* Move user key memory state to state providers
Note: state service observable change is because these updates are no longer internal to the class, but reporter directly to account service through crypto service on update of a user key
* remove decrypted user key state
Note, we're going to move the encrypted cryptoSymmetric key (and associated master key encrypted user keys) as part of the master key service creation. Crypto service will no longer be responsible for the encrypted forms of user key.
* Deprecate notices belong on abstraction
* Allow for single-direction status updates
This is necessary since we don't want to have to guarantee that the update to logged out occurs after the update to locked.
* Remove deprecated subject
It turns out the set for cryptoMasterKey was also unused 🎉
* [AC-2193] Hide collection access restricted state when there are visible sub-collections
* [AC-2193] Undo change to showCollectionAccessRestricted
* [AC-2193] Update not items and access restricted views to only show if there are both no collections or items available
* [PM-673] Safari Notification Bar Does Not Show Folders
* [PM-673] Refactoring Context Menu Implementations to Ensure Pages with No Logins Can Dismiss Notification Bar
* [PM-673] Refactoring typing information for the LockedVaultPendingNotificationsItem typing
* [PM-673] Refactoring typing information for notification background
* [PM-673] Finishing out typing for potential extension messages to the notification bar;
* [PM-673] Working through implementation details for the notification background
* [PM-673] Fixing issues present with messaging re-implementation
* [PM-673] Fixing issue with folders not populating within Safari notification bar
* [PM-673] Fixing jest test issues present within implementation
* [PM-673] Fixing issue present with webVaultUrl vulnerability
* [PM-673] Fixing XSS Vulnerability within Notification Bar;
* [PM-5670] Putting together a partial implementation for having messages appear on network error within the notification bar
* [PM-673] Incorporating status update for when user has successfully saved credentials
* [PM-673] Incorporating status update for when user has successfully saved credentials
* [PM-5949] Refactor typing information for notification bar
* [PM-5949] Fix jest tests for overlay background
* [PM-5949] Removing unnused typing data
* [PM-5949] Fixing lint error
* [PM-5949] Adding jest tests for convertAddLoginQueueMessageToCipherView method
* [PM-5949] Fixing jest test for overlay
* [PM-5950] Fix Context Menu Update Race Condition and Refactor Implementation
* [PM-5950] Adding jest test for cipherContextMenu.update method
* [PM-5950] Adding documentation for method within MainContextMenuHandler
* [PM-5950] Adding jest tests for the mainContextMenuHandler
* [PM-673] Stripping unnecessary work for network drop issue
* [PM-673] Stripping unnecessary work for network drop issue
* [PM-673] Stripping out work done for another ticket
* [PM-5950] Removing unnecessary return value from MainContextMenuHandler.create method
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-5950] Fixing unawaited context menu promise
* [PM-673] Merging changes in from main and fixing merge conflicts
* [PM-673] Fixing issue where updates to the added login were not triggering correctly
* [PM-673] Merging changes in from main and fixing merge conflicts
* [PM-5949] Refactor typing information for notification bar
* [PM-5949] Fix jest tests for overlay background
* [PM-5949] Removing unnused typing data
* [PM-5949] Fixing lint error
* [PM-5949] Adding jest tests for convertAddLoginQueueMessageToCipherView method
* [PM-5949] Fixing jest test for overlay
* [PM-5950] Fix Context Menu Update Race Condition and Refactor Implementation
* [PM-5950] Adding jest test for cipherContextMenu.update method
* [PM-5950] Adding documentation for method within MainContextMenuHandler
* [PM-5950] Adding jest tests for the mainContextMenuHandler
* [PM-5950] Removing unnecessary return value from MainContextMenuHandler.create method
* [PM-5950] Fixing unawaited context menu promise
* [PM-4756] feat: set BE and BS flags
* [PM-4755] feat: add support for credProps.rk
* [PM-4755] feat: add extension support to page-script object mapping
* Create state for biometric client key halves
* Move enc string util to central utils
* Provide biometric state through service
* Use biometric state to track client key half
* Create migration for client key half
* Ensure client key half is removed on logout
* Remove account data for client key half
* Remove unnecessary key definition likes
* Remove moved state from account
* Fix null-conditional operator failure
* Simplify migration
* Remove lame test
* Fix test type
* Add migrator
* Remove state that is never read.
* Remove unnecessary biometric state
We don't need to determine platform in desktop background, it can be done in the UI at any time.
* Fix merge
* Use platform utils to identify OS desktop type
* [deps] Tools: Update electron to v28.2.3
* Bump version in electron-builder
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* update collection service to use new state provider framework, remove stateservice from collection service, update collections state provider with migrate file and unit test
* enable duo for desktop
* added missing return path in main.ts
* updated logic in component
* removed switch added await; updated logic in main.
* addressed subscription concerns in main; updated formatting in 2fa component
* Update Duo case in locales
* Create MigrationRunner
- Create MigrationRunner Service for running migrations in StateService
- Create web override so that migrations also run against `localStorage`
* Fix Web StateService
* Fix WebMigrationRunner
* Fix CLI
* Fix ElectronStateService
* Update Comment
* More Common Scenarios
* Move libs/exporter into libs/tools/*
Migrating all files from libs/exporter over to libs/tools/export/vault-export/vault-export-core
Rename package to vault-export-core
Fix all file paths
* Update libs and tsconfig imports
* Fix client imports
* Fix eslint, jest and package-lock.json
* Update CODEOWNERS
* Add README.md to whitelist-capital-letters
* Fix vault-export-service tests not running
* Update libs/tools/export/vault-export/README.md
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
* Fix types imports
* Export types from vault-export-core
* Fixed content of README
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
* Removed passwordless-login feature flag
* Removed conditional on login component.
* Added back reference accidentally deleted.
* Fixed initialization of the service in tests.
* Removed unused private variable.
* Updated DI to remove configService
* Undid changes to workspace file.
* Undid all changes to workspace file
* Undid merge changes to collection dialog
* Linting
* Begin migration of autofill settings
Co-authored-by: Cesar Gonzalez <cagonzalezcs@users.noreply.github.com>
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
Co-authored-by: Colton Hurst <coltonhurst@users.noreply.github.com>
* add browser dependency for AutofillSettingsService
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* update autofill settings service
* replace usages of stateService get/set autofillOnPageLoad with autofillSettingsService
* replace usages of stateService get/set autofillOnPageLoadDefault with autofillSettingsService
* replace usages of stateService get/set autoCopyTotp with autofillSettingsService
* replace usages of stateService get/set autoFillOnPageLoadCalloutIsDismissed with autofillSettingsService
* replace usages of stateService get/set activateAutoFillOnPageLoadFromPolicy with autofillSettingsService
* replace usages of get/set autoFillOverlayVisibility with autofillSettingsService
* inlineMenuVisibility should use global state
* add the AutofillSettingsService to background scripts
* fix typing
* replace additional usages of get/set autoFillOverlayVisibility and disableAutoTotpCopy with autofillSettingsService equivalents
* replace additional usages of get/set autofillOnPageLoadDefault with autofillSettingsService equivalent
* replace additional usages of get/set activateAutoFillOnPageLoadFromPolicy with autofillSettingsService equivalent
* remove additional deprecated and unused state service calls
* improve naming conventions and consistency
* fix missing mock for policy service test
* replace missing overlay background tests
* cleanup
* fix double inversion
* fix reference to wrong setter
* move handleActivateAutofillPolicy out of BrowserPolicyService
* create state migration script
* resolve linting issues
* remove migrated setting properties
* add AutofillSettingsSErvice to jslib-services
* handle conditional content script loading via autofillOnPageLoad check
* add deprecated note to getFromLocalStorage
* add jsdoc decorators to new autofill service methods
* handle undefined globalState
* move autofill settings out of BrowserPolicyService
* Move autofill settings code out of policyService
* fix tests
* fix typo in state definition
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Cesar Gonzalez <cagonzalezcs@users.noreply.github.com>
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Colton Hurst <coltonhurst@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [deps] Tools: Update electron to v28.2.2
* Bump version in electron-builder.json
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [PM-5949] Refactor typing information for notification bar
* [PM-5949] Fix jest tests for overlay background
* [PM-5949] Removing unnused typing data
* [PM-5949] Fixing lint error
* [PM-5949] Adding jest tests for convertAddLoginQueueMessageToCipherView method
* [PM-5949] Fixing jest test for overlay
* Change passphrase generator's default wordSeparator to the empty string ''
* Create DefaultPassphraseGenerationOptions
* Use DefaultPassphraseGenerationOptions.wordSeparator in passphrase generation
* Add `empty` separator option to passphrase generator CLI and an example
* Change DefaultPassphraseGenerationOptions numWords to 3
* Use `DefaultPassphraseGenerationOptions.numWords` in CLI passphrase gen
* [AC-1124] Add getManyFromApiForOrganization to cipher.service.ts
* [AC-1124] Use getManyFromApiForOrganization when a user does not have access to all ciphers
* [AC-1124] Vault changes
- Show new collection access restricted view
- Include unassigned ciphers for restricted admins
- Restrict collections when creating/cloning/editing ciphers
* [AC-1124] Update edit cipher on page navigation to check if user can access the cipher
* [AC-1124] Hide ciphers from restricted collections
* [AC-1124] Ensure providers are not shown collection access restricted view
* [AC-1124] Modify add-edit component to call the correct endpoint when a restricted admin attempts to add-edit a cipher
* [AC-1124] Fix bug after merge with main
* [AC-1124] Use private this._organization
* [AC-1124] Fix broken builds
* create sso service
* rename sso service to sso-login service
* rename service
* add references to sso login service and update state calls
* fix browser
* fix desktop
* return promises
* remove sso state from account and global objects
* more descriptive org sso identifier method names
* fix sso tests
* fix tests
* Disable node integration and enable context isolation
* Review comments
* Log in renderer through IPC
* Missed imports
* Mock electron API
* resourcesPath is undefined in the preload, but process.windowsStore works correctly
* Replace fromBufferToUtf8 conditional implementation for the `buffer` package
The current non-node implementation is different than the node implementation,
as the non-node would break when the contents can't be parsed as a URI component.
Replacing the impl by the `buffer` package makes the result match in both environments.
* Fix lint
* Add some more tests
* Remove buffer from devDependencies
* [PM-5742] Rework Usage of Extension APIs that Cannot be Called with the Background Service Worker
* [PM-5742] Implementing jest tests for the updated BrowserApi methods
* [PM-5742] Implementing jest tests to validate logic within added API calls
* [PM-5742] Implementing jest tests to validate logic within added API calls
* [PM-5742] Fixing broken Jest tests
* [PM-5742] Fixing linter error
* [AC-1899] Only take the first emission of feature flags and organizations to avoid overwriting form values
* [AC-1899] Fix flexibleCollections flag to update when selected org changes
* [AC-1899] Prettier
* Wire up key definitions for OrganizationService
[`AC-2009`: Transition OrganizationService to use StateProvider](
https://bitwarden.atlassian.net/browse/AC-2009)
In order to support the new `StateProvider` APIs for managing
application state this commit modifies `OrganizationService` in the following
ways:
1. Adding a `KeyDefinition` object to `OrganizationService` to store the
`organization` record in `StateProvider`.
1. Injecting `StateProvider` and wiring up `OrganizationService` to read
from the `organizations` key definition for the active user account.
1. Expanding the capabilities of `OrganizationData` to be able to read
itself from a JSON string. Previously this was handled directly by
`StateService`.
1. Updating tests to include requirements for testing against
`StateProvider`.
1. Marking the existing `StateService`-backed `organizations`
`Observable` and `BehaviorSubject` as deprecated.
This is largely unimplemented code with no intended visible effects to
the system. Implementing getting & updating the `organizations` value
from `StateProvider` will the next step in this work.
* Rework null check on OrganizationData
* Remove deprecation signals for the time being
* Move key definition inline with its service
* Create date objects when deserialzing json from state
* added state definition and key definition
* created vault settings service
* created enable passkeys migrations
* created enable passkeys migrations
* renamed the state definition
* created vault settings service
* updated enable passkey key definition
* updated references with vault settings service
* renamed files to avoid conflict
* removed set and get enable passkeys from state service
* removed comment
* fixed comments
* added readonly keyword
* removed service registartion from service module
* removed readonly keyword from abstract class
* swicted to used optional chaining
* renamed files
* added disk-local argument for web
* [PM-5277] Introduce lastSync state via State Providers
* [PM-5277] Add migrator and tests
* [PM-5277] Use memory for web storage location
* [PM-5277] Remove lastSync methods from state service
* [PM-5277] Remove lastSync from AccountProfile
* [PM-5277] Use string instead of Date to fix serialization for chrome.storage API in Browser
* [PM-5277] Only set account if lastSync was deleted during migration
* [PM-5277] Fix spec file
* added state definitionand key definition for folder service
* added data migrations
* created folder to house key definitions
* deleted browser-folder-service and added state provider to the browser
* exposed decrypt function so it can be used by the key definition, updated folder service to use state provider
* removed memory since derived state is now used
* updated test cases
* updated test cases
* updated migrations after merge conflict fix
* added state provider to the folder service constructor
* renamed migration file
* updated comments
* updated comments
* removed service registartion from browser service module and removed unused set and get encrypted folders from state service
* renamed files
* added storage location overides and removed extra methods
* refactor login strategies into own service
* create login service factory
* replaces instances of authService with loginStrategyService
* replace more instances of authService
* move logout back to auth service
* add browser dependencies
* fix desktop dependencies
* fix cli dependencies
* fix lint and test files
* fix anonymous hub deps
* fix webauthn-login service deps
* add loginstrategyservice to bg
* move login strategy service and models to auth folder
* revert changes to tsconfig
* use alias for imports
* fix path
---------
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* [PM-5368] Open Duo auth url. Add BroadcastChannel listener for duo result.
* [PM-5368] Remove debug line. Use PlatformUtilService to launch Uri.
* PM-5368 - Some progress on getting new frameless duo implementation in place
* PM-5368 - Base2FAComp - Save off duoFramelessUrl for use later on as user must be given the option to remember the device before launching the duo frameless flow in the new tab.
* PM-5368 - Web - 2FA Comp - (1) Only show larger width when showing backwards compatible duo (2) Stack buttons per new design (3) selectedProviderType === providerType.OrganizationDuo is correct check for when org requires DUO
* PM-5368 - Web - 2FA Comp - translate duo stuff
* PM-4613 - Browser 2FA - Get most of DUO frameless in place. WIP. Must figure out how to transfer state from popup to popout + add popout logic to auth-popout-windows.ts. Converted existing useAnotherTwoStepMethod button to use new comp lib bitButton per design.
* PM-4613 - Browser 2FA Comp - (1) HTML - add margin around duo frameless text to match figma (2) Get popout extension logic working properly - now closes existing popup
* PM-4613 - TODO figure out communication between web and browser as broadcast channel will not work.
* PM-5368 - Base comp + web changes - (1) Base component now has a setupDuoResultListener method for child classes to override (2) Web overrides setupDuoResultListener and cleans up broadcast channel once a duo result comes through.
* PM-4613 - Browser - (1) Add window message handling to content-message-handler content script to pass along the duo result message to the browser extension (2) 2FA comp - override setupDuoResultListener and use browserMessagingApi to listen to duoResult and submit when it comes through.
* PM-5368 - Web - 2FA comp - only clean up duo result channel on ngDestroy so that user can re-submit if an error occurs.
* PM-5368 and PM-4613 - (1) Update base 2FA comp to only initialize duo result listener once as init is called any time the user changes 2FA option if multiple are present (duo org and duo personal) (2) Each client now will only create a listener once even if it is called more than once (3) On web, only try to clean up the duoResultChannel if it was created to avoid erroring on other 2FA methods.
* PM-5368 - Base 2FA comp - add TODO to remove duo SDK handling once we remove the duo-redirect flag
* PM-5368 - Per PR feedback, avoid repetition of duo provider check by using a new public property for isDuoProvider
* PM-4613 - Per PR feedback: (1) Deconstruct code out of data (2) Add test for duoResult.
---------
Co-authored-by: André Bispo <abispo@bitwarden.com>
* Create state for biometric client key halves
* Move enc string util to central utils
* Provide biometric state through service
* Use biometric state to track client key half
* Create migration for client key half
* Ensure client key half is removed on logout
* Remove account data for client key half
* Remove unnecessary key definition likes
* Remove moved state from account
* Fix null-conditional operator failure
* Simplify migration
* Remove lame test
* Fix test type
* Add migrator
* Prefer userKey when legacy not needed
* Fix tests
* [PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3
* [PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3
* [PM-5976] Removing usage of pinging system and keeping reworked top-level registration of window message listener events
* [PM-5976] Pulling the implementation of the static content script delcaration for the content-message-handler file to the top of the list of content_scripts
* [PM-5976] Pulling the implementation of the static content script delcaration for the content-message-handler file to the top of the list of content_scripts
* [PM-5976] Removing the useCapture value within the window message event listener
* [deps] Tools: Update electron to v28.2.1
* Bump version in electron-builder.json
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Implementing pinging system for SSO to address issue on Safari with race condition
* Implementing pinging system for SSO to address issue on Safari with race condition
* [PM-5976] Updating references within sso.ts
---------
Co-authored-by: Cesar Gonzalez <cgonzalez@bitwarden.com>
* PM-5976 - Only try to initiate browser SSO when document is ready to avoid race condition between browser content script message listener being registered and the browser sso initiating message being sent.
* PM-5976 - adjust initiateBrowserSsoIfDocumentReady per PR feedback