mirror of
https://github.com/bitwarden/browser.git
synced 2024-12-19 15:57:42 +01:00
Merge branch 'main' into auth/pm-14369/hide-account-switcher-if-on-login-page-and-not-logged-in
This commit is contained in:
commit
829567bb64
@ -257,12 +257,9 @@ import { BrowserPlatformUtilsService } from "../platform/services/platform-utils
|
||||
import { PopupViewCacheBackgroundService } from "../platform/services/popup-view-cache-background.service";
|
||||
import { BrowserSdkClientFactory } from "../platform/services/sdk/browser-sdk-client-factory";
|
||||
import { BackgroundTaskSchedulerService } from "../platform/services/task-scheduler/background-task-scheduler.service";
|
||||
import { ForegroundTaskSchedulerService } from "../platform/services/task-scheduler/foreground-task-scheduler.service";
|
||||
import { BackgroundMemoryStorageService } from "../platform/storage/background-memory-storage.service";
|
||||
import { BrowserStorageServiceProvider } from "../platform/storage/browser-storage-service.provider";
|
||||
import { ForegroundMemoryStorageService } from "../platform/storage/foreground-memory-storage.service";
|
||||
import { OffscreenStorageService } from "../platform/storage/offscreen-storage.service";
|
||||
import { ForegroundSyncService } from "../platform/sync/foreground-sync.service";
|
||||
import { SyncServiceListener } from "../platform/sync/sync-service.listener";
|
||||
import { fromChromeRuntimeMessaging } from "../platform/utils/from-chrome-runtime-messaging";
|
||||
import VaultTimeoutService from "../services/vault-timeout/vault-timeout.service";
|
||||
@ -401,7 +398,7 @@ export default class MainBackground {
|
||||
|
||||
private popupViewCacheBackgroundService: PopupViewCacheBackgroundService;
|
||||
|
||||
constructor(public popupOnlyContext: boolean = false) {
|
||||
constructor() {
|
||||
// Services
|
||||
const lockedCallback = async (userId?: string) => {
|
||||
if (this.notificationsService != null) {
|
||||
@ -460,45 +457,6 @@ export default class MainBackground {
|
||||
this.offscreenDocumentService,
|
||||
);
|
||||
|
||||
// Creates a session key for mv3 storage of large memory items
|
||||
const sessionKey = new Lazy(async () => {
|
||||
// Key already in session storage
|
||||
const sessionStorage = new BrowserMemoryStorageService();
|
||||
const existingKey = await sessionStorage.get<SymmetricCryptoKey>("session-key");
|
||||
if (existingKey) {
|
||||
if (sessionStorage.valuesRequireDeserialization) {
|
||||
return SymmetricCryptoKey.fromJSON(existingKey);
|
||||
}
|
||||
return existingKey;
|
||||
}
|
||||
|
||||
// New key
|
||||
const { derivedKey } = await this.keyGenerationService.createKeyWithPurpose(
|
||||
128,
|
||||
"ephemeral",
|
||||
"bitwarden-ephemeral",
|
||||
);
|
||||
await sessionStorage.save("session-key", derivedKey);
|
||||
return derivedKey;
|
||||
});
|
||||
|
||||
const mv3MemoryStorageCreator = () => {
|
||||
if (this.popupOnlyContext) {
|
||||
return new ForegroundMemoryStorageService();
|
||||
}
|
||||
|
||||
// For local backed session storage, we expect that the encrypted data on disk will persist longer than the encryption key in memory
|
||||
// and failures to decrypt because of that are completely expected. For this reason, we pass in `false` to the `EncryptServiceImplementation`
|
||||
// so that MAC failures are not logged.
|
||||
return new LocalBackedSessionStorageService(
|
||||
sessionKey,
|
||||
this.storageService,
|
||||
new EncryptServiceImplementation(this.cryptoFunctionService, this.logService, false),
|
||||
this.platformUtilsService,
|
||||
this.logService,
|
||||
);
|
||||
};
|
||||
|
||||
this.secureStorageService = this.storageService; // secure storage is not supported in browsers, so we use local storage and warn users when it is used
|
||||
|
||||
if (BrowserApi.isManifestVersion(3)) {
|
||||
@ -506,18 +464,47 @@ export default class MainBackground {
|
||||
this.memoryStorageForStateProviders = new BrowserMemoryStorageService(); // mv3 stores to storage.session
|
||||
this.memoryStorageService = this.memoryStorageForStateProviders;
|
||||
} else {
|
||||
if (popupOnlyContext) {
|
||||
this.memoryStorageForStateProviders = new ForegroundMemoryStorageService();
|
||||
this.memoryStorageService = new ForegroundMemoryStorageService();
|
||||
} else {
|
||||
this.memoryStorageForStateProviders = new BackgroundMemoryStorageService(); // mv2 stores to memory
|
||||
this.memoryStorageService = this.memoryStorageForStateProviders;
|
||||
}
|
||||
this.memoryStorageForStateProviders = new BackgroundMemoryStorageService(); // mv2 stores to memory
|
||||
this.memoryStorageService = this.memoryStorageForStateProviders;
|
||||
}
|
||||
|
||||
this.largeObjectMemoryStorageForStateProviders = BrowserApi.isManifestVersion(3)
|
||||
? mv3MemoryStorageCreator() // mv3 stores to local-backed session storage
|
||||
: this.memoryStorageForStateProviders; // mv2 stores to the same location
|
||||
if (BrowserApi.isManifestVersion(3)) {
|
||||
// Creates a session key for mv3 storage of large memory items
|
||||
const sessionKey = new Lazy(async () => {
|
||||
// Key already in session storage
|
||||
const sessionStorage = new BrowserMemoryStorageService();
|
||||
const existingKey = await sessionStorage.get<SymmetricCryptoKey>("session-key");
|
||||
if (existingKey) {
|
||||
if (sessionStorage.valuesRequireDeserialization) {
|
||||
return SymmetricCryptoKey.fromJSON(existingKey);
|
||||
}
|
||||
return existingKey;
|
||||
}
|
||||
|
||||
// New key
|
||||
const { derivedKey } = await this.keyGenerationService.createKeyWithPurpose(
|
||||
128,
|
||||
"ephemeral",
|
||||
"bitwarden-ephemeral",
|
||||
);
|
||||
await sessionStorage.save("session-key", derivedKey);
|
||||
return derivedKey;
|
||||
});
|
||||
|
||||
this.largeObjectMemoryStorageForStateProviders = new LocalBackedSessionStorageService(
|
||||
sessionKey,
|
||||
this.storageService,
|
||||
// For local backed session storage, we expect that the encrypted data on disk will persist longer than the encryption key in memory
|
||||
// and failures to decrypt because of that are completely expected. For this reason, we pass in `false` to the `EncryptServiceImplementation`
|
||||
// so that MAC failures are not logged.
|
||||
new EncryptServiceImplementation(this.cryptoFunctionService, this.logService, false),
|
||||
this.platformUtilsService,
|
||||
this.logService,
|
||||
);
|
||||
} else {
|
||||
// mv2 stores to the same location
|
||||
this.largeObjectMemoryStorageForStateProviders = this.memoryStorageForStateProviders;
|
||||
}
|
||||
|
||||
const localStorageStorageService = BrowserApi.isManifestVersion(3)
|
||||
? new OffscreenStorageService(this.offscreenDocumentService)
|
||||
@ -575,9 +562,10 @@ export default class MainBackground {
|
||||
this.derivedStateProvider,
|
||||
);
|
||||
|
||||
this.taskSchedulerService = this.popupOnlyContext
|
||||
? new ForegroundTaskSchedulerService(this.logService, this.stateProvider)
|
||||
: new BackgroundTaskSchedulerService(this.logService, this.stateProvider);
|
||||
this.taskSchedulerService = new BackgroundTaskSchedulerService(
|
||||
this.logService,
|
||||
this.stateProvider,
|
||||
);
|
||||
this.taskSchedulerService.registerTaskHandler(ScheduledTaskNames.scheduleNextSyncInterval, () =>
|
||||
this.fullSync(),
|
||||
);
|
||||
@ -873,26 +861,24 @@ export default class MainBackground {
|
||||
|
||||
this.vaultSettingsService = new VaultSettingsService(this.stateProvider);
|
||||
|
||||
if (!this.popupOnlyContext) {
|
||||
this.vaultTimeoutService = new VaultTimeoutService(
|
||||
this.accountService,
|
||||
this.masterPasswordService,
|
||||
this.cipherService,
|
||||
this.folderService,
|
||||
this.collectionService,
|
||||
this.platformUtilsService,
|
||||
this.messagingService,
|
||||
this.searchService,
|
||||
this.stateService,
|
||||
this.authService,
|
||||
this.vaultTimeoutSettingsService,
|
||||
this.stateEventRunnerService,
|
||||
this.taskSchedulerService,
|
||||
this.logService,
|
||||
lockedCallback,
|
||||
logoutCallback,
|
||||
);
|
||||
}
|
||||
this.vaultTimeoutService = new VaultTimeoutService(
|
||||
this.accountService,
|
||||
this.masterPasswordService,
|
||||
this.cipherService,
|
||||
this.folderService,
|
||||
this.collectionService,
|
||||
this.platformUtilsService,
|
||||
this.messagingService,
|
||||
this.searchService,
|
||||
this.stateService,
|
||||
this.authService,
|
||||
this.vaultTimeoutSettingsService,
|
||||
this.stateEventRunnerService,
|
||||
this.taskSchedulerService,
|
||||
this.logService,
|
||||
lockedCallback,
|
||||
logoutCallback,
|
||||
);
|
||||
this.containerService = new ContainerService(this.keyService, this.encryptService);
|
||||
|
||||
this.sendStateProvider = new SendStateProvider(this.stateProvider);
|
||||
@ -913,59 +899,41 @@ export default class MainBackground {
|
||||
|
||||
this.providerService = new ProviderService(this.stateProvider);
|
||||
|
||||
if (this.popupOnlyContext) {
|
||||
this.syncService = new ForegroundSyncService(
|
||||
this.stateService,
|
||||
this.folderService,
|
||||
this.folderApiService,
|
||||
this.messagingService,
|
||||
this.logService,
|
||||
this.cipherService,
|
||||
this.collectionService,
|
||||
this.apiService,
|
||||
this.accountService,
|
||||
this.authService,
|
||||
this.sendService,
|
||||
this.sendApiService,
|
||||
messageListener,
|
||||
this.stateProvider,
|
||||
);
|
||||
} else {
|
||||
this.syncService = new DefaultSyncService(
|
||||
this.masterPasswordService,
|
||||
this.accountService,
|
||||
this.apiService,
|
||||
this.domainSettingsService,
|
||||
this.folderService,
|
||||
this.cipherService,
|
||||
this.keyService,
|
||||
this.collectionService,
|
||||
this.messagingService,
|
||||
this.policyService,
|
||||
this.sendService,
|
||||
this.logService,
|
||||
this.keyConnectorService,
|
||||
this.stateService,
|
||||
this.providerService,
|
||||
this.folderApiService,
|
||||
this.organizationService,
|
||||
this.sendApiService,
|
||||
this.userDecryptionOptionsService,
|
||||
this.avatarService,
|
||||
logoutCallback,
|
||||
this.billingAccountProfileStateService,
|
||||
this.tokenService,
|
||||
this.authService,
|
||||
this.stateProvider,
|
||||
);
|
||||
this.syncService = new DefaultSyncService(
|
||||
this.masterPasswordService,
|
||||
this.accountService,
|
||||
this.apiService,
|
||||
this.domainSettingsService,
|
||||
this.folderService,
|
||||
this.cipherService,
|
||||
this.keyService,
|
||||
this.collectionService,
|
||||
this.messagingService,
|
||||
this.policyService,
|
||||
this.sendService,
|
||||
this.logService,
|
||||
this.keyConnectorService,
|
||||
this.stateService,
|
||||
this.providerService,
|
||||
this.folderApiService,
|
||||
this.organizationService,
|
||||
this.sendApiService,
|
||||
this.userDecryptionOptionsService,
|
||||
this.avatarService,
|
||||
logoutCallback,
|
||||
this.billingAccountProfileStateService,
|
||||
this.tokenService,
|
||||
this.authService,
|
||||
this.stateProvider,
|
||||
);
|
||||
|
||||
this.syncServiceListener = new SyncServiceListener(
|
||||
this.syncService,
|
||||
messageListener,
|
||||
this.messagingService,
|
||||
this.logService,
|
||||
);
|
||||
|
||||
this.syncServiceListener = new SyncServiceListener(
|
||||
this.syncService,
|
||||
messageListener,
|
||||
this.messagingService,
|
||||
this.logService,
|
||||
);
|
||||
}
|
||||
this.eventUploadService = new EventUploadService(
|
||||
this.apiService,
|
||||
this.stateProvider,
|
||||
@ -1112,122 +1080,128 @@ export default class MainBackground {
|
||||
this.isSafari = this.platformUtilsService.isSafari();
|
||||
|
||||
// Background
|
||||
if (!this.popupOnlyContext) {
|
||||
this.fido2Background = new Fido2Background(
|
||||
this.logService,
|
||||
this.fido2ActiveRequestManager,
|
||||
this.fido2ClientService,
|
||||
this.vaultSettingsService,
|
||||
this.scriptInjectorService,
|
||||
this.configService,
|
||||
this.authService,
|
||||
);
|
||||
|
||||
const lockService = new DefaultLockService(this.accountService, this.vaultTimeoutService);
|
||||
this.fido2Background = new Fido2Background(
|
||||
this.logService,
|
||||
this.fido2ActiveRequestManager,
|
||||
this.fido2ClientService,
|
||||
this.vaultSettingsService,
|
||||
this.scriptInjectorService,
|
||||
this.configService,
|
||||
this.authService,
|
||||
);
|
||||
|
||||
this.runtimeBackground = new RuntimeBackground(
|
||||
this,
|
||||
this.autofillService,
|
||||
this.platformUtilsService as BrowserPlatformUtilsService,
|
||||
this.notificationsService,
|
||||
this.autofillSettingsService,
|
||||
this.processReloadService,
|
||||
this.environmentService,
|
||||
this.messagingService,
|
||||
this.logService,
|
||||
this.configService,
|
||||
messageListener,
|
||||
this.accountService,
|
||||
lockService,
|
||||
);
|
||||
this.nativeMessagingBackground = new NativeMessagingBackground(
|
||||
this.keyService,
|
||||
this.encryptService,
|
||||
this.cryptoFunctionService,
|
||||
this.runtimeBackground,
|
||||
this.messagingService,
|
||||
this.appIdService,
|
||||
this.platformUtilsService,
|
||||
this.logService,
|
||||
this.authService,
|
||||
this.biometricStateService,
|
||||
this.accountService,
|
||||
);
|
||||
this.commandsBackground = new CommandsBackground(
|
||||
this,
|
||||
this.platformUtilsService,
|
||||
this.vaultTimeoutService,
|
||||
this.authService,
|
||||
() => this.generatePasswordToClipboard(),
|
||||
);
|
||||
this.notificationBackground = new NotificationBackground(
|
||||
this.autofillService,
|
||||
this.cipherService,
|
||||
this.authService,
|
||||
this.policyService,
|
||||
this.folderService,
|
||||
this.userNotificationSettingsService,
|
||||
this.domainSettingsService,
|
||||
this.environmentService,
|
||||
this.logService,
|
||||
this.themeStateService,
|
||||
this.configService,
|
||||
this.accountService,
|
||||
);
|
||||
const lockService = new DefaultLockService(this.accountService, this.vaultTimeoutService);
|
||||
|
||||
this.overlayNotificationsBackground = new OverlayNotificationsBackground(
|
||||
this.logService,
|
||||
this.configService,
|
||||
this.notificationBackground,
|
||||
);
|
||||
this.runtimeBackground = new RuntimeBackground(
|
||||
this,
|
||||
this.autofillService,
|
||||
this.platformUtilsService as BrowserPlatformUtilsService,
|
||||
this.notificationsService,
|
||||
this.autofillSettingsService,
|
||||
this.processReloadService,
|
||||
this.environmentService,
|
||||
this.messagingService,
|
||||
this.logService,
|
||||
this.configService,
|
||||
messageListener,
|
||||
this.accountService,
|
||||
lockService,
|
||||
);
|
||||
this.nativeMessagingBackground = new NativeMessagingBackground(
|
||||
this.keyService,
|
||||
this.encryptService,
|
||||
this.cryptoFunctionService,
|
||||
this.runtimeBackground,
|
||||
this.messagingService,
|
||||
this.appIdService,
|
||||
this.platformUtilsService,
|
||||
this.logService,
|
||||
this.authService,
|
||||
this.biometricStateService,
|
||||
this.accountService,
|
||||
);
|
||||
this.commandsBackground = new CommandsBackground(
|
||||
this,
|
||||
this.platformUtilsService,
|
||||
this.vaultTimeoutService,
|
||||
this.authService,
|
||||
() => this.generatePasswordToClipboard(),
|
||||
);
|
||||
this.notificationBackground = new NotificationBackground(
|
||||
this.autofillService,
|
||||
this.cipherService,
|
||||
this.authService,
|
||||
this.policyService,
|
||||
this.folderService,
|
||||
this.userNotificationSettingsService,
|
||||
this.domainSettingsService,
|
||||
this.environmentService,
|
||||
this.logService,
|
||||
this.themeStateService,
|
||||
this.configService,
|
||||
this.accountService,
|
||||
);
|
||||
|
||||
this.filelessImporterBackground = new FilelessImporterBackground(
|
||||
this.configService,
|
||||
this.authService,
|
||||
this.policyService,
|
||||
this.notificationBackground,
|
||||
this.importService,
|
||||
this.syncService,
|
||||
this.scriptInjectorService,
|
||||
);
|
||||
this.overlayNotificationsBackground = new OverlayNotificationsBackground(
|
||||
this.logService,
|
||||
this.configService,
|
||||
this.notificationBackground,
|
||||
);
|
||||
|
||||
this.autoSubmitLoginBackground = new AutoSubmitLoginBackground(
|
||||
this.logService,
|
||||
this.autofillService,
|
||||
this.scriptInjectorService,
|
||||
this.authService,
|
||||
this.configService,
|
||||
this.platformUtilsService,
|
||||
this.policyService,
|
||||
);
|
||||
this.filelessImporterBackground = new FilelessImporterBackground(
|
||||
this.configService,
|
||||
this.authService,
|
||||
this.policyService,
|
||||
this.notificationBackground,
|
||||
this.importService,
|
||||
this.syncService,
|
||||
this.scriptInjectorService,
|
||||
);
|
||||
|
||||
const contextMenuClickedHandler = new ContextMenuClickedHandler(
|
||||
(options) => this.platformUtilsService.copyToClipboard(options.text),
|
||||
async () => this.generatePasswordToClipboard(),
|
||||
async (tab, cipher) => {
|
||||
this.loginToAutoFill = cipher;
|
||||
if (tab == null) {
|
||||
return;
|
||||
}
|
||||
this.autoSubmitLoginBackground = new AutoSubmitLoginBackground(
|
||||
this.logService,
|
||||
this.autofillService,
|
||||
this.scriptInjectorService,
|
||||
this.authService,
|
||||
this.configService,
|
||||
this.platformUtilsService,
|
||||
this.policyService,
|
||||
);
|
||||
|
||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||
BrowserApi.tabSendMessage(tab, {
|
||||
command: "collectPageDetails",
|
||||
tab: tab,
|
||||
sender: "contextMenu",
|
||||
});
|
||||
},
|
||||
this.authService,
|
||||
this.cipherService,
|
||||
this.totpService,
|
||||
this.eventCollectionService,
|
||||
this.userVerificationService,
|
||||
this.accountService,
|
||||
);
|
||||
const contextMenuClickedHandler = new ContextMenuClickedHandler(
|
||||
(options) => this.platformUtilsService.copyToClipboard(options.text),
|
||||
async (_tab) => {
|
||||
const options = (await this.passwordGenerationService.getOptions())?.[0] ?? {};
|
||||
const password = await this.passwordGenerationService.generatePassword(options);
|
||||
this.platformUtilsService.copyToClipboard(password);
|
||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||
this.passwordGenerationService.addHistory(password);
|
||||
},
|
||||
async (tab, cipher) => {
|
||||
this.loginToAutoFill = cipher;
|
||||
if (tab == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
this.contextMenusBackground = new ContextMenusBackground(contextMenuClickedHandler);
|
||||
}
|
||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||
BrowserApi.tabSendMessage(tab, {
|
||||
command: "collectPageDetails",
|
||||
tab: tab,
|
||||
sender: "contextMenu",
|
||||
});
|
||||
},
|
||||
this.authService,
|
||||
this.cipherService,
|
||||
this.totpService,
|
||||
this.eventCollectionService,
|
||||
this.userVerificationService,
|
||||
this.accountService,
|
||||
);
|
||||
|
||||
this.contextMenusBackground = new ContextMenusBackground(contextMenuClickedHandler);
|
||||
|
||||
this.idleBackground = new IdleBackground(
|
||||
this.vaultTimeoutService,
|
||||
@ -1246,29 +1220,27 @@ export default class MainBackground {
|
||||
this.stateProvider,
|
||||
);
|
||||
|
||||
if (!this.popupOnlyContext) {
|
||||
this.mainContextMenuHandler = new MainContextMenuHandler(
|
||||
this.stateService,
|
||||
this.autofillSettingsService,
|
||||
this.i18nService,
|
||||
this.logService,
|
||||
this.billingAccountProfileStateService,
|
||||
);
|
||||
this.mainContextMenuHandler = new MainContextMenuHandler(
|
||||
this.stateService,
|
||||
this.autofillSettingsService,
|
||||
this.i18nService,
|
||||
this.logService,
|
||||
this.billingAccountProfileStateService,
|
||||
);
|
||||
|
||||
this.cipherContextMenuHandler = new CipherContextMenuHandler(
|
||||
this.mainContextMenuHandler,
|
||||
this.authService,
|
||||
this.cipherContextMenuHandler = new CipherContextMenuHandler(
|
||||
this.mainContextMenuHandler,
|
||||
this.authService,
|
||||
this.cipherService,
|
||||
);
|
||||
|
||||
if (chrome.webRequest != null && chrome.webRequest.onAuthRequired != null) {
|
||||
this.webRequestBackground = new WebRequestBackground(
|
||||
this.platformUtilsService,
|
||||
this.cipherService,
|
||||
this.authService,
|
||||
chrome.webRequest,
|
||||
);
|
||||
|
||||
if (chrome.webRequest != null && chrome.webRequest.onAuthRequired != null) {
|
||||
this.webRequestBackground = new WebRequestBackground(
|
||||
this.platformUtilsService,
|
||||
this.cipherService,
|
||||
this.authService,
|
||||
chrome.webRequest,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
this.userAutoUnlockKeyService = new UserAutoUnlockKeyService(this.keyService);
|
||||
@ -1283,7 +1255,7 @@ export default class MainBackground {
|
||||
this.containerService.attachToGlobal(self);
|
||||
|
||||
// Only the "true" background should run migrations
|
||||
await this.stateService.init({ runMigrations: !this.popupOnlyContext });
|
||||
await this.stateService.init({ runMigrations: true });
|
||||
|
||||
// This is here instead of in in the InitService b/c we don't plan for
|
||||
// side effects to run in the Browser InitService.
|
||||
@ -1305,10 +1277,6 @@ export default class MainBackground {
|
||||
|
||||
this.popupViewCacheBackgroundService.startObservingTabChanges();
|
||||
|
||||
if (this.popupOnlyContext) {
|
||||
return;
|
||||
}
|
||||
|
||||
await this.vaultTimeoutService.init(true);
|
||||
this.fido2Background.init();
|
||||
await this.runtimeBackground.init();
|
||||
@ -1637,7 +1605,6 @@ export default class MainBackground {
|
||||
*/
|
||||
async initOverlayAndTabsBackground() {
|
||||
if (
|
||||
this.popupOnlyContext ||
|
||||
this.overlayBackground ||
|
||||
this.tabsBackground ||
|
||||
(await firstValueFrom(this.authService.activeAccountStatus$)) ===
|
||||
|
@ -24,8 +24,8 @@ import {
|
||||
LockComponentService,
|
||||
} from "@bitwarden/auth/angular";
|
||||
import { LockService, LoginEmailService, PinServiceAbstraction } from "@bitwarden/auth/common";
|
||||
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
||||
import { EventCollectionService as EventCollectionServiceAbstraction } from "@bitwarden/common/abstractions/event/event-collection.service";
|
||||
import { NotificationsService } from "@bitwarden/common/abstractions/notifications.service";
|
||||
import { VaultTimeoutService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout.service";
|
||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
||||
@ -92,9 +92,15 @@ import { InlineDerivedStateProvider } from "@bitwarden/common/platform/state/imp
|
||||
import { PrimarySecondaryStorageService } from "@bitwarden/common/platform/storage/primary-secondary-storage.service";
|
||||
import { WindowStorageService } from "@bitwarden/common/platform/storage/window-storage.service";
|
||||
import { SyncService } from "@bitwarden/common/platform/sync";
|
||||
import { SendApiService } from "@bitwarden/common/tools/send/services/send-api.service.abstraction";
|
||||
import { InternalSendService } from "@bitwarden/common/tools/send/services/send.service.abstraction";
|
||||
import { VaultTimeoutStringType } from "@bitwarden/common/types/vault-timeout.type";
|
||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||
import { FolderService as FolderServiceAbstraction } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
|
||||
import { FolderApiServiceAbstraction } from "@bitwarden/common/vault/abstractions/folder/folder-api.service.abstraction";
|
||||
import {
|
||||
FolderService as FolderServiceAbstraction,
|
||||
InternalFolderService,
|
||||
} from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
|
||||
import { TotpService as TotpServiceAbstraction } from "@bitwarden/common/vault/abstractions/totp.service";
|
||||
import { TotpService } from "@bitwarden/common/vault/services/totp.service";
|
||||
import { DialogService, ToastService } from "@bitwarden/components";
|
||||
@ -107,7 +113,6 @@ import { ExtensionAnonLayoutWrapperDataService } from "../../auth/popup/extensio
|
||||
import { ExtensionLoginComponentService } from "../../auth/popup/login/extension-login-component.service";
|
||||
import { AutofillService as AutofillServiceAbstraction } from "../../autofill/services/abstractions/autofill.service";
|
||||
import AutofillService from "../../autofill/services/autofill.service";
|
||||
import MainBackground from "../../background/main.background";
|
||||
import { ForegroundBrowserBiometricsService } from "../../key-management/biometrics/foreground-browser-biometrics";
|
||||
import { BrowserKeyService } from "../../key-management/browser-key.service";
|
||||
import { BrowserApi } from "../../platform/browser/browser-api";
|
||||
@ -117,12 +122,12 @@ import { ChromeMessageSender } from "../../platform/messaging/chrome-message.sen
|
||||
/* eslint-enable no-restricted-imports */
|
||||
import { OffscreenDocumentService } from "../../platform/offscreen-document/abstractions/offscreen-document";
|
||||
import { DefaultOffscreenDocumentService } from "../../platform/offscreen-document/offscreen-document.service";
|
||||
import BrowserPopupUtils from "../../platform/popup/browser-popup-utils";
|
||||
import { BrowserFileDownloadService } from "../../platform/popup/services/browser-file-download.service";
|
||||
import { PopupViewCacheService } from "../../platform/popup/view-cache/popup-view-cache.service";
|
||||
import { ScriptInjectorService } from "../../platform/services/abstractions/script-injector.service";
|
||||
import { BrowserEnvironmentService } from "../../platform/services/browser-environment.service";
|
||||
import BrowserLocalStorageService from "../../platform/services/browser-local-storage.service";
|
||||
import BrowserMemoryStorageService from "../../platform/services/browser-memory-storage.service";
|
||||
import { BrowserScriptInjectorService } from "../../platform/services/browser-script-injector.service";
|
||||
import I18nService from "../../platform/services/i18n.service";
|
||||
import { ForegroundPlatformUtilsService } from "../../platform/services/platform-utils/foreground-platform-utils.service";
|
||||
@ -130,6 +135,7 @@ import { BrowserSdkClientFactory } from "../../platform/services/sdk/browser-sdk
|
||||
import { ForegroundTaskSchedulerService } from "../../platform/services/task-scheduler/foreground-task-scheduler.service";
|
||||
import { BrowserStorageServiceProvider } from "../../platform/storage/browser-storage-service.provider";
|
||||
import { ForegroundMemoryStorageService } from "../../platform/storage/foreground-memory-storage.service";
|
||||
import { ForegroundSyncService } from "../../platform/sync/foreground-sync.service";
|
||||
import { fromChromeRuntimeMessaging } from "../../platform/utils/from-chrome-runtime-messaging";
|
||||
import { ExtensionLockComponentService } from "../../services/extension-lock-component.service";
|
||||
import { ForegroundVaultTimeoutService } from "../../services/vault-timeout/foreground-vault-timeout.service";
|
||||
@ -151,26 +157,6 @@ const DISK_BACKUP_LOCAL_STORAGE = new SafeInjectionToken<
|
||||
AbstractStorageService & ObservableStorageService
|
||||
>("DISK_BACKUP_LOCAL_STORAGE");
|
||||
|
||||
const needsBackgroundInit = BrowserPopupUtils.backgroundInitializationRequired();
|
||||
const mainBackground: MainBackground = needsBackgroundInit
|
||||
? createLocalBgService()
|
||||
: BrowserApi.getBackgroundPage().bitwardenMain;
|
||||
|
||||
function createLocalBgService() {
|
||||
const localBgService = new MainBackground(true);
|
||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||
localBgService.bootstrap();
|
||||
return localBgService;
|
||||
}
|
||||
|
||||
/** @deprecated This method needs to be removed as part of MV3 conversion. Please do not add more and actively try to remove usages */
|
||||
function getBgService<T>(service: keyof MainBackground) {
|
||||
return (): T => {
|
||||
return mainBackground ? (mainBackground[service] as any as T) : null;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Provider definitions used in the ngModule.
|
||||
* Add your provider definition here using the safeProvider function as a wrapper. This will give you type safety.
|
||||
@ -307,8 +293,23 @@ const safeProviders: SafeProvider[] = [
|
||||
}),
|
||||
safeProvider({
|
||||
provide: SyncService,
|
||||
useFactory: getBgService<SyncService>("syncService"),
|
||||
deps: [],
|
||||
useClass: ForegroundSyncService,
|
||||
deps: [
|
||||
StateService,
|
||||
InternalFolderService,
|
||||
FolderApiServiceAbstraction,
|
||||
MessageSender,
|
||||
LogService,
|
||||
CipherService,
|
||||
CollectionService,
|
||||
ApiService,
|
||||
AccountServiceAbstraction,
|
||||
AuthService,
|
||||
InternalSendService,
|
||||
SendApiService,
|
||||
MessageListener,
|
||||
StateProvider,
|
||||
],
|
||||
}),
|
||||
safeProvider({
|
||||
provide: DomainSettingsService,
|
||||
@ -358,11 +359,6 @@ const safeProviders: SafeProvider[] = [
|
||||
useClass: ForegroundVaultTimeoutService,
|
||||
deps: [MessagingServiceAbstraction],
|
||||
}),
|
||||
safeProvider({
|
||||
provide: NotificationsService,
|
||||
useFactory: getBgService<NotificationsService>("notificationsService"),
|
||||
deps: [],
|
||||
}),
|
||||
safeProvider({
|
||||
provide: VaultFilterService,
|
||||
useClass: VaultFilterService,
|
||||
@ -382,8 +378,8 @@ const safeProviders: SafeProvider[] = [
|
||||
}),
|
||||
safeProvider({
|
||||
provide: MEMORY_STORAGE,
|
||||
useFactory: getBgService<AbstractStorageService>("memoryStorageService"),
|
||||
deps: [],
|
||||
useFactory: (memoryStorage: AbstractStorageService) => memoryStorage,
|
||||
deps: [OBSERVABLE_MEMORY_STORAGE],
|
||||
}),
|
||||
safeProvider({
|
||||
provide: OBSERVABLE_MEMORY_STORAGE,
|
||||
@ -392,9 +388,7 @@ const safeProviders: SafeProvider[] = [
|
||||
return new ForegroundMemoryStorageService();
|
||||
}
|
||||
|
||||
return getBgService<AbstractStorageService & ObservableStorageService>(
|
||||
"memoryStorageForStateProviders",
|
||||
)();
|
||||
return new BrowserMemoryStorageService();
|
||||
},
|
||||
deps: [],
|
||||
}),
|
||||
@ -407,9 +401,7 @@ const safeProviders: SafeProvider[] = [
|
||||
return regularMemoryStorageService;
|
||||
}
|
||||
|
||||
return getBgService<AbstractStorageService & ObservableStorageService>(
|
||||
"largeObjectMemoryStorageForStateProviders",
|
||||
)();
|
||||
return new ForegroundMemoryStorageService();
|
||||
},
|
||||
deps: [OBSERVABLE_MEMORY_STORAGE],
|
||||
}),
|
||||
@ -494,15 +486,7 @@ const safeProviders: SafeProvider[] = [
|
||||
}),
|
||||
safeProvider({
|
||||
provide: INTRAPROCESS_MESSAGING_SUBJECT,
|
||||
useFactory: () => {
|
||||
if (BrowserPopupUtils.backgroundInitializationRequired()) {
|
||||
// There is no persistent main background which means we have one in memory,
|
||||
// we need the same instance that our in memory background is utilizing.
|
||||
return getBgService("intraprocessMessagingSubject")();
|
||||
} else {
|
||||
return new Subject<Message<Record<string, unknown>>>();
|
||||
}
|
||||
},
|
||||
useFactory: () => new Subject<Message<Record<string, unknown>>>(),
|
||||
deps: [],
|
||||
}),
|
||||
safeProvider({
|
||||
@ -514,23 +498,6 @@ const safeProviders: SafeProvider[] = [
|
||||
),
|
||||
deps: [INTRAPROCESS_MESSAGING_SUBJECT, LogService],
|
||||
}),
|
||||
safeProvider({
|
||||
provide: INTRAPROCESS_MESSAGING_SUBJECT,
|
||||
useFactory: () => {
|
||||
if (needsBackgroundInit) {
|
||||
// We will have created a popup within this context, in that case
|
||||
// we want to make sure we have the same subject as that context so we
|
||||
// can message with it.
|
||||
return getBgService("intraprocessMessagingSubject")();
|
||||
} else {
|
||||
// There isn't a locally created background so we will communicate with
|
||||
// the true background through chrome apis, in that case, we can just create
|
||||
// one for ourself.
|
||||
return new Subject<Message<Record<string, unknown>>>();
|
||||
}
|
||||
},
|
||||
deps: [],
|
||||
}),
|
||||
safeProvider({
|
||||
provide: DISK_BACKUP_LOCAL_STORAGE,
|
||||
useFactory: (diskStorage: AbstractStorageService & ObservableStorageService) =>
|
||||
@ -572,13 +539,7 @@ const safeProviders: SafeProvider[] = [
|
||||
}),
|
||||
safeProvider({
|
||||
provide: ForegroundTaskSchedulerService,
|
||||
useFactory: (logService: LogService, stateProvider: StateProvider) => {
|
||||
if (needsBackgroundInit) {
|
||||
return getBgService<ForegroundTaskSchedulerService>("taskSchedulerService")();
|
||||
}
|
||||
|
||||
return new ForegroundTaskSchedulerService(logService, stateProvider);
|
||||
},
|
||||
useClass: ForegroundTaskSchedulerService,
|
||||
deps: [LogService, StateProvider],
|
||||
}),
|
||||
safeProvider({
|
||||
|
@ -486,7 +486,7 @@ export class MembersComponent extends BaseMembersComponent<OrganizationUserView>
|
||||
const enableUpgradePasswordManagerSub = await firstValueFrom(
|
||||
this.enableUpgradePasswordManagerSub$,
|
||||
);
|
||||
if (enableUpgradePasswordManagerSub) {
|
||||
if (enableUpgradePasswordManagerSub && this.organization.canEditSubscription) {
|
||||
const reference = openChangePlanDialog(this.dialogService, {
|
||||
data: {
|
||||
organizationId: this.organization.id,
|
||||
|
@ -15,7 +15,7 @@
|
||||
{{ "refresh" | i18n }}
|
||||
</a>
|
||||
</div>
|
||||
<bit-tab-group [(selectedIndex)]="tabIndex">
|
||||
<bit-tab-group [(selectedIndex)]="tabIndex" (selectedIndexChange)="onTabChange($event)">
|
||||
<bit-tab label="{{ 'allApplicationsWithCount' | i18n: apps.length }}">
|
||||
<tools-all-applications></tools-all-applications>
|
||||
</bit-tab>
|
||||
|
@ -1,8 +1,7 @@
|
||||
import { CommonModule } from "@angular/common";
|
||||
import { Component } from "@angular/core";
|
||||
import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
|
||||
import { ActivatedRoute } from "@angular/router";
|
||||
import { first } from "rxjs";
|
||||
import { ActivatedRoute, Router } from "@angular/router";
|
||||
|
||||
import { JslibModule } from "@bitwarden/angular/jslib.module";
|
||||
import { AsyncActionsModule, ButtonModule, TabsModule } from "@bitwarden/components";
|
||||
@ -18,7 +17,7 @@ import { PasswordHealthComponent } from "./password-health.component";
|
||||
|
||||
export enum AccessIntelligenceTabType {
|
||||
AllApps = 0,
|
||||
PriorityApps = 1,
|
||||
CriticalApps = 1,
|
||||
NotifiedMembers = 2,
|
||||
}
|
||||
|
||||
@ -58,8 +57,19 @@ export class AccessIntelligenceComponent {
|
||||
);
|
||||
}
|
||||
|
||||
constructor(route: ActivatedRoute) {
|
||||
route.queryParams.pipe(takeUntilDestroyed(), first()).subscribe(({ tabIndex }) => {
|
||||
onTabChange = async (newIndex: number) => {
|
||||
await this.router.navigate([], {
|
||||
relativeTo: this.route,
|
||||
queryParams: { tabIndex: newIndex },
|
||||
queryParamsHandling: "merge",
|
||||
});
|
||||
};
|
||||
|
||||
constructor(
|
||||
protected route: ActivatedRoute,
|
||||
private router: Router,
|
||||
) {
|
||||
route.queryParams.pipe(takeUntilDestroyed()).subscribe(({ tabIndex }) => {
|
||||
this.tabIndex = !isNaN(tabIndex) ? tabIndex : AccessIntelligenceTabType.AllApps;
|
||||
});
|
||||
}
|
||||
|
@ -14,13 +14,15 @@
|
||||
</h2>
|
||||
</ng-container>
|
||||
<ng-container slot="description">
|
||||
<p class="tw-text-muted">
|
||||
{{ "noAppsInOrgDescription" | i18n }}
|
||||
<div class="tw-flex tw-flex-col tw-mb-2">
|
||||
<span class="tw-text-muted">
|
||||
{{ "noAppsInOrgDescription" | i18n }}
|
||||
</span>
|
||||
<a class="text-primary" routerLink="/login">{{ "learnMore" | i18n }}</a>
|
||||
</p>
|
||||
</div>
|
||||
</ng-container>
|
||||
<ng-container slot="button">
|
||||
<button bitButton buttonType="primary" type="button">
|
||||
<button (click)="goToCreateNewLoginItem()" bitButton buttonType="primary" type="button">
|
||||
{{ "createNewLoginItem" | i18n }}
|
||||
</button>
|
||||
</ng-container>
|
||||
@ -50,7 +52,15 @@
|
||||
class="tw-grow"
|
||||
[formControl]="searchControl"
|
||||
></bit-search>
|
||||
<button class="tw-rounded-lg" type="button" buttonType="secondary" bitButton>
|
||||
<button
|
||||
class="tw-rounded-lg"
|
||||
type="button"
|
||||
buttonType="secondary"
|
||||
bitButton
|
||||
[disabled]="!selectedIds.size"
|
||||
[loading]="markingAsCritical"
|
||||
(click)="markAppsAsCritical()"
|
||||
>
|
||||
<i class="bwi bwi-star-f tw-mr-2"></i>
|
||||
{{ "markAppAsCritical" | i18n }}
|
||||
</button>
|
||||
|
@ -40,6 +40,7 @@ export class AllApplicationsComponent implements OnInit {
|
||||
protected loading = false;
|
||||
protected organization: Organization;
|
||||
noItemsIcon = Icons.Security;
|
||||
protected markingAsCritical = false;
|
||||
|
||||
// MOCK DATA
|
||||
protected mockData = applicationTableMockData;
|
||||
@ -76,8 +77,18 @@ export class AllApplicationsComponent implements OnInit {
|
||||
.subscribe((v) => (this.dataSource.filter = v));
|
||||
}
|
||||
|
||||
goToCreateNewLoginItem = async () => {
|
||||
// TODO: implement
|
||||
this.toastService.showToast({
|
||||
variant: "warning",
|
||||
title: null,
|
||||
message: "Not yet implemented",
|
||||
});
|
||||
};
|
||||
|
||||
markAppsAsCritical = async () => {
|
||||
// TODO: Send to API once implemented
|
||||
this.markingAsCritical = true;
|
||||
return new Promise((resolve) => {
|
||||
setTimeout(() => {
|
||||
this.selectedIds.clear();
|
||||
@ -87,6 +98,7 @@ export class AllApplicationsComponent implements OnInit {
|
||||
message: this.i18nService.t("appsMarkedAsCritical"),
|
||||
});
|
||||
resolve(true);
|
||||
this.markingAsCritical = false;
|
||||
}, 1000);
|
||||
});
|
||||
};
|
||||
|
@ -19,7 +19,9 @@
|
||||
</p>
|
||||
</ng-container>
|
||||
<ng-container slot="button">
|
||||
<button bitButton buttonType="primary" type="button">{{ "markCriticalApps" | i18n }}</button>
|
||||
<button (click)="goToAllAppsTab()" bitButton buttonType="primary" type="button">
|
||||
{{ "markCriticalApps" | i18n }}
|
||||
</button>
|
||||
</ng-container>
|
||||
</bit-no-items>
|
||||
</div>
|
||||
|
@ -1,7 +1,7 @@
|
||||
import { Component, DestroyRef, inject, OnInit } from "@angular/core";
|
||||
import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
|
||||
import { FormControl } from "@angular/forms";
|
||||
import { ActivatedRoute } from "@angular/router";
|
||||
import { ActivatedRoute, Router } from "@angular/router";
|
||||
import { debounceTime, map } from "rxjs";
|
||||
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
@ -12,6 +12,7 @@ import { HeaderModule } from "../../layouts/header/header.module";
|
||||
import { SharedModule } from "../../shared";
|
||||
import { PipesModule } from "../../vault/individual-vault/pipes/pipes.module";
|
||||
|
||||
import { AccessIntelligenceTabType } from "./access-intelligence.component";
|
||||
import { applicationTableMockData } from "./application-table.mock";
|
||||
|
||||
@Component({
|
||||
@ -26,8 +27,10 @@ export class CriticalApplicationsComponent implements OnInit {
|
||||
protected searchControl = new FormControl("", { nonNullable: true });
|
||||
private destroyRef = inject(DestroyRef);
|
||||
protected loading = false;
|
||||
protected organizationId: string;
|
||||
noItemsIcon = Icons.Security;
|
||||
// MOCK DATA
|
||||
protected mockData = applicationTableMockData;
|
||||
protected mockAtRiskMembersCount = 0;
|
||||
protected mockAtRiskAppsCount = 0;
|
||||
protected mockTotalMembersCount = 0;
|
||||
@ -38,18 +41,26 @@ export class CriticalApplicationsComponent implements OnInit {
|
||||
.pipe(
|
||||
takeUntilDestroyed(this.destroyRef),
|
||||
map(async (params) => {
|
||||
// const organizationId = params.get("organizationId");
|
||||
this.organizationId = params.get("organizationId");
|
||||
// TODO: use organizationId to fetch data
|
||||
}),
|
||||
)
|
||||
.subscribe();
|
||||
}
|
||||
|
||||
goToAllAppsTab = async () => {
|
||||
await this.router.navigate([`organizations/${this.organizationId}/access-intelligence`], {
|
||||
queryParams: { tabIndex: AccessIntelligenceTabType.AllApps },
|
||||
queryParamsHandling: "merge",
|
||||
});
|
||||
};
|
||||
|
||||
constructor(
|
||||
protected i18nService: I18nService,
|
||||
protected activatedRoute: ActivatedRoute,
|
||||
protected router: Router,
|
||||
) {
|
||||
this.dataSource.data = applicationTableMockData;
|
||||
this.dataSource.data = []; //applicationTableMockData;
|
||||
this.searchControl.valueChanges
|
||||
.pipe(debounceTime(200), takeUntilDestroyed())
|
||||
.subscribe((v) => (this.dataSource.filter = v));
|
||||
|
@ -216,7 +216,7 @@ describe("UserVerificationService", () => {
|
||||
});
|
||||
|
||||
it("returns if verification is successful", async () => {
|
||||
keyService.compareAndUpdateKeyHash.mockResolvedValueOnce(true);
|
||||
keyService.compareKeyHash.mockResolvedValueOnce(true);
|
||||
|
||||
const result = await sut.verifyUserByMasterPassword(
|
||||
{
|
||||
@ -227,7 +227,7 @@ describe("UserVerificationService", () => {
|
||||
"email",
|
||||
);
|
||||
|
||||
expect(keyService.compareAndUpdateKeyHash).toHaveBeenCalled();
|
||||
expect(keyService.compareKeyHash).toHaveBeenCalled();
|
||||
expect(masterPasswordService.setMasterKeyHash).toHaveBeenCalledWith(
|
||||
"localHash",
|
||||
mockUserId,
|
||||
@ -240,7 +240,7 @@ describe("UserVerificationService", () => {
|
||||
});
|
||||
|
||||
it("throws if verification fails", async () => {
|
||||
keyService.compareAndUpdateKeyHash.mockResolvedValueOnce(false);
|
||||
keyService.compareKeyHash.mockResolvedValueOnce(false);
|
||||
|
||||
await expect(
|
||||
sut.verifyUserByMasterPassword(
|
||||
@ -253,7 +253,7 @@ describe("UserVerificationService", () => {
|
||||
),
|
||||
).rejects.toThrow("Invalid master password");
|
||||
|
||||
expect(keyService.compareAndUpdateKeyHash).toHaveBeenCalled();
|
||||
expect(keyService.compareKeyHash).toHaveBeenCalled();
|
||||
expect(masterPasswordService.setMasterKeyHash).not.toHaveBeenCalledWith();
|
||||
expect(masterPasswordService.setMasterKey).not.toHaveBeenCalledWith();
|
||||
});
|
||||
@ -285,7 +285,7 @@ describe("UserVerificationService", () => {
|
||||
"email",
|
||||
);
|
||||
|
||||
expect(keyService.compareAndUpdateKeyHash).not.toHaveBeenCalled();
|
||||
expect(keyService.compareKeyHash).not.toHaveBeenCalled();
|
||||
expect(masterPasswordService.setMasterKeyHash).toHaveBeenCalledWith(
|
||||
"localHash",
|
||||
mockUserId,
|
||||
@ -318,7 +318,7 @@ describe("UserVerificationService", () => {
|
||||
),
|
||||
).rejects.toThrow("Invalid master password");
|
||||
|
||||
expect(keyService.compareAndUpdateKeyHash).not.toHaveBeenCalled();
|
||||
expect(keyService.compareKeyHash).not.toHaveBeenCalled();
|
||||
expect(masterPasswordService.setMasterKeyHash).not.toHaveBeenCalledWith();
|
||||
expect(masterPasswordService.setMasterKey).not.toHaveBeenCalledWith();
|
||||
});
|
||||
|
@ -206,9 +206,10 @@ export class UserVerificationService implements UserVerificationServiceAbstracti
|
||||
let policyOptions: MasterPasswordPolicyResponse | null;
|
||||
// Client-side verification
|
||||
if (await this.hasMasterPasswordAndMasterKeyHash(userId)) {
|
||||
const passwordValid = await this.keyService.compareAndUpdateKeyHash(
|
||||
const passwordValid = await this.keyService.compareKeyHash(
|
||||
verification.secret,
|
||||
masterKey,
|
||||
userId,
|
||||
);
|
||||
if (!passwordValid) {
|
||||
throw new Error(this.i18nService.t("invalidMasterPassword"));
|
||||
|
@ -204,14 +204,18 @@ export abstract class KeyService {
|
||||
hashPurpose?: HashPurpose,
|
||||
): Promise<string>;
|
||||
/**
|
||||
* Compares the provided master password to the stored password hash and server password hash.
|
||||
* Updates the stored hash if outdated.
|
||||
* Compares the provided master password to the stored password hash.
|
||||
* @param masterPassword The user's master password
|
||||
* @param key The user's master key
|
||||
* @param userId The id of the user to do the operation for.
|
||||
* @returns True if the provided master password matches either the stored
|
||||
* key hash or the server key hash
|
||||
*/
|
||||
abstract compareAndUpdateKeyHash(masterPassword: string, masterKey: MasterKey): Promise<boolean>;
|
||||
abstract compareKeyHash(
|
||||
masterPassword: string,
|
||||
masterKey: MasterKey,
|
||||
userId: UserId,
|
||||
): Promise<boolean>;
|
||||
/**
|
||||
* Stores the encrypted organization keys and clears any decrypted
|
||||
* organization keys currently in memory
|
||||
|
@ -733,4 +733,63 @@ describe("keyService", () => {
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe("compareKeyHash", () => {
|
||||
type TestCase = {
|
||||
masterKey: MasterKey;
|
||||
masterPassword: string | null;
|
||||
storedMasterKeyHash: string;
|
||||
mockReturnedHash: string;
|
||||
expectedToMatch: boolean;
|
||||
};
|
||||
|
||||
const data: TestCase[] = [
|
||||
{
|
||||
masterKey: makeSymmetricCryptoKey(64),
|
||||
masterPassword: "my_master_password",
|
||||
storedMasterKeyHash: "bXlfaGFzaA==",
|
||||
mockReturnedHash: "bXlfaGFzaA==",
|
||||
expectedToMatch: true,
|
||||
},
|
||||
{
|
||||
masterKey: makeSymmetricCryptoKey(64),
|
||||
masterPassword: null,
|
||||
storedMasterKeyHash: "bXlfaGFzaA==",
|
||||
mockReturnedHash: "bXlfaGFzaA==",
|
||||
expectedToMatch: false,
|
||||
},
|
||||
{
|
||||
masterKey: makeSymmetricCryptoKey(64),
|
||||
masterPassword: null,
|
||||
storedMasterKeyHash: null,
|
||||
mockReturnedHash: "bXlfaGFzaA==",
|
||||
expectedToMatch: false,
|
||||
},
|
||||
];
|
||||
|
||||
it.each(data)(
|
||||
"returns expected match value when calculated hash equals stored hash",
|
||||
async ({
|
||||
masterKey,
|
||||
masterPassword,
|
||||
storedMasterKeyHash,
|
||||
mockReturnedHash,
|
||||
expectedToMatch,
|
||||
}) => {
|
||||
masterPasswordService.masterKeyHashSubject.next(storedMasterKeyHash);
|
||||
|
||||
cryptoFunctionService.pbkdf2
|
||||
.calledWith(masterKey.key, masterPassword, "sha256", 2)
|
||||
.mockResolvedValue(Utils.fromB64ToArray(mockReturnedHash));
|
||||
|
||||
const actualDidMatch = await keyService.compareKeyHash(
|
||||
masterPassword,
|
||||
masterKey,
|
||||
mockUserId,
|
||||
);
|
||||
|
||||
expect(actualDidMatch).toBe(expectedToMatch);
|
||||
},
|
||||
);
|
||||
});
|
||||
});
|
||||
|
@ -319,34 +319,43 @@ export class DefaultKeyService implements KeyServiceAbstraction {
|
||||
}
|
||||
|
||||
// TODO: move to MasterPasswordService
|
||||
async compareAndUpdateKeyHash(masterPassword: string, masterKey: MasterKey): Promise<boolean> {
|
||||
const userId = await firstValueFrom(this.stateProvider.activeUserId$);
|
||||
async compareKeyHash(
|
||||
masterPassword: string,
|
||||
masterKey: MasterKey,
|
||||
userId: UserId,
|
||||
): Promise<boolean> {
|
||||
if (masterKey == null) {
|
||||
throw new Error("'masterKey' is required to be non-null.");
|
||||
}
|
||||
|
||||
if (masterPassword == null) {
|
||||
// If they don't give us a master password, we can't hash it, and therefore
|
||||
// it will never match what we have stored.
|
||||
return false;
|
||||
}
|
||||
|
||||
// Retrieve the current password hash
|
||||
const storedPasswordHash = await firstValueFrom(
|
||||
this.masterPasswordService.masterKeyHash$(userId),
|
||||
);
|
||||
if (masterPassword != null && storedPasswordHash != null) {
|
||||
const localKeyHash = await this.hashMasterKey(
|
||||
masterPassword,
|
||||
masterKey,
|
||||
HashPurpose.LocalAuthorization,
|
||||
);
|
||||
if (localKeyHash != null && storedPasswordHash === localKeyHash) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// TODO: remove serverKeyHash check in 1-2 releases after everyone's keyHash has been updated
|
||||
const serverKeyHash = await this.hashMasterKey(
|
||||
masterPassword,
|
||||
masterKey,
|
||||
HashPurpose.ServerAuthorization,
|
||||
);
|
||||
if (serverKeyHash != null && storedPasswordHash === serverKeyHash) {
|
||||
await this.masterPasswordService.setMasterKeyHash(localKeyHash, userId);
|
||||
return true;
|
||||
}
|
||||
if (storedPasswordHash == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return false;
|
||||
// Hash the key for local use
|
||||
const localKeyHash = await this.hashMasterKey(
|
||||
masterPassword,
|
||||
masterKey,
|
||||
HashPurpose.LocalAuthorization,
|
||||
);
|
||||
|
||||
// Check if the stored hash is already equal to the hash we create locally
|
||||
if (localKeyHash == null || storedPasswordHash !== localKeyHash) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
async setOrgKeys(
|
||||
|
@ -1,8 +1,10 @@
|
||||
import { DialogRef } from "@angular/cdk/dialog";
|
||||
import { Component } from "@angular/core";
|
||||
import { FormBuilder, ReactiveFormsModule, Validators } from "@angular/forms";
|
||||
import { firstValueFrom, map } from "rxjs";
|
||||
|
||||
import { JslibModule } from "@bitwarden/angular/jslib.module";
|
||||
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||
import {
|
||||
@ -43,16 +45,25 @@ export class PasswordRepromptComponent {
|
||||
protected i18nService: I18nService,
|
||||
protected formBuilder: FormBuilder,
|
||||
protected dialogRef: DialogRef,
|
||||
protected accountService: AccountService,
|
||||
) {}
|
||||
|
||||
submit = async () => {
|
||||
const userId = await firstValueFrom(this.accountService.activeAccount$.pipe(map((a) => a?.id)));
|
||||
|
||||
if (userId == null) {
|
||||
throw new Error("An active user is expected while doing password reprompt.");
|
||||
}
|
||||
|
||||
const storedMasterKey = await this.keyService.getOrDeriveMasterKey(
|
||||
this.formGroup.value.masterPassword,
|
||||
userId,
|
||||
);
|
||||
if (
|
||||
!(await this.keyService.compareAndUpdateKeyHash(
|
||||
!(await this.keyService.compareKeyHash(
|
||||
this.formGroup.value.masterPassword,
|
||||
storedMasterKey,
|
||||
userId,
|
||||
))
|
||||
) {
|
||||
this.platformUtilsService.showToast(
|
||||
|
10
package-lock.json
generated
10
package-lock.json
generated
@ -69,7 +69,7 @@
|
||||
"rxjs": "7.8.1",
|
||||
"tabbable": "6.2.0",
|
||||
"tldts": "6.1.58",
|
||||
"utf-8-validate": "6.0.4",
|
||||
"utf-8-validate": "6.0.5",
|
||||
"zone.js": "0.14.10",
|
||||
"zxcvbn": "4.4.2"
|
||||
},
|
||||
@ -319,6 +319,7 @@
|
||||
"license": "GPL-3.0"
|
||||
},
|
||||
"libs/tools/export/vault-export/vault-export-core": {
|
||||
"name": "@bitwarden/vault-export-core",
|
||||
"version": "0.0.0",
|
||||
"license": "GPL-3.0",
|
||||
"dependencies": {
|
||||
@ -34702,10 +34703,11 @@
|
||||
}
|
||||
},
|
||||
"node_modules/utf-8-validate": {
|
||||
"version": "6.0.4",
|
||||
"resolved": "https://registry.npmjs.org/utf-8-validate/-/utf-8-validate-6.0.4.tgz",
|
||||
"integrity": "sha512-xu9GQDeFp+eZ6LnCywXN/zBancWvOpUMzgjLPSjy4BRHSmTelvn2E0DG0o1sTiw5hkCKBHo8rwSKncfRfv2EEQ==",
|
||||
"version": "6.0.5",
|
||||
"resolved": "https://registry.npmjs.org/utf-8-validate/-/utf-8-validate-6.0.5.tgz",
|
||||
"integrity": "sha512-EYZR+OpIXp9Y1eG1iueg8KRsY8TuT8VNgnanZ0uA3STqhHQTLwbl+WX76/9X5OY12yQubymBpaBSmMPkSTQcKA==",
|
||||
"hasInstallScript": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"node-gyp-build": "^4.3.0"
|
||||
},
|
||||
|
@ -203,7 +203,7 @@
|
||||
"rxjs": "7.8.1",
|
||||
"tabbable": "6.2.0",
|
||||
"tldts": "6.1.58",
|
||||
"utf-8-validate": "6.0.4",
|
||||
"utf-8-validate": "6.0.5",
|
||||
"zone.js": "0.14.10",
|
||||
"zxcvbn": "4.4.2"
|
||||
},
|
||||
|
Loading…
Reference in New Issue
Block a user