1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-25 12:15:18 +01:00
Commit Graph

945 Commits

Author SHA1 Message Date
Todd Martin
88cc37e37f
Auth/pm 7672/Update token service to return new token from state (#9706)
* Changed return structure

* Object changes

* Added missing assert.

* Updated tests to use SetTokensResult

* Fixed constructor

* PM-7672 - Fix tests + add new setTokens test around refresh token

* Removed change to refreshIdentityToken.

* Updated return definition.

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2024-06-19 11:51:12 -04:00
aj-rosado
1a37d02556
[AC-2504] Add new members access report card (#9335)
* Added new report card and FeatureFlag for MemberAccessReport

* Add new "isEnterpriseOrgGuard"

* Add member access icon

* Show upgrade organization dialog for enterprise on member access report click

* verify member access featureflag on enterprise org guard

* add comment with TODO information for follow up task

* Improved readability, removed path to wrong component and refactored buildReports to use the productType

* added TODO to remove the feature flag on cleanup

* changing ProductType to ProductTierType on isEnterpriseOrgGuard
2024-06-18 22:13:55 +01:00
Cesar Gonzalez
90d619acb5
[PM-8027] Inline menu appears within input fields that do not relate to user login (#9110)
* [PM-8027] Inlin menu appears within input fields that do not relate to user login

* [PM-8027] Inlin menu appears within input fields that do not relate to user login

* [PM-8027] Inlin menu appears within input fields that do not relate to user login

* [PM-8027] Working through logic heuristics that will help us determine login form fields

* [PM-8027] Fixing jest test

* [PM-8027] Reworking inline menu to qualify and setup the listeners for each form field after page deatils have been collected

* [PM-8027] Cleaning up implementation details

* [PM-8027] Cleaning up implementation details

* [PM-8027] Cleaning up implementation details

* [PM-8027] Updating update of page details after mutation to act on an idle moment in the browser

* [PM-8027] Updating how we guard against excessive getPageDetails calls

* [PM-8027] Refining how we identify a username login form field

* [PM-8027] Refining how we identify a password login form field

* [PM-8027] Refining how we identify a username login form field

* [PM-8027] Fixing jest tests for the overlay

* [PM-8027] Fixing jest tests for the collectPageDetails method

* [PM-8027] Removing unnecessary code

* [PM-8027] Removing unnecessary code

* [PM-8027] Adding jest test to validate new behavior

* [PM-8027] Working through jest tests for the InlineMenuFieldQualificationService

* [PM-8027] Working through jest tests for the InlineMenuFieldQualificationService

* [PM-8027] Working through jest tests for the InlineMenuFieldQualificationService

* [PM-8027] Working through jest tests for the InlineMenuFieldQualificationService

* [PM-8027] Working through jest tests for the InlineMenuFieldQualificationService

* [PM-8027] Finalization of Jest test for the implementation

* [PM-8027] Fixing a typo

* [PM-8027] Incorporating a feature flag to allow us to fallback to the basic inline menu fielld qualification method if needed

* [PM-8027] Incorporating a feature flag to allow us to fallback to the basic inline menu fielld qualification method if needed

* [PM-8027] Fixing issue with username fields not qualifyng as a valid login field if a viewable password field is not present

* [PM-8027] Fixing an issue where a field that has no form and no visible password fields should be qualified if a single password field exists in the page

* [PM-8027] Fixing an issue where a field that has no form and no visible password fields should be qualified if a single password field exists in the page

* [PM-8869] Autofill features broken on Safari

* [PM-8869] Autofill features broken on Safari

* [PM-5189] Fixing an issue found within Safari

* [PM-8027] Reverting flag from a fallback flag to an enhancement feature flag

* [PM-8027] Fixing jest tests
2024-06-17 18:49:29 +00:00
Bernd Schoolmann
1970abf723
[PM-4370] Implement PRF key rotation (#9517)
* Add prf key rotation

* Fix tests

* Re-add comment

* Remove encrypted private key from webauthnlogincredentialresponse

* Refactor to use rotateablekeyset

* Move key rotation logic to webauthn-login-admin service

* Fix type error

* Add parameter validation

* Add documentation

* Add input validation

* Add tests
2024-06-17 20:47:06 +02:00
Todd Martin
92f71e4f83
[PM-8865] Reset "should trust device" state to null (#9639) 2024-06-17 12:28:35 -04:00
✨ Audrey ✨
95554af9e2
[PM-8858] include only 1 digit in passphrase (#9632) 2024-06-17 15:55:18 +01:00
Jake Fink
1043a582c1
[PM-7879, PM-7635] Add server verification for master password to user verification (#9523)
* add MP server verification

* add tests and minor service enhancements

* fix tests

* fix initializations for cli and browser

* fix CLI

* pr feedback
2024-06-14 16:06:55 -04:00
Conner Turnbull
f484dd491b
[PM-8830] Billing Enums Rename (#9612)
* Renamed ProductType to ProductTierType

* Renamed Product properties to ProductTier

* Moved product-tier-type.enum.ts to billing folder

* Added ProductType enum
2024-06-14 15:43:40 -04:00
✨ Audrey ✨
44b5971458
[PM-8857] fix passphrase missing number (#9634) 2024-06-14 13:19:51 -04:00
Alex Morask
af53df09ac
[AC-1944] Add provider billing history component (#9520)
* Add provider-billing-history.component

* Implement provider client invoice export
2024-06-14 12:27:49 -04:00
Jared Snider
215bbc2f8e
Auth/PM-7324 - Registration with Email Verification - Registration Start Component Implementation (#9573)
* PM-7324 - Register new registration start comp at signup route on web

* PM-7324 - Add registerSendVerificationEmail logic in API service layer.

* PM-7324 - Update registration start comp to actually send information to API and trigger email.

* PM-7324 - progress on opt in for marketing emails redesign.

* PM-7324 - Add feature flag and feature flag guard to sign up route.

* PM-7324 - RegistrationEnvSelector - emit initial value

* PM-7324 - Registration Start comp - wire up setReceiveMarketingEmailsByRegion logic.

* PM-7324 - Registration start html - use proper link for email pref management.

* PM-7324 - Translate text

* PM-7324 - Design pass

* PM-7324 - design pass v2

* PM-7324 - Update Tailwind config to add availability of anon layout to desktop and browser extension

* PM-7324 - Desktop - AppRoutingModule - Add new signup route protected by the email verification feature flag.

* PM-7324 - BrowserExtension - AppRoutingModule - Add signup route protected by feature flag

* PM-7324 - Feature flag all register page navigations to redirect users to the new signup page.

* PM-7324 - Update AnonLayoutWrapperComponent constructor logic to avoid passing undefined values into I18nService.t method

* PM-7324 - Accept org invite web comp - adjust register url and qParams

* PM-7324 - Add AnonLayoutWrapperData to desktop & browser since we don't need titleId.

* PM-7324 - Revert anon layout wrapper comp changes as they were made separately and merged to main.

* PM-7234 - Fix registration start component so the login route works for the browser extension.

* PM-7324 - Registration start story now building again + fix storybook warning around BrowserAnimationsModule

* PM-7324 - Registration Start - add missing tw-text-main to fix dark mode rendering.

* PM-7324 - Update storybook docs

* PM-7324 - Get stub of registration finish component so that the verify email has something to land on.

* PM-7324 - Registration start - receive marketing materials should never be required.

* PM-7324 - Add finish signup route + required translations to desktop & browser.

* PM-7324 - AnonLayoutWrapperComponent - Resolve issues where navigating to a sibling anonymous route wouldn't update the AnonLayoutWrapperData.

* PM-7324 - Remove unnecessary array

* PM-7324  - Per PR feedback, improve setReceiveMarketingEmailsByRegion

* PM-7324 - Per PR feedback, inject login routes via route data

* PM-7324 - Document methods in account api service

* PM-7324 - PR feedback - jsdoc tweaks
2024-06-14 11:40:56 -04:00
Rui Tomé
f85b7b314c
[AC-1658] Update list command to show only organizations where the user is a member (#9453)
* Refactor list organizations command to use organizationService.memberOrganizations$

* Deprecate OrganizationService.getAll method and update CLI get command to use the organizations observable
2024-06-14 15:38:50 +10:00
Bernd Schoolmann
84e9778669
[PM-4139] Remove approve device logins setting and enable it by default (#9495)
* Remove login with device setting and enable it by default

* Remove unused i18n message
2024-06-13 18:05:05 +00:00
Shane Melton
e56a3386a2
[AC-2763] Allow providers who are also members access to items (#9585)
* [AC-2763] Do not restrict providers if they are also a member of the organization

* [AC-2763] Reduce branching complexity

* [AC-2763] Remove explicit restrict provider access checks in Vault

We can safely fall back organization helpers for cipher access as it already accounts for provider users who are members.
2024-06-13 07:21:14 -07:00
Conner Turnbull
f85c4877e2
Updated certain billing callsites to get billing history instead (#9443) 2024-06-12 07:52:59 -04:00
✨ Audrey ✨
882a432ca6
[PM-7289] implement generator libraries (#9549)
This is a copy of the files. The source in `@bitwarden/common` will be deleted once
all of the applications have been ported to the library.
2024-06-11 16:06:37 -04:00
Vincent Salucci
b169207b74
[AC-2647] Remove Flexible Collections MVP code (#9518)
* chore: organization.ts, remove refs to flexibleCollections and isManager, refs AC-2647

* chore: clean up callers of removed methods from organization.ts, refs AC-2647

* chore: access-selector, remove fc input and update permissionList param, refs AC-2647

* chore: update permissionList caller, update group-add-edit fc refs, and remove accessAll, refs AC-2647

* chore: update member-dialog fc callers, refs AC-2647

* chore: update bulk-collections-dialog fc callers, refs AC-2647

* chore: update collection-dialog fc callers, refs AC-2647

* chore: update simple fc caller to misc files, refs AC-2647

* chore: update member-dialog fc callers, refs AC-2647

* chore: remove accessAll references and update callers, refs AC-2647

* chore: update comment to specify v1 usage, refs AC-2647

* chore: remove unused message keys and code calls to use those messages, refs AC-2647

* chore: remove readonly false from access-selector model map function, refs AC-2647
2024-06-10 11:59:20 -05:00
Shane Melton
19f2d2aefc
[PM-8379] Update vault popup items service to track loading state (#9528) 2024-06-10 09:55:12 -07:00
Rui Tomé
eef1e511b5
[AC-2286] [Defect] - CLI: User creating a collection through the CLI does not have access to the collection (#9409)
* Send current Org user Id on collection creation through CLI

* Run npm prettier

* Add organization services to CreateCommand creation on ServeCommand

* Refactor organization data models to include organizationUserId property

* Refactor create command to utilize the OrganizationUserId on the Organization object

* Add users to collection request in edit command

* fix: organization.data test update to correct deserialization, refs AC-2286

---------

Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
2024-06-07 14:14:21 -05:00
Matt Gibson
96d4312b82
Require lifetime specification of user-scoped data (#8669)
* Require lifetime specification of user-scoped data

* Decouple tests for different classes

This coupling assumed constant interfaces with classes that isn't a guarantee and requires significant acrobatics to make types work, now that key definitions are not a consistent base.

* Fix types
2024-06-07 09:33:26 +02:00
Justin Baur
ba3d21094e
[PM-7541] Move Last Desktop Settings (#9310)
* Clone Initial Data In `runMigrator`

- When using test cases, mutating the input data causes problems.

* Migrate `minimizeOnCopy` & `browserIntegrationEnabled`

* Update From Main

* Move Fingerprint Setting

- No Migration Yet

* Add Fingerprint to Migrations

* Convert Messaging to `async`

* Switch to calling `Boolean` for Map Function

* Catch Errors

* Remove LogService
2024-06-06 14:26:17 -04:00
Alex Morask
7d12d1a74f
Fix spacing for provider unassigned seats hint' (#9460) 2024-06-06 13:22:15 -04:00
cyprain-okeke
0f9f7f4df6
[AC-2721][Defect] Apply Subscription Status Updates in Provider Subscription details (#9484)
* Add status banner to the provider subscription page

* Add the isexpired method

* Add the unpaid status banner
2024-06-06 15:53:52 +01:00
Shane Melton
1cfbcf4ee0
[PM-8334] Sort ciphers after autofill (#9511)
* [PM-8334] Add localData$ to CipherService and watch it for updates

* Fix leftover tw-fixed class

* [PM-8334] Fix tests
2024-06-05 08:10:36 -07:00
Justin Baur
1aaa88a64d
[PM-7837] Move SyncService to Platform Ownership (#9055)
* Move

* Update  References In Unowned Files

* Update  References In Vault Files

* Update Web AppComponent

* Add Import
2024-06-05 10:48:12 -04:00
Matt Gibson
3154d21925
[PM-8285] Resolve app id race (#9501)
* Do not update appId if it is not null

* Prefer linear transformations to side-effect-based changes

This leaves us open to repeat emits due to updates, but distinct until changed stops those.

Tracker improvements are due to passed in observables with replay causing immediate emits when `expectingEmission`s. This converts to a cold observable that only emits when the tracked observable does _after_ subscribing.

* Prefer while

* PR review
2024-06-04 18:42:04 -04:00
Shane Melton
f059d136b2
[PM-8485] [PM-7683] Dynamic list items - Org Details (#9466)
* [PM-7683] Add fullAddressForCopy helper to identity.view

* [PM-7683] Introduce CopyCipherFieldService to the Vault library

- A new CopyCipherFieldService that can be used to copy a cipher's field to the user clipboard
- A new appCopyField directive to make it easy to copy a cipher's fields in templates
- Tests for the CopyCipherFieldService

* [PM-7683] Introduce item-copy-actions.component

* [PM-7683] Fix username value in copy cipher directive

* [PM-7683] Add title to View item link

* [PM-8456] Introduce initial item-more-options.component

* [PM-8456] Add logic to show/hide login menu options

* [PM-8456] Implement favorite/unfavorite menu option

* [PM-8456] Implement clone menu option

* [PM-8456] Hide launch website instead of disabling it

* [PM-8456] Ensure cipherList observable updates on cipher changes

* [PM-7683] Move disabled logic into own method

* [PM-8456] Cleanup spec file to use Angular testbed

* [PM-8456] Fix more options tooltip

* [PM-8485] Introduce new PopupCipherView

* [PM-8485] Use new PopupCipherView in items service

* [PM-8485] Add org icon for items that belong to an organization

* [PM-8485] Fix tests

* [PM-8485] Remove share operator from cipherViews$
2024-06-04 14:34:48 -07:00
Shane Melton
6eb94078f6
[PM-8456] [PM-7683] Dynamic list items - 3 dot menu (#9422)
* [PM-7683] Add fullAddressForCopy helper to identity.view

* [PM-7683] Introduce CopyCipherFieldService to the Vault library

- A new CopyCipherFieldService that can be used to copy a cipher's field to the user clipboard
- A new appCopyField directive to make it easy to copy a cipher's fields in templates
- Tests for the CopyCipherFieldService

* [PM-7683] Introduce item-copy-actions.component

* [PM-7683] Fix username value in copy cipher directive

* [PM-7683] Add title to View item link

* [PM-8456] Introduce initial item-more-options.component

* [PM-8456] Add logic to show/hide login menu options

* [PM-8456] Implement favorite/unfavorite menu option

* [PM-8456] Implement clone menu option

* [PM-8456] Hide launch website instead of disabling it

* [PM-8456] Ensure cipherList observable updates on cipher changes

* [PM-7683] Move disabled logic into own method

* [PM-8456] Cleanup spec file to use Angular testbed

* [PM-8456] Fix more options tooltip
2024-06-04 14:21:14 -07:00
Shane Melton
d1a9d6f613
[PM-8455] [PM-7683] Dynamic list items - Copy Action (#9410)
* [PM-7683] Add fullAddressForCopy helper to identity.view

* [PM-7683] Introduce CopyCipherFieldService to the Vault library

- A new CopyCipherFieldService that can be used to copy a cipher's field to the user clipboard
- A new appCopyField directive to make it easy to copy a cipher's fields in templates
- Tests for the CopyCipherFieldService

* [PM-7683] Introduce item-copy-actions.component

* [PM-7683] Fix username value in copy cipher directive

* [PM-7683] Add title to View item link

* [PM-7683] Move disabled logic into own method
2024-06-04 14:09:09 -07:00
✨ Audrey ✨
3acdd9d8fd
[PM-7290] replace legacy abstraction with generation algorithms (#9435)
* replace legacy abstraction with generation algorithms
* delete mv2-based generator services
2024-06-04 11:26:20 -04:00
Matt Gibson
3e93fc9461
Prefer UserKeyDefinitions for getUser state (#9487) 2024-06-04 11:13:04 -04:00
Jared Snider
f691854387
Auth - PM-7392 & PM-7436 - Token Service - Desktop - Add disk fallback for secure storage failures (#8913)
* PM-7392 - EncryptSvc - add new method for detecting if a simple string is an enc string.

* PM-7392 - TokenSvc - add checks when setting and retrieving the access token to improve handling around the access token encryption.

* PM-7392 - (1) Clean up token svc (2) export access token key type for use in tests.

* PM-7392 - Get token svc tests passing; WIP more tests to come for new scenarios.

* PM-7392 - Access token secure storage to disk fallback WIP but mostly functional besides weird logout behavior.

* PM-7392 - Clean up unnecessary comment

* PM-7392 - TokenSvc - refresh token disk storage fallback

* PM-7392 - Fix token service tests in prep for adding tests for new scenarios.

* PM-7392 - TokenSvc tests - Test new setRefreshToken scenarios

* PM-7392 - TokenSvc - getRefreshToken should return null or a value - not undefined.

* PM-7392 - Fix test name.

* PM-7392 - TokenSvc tests - clean up test names that reference removed refresh token migrated flag.

* PM-7392 - getRefreshToken tests done.

* PM-7392 - Fix error quote

* PM-7392 - TokenSvc tests - setAccessToken new scenarios tested.

* PM-7392 - TokenSvc - getAccessToken - if secure storage errors add error to log.

* PM-7392 - TokenSvc tests - getAccessToken - all new scenarios tested

* PM-7392 - EncryptSvc - test new stringIsEncString method

* PM-7392 - Main.ts - fix circ dep issue.

* PM-7392 - Main.ts - remove comment.

* PM-7392 - Don't re-invent the wheel and simply use existing isSerializedEncString static method.

* PM-7392 - Enc String - (1) Add handling for Nan in parseEncryptedString (2) Added null handling to isSerializedEncString. (3) Plan to remove encrypt service implementation

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* PM-7392 - Remove encrypt service method

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* PM-7392 - Actually fix circ dep issues with Justin. Ty!

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* PM-7392 - TokenSvc - update to use EncString instead of EncryptSvc + fix tests.

* PM-7392 - TokenSvc - (1) Remove test code (2) Refactor decryptAccessToken method to accept access token key and error on failure to pass required decryption key to method.

* PM-7392 - Per PR feedback and discussion, do not log the user out if hte refresh token cannot be found. This will allow users to continue to use the app until their access token expires and we will error on trying to refresh it. The app will then still work on a fresh login for 55 min.

* PM-7392 - API service - update doAuthRefresh error to clarify which token cannot be refreshed.

* PM-7392 - Fix SetRefreshToken case where a null input would incorrectly trigger a fallback to disk.

* PM-7392 - If the access token cannot be refreshed due to a missing refresh token or API keys, then surface an error to the user and log it so it isn't a silent failure + we get a log.

* PM-7392  - Fix CLI build errors

* PM-7392 - Per PR feedback, add missing tests (thank you Jake for writing these!)

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* PM-7392 - Per PR feedback, update incorrect comment from 3 releases to 3 months.

* PM-7392 - Per PR feedback, remove links.

* PM-7392 - Per PR feedback, move tests to existing describe.

* PM-7392 - Per PR feedback, adjust all test names to match naming convention.

* PM-7392 - ApiService - refreshIdentityToken - log error before swallowing it so we have a record of it.

* PM-7392 - Fix copy for errorRefreshingAccessToken

* PM-7392 - Per PR feedback, move error handling toast responsibility to client specific app component logic reached via messaging.

* PM-7392 - Swap logout reason from enum to type.

* PM-7392 - ApiService - Stop using messaging to trigger toast to let user know about refresh access token errors; replace with client specific callback logic.

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* PM-7392 - Per PR feedback, adjust enc string changes and tests.

* PM-7392 - Rename file to be type from enum

* PM-7392 - ToastService - we need to await the activeToast.onHidden observable so return the activeToast from the showToast.

* PM-7392 - Desktop AppComp - cleanup messaging

* PM-7392 - Move Logout reason custom type to auth/common

* PM-7392 - WIP - Enhancing logout callback to consider the logout reason + move show toast logic into logout callback

* PM-7392 - Logout callback should simply pass along the LogoutReason instead of handling it - let each client's message listener handle it.

* PM-7392 - More replacements of expired with logoutReason

* PM-7392 - More expired to logoutReason replacements

* PM-7392 - Build new handlers for displaying the logout reason for desktop & web.

* PM-7392 - Revert ToastService changes

* PM-7392 - TokenSvc - Replace messageSender with logout callback per PR feedback.

* PM-7392 - Desktop App comp - replace toast usage with simple dialog to guarantee users will see the reason for them being logged out.

* PM-7392 - Web app comp - fix issue

* PM-7392 - Desktop App comp - don't show cancel btn on simple dialogs.

* PM-7392 - Desktop App comp - Don't open n simple dialogs.

* PM-7392 - Fix browser build

* PM-7392 - Remove logout reason from CLI as each logout call handles messaging on its own.

* PM-7392 - Previously, if a security stamp was invalid, the session was marked as expired. Restore that functionality.

* PM-7392 - Update sync service logoutCallback to include optional user id.

* PM-7392 - Clean up web app comp

* PM-7392 - Web - app comp - only handle actually possible web logout scenarios.

* PM-7392 - Browser Popup app comp - restore done logging out message functionality + add new default logout message

* PM-7392 - Add optional user id to logout callbacks.

* PM-7392 - Main.background.ts - add clarifying comment.

* PM-7392 - Per feedback, use danger simple dialog type for error.

* PM-7392 - Browser Popup - add comment clarifying expectation of seeing toasts.

* PM-7392 - Consolidate invalidSecurityStamp error handling

* PM-7392 - Per PR feedback, REFRESH_ACCESS_TOKEN_ERROR_CALLBACK can be completely sync. + Refactor to method in main.background.

* PM-7392 - Per PR feedback, use a named callback for refreshAccessTokenErrorCallback in CLI

* PM-7392 - Add TODO

* PM-7392 - Re-apply bw.ts changes to new service-container.

* PM-7392 - TokenSvc - tweak error message.

* PM-7392 - Fix test

* PM-7392 - Clean up merge conflict where I duplicated dependencies.

* PM-7392 - Per discussion with product, change default logout toast to be info

* PM-7392 - After merge, add new logout reason to sync service.

* PM-7392 - Remove default logout message per discussion with product since it isn't really visible on desktop or browser.

* PM-7392 - address PR feedback.

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2024-06-03 12:36:45 -04:00
Alex Morask
28de91888a
[AC-1939] Manage provider payment information (#9415)
* Added select-payment-method.component in shared lib

Because we're going to be implementing the same functionality for providers and orgs/users, I wanted to start moving some of this shared functionality into libs so it can be accessed in both web and bit-web. Additionally, the Stripe and Braintree functionality has been moved into their own services for more central management.

* Added generalized manage-tax-information component to shared lib

* Added generalized add-account-credit-dialog component to shared libs

* Added generalized verify-bank-account component to shared libs

* Added dialog for selection of provider payment method

* Added provider-payment-method component

* Added provider-payment-method component to provider layout
2024-06-03 11:01:14 -04:00
Jared Snider
01648e2cc3
Auth/PM-8358 - User Verification dialog & form input fix for empty submit displaying wrong error (#9363)
* PM-8358 - UserVerificatonFormInput - fix incorrect init logic. We needed to execute the processSecretChanges logic to convert null into { type: 0, secret: null }  (VerificationWithSecret) for all non-biometric verification flows. .

* PM-8358 - UserVerificationService - verifyUser(...) - throw error if called with null. It should only happen if a dev makes a mistake in theory.
2024-06-03 10:15:11 -04:00
Justin Baur
0e7ed8dd7f
[PM-8210] Discourage Active User in CryptoService (#9364)
* Add Helper For Preparing a Record For Use in `forkJoin`

* Update & Test CryptoService Changes

* Delete Unused Code

* Update DeviceTrustService

* Update CipherService

* Make `userPublicKey$` Public

* Rename convertValues File

* Update libs/common/src/platform/abstractions/crypto.service.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Add `convertValues` Tests

* Add Doc Comments

* Convert to `function`'s

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix Test Typos

* Add param doc

* Update Test Name

* Add `@throws` Docs

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2024-05-31 12:10:23 -04:00
Justin Baur
93e7a6ae87
[PM-8436] [PM-8483] Support Asymmetric Mac Encryption Types in EncString (#9441)
* Support Asymmetric Mac Encryption Types in EncString

* Add EncString Tests
2024-05-30 16:01:24 -04:00
✨ Audrey ✨
90e7e16df6
move state provider extensions to tools folder (#9436) 2024-05-30 15:37:40 -04:00
✨ Audrey ✨
bb277565df
fix lint failure (#9440) 2024-05-30 14:34:36 -04:00
✨ Audrey ✨
0ef5ab79c6
Revert "Revert "Change website default value to empty string. (#9127)" (#9437)" (#9438)
This reverts commit d0914ac81f.
2024-05-30 18:20:07 +00:00
✨ Audrey ✨
d0914ac81f
Revert "Change website default value to empty string. (#9127)" (#9437)
This reverts commit c37006c564.
2024-05-30 20:16:32 +02:00
pixls
c37006c564
Change website default value to empty string. (#9127)
Fastmail API returns and error when passed a null value in forDomain.
Empty string is the preferred blank option.

Co-authored-by: yara <ybeadenkopf@fastmailteam.com>
2024-05-30 13:32:25 -04:00
Jake Fink
e29025df28
[PM-5951] Migrate org invite state (#9014)
* use deep linked url for org invite instead of separate state

* remove organization invite state & fix tests

* clear login redirect for SSO JIT users since they are accepted when setting MP

* create accept org invite service and consolidate components in module

* finish switch to accept org invite service

* move logic to accept org service

* the rest of the owl

* clear org invite along with deep linked route

* pr feedback

* fix test and add error to catch null invite

* pr feedback

* clear stored invite if it doesn't match provided one
2024-05-30 12:03:17 -04:00
Bernd Schoolmann
f6942dde74
[PM-3050] Add sync on unlock, logout when account is deleted (#9288)
* Add sync on unlock, logout when account is deleted

* Update libs/common/src/vault/services/sync/sync.service.ts

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>

* Fix failing unit tests

* Fix incorrect merge

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2024-05-30 11:10:03 +02:00
Justin Baur
a6df923416
[PM-8292] Fixup ForegroundSyncService (#9292)
* Change `object` to `Record<string, unknown>`

* Change `object` to `Record<string, unknown>` Pt. 2

* Update ForegroundSyncService

- Manage finish message in the listener to more gaurantee a message back
- Make the timeout much longer
- Allow it to throw if the background sync service threw

---------

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
2024-05-29 12:12:58 -04:00
Matt Gibson
93b9eba769
Separate browser foreground and background memory space (#9315)
* Separate browser foreground and background memory space

* Prefer inherited DI providers
2024-05-27 08:54:24 -04:00
Matt Gibson
c61ba41b97
Use User Key Definitions for user-scoped data (#9348) 2024-05-27 08:12:28 -04:00
Thomas Rittson
c0bb7b9edf
[AC-2631] Add device-approval command scaffolding (#9351)
* Add device-approval scaffolding

* Refactor: move helpers to BaseProgram

* Update CODEOWNERS
2024-05-27 11:03:23 +10:00
Merissa Weinstein
15ba7040e5
[PM-6606] remove onboarding feature flag (#9178)
* remove feature flag value from enum

* remove feature flag from onboarding component

* remove ConfigService mock from spec

* fix format
2024-05-24 09:02:17 -05:00
Rui Tomé
5dd7224143
[AC-2328] Add a Bulk OrganizationUsersController.GetResetPasswordDetails endpoint (#9140)
* [AC-2302] Move organization-auth-request.service to bit-common folder

* [AC-2302] Rename organization-auth-request.service to organization-auth-request-api.service

* [AC-2302] Move logic from component to organization-auth-request.service

* [AC-2302] Fix import path in OrganizationAuthRequestService

* [AC-2302] Move imports to OrganizationsModule and delete unused CoreOrganizationModule

* [AC-2302] Move the call to get userResetPasswordDetails into OrganizationAuthRequestService

* [AC-2302] Remove @Injectable() and manually configure dependencies

* [AC-2302] Add OrganizationAuthRequestService unit tests first draft

* [AC-2302] Refactor device-approvals.component.ts to remove unused imports

* [AC-2302] Set up jest on bit-common and add unit tests for OrganizationAuthRequestService

* [AC-2302] Add bit-common to jest.config.js

* [AC-2302] Update organizations.module.ts to include safeProviders declared in variable

* [AC-2302] Remove services and views folders from bit-common

* [AC-2302] Define path mapping

* Adjust an import path

The import path of `PendingAuthRequestView` in
`OrganizationAuthRequestApiService` was pointing to the wrong place. I
think this file was just recently moved, and the import didn't get
updated.

* Get paths working

* Fix import

* Update jest config to use ts-jest adn jsdom

* Copy-paste path mappings from bit-web

* Remove unnecessary test setup file

* Undo unnecessary change

* Fix remaining path mappings

* Remove Bitwarden License mapping from OSS code

* Fix bit-web so it uses its own tsconfig

* Fix import path

* Remove web-bit entrypoint from OSS tsconfig

* Make DeviceApprovalsComponent standalone

* Remove organization-auth-request-api.service export

* Remove OrganizationsRoutingModule from DeviceApprovalsComponent imports

* Remove CoreOrganizationModule from OrganizationsModule imports

* Remove NoItemsModule from OrganizationsModule imports

* Use ApiService from JslibServicesModule

* Update providers in device-approvals.component.ts

* Add method to retrieve reset password details for multiple organization users

* Add organizationUserId property to OrganizationUserResetPasswordDetailsResponse class

* Rename ResetPasswordDetails to AccountRecoveryDetails

---------

Co-authored-by: Addison Beck <hello@addisonbeck.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2024-05-24 11:20:51 +01:00
Thomas Rittson
f2fcf5ce2e
[AC-2522] Remove collection enhancements opt-in (#9283)
* Remove FlexibleCollectionsMigration feature flag and code

* Remove api method
2024-05-24 09:00:40 +10:00
Cesar Gonzalez
bbf1473022
[PM-5295] Improve autofill collection of page details performance (#9063)
* [PM-5295] Improve autofill collection of page details performance

* [PM-5295] Reworking implementation to leverage requestIdleCallback instead of requestAnimationFrame

* [PM-5295] Reworking implementation to leverage requestIdleCallback instead of requestAnimationFrame

* [PM-5295] Incorporating documentation for added methods

* [PM-5295] Reworking how we handle collection of shadowRoot elements

* [PM-5295] Fixing jest tests relating to the defined pseudo selector

* [PM-5295] Fixing jest tests relating to the defined pseudo selector

* [PM-5295] Refactoring

* [PM-5295] Refactoring

* [PM-5295] Refactoring

* [PM-5295] Starting the work to set up the tree walker strategy under a feature flag

* [PM-5295] Incorporating methodology for triggering a fallback to the TreeWalker API if issues arise with the deepQuery approach

* [PM-5295] Fixing jest test
2024-05-23 18:30:37 +00:00
Shane Melton
0b950080ca
[PM-8004] [AC-2603] [AC-2616] [AC-2621] [AC-2622] Unmanaged collection fixes (#9301)
* [AC-2603] Add unmanaged property to CollectionAdminView and response models

* [AC-2603] Cleanup CollectionViews

- Remove getters that have been replaced with Unmanaged property
- Remove AddAccess that is also being replaced
- Add canEditUnmanagedCollections() helper to organization

* [AC-2603] Replace old AddAccess logic with Unmanaged flag

* [AC-2603] Fix failing test

* [AC-2603] Ensure Add Access badge/toggle only shows when V1 flag is enabled

* [AC-2603] Undo change to canEditUserAccess and canEditGroupAccess

Custom users should not get access to an unmanaged collection with only Manage Groups and Manage User permissions. That is still reserved for admin/owners and EditAnyCollection custom users.
2024-05-22 11:58:04 -07:00
Kyle Spearrin
5a29fee7e6
[PM-7004] Verify org delete from emailed link (#8445)
* add verify org delete page

* PR feedback from thomas

* use abstraction

* Apply suggestions from code review

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* delete org copy

* Move verify-recover-delete-org component to admin-console/organizations/manage folder and update routing

* [PM-7004] Add async/await to ngOnInit in verify-recover-delete-org.component.ts

* [PM-7004] Update deleteRecoverOrgConfirmDesc message in messages.json

* [PM-7004] Add warning message for deleting organization's active user accounts

* [PM-7004] Update to standalone component

* [PM-7004] Update delete organization warning message

* [PM-7004] Refactor delete organization form

* [PM-7004] Delete unused selector in verify-recover-delete-org.component.ts

* [PM-7004] Rename recoverDeleteToken method in verify-recover-delete-org.component.ts to deleteUsingToken

* [PM-7004] Update formGroup initialization in verify-recover-delete-org.component.ts

* [PM-7004] Delete formGroup initialization in verify-recover-delete-org.component.ts

* [PM-7004] Remove try/catch from submit method in verify-recover-delete-org.component.ts

* [PM-7004] Update submit button type in verify-recover-delete-org.component.html

* [PM-7004] Remove manual loading state in verify-recover-delete-org.component

* [PM-7004] Remove unnecessary span in verify-recover-delete-org.component.html

* [PM-7004] Update button styles in verify-recover-delete-org.component.html

* [PM-7004] Add back in the manual loading state in verify-recover-delete-org.component

* [PM-7004] Update button type and class in verify-recover-delete-org.component.html

* [PM-7004] Replace bootstrap classes with equivalent tailwind classes

* [PM-7004] Replace bootstrap classes with Tailwind in verify-recover-delete-org.component.html

---------

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
2024-05-22 18:00:02 +01:00
✨ Audrey ✨
6ca836f31d
fix clear when account unavailable error (#9299)
* fix clear when account unavailable error
* remove explicit password history clear on logout
2024-05-22 10:03:17 -04:00
Matt Gibson
37eef7731f
Prefer prefetching keys (#9289)
magical black-box key retrieval is slow, due to needing to repeatedly resolve (and potentially decrypt) keys. Doing the work up front is both more explicit and much faster.

It would be preferable to move OrganizationId to an opaque type in the models, but that has rippling effects all over the place and ultimately is stopped by vault filtering on strings rather than ids, but still calling the property `organizationId`, we need to fix that first.
2024-05-22 09:56:24 -04:00
Shane Melton
3d0e0d261e
[PM-6825] Browser Refresh - Initial List Items (#9199)
* [PM-6825] Add temporary vault page header

* [PM-6825] Expose cipherViews$ observable

* [PM-6825] Refactor getAllDecryptedForUrl to expose filter functionality for reuse

* [PM-6825] Introduce VaultPopupItemsService

* [PM-6825] Introduce initial VaultListItem and VaultListItemsContainer components

* [PM-6825] Add VaultListItems to VaultV2 component

* [PM-6825] Introduce autofill-vault-list-items.component to encapsulate autofill logic

* [PM-6825] Add temporary Vault icon

* [PM-6825] Add empty and no results states to Vault tab

* [PM-6825] Add unit tests for vault popup items service

* [PM-6825] Negate noFilteredResults placeholder

* [PM-6825] Cleanup new Vault components

* [PM-6825] Move new components into its own module

* [PM-6825] Fix missing button type

* [PM-6825] Add booleanAttribute to showAutofill input

* [PM-6825] Replace empty refresh BehaviorSubject with Subject

* [PM-6825] Combine *ngIfs for vault list items container

* [PM-6825] Use popup-section-header component

* [PM-6825] Use small variant for icon buttons

* [PM-6825] Use anchor tag for vault items

* [PM-6825] Consolidate vault-list-items-container to include list item component functionality directly

* [PM-6825] Add Tailwind classes to new Vault icon

* [PM-6825] Remove temporary header comment

* [PM-6825] Fix auto fill suggestion font size and padding

* [PM-6825] Use tailwind for vault icon styling

* [PM-6825] Add libs/angular to tailwind.config content

* [PM-6825] Cleanup missing i18n

* [PM-6825] Make VaultV2 standalone and cleanup Browser App module

* [PM-6825] Use explicit type annotation

* [PM-6825] Use property binding instead of interpolation
2024-05-21 17:05:02 -04:00
Jason Ng
5075d0865e
[AC-2447] Allow the UI to save and close dialog when user removes final Can Manage Collection of an item (#9136)
* update saveCollectionsWithServer to accept a new value if user can no longer manage cipher after requested update
2024-05-21 12:32:27 -04:00
Jason Ng
b7463d551c
[AC- 2493] Restore and Delete Unassigned Items (#8983)
* updates added for single and bulk delete and restore items including unassigned and permissions for owners and custom users
2024-05-21 12:32:02 -04:00
Jared Snider
00db087cee
Auth/PM-5501 - VaultTimeoutSettingsSvc State Provider Migration - Cleanup desktop orphaned data (#9277)
* PM-5501 - Remove global vault timeout data on desktop to avoid orphaning the data.

* PM-5501 - Test new migration logic.
2024-05-21 09:53:40 -04:00
Nick Krantz
6c61cd4f63
[AC-217] Migrate to Banner Component (#8899)
* convert premium card to banner component

- create VaultBanners component that will handle all banner logic

* move upgrade browser notice to banner component

* refactor verify email component to use the banner component

* add email banner to VaultBanners component

* move low KDF message to banner component

* remove unused KDF component

* allow multiple banners to be displayed at once

* use vault service to consolidate premium banner logic
- Implement prompt thresholds for premium banner
- Update dismiss logic to re-run visibility logic

* update variable name

* move all dismiss/show logic to vault banner service

* rename tense of methods for readability

* apply underline to send email button to match other banner actions

* fix dark mode styling across banners

* remove unused variable

* use bitLink directive for styling rather than tailwind

* move premium banner to a standalone observable

* update bootstrap styles to tailwind

* use new KDF service for vault banners

* move the VerifyEmailComponent to a standalone component

* convert premium banner to a singular observable

* remove unneeded import

* AC-2589 add unique id for each vault banner

* AC-2588 poll sync service to only show premium banner after a sync

* close subscription to syncCompleted$ after one emit

* remove unneeded ReplaySubject
2024-05-20 16:06:35 -05:00
Matt Gibson
f2d24e036b
Ps/pm-8197/clean-up-desktop-biometric-ipc (#9275)
* Do not process reload on account switch

* Validate specified key against specified user

* Grab userId immediately for user key retrieval
2024-05-20 16:19:58 -04:00
✨ Audrey ✨
a16dc84a0a
[PM-6819] Credential generator MV3 integration (#8998)
* replace `PasswordGeneratorService` with `legacyPasswordGenerationServiceFactory`
* replace `UsernameGeneratorService` with `legacyUsernameGenerationServiceFactory`
* migrate generator options and history
* apply policy immediately once available
* suppress duplicate policy emissions
* run password generation response code in `ngZone`
2024-05-20 18:08:49 +01:00
Matt Gibson
ee690cd1ef
Use account service for getting account profile data. (#9133)
* Use account service for getting account profile data.

* desktop build fixes

* CLI build fixes

* Remove state service methods
2024-05-17 00:21:00 +02:00
Matt Gibson
4afe5de87b
Revert "[PM-7810] Handle Multithread Decryption Through Offscreen API (#8978)" (#9221)
This reverts commit f51042f813.
2024-05-16 15:48:03 -04:00
Matt Gibson
4ccf920da8
[PM-8155] Keep crypto derive dependencies in lockstep (#9191)
* Keep derive dependencies in lockstep

This reduces emissions in general due to updates of multiple inputs and removes decryption errors due to partially updated dependencies

* Fix provider encrypted org keys

* Fix provider state test types

* Type fixes
2024-05-15 17:40:16 -04:00
Shane Melton
385664c977
Add devFlag for the config service retrieval interval when developing (#9006)
* Add devFlag for a configurable config retrieval interval when developing

* Add Ms suffix to dev flag
2024-05-15 13:54:05 -07:00
Justin Baur
25f55e1368
[PM-7978] Create ForegroundSyncService For Delegating fullSync Calls (#9192)
* Create ForegroundSyncService For Delegating `fullSync` calls to the background

* Relax `isExternalMessage` to Allow For Typed Payload

* Null Coalesce The `startListening` Method

* Filter To Only External Messages
2024-05-15 12:11:06 -04:00
Thomas Rittson
6ab7336c21
[AC-2499] Add permission checks on bulk actions menu (#8912)
* Add permission checks for org vault bulk actions

* Show checkboxes for all collections except Unassigned

* Separate individual and admin logic between CollectionView
  and CollectionAdminView

* Remove heading for error toasts per design feedback
2024-05-15 08:29:54 +10:00
Matt Gibson
94b57687f5
[PM-7926] Handle complex user logout events (#9115)
* Update activity when switching users

* Clear data of designated user

* Do not switchMap to null, always to Promise or Observable

* handle uninitialized popup services

* Switch to new account immediately and log out as inactive.

Split up done logging out and navigation so we can always display expire warning.

* Do not navigate in account switcher, main.background takes care of it

* Ignore storage updates from reseed events

* Remove loading on cancelled logout

* Catch missed account switch errors

* Avoid usage of active user state in sync service

Send service does not currently support specified user data
manipulation, so we ensure that the notification was sent to the
active user prior to processing the notification.

* Clear sequentialize caches on account switch

These caches are used to ensure that rapid calls to an async method are not repeated. However, the cached promises are valid only within a given userId context and must be cleared when that context changes.

* Revert `void` promise for notification reconnect

* Update libs/angular/src/services/jslib-services.module.ts

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* Handle switch account routing through messaging background -> app

* Use account switch status to handle unlocked navigation case.

* Revert "Handle switch account routing through messaging background -> app"

This reverts commit 8f35078ecb.

---------

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-05-14 16:27:43 -04:00
Andreas Coroiu
7f91e84456
[PM-6400] Move core FIDO2 code from vault to platform ownership (#8044)
* [PM-6400] Move core FIDO2 code from vault to platform ownership

- lib/common/vault/abstractions/fido2 -> lib/common/platform/abstractions/fido2
- lib/common/vault/services/fido2 -> lib/common/platform/services/fido2

* [PM-6400] fix: wrong imports
2024-05-14 14:08:41 +00:00
Alex Morask
26c08123bb
Add ability to edit client organization name (#9103) 2024-05-14 09:22:32 -04:00
Thomas Rittson
8c5841a76a
[AC-2500] Collection row menus - adjust feature flagging (#9116) 2024-05-13 15:30:02 -07:00
Vincent Salucci
3900924250
[AC-2086] Update CanDelete with v1 flag logic (#9100)
* feat: update org domain object deleteAnyCollection with v1 flag logic, refs AC-2086

* feat: update canDelete method to handle v1 flag logic, refs AC-2086

* feat: update canDelete references to pass v1 flag, refs AC-2086

* feat: add provider check and modify owner/admin type checks, refs AC-2086

* fix: add permission to org instantiation for vault item stories, refs AC-2086
2024-05-13 16:13:27 -05:00
Jared Snider
66f5d90803
PM-5501 - VaultTimeoutSettingsSvc State Provider Migration - Small bugfixes (#9164)
* PM-5501 - VaultTimeoutSettingsSvc - fix setVaultTimeoutOptions condition which needed to use never instead of null.

* PM-5501 - Fix browser and desktop not showing the never lock warning

* PM-5501 - Use true equality.
2024-05-13 17:04:26 -04:00
Jared Snider
473c5311fa
Auth/PM-5501 - VaultTimeoutSettingsService State Provider Migration (#8604)
* PM-5501 - VaultTimeoutSettingsSvc - refactor var names in getVaultTimeoutAction

* PM-5501 - Add state definitions and key definitions + test deserialization of key defs.

* PM-5501 - Add state provider dep to VaultTimeoutSettingsSvc

* PM-5501 - Refactor getVaultTimeout

* PM-5501 - VaultTimeoutSettingsService - Build getMaxVaultTimeoutPolicyByUserId helper

* PM-5501 - (1) Update state definitions (2) convert KeyDefs to UserKeyDefs (2) Remove everBeenUnlocked as we won't need it

* PM-5501 - VaultTimeoutSettingsSvc - POC for getVaultTimeoutActionByUserId$ method + new private determineVaultTimeoutAction helper.

* PM-5501 - VaultTimeoutSettingsSvc - build set and observable get methods for vault timeout settings

* PM-5501 - Update web references to use new vault timeout setting service methods

* PM-5501 - VaultTimeoutSettingsSvc - write up abstraction js docs

* PM-5501 - VaultTimeoutSettingsSvc abstraction - finish tweaks

* PM-5501 - VaultTimeoutSettingsSvc - add catchError blocks to observables to protect outer observables and prevent cancellation in case of error.

* PM-5501 - Remove vault timeout settings from state service implementation.

* PM-5501 - VaultTimeoutSettingsServiceStateProviderMigrator first draft

* PM-5501 - WIP - replace some state service calls with calls to vault timeout settings svc.

* PM-5501 - Replace state service calls in login strategies to get vault timeout settings data with VaultTimeoutSettingsService calls.

* PM-5501 - Fix login strategy tests

* PM-5501 - Update login strategy tests to pass

* PM-5501 - CryptoSvc - share VaultTimeout user key def to allow crypto svc access to the vault timeout without creating a circular dep.

* PM-5501 - Fix dependency injections.

* PM-5501 - ApiSvc - replace state svc with vault timeout settings svc.

* PM-5501 - VaultTimeoutSettingsServiceStateProviderMigrator more cleanup

* PM-5501 - Test VaultTimeoutSettingsServiceStateProviderMigrator

* PM-5501 - VaultTimeoutSettingsSvc tests updated

* PM-5501 - Update all setVaultTimeoutOptions references

* PM-5501 - VaultTimeoutSettingsSvc - Update setVaultTimeoutOptions to remove unnecessary logic and clean up clearTokens condition.

* PM-5501 - Fix vault timeout service tests

* PM-5501 - Update VaultTimeoutSettings state tests to pass

* PM-5501 - Desktop - system svc - fix build by replacing use of removed method.

* PM-5501 - Fix CLI by properly configuring super class deps in NodeApiService

* PM-5501 - Actually finish getitng deps fixed to get CLI to build

* PM-5501 - VaultTimeoutSettingsSvc.determineVaultTimeoutAction - pass userId to getAvailableVaultTimeoutActions to prevent hang waiting for an active user.

* PM-5501 - VaultTimeoutSettingSvc test - enhance getVaultTimeoutActionByUserId$ to also test PIN scenarios as an unlock method

* PM-5501 - bump migration version

* PM-5501 - Refactor migration to ensure the migration persists null vault timeout values.

* PM-5501 - Bump migration version

* PM-5501 - Fix web build issues introduced by merging main.

* PM-5501 - Bump migration version

* PM-5501 - PreferencesComponent - revert dep change from InternalPolicyService to standard PolicyService abstraction

* PM-5501 - Address all PR feedback from Jake

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* PM-5501 - VaultTimeoutSettingsSvc tests - add tests for setVaultTimeoutOptions

* PM-5501 - VaultTimeoutSettingsSvc - setVaultTimeoutOptions - Update tests to use platform's desired syntax.

* PM-5501 - Fix tests

* PM-5501 - Create new VaultTimeout type

* PM-5501 - Create new DEFAULT_VAULT_TIMEOUT to allow each client to inject their default timeout into the VaultTimeoutSettingService

* PM-5501 - Migrate client default vault timeout to new injection token

* PM-5501 - Update VaultTimeoutSettingsSvc to use VaultTimeout type and apply default vault timeout if it is null.

* PM-5501 - Update vaultTimeout: number to be vaultTimeout: VaultTimeout everywhere I could find it.

* PM-5501 - More changes based on changing vaultTimeout from number to VaultTimeout type.

* PM-5501 - VaultTimeoutSvc - Update shouldLock logic which previously checked for null (never) or any negative values (any strings except never) with a simple string type check.

* PM-5501 - More cleanup of vaultTimeout type change - replacing null checks with "never" checks

* PM-5501 - VaultTimeoutSettingsSvc - refactor determineVaultTimeout to properly treat string and numeric vault timeouts.

* PM-5501 - Update vault timeout settings service tests to reflect new VaultTimeout type.

* PM-5501 - VaultTimeoutSettingsService - add more test cases for getVaultTimeoutByUserId

* PM-5501 - (1) Remove "immediately" as 0 is numerically meaningful and can be used with Math.min (2) Add VaultTimeoutOption interface for use in all places we show the user a list of vault timeout options.

* PM-5501 - VaultTimeoutSettingSvc - update tests to use 0 as immediately.

* PM-5501 - VaultTimeoutInputComp - Add new types and update applyVaultTimeoutPolicy logic appropriately.

* PM-5501 - Add new types to all preferences and setting components across clients.

* PM-5501 - Fix bug on web where navigating to the preferences page throws an error b/c the validatorChange function isn't defined.

* PM-5501 - WIP on updating vault timeout setting migration and rollback + testing it.

* PM-5501 - Update VaultTimeoutSettingsSvc state provider migration and tests to map existing possible values into new VaultTImeout type.

* PM-5501 - Fix vault timeout settings state tests by changing number to new VaultTimeout type.

* PM-5501 - Fix crypto svc auto key refresh test to use "never" instead of null.

* PM-5501 - Add clarifying comment to vaulttimeout type

* PM-5501 - Desktop app comp - replace systemTimeoutOptions with vault timeout type.

* PM-5501 - Update vault timeout service tests to use VaultTimeout type.

* PM-5501 - VaultTimeoutSettingsSvc - (1) Fix bug where vault timeout action didn't have a default like it did before (2) Fix bug in userHasMasterPassword where it would incorrectly return the active user stream for a given user id as a fallback. There is no guarantee the given user would match the active user so the paths are mutually exclusive.

* PM-5501 - Login Strategy fix - Move retrieval of vault timeout settings and setting of the tokens until after account init and user decryption options set as those opts are needed to properly determine the user's available vault timeout actions.

* PM-5501 - Fix vault timeout settings svc tests

* PM-5501 - VaultTimeoutSettingSvc - move default logic to determine methods + refactor default vault timeout action to properly default to lock in scenarios the user has lock available.

* Update libs/angular/src/components/settings/vault-timeout-input.component.ts

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>

* PM-5501 - Per PR feedback, cleanup commented out vault timeout options

* PM-5501 - Fix vault timeout input comp lint issues

* PM-5501 - Per PR feedback from Cesar, update VaultTimeout type to use const so we can avoid any magic string usage. Awesome.

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>

* PM-5501 - CLI - use "never" as default vault timeout instead of null.

* PM-5501 - Fix broken tests

* PM-5501 - Bump migration version

* PM-5501 - Fix build errors after merging main.

* PM-5501 - Update mockMigrationHelper to pass along client type so tests will respect it.

* PM-5501 - Update VaultTimeoutSettingsServiceStateProviderMigrator and tests to use new CLI client type to convert undefined values to never so that CLI users don't lose their session upon running this migration.

* PM-5501 - Bump migration version

* PM-5501 - Fix migration tests to use new authenticated user format

* PM-5501 Update rollback tests

* PM-5501 - Adjust migration based on feedback.

* PM-5501 - Per Jake's find, fix missed -2

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* PM-5501 - Add user id to needsStorageReseed.

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* PM-5501 - Per PR feedback, setVaultTimeoutOptions shouldn't accept null for vault timeout anymore.

* PM-5501 - Per PR feedback, add null checks for set methods for setting vault timeout or vault timeout action.

* PM-5501 - Per PR feedback, add more context as to why we need vault timeout settings to persist after logout.

* PM-5501 - Per PR feedback, fix userHasMasterPassword

* PM-5501 - VaultTimeoutSettingsService - fix userHasMasterPassword check by checking for null decryption options.

* PM-5501 - Remove state service from vault timeout settings service (WOOO)

* PM-5501 - Bump migration version

* PM-5501 - Account Security comp - refactor to consider ease of debugging.

* PM-5501 - (1) Add checks for null vault timeout and vault timeout actions (2) Add tests for new scenarios.

* PM-5501 - VaultTimeoutSettingsSvc - setVaultTimeoutOptions - fix bug where nullish check would throw incorrectly if immediately (0) was picked as the timeout.

* PM-5501 - Per PR feedback, clean up remaining token service methods which accept null for timeout and add tests. .

* PM-5501 - Fix nit

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
2024-05-13 15:56:04 -04:00
Justin Baur
657807c96a
[PM-7985] Add & Use InlineDerivedStateProvider (#9131)
* Add & Use InlineDerivedStateProvider

* Remove Comment

* Delete Foreground & Background Derived State
2024-05-13 07:42:29 -04:00
Justin Baur
c0216e191a
Use encrypt service in node env secure storage (#9099)
* Use `EncryptService` In `NodeEnvSecureStorage` To Replace Deprecated Methods

* Update Abstract EncryptService Method To Reflect Implementation
2024-05-13 06:51:53 -04:00
✨ Audrey ✨
4ae208fabc
rotate sends from original key to rotated key (#9130) 2024-05-10 16:08:05 -04:00
Thomas Rittson
8e97c1c8e4
[AC-2500] Update inline menu for collections based on collection permissions (#9080)
* Add view collection options to collection row menus

* Prevent DeleteAnyCollection custom users from viewing collections
2024-05-10 10:50:34 +10:00
Todd Martin
a89e148804
[PM-7029] Remove key-rotation-feature-flag (#8816)
* Removed key rotation feature flag.

* Fixed tests

* Removed unused dependency.

* Remove KeyRotationImprovements from default const
2024-05-09 13:24:11 -04:00
rr-bw
a42de41587
[PM-5363] PinService State Providers (#8244)
* move pinKeyEncryptedUserKey

* move pinKeyEncryptedUserKeyEphemeral

* remove comments, move docs

* cleanup

* use UserKeyDefinition

* refactor methods

* add migration

* fix browser dependency

* add tests for migration

* rename to pinService

* move state to PinService

* add PinService dep to CryptoService

* move protectedPin to state provider

* update service deps

* renaming

* move decryptUserKeyWithPin to pinService

* update service injection

* move more methods our of crypto service

* remove CryptoService dep from PinService and update service injection

* remove cryptoService reference

* add method to FakeMasterPasswordService

* fix circular dependency

* fix desktop service injection

* update browser dependencies

* add protectedPin to migrations

* move storePinKey to pinService

* update and clarify documentation

* more jsdoc updates

* update import paths

* refactor isPinLockSet method

* update state definitions

* initialize service before injecting into other services

* initialize service before injecting into other services (bw.ts)

* update clearOn and do additional cleanup

* clarify docs and naming

* assign abstract & private methods, add clarity to decryptAndMigrateOldPinKeyEncryptedMasterKey() method

* derived state (attempt)

* fix typos

* use accountService to get active user email

* use constant userId

* add derived state

* add get and clear for oldPinKeyEncryptedMasterKey

* require userId

* move pinProtected

* add clear methods

* remove pinProtected from account.ts and replace methods

* add methods to create and store pinKeyEncryptedUserKey

* add pinProtected/oldPinKeyEncrypterMasterKey to migration

* update migration tests

* update migration rollback tests

* update to systemService and decryptAndMigrate... method

* remove old test

* increase length of state definition name to meet test requirements

* rename 'TRANSIENT' to 'EPHEMERAL' for consistency

* fix tests for login strategies, vault-export, and fake MP service

* more updates to login-strategy tests

* write new tests for core pinKeyEncrypterUserKey methods and isPinSet

* write new tests for pinProtected and oldPinKeyEncryptedMasterKey methods

* minor test reformatting

* update test for decryptUserKeyWithPin()

* fix bug with oldPinKeyEncryptedMasterKey

* fix tests for vault-timeout-settings.service

* fix bitwarden-password-protected-importer test

* fix login strategy tests and auth-request.service test

* update pinService tests

* fix crypto service tests

* add jsdoc

* fix test file import

* update jsdocs for decryptAndMigrateOldPinKeyEncryptedMasterKey()

* update error messages and jsdocs

* add null checks, move userId retrievals

* update migration tests

* update stateService calls to require userId

* update test for decryptUserKeyWithPin()

* update oldPinKeyEncryptedMasterKey migration tests

* more test updates

* fix factory import

* update tests for isPinSet() and createProtectedPin()

* add test for makePinKey()

* add test for createPinKeyEncryptedUserKey()

* add tests for getPinLockType()

* consolidate userId verification tests

* add tests for storePinKeyEncryptedUserKey()

* fix service dep

* get email based on userId

* use MasterPasswordService instead of internal

* rename protectedPin to userKeyEncryptedPin

* rename to pinKeyEncryptedUserKeyPersistent

* update method params

* fix CryptoService tests

* jsdoc update

* use EncString for userKeyEncryptedPin

* remove comment

* use cryptoFunctionService.compareFast()

* update tests

* cleanup, remove comments

* resolve merge conflict

* fix DI of MasterPasswordService

* more DI fixes
2024-05-08 11:34:47 -07:00
Shane Melton
3a71322510
[AC-1707] Restrict provider access to items (#8265)
* [AC-1707] Add feature flag

* [AC-1707] Prevent loading ciphers for provider users in the org vault when the feature flag is enabled

* [AC-1707] Ensure new canEditAllCiphers logic only applies to organizations that have FC enabled

* [AC-1707] Update editAllCiphers helper to check for restrictProviderAccess feature flag

* [AC-1707] Remove un-used vaultFilterComponent reference

* [AC-1707] Hide vault filter for providers

* [AC-1707] Add search to vault header for provider users

* [AC-1707] Hide New Item button for Providers when restrict provider access feature flag is enabled

* [AC-1707] Remove leftover debug statement

* [AC-1707] Update canEditAllCiphers references to consider the restrictProviderAccessFlag

* [AC-1707] Fix collections component changes from main

* [AC-1707] Fix some feature flag issues from merge with main

* [AC-1707] Avoid 'readonly' collection dialog for providers

* [AC-1707] Fix broken Browser component

* [AC-1707] Fix broken Desktop component

* [AC-1707] Add restrict provider flag to add access badge logic
2024-05-07 12:35:28 -07:00
Matt Gibson
de0852431a
[PM-7917] Remove session sync (#9024)
* Remove session sync and MemoryStorageService

* Fix merge
2024-05-07 13:25:49 -04:00
Jason Ng
be51f1934a
[AC-1121] Collections Add Access filter and badge (#8404)
* added bit toggle group for add access filter to AC collections
2024-05-07 11:02:50 -04:00
Jonathan Prusik
6c21223466
[PM-7662] Suppress welcome window on install when extension is in dev mode (#8864)
* suppress welcome window on install when extension is in dev mode

* use platformUtilsService.isDev instead of process.env.ENV

* use devFlags.skipWelcomeOnInstall instead of platformUtilsService.isDev

* update old dev_flags casing in base configs
2024-05-06 15:25:41 -04:00
cyprain-okeke
425c7914b0
[AC-2558] Provider Admin still sees manage billing options - not the provided image (#9048)
* Fix the issue of provider admin not seeing the image

* Resolve the  case and ternary operator comment
2024-05-06 20:21:11 +01:00
Shane Melton
ff3021129e
[PM-6827] Browser Extension Refresh - Tabs Routing (#9004)
* [PM-6827] Add componentRouteSwap util function

* [PM-6827] Add extension-refresh feature flag

* [PM-6827] Add extension-refresh route swap utils

* [PM-6827] Add the TabsV2 component

* [PM-6827] Add the TabsV2 to routing module

* [PM-6827] Fix route prefixes in popup-tab-navigation component
2024-05-06 09:14:47 -07:00
Jake Fink
09ff12fc02
[PM-7919] Add more tde logging (#9035)
* adds additional logging to TDE service

* remove base catch swallowing errors

* add dependency to cli

* fix comment
2024-05-06 11:15:33 -04:00
Justin Baur
869fa29da6
Encourage The Use of UserId in CryptoService (#9033) 2024-05-04 02:04:56 -04:00
Justin Baur
e4ef7d362e
[PM-7838] [PM-7864] Ensure AuthStatus Changes Before Exiting (#9018)
* Ensure AuthStatus Changes Before Exiting

* Do Not Display Account Without Name Or Email

* Fix Environment Selectors

* Add AccountService.clean to Web
2024-05-03 16:43:42 -04:00
Justin Baur
b46766affd
[PM-7907] No more optional privateKey (#9029)
* Update Emergency Access To Get Their Own Key

* Migrate Organization Keys To Get Their Own Key

* Remove Optional Parameters

* Update Abstraction Parameter Name to Match Implementation

* Add @throws Doc
2024-05-03 14:30:45 -04:00
Matt Gibson
a4d5717283
Use account service for account enumeration. (#9023) 2024-05-03 14:24:30 -04:00
Alex Morask
0b02d2ee1c
[AC-1970] Add billing navigation group to provider layout (#8941)
* Add billing navigation item to provider layout with empty subscription page behind FF.

* Fixing tests

* Missed build error

* Addison's feedback

* Remove unused function

* Missed one get$ conversion

* Fixed background failure
2024-05-03 12:36:10 -04:00
Jake Fink
4c860e12d7
fix init account validation (#9034) 2024-05-03 12:23:12 -04:00
Jake Fink
69ed6ce1f5
[PM-6727] Part 1: pass userId in login strategies (#9030)
* add validation to initAccount

* pass userId to setMasterKey

* fix key connector tests
2024-05-03 11:54:29 -04:00
Cesar Gonzalez
6b286e9d9e
[PM-7874] Fix lost state when adding a vault item on the current tab view (#9020) 2024-05-02 11:39:48 -05:00
Cesar Gonzalez
f51042f813
[PM-7810] Handle Multithread Decryption Through Offscreen API (#8978)
* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* Use a service to track when to open and close offscreen document

There some strangeness around maintaining the offscreen document for more callbacks, that need not have the same reasons and justifications as the original.

We'd need to test, but perhaps the intent is something closer to maintaining a work queue ourselves and creating the offscreen page for only a single reason as it comes in, then waiting for that page to close before opening another.

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Implementing jest tests for OffscreenDocument and BrowserMultithreadEncryptServiceImplementation

* [PM-7810] Separating out the process by which we get decrypted items from the web worker to ensure we do not do duplicate effort

* [PM-7810] Separating out the process by which we get decrypted items from the web worker to ensure we do not do duplicate effort

* Prefer builtin promise flattening

* [PM-7810] Introducing a fallback to the MultithreadEncryptServiceImplementation to ensure we can fallback to single thread decryption if necessary

* [PM-7810] Updating documentation

* [PM-7810] Fixing implementation to leverage the new OffscreenDocumentService

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2024-05-02 16:12:41 +00:00
Justin Baur
4b42ff7171
[PM-3483] Remove migrateKeyForNeverLockIfNeeded Logic (#8953)
* Remove `migrateKeyForNeverLockIfNeeded` Logic

* Fix Test

* Remove `migrateAutoKeyIfNeeded`
2024-05-01 15:50:40 -04:00
Matt Gibson
b4631b0dd1
Ps/improve-log-service (#8989)
* Match console method signatures in logService abstraction

* Add a few usages of improved signature

* Remove reality check test

* Improve electron logging
2024-04-30 12:58:16 -04:00
Matt Gibson
200b0f7534
Correct and test changeover point for userId source in storage migration (#8990) 2024-04-30 12:46:01 -04:00
Alex Morask
418d4642da
Hide grace period note when in self-serve trial (#8768) 2024-04-30 10:55:00 -04:00
Matt Gibson
c70a5aa024
[PM-6688] Use AccountService as account source (#8893)
* Use account service to track accounts and active account

* Remove state service active account Observables.

* Add email verified to account service

* Do not store account info on logged out accounts

* Add account activity tracking to account service

* Use last account activity from account service

* migrate or replicate account service data

* Add `AccountActivityService` that handles storing account last active data

* Move active and next active user to account service

* Remove authenticated accounts from state object

* Fold account activity into account service

* Fix builds

* Fix desktop app switch

* Fix logging out non active user

* Expand helper to handle new authenticated accounts location

* Prefer view observable to tons of async pipes

* Fix `npm run test:types`

* Correct user activity sorting test

* Be more precise about log out messaging

* Fix dev compare errors

All stored values are serializable, the next step wasn't necessary and was erroring on some types that lack `toString`.

* If the account in unlocked on load of lock component, navigate away from lock screen

* Handle no users case for auth service statuses

* Specify account to switch to

* Filter active account out of inactive accounts

* Prefer constructor init

* Improve comparator

* Use helper methods internally

* Fixup component tests

* Clarify name

* Ensure accounts object has only valid userIds

* Capitalize const values

* Prefer descriptive, single-responsibility guards

* Update libs/common/src/state-migrations/migrate.ts

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* Fix merge

* Add user Id validation

activity for undefined was being set, which was resulting in requests for the auth status of `"undefined"` (string) userId, due to key enumeration. These changes stop that at both locations, as well as account add for good measure.

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-04-30 09:13:02 -04:00
Jared Snider
20de053770
Auth/PM-7811 - Refactor User Auto Unlock Key Hydration Process To Remove Race Conditions (#8979)
* PM-7811 - Refactor UserKeyInitService to UserAutoUnlockKeyService - remove active account listening logic as it introduced race conditions with user key memory retrieval happening before the user auto unlock key was set into memory.

* PM-7811 - CLI - (1) Fix deps (2) On CLI init (pre command execution), if there is an active account, then set the user key in memory from the user auto unlock key.

* PM-7811 - Browser Extension / desktop - (1) Update deps (2) Sets user key in memory if the auto unlock key is set on account switch and background init (must act on all accounts so that account switcher displays unlock status properly).

* PM-7811 - Web - (1) Update deps (2) Sets user key in memory if the auto unlock key is set on init

* PM-7811 - Fix account switcher service changes not being necessary.
2024-04-29 17:43:14 -04:00
Justin Baur
3caa6cb635
[PM-7766] Add clientType to MigrationHelper (#8945)
* Add `clientType` to MigrationHelper

* PM-7766 - Fix migration builder tests to take new clientType into account.

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* PM-7766 - Add client type to migration builder tests.

* PM-7766 - Fix migration-helper.spec tests.

* PM-7766 - Fix migrator.spec.ts

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2024-04-29 07:28:58 -04:00
Matt Gibson
88eeebb084
Use a passed in key in derivation so we can validate other keys (#8954)
* Use a passed in key in derivation so we can validate other keys

* Fix user key type tests
2024-04-27 16:32:34 -04:00
findseat
72f411b6e3
Signed-off-by: findseat <penglili@outlook.com> (#8636)
Signed-off-by: findseat <penglili@outlook.com>
2024-04-27 15:15:27 +00:00
Justin Baur
a8e4366ec0
Check that self is undefined instead of window (#8940) 2024-04-26 15:08:59 -04:00
Matt Gibson
089f251a0c
Remove memory storage cache from derived state. Use observable cache and port messaging (#8939) 2024-04-26 15:08:39 -04:00
Oscar Hinton
14b2eb99a2
[PM-2282] Make feature flags type safe (#8612)
Refactors the feature flags in ConfigService to be type safe. It also moves the default value to a centralized location rather than the caller defining it. This ensures consistency across the various places they are used.
2024-04-26 12:57:26 +02:00
Cesar Gonzalez
c3d4c7aa3d
[PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components (#8908)
* [PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components

* [PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components
2024-04-25 16:47:20 -05:00
Jake Fink
8afe915be1
[PM-7564] Move 2fa and login strategy service to popup and add state providers to 2fa service (#8820)
* remove 2fa from main.background

* remove login strategy service from main.background

* move 2fa and login strategy service to popup, init in browser

* add state providers to 2fa service
- add deserializer helpers

* use key definitions for global state

* fix calls to 2fa service

* remove extra await

* add delay to wait for active account emission in popup

* add and fix tests

* fix cli

* really fix cli

* remove timeout and wait for active account

* verify expected user is active account

* fix tests

* address feedback
2024-04-25 16:45:23 -04:00
Alex Morask
cbf7c292f3
[AC-2485] Add redirects to clients components based on FF and provider status (#8839)
* Add provider clients redirects based on FF and provider status

* Fixing broken test
2024-04-25 15:27:06 -04:00
Ike
1e4158fd87
[PM-5735] Create kdf Service (#8715)
* key connector migration initial

* migrator complete

* fix dependencies

* finalized tests

* fix deps and sync main

* clean up definition file

* fixing tests

* fixed tests

* fixing CLI, Browser, Desktop builds

* fixed factory options

* reverting exports

* implemented UserKeyDefinition clearOn

* Initial Kdf Service Changes

* rename and account setting kdfconfig

* fixing tests and renaming migration

* fixed DI ordering for browser

* rename and fix DI

* Clean up Migrations

* fixing migrations

* begin data structure changes for kdf config

* Make KDF more type safe; co-author: jlf0dev

* fixing tests

* Fixed CLI login and comments

* set now accepts userId and test updates

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-04-25 11:26:01 -07:00
Daniel James Smith
dba910d0b9
Create and use safeGetString() instead of instanceof checks to determine type (#8906)
`safeGetString` takes a `string` or `EncString` and return the appropiate value based on it's type

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-04-24 23:41:35 +02:00
Alex Morask
a8ba48898b
Use new endpoint to determine SM standalone (#8904) 2024-04-24 16:29:00 -04:00
Jared Snider
5dc83cd34c
PM-6787 - Rename DeviceTrustCryptoService to DeviceTrustService (#8819) 2024-04-24 12:54:54 -04:00
Jared Snider
a12c140792
Revert "Revert "Auth/PM-6689 - Migrate Security Stamp to Token Service and St…" (#8889)
This reverts commit 100b43dd8f.
2024-04-24 12:37:19 -04:00
Justin Baur
94fe9bd053
Remove StateService useAccountCache (#8882)
* Remove Account Cache from StateService

* Remove Extra Change

* Fix Desktop Build
2024-04-24 11:20:13 -04:00
Justin Baur
8ef5340635
Trust our own copy of authenticatedAccounts until all accounts are initialized (#8888) 2024-04-23 16:57:19 -04:00
Tom
5f3844aa38
Getting the user's access token for file upload (#8877) 2024-04-23 17:26:31 +02:00
Jared Snider
100b43dd8f
Revert "Auth/PM-6689 - Migrate Security Stamp to Token Service and State Prov…" (#8860)
This reverts commit 91f1d9fb86.
2024-04-22 12:06:43 -04:00
Matt Gibson
300b17aaeb
[PM-7653] Do not store disk-backed sessions as single blobs (#8852)
* Implement a lazy value class

This will be used as a source for composing key-protected storage from a single key source.

* Simplify local-backed-session-storage

The new implementation stores each value to a unique location, prefixed with `session_` to help indicate the purpose.

I've also removed the complexity around session keys, favoring passing in a pre-defined value that is determined lazily once for the service worker. This is more in line with how I expect a key-protected storage would work.

* Remove decrypted session flag

This has been nothing but an annoyance. If it's ever added back, it needs to have some way to determine if the session key matches the one it was written with

* Remove unnecessary string interpolation

* Remove sync Lazy

This is better done as a separate class.

* Handle async through type

* prefer two factory calls to incorrect value on races.

* Fix type

* Remove log

* Update libs/common/src/platform/misc/lazy.ts

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-04-22 10:14:38 -04:00
Matt Gibson
b5362ca1ce
Browser MV3: Default store values to session storage (#8844)
* Introduce browser large object storage location.

This location is encrypted and serialized to disk in order to allow for storage of uncountable things like vault items that take a significant amount of time to prepare, but are not guaranteed to fit within session storage.

however, limit the need to write to disk is a big benefit, so _most_ things are written to storage.session instead, where things specifically flagged as large will be moved to disk-backed memory

* Store derived values in large object store for browser

* Fix AbstractMemoryStorageService implementation
2024-04-22 08:55:19 -04:00
aj-rosado
f829cdd8a7
[PM-7603] Fix individual vault export not appearing on Event Logs (#8829)
* Added validation to update User_ClientExportedVault on events even with no organization id or cipher id

* Fixed missing data and validation
2024-04-22 10:18:11 +01:00
Jared Snider
91f1d9fb86
Auth/PM-6689 - Migrate Security Stamp to Token Service and State Provider (#8792)
* PM-6689 - Add security stamp to Token state

* PM-6689 - Remove Security Stamp from account and state service

* PM-6689 - Add security stamp get and set to token service + abstraction + tests

* PM-6689 - Add migration for security stamp, test it, and register it with migrator

* PM-6689 - Update sync service + deps to use token service.

* PM-6689 - Cleanup missed usages of account tokens which has been removed.

* PM-6689 - Per PR feedback, remove unnecessary data migration as the security stamp is only in memory and doesn't need to be migrated.
2024-04-19 16:44:24 -04:00
Justin Baur
395ed3f5d4
[PM-7489] Introduce MessageSender & MessageListener (#8709)
* Introduce MessageSender

* Update `messageSenderFactory`

* Remove Comment

* Use BrowserApi

* Update Comment

* Rename to CommandDefinition

* Add More Documentation to MessageSender

* Add `EMPTY` helpers and remove NoopMessageSender

* Calm Down Logging

* Limit Logging On Known Errors

* Use `messageStream` Parameter

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Add eslint rules

* Update Error Handling

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>

* Delete Lazy Classes In Favor of Observable Factories

* Remove Fido Messages

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
2024-04-19 15:02:40 -04:00
✨ Audrey ✨
1e67014158
fix update loop when overwriting state from buffer (#8834) 2024-04-19 13:12:17 -04:00
Jared Snider
fffef95c5e
Auth/PM-7235 - Refactor AuthService.getAuthStatus, deprecate everBeenUnlocked, and handle initialization of auto user key on client init (#8590)
* PM-7235 - AuthSvc - Refactor getAuthStatus to simply use the cryptoService.hasUserKey check to determine the user's auth status.

* PM-7235 - CryptoSvc - getUserKey - remove setUserKey side effect if auto key is stored. Will move to app init

* PM-7235 - For each client init service, add setUserKeyInMemoryIfAutoUserKeySet logic

* PM-7235 - CryptoSvc tests - remove uncessary test.

* PM-7235 - Create UserKeyInitService and inject into all init services with new listening logic to support acct switching.

* PM-7235 - UserKeyInitSvc - minor refactor of setUserKeyInMemoryIfAutoUserKeySet

* PM-7235 - Add test suite for UserKeyInitService

* PM-7235 - Remove everBeenUnlocked as it is no longer needed

* PM-7235 - Fix tests

* PM-7235 - UserKeyInitSvc - per PR feedback, add error handling to protect observable stream from being cancelled in case of an error

* PM-7235 - Fix tests

* Update libs/common/src/platform/services/user-key-init.service.ts

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Update libs/common/src/platform/services/user-key-init.service.ts

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* PM-7235 - AuthSvc - Per PR review, for getAuthStatus, only check user key existence in memory.

* PM-7235 - remove not useful test per PR feedback.

* PM-7235 - Per PR feedback, update cryptoService.hasUserKey to only check memory for the user key.

* PM-7235 - Per PR feedback, move user key init service listener to main.background instead of init service

* PM-7235 - UserKeyInitSvc tests - fix tests to plass

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2024-04-19 11:20:13 -04:00
Carlos Gonçalves
6f2bed63a6
[PM-7569] Fix ciphers view update race on desktop (#8821)
* PM-7569 Wait for the update before allow reading ciphers$

* PM-7569 Remove commented line
2024-04-19 14:53:34 +01:00
Robyn MacCallum
c1c6afb0f4
[PM-7562] Add DuckDuckGo back to State Service (#8791)
* Add ddg back to state service

* Remove getters
2024-04-19 09:45:09 -04:00
Matt Gibson
b26c9df056
Fix migrated state service data (#8815)
State service held data in an encrypted pair, with potentially both
encrypted and decrypted values. We want the encrypted form for these
disk migrations (decrypted would always be empty on disk anyways).
2024-04-19 11:41:46 +02:00
Nick Krantz
40ba15c07e
[SM-956] Secret Manager: Integrations Page (#8701)
* add navigation item for integrations and SDKs page

* Initial routing to Integrations & SDKs page

* Initial add of integrations component

* Initial add of SDKs component

* add secret manage integration images

* remove integration & sdk components in favor of a single component

* add integration & integration grid components

* add integrations & sdks

* rename page & components to integration after design discussion

* add external rel attribute for SDK links

* remove ts extension

* refactor: use pseudo element to cover as a link

* refactor: change secondaryText to linkText to align with usage

* update icon for integrations

* add new badge option for integration cards

* hardcode integration/sdk names

* add dark mode images for integrations and sdks

* update integration/sdk card with dark mode image when applicable

* refactor integration types to be an enum

* fix enum typings in integration grid test

---------

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
2024-04-18 15:24:16 -04:00
Matt Gibson
ce75f7b565
Vault/pm-7580/resolve-cipher-update-race (#8806)
* Resolve updated values from updates

Uses the now returned updated values from cipher service to guarantee-return the updated cipher for CLI edits

* Use updated cipher for creation

* Use updated cipher for editing collections

* Await async methods

Cipher data more closely approximates server responses. TODO: this should really use actual response types
2024-04-18 14:06:31 -04:00
Will Martin
d5f503a0d6
[CL-18] toast component and service (#6490)
Update toast styles and new service to CL.
2024-04-18 13:23:35 -04:00
Cesar Gonzalez
9277465951
[PM-5744] Adjust Fido2 Content Script Injection to Meet mv3 Requirements (#8222)
* [PM-5876] Adjust LP Fileless Importer to Suppress Download with DOM Append in Manifest v3

* [PM-5876] Incorporating jest tests for affected logic

* [PM-5876] Fixing jest test that leverages rxjs

* [PM-5876] Updating documentation within BrowserApi.executeScriptInTab

* [PM-5876] Implementing jest tests for the new LP suppress download content scripts

* [PM-5876] Adding a change to webpack to ensure we do not package the mv2 side script for `lp-suppress-import-download.mv2.ts` if building the extension for mv3

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing a configuration to feed the script injection of the Fileless Importer CSV download supression script

* [PM-5744] Adjust injection of `page-script.ts` within FIDO 2 implementation to ensure mv3 compatibility

* [PM-5744] Adjusting structure of manifest.json to clean up implementation and ensure consistency between mv2 and mv3

* [PM-5744] Reverting inclusion of the ConsoleLogService

* [PM-4791] Injected content scripts prevent proper XML file display and disrupt XML responses

* [PM-5744] Adjust FIDO2 content script injection methodology to be compatible with manifest v3

* [PM-5744] Adjusting references to Fido2Service to mirror change of name to Fido2Background

* [PM-5744] Migrating runtime background messages that are associated with Fido2 into Fido2Background

* [PM-5744] Fixing named reference within Fido2Background

* [PM-5744] Migrating all Fido2 messages from the runtime.background.ts script to the fido2.background.ts script

* [PM-5744] Removing unnecessary dependency from runtime background

* [PM-5744] Removing unnecessary dependency from runtime background

* [PM-5744] Reworking how we handle init of Fido2Background

* [PM-5744] Reworking page-script.ts to ensure that it can destory its global values on unload

* [PM-5744] Reworking page-script.ts to ensure that it can destory its global values on unload

* [PM-5744] Implementing separated injection methodology between manifest v2 and v3

* [PM-4791] Adjsuting reference for Fido2 script injection to ensure it only triggers on https protocol types

* [PM-5744] Removing unnecessary message and handling reload of content scripts based on updates on observable

* [PM-5744] Refactoring content-script implementation for fido2

* [PM-5744] Refactoring content-script implementation for fido2

* [PM-5744] Reworking implementation to avoid having multiple contenType checks within the FIDO2 content scripts

* [PM-5744] Re-implementing the messageWithResponse within runtime.background.ts

* [PM-5744] Reverting change to autofill.service.ts

* [PM-5744] Removing return value from runtime.background.ts process message call

* [PM-5744] Reworking how we handle injection of the fido2 page and content script elements

* [PM-5744] Adjusting how we override the navigator.credentials request/reponse structure

* [PM-5744] Working through jest tests for the fido2Background implementation

* [PM-5744] Finalizing jest tests for the Fido2Background implementation

* [PM-5744] Stubbing out jest tests for content-script and page-script

* [PM-5744] Implementing a methodology that allows us to dynamically set and unset content scripts

* [PM-5744] Applying cleanup to page-script.ts to lighten the footprint of the script

* [PM-5744] Further simplifying page-script implementation

* [PM-5744] Reworking Fido2Utils to remove references to the base Utils methods to allow the page-script.ts file to render at a lower file size

* [PM-5744] Reworking Fido2Utils to remove references to the base Utils methods to allow the page-script.ts file to render at a lower file size

* [PM-5744] Implementing the `RegisterContentScriptPolyfill` as a separately compiled file as opposed to an import

* [PM-5744] Implementing methodology to ensure that the RegisterContentScript polyfill is not built in cases where it is not needed

* [PM-5744] Implementing methodology to ensure that the RegisterContentScript polyfill is not built in cases where it is not needed

* [PM-5744] Reverting package-lock.json

* [PM-5744] Implementing a methodology to ensure we can instantiate the RegisterContentScript polyfill in a siloed manner

* [PM-5744] Migrating chrome extension api calls to the BrowserApi class

* [PM-5744] Implementing typing information within the RegisterContentScriptsPolyfill

* [PM-5744] Removing any eslint-disable references within the RegisterContentScriptsPolyfill

* [PM-5744] Refactoring polyfill implementation

* [PM-5744] Refactoring polyfill implementation

* [PM-5744] Fixing an issue where Safari was not resolving the await chrome proxy

* [PM-5744] Fixing jest tests for the page-script append method

* [PM-5744] Fixing an issue found where collection of page details can trigger a context invalidated message when the extension is refreshed

* [PM-5744] Implementing jest tests for the added BrowserApi methods

* [PM-5744] Refactoring Fido2Background implementation

* [PM-5744] Refactoring Fido2Background implementation

* [PM-5744] Adding enums to the implementation for the Fido2 Content Scripts and working through jest tests for the BrowserApi and Fido2Background classes

* [PM-5744] Adding comments to the FIDO2 content-script.ts file

* [PM-5744] Adding jest tests for the Fido2 content-script.ts

* [PM-5744] Adding jest tests for the Fido2 content-script.ts

* [PM-5744] Adding jest tests for the Fido2 page-script.ts

* [PM-5744] Working through an attempt to jest test the page-script.ts file

* [PM-5744] Finalizing jest tests for the page-script.ts implementation

* [PM-5744] Applying stricter type information for the passed params within fido2-testing-utils.ts

* [PM-5744] Adjusting documentation

* [PM-5744] Adjusting implementation of jest tests to use mock proxies

* [PM-5744] Adjusting jest tests to simply implementation

* [PM-5744] Adjust jest tests based on code review feedback

* [PM-5744] Adjust jest tests based on code review feedback

* [PM-5744] Adjust jest tests based on code review feedback

* [PM-5744] Adjusting jest tests to based on feedback

* [PM-5744] Adjusting jest tests to based on feedback

* [PM-5744] Adjusting jest tests to based on feedback

* [PM-5744] Adjusting conditional within page-script.ts

* [PM-5744] Removing unnecessary global reference to the messager

* [PM-5744] Updating jest tests

* [PM-5744] Updating jest tests

* [PM-5744] Updating jest tests

* [PM-5744] Updating jest tests

* [PM-5744] Updating how we export the Fido2Background class

* [PM-5744] Adding duplciate jest tests to fido2-utils.ts to ensure we maintain functionality for utils methods pulled from platform utils

* [PM-5189] Addressing code review feedback

* [PM-5744] Applying code review feedback, reworking obserable subscription within fido2 background

* [PM-5744] Reworking jest tests to avoid mocking `firstValueFrom`

* [PM-5744] Reworking jest tests to avoid usage of private methods

* [PM-5744] Reworking jest tests to avoid usage of private methods

* [PM-5744] Implementing jest tests for the ScriptInjectorService and updating references within the Browser Extension to use the new service

* [PM-5744] Converting ScriptInjectorService to a dependnecy instead of a static class

* [PM-5744] Reworking typing for the ScriptInjectorService

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting how the ScriptInjectorService accepts the config to simplify the data structure

* [PM-5744] Updating jest tests to cover edge cases within ScriptInjectorService

* [PM-5744] Updating jest tests to reference the ScriptInjectorService directly rather than the underlying ExecuteScript api call

* [PM-5744] Updating jest tests to reflect provided feedback during code review

* [PM-5744] Updating jest tests to reflect provided feedback during code review

* [PM-5744] Updating documentation based on code review feedback

* [PM-5744] Updating how we extend the abstract ScriptInjectorService

* [PM-5744] Updating reference to the frame property on the ScriptInjectionConfig
2024-04-18 16:05:16 +00:00
Alex Morask
adb1ee3d38
[AC-2420] Hide SM checkbox on member invite when org is on SM Standalone (#8644)
* Refactoring

* Hide SM toggle on member invite and default to true for SM standalone org

* changed from hide sm checkbox to default and disable

* Removed errant addition from conflict resolution
2024-04-18 11:21:11 -04:00
Alex Morask
1e0ad09757
Added create-client-organization.component (#8767) 2024-04-18 08:36:38 -04:00
Carlos Gonçalves
c045558312
PM-7533 Add missing value assignment (#8780) 2024-04-17 17:09:44 +01:00
Matt Gibson
f15bffb040
Handle null values coming from state (#8784) 2024-04-17 12:02:21 -04:00
cyprain-okeke
a72b7f3d21
[AC-1218] Add ability to delete Provider Portals (#8685)
* initial commit

* add changes from running prettier

* resolve the linx issue

* resolve the lint issue

* resolving lint error

* correct the redirect issue

* resolve pr commit

* Add a feature flag

* move the new component to adminconsole

* resolve some pr comments

* move the endpoint from ApiService to providerApiService

* move provider endpoints to the provider-api class

* change the header

* resolve some pr comments
2024-04-17 14:07:26 +01:00
Thomas Rittson
4db383850f
[AC-2172] Member modal - limit admin access (#8343)
* limit admin permissions to assign members to collections that the admin
doesn't have can manage permissions for
2024-04-17 11:03:48 +10:00
Thomas Rittson
f45eec1a4f
[AC-2169] Group modal - limit admin access - members tab (#8650)
* Restrict user from adding themselves to existing group
2024-04-17 09:31:48 +10:00
Jared Snider
51a6b34cc2
Auth/PM-7467- Fix Refresh token issues (#8757)
* PM-7467 - Login Strategy bug - VaultTimeoutSettings will be undefined before the account is activated unless you pass in user ids to retrieve the data. This resulted in refresh tokens always being set into secure storage regardless of a user's vault timeout settings (logout should translate to memory)

* PM-7467 - TokenSvc - Fix bug in getRefreshToken which would retrieve the user's refresh token from secure storage even if the user had changed their vault timeout setting to log out which moved the refresh token into memory. Includes a migration to remove the no longer required REFRESH_TOKEN_MIGRATED_TO_SECURE_STORAGE state provider flag.

* PM-7467 - Per PR feedback, use IRREVERSIBLE for rollback.

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* PM-7467 - fix tests

* PM-7467 - Fix migrator based on PR feedback.

* PM-7467 - Bump migration version

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-04-16 14:05:47 -04:00
Carlos Gonçalves
06acdefa91
[PM-5273] Migrate state in CipherService (#8314)
* PM-5273 Initial migration work for localData

* PM-5273 Encrypted and Decrypted ciphers migration to state provider

* pm-5273 Update references

* pm5273 Ensure prototype on cipher

* PM-5273 Add CipherId

* PM-5273 Remove migrated methods and updated references

* pm-5273 Fix versions

* PM-5273 Added missing options

* Conflict resolution

* Revert "Conflict resolution"

This reverts commit 0c0c2039ed.

* PM-5273 Fix PR comments

* Pm-5273 Fix comments

* PM-5273 Changed decryptedCiphers to use ActiveUserState

* PM-5273 Fix tests

* PM-5273 Fix pr comments
2024-04-16 17:37:03 +01:00
Jake Fink
576431d29e
[PM-5499] auth request service migrations (#8597)
* move auth request storage to service

* create migrations for auth requests

* fix tests

* fix browser

* fix login strategy

* update migration

* use correct test descriptions in migration
2024-04-15 12:34:30 -04:00
Jason Ng
c701ad9cf2
[AC-2330] Updated Cipher Collections Now Sets Readonly Properly (#8549)
Update putCipherCollection call to get new cipher with updated edit value
2024-04-12 14:41:05 -05:00
✨ Audrey ✨
44d59f0d8c
[PM-7419] add buffered state (#8706)
Introduces a state manager that buffers data until an observed dependency signals it should 
overwrite another state manager with the buffered data. It can be used to implement 
migrations of encrypted data, edit-apply loops (such as used for save operations), and to 
map between encryption keys/formats.
2024-04-12 13:31:58 -04:00
Jared Snider
5f97f4c4a8
Update Organization and Policy Services to allow the passing of a user id and to prevent hangs waiting on an active user (#8712)
* OrgSvc - add new observable returning getAll$ method which accepts a required user id

* OrgSvc - make user id optional

* PolicySvc - getAll$ should use the new OrgSvc.getAll$ method so that it doesn't hang if there isn't an active user yet but a user id was passed in.

* Fix policy service tests
2024-04-12 10:21:19 -04:00
Matt Gibson
8d698d9d84
[PM-7169][PM-5267] Remove auth status from account info (#8539)
* remove active account unlocked from state service

* Remove status from account service `AccountInfo`

* Fixup lingering usages of status

Fixup missed factories

* Fixup account info usage

* fixup CLI build

* Fixup current account type

* Add helper for all auth statuses to auth service

* Fix tests

* Uncomment mistakenly commented code

* Rework logged out account exclusion tests

* Correct test description

* Avoid getters returning observables

* fixup type
2024-04-12 09:25:45 +02:00
✨ Audrey ✨
787ad64b73
apply password generator policy to all users (#8641) 2024-04-11 13:32:50 -04:00
SmithThe4th
c2b91d2d46
[PM-4700] Fixed issue with clearing search index state (#8686)
* fixed issue with clearing search index state

* Decrease snap description character length to reach 128 limit (#8687)

* clear user index before account is totally cleaned up

* [AC-2436] Fix flashing unassigned items banner (#8689)

* Fix flashing banner for users who shouldn't see it

* Emit the right value the first time

* simplify further

* restore comment

* added logout clear on option

* removed redundant clear index from logout

---------

Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-04-11 17:53:16 +01:00
Addison Beck
ab83a367dd
Address review feedback on UnassignedBannerService (#8680)
* Introduce `UnassignedItemsBannerApiService`

* Delete `WebUnassignedItemsBannerService`
2024-04-10 16:13:41 -05:00
Alex Morask
4c2afb4121
Add tax information to provider setup component when FF is on. (#8616) 2024-04-10 14:10:47 -04:00
Thomas Rittson
be362988b0
[AC-2436] Show unassigned items banner in web (#8655)
* Boostrap basic banner, show for all admins

* Remove UI banner, fix method calls

* Invert showBanner -> hideBanner

* Add api call

* Minor tweaks and wording

* Change to active user state

* Add tests

* Fix mixed up names

* Simplify logic

* Add feature flag

* Do not clear on logout

* Update apps/web/src/locales/en/messages.json

---------

Co-authored-by: Addison Beck <github@addisonbeck.com>
2024-04-10 11:52:13 -05:00
Matt Gibson
744f3a4d1c
Use UserKeyDefinition for user-scoped data (#8667) 2024-04-10 11:35:44 -04:00
Justin Baur
84cd01165c
Auth UserKeyDefinition Migration (#8587)
* Migrate DeviceTrustCryptoService

* Migrate SsoLoginService

* Migrate TokenService

* Update libs/common/src/auth/services/token.state.ts

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>

* Fix Test

* Actually Fix Tests

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2024-04-10 09:59:20 -04:00
SmithThe4th
2bce6c538c
[PM-6194] Refactor injection of services in browser services module (#8380)
* refactored injector of services on the browser service module

* refactored the search and popup serach service to use state provider

* renamed back to default

* removed token service that was readded during merge conflict

* Updated search service construction on the cli

* updated to use user key definition

* Reafctored all components that refernce issearchable

* removed commented variable

* added uncommited code to remove dependencies not needed anymore

* added uncommited code to remove dependencies not needed anymore
2024-04-10 14:02:46 +01:00
Jake Fink
9d10825dbd
[PM-5362] Add MP Service (attempt #2) (#8619)
* create mp and kdf service

* update mp service interface to not rely on active user

* rename observable methods

* update crypto service with new MP service

* add master password service to login strategies
- make fake service for easier testing
- fix crypto service tests

* update auth service and finish strategies

* auth request refactors

* more service refactors and constructor updates

* setMasterKey refactors

* remove master key methods from crypto service

* remove master key and hash from state service

* missed fixes

* create migrations and fix references

* fix master key imports

* default force set password reason to none

* add password reset reason observable factory to service

* remove kdf changes and migrate only disk data

* update migration number

* fix sync service deps

* use disk for force set password state

* fix desktop migration

* fix sso test

* fix tests

* fix more tests

* fix even more tests

* fix even more tests

* fix cli

* remove kdf service abstraction

* add missing deps for browser

* fix merge conflicts

* clear reset password reason on lock or logout

* fix tests

* fix other tests

* add jsdocs to abstraction

* use state provider in crypto service

* inverse master password service factory

* add clearOn to master password service

* add parameter validation to master password service

* add component level userId

* add missed userId

* migrate key hash

* fix login strategy service

* delete crypto master key from account

* migrate master key encrypted user key

* rename key hash to master key hash

* use mp service for getMasterKeyEncryptedUserKey

* fix tests

* fix user key decryption logic

* add clear methods to mp service

* fix circular dep and encryption issue

* fix test

* remove extra account service call

* use EncString in state provider

* fix tests

* return to using encrypted string for serialization
2024-04-09 20:50:20 -04:00
Matt Gibson
c02723d6a6
Specify clearOn options for platform services (#8584)
* Use UserKeys in biometric state

* Remove global clear todo. Answer is never

* User UserKeys in crypto state

* Clear userkey on both lock and logout via User Key Definitions

* Use UserKeyDefinitions in environment service

* Rely on userKeyDefinition to clear org keys

* Rely on userKeyDefinition to clear provider keys

* Rely on userKeyDefinition to clear user keys

* Rely on userKeyDefinitions to clear user asym key pair
2024-04-09 11:17:00 -04:00
Vincent Salucci
c73372310b
fix: remove TXT generation, separate save/verify steps, refs AC-2350 (#8540) 2024-04-08 14:32:14 -05:00
Conner Turnbull
18ae698f8d
SM changes (#8531) 2024-04-08 14:42:49 -04:00
Oscar Hinton
7064b595da
[SM-1031] Remove SecretsManager & showDDG compile flags (#8610)
Remove old compile flags which should no longer be required, and may even cause issues. secretsManager: false hides the app switcher which is now used for more than just secrets manager.
2024-04-08 17:46:24 +02:00
Tom
3d052242df
[PM-5578] [PM-5579] [PM-5580] [PM-5581] Send Browser State Provider (#8232)
* Replacing state service with state provider

* Documentation indicating the differences between the 2 states used.

* Creating key definition, updating comments, and modifying test cases

* Adding the key definitions tests

* Documenting the observables

* Fixing the test issue with the awaitAsync import

* Removing browser state service stuff for merge fix

* no need to redefine interface members

* Renaming to DefaultBrowserStateService
2024-04-08 10:30:39 -04:00
Matt Gibson
1308b326fd
Tools/specify-clearon-conditions (#8596)
* Specify user clear events for event upload

* Specify generator clear events

* Specify clear events for user send data

* Specify generic clear on logout for encrypted secret state

* Allow `clearOn`event to be passed into secret state

* Match current data persistence rules

* Clear ui memory on lock + logout
2024-04-08 12:26:22 +00:00
Addison Beck
6df52262a9
Clear provider state on logout (#8563) 2024-04-05 13:10:55 -05:00
Addison Beck
2ff990edd2
Update policy service to clear its own state (#8564) 2024-04-05 13:10:24 -05:00
✨ Audrey ✨
edf35a9ad1
fix fencepost errors in padded data packer (#8631)
Unit tests trim vertical pipes when appear in the data packer's JSON data, but electron is not as forgiving. It throws errors in this situation. This fixes the error by trimming the pipes before b64 decoding the result.
2024-04-05 13:03:04 -04:00
Shane Melton
cbf48decec
[PM-7292] Fix viewing/editing unassigned ciphers for admins (#8627)
* [PM-7292] Introduce canEditUnassignedCiphers helper

* [PM-7292] Use new canEditUnassignedCiphers helper

* [PM-7292] Remove duplicate canUseAdminCollections helper
2024-04-05 08:23:50 -07:00
Jake Fink
775c8a1bbe
Revert "[PM-5362]Create MP Service for state provider migration (#7623)" (#8617)
This reverts commit b1abfb0a5c.
2024-04-04 16:17:09 +00:00
Jake Fink
b1abfb0a5c
[PM-5362]Create MP Service for state provider migration (#7623)
* create mp and kdf service

* update mp service interface to not rely on active user

* rename observable methods

* update crypto service with new MP service

* add master password service to login strategies
- make fake service for easier testing
- fix crypto service tests

* update auth service and finish strategies

* auth request refactors

* more service refactors and constructor updates

* setMasterKey refactors

* remove master key methods from crypto service

* remove master key and hash from state service

* missed fixes

* create migrations and fix references

* fix master key imports

* default force set password reason to none

* add password reset reason observable factory to service

* remove kdf changes and migrate only disk data

* update migration number

* fix sync service deps

* use disk for force set password state

* fix desktop migration

* fix sso test

* fix tests

* fix more tests

* fix even more tests

* fix even more tests

* fix cli

* remove kdf service abstraction

* add missing deps for browser

* fix merge conflicts

* clear reset password reason on lock or logout

* fix tests

* fix other tests

* add jsdocs to abstraction

* use state provider in crypto service

* inverse master password service factory

* add clearOn to master password service

* add parameter validation to master password service

* add component level userId

* add missed userId

* migrate key hash

* fix login strategy service

* delete crypto master key from account

* migrate master key encrypted user key

* rename key hash to master key hash

* use mp service for getMasterKeyEncryptedUserKey

* fix tests
2024-04-04 14:22:41 +00:00
Thomas Rittson
32981ce30d
[AC-2320] Update canEditAnyCollection logic for Flexible Collections v1 (#8394)
* also update calling locations to use canEditAllCiphers where applicable
2024-04-04 13:48:41 +10:00
Oscar Hinton
23c89bda74
[PM-6975] Replace purchasedPremium broadcast message with observables (#8421)
In https://github.com/bitwarden/clients/pull/8133 the premium state changed to
be derived from observables, which means we can get rid of the `purchasePremium`
messages that are sent and instead rely directly on the observable to distribute
the state.
2024-04-03 15:51:55 -05:00
✨ Audrey ✨
b579bc8f96
[PM-6818] legacy generator service adapter (#8582)
* introduce legacy generators
* introduce generator navigation service
* Introduce default options. These accept a userId so that they can be policy-defined
* replace `GeneratorOptions` with backwards compatible `GeneratorNavigation`
2024-04-03 13:48:33 -04:00
Matt Gibson
2977616be4
Use user definition clearon events for billing (#8589) 2024-04-03 10:28:36 -04:00
renovate[bot]
b53b211bd4
[deps]: Lock file maintenance (#7700)
* [deps]: Lock file maintenance

* Fix jest breaking changes

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
2024-04-03 15:48:04 +02:00
Matt Gibson
5fe8f9b76a
Autofill: Use UserKeyDefinitions for user-scoped data (#8588)
* Do not clear badge settings on user events

* Do not clear default uri match strategy

* Use explicit clearOn events for autofill settings
2024-04-03 08:18:26 -04:00
Alex Morask
7df3304a25
[AC-1759] Update subscription status section (#8578)
* Resolve subscription status confusion

* Add feature flag
2024-04-02 13:53:13 -04:00
rr-bw
f79d159277
[PM-5500] Implement StateProvider in RouterService (#8119)
* implement StateProvider in RouterService

* Remove 'export'

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Skip parameter

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2024-04-02 10:16:42 -07:00
Tom
a6e178f1e6
[PM-5574] sends state provider (#8373)
* Adding the key definitions and tests and initial send state service

* Adding the abstraction and implementing

* Planning comments

* Everything but fixing the send tests

* Moving send tests over to the state provider

* jslib needed name refactor

* removing get/set encrypted sends from web vault state service

* browser send state service factory

* Fixing conflicts

* Removing send service from services module and fixing send service observable

* Commenting the migrator to be clear on why only encrypted

* No need for service factories in browser

* browser send service is no longer needed

* Key def test cases to use toStrictEqual

* Running prettier

* Creating send test data to avoid code duplication

* Adding state provider and account service to send in cli

* Fixing the send service test cases

* Fixing state definition keys

* Moving to observables and implementing encryption service

* Fixing key def tests

* The cli was using the deprecated get method

* The observables init doesn't need to happen in constructor

* Missed commented out code

* If enc key is null get user key

* Service factory fix
2024-04-02 12:39:06 -04:00
cyprain-okeke
9956f020e7
[AC-1911] Clients: Create components to manage client organization seat allocation (#8505)
* implementing the clients changes

* resolve pr comments on message.json

* moved the method to billing-api.service

* move the request and response files to billing folder

* remove the adding existing orgs

* resolve the routing issue

* resolving the pr comments

* code owner changes

* fix the assignedseat

* resolve the warning message

* resolve the error on update

* passing the right id

* resolve the unassign value

* removed unused logservice

* Adding the loader on submit button
2024-04-02 17:04:02 +01:00
Carlos Gonçalves
af5f45443d
[PM-5434] Create VaultBrowserStateService and migrate components from BrowserStateService (#8017)
* PM-5434 Initial work on migration

* PM-5434 Migration and tests

* PM-5434 Remove unnecessary comments

* PM-5434 Add unit tests

* PM-5434 Reverted last changes

* PM-5434 Added unit test for deserialize

* PM-5434 Minor changes

* PM-5434 Fix pr comments
2024-04-02 16:23:05 +01:00
Jared Snider
c202c93378
Auth/PM-5268 - DeviceTrustCryptoService state provider migration (#7882)
* PM-5268 - Add DEVICE_TRUST_DISK to state definitions

* PM-5268 - DeviceTrustCryptoService - Get most of state provider refactor done - WIP - commented out stuff for now.

* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - WIP - got first draft of migrator in place and working on tests. Rollback tests are failing for some reason TBD.

* PM-5268 - more WIP on device trust crypto service migrator tests

* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - Refactor based on call with platform

* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - tests passing

* PM-5268 - Update DeviceTrustCryptoService to convert over to state providers + update all service instantiations / dependencies to ensure state provider is passed in or injected.

* PM-5268 - Register new migration

* PM-5268 - Temporarily remove device trust crypto service from migrator to ease merge conflicts as there are 6 more migrators before I can apply mine in main.

* PM-5268 - Update migration numbers of DeviceTrustCryptoServiceStateProviderMigrator based on latest migrations from main.

* PM-5268 - (1) Export new KeyDefinitions from DeviceTrustCryptoService for use in test suite (2) Update DeviceTrustCryptoService test file to use state provider.

* PM-5268 - Fix DeviceTrustCryptoServiceStateProviderMigrator tests to use proper versions

* PM-5268 - Actually fix all instances of DeviceTrustCryptoServiceStateProviderMigrator test failures

* PM-5268 - Clean up state service, account, and login strategy of all migrated references

* PM-5268 - Account - finish cleaning up device key

* PM-5268 - StateService - clean up last reference to device key

* PM-5268 - Remove even more device key refs. *facepalm*

* PM-5268 - Finish resolving merge conflicts by incrementing migration version from 22 to 23

* PM-5268 - bump migration versions

* PM-5268 - DeviceTrustCryptoService - Implement secure storage functionality for getDeviceKey and setDeviceKey (to achieve feature parity with the ElectronStateService implementation prior to the state provider migration). Tests to follow shortly.

* PM-5268 - DeviceTrustCryptoService tests - getDeviceKey now tested with all new secure storage scenarios. SetDeviceKey tests to follow.

* PM-5268 - DeviceTrustCryptoService tests - test all setDeviceKey scenarios with state provider & secure storage

* PM-5268 - Update DeviceTrustCryptoService deps to actually use secure storage svc on platforms that support it.

* PM-5268 - Bump migration version due to merge conflicts.

* PM-5268 - Bump migration version

* PM-5268 - tweak jsdocs to be single line per PR feedback

* PM-5268 - DeviceTrustCryptoSvc - improve debuggability.

* PM-5268 - Remove state service as a dependency on the device trust crypto service (woo!)

* PM-5268 - Update migration test json to correctly reflect reality.

* PM-5268 - DeviceTrustCryptoSvc - getDeviceKey - add throw error for active user id missing.

* PM-5268 - Fix tests

* PM-5268 - WIP start on adding user id to every method on device trust crypto service.

* PM-5268 - Update lock comp dependencies across clients

* PM-5268 - Update login via auth request deps across clients to add acct service.

* PM-5268 - UserKeyRotationSvc - add acct service to get active acct id for call to rotateDevicesTrust and then update tests.

* PM-5268 - WIP on trying to fix device trust crypto svc tests.

* PM-5268 - More WIP device trust crypto svc tests passing

* PM-5268 - Device Trust crypto service - get all tests passing

* PM-5268 - DeviceTrustCryptoService.getDeviceKey - fix secure storage b64 to symmetric crypto key conversion

* PM-5268 - Add more tests and update test names

* PM-5268 - rename state to indicate it was disk local

* PM-5268 - DeviceTrustCryptoService - save symmetric key in JSON format

* PM-5268 - Fix lock comp tests by adding acct service dep

* PM-5268 - Update set device key tests to pass

* PM-5268 - Bump migration versions again

* PM-5268 - Fix user key rotation svc tests

* PM-5268 - Update web jest config to allow use of common spec in user-key-rotation-svc tests

* PM-5268 - Bump migration version

* PM-5268 - Per PR feedback, save off user id

* PM-5268 - bump migration version

* PM-5268 - Per PR feedback, remove unnecessary await.

* PM-5268 - Bump migration verson
2024-04-01 16:02:58 -04:00
Justin Baur
94843bdd8b
[PM-5956] Delete Unused State (#8439)
* Delete Unused State

* Delete One More

* Add Migration to Delete InstalledVersion

* Update Error
2024-04-01 15:36:39 -04:00
Jake Fink
bd7c10705d
add clarification around null in state provider (#8567)
* add clarification around null in state provider

* Update libs/common/src/platform/state/user-state.ts

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-04-01 15:32:11 -04:00
Matt Gibson
136226b6be
Observable auth statuses (#8537)
* Observable has token

* Allow access to user key state observable

* Create observable auth status

* Fix DI
2024-04-01 19:15:54 +00:00
rr-bw
2e51d96416
[PM-5264] Implement StateProvider in LoginEmailService (#7662)
* setup StateProvider in LoginService

* replace implementations

* replace implementation

* remove stateService

* change storage location for web to 'disk-local'

* implement migrate() method of Migrator

* add RememberedEmailMigrator to migrate.ts

* add rollback

* add tests

* replace implementation

* replace implementation

* add StateProvider to Desktop services

* rename LoginService to RememberEmailService

* update state definition

* rename file

* rename to storedEmail

* rename service to EmailService to avoid confusion

* add jsdocs

* refactor login.component.ts

* fix typos

* fix test

* rename to LoginEmailService

* update factory

* more renaming

* remove duplicate logic and rename method

* convert storedEmail to observable

* refactor to remove setStoredEmail() method

* move service to libs/auth/common

* address floating promises

* remove comment

* remove unnecessary deps in service registration
2024-03-30 11:00:27 -07:00
Jared Snider
ebe5a46b57
PM-5263 - Clear all tokens on logout (#8536) 2024-03-28 16:56:02 -04:00
Ike
3d19e3489c
[PM-5269] Key Connector state migration (#8327)
* key connector migration initial

* migrator complete

* fix dependencies

* finalized tests

* fix deps and sync main

* clean up definition file

* fixing tests

* fixed tests

* fixing CLI, Browser, Desktop builds

* fixed factory options

* reverting exports

* implemented UserKeyDefinition clearOn

* Update KeyConnector MIgration

* updated migrator and tests to match profile object

* removed unused service and updated clear

* dep fix

* dep fixes

* clear usesKeyConnector on logout
2024-03-28 12:50:24 -04:00
✨ Audrey ✨
df058ba399
[PM-6146] generator history (#8497)
* introduce `GeneratorHistoryService` abstraction
* implement generator history service with `LocalGeneratorHistoryService` 
* cache decrypted data using `ReplaySubject` instead of `DerivedState`
* move Jsonification from `DataPacker` to `SecretClassifier` because the classifier 
  is the only component that has full type information. The data packer still handles 
  stringification.
2024-03-28 12:19:12 -04:00
Jake Fink
bd6b3266d4
move auth request notification to service (#8451)
- cleanup hanging promises
2024-03-28 09:34:21 -04:00
Oscar Hinton
2edc156dd6
[STRICT TS] Migrate platform abstract services functions (#8527)
We currently use a callback syntax for abstract services. This syntax isn't completely strict compliant and will fail the strictPropertyInitialization check. We also currently don't get any compile time errors if we forget to implement a function.

To that end this PR updates all platform owned services to use the appropriate abstract keyword for non implemented functions. I also updated the fields to be actual functions and not properties.
2024-03-28 12:01:09 +01:00
Thomas Rittson
5cb2e99b2f
[AC-1724] Remove BulkCollectionAccess feature flag (#8502) 2024-03-28 08:08:28 +10:00
Jared Snider
8cdc94076e
Auth/PM-7092 - Fix CLI login via API key not working due to TokenService changes (#8499)
* PM-7092 - Fix CLI login via API key not working (it apparently receives an undefined refresh token which was rejected by setTokens)

* PM-7092 - Fix base login strategy tests

* PM-7092 - per discucssion with jake, refactor setTokens to accept optional refresh token instead of exposing setRefreshToken as public.
2024-03-27 17:46:56 -04:00
Matt Gibson
62ad39e697
Ps/pm 5965/better config polling (#8325)
* Create tracker that can await until expected observables are received.

* Test dates are almost equal

* Remove unused class method

* Allow for updating active account in accout service fake

* Correct observable tracker behavior

Clarify documentation

* Transition config service to state provider

Updates the config fetching behavior to be lazy and ensure that any emitted value has been updated if older than a configurable value (statically compiled).

If desired, config fetching can be ensured fresh through an async.

* Update calls to config service in DI and bootstrapping

* Migrate account server configs

* Fix global config fetching

* Test migration rollback

* Adhere to implementation naming convention

* Adhere to abstract class naming convention

* Complete config abstraction rename

* Remove unnecessary cli config service

* Fix builds

* Validate observable does not complete

* Use token service to determine authed or unauthed config pull

* Remove superfluous factory config

* Name describe blocks after the thing they test

* Remove implementation documentation

Unfortunately the experience when linking to external documentation is quite poor. Instead of following the link and retrieving docs, you get a link that can be clicked to take you out of context to the docs. No link _does_ retrieve docs, but lacks indication in the implementation that documentation exists at all.

On the balance, removing the link is the better experience.

* Fix storybook
2024-03-27 10:03:09 -07:00
Jared Snider
a66e224d32
Auth/PM-7072 - Token Service - Access Token Secure Storage Refactor (#8412)
* PM-5263 - TokenSvc - WIP on access token secure storage refactor

* PM-5263 - Add key generation svc to token svc.

* PM-5263 - TokenSvc - more progress on encrypt access token work.

* PM-5263 - TokenSvc TODO cleanup

* PM-5263 - TokenSvc - rename

* PM-5263 - TokenSvc - decryptAccess token must return null as that is a valid case.

* PM-5263 - Add EncryptSvc dep to TokenSvc

* PM-5263 - Add secure storage to token service

* PM-5263 - TokenSvc - (1) Finish implementing accessTokenKey stored in secure storage + encrypted access token stored on disk  (2) Remove no longer necessary migration flag as the presence of the accessTokenKey now serves the same purpose.

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* PM-5263 - TokenSvc - (1) Tweak return structure of decryptAccessToken to be more debuggable (2) Add TODO to add more error handling.

* PM-5263 - TODO: update tests

* PM-5263 - add temp logs

* PM-5263 - TokenSvc - remove logs now that I don't need them.

* fix tests for access token

* PM-5263 - TokenSvc test cleanup - small tweaks / cleanup

* PM-5263 - TokenService - per PR feedback from Justin - add error message to error message if possible.

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-03-26 18:41:14 -04:00
Jason Ng
7f55833974
[AC-2285] Edit Unassigned Ciphers in AC Bug (#8410)
* check if cipher is unassigned and call the proper service between cipherService get and apiService get. also check for custom user permissions
2024-03-26 15:22:35 -04:00
Justin Baur
f7014a973c
[PM-7071] Fallback to Emitting null When No Active User (#8486)
* Fallback to Emitting `null` When No Active User

* Fix Tests

* Update Test Names to Follow Convention

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix CLI Build

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2024-03-26 12:06:33 -04:00
Jake Fink
7f14ee4994
add back call to verify by PIN (#8495) 2024-03-26 12:00:30 -04:00
Jake Fink
a46767dee2
add auth status to auth service (#8377)
* add auth status to auth service

* fix auth service factory
2024-03-26 13:56:20 +00:00
✨ Audrey ✨
d000f081da
[PM-6556] reintroduce policy reduction for multi-org accounts (#8409) 2024-03-26 07:59:45 -04:00