* PM-2403 - (1) Fix issue with Safari's tab extension not closing after successful SSO Login + 2FA continue which sidesteps the inconsistent MP invalid issue (due to invalid KDF config settings on reload) -- Firefox + sidebar, opera + sidebar, chrome, safari, and edge tested (2) Refactor reload logic to exempt the current window from the reload logic as we really only need to reload sidebars so they end up on the lock screen vs staying on the login screen and we are just going to close the open extension running in the tab. (3) Added comments
* PM-2403 - Per PR feedback, update reloadOpenWindows exemptCurrentHref filter to properly work
* PM-2403 - Per PR feedback, remove unneeded new method and replace with existing method closeBitwardenExtensionTab after testing on all browsers (apparently the chrome.tabs namespace is supported in all major browsers that we support now)
* PM-2403 - Refactor sync to be kicked off earlier in the process b/c to make sure that closing the window does not abort it
* PM1378 - (1) Create state service methods for securely storing a device symmetric key while following existing pattern of DuckDuckGoKey generation (2) Create makeDeviceKey method on crypto service which leverages the new state service methods for storing the device key.
* PM-1378 - Document CSPRNG types w/ comments explaining what they are and when they should be used.
* PM-1378 - TODO to add tests for makeDeviceKey method
* PM-1378 - Create Devices API service for creating and updating device encrypted master keys + move models according to latest code standards ( I think)
* PM-1378 - TODO clean up - DeviceResponse properly moved next to device api service abstraction per ADR 0013
* PM-1378 - CryptoService makeDeviceKey test written
* PM-1378 - Tweak crypto service makeDeviceKey test to leverage a describe for the function to better group related code.
* PM-1378 - Move known devices call out of API service and into new devices-api.service and update all references. All clients building.
* PM-1378 - Comment clean up
* PM-1378 - Refactor out master key naming as that is a reserved specific key generated from the MP key derivation process + use same property on request object as back end.
* PM-1378 - Missed a use of master key
* PM-1378 - More abstraction updates to remove master key.
* PM-1378 - Convert crypto service makeDeviceKey into getDeviceKey method to consolidate service logic based on PR feedback
* PM-1378- Updating makeDeviceKey --> getDeviceKey tests to match updated code
* PM-1378 - Current work on updating establish trusted device logic in light of new encryption mechanisms (introduction of a device asymmetric key pair in order to allow for key rotation while maintaining trusted devices)
* PM-1378 - (1) CryptoService.TrustDevice() naming refactors (2) Lots of test additions and tweaks for trustDevice()
* PM-1378 - Updated TrustedDeviceKeysRequest names to be consistent across the client side board.
* PM-1378 - Move trusted device crypto service methods out of crypto service into new DeviceCryptoService for better single responsibility design
* PM-1378 - (1) Add getDeviceByIdentifier endpoint to devices api as will need it later (2) Update TrustedDeviceKeysRequest and DeviceResponse models to match latest server side generic encrypted key names
* PM-1378 - PR feedback fix - use JSDOC comments and move from abstraction to implementation
* PM-1378 - Per PR feedback, makeDeviceKey should be private - updated tests with workaround.
* PM-1378- Per PR feedback, refactored deviceKey to use partialKey dict so we can associate userId with specific device keys.
* PM-1378 - Replace deviceId with deviceIdentifier per PR feedback
* PM-1378 - Remove unnecessary createTrustedDeviceKey methods
* PM-1378 - Update device crypto service to leverage updateTrustedDeviceKeys + update tests
* PM-1378 - Update trustDevice logic - (1) Use getEncKey to get user symmetric key as it's the correct method and (2) Attempt to retrieve the userSymKey earlier on and short circuit if it is not found.
* PM-1378 - Replace deviceId with deviceIdentifier because they are not the same thing
* PM-1378 - Per PR feedback, (1) on web/browser extension, store device key in local storage under account.keys existing structure (2) on desktop, store deviceKey in secure storage. (3) Exempt account.keys.deviceKey from being cleared on account reset
* PM-1378 - Desktop testing revealed that I forgot to add userId existence and options reconciliation checks back
* PM-1378 - Per discussion with Jake, create DeviceKey custom type which is really just an opaque<SymmetricCryptoKey> so we can more easily differentiate between key types.
* PM-1378 - Update symmetric-crypto-key.ts opaque DeviceKey to properly setup Opaque type.
* PM-1378 - Fix wrong return type for getDeviceKey on DeviceCryptoServiceAbstraction per PR feedback
* [AC-561] Rename DeleteOrganizationComponent to DeleteOrganizationDialogComponent
* [AC-561] Refactor delete organization dialog to use dialog service
- Use new bit-dialog
- Use reactive form and bitSubmit directives
- Add injected dialog params
- Switch to observable pattern
- Use dialog result instead of success event emitter
- Add helper method to open dialog using dialog service
- Update usage in families-for-enterprise-setup.component.ts and account.component.ts
* [AC-561] Create a UserVerification module
Move the user verification components into their own module that can be imported in multiple modules without conflict and allow tree shaking.
* [AC-561] Move delete-organization-dialog into its own folder
* [AC-561] Create delete organization dialog module
* [AC-561] Cleanup delete org dialog import statements
* [AC-561] Remove unused property
* [AC-561] Use organization observable from organizationService
* [AC-561] Use organization object instead of pull out storing the name individually
* [AC-561] Make the delete organization dialog a standalone component
- Remove the delete organization dialog module
- Move the dialog component up a directory
- Remove references to the deleted module
* [AC-561] Fix DialogServiceAbstraction references after merge
* [AC-561] Cleanup dialog loading spinner and cancel button
* [AC-561] Fix broken barrel file after merge
* [PM-169][PM-142][PM-191] Add Environments to Web and Desktop (#5294)
* [PM-1351] Add property to server-config.response. Change config to be able to fetch without being authed.
* [PM-1351] fetch every hour.
* [PM-1351] fetch on vault sync.
* [PM-1351] browser desktop fetch configs on sync complete.
* [PM-1351] Add methods to retrieve feature flags
* [PM-1351] Add enum to use as key to get values feature flag values
* [PM-1351] Remove debug code
* [PM-1351] Get flags when unauthed. Add enums as params. Hourly always fetch.
* [PM-1351] add check for authed user using auth service
* [PM-169] Web: add drop down to select environment
* [PM-169] Fix pop up menu margins. Add DisplayEuEnvironmentFlag.
* [PM-169] Change menu name.
* [PM-169] Add environment selector ts and html. Add declaration and import on login.module
* [PM-169] Add environment selector to desktop.
* [PM-169] Ignore lint error.
* [PM-169] add takeUntil to subscribes
* [PM-191] PR Fixes, code format
* [PM-168] Add Environments to extension login/registration (#5434)
Angular 15 introduced a breaking change that calls setDisabledState() whenever a CVA is added. This was re-enabling all the internal form group rows (even those that should have remained disabled).
* Remove reference cycle between ThemingService and the global window object
* Deregister messageListeners on a safari popup to avoid mem leaks
* Use pagehide event instead of unload
* [PM-1796] The autofill keyboard shortcut does not prompt a user to unlock a locked extension within an incongito browsing session
* [PM-1796] Implementing fixes for how we handle focus redirection when logging a user in and attempting to autofill within the Firefox Workspaces addon
* [PM-1796] Removing the `openerTab` value from the createNewTab method within brwoserApi.ts
* [PM-1796] Removing async declaration from createNewTab
* [PM-1796] Removing unnecessary param from the call to openBitwardenExtrensionTab
* [AC-358] Add selfHostSubscriptionExpiration property to organization-subscription.response.ts
* [AC-358] Update selfHost org subscription template
- Replace "Subscription" with "SubscriptionExpiration"
- Add question mark help link
- Add helper text for grace period
- Add support for graceful fallback in case of missing grace period in subscription response
* Update libs/common/src/billing/models/response/organization-subscription.response.ts
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-358] Remove unnecessary hypen
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-358] Introduce SelfHostedOrganizationSubscription view
- Encapsulate expiration/grace period logic in the new view object.
- Remove API response getters from the angular component
- Replace the API response object with the new view
* [AC-358] Clarify name for new expiration without grace period field
* [AC-358] Update constructor parameter name
* [AC-358] Simplify new selfhost subscription view
- Make expiration date properties public
- Remove obsolete expiration date getters
- Update the component to use new properties
- Add helper to component for determining if the subscription should be rendered as expired (red text)
* [AC-358] Rename isExpired to isExpiredAndOutsideGracePeriod to be more explicit
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [PM-2054] Updated Password Generator History to use Component Library
* [PM-2054] Corrected paddings
* [PM-2054] Added missing type to buttons
* [PM-2054] Removed unused imports and run prettier
* [PM-2054] Swap list by bit-table
* [PM-1389] don't include background page while reloading windows
* [PM-1389] update sidebar action apis
* [PM-1389] simplify return from getSidebarAction
* [PM-1380] fix device type call after browser api change
* [AC-1145] Add TDE feature flag
* [AC-1145] Update sso-config to use new member decryption type and remove keyConnectorEnabled
* [AC-1145] Add new TDE option to SSO config form and update to CL radio buttons
* [AC-1145] Update checkboxes to CL checkboxes
* [AC-1145] Fix messages.json warning
* [AC-1145] Update to new form async actions
* [AC-1145] Modify key connector option display logic to check for TDE feature flag
* [AC-1145] Remove obsolete app-checkbox component
* [AC-1145] Update TDE option description to refer to master password reset policy
* Checking if the user has selected access tokens to revoke, if not error message
* change messaging
* SM-664: Refactor revoke function and make the bwi-minus-circle red
---------
Co-authored-by: Colton Hurst <colton@coltonhurst.com>