Commit Graph

878 Commits

Author SHA1 Message Date
Maciej Zieniuk
e73f902aee
[PM-18576] Fix missing user id on remove password (#13777)
* Passed in userId on RemovePasswordComponent.

* Added userId on other references to KeyConnectorService methods

* remove password component refactor, test coverage, enabled strict

* explicit user id provided to key connector service

* redirect to / instead when user not logged in or not managing organization

* key connector service explicit user id

* key connector service no longer requires account service

* key connector service missing null type

* cli convert to key connector unit tests

* remove unnecessary SyncService

* error toast not showing on ErrorResponse

* bad import due to merge conflict

* bad import due to merge conflict

* missing loading in remove password component for browser extension

* error handling in remove password component

* organization observable race condition in key-connector

* usesKeyConnector always returns boolean

* unit test coverage

* key connector reactive

* reactive key connector service

* introducing convertAccountRequired$

* cli build fix

* moving message sending side effect to sync

* key connector service unit tests

* fix unit tests

* unit tests in wrong place after KM code ownership move

* infinite page reload

* failing unit tests

* failing unit tests

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2025-05-19 08:51:46 +02:00
Todd Martin
2bde090b37
chore(view-cache): Rename view-cache docs to README to allow Github rendering
* Renamed documentation file

* Updated documentation link.
2025-05-16 15:52:51 -04:00
Alex Morask
d2cce5b997
Fix input errors on provider setup (#14799) 2025-05-16 14:47:42 -04:00
rr-bw
afbddeaf86
refactor(set-change-password): [Auth/PM-18458] Create new ChangePasswordComponent (#14226)
This PR creates a new ChangePasswordComponent. The first use-case of the ChangePasswordComponent is to place it inside a new PasswordSettingsComponent, which is accessed by going to Account Settings > Security.

The ChangePasswordComponent will be updated in future PRs to handle more change password scenarios.

Feature Flags: PM16117_ChangeExistingPasswordRefactor
2025-05-16 10:41:46 -07:00
Oscar Hinton
ac49e594c1
Add standalone false to all non migrated (#14797)
Adds standalone: false to all components since Angular is changing the default to true and we'd rather not have the angular PR change 300+ files.
2025-05-15 10:44:07 -04:00
SmithThe4th
ad3121f535
[PM-12423] Migrate Cipher Decryption to Use SDK (#14206)
* Created mappings for client domain object to SDK

* Add abstract decrypt observable

* Added todo for future consideration

* Added implementation to cipher service

* Added adapter and unit tests

* Created cipher encryption abstraction and service

* Register cipher encryption service

* Added tests for the cipher encryption service

* changed signature

* Updated feature flag name

* added new function to be used for decrypting ciphers

* Added new encryptedKey field

* added new function to be used for decrypting ciphers

* Manually set fields

* Added encrypted key in attachment view

* Fixed test

* Updated references to use decrypt with feature flag

* Added dependency

* updated package.json

* lint fix

* fixed tests

* Fixed small mapping issues

* Fixed test

* Added function to decrypt fido2 key value

* Added function to decrypt fido2 key value and updated test

* updated to use sdk function without prociding the key

* updated localdata sdk type change

* decrypt attachment content using sdk

* Fixed dependency issues

* updated package.json

* Refactored service to handle getting decrypted buffer using the legacy and sdk implementations

* updated services and component to use refactored version

* Updated decryptCiphersWithSdk to use decryptManyLegacy for batch decryption, ensuring the SDK is only called once per batch

* Fixed merge conflicts

* Fixed merge conflicts

* Fixed merge conflicts

* Fixed lint issues

* Moved getDecryptedAttachmentBuffer to cipher service

* Moved getDecryptedAttachmentBuffer to cipher service

* ensure CipherView properties are null instead of undefined

* Fixed test

* ensure AttachmentView properties are null instead of undefined

* Linked ticket in comment

* removed unused orgKey
2025-05-14 07:30:01 -07:00
cyprain-okeke
5fb46df341
[PM 21106]Remove button not responsive for admin Console Remove Sponorship (#14743)
* Resolve the remove button inactive

* Resolve the lint error
2025-05-13 16:49:06 +01:00
Patrick-Pimentel-Bitwarden
0b0397c3f0
fix(enums-eslint): Enum Rule for ESLint (#14650)
* fix(enums-eslint): Enum Rule for ESLint - Added enums in the warnings for eslint.

* fix(enums-eslint): Enum Rule for ESLint - Updated to error in both places for enums.

* fix(enums-eslint): Enum Rule for ESLint - Added new eslint plugin for warning on enums.

* fix(enums-eslint): Enum Rule for ESLint - Changed based on suggestion.

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* refactor(browser-platform-utils): Remove Deprecation and Fix Code - Changed usages of firefox to private and moved the usages to the preferred public method and removed the deprecations.

* fix(enums-eslint): Enum Rule for ESLint - Updated to error and added disable rules for all other places.

* fix(enums-eslint): Enum Rule for ESLint - Undid other changes by accident
2025-05-13 10:07:38 -04:00
Todd Martin
eed18c9294
chore(view-cache): [PM-21154] Move view-cache its own feature package and adjust imports
* Moved view-cache services to directory

* Fixed DI for browser extension.

* Fixed tests.
2025-05-12 14:26:52 -04:00
Bryan Cunningham
4d15f2d43c
[PM-16057] use Roboto as primary font (#14553)
* swap to using roboto variable font
2025-05-12 09:00:01 -04:00
Justin Baur
1b756df749
[PM-14484] ApiService showing html in error message (#14658)
* Make ApiService more testable

* Add ApiService tests

* Switch to only reading text/plain content
2025-05-09 20:21:25 -04:00
Todd Martin
4191bb9533
chore(captcha): [PM-15162] Remove handling of captcha enforcement and bypass token
* Removed captcha references.

* Removed connectors from webpack

* Fixed extra parameter.

* Resolve merge conflicts.

* Fixed extra argument.

* Fixed failing tests.

* Fixed failing test.

* Accessibility cookie cleanup

* Cleaned up accessibility component.

* Deleted old registration endpoint

* Remove unused register request object.

* Fixed merge error that changed font family.

* Fixed formatting from merge.

* Linting
2025-05-09 10:44:11 -04:00
Alec Rippberger
3030eb7552
[PM-19212] Consolidate password set routing to AuthGuard using ForceSetPasswordReason (#14356)
* Consolidates component routing, removing routing to update-temp-password from components. All routing to update-temp-password should happen in the AuthGuard now.

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2025-05-08 11:24:52 -05:00
Vicki League
8ecb32f30f
[CL-333] Icon Refresh Feature Branch (#14298)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
* [CL-571] Update icons to new fileset and metaphors (#14163)

* [CL-518] Convert icons docs to stories (#14299)

* [CL-574] Update inline autofill icons (#14379)

---------

Co-authored-by: William Martin <contact@willmartian.com>
2025-05-07 17:07:14 -04:00
Todd Martin
74b6bb15e8
Delete old SSO component. (#14604) 2025-05-07 13:22:57 -04:00
Bernd Schoolmann
744c1b1b49
[PM-21001] Move vault code to new encrypt service interface (#14546)
* Move vault code to new encrypt service interface

* Fix tests
2025-05-06 21:24:53 +00:00
Nick Krantz
46df5279a3
[PM-18485] Remove new device verification guard (#14417)
* remove NewDeviceVerificationGuard and all associated entities. New Device verification feature has rolled out in production, this guard is no longer needed.

* remove unused properties from the vault profile service
2025-05-06 13:08:30 -05:00
Brandon Treston
fd43222938
[PM-19383] admins unable to download attachments (#14363)
* add admin support for downloading attachments

* fix delete and upload

* fix delete admin to return a response

* fix upload

* add missing param

* use getCipherAdmin

* fix cli
2025-05-05 13:36:49 -04:00
Matt Gibson
013a34e042
[PM-17440] Use SDK for decryption (#14277)
* Improve dev logging

* Define decrypt with sdk flag

* Use SDK's pure crypto functions for decryption

feature flagged by `use-sdk-for-decryption`

* Avoid pushing decryption requests to web workers for SDK

web workers are able to use the SDK, but they require the SDK module to be initialized. If this is eventually seen as desired, we'll need client-specific worker scripts.

* Apply suggestions from code review

Co-authored-by: Bernd Schoolmann <mail@quexten.com>

* fixup! Apply suggestions from code review

* fixup: Update feature flag state in config callbacks

* Apply suggestions from code review

Co-authored-by: Bernd Schoolmann <mail@quexten.com>

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
2025-05-05 12:19:52 -04:00
cyprain-okeke
a7d04dc212
[PM-17775] Allow admin to send f4 e sponsorship (#14390)
* Added nav item for f4e in org admin console

* shotgun surgery for adding "useAdminSponsoredFamilies" feature from the org table

* Resolved issue with members nav item also being selected when f4e is selected

* Separated out billing's logic from the org layout component

* Removed unused observable

* Moved logic to existing f4e policy service and added unit tests

* Resolved script typescript error

* Resolved goofy switchMap

* Add changes for the issue orgs

* Added changes for the dialog

* Rename the files properly

* Remove the commented code

* Change the implement to align with design

* Add todo comments

* Remove the comment todo

* Fix the uni test error

* Resolve the unit test

* Resolve the unit test issue

* Resolve the pr comments on any and route

* remove the any

* remove the generic validator

* Resolve the unit test

* add validations for email

* Add changes for the autoscale

* Changes to allow admin to send F4E sponsorship

* Fix the lint errors

* Resolve the lint errors

* Fix the revokeAccount message

* Fix the lint runtime error

* Resolve the lint issues

* Remove unused components

* Changes to add isadminInitiated

* remove the FIXME comment

* Resolve the failing test

* Fix the pr comments

* Resolve the orgkey and other comments

* Resolve the lint error

* Resolve the lint error

* resolve the spelling error

* refactor the getStatus method

* Remove the deprecated method

* Resolve the unusual type casting

* revert the change

---------

Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
2025-05-01 16:36:00 +01:00
Thomas Avery
d43e4757df
[PM-7604] Require target UserID for KdfConfigService (#14380)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
* Require userId for KdfConfigService

* Update auth team callers

* Update tools team callers
2025-04-29 17:25:27 -05:00
Jordan Aasen
b589951c90
[PM-18520] - Update desktop cipher forms to use the same UI as web app and extension - (#13992)
* WIP - cipher form refactor

* cipher clone

* cipher clone

* finalize item view and form changes

* fix tests

* hide changes behind feature flag

* set flag to false

* create vault items v2. add button selector

* revert change to flag and vault items

* add attachments

* revert change to tsconfig

* move module

* fix modules

* cleanup

* fix import

* fix import

* fix import

* remove showForm

* update feature flag

* wip - cleanup

* fix up services

* cleanup

* fix type errors

* fix lint errors

* add dialog component

* revert changes to menu

* revert changes to menu

* fix vault-items-v2

* set feature flag to FALSE

* add missing i18n keys. fix collection state

* remove generator. update modules. bug fix

* fix restricted imports

* mark method as deprecated. add uri arg back

* fix shared.module

* fix shared.module

* fix shared.module

* add uri

* check and prompt for premium when opening attachments dialog

* move VaultItemDialogResult back

* fix import in spec file

* update copy functions

* fix MP reprompt issue
2025-04-23 11:13:44 -07:00
Bernd Schoolmann
e231286f37
[PM-19731] Refactor encrypt service to expose key wrapping (#14080)
* Refactor encrypt service to expose key wrapping

* Fix build

* Undo ts strict removal

* Fix wrong method being used to encrypt key material

* Rename parameters and remove todo

* Add summary to encrypt

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for unhappy paths

* Add test coverage

* Add links

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-04-22 13:56:39 +00:00
Shane Melton
d6bda3bcdf
[PM-20433] Add view cache options for view cache service signals to allow cached values to persist navigation events (#14348)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
2025-04-21 13:26:59 -07:00
Shane Melton
143473927e
[PM-10611] End user notification sync (#14116)
* [PM-10611] Remove Angular dependencies from Notifications module

* [PM-10611] Move end user notification service to /libs/common/vault/notifications

* [PM-10611] Implement listenForEndUserNotifications() for EndUserNotificationService

* [PM-10611] Add missing taskId to notification models

* [PM-10611] Add switch cases for end user notification payloads

* [PM-10611] Mark task related notifications as read when visiting the at-risk password page

* [PM-10611] Revert change to default-notifications service

* [PM-10611] Fix test

* [PM-10611] Fix tests and log warning in case more notifications than the default page size are available

* [PM-10611] Use separate feature flag for end user notifications

* [PM-10611] Fix test
2025-04-21 08:57:57 -07:00
Maciej Zieniuk
4da03821ce
move key connector components to KM team ownership (#14008) 2025-04-18 08:23:52 -07:00
Jonas Hendrickx
e026799071
[PM-13128] Enable Breadcrumb Policies (#13584)
* [PM-13128] Enable Breadcrumb Policies

* [PM-13128] Enable Breadcrumb Policies

* [PM-13128] wip

* [PM-13128] wip

* [PM-13128] wip

* [PM-13128] wip

* remove dead code

* wip

* wip

* wip

* refactor

* Fix for providers

* revert to functional auth guard

* change prerequisite to info variant

* address comment

* r

* r

* r

* tests

* r

* r

* fix tests

* feedback

* fix tests

* fix tests

* Rename upselling to breadcrumbing

* Address feedback

* Fix build & tests

* Make the guard callback use Observable instead of a promise

* Pm 13128 suggestions (#14041)

* Rename new enum value

* Show the upgrade button when breadcrumbing is enabled

* Show mouse pointer when cursor is hovered above badge

* Do not make the dialogs overlap

* Align badge middle

* Gap

* Badge should be a `button` instead of `span`

* missing button@type

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Alex Morask <amorask@bitwarden.com>
2025-04-18 09:57:27 -04:00
Shane Melton
8258ea39b0
[PM-18903] Desktop sync issues (#13681)
* [PM-18707] Use different BroadcasterSubscriptionId in base view component to avoid collision with desktop view component

* [PM-18707] Use userId instead of payloadUserId for cipher notification syncs

* [PM-19032] Live Sync on Desktop (#13851)

* migrate the vault-items to an observables rather than async/promises

- this helps keep data in sync with the service state and avoids race conditions

* migrate the view component to an observables rather than async/promises

- this helps keep data in sync with the service state and avoids race conditions

* decrypt saved cipher from server

* bump timeout for upserting ciphers

* mark `go` as async in desktop vault

- previously it was a floating promise

* Revert "mark `go` as async in desktop vault"

This reverts commit fd28f40b18.

* Revert "bump timeout for upserting ciphers"

This reverts commit e963acc377.

* move vault utilities to `common` rather than `lib` to avoid circular dependencies

* use `perUserCache$` for `cipherViews$` to avoid new subscriptions from being created

* use userId from observable rather than locally set to be the most up to date

* [PM-18707] Add clearBuffer$ input to perUserCache$ helper so that  the internal share replay buffers can be cleared

* [PM-18707] Rework forceCipherViews$ to clearBuffer$ refactor

- Add dependency for cipherDecryptionKeys$ for the cipherViews so that decryption is never attempted without keys

* [PM-18707] Add overload to perUserCache to satisfy type checker

* [PM-18707] Fix overloads

* [PM-18707] Add check for empty failed to decrypt ciphers

* [PM-18707] Mark vault component for check after observable emits.

The cipherViews$ observable now persists between subscriptions, meaning that updates via the sync push notifications can occur outside the AngularZone causing delays in updating the view.

---------

Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
Co-authored-by: Nick Krantz <nick@livefront.com>
2025-04-15 12:17:41 -07:00
Bernd Schoolmann
b09305577f
[PM-19603] Change asymmetric interface to only allow key encapsulation (#14046)
* Change asymmetric interface to only allow key encapsulation

* Fix naming

* Clean up naming

* Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/services/encrypt.service.implementation.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/crypto/abstractions/encrypt.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Fix test

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-04-15 16:39:02 +02:00
Todd Martin
f7934b98c6
fix(login): [PM-11502] Support Remember Email option consistently
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
* Moved saving of SSO email outside of browser/desktop code

* Clarified comments.

* Tests

* Refactored login component services to manage state

* Fixed input on login component

* Fixed tests

* Linting

* Moved web setting in state into web override

* updated tests

* Fixed typing.

* Fixed type safety issues.

* Added comments and renamed for clarity.

* Removed method parameters that weren't used

* Added clarifying comments

* Added more comments.

* Removed test that is not necessary on base

* Test cleanup

* More comments.

* Linting

* Fixed test.

* Fixed base URL

* Fixed typechecking.

* Type checking

* Moved setting of email state to default service

* Added comments.

* Consolidated SSO URL formatting

* Updated comment

* Fixed reference.

* Fixed missing parameter.

* Initialized service.

* Added comments

* Added initialization of new service

* Made email optional due to CLI.

* Fixed comment on handleSsoClick.

* Added SSO email persistence to v1 component.

* Updated login email service.

* Updated setting of remember me

* Removed unnecessary input checking and rearranged functions

* Fixed name

* Added handling of Remember Email to old component for passkey click

* Updated v1 component to persist the email on Continue click

* Fix merge conflicts.

* Merge conflicts in login component.

* Persisted login email on v1 browser component.

* Merge conflicts

* fix(snap) [PM-17464][PM-17463][PM-15587] Allow Snap to use custom callback protocol

* Removed Snap from custom protocol workaround

* Fixed tests.

* Updated case numbers on test

* Resolved PR feedback.

* PM-11502 - LoginEmailSvcAbstraction - mark methods as abstract to satisfy strict ts.

* Removed test

* Changed to persist on leaving fields instead of button click.

* Fixed type checking.

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2025-04-10 18:58:49 -04:00
Bernd Schoolmann
5a1b0744f0
[PM-17665] Move cryptofunction service to km (#13285)
* Move cryptofunction service to km

* Fix formatting

* Fix import

* Fix build on desktop

* Fix build on browser and tests
2025-04-10 11:09:35 +02:00
rr-bw
a4040b6b6b
refactor(set-change-password): [Auth/PM-17649] Move CompareInputs Validator (#14173)
This PR
- Moves the `compareInputs` validator to `libs/auth` (with some minor updates to the validator)
- Adds unit tests for `compareInputs`
- Removes the deprecated input validators from `InputsFieldMatch` along with the `inputs-field-match.validator.ts` file
2025-04-08 12:42:41 -07:00
rr-bw
81350a2ee1
Revert "refactor(set-change-password): [Auth/PM-17649] Move and test compareI…" (#14171)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
This reverts commit ecb4b2d0b7.
2025-04-07 18:34:35 -07:00
rr-bw
ecb4b2d0b7
refactor(set-change-password): [Auth/PM-17649] Move and test compareInputs validator (#13553)
- Move the `compareInputs` validator to `libs/auth`
- Add tests for the `compareInputs` validator
- Delete the deprecated `InputsFieldMatch` class (inputs-field-match.validator.ts)
2025-04-07 15:04:24 -07:00
Kyle Spearrin
254cad29b3
[PM-8951] set pin validation to min length of 4 (#13312)
* set pin validation to min length of 4

* use reactive forms

* PM-8951 - SetPin - remove dialog close logic if pin is invalid so validation errors can be shown to the user.

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2025-04-07 10:39:26 -04:00
Shane Melton
a7fe4877d7
[PM-17563] Security task background synchronization (#14086)
* [PM-17563] Implement listenForTaskNotifications in default-task.service.ts

* [PM-17563] Update syncService to include userId in syncCompleted message payload

* [PM-17563] Update default-task.service to react to both pending task notifications and completed syncs

* [PM-17563] Add unit tests around task notification listening

* [PM-17563] Only check for at risk password tasks if tasks are enabled

* [PM-17563] Make userId required even if undefined

* [PM-17563] Use abstract TaskService instead of default implementation in MainBackground

* [PM-17563] Cleanup userId filtering
2025-04-04 13:42:44 -07:00
Patrick-Pimentel-Bitwarden
1af8fe2012
feat(device-approval-persistence): [PM-19380] Device Approval Persistence (#13958)
* feat(device-approval-persistence): [PM-19380] Device Approval Persistence - Added lookup on standard auth requests.

* fix(device-approval-persistence): [PM-19380] Device Approval Persistence - Fixed issue with null value trying to be parsed from the fromJSON function.




---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2025-04-04 15:44:48 -04:00
Bernd Schoolmann
1450a033b3
[PM-19469] Add logs for unlock time (#13972)
* Add logs for unlock time

* Undo local flag override

* Update message

* Update messages

* Fix build on chrome
2025-04-02 23:19:53 +02:00
Will Martin
76cb3fd38d
[CL-623] export CDK dialog deps from libs/components (#14074)
* add cdk dialog deps to CL dialog barrel file

* find and replace cdk dialog import

* run prettier
2025-04-02 15:08:38 -04:00
Jordan Aasen
538db63c50
[PM-432] - Protect entire item when Master Password Re-prompt is selected - desktop (#14035)
* prompt for MP on cipher view

* only keep reprompt while cipher is open

* reset cipher password prompt after opening another cipher
2025-04-02 11:52:49 -07:00
Brandon Treston
9b3c28fcea
[PM-19746] Add new permission check to browser (#14075)
* add new permisssions check to browser

* add permission logic to view

* fix tests

* cleanup

* fix permissions model for CLI and desktop

* feedback
2025-04-02 12:49:08 -04:00
Vicki League
575e8b691f
[CL-570] Deprecate old icons (#13663) 2025-04-01 11:34:04 -04:00
Shane Melton
c3e562e75d
[PM-17563] [PM-19754] Migrate Security Task Module to libs/common (#14036)
* [PM-17563] Remove references to Angular from TaskService

* [PM-17563] Move Task module to libs/common/vault to avoid Angular dependency

* [PM-17563] Fix bad imports

* [PM-17563] Fix a few more missed imports
2025-04-01 07:27:05 -07:00
Bernd Schoolmann
22039d038d
[PM-3475] Remove deprecated keys (#13266)
* Remove deprecated keys

* Fix cli build

* Fix build
2025-03-31 16:58:02 +02:00
Alec Rippberger
d5f033efa2
refactor(auth): [PM-9179] remove deprecated TwoFactorComponents
Remove deprecated TwoFactorComponentsV1 and TwoFactorOptionsComponentV1 components, related functionality (unauthUiRefreshSwap) and orphaned styles/translation messages.
2025-03-28 12:51:20 -05:00
Jason Ng
a3e01ad672
[PM-10610] push notification to end user notification service (#13876)
* use NotificationsService.notifictions$ for tracking inside default end user notification
2025-03-26 13:16:40 -04:00
Brandon Treston
0fd01ed7ee
[PM-18566] Wire up vNextPolicyService for Clients (#13678)
* wire up vNext impl

* wire up vNextPolicyService for browser

* wire up vNextPolicyService for desktop

* wire up vNextPolicyService for cli

* fix test

* fix missed caller

* cleanup

* fix missing property assignment

* fix QA bug for PM-19205

* fix QA bug for PM-19206

* fix QA bug for pm-19228

* cleanup
2025-03-25 11:30:47 -04:00
Bernd Schoolmann
27baa92fcf
[PM-10749] [BEEEP] New export format: Zip with attachments (#10465)
* Add new export format: zip

* Restrict zip export to just individual vaults

* Add tests

* Remove unused import

* Fix build error

* Fix tests

* Fix test

* Fix retrieval of ciphers by passing in activeUserId

* Guard feature behind `export-attachments`-feature-flag

* Extend cipher filter to also filter out any ciphers that are assigned to an organization

* Added apiService to retrieve AttachmentData (metaData) and then download the attachment

- Added ApiService as a depdency within DI for VaultExportService/IndividualVaultExportService
- Added unit tests for filtering ciphers
- Added unit test for downloading attachment metadata and attachments

* Moved attachment decryption into a separate method and added unit tests

* Added null check for creating the base attachment folder

* Move format check for zip within Org export into an early return/throw

* Add feature flag guard on the CLI

* Extend ExportScopeCallout to display an individual export will contain attachment when zip-format is selected

* Fix adding/removing the zip-export option based on selected vault and state of `export-attachments` feature-flag

* Separate AAA visually using whitespace within tests

* Remove unused error var

* Write test that verifies different http request failures when retrieving attachment data

* Remove uneeded ignore lint rule

* Rewrite test to actually check that ciphers assigned to an org are filtered out

* Introduce ExportedVault return type (#13842)

* Define ExportedVault type unioned by 2 new types that describe a plain-text export vs a blob-based zip-export

* Extend static getFileName to handle formats and add unit-tests

* Introduce new export return type throughout the vault export module

- Update abstractions
- Update return types within implementations
- Update callers/consumers to handle the new return value
- Fix all unit tests

* Add support for new export return type and fix download of blobs via CLI

* Add documentation to public methods

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-03-25 13:30:54 +01:00
Alex Morask
034112f42e
Hide bank account for provider when initial tax info is non-US (#13968) 2025-03-25 08:11:32 -04:00
rr-bw
7c0af6c8fb
fix(service): [Auth/PM-17648] Fix MasterPasswordApiService injection (#13886) 2025-03-18 14:41:43 -07:00
Jordan Aasen
70cfd33d96
Revert "collapse collections initially" (#13845)
This reverts commit 2e90a6af12.
2025-03-18 09:18:20 -07:00
Thomas Avery
a11536a424
[PM-17668] Move DeviceTrustService to KM ownership (#13194)
* move DeviceTrustService to KM ownership

* update codecov
2025-03-17 12:02:44 -05:00
Brandon Treston
4d68952ef3
[PM-18089] Update cipher permissions model and consumers (#13606)
* update cipher permissions model and consumers

* add new property to tests

* fix test, add property to toCipherData()

* add missing ConfigService

* fix story

* refactor

* fix error, cleanup

* revert refactor

* refactor

* remove uneeded test

* cleanup

* fix build error

* refactor

* clean up

* add tests

* move validation check to after featrue flagged logic

* iterate on feedback

* feedback
2025-03-14 09:51:40 -04:00
Alec Rippberger
e9c7cd11a3
refactor(auth): [PM-9722] remove deprecated LoginDecryptionOptionsComponent
- Remove LoginDecryptionOptionsComponentV1
- Clean up orphaned translation messages
- Remove unused styles
- Clean up related dependencies

Closes PM-9722
2025-03-13 15:37:52 -05:00
Shane Melton
4687120618
[PM-18946] Improve Vault loading experience (#13714)
* [PM-18946] Refactor loading$ in vault-v2. Update icon-component, and build-cipher-icon
2025-03-13 14:38:29 -04:00
Thomas Avery
81335978d8
[PM-17669] Move MasterPasswordService to KM (#13148)
* Move MasterPasswordService to KM
2025-03-13 13:29:27 -05:00
Alec Rippberger
4f724974e9
refactor(auth): [PM-9725] remove deprecated EnvironmentComponent and self-hosted setup modal
* Remove EnvironmentComponent
* Cleanup unused translation messages

Closes PM-9725
2025-03-13 12:23:37 -05:00
Alec Rippberger
1d1358407e
refactor(components): remove deprecated HintComponent and related code
- Remove HintComponent
- Clean up orphaned functionality
- Remove unused translation messages

Closes PM-9727
2025-03-13 09:56:50 -05:00
Thomas Avery
7e96b7a9a6
[PM-17670] Move KeyConnectorService to KM ownership (#13277)
* Move KeyConnectorService to KM ownership

* Add to codecov

* Move key connector request models
2025-03-13 09:46:01 -05:00
Alec Rippberger
942b80e5d2
refactor(auth): [PM-9724] remove LoginViaAuthRequestComponentV1 and related functionality
- Remove deprecated LoginViaAuthRequestComponentV1 component
- Clean up related ApiService functionality
- Remove orphaned translation messages
- Remove unused CSS styles

Jira PM-9724
2025-03-12 16:40:05 -05:00
Alec Rippberger
4308cd8a9f
refactor(auth): [PM-9678] remove deprecated login components
Removes the V1 Login components and related UnauthenticatedExtensionUIRefresh
feature flag functions. Part of the authentication UI modernization efforts.

Closes PM-9678
2025-03-12 14:36:05 -05:00
rr-bw
e268055dc1
feature(set-change-password): [Auth/PM-17648] Create MasterPasswordApiService (#13552)
Creates a MasterPasswordApiService to house our API calls related to setting and changing a master password.
2025-03-12 11:33:44 -07:00
Bernd Schoolmann
83de125ae9
[PM-15149] Remove ssh feature flag (#13506)
* Remove ssh feature flag

* Remove isSshKeyENabled in type-filter.component
2025-03-12 14:19:49 +01:00
Jason Ng
15fa3cf08d
[PM-10613] End User Notification Service (#13721)
* new end user notification service to retrieve and update notifications from API
2025-03-12 08:02:18 +01:00
Conner Turnbull
00e822fb13
[PM-16937] Remove Billing Circular Dependency (#13085)
* Remove circular dependency between billing services and components

* Removed `logService` from `billing-api.service.ts`

* Resolved failed test

* Removed @bitwarden/ui-common

* Added optional `title` parameter to `BillingNotificationService` functions

* Removed @bitwarden/platform from libs/common/tsconfig.json

* Update apps/web/src/app/billing/services/billing-notification.service.spec.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Update apps/web/src/app/billing/services/billing-notification.service.spec.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Resolved build errors

* Resolved issue where free trial banner wouldn't display if missing a payment method

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2025-03-11 13:43:19 -04:00
rr-bw
0568a09212
refactor(device-trust-toasts): [Auth/PM-11225] Refactor Toasts from Auth Services (#13665)
Refactor toast calls out of auth services. Toasts are now triggered by an observable emission that gets picked up by an observable pipeline in a new `DeviceTrustToastService` (libs/angular). That observable pipeline is then subscribed by by consuming the `AppComponent` for each client.
2025-03-10 12:17:46 -07:00
Jordan Aasen
985942ac05
collapse collections initially (#13646) 2025-03-10 11:07:04 -07:00
Bernd Schoolmann
01f6fd7ee3
[PM-16227] Move import to sdk and enable it in browser/web (#12479)
* Move import to sdk and enable it in browser/web

* Add uncomitted files

* Update package lock

* Fix prettier formatting

* Fix build

* Rewrite import logic

* Update ssh import logic for cipher form component

* Fix build on browser

* Break early in retry logic

* Fix build

* Fix build

* Fix build errors

* Update paste icons and throw error on wrong import

* Fix tests

* Fix build for cli

* Undo change to jest config

* Undo change to feature flag enum

* Remove unneeded lifetime

* Fix browser build

* Refactor control flow

* Fix i18n key and improve import behavior

* Remove for loop limit

* Clean up tests

* Remove unused code

* Update libs/vault/src/cipher-form/components/sshkey-section/sshkey-section.component.ts

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>

* Move import logic to service and add tests

* Fix linting

* Remove erroneous includes

* Attempt to fix storybook

* Fix storybook, explicitly implement ssh-import-prompt service abstraction

* Fix eslint

* Update libs/importer/src/importers/bitwarden/bitwarden-json-importer.ts

Co-authored-by:  Audrey  <ajensen@bitwarden.com>

* Fix services module

* Remove ssh import sdk init code

* Add tests for errors

* Fix import

* Fix import

* Fix pkcs8 encrypted key not parsing

* Fix import button showing on web

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by:  Audrey  <ajensen@bitwarden.com>
2025-03-10 18:41:47 +01:00
Oscar Hinton
a569dd9ad6
[PM-15892] [PM-12250]Remove nord and remnants from solarizedark (#13449)
* Remove nord and remnants from solarizedark

* Update window reload color

* Remove extension-refresh feature flag from clients (#13450)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* Remove usage of nord and solarized themes within DarkImageDirective

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-03-10 15:33:55 +01:00
Thomas Rittson
ef72f513b1
eslint: report unused disable directives (#13463)
Remove any unused disable directives and FIXMEs in our code
2025-03-10 09:33:08 -04:00
SmithThe4th
e327816bc4
[PM-11941] Migrate TOTP Generator to use SDK (#12987)
* Refactored totp service to use sdk

Fixed strict typescript issues

* Fixed dependency issues

* Returned object that contains code and period, removed get interval function

* removed dependencies

* Updated to use refactored totp service

* removed sdk service undefined check

* removed undefined as an input from the getCode function

* Made getcode$ an observable

* refactored to use getcodee$

* Filter out emmissions

* updated sdk version

* Fixed readability nit

* log error on overlay if totp response does not return a code

* fix(totpGeneration): [PM-11941] Totp countdown not working on clients

* Used optional chaining if totpresponse returns null or undefined
2025-03-06 14:01:07 -05:00
Jason Ng
f65daf7284
[PM-12045] search service activeuserstate (#13035)
* removing activeuserstate from search service
2025-03-06 12:26:24 -05:00
cyprain-okeke
96fa9e2ea7
Resolve the Tailwind CSS class error (#13700) 2025-03-06 14:47:03 +01:00
Jared Snider
92f027af5e
fix(LoginComp + LoginStrategies): [Auth/PM-18654] Refreshed UI - Desktop TDE JIT provisioned user creation errors with missing org SSO id (#13619)
* PM-18654 - State Service & Login Strategy Refactor - move env seeding into login strategy so that new accounts always load w/ the correct environment

* PM-18654 - SSO Comp - just use user id from auth result

* PM-18654 - Config Service - (1) don't allow cascading calls to the renewConfig by using a private promise (2) Replace shareReplay with share configured with manual timer

* PM-18654 - LoginComponents - detail issue and possible fix

* PM-18654 - DesktopLoginV1Comp - use correct destroy hook

* PM-18654 - LoginComp - clean up no longer correct comment

* PM-18654 - New Device Verification Component - Remove unused PasswordLoginStrategy dependency

* PM-18654 - Browser Home Component - fix qParam logic

* PM-18654 - DefaultConfigService - revert changes as they aren't necessary to fix the bug.

* PM-18654 - DefaultConfigService - remove commented code

* PM-18654 - LoginStrategy - add comment

* PM-18654 - Fix login strat tests
2025-03-03 12:09:35 -05:00
Shane Melton
5b215cf193
[PM-18707] Fix desktop live sync (#13624)
* [PM-18707] Remove redundant cipherService subscription

* [PM-18707] Add artificial tick delay to cipherService to allow for ElectronStore storage service to fully save before continuing
2025-03-03 08:33:48 -08:00
Jake Fink
43f5423e78
[PM-12606] Move Vault Timeout and Vault Timeout Settings to KM (#13405)
* move vault timeout and vault timeout settings to km

* move browser vault timeout service to km

* fix cli import

* fix imports

* fix some relative imports

* use relative imports within common

* fix imports

* fix new imports

* Fix new imports

* fix spec imports
2025-02-28 09:55:03 -05:00
Oscar Hinton
cec117459b
[PM-18599] Forbid unknown property and element in tests (#13556)
Fail tests when relying on unknownProperties or unknownElements. Existing instances are whitelist and have tickets created and assigned to the relevant teams.
2025-02-25 14:02:19 -08:00
cd-bitwarden
a5fe0857ee
Fix for the issue where folders do not log when you have two accounts and you lock both then login to the second account (#13273) 2025-02-25 15:15:35 -05:00
Jared Snider
acbff6953c
feat(2FA-UI-Refresh): [Auth/PM-8113] - 2FA Components Consolidation and UI Refresh (#12087)
* PM-8113 - Deprecate TwoFactorComponentRefactor feature flag in favor of UnauthenticatedExtensionUIRefresh flag

* PM-8113 - Rename all existing 2FA components as V1.

* PM-8113 - TwoFactorAuthComp - Add comment explaining that tagged unused import is used a dialog.

* PM-8113 - 2FA Auth Comp - deprecate captcha

* PM-8113 - LoginStrategySvc - add todo for deprecation of captcha response

* PM-8113 - TwoFactorAuth tests - remove captcha

* PM-8113  - TwoFactorAuthComp HTML - remove captcha

* PM-8113  - Web Two Factor Auth - update deps

* PM-8113 - Move all new two-factor-auth components into libs/auth instead of libs/angular/src/auth

* PM-8113 - Add new child-components folder to help differentiate between top level page component and child components

* PM-8113 - Add todo for browser TwoFactorAuthEmailComponent

* PM-8113 - TwoFactorAuth - progress on consolidation

* PM-8113 - TwoFactorAuth - add TODO to ensure I don't miss web on success logic

* PM-8113 - TwoFactorAuth - Deprecate browser implementation of two-factor-auth and move all logic into single component - WIP

* PM-8113 - Bring across 2FA session timeout to new 2FA orchestrator comp

* PM-8113 - Export TwoFactorAuth from libs/auth

* PM-8113 - Fix 2FA Auth Comp tests by adding new service deps.

* PM-8113 - Fix TwoFactorAuthExpiredComp imports + TwoFactorAuthComponent imports on other clients.

* PM-8113 - 2FA Auth Comp - Progress on removing onSuccessfulLogin callback

* PM-8113 - 2FA Auth - update deps to private as inheritance will no longer be used.

* PM-8113 - TwoFactorAuthComp - Refactor init a bit.

* PM-8113  - TwoFactorAuthComp - More naming refactors

* PM-8113  - TwoFactorAuth - (1) more refactoring (2) removed onSuccessfulLoginNavigate (3) after successful login we always loginEmailService.clearValues()

* PM-8113 - TwoFactorAuthComp Tests - clean up tests for removed callbacks.

* PM-8113 - TwoFactorAuthComponent - refactor default success route handling

* PM-8113 - TwoFactorAuthComp - More refactoring

* PM-8113 - TwoFactorAuthComp - more refactors

* PM-8113 - TwoFactorAuth - Remove unused service dep

* PM-8113 - TwoFactorAuthComp - Refactor out unused button action text and move checks for continue button visibility into component

* PM-8113 - TwoFactorAuthComponent - Add type for providerData

* PM-8113 - TwoFactorAuthComponent - Add todo

* PM-8113 - TwoFactorAuthComponent - Add client type

* PM-8113 - TwoFactorAuth - implement browser specific SSO + 2FA logic

* PM-8113 - TwoFactorService Abstraction - refactor to use proper functions + mark methods as abstract properly + add null return to getProviders

* PM-8113 - Refactor 2FA Guard logic out of ngOnInit and into own tested guard. Updated all routes.

* PM-8113 - TwoFactorAuthComponent - WIP on webauthn init.

* PM-8113 - TwoFactorAuthComponent - pull webauthn fallback response handling into primary init with checks based on client for if it should be processed.

* PM-8113 - TwoFactorAuthComponent - move linux popup width extension logic into ExtensionTwoFactorAuthComponentService

* PM-8113 - WebTwoFactorAuthComponentService - add explicit override for web's determineLegacyKeyMigrationAction method.

* PM-8113 - Implement new TwoFactorAuthComponentService .openPopoutIfApprovedForEmail2fa to replace extension specific init logic.

* PM-8113 - TwoFactorAuthComponent - misc cleanup

* PM-8113 - TwoFactorAuthComponent - more clean up

* PM-8113 - TwoFactorAuthComponent - WIP on removing TDE callbacks

* PM-8113 - TwoFactorAuthComponent - finish refactoring out all callbacks

* PM-8113 - TwoFactorAuthComponent - remove now unused method

* PM-8113 - TwoFactorAuthComponent - refactor routes.

* PM-8113 - TwoFactorAuthComponent - add TODO

* PM-8113 - TwoFactorAuthComp - isTrustedDeviceEncEnabled - add undefined check for optional window close. + Add todo

* PM-8113 - TwoFactorAuthComponent tests - updated to pass

* PM-8113 - (1) Consolidate TwoFactorAuthEmail component into new service architecture (2) Move openPopoutIfApprovedForEmail2fa to new TwoFactorAuthEmailComponentService

* PM-8113 - Refactor libs/auth/2fa into barrel files.

* PM-8113 - Move TwoFactorAuthEmail content to own folder.

* PM-8113 - Move 2FA Duo to own comp folder.

* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - Add comment

* PM-8113 - TwoFactorAuthEmailComponentService - add docs

* PM-8113  - TwoFactorAuthDuoComponentService - define top level abstraction and each clients implementation of the duo2faResultListener

* PM-8113 - TwoFactorAuthDuoCompService - add client specific handling for launchDuoFrameless

* PM-8113 - Delete no longer used client specific two factor auth duo components.

* PM-8113 - Register TwoFactorAuthDuoComponentService implementation in each client.

* PM-8113 - TwoFactorAuthComp - add destroy ref to fix warnings.

* PM-8113 - Remove accidentally checked in dev change

* PM-8113 - TwoFactorAuthComp - (1) Add loading state (2) Add missing  CheckboxModule import

* PM-8113 - TwoFactorAuthDuoComponent - update takeUntilDestroyed to pass in destroy context as you can't use takeUntilDestroyed in ngOnInit without it.

* PM-8113 - TwoFactorAuthWebAuthnComponent - remove no longer necessary webauthn new tab check as webauthn seems to work without it

* PM-8113 - TwoFactorAuthWebAuthnComp - refactor names and add todo

* PM-8113 - (1) Move WebAuthn 2FA comp to own folder (2) build out client service for new tab logic

* PM-8113 - Register TwoFactorAuthWebAuthnComponentServices

* PM-8113 - Tweak TwoFactorAuthWebAuthnComponentService and add to TwoFactorAuthWebAuthnComponent

* PM-8113 - WebTwoFactorAuthDuoComponentService - fix type issue

* PM-8113 - ExtensionTwoFactorAuthDuoComponentService - attempt to fix type issue.

* PM-8113 - Remove ts-strict-ignore

* PM-8113 - TwoFactorAuthWebAuthnComponent - satisfy strict typescript reqs.

* PM-8113 - TwoFactorAuthComponent - some progress on strict TS conversion

* PM-8113 - TwoFactorAuthComp - fixed all strict typescript issues.

* PM-8113 - TwoFactorAuthComp - remove no longer necessary webauthn code

* PM-8113 - ExtensionTwoFactorAuthComponentService - handleSso2faFlowSuccess - add more context

* PM-8113 - TwoFactorAuthComp - TDE should use same success handler method

* PM-8113 - Fix SSO + 2FA result handling by closing proper popout window

* PM-8113 - Add todo

* PM-8113 - Webauthn 2FA - As webauthn popout doesn't persist SSO state, have to genercize success logic (which should be a good thing but requires confirmation testing).

* PM-8113 - Per main changes, remove deprecated I18nPipe from 2fa comps that use it.

* PM-8113 - Remove more incorrect i18nPipes

* PM-8113 - TwoFactorAuth + Webauthn - Refactor logic

* PM-8113 - TwoFactorAuth - build submitting loading logic

* PM-8113 - TwoFactorAuth - remove loading as submitting.

* PM-8113 - TwoFactorAuth - update to latest authN session timeout logic

* PM-8113 - AuthPopoutWindow - Add new single action popout for email 2FA so we can close it programmatically

* PM-8113 - Update  ExtensionTwoFactorAuthComponentService to close email 2FA single action popouts.

* PM-8113 - Fix build after merge conflict issue

* PM-8113 - 2FA - Duo & Email comps - strict typescript adherence.

* PM-8113 - TwoFactorAuth - Clean up unused stuff and get tests passing

* PM-8113 - Clean up used service method + TODO as I've confirmed it works for other flows.

* PM-8113 - TODO: test all comp services

* PM-8113 - TwoFactorAuthComponent Tests - fix tests by removing mock of removed method.

* PM-8113 - Revert changes to login strategies to avoid scope creep for the sake of typescript strictness.

* PM-8113 - ExtensionTwoFactorAuthComponentService tests

* PM-8113 - Test ExtensionTwoFactorAuthDuoComponentService

* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - add tests

* PM-8113 - Test ExtensionTwoFactorAuthWebAuthnComponentService

* PM-8113 - Add 2fa icons (icons need tweaking still)

* PM-8113 - TwoFactorAuthComponent - add setAnonLayoutDataByTwoFactorProviderType and handle email case as POC

* PM-8113 - TwoFactorEmailComp - work on converting to new design

* PM-8113 - Update icons with proper svg with scaling via viewbox

* PM-8113 - Update icons to use proper classes

* PM-8113 - 2FA Auth Comp - Progress on implementing design changes

* PM-8113 - TwoFactorOptionsComponent - add todos

* PM-8113 - 2fa Email Comp - add style changes per discussion with design

* PM-8113 - TwoFactorAuthComponent - use2faRecoveryCode - build out method per discussion with design

* PM-8113 - TwoFactorAuthComp - fix comp tests

* PM-8113 - TwoFactorAuthComp - progress on adding 2fa provider page icons and subtitles

* PM-8113 - Browser Translations - update duoTwoFactorRequiredPageSubtitle to match design discussion

* PM-8113 - TwoFactorAuthComp - more work on getting page title / icons working

* PM-8113 - Add todo

* PM-8113 - TwoFactorAuthDuoComponent Html - remove text that was moved to page subtitle.

* PM-8113 - 2FA Auth Comp - Duo icon works

* PM-8113 - (1) Add Yubico logo icon (2) Rename Yubikey icon to security key icon

* PM-8113 - TwoFactorAuthComp - remove icon from launch duo button per figma

* PM-8113 - Mark old two-factor-options component as v1.

* PM-8113 - Web - TwoFactorOptionsComponentV1 - Fix import

* PM-8113 - Fix more imports

* PM-8113 - Adjust translations based on meeting with Design

* PM-8113 - TwoFactorOptionsComponent - deprecate recovery code functionality

* PM-8113 - TwoFactorOptionsComponent - remove icon disable logic and unused imports

* PM-8113 - 2FA Options Comp rewritten to match figma

* PM-8113 - TwoFactorOptions - (1) Sort providers like setup screen (2) Add responsive scaling

* PM-8113 - Webauthn 2FA - WIP on updating connectors to latest style

* PM-8113 - Webauthn connector - clean up commented out code and restore block style

* PM-8113 - TwoFactorAuthWebAuthn - Add loading state for iframe until webauthn ready

* PM-8113 - Webauthn Iframe - update translation per figma

* PM-8113 - TwoFactorAuthComp - per figma, put webauthn after checkbox.

* PM-8113 - WebAuthn Fallback connector - UI refreshed

* PM-8113 - Two Factor Options - Implement wrapping

* PM-8113 - TwoFactorAuthAuthenticator - Remove text per figma

* PM-8113 - TwoFactorAuthYubikey - Clean up design per figma

* PM-8113 - Refactor all 2FA flows to use either reactive forms or programmatic submission so we get the benefit of onSubmit form validation like we have elsewhere.

* PM-8113 - 2FA Auth Comp - for form validated 2FA methods, add enter support.

* PM-8113 - TwoFactorAuthComp - Add loginSuccessHandlerService

* PM-8113 - DesktopTwoFactorAuthDuoComponentService - add tests

* PM-8113 - WebTwoFactorAuthDuoComponentService test file - WIP on tests

* PM-8113 - WebTwoFactorAuthDuoComponentService - test listenForDuo2faResult

* PM-8113 - TwoFactorAuthComp - (1) remove unused deps (2) get tests passing

* PM-8113 - Add required to inputs

* PM-8113 - TwoFactorAuth - Save off 2FA providers map so we can only show the select another 2FA method if the user actually has more than 1 configured 2FA method.

* PM-8113 - Webauthn iframe styling must be adjusted per client so adjust desktop and browser extension

* PM-8113 - TwoFactorAuthComp - Integrate latest ssoLoginService changes

* PM-8113 - Desktop & Browser routing modules - add new page title per figma

* PM-8113 - WebAuthn - added optional awaiting security key interaction button state to improve UX.

* PM-8113 - TwoFactorAuthComp - refactor to avoid reactive race condition with retrieval of active user id.

* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - force close the popup since it has stopped closing when the popup opens.

* PM-8113 - TwoFactorAuth - refactor enter key press to exempt non-applicable flows from enter key handling

* PM-8113 - Refactor ExtensionTwoFactorAuthComponentService methods to solve issues with submission

* PM-8113 - TwoFactorAuth - fix programmatic submit of form

* PM-8113 - Fix ExtensionTwoFactorAuthComponentService tests

* PM-8113 - Extension - Webauthn iframe - remove -10px margin

* PM-8113 - Extension Routing module - 2FA screens need back button

* PM-8113 - Get Duo working in extension

* PM-8113 - TwoFactorOptions - tweak styling of row styling to better work for extension

* PM-8113 - TwoFactorWebauthnComp - new tab button styling per figma

* PM-8113 - 2FA Comp - Update logic for hiding / showing the remember me checkbox

* PM-8113 - TwoFactorAuthWebAuthnComp - new tab flow - fix remember me

* PM-8113 - Per PR feedback, add TODO for better provider and module structure for auth component client logic services.

* PM-8113 - TwoFactorAuth - add missing TDE offboarding logic.

* PM-8113 - TwoFactorAuthComponent tests - fix tests

* PM-8113 - 2FA Auth Comp HTML - per PR feedback, remove unnecessary margin bottom

* PM-8113 - 2FA Comp - per PR feedback, remove inSsoFlow as it isn't used.

* PM-8113 - TwoFactorOptionsComp - Clean up no longer needed emitters.

* PM-8113 - TwoFactorOptions - per PR feedback, clean up any usage

* PM-8113 - TwoFactorAuthComp - per PR feedback, rename method from selectOtherTwofactorMethod to selectOtherTwoFactorMethod

* PM-8113 - Per PR feedback, fix translations misspelling

* PM-8113 - TwoFactorAuthSecurityKeyIcon - fix hardcoded value

* PM-8113 - TwoFactorAuthSecurityKeyIcon - fix extra "

* PM-8113 - TwoFactorAuthDuo - Per PR feedback, remove empty template.

* PM-8113 - LooseComponentsModule - re-add accidentally removed component

* PM-8113 - TwoFactorAuthWebAuthnIcon - per PR feedback, fix hardcoded stroke value.

* PM-8113 - Desktop AppRoutingModule - per PR feedback, remove unnecessary AnonLayoutWrapperComponent component property.

* PM-8113 - Update apps/browser/src/auth/services/extension-two-factor-auth-duo-component.service.spec.ts to fix misspelling

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-8113 - TwoFactorAuthComp - Per PR feedback, add trim to token value

* PM-8113 - TwoFactorService - add typescript strict

* PM-8113 - TwoFactorService - per PR feedback, add jsdocs

* PM-8113 - Per PR feedback, fix misspelling

* PM-8113 - Webauthn fallback - per PR feedback fix stroke

* PM-8113 - Update apps/web/src/connectors/webauthn-fallback.html

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

* PM-8113 - Update libs/auth/src/angular/icons/two-factor-auth/two-factor-auth-webauthn.icon.ts

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>

---------

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2025-02-24 09:59:14 -05:00
Jared Snider
c4a230e80b
PM-9417 - PasswordStrengthComp - A11y improvement - add screen reader announcement for all usages of password strength. (#13515) 2025-02-24 09:55:18 +01:00
Todd Martin
077e0f89cc
[PM-17751] Store SSO email in state on web client (#13295)
* Moved saving of SSO email outside of browser/desktop code

* Clarified comments.

* Tests

* Refactored login component services to manage state

* Fixed input on login component

* Fixed tests

* Linting

* Moved web setting in state into web override

* updated tests

* Fixed typing.

* Fixed type safety issues.

* Added comments and renamed for clarity.

* Removed method parameters that weren't used

* Added clarifying comments

* Added more comments.

* Removed test that is not necessary on base

* Test cleanup

* More comments.

* Linting

* Fixed test.

* Fixed base URL

* Fixed typechecking.

* Type checking

* Moved setting of email state to default service

* Added comments.

* Consolidated SSO URL formatting

* Updated comment

* Fixed reference.

* Fixed missing parameter.

* Initialized service.

* Added comments

* Added initialization of new service

* Made email optional due to CLI.

* Fixed comment on handleSsoClick.

* Added SSO email persistence to v1 component.

---------

Co-authored-by: Bernd Schoolmann <mail@quexten.com>
2025-02-21 17:09:50 -05:00
Patrick-Pimentel-Bitwarden
598139d739
fix(recovery-code-login): [PM-18474] Fix for Recovery Code Login (#13497)
* fix(recovery-code-login): [PM-18474] Fix for Recovery Code Login - Fixed the recovery code login to work with the new device verification notice flow.

* test(recovery-code-login): [PM-18474] Fix for Recovery Code Login - Tests added.
2025-02-20 16:45:19 -05:00
Andreas Coroiu
9c102f056c
chore: update sdk to main.105 (#13472)
* chore: update sdk version

* fix: sdk breaking changes
2025-02-19 15:46:43 +01:00
Jordan Aasen
993c056b19
[PM-18055] - sync list and item view after saving vault item (#13412)
* sync list and item view after saving vault item

* sync folder on save

* remove unused destroy ref
2025-02-18 12:41:42 -08:00
Shane Melton
96260eda65
[PM-14421] Access Intelligence: Introduce At-risk Passwords Page (#13044)
* [PM-14421] Add initial at risk password page component and route

* [PM-14421] Add new at-risk-password guard and update task service to consider feature flag for tasksEnabled$

* [PM-14421] Export vault observable utilities to be used outside of libs/vault

* [PM-14421] Implement at risk passwords page

* [PM-14421] Add temporary callout for at-risk tasks to browser vault view

* [PM-14421] Fix service registration after merge

* [PM-14421] Fix organization service usage after merge

* [PM-14421] Add autofill setting callout

* [PM-14421] Fix failing test

* [PM-14421] Change autofill setting check and toggle

* [PM-14421] Make autofill setting callout dismissal persistent

* [PM-14421] Fix tests

* [PM-14421] Fix button structure

* [PM-14421] Handle plural tasks i18n

* [PM-14421] Fix cipher service usage after refactor on main

* [PM-14421] Fix at-risk-password spec file
2025-02-12 13:28:20 -08:00
SmithThe4th
a2945203f4
[PM-12047] Remove usage of ActiveUserState from cipher.service (#12814)
* Cipher service web changes

* Updated browser client to pass user id to cipher service observable changes

* Cli changes

* desktop changes

* Fixed test

* Libs changes

* Fixed merge conflicts

* Fixed merge conflicts

* removed duplicate reference fixed conflict

* Fixed test

* Fixed test

* Fixed test

* Fixed desturcturing issue on failed to decrypt ciphers cipher service

* Updated abstraction to use method syntax

* Fixed conflicts

* Fixed test on add edit v2

Passed active userId to delete function

* Used getUserId utility function

* made vault changes

* made suggestion changes

* made suggestion changes

* made suggestion changes

* Replace getUserId function calls with pipe operator syntax for better consistency

* fixed merge conflicts

* revert mistake made of usinf account activity during merge conflict fix

* fixed conflicts

* fixed tests
2025-02-12 08:53:31 -05:00
Shane Melton
182f9baa0f
Revert "[PM-5718] Fix free organization generating TOTP (#11918)" (#13357)
This reverts commit 459fb1bcf4.

Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
2025-02-11 11:12:56 -08:00
Alec Rippberger
9f22a2fa87
refactor: [PM-17182] Remove Bootstrap style from EnvironmentSelectorComponent
Replace Bootstrap styles with Tailwind equivalents in the EnvironmentSelectorComponent to modernize the UI.
2025-02-11 10:25:14 -06:00
Alec Rippberger
1685f67e90
refactor: [PM-17530] remove obsolete registration component
Remove outdated registration components and associated routes to cleanup the codebase and eliminate legacy functionality.
2025-02-11 16:05:21 +00:00
Daniel James Smith
9ddaf96020
[PM-13811] Remove conditional code for extension refresh on web (#13145)
* Enable UI refresh on web by default

Removing all conditional code around the `ExtensionRefresh`-feature-flag on the web-UI

* Remove no longer needed extensRefresh helpers

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-02-10 14:20:05 +01:00
Nick Krantz
dd55086cbb
[PM-17776] New Device - SSO Check (#13177)
* refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations

* Revert "refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations"

This reverts commit 419c26fbbc.

* update new device verification guard to check for master password usage

* add sso check for new device verification guard
2025-02-07 09:25:28 -06:00
Patrick-Pimentel-Bitwarden
516246eab8
fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service (#13292)
* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed location of retrieving the active user id in one component.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed up type safety.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Removed unnessesary subscriptions.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed test.

* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Made code a little cleaner.
2025-02-06 16:06:26 -05:00
Daniel James Smith
0b5b1b347e
[PM-17165] Remove v1 generator UI from web (#13240)
* Remove v1 generator from web

Remove conditional routing based on `generator-tools-modernization`
Remove generatorSwap helper
Remove generator and password-generator-history components including the base ones in libs/angular

* Remove the feature flag `generator-tools-modernization`

* Remove unused keys from en/messages.json

* Remove unused css

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-02-06 19:06:37 +01:00
Jordan Aasen
772f45aa63
[PM-14039] - [Defect] Desktop vault changes aren't immediately taking effect (#13186)
* favor subscription over firstValueFrom in desktop cipher view

* add event handling for username generator

* Revert "add event handling for username generator"

This reverts commit 73cffbcc6b.

* close out subscription on cleanup
2025-02-06 09:28:53 -08:00
Bernd Schoolmann
2f8a7a95bd
[PM-15994] Move encrypt service to km ownership (#13220)
* Move encrypt service to km ownership

* Update imports for encrypt service abstraction and move bulk encrypt service abstraction

* Fix imports

* Fix further imports

* Fix imports

* Fix worker import
2025-02-05 17:39:11 +01:00
Jordan Aasen
2c118d9f01
[PM-16925] - fix all restricted imports in vault (#13236)
* fix all restricted imports in vault

* fix spec

* remove export
2025-02-04 14:26:03 -08:00
Patrick-Pimentel-Bitwarden
0523ce0b40
refactor(active-user-state-refactor): [PM-12040] Remove ActiveUserStatus For SSO Login Component (#13149)
* refactor(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - First pass of work to update the state. In the middle of testing.

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fix for jslib-services.module.ts

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fix main.background.ts

* test(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Added simple tests

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Tiny touchups.

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Few fixes to resolve comments.

* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Changed place where userId is loaded.

* test(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fixed test.
2025-02-04 13:31:36 -05:00
Alec Rippberger
8e70d5b923
feat(auth): [PM-3953] generalize copy for login with device flows
Updates UI text and translations for the login with device feature to be more consistent and clear across desktop, browser and web clients. Changes include:

- Updated titles and content for login via auth request components
- Revised translations for device approval modal
- Updated notification titles and alert messages
- Simplified device management URL handling
- Added missing translations across platforms

Resolves PM-3953
2025-01-31 11:54:41 -06:00
Daniel James Smith
6ae30f5059
Remove dependency on importer/core from libs/angular (#13137)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-01-31 14:04:35 +01:00
Shane Melton
a404729c9e
[PM-17745] Catch network errors in new device notification guard (#13161)
* [PM-17745] Wrap new device guard applicability check in try/catch to prevent crashes from network errors

* [PM-17745] Fix broken test
2025-01-30 12:18:22 -08:00
Daniel James Smith
ef38a96faf
[PM-16485] Remove legacy generator from change password component (#13132)
* Remove deprecated and unused PasswordGenerationService

* Remove unused state-service

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-01-29 14:40:48 -05:00
Shane Melton
db2b405421
Fix noop notification service registration (#13131)
* Re-order the constructor dependencies to match between Noop and Default notification service

* Fix test file

* One more missed constructor
2025-01-29 12:58:01 -05:00
Daniel James Smith
e73cb3e3ff
Move premium component into billing ownership (#12927)
* Move premium component into billing ownership

Update CODEOWNERS
Move files within libs/angular
Move files within desktop
Adjust import paths

* Remove configService

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-01-29 08:09:19 -08:00
Ike
60e569ed9d
[PM-15605] Add new device protection opt out (#12880)
* feat(newdeviceVerificaiton) : adding component and request model

* feat(newDeviceverification) : adding state structure to track verify devices for active user; added API call to server.

* feat(newDeviceVerification) : added visual elements for opting out of new device verification.

* Fixing tests for account service.
fixed DI for account service

* Fixing strict lint issues

* debt(deauthorizeSessionsModal) : changed modal to dialog. fixed strict typing for the new dialog for deviceVerification.

* fixing tests

* fixing desktop build DI

* changed dialog to standalone fixed names and comments.

* Adding tests for AccountService

* fix linting

* PM-15605 - AccountComp - fix ngOnDestroy erroring as it was incorrectly decorated with removed property.

* PM-15605 - SetAccountVerifyDevicesDialogComponent - only show warning about turning off new device verification if user doensn't have 2FA configured per task description

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2025-01-29 09:49:56 -05:00
Justin Baur
b07d6c29a4
Add Web Push Support (#11346)
* WIP: PoC with lots of terrible code with web push

* fix service worker building

* Work on WebPush Tailored to Browser

* Clean Up Web And MV2

* Fix Merge Conflicts

* Prettier

* Use Unsupported for MV2

* Add Doc Comments

* Remove Permission Button

* Fix Type Test

* Write Time In More Readable Format

* Add SignalR Logger

* `sheduleReconnect` -> `scheduleReconnect`

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Capture Support Context In Connector

* Remove Unneeded CSP Change

* Fix Build

* Simplify `getOrCreateSubscription`

* Add More Docs to Matrix

* Update libs/common/src/platform/notifications/internal/worker-webpush-connection.service.ts

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Move API Service Into Notifications Folder

* Allow Connection When Account Is Locked

* Add Comments to NotificationsService

* Only Change Support Status If Public Key Changes

* Move Service Choice Out To Method

* Use Named Constant For Disabled Notification Url

* Add Test & Cleanup

* Flatten

* Move Tests into `beforeEach` & `afterEach`

* Add Tests

* Test `distinctUntilChanged`'s Operators More

* Make Helper And Cleanup Chain

* Add Back Cast

* Add extra safety to incoming config check

* Put data through response object

* Apply TS Strict Rules

* Finish PushTechnology comment

* Use `instanceof` check

* Do Safer Worker Based Registration for MV3

* Remove TODO

* Switch to SignalR on any WebPush Error

* Fix Manifest Permissions

* Add Back `webNavigation`

* Sorry, Remove `webNavigation`

* Fixed merge conflicts.

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
2025-01-29 08:49:01 -05:00
Conner Turnbull
26a0594056
[PM-17655] Billing Code Ownership Updates (#13105)
* Moved has-premium.guard under billing

* Moved free-trial.ts to billing

* Moved premium directives to billing

* Moved families-policy.service.ts to billing

* Moved trial initiation from auth to billing
2025-01-28 13:17:00 -05:00
Nick Krantz
7c2bf504a3
[PM-11249] Sync attachment updates across platforms (#11758)
* update extension refresh form when an attachment is added or removed

- This is needed because the revision date was updated on the server and the locally stored cipher needs to match.

* receive updated cipher from delete attachment endpoint

- deleting an attachment will now alter the revision timestamp on a cipher.

* patch the cipher when an attachment is added or deleted

* migrate vault component to use the `cipherViews$` observable

* reference `cipherViews$` on desktop for vault-items

- This avoid race conditions where ciphers are cleared out in the background. `cipherViews` should always emit the latest views

* return CipherData from cipher service so that consumers have the updated cipher right away

* use the updated cipher from attachment endpoints to refresh the details within the add/edit components on desktop
2025-01-28 10:01:23 -06:00
renovate[bot]
c3bb76bee0
[deps] Architecture: Update eslint-plugin-tailwindcss to v3.18.0 (#12966)
* [deps] Architecture: Update eslint-plugin-tailwindcss to v3.18.0

* Fix linting

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2025-01-27 11:12:12 -05:00
Daniel James Smith
682e62cb6b
[PM-16485] Remove deprecated and unused PasswordGenerationService (#13053)
* Remove deprecated and unused PasswordGenerationService

* Remove unused state-service

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-01-27 10:12:20 -05:00
Alex Morask
f630ee5f4e
[PM-11730] Remove feature flag: AC-2476-deprecate-stripe-sources-api (#13032)
* Remove FF from trial-billing-step.component

* Remove FF from user-subscription.component

* Remove FF from individual-billing-routing.module

* Remove FF from organization-billing.service

* Remove FF from organization-subscription-cloud.component

* Remove FF from organization-billing-routing.mdoule

* Remove FF from organization-plans.component

* Remove FF from change-plan-dialog.component

* Remove FF

* Remove legacy payment.component

* Rename V2: adjust-payment-dialog.component

* Rename V2: adjust-storage-dialog.component

* Rename V2: payment-label.component

* Rename V2: payment.component

* Rename V2: premium.component

* Patrick's feedback
2025-01-24 13:38:44 -05:00
Jared Snider
6acaa6c711
Auth/PM-17197 - UnauthGuard Trusted Devices Lock State Refactor (#12938)
* PM-17197 - Refactor DeviceTrustService to deprecate active user state as I need to call with a user id per latest best practice

* PM-17197 - Refactor Unauth Guard to be aware of TDE lock state + use active user best practice.
2025-01-24 13:20:42 -05:00
Brandon Treston
b23a41ac86
[PM-17465] refactor PolicyService.getAll$ to make userId not optional (#13031)
* refactor PolicyService.getAll$ to make userId not optional

* add fix to browser

* fix test to read from mock singleUserState

* remove nested pipes, cleanup
2025-01-24 09:58:38 -05:00
Alec Rippberger
aa1c0ca0ee
feat(auth): [PM-8221] implement device verification for unknown devices
Add device verification flow that requires users to enter an OTP when logging in from an unrecognized device. This includes:

- New device verification route and guard
- Email OTP verification component
- Authentication timeout handling

PM-8221
2025-01-23 12:57:48 -06:00
Brandon Treston
a949f793ed
[PM-15506] Implement vNextOrganizationService (#12839)
* [PM-15506] Wire up vNextOrganizationService for libs/common and libs/angular (#12683)

* Wire up vNextOrganizationService in PolicyService

* Wire vNextOrganizationService in SyncService

* wire vNextOrganizationService for EventCollectionService

* wire vNextOrganizationService for KeyConnectorService

* wire up vNextOrganizationService for CipherAuthorizationService

* Wire up vNextOrganizationService in PolicyService

* Wire vNextOrganizationService in SyncService

* wire vNextOrganizationService for EventCollectionService

* wire vNextOrganizationService for KeyConnectorService

* wire up vNextOrganizationService for CipherAuthorizationService

* wire vNextOrganizationService for share.component

* wire vNextOrganizationService for collections.component

* wire vNextOrganizationServcie for add-account-credit-dialog

* wire vNextOrganizationService for vault-filter.service

* fix browser errors for vNextOrganizationService implementation in libs

* fix desktop errors for vNextOrganizationService implementation for libs

* fix linter errors

* fix CLI errors on vNextOrganizationServcie implementations for libs

* [PM-15506] Wire up vNextOrganizationService for web client (#12810)

PR to a feature branch, no need to review until this goes to main.

* implement vNextOrganization service for browser client (#12844)

PR to feature branch, no need for review yet.

* wire vNextOrganizationService for licence and some web router guards

* wire vNextOrganizationService in tests

* remove vNext notation for OrganizationService and related

* Merge branch 'main' into ac/pm-15506-vNextOrganizationService

* fix tsstrict error

* fix test, fix ts strict error
2025-01-22 15:20:25 -05:00
Patrick-Pimentel-Bitwarden
eb99eba284
refactor(email-verification-feature-flag): [PM-7882] Email Verificati… (#12718)
* refactor(email-verification-feature-flag): [PM-7882] Email Verification - Removed email feature flag.
2025-01-21 11:16:32 -05:00
Oscar Hinton
d820bfb691
[PM-17346] Move A11yTitle and CopyClick to CL (#12936)
* Move A11yTitle and CopyClick to CL
2025-01-20 11:43:10 +01:00
Jordan Aasen
a803e5b411
[PM-6565] migrate vault toasts to CL toastService (#10664)
* migrate vault toasts to CL toastService

* update component args

* add missing toastService deps

* add missing i18 key

* remove moved files

* remove duplicate args
2025-01-17 15:01:18 -08:00
cyprain-okeke
ce2ec07f74
[PM-17138][Defect] Submitting blank payment method is displaying unreadable validation message for Bank Account and Account Credit (#12937)
* Changes to display descriptive message for bank account

* resolve message for invalid message display

* Add the paymentMethodType credit

---------

Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
2025-01-17 18:32:29 +01:00
Oscar Hinton
e5f83ff086
[PM-17031] Create UI-common (#12831)
Extract core functionality from `libs/angular` to allow teams to depend on `libs/ui-common` instead.

Moves the following functionality to `ui-common`.
- `I18nPipe`. `libs/angular` still has an old copy but `components` depends on the new variant from `ui-common`.
- `safeProvider`, `SafeProvider` and `SafeInjectionToken`. `libs/angular`re-exports these to avoid needing to update all consumers.
2025-01-17 10:42:31 -05:00
Oscar Hinton
dafeb1492a
Add type=button to stories (#12930) 2025-01-17 14:57:31 +01:00
renovate[bot]
62e879940c
[deps] SM: Update typescript-eslint monorepo to v8 (major) (#10601)
* [deps] SM: Update typescript-eslint monorepo to v8

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-01-14 11:23:59 -05:00
Bernd Schoolmann
b083a05d9f
Fix error prompt (#12830) 2025-01-14 15:47:19 +01:00
Jordan Aasen
8a0ebd98af
align default globe vault icon (#12786) 2025-01-13 12:36:56 -08:00
Jared Snider
1fcdf25bf7
Auth/PM-16947 - Web - Device Management - Add Manage Auth Requests support (#12809)
* PM-16947 - JsLibServices - register default DefaultLoginApprovalComponentService

* PM-16947 - DeviceResponse - add interface for DevicePendingAuthRequest

* PM-16947 - Web translations - migrate all LoginApprovalComponent translations from desktop to web

* PM-16947 - LoginApprovalComp - (1) Add loading state (2) Refactor to return proper boolean results (3) Don't create race condition by trying to respond to the close event in the dialog and re-sending responses upon approve or deny click

* PM-16947 - DeviceManagementComponent - added support for approving and denying auth requests.

* PM-16947 - LoginApprovalComp - Add validation error

* PM-16947 - LoginApprovalComponent - remove validation service for now.

* PM-16947 - Re add validation

* PM-16947 - Fix LoginApprovalComponent tests
2025-01-13 14:39:48 -05:00
Shane Melton
459fb1bcf4
[PM-5718] Fix free organization generating TOTP (#11918)
* [PM-5718] Fix totp generation for free orgs in old add-edit component

* [PM-5718] Fix totp generation for free orgs in view cipher view component

* [PM-5718] Cleanup merge conflicts

* Don't generate totp code for premium users or free orgs

* Added redirect to organization helper page

* Changed text to learn more

* Only show upgrade message to premium users

* Show upgrade message to free users with free orgs as well

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
2025-01-13 12:58:52 -05:00
Oscar Hinton
db84ccf935
[PM-16838] Forbid imports containing /src/ (#12744)
Forbids bad imports containing /src/.
2025-01-10 10:37:34 -05:00
Nick Krantz
fa61928daf
[CL] add ToastVariant to CL barrel file (#12804) 2025-01-10 09:58:47 -05:00
Oscar Hinton
653b730969
[PM-16872] Update libs to use explicit dependencies (#12770)
Update all libs to use explicit dependencies rather than relying on tsconfig.libs.json. This allows us to more easily understand the dependencies between libs and prevent users from accidentally adding new dependencies.

We still use tsconfig.libs (now renamed tsconfig.spec) for tests.
2025-01-10 11:21:38 +01:00
Jordan Aasen
a3e876eb8f
fixed icon width (#12721) 2025-01-08 16:19:51 -08:00
Shane Melton
d72dd2ea76
[PM-16098] Improved cipher decryption error handling (#12468)
* [PM-16098] Add decryptionFailure flag to CipherView

* [PM-16098] Add failedToDecryptCiphers$ observable to CipherService

* [PM-16098] Introduce decryption-failure-dialog.component

* [PM-16098] Disable cipher rows for the Web Vault

* [PM-16098] Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher

* [PM-16098] Browser - Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher

* [PM-16098] Desktop - Show decryption error dialog on vault load or when attempting to view a corrupted cipher. Remove edit/clone context menu options and footer actions.

* [PM-16098] Add CS link to decryption failure dialog

* [PM-16098] Return cipherViews and move filtering of isDeleted to consumers

* [PM-16098] Throw an error when retrieving cipher data for key rotation when a decryption failure is present

* [PM-16098] Properly filter out deleted, corrupted ciphers when showing dialog within the Vault

* [PM-16098] Show the decryption error dialog when attempting to view a cipher in trash and disable the restore option

* [PM-16098] Exclude failed to decrypt ciphers from getAllDecrypted method and cipherViews$ observable

* [PM-16098] Avoid re-sorting remainingCiphers$ as it was redundant

* [PM-16098] Update tests

* [PM-16098] Prevent opening view dialog in AC for corrupted ciphers

* [PM-16098] Remove withLatestFrom operator that was causing race conditions when navigating away from the individual vault

* [PM-16098] Ensure decryption error dialog is only shown once on Desktop when switching accounts
2025-01-08 08:42:46 -08:00
Bernd Schoolmann
bb2961f4ca
[PM-10413] ssh keygen on web and browser (#12176)
* Move desktop to sdk ssh-key generation

* Add ssh keygen support on web and browser

* Move ssh keygen on all clients behind feature flag

* Update package lock

* Fix linting

* Fix build

* Fix build

* Remove rand_chacha

* Move libc to linux-only target

* Remove async-streams dep

* Make generateSshKey private

* Remove async from generate ssh key

* Update cargo lock

* Fix sdk init for ssh key generation

* Update index.d.ts

* Fix build on browser

* Fix build

* Fix build by updating libc dependency
2025-01-08 16:01:23 +01:00
Bernd Schoolmann
72121cda94
[PM-10741] Refactor biometrics interface & add dynamic status (#10973) 2025-01-08 10:46:00 +01:00
Alec Rippberger
f99a3c4162
feat(web): [PM-1214] add device management screen
Adds a device management tab under settings -> security that allows users to:
- View and manage their account's connected devices
- Remove/deactivate devices
- See device details like platform, last login, and trust status
- Sort and filter device list with virtual scrolling

Resolves PM-1214
2025-01-07 13:29:36 -06:00
Conner Turnbull
91d6963074
[PM-14366] Deprecated active user state from billing state service (#12273)
* Updated billing state provider to not rely on ActiveUserStateProvider

* Updated usages

* Resolved browser build

* Resolved web build

* Resolved CLI build

* resolved desktop build

* Update apps/cli/src/tools/send/commands/create.command.ts

Co-authored-by:  Audrey  <ajensen@bitwarden.com>

* Move subscription visibility logic from component to service

* Resolved unit test failures. Using existing userIds where present

* Simplified activeUserId access

* Resolved typescript strict errors

* Resolved broken unit test

* Resolved ts strict error

---------

Co-authored-by:  Audrey  <ajensen@bitwarden.com>
2025-01-07 10:25:26 -05:00
Jonathan Prusik
15faf52f57
[PM-13115] Allow users to disable extension content script injections by domain (#11826)
* add disabledInteractionsUris state to the domain settings service

* add routes and ui for user disabledInteractionsUris state management

* use disabled URIs service state as a preemptive conditon to injecting content scripts

* move disabled domains navigation button from account security settings to autofill settings

* update disabled domain terminology to blocked domain terminology

* update copy

* handle blocked domains initializing with null value

* add dismissable banner to the vault view when the active autofill tab is on the blocked domains list

* add autofill blocked domain indicators to autofill suggestions section header

* add BlockBrowserInjectionsByDomain feature flag and put feature behind it

* update router config to new style

* update tests and cleanup

* use full-width-notice slot for domain script injection blocked banner

* convert thrown error on content script injection block to a warning and early return

* simplify and enspeeden state resolution for blockedInteractionsUris

* refactor feature flag state fetching and update tests

* document domain settings service

* remove vault component presentational updates
2025-01-06 17:10:34 -05:00
SmithThe4th
10c8a2101a
[PM-12049] Remove usage of ActiveUserState from folder service (#11880)
* Migrated folder service from using active user state to single user state

Added extra test cases for encrypted folder and decrypted folders

Updated derived state to use decrypt with key

* Update callers in the web

* Update callers in the browser

* Update callers in libs

* Update callers in cli

* Fixed test

* Fixed folder state test

* Fixed test

* removed duplicate activeUserId

* Added takewhile operator to only make calls when userId is present

* Simplified to accept a single user id instead of an observable

* Required userid to be passed from notification service

* [PM-15635] Folders not working on desktop (#12333)

* Added folders memory state definition

* added decrypted folders state

* Refactored service to remove derived state

* removed combinedstate and added clear decrypted folders to methods

* Fixed test

* Fixed issue with editing folder on the desktop app

* Fixed test

* Changed state name

* fixed ts strict issue

* fixed ts strict issue

* fixed ts strict issue

* removed unnecessasry null encrypteed folder check

* Handle null folderdata

* [PM-16197] "Items with No Folder" shows as a folder to edit name and delete (#12470)

* Force redcryption anytime encryption state changes

* Fixed text file

* revert changes

* create new object with nofolder instead of modifying exisiting object

* Fixed failing test

* switched to use memory-large-object

* Fixed ts sctrict issue

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2025-01-02 17:16:33 -05:00
Jonas Hendrickx
c724b0d974
[PM-13999] show estimated tax for taxable countries (#12245) 2025-01-02 20:28:04 +01:00
rr-bw
d209da4c94
feat(auth): [PM-9674] Remove Deprecated LockComponents (#12453)
This PR deletes the legacy lock components from the Angular clients and also removes feature flag control from the routing. The lock component will now be based entirely on the new, recently refreshed LockComponent in libs/auth/angular.
2024-12-20 10:23:03 -08:00
Oscar Hinton
8caadacfbc
[PM-16217] Remove wasm timeout (#12476)
Remove the WASM timeout logic and supported$.
2024-12-20 13:54:52 +01:00
Nick Krantz
e129e90faa
[PM-14347][PM-14348] New Device Verification Logic (#12451)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Check for test secrets (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-latest) (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
* add account created date to the account information

* set permanent dismissal flag when the user selects that they can access their email

* update the logic of device verification notice

* add service to cache the profile creation date to avoid calling the API multiple times

* update step one logic for new device verification + add tests

* update step two logic for new device verification + add tests
- remove remind me later link for permanent logic

* migrate 2FA check to use the profile property rather than hitting the API directly.

The API for 2FA providers is only available on web so it didn't work for browser & native.

* remove unneeded account related changes

- profile creation is used from other sources

* remove obsolete test

* store the profile id within the vault service

* remove unused map

* store the associated profile id so account for profile switching in the extension

* add comment for temporary service and ticket number to remove

* formatting

* move up logic for feature flags
2024-12-19 09:55:39 -06:00
Jason Ng
1d04a0a399
[PM-8214] New Device Verification Notice UI (#12360)
* starting

* setup first page for new device verification notice

* update designs for first page. rename components and files

* added second page for new device verification notice

* update notice page one with bit radio buttons. routing logic. user email

* updated routing for new device verification notice to show before vault based on flags, and can navigate back to vault after submission

* fix translations. added remind me later link and nav to page 2

* sync the design for mobile and web

* update routes in desktop

* updated styles for desktop

* moved new device verification notice guard

* update types for new device notice page one

* add null check to page one

* types

* types for page one, page two, service, and guard

* types

* update component and guard for null check

* add navigation to two step login btn and account email btn

* remove empty file

* update fill of icons to support light & dark modes

* add question mark to email access verification copy

* remove unused map

* use links for navigation elements
- an empty href is needed so the links are keyboard accessible

* remove clip path from exclamation svg

- No noticeable difference in the end result

* inline email message into markup

---------

Co-authored-by: Nick Krantz <nick@livefront.com>
2024-12-19 08:59:42 -06:00
Thomas Avery
971c157f56
[PM-12700] Add private key regeneration process (#11829)
* add user asymmetric key api service

* Add user asymmetric key regen service

* add feature flag

* Add LoginSuccessHandlerService

* add loginSuccessHandlerService to BaseLoginViaWebAuthnComponent

* Only run loginSuccessHandlerService if webAuthn is used for vault decryption.

* Updates for TS strict

* bump SDK version

* swap to combineLatest

* Update abstractions
2024-12-16 12:00:17 -06:00
Daniel James Smith
6933b3a211
Removed unused ctor param for SendApiService (#12330)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-12-12 20:05:21 -08:00
rr-bw
8ec75613dc
fix(passkeys): [PM-13932] Fix passkey flow incorrect routing (#12363)
This PR fixes a bug in the LockComponent refresh that affected the setup/save and use passkey flows. The user was wrongly directly to the /vault after unlock instead of to /fido2 (the passkey screen).

Feature Flag: ExtensionRefresh ON
2024-12-12 13:10:54 -08:00
Alec Rippberger
0df7b53bb4
feat(sso): [PM-8114] implement SSO component UI refresh
Consolidates existing SSO components into a single unified component in
libs/auth, matching the new design system. This implementation:

- Creates a new shared SsoComponent with extracted business logic
- Adds feature flag support for unauth-ui-refresh
- Updates page styling including new icons and typography
- Preserves web client claimed domain logic
- Maintains backwards compatibility with legacy views

PM-8114

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2024-12-12 10:28:30 -06:00
Andreas Coroiu
d4fcb5852a
fix: text-drag directive ts-strict error (#12346) 2024-12-11 12:20:32 +00:00
cd-bitwarden
83dc66dd56
[PM-14345] Enabling drag and drop for cipher fields (#12067)
* enabling drag and drop for cipher fields

* adding drag and drop to totp and fido

* removing code changes to wrong file

* undoing uneeded change

* Changes suggested by Shane

* fixes

* fixes

* moving export to the correct spot

---------

Co-authored-by: --global <>
2024-12-10 12:55:02 -05:00
Daniel James Smith
161a358c49
[PM-5214] [CLI] Add proxy support for file uploads (#7342)
* Add proxy support for file uploads

Instead of using node's native fetch we extend ApiService with NodeApiService to add support for proxies using `node-fetch`

* Fix constructors for FileUploadService in browser

* Fix dependency on ApiService within jslib-services.module

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-12-10 13:17:00 +01:00
Matt Gibson
9c1e2ebd67
Typescript-strict-plugin (#12235)
* Use typescript-strict-plugin to iteratively turn on strict

* Add strict testing to pipeline

Can be executed locally through either `npm run test:types` for full type checking including spec files, or `npx tsc-strict` for only tsconfig.json included files.

* turn on strict for scripts directory

* Use plugin for all tsconfigs in monorepo

vscode is capable of executing tsc with plugins, but uses the most relevant tsconfig to do so. If the plugin is not a part of that config, it is skipped and developers get no feedback of strict compile time issues. These updates remedy that at the cost of slightly more complex removal of the plugin when the time comes.

* remove plugin from configs that extend one that already has it

* Update workspace settings to honor strict plugin

* Apply strict-plugin to native message test runner

* Update vscode workspace to use root tsc version

* `./node_modules/.bin/update-strict-comments` 🤖

This is a one-time operation. All future files should adhere to strict type checking.

* Add fixme to `ts-strict-ignore` comments

* `update-strict-comments` 🤖

repeated for new merge files
2024-12-09 20:58:50 +01:00
Alec Rippberger
69800d01ab
revert: [PR-13659] remove 2FA timeout logging and fix attempts
This reverts two previous commits:
- PM-13659 - 2FA Timeout Log All the things (#12275)
- Auth/PM-13659 - 2FA Timeout - Attempted Fix (#12263)
2024-12-06 13:42:32 -06:00
Jared Snider
9fcc4f0543
PM-13659 - 2FA Timeout Log All the things (#12275) 2024-12-06 12:43:17 -05:00
Jared Snider
8d68a2dd58
Auth/PM-13659 - 2FA Timeout - Attempted Fix (#12263)
fix(auth): attempt to resolve 2FA session timeout issue
2024-12-05 20:22:13 -05:00
Jonas Hendrickx
b25dc6300c
Revert "[PM-13999] Show estimated tax for taxable countries (#12145)" (#12244)
This reverts commit 1dce7f5ba0.
2024-12-04 14:40:57 +00:00
Jonas Hendrickx
1dce7f5ba0
[PM-13999] Show estimated tax for taxable countries (#12145) 2024-12-04 11:45:44 +01:00
Shane Melton
a6c905cc1a
[PM-15533] Remove isNotClone parameter from updateWithServer method (#12233)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Check for test secrets (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-latest) (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
2024-12-03 15:43:09 -08:00
Alec Rippberger
c073e91f17
feat(auth): [PM-13659] implement 2FA timeout handling across clients
Add timeout state management for two-factor authentication flows in web, desktop,
and browser extension clients. Includes:

- New timeout screen component with 5-minute session limit
- Updated UI elements and styling
- Comprehensive test coverage

Refs: PM-13659
2024-12-03 13:55:40 -06:00
Alex Morask
0544100e83
Make payment optional trial banner work with Stripe sources API deprecation (#12146) 2024-12-02 09:12:49 -05:00
Victoria League
3db5beaa60
[CL-514] Update slider icon to reduce blurriness on external monitors (#12154) 2024-11-26 11:31:08 -05:00
rr-bw
9f99454b37
feat(auth): [PM-9693] Refresh LoginDecryptionOptionsComponent (#11782)
Creates a refreshed and consolidated `LoginDecryptionOptionsComponent` for use on all visual clients, which will be used when the `UnauthenticatedExtensionUIRefresh` feature flag is on.
2024-11-21 13:31:20 -08:00
Bernd Schoolmann
38c4eeb27d
[PM-14542] Move kdf to km ownership (#11877)
* Move kdf to km ownership

* Fix duplicate import

* Remove whitespace

* Fix double imports

* Fix desktop build

* Fix test error

* Fix imports

* Move ownership of kdftype to km

* Fix imports

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-21 13:45:28 +01:00
Jared Snider
d1499da793
Auth/PM-12077 - Web Process Reload (#11781)
* PM-12077 - Initial work on web process reload - more testing required.

* PM-12077 - Clarify comment

* PM-12077 - Improving UX of logout with process reload.

* PM-12077 - Final tweaks for process reload

* PM-12077 - Remove no longer accurate comment.

* PM-12077 - Per PR feedback, clean up logout reason

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-20 13:54:27 -05:00
Alec Rippberger
234a832fc4
/register does not redirect to /signup when email-verification flag is enabled (#12001)
* Manually route to signup page when the email verification feature flag is enabled

* Revert "Manually route to signup page when the email verification feature flag is enabled"

This reverts commit f3a2b412b9.

* Do not show toast when redirecting to signup
2024-11-20 10:45:00 -06:00
rr-bw
9429ae1d06
feat(auth): [PM-9723] Refresh LoginViaAuthRequestComponent (#11545)
Creates a refreshed and consolidated LoginViaAuthRequestComponent for use on all visual clients, which will be used when the UnauthenticatedExtensionUIRefresh feature flag is on.
2024-11-19 14:53:01 -08:00
Justin Baur
8823c7b0b2
[PM-8748] Make 5 Seconds the Max we wait for a sync to complete on unlock (#11882)
* Make 5 Seconds the Max we wait for a sync to complete on unlock

* Move Comment

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-19 09:06:29 -05:00
Victoria League
3b5b2d6bd6
[CL-265] CL/extension refresh feature branch (#8696)
* [CL-245] Update palette to new light and dark theme colors (#8633)

* [CL-245] Add new color swatches to storybook (#8697)

* [CL-238] update typography (#8997)

* [CL-230] [CL-296] Update button styles (#9345)

* [CL-237] Update menu styles for extension refresh (#9525)

* [CL-267] Add 100-level color variants and update primary-600 (#9550)

* [CL-286] Update badge to use focus-visible instead of focus (#9551)

* [CL-250] Update badge styles for extension refresh (#9572)

* [CL-234] callout style refresh (#9920)

* [CL-233] Update form field styles (#9776)

* [CL-239][CL-251][CL-342] dialog style refresh (#10096)

* [CL-239] simple dialog style refresh

* [CL-342] fix text overflow in dialog; add story

* [CL-244] readonly fields (#10164)

* [CL-352] Fix Angular errors related to form element changes (#10211)

* [CL-273] Update styles for checkbox and form control (#10146)

* [CL-274] Update styling for radio button (#10333)

* [CL-338] Remove extra space in item content when end slot is empty (#10350)

* [CL-377] Fix extension style conflict for input background (#10351)

* [CL-271] Update styles for toggle (#10377)

* [CL-381] Update spacing around form elements (#10432)

* [CL-229] Update icon button styles (#10405)

* [CL-380] Remove hover state from disabled form fields (#10639)

* [CL-405] Allow toggle group input to be full width (#10658)

* [CL-389] Exclude end slot label content from truncation (#10508)

* [CL-383] Remove manual focus when password toggle is clicked (#10749)

* [CL-278][CL-391] misc bit-item style fixes (#10758)

* [CL-391] use pointer cursor on hover when link or button

* [CL-210] Change base font size from 14px to 16px (#10779)

* [CL-291] Finalize styling for chip select (#10771)

* [CL-257] update banner component styles (#10766)

* [CL-443] Fix sizing issues (#10893)

* [CL-445] Fix small sizing and spacing issues (#10962)

* [CL-382] Reduce element shifting on readonly hover (#10956)

* [CL-396] Update theme colors to new hexes (#10968)

* [CL-395] Remove text headers color (#10997)

* [CL-404] Switch to primary-600 for all focus indicators (#11015)

* [CL-397] Remove primary-500 (#11036)

* [CL-447] Ensure DM Sans displays correctly at all font weights (#11041)

* [CL-448] Scrollbar Styles (#11111)

* CL-252/update toast (#10996)

* [CL-275] Update link styles (#11174)

* [CL-446] Update hover state for unselected chip selects (#11172)

* [CL-454] Improve color a11y for toast and banner interactive elements (#11200)

* [CL-457] Center input text for select and multiselect (#11239)

* [CL-455] Do not use responsive margin for sections in dialogs or extension (#11243)

* [CL-459] Fix chip behavior when opening menu while item is selected (#11227)

* [CL-388] Update vertical nav colors for new palette (#11226)

* scope styled scrollbar to only select elements (#11247)

* edit radio buttons to be block inputs and update spacing (#11291)

* [CL-453] Fix multiselect chip spacing and truncation (#11300)

* [PM-11131] Prevent duplicated sr labels on form field icon buttons (#11383)

* [CL-303] Prevent chip menu from running offscreen (#11348)

* [CL-476] Fix DM Sans font on Windows (#11409)

* implements scrollbar styles for firefox/chrome and safari (#11447)

* [CL-472] Fix search background color in extension (#11466)

* [CL-481] Style updates for bit-item, bit-card, and primary-100 (#11473)

* [CL-478] Remove underline on hover for most components (#11477)

* [CL-477] Remove focus styles for readonly input (#11510)

* [CL-487] Fix vault items virtual scroll height (#11581)

* [PM-8625] Increase popup width (#11686)

* [CL-494] Wrap long words in toggle group (#11659)

* [CL-13820] Add class to remove link underline (#11762)

* [CL-435] Prevent Windows extension from shifting (#11851)

* [CL-503] Add notification color variables (#11802)

* [PM-14043] Update size of toggle group label to fit more content (#11881)

* [CL-498] Set chip menu width minimum to chip select width (#11905)

---------

Co-authored-by: Will Martin <contact@willmartian.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
Co-authored-by: Merissa Weinstein <merissa.k.weinstein@gmail.com>
Co-authored-by: Danielle Flinn <43477473+danielleflinn@users.noreply.github.com>
2024-11-15 09:21:17 -05:00
Brandon Treston
5c540a86f4
[PM-13829] Add organizationId to isAdmin check, refactor isAdmin to getter (#11997)
* Add organizationId to isAdmin check, refactor isAdmin to getter for restore and delete

* add comment
2024-11-14 17:17:40 -05:00
Brandon Treston
0cfe18ac4d
[PM-13829] Add check for empty array when deleting unassigned items (#11927)
* add check for empty array

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 14:34:43 -05:00
Bernd Schoolmann
081fe83d83
PM-10393 SSH keys (#10825)
* [PM-10395] Add new item type ssh key (#10360)

* Implement ssh-key cipher type

* Fix linting

* Fix edit and view components for ssh-keys on desktop

* Fix tests

* Remove ssh key type references

* Remove add ssh key option

* Fix typo

* Add tests

* [PM-10399] Add ssh key import export for bitwarden json (#10529)

* Add ssh key import export for bitwarden json

* Remove key type from ssh key export

* [PM-10406] Add privatekey publickey and fingerprint to both add-edit and view co… (#11046)

* Add privatekey publickey and fingerprint to both add-edit and view components

* Remove wrong a11y title

* Fix testid

* [PM-10098] SSH Agent & SSH Key creation for Bitwarden Desktop (#10293)

* Add ssh agent, generator & import

* Move ssh agent code to bitwarden-russh crate

* Remove generator component

* Cleanup

* Cleanup

* Remove left over sshGenerator reference

* Cleanup

* Add documentation to sshkeyimportstatus

* Fix outdated variable name

* Update apps/desktop/src/platform/preload.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Rename renderersshagent

* Rename MainSshAgentService

* Improve clarity of 'id' variables being used

* Improve clarity of 'id' variables being used

* Update apps/desktop/src/vault/app/vault/add-edit.component.html

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix outdated cipher/messageid names

* Rename SSH to Ssh

* Make agent syncing more reactive

* Move constants to top of class

* Make sshkey cipher filtering clearer

* Add stricter equality check on ssh key unlock

* Fix build and messages

* Fix incorrect featureflag name

* Replace anonymous async function with switchmap pipe

* Fix build

* Update apps/desktop/desktop_native/napi/src/lib.rs

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Revert incorrectly renamed 'Ssh' usages to SSH

* Run cargo fmt

* Clean up ssh agent sock path logic

* Cleanup and split to platform specific files

* Small cleanup

* Pull out generator and importer into core

* Rename renderersshagentservice to sshagentservice

* Rename cipheruuid to cipher_id

* Drop ssh dependencies from napi crate

* Clean up windows build

* Small cleanup

* Small cleanup

* Cleanup

* Add rxjs pipeline for agent services

* [PM-12555] Pkcs8 sshkey import & general ssh key import tests (#11048)

* Add pkcs8 import and tests

* Add key type unsupported error

* Remove unsupported formats

* Remove code for unsupported formats

* Fix encrypted pkcs8 import

* Add ed25519 pkcs8 unencrypted test file

* SSH agent rxjs tweaks (#11148)

* feat: rewrite sshagent.signrequest as purely observable

* feat: fail the request when unlock times out

* chore: clean up, add some clarifying comments

* chore: remove unused dependency

* fix: result `undefined` crashing in NAPI -> Rust

* Allow concurrent SSH requests in rust

* Remove unwraps

* Cleanup and add init service init call

* Fix windows

* Fix timeout behavior on locked vault

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix libc dependency being duplicated

* fix SSH casing (#11840)

* Move ssh agent behind feature flag (#11841)

* Move ssh agent behind feature flag

* Add separate flag for ssh agent

* [PM-14215] fix unsupported key type error message (#11788)

* Fix error message for import of unsupported ssh keys

* Use triple equals in add-edit component for ssh keys

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: aj-bw <81774843+aj-bw@users.noreply.github.com>
2024-11-08 11:01:31 +01:00
Alec Rippberger
f5e6fc8ed5
[PM-5237] Clients, Self Hosted: Login - Hide "Create account" when registration disabled (#11811)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Check for test secrets (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-latest) (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
* Add server settings model and service.

* Inject ServerSettingsService into the login-secondary-content component.

* Fix merge conflict

* Add server settings to old views

* Remove server settings from desktop/mobile

* Cleanup unused code

* Remove changes to default config

* Conditionally show/hide HR element

* Add tests

* PM-5237 - Move ServerSettingsService to jslib-services.module so it is the same across all clients and to solve NullInjectorErrors on desktop & browser extension

* Remove change to v1 components

* Rename ServerSettingsService to DefaultServerSettingsService

* Remove unnecessary map call

* Remove server interface in favor of using ServerSettings class

* Add back HR element

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2024-11-06 17:57:07 -05:00
Brandon Treston
2c5221d3aa
Allow deletion for items with no collectionId(s) (#11825) 2024-11-06 14:23:36 -05:00
Alec Rippberger
5a288b97db
[PM-14454] Add bit-menu-panel and bitmenuitem to environment selector dropdown (#11866)
* Add bit-menu-panel class and bitmenuitem attribute

* Add data-testids instead of class/attributes
2024-11-06 11:23:38 -06:00
Todd Martin
a049b553a6
Update decryptUserKeyWithMasterKey to requireUserId (#11560)
* Updated decryptUserKeyWithMasterKey to requireUserId

* Removed unintended extra character.

* Added dependency to LogService.

* Fixed unlock command.
2024-11-01 11:21:18 -04:00
Jonathan Prusik
eba1212e1c
[PM-14351] Migrate away from theme enum (#11812)
* update extension autofill concerns to use theme object and type over enum

* mark ThemeType enum as deprecated

* update theming service concerns to use theme object and type over enum
2024-10-31 16:46:25 -04:00
Jordan Aasen
e00f22879c
[PM-13947] - guard against call to undefined onSubmit (#11795)
* guard against call to undefined function

* revert input optional
2024-10-31 09:34:26 -07:00
Jared Snider
4de7cb8012
BEEEP - Auth AccountService Improvements (#11779)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Check for test secrets (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-latest) (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
* BEEEP Adjacent - AccountService misc improvements - (1) prefer null over undefined and (2) add new Account type

* LockCompV2 - Fix activeAccount type per PR feedback

* AccountService - update getUserId per PR feedback.
2024-10-30 17:54:39 -04:00
Alec Rippberger
9da80a6cba
[PM-8115] Desktop, Extension UI Refresh: Self-hosted Setup Dialog (#11597)
* Reimplement RegistrationSelfHostedEnvConfigDialogComponent

* Update EnvironmentSelectorComponent text based on feature flag.

* Initialize RegistrationSelfHostedEnvConfigDialog with existing values if self hosted

* Cleanup debug

* Add comment

* Remove changes to home and login components

* Remove changes to desktop login component

* Remove changes to browser home component

* Simplify accessing string.

* Add environment selector service.

* Cleanup unused imports in environment-selector

* Launch new env selector dialog from desktop

* Fix lint errors

* Address PR feedback: move dialog component, remove EnvironmentSelectorService, remove unused translation string

* Remove changes to AnonLayout

* PM-8115 - Export Re-usable component from Libs/auth for clean import elsewhere in clients.

* Remove unused accessingString variable

* Add success toast

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2024-10-28 16:12:57 -05:00
Jared Snider
fa537638bf
Auth/PM-13945 - Extension - Fix TDE User with MP can't navigate to Lock Screen (#11700)
* PM-13945 - Extension Refresh redirects should persist query params as we use query params to execute guard logic (e.g., lockGuard). The loss of the from: login-initiated query param prevented navigation to the lock screen.

* PM-13945 - Test updated
2024-10-25 11:29:48 -04:00
Thomas Rittson
55cd435279
[PM-13790] Remove RefactorOrganizationUserApi feature flag (#11662) 2024-10-25 10:16:59 +10:00
rr-bw
df8f234b9e
[PM-8111] Browser Refresh: LoginComponent (#10856)
* setup new LoginComponent files in libs/auth

* update pageTitle

* handle loading email settings

* setup web-login.service.ts

* implement web onInit

* fill out webOnInit

* refactor getOrgPolicies call

* update import

* add validateEmail logic

* handle registerRoute

* add showPasswordless flag

* handle captcha

* handle startAuthRequestLogin()

* add handleMigrateEncryptionKey to default and web service

* handle submit routing (web)

* fix typo

* incorporate loginEmailService changes

* minor updates to comments for clarity

* create a defaultOnInit()

* update defaultOnInit()

* handle master password input focus

* handle post-login routing on Browser/Desktop

* handle browser/desktop syncService

* handle browser ngOnInit

* handle browser routing and basic browser template

* setup desktop router

* add template for desktop first UI state: email entry

* rename 'response' to 'authResult'

* refactor handleMigrateEncryptionKey()

* refactor captcha methods and add return types

* refactor submit logic

* refactor submit logic further to use if statements with returns instead of if...else if...else

* remove toast error on invalid form for Browser/Desktop

* refactor to handleAuthResult() method

* refactor webOnInit

* add comment to revisit ngOnInit logic

* refactor handlCaptchaRequired()

* create a LoginSecondaryContentComponent for AnonLayout use

* minor formatting for consistency

* add clarifying comment to handleAuthResult()

* minor refactor to use destructuring

* setup desktopOnInit()

* add continue() method

* handle desktop ngOnDestroy()

* add clarifying comment regarding secondary content

* fill out desktop template and submit()

* add descriptive comment to top of HTML file

* refactor to use a uiState enum for UI states

* handle oss-routing swap

* handle registerRoute$ in secondary content

* web template modifications

* change email validation to only run on submit (or when clicking continue button)

* add dynamic anon-layout wrapper data

* remove static element ref

* desktop HTML template updates

* remove 'showPassword' property b/c now handled by bitPasswordInputToggle

* Extension: setup EmailEntry state UI

* Extension: setup MasterPasswordEntry state UI

* ensure full sync happens on all clients before navigation

* update icon stroke color

* change old components to V1

* remove 'V2' from new component

* update captcha iframe on all clients

* add browser redirect from /home to /login with FF on

* add todo comment regarding browser template

* add launchSsoBrowser to extension template

* move extension launchSsoBrowserWindow() to extension service

* cleanup & comments

* add launchSsoBrowserWindow() to default service

* setup launchSsoBrowserWindow() for Desktop

* refactor to use toastService

* remove unnecessary service injection

* rename LoginService to LoginComponentService to avoid confusion with the LoginStrategyService

* add jsdocs to LoginComponentService

* rename loginService prop to loginComponentService

* Add vault icon to anon layout.

* Prevent email address validation on blur.

* Fix comment typo.

* Prefill email field when "create account" is clicked.

* Use factory function to provide LoginEmailService.

* Add test for RegisterFormComponent.

* Remove back button todo.

* Consolidate clearing loginEmailService values and routing

* Remove unnecessary navigation.

* Fix client navigation after login.

* Consolidate login templates.

* Break up LoginComponent into client-specific services.

* Rename login.component to login-v1.component

* Rename login.component to login-v1.component

* Revert "Rename login.component to login-v1.component"

This reverts commit 9a277d6ca5.

* Revert "Rename login.component to login-v1.component"

This reverts commit 588a7af906.

* Rename login.component to login-v1.component except browser.

* Comment out debug code.

* Remove debug code.

* Rename login.component to login-v1.component for browser.

* Add login-with-passkey route to desktop.

* Set feature flag to false.

* Fix linting errors.

* Populate email on registration start form.

* Implement email population on all clients add add safeProviders.

* Remove comment re. passing email to registration.

* Add unauthUiRefreshRedirect utility function.

* Add transparent border.

* Merge main and add satisfies RouteDataProperties

* PM-8111 - Extension - AppRoutingModule - Home route now redirects conditionally based on unauthenticated ui refresh feature flag.

* PM-8111 - New Login Comp + Login Comp Svc - (1) Refactor naming and returns of getShowPasswordlessFlag to isLoginViaAuthRequestSupported (2) Replace showPasswordless with better composed variable names.

* PM-8111 - TODO cleanup

* PM-8111 - (1) Cleanup DefaultLoginComponentService (2) Sso Connector now checks client id property instead of reading it from state

* PM-8111 - Two TODO cleanups

* Remove specific client services.

* Add isLoginWithPasskeySupported function to reduce client type checking in template.

* Add styles missing from Browser to Create Account link.

* Confirmed inline form errors working and removing todo comments.

* Convert refactoring todo-rr-bw to standard todos.

* Add login component services tests.

* Cleanup formatting and remove unused provider.

* Add comment to explain call to setLoginEmail.

* Rearrange imports to fix lint error.

* Adjust styles for password hint link.

* Address PR feedback: use strict comparison.

* Ensure Login with Passkey button is shown by setting clientType.

* Update "continue" button from "submit" to "button" type.

* Ensure Passkey login available for web and desktop.

* Validate email on enter keypress.

* Use click event to trigger goToHint.

* Restructure handAuthResult to ensure we redirect to vault.

* Add await to saveEmailSettings function.

* Directly set clientType in individual login component services.

* Get clientType via service.

* Add back button.

* Remove hardcoded colors from Vault Icon

* Removing register component changes.

* Removing register component changes.

* Ensure isLoginWithPasskeySupported is only returns true for web client.

* Remove Web/Desktop comment from html template

* Update Storybook with initialLoginEmail

* Fix translation error

* Add test for unauthUiRefreshRedirect.

* Rename goAfterLogIn to evaluatePassword and borrow logic from lock component.

* Add DefaultLoginComponent tests.

* Integrate changes to translations.

* Simplify ngOnInit: remove webOnInit and move getLoginWithDevice to defaultOnInit

I couldn't find any usages of qParams.org or qParams.sponsorshipToken on QA (signing up for family membership, creating organization, manually modifying query params), so I think these are safe to remove.

* Fix translations.

* Clean up and flush out register form tests.

* Update variable name.

* Remove unused enforcedPasswordPolicyOptions property.

* Run prettier.

* Add back safeProviders for LoginEmailService

* Remove duplicate import.

* Update v1 web login title.

* Adjust overlay position of EnvironmentSelectorComponent for new layout.

Since the switcher is located at the bottom of the screen we need to position it up above the trigger button so that it is not cut off.

* Add new wave icon

* Only send email in query parameters if set.

* Remove test/debug code.

* Replace loggedEmail with this.emailFormControl.value.

* Move getLoginWithDevice call to loadEmailSettings.

* Replace loggedEmail with this.emailFormControl.value.

* Add todo comment re. inline errors.

* Remove unused setPreviousUrl function.

* Remove height / width from vault icon svg.

* Use continue method unanimously

* WIP remove validated email&  display extension back button

* Simplify getting query params

* Rework ExtensionAnonLayoutWrapperDataService to use BehaviorSubject

* Simplify validateEmail method

* Hide back button on init

* Revert "Hide back button on init"

This reverts commit e8de5e2bfc.

* Revert "Simplify validateEmail method"

This reverts commit c9141a1cb5.

* Revert "Rework ExtensionAnonLayoutWrapperDataService to use BehaviorSubject"

This reverts commit 8889ed3d3c.

* simplify validateEmail method

* Add primary / accent colors to wave icon

* Remove debug code

* PM-8111 - Tweak ShowBackButton to work

* PM-8111 - LoginCompService - finish removal of setPreviousUrl from implementations.

* PM-8111 - (1) Remove overriden default logo in anon layout (2) Update routing modules to have proper default login logo (3) LoginComp - update toggleLoginUiState to include logic to swap the icon back and forth as user navigates.

* PM-8111 - LoginComp - on UI state change from MP entry to email entry, remove subtitle (this isn't supported yet, but it will be)

* PM-8111 - LoginComp - Simplify toggleLoginUiState

* PM-8111 - LoginComponent - Add known device logic into UI state change handler

* PM-8111 - LoginComp - (1) Refactor name of getLoginWithDevice to be more accurate as getKnownDevice (2) Refactor calls to getKnownDevice to only occur if loginViaAuthRequestSupported

* PM-8111 - LoginComp - add getKnownDevice docs

* PM-8111 - LoginComponent - tweak docs

* PM-8111 - LoginComp - Continue() - remove toast as the validation on submit logic currently shows validation errors - toast is extra and not needed.

* Add isLoginViaAuthRequestSupported for DesktopLoginComponentService

* Remove validating email on init

* PM-8111 - ExtensionLoginComponentService - add tests for showBackButton

* PM-8111 - style tweaks

* PM-8111 - Extension - Refactor Overlay position to include extension default const to avoid repetition.

* PM-8111 - Desktop AppRouting Module - remove login with passkey route as it isn't supported on desktop.

* PM-8111 - Desktop - add default overlay position const

* PM-8111 - DesktopLoginCompSvc - tests were not actually testing super method calls + finish testing launchSsoBrowserWindow

* PM-8111 - Desktop Main.ts - remove dev test code

* PM-8111 - WebLoginCompSvcTests - add success test cases for getOrgPolicies

* PM-8111 - Remove duplicate translation keys

* PM-8111 - DefaultLoginComponentSvcTests - add missing test

* PM-8111 - DefaultLoginComponentServiceTests - add describes

* PM-8111 - LoginSecondaryContentComponent  - Add missing bitLink

* Update to test both browser and desktop

* Remove registration form test

* Remove aliasing CryptoFunctionService and PlatformUtilsService as abstractions

* Remove aliasing PlatformUtilsService and CryptoFunctionService as abstractions

---------

Co-authored-by: Alec Rippberger <alec@livefront.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Alec Rippberger <127791530+alec-livefront@users.noreply.github.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2024-10-24 15:53:34 -04:00
Bernd Schoolmann
b486fcc689
[Pm-13097] Rename cryptoservice to keyservice and move it to km ownership (#11358)
* Rename cryptoservice to keyservice

* Rename cryptoservice to keyservice

* Move key service to key management ownership

* Remove accidentally added file

* Fix cli build

* Fix browser build

* Run prettier

* Fix builds

* Fix cli build

* Fix tests

* Fix incorrect renames

* Rename webauthn-login-crypto-service

* Fix build errors due to merge conflicts

* Fix linting
2024-10-24 19:41:30 +02:00
Cesar Gonzalez
9b471e6633
[PM-13715] Launching a website from the extension does not trigger an update to reference the correct autofill value (#11587)
* [PM-13715] Launching page from cipher does not set correct autofill action

* [PM-13715] Fix autofill not triggering for correct cipher after page has been launched from browser extension
2024-10-24 08:22:43 -05:00
SmithThe4th
4a30782939
[PM-12281] [PM-12301] [PM-12306] [PM-12334] Move delete item permission to Can Manage (#11289)
* Added inputs to the view and edit component to disable or remove the delete button when a user does not have manage rights

* Refactored editByCipherId to receive cipherview object

* Fixed issue where adding an item on the individual vault throws a null reference

* Fixed issue where adding an item on the AC vault throws a null reference

* Allow delete in unassigned collection

* created reusable service to check if a user has delete permission on an item

* Registered service

* Used authorizationservice on the browser and desktop

Only display the delete button when a user has delete permission

* Added comments to the service

* Passed active collectionId to add edit component

renamed constructor parameter

* restored input property used by the web

* Fixed dependency issue

* Fixed dependency issue

* Fixed dependency issue

* Modified service to cater for org vault

* Updated to include new dependency

* Updated components to use the observable

* Added check on the cli to know if user has rights to delete an item

* Renamed abstraction and renamed implementation to include Default

Fixed permission issues

* Fixed test to reflect changes in implementation

* Modified base classes to use new naming

Passed new parameters for the canDeleteCipher

* Modified base classes to use new naming

Made changes from base class

* Desktop changes

Updated reference naming

* cli changes

Updated reference naming

Passed new parameters for the canDeleteCipher$

* Updated references

* browser changes

Updated reference naming

Passed new parameters for the canDeleteCipher$

* Modified cipher form dialog to take in active collection id

used canDeleteCipher$ on the vault item dialog to disable the delete button when user does not have the required permissions

* Fix number of arguments issue

* Added active collection id

* Updated canDeleteCipher$ arguments

* Updated to pass the cipher object

* Fixed up refrences and comments

* Updated dependency

* updated check to canEditUnassignedCiphers

* Fixed unit tests

* Removed activeCollectionId from cipher form

* Fixed issue where bulk delete option shows for can edit users

* Fix null reference when checking if a cipher belongs to the unassigned collection

* Fixed bug where allowedCollection passed is undefined

* Modified cipher by adding a isAdminConsoleAction argument to tell when a reuqest comes from the admin console

* Passed isAdminConsoleAction as true when request is from the admin console
2024-10-22 09:15:15 -04:00
Andreas Coroiu
c787ecd22c
[PM-11764] Implement account switching and sdk initialization (#11472)
* feat: update sdk service abstraction with documentation and new `userClient$` function

* feat: add uninitialized user client with cache

* feat: initialize user crypto

* feat: initialize org keys

* fix: org crypto not initializing properly

* feat: avoid creating clients unnecessarily

* chore: remove dev print/subscription

* fix: clean up cache

* chore: update sdk version

* feat: implement clean-up logic (#11504)

* chore: bump sdk version to fix build issues

* chore: bump sdk version to fix build issues

* fix: missing constructor parameters

* refactor: simplify free() and delete() calls

* refactor: use a named function for client creation

* fix: client never freeing after refactor

* fix: broken impl and race condition in tests
2024-10-18 16:15:10 +02:00
Victoria League
988c2b69e0
[CL-471] Update lock icon and others (#11508) 2024-10-11 16:12:49 -04:00
Thomas Rittson
7c72795d1c
[PM-12747] Move CollectionService and models to AC Team (#11278) 2024-10-08 10:14:39 -04:00
Shlomo Zalman Heigh
a4123cb8ba
[PM-11497] If an org has only one collection, check it by default (#10806)
Signed-off-by: Shlomo Zalman Heigh <shlomozalmanheigh@gmail.com>
2024-10-07 10:22:10 -04:00
Oscar Hinton
9ea9c3a932
[PM-11290] Enable SDK (#11378)
Follow up PR to #10974, flips the compile time flags to enabled and includes some debug logic to detect if users encounter issues with the WASM bundle in preparation for active consumption of the SDK.
2024-10-07 13:56:02 +02:00
Oscar Hinton
c88c5bf1ef
[PM-11766] Introduce SDK client (#10974)
Integrate the SDK into our other clients.
2024-10-07 13:20:50 +02:00
Jared Snider
87cb45c520
Auth/PM-13114 - WebEnvService Refactor + Unit Tests to support QA Env Selector (#11397)
* PM-13114 - WebEnvSvc - use hostname vs domain check for init and setEnv (tests TODO)

* PM-13114 - WebEnvSvc + URLs webpack config - use expected string variable on process.env.URLS to ensure tests can properly mock the WebEnvSvc

* PM-13114 - WebEnvSvc - setEnvironment - fix issue with returning currentRegion urls instead of currentEnv urls.

* PM-13114 - WebEnvSvc - setEnv - refactor names to improve clarity.

* PM-13114 - WebEnvSvc spec file - Test all prod scenarios

* PM-13144 - Work with Justin to move process.env.Urls access into injection token and remove webpack string type conversion.

* PM-13114 - WIP on getting additionalRegionConfigs injected via injection token to default env service.

* PM-13114 - Update all background inits to pass process.env.ADDITIONAL_REGIONS as unknown as RegionConfig[] to env service.

* PM-13114 - WebEnvSvc - adjust order of constructor deps

* PM-13114 - WebEnvSvc - add WebRegionConfig to extend RegionConfig type and be accurate for what the WebEnvSvc uses.

* PM-13114 - WebEnvSvc Tests - US QA tested

* PM-13114 - WebEnvSvc tests - refactor QA naming to make it more clear.

* PM-13114 - WebEnvSvc - test QA EU

* PM-13114 - WebEnvSvc - remove promise resolve per PR feedback.
2024-10-04 14:57:40 -04:00
Alec Rippberger
acd47c2b79
[PM-12694] Modify logo on AnonLayout to direct to base route on click (#11263)
* Add "back" functionality for Desktop.

* Return user to email field when logo is clicked in Web.

* Update function name.

* Move hideLogo to anchor wrapper.

* Use "/" route for logo back link.
2024-10-02 08:00:37 -05:00
Jared Snider
9ff1db7573
Auth/PM-9449 - UI Refresh + Client component consolidation into new LockV2 Component (#10451)
* PM-9449 - Init stub of new lock comp

* PM-9449 - (1) Add new lock screen title to all clients (2) Add to temp web routing module config

* PM-9449 - LockV2Comp - Building now with web HTML

* PM-9449 - Libs/Auth LockComp - bring in all desktop ts code; WIP, need to stand up LockCompService to facilitate ipc communication.

* PM-9449 - Create LockComponentService for facilitating client logic; potentially will decompose later.

* PM-9449 - Add extension lock comp service.

* PM-9449 - Libs/auth LockComp - bring in browser extension logic

* PM-9449 - Libs/auth LockComp html start

* PM-9449 - Libs/Auth LockComp - (1) Remove unused dep (2) Update setEmailAsPageSubtitle to work.

* PM-9449 - Add getBiometricsError to lock comp service for extension.

* PM-9449 - LockComp - (1) Save off client type as public comp var (2) Rename biometricLock as biometricLockSet

* PM-9449 - Work on lock comp service getAvailableUnlockOptions

* PM-9449 - WIP libs/auth LockComp

* PM-9449 - (1) Remove default lock comp svc (2) Add web lock comp svc.

* PM-9449 - UnlockOptions - replace incorrect type

* PM-9449 - DesktopLockComponentService -get most of observable based getAvailableUnlockOptions$ logic in place.

* PM-9449 - LockCompSvc - getAvailableUnlockOptions in place for all clients.

* PM-9449 - Add getBiometricsUnlockBtnText to LockCompSvc and put TODO for wiring it up later

* PM-9449 - Lock Comp - Replace all manual bools with unlock options.

* PM-9449 - Desktop Lock Comp Svc - adjust spacing

* PM-9449 - LockCompSvc - remove biometricsEnabled method

* PM-9449 - LockComp - Clean up commented out code

* PM-9449 - LockComp - webVaultHostname --> envHostName

* PM-9449 - Fix lock comp svc deps

* PM-9449 - LockComp - HTML progress

* PM-9449 - LockComp cleanup

* PM-9449 - Web Routing Module - wire up lock vs lockv2 using extension swap

* PM-9449 - Wire up loading state

* PM-9449 - LockComp - start wiring up listenForActiveUnlockOptionChanges logic with reactivity

* PM-9449 - Update desktop & extension lock comp service to use new biometrics service vs platform utils for biometrics information.

* PM-9449 - LockV2 - Swap platform util usage with toast svc

* PM-9449 - LockV2Comp - Bring over user id logic from PM-8933

* PM-9449 - LockV2Comp - Adjust everything to use activeAccount.id.

* PM-9449 - LockV2Comp - Progress on wiring up unlock option reactive stream.

* PM-9449 - LockComp ts - some refactoring and minor progress.

* PM-9449 - LockComp HTML - refactoring based on new idea to keep unlock options as separate as possible.

* PM-9449 - Add PIN translation to web

* PM-9449 - (1) Lock HTML refactor to make as independent verticals as possible (2) Refactor Lock ts (3) LockSvc - replace type with enum.

* PM-9449 - LockV2Comp - remove hardcoded await.

* PM-9449 - LockComp HTML - add todo

* PM-9449 - Web - Routing module - cleanup commented out stuff

* PM-9449 - LockV2Comp - Wire up biometrics + mild refactor.

* PM-9449 - Desktop - Wire up lockV2 redirection

* PM-9449 - LockV2 - Desktop - don't focus until unlock opts defined.

* PM-9449 - Fix accidental check in

* PM-9449 - LockV2 - loading state depends on unlock opts

* PM-9449 - LockV2 comp - remove unnecessary hr

* PM-9449 - Migrate  "yourVaultIsLockedV2" translation to desktop & browser.

* PM-9449 - LockV2 - Layout tweaks for biometrics

* PM-9449 - LockV2 - Biometric btn text

* PM-9449 - LockV2 - Wire up biometrics loading / disable state + remove unnecessary conditions around biometricsUnlockBtnText

* PM-9449 - DesktopLockSvc - Per discussion with Bernd, remove interval polling and just check once for biometric support and availability.

* PM-9449 - AuthGuard - Add todo to remove promptBiometric

* PM-9449 - LockV2 - Refactor primary and desktop init logic + misc clean up

* PM-9449 - LockV2 - Reorder init methods

* PM-9449 - LockV2 - Per discussion with Product, deprecate windows biometric settings update warning

* PM-9449 - Add TODO per discussion with Justin and remove TODO

* PM-9449 - LockV2 - Restore hide password on desktop window hidden functionality.

* PM-9449 - Clean up accomplished todo

* PM-9449 - LockV2 - Refactor func name.

* PM-9449 - LockV2 Comp - (1) TODO cleanup (2) Add browser logic to handleBiometricsUnlockEnabled

* PM-9449 - LockCompSvc changes - (1) Observability for isFido2Session (2) Adjust errors and returns per discussion with Justin

* PM-9449 - Per product, no longer need to support special fido2 case on extension.

* PM-9449 - LockCompSvc - add getPreviousUrl support

* PM-9449 - LockV2 - Continued ts cleanup

* PM-9449 - LockV2Comp - clean up unused props

* PM-9449 - LockV2Comp - Rename response to masterPasswordVerificationResponse

* PM-9449 - LockV2 - Remove unused formPromise prop

* PM-9449 - Add missing translations + update desktop to showReadonlyHostName

* PM-9449 - LockV2 - cleanup TODO

* PM-9449 - LockV2 - more cleanup

* PM-9449 - Desktop Routing Module - only allow LockV2 access if extension refresh flag is enabled.

* PM-9449 - Extension - AppRoutingModule - Add extension redirect + new lockV2 route.

* PM-9449 - Extension - AppRoutingModule - Add lockV2 to the ExtensionAnonLayoutWrapperComponent intead of the regular one.

* PM-9449 - Extension - CurrentAccountComp - add null checks as anon layout components don't have a state today. This prevents the account switcher from working on the new lockV2 comp.

* PM-9449 - Extension AppRoutingModule - LockV2 should use ExtensionAnonLayoutWrapperData

* PM-9449 - LockComp - BiometricUnlock - cancelling is a valid action.

* PM-9449 - LockV2 - Biometric autoprompt cleanup

* PM-9449 - LockV2 - (1) Add TODO for KM team (2) Fix submit logic.

* PM-9449 - Tweak TODO to add task #

* PM-9449 - Test WebLockComponentService

* PM-9449 - ExtensionLockComponentService tested

* PM-9449 - Tweak extension lock comp svc test

* PM-9449 - DesktopLockComponentService tested

* PM-9449 - Add task # to TODO

* PM-9449 - Update apps/browser/src/services/extension-lock-component.service.ts per PR feedback

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* PM-9449 - Per PR feedback, replace from with defer for better reactive execution of promise based functions.

* PM-9449 - Per PR feedback replace enum with type.

* PM-9449 - Fix imports and tests due to key management file moves.

* PM-9449 - Another test file import fix

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-10-01 16:06:18 -04:00
Bernd Schoolmann
dafe795854
Move asymmetric crypto functions out of crypto service (#10903) 2024-10-01 17:47:41 +02:00
Thomas Rittson
1f85036346
[PM-3478] Refactor OrganizationUser api (#10949)
* User and Group collection dialogs - don't fetch additional associations from the api
* Refactor to use user mini-details endpoint
2024-10-01 07:13:26 +10:00
Nick Krantz
8589cfd96e
[PM-5450] Admin Console event collection (#10678)
* switch `collect` to `collectMany`

- The `collect` method in collection service tries to fetch the cipher via the passed `cipherId`. The cipher service fails within the admin console in some cases.

* add `getCipherAdmin` call to fetch ciphers not in a collection
2024-09-30 13:42:33 -05:00
Bernd Schoolmann
19f547e638
[PM-8836] Move ownership of biometrics to key-management (#10818)
* Move ownership of biometrics to key-management

* Move biometrics ipc ownership to km

* Move further files to km; split off preload / ipc to km

* Fix linting

* Fix linting

* Fix tests

* Fix tests

* Update .github/CODEOWNERS

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update .github/CODEOWNERS

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Change ownership of native messaging to key-management

* Move biometrics to libs/key-management

* Add README to capital whitelist

* Update package-lock.json

* Move km to key-management

* Move km to key-management

* Fix build for cli

* Import fixes

* Apply prettier fix

* Fix test

* Import fixes

* Import fixes

* Update libs/key-management/README.md

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/key-management/package.json

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update lock file

* Change imports to top level km package

---------

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
2024-09-30 18:14:32 +02:00
Shane Melton
e0bca66f5e
[PM-12622] Check that readOnly is falsy not only null (#11248)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Check for test secrets (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-latest) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-latest) (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / SAST scan (push) Has been cancelled
Scan / Quality scan (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
2024-09-25 15:47:46 -07:00
Jonathan Prusik
e88e231d48
[PM-11588] Bugfix - parse user input value for combined expiry date when creating/adding a card cipher (#11103)
* simplify logic and fix some pattern-matching bugs

* add first pass at parsing combined expiry year and month from user input

* clean up code

* fix broken three-digit parsing case

* fix case where splitCombinedDateValues returns empty strings when the input is only a delimiter

* fix incorrect expectation of falsy negative integers

* clean up code

* split out logic from parseYearMonthExpiry

* move utils from vault to autofill
2024-09-24 10:36:44 -04:00
Bernd Schoolmann
d92b2cbea2
[PM-11477] Remove deprecated cryptoservice functions (#10854)
* Remove deprecated cryptoservice functions

* Use getUserkeyWithLegacySupport to get userkey

* Fix tests

* Fix tests

* Fix tests

* Remove unused cryptoservice instances

* Fix build

* Remove unused apiService in constructor

* Fix encryption

* Ensure passed in key is used if present

* Fix sends and folders

* Fix tests

* Remove logged key

* Fix import for account restricted keys
2024-09-24 11:28:33 +02:00
SmithThe4th
0db179e974
[PM-739] Using a space at the beginning of otpauth:// generate a wrong OTP (#11204)
* Trimmed tariling whitespace from totp field

* Trimmed tariling whitespace from totp field

* Fix failing test
2024-09-23 16:45:53 -04:00
Nick Krantz
01e530d02b
[PM-11691] Remove Nord and Solarized Dark from extension (#11013)
* remove nord and solarized dark from AppearanceV2 component
- This component already behind the extension refresh feature flag

* update the users theme to system when nord or solarized dark is selected

* For desktop, still allow all theme types by overriding the default theme service.

* change theme on the fly rather than updating local state.

- When the feature flag is removed then a migration will have to take place
2024-09-19 10:55:40 -05:00