Commit Graph

256 Commits

Author SHA1 Message Date
Daniel James Smith
dc94f964d2
[SM-1762] Bump Jest to 30.3.0 (#20211)
* Bump jest packages

jest is a transient dependency of ts-jest but because angular-devkit/build-angular drags in an older version of jest, we have to add jest 30.3.0 to our dependencies

* Fix some typescript issues due to stricter types on mockImplementation

* Update guide link in snapshots

* Fix jest-environment paths

* Fix typescript linting errors

* Address typescript errors due stricter mockImplementation

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2026-04-17 17:48:29 +02:00
Mike Amirault
f9e98d8611
[PM-31438] Send unsaved edits dialog (#19425)
* [PM-31438] Add save edits dialog to web vault Send page

* Fix Access Intelligence component

* Match design spec, address PR comment

* Fix lint problem

* Lots of lint fixes

* Test fix, add change lost during merge conflict

* Change close methods return type to DialogCloseRef

* Fix Dialog types

* One more type fix

* Address QA findings, fix problems from merge

* A couple of build fixes

* Address AI review comments

* Fix desktop build and lint
2026-04-17 09:50:05 -04:00
Dave
888f91ccf7
[PM-33210] fix(login): clear validation errors on region change (#20007)
* Revert "Revert "fix(login): clear validation errors on region change (#19407)…"

This reverts commit 52a507bc59.

* fix(login): Apply renaming for prefetchPasswordPreloginData

Co-authored-by: Matteo Bianchi <47943069+OnSuorce@users.noreply.github.com>

---------

Co-authored-by: Matteo Bianchi <47943069+OnSuorce@users.noreply.github.com>
2026-04-14 15:55:03 -04:00
Dave
f3d22022e6
[PM-33524] Not able to set new Master Password in a previously TDE org (#19810)
* fix(saltForUser) [PM-33524] Update saltForUser$ for transition states

- e.g., TDE offboarding: user will have neither a master password nor
  salt during transition. This is not a failure to make unlock data, it
  is a gap in user state. A default salt should be provided to enable
  the state transition.

* test(saltForUser) [PM-33524] Add test cases for user transition states

* docs(email-to-salt) [PM-33524] Annotate emailToSalt callsites with changes planned for Stage 3.

* docs(master-password-service) [PM-33524] Reintroduce/modify comments after main merge.
2026-04-09 11:02:46 -05:00
Bernd Schoolmann
c9352c01d9
[PM-32864] Remove local masterkey hash (#19277)
* Remove local masterkey hash

* Remove more instances of local master key hash

* remove dependence on service

* Fix failing build

* Fix failing build

* Fix tests

* Fix test

* Fix

* Prettier

* Fix merge conflicts

* Fix cli

* Remove master key from uv service (#19278)

* Revert "Remove master key from uv service (#19278)" (#19697)

This reverts commit 8e53fe6a11.

* Cleanup local master key hash

* Fix test
2026-04-09 10:34:03 -04:00
Dave
52a507bc59
Revert "fix(login): clear validation errors on region change (#19407)" (#19979)
This reverts commit 1a1c5f4df2.
2026-04-03 16:02:28 -04:00
Matteo Bianchi
1a1c5f4df2
fix(login): clear validation errors on region change (#19407) 2026-04-03 14:09:46 -04:00
Will Martin
d763590ce6
[CL-1023][CL-1031] Design system refresh: Milestone 1 (#19061)
* [CL-1009] button style updates (#18301)

* add new button styles

* update disabled styles

* updated size stories

* update disabled button story names

* updated button stories

* add more explicit screenshots

* make class list a computed signal

* updated button docs

* allow unstyled button to inherit color

* use unstyled button in callouts until callout updates

* base button directive WIP

* add base button directive

* fix focus and hover styles

* fix lint error

* remove commented code that moved to base directive

* ensure buttonStype defaults correctly

* migrate legacy icon button types

* contrast button wips

* pull in latest and fix disabled with attr

* fix legacy variant

* add back nav contrast button variant

* updated icon button docs

* rename nav contrast variant and fix contrast focus

* fix button sizing

* fix product switcher button classes

* add contrast icon button story

* fix border color

* update to primaryGhost variant

* [CL-1025] icon font refresh (#18727)

* adding new icons

* migrate to new icon names

* updated icon build docs

* resolve conflicts and re-run migration

* add icons deps to uif ownership

* fix incorrect migration

* fix misnamed icon

* create filter icon and fix mapping error

* updated readme and add migration script to package.json

* fix prettier warnings

* remove browser alt from definition list

* add missing icon types

* fix image name migrated in error and update regex to not change these

* ensure icon array is updated automatically

* updated build comment

* remove unnecessary direct execution command

* remove direct run command

* allow legacy icon names to map to new icons

* [CL-1025] Icon font refresh - Temporary migration state with legacy names (#18948)

* Revert icon name migrations, preserve migration tooling

Reverted all icon name changes that were applied by the migration scripts,
while preserving:
- New icon SVG files in libs/assets/src/material-icons/
- Icon font files in libs/angular/src/scss/bwicons/
- Migration scripts in scripts/material-icons/
- NPM scripts and dependencies for icon tooling

This allows running the migration fresh when ready.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* Build icon font with bidirectional legacy/new name mapping

Ran icons:build to generate bidirectional icon mappings:
- SCSS now includes 155 icons (both Figma and legacy BWI names)
- TypeScript icon.ts updated with all 155 names
- All legacy names (e.g., bwi-question-circle, bwi-plus) point to new icon assets
- All new names (e.g., bwi-help, bwi-add) also available
- Codebase can continue using legacy names with new icon designs

This enables the temporary migration state where code uses existing
legacy icon names but displays the new refreshed icon assets.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* Fix: revert bwi-filter back to bwi-grid across codebase

bwi-grid is the correct new icon name and should not be reverted.
The changes from bwi-filter to bwi-grid were manual corrections,
not part of the automated migration.

Updated 16 files to restore bwi-grid icon references.

Addresses feedback from Bryan Cunningham on PR #18948

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

* remove duplicate key and add back dep ownership change

* fix formatting errors

---------

Co-authored-by: Will Martin <contact@willmartian.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix button variant

* [CL-1040] updated palette colors (#19401)

* [CL-973] chip component (#18798)

* wip

* WIP

* create chip filter component

* trying to get truncation to work

* fix truncation

* create chip-action component

* fix type errors

* add chip component

* add shared story args

* have chips take label input

* fix test template and imports

* fixing arg types and disabled states

* simplify disabled logic

* fix dimssis button alignment

* update menu focus color

* updated chip docs

* update chip-select usage to chip-filter

* fix full width icon layout

* remove commited code

* export chip component

* remove commented code

* expose full width

* chip component should not go full width

* use bit-icon in filter template

* remove commented code

* updated chip docs

* remove extra truncate class

* fix dupe input definitions

* move import to correct line

* read base chip values directly

* remove standlaone as it's the default

* forward size correctly

* create full width arg type

* let type be infered

* updated jsdoc comments

* use more modern angular syntax

* rename components to use kebab case

* remove redundant docs

* remove inaccurate link docs

* remove enum like types

* remove dead code

* remove unused spec

* remove host bindings

* restructure chips folders

* add max width class

* remove full width docs

* add internal comment

* bind to missing controls

* fixing docs

* replace disabled verbiage with inactive

* remove unnecessary comment

* default to primary

* do not allow end icon in action chip

* take chip action screenshots in both themes

* use selected input for base directive

* fix width error

* coerce to boolean

* fixed end icon reference

* fix code reference to endIcon

* fixing chip filter specs

* fix missing input transform

* fix docs

* fix input and add truncate

* ensure chip content truncates

* updated slot naming

* updated example to use new flow control

* fix typing for option.icon

* fix failing test, fix filter type, and support colored icons in filter options

* fix failing test

* doc updates

* change dismissed event name

* remove standalone

* fix selector

* fix docs

* remove unused fvw data property and fix docs links

* use base as host directive in chip

* fix spec button selectors

* fix duplicate class binding

* fix incorrect variant resolution

* handle undefined size

* fix signal type

* remove duplicate input

* fix failing spec

* updated styles for trailing icon spacing and font size

* padding tweaks for visual design

* make variant a writable model

* use logical text align

* update slot names

* remove dismissible input

* add back missing import

* remove ability to set chip filter to small size

* create size arg type

---------

Co-authored-by: Vicki League <vleague@bitwarden.com>

* [CL-987] Update Nav Group and Nav Item components (#18965)

* updated side nav `nav-group` and `nav-item` components

* - added focus states
- set cursor pointer for nav-item
- updated arrow orientations

* - updated `navItemIndentationPadding`
- reverted `[treeDepth]` for `nav-group`
- removed placeholder arrow

* - removed text style from starting slot container
- fixed routes in story

* created shared container classes var

* fixes from rebase, override `border-radius` for collapse arrow button

* updated `tw-theme`: reverted `--color-bg-hover` and added `--color-bg-sidenav-hover`

* removed end slot `div` styles from rebase, updated `buttonType` in `nav-group` story

* added dark mode `--color-bg-sidenav-hover`

* added `xsmall` size variant to 'Icon Button'

* - updated navs to use 'xsmall' button
- fixed container padding
- removed custom arrow button styles

* fixed type error

* fixed focus-visible state by adding `tw-outline-none` to `nav-item`

* fixed type error

* placed arrow button directly in start slot

* defined `containerClasses` in template

* renamed 'item-active-hover' to 'active-item-hover' for consistency

* missed renaming from `item-active-hover` to `active-item-hover`

* fixed 'hover' and 'active' colors, added colors for arrow hover states

* - separated buttons sizes for 'Button' and 'Icon Button' from `BaseButtonDirective` into respective components
- moved `border-radius` style from Directive into own components

* fixed/simplified focus colors, added sidenav specific focus colors

* updated 'arrow' icon size for nav group, updated 'xsmall' font size

* trigger Claude review

* removed `tw-text-2xl` in nav-group for arrow button

* removed unused `NgClass` import

* more cleanup, removed unused `Ng` imports

* converted `_isActive` to signal and `showActiveStyles` to computed

* removed instances of `variant="tree"`

* renamed color variables from `admin-sidenav` to `sidenav-secondary`

---------

Co-authored-by: Will Martin <contact@willmartian.com>

* fix lint

* [CL-1096] Fix icon button width shrinking in flex containers (#19529)

Add tw-shrink-0 to prevent icon buttons from shrinking below their
fixed size when placed inside flex containers.

* [CL-1101] Fix chip dismiss button hover style and add interaction state stories (#19530)

Use the correct bg-bg-hover token for dismiss button hover background, matching
the Figma spec. The previous hover-contrast token was invisible on light backgrounds.
Add InteractionStates story showing Default, Hover, Focus, and Inactive states
for both large and small sizes.

* [CL-1098] Fix danger icon button color in form field suffix (#19532)

* [CL] Fix danger icon button color in form field suffix

Don't apply tw-text-muted to icon button suffixes — icon buttons manage
their own text color via buttonType, so the muted class was overriding
danger/primary colors (e.g. blue icon on red background in Cipher Form).

* [CL] Fix danger icon button color in form field suffix

Don't apply tw-text-muted to icon button suffixes — icon buttons manage
their own text color via buttonType, so the muted class was overriding
danger/primary colors (e.g. blue icon on red background in Cipher Form).

Also adds a DangerButtonInputGroup story to capture this case.

* [CL-1094] Update icon button default variant to primaryGhost (#19534)

* [CL-1094] Update icon button default variant to primaryGhost

Change buttonType from input to model in BaseButtonDirective, and set
the default to primaryGhost in the icon button constructor.

* [CL-1094] Fix icon button default variant using own input + effect

Using model.set() in the constructor is overridden by Angular's input
initialization lifecycle. Instead, own buttonType as an input directly
on BitIconButtonComponent with primaryGhost as the default, and sync to
the base directive via effect.

* [CL-959] update badge component styles (#19026)

* badge wip

* dynamic truncated badge tooltip

* support legacy variants for now

* add deprecation types and remove hover styles

* updated story docs

* add default icons for badges

* fix incorrect color mapping

* add ability to hide start icon

* take snapshot in both themes

* add icon size styles

* remove tooltip code

* update at risk password to use actual buttons

* more specific badge truncation docs

* remove badge module from imports

* use chip action for link

* fix missing import

* use chip in multi-select inputs

* update org badge to use primary chip

* update premium badge to accent primary action chip

* use chip action for vault item fill

* remove unnecessary icon in badge

* update obsolete notification variant

* replace usage of bitBadge on button in stories

* remove explicit input to hide startIcon

* use berry instead of badge

* fix type error

* fixing imports and badge usage

* use logical text align

* remove dead code and update jsdoc comment

* add back ability to not truncate

* remove default icon for accent-primary

* add missing translation keys to multi select story

* allow null as default icon type

* add element selector and update stories to use it

* conditionally apply truncate class

* conditionally apply title text

* migrate badge to berry

* use correct input for content

* use berry in toggle group stories

* remove unused template reference

* remove unused import of badge

* remove unused custom color code

* remove unused service injection

* [CL-1102] Fix help icon size in bit-label (#19533)

* [CL-1102] Fix help icon size in bit-label

Target bwi icons inside bit-label with [&_.bwi]:tw-text-xl to restore
correct icon sizing after recent icon style changes.

* [CL-1102] Fix text alignment regression in bit-label

Add tw-leading-none to bwi icons to prevent the line-height from
tw-text-xl from disrupting baseline alignment.

* remove bwi-sm from label icon

---------

Co-authored-by: Bryan Cunningham <bryan.cunningham@me.com>

* [CL-964] Update Callout Component (#19424)

* updated callout component

* renamed consumer bit-callout `type` from 'default' to 'subtle'

* updated callout 'end' slot

* migrated spotlight to callout, deleted spotlight

* - updated `title` comment
- updated stories and mdx

* removed `useAlertRole`

* added `CommonModule` import and updated `buttonType` in stories

* updated 'Accessibility' guidelines

* updated 'close' button

* - updated stories for clearer code
- set `(onDismiss)` only for WithCloseButton story

* added boolean switch for `persistent` to story

* fixed tests

* prettier fix

* - updated `bit-callout` instances of `buttonType="unstyled"` to use appropriate `buttonType`
- updated story for correct usage of button styles

* fixed `type` in `vault-list`

* updated to use `bit-icon`

* - fixed vertical centering of icon and text
- updated to 'OnPush' change detection

* fixed error: added 'close' to `mockLayoutI18n`

* updated `bit-callout` jsdoc comment and mdx

* fixed `persistent` callout in `admin-settings`

* removed "interrupt" language

* reverted fix for `bit-callout` `persistent`

* fixed type error

* added `close` translation to stories utilizing `bit-callout`

* converted to JSDoc comments

* updated 'close' button to check if `dismiss` output is bound

* fix: removed `readonly` from `isDismissible`

* converted `isDismissble` to signal

* added translation to `phishing-warning' story

* added bottom margin back in to callout component

* fixed type error,  fixed `icon` values

* revert subscription-card callout icon to default if not defined

* fix: update 'bit-callout' type to 'subtle'

* updated colors in `tw-theme`

* added conditional check to compute vertical alignment class

* updated more colors, slight restructure to match design

* fixed vertical alignment with 'close button', avoid long text crowding/overflowing

* remove default icons on non-semantic variants (#19614)

* remove default icons on non-semantic variants

* add back info icon to info variant

* remove info icon again

* [CL-1095] add expanded state for disclosure button (#19637)

* add brand stronger colors

* add aria-expanded styling for primary ghost button

* make all variants aria-expanded style match hover styles

* update orage-600 color value to fix contrast

* minor spacing update to account for expanded button style

* do not show expanded state on sidenav buttons

* no expanded style on toggle width button

* remove extra letter spacing and update story copy (#19668)

* [CL-1123] fix ghost button inactive styles (#19669)

* fix ghost button inactive styles

* remove type declaration

* [CL-1119] toggle berry update (#19609)

* update toggle groups to use berry

* set berry variant based on selected state

* fix failing spec

* add spec to test berry variant set correctly

* fix import errors caused by bad merge conflict resolution

* remove unnecessary variant delaration

* update kitchen sink stories to use berry

* [CL-1122] BUG FIX: Migrated Icon Buttons with button type 'danger' to 'dangerGhost' (#19677)

* migrated `bitIconButton` with 'danger' `buttonType` to 'dangerGhost'

* reverted icon-button story

* fix button variant from merge

* [CL-1117] BUG FIX: Side nav collapse arrow is placed too far left (#19623)

* - updated spacing for side-nav collapse arrow button
- updated collapsed nav-item button spacing and dimensions
- moved individual nav-item wrapper padding into side-nav component
- added button to 'WithLongText' nav-item story

* added sidenav specific hover style to toggle collapse button

* - set horizontal padding back to 'nav-item'
- updated 'bit-divider' color to 'bg-border-brand'

* updated hover styles for interactive trailing elements

* added '4px' more end padding to trailing buttons

* updated 'bit-divider' colors for secondary and dark theme

* moved button hover styles into 'side-nav' button variant

* updated sidenav-divider color for dark theme

* removed `tw-w-10` on nav-item collapsed

* updated inline padding to `12px` for both collapse and expanded states

* [CL-1117] cleaned up, renamed, and organized sidenav color variables (#19665)

* - unified 'strong' styles and `showActiveStyles` into `[style]`
- updated 'side-nav' button variant's `aria-expanded` and `focus-visible` styles

* - inherit bg and fg from parent `sidenav`
- allow trailing buttons set own fg

* updated nav group story for trailing elements

* updated nav-logo 'focus' to nav focus style

* let toggle width arrow inherit 'aria-expanded' style from 'side-nav' buttontype

* removed danger button variants from nav group story

---------

Co-authored-by: Bryan Cunningham <bcunningham@bitwarden.com>
Co-authored-by: Vicki League <vleague@bitwarden.com>
Co-authored-by: Leslie Xiong <lxiong@livefront.com>
2026-03-25 10:55:06 -05:00
Jared Snider
8c35c781a8
Auth/PM-33353 - Password Login - refine prefetching of password prelogin data (#19510)
* PM-33353 - LoginStrategyService tests - add test to capture the bad behavior.

* PM-33353 - Extract Password Prelogin API logic to own service out of API service.

* PM-33353 - Rename prelogin request / response models to have password prefix for clarity

* PM-33353 - Build PasswordPrelogin domain service and domain model + tests

* PM-33353 - PasswordPrelogin - add barrel file

* PM-33353 - PasswordPreloginData - fromResponse - add validateKdfConfigForPrelogin so domain model is always valid.

* PM-33353 - Register PasswordPreloginApiService and PasswordPreloginService.

* PM-33353 - LoginComponent - wire up PasswordPreloginService

* PM-33353 - LoginStrategy updates - (1) Remove all password prelogin code from top level strategy service (2) Inject new PasswordPreloginService for use in the PasswordLoginStrategy.

* PM-33353 - Update Password Prelogin tests to use defaults

* PM-33353 - PasswordPreloginData model tests - update to use mins

* PM-33353 - Fix login strategy tests + get TS strict warnings fixed

* PM-33353 - Remove login component tests

* PM-33353 - Fix CLI

* PM-33353 - Password Login Strategy - add additional tests + fix misc issues + re-organized tests.

* PM-33353 - LoginComp - local AI review feedback - clean up prefetchPasswordPreloginData

* PM-33353 - Remove PM23801_PrefetchPasswordPrelogin feature flag

* PM-33353 - DefaultPasswordPreloginService - getPreloginData$ - fix shareReplay error bug state.

* PM-33353  - login-strategy.state.spec.ts - Remove incorrect todo and fix ts strict issues

* PM-33353 - Per PR feedback, Update PasswordPreloginService to add a cache clear mechanism to just tightly bound the service's memory to the lifetime of the key making process
2026-03-24 17:11:08 -04:00
sven-bitwarden
4058f13e28
[PM-30993] More Descriptive Message on Expired Tokens (#18869)
* Show more descriptive error on expired tokens

* Separate org invitation acceptance from others

* Adjust variable names

* Account for additional invitation-accept error
2026-03-20 08:35:30 -05:00
Bernd Schoolmann
5b4e8c10f0
[PM-33345] Bump typescript to 5.9 (#19461)
* Bump typescript to 5.9

* Fix km types

* Fix auth types

* Fix remaining types

* Fix spec files eslint

* Fix eslint

* Prettier

* Make SendHashedPassword Uint8Array<ArrayBuffer>

* Update rul tester

* Fix tests

* Fix tests
2026-03-19 23:13:06 +01:00
rr-bw
411156aeaa
refactor(input-password-flows): [Auth/PM-27086] Use new KM Data Types in InputPasswordComponent flows - Change Password (#18507)
Updates the `ChangePasswordService` (`changePassword()` and `changePasswordForAccountRecovery()`) to use the new KM data types :
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`

This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.

Also moves current password validation into the default and web change password services.

Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
2026-03-19 10:40:14 -07:00
Patrick-Pimentel-Bitwarden
d4b4c8a164
fix(register): [PM-27085] Account Register Uses New Data Types (#18470)
* fix(register): [PM-27085] Account Register Uses New Data Types - Initial changes.

* test(register): [PM-27085] Account Register Uses New Data Types - Fixed tests.

* test(register): [PM-27085] Account Register Uses New Data Types - Updated tests.

* feat(register): [PM-27085] Account Register Uses New Data Types - Added feature flag.

* fix(register): [PM-27085] Account Register Uses New Data Types - Removed unnecessary part of the payload.

* fix(register): [PM-27085] Account Register Uses New Data Types - Changed the feature flag to be gated with the other password input changes.

* fix(register): [PM-27085] Account Register Uses New Data Types - Added protection for feature flagged state.

* fix(register): [PM-27085] Account Register Uses New Data Types - Removed unnecessary comment.

* fix(register): [PM-27085] Account Register Uses New Data Types - Addressed feedback.

* fix(register): [PM-27085] Account Register Uses New Data Types - Fixed tests and added comment.

* fix(register): [PM-27085] Account Register Uses New Data Types - Fixed another test.

* fix(register): [PM-27085] Account Register Uses New Data Types - And last test fix.

* fix(register): [PM-27085] Account Register Uses New Data Types - Removed unneeded code.

* fix(register): [PM-27085] Account Register Uses New Data Types - Updated comments and fixed code from feedback.

* fix(register): [PM-27085] Account Register Uses New Data Types - Updated comments again with small styling fix.

* fix(register): [PM-27085] Account Register Uses New Data Types - Switched to snapshot testing and explicit checks for unlock and authentication data for feature flag on. Also addressed pr comments.

* test(register): [PM-27085] Account Register Uses New Data Types - Made explicit checks for critical pieces of data in tests.

* fix(feature-flag): [PM-27085] Account Register Uses New Data Types - Added in feedback from comments. Default registration tests have snapshots now and web registration has more dry code.
2026-03-13 14:04:49 -04:00
Bernd Schoolmann
944b3ffdc2
[PM-31406] fix: TypeScript 5.9 type compatibility fixes for auth-owned code (#19187)
* fix: add TypeScript 5.9 type compatibility fixes for auth-owned code

Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.

* Fix type errors

* Fix test

* Fix tests

* Fix typing in auth tests

* Also change unlock service to uint8array<arraybuffer>

* Fix types

* Prettier

* Apply fixes for jest spy type
2026-03-04 19:12:44 -07:00
Oscar Hinton
7bd41be299
[CL-10739 Removing SharedModule from CL (#19150)
* Removing the now unnecessary SharedModule from CL

* fmt
2026-03-03 17:53:45 +01:00
Jared Snider
3782e328e1
refactor(Auth-Font-Icons): [Auth/PM-31804] Migrate auth font icons to use bit-icon (#18816)
* PM-31804 - WIP

* PM-31804 - Profile Component - fix missing translation

* PM-31804 - Web - Emergency Access Takeover Dialog Comp - remove screen reader only span as arialabel on spinner should be sufficient

* PM-31804 - Web - EmergencyAccessViewComp - remove redundant span as aria label handles accessibility.

* PM-31804 - Web - EmergencyAccessViewComp - Remove redundant sr only span - replaced w/ aria label

* PM-31804 - Web - EmergencyAccessViewComp - Remove redundant sr only span - replaced w/ aria label

* PM-31804 - EmergencyAccessComp - Replace redundant sr only span with aria label

* PM-31804 - two-factor-setup.component.html - Replace redundant sr only spans with aria labels

* PM-31804 - WebauthnLoginSettingsModule - remove unnecessary IconModule - it's imported via SharedModule

* PM-31804 - web - emergency-access.component.html - Replace redundant sr only span with aria label

* PM-31804 - LoginDecryptionOptionsComponent - Replace redundant sr only span with aria label

* PM-31804 - ChangePasswordComp - Replace redundant sr only span with aria label

* PM-31804 - AccountComponent - add BitwardenIcon type to satisfy template type requirements for name property.

* PM-31804 - Browser Account Security Component - replace nonexistent chevron icon with existing angle right icon.

* PM-31804 - Fix A11y issues with missing aria labels

* PM-31804 - Remove remaining redundant sr only spans since we now have aria labels
2026-02-23 10:42:02 -05:00
Bernd Schoolmann
3a56f2e832
[PM-30785|BEEEP] Remove deprecated master key login with device flow (#17943)
* Remove deprecated master key login with device flow

* Resolve conflicts / cleanup

* Linting

* Fix lint

* Run prettier
2026-02-20 13:22:05 -05:00
Bernd Schoolmann
c47881624a
Fix types in auth-request abstraction (#19021)
* Fix types in auth-request abstraction

* Fix firefox build
2026-02-17 10:43:41 -05:00
Bernd Schoolmann
f7a5ad712f
[PM-29208] Remove individual cryptographic-key states & migrate key service (#18164)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run typechecking (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-browser junit:junit-browser.xml name:Browser paths:apps/browser bitwarden_license/bit-browser]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-cli junit:junit-cli.xml name:CLI paths:apps/cli bitwarden_license/bit-cli]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-desktop junit:junit-desktop.xml name:Desktop paths:apps/desktop]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-libs junit:junit-libs.xml name:Libs paths:libs bitwarden_license/bit-common]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-web junit:junit-web.xml name:Web paths:apps/web bitwarden_license/bit-web]) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
* Remove inividual user key states and migrate to account cryptographic state

* Fix browser

* Fix tests

* Clean up migration

* Remove key-pair creation from login strategy

* Add clearing for the account cryptographic state

* Add migration

* Cleanup

* Fix linting
2026-02-09 12:39:55 +01:00
rr-bw
1f0e0ca098
refactor(input-password-flows): [Auth/PM-27086] JIT MP org user flow - remove masterKey generation from InputPasswordComponent (#18006)
- Updates `InputPasswordComponent` to emit raw data instead of generating cryptographic properties (`newMasterKey`, `newServerMasterKeyHash`, `newLocalMasterKeyHash`).
  - This helps us in moving away from using the deprecated `makeMasterKey()` method in the component (which takes email as salt) as we seek to eventually separate the email from the salt.
- Updates the `JIT_PROVISIONED_MP_ORG_USER` case of the switch to handle the flow when the `PM27086_UpdateAuthenticationApisForInputPassword` flag is on.

Feature Flag: `PM27086_UpdateAuthenticationApisForInputPassword`
2026-01-30 15:11:59 -08:00
Will Martin
5dc49f21d2
[CL-82] rename bit-icon to bit-svg; create new bit-icon component for font icons (#18584)
* rename bit-icon to bit-svg; create new bit-icon for font icons

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* find and replace current usage

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* add custom eslint warning

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix incorrect usage

* fix tests

* fix tests

* Update libs/components/src/svg/index.ts

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* Update libs/eslint/components/no-bwi-class-usage.spec.mjs

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* update component api

* update class name

* use icon type in iconButton component

* update type Icon --> BitSvg

* fix bad renames

* fix more renames

* fix bad input

* revert iconButton type

* fix lint

* fix more inputs

* misc fixes

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix test

* add eslint ignore

* fix lint

* add comparison story

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
2026-01-28 11:36:27 -05:00
Todd Martin
5c13b07366
chore(merge): Fixed date initialization on test 2025-12-26 15:28:58 -05:00
Bernd Schoolmann
3fbb4aced9
[PM-27239] Tde registration encryption v2 (#17831)
* tmp

* Implement TDE v2 registration via SDK

* Undo encstring test string change

* Add feature flag

* Add tests

* Continue tests

* Cleanup

* Cleanup

* run prettier

* Update to apply new sdk changes

* Fix build

* Update package lock

* Fix tests

---------

Co-authored-by: Bernd Schoolmann <quexten@fedora-2.fritz.box>
2025-12-23 16:27:25 +01:00
Jared Snider
cbd80d0186
refactor(IdentityTokenResponse): [Auth/PM-3287] Remove deprecated resetMasterPassword property from IdentityTokenResponse (#17794)
* PM-3287 - Remove resetMasterPassword from authResult and identityTokenResponse and replace with userDecryptionOptions where relevant

* PM-3287 - (1) Move SSO code to SSO section (2) Update error scenario conditional + log user out upon error.

* PM-3287 - Fix comment per PR feedback

* PM-3287 - CLI Login with SSO - move MP validation logic back to original location to avoid putting it before 2FA rejection handling.

* PM-3287 - Update returns
2025-12-17 10:34:42 -05:00
Thomas Avery
fe4895d97e
[PM-28264] Consolidate and update the UI for key connector migration/confirmation (#17642)
* Consolidate the RemovePasswordComponent

* Add getting confirmation details for confirm key connector

* Add missing message
2025-12-10 15:24:20 -06:00
renovate[bot]
7f892cf26a
[deps] Autofill: Update prettier to v3.7.3 (#17853)
* [deps] Autofill: Update prettier to v3.6.2

* fix: [PM-23425] Fix prettier issues related to dependency updte

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

* [deps] Autofill: Update prettier to v3.6.2

* [deps] Autofill: Update prettier to v3.7.3

* [PM-29379] Fix prettier issues found with the updated Prettier 3.7.3

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>

---------

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ben Brooks <bbrooks@bitwarden.com>
2025-12-10 10:57:36 -06:00
Ike
0e277a411d
[PM-1632] Redirect on SSO required response from connect/token (#17637)
* feat: add Identity Sso Required Response type as possible response from token endpoint.

* feat: consume sso organization identifier to redirect user

* feat: add get requiresSso to AuthResult for more ergonomic code.

* feat: sso-redirect on sso-required for CLI and Desktop

* chore: fixing type errors

* test: fix and add tests for new sso method

* docs: fix misspelling

* fix: get email from AuthResult instead of the FormGroup

* fix:claude: when email is not available for SSO login show error toast.

* fix:claude: add null safety check
2025-12-10 10:31:28 -05:00
Bernd Schoolmann
6e2203d6d4
[PM-18026] Implement forced, automatic KDF upgrades (#15937)
* Implement automatic kdf upgrades

* Fix kdf config not being updated

* Update legacy kdf state on master password unlock sync

* Fix cli build

* Fix

* Deduplicate prompts

* Fix dismiss time

* Fix default kdf setting

* Fix build

* Undo changes

* Fix test

* Fix prettier

* Fix test

* Update libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Only sync when there is at least one migration

* Relative imports

* Add tech debt comment

* Resolve inconsistent prefix

* Clean up

* Update docs

* Use default PBKDF2 iteratinos instead of custom threshold

* Undo type check

* Fix build

* Add comment

* Cleanup

* Cleanup

* Address component feedback

* Use isnullorwhitespace

* Fix tests

* Allow migration only on vault

* Fix tests

* Run prettier

* Fix tests

* Prevent await race condition

* Fix min and default values in kdf migration

* Run sync only when a migration was run

* Update libs/common/src/key-management/encrypted-migrator/default-encrypted-migrator.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Fix link not being blue

* Fix later button on browser

---------

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
2025-12-03 19:04:18 +01:00
Vicki League
10424e227b
[CL-717][PM-27966] Update to Angular 20 and Storybook 9 (#17638) 2025-12-01 14:15:58 -05:00
Dave
cf6569bfea
feat(user-decryption-options) [PM-26413]: Remove ActiveUserState from UserDecryptionOptionsService (#16894)
* feat(user-decryption-options) [PM-26413]: Update UserDecryptionOptionsService and tests to use UserId-only APIs.

* feat(user-decryption-options) [PM-26413]: Update InternalUserDecryptionOptionsService call sites to use UserId-only API.

* feat(user-decryption-options) [PM-26413] Update userDecryptionOptions$ call sites to use the UserId-only API.

* feat(user-decryption-options) [PM-26413]: Update additional call sites.

* feat(user-decryption-options) [PM-26413]: Update dependencies and an additional call site.

* feat(user-verification-service) [PM-26413]: Replace where allowed by unrestricted imports invocation of UserVerificationService.hasMasterPassword (deprecated) with UserDecryptionOptions.hasMasterPasswordById$. Additional work to complete as tech debt tracked in PM-27009.

* feat(user-decryption-options) [PM-26413]: Update for non-null strict adherence.

* feat(user-decryption-options) [PM-26413]: Update type safety and defensive returns.

* chore(user-decryption-options) [PM-26413]: Comment cleanup.

* feat(user-decryption-options) [PM-26413]: Update tests.

* feat(user-decryption-options) [PM-26413]: Standardize null-checking on active account id for new API consumption.

* feat(vault-timeout-settings-service) [PM-26413]: Add test cases to illustrate null active account from AccountService.

* fix(fido2-user-verification-service-spec) [PM-26413]: Update test harness to use FakeAccountService.

* fix(downstream-components) [PM-26413]: Prefer use of the getUserId operator in all authenticated contexts for user id provided to UserDecryptionOptionsService.

---------

Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2025-11-25 11:23:22 -05:00
Todd Martin
23ac477bbc
chore(feature-flag): Removed pm-28325-remove-pm-22110-disable-alternate-login-methods flag 2025-11-21 16:01:41 -05:00
Dave
daf7b7d2ce
fix(two-factor) [PM-21204]: Users without premium cannot disable premium 2FA (#17134)
* refactor(two-factor-service) [PM-21204]: Stub API methods in TwoFactorService (domain).

* refactor(two-factor-service) [PM-21204]: Build out stubs and add documentation.

* refactor(two-factor-service) [PM-21204]: Update TwoFactorApiService call sites to use TwoFactorService.

* refactor(two-fatcor) [PM-21204]: Remove deprecated and unused formPromise methods.

* refactor(two-factor) [PM-21204]: Move 2FA-supporting services into common/auth/two-factor feature namespace.

* refactor(two-factor) [PM-21204]: Update imports for service/init containers.

* feat(two-factor) [PM-21204]: Add a disabling flow for Premium 2FA when enabled on a non-Premium account.

* fix(two-factor-service) [PM-21204]: Fix type-safety of module constants.

* fix(multiple) [PM-21204]: Prettier.

* fix(user-verification-dialog) [PM-21204]: Remove bodyText configuration for this use.

* fix(user-verification-dialog) [PM-21204]: Improve the error message displayed to the user.
2025-11-21 10:35:34 -05:00
rr-bw
9e6d0cce35
feat(marketing-initiated-premium): Auth [PM-27542] Write fromMarketing value to state (#17470) 2025-11-19 19:00:18 -08:00
Mark Youssef
a55d0f02f2
[CL-672] update mobile design of dialog (#14828)
---------

Co-authored-by: Vicki League <vleague@bitwarden.com>
2025-11-13 21:59:03 -05:00
Maciej Zieniuk
3da3aa5e8c
moving ownership of Auth vault timeout input component to KM (#17180)
(cherry picked from commit 5e595dabf71cdb312ae9e1e3bcc3121b3aebf19f)
2025-11-12 22:15:01 +01:00
Patrick-Pimentel-Bitwarden
5aa6d38d80
feat(prelogin): [Auth/PM-23801] Move Prelogin Request (#17080)
* feat(prelogin): [PM-23801] Move Prelogin Request - Initial implementation.

* test(prelogin): [PM-23801] Move Prelogin Request - Removed unneeded test.
2025-11-10 10:54:25 -05:00
Vicki League
9bd7b58f6b
[PM-26984] Use medium instead of semibold or bold (#17188) 2025-11-04 15:27:13 -05:00
rr-bw
409dbc4c44
fix(sso-login): [PM-27674] (Auth) Make 'enter' press start sso process if ssoRequired (#17186)
If user's email is NOT in the ssoRequiredCache, pressing "enter" takes them to the MP login screen. If the user's email is in the ssoRequiredCache, pressing "enter" starts the SSO login process.

Feature Flags enabled: pm-22110-disable-alternate-login-methods
2025-11-04 10:41:00 -08:00
Andreas Coroiu
48fb8b2bfe
[PM-25250] Prevent configuration and access of self hosted urls over http (#17095)
* feat: ban urls not using https

* feat: add exception for dev env

* feat: block fetching of insecure URLs

* feat: add exception for dev env

* feat: block notifications from using insecure URL

* fix: bug where submission was possible regardless of error

* feat: add exception for dev env

* fix: missing constructor param
2025-10-31 08:12:44 +01:00
rr-bw
d8e5a524d4
style(sso-login): (Auth) [PM-26535] Make SSO Button Primary if ssoRequired (#16757)
When SSO is required:
- Make the SSO button primary
- Add a tooltip to the disabled buttons

When SSO is not required:
- SSO button remains secondary
- No tooltip on the buttons

Feature Flags enabled: pm-22110-disable-alternate-login-methods
2025-10-30 14:41:17 +00:00
Dave
af1809222f
fix(input-password-component) [PM-24266]: Update modal title. (#16932) 2025-10-28 15:14:48 -04:00
Oscar Hinton
29dccd6352
Auth - Prefer signal & change detection (#16950)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
2025-10-22 21:28:47 -04:00
Dave
7943066724
Reapply feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Service (#16856) (#16884)
This reverts commit d082d336e7.
Feature branch was accidentally merged before QA testing completed.
2025-10-15 16:24:56 -04:00
Dave
d082d336e7
Revert "feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Se…" (#16856)
This reverts commit 886003ba88.
2025-10-13 14:22:49 -04:00
Dave
886003ba88
feat(two-factor-api-service) [PM-26465]: (Refactor) Two-Factor API Service (#16747)
* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiServiceAbstraction.

* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiService implementation.

* feat(two-factor-api-service) [PM-26465]: Add test suite for TwoFactorApiService.

* feat(two-factor-api-service) [PM-26465]: Replace ApiService dependencies with TwoFactorApiService for all refactored methods.

* feat(two-factor-api-service) [PM-26465]: Finish removal of Two-Factor API methods from ApiService.

* fix(two-factor-api-service) [PM-26465]: Correct endpoint spelling.

* feat(two-factor-api-service) [PM-26465]: Update dependency support for CLI.

* fix(two-factor-api-service) [PM-26465]: Update tests/deps for corrected spelling.

* feat(two-factor-api-service) [PM-26465]: Add TwoFactorApiService to Browser services module.

* fix(two-factor-api-service) [PM-26465]: Re-spell dependencies to take *Abstraction throughout, move to JslibServices module for cleaner importing across clients.

* feat(two-factor-api-service) [PM-26465]: Move new services to a feature area, rename abstract and concrete/default.

* feat(two-factor-api-service) [PM-26465]: Move the feature area to common/auth, not auth/common.

* feat(two-factor-api-service) [PM-26465]: Remove now-unneeded include from auth/tsconfig.
2025-10-13 12:48:25 -04:00
rr-bw
fdf47ffe3b
refactor(login-error): (Auth) [PM-22145] Improved Error State for Failed Login (#16569)
Updates the inline error message on a failed login.
2025-10-02 16:18:47 -07:00
rr-bw
cae58232e5
feat(new-device-verification-screen): (Auth) [PM-17489] Back Button on New Device Verification Screen (#16599)
On Web and Desktop, show back button on `NewDeviceVerificationComponent` (route `/device-verification`). Do not show it on Extension, because Extension already has a back button in the header.
2025-10-01 12:57:41 -07:00
Bernd Schoolmann
4b73198ce5
[PM-23230] Implement KDF Change Service (#15748)
* Add new mp service api

* Fix tests

* Add test coverage

* Add newline

* Fix type

* Rename to "unwrapUserKeyFromMasterPasswordUnlockData"

* Fix build

* Fix build on cli

* Fix linting

* Re-sort spec

* Add tests

* Fix test and build issues

* Fix build

* Clean up

* Remove introduced function

* Clean up comments

* Fix abstract class types

* Fix comments

* Cleanup

* Cleanup

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/services/master-password.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/types/master-password.types.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add comments

* Fix build

* Add arg null check

* Cleanup

* Fix build

* Fix build on browser

* Implement KDF change service

* Deprecate encryptUserKeyWithMasterKey

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests for null params

* Fix builds

* Cleanup and deprecate more functions

* Fix formatting

* Prettier

* Clean up

* Update libs/key-management/src/abstractions/key.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Make emailToSalt private and expose abstract saltForUser

* Add tests

* Add docs

* Fix build

* Fix tests

* Fix tests

* Address feedback and fix primitive obsession

* Consolidate active account checks in change kdf confirmation component

* Update libs/common/src/key-management/kdf/services/change-kdf-service.spec.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add defensive parameter checks

* Add tests

* Add comment for follow-up epic

* Move change kdf service, remove abstraction and add api service

* Fix test

* Drop redundant null check

* Address feedback

* Add throw on empty password

* Fix tests

* Mark change kdf service as internal

* Add abstract classes

* Switch to abstraction

* use sdk EncString in MasterPasswordUnlockData

* fix remaining tests

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
2025-09-23 16:10:54 -04:00
rr-bw
3bbc6c564c
feat(SSO): (Auth/[PM-22110] Remove Alternate Login Options when SSO Required (#16340)
If a user is part of an org that has the `RequireSso` policy, when that user successfully logs in we add their email to a local `ssoRequiredCache` on their device. The next time this user goes to the `/login` screen on this device, we will use that cache to determine that for this email we should only show the "Use single sign-on" button and disable the alternate login buttons.

These changes are behind the flag: `PM22110_DisableAlternateLoginMethods`
2025-09-22 08:32:20 -07:00
Vicki League
926f587ea2
[CL-581] Update svgs to new designs and make responsive (#16219) 2025-09-10 17:23:53 -04:00