* Remove Send grouping, type and state
* Delete Send list and add-edit
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove v1 generator, generator history page and extension refresh conditional routing
* Remove unused keys from en/messages.json
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
This PR deletes the legacy lock components from the Angular clients and also removes feature flag control from the routing. The lock component will now be based entirely on the new, recently refreshed LockComponent in libs/auth/angular.
* Remove conditional routing for new vault page (header/footer)
Redirect tabs/current to tabs/vault (new home)
* Remove unused TabsComponent
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* force viewOnly to be true for emergency access
* add input to hide password history, applicable when the view is used from emergency view
* add extension refresh version of the emergency view dialog
* allow emergency access to view password history
- `ViewPasswordHistoryService` accepts a cipher id or CipherView. When a CipherView is included, the history component no longer has to fetch the cipher.
* remove unused comments
* Add fixme comment for removing non-extension refresh code
* refactor password history component to accept a full cipher view
- Remove the option to pass in only an id
* starting
* setup first page for new device verification notice
* update designs for first page. rename components and files
* added second page for new device verification notice
* update notice page one with bit radio buttons. routing logic. user email
* updated routing for new device verification notice to show before vault based on flags, and can navigate back to vault after submission
* fix translations. added remind me later link and nav to page 2
* sync the design for mobile and web
* update routes in desktop
* updated styles for desktop
* moved new device verification notice guard
* update types for new device notice page one
* add null check to page one
* types
* types for page one, page two, service, and guard
* types
* update component and guard for null check
* add navigation to two step login btn and account email btn
* remove empty file
* update fill of icons to support light & dark modes
* add question mark to email access verification copy
* remove unused map
* use links for navigation elements
- an empty href is needed so the links are keyboard accessible
* remove clip path from exclamation svg
- No noticeable difference in the end result
* inline email message into markup
---------
Co-authored-by: Nick Krantz <nick@livefront.com>
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
This PR fixes a bug in the LockComponent refresh that affected the setup/save and use passkey flows. The user was wrongly directly to the /vault after unlock instead of to /fido2 (the passkey screen).
Feature Flag: ExtensionRefresh ON
This needs to be done, because Firefox compares the keys case-insensitive when a release is uploaded to the store.
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Consolidates existing SSO components into a single unified component in
libs/auth, matching the new design system. This implementation:
- Creates a new shared SsoComponent with extracted business logic
- Adds feature flag support for unauth-ui-refresh
- Updates page styling including new icons and typography
- Preserves web client claimed domain logic
- Maintains backwards compatibility with legacy views
PM-8114
---------
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* Add proxy support for file uploads
Instead of using node's native fetch we extend ApiService with NodeApiService to add support for proxies using `node-fetch`
* Fix constructors for FileUploadService in browser
* Fix dependency on ApiService within jslib-services.module
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Use typescript-strict-plugin to iteratively turn on strict
* Add strict testing to pipeline
Can be executed locally through either `npm run test:types` for full type checking including spec files, or `npx tsc-strict` for only tsconfig.json included files.
* turn on strict for scripts directory
* Use plugin for all tsconfigs in monorepo
vscode is capable of executing tsc with plugins, but uses the most relevant tsconfig to do so. If the plugin is not a part of that config, it is skipped and developers get no feedback of strict compile time issues. These updates remedy that at the cost of slightly more complex removal of the plugin when the time comes.
* remove plugin from configs that extend one that already has it
* Update workspace settings to honor strict plugin
* Apply strict-plugin to native message test runner
* Update vscode workspace to use root tsc version
* `./node_modules/.bin/update-strict-comments` 🤖
This is a one-time operation. All future files should adhere to strict type checking.
* Add fixme to `ts-strict-ignore` comments
* `update-strict-comments` 🤖
repeated for new merge files
On `/update-temp-password`, on the light theme the "Logout" link was not showing in the upper-left corner because the text color for an `a` link is our primary blue color, which blended in with the headers background color. This PR changes the logout `a` link to a `button` so that it inherits the header text color. It should be a button anyway since it's calling a function and not simply routing.
* Added conditional to check if a cipher can be delete by user
* Added change detection on push
* Added directive to check if user can delete a cipher
* Added directive to check if user can delete a cipher
* Replaced check with directive
* removed takeUntilDestroyed
Add timeout state management for two-factor authentication flows in web, desktop,
and browser extension clients. Includes:
- New timeout screen component with 5-minute session limit
- Updated UI elements and styling
- Comprehensive test coverage
Refs: PM-13659
* updating new menus to allow tab + enter to submit the link/button
* Updating New actions to use button instead of a for accessibiity purposes
* refactor
* refactor
* test fix
* fixes
* fixing tests
* fixing test
* fixing tests
---------
Co-authored-by: --global <>
* add check for extension prefixes in the three major browsers.
- Firefox does not throw an error or receive the message. Adding checks for Safari and Chrome for safety if this functionality were to change.
* remove unneeded mock rejection
* move prefixes to dedicated array
* refactor protocol check to its own variable
* Add changes for enabled policy
* Remove unused property
* Refactor the changes
* remove duplicated across multiple components
* Add some test and documentations to service
* Correct the comment free family sponsorship for isExemptFromPolicy
* catch errors from `tabSendMessage`
- Removes the need for a timeout when fetching page details
* Add parameter to reject on error
- allows each implementation to decide if they want to handle the error or not
In the legacy `AccountSercurityV1Component` the `updateBiometric(enabled: boolean)` method had an `else` block to handle an `enabled` value of `false`. The new `AccountSecurityComponent` is missing this block, which makes it so the user cannot disable biometrics because we aren't handling the case where they uncheck the biometrics checkbox. This PR just adds the `else` block in the new component so we handle a `false` value.
Feature Flag: ExtensionRefresh ON
Creates a refreshed and consolidated `LoginDecryptionOptionsComponent` for use on all visual clients, which will be used when the `UnauthenticatedExtensionUIRefresh` feature flag is on.
- Introduce using i18n by importing JslibModule
- Use i18n within markup
- Ensure navButtons.labels is a key that is present in the en/messages.json
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* PM-12077 - Initial work on web process reload - more testing required.
* PM-12077 - Clarify comment
* PM-12077 - Improving UX of logout with process reload.
* PM-12077 - Final tweaks for process reload
* PM-12077 - Remove no longer accurate comment.
* PM-12077 - Per PR feedback, clean up logout reason
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Creates a refreshed and consolidated LoginViaAuthRequestComponent for use on all visual clients, which will be used when the UnauthenticatedExtensionUIRefresh feature flag is on.
* move vault headings to their own component
* update aria-label to bind to the data attribute
* move vault headings to the vault-v2 folder
* integrate disclosure trigger to hide vault filters
* remove built in margin on search component
- spacing will be managed by the parent component
* add event emitter so consuming components can know when disclosure status has changed
* add filter badge when filters are selected and the filters are hidden
* persist filter visibility state to disk
* add supporting text for the filter button
* remove extra file
* only read from stored state on component launch.
- I noticed delays when trying to use stored state as the source of truth
* use two-way data binding for change event
* update vault headers to use two way data binds from disclosure component
- also adjust consuming changes
* add border thickness
* add ticket to the FIXME
* move number of filters observable into service
* move state coordination into filter service
* only expose state and update methods from filter service
* simplify observables to avoid needed state lifecycle methods
* remove comment
* fix test imports
* update badge colors
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Refactor the remaining logic from gulp. Part of the browser build script
refactor effort.
Webpack is now responsible for performing most of the operations previously
done by gulp. This includes: - Setting browser specific class - Building the
manifest file The `package.json` is modified to include browser specific
commands for `build`, `build:prod`, `build:watch` and `dist`.
# Manifests
Manifests now uses the `copy-webpack-plugin` `transform` feature. The logic is
located in `apps/browser/webpack/manifest.js`. It reads a template, which
supports some basic operations primarily overriding with browser specific
fields using `__browser__`. The `manifest.json` for both regular and mv3
builds are identical to our existing manifests except:
- `applications` renamed to `browser_specific_settings`.
- `permissions` sorted alphabetically.
# Safari build
Safari requires additional packaging commands. This is implemented as a
powershell script due to the cross-platform nature, and since we generally
require powershell in our distribution pipelines. An alternative would be to
write it in bash, but bash is less powerful and would require some additional
commands like `jq`. Another alternative is to write it using js, but that would
require additional dependencies.
* feat: update sdk service abstraction with documentation and new `userClient$` function
* feat: add uninitialized user client with cache
* feat: initialize user crypto
* feat: initialize org keys
* fix: org crypto not initializing properly
* feat: avoid creating clients unnecessarily
* chore: remove dev print/subscription
* fix: clean up cache
* chore: update sdk version
* feat: implement clean-up logic (#11504)
* chore: bump sdk version to fix build issues
* chore: bump sdk version to fix build issues
* fix: missing constructor parameters
* refactor: simplify free() and delete() calls
* refactor: use a named function for client creation
* fix: client never freeing after refactor
* fix: broken impl and race condition in tests
* feat: add sdk override to desktop build
* feat: add SDK version to browser about dialog
* feat: add sdk override to browser build
* fix: `npm ci` overriding the override
* fix: artifacts not properly downloaded
* fix: switch to new repository
* feat: add debug version function to web
* feat: add sdk-version to CLI
* feat: add version to desktop
* feat: add override to cli
* feat: add override to web
* fix: cli version acting as default command
* fix: consistent workflow input name
* feat: add error handling
* feat: upgrade sdk-internal
* fix: forgot to update package lock
* fix: broken CI build
move sdk version to a regular command
* chore: revert version changes
* refactor: move error handling code
* chore: bump SDK to 0.2.0.main-1
* fix: clean up references to inputs.sdk_commit
* refactor: rename `init` to `applyVersionToWindow`
* revert passphrase minimum
* add recommendation text to browser refresh; hide hint text when value exceeds recommendation
* migrate validators to generator configuration
Refactor the remaining logic from gulp. Part of the browser build script
refactor effort.
Webpack is now responsible for performing most of the operations previously
done by gulp. This includes: - Setting browser specific class - Building the
manifest file The `package.json` is modified to include browser specific
commands for `build`, `build:prod`, `build:watch` and `dist`.
# Manifests
Manifests now uses the `copy-webpack-plugin` `transform` feature. The logic is
located in `apps/browser/webpack/manifest.js`. It reads a template, which
supports some basic operations primarily overriding with browser specific
fields using `__browser__`. The `manifest.json` for both regular and mv3
builds are identical to our existing manifests except:
- `applications` renamed to `browser_specific_settings`.
- `permissions` sorted alphabetically.
# Safari build
Safari requires additional packaging commands. This is implemented as a
powershell script due to the cross-platform nature, and since we generally
require powershell in our distribution pipelines. An alternative would be to
write it in bash, but bash is less powerful and would require some additional
commands like `jq`. Another alternative is to write it using js, but that would
require additional dependencies.
* [CL-245] Update palette to new light and dark theme colors (#8633)
* [CL-245] Add new color swatches to storybook (#8697)
* [CL-238] update typography (#8997)
* [CL-230] [CL-296] Update button styles (#9345)
* [CL-237] Update menu styles for extension refresh (#9525)
* [CL-267] Add 100-level color variants and update primary-600 (#9550)
* [CL-286] Update badge to use focus-visible instead of focus (#9551)
* [CL-250] Update badge styles for extension refresh (#9572)
* [CL-234] callout style refresh (#9920)
* [CL-233] Update form field styles (#9776)
* [CL-239][CL-251][CL-342] dialog style refresh (#10096)
* [CL-239] simple dialog style refresh
* [CL-342] fix text overflow in dialog; add story
* [CL-244] readonly fields (#10164)
* [CL-352] Fix Angular errors related to form element changes (#10211)
* [CL-273] Update styles for checkbox and form control (#10146)
* [CL-274] Update styling for radio button (#10333)
* [CL-338] Remove extra space in item content when end slot is empty (#10350)
* [CL-377] Fix extension style conflict for input background (#10351)
* [CL-271] Update styles for toggle (#10377)
* [CL-381] Update spacing around form elements (#10432)
* [CL-229] Update icon button styles (#10405)
* [CL-380] Remove hover state from disabled form fields (#10639)
* [CL-405] Allow toggle group input to be full width (#10658)
* [CL-389] Exclude end slot label content from truncation (#10508)
* [CL-383] Remove manual focus when password toggle is clicked (#10749)
* [CL-278][CL-391] misc bit-item style fixes (#10758)
* [CL-391] use pointer cursor on hover when link or button
* [CL-210] Change base font size from 14px to 16px (#10779)
* [CL-291] Finalize styling for chip select (#10771)
* [CL-257] update banner component styles (#10766)
* [CL-443] Fix sizing issues (#10893)
* [CL-445] Fix small sizing and spacing issues (#10962)
* [CL-382] Reduce element shifting on readonly hover (#10956)
* [CL-396] Update theme colors to new hexes (#10968)
* [CL-395] Remove text headers color (#10997)
* [CL-404] Switch to primary-600 for all focus indicators (#11015)
* [CL-397] Remove primary-500 (#11036)
* [CL-447] Ensure DM Sans displays correctly at all font weights (#11041)
* [CL-448] Scrollbar Styles (#11111)
* CL-252/update toast (#10996)
* [CL-275] Update link styles (#11174)
* [CL-446] Update hover state for unselected chip selects (#11172)
* [CL-454] Improve color a11y for toast and banner interactive elements (#11200)
* [CL-457] Center input text for select and multiselect (#11239)
* [CL-455] Do not use responsive margin for sections in dialogs or extension (#11243)
* [CL-459] Fix chip behavior when opening menu while item is selected (#11227)
* [CL-388] Update vertical nav colors for new palette (#11226)
* scope styled scrollbar to only select elements (#11247)
* edit radio buttons to be block inputs and update spacing (#11291)
* [CL-453] Fix multiselect chip spacing and truncation (#11300)
* [PM-11131] Prevent duplicated sr labels on form field icon buttons (#11383)
* [CL-303] Prevent chip menu from running offscreen (#11348)
* [CL-476] Fix DM Sans font on Windows (#11409)
* implements scrollbar styles for firefox/chrome and safari (#11447)
* [CL-472] Fix search background color in extension (#11466)
* [CL-481] Style updates for bit-item, bit-card, and primary-100 (#11473)
* [CL-478] Remove underline on hover for most components (#11477)
* [CL-477] Remove focus styles for readonly input (#11510)
* [CL-487] Fix vault items virtual scroll height (#11581)
* [PM-8625] Increase popup width (#11686)
* [CL-494] Wrap long words in toggle group (#11659)
* [CL-13820] Add class to remove link underline (#11762)
* [CL-435] Prevent Windows extension from shifting (#11851)
* [CL-503] Add notification color variables (#11802)
* [PM-14043] Update size of toggle group label to fit more content (#11881)
* [CL-498] Set chip menu width minimum to chip select width (#11905)
---------
Co-authored-by: Will Martin <contact@willmartian.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
Co-authored-by: Merissa Weinstein <merissa.k.weinstein@gmail.com>
Co-authored-by: Danielle Flinn <43477473+danielleflinn@users.noreply.github.com>
Webpack seems to always convert imports to be async. This causes a issue where
init_sdk is not always initialized before we call it. To resolve this I added
a promise we can await in MV3 mode, and also defined a timeout which throws an
error we can use to identify if we have issues loading the module.
* show card and identity ciphers in the autofill suggestions only if the active tab appears to have fields for that type of cipher
* handle cases where collectPageDetailsFromTab$ does not emit
* update tests
* Add hasLoggedInAccount to check if there is a logged in account
* Update Storybook providers
* Revert "Update Storybook providers"
This reverts commit 646506ab95.
* Reapply "Update Storybook providers"
This reverts commit d86744a80b.
* Add story for HasLoggedInAccountExample
* Remove unused imports
