* [EC-1060] feat: center align table cell content (#4618)
* [EC-1027] feat: remove `tw-text-sm` (#4617)
(cherry picked from commit 807a135418)
* Set checkForBreaches to true (checked) by default.
(cherry picked from commit 28d5961ed3)
* Open WebAuthn Prompt in New Tab (#4696)
- We already did this for Firefox and Safari
* Turn off checking for breaches in web for now (#4698)
* [PS-2455] Catch and log contextmenu errors (#4699)
* Set initRunning to true
initRunning was checked and at the end set to false, but it never got set to true
* Catch and log contextmenu errors
(cherry picked from commit db202f9e9e)
* Fix race condition when setting modal properties (#4701)
(cherry picked from commit 1c18a73a56)
* SG-1047 Fix remember me on web (#4706)
(cherry picked from commit d27ef74fe1)
* PS-2450 EC-1073 Do not decode and normalize query (#4708)
Co-authored-by: Jake Fink <jfink@bitwarden.com>
(cherry picked from commit 13746c1840)
* [Desktop/Browser] - Renew signing certificates (#4739)
(cherry picked from commit 4438ab9e3a)
* Revert to MV2 Autofill Logic (#4705)
* Bumped web version to 2023.2.0 (#4753)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
(cherry picked from commit 4e4de9812e)
* [EC-1074] fix: block interaction during async action (#4732)
The user is able to interact with vault-items while actions like delete are happening. This commit is a temporary fix to disable all interaction surfaces during those async actions.
(cherry picked from commit 957ed50c82)
* Bumped browser version to 2023.2.0
---------
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Carlos Gonçalves <cgoncalves@bitwarden.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: mimartin12 <77340197+mimartin12@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Opeyemi Alao <54288773+Eeebru@users.noreply.github.com>
* Added comments.
* More comments.
* More function comments.
* Changed comment to add missing words.
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Added better comment on fill query function.
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* More comments.
* Added additional documentation on viewable and visible
* Undid changes to the logic to avoid any chance of breaking anything.
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Move auth service factories to Auth team
* Move authentication componenets to Auth team
* Move auth guard services to Auth team
* Move Duo content script to Auth team
* Move auth CLI commands to Auth team
* Move Desktop Account components to Auth Team
* Move Desktop guards to Auth team
* Move two-factor provider images to Auth team
* Move web Accounts components to Auth Team
* Move web settings components to Auth Team
* Move web two factor images to Auth Team
* Fix missed import changes for Auth Team
* Fix Linting errors
* Fix missed CLI imports
* Fix missed Desktop imports
* Revert images move
* Fix missed imports in Web
* Move angular lib components to Auth Team
* Move angular auth guards to Auth team
* Move strategy specs to Auth team
* Update .eslintignore for new paths
* Move lib common abstractions to Auth team
* Move services to Auth team
* Move common lib enums to Auth team
* Move webauthn iframe to Auth team
* Move lib common domain models to Auth team
* Move common lib requests to Auth team
* Move response models to Auth team
* Clean up whitelist
* Move bit web components to Auth team
* Move SSO and SCIM files to Auth team
* Revert move SCIM to Auth team
SCIM belongs to Admin Console team
* Move captcha to Auth team
* Move key connector to Auth team
* Move emergency access to auth team
* Delete extra file
* linter fixes
* Move kdf config to auth team
* Fix whitelist
* Fix duo autoformat
* Complete two factor provider request move
* Fix whitelist names
* Fix login capitalization
* Revert hint dependency reordering
* Revert hint dependency reordering
* Revert hint component
This components is being picked up as a move between clients
* Move web hint component to Auth team
* Move new files to auth team
* Fix desktop build
* Fix browser build
This reduces the noise in the app.modules where the angular locales are loaded.
Simplifies extending with new locales as all of them can be found in the same place under the same file-name
This has previously also been done in the web client
* Split folder service back/foreground
Also splits for folderApiService, since that depends on folderService.
TODO: this split will need to be done for any dependents of a split
service.
* Prefer popup-specific services VaultFilterService
* Prefer popup-specific services i18n
* Prefer popup-specific services configService
* StateService is required for browserSync
* Add Policy Api Service
* Remove unused orgService from PolicyApiService
* Fixup missed dependency
* Attach cryptography services in popup context
* Improve session syncer initialization
* Fix storage reseed on logout
The check for the set vault-timeout needs to happen before all cleaning stateService
Remove check inside of reseedStorage as happens outside prior to calling it (logout/settings.component)
* Remove old limitation to only run on certain browsers
Execute on all browsers besides Safari as it does not support chrome.storage.local.get with an empty key
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/storage/StorageArea/get
* Revert "Remove old limitation to only run on certain browsers"
This reverts commit d7f71aa0b6.
* work: add base logic for password lookup
* work: added browser support for hibp
* work: SG-558 combine weak + leak warning
* fix: language stuff
* fix: form values are neater tho :(
* fix: no cast
The problem was the incorrect identification of the input format. The input with `placeholder="ММ / ГГ"` got a value in `YYYY-MM` format, which is fallback in case when required format was not identified. It happened because `ММ` in the placeholder value had russian characters, but actual constant has english ones.
* Add combine helper
* Helper for running multiple actions with single service cache
* Remove unneeded any
* Send identifier through callback
* Extend Tab Message
* Split out ContextMenu logic
* Add tests for ContextMenu actions
* Context Menu Fixes
* Await call to menu handler
* set onUpdatedRan to false when it's ran
* Switch to using new cache per run
* Fix Generate Password Test
* Remove old file from whitelist
* Remove Useless never from Generic
* Update apps/browser/src/background/main.background.ts
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Address PR Feedback
* Specify a Document Url for Context Menu Items
* Update Test
* Use Generate Password Callback
* Remove DocumentUrlPatterns
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Force update of badge icon and text on all windows
Affects MV2 and MV3
No longer pass in tab and windowId to setLoggedOut and setLocked
When the vault is locked or the user logs out, all open windows/tabs need to be updated
Iterating over all active tabs like in 2022.10.1 was missing:
488734577f/apps/browser/src/background/main.background.ts (L859-L867)
Create clearBadgeText function to take care of it.
* Only try to retrieve tab in unlocked state
* Remove lock icon when unlocking on all windows
* Only use windowId to retrieve tab when defined
In MV2 the `windowId` isn't passed into updateBage and fails to retrieve the correct tab to update.
This resorted in the badge not showing a match count in another window.
Fixes#4260
Ensure in MV3 that all listener pass on the windowId if present.
* Fix Firefox private mode
Only pass on the windowId if defined and within Firefox
In private mode the main.background bootstrap-method passes in the windowId
Do not refreshBadge when in private mode
Previously 488734577f/apps/browser/src/background/main.background.ts (L575-L586) setIcon would skip in private mode. Calling refreshBadge without this would update the badge on all windows (normal and private ones)
* Make username regenerator button same as password one
it seems that (originally?) it wanted to be disabled at first and then become active again once the generator's async call was finished...but this seems unnecessary. removing all that extraneous stuff that doesn't seem to be actually doing anything makes this work just as well as the password generator button, and doesn't end up losing/resetting focus.
* Remove the `[disabled]` attribute from regenerate buttons
* Use `aria-disabled` instead of `disabled`, make click event conditional
* Make spinner show for `aria-disabled` controls as well
* Use aria-describedby for all help blocks/hints
* Add label to send notes textfield
* Use aria-describedby for all help blocks/hints / browser
* Tweak help block for confirming identity
* Remove aria-describedby for general login form
Seems unnecessary / doesn't need an extra description
* Fix compiler error
* Remove unnecessary aria-describedby
After testing, turns out the addition here was unnecessary, as the help block is already part of the `<label>`
* Fix aria-describedby reference for user verification component
* Remove redundant aria-describedby and generated id for radio buttons
* Fix aria-describedby for send editing in Safari
> When editing a send, the text below the deletion date is not recognized by the screen reader reliably (send-add-edit.component.html / efflux-dates.component.html). There might be an issues depending on which browser is used (deletionDateHelp vs. deletionDateCustomHelp
* Make custom environment container role="group", give it a label and description
> In the Environment Url Settings, the text “For advanced users…….“ is not not recognized by the screen reader. Not sure how to best solve this one, as it's below all individual url inputs. Ideally it gets announced with the baseUrl part or when focusing Custom Environment)
* feat-web: add hidden char count toggle
* Added toggle char count for desktop
* Use Tailwind and Component Library, add i18n
* Hide char count when password is hidden
* Initial proposal
* Update colors per design spec for all clients
Also make variable names consistent across clients
* Remove unused scss
* Add styling
* Set fixed with for password count elements
* Add separate wrapped stories
* Fix alignment of first char when wrapped
* Minor refactors
* Make naming consistent
* Add Figma url
* add barrel files
* Use CL component
* Fix template
* Remove duplicate style
* Use ColorPasswordComponent in web, remove old pipe
Also remove styling and move pipe out of jslib-module given that
it's no longer shared by all Angular clients
* Run prettier
* Remove unused scss vars
* Undo unnecessary changes
* Remove unnecessary changes
* Fix styling
* Fix selector
* Collect show password event
* Fix incorrect background in dark mode
* Fix linting
* Use color password for password history
* Add char count to hidden custom fields in desktop
* Fix char count background in web: take 2
* Update service name
* Add missing label toggleCharacterCount for desktop
Co-authored-by: Daniel James Smith <djsmith@web.de>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* SG-825 - policy.service - Apply policies of disabled orgs
* SG-825 - OrgFilter - Show org suspended icon when org is disabled and remove personal vault policy enabled
* SG-825 - Org Filter refactor - Enterprise users can now access org options to leave orgs without selecting them (previously, you had to select an org to get the options to show up which was not possible for disabled orgs). Users can now leave disabled orgs.
* SG-825 - fix aria label compile issue
* SG-825 - Browser - Vault filter CSS refactor - (1) Better ellipsis truncation implemented (2) Selected vault and dropdown widths now scale dynamically based on selection and container width
* SG-825 - Desktop - (1) Org suspended warning icon now displayed on disabled orgs even when personal vault removed policy applied (2) Org suspended icon now has same accessibility (title / label) as web & browser.
* Remove default landing on masterpassword page
* Remove rememberEmail state service value that isn't needed
* Remove last occurence of setRememberEmail
* Remove alwaysRememberEmail functionality
* Remove always remember email from browser and add option to
* Add extra spacing around remember email check
* [SG-884] Fix Remember Email functionality for Login with SSO (#4238)
* Add saveEmailSettings method to LoginService
* Add StateService as a dependency to LoginService
* Update login components to utilize new login service method for saving rememberedEmail
* Only sync if synced value changes
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Catch error if no one is listening
This occurs if the background tries to update any visualizers, but none
are open.
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
* Allow provided deserializer to handle not found
* Debounce synced items
* Remove object-hash
* Revert "Only sync if synced value changes"
This reverts commit 024fe226d9.
* Test debounce
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Move chevron/arrow to start of disclosure widget
in addition, changes the only expand/collapse disclosure widget like this on the web client to use the same `<h3><button>...</button></h3>` structure as on browser extension and desktop app
* Change collapsed/expanded icons
Make them more understandable and consistent with other expand/collapse controls
* Harmonise desktop +/- controls to use arrow/chevron icons as well
also removes the incorrect `A11yTitle` in the generator that currently overrides the visible "Options" text (leading to a failure of WCAG 2.5.3 Label in Name)
* Change the icons for the expand/collapse disclosure widget in SSO component
* Expand icon explanation
plus minor typo cleanup
* Add patch for Send button focus outline
* Await in `has` calls.
* Add disk cache to browser synced items
Note: `Map` doesn't serialize nicely so it's easier to swap over to a
`Record` object for out cache
* Mock and await init promises in tests
* Remove redundant settings checks
* Move event.service to it's own folder
Move abstractions/event.service to abstractions/event/event.service
Move services/event.service to services/event/event.service
Fix all the imports
* Extract event-upload from event.service
Move `uploadEvents` from `EventService` to `EventUploadService`
Create event-upload-service-factory
Fix wiring up all the dependencies
* Remove clearEvents from EventService
clearEvents is only related to uploading events and can be moved into EventUploadService
Change the logout-method to only call EventUploadService.uploadEvents as that also calls clearEvents internally
* Rename EventService to EventCollectionService
Rename libs\common\abstraction\event\event.service.ts to libs\common\abstractions\event\event-collection.service.ts
Rename libs\common\services\event\event.service.ts to libs\common\services\event\event-collection.service.ts
Fix all the imports
Fix up service regristration/instantiation
Reanme \browser\src\background\service_factories\event-service.factory.ts to \browser\src\background\service_factories\event-collection-service.factory.ts
* Move interval to upload events to EventUploadSvc
Move the `init()` from event-collection.service to event-upload.service
Change call-site in web, desktop, browser
* [EC-584] Update ApiService to remove any appendages to ClientVersion
* [EC-584] Extract application version number logic from ApiService to PlatformUtils
* Update libs/electron/src/services/electronPlatformUtils.service.ts
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* [EC-584] Use getApplicationVersion as source for getApplicationVersionNumber
* [EC-584] Remove defaulting to dash on getApplicationVersionNumber and add unit tests
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Do not use object constructors for names
Minification was selecting different class names for different instances
of services, which was causing them not to sync properly.
This was happening _only_ in production mode for some reason, perhaps
due to minifying post chunking?
* Add tests for additional synced properties
* Register alarms and listen to them
* Wire up alarms and actions
Register actions(commands) which can be executed by an alarm
Create methods in alarm-state to persists actions and execution times
Flesh out AlarmListener to iterate over registered commands and check if they need to execute
Simplify clearClipboard action as it only handles the action instead of also worrying if it should fire.
Enable previously disabled clear-clipboard tests (#3532)
Adjust clear-clipboard tests to new simpler execution
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Make linter happy
* Revert accidentally commited with merging master
* Add jsdoc per PR comment
* Fixed types to simplify adding new alarm actions
Create a new alarm action (i.e `clear-clipboard.ts`)
Export a name for the alarm action (`clearClipboardAlarmName`)
`alarm-state.ts`
Import alarm action name
Extend `alarmKeys` and `alarmState`
`on-alarm-listener`
Import alarm action method and alarm action name
Add it to the switch case
* Add comment to clearClipboard action
Add comment to replace clearClipboard impl once clipboardApi's are accessible by service-workers
https://bugs.chromium.org/p/chromium/issues/detail?id=1160302
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Elevate Map <-> Record JSON helpers to Utils
* Build Account from a StateService provided AccountDeserializer
* Allow Manifest V2 usage of session sync
Expands use of SessionSyncer to all Subject types. Correctly handles
replay buffer for each type to ignore the flood of data upon
subscription to each Subject type.
* Create browser-synced Policy Service
* Move BrowserFolderService
* Libs account serialization improvements
* Serialize Browser Accounts
* Separate StateService in background/visualizations
Visualizer state services share storages with background page, which
nicely emulates mv3 synchronization through session/local storage. There
should not be multithreading issues since all of these services are
still running through a single thread, we just now have multiple places
we are reading/writing data from.
Smaller improvements
* Rename browser's state service to BrowserStateService
* Remove unused WithPrototype decorator :celebrate:
* Removed conversion on withPrototypeForArrayMembers. It's reasonable to
think that if the type is maintained, it doesn't need conversion.
Eventually, we should be able to remove the withPrototypeForArrayMembers
decorator as well, but that will require a bit more work on
(de)serialization of the Accounts.data property.
* Make Record <-> Map idempotent
Should we get in a situation where we _think_ an object has been
jsonified, but hasn't been, we need to correctly deal with the object
received to create our target.
* Check all requirements while duck typing
* Name client services after the client
* Use union type to limit initialize options
* Fixup usages of `initializeAs`
* Add OrganizationService to synced services
Co-Authored-By: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add Settings service to synced services
Co-Authored-By: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add missing BrowserStateService
* Fix factories to use browser-specific service overides
* Fix org-service registration in services.module
* Revert "Add missing BrowserStateService"
This reverts commit 81cf384e87.
* Fix session syncer tests
* Fix synced item metadata tests
* Early return null json objects
* Prefer abstract service dependencies
* Prefer minimal browser service overrides
* [SG-632] - Change forwarded providers radio buttons list to dropdown (#4045)
* SG-632 - Changed forwarded providers list of radio buttons to dropdown
* SG-632 - Added role attributes to improve accessibility.
* SG-632 - Added sorting to array and empty option
* SG-632 - Fix styling to match standards.
* rename cipehrs component to vault items component (#4081)
* Update the version hash for the QA Web build artifact to follow SemVer syntax (#4102)
* Remove extra call to toJSON() (#4101)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith@web.de>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* SG-632 - Changed forwarded providers list of radio buttons to dropdown
* SG-632 - Added role attributes to improve accessibility.
* SG-632 - Added sorting to array and empty option
* SG-632 - Fix styling to match standards.
* Move OrganizationService to fullSync
* Add Tech Debt Tracking Link
* Remove Commented out code
* Add InternalOrganizationService
* Use InternalOrganization in services that get to update state
* Browser Extension - Send - Expiration / Deletion date calendar icon + datepicker pop up now respect theme better in Chrome / Chromium based browsers and Safari (Firefox datepicker pop up doesn't seem to have an easy mechanism for theming)
* SG-428 - Extension - Iconography for date inputs for Chromium browsers now reflects theme colors properly + hover states; icon not shown on non-Chromium browsers
* Variables.scss - ran prettier locally after tweaking comments to pass eslint checks
* fix for covered dropdown on empty vault
This could be done one of 2-3 ways. I think this might be the least problematic, but could also be done with just changing "position: absolute" to "relative on the ".no-items" class - base.css:461 For some reason, I'm unable to load the spinner to test.
* rename class
* Send all saved url to autofill script
* Handle array of matched urls in content script
* Prompt at most once to override insecure autofill
* Do not send never match URIs to content script
We know these URIs did not cause the autofill match, so we
can safely remove these from the list of potential matches.
* more css changes
* add icon button hover
* Update apps/browser/src/popup/scss/box.scss
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Update apps/desktop/src/scss/box.scss
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* feedback updates
* restore desktop pseudo rule
* update to include some variable fixes and deletions
* updates per oscar
* feedback updates
more universal variable, adjusted box padding (per Kyle), and aligned footer text
* changes per product design
added border for selects, border around generator, and hover for solarizeddark
* add more helper text space below for visual separation
* group new variable
* login page button fix
Dflinn found an odd margin on the login page
* Revert "Merge branch 'master' into browser-ext-ui-update-test"
This reverts commit b8007102f9, reversing
changes made to 246768cb12.
* fix button height
* revert file changes
* test adjustments
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
* community PR reviewed, Update search cancel button to be visible in all themes
* community PR reviewed, Update search cancel button to be visible in all themes 2
* [SG-163] Two step login flow web (#3648)
* two step login flow
* moved code from old branch and reafctored
* fixed review comments
* [SG-164] Two Step Login Flow - Browser (#3793)
* Add new messages
* Remove SSO button from home component
* Change create account button to text
* Add top padding to create account link
* Add email input to HomeComponent
* Add continue button to email input
* Add form to home component
* Retreive email from state service
* Redirect to login after submit
* Add error message for invalid email
* Remove email input from login component
* Remove loggingInTo from under MP input
* Style the MP hint link
* Add self hosted domain to email form
* Made the mp hint link bold
* Add the new login button
* Style app-private-mode-warning in its component
* Bitwarden -> Login text change
* Remove the old login button
* Cancel -> Close text change
* Add avatar to login header
* Login -> LoginWithMasterPassword text change
* Add SSO button to login screen
* Add not you button
* Allow all clients to use the email query param on the login component
* Introduct HomeGuard
* Clear remembered email when clicking Not You
* Make remember email opt-in
* Use formGroup.patchValue instead of directly patching individual controls
* [SG-165] Desktop login flow changes (#3814)
* two step login flow
* moved code from old branch and reafctored
* fixed review comments
* Make toggleValidateEmail in base class public
* Add desktop login messages
* Desktop login flow changes
* Fix known device api error
* Only submit if email has been validated
* Clear remembered email when switching accounts
* Fix merge issue
* Add 'login with another device' button
* Remove 'log in with another device' button for now
* Pin login pag content to top instead of center justified
* Leave email if 'Not you?' is clicked
* Continue when enter is hit on email input
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* [SG-750] and [SG-751] Web two step login bug fixes (#3843)
* Continue when enter is hit on email input
* Mark email input as touched on 'continue' so field is validated
* disable login with device on self-hosted (#3895)
* [SG-753] Keep email after hint component is launched in browser (#3883)
* Keep email after hint component is launched in browser
* Use query params instead of state for consistency
* Send email and rememberEmail to home component on navigation (#3897)
* removed avatar and close button from the password screen (#3901)
* [SG-781] Remove extra login page and remove rememberEmail code (#3902)
* Remove browser home guard
* Always remember email for browser
* Remove login landing page button
* [SG-782] Add login service to streamline login form data persistence (#3911)
* Add login service and abstraction
* Inject login service into apps
* Inject and use new service in login component
* Use service in hint component to prefill email
* Add method in LoginService to clear service values
* Add LoginService to two-factor component to clear values
* make login.service variables private
Co-authored-by: Gbubemi Smith <gsmith@bitwarden.com>
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* Add item decryption to encryptService
* Create multithreadEncryptService subclass to handle web workers
* Create encryption web worker
* Refactor cipherService to use new interface
* Update dependencies
* feat(browser): implement theming for notification bar
* refactor(browser): split notification bar function
* refactor(browser): use own method for getCurrentTheme
* chore(browser): add close.svg file as an asset
this file is embedded in apps/browser/src/notification/bar.html
* feat(browser): change textContrast color on primary buttons
* feat(browser): use dedicated color variable for close button
* feat(browser): use textColor for close button
* feat(browser): implement styling for select fields
* feat(browser): improve close button styling, add hover effect
* PS-976 - when user has cipher readonly permissions, prevent user from editing cipher fields and make separate api call that only updates Favorite and Folder values
* PS-976 - in the readonly edit cipher view, hide non-operable buttons and display select values as readonly input text
* PS-976 - update failing test
* PS-976 - split cipher saveWithServer call into Create and Update calls
* PS-976 - replace property with function call to get the card expiration month for the readonly view
* MM-976 - when user has readonly permissions hide "delete" button on View Item view, hide generate username/password buttons on Edit Item view
* PS-976 - rename cipherPartialRequest file to align with new naming convention
* Do not autofill if sandboxed
`self.origin` is 'null' if inside a frame with sandboxed csp or iframe tag
* Update apps/browser/src/content/autofill.js
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Record changes in autofill.js
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Initial - add folder id to popup item view
* Add folder service to view component
* Move folder info higher in the item view as proper box
* Add folder name handling to component
* Add folder field to browser view
* Add folder field to desktop view
* Make folder field draggable
following the merging of https://github.com/bitwarden/clients/pull/3321 also make the folder field draggable
* Use `<label>` and readonly `<input>`
In anticipation of https://github.com/bitwarden/clients/pull/3485 being merged
* Changes from review
- change input name to `folderName`, match it in the `for` attribute on the `<label>`
- add an `if` check before querying folder names
* Match `name` to `id`
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add needed factories for AuthService
WIP: Allow console logs
* Add badge updates
* Init by listener
* Improve tab identification
* Define MV3 background init
* Init services in factories.
Requires conversion of all factories to promises.
We need to initialize in factory since the requester of a service
doesn't necessarily know all dependencies for that service. The only
alternative is to create an out parameter for a
generated init function, which isn't ideal.
* Improve badge setting
* Use `update-badge` in mv2 and mv3
Separates menu and badge updates
* Use update-badge everywhere
* Use BrowserApi where possible
* Update factories
* Merge duplicated methods
* Continue using private mode messager for now
* Add static platform determination.
* Break down methods and extract BrowserApi Concerns
* Prefer strict equals
* Init two-factor service in factory
* Use globalThis types
* Prefer `globalThis`
* Use Window type definition updated with Opera
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
* Distinguish Opera from Safari
Opera includes Gecko, Chrome, Safari, and Opera in its user agent. We need to make sure that
we're not in Opera prior to testing Safari.
* Update import
* Initialize search-service for update badge context
* Build all browser MV3 artifacts
only uploading Chrome, Edge and Opera artifacts for now, as those support manifest V3
Also corrects build artifact to lower case.
* Remove individual dist
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Add generate command
* Add JSDoc
* Minor improvements
* Remove unneeded comment
* Make some properties optional
* Remove main.background.ts changes
* One more
* Lint
* Make all but length optional
* Address PR feedback
* Move generate command code to command
* Address PR feedback
* Use new alarm scheme
* Let feature handle state keys
Moves to a feature folder and creates clipboard-module level state
handler functions.
StateService is being paired down to storage routing, so we are handling storage
specifics in-module.
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Daniel Smith <djsmith85@users.noreply.github.com>
* Missed some changes
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Daniel Smith <djsmith85@users.noreply.github.com>
* Add CreationDate to common libs
* Add CreationDate to Browser
* Add CreationDate to CLI
* Add CreationDate to Desktop
* Add CreationDate to Web
* Update tests
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Copy updated. Transition browser strings to use sentence case for all UI elements, except the following terms:
• Branded Names: Provider(s) + Provider Portal, Send(s) + Send, Directory Connector
• Plan Names: Premium, Families, Teams, Enterprise
* Add windows to platform utils service
Note, this will result in conflicts with several in-flight PRs, but is necessary for following commits.
* Add necessary background service factories
* Simplify autofill command
* Remove noop event service
* Added abstractions for PolicyApiService and PolicyService
* Added implementations for PolicyApiService and PolicyService
* Updated all references to new PolicyApiService and PolicyService
* Deleted old PolicyService abstraction and implementation
* Fixed CLI import path for policy.service
* Fixed main.background.ts policyApiService dependency for policyService
* Ran prettier
* Updated policy-api.service with the correct imports
* [EC-377] Removed methods from StateService that read policies
* [EC-377] Updated policy service getAll method to use observable collection
* [EC-377] Added first unit tests for policy service
* [EC-377] Added more unit tests for Policy Service
* [EC-376] Sorted methods order in PolicyApiService
* [EC-376] Removed unused clearCache method from PolicyService
* [EC-376] Added upsert method to PolicyService
* [EC-376] PolicyApiService putPolicy method now upserts data to PolicyService
* [EC-377] Removed tests for deleted clearCache method
* [EC-377] Added unit test for PolicyService.upsert
* [EC-377] Updated references to state service observables
* [EC-377] Removed getAll method from PolicyService and refactored components to use observable collection
* [EC-377] Updated components to use concatMap instead of async subscribe
* [EC-377] Removed getPolicyForOrganization from policyApiService
* [EC-377] Updated policyAppliesToUser to return observable collection
* [EC-377] Changed policyService.policyAppliesToUser to return observable
* [EC-377] Fixed browser settings.component.ts getting vault timeout
* Updated people.component.ts to get ResetPassword policy through a subscription
* [EC-377] Changed passwordGenerationService.getOptions to return observable
* [EC-377] Fixed CLI generate.command.ts getting enforcePasswordGeneratorPoliciesOnOptions
* [EC-377] Fixed eslint errors on rxjs
* [EC-377] Reverted changes on passwordGeneration.service and vaultTimeout.service
* [EC-377] Removed eslint disable on web/vault/add-edit-component
* [EC-377] Changed AccountData.policies to TemporaryDataEncryption
* [EC-377] Updated import.component to be reactive to policyAppliesToUser$
* [EC-377] Updated importBlockedByPolicy$
* [EC-377] Fixed missing rename
* [EC-377] Updated policyService.masterPasswordPolicyOptions to return observable
* [EC-377] Fixed vaultTimeout imports from merge
* [EC-377] Reverted call to passwordGenerationService.getOptions
* [EC-377] Reverted call to enforcePasswordGeneratorPoliciesOnOptions
* [EC-377] Removed unneeded ngOnDestroy
* Apply suggestions from code review
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* [EC-377] Fixed login.component.ts and register.component.ts
* [EC-377] Updated PolicyService to update vaultTimeout
* [EC-377] Updated PolicyService dependencies
* [EC-377] Renamed policyAppliesToUser to policyAppliesToActiveUser
* [EC-377] VaultTimeoutSettings service now gets the vault timeout directly instead of using observables
* [EC-377] Fixed unit tests by removing unneeded vaultTimeoutSettingsService
* [EC-377] Set getDecryptedPolicies and setDecryptedPolicies as deprecated
* [EC-377] Set PolicyService.getAll as deprecated and updated to use prototype.hasOwnProperty
* [EC-565] Reverted unintended change to vaultTimeoutSettings that was causing a bug to not display the correct vault timeout
* [EC-377] Removed unneeded destroy$ from preferences.component.ts
* [EC-377] Fixed policy.service.ts import of OrganizationService
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: mimartin12 <77340197+mimartin12@users.noreply.github.com>
* Fix async subscribe
* Revert "[PS-1066] Browser and Desktop - SSO User does not see Update Master Password screen after Owner does a Admin Password Reset (#3207)"
This reverts commit 0eda418591.
* Make totp countdown `aria-hidden`, add copy of countdown as `sr-only` inside totp button, only make it conditionally "exist" on parent focus
* Make exact same changes to desktop totp
* Tweak copy button accessible name approach
instead of `aria-label`, which overrides the content of the button and, because JAWS has trouble announcing the live region in the desktop app, results in JAWS not announcing ANY countdown at all, this at least announces the current countdown number when the button receives focus in JAWS
* Add `aria-atomic="true"`
avoid JAWS/Firefox only announcing the specific digit that updates, rather than the number as a whole
* Update, run prettier, lint
* Remove orphaned jslibs
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Update imports
* Implement observables in a few places
* Add tests
* Get all clients working
* Use _destroy
* Address PR feedback
* Address PR feedback
* Address feedback
* passwordless login page redesign
* passwordless login page redesign
* restyled login form to use tailwind
* restyled login form to use tailwind
* moved texts on login device template to locales
* made reactive form changes for clients
* added request model
* made more changes
* added implmentation to auth request api
* fixed refrencing issue
* renamed model property
* Added resend notification functionality
* Added new file
* login with device first draft
* login with device first draft
* login with device first draft
* login with device first draft
* connection to anonymous hub
* connection to anonymous hub
* refactored confirm login response
* removed comment
* cleaned up login
* changed uptyped form builder
* changed uptyped form builder
* [SG-168] Update login strategy with passwordless login credentials.
* [SG-168] Removed logs. Changed inputs for passwordless logic strategy. Removed tokenRequestPasswordless it is using the same as password.
* code cleanup
* code cleanup
* removed login with device from self hosted
* fixed PR comments
* added module for login
* fixed post request bug
* added feature flag
* added feature flag
* added feature flag
Co-authored-by: André Bispo <abispo@bitwarden.com>
* Clean up dangling behaviorSubject
* Handle null in utils
* fix null check
* Await promises, even in async functions
* Add to/fromJSON methods to State and Accounts
This is needed since all storage in manifest v3 is key-value-pair-based
and session storage of most data is actually serialized into an
encrypted string.
* Simplify AccountKeys json parsing
* Fix account key (de)serialization
* Remove unused DecodedToken state
* Correct filename typo
* Simplify keys `toJSON` tests
* Explain AccountKeys `toJSON` return type
* Remove unnecessary `any`s
* Remove unique ArrayBuffer serialization
* Initialize items in MemoryStorageService
* Revert "Fix account key (de)serialization"
This reverts commit b1dffb5c2c, which was breaking serializations
* Move fromJSON to owning object
* Add DeepJsonify type
* Use Records for storage
* Add new Account Settings to serialized data
* Fix failing serialization tests
* Extract complex type conversion to helper methods
* Remove unnecessary decorator
* Return null from json deserializers
* Remove unnecessary decorators
* Remove obsolete test
* Use type-fest `Jsonify` formatting rules for external library
* Update jsonify comment
Co-authored-by: @eliykat
* Remove erroneous comment
* Fix unintended deep-jsonify changes
* Fix prettierignore
* Fix formatting of deep-jsonify.ts
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>