* add new premium component
* finish new premium component
* revert change to config service
* hide copy changes behind feature flag
* revert keys back to original
* remove stateService and translation key
* add missing translation key
* add missing key
* Updated all sets of user key to pass in userId
* Added userId on auth request login.
* Fixed tests.
* Fixed tests to pass in UserId
* Added parameter to tests.
* Addressed PR feedback.
* Merged main
* Fix account switcher on logged out account on startup
* Undo space removal
* Add additional checks for null values
* Fix account switching on timeout on browser
* send list items container
* update send list items container
* finalize send list container
* remove unecessary file
* undo change to config
* prefer use of takeUntilDestroyed
* add send items service
* and send list filters and service
* undo changes to jest config
* add specs for send list filters
* Revert "Merge branch 'PM-9853' into PM-9852"
This reverts commit 9f65ded13f, reversing
changes made to 63f95600e8.
* add send items service
* Revert "Revert "Merge branch 'PM-9853' into PM-9852""
This reverts commit 81e9860c25.
* finish send search
* fix formControlName
* add specs
* finalize send search
* layout and copy fixes
* cleanup
* Remove unneeded empty file
* Remove the erroneous addition of send-list-filters to vault-export tsconfig
* update tests
* hide send list filters for non-premium users
* fix and add specss
* Fix small typo
* Re-add missing tests
* Remove unused NgZone
* Rename selector for send-search
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
* Update unix biometrics for desktop biometrics rework
* Implement polkit policy setup
* Enable browser integration on Linux
* Remove polkit policy file
* Undo change to messages.json
* Fix biometrics setup, implement missing functions
* Implement osSupportsBiometrics
* Fix polkit settings message
* Remove unwraps in biometrics unix rust module
* Force password reprompt on start on linux with biometrics
* Merge branch 'main' into feature/unix-biometrics
* Allow browser extension to be unlocked on Linux via Polkit
* Implement availability check
* Cleanup
* Add auto-setup, manual setup, setup detection and change localized prompts
* Implement missing methods
* Add i18n to polkit message
* Implement missing method
* Small cleanup
* Update polkit consent message
* Fix unlock and print errors on failed biometrics
* Add dependencies to core crate
* Fix reference and update polkit policy
* Remove async-trait
* Add tsdoc
* Add comment about auto setup
* Delete unused init
* Update help link
* Remove additional settings for polkit
* Add availability-check to passwords implementation on linux
* Add availability test
* Add availability check to libsecret
* Expose availability check in napi crate
* Update d.ts
* Update osSupportsBiometric check to detect libsecret presence
* Improve secret service detection
* Add client half to Linux biometrics
* Fix windows build
* Remove unencrypted key handling for biometric key
* Move rng to rust, align linux bio implementation with windows
* Consolidate elevated commands into one
* Disable snap support in linux biometrics
---------
Co-authored-by: DigitallyRefined <129616584+DigitallyRefined@users.noreply.github.com>
Enables one of the recommended rules of @angular-eslint. Since this rule was fairly trivial to fix and has no QA effects it seemed reasonable to migrate all code.
* Remove old biometrics masterkey logic
* Move shared ipc keys to main process
* Allow browser extension unlock while desktop is locked
* Dynamicall detect biometrics on desktop lock screen
* Remove old biometrics masterkey logic
* Move shared ipc keys to main process
* Update apps/desktop/src/platform/services/ephemeral-value-storage.main.service.ts
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
* Extract ephemeral store functions to it's own object
---------
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
* Enable system lock detection on linux
* Fix order of vault timeout options
* Port to new plit core / napi desktop native crates
* Make unimplemented implementation panic for on_lock
* Remove unecessary String::from
* Update cargo lock
* Extract generation of vault timeout options
* setup SetPassword component
* accept query params
* add InputPasswordComponent to template
* add route
* add dynamic translation with org name
* feature flag route
* setup onInit
* add set password logic
* move to libs
* remove comments
* update AuthGuard routing
* use ToastService
* replace deprecated methods
* replace orgId input with policy input
* use getter for msg instead of ngOnInit
* cleanup
* refactor to use services
* more refactoring of service
* address browser routing and translations
* add desktop service
* simplify queryParam handler
* remove ngOnDestroy
* small edits
* use inject()
* add jsdocs
* create basic tests
* add success toasts on successfuly set password
* add tests
* update feature-flag
* move model to service
* refactor client services to override setPassword()
* add error handling to setPassword()
* move auto enroll logic to service
* update tests
* fix test
* adjust padding on password-callout list
* revert refactor of auto enroll logic
* refactor keyPair generation to own method
* update page title and button text
* update pageSubtitle and translations
* fix test
* Add shared duo component
* Fix duo import
* Fix wrong i18n service DI in duo desktop component
* Remove duo v2
* Add override to functions
* Remove web duo implementation
* Update apps/browser/src/auth/popup/two-factor-auth-duo.component.ts
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
* Update apps/desktop/src/auth/two-factor-auth-duo.component.ts
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
* Update libs/angular/src/auth/components/two-factor-auth/two-factor-auth-duo.component.ts
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
* Fix missing service on duo components
* Fix missing service on base duo auth component
* Fix constructor super calls in duo auth component
* Fix duo auth components incorrectly extending base class
---------
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
* PM-6198 - Majority of client work done; WIP on registration finish comp
* PM-6198 - Registration Finish - Add registerVerificationEmailClicked logic
* PM-6198 - RegistrationLinkExpired component; added translations on other clients just in case we use the component on other clients in the future.
* PM-6198 - Clean up comment
* [PM-6426] Create TaskSchedulerService and update usage of long lived timeouts
* [PM-6426] Implementing nextSync timeout using TaskScheduler
* [PM-6426] Implementing systemClearClipboard using TaskScheduler
* [PM-6426] Fixing race condition with setting/unsetting active alarms
* [PM-6426] Implementing clear clipboard call on generatePasswordToClipboard with the TaskSchedulerService
* [PM-6426] Implementing abortTimeout for Fido2ClientService using TaskSchedulerService
* [PM-6426] Implementing reconnect timer timeout for NotificationService using the TaskSchedulerService
* [PM-6426] Implementing reconnect timer timeout for NotificationService using the TaskSchedulerService
* [PM-6426] Implementing sessionTimeout for LoginStrategyService using TaskSchedulerService
* [PM-6426] Implementing eventUploadInterval using TaskScheduler
* [PM-6426] Adding jest tests for the base TaskSchedulerService class
* [PM-6426] Updating jest tests for GeneratePasswordToClipboardCommand
* [PM-6426] Setting up the full sync process as an interval rather than a timeout
* [PM-6426] Renaming the scheduleNextSync alarm name
* [PM-6426] Fixing dependency references in services.module.ts
* [PM-6426] Adding jest tests for added BrowserApi methods
* [PM-6426] Refactoring small detail for how we identify the clear clipboard timeout in SystemService
* [PM-6426] Ensuring that we await clearing an established scheduled task for the notification service
* [PM-6426] Changing the name of the state definition for the TaskScheduler
* [PM-6426] Implementing jest tests for the BrowserTaskSchedulerService
* [PM-6426] Implementing jest tests for the BrowserTaskSchedulerService
* [PM-6426] Adding jest tests for the base TaskSchedulerService class
* [PM-6426] Finalizing jest tests for BrowserTaskScheduler class
* [PM-6426] Finalizing documentation on BrowserTaskSchedulerService
* [PM-6426] Fixing jest test for LoginStrategyService
* [PM-6426] Implementing compatibility for the browser.alarms api
* [PM-6426] Fixing how we check for the browser alarms api
* [PM-6426] Adding jest tests to the BrowserApi implementation
* [PM-6426] Aligning the implementation with our code guidelines for Angular components
* [PM-6426] Fixing jest tests and lint errors
* [PM-6426] Moving alarms api calls out of BrowserApi and structuring them within the BrowserTaskSchedulerService
* [PM-6426] Reworking implementation to register handlers separately from the call to those handlers
* [PM-6426] Adjusting how we register the fullSync scheduled task
* [PM-6426] Implementing approach for incorporating the user UUID when setting task handlers
* [PM-6426] Attempting to re-work implementation to facilitate userId-spcific alarms
* [PM-6426] Refactoring smaller details of the implementation
* [PM-6426] Working through the details of the implementation and setting up final refinments
* [PM-6426] Fixing some issues surrounding duplicate alarms triggering
* [PM-6426] Adjusting name for generate password to clipboard command task name
* [PM-6426] Fixing generate password to clipboard command jest tests
* [PM-6426] Working through jest tests and implementing a method to guard against setting a task without having a registered callback
* [PM-6426] Working through jest tests and implementing a method to guard against setting a task without having a registered callback
* [PM-6426] Implementing methodology for having a fallback to setTimeout if the browser context is lost in some manner
* [PM-6426] Working through jest tests
* [PM-6426] Working through jest tests
* [PM-6426] Working through jest tests
* [PM-6426] Working through jest tests
* [PM-6426] Finalizing stepped setInterval implementation
* [PM-6426] Implementing Jest tests for DefaultTaskSchedulerService
* [PM-6426] Adjusting jest tests
* [PM-6426] Adjusting jest tests
* [PM-6426] Adjusting jest tests
* [PM-6426] Fixing issues identified in code review
* [PM-6426] Fixing issues identified in code review
* [PM-6426] Removing user-based alarms and fixing an issue found with setting steppedd alarm interavals
* [PM-6426] Removing user-based alarms and fixing an issue found with setting steppedd alarm interavals
* [PM-6426] Fixing issue with typing information on a test
* [PM-6426] Using the getUpperBoundDelayInMinutes method to handle setting stepped alarms and setTimeout fallbacks
* [PM-6426] Removing the potential for the TaskScheduler to be optional
* [PM-6426] Reworking implementation to leverage subscription based deregistration of alarms
* [PM-6426] Fixing jest tests
* [PM-6426] Implementing foreground and background task scheduler services to avoid duplication of task scheudlers and to have the background setup as a fallback to the poopup tasks
* [PM-6426] Implementing foreground and background task scheduler services to avoid duplication of task scheudlers and to have the background setup as a fallback to the poopup tasks
* [PM-6426] Merging main into branch
* [PM-6426] Fixing issues with the CLI Service Container implementation
* [PM-6426] Reworking swallowed promises to contain a catch statement allow us to debug potential issues with registrations of alarms
* [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService
* [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService
* [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService
* [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService
* [PM-6426] Adjusting implementation based on code review feedback
* [PM-6426] Reworking file structure
* [PM-6426] Reworking file structure
* [PM-6426] Adding comments to provide clarity on how the login strategy cache experiation state is used
* [PM-6426] Catching and logging erorrs that appear from methods that return a promise within VaultTimeoutService
* Prevent account switching race condition on desktop
This enables us to allow background thread / multithread bulk decryption on desktop.
* Disable account switcher component during switching
* Add shared two-factor-options component
* Add new refactored two-factor-auth component and totp auth componnet behind feature flag
* Fix default value for twofactorcomponentrefactor featureflag
* PM-7321 - Temp add input password
* PM-7321 - update input password based on latest PR changes to test.
* PM-7321 - Progress on testing input password component + RegistrationFinishComponent checks
* PM-7321 - more progress on registration finish.
* PM-7321 - Wire up RegistrationFinishRequest model + AccountApiService abstraction + implementation changes for new method.
* PM-7321 - WIP Registration Finish - wiring up request building and API call on submit.
* PM-7321 - WIP registratin finish
* PM-7321 - WIP on creating registration-finish service + web override to add org invite handling
* PM-7321 - (1) Move web-registration-finish svc to web (2) Wire up exports (3) wire up RegistrationFinishComponent to call registration finish service
* PM-7321 - Get CLI building
* PM-7321 - Move all finish registration service and content to registration-finish feature folder.
* PM-7321 - Fix RegistrationFinishService config
* PM-7321 - RegistrationFinishComponent- handlePasswordFormSubmit - error handling WIP
* PM-7321 - InputPasswordComp - Update to accept masterPasswordPolicyOptions as input instead of retrieving it as parent components in different scenarios will need to retrieve the policies differently (e.g., orgInvite token in registration vs direct call via org id post SSO on set password)
* PM-7321 - Registration Finish - Add web specific logic for retrieving master password policies and passing them into the input password component.
* PM-7321 - Registration Start - Send email via query param to registration finish page so it can create masterKey
* PM-7321 - InputPassword comp - (1) Add loading input (2) Add email validation to submit logic.
* PM-7321 - Registration Finish - Add submitting state and pass into input password so that the rest of the registration process keeps the child form disabled.
* PM-7321 - Registration Finish - use validation service for error handling.
* PM-7321 - All register routes must be dynamic and change if the feature flag changes.
* PM-7321 - Test registration finish services.
* PM-7321 - RegisterRouteService - Add comment documenting why the service exists.
* PM-7321 - Add missing input password translations to browser & desktop
* PM-7321 - WebRegistrationFinishSvc - apply PR feedback
* feat: catch and log exceptions during migration
* Revert "feat: catch and log exceptions during migration"
This reverts commit d68733b7e5.
* feat: use log service to log migration errors
* fix: handle undefined value in migration 66
* fix: the if-statement was typo
* feat: duplicate error behavior in fake storage service
* feat: fix all migrations that were setting undefined values
* feat: add test for disabled fingrint in migration 66
* fix: default single user state saving undefined value to state
* revert: awaiting floating promise
gonna fix this in a separate PR
* Revert "feat: fix all migrations that were setting undefined values"
This reverts commit 034713256c.
* feat: automatically convert save to remove
* Revert "fix: default single user state saving undefined value to state"
This reverts commit 6c36da6ba5.
* Move vault-timeout-input to @bitwarden/auth/angular
Move vault-timeout-input.component.ts to @bitwarden/auth/angular/vault-timeout-input
Expose via barrel file
Fix imports on clients
* Add dependencies to package.json
Not necessary right now, but good practice for once we move to building each package independently
* Make VaultTimeoutInputComponent a standalone component
* Update selector to present team ownership
* Use new standalone on web
Move vault-timeout-input.component.html to @bitwarden/auth/angular/vault-timeout-input/
Delete old vault-timeout-input.component on web
Register new component on loose-components-module
Update used selector in preferences.component
* Remove unneeded export of VaultTimeoutInputComponent
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add export-web.component
Introduce new export-web component
Delete old component
export.module - With export-web being standalone there's no need for a importModule
Change routing to load new component
* Prepare export.component to receive a orgId via the hosting-component
* Remove unused onSaved as it's replaced by onSuccessfulExport
* Refactor org-vault-export.component
Introduce new org-vault-export.component.html as the old component relied on the markup from password manager
Refactor org-vault-export.component
Retrieve organizationId from Route and pass it into the shared export.component
Ensure when exporting from AC to include all data from the selected org
org-vault-export.module - With the new component being standalone there's no need for a importModule
Change routing to load new org-vault-export component
* PM-8641 - Add success toast to base-export component
This ensures a success toast is shown on all clients consistently
Add missing entries into clients messages.json
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [deps] Platform: Update argon2 to v0.40.1
* Update inclusion in context isolation
* Ensure node-gyp available for mac builds
Mac runners seem to have progressed above python 3.12, which removed `distutils`. We need to ensure it's installed for node-gyp compilations.
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* utilizing locale service in duo
* refactor launchDuoUri method
* Add cookie information back in ext. and desktop to support backwards compatibility
* Update duo-redirect.ts
fixing comment
* Removed - button on passkeys and uris when user has view only access, disabled cog button and made input fields on uris readonly when user has view only access
(cherry picked from commit 077edd77c1)
* switched to use viewonly to hide remove button
(cherry picked from commit dbd854494f)
* Migrate all tools owned toasts to use CL ToastService instead of PlatformUtilsService
* Fix test that was missing a mock
* Fix double checking file and file-content selection
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* setup for InputPasswordComponent and basic story
* add all input fields
* add translated error messages
* update validation
* add password-callout
* update hint text
* use PolicyService in component
* setup SetPasswordComponent
* remove div
* add default button text
* add mocks for InputPassword storybook
* simplify ngOnInit
* change param and use PolicyApiService
* check for breaches and validate against policy
* user toastService
* use useValue for mocks
* hash before emitting
* validation cleanup and use PreloadedEnglishI18nModule
* add ngOnDestroy
* create validateFormInputsDoNotMatch fn
* update validateFormInputsComparison and add deprecation jsdocs
* rename validator fn
* fix bugs in validation fn
* cleanup and re-introduce services/logic
* toggle password inputs together
* update hint help text
* remove SetPassword test
* remove master key creation / hashing
* add translations to browser/desktop
* mock basic password-strength functionality
* add check for controls
* hash before emitting
* type the EventEmitter
* use DEFAULT_KDF_CONFIG
* emit master key
* clarify comment
* update password mininum help text to match org policy requirement
* PM-7324 - Register new registration start comp at signup route on web
* PM-7324 - Add registerSendVerificationEmail logic in API service layer.
* PM-7324 - Update registration start comp to actually send information to API and trigger email.
* PM-7324 - progress on opt in for marketing emails redesign.
* PM-7324 - Add feature flag and feature flag guard to sign up route.
* PM-7324 - RegistrationEnvSelector - emit initial value
* PM-7324 - Registration Start comp - wire up setReceiveMarketingEmailsByRegion logic.
* PM-7324 - Registration start html - use proper link for email pref management.
* PM-7324 - Translate text
* PM-7324 - Design pass
* PM-7324 - design pass v2
* PM-7324 - Update Tailwind config to add availability of anon layout to desktop and browser extension
* PM-7324 - Desktop - AppRoutingModule - Add new signup route protected by the email verification feature flag.
* PM-7324 - BrowserExtension - AppRoutingModule - Add signup route protected by feature flag
* PM-7324 - Feature flag all register page navigations to redirect users to the new signup page.
* PM-7324 - Update AnonLayoutWrapperComponent constructor logic to avoid passing undefined values into I18nService.t method
* PM-7324 - Accept org invite web comp - adjust register url and qParams
* PM-7324 - Add AnonLayoutWrapperData to desktop & browser since we don't need titleId.
* PM-7324 - Revert anon layout wrapper comp changes as they were made separately and merged to main.
* PM-7234 - Fix registration start component so the login route works for the browser extension.
* PM-7324 - Registration start story now building again + fix storybook warning around BrowserAnimationsModule
* PM-7324 - Registration Start - add missing tw-text-main to fix dark mode rendering.
* PM-7324 - Update storybook docs
* PM-7324 - Get stub of registration finish component so that the verify email has something to land on.
* PM-7324 - Registration start - receive marketing materials should never be required.
* PM-7324 - Add finish signup route + required translations to desktop & browser.
* PM-7324 - AnonLayoutWrapperComponent - Resolve issues where navigating to a sibling anonymous route wouldn't update the AnonLayoutWrapperData.
* PM-7324 - Remove unnecessary array
* PM-7324 - Per PR feedback, improve setReceiveMarketingEmailsByRegion
* PM-7324 - Per PR feedback, inject login routes via route data
* PM-7324 - Document methods in account api service
* PM-7324 - PR feedback - jsdoc tweaks
* Clone Initial Data In `runMigrator`
- When using test cases, mutating the input data causes problems.
* Migrate `minimizeOnCopy` & `browserIntegrationEnabled`
* Update From Main
* Move Fingerprint Setting
- No Migration Yet
* Add Fingerprint to Migrations
* Convert Messaging to `async`
* Switch to calling `Boolean` for Map Function
* Catch Errors
* Remove LogService
* PM-8367 - WIP - initial comp creation
* PM-8367 - Majority of new registration self hosted env config dialog working
* PM-8367 - RegistrationEnvSelectorComponent - add method handleSelfHostedEnvConfigDialogResult and add toast for happy path.
* PM-8367 - Add validation TODO
* PM-8367 - RegistrationSelfHostedEnvConfigDialogComponent - Add validator
* PM-8367 - RegEnvSelector - Only show self hosted if the client is browser or desktop since we will be using the selector on web as well.
* PM-8367 - Registration start comp - add env selector
* PM-8367 - Registration start - add proper import for standalone comps.
* PM-8367 - Registration Start - get storybook fixed with registration env selector
* PM-8367 - Add self hosted server to web translations only for storybook
* PM-8367 - Add more storybook examples and update docs (WIP - need to test self hosted selection)
* PM-8367 - Registration Start - update stories
* PM-8367 - Env Selector now emits selected region so that parent comps can listen to it if needed.
* PM-8367 - Registration Start - wire up handler for selectedRegionChange so that the parent comp can successfully track isSelfHost and hide / show the terms / privacy policy checkbox
* PM-8367 - TODO cleanup
* PM-8367 - Registration start docs - stage gate is two words.
* PM-8367 - Per working session with Will, move top level provided services to app level instead of module level to solve dialog null injector errors.
* PM-8367 - Storybook working for self hosted env dialog
* PM-8367 - Add dialog scroll feature to bitDialog and implement in self hosted env dialog.
* PM-8367 - Revert bit dialog changes and scroll implementation.
* PM-8367 - Tweak registration start docs
* PM-8367 - Remove unused changeDetectorRef
* PM-8367 - Add docs per PR feedback
* PM-7392 - EncryptSvc - add new method for detecting if a simple string is an enc string.
* PM-7392 - TokenSvc - add checks when setting and retrieving the access token to improve handling around the access token encryption.
* PM-7392 - (1) Clean up token svc (2) export access token key type for use in tests.
* PM-7392 - Get token svc tests passing; WIP more tests to come for new scenarios.
* PM-7392 - Access token secure storage to disk fallback WIP but mostly functional besides weird logout behavior.
* PM-7392 - Clean up unnecessary comment
* PM-7392 - TokenSvc - refresh token disk storage fallback
* PM-7392 - Fix token service tests in prep for adding tests for new scenarios.
* PM-7392 - TokenSvc tests - Test new setRefreshToken scenarios
* PM-7392 - TokenSvc - getRefreshToken should return null or a value - not undefined.
* PM-7392 - Fix test name.
* PM-7392 - TokenSvc tests - clean up test names that reference removed refresh token migrated flag.
* PM-7392 - getRefreshToken tests done.
* PM-7392 - Fix error quote
* PM-7392 - TokenSvc tests - setAccessToken new scenarios tested.
* PM-7392 - TokenSvc - getAccessToken - if secure storage errors add error to log.
* PM-7392 - TokenSvc tests - getAccessToken - all new scenarios tested
* PM-7392 - EncryptSvc - test new stringIsEncString method
* PM-7392 - Main.ts - fix circ dep issue.
* PM-7392 - Main.ts - remove comment.
* PM-7392 - Don't re-invent the wheel and simply use existing isSerializedEncString static method.
* PM-7392 - Enc String - (1) Add handling for Nan in parseEncryptedString (2) Added null handling to isSerializedEncString. (3) Plan to remove encrypt service implementation
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - Remove encrypt service method
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - Actually fix circ dep issues with Justin. Ty!
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - TokenSvc - update to use EncString instead of EncryptSvc + fix tests.
* PM-7392 - TokenSvc - (1) Remove test code (2) Refactor decryptAccessToken method to accept access token key and error on failure to pass required decryption key to method.
* PM-7392 - Per PR feedback and discussion, do not log the user out if hte refresh token cannot be found. This will allow users to continue to use the app until their access token expires and we will error on trying to refresh it. The app will then still work on a fresh login for 55 min.
* PM-7392 - API service - update doAuthRefresh error to clarify which token cannot be refreshed.
* PM-7392 - Fix SetRefreshToken case where a null input would incorrectly trigger a fallback to disk.
* PM-7392 - If the access token cannot be refreshed due to a missing refresh token or API keys, then surface an error to the user and log it so it isn't a silent failure + we get a log.
* PM-7392 - Fix CLI build errors
* PM-7392 - Per PR feedback, add missing tests (thank you Jake for writing these!)
Co-authored-by: Jake Fink <jfink@bitwarden.com>
* PM-7392 - Per PR feedback, update incorrect comment from 3 releases to 3 months.
* PM-7392 - Per PR feedback, remove links.
* PM-7392 - Per PR feedback, move tests to existing describe.
* PM-7392 - Per PR feedback, adjust all test names to match naming convention.
* PM-7392 - ApiService - refreshIdentityToken - log error before swallowing it so we have a record of it.
* PM-7392 - Fix copy for errorRefreshingAccessToken
* PM-7392 - Per PR feedback, move error handling toast responsibility to client specific app component logic reached via messaging.
* PM-7392 - Swap logout reason from enum to type.
* PM-7392 - ApiService - Stop using messaging to trigger toast to let user know about refresh access token errors; replace with client specific callback logic.
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* PM-7392 - Per PR feedback, adjust enc string changes and tests.
* PM-7392 - Rename file to be type from enum
* PM-7392 - ToastService - we need to await the activeToast.onHidden observable so return the activeToast from the showToast.
* PM-7392 - Desktop AppComp - cleanup messaging
* PM-7392 - Move Logout reason custom type to auth/common
* PM-7392 - WIP - Enhancing logout callback to consider the logout reason + move show toast logic into logout callback
* PM-7392 - Logout callback should simply pass along the LogoutReason instead of handling it - let each client's message listener handle it.
* PM-7392 - More replacements of expired with logoutReason
* PM-7392 - More expired to logoutReason replacements
* PM-7392 - Build new handlers for displaying the logout reason for desktop & web.
* PM-7392 - Revert ToastService changes
* PM-7392 - TokenSvc - Replace messageSender with logout callback per PR feedback.
* PM-7392 - Desktop App comp - replace toast usage with simple dialog to guarantee users will see the reason for them being logged out.
* PM-7392 - Web app comp - fix issue
* PM-7392 - Desktop App comp - don't show cancel btn on simple dialogs.
* PM-7392 - Desktop App comp - Don't open n simple dialogs.
* PM-7392 - Fix browser build
* PM-7392 - Remove logout reason from CLI as each logout call handles messaging on its own.
* PM-7392 - Previously, if a security stamp was invalid, the session was marked as expired. Restore that functionality.
* PM-7392 - Update sync service logoutCallback to include optional user id.
* PM-7392 - Clean up web app comp
* PM-7392 - Web - app comp - only handle actually possible web logout scenarios.
* PM-7392 - Browser Popup app comp - restore done logging out message functionality + add new default logout message
* PM-7392 - Add optional user id to logout callbacks.
* PM-7392 - Main.background.ts - add clarifying comment.
* PM-7392 - Per feedback, use danger simple dialog type for error.
* PM-7392 - Browser Popup - add comment clarifying expectation of seeing toasts.
* PM-7392 - Consolidate invalidSecurityStamp error handling
* PM-7392 - Per PR feedback, REFRESH_ACCESS_TOKEN_ERROR_CALLBACK can be completely sync. + Refactor to method in main.background.
* PM-7392 - Per PR feedback, use a named callback for refreshAccessTokenErrorCallback in CLI
* PM-7392 - Add TODO
* PM-7392 - Re-apply bw.ts changes to new service-container.
* PM-7392 - TokenSvc - tweak error message.
* PM-7392 - Fix test
* PM-7392 - Clean up merge conflict where I duplicated dependencies.
* PM-7392 - Per discussion with product, change default logout toast to be info
* PM-7392 - After merge, add new logout reason to sync service.
* PM-7392 - Remove default logout message per discussion with product since it isn't really visible on desktop or browser.
* PM-7392 - address PR feedback.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Move/replace submit and userVerification logic from web into the BaseExportComponent
Add "@bitwarden/auth" as dependency to the vault-export-ui package
New submit logic also checks for password-encrypted exports which will be need for future UI updates on browser and desktop
* Create export-desktop component using shared recipe
Create new export component that uses the shared export.component from @bitwarden/vault-export-ui
* Update imports within AppModule
Remove old ExportComponent
Remove ExportScopeCalloutComponent as it's part of the BaseExportComponent
* Open new component when clicking on Export Vault menu item
* Add missing entries to messages.json
* Delete old export.component
* Remove duplicate verifyUser-method
* Change placeholder example
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Change `object` to `Record<string, unknown>`
* Change `object` to `Record<string, unknown>` Pt. 2
* Update ForegroundSyncService
- Manage finish message in the listener to more gaurantee a message back
- Make the timeout much longer
- Allow it to throw if the background sync service threw
---------
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
* PM-5086 - WIP start on registration start component
* PM-5086 - more WIP progress on registration start comp
* PM-5086 - Setup secondary component
* PM-5086 - (1) Validation working (2) States implemented (3) 2nd state for check email mostly completed except for correct icon
* PM-5086 - Registration Start - check email state - update icon to be correct from figma.
* PM-5086 - Refactor self hosted conditional + actually hide the checkbox if it is self hosted.
* PM-5086 - WIP good progress on getting browser & desktop creating account on logic working.
* PM-5086 - Accessibility pass + WIP on region selector
* PM-5086 - Accessibility pass with Danielle
* PM-5086 - Migrate env selector logic to own component.
* PM-5086 - Update AnonLayoutWrapperComp import
* PM-5086 - Remove unncessary focus.
* PM-5086 - WIP first draft of registration env selector; name might change to differentiate it from existing env selector.
* PM-5086 - Rename env selector to be more clear and use registration-env-selector instead.
* PM-5086 - (1) Export registration env selector (2) Change comp name not just file name.
* PM-5086 - Create new registration page stub
* PM-5086 - Fix build issue where select module was missing from new registration env selector.
* PM-5086 - Registration --> registration start.
* PM-5086 - Add missing translation from registration-start-secondary-component to desktop & browser.
* PM-5086 - Add missing translations
* PM-5086 - Registration Env Selector - forms require form groups. duh.
* PM-5086 - Registration Env Selector - working now.
* PM-5086 - Registration Start desktop mostly working with env selector issues.
* PM-5086 - Registration start - get self hosted env dialog to close on close click. Backdrop click doesn't work but escape does still.
* PM-5086 - TODO: figure out if there is a better way to get the dialog to close.
* PM-5086 - Registration start - get goBack working to properly re-show env selector
* PM-5086 - Self Hosted Env Comp - re-emit current env on close so that select based env selectors can reset
* PM-5086 - RegistrationEnvSelector - Refactor init logic to also listen for env updates so that the user's choices on the self hosted settings dialog get communicated to this comp
* PM-5086 - Registration Start Desktop - Don't allow users to close dialog via escape as we need them to either close or save to get the env service to set the env correctly.
* PM-5086 - Browser Registration Start Page stub
* PM-5086 - Registration Start comp - storybook added
* PM-5086 - Remove links to start-registration as we aren't ready to implement that yet.
* PM-5086 - Revert environment comp changes.
* PM-5086 - Delete registration start pages.
* PM-5086 - Test removing PreloadedEnglishI18nModule to see if it fixes test failures
* PM-5086 - Try to resolve issues w/ importing PreloadedEnglishI18nModule into RegistrationStartComponent storybook stories file.
* PM-5086 - Allow translations to be imported for all libs.
* PM-5086 - Remove comment from JSON
* PM-5086 - TODO cleanup
* PM-5086 - Per PR feedback, fix display issues by using correct classes.
* PM-5086 - Fix SVG per PR feedback
* PM-5086 - Remove unnecessary methods
* PM-5086 - RegistrationEnvSelectorComponent - per PR feedback, properly type null in form group
* [PM-6825] Add temporary vault page header
* [PM-6825] Expose cipherViews$ observable
* [PM-6825] Refactor getAllDecryptedForUrl to expose filter functionality for reuse
* [PM-6825] Introduce VaultPopupItemsService
* [PM-6825] Introduce initial VaultListItem and VaultListItemsContainer components
* [PM-6825] Add VaultListItems to VaultV2 component
* [PM-6825] Introduce autofill-vault-list-items.component to encapsulate autofill logic
* [PM-6825] Add temporary Vault icon
* [PM-6825] Add empty and no results states to Vault tab
* [PM-6825] Add unit tests for vault popup items service
* [PM-6825] Negate noFilteredResults placeholder
* [PM-6825] Cleanup new Vault components
* [PM-6825] Move new components into its own module
* [PM-6825] Fix missing button type
* [PM-6825] Add booleanAttribute to showAutofill input
* [PM-6825] Replace empty refresh BehaviorSubject with Subject
* [PM-6825] Combine *ngIfs for vault list items container
* [PM-6825] Use popup-section-header component
* [PM-6825] Use small variant for icon buttons
* [PM-6825] Use anchor tag for vault items
* [PM-6825] Consolidate vault-list-items-container to include list item component functionality directly
* [PM-6825] Add Tailwind classes to new Vault icon
* [PM-6825] Remove temporary header comment
* [PM-6825] Fix auto fill suggestion font size and padding
* [PM-6825] Use tailwind for vault icon styling
* [PM-6825] Add libs/angular to tailwind.config content
* [PM-6825] Cleanup missing i18n
* [PM-6825] Make VaultV2 standalone and cleanup Browser App module
* [PM-6825] Use explicit type annotation
* [PM-6825] Use property binding instead of interpolation
* Move/replace submit and userVerification logic from web into the BaseExportComponent
Add "@bitwarden/auth" as dependency to the vault-export-ui package
New submit logic also checks for password-encrypted exports which will be need for future UI updates on browser and desktop
* Remove import/passing of the unneeded UserVerificationService
* Remove app-user-verification from browser and desktop components as the new UI is opened as a self-contained dialog
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* replace `PasswordGeneratorService` with `legacyPasswordGenerationServiceFactory`
* replace `UsernameGeneratorService` with `legacyUsernameGenerationServiceFactory`
* migrate generator options and history
* apply policy immediately once available
* suppress duplicate policy emissions
* run password generation response code in `ngZone`
Process reload is the means by which we protect user keys in memory. once an account locks, it triggers a process reload (assuming no other accounts are unlocked), that frees renderer memory.
However, if the user is not unlocked, it is not protected by the process reload, so we may keep user keys in memory.
* Do not initialize symmetric crypto keys with null
* Require new message on invalid native message encryption
Handling of this error is to require the user to retry, so the promise needs to resolve.
* Update activity when switching users
* Clear data of designated user
* Do not switchMap to null, always to Promise or Observable
* handle uninitialized popup services
* Switch to new account immediately and log out as inactive.
Split up done logging out and navigation so we can always display expire warning.
* Do not navigate in account switcher, main.background takes care of it
* Ignore storage updates from reseed events
* Remove loading on cancelled logout
* Catch missed account switch errors
* Avoid usage of active user state in sync service
Send service does not currently support specified user data
manipulation, so we ensure that the notification was sent to the
active user prior to processing the notification.
* Clear sequentialize caches on account switch
These caches are used to ensure that rapid calls to an async method are not repeated. However, the cached promises are valid only within a given userId context and must be cleared when that context changes.
* Revert `void` promise for notification reconnect
* Update libs/angular/src/services/jslib-services.module.ts
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Handle switch account routing through messaging background -> app
* Use account switch status to handle unlocked navigation case.
* Revert "Handle switch account routing through messaging background -> app"
This reverts commit 8f35078ecb.
---------
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-5501 - VaultTimeoutSettingsSvc - fix setVaultTimeoutOptions condition which needed to use never instead of null.
* PM-5501 - Fix browser and desktop not showing the never lock warning
* PM-5501 - Use true equality.
* PM-5501 - VaultTimeoutSettingsSvc - refactor var names in getVaultTimeoutAction
* PM-5501 - Add state definitions and key definitions + test deserialization of key defs.
* PM-5501 - Add state provider dep to VaultTimeoutSettingsSvc
* PM-5501 - Refactor getVaultTimeout
* PM-5501 - VaultTimeoutSettingsService - Build getMaxVaultTimeoutPolicyByUserId helper
* PM-5501 - (1) Update state definitions (2) convert KeyDefs to UserKeyDefs (2) Remove everBeenUnlocked as we won't need it
* PM-5501 - VaultTimeoutSettingsSvc - POC for getVaultTimeoutActionByUserId$ method + new private determineVaultTimeoutAction helper.
* PM-5501 - VaultTimeoutSettingsSvc - build set and observable get methods for vault timeout settings
* PM-5501 - Update web references to use new vault timeout setting service methods
* PM-5501 - VaultTimeoutSettingsSvc - write up abstraction js docs
* PM-5501 - VaultTimeoutSettingsSvc abstraction - finish tweaks
* PM-5501 - VaultTimeoutSettingsSvc - add catchError blocks to observables to protect outer observables and prevent cancellation in case of error.
* PM-5501 - Remove vault timeout settings from state service implementation.
* PM-5501 - VaultTimeoutSettingsServiceStateProviderMigrator first draft
* PM-5501 - WIP - replace some state service calls with calls to vault timeout settings svc.
* PM-5501 - Replace state service calls in login strategies to get vault timeout settings data with VaultTimeoutSettingsService calls.
* PM-5501 - Fix login strategy tests
* PM-5501 - Update login strategy tests to pass
* PM-5501 - CryptoSvc - share VaultTimeout user key def to allow crypto svc access to the vault timeout without creating a circular dep.
* PM-5501 - Fix dependency injections.
* PM-5501 - ApiSvc - replace state svc with vault timeout settings svc.
* PM-5501 - VaultTimeoutSettingsServiceStateProviderMigrator more cleanup
* PM-5501 - Test VaultTimeoutSettingsServiceStateProviderMigrator
* PM-5501 - VaultTimeoutSettingsSvc tests updated
* PM-5501 - Update all setVaultTimeoutOptions references
* PM-5501 - VaultTimeoutSettingsSvc - Update setVaultTimeoutOptions to remove unnecessary logic and clean up clearTokens condition.
* PM-5501 - Fix vault timeout service tests
* PM-5501 - Update VaultTimeoutSettings state tests to pass
* PM-5501 - Desktop - system svc - fix build by replacing use of removed method.
* PM-5501 - Fix CLI by properly configuring super class deps in NodeApiService
* PM-5501 - Actually finish getitng deps fixed to get CLI to build
* PM-5501 - VaultTimeoutSettingsSvc.determineVaultTimeoutAction - pass userId to getAvailableVaultTimeoutActions to prevent hang waiting for an active user.
* PM-5501 - VaultTimeoutSettingSvc test - enhance getVaultTimeoutActionByUserId$ to also test PIN scenarios as an unlock method
* PM-5501 - bump migration version
* PM-5501 - Refactor migration to ensure the migration persists null vault timeout values.
* PM-5501 - Bump migration version
* PM-5501 - Fix web build issues introduced by merging main.
* PM-5501 - Bump migration version
* PM-5501 - PreferencesComponent - revert dep change from InternalPolicyService to standard PolicyService abstraction
* PM-5501 - Address all PR feedback from Jake
Co-authored-by: Jake Fink <jfink@bitwarden.com>
* PM-5501 - VaultTimeoutSettingsSvc tests - add tests for setVaultTimeoutOptions
* PM-5501 - VaultTimeoutSettingsSvc - setVaultTimeoutOptions - Update tests to use platform's desired syntax.
* PM-5501 - Fix tests
* PM-5501 - Create new VaultTimeout type
* PM-5501 - Create new DEFAULT_VAULT_TIMEOUT to allow each client to inject their default timeout into the VaultTimeoutSettingService
* PM-5501 - Migrate client default vault timeout to new injection token
* PM-5501 - Update VaultTimeoutSettingsSvc to use VaultTimeout type and apply default vault timeout if it is null.
* PM-5501 - Update vaultTimeout: number to be vaultTimeout: VaultTimeout everywhere I could find it.
* PM-5501 - More changes based on changing vaultTimeout from number to VaultTimeout type.
* PM-5501 - VaultTimeoutSvc - Update shouldLock logic which previously checked for null (never) or any negative values (any strings except never) with a simple string type check.
* PM-5501 - More cleanup of vaultTimeout type change - replacing null checks with "never" checks
* PM-5501 - VaultTimeoutSettingsSvc - refactor determineVaultTimeout to properly treat string and numeric vault timeouts.
* PM-5501 - Update vault timeout settings service tests to reflect new VaultTimeout type.
* PM-5501 - VaultTimeoutSettingsService - add more test cases for getVaultTimeoutByUserId
* PM-5501 - (1) Remove "immediately" as 0 is numerically meaningful and can be used with Math.min (2) Add VaultTimeoutOption interface for use in all places we show the user a list of vault timeout options.
* PM-5501 - VaultTimeoutSettingSvc - update tests to use 0 as immediately.
* PM-5501 - VaultTimeoutInputComp - Add new types and update applyVaultTimeoutPolicy logic appropriately.
* PM-5501 - Add new types to all preferences and setting components across clients.
* PM-5501 - Fix bug on web where navigating to the preferences page throws an error b/c the validatorChange function isn't defined.
* PM-5501 - WIP on updating vault timeout setting migration and rollback + testing it.
* PM-5501 - Update VaultTimeoutSettingsSvc state provider migration and tests to map existing possible values into new VaultTImeout type.
* PM-5501 - Fix vault timeout settings state tests by changing number to new VaultTimeout type.
* PM-5501 - Fix crypto svc auto key refresh test to use "never" instead of null.
* PM-5501 - Add clarifying comment to vaulttimeout type
* PM-5501 - Desktop app comp - replace systemTimeoutOptions with vault timeout type.
* PM-5501 - Update vault timeout service tests to use VaultTimeout type.
* PM-5501 - VaultTimeoutSettingsSvc - (1) Fix bug where vault timeout action didn't have a default like it did before (2) Fix bug in userHasMasterPassword where it would incorrectly return the active user stream for a given user id as a fallback. There is no guarantee the given user would match the active user so the paths are mutually exclusive.
* PM-5501 - Login Strategy fix - Move retrieval of vault timeout settings and setting of the tokens until after account init and user decryption options set as those opts are needed to properly determine the user's available vault timeout actions.
* PM-5501 - Fix vault timeout settings svc tests
* PM-5501 - VaultTimeoutSettingSvc - move default logic to determine methods + refactor default vault timeout action to properly default to lock in scenarios the user has lock available.
* Update libs/angular/src/components/settings/vault-timeout-input.component.ts
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
* PM-5501 - Per PR feedback, cleanup commented out vault timeout options
* PM-5501 - Fix vault timeout input comp lint issues
* PM-5501 - Per PR feedback from Cesar, update VaultTimeout type to use const so we can avoid any magic string usage. Awesome.
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
* PM-5501 - CLI - use "never" as default vault timeout instead of null.
* PM-5501 - Fix broken tests
* PM-5501 - Bump migration version
* PM-5501 - Fix build errors after merging main.
* PM-5501 - Update mockMigrationHelper to pass along client type so tests will respect it.
* PM-5501 - Update VaultTimeoutSettingsServiceStateProviderMigrator and tests to use new CLI client type to convert undefined values to never so that CLI users don't lose their session upon running this migration.
* PM-5501 - Bump migration version
* PM-5501 - Fix migration tests to use new authenticated user format
* PM-5501 Update rollback tests
* PM-5501 - Adjust migration based on feedback.
* PM-5501 - Per Jake's find, fix missed -2
Co-authored-by: Jake Fink <jfink@bitwarden.com>
* PM-5501 - Add user id to needsStorageReseed.
Co-authored-by: Jake Fink <jfink@bitwarden.com>
* PM-5501 - Per PR feedback, setVaultTimeoutOptions shouldn't accept null for vault timeout anymore.
* PM-5501 - Per PR feedback, add null checks for set methods for setting vault timeout or vault timeout action.
* PM-5501 - Per PR feedback, add more context as to why we need vault timeout settings to persist after logout.
* PM-5501 - Per PR feedback, fix userHasMasterPassword
* PM-5501 - VaultTimeoutSettingsService - fix userHasMasterPassword check by checking for null decryption options.
* PM-5501 - Remove state service from vault timeout settings service (WOOO)
* PM-5501 - Bump migration version
* PM-5501 - Account Security comp - refactor to consider ease of debugging.
* PM-5501 - (1) Add checks for null vault timeout and vault timeout actions (2) Add tests for new scenarios.
* PM-5501 - VaultTimeoutSettingsSvc - setVaultTimeoutOptions - fix bug where nullish check would throw incorrectly if immediately (0) was picked as the timeout.
* PM-5501 - Per PR feedback, clean up remaining token service methods which accept null for timeout and add tests. .
* PM-5501 - Fix nit
---------
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
* move pinKeyEncryptedUserKey
* move pinKeyEncryptedUserKeyEphemeral
* remove comments, move docs
* cleanup
* use UserKeyDefinition
* refactor methods
* add migration
* fix browser dependency
* add tests for migration
* rename to pinService
* move state to PinService
* add PinService dep to CryptoService
* move protectedPin to state provider
* update service deps
* renaming
* move decryptUserKeyWithPin to pinService
* update service injection
* move more methods our of crypto service
* remove CryptoService dep from PinService and update service injection
* remove cryptoService reference
* add method to FakeMasterPasswordService
* fix circular dependency
* fix desktop service injection
* update browser dependencies
* add protectedPin to migrations
* move storePinKey to pinService
* update and clarify documentation
* more jsdoc updates
* update import paths
* refactor isPinLockSet method
* update state definitions
* initialize service before injecting into other services
* initialize service before injecting into other services (bw.ts)
* update clearOn and do additional cleanup
* clarify docs and naming
* assign abstract & private methods, add clarity to decryptAndMigrateOldPinKeyEncryptedMasterKey() method
* derived state (attempt)
* fix typos
* use accountService to get active user email
* use constant userId
* add derived state
* add get and clear for oldPinKeyEncryptedMasterKey
* require userId
* move pinProtected
* add clear methods
* remove pinProtected from account.ts and replace methods
* add methods to create and store pinKeyEncryptedUserKey
* add pinProtected/oldPinKeyEncrypterMasterKey to migration
* update migration tests
* update migration rollback tests
* update to systemService and decryptAndMigrate... method
* remove old test
* increase length of state definition name to meet test requirements
* rename 'TRANSIENT' to 'EPHEMERAL' for consistency
* fix tests for login strategies, vault-export, and fake MP service
* more updates to login-strategy tests
* write new tests for core pinKeyEncrypterUserKey methods and isPinSet
* write new tests for pinProtected and oldPinKeyEncryptedMasterKey methods
* minor test reformatting
* update test for decryptUserKeyWithPin()
* fix bug with oldPinKeyEncryptedMasterKey
* fix tests for vault-timeout-settings.service
* fix bitwarden-password-protected-importer test
* fix login strategy tests and auth-request.service test
* update pinService tests
* fix crypto service tests
* add jsdoc
* fix test file import
* update jsdocs for decryptAndMigrateOldPinKeyEncryptedMasterKey()
* update error messages and jsdocs
* add null checks, move userId retrievals
* update migration tests
* update stateService calls to require userId
* update test for decryptUserKeyWithPin()
* update oldPinKeyEncryptedMasterKey migration tests
* more test updates
* fix factory import
* update tests for isPinSet() and createProtectedPin()
* add test for makePinKey()
* add test for createPinKeyEncryptedUserKey()
* add tests for getPinLockType()
* consolidate userId verification tests
* add tests for storePinKeyEncryptedUserKey()
* fix service dep
* get email based on userId
* use MasterPasswordService instead of internal
* rename protectedPin to userKeyEncryptedPin
* rename to pinKeyEncryptedUserKeyPersistent
* update method params
* fix CryptoService tests
* jsdoc update
* use EncString for userKeyEncryptedPin
* remove comment
* use cryptoFunctionService.compareFast()
* update tests
* cleanup, remove comments
* resolve merge conflict
* fix DI of MasterPasswordService
* more DI fixes
* [AC-2555] Fix missing feature flags in CollectionsComponent
* [AC-2555] Do not filter collections when opening the cipher collections dialog in the org vault
* Ensure AuthStatus Changes Before Exiting
* Do Not Display Account Without Name Or Email
* Fix Environment Selectors
* Add AccountService.clean to Web
* Match console method signatures in logService abstraction
* Add a few usages of improved signature
* Remove reality check test
* Improve electron logging
* Use account service to track accounts and active account
* Remove state service active account Observables.
* Add email verified to account service
* Do not store account info on logged out accounts
* Add account activity tracking to account service
* Use last account activity from account service
* migrate or replicate account service data
* Add `AccountActivityService` that handles storing account last active data
* Move active and next active user to account service
* Remove authenticated accounts from state object
* Fold account activity into account service
* Fix builds
* Fix desktop app switch
* Fix logging out non active user
* Expand helper to handle new authenticated accounts location
* Prefer view observable to tons of async pipes
* Fix `npm run test:types`
* Correct user activity sorting test
* Be more precise about log out messaging
* Fix dev compare errors
All stored values are serializable, the next step wasn't necessary and was erroring on some types that lack `toString`.
* If the account in unlocked on load of lock component, navigate away from lock screen
* Handle no users case for auth service statuses
* Specify account to switch to
* Filter active account out of inactive accounts
* Prefer constructor init
* Improve comparator
* Use helper methods internally
* Fixup component tests
* Clarify name
* Ensure accounts object has only valid userIds
* Capitalize const values
* Prefer descriptive, single-responsibility guards
* Update libs/common/src/state-migrations/migrate.ts
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Fix merge
* Add user Id validation
activity for undefined was being set, which was resulting in requests for the auth status of `"undefined"` (string) userId, due to key enumeration. These changes stop that at both locations, as well as account add for good measure.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7811 - Refactor UserKeyInitService to UserAutoUnlockKeyService - remove active account listening logic as it introduced race conditions with user key memory retrieval happening before the user auto unlock key was set into memory.
* PM-7811 - CLI - (1) Fix deps (2) On CLI init (pre command execution), if there is an active account, then set the user key in memory from the user auto unlock key.
* PM-7811 - Browser Extension / desktop - (1) Update deps (2) Sets user key in memory if the auto unlock key is set on account switch and background init (must act on all accounts so that account switcher displays unlock status properly).
* PM-7811 - Web - (1) Update deps (2) Sets user key in memory if the auto unlock key is set on init
* PM-7811 - Fix account switcher service changes not being necessary.
* Introduce browser large object storage location.
This location is encrypted and serialized to disk in order to allow for storage of uncountable things like vault items that take a significant amount of time to prepare, but are not guaranteed to fit within session storage.
however, limit the need to write to disk is a big benefit, so _most_ things are written to storage.session instead, where things specifically flagged as large will be moved to disk-backed memory
* Store derived values in large object store for browser
* Fix AbstractMemoryStorageService implementation
* PM-7235 - AuthSvc - Refactor getAuthStatus to simply use the cryptoService.hasUserKey check to determine the user's auth status.
* PM-7235 - CryptoSvc - getUserKey - remove setUserKey side effect if auto key is stored. Will move to app init
* PM-7235 - For each client init service, add setUserKeyInMemoryIfAutoUserKeySet logic
* PM-7235 - CryptoSvc tests - remove uncessary test.
* PM-7235 - Create UserKeyInitService and inject into all init services with new listening logic to support acct switching.
* PM-7235 - UserKeyInitSvc - minor refactor of setUserKeyInMemoryIfAutoUserKeySet
* PM-7235 - Add test suite for UserKeyInitService
* PM-7235 - Remove everBeenUnlocked as it is no longer needed
* PM-7235 - Fix tests
* PM-7235 - UserKeyInitSvc - per PR feedback, add error handling to protect observable stream from being cancelled in case of an error
* PM-7235 - Fix tests
* Update libs/common/src/platform/services/user-key-init.service.ts
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Update libs/common/src/platform/services/user-key-init.service.ts
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* PM-7235 - AuthSvc - Per PR review, for getAuthStatus, only check user key existence in memory.
* PM-7235 - remove not useful test per PR feedback.
* PM-7235 - Per PR feedback, update cryptoService.hasUserKey to only check memory for the user key.
* PM-7235 - Per PR feedback, move user key init service listener to main.background instead of init service
* PM-7235 - UserKeyInitSvc tests - fix tests to plass
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Re-register native messaging host integrations on startup
* Check for errors when generating the manifests
* Add log to component
* Switch to Promise.all
* Add injectable service
* Update the change master password dialog on browser
Change text to remove the mention of the bitwarden.com web vault
Change icon to show it's external link
Changes based on Figma attached to PM-2570
* Update the change master password dialog on desktop
Change text to remove the mention of the bitwarden.com web vault
Changes based on Figma attached to PM-2570 and to replicate what is done on browser
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* fixed issue with clearing search index state
* Decrease snap description character length to reach 128 limit (#8687)
* clear user index before account is totally cleaned up
* [AC-2436] Fix flashing unassigned items banner (#8689)
* Fix flashing banner for users who shouldn't see it
* Emit the right value the first time
* simplify further
* restore comment
* added logout clear on option
* removed redundant clear index from logout
---------
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* refactored injector of services on the browser service module
* refactored the search and popup serach service to use state provider
* renamed back to default
* removed token service that was readded during merge conflict
* Updated search service construction on the cli
* updated to use user key definition
* Reafctored all components that refernce issearchable
* removed commented variable
* added uncommited code to remove dependencies not needed anymore
* added uncommited code to remove dependencies not needed anymore
* create mp and kdf service
* update mp service interface to not rely on active user
* rename observable methods
* update crypto service with new MP service
* add master password service to login strategies
- make fake service for easier testing
- fix crypto service tests
* update auth service and finish strategies
* auth request refactors
* more service refactors and constructor updates
* setMasterKey refactors
* remove master key methods from crypto service
* remove master key and hash from state service
* missed fixes
* create migrations and fix references
* fix master key imports
* default force set password reason to none
* add password reset reason observable factory to service
* remove kdf changes and migrate only disk data
* update migration number
* fix sync service deps
* use disk for force set password state
* fix desktop migration
* fix sso test
* fix tests
* fix more tests
* fix even more tests
* fix even more tests
* fix cli
* remove kdf service abstraction
* add missing deps for browser
* fix merge conflicts
* clear reset password reason on lock or logout
* fix tests
* fix other tests
* add jsdocs to abstraction
* use state provider in crypto service
* inverse master password service factory
* add clearOn to master password service
* add parameter validation to master password service
* add component level userId
* add missed userId
* migrate key hash
* fix login strategy service
* delete crypto master key from account
* migrate master key encrypted user key
* rename key hash to master key hash
* use mp service for getMasterKeyEncryptedUserKey
* fix tests
* fix user key decryption logic
* add clear methods to mp service
* fix circular dep and encryption issue
* fix test
* remove extra account service call
* use EncString in state provider
* fix tests
* return to using encrypted string for serialization
Remove old compile flags which should no longer be required, and may even cause issues. secretsManager: false hides the app switcher which is now used for more than just secrets manager.
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
* create mp and kdf service
* update mp service interface to not rely on active user
* rename observable methods
* update crypto service with new MP service
* add master password service to login strategies
- make fake service for easier testing
- fix crypto service tests
* update auth service and finish strategies
* auth request refactors
* more service refactors and constructor updates
* setMasterKey refactors
* remove master key methods from crypto service
* remove master key and hash from state service
* missed fixes
* create migrations and fix references
* fix master key imports
* default force set password reason to none
* add password reset reason observable factory to service
* remove kdf changes and migrate only disk data
* update migration number
* fix sync service deps
* use disk for force set password state
* fix desktop migration
* fix sso test
* fix tests
* fix more tests
* fix even more tests
* fix even more tests
* fix cli
* remove kdf service abstraction
* add missing deps for browser
* fix merge conflicts
* clear reset password reason on lock or logout
* fix tests
* fix other tests
* add jsdocs to abstraction
* use state provider in crypto service
* inverse master password service factory
* add clearOn to master password service
* add parameter validation to master password service
* add component level userId
* add missed userId
* migrate key hash
* fix login strategy service
* delete crypto master key from account
* migrate master key encrypted user key
* rename key hash to master key hash
* use mp service for getMasterKeyEncryptedUserKey
* fix tests
Fix environment selector being broken on desktop. When selecting self-hosted and filling in a url, the selector fails to update when returning and instead produces the following console error.
* PM-5268 - Add DEVICE_TRUST_DISK to state definitions
* PM-5268 - DeviceTrustCryptoService - Get most of state provider refactor done - WIP - commented out stuff for now.
* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - WIP - got first draft of migrator in place and working on tests. Rollback tests are failing for some reason TBD.
* PM-5268 - more WIP on device trust crypto service migrator tests
* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - Refactor based on call with platform
* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - tests passing
* PM-5268 - Update DeviceTrustCryptoService to convert over to state providers + update all service instantiations / dependencies to ensure state provider is passed in or injected.
* PM-5268 - Register new migration
* PM-5268 - Temporarily remove device trust crypto service from migrator to ease merge conflicts as there are 6 more migrators before I can apply mine in main.
* PM-5268 - Update migration numbers of DeviceTrustCryptoServiceStateProviderMigrator based on latest migrations from main.
* PM-5268 - (1) Export new KeyDefinitions from DeviceTrustCryptoService for use in test suite (2) Update DeviceTrustCryptoService test file to use state provider.
* PM-5268 - Fix DeviceTrustCryptoServiceStateProviderMigrator tests to use proper versions
* PM-5268 - Actually fix all instances of DeviceTrustCryptoServiceStateProviderMigrator test failures
* PM-5268 - Clean up state service, account, and login strategy of all migrated references
* PM-5268 - Account - finish cleaning up device key
* PM-5268 - StateService - clean up last reference to device key
* PM-5268 - Remove even more device key refs. *facepalm*
* PM-5268 - Finish resolving merge conflicts by incrementing migration version from 22 to 23
* PM-5268 - bump migration versions
* PM-5268 - DeviceTrustCryptoService - Implement secure storage functionality for getDeviceKey and setDeviceKey (to achieve feature parity with the ElectronStateService implementation prior to the state provider migration). Tests to follow shortly.
* PM-5268 - DeviceTrustCryptoService tests - getDeviceKey now tested with all new secure storage scenarios. SetDeviceKey tests to follow.
* PM-5268 - DeviceTrustCryptoService tests - test all setDeviceKey scenarios with state provider & secure storage
* PM-5268 - Update DeviceTrustCryptoService deps to actually use secure storage svc on platforms that support it.
* PM-5268 - Bump migration version due to merge conflicts.
* PM-5268 - Bump migration version
* PM-5268 - tweak jsdocs to be single line per PR feedback
* PM-5268 - DeviceTrustCryptoSvc - improve debuggability.
* PM-5268 - Remove state service as a dependency on the device trust crypto service (woo!)
* PM-5268 - Update migration test json to correctly reflect reality.
* PM-5268 - DeviceTrustCryptoSvc - getDeviceKey - add throw error for active user id missing.
* PM-5268 - Fix tests
* PM-5268 - WIP start on adding user id to every method on device trust crypto service.
* PM-5268 - Update lock comp dependencies across clients
* PM-5268 - Update login via auth request deps across clients to add acct service.
* PM-5268 - UserKeyRotationSvc - add acct service to get active acct id for call to rotateDevicesTrust and then update tests.
* PM-5268 - WIP on trying to fix device trust crypto svc tests.
* PM-5268 - More WIP device trust crypto svc tests passing
* PM-5268 - Device Trust crypto service - get all tests passing
* PM-5268 - DeviceTrustCryptoService.getDeviceKey - fix secure storage b64 to symmetric crypto key conversion
* PM-5268 - Add more tests and update test names
* PM-5268 - rename state to indicate it was disk local
* PM-5268 - DeviceTrustCryptoService - save symmetric key in JSON format
* PM-5268 - Fix lock comp tests by adding acct service dep
* PM-5268 - Update set device key tests to pass
* PM-5268 - Bump migration versions again
* PM-5268 - Fix user key rotation svc tests
* PM-5268 - Update web jest config to allow use of common spec in user-key-rotation-svc tests
* PM-5268 - Bump migration version
* PM-5268 - Per PR feedback, save off user id
* PM-5268 - bump migration version
* PM-5268 - Per PR feedback, remove unnecessary await.
* PM-5268 - Bump migration verson
* add remove button for passkeys during edit
* added live region to announce when a passkey is removed
* removed announce passkey removed by SR
* removed unused variable
We currently use a callback syntax for abstract services. This syntax isn't completely strict compliant and will fail the strictPropertyInitialization check. We also currently don't get any compile time errors if we forget to implement a function.
To that end this PR updates all platform owned services to use the appropriate abstract keyword for non implemented functions. I also updated the fields to be actual functions and not properties.
* Create tracker that can await until expected observables are received.
* Test dates are almost equal
* Remove unused class method
* Allow for updating active account in accout service fake
* Correct observable tracker behavior
Clarify documentation
* Transition config service to state provider
Updates the config fetching behavior to be lazy and ensure that any emitted value has been updated if older than a configurable value (statically compiled).
If desired, config fetching can be ensured fresh through an async.
* Update calls to config service in DI and bootstrapping
* Migrate account server configs
* Fix global config fetching
* Test migration rollback
* Adhere to implementation naming convention
* Adhere to abstract class naming convention
* Complete config abstraction rename
* Remove unnecessary cli config service
* Fix builds
* Validate observable does not complete
* Use token service to determine authed or unauthed config pull
* Remove superfluous factory config
* Name describe blocks after the thing they test
* Remove implementation documentation
Unfortunately the experience when linking to external documentation is quite poor. Instead of following the link and retrieving docs, you get a link that can be clicked to take you out of context to the docs. No link _does_ retrieve docs, but lacks indication in the implementation that documentation exists at all.
On the balance, removing the link is the better experience.
* Fix storybook
Move export.component
Export from @bitwarden/vault-export-ui
Fix imports on browser, desktop and web
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* PM-5263 - TokenSvc - WIP on access token secure storage refactor
* PM-5263 - Add key generation svc to token svc.
* PM-5263 - TokenSvc - more progress on encrypt access token work.
* PM-5263 - TokenSvc TODO cleanup
* PM-5263 - TokenSvc - rename
* PM-5263 - TokenSvc - decryptAccess token must return null as that is a valid case.
* PM-5263 - Add EncryptSvc dep to TokenSvc
* PM-5263 - Add secure storage to token service
* PM-5263 - TokenSvc - (1) Finish implementing accessTokenKey stored in secure storage + encrypted access token stored on disk (2) Remove no longer necessary migration flag as the presence of the accessTokenKey now serves the same purpose.
Co-authored-by: Jake Fink <jfink@bitwarden.com>
* PM-5263 - TokenSvc - (1) Tweak return structure of decryptAccessToken to be more debuggable (2) Add TODO to add more error handling.
* PM-5263 - TODO: update tests
* PM-5263 - add temp logs
* PM-5263 - TokenSvc - remove logs now that I don't need them.
* fix tests for access token
* PM-5263 - TokenSvc test cleanup - small tweaks / cleanup
* PM-5263 - TokenService - per PR feedback from Justin - add error message to error message if possible.
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
---------
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
This enables it being shown as anm option with the language selector on the individual clients
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* WIP: First Try at making DesktopSettingsService
Does not work, migrations are ran in renderer but the values are read in main.
* Update window$ retrieval
* Fix DesktopSettings
* Rename Migration
* Add Migration to Builder
* Cleanup
* Update Comments
* Update `migrate.ts`
* Catch Unawaited Promises
* Remove Comments
* Update Tests
* Rename Migration
* Add `alwaysOnTop`
* Make `init` async
* Fix Desktop Build
* Fix error on close due to context differences in background
Desktop background does not have active user information. Also, we want to delete _all_ prompt cancelled data, not just that for the active user. Storing this on global and manipulating observables to active achieves this without needing any user information in the background.
* Remove potentially orphaned data
* Throw nice error if prompt cancelled used without active user
* Register migration
* split prompt cancelled reset to user-specific and global
Refactor environment service to emit a single observable. This required significant changes to how the environment service behaves and tackles much of the tech debt planned for it.
* Enable usage of the bit-callout within desktop
Adding this should be temporary, with the vision being: All components are standalone and they'd depend/import the CalloutModule themselves if they need it
* Replace vaultTimeoutPolicy callout in settings
* Replace OwnershipPolicy callout in add-edit cipher
* Replace vaultExportDisabled policy callout in export
* Replace generator policy callout in generator
* Replace policy callouts in add/edit Sends
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>