Commit Graph

1886 Commits

Author SHA1 Message Date
Patrick-Pimentel-Bitwarden
173a5499a3
fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login (#19398)
* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Initial change to try and fix issue.

* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Added back in change that broke it.

* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Fixed.

* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Added tests and updated comment.

* docs(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Moved comment.

* test(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Accepted feedback.
2026-03-06 09:48:49 -06:00
Maciej Zieniuk
d08d8743be
[PM-20372] Clear master password unlock state on Key Connector migration (#18485)
* clear master password unlock state on Key Connector migration

* missing dependency

* missing dependency

* types fix
2026-03-06 15:38:14 +01:00
Nik Gilmore
6695083574
[PM-30304] Migrate Cipher Get Operations to use SDK (#18332)
* Migrate create and edit operations to use SDK for ciphers

* WIP: Adds admin call to edit ciphers with SDK

* Add client version to SDK intialization settings

* Remove console.log statements

* Adds originalCipherId and collectionIds to updateCipher

* Update tests for new cipehrService interfaces

* Rename SdkCipherOperations feature flag

* Add call to Admin edit SDK if flag is passed

* Add tests for SDK path

* Revert changes to .npmrc

* Remove outdated comments

* Fix feature flag name

* Fix UUID format in cipher.service.spec.ts

* Update calls to cipherService.updateWithServer and .createWithServer to new interface

* Update CLI and Desktop to use new cipherSErvice interfaces

* Fix tests for new cipherService interface change

* Bump sdk-internal and commercial-sdk-internal versions to 0.2.0-main.439

* Fix linting errors

* Fix typescript errors impacted by this chnage

* Fix caching issue on browser extension when using SDK cipher ops.

* Remove commented code

* Implement deleteWithServer and deleteManyWithSErver using SDK

* Implement restoreWithServer and restoreManyWithServer using SDK

* Add softDeleteWithServer and softDeleteManyWithServer impl using SDK

* Wrap SDK functions in firstValueFrom

* Fix bug causing race condition due to not consuming / awaiting observable.

* Add orgId to interface for admin deleteMany calls

* Use cipherService to deleteManyWithServer as admin, instead of API directly

* Bump SDK version to main.460

* Add tests for delete ops

* Remove unsetting archive date on delete, which was introduced by mistake

* Move getAllFromApiForOrganization to use SDK

* Implement getAllDecrypted and getAllFromApiForOrganization for SDK

* Fix broken CipherView conversion functions

* Fix CipherView type conversions from SDK

* Add missing 'await' to decrypt call

* Clean up unnecessary else statements and fix function naming

* Add comments for this.clearCache

* Add tests for SDK CipherView conversion functions

* Replace sdkservice with cipher-sdk.service

* Fix import issues in browser

* Fix import issues in cli

* Fix type issues

* Fix type issues

* Fix type issues

* Move delete/restore functions to cipher-sdk.service.ts when using SDK flag

* Move getCipher functions to cipher-sdk.service.ts when using SDK flag

* Address PR feedback

* Fix test that fails sporadically due to timing issue

* Simplifications from PR feedback

* UPdate tests

* Remove unnecessary type logic to use returned enum

* Revert changes to cipher.view.ts converting CipherListView to CipherView

* updated changes to match SDK changes

* Updated sdk package

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2026-03-05 19:03:48 +00:00
Bernd Schoolmann
944b3ffdc2
[PM-31406] fix: TypeScript 5.9 type compatibility fixes for auth-owned code (#19187)
* fix: add TypeScript 5.9 type compatibility fixes for auth-owned code

Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.

* Fix type errors

* Fix test

* Fix tests

* Fix typing in auth tests

* Also change unlock service to uint8array<arraybuffer>

* Fix types

* Prettier

* Apply fixes for jest spy type
2026-03-04 19:12:44 -07:00
Nik Gilmore
6cce91d899
[PM-31825] Add fido2 support to SDK create/update methods (#18800)
* Add fido2 support to SDK create/update methods

* Refactor FIDO2 handling when using the SDK for CipherView conversions

* Remove unneeded comments

* Update tests for FIDO2 functionality

* Reorder imports

* Fixed merge conflicts

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2026-03-04 16:27:11 -05:00
Bernd Schoolmann
71fa320557
[PM-31406] Migrate lastpass importer to special-purpose dangerous-crypto-compat (#19221)
* Introduce dangerous-compat crypto implementations

* Migrate lastpass importer to purpose-built dangerous-crypto-compat function

* Add missing export

* Prettier
2026-03-04 10:57:47 +01:00
Bernd Schoolmann
6b91ff3867
[PM-24102] Remove encstring decrypt function (#17108)
* Remove orgid in vault decryption code

* Remove deprecated encstring usage from dirt code

* tmp

* Remove folder usage without provided key

* Fix folder test

* Fix build

* Fix build

* Fix build

* Fix tests

* Update error message

* Update spec to not use EncString decrypt

* Remove decrypt from encstring

* Make key required

* Remove unused tests

* Mark old encstring properties as deprecated

* Remove unused test code

* Update function signature

* Undo breaking change (throw on decrypt

* Defensively protect against non-error errors

* Fix types

* Fix prettier formatting

* Fix tests
2026-03-03 14:57:05 +01:00
Oscar Hinton
b7ee23022a
[PM-28926] Add bulk operations to repository (#19321)
Adds the new bulk operations to the client managed state. Also adds a test.
2026-03-03 12:06:43 +01:00
Maciej Zieniuk
502a0bde42
update sdk-internal and fix issues (#19333) 2026-03-02 19:06:14 +01:00
Jared McCannon
e2bee489a4
[PM-30886] - Remove FF for Restoring Users. (#19155)
* removed feature flag for default user collection being created for restored users.

* leaving the url as we'll need it in case we have to revert a release
2026-03-02 10:38:54 -06:00
Brandon Treston
e0a9738616
[PM-32782] Fix auto confirm action to use correct userId (#19283)
* fix autoconfrim action to use correct userId

* add proper user id for key exchange
2026-03-02 09:34:50 -05:00
Leslie Xiong
cfa4b1c27f
[PM 29776] Move Account Switcher (#18686)
* moved account switcher into page header

* Added 'header-actions' slot for AnonLayout

* removed 'standalone: true'

* cleanup

* more cleanup

* fixed lint error

* use 'app-avatar' in dropdown

* fixed account avatar vertical centering

* revert back to `standalone: false`

* moved new account switcher behind 'desktop-ui-migration-milestone-4' FF

* - added to default FF
- fixed template formatting
- removed type of 'configService'
- renamed to 'account-switcher-v2'

* fixed test

* moved 'account-switcher-v2' into '/auth'

* updated class and style from 'v3' to 'v2'

* removed ts-strict-ignore

* added back `ts-strict-ignore`

* added `aria-label` to `bit-avatar`

* fixed page load issue after clearing local session data

* fixed 'Access denied' toast appearing when milestone4 FF is false

* fixed new account switcher missing from 'locked vaults' and other 'AnonLayouts'

* fixed styles for non-logged in account-switcher button

* fixed duplicate account switcher bug

* lint fix

* updated 'account switcher' anon layout styles/colors

* fixed color from `bg-brand-strong` to `bg-brand`

---------

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2026-02-28 14:57:57 -05:00
Bernd Schoolmann
646c4da171
[PM-31406] fix: TypeScript 5.9 type compatibility fixes for tools-owned code (#19189)
* fix: TypeScript 5.9 type compatibility fixes for tools-owned code

Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.

* Fix type errors
2026-02-27 16:08:08 -05:00
Bernd Schoolmann
0df571d957
[PM-31406] Introduce dangerous-compat crypto implementations (#19220)
* Add dangerous compat functions

* Fix eslint
2026-02-27 17:36:03 +01:00
Oscar Hinton
41c49a4d66
Fix broken audit test (#19279) 2026-02-27 14:38:35 +01:00
Bernd Schoolmann
dc772c22f7
[PM-31406] fix: TypeScript 5.9 type compatibility fixes for fido2 & platform-owned code (#19188)
* fix: TypeScript 5.9 type compatibility fixes for platform-owned code

Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.

* Fix fido2 issues

* Fix another type error

* Fix another type error
2026-02-27 10:59:52 +01:00
Bernd Schoolmann
04926833be
[PM-31763] Migrate userkey state to be client-managed SDK-available state (#18906)
* Migrate userkey state to be client-managed SDK-available state

* Update sdk to 556

* Fix types

* Fix build

* Linting
2026-02-27 10:36:19 +01:00
Leslie Xiong
b3439482fa
[PM-18768] Migrate vault cipher list (#18522)
* migrated vault cipher list

* added back `rounded` prop to `bit-layout`

* moved account switcher to right corner

* moved username below cipher item name

* fixed spacing to align with send pages

* removed commented out

* fixed options buttons overflowing if has launch

* fixed "options" label disappearing when width is insufficient

* reverted search component, added search directly to vault-list

* placed new vault cipher list work behind 'desktop-ui-migration-milestone-3' feature flag

* reverted scss changes

* added back search bar when FF not enabled

* fixed owner column responsiveness (set to table width instead of screen)

* fixed 'owner' column responsiveness

* hide 'owner' column at 'md' breakpoint

* Remove duplicate badge component and org name pipe

* Convert to standalone

* Added back translations

* used correct 'tw' variants for 'px'

* extended existing `item-footer` component

* removed unused `showGroups()` from `vault-cipher-row`

* removed 'addAccess' from `vault-list.component`

* removed more unused, separated 'cipher collections' from 'filter collections'

* converted `vault-wrapper` to use signal

* updated original 'vault.component' to reflect main

* fixed `templateUrl`, merge fix

* changed to `getFeatureFlag$`

* fixes for `item-footer` and `vault-collection-row`

* fixed lint error

* - replaced using global css with tailwind
- added functionality and ui for empty states
- moved search and vault header from 'vault-list' to 'vault component'

* fixed accessing `this.userCanArchive$`

* converted more to tailwind in vault component

* removed unused 'selection' from `vault-list`

* Fix flashing vault list

* Move app-header title to routing module

* Remove broken half-migrated new form

* removed unnecessary `this.organizations$` block

* removed `firstSetup$`, cleaned up unused, separated 'delete' and 'restore' handling for footer and cipher menu

* used desktop 'launch' functionality

* moved 'bit-no-items' into `vault-list`

* removed unused locales

* aligned `handleDelete` and `handleRestore` with original desktop functionality

* Fix linting and tests

* Move no-items out of table similar to send.

* Re-add newline end of messges.json

* Remove events

* Hide copy buttons if there is nothing to copy. Simplify

* fix

* Get rid of unused copyField

* Use dropdown button in vault list instead

* Fix linting

* removed unused imports

* updated `vault-orig` to current in main

* fixed `vault-orig` templateUrl

* fixed import order, removed unused `combineLatest` block

* fixed `onVaultItemsEvent` "delete"

* removed duplicate rendering of logo

* preserve cipher view after 'cancel'

* filter from `allCiphers`

* moved `enforceOrganizationDataOwnership` call inside "syncCompleted" block

* converted `showAddCipherBtn` to observable

* removed unused

* added `submitButtonText` to `app-vault-item-footer`

* removed filtering restricted item types

* fixed `cancelCipher` pass in and set `cipherId`

* updated `submitButtonText`

* updated `vault-orig` to current `vault` in main

---------

Co-authored-by: Hinton <hinton@users.noreply.github.com>
2026-02-26 16:41:02 -05:00
rr-bw
4c2aec162d
refactor(input-password-flows): [Auth/PM-27086] Use new KM Data Types in InputPasswordComponent flows - TDE Offboarding (#18204)
Updates the `setInitialPasswordTdeOffboarding` path to use new KM data types:
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`

This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.

Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
2026-02-26 09:51:19 -08:00
Alex Morask
d8fdfdf559
feat: add 'My Items' feature to enterprise organizations (#19064) 2026-02-26 11:00:18 -06:00
Nick Krantz
e422dc7f29
[PM-32717] Individual Vault - Edit Cipher permissions (#19228)
* bypass cipher edit permissions for individual vault

* replace bypassCipherEditPermission with form configuration mode

* allow partial edit to view cipher form

* remove old comment
2026-02-25 13:26:56 -06:00
Bernd Schoolmann
666ff42d22
[PM-31763] Add unlock service & module (#18870)
* Add unlock service

* Move methods

* Prettier

* Fix type errors

* Prettier

* Fix test

* Fix module order

* Attempt to fix tests

* Cleanup CODEOWNERS

* Backport biometric unlock and legacy master-key logic

* Add tests for biometrics

* Prettier

* Add biometric unlock to abstract unlock service

* Fix build
2026-02-25 18:50:25 +01:00
Dave
4f706746d6
[PM-30811] Update change email flow to use new Key Management APIs (#18857)
* feat(change-email) [PM-30811]: Add feature flag.

* feat(change-email) [PM-30811]: Add new constructor to EmailTokenRequest.

* feat(change-email) [PM-30811]: Update import.

* feat(change-email) [PM-30811]: Stub new ChangeEmailService.

* feat(change-email) [PM-30811]: Provide ChangeEmailService.

* feat(change-email) [PM-30811]: Add ChangeEmailService impl.

* feat(change-email) [PM-30811]: Add ChangeEmailService to component.

* feat(change-email) [PM-30811]: Remove change-email methods from ApiService.

* feat(change-email) [PM-30811]: Update EmailTokenRequest for new APIs.

* feat(change-email) [PM-30811]: Finish implementation of both paths in ChangeEmailService.

* feat(change-email) [PM-30811]: Wire-up service in ChangeEmailComponent.

* test(change-email) [PM-30811]: Add ChangeEmailService tests.

* test(change-email) [PM-30811]: Update tests.

* refactor(change-email) [PM-30811]: EmailTokenRequest strict-ignore until legacy support can be unwound.

* refactor(change-email) [PM-30811]: Re-order imports.

* test(change-email) [PM-30811]: Update component tests to reflect new implementation.

* refactor(change-email) [PM-30811]: Formatting.

* test(change-email-service) [PM-30811]: Improve accuracy of null-checking tests: kdf, userKey, salt, in order.
2026-02-25 12:41:29 -05:00
Bernd Schoolmann
4024d34df8
[PM-31406] fix: TypeScript 5.9 type compatibility fixes for audit.service (#19195)
* fix: TypeScript 5.9 type compatibility fixes for audit.service

Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.

* Add non-null assertion
2026-02-25 10:46:13 -06:00
Bernd Schoolmann
cf7f9cfc7e
[BEEEP|PM-32521] Remove compare key hash and move to proof of decryption (#19101)
* Remove compare key hash and move to proof of decryption

* Fix cli build

* Fix mv2

* Fix provider

* Prettier
2026-02-25 17:02:04 +01:00
Alex Morask
b964cfc8e4
[PM-32612] Only show subscription menu option when premium user has subscription (#19209)
* fix(billing): only show Subscription menu option when premium user has subscription

* fix(billing): missed state service invocation changes
2026-02-25 08:25:24 -06:00
Bernd Schoolmann
b27f820ffb
Add non-null type hints (#19219) 2026-02-25 14:47:20 +01:00
Bernd Schoolmann
98f6169333
Narrow types for platform utils service (#19196) 2026-02-25 03:12:13 -06:00
Bernd Schoolmann
d20f659bbc
[PM-31406] fix: TypeScript 5.9 type compatibility fixes for vault-owned code (#19191)
* fix: TypeScript 5.9 type compatibility fixes for vault-owned code

Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.

* Fix cli build
2026-02-25 10:04:23 +01:00
Thomas Rittson
da0005b01b
[PM-32131] Add UseMyItems organization ability (#19018)
Not used in the front-end yet, but adding it here
for consistency
2026-02-25 12:54:23 +10:00
Daniel James Smith
181e4767d8
Parse the CommunicationServerConfigResponse within the ConfigService and expose changes via an observable. (#19184)
Model was introduced on the server with https://github.com/bitwarden/server/pull/6892

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2026-02-24 15:03:44 -05:00
Vijay Oommen
4bcdd08ab8
[PM-32447] Integration card after edits (#19203) 2026-02-24 13:37:33 -06:00
sven-bitwarden
d50c5e1819
[PM-32172] Redirect All Calls to PUT Policy VNext Endpoint (#19015)
* Redirect all remaining calls to VNextSavePolicy endpoint

* Remove unused code

---------

Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2026-02-24 12:37:58 -06:00
cd-bitwarden
435375ab53
Removing feature flag from client side (#19070) 2026-02-23 12:48:34 -06:00
Thomas Avery
672a6026e3
[PM-27331] Update the sdk service to use accountCryptographicState (#18274)
* Update the sdk service to use accountCryptographicState
2026-02-23 12:23:37 -06:00
Nik Gilmore
99445e1ca6
[PM-31958] BUGFIX: Blank Screen showing after deleting item (#18860)
* Move clearCache calls before SDK calls, to prevent race conditions from firing.

* Swap calls to clearCache and restoreWithServer/restoreManyWithServer to fix race condition
2026-02-23 09:53:01 -08:00
Jackson Engstrom
ef7df6b841
[PM-30521] Add Autofill button to View Login screen for extension (#18766)
* adds autofill button for cipher view

* adds tests

* changes autofill function for non login types

* adds top margin to autofill button

* adds more top margin to autofill button

* only shows autofill button when autofill is allowed (not in a popout)

* add button type

* updates _domainMatched to take a tab param, updates how the component is passed through to slot

* fixes tests from rename

* adds comment about autofill tab checking behavior

* removes diff markers
2026-02-20 14:28:54 -08:00
Bernd Schoolmann
3a56f2e832
[PM-30785|BEEEP] Remove deprecated master key login with device flow (#17943)
* Remove deprecated master key login with device flow

* Resolve conflicts / cleanup

* Linting

* Fix lint

* Run prettier
2026-02-20 13:22:05 -05:00
John Harrington
c623407621
[PM-32471] [Defect] Importers have regressed during folder migration (#19079)
* relax type-checking and add importer test coverage

* satisfy lint
2026-02-20 09:31:49 -07:00
Nick Krantz
a610ce01a2
[PM-31433] Welcome Dialog with Extension Prompt (#18849)
* add welcome prompt when extension is not installed

* add feature flag

* move prompt logic to internal service and add day prompt

* rename dialog component

* remove feature flag hardcode and add documentation

* use i18n for image alt

* move state into service

* be more explicit when the account or creation date is not available

* remove spaces

* fix types caused by introducing a numeric feature flag type

* add `typeof` for feature flag typing
2026-02-20 10:23:59 -06:00
Bernd Schoolmann
bb110122a5
[PM-30144] Implement client-side user-key-rotation-service (#18285)
* Implement client-side user-key-rotation-service

* Feature flag

* Add tests

* Fix flag name

* Fix build

* Prettier

* Small clean-up

* Codeowners order cleanup

* Fix eslint issue

* Update sdk to 550

* Cleanup & fix incompatibilities

* Prettier
2026-02-20 15:28:24 +01:00
Jordan Aasen
46a2af38a0
[PM-31974] - Vault Welcome dialog (#18960)
* premium upgrade prompt and onboarding dialog

* finalize onboard vault dialog

* vault welcome dialog no ext

* finish welcome dialog prompt

* revert changes to unified upgrade prompt service

* rename component

* rename feature flag

* add welcome dialog service

* fix tests

* fix footer position in welcome dialog

* present dialog in order

* fix tests

* fix padding
2026-02-19 09:29:54 -08:00
Alex Morask
4f256fee6d
[PM-29087] [PM-29088] Remove FF: pm-26793-fetch-premium-price-from-pricing-service - Logic + Flag (#18946)
* refactor(billing): remove PM-26793 feature flag from subscription pricing service

* test(billing): update subscription pricing tests for PM-26793 feature flag removal

* chore: remove PM-26793 feature flag from keys
2026-02-19 09:26:18 -06:00
Brandon Treston
c8ba23e28d
[PM-26378] Auto confirm events (#19025)
* add notification handler for auto confirm

* add missing state check

* fix test

* isolate angular specific code from shared lib code

* clean up

* use autoconfirm method

* add event logging for auto confirm

* update copy
2026-02-19 09:57:52 -05:00
Bernd Schoolmann
6498ec42f8
[BEEEP] Add util functions for uint8 array conversion (#18451)
* Add util functions for uint8 array conversion

* Use polyfill instead of old functionality

* Replace last usage of old functions
2026-02-19 14:04:43 +01:00
Mike Amirault
6dea7504a6
[PM-26732] Remove Chromium ABE importer feature flag (#19039) 2026-02-18 14:49:51 -05:00
Alex Morask
5161a232f5
[PM-29055] Remove pm-25379-use-new-organization-metadata-structure feature flag (#18848)
Remove the fully-enabled feature flag and simplify the billing metadata
API to always use the vNext endpoints. The legacy API path is removed
since the server will no longer serve it.

- Remove FeatureFlag.PM25379_UseNewOrganizationMetadataStructure enum and default
- Delete legacy getOrganizationBillingMetadata() API method (old /billing/metadata path)
- Rename vNext methods to remove VNext suffix
- Simplify OrganizationMetadataService to always use cached vNext path
- Remove ConfigService dependency from OrganizationMetadataService
- Update tests to remove feature flag branching
2026-02-18 09:06:10 -06:00
Dave
e262441999
[PM-31088] saltForUser should emit salt from master password unlock data (#18976)
* feat(salt-for-user) [PM-31088]: Add feature flag for saltForUser.

* feat(salt-for-user) [PM-31088]: Flag saltForUser logic to return unlockdata.salt or emailToSalt.

* test(salt-for-user) [PM-31088]: Update tests to include coverage for new behavior.
2026-02-17 17:43:00 -05:00
SmithThe4th
61326979b9
Updated delete attachment to conform with the server side changes (#19014) 2026-02-17 16:07:14 -05:00
John Harrington
728eab3dab
set auth to false for anon file send access (#18978) 2026-02-16 15:55:03 -07:00