1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-18 11:05:41 +01:00
Commit Graph

939 Commits

Author SHA1 Message Date
Oscar Hinton
e459e30c50
Add rel noreferrer to download link (#8006) 2024-02-20 11:13:18 +01:00
Oscar Hinton
196eddb391
Add rel=noreferrer to send register (#8004) 2024-02-19 16:18:15 +01:00
SmithThe4th
5b652092cd
[PM-5272] Migrate CollapsedGroupings to State Provider (#7954) 2024-02-16 12:53:24 -05:00
github-actions[bot]
111c102018
Autosync the updated translations (#7972)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-02-16 08:59:05 +00:00
Oscar Hinton
02dde0c0d3
[PM-6328] Checkmarx - Resolve warnings (#7941) 2024-02-15 16:25:53 -05:00
Jake Fink
b46eb274bb
only show hand off message on desktop (#7965) 2024-02-15 12:07:22 -05:00
Jake Fink
6562875a23
[PM-6302, PM-6303] Add duo state and connector message on browser/desktop (#7957)
* pass state for clients

* use redirect connector to set cookie with translations

* simplify duo redirect url validation
2024-02-14 18:00:38 -05:00
Spitfireap
973b95fe38
[PM-4871] Remove clickable row in favor of clickable cell content (#6911)
* Improved UX on vault items

* Remove clickable row in vault collections

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2024-02-14 17:52:45 -05:00
Jason Ng
3edf098aaf
PM-5274 Migrate Collection Service State (#7732)
* update collection service to use new state provider framework, remove stateservice from collection service, update collections state provider with migrate file and unit test
2024-02-14 17:03:03 -05:00
Ike
e5d4d4ad00
[PM-4612] [PM-6218] [PM-6219] Enable Duo redirect on Desktop Client (#7798)
* enable duo for desktop

* added missing return path in main.ts

* updated logic in component

* removed switch added await; updated logic in main.

* addressed subscription concerns in main; updated formatting in 2fa component

* Update Duo case in locales
2024-02-14 09:06:04 -08:00
Justin Baur
1ff7bdd014
[PM-6172] Run localStorage migrations for web (#7900)
* Create MigrationRunner

- Create MigrationRunner Service for running migrations in StateService
- Create web override so that migrations also run against `localStorage`

* Fix Web StateService

* Fix WebMigrationRunner

* Fix CLI

* Fix ElectronStateService

* Update Comment

* More Common Scenarios
2024-02-14 08:52:13 -05:00
Shane Melton
2a9d396a01
[PM-5757] Update local collection data when a collection is updated (#7940)
* [PM-5757] Update local data when a collection is updated

* [PM-5757] Use defer() for collections re-evaluate the promise on refresh$
2024-02-13 13:04:13 -08:00
rr-bw
aa11feec1b
Duo Redirect Handoff Message Fix (#7938)
* refactor handoff message countdown timer

* update documentation
2024-02-13 12:21:13 -08:00
Daniel James Smith
9980c3feb9
[PM-5459] Move libs/exporter to libs/tools/ (#7380)
* Move libs/exporter into libs/tools/*

Migrating all files from libs/exporter over to libs/tools/export/vault-export/vault-export-core
Rename package to vault-export-core
Fix all file paths

* Update libs and tsconfig imports

* Fix client imports

* Fix eslint, jest and package-lock.json

* Update CODEOWNERS

* Add README.md to whitelist-capital-letters

* Fix vault-export-service tests not running

* Update libs/tools/export/vault-export/README.md

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>

* Fix types imports

* Export types from vault-export-core

* Fixed content of README

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
2024-02-13 14:22:37 -05:00
Todd Martin
bdc951194e
[PM-5800] Remove passwordless-login feature flag (#7626)
* Removed passwordless-login feature flag

* Removed conditional on login component.

* Added back reference accidentally deleted.

* Fixed initialization of the service in tests.

* Removed unused private variable.

* Updated DI to remove configService

* Undid changes to workspace file.

* Undid all changes to workspace file

* Undid merge changes to collection dialog

* Linting
2024-02-13 11:15:16 -05:00
Jason Ng
fd8c26601a
PM-3231 Vault Onboarding Part 1 (#6905)
* Onboarding Component moved to web for sharing. Vault Onboarding Component created for new users. Still behind feature flag.
2024-02-12 11:43:43 -05:00
Alex Morask
373a865a76
Temporarily remove payment method warning banners (#7912) 2024-02-12 11:35:08 -05:00
Bitwarden DevOps
b37ba71712
Bumped browser,cli,desktop,web version to 2024.2.2 (#7909) 2024-02-12 14:53:55 +00:00
github-actions[bot]
cdd77f92e3
Autosync the updated translations (#7907)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-02-12 09:17:02 +00:00
Vincent Salucci
6b7edced8e
feat: remove collection enhancements beta badge, refs AC-2192 (#7896) 2024-02-09 15:41:02 -06:00
Alex Morask
b239e3736f
[AC-1607] Add offboarding survey to subscription pages (#7809)
* Add offboarding survey to subscription pages

* Cleaning up unused code

* Removing unused eslint suppression

* Product updates

* Jared's feedback
2024-02-09 12:08:46 -05:00
Vincent Salucci
783ae104a3
feat: add confirm collection enhancements dialog, refs AC-2113 (#7884) 2024-02-09 09:14:33 -06:00
github-actions[bot]
c36a38f74e
Autosync the updated translations (#7888)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-02-09 11:53:57 +00:00
Shane Melton
5c6245aaae
[AC-1124] Restrict admins from accessing items in the Collections tab (#7537)
* [AC-1124] Add getManyFromApiForOrganization to cipher.service.ts

* [AC-1124] Use getManyFromApiForOrganization when a user does not have access to all ciphers

* [AC-1124] Vault changes
- Show new collection access restricted view
- Include unassigned ciphers for restricted admins
- Restrict collections when creating/cloning/editing ciphers

* [AC-1124] Update edit cipher on page navigation to check if user can access the cipher

* [AC-1124] Hide ciphers from restricted collections

* [AC-1124] Ensure providers are not shown collection access restricted view

* [AC-1124] Modify add-edit component to call the correct endpoint when a restricted admin attempts to add-edit a cipher

* [AC-1124] Fix bug after merge with main

* [AC-1124] Use private this._organization

* [AC-1124] Fix broken builds
2024-02-08 14:07:42 -08:00
Jake Fink
304c492f24
[PM-5364] Create SSO Login Service and add state ownership (#7485)
* create sso service

* rename sso service to sso-login service

* rename service

* add references to sso login service and update state calls

* fix browser

* fix desktop

* return promises

* remove sso state from account and global objects

* more descriptive org sso identifier method names

* fix sso tests

* fix tests
2024-02-08 12:44:35 -05:00
Shane Melton
c2ed6383c6
[AC-2117] Update access selector to update permission list when flexible collections flag is updated (#7847) 2024-02-08 09:35:38 -08:00
Shane Melton
c26f1fbf0e
[AC-2115] Update admin view to also collection check manage flag (#7848) 2024-02-07 14:31:09 -08:00
Shane Melton
2e11fb2a24
[AC-1899] Fix Collection Access Model Resetting (#7612)
* [AC-1899] Only take the first emission of feature flags and organizations to avoid overwriting form values

* [AC-1899] Fix flexibleCollections flag to update when selected org changes

* [AC-1899] Prettier
2024-02-07 11:08:07 -08:00
Bitwarden DevOps
83480e20ed
Bumped web version to 2024.2.1 (#7844) 2024-02-07 18:32:34 +00:00
Jared Snider
0eb9e760aa
PM-5727 - Per product, remove passkeyEnterMasterPassword text from passkey creation dialog as it isn't correct when user logs in with a passkey and the user is presented with an OTP verification. (#7820) 2024-02-07 15:38:14 +00:00
Vincent Salucci
c285a07e16
fix: show grant collection access helper text, refs AC-2147 (#7830) 2024-02-06 15:40:37 -06:00
Shane Melton
78008a9e1e
[PM-5277] Migrate Sync Service to State Provider (#7680)
* [PM-5277] Introduce lastSync state via State Providers

* [PM-5277] Add migrator and tests

* [PM-5277] Use memory for web storage location

* [PM-5277] Remove lastSync methods from state service

* [PM-5277] Remove lastSync from AccountProfile

* [PM-5277] Use string instead of Date to fix serialization for chrome.storage API in Browser

* [PM-5277] Only set account if lastSync was deleted during migration

* [PM-5277] Fix spec file
2024-02-06 12:00:41 -08:00
SmithThe4th
7e00ece092
[PM-5276] Migrate FolderService to state providers (#7682)
* added state definitionand key definition for folder service

* added data migrations

* created folder to house key definitions

* deleted browser-folder-service and added state provider to the browser

* exposed decrypt function so it can be used by the key definition, updated folder service to use state provider

* removed memory since derived state is now used

* updated test cases

* updated test cases

* updated migrations after merge conflict fix

* added state provider to the folder service constructor

* renamed migration file

* updated comments

* updated comments

* removed service registartion from browser service module and removed unused set and get encrypted folders from state service

* renamed files

* added storage location overides and removed extra methods
2024-02-06 14:51:02 -05:00
Jake Fink
816bcf4f39
[PM-5255] Create login strategy service (#7750)
* refactor login strategies into own service

* create login service factory

* replaces instances of authService with loginStrategyService

* replace more instances of authService

* move logout back to auth service

* add browser dependencies

* fix desktop dependencies

* fix cli dependencies

* fix lint and test files

* fix anonymous hub deps

* fix webauthn-login service deps

* add loginstrategyservice to bg

* move login strategy service and models to auth folder

* revert changes to tsconfig

* use alias for imports

* fix path

---------

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2024-02-05 14:26:41 -05:00
Jared Snider
c91ceb2014
Auth/PM-5368 & PM-4613 - Web & Browser - Add support for new 2FA Duo Frameless Redirect flow (#7670)
* [PM-5368] Open Duo auth url. Add BroadcastChannel listener for duo result.

* [PM-5368] Remove debug line. Use PlatformUtilService to launch Uri.

* PM-5368 - Some progress on getting new frameless duo implementation in place

* PM-5368 - Base2FAComp - Save off duoFramelessUrl for use later on as user must be given the option to remember the device before launching the duo frameless flow in the new tab.

* PM-5368 - Web - 2FA Comp - (1) Only show larger width when showing backwards compatible duo (2) Stack buttons per new design (3) selectedProviderType === providerType.OrganizationDuo is correct check for when org requires DUO

* PM-5368 - Web - 2FA Comp - translate duo stuff

* PM-4613 - Browser 2FA - Get most of DUO frameless in place. WIP. Must figure out how to transfer state from popup to popout + add popout logic to auth-popout-windows.ts. Converted existing useAnotherTwoStepMethod button to use new comp lib bitButton per design.

* PM-4613 - Browser 2FA Comp - (1) HTML - add margin around duo frameless text to match figma (2) Get popout extension logic working properly - now closes existing popup

* PM-4613 - TODO figure out communication between web and browser as broadcast channel will not work.

* PM-5368 - Base comp + web changes - (1)  Base component now has a setupDuoResultListener method for child classes to override (2) Web overrides setupDuoResultListener and cleans up broadcast channel once a duo result comes through.

* PM-4613 - Browser - (1) Add window message handling to content-message-handler content script to pass along the duo result message to the browser extension (2) 2FA comp - override setupDuoResultListener and use browserMessagingApi to listen to duoResult and submit when it comes through.

* PM-5368 - Web - 2FA comp - only clean up duo result channel on ngDestroy so that user can re-submit if an error occurs.

* PM-5368 and PM-4613 - (1) Update base 2FA comp to only initialize duo result listener once as init is called any time the user changes 2FA option if multiple are present (duo org and duo personal) (2) Each client now will only create a listener once even if it is called more than once (3) On web, only try to clean up the duoResultChannel if it was created to avoid erroring on other 2FA methods.

* PM-5368 - Base 2FA comp - add TODO to remove duo SDK handling once we remove the duo-redirect flag

* PM-5368 - Per PR feedback, avoid repetition of duo provider check by using a new public property for isDuoProvider

* PM-4613 -  Per PR feedback: (1) Deconstruct code out of data (2) Add test for duoResult.

---------

Co-authored-by: André Bispo <abispo@bitwarden.com>
2024-02-05 13:23:50 -05:00
Cesar Gonzalez
25711afaf6
[PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3 (#7800)
* [PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3

* [PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3

* [PM-5976] Removing usage of pinging system and keeping reworked top-level registration of window message listener events

* [PM-5976] Pulling the implementation of the static content script delcaration for the content-message-handler file to the top of the list of content_scripts

* [PM-5976] Pulling the implementation of the static content script delcaration for the content-message-handler file to the top of the list of content_scripts

* [PM-5976] Removing the useCapture value within the window message event listener
2024-02-05 15:23:17 +00:00
Mark Youssef
1d49e970ba
Update year in CNET review to 2024 (#7775) 2024-02-03 23:17:41 +00:00
Jared Snider
d047723f04
Auth & Autofill / PM-5976 - Safari Browser SSO Initialization Race Condition Attempted Fix 2 (#7794)
* Implementing pinging system for SSO to address issue on Safari with race condition

* Implementing pinging system for SSO to address issue on Safari with race condition

* [PM-5976] Updating references within sso.ts

---------

Co-authored-by: Cesar Gonzalez <cgonzalez@bitwarden.com>
2024-02-02 21:23:15 +00:00
Will Martin
cb8849c355
Add eslint rule no-floating-promises (#7789)
* add eslint rule no-floating-promises

* add eslint-disable comment to offending lines
2024-02-02 15:13:37 -05:00
Jared Snider
6e96964c1a
Auth/PM-5976 - Safari Browser SSO Initialization Race Condition Attempted Fix (#7793)
* PM-5976 - Only try to initiate browser SSO when document is ready to avoid race condition between browser content script message listener being registered and the browser sso initiating message being sent.

* PM-5976 - adjust initiateBrowserSsoIfDocumentReady per PR feedback
2024-02-02 18:53:11 +00:00
github-actions[bot]
3a993a68aa
Autosync the updated translations (#7780)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-02-02 16:11:13 +00:00
Shane Melton
38d1b26784
Include DEV_FLAGS in Web webpack environment plugin (#7772) 2024-02-02 08:56:09 -05:00
Shane Melton
5182918faa
[AC-2115] Hide delete collection button in collection dialog (#7757)
* [AC-2115] Hide delete collection button based on collection management setting

* [AC-2115] Copy manage flag from sync'd collection
2024-02-01 09:07:14 -08:00
Colton Hurst
01781848f3
SM-904: Remove SecretsManagerBeta (Phase 2) (#6891)
* SM-904: Remove SecretsManagerBeta

* SM-904: Remove additional places sm beta is used

* SM-904: Remove unused SM Beta messages
2024-01-31 17:09:35 -05:00
Shane Melton
3cf17d1073
[PM-5936] Add additional null organization checks (#7707) 2024-01-31 11:27:50 -08:00
rr-bw
2511ae959a
[PM-5384] Add Countdown Timer to Duo Redirect (#7694)
* add countdown timer if a number is provided in duoHandOffMessage

* add documentation

* refactor to use object for handOffMessage
2024-01-30 12:37:02 -08:00
Jared Snider
88f13d3be5
PM-5762 - DeepLinkGuard - Fix issue in which org invite acceptance was broken due to us not properly checking for the lock url; if an org name or org user email contained lock, then the login redirect url would not persist and take the user to the accept org invite page after login. (#7744) 2024-01-30 18:00:32 +00:00
Jared Snider
faabb3bbe9
PM-5384 - Refactor duo redirect connector to use messaging to communicate with browser extension similar to SSO process as BroadcastChannel can only communication on same origins (not web to browser extension). (#7736) 2024-01-29 23:03:58 +00:00
Justin Baur
33b26ecfb4
Use OBSERVABLE_MEMORY_STORAGE (#7735) 2024-01-29 15:42:52 -05:00
Matt Gibson
1da6733e71
JSON stringify memory items (#7731)
* JSON stringify memory items

stringification is required so they can be reliably sent through messaging

* Simplify null handling
2024-01-29 19:42:58 +00:00