginDecryptionOptionsComponentV1
- Clean up orphaned translation messages
- Remove unused styles
- Clean up related dependencies

Closes PM-9722
2025-03-13 15:37:52 -05:00
Shane Melton
4687120618
[PM-18946] Improve Vault loading experience (#13714)
* [PM-18946] Refactor loading$ in vault-v2. Update icon-component, and build-cipher-icon
2025-03-13 14:38:29 -04:00
Thomas Avery
81335978d8
[PM-17669] Move MasterPasswordService to KM (#13148)
* Move MasterPasswordService to KM
2025-03-13 13:29:27 -05:00
Alec Rippberger
4f724974e9
refactor(auth): [PM-9725] remove deprecated EnvironmentComponent and self-hosted setup modal
* Remove EnvironmentComponent
* Cleanup unused translation messages

Closes PM-9725
2025-03-13 12:23:37 -05:00
Alec Rippberger
1d1358407e
refactor(components): remove deprecated HintComponent and related code
- Remove HintComponent
- Clean up orphaned functionality
- Remove unused translation messages

Closes PM-9727
2025-03-13 09:56:50 -05:00
Thomas Avery
7e96b7a9a6
[PM-17670] Move KeyConnectorService to KM ownership (#13277)
* Move KeyConnectorService to KM ownership

* Add to codecov

* Move key connector request models
2025-03-13 09:46:01 -05:00
Alec Rippberger
942b80e5d2
refactor(auth): [PM-9724] remove LoginViaAuthRequestComponentV1 and related functionality
- Remove deprecated LoginViaAuthRequestComponentV1 component
- Clean up related ApiService functionality
- Remove orphaned translation messages
- Remove unused CSS styles

Jira PM-9724
2025-03-12 16:40:05 -05:00
Alec Rippberger
4308cd8a9f
refactor(auth): [PM-9678] remove deprecated login components
Removes the V1 Login components and related UnauthenticatedExtensionUIRefresh
feature flag functions. Part of the authentication UI modernization efforts.

Closes PM-9678
2025-03-12 14:36:05 -05:00
rr-bw
e268055dc1
feature(set-change-password): [Auth/PM-17648] Create MasterPasswordApiService (#13552)
Creates a MasterPasswordApiService to house our API calls related to setting and changing a master password.
2025-03-12 11:33:44 -07:00
Bernd Schoolmann
83de125ae9
[PM-15149] Remove ssh feature flag (#13506)
* Remove ssh feature flag

* Remove isSshKeyENabled in type-filter.component
2025-03-12 14:19:49 +01:00
Jason Ng
15fa3cf08d
[PM-10613] End User Notification Service (#13721)
* new end user notification service to retrieve and update notifications from API
2025-03-12 08:02:18 +01:00
Conner Turnbull
00e822fb13
[PM-16937] Remove Billing Circular Dependency (#13085)
* Remove circular dependency between billing services and components

* Removed `logService` from `billing-api.service.ts`

* Resolved failed test

* Removed @bitwarden/ui-common

* Added optional `title` parameter to `BillingNotificationService` functions

* Removed @bitwarden/platform from libs/common/tsconfig.json

* Update apps/web/src/app/billing/services/billing-notification.service.spec.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Update apps/web/src/app/billing/services/billing-notification.service.spec.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Resolved build errors

* Resolved issue where free trial banner wouldn't display if missing a payment method

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2025-03-11 13:43:19 -04:00
rr-bw
0568a09212
refactor(device-trust-toasts): [Auth/PM-11225] Refactor Toasts from Auth Services (#13665)
Refactor toast calls out of auth services. Toasts are now triggered by an observable emission that gets picked up by an observable pipeline in a new `DeviceTrustToastService` (libs/angular). That observable pipeline is then subscribed by by consuming the `AppComponent` for each client.
2025-03-10 12:17:46 -07:00
Jordan Aasen
985942ac05
collapse collections initially (#13646) 2025-03-10 11:07:04 -07:00
Bernd Schoolmann
01f6fd7ee3
[PM-16227] Move import to sdk and enable it in browser/web (#12479)
* Move import to sdk and enable it in browser/web

* Add uncomitted files

* Update package lock

* Fix prettier formatting

* Fix build

* Rewrite import logic

* Update ssh import logic for cipher form component

* Fix build on browser

* Break early in retry logic

* Fix build

* Fix build

* Fix build errors

* Update paste icons and throw error on wrong import

* Fix tests

* Fix build for cli

* Undo change to jest config

* Undo change to feature flag enum

* Remove unneeded lifetime

* Fix browser build

* Refactor control flow

* Fix i18n key and improve import behavior

* Remove for loop limit

* Clean up tests

* Remove unused code

* Update libs/vault/src/cipher-form/components/sshkey-section/sshkey-section.component.ts

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>

* Move import logic to service and add tests

* Fix linting

* Remove erroneous includes

* Attempt to fix storybook

* Fix storybook, explicitly implement ssh-import-prompt service abstraction

* Fix eslint

* Update libs/importer/src/importers/bitwarden/bitwarden-json-importer.ts

Co-authored-by:  Audrey  <ajensen@bitwarden.com>

* Fix services module

* Remove ssh import sdk init code

* Add tests for errors

* Fix import

* Fix import

* Fix pkcs8 encrypted key not parsing

* Fix import button showing on web

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by:  Audrey  <ajensen@bitwarden.com>
2025-03-10 18:41:47 +01:00
Oscar Hinton
a569dd9ad6
[PM-15892] [PM-12250]Remove nord and remnants from solarizedark (#13449)
* Remove nord and remnants from solarizedark

* Update window reload color

* Remove extension-refresh feature flag from clients (#13450)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* Remove usage of nord and solarized themes within DarkImageDirective

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-03-10 15:33:55 +01:00
Thomas Rittson
ef72f513b1
eslint: report unused disable directives (#13463)
Remove any unused disable directives and FIXMEs in our code
2025-03-10 09:33:08 -04:00
SmithThe4th
e327816bc4
[PM-11941] Migrate TOTP Generator to use SDK (#12987)
* Refactored totp service to use sdk

Fixed strict typescript issues

* Fixed dependency issues

* Returned object that contains code and period, removed get interval function

* removed dependencies

* Updated to use refactored totp service

* removed sdk service undefined check

* removed undefined as an input from the getCode function

* Made getcode$ an observable

* refactored to use getcodee$

* Filter out emmissions

* updated sdk version

* Fixed readability nit

* log error on overlay if totp response does not return a code

* fix(totpGeneration): [PM-11941] Totp countdown not working on clients

* Used optional chaining if totpresponse returns null or undefined
2025-03-06 14:01:07 -05:00
Jason Ng
f65daf7284
[PM-12045] search service activeuserstate (#13035)
* removing activeuserstate from search service
2025-03-06 12:26:24 -05:00
cyprain-okeke
96fa9e2ea7
Resolve the Tailwind CSS class error (#13700) 2025-03-06 14:47:03 +01:00
Jared Snider
92f027af5e
fix(LoginComp + LoginStrategies): [Auth/PM-18654] Refreshed UI - Desktop TDE JIT provisioned user creation errors with missing org SSO id (#13619)
* PM-18654 - State Service & Login Strategy Refactor - move env seeding into login strategy so that new accounts always load w/ the correct environment

* PM-18654 - SSO Comp - just use user id from auth result

* PM-18654 - Config Service - (1) don't allow cascading calls to the renewConfig by using a private promise (2) Replace shareReplay with share configured with manual timer

* PM-18654 - LoginComponents - detail issue and possible fix

* PM-18654 - DesktopLoginV1Comp - use correct destroy hook

* PM-18654 - LoginComp - clean up no longer correct comment

* PM-18654 - New Device Verification Component - Remove unused PasswordLoginStrategy dependency

* PM-18654 - Browser Home Component - fix qParam logic

* PM-18654 - DefaultConfigService - revert changes as they aren't necessary to fix the bug.

* PM-18654 - DefaultConfigService - remove commented code

* PM-18654 - LoginStrategy - add comment

* PM-18654 - Fix login strat tests
2025-03-03 12:09:35 -05:00
Shane Melton
5b215cf193
[PM-18707] Fix desktop live sync (#13624)
* [PM-18707] Remove redundant cipherService subscription

* [PM-18707] Add artificial tick delay to cipherService to allow for ElectronStore storage service to fully save before continuing
2025-03-03 08:33:48 -08:00
Jake Fink
43f5423e78
[PM-12606] Move Vault Timeout and Vault Timeout Settings to KM (#13405)
* move vault timeout and vault timeout settings to km

* move browser vault timeout service to km

* fix cli import

* fix imports

* fix some relative imports

* use relative imports within common

* fix imports

* fix new imports

* Fix new imports

* fix spec imports
2025-02-28 09:55:03 -05:00
Oscar Hinton
cec117459b
[PM-18599] Forbid unknown property and element in tests (#13556)
Fail tests when relying on unknownProperties or unknownElements. Existing instances are whitelist and have tickets created and assigned to the relevant teams.
2025-02-25 14:02:19 -08:00
cd-bitwarden
a5fe0857ee
Fix for the issue where folders do not log when you have two accounts and you lock both then login to the second account (#13273) 2025-02-25 15:15:35 -05:00
Jared Snider
acbff6953c
feat(2FA-UI-Refresh): [Auth/PM-8113] - 2FA Components Consolidation and UI Refresh (#12087)
* PM-8113 - Deprecate TwoFactorComponentRefactor feature flag in favor of UnauthenticatedExtensionUIRefresh flag

* PM-8113 - Rename all existing 2FA components as V1.

* PM-8113 - TwoFactorAuthComp - Add comment explaining that tagged unused import is used a dialog.

* PM-8113 - 2FA Auth Comp - deprecate captcha

* PM-8113 - LoginStrategySvc - add todo for deprecation of captcha response

* PM-8113 - TwoFactorAuth tests - remove captcha

* PM-8113  - TwoFactorAuthComp HTML - remove captcha

* PM-8113  - Web Two Factor Auth - update deps

* PM-8113 - Move all new two-factor-auth components into libs/auth instead of libs/angular/src/auth

* PM-8113 - Add new child-components folder to help differentiate between top level page component and child components

* PM-8113 - Add todo for browser TwoFactorAuthEmailComponent

* PM-8113 - TwoFactorAuth - progress on consolidation

* PM-8113 - TwoFactorAuth - add TODO to ensure I don't miss web on success logic

* PM-8113 - TwoFactorAuth - Deprecate browser implementation of two-factor-auth and move all logic into single component - WIP

* PM-8113 - Bring across 2FA session timeout to new 2FA orchestrator comp

* PM-8113 - Export TwoFactorAuth from libs/auth

* PM-8113 - Fix 2FA Auth Comp tests by adding new service deps.

* PM-8113 - Fix TwoFactorAuthExpiredComp imports + TwoFactorAuthComponent imports on other clients.

* PM-8113 - 2FA Auth Comp - Progress on removing onSuccessfulLogin callback

* PM-8113 - 2FA Auth - update deps to private as inheritance will no longer be used.

* PM-8113 - TwoFactorAuthComp - Refactor init a bit.

* PM-8113  - TwoFactorAuthComp - More naming refactors

* PM-8113  - TwoFactorAuth - (1) more refactoring (2) removed onSuccessfulLoginNavigate (3) after successful login we always loginEmailService.clearValues()

* PM-8113 - TwoFactorAuthComp Tests - clean up tests for removed callbacks.

* PM-8113 - TwoFactorAuthComponent - refactor default success route handling

* PM-8113 - TwoFactorAuthComp - More refactoring

* PM-8113 - TwoFactorAuthComp - more refactors

* PM-8113 - TwoFactorAuth - Remove unused service dep

* PM-8113 - TwoFactorAuthComp - Refactor out unused button action text and move checks for continue button visibility into component

* PM-8113 - TwoFactorAuthComponent - Add type for providerData

* PM-8113 - TwoFactorAuthComponent - Add todo

* PM-8113 - TwoFactorAuthComponent - Add client type

* PM-8113 - TwoFactorAuth - implement browser specific SSO + 2FA logic

* PM-8113 - TwoFactorService Abstraction - refactor to use proper functions + mark methods as abstract properly + add null return to getProviders

* PM-8113 - Refactor 2FA Guard logic out of ngOnInit and into own tested guard. Updated all routes.

* PM-8113 - TwoFactorAuthComponent - WIP on webauthn init.

* PM-8113 - TwoFactorAuthComponent - pull webauthn fallback response handling into primary init with checks based on client for if it should be processed.

* PM-8113 - TwoFactorAuthComponent - move linux popup width extension logic into ExtensionTwoFactorAuthComponentService

* PM-8113 - WebTwoFactorAuthComponentService - add explicit override for web's determineLegacyKeyMigrationAction method.

* PM-8113 - Implement new TwoFactorAuthComponentService .openPopoutIfApprovedForEmail2fa to replace extension specific init logic.

* PM-8113 - TwoFactorAuthComponent - misc cleanup

* PM-8113 - TwoFactorAuthComponent - more clean up

* PM-8113 - TwoFactorAuthComponent - WIP on removing TDE callbacks

* PM-8113 - TwoFactorAuthComponent - finish refactoring out all callbacks

* PM-8113 - TwoFactorAuthComponent - remove now unused method

* PM-8113 - TwoFactorAuthComponent - refactor routes.

* PM-8113 - TwoFactorAuthComponent - add TODO

* PM-8113 - TwoFactorAuthComp - isTrustedDeviceEncEnabled - add undefined check for optional window close. + Add todo

* PM-8113 - TwoFactorAuthComponent tests - updated to pass

* PM-8113 - (1) Consolidate TwoFactorAuthEmail component into new service architecture (2) Move openPopoutIfApprovedForEmail2fa to new TwoFactorAuthEmailComponentService

* PM-8113 - Refactor libs/auth/2fa into barrel files.

* PM-8113 - Move TwoFactorAuthEmail content to own folder.

* PM-8113 - Move 2FA Duo to own comp folder.

* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - Add comment

* PM-8113 - TwoFactorAuthEmailComponentService - add docs

* PM-8113  - TwoFactorAuthDuoComponentService - define top level abstraction and each clients implementation of the duo2faResultListener

* PM-8113 - TwoFactorAuthDuoCompService - add client specific handling for launchDuoFrameless

* PM-8113 - Delete no longer used client specific two factor auth duo components.

* PM-8113 - Register TwoFactorAuthDuoComponentService implementation in each client.

* PM-8113 - TwoFactorAuthComp - add destroy ref to fix warnings.

* PM-8113 - Remove accidentally checked in dev change

* PM-8113 - TwoFactorAuthComp - (1) Add loading state (2) Add missing  CheckboxModule import

* PM-8113 - TwoFactorAuthDuoComponent - update takeUntilDestroyed to pass in destroy context as you can't use takeUntilDestroyed in ngOnInit without it.

* PM-8113 - TwoFactorAuthWebAuthnComponent - remove no longer necessary webauthn new tab check as webauthn seems to work without it

* PM-8113 - TwoFactorAuthWebAuthnComp - refactor names and add todo

* PM-8113 - (1) Move WebAuthn 2FA comp to own folder (2) build out client service for new tab logic

* PM-8113 - Register TwoFactorAuthWebAuthnComponentServices

* PM-8113 - Tweak TwoFactorAuthWebAuthnComponentService and add to TwoFactorAuthWebAuthnComponent

* PM-8113 - WebTwoFactorAuthDuoComponentService - fix type issue

* PM-8113 - ExtensionTwoFactorAuthDuoComponentService - attempt to fix type issue.

* PM-8113 - Remove ts-strict-ignore

* PM-8113 - TwoFactorAuthWebAuthnComponent - satisfy strict typescript reqs.

* PM-8113 - TwoFactorAuthComponent - some progress on strict TS conversion

* PM-8113 - TwoFactorAuthComp - fixed all strict typescript issues.

* PM-8113 - TwoFactorAuthComp - remove no longer necessary webauthn code

* PM-8113 - ExtensionTwoFactorAuthComponentService - handleSso2faFlowSuccess - add more context

* PM-8113 - TwoFactorAuthComp - TDE should use same success handler method

* PM-8113 - Fix SSO + 2FA result handling by closing proper popout window

* PM-8113 - Add todo

* PM-8113 - Webauthn 2FA - As webauthn popout doesn't persist SSO state, have to genercize success logic (which should be a good thing but requires confirmation testing).

* PM-8113 - Per main changes, remove deprecated I18nPipe from 2fa comps that use it.

* PM-8113 - Remove more incorrect i18nPipes

* PM-8113 - TwoFactorAuth + Webauthn - Refactor logic

* PM-8113 - TwoFactorAuth - build submitting loading logic

* PM-8113 - TwoFactorAuth - remove loading as submitting.

* PM-8113 - TwoFactorAuth - update to latest authN session timeout logic

* PM-8113 - AuthPopoutWindow - Add new single action popout for email 2FA so we can close it programmatically

* PM-8113 - Update  ExtensionTwoFactorAuthComponentService to close email 2FA single action popouts.

* PM-8113 - Fix build after merge conflict issue

* PM-8113 - 2FA - Duo & Email comps - strict typescript adherence.

* PM-8113 - TwoFactorAuth - Clean up unused stuff and get tests passing

* PM-8113 - Clean up used service method + TODO as I've confirmed it works for other flows.

* PM-8113 - TODO: test all comp services

* PM-8113 - TwoFactorAuthComponent Tests - fix tests by removing mock of removed method.

* PM-8113 - Revert changes to login strategies to avoid scope creep for the sake of typescript strictness.

* PM-8113 - ExtensionTwoFactorAuthComponentService tests

* PM-8113 - Test ExtensionTwoFactorAuthDuoComponentService

* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - add tests

* PM-8113 - Test ExtensionTwoFactorAuthWebAuthnComponentService

* PM-8113 - Add 2fa icons (icons need tweaking still)

* PM-8113 - TwoFactorAuthComponent - add setAnonLayoutDataByTwoFactorProviderType and handle email case as POC

* PM-8113 - TwoFactorEmailComp - work on converting to new design

* PM-8113 - Update icons with proper svg with scaling via viewbox

* PM-8113 - Update icons to use proper classes

* PM-8113 - 2FA Auth Comp - Progress on implementing design changes

* PM-8113 - TwoFactorOptionsComponent - add todos

* PM-8113 - 2fa Email Comp - add style changes per discussion with design

* PM-8113 - TwoFactorAuthComponent - use2faRecoveryCode - build out method per discussion with design

* PM-8113 - TwoFactorAuthComp - fix comp tests

* PM-8113 - TwoFactorAuthComp - progress on adding 2fa provider page icons and subtitles

* PM-8113 - Browser Translations - update duoTwoFactorRequiredPageSubtitle to match design discussion

* PM-8113 - TwoFactorAuthComp - more work on getting page title / icons working

* PM-8113 - Add todo

* PM-8113 - TwoFactorAuthDuoComponent Html - remove text that was moved to page subtitle.

* PM-8113 - 2FA Auth Comp - Duo icon works

* PM-8113 - (1) Add Yubico logo icon (2) Rename Yubikey icon to security key icon

* PM-8113 - TwoFactorAuthComp - remove icon from launch duo button per figma

* PM-8113 - Mark old two-factor-options component as v1.

* PM-8113 - Web - TwoFactorOptionsComponentV1 - Fix import

* PM-8113 - Fix more imports

* PM-8113 - Adjust translations based on meeting with Design

* PM-8113 - TwoFactorOptionsComponent - deprecate recovery code functionality

* PM-8113 - TwoFactorOptionsComponent - remove icon disable logic and unused imports

* PM-8113 - 2FA Options Comp rewritten to match figma

* PM-8113 - TwoFactorOptions - (1) Sort providers like setup screen (2) Add responsive scaling

* PM-8113 - Webauthn 2FA - WIP on updating connectors to latest style

* PM-8113 - Webauthn connector - clean up commented out code and restore block style

* PM-8113 - TwoFactorAuthWebAuthn - Add loading state for iframe until webauthn ready

* PM-8113 - Webauthn Iframe - update translation per figma

* PM-8113 - TwoFactorAuthComp - per figma, put webauthn after checkbox.

* PM-8113 - WebAuthn Fallback connector - UI refreshed

* PM-8113 - Two Factor Options - Implement wrapping

* PM-8113 - TwoFactorAuthAuthenticator - Remove text per figma

* PM-8113 - TwoFactorAuthYubikey - Clean up design per figma

* PM-8113 - Refactor all 2FA flows to use either reactive forms or programmatic submission so we get the benefit of onSubmit form validation like we have elsewhere.

* PM-8113 - 2FA Auth Comp - for form validated 2FA methods, add enter support.

* PM-8113 - TwoFactorAuthComp - Add loginSuccessHandlerService

* PM-8113 - DesktopTwoFactorAuthDuoComponentService - add tests

* PM-8113 - WebTwoFactorAuthDuoComponentService test file - WIP on tests

* PM-8113 - WebTwoFactorAuthDuoComponentService - test listenForDuo2faResult

* PM-8113 - TwoFactorAuthComp - (1) remove unused deps (2) get tests passing

* PM-8113 - Add required to inputs

* PM-8113 - TwoFactorAuth - Save off 2FA providers map so we can only show the select another 2FA method if the user actually has more than 1 configured 2FA method.

* PM-8113 - Webauthn iframe styling must be adjusted per client so adjust desktop and browser extension

* PM-8113 - TwoFactorAuthComp - Integrate latest ssoLoginService changes

* PM-8113 - Desktop & Browser routing modules - add new page title per figma

* PM-8113 - WebAuthn - added optional awaiting security key interaction button state to improve UX.

* PM-8113 - TwoFactorAuthComp - refactor to avoid reactive race condition with retrieval of active user id.

* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - force close the popup since it has stopped closing when the popup opens.

* PM-8113 - TwoFactorAuth - refactor enter key press to exempt non-applicable flows from enter key handling

* PM-8113 - Refactor ExtensionTwoFactorAuthComponentService methods to solve issues with submission

* PM-8113 - TwoFactorAuth - fix programmatic submit of form

* PM-8113 - Fix ExtensionTwoFactorAuthComponentService tests

* PM-8113 - Extension - Webauthn iframe - remove -10px margin

* PM-8113 - Extension Routing module - 2FA screens need back button

* PM-8113 - Get Duo working in extension

* PM-8113 - TwoFactorOptions - tweak styling of row styling to better work for extension

* PM-8113 - TwoFactorWebauthnComp - new tab button styling per figma

* PM-8113 - 2FA Comp - Update logic for hiding / showing the remember me checkbox

* PM-8113 - TwoFactorAuthWebAuthnComp - new tab flow - fix remember me

* PM-8113 - Per PR feedback, add TODO for better provider and module structure for auth component client logic services.

* PM-8113 - TwoFactorAuth - add missing TDE offboarding logic.

* PM-8113 - TwoFactorAuthComponent tests - fix tests

* PM-8113 - 2FA Auth Comp HTML - per PR feedback, remove unnecessary margin bottom

* PM-8113 - 2FA Comp - per PR feedback, remove inSsoFlow as it isn't used.

* PM-8113 - TwoFactorOptionsComp - Clean up no longer needed emitters.

* PM-8113 - TwoFactorOptions - per PR feedback, clean up any usage

* PM-8113 - TwoFactorAuthComp - per PR feedback, rename method from selectOtherTwofactorMethod to selectOtherTwoFactorMethod

* PM-8113 - Per PR feedback, fix translations misspelling

* PM-8113 - TwoFactorAuthSecurityKeyIcon - fix hardcoded value

* PM-8113 - TwoFactorAuthSecurityKeyIcon - fix extra "

* PM-8113 - TwoFactorAuthDuo - Per PR feedback, remove empty template.

* PM-8113 - LooseComponentsModule - re-add accidentally removed component

* PM-8113 - TwoFactorAuthWebAuthnIcon - per PR feedback, fix hardcoded stroke value.

* PM-8113 - Desktop AppRoutingModule - per PR feedback, remove unnecessary AnonLayoutWrapperComponent component property.

* PM-8113 - Update apps/browser/src/auth/services/extension-two-factor-auth-duo-component.service.spec.ts to fix misspelling

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-8113 - TwoFactorAuthComp - Per PR feedback, add trim to token value

* PM-8113 - TwoFactorService - add typescript strict

* PM-8113 - TwoFactorService - per PR feedback, add jsdocs

* PM-8113 - Per PR feedback, fix misspelling

* PM-8113 - Webauthn fallback - per PR feedback fix stroke

* PM-8113 - Update apps/web/src/connectors/webauthn-fallback.html

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-8113 - Update libs/auth/src/angular/icons/two-factor-auth/two-factor-auth-webauthn.icon.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

---------

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2025-02-24 09:59:14 -05:00
Jared Snider
c4a230e80b
PM-9417 - PasswordStrengthComp - A11y improvement - add screen reader announcement for all usages of password strength. (#13515) 2025-02-24 09:55:18 +01:00
Todd Martin
077e0f89cc
[PM-17751] Store SSO email in state on web client (#13295)
* Moved saving of SSO email outside of browser/desktop code

* Clarified comments.

* Tests

* Refactored login component services to manage state

* Fixed input on login component

* Fixed tests

* Linting

* Moved web setting in state into web override

* updated tests

* Fixed typing.

* Fixed type safety issues.

* Added comments and renamed for clarity.

* Removed method parameters that weren't used

* Added clarifying comments

* Added more comments.

* Removed test that is not necessary on base

* Test cleanup

* More comments.

* Linting

* Fixed test.

* Fixed base URL

* Fixed typechecking.

* Type checking

* Moved setting of email state to default service

* Added comments.

* Consolidated SSO URL formatting

* Updated comment

* Fixed reference.

* Fixed missing parameter.

* Initialized service.

* Added comments

* Added initialization of new service

* Made email optional due to CLI.

* Fixed comment on handleSsoClick.

* Added SSO email persistence to v1 component.

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
2025-02-21 17:09:50 -05:00
Patrick-Pimentel-Bitwarden
598139d739
fix(recovery-code-login): [PM-18474] Fix for Recovery Code Login (#13497)
* fix(recovery-code-login): [PM-18474] Fix for Recovery Code Login - Fixed the recovery code login to work with the new device verification notice flow.

* test(recovery-code-login): [PM-18474] Fix for Recovery Code Login - Tests added.
2025-02-20 16:45:19 -05:00
Andreas Coroiu
9c102f056c
chore: update sdk to main.105 (#13472)
* chore: update sdk version

* fix: sdk breaking changes
2025-02-19 15:46:43 +01:00
Jordan Aasen
993c056b19
[PM-18055] - sync list and item view after saving vault item (#13412)
* sync list and item view after saving vault item

* sync folder on save

* remove unused destroy ref
2025-02-18 12:41:42 -08:00
Shane Melton
96260eda65
[PM-14421] Access Intelligence: Introduce At-risk Passwords Page (#13044)
* [PM-14421] Add initial at risk password page component and route

* [PM-14421] Add new at-risk-password guard and update task service to consider feature flag for tasksEnabled$

* [PM-14421] Export vault observable utilities to be used outside of libs/vault

* [PM-14421] Implement at risk passwords page

* [PM-14421] Add temporary callout for at-risk tasks to browser vault view

* [PM-14421] Fix service registration after merge

* [PM-14421] Fix organization service usage after merge

* [PM-14421] Add autofill setting callout

* [PM-14421] Fix failing test

* [PM-14421] Change autofill setting check and toggle

* [PM-14421] Make autofill setting callout dismissal persistent

* [PM-14421] Fix tests

* [PM-14421] Fix button structure

* [PM-14421] Handle plural tasks i18n

* [PM-14421] Fix cipher service usage after refactor on main

* [PM-14421] Fix at-risk-password spec file
2025-02-12 13:28:20 -08:00
SmithThe4th
a2945203f4
[PM-12047] Remove usage of ActiveUserState from cipher.service (#12814)
* Cipher service web changes

* Updated browser client to pass user id to cipher service observable changes

* Cli changes

* desktop changes

* Fixed test

* Libs changes

* Fixed merge conflicts

* Fixed merge conflicts

* removed duplicate reference fixed conflict

* Fixed test

* Fixed test

* Fixed test

* Fixed desturcturing issue on failed to decrypt ciphers cipher service

* Updated abstraction to use method syntax

* Fixed conflicts

* Fixed test on add edit v2

Passed active userId to delete function

* Used getUserId utility function

* made vault changes

* made suggestion changes

* made suggestion changes

* made suggestion changes

* Replace getUserId function calls with pipe operator syntax for better consistency

* fixed merge conflicts

* revert mistake made of usinf account activity during merge conflict fix

* fixed conflicts

* fixed tests
2025-02-12 08:53:31 -05:00
Shane Melton
182f9baa0f
Revert "[PM-5718] Fix free organization generating TOTP (#11918)" (#13357)
This reverts commit 459fb1bcf4.

Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
2025-02-11 11:12:56 -08:00
Alec Rippberger
9f22a2fa87
refactor: [PM-17182] Remove Bootstrap style from EnvironmentSelectorComponent
Replace Bootstrap styles with Tailwind equivalents in the EnvironmentSelectorComponent to modernize the UI.
2025-02-11 10:25:14 -06:00
Alec Rippberger
1685f67e90
refactor: [PM-17530] remove obsolete registration component
Remove outdated registration components and associated routes to cleanup the codebase and eliminate legacy functionality.
2025-02-11 16:05:21 +00:00
Daniel James Smith
9ddaf96020
[PM-13811] Remove conditional code for extension refresh on web (#13145)
* Enable UI refresh on web by default

Removing all conditional code around the `ExtensionRefresh`-feature-flag on the web-UI

* Remove no longer needed extensRefresh helpers

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-02-10 14:20:05 +01:00
Nick Krantz
dd55086cbb
[PM-17776] New Device - SSO Check (#13177)
* refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations

* Revert "refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations"

This reverts commit 419c26fbbc.

* update new device verification guard to check for master password usage

* add sso check for new device verification guard
2025-02-07 09:25:28 -06:00
Patrick-Pimentel-Bitwarden
516246eab8
fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service (#13292)
* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed location of retrieving the active user id in one component.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed up type safety.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Removed unnessesary subscriptions.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed test.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Made code a little cleaner.
2025-02-06 16:06:26 -05:00
Daniel James Smith
0b5b1b347e
[PM-17165] Remove v1 generator UI from web (#13240)
* Remove v1 generator from web

Remove conditional routing based on `generator-tools-modernization`
Remove generatorSwap helper
Remove generator and password-generator-history components including the base ones in libs/angular

* Remove the feature flag `generator-tools-modernization`

* Remove unused keys from en/messages.json

* Remove unused css

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-02-06 19:06:37 +01:00
Jordan Aasen
772f45aa63
[PM-14039] - [Defect] Desktop vault changes aren't immediately taking effect (#13186)
* favor subscription over firstValueFrom in desktop cipher view

* add event handling for username generator

* Revert "add event handling for username generator"

This reverts commit 73cffbcc6b.

* close out subscription on cleanup
2025-02-06 09:28:53 -08:00
Bernd Schoolmann
2f8a7a95bd
[PM-15994] Move encrypt service to km ownership (#13220)
* Move encrypt service to km ownership

* Update imports for encrypt service abstraction and move bulk encrypt service abstraction

* Fix imports

* Fix further imports

* Fix imports

* Fix worker import
2025-02-05 17:39:11 +01:00
Jordan Aasen
2c118d9f01
[PM-16925] - fix all restricted imports in vault (#13236)
* fix all restricted imports in vault

* fix spec

* remove export
2025-02-04 14:26:03 -08:00
Patrick-Pimentel-Bitwarden
0523ce0b40
refactor(active-user-state-refactor): [PM-12040] Remove ActiveUserStatus For SSO Login Component (#13149)
* refactor(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - First pass of work to update the state. In the middle of testing.

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fix for jslib-services.module.ts

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fix main.background.ts

* test(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Added simple tests

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Tiny touchups.

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Few fixes to resolve comments.

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Changed place where userId is loaded.

* test(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fixed test.
2025-02-04 13:31:36 -05:00
Alec Rippberger
8e70d5b923
feat(auth): [PM-3953] generalize copy for login with device flows
Updates UI text and translations for the login with device feature to be more consistent and clear across desktop, browser and web clients. Changes include:

- Updated titles and content for login via auth request components
- Revised translations for device approval modal
- Updated notification titles and alert messages
- Simplified device management URL handling
- Added missing translations across platforms

Resolves PM-3953
2025-01-31 11:54:41 -06:00
Daniel James Smith
6ae30f5059
Remove dependency on importer/core from libs/angular (#13137)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-01-31 14:04:35 +01:00
Shane Melton
a404729c9e
[PM-17745] Catch network errors in new device notification guard (#13161)
* [PM-17745] Wrap new device guard applicability check in try/catch to prevent crashes from network errors

* [PM-17745] Fix broken test
2025-01-30 12:18:22 -08:00