1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-04 13:44:00 +01:00
Commit Graph

13289 Commits

Author SHA1 Message Date
Robyn MacCallum
81320a0d6d
[PM-3101] Fix autofill items not working for users without a master password (#5885)
* Add service factories for user verification services

* Update autofill service to check for existence of master password for autofill

* Update the context menu to check for existence of master password for autofill

* context menu test fixes
2023-07-27 10:19:14 -04:00
Andreas Coroiu
7977776b1c
fix: remove Unauth guard from /login-with-device 2023-07-27 09:33:02 +02:00
Jared Snider
0b861f4d0c
Auth/pm 1050/pm 1051/remaining tde approval flows (#5864) 2023-07-25 19:25:00 -04:00
Andreas Coroiu
79d186f4f5
[PM-3120] fix: device key not being saved properly (#5882) 2023-07-25 09:26:14 +02:00
Jake Fink
f2298c1434
generate a master key from master password if needed (#5870) 2023-07-21 13:46:04 -04:00
Andreas Coroiu
41ceaddfc5
[PM-3143] Trusted device encryption: Refactor reset enroll service (#5869)
* create new reset enrollment service

* refactor: login decryption options according to TODO

* feat: add tests

* PM-3143 - Add override to overriden methods

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2023-07-21 12:52:06 -04:00
Andreas Coroiu
04232fe94a
fix: getOrgKeys returning null 2023-07-21 11:33:27 +02:00
Justin Baur
2f855dd37a
[PM-1339] Allow Rotating Device Keys (#5806)
* Merge remote-tracking branch 'origin/feature/trusted-device-encryption' into Auth/pm-1339/rotate-device-keys

* Implement Rotation of Current Device Keys

- Detects if you are on a trusted device
- Will rotate your keys of only this device
- Allows you to still log in through SSO and decrypt your vault because the device is still trusted

* Address PR Feedback

* Move Files to Auth Ownership
2023-07-20 13:04:02 -04:00
Jacob Fink
3d7a0bb151
fix cli build from key hash renaming 2023-07-20 12:17:20 -04:00
Jacob Fink
3ba85c3f45
rename password hash to master key hash 2023-07-20 11:51:12 -04:00
Jacob Fink
e3c8424f0c
Merge branch 'tde-key-model-migration' into feature/trusted-device-encryption 2023-07-20 10:06:48 -04:00
Robyn MacCallum
98b5248bf3
Bypass Master Password Reprompt if a user does not have a MP set (#5600)
* Add a check for a master password in PasswordRepromptService.enabled()

* Add tests for enabled()

* Update state service method call

* Use UserVerificationService to determine if a user has a master password
2023-07-19 15:25:28 -04:00
Jared Snider
d5102f1624
Auth/[pm-2759] - TDE - SSO and 2FA routing logic (#5829)
* PM-2759 - SsoComp - (1) Temp remove all TDE routing logic (2) Refactor existing navigation logic via new component utility function navigateViaCallbackOrRoute

* PM-2759 - SSO Component - Create test suite for logIn logic

* PM-2759 - SsoComp Tests - add disclaimer regarding testing private methods and props

* PM-1259 - SSO Comp - Refactor LogIn method to use functions for each navigation case for improved readability

* PM-1259 - SSO Comp Tests - Add tests for error case during login + test for new handleLoginError logic

* PM-2759 - SsoComp - Deprecate resetMasterPassword and replace with AccountDecryptionOptions logic + update tests

* PM-2759 - SsoComp + tests - Add trusted device encryption first draft handling which has login success and force password reset handling

* PM-2759 - Minor SsoComp comment and method name tweaks

* PM-2759 - BaseTwoFactorComp - (1) Comment out TDE stuff for now (2) Add test suite (3) Replace global window in base comp constructor with angular injection token for window which follows best practices and allows for mocking so the comp can be unit tested

* PM-2759 - Update child 2FA components to use angular injection token for window like base comp

* PM-2759 - TwoFactorComp - Finish testing all logic in doSubmit

* PM-2759 - TwoFactorComponent - Refactor DoSubmit method logic into multiple simple functions to make logic easier to follow

* PM-2759 - Add newtrustedDeviceOption.hasManageResetPasswordPermission property to match server changes

* PM-2759 - Flag AuthResult.resetMasterPassword property as deprecated

* PM-2759 - SSO comp - TDE routing logic - User without MP and ResetPassword permission must set a MP

* PM-2759 - Update Sso Comp tests to reflect additionally added TDE > MP set required logic (when user has no MP but they can reset other user passwords)

* PM-2759 - SsoComp - Add comment explaining the happy paths better for TDE success navigation

* PM-2759 - SsoComp - Refactor isTrustedDeviceEncEnabled logic into own method

* PM-2759 - SsoComp - As the 2FA comp passes the org id through to each route, going to standardize on doing so across the board for now to avoid any tricky scenarios down the line where it is needed and it's not present

* PM-2759 - SsoComp - Finish renaming orgIdFromState to orgIdentifier

* PM-2759 - SsoComp - update tests for forcePasswordReset flows now passing orgIdentifier as query param

* PM-2759 - SsoComp Tests - Export mockAcctDecryptionOpts permutations so we can share them across SsoComp and TwoFactorComp tests

* PM-2759 - Refactor 2FA comp post login redirect logic to match SSO component + add TDE logic

* PM-2759 - SsoComp - Refactor tests a bit for improved re-use

* PM-2759 - Sso Comp tests - can't export consts from a spec file or the other spec files that import them will re-execute the whole test suite as a nested test suite. TIL.

* PM-2759 - TwoFactorComp tests - All existing navigation scenarios + new TDE scenarios should now be tested.

* PM-2759 - Web - 2FA comp - Fix build error b/c of renamed base comp prop (identifier --> orgIdentifier)

* PM-2759 - Fix SsoLogin strategy tests b/c they were broken w/ the addition of the HasManageResetPasswordPermission prop to the TrustedDeviceOption interface

* PM-2759 - Web TwoFactorComp - goAfterLogIn method must be an arrow function to inherit the parent base component scope so that important things like angular services can be defined. Web 2FA flow does not work without this being an arrow func.

* PM-2759 - Fix typo

* PM-2759 - SsoComp and TwoFactorComp tests -  move service and other mocks into the top level before each to better ensure no crossover between test states per PR feedback

* PM-2759 - SsoComp - add clarity by refactoring unclear comment

* PM-2759 - SsoComp - Per excellent PR feedback, refactor if else statements to  guard statements for better readability / design

* PM-2759 - TwoFactorComp - Replace ifs with guard statements

* PM-2759 - TwoFactorComp - add clarity to comment per PR feedback

* PM-2759 - Replace use of jest.Mocked with MockProxy per PR feedback

* PM-2759 - Use unknown over any per PR feedback
2023-07-19 14:16:26 -04:00
Andreas Coroiu
3687eb2d67
fix: buffer null error (#5856) 2023-07-19 16:39:09 +02:00
Andreas Coroiu
ecc9c2b9ec
Merge branch 'master' into feature/trusted-device-encryption 2023-07-19 13:55:19 +02:00
Jacob Fink
282e839c59
fix bug where we weren't passing MP on Restart to migrate method in lock 2023-07-18 16:21:23 -04:00
Danielle Flinn
159fea6962
[CL-99] Update icon-button.stories.ts (#5631)
* Update icon-button.stories.ts

separated out the icon-button stories by size, style, loading, and disabled

* restructured icon button docs to use new stories
2023-07-18 11:28:43 -04:00
Vincent Salucci
cd08c2d701
Merge branch 'master' into feature/trusted-device-encryption 2023-07-18 10:03:04 -05:00
Shane Melton
9d8f52ef6a
[AC-1435] Copy updates for Single Organization policy prerequisite for Account Recovery policy (#5774)
* [AC-1435] Update copy/formatting on account recovery policy dialog

* [AC-1435] Cleanup account recovery dialog component

* [AC-1435] Update AccountRecovery policy description

* [AC-1435] Update Tde option description to include notice for Single Org policy

* fix: remove extra hyphen from help link, refs AC-1435

---------

Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
2023-07-18 10:00:43 -05:00
github-actions[bot]
7aad24727d
Bumped desktop version to 2023.7.1 (#5850)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-07-18 14:25:22 +00:00
Andreas Coroiu
e513c7ee2d
[PM-2908] feat: show account created toast (#5810) 2023-07-18 13:36:49 +02:00
Thomas Rittson
8d0def68c8
Merge remote-tracking branch 'origin/master' into feature/trusted-device-encryption 2023-07-18 14:13:17 +10:00
Patrick H. Lauke
20228a485f
Fix typo overlayPostition > overlayPosition (#5530)
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2023-07-17 13:02:44 -07:00
Sammy Chang
906c11acb1
[PM-2043] Fix additional space and characters copied to clipboard (#5312)
* Change appSelectCopy to accept a dynamic input on what to copy

* Renamed select-copy directive to copy-text directive to be more accurate with the new behaviour

Signed-off-by: Andre Rosado <arosado@bitwarden.com>

* Moved CopyTextDirective on jslib module to be in alphabetic ordering

---------

Signed-off-by: Andre Rosado <arosado@bitwarden.com>
Co-authored-by: Andre Rosado <arosado@bitwarden.com>
2023-07-17 17:00:50 +01:00
Jacob Fink
3de0125564
Merge branch 'master' into tde-key-model-migration 2023-07-17 11:36:10 -04:00
Justin Baur
c85ddfe833
[PM-2998] Move Approving Device Check (#5822)
* Switch to retrieving approving device from token response

- Remove exist-by-types API call
- Define `HasApprovingDevices` on TDE options

* Update Naming

* Update Test

* Update Missing Names
2023-07-17 08:56:30 -04:00
Vincent Salucci
c3adf96da7
fix: remove extra v2 within us/euUrls, refs AC-1518 (#5825) 2023-07-14 14:19:57 -05:00
Todd Martin
b2374acc7f
[PM-3020] Change initialization of EnvironmentService to default to uninitialized (#5830)
* Set initialized to false on construction of the EnvironmentService

* Add initialization on browser and desktop.

* Added comments.
2023-07-14 15:10:47 -04:00
Oscar Hinton
79ed4ff83f
[PM-2237] Add tailwind to desktop & browser (#5326)
* Add tailwind to desktop

* Add tailwind to browser

* Toy around with using CL in desktop

* Move custom css into the tailwind theme

* Revert component experiment

* Add components to browser tsconfig

* Fix build
2023-07-14 15:03:42 -04:00
Thomas Avery
bfae0eb41e
Sort access policy rows (#5802) 2023-07-14 11:56:14 -05:00
Todd Martin
0696252fb3
Removed self-hosted check from TDE SSO config. (#5837) 2023-07-14 11:32:04 -04:00
Cesar Gonzalez
d26dc9c8ac
[PM-2762] Update Logic on HTTP Warning (#5730)
* [PM-2762] Update Logic on HTTP Warning

* [PM-2762] Update apps/browser/src/autofill/content/autofill.js

Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>

---------

Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
2023-07-14 13:29:36 +00:00
Cesar Gonzalez
d42e87fbc6
[PM-2787] Fix Autofill Regex Check to Correctly Handle Both two-digit and four-digit years (#5700) 2023-07-14 13:26:57 +00:00
Oscar Hinton
61d5b2df9c
[PM-1898] Change desktop reload to forcefullyCrashRenderer (#5813)
Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-07-14 13:10:40 +02:00
Oscar Hinton
62575336d5
Remove unused method (#5821) 2023-07-14 12:20:40 +02:00
github-actions[bot]
c086444fc5
Autosync the updated translations (#5828)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-07-14 07:55:39 +00:00
github-actions[bot]
88ec04fb02
Autosync the updated translations (#5826)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-07-14 07:50:32 +00:00
github-actions[bot]
f8e323c33f
Autosync the updated translations (#5827)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-07-14 07:47:21 +00:00
Justin Baur
1d71d99b85
Merge remote-tracking branch 'origin/master' into feature/trusted-device-encryption 2023-07-13 11:42:42 -04:00
Todd Martin
baab72eaf2
Found another missing await. (#5819) 2023-07-13 11:23:04 -04:00
Matt Gibson
aa6bb723f2
Disable mv3 artifacts (#5816) 2023-07-13 10:02:50 -05:00
Vince Grassia
312ee54434
Add default push location for Chocolatey (#5805) 2023-07-13 10:08:36 -04:00
Daniel James Smith
afb6c86c2e
Update web-path for team-auth-dev (#5817)
With https://github.com/bitwarden/clients/pull/5336 all files got moved to apps/web/src/app/auth, but CODEOWNERS still pointed to apps/web/src/auth
2023-07-13 14:08:16 +00:00
github-actions[bot]
028e2b8a61
Bumped browser version to 2023.7.1 (#5815)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-07-13 12:40:14 +00:00
Andreas Coroiu
2f1358cf04
[PM-2928] [PM-2929] [PM-2930] Fixes for: [PM-1203] Replace MP confirmation with verification code (#5798)
* [PM-2928] feat: hide change email if user doen't have MP

* [PM-2929] feat: hide KDF settings if user doesn't have MP

* [PM-2930] feat: remove MP copy
2023-07-13 09:34:43 +02:00
Jared Snider
5480e47bb6
Defect - LockComp - After setting user key, must AWAIT retrieval of user's previous choice to have trusted the device or not. (#5804) 2023-07-12 17:55:34 -04:00
Todd Martin
22cb3d57a4
Adding missing await. (#5801) 2023-07-12 16:34:17 -04:00
Jared Snider
213b8f7ad0
Merge remote-tracking branch 'origin/master' into feature/trusted-device-encryption 2023-07-12 14:59:08 -04:00
Jared Snider
2a5a30844d
Auth/[PM-1260] - Existing User - Login with Trusted Device (Flow 2) (#5775)
* PM-1378 - Refactor - StateSvc.getDeviceKey() must actually convert JSON obj into instance of SymmetricCryptoKey

* TODO: BaseLoginDecryptionOptionsComponent - verify new user check doesn't improperly pick up key connector users

* PM-1260 - Add new encrypted keys to TrustedDeviceUserDecryptionOptionResponse

* PM-1260 - DeviceTrustCryptoSvc - decryptUserKeyWithDeviceKey: (1) update method to optionally accept deviceKey (2) Return null user key when no device key exists (3) decryption of user key now works in the happy path

* PM-1260 - LoginStrategy - SaveAcctInfo - Must persist device key on new account entity created from IdTokenResponse for TDE to work

* PM-1260 - SSO Login Strategy - setUserKey refactor - (1) Refactor existing logic into trySetUserKeyForKeyConnector + setUserKeyMasterKey call and (2) new trySetUserKeyWithDeviceKey method for TDE

* PM-1260 - Refactor DeviceTrustCryptoService.decryptUserKeyWithDeviceKey(...) - Add try catch around decryption attempts which removes device key (and trust) on decryption failure + warn.

* PM-1260 - Account - Add deviceKey to fromJSON

* TODO: add device key tests to account keys

* TODO: figure out state service issues with getDeviceKey or if they are an issue w/ the account deserialization as a whole

* PM-1260 - Add test suite for decryptUserKeyWithDeviceKey

* PM-1260 - Add interfaces for server responses for UserDecryptionOptions to make testing easier without having to use the dreaded any type.

* PM-1260 - SSOLoginStrategy - SetUserKey - Add check looking for key connector url on user decryption options + comment about future deprecation of tokenResponse.keyConnectorUrl

* PM-1260 - SSO Login Strategy Spec file - Add test suite for TDE set user key logic

* PM-1260 - BaseLoginStrategy - add test to verify device key persists on login

* PM-1260 - StateService - verified that settings persist properly post SSO and it's just device keys we must manually instantiate into SymmetricCryptoKeys

* PM-1260 - Remove comment about being unable to feature flag auth service / login strategy code due to circ deps as we don't need to worry about it b/c of the way we've written the new logic to be additive.

* PM-1260 - DevicesApiServiceImplementation - Update constructor to properly use abstraction for API service

* PM-1260 - Browser - AuthService - (1) Add new, required service factories for auth svc and (2) Update auth svc creation in main.background with new deps

* PM-1260 - CLI - Update AuthSvc deps

* PM-1260 - Address PR feedback to add clarity / match conventions

* PM-1260 - Resolving more minor PR feedback

* PM-1260 - DeviceTrustCryptoService - remove debug warn

* PM-1378 - DeviceTrustCryptoSvc - TrustDevice - Fix bug where we only partially encrypted the user key with the device public key b/c I incorrectly passed userKey.encKey (32 bytes) instead of userKey.key (64 bytes) to the rsaEncrypt function which lead to an encryption type mismatch when decrypting the user's private key with the 32 byte decrypted user key obtained after TDE login.  (Updated happy path test to prevent this from happening again)

* PM-1260 - AccountKeys tests - add tests for deviceKey persistence and deserialization

* PM-1260 - DeviceTrustCryptoSvc Test - tweak verbiage per feedback

* PM-1260 - DeviceTrustCryptoSvc - Test verbiage tweak part 2

* Update apps/browser/src/background/service-factories/devices-api-service.factory.ts

per PR feedback

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2023-07-12 12:14:24 -04:00
Todd Martin
fbf67a819f
[PM-2846][PM-2860] Properly pass region from global to account state (#5764)
* Properly pass region from global to account state

* Fixed comment.

* Updated logic to not set environment if region with predefined URLs is selected.

* Added logic to clear environment URLs in EnvironmentService.

* Fixed comment
2023-07-12 10:44:55 -04:00