* Cipher service web changes
* Updated browser client to pass user id to cipher service observable changes
* Cli changes
* desktop changes
* Fixed test
* Libs changes
* Fixed merge conflicts
* Fixed merge conflicts
* removed duplicate reference fixed conflict
* Fixed test
* Fixed test
* Fixed test
* Fixed desturcturing issue on failed to decrypt ciphers cipher service
* Updated abstraction to use method syntax
* Fixed conflicts
* Fixed test on add edit v2
Passed active userId to delete function
* Used getUserId utility function
* made vault changes
* made suggestion changes
* made suggestion changes
* made suggestion changes
* Replace getUserId function calls with pipe operator syntax for better consistency
* fixed merge conflicts
* revert mistake made of usinf account activity during merge conflict fix
* fixed conflicts
* fixed tests
* Enable UI refresh on web by default
Removing all conditional code around the `ExtensionRefresh`-feature-flag on the web-UI
* Remove no longer needed extensRefresh helpers
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Move all files from libs/importer/spec into libs/importer/src
* Ignore ts-strict on spec-data
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations
* Revert "refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations"
This reverts commit 419c26fbbc.
* update new device verification guard to check for master password usage
* add sso check for new device verification guard
* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed location of retrieving the active user id in one component.
* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed up type safety.
* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Removed unnessesary subscriptions.
* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Fixed test.
* fix(active-user-state-refactor): [PM-18052] Jit Bug with SSO Service - Made code a little cleaner.
* Remove v1 generator from web
Remove conditional routing based on `generator-tools-modernization`
Remove generatorSwap helper
Remove generator and password-generator-history components including the base ones in libs/angular
* Remove the feature flag `generator-tools-modernization`
* Remove unused keys from en/messages.json
* Remove unused css
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* favor subscription over firstValueFrom in desktop cipher view
* add event handling for username generator
* Revert "add event handling for username generator"
This reverts commit 73cffbcc6b.
* close out subscription on cleanup
* Format help links on vault import
* Fix broken link ot gnome key-ring importer
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* remove provider client privay banner, implement account deprovisioning banner
* add copy, make state depend on org plan type and org id
* cleanup
* refactor, add test
* cleanup
* cleanup
* add state migration
* Fix lintter error
* Move encrypt service to km ownership
* Update imports for encrypt service abstraction and move bulk encrypt service abstraction
* Fix imports
* Fix further imports
* Fix imports
* Fix worker import
* move `add-edit-folder` component to `angular/vault/components` so it can be consumed by other platforms
* add edit/add folder copy to web app copy
* add extension refresh folder dialog to individual vault
* adding folder delete message to the web
* add deletion result for add/edit folder dialog
* allow editing folder from web
* fix strict types for changed files
* update tests
* remove border class so hover state shows
* revert changes to new-item-dropdown-v2
* migrate `AddEditFolderDialogComponent` to `libs/vault` package
* add Created enum type
* add static open method for folder dialog
* add fullName to `FolderFilter` type
* save the full name of a folder before splitting it into parts
* use the full name of the folder filter when available
* use a shallow copy to edit the folder's full name
---------
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Only users with Manage/Edit permissions will be allowed to Assign To Collections. If the user has Can Edit Except Password the collections dropdown will be disabled.
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
* refactor(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - First pass of work to update the state. In the middle of testing.
* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fix for jslib-services.module.ts
* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fix main.background.ts
* test(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Added simple tests
* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Tiny touchups.
* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Few fixes to resolve comments.
* fix(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Changed place where userId is loaded.
* test(active-user-state-refactor): [PM-12040] Remove ActiveUserState from SSO Service - Fixed test.
Updates UI text and translations for the login with device feature to be more consistent and clear across desktop, browser and web clients. Changes include:
- Updated titles and content for login via auth request components
- Revised translations for device approval modal
- Updated notification titles and alert messages
- Simplified device management URL handling
- Added missing translations across platforms
Resolves PM-3953
* Remove deprecated and unused PasswordGenerationService
* Remove unused state-service
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Move premium component into billing ownership
Update CODEOWNERS
Move files within libs/angular
Move files within desktop
Adjust import paths
* Remove configService
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* feat(newdeviceVerificaiton) : adding component and request model
* feat(newDeviceverification) : adding state structure to track verify devices for active user; added API call to server.
* feat(newDeviceVerification) : added visual elements for opting out of new device verification.
* Fixing tests for account service.
fixed DI for account service
* Fixing strict lint issues
* debt(deauthorizeSessionsModal) : changed modal to dialog. fixed strict typing for the new dialog for deviceVerification.
* fixing tests
* fixing desktop build DI
* changed dialog to standalone fixed names and comments.
* Adding tests for AccountService
* fix linting
* PM-15605 - AccountComp - fix ngOnDestroy erroring as it was incorrectly decorated with removed property.
* PM-15605 - SetAccountVerifyDevicesDialogComponent - only show warning about turning off new device verification if user doensn't have 2FA configured per task description
---------
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* WIP: PoC with lots of terrible code with web push
* fix service worker building
* Work on WebPush Tailored to Browser
* Clean Up Web And MV2
* Fix Merge Conflicts
* Prettier
* Use Unsupported for MV2
* Add Doc Comments
* Remove Permission Button
* Fix Type Test
* Write Time In More Readable Format
* Add SignalR Logger
* `sheduleReconnect` -> `scheduleReconnect`
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Capture Support Context In Connector
* Remove Unneeded CSP Change
* Fix Build
* Simplify `getOrCreateSubscription`
* Add More Docs to Matrix
* Update libs/common/src/platform/notifications/internal/worker-webpush-connection.service.ts
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Move API Service Into Notifications Folder
* Allow Connection When Account Is Locked
* Add Comments to NotificationsService
* Only Change Support Status If Public Key Changes
* Move Service Choice Out To Method
* Use Named Constant For Disabled Notification Url
* Add Test & Cleanup
* Flatten
* Move Tests into `beforeEach` & `afterEach`
* Add Tests
* Test `distinctUntilChanged`'s Operators More
* Make Helper And Cleanup Chain
* Add Back Cast
* Add extra safety to incoming config check
* Put data through response object
* Apply TS Strict Rules
* Finish PushTechnology comment
* Use `instanceof` check
* Do Safer Worker Based Registration for MV3
* Remove TODO
* Switch to SignalR on any WebPush Error
* Fix Manifest Permissions
* Add Back `webNavigation`
* Sorry, Remove `webNavigation`
* Fixed merge conflicts.
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
* Moved has-premium.guard under billing
* Moved free-trial.ts to billing
* Moved premium directives to billing
* Moved families-policy.service.ts to billing
* Moved trial initiation from auth to billing
* update extension refresh form when an attachment is added or removed
- This is needed because the revision date was updated on the server and the locally stored cipher needs to match.
* receive updated cipher from delete attachment endpoint
- deleting an attachment will now alter the revision timestamp on a cipher.
* patch the cipher when an attachment is added or deleted
* migrate vault component to use the `cipherViews$` observable
* reference `cipherViews$` on desktop for vault-items
- This avoid race conditions where ciphers are cleared out in the background. `cipherViews` should always emit the latest views
* return CipherData from cipher service so that consumers have the updated cipher right away
* use the updated cipher from attachment endpoints to refresh the details within the add/edit components on desktop
The legacy config is deprecated and will be removed in eslint 10. The flat config also allows us to write js functions which will assist in handling limitations with multiple identical rules.
* Remove deprecated and unused PasswordGenerationService
* Remove unused state-service
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Wait for an account to become available from separate observable, instead of blindly accepting that the value is there using `firstValueFrom`, while it's sometimes not there immediately.
* PM-17197 - Refactor DeviceTrustService to deprecate active user state as I need to call with a user id per latest best practice
* PM-17197 - Refactor Unauth Guard to be aware of TDE lock state + use active user best practice.
* [PM-17541] Switch folder key definition back to "folders" and add migration script for users that have switched to the incorrect key
* [PM-17541] Fix import path
* [PM-17541] Fix implicit any in spec file
* refactor PolicyService.getAll$ to make userId not optional
* add fix to browser
* fix test to read from mock singleUserState
* remove nested pipes, cleanup
* allow changing of item owner from personal to org
* avoid unecessary api calls when updating item parent
* move comment up a line
* add localData to cipher instance
* create service to load sdk on application init
* Eagerly load CLI SDK
* Remove wasm logging to api
* Fix imports
* Eagerly load Desktop renderer SDK
Note: If the main process ever requires an SDK, we'll need to load it there, too.
In that event, it's probably a good idea to move to IPC for all SDK functions to avoid
loading the SDK for every window.
* init wasm module from sdk load service
* Use default client factory
* Fix type imports
* Resolve jest module import errors
A CLI sdk load service that async imports our wasm binary doesn't seem to be needed to run, but jest isn't dealing with the ESM import properly.
* Fix linting
* remove example code
Add device verification flow that requires users to enter an OTP when logging in from an unrecognized device. This includes:
- New device verification route and guard
- Email OTP verification component
- Authentication timeout handling
PM-8221
* [PM-15506] Wire up vNextOrganizationService for libs/common and libs/angular (#12683)
* Wire up vNextOrganizationService in PolicyService
* Wire vNextOrganizationService in SyncService
* wire vNextOrganizationService for EventCollectionService
* wire vNextOrganizationService for KeyConnectorService
* wire up vNextOrganizationService for CipherAuthorizationService
* Wire up vNextOrganizationService in PolicyService
* Wire vNextOrganizationService in SyncService
* wire vNextOrganizationService for EventCollectionService
* wire vNextOrganizationService for KeyConnectorService
* wire up vNextOrganizationService for CipherAuthorizationService
* wire vNextOrganizationService for share.component
* wire vNextOrganizationService for collections.component
* wire vNextOrganizationServcie for add-account-credit-dialog
* wire vNextOrganizationService for vault-filter.service
* fix browser errors for vNextOrganizationService implementation in libs
* fix desktop errors for vNextOrganizationService implementation for libs
* fix linter errors
* fix CLI errors on vNextOrganizationServcie implementations for libs
* [PM-15506] Wire up vNextOrganizationService for web client (#12810)
PR to a feature branch, no need to review until this goes to main.
* implement vNextOrganization service for browser client (#12844)
PR to feature branch, no need for review yet.
* wire vNextOrganizationService for licence and some web router guards
* wire vNextOrganizationService in tests
* remove vNext notation for OrganizationService and related
* Merge branch 'main' into ac/pm-15506-vNextOrganizationService
* fix tsstrict error
* fix test, fix ts strict error
* remove todo
* Retrieve cache cipher for add-edit form
* user prefilled cipher for add-edit form
* add listener for clearing view cache
* clear local cache when clearing global state
* track initial value of cache for down stream logic that should only occur on non-cached values
* add feature flag for edit form persistence
* add tests for cipher form cache service
* fix optional initialValues
* add services to cipher form storybook
* fix strict types
* rename variables to be platform agnostic
* use deconstructed collectionIds variable to avoid them be overwritten
* use the originalCipherView for initial values
* add comment about signal equality
* prevent events from being emitted when adding uris to the existing form
- This stops other values from being overwrote in the initialization process
* add check for cached cipher when adding initial uris
* collect tailwind styles from the `libs/vault/*`
- Some unique styles were not showing in storybook
* initial add of carousel component
* initial add of carousel stories
* move carousel button to a standalone component for organization
* add key manager for carousel buttons
* add tab panel role to slide component
* make carousel slide focusable when it does not contain focusable elements
* add aria live to carousel slides
* add labels for carousel slide buttons
* emit slide change event
* move icons to carousel-icons folder
* add barrel file for carousel
* move protected properties
* remove underscore
* allow differing heights of carousel slides
* update interactive styles for the carousel icons
* allow for focus styled on carousel buttons
* fix tests
* fix imports
* add method to render each slide and get the height of the tallest slide
- This avoids consumers having to pass in a height.
- The height of the tallest slide is needed because it will stop the carousel from jumping around as the user scrolls.
* add comment to content property
* remove rem calculation
* Fix biometrics unlock window being empty
* Add trust on sensitive action
* Add dialog for outdated desktop app and fix spelling
* Use updated fingerprint method
* Refactor connected app trust
* Move connected apps to ephemeral value store and show error on outdated browser
* Move trust logic to only occur when fingerprint setting is enabled
* Add more tests
* Simplify code
* Update ephemeral value list call to "listEphemeralValueKeys"
* Fix trust being ignored
* Changes to disabled user from seeing password that they shouldn't see or edit easily.
* Fixing defects on PM-13938
* undoing unecessary change
* Updating tests
---------
Co-authored-by: --global <>
Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
* Update Figma links
updated existing Figma links to point to the new file and added Figma links to components missing them
* Added last missing Figma links
Extract core functionality from `libs/angular` to allow teams to depend on `libs/ui-common` instead.
Moves the following functionality to `ui-common`.
- `I18nPipe`. `libs/angular` still has an old copy but `components` depends on the new variant from `ui-common`.
- `safeProvider`, `SafeProvider` and `SafeInjectionToken`. `libs/angular`re-exports these to avoid needing to update all consumers.
* Remove LP fileless importer
- Remove content scripts
- Remove additions to message handlers and notifcation queue
- Remove UI elements for the importer
- Remove the actual importer code
- Remove unsued keys from en/messages.json
Remove feature flag "browser-fileless-
import"
Update webpack.config and manifest files to no longer include content scripts
* Move feature flag idp-auto-submit-login under autofill grouping
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* remove private/protected/lifecycle fields from Storybook docs table
* move theme override decorator into util method
* implement base drawer component
* update bit-layout to be drawer container
* create drawer helper components
* expose new APIs to DS barrel file
* write docs
* update docs; add role input
* use host directive instead of service
* clean up logic a tad
* add start slot to story
* update docs
* Apply suggestions from code review
Co-authored-by: Victoria League <vleague@bitwarden.com>
* update docs
* Update libs/components/src/drawer/drawer.mdx
Co-authored-by: Victoria League <vleague@bitwarden.com>
* update docs / stories
* add non text element to drawer
---------
Co-authored-by: Victoria League <vleague@bitwarden.com>
* Fix biometrics not working in firefox or windows
* Remove logs
* Update badge after biometric unlock
* Add removal todo note
* Remove debug logging
* Fix type warnings
* Fix userkey typing in background biometrics service
* Simplify types for userkey in foreground-browser-biometrics and runtime.background.ts
* Add process reload logging
* Fix autoprompt not working when no process reload happened
* Fix biometric unlock badge in mv2
* Fix instant reprompt on firefox lock
* Remove biometrics autoprompt on firefox (#12856)
Bug fix for PM-15914 where switching users would incorrectly share cached
derived states. The `DerivedStateProvider` now uses a `WeakMap` to maintain
separate caches for each user's state `Observable`.
- Modifies `DefaultDerivedStateProvider` to use `WeakMap` for caching
- Each user's state `Observable` gets its own definition cache
- Added test to verify correct behavior during user switching
- Allows proper garbage collection of unused state caches
This fixes issues where:
- Users would see other users' cached states after switching accounts
- Derived states weren't properly isolated between users
- Cache keys didn't distinguish between different user states
* Fix biometrics not working in firefox or windows
* Remove logs
* Update badge after biometric unlock
* Add removal todo note
* Remove debug logging
* Fix type warnings
* Fix userkey typing in background biometrics service
* Simplify types for userkey in foreground-browser-biometrics and runtime.background.ts
* Add process reload logging
* Fix autoprompt not working when no process reload happened
* Fix instant reprompt on firefox lock
* Fix biometrics enabling error on chrome
* Update apps/browser/src/key-management/biometrics/foreground-browser-biometrics.ts
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* FIx build & linting
---------
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* [deps] SM: Update typescript-eslint monorepo to v8
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* PM-16947 - JsLibServices - register default DefaultLoginApprovalComponentService
* PM-16947 - DeviceResponse - add interface for DevicePendingAuthRequest
* PM-16947 - Web translations - migrate all LoginApprovalComponent translations from desktop to web
* PM-16947 - LoginApprovalComp - (1) Add loading state (2) Refactor to return proper boolean results (3) Don't create race condition by trying to respond to the close event in the dialog and re-sending responses upon approve or deny click
* PM-16947 - DeviceManagementComponent - added support for approving and denying auth requests.
* PM-16947 - LoginApprovalComp - Add validation error
* PM-16947 - LoginApprovalComponent - remove validation service for now.
* PM-16947 - Re add validation
* PM-16947 - Fix LoginApprovalComponent tests
* [PM-5718] Fix totp generation for free orgs in old add-edit component
* [PM-5718] Fix totp generation for free orgs in view cipher view component
* [PM-5718] Cleanup merge conflicts
* Don't generate totp code for premium users or free orgs
* Added redirect to organization helper page
* Changed text to learn more
* Only show upgrade message to premium users
* Show upgrade message to free users with free orgs as well
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* adjust generator dialog buttons to match browser extension UI
* put dialog label into generator config
* fix types. remove i18n key
* use event emitted pattern for getting algorithm config
* favor arrow function
* move function call
* append key to i18n prop
* fix test
Update all libs to use explicit dependencies rather than relying on tsconfig.libs.json. This allows us to more easily understand the dependencies between libs and prevent users from accidentally adding new dependencies.
We still use tsconfig.libs (now renamed tsconfig.spec) for tests.
* [PM-16098] Add decryptionFailure flag to CipherView
* [PM-16098] Add failedToDecryptCiphers$ observable to CipherService
* [PM-16098] Introduce decryption-failure-dialog.component
* [PM-16098] Disable cipher rows for the Web Vault
* [PM-16098] Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher
* [PM-16098] Browser - Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher
* [PM-16098] Desktop - Show decryption error dialog on vault load or when attempting to view a corrupted cipher. Remove edit/clone context menu options and footer actions.
* [PM-16098] Add CS link to decryption failure dialog
* [PM-16098] Return cipherViews and move filtering of isDeleted to consumers
* [PM-16098] Throw an error when retrieving cipher data for key rotation when a decryption failure is present
* [PM-16098] Properly filter out deleted, corrupted ciphers when showing dialog within the Vault
* [PM-16098] Show the decryption error dialog when attempting to view a cipher in trash and disable the restore option
* [PM-16098] Exclude failed to decrypt ciphers from getAllDecrypted method and cipherViews$ observable
* [PM-16098] Avoid re-sorting remainingCiphers$ as it was redundant
* [PM-16098] Update tests
* [PM-16098] Prevent opening view dialog in AC for corrupted ciphers
* [PM-16098] Remove withLatestFrom operator that was causing race conditions when navigating away from the individual vault
* [PM-16098] Ensure decryption error dialog is only shown once on Desktop when switching accounts
