Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2025-04-07 18:57:06 +02:00
Code Issues Projects Releases Wiki Activity

Initial work

Browse Source
This commit is contained in:
gbubemismith 2023-07-25 15:45:11 -04:00
parent 31276a92f8
commit e6e088fd02
No known key found for this signature in database
12 changed files with 126 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
apps/browser/src/auth/popup/home.component.ts
View File

@ -1,6 +1,6 @@
import { Component, OnDestroy, OnInit, ViewChild } from "@angular/core"; import { Component, OnDestroy, OnInit, ViewChild } from "@angular/core";
import { FormBuilder, Validators } from "@angular/forms"; import { FormBuilder, Validators } from "@angular/forms";
import { Router } from "@angular/router"; import { ActivatedRoute, Router } from "@angular/router";
import { Subject, takeUntil } from "rxjs"; import { Subject, takeUntil } from "rxjs";
import { EnvironmentSelectorComponent } from "@bitwarden/angular/auth/components/environment-selector.component"; import { EnvironmentSelectorComponent } from "@bitwarden/angular/auth/components/environment-selector.component";
@ -20,6 +20,9 @@ export class HomeComponent implements OnInit, OnDestroy {
private destroyed$: Subject<void> = new Subject(); private destroyed$: Subject<void> = new Subject();
loginInitiated = false; loginInitiated = false;
//use this to redirect somehwere else after login
redirectPath: string;
sessionId: string;
formGroup = this.formBuilder.group({ formGroup = this.formBuilder.group({
email: ["", [Validators.required, Validators.email]], email: ["", [Validators.required, Validators.email]],
rememberEmail: [false], rememberEmail: [false],
@ -32,10 +35,16 @@ export class HomeComponent implements OnInit, OnDestroy {
private router: Router, private router: Router,
private i18nService: I18nService, private i18nService: I18nService,
private environmentService: EnvironmentService, private environmentService: EnvironmentService,
private loginService: LoginService private loginService: LoginService,
protected route: ActivatedRoute
) {} ) {}
async ngOnInit(): Promise<void> { async ngOnInit(): Promise<void> {
this.route?.queryParams.pipe(takeUntil(this.destroyed$)).subscribe((params) => {
this.redirectPath = params?.redirectPath;
this.sessionId = params?.sessionId;
});
let savedEmail = this.loginService.getEmail(); let savedEmail = this.loginService.getEmail();
const rememberEmail = this.loginService.getRememberEmail(); const rememberEmail = this.loginService.getRememberEmail();
@ -80,7 +89,14 @@ export class HomeComponent implements OnInit, OnDestroy {
this.loginService.setEmail(this.formGroup.value.email); this.loginService.setEmail(this.formGroup.value.email);
this.loginService.setRememberEmail(this.formGroup.value.rememberEmail); this.loginService.setRememberEmail(this.formGroup.value.rememberEmail);
this.router.navigate(["login"], { queryParams: { email: this.formGroup.value.email } });
this.router.navigate(["login"], {
queryParams: {
email: this.formGroup.value.email,
redirectPath: this.redirectPath,
sessionId: this.sessionId,
},
});
} }
get selfHostedDomain() { get selfHostedDomain() {

8
apps/browser/src/auth/popup/lock.component.ts
View File

@ -1,5 +1,5 @@
import { Component, NgZone } from "@angular/core"; import { Component, NgZone } from "@angular/core";
import { Router } from "@angular/router"; import { ActivatedRoute, Router } from "@angular/router";
import { LockComponent as BaseLockComponent } from "@bitwarden/angular/auth/components/lock.component"; import { LockComponent as BaseLockComponent } from "@bitwarden/angular/auth/components/lock.component";
import { DialogServiceAbstraction } from "@bitwarden/angular/services/dialog"; import { DialogServiceAbstraction } from "@bitwarden/angular/services/dialog";
@ -50,7 +50,8 @@ export class LockComponent extends BaseLockComponent {
policyService: InternalPolicyService, policyService: InternalPolicyService,
passwordStrengthService: PasswordStrengthServiceAbstraction, passwordStrengthService: PasswordStrengthServiceAbstraction,
private authService: AuthService, private authService: AuthService,
dialogService: DialogServiceAbstraction dialogService: DialogServiceAbstraction,
route: ActivatedRoute
) { ) {
super( super(
router, router,
@ -69,7 +70,8 @@ export class LockComponent extends BaseLockComponent {
policyApiService, policyApiService,
policyService, policyService,
passwordStrengthService, passwordStrengthService,
dialogService dialogService,
route
); );
this.successRoute = "/tabs/current"; this.successRoute = "/tabs/current";
this.isInitialLockScreen = (window as any).previousPopupUrl == null; this.isInitialLockScreen = (window as any).previousPopupUrl == null;

1
apps/browser/src/background/main.background.ts
View File

@ -532,6 +532,7 @@ export default class MainBackground {
this.fido2AuthenticatorService = new Fido2AuthenticatorService( this.fido2AuthenticatorService = new Fido2AuthenticatorService(
this.cipherService, this.cipherService,
this.fido2UserInterfaceService, this.fido2UserInterfaceService,
this.authService,
this.logService this.logService
); );
this.fido2ClientService = new Fido2ClientService( this.fido2ClientService = new Fido2ClientService(

21
apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts
View File

@ -94,6 +94,14 @@ export type BrowserFido2Message = { sessionId: string } & (
type: "AbortResponse"; type: "AbortResponse";
fallbackRequested: boolean; fallbackRequested: boolean;
} }
| {
type: "LogInRequest";
userVerification: boolean;
}
| {
type: "LogInResponse";
userVerified: boolean;
}
); );
export class BrowserFido2UserInterfaceService implements Fido2UserInterfaceServiceAbstraction { export class BrowserFido2UserInterfaceService implements Fido2UserInterfaceServiceAbstraction {
@ -272,6 +280,19 @@ export class BrowserFido2UserInterfaceSession implements Fido2UserInterfaceSessi
await this.receive("AbortResponse"); await this.receive("AbortResponse");
} }
async login(userVerification: boolean): Promise<{ userVerified: boolean }> {
const data: BrowserFido2Message = {
type: "LogInRequest",
userVerification,
sessionId: this.sessionId,
};
await this.send(data);
const response = await this.receive("LogInResponse");
return { userVerified: response.userVerified };
}
async close() { async close() {
this.popupUtilsService.closePopOut(this.popout); this.popupUtilsService.closePopOut(this.popout);
this.closed = true; this.closed = true;

17
apps/browser/src/vault/popup/components/fido2/fido2.component.ts
View File

@ -19,6 +19,7 @@ import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
import { Fido2KeyView } from "@bitwarden/common/vault/models/view/fido2-key.view"; import { Fido2KeyView } from "@bitwarden/common/vault/models/view/fido2-key.view";
import { BrowserApi } from "../../../../platform/browser/browser-api"; import { BrowserApi } from "../../../../platform/browser/browser-api";
import { PopupUtilsService } from "../../../../popup/services/popup-utils.service";
import { import {
BrowserFido2Message, BrowserFido2Message,
BrowserFido2UserInterfaceSession, BrowserFido2UserInterfaceSession,
@ -48,7 +49,8 @@ export class Fido2Component implements OnInit, OnDestroy {
constructor( constructor(
private activatedRoute: ActivatedRoute, private activatedRoute: ActivatedRoute,
private cipherService: CipherService, private cipherService: CipherService,
private passwordRepromptService: PasswordRepromptService private passwordRepromptService: PasswordRepromptService,
private popupUtils: PopupUtilsService
) {} ) {}
ngOnInit(): void { ngOnInit(): void {
@ -61,6 +63,19 @@ export class Fido2Component implements OnInit, OnDestroy {
.pipe(takeUntil(this.destroy$)) .pipe(takeUntil(this.destroy$))
.subscribe(([sessionId, message]) => { .subscribe(([sessionId, message]) => {
this.sessionId = sessionId; this.sessionId = sessionId;
if (message.type === "LogInRequest") {
//route to login
const url = chrome.extension.getURL(
`popup/index.html#/home?sessionId=${sessionId}&redirectPath=fido2&uilocation=popout`
);
// BrowserApi.createNewWindow(url);
BrowserApi.createNewTab(url);
// if (this.popupUtils.inPopup(window)) {
// BrowserApi.closePopup(window);
// }
return;
}
if (message.type === "NewSessionCreatedRequest" && message.sessionId !== sessionId) { if (message.type === "NewSessionCreatedRequest" && message.sessionId !== sessionId) {
return this.abort(false); return this.abort(false);
} }

5
apps/desktop/src/auth/lock.component.ts
View File

@ -44,7 +44,7 @@ export class LockComponent extends BaseLockComponent {
environmentService: EnvironmentService, environmentService: EnvironmentService,
protected override stateService: ElectronStateService, protected override stateService: ElectronStateService,
apiService: ApiService, apiService: ApiService,
private route: ActivatedRoute, route: ActivatedRoute,
private broadcasterService: BroadcasterService, private broadcasterService: BroadcasterService,
ngZone: NgZone, ngZone: NgZone,
policyApiService: PolicyApiServiceAbstraction, policyApiService: PolicyApiServiceAbstraction,
@ -71,7 +71,8 @@ export class LockComponent extends BaseLockComponent {
policyApiService, policyApiService,
policyService, policyService,
passwordStrengthService, passwordStrengthService,
dialogService dialogService,
route
); );
} }

8
apps/web/src/app/auth/lock.component.ts
View File

@ -1,5 +1,5 @@
import { Component, NgZone } from "@angular/core"; import { Component, NgZone } from "@angular/core";
import { Router } from "@angular/router"; import { ActivatedRoute, Router } from "@angular/router";
import { LockComponent as BaseLockComponent } from "@bitwarden/angular/auth/components/lock.component"; import { LockComponent as BaseLockComponent } from "@bitwarden/angular/auth/components/lock.component";
import { DialogServiceAbstraction } from "@bitwarden/angular/services/dialog"; import { DialogServiceAbstraction } from "@bitwarden/angular/services/dialog";
@ -43,7 +43,8 @@ export class LockComponent extends BaseLockComponent {
policyApiService: PolicyApiServiceAbstraction, policyApiService: PolicyApiServiceAbstraction,
policyService: InternalPolicyService, policyService: InternalPolicyService,
passwordStrengthService: PasswordStrengthServiceAbstraction, passwordStrengthService: PasswordStrengthServiceAbstraction,
dialogService: DialogServiceAbstraction dialogService: DialogServiceAbstraction,
route: ActivatedRoute
) { ) {
super( super(
router, router,
@ -62,7 +63,8 @@ export class LockComponent extends BaseLockComponent {
policyApiService, policyApiService,
policyService, policyService,
passwordStrengthService, passwordStrengthService,
dialogService dialogService,
route
); );
} }

23
libs/angular/src/auth/components/lock.component.ts
View File

@ -1,5 +1,5 @@
import { Directive, NgZone, OnDestroy, OnInit } from "@angular/core"; import { Directive, NgZone, OnDestroy, OnInit } from "@angular/core";
import { Router } from "@angular/router"; import { ActivatedRoute, Router } from "@angular/router";
import { firstValueFrom, Subject } from "rxjs"; import { firstValueFrom, Subject } from "rxjs";
import { concatMap, take, takeUntil } from "rxjs/operators"; import { concatMap, take, takeUntil } from "rxjs/operators";
@ -41,6 +41,8 @@ export class LockComponent implements OnInit, OnDestroy {
biometricLock: boolean; biometricLock: boolean;
biometricText: string; biometricText: string;
hideInput: boolean; hideInput: boolean;
redirectPath: string;
sessionId: string;
protected successRoute = "vault"; protected successRoute = "vault";
protected forcePasswordResetRoute = "update-temp-password"; protected forcePasswordResetRoute = "update-temp-password";
@ -70,10 +72,21 @@ export class LockComponent implements OnInit, OnDestroy {
protected policyApiService: PolicyApiServiceAbstraction, protected policyApiService: PolicyApiServiceAbstraction,
protected policyService: InternalPolicyService, protected policyService: InternalPolicyService,
protected passwordStrengthService: PasswordStrengthServiceAbstraction, protected passwordStrengthService: PasswordStrengthServiceAbstraction,
protected dialogService: DialogServiceAbstraction protected dialogService: DialogServiceAbstraction,
protected route: ActivatedRoute
) {} ) {}
async ngOnInit() { async ngOnInit() {
this.route?.queryParams.subscribe((params) => {
this.redirectPath = params?.redirectPath;
this.sessionId = params?.sessionId;
});
//use redirectPath to redirect to a specific page after successful login
if (this.redirectPath) {
this.successRoute = this.redirectPath;
}
this.stateService.activeAccount$ this.stateService.activeAccount$
.pipe( .pipe(
concatMap(async () => { concatMap(async () => {
@ -291,7 +304,11 @@ export class LockComponent implements OnInit, OnDestroy {
if (this.onSuccessfulSubmit != null) { if (this.onSuccessfulSubmit != null) {
await this.onSuccessfulSubmit(); await this.onSuccessfulSubmit();
} else if (this.router != null) { } else if (this.router != null) {
this.router.navigate([this.successRoute]); this.router.navigate([this.successRoute], {
queryParams: {
sessionId: this.sessionId,
},
});
} }
} }

15
libs/angular/src/auth/components/login.component.ts
View File

@ -39,6 +39,8 @@ export class LoginComponent extends CaptchaProtectedComponent implements OnInit
showLoginWithDevice: boolean; showLoginWithDevice: boolean;
validatedEmail = false; validatedEmail = false;
paramEmailSet = false; paramEmailSet = false;
redirectPath: string;
sessionId: string;
formGroup = this.formBuilder.group({ formGroup = this.formBuilder.group({
email: ["", [Validators.required, Validators.email]], email: ["", [Validators.required, Validators.email]],
@ -83,11 +85,17 @@ export class LoginComponent extends CaptchaProtectedComponent implements OnInit
this.route?.queryParams.subscribe((params) => { this.route?.queryParams.subscribe((params) => {
if (params != null) { if (params != null) {
const queryParamsEmail = params["email"]; const queryParamsEmail = params["email"];
this.redirectPath = params?.["redirectPath"];
this.sessionId = params?.["sessionId"];
if (queryParamsEmail != null && queryParamsEmail.indexOf("@") > -1) { if (queryParamsEmail != null && queryParamsEmail.indexOf("@") > -1) {
this.formGroup.get("email").setValue(queryParamsEmail); this.formGroup.get("email").setValue(queryParamsEmail);
this.loginService.setEmail(queryParamsEmail); this.loginService.setEmail(queryParamsEmail);
this.paramEmailSet = true; this.paramEmailSet = true;
} }
//use redirectPath to redirect to a specific page after successful login
if (this.redirectPath) {
this.successRoute = this.redirectPath;
}
} }
}); });
let email = this.loginService.getEmail(); let email = this.loginService.getEmail();
@ -142,7 +150,12 @@ export class LoginComponent extends CaptchaProtectedComponent implements OnInit
if (this.onSuccessfulLoginTwoFactorNavigate != null) { if (this.onSuccessfulLoginTwoFactorNavigate != null) {
this.onSuccessfulLoginTwoFactorNavigate(); this.onSuccessfulLoginTwoFactorNavigate();
} else { } else {
this.router.navigate([this.twoFactorRoute]); this.router.navigate([this.twoFactorRoute], {
queryParams: {
redirectPath: this.redirectPath,
sessionId: this.sessionId,
},
});
} }
} else if (response.forcePasswordReset != ForceResetPasswordReason.None) { } else if (response.forcePasswordReset != ForceResetPasswordReason.None) {
if (this.onSuccessfulLoginForceResetNavigate != null) { if (this.onSuccessfulLoginForceResetNavigate != null) {

12
libs/angular/src/auth/components/two-factor.component.ts
View File

@ -39,6 +39,8 @@ export class TwoFactorComponent extends CaptchaProtectedComponent implements OnI
formPromise: Promise<any>; formPromise: Promise<any>;
emailPromise: Promise<any>; emailPromise: Promise<any>;
identifier: string = null; identifier: string = null;
redirectPath: string;
sessionId: string;
onSuccessfulLogin: () => Promise<any>; onSuccessfulLogin: () => Promise<any>;
onSuccessfulLoginNavigate: () => Promise<any>; onSuccessfulLoginNavigate: () => Promise<any>;
@ -74,6 +76,15 @@ export class TwoFactorComponent extends CaptchaProtectedComponent implements OnI
if (qParams.identifier != null) { if (qParams.identifier != null) {
this.identifier = qParams.identifier; this.identifier = qParams.identifier;
} }
if (qParams.redirectPath != null) {
this.redirectPath = qParams.redirectPath;
this.successRoute = this.redirectPath;
}
if (qParams.sessionId != null) {
this.sessionId = qParams?.sessionId;
}
}); });
if (this.needsLock) { if (this.needsLock) {
@ -220,6 +231,7 @@ export class TwoFactorComponent extends CaptchaProtectedComponent implements OnI
this.router.navigate([this.successRoute], { this.router.navigate([this.successRoute], {
queryParams: { queryParams: {
identifier: this.identifier, identifier: this.identifier,
sessionId: this.sessionId,
}, },
}); });
} }

1
libs/common/src/vault/abstractions/fido2/fido2-user-interface.service.abstraction.ts
View File

@ -37,5 +37,6 @@ export abstract class Fido2UserInterfaceSession {
abortController?: AbortController abortController?: AbortController
) => Promise<void>; ) => Promise<void>;
informCredentialNotFound: (abortController?: AbortController) => Promise<void>; informCredentialNotFound: (abortController?: AbortController) => Promise<void>;
login: (userVerification: boolean) => Promise<{ userVerified: boolean }>;
close: () => void; close: () => void;
} }

9
libs/common/src/vault/services/fido2/fido2-authenticator.service.ts
View File

@ -3,6 +3,7 @@ import { CBOR } from "cbor-redux";
import { LogService } from "../../../platform/abstractions/log.service"; import { LogService } from "../../../platform/abstractions/log.service";
import { Utils } from "../../../platform/misc/utils"; import { Utils } from "../../../platform/misc/utils";
import { CipherService } from "../../abstractions/cipher.service"; import { CipherService } from "../../abstractions/cipher.service";
import { AuthService } from "../../../auth/abstractions/auth.service";
import { import {
Fido2AlgorithmIdentifier, Fido2AlgorithmIdentifier,
Fido2AutenticatorError, Fido2AutenticatorError,
@ -21,6 +22,7 @@ import { Fido2KeyView } from "../../models/view/fido2-key.view";
import { joseToDer } from "./ecdsa-utils"; import { joseToDer } from "./ecdsa-utils";
import { Fido2Utils } from "./fido2-utils"; import { Fido2Utils } from "./fido2-utils";
import { AuthenticationStatus } from "../../../auth/enums/authentication-status";
// AAGUID: 6e8248d5-b479-40db-a3d8-11116f7e8349 // AAGUID: 6e8248d5-b479-40db-a3d8-11116f7e8349
export const AAGUID = new Uint8Array([ export const AAGUID = new Uint8Array([
@ -37,6 +39,7 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
constructor( constructor(
private cipherService: CipherService, private cipherService: CipherService,
private userInterface: Fido2UserInterfaceService, private userInterface: Fido2UserInterfaceService,
private authService: AuthService,
private logService?: LogService private logService?: LogService
) {} ) {}
async makeCredential( async makeCredential(
@ -220,6 +223,12 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
); );
try { try {
const authStatus = await this.authService.getAuthStatus();
if (authStatus === AuthenticationStatus.LoggedOut) {
const response = await userInterfaceSession.login(params.requireUserVerification);
}
if ( if (
params.requireUserVerification != undefined && params.requireUserVerification != undefined &&
typeof params.requireUserVerification !== "boolean" typeof params.requireUserVerification !== "boolean"