1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-10-30 08:10:34 +01:00
Commit Graph

15 Commits

Author SHA1 Message Date
Kyle Spearrin
b4a96c2365
exit immediately after login command run (#5183) 2023-05-03 14:15:32 -04:00
Shane Melton
07c2c2af20
[AC-1070] Enforce master password policy on login (#4795)
* [EC-1070] Introduce flag for enforcing master password policy on login

* [EC-1070] Update master password policy form

Add the ability to toggle enforceOnLogin flag in web

* [EC-1070] Add API method to retrieve all policies for the current user

* [EC-1070] Refactor forcePasswordReset in state service to support more options

- Use an options class to provide a reason and optional organization id
- Use the OnDiskMemory storage location so the option persists between the same auth session

* [AC-1070] Retrieve single master password policy from identity token response

Additionally, store the policy in the login strategy for future use

* [EC-1070] Introduce master password evaluation in the password login strategy

- If a master password policy is returned from the identity result, evaluate the password.
- If the password does not meet the requirements, save the forcePasswordReset options
- Add support for 2FA by storing the results of the password evaluation on the login strategy instance
- Add unit tests to password login strategy

* [AC-1070] Modify admin password reset component to support update master password on login

- Modify the warning message to depend on the reason

- Use the forcePasswordResetOptions in the update temp password component

* [EC-1070] Require current master password when updating weak mp on login

- Inject user verification service to verify the user
- Conditionally show the current master password field only when updating a weak mp. Admin reset does not require the current master password.

* [EC-1070] Implement password policy check during vault unlock

Checking the master password during unlock is the only applicable place to enforce the master password policy check for SSO users.

* [EC-1070] CLI - Add ability to load MP policies on login

Inject policyApi and organization services into the login command

* [EC-1070] CLI - Refactor update temp password logic to support updating weak passwords

- Introduce new shared method for collecting a valid and confirmed master password from the CLI and generating a new encryption key
- Add separate methods for updating temp passwords and weak passwords.
- Utilize those methods during login flow if not using an API key

* [EC-1070] Add route guard to force password reset when required

* [AC-1070] Use master password policy from verify password response in lock component

* [EC-1070] Update labels in update password component

* [AC-1070] Fix policy service tests

* [AC-1070] CLI - Force sync before any password reset flow

Move up the call to sync the vault before attempting to collect a new master password. Ensures the master password policies are available.

* [AC-1070] Remove unused getAllPolicies method from policy api service

* [AC-1070] Fix missing enforceOnLogin copy in policy service

* [AC-1070] Include current master password on desktop/browser update password page templates

* [AC-1070] Check for forced password reset on account switch in Desktop

* [AC-1070] Rename WeakMasterPasswordOnLogin to WeakMasterPassword

* [AC-1070] Update AuthServiceInitOptions

* [AC-1070] Add None force reset password reason

* [AC-1070] Remove redundant ForcePasswordResetOptions class and replace with ForcePasswordResetReason enum

* [AC-1070] Rename ForceResetPasswordReason file

* [AC-1070] Simplify conditional

* [AC-1070] Refactor logic that saves password reset flag

* [AC-1070] Remove redundant constructors

* [AC-1070] Remove unnecessary state service call

* [AC-1070] Update master password policy component

- Use typed reactive form
- Use CL form components
- Remove bootstrap
- Update error component to support min/max
- Use Utils.minimumPasswordLength value for min value form validation

* [AC-1070] Cleanup leftover html comment

* [AC-1070] Remove overridden default values from MasterPasswordPolicyResponse

* [AC-1070] Hide current master password input in browser for admin password reset

* [AC-1070] Remove clientside user verification

* [AC-1070] Update temp password web component to use CL

- Use CL for form inputs in the Web component template
- Remove most of the bootstrap classes in the Web component template
- Use userVerificationService to build the password request
- Remove redundant current master password null check

* [AC-1070] Replace repeated user inputs email parsing helpers

- Update passwordStrength() method to accept an optional email argument that will be parsed into separate user inputs for use with zxcvbn
- Remove all other repeated getUserInput helper methods that parsed user emails and use the new passwordStrength signature

* [AC-1070] Fix broken login command after forcePasswordReset enum refactor

* [AC-1070] Reduce side effects in base login strategy

- Remove masterPasswordPolicy property from base login.strategy.ts
- Include an IdentityResponse in base startLogin() in addition to AuthResult
- Use the new IdentityResponse to parse the master password policy info only in the PasswordLoginStrategy

* [AC-1070] Cleanup password login strategy tests

* [AC-1070] Remove unused field

* [AC-1070] Strongly type postAccountVerifyPassword API service method

- Remove redundant verify master password response
- Use MasterPasswordPolicyResponse instead

* [AC-1070] Use ForceResetPassword.None during account switch check

* [AC-1070] Fix check for forcePasswordReset reason after addition of None

* [AC-1070] Redirect a user home if on the update temp password page without a reason

* [AC-1070] Use bit-select and bit-option

* [AC-1070] Reduce explicit form control definitions for readability

* [AC-1070] Import SelectModule in Shared web module

* [AC-1070] Add check for missing 'at' symbol

* [AC-1070] Remove redundant unpacking and null coalescing

* [AC-1070] Update passwordStrength signature and add jsdocs

* [AC-1070] Remove variable abbreviation

* [AC-1070] Restore Id attributes on form inputs

* [AC-1070] Clarify input value min/max error messages

* [AC-1070] Add input min/max value example to storybook

* [AC-1070] Add missing spinner to update temp password form

* [AC-1070] Add missing ids to form elements

* [AC-1070] Remove duplicate force sync and update comment

* [AC-1070] Switch backticks to quotation marks

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-04-17 07:35:37 -07:00
Vincent Salucci
bacb8828de
[AC-1266] Enums filename conventions (#5140)
* refactor: update clientType enum

* refactor: update deviceType filename

* refactor: update encryptedExportType filename

* refactor: update encryptionType filename

* refactor: update eventType filename

* refactor: update fieldType filename

* refactor: update fileUploadType filename

* refactor: update hashPurpose filename

* refactor: update htmlStorageLocation filename

* refactor: update kdfType filename

* refactor: update keySuffixOptions filename

* refactor: update linkedIdType filename

* refactor: update logLevelType filename

* refactor: update nativeMessagingVersion filename

* refactor: update notificationType filename

* refactor: update productType filename

* refactor: update secureNoteType filename

* refactor: update stateVersion filename

* refactor: update storageLocation filename

* refactor: update themeType filename

* refactor: update uriMatchType filename

* fix: update kdfType classes missed in initial pass, refs AC-1266

* fix: missing import update for device-type

* refactor: add barrel file for enums and update pathed import statements, refs AC-1266

* fix: incorrect import statements for web, refs AC-1266

* fix: missed import statement updates (browser), refs AC-1266

* fix: missed import statement changes (cli), refs AC-1266

* fix: missed import statement changes (desktop), refs AC-1266

* fix: prettier, refs AC-1266

* refactor: (libs) update relative paths to use barrel file, refs AC-1266

* fix: missed find/replace import statements for SecureNoteType, refs AC-1266

* refactor: apply .enum suffix to enums folder and modify leftover relative paths, refs AC-1266

* fix: find/replace errors for native-messaging-version, refs AC-1266
2023-04-04 22:42:21 -05:00
Daniel James Smith
d4c812160f
[PM-328] Move generator to tools (#4980)
* Move generator to tools

libs/angular:
- Move generator.component to tools
libs/common:
- Move password generation to tools
- Move username generation including email-forwarders to tools

apps/*
- create tools-subfolder and move files regarding generator functionality
- Update all the imports

.github/:
- Cleaned up whitelist-capital-letters.txt
- Added team-tools-dev folders to CODEOWNERS

* Remove unused barrel file
2023-03-10 21:39:46 +01:00
Matt Gibson
cf972e784c
Auth/ps 2298 reorg auth (#4564)
* Move auth service factories to Auth team

* Move authentication componenets to Auth team

* Move auth guard services to Auth team

* Move Duo content script to Auth team

* Move auth CLI commands to Auth team

* Move Desktop Account components to Auth Team

* Move Desktop guards to Auth team

* Move two-factor provider images to Auth team

* Move web Accounts components to Auth Team

* Move web settings components to Auth Team

* Move web two factor images to Auth Team

* Fix missed import changes for Auth Team

* Fix Linting errors

* Fix missed CLI imports

* Fix missed Desktop imports

* Revert images move

* Fix missed imports in Web

* Move angular lib components to Auth Team

* Move angular auth guards to Auth team

* Move strategy specs to Auth team

* Update .eslintignore for new paths

* Move lib common abstractions to Auth team

* Move services to Auth team

* Move common lib enums to Auth team

* Move webauthn iframe to Auth team

* Move lib common domain models to Auth team

* Move common lib requests to Auth team

* Move response models to Auth team

* Clean up whitelist

* Move bit web components to Auth team

* Move SSO and SCIM files to Auth team

* Revert move SCIM to Auth team

SCIM belongs to Admin Console team

* Move captcha to Auth team

* Move key connector to Auth team

* Move emergency access to auth team

* Delete extra file

* linter fixes

* Move kdf config to auth team

* Fix whitelist

* Fix duo autoformat

* Complete two factor provider request move

* Fix whitelist names

* Fix login capitalization

* Revert hint dependency reordering

* Revert hint dependency reordering

* Revert hint component

This components is being picked up as a move between clients

* Move web hint component to Auth team

* Move new files to auth team

* Fix desktop build

* Fix browser build
2023-02-06 15:53:37 -06:00
Robyn MacCallum
7ebedbecfb
[SG-998] and [SG-999] Vault and Autofill team refactor (#4542)
* Move DeprecatedVaultFilterService to vault folder

* [libs] move VaultItemsComponent

* [libs] move AddEditComponent

* [libs] move AddEditCustomFields

* [libs] move attachmentsComponent

* [libs] folderAddEditComponent

* [libs] IconComponent

* [libs] PasswordRepormptComponent

* [libs] PremiumComponent

* [libs] ViewCustomFieldsComponent

* [libs] ViewComponent

* [libs] PasswordRepromptService

* [libs] Move FolderService and FolderApiService abstractions

* [libs] FolderService imports

* [libs] PasswordHistoryComponent

* [libs] move Sync and SyncNotifier abstractions

* [libs] SyncService imports

* [libs] fix file casing for passwordReprompt abstraction

* [libs] SyncNotifier import fix

* [libs] CipherServiceAbstraction

* [libs] PasswordRepromptService abstraction

* [libs] Fix file casing for angular passwordReprompt service

* [libs] fix file casing for SyncNotifierService

* [libs] CipherRepromptType

* [libs] rename CipherRepromptType

* [libs] CipherType

* [libs] Rename CipherType

* [libs] CipherData

* [libs] FolderData

* [libs] PasswordHistoryData

* [libs] AttachmentData

* [libs] CardData

* [libs] FieldData

* [libs] IdentityData

* [libs] LocalData

* [libs] LoginData

* [libs] SecureNoteData

* [libs] LoginUriData

* [libs] Domain classes

* [libs] SecureNote

* [libs] Request models

* [libs] Response models

* [libs] View part 1

* [libs] Views part 2

* [libs] Move folder services

* [libs] Views fixes

* [libs] Move sync services

* [libs] cipher service

* [libs] Types

* [libs] Sync file casing

* [libs] Fix folder service import

* [libs] Move spec files

* [libs] casing fixes on spec files

* [browser] Autofill background, clipboard, commands

* [browser] Fix ContextMenusBackground casing

* [browser] Rename fix

* [browser] Autofill content

* [browser] autofill.js

* [libs] enpass importer spec fix

* [browser] autofill models

* [browser] autofill manifest path updates

* [browser] Autofill notification files

* [browser] autofill services

* [browser] Fix file casing

* [browser] Vault popup loose components

* [browser] Vault components

* [browser] Manifest fixes

* [browser] Vault services

* [cli] vault commands and models

* [browser] File capitilization fixes

* [desktop] Vault components and services

* [web] vault loose components

* [web] Vault components

* [browser] Fix misc-utils import

* [libs] Fix psono spec imports

* [fix] Add comments to address lint rules
2023-01-31 16:08:37 -05:00
dgoodman-bw
6e1aef543d
Ps 1061 cli update command returns wrong version (#4071)
* PS-1061 - replace out of date url references

* PS-1061 - reverse position of error case handling to reduce nesting

* PS-1061 - remove unnecessary constructor parameters, move downloadUrl construction to separate function

* PS-1061 - move constants outside of class, readability improvements

* PS-1061 - use standard notation for property assignment

* PS-1061 - initialize downloadUrl with default value
2022-11-30 15:47:19 -07:00
Daniel James Smith
80f5a883e0
[PS-1884] [TDL-189] [TDL-203] Move libs/node files to CLI and rename per ADR12 (#4069)
* Extract files only used in cli out of libs/node

Move commands from libs/node to cli
Move program from libs/node to cli
Move services from libs/node to cli
Move specs from libs/node to cli

Naming changes based on ADR 12
Rename commands
Rename models/request
Rename models/response
Remove entries from whitelist-capital-letters.txt

* Merge lowDbStorageService into base class

Move logic from extended lowdbStorage.service.ts into base-lowdb-storage.service.ts
Delete lowdb-storage.service.ts
Rename base-lowdb-storage.service.ts to lowdb-storage.service.ts

* Merge login.command with base class

program.ts - changed import temporarily to make it easier to review
Remove passing in clientId, set "cli" when constructing ssoRedirectUri call
Remove setting callbacks, use private methods instead
Remove i18nService from constructor params
Add syncService, keyConnectorService and logoutCallback to constructor
Merge successCallback with handleSuccessResponse
Remove validatedParams callback and added private method
Move options(program.OptionValues) and set in run()
Delete login.command.ts

* Rename base-login.command.ts to login.command.ts

* Merge base.program.ts with program.ts
2022-11-18 13:20:19 +01:00
Matt Gibson
b96ae86de2
Expand serve origin protection warning (#4024)
This warning was kept vague during fix rollout, but now that we're more
than a release past, we can expand the explanation.
2022-11-11 08:07:34 -06:00
Justin Baur
7145b13df1
[PS-1093] Move Organization Api Calls (#3243)
* Move organization api calls into seperate service

* Remove unneeded unknown

* Address PR feedback
2022-08-24 12:33:05 -04:00
Tomi Belan
e7da2f0c22
Allow bw sync without unlocking (#2916) 2022-08-16 16:27:05 -05:00
Matt Gibson
6e68761337
PS-1230 PS-1152 Fix/improve null origin message (#3280)
* Improve message if Origin header value is empty

* PS-1230 Remove serve feature flag
2022-08-11 09:00:27 -05:00
Matt Gibson
e7220644d1
[PS-1152] CLI serve forbid browser requests (#3220)
* Inconsiquential change to allow a draft PR

* Serve blocks requests from browsers by default

Option is provided to override this behavior for backwards
compatibility.

* Revert "Inconsiquential change to allow a draft PR"

This reverts commit 0f51344c35.
2022-08-05 10:27:11 -05:00
Oscar Hinton
bc639688e8
Use NPM workspace (#2874) 2022-06-14 17:10:53 +02:00
Hinton
980429f4bd Move CLI to apps/cli 2022-05-25 10:57:15 +02:00