diff --git a/.eslintrc.json b/.eslintrc.json index 1a3849aee3..72b65d361d 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -206,11 +206,29 @@ } }, { - "files": ["libs/tools/generator/extensions/src/**/*.ts"], + "files": ["libs/tools/generator/extensions/history/src/**/*.ts"], "rules": { "no-restricted-imports": [ "error", - { "patterns": ["@bitwarden/generator-extensions/*", "src/**/*"] } + { "patterns": ["@bitwarden/generator-history/*", "src/**/*"] } + ] + } + }, + { + "files": ["libs/tools/generator/extensions/legacy/src/**/*.ts"], + "rules": { + "no-restricted-imports": [ + "error", + { "patterns": ["@bitwarden/generator-legacy/*", "src/**/*"] } + ] + } + }, + { + "files": ["libs/tools/generator/extensions/navigation/src/**/*.ts"], + "rules": { + "no-restricted-imports": [ + "error", + { "patterns": ["@bitwarden/generator-navigation/*", "src/**/*"] } ] } }, diff --git a/apps/browser/package.json b/apps/browser/package.json index b1f8f76f7f..b0a66a37d0 100644 --- a/apps/browser/package.json +++ b/apps/browser/package.json @@ -1,6 +1,6 @@ { "name": "@bitwarden/browser", - "version": "2024.6.2", + "version": "2024.6.3", "scripts": { "build": "cross-env MANIFEST_VERSION=3 webpack", "build:mv2": "webpack", diff --git a/apps/browser/src/auth/guards/fido2-auth.guard.ts b/apps/browser/src/auth/guards/fido2-auth.guard.ts index 0c4e6268bf..7d7f1f5c4e 100644 --- a/apps/browser/src/auth/guards/fido2-auth.guard.ts +++ b/apps/browser/src/auth/guards/fido2-auth.guard.ts @@ -12,7 +12,7 @@ import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authenticatio import { BrowserRouterService } from "../../platform/popup/services/browser-router.service"; /** - * This guard verifies the user's authetication status. + * This guard verifies the user's authentication status. * If "Locked", it saves the intended route in memory and redirects to the lock screen. Otherwise, the intended route is allowed. */ export const fido2AuthGuard: CanActivateFn = async ( @@ -27,8 +27,10 @@ export const fido2AuthGuard: CanActivateFn = async ( if (authStatus === AuthenticationStatus.Locked) { // Appending fromLock=true to the query params to indicate that the user is being redirected from the lock screen, this is used for user verification. - const previousUrl = `${state.url}&fromLock=true`; - routerService.setPreviousUrl(previousUrl); + // TODO: Revert to use previousUrl once user verification for passkeys is approved for production. + // PM-4577 - https://github.com/bitwarden/clients/pull/8746 + // const previousUrl = `${state.url}&fromLock=true`; + routerService.setPreviousUrl(state.url); return router.createUrlTree(["/lock"], { queryParams: route.queryParams }); } diff --git a/apps/browser/src/manifest.json b/apps/browser/src/manifest.json index 8764a073f2..c6d594ce13 100644 --- a/apps/browser/src/manifest.json +++ b/apps/browser/src/manifest.json @@ -2,7 +2,7 @@ "manifest_version": 2, "name": "__MSG_extName__", "short_name": "__MSG_appName__", - "version": "2024.6.2", + "version": "2024.6.3", "description": "__MSG_extDesc__", "default_locale": "en", "author": "Bitwarden Inc.", diff --git a/apps/browser/src/manifest.v3.json b/apps/browser/src/manifest.v3.json index 2964ddf9ae..e721b6585f 100644 --- a/apps/browser/src/manifest.v3.json +++ b/apps/browser/src/manifest.v3.json @@ -3,7 +3,7 @@ "minimum_chrome_version": "102.0", "name": "__MSG_extName__", "short_name": "__MSG_appName__", - "version": "2024.6.2", + "version": "2024.6.3", "description": "__MSG_extDesc__", "default_locale": "en", "author": "Bitwarden Inc.", diff --git a/apps/browser/src/vault/popup/components/fido2/fido2.component.ts b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts index 8d46cc6033..049dc30ef6 100644 --- a/apps/browser/src/vault/popup/components/fido2/fido2.component.ts +++ b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts @@ -27,6 +27,7 @@ import { LoginUriView } from "@bitwarden/common/vault/models/view/login-uri.view import { LoginView } from "@bitwarden/common/vault/models/view/login.view"; import { SecureNoteView } from "@bitwarden/common/vault/models/view/secure-note.view"; import { DialogService } from "@bitwarden/components"; +import { PasswordRepromptService } from "@bitwarden/vault"; import { ZonedMessageListenerService } from "../../../../platform/browser/zoned-message-listener.service"; import { @@ -59,7 +60,6 @@ export class Fido2Component implements OnInit, OnDestroy { protected data$: Observable; protected sessionId?: string; protected senderTabId?: string; - protected fromLock?: boolean; protected ciphers?: CipherView[] = []; protected displayedCiphers?: CipherView[] = []; protected loading = false; @@ -78,6 +78,7 @@ export class Fido2Component implements OnInit, OnDestroy { private logService: LogService, private dialogService: DialogService, private browserMessagingApi: ZonedMessageListenerService, + private passwordRepromptService: PasswordRepromptService, private fido2UserVerificationService: Fido2UserVerificationService, ) {} @@ -90,7 +91,6 @@ export class Fido2Component implements OnInit, OnDestroy { sessionId: queryParamMap.get("sessionId"), senderTabId: queryParamMap.get("senderTabId"), senderUrl: queryParamMap.get("senderUrl"), - fromLock: queryParamMap.get("fromLock"), })), ); @@ -103,7 +103,6 @@ export class Fido2Component implements OnInit, OnDestroy { this.sessionId = queryParams.sessionId; this.senderTabId = queryParams.senderTabId; this.url = queryParams.senderUrl; - this.fromLock = queryParams.fromLock === "true"; // For a 'NewSessionCreatedRequest', abort if it doesn't belong to the current session. if ( message.type === "NewSessionCreatedRequest" && @@ -213,11 +212,9 @@ export class Fido2Component implements OnInit, OnDestroy { protected async submit() { const data = this.message$.value; if (data?.type === "PickCredentialRequest") { - const userVerified = await this.fido2UserVerificationService.handleUserVerification( - data.userVerification, - this.cipher, - this.fromLock, - ); + // TODO: Revert to use fido2 user verification service once user verification for passkeys is approved for production. + // PM-4577 - https://github.com/bitwarden/clients/pull/8746 + const userVerified = await this.handleUserVerification(data.userVerification, this.cipher); this.send({ sessionId: this.sessionId, @@ -238,11 +235,9 @@ export class Fido2Component implements OnInit, OnDestroy { } } - const userVerified = await this.fido2UserVerificationService.handleUserVerification( - data.userVerification, - this.cipher, - this.fromLock, - ); + // TODO: Revert to use fido2 user verification service once user verification for passkeys is approved for production. + // PM-4577 - https://github.com/bitwarden/clients/pull/8746 + const userVerified = await this.handleUserVerification(data.userVerification, this.cipher); this.send({ sessionId: this.sessionId, @@ -259,21 +254,16 @@ export class Fido2Component implements OnInit, OnDestroy { const data = this.message$.value; if (data?.type === "ConfirmNewCredentialRequest") { const name = data.credentialName || data.rpId; - const userVerified = await this.fido2UserVerificationService.handleUserVerification( - data.userVerification, - this.cipher, - this.fromLock, - ); - - if (!data.userVerification || userVerified) { - await this.createNewCipher(name); - } + // TODO: Revert to check for user verification once user verification for passkeys is approved for production. + // PM-4577 - https://github.com/bitwarden/clients/pull/8746 + await this.createNewCipher(name); + // We are bypassing user verification pending approval. this.send({ sessionId: this.sessionId, cipherId: this.cipher?.id, type: "ConfirmNewCredentialResponse", - userVerified, + userVerified: data.userVerification, }); } @@ -322,7 +312,6 @@ export class Fido2Component implements OnInit, OnDestroy { uilocation: "popout", senderTabId: this.senderTabId, sessionId: this.sessionId, - fromLock: this.fromLock, userVerification: data.userVerification, singleActionPopout: `${VaultPopoutType.fido2Popout}_${this.sessionId}`, }, @@ -393,6 +382,20 @@ export class Fido2Component implements OnInit, OnDestroy { } } + // TODO: Remove and use fido2 user verification service once user verification for passkeys is approved for production. + private async handleUserVerification( + userVerificationRequested: boolean, + cipher: CipherView, + ): Promise { + const masterPasswordRepromptRequired = cipher && cipher.reprompt !== 0; + + if (masterPasswordRepromptRequired) { + return await this.passwordRepromptService.showPasswordPrompt(); + } + + return userVerificationRequested; + } + private send(msg: BrowserFido2Message) { BrowserFido2UserInterfaceSession.sendMessage({ sessionId: this.sessionId, diff --git a/apps/browser/src/vault/popup/components/vault/add-edit.component.html b/apps/browser/src/vault/popup/components/vault/add-edit.component.html index 8ff448b6f7..9ddae87877 100644 --- a/apps/browser/src/vault/popup/components/vault/add-edit.component.html +++ b/apps/browser/src/vault/popup/components/vault/add-edit.component.html @@ -144,6 +144,7 @@ appStopClick (click)="removePasskey()" appA11yTitle="{{ 'removePasskey' | i18n }}" + *ngIf="!(!cipher.edit && editMode)" > @@ -542,6 +543,7 @@ > diff --git a/apps/browser/src/vault/popup/components/vault/add-edit.component.ts b/apps/browser/src/vault/popup/components/vault/add-edit.component.ts index 62f2737be2..bf7a6b07a5 100644 --- a/apps/browser/src/vault/popup/components/vault/add-edit.component.ts +++ b/apps/browser/src/vault/popup/components/vault/add-edit.component.ts @@ -170,17 +170,14 @@ export class AddEditComponent extends BaseAddEditComponent { async submit(): Promise { const fido2SessionData = await firstValueFrom(this.fido2PopoutSessionData$); - const { isFido2Session, sessionId, userVerification, fromLock } = fido2SessionData; + const { isFido2Session, sessionId, userVerification } = fido2SessionData; const inFido2PopoutWindow = BrowserPopupUtils.inPopout(window) && isFido2Session; + // TODO: Revert to use fido2 user verification service once user verification for passkeys is approved for production. + // PM-4577 - https://github.com/bitwarden/clients/pull/8746 if ( inFido2PopoutWindow && - userVerification && - !(await this.fido2UserVerificationService.handleUserVerification( - userVerification, - this.cipher, - fromLock, - )) + !(await this.handleFido2UserVerification(sessionId, userVerification)) ) { return false; } @@ -389,4 +386,13 @@ export class AddEditComponent extends BaseAddEditComponent { this.load().catch((error) => this.logService.error(error)); } } + + // TODO: Remove and use fido2 user verification service once user verification for passkeys is approved for production. + private async handleFido2UserVerification( + sessionId: string, + userVerification: boolean, + ): Promise { + // We are bypassing user verification pending approval for production. + return true; + } } diff --git a/apps/browser/tsconfig.json b/apps/browser/tsconfig.json index 39f9c8211c..beb4a73212 100644 --- a/apps/browser/tsconfig.json +++ b/apps/browser/tsconfig.json @@ -21,7 +21,9 @@ "@bitwarden/components": ["../../libs/components/src"], "@bitwarden/generator-components": ["../../libs/tools/generator/components/src"], "@bitwarden/generator-core": ["../../libs/tools/generator/core/src"], - "@bitwarden/generator-extensions": ["../../libs/tools/generator/extensions/src"], + "@bitwarden/generator-history": ["../../libs/tools/generator/extensions/history/src"], + "@bitwarden/generator-legacy": ["../../libs/tools/generator/extensions/legacy/src"], + "@bitwarden/generator-navigation": ["../../libs/tools/generator/extensions/navigation/src"], "@bitwarden/vault-export-core": [ "../../libs/tools/export/vault-export/vault-export-core/src" ], diff --git a/apps/desktop/src/vault/app/vault/add-edit.component.html b/apps/desktop/src/vault/app/vault/add-edit.component.html index ea7be92935..faddd1210e 100644 --- a/apps/desktop/src/vault/app/vault/add-edit.component.html +++ b/apps/desktop/src/vault/app/vault/add-edit.component.html @@ -127,7 +127,7 @@ appStopClick (click)="removePasskey()" appA11yTitle="{{ 'removePasskey' | i18n }}" - [disabled]="!cipher.edit && editMode" + *ngIf="!(!cipher.edit && editMode)" > @@ -488,7 +488,7 @@ appStopClick (click)="removeUri(u)" appA11yTitle="{{ 'remove' | i18n }}" - [disabled]="!cipher.edit && editMode" + *ngIf="!(!cipher.edit && editMode)" > @@ -500,6 +500,7 @@ name="Login.Uris[{{ i }}].Uri" [(ngModel)]="u.uri" placeholder="{{ 'ex' | i18n }} https://google.com" + [readonly]="!cipher.edit && editMode" appInputVerbatim />