1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-02 13:23:29 +01:00
Commit Graph

244 Commits

Author SHA1 Message Date
Jake Fink
8afe915be1
[PM-7564] Move 2fa and login strategy service to popup and add state providers to 2fa service (#8820)
* remove 2fa from main.background

* remove login strategy service from main.background

* move 2fa and login strategy service to popup, init in browser

* add state providers to 2fa service
- add deserializer helpers

* use key definitions for global state

* fix calls to 2fa service

* remove extra await

* add delay to wait for active account emission in popup

* add and fix tests

* fix cli

* really fix cli

* remove timeout and wait for active account

* verify expected user is active account

* fix tests

* address feedback
2024-04-25 16:45:23 -04:00
Ike
1e4158fd87
[PM-5735] Create kdf Service (#8715)
* key connector migration initial

* migrator complete

* fix dependencies

* finalized tests

* fix deps and sync main

* clean up definition file

* fixing tests

* fixed tests

* fixing CLI, Browser, Desktop builds

* fixed factory options

* reverting exports

* implemented UserKeyDefinition clearOn

* Initial Kdf Service Changes

* rename and account setting kdfconfig

* fixing tests and renaming migration

* fixed DI ordering for browser

* rename and fix DI

* Clean up Migrations

* fixing migrations

* begin data structure changes for kdf config

* Make KDF more type safe; co-author: jlf0dev

* fixing tests

* Fixed CLI login and comments

* set now accepts userId and test updates

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-04-25 11:26:01 -07:00
Justin Baur
a6755f5f20
[PM-7687] Fix reloadPopup Recursion (#8902)
* Fix Message Sending Recursion

* Remove Change That Didn't Help

* Prefer `isExternalMessage` Guard

* Rollback Compare Change

---------

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
2024-04-24 16:54:16 -04:00
Jared Snider
5dc83cd34c
PM-6787 - Rename DeviceTrustCryptoService to DeviceTrustService (#8819) 2024-04-24 12:54:54 -04:00
Jared Snider
a12c140792
Revert "Revert "Auth/PM-6689 - Migrate Security Stamp to Token Service and St…" (#8889)
This reverts commit 100b43dd8f.
2024-04-24 12:37:19 -04:00
Justin Baur
493b79b888
Only Run Migrations in True Background (#8548)
* Only Run Migrations in True Background

* Use `isPrivateMode`

* Use `popupOnlyContext`
2024-04-24 11:14:53 -04:00
Cesar Gonzalez
29d4f1aad5
[PM-7660] Master Password Re-Prompt from Autofill Not Working (#8862) 2024-04-22 12:58:20 -05:00
Jared Snider
100b43dd8f
Revert "Auth/PM-6689 - Migrate Security Stamp to Token Service and State Prov…" (#8860)
This reverts commit 91f1d9fb86.
2024-04-22 12:06:43 -04:00
Matt Gibson
300b17aaeb
[PM-7653] Do not store disk-backed sessions as single blobs (#8852)
* Implement a lazy value class

This will be used as a source for composing key-protected storage from a single key source.

* Simplify local-backed-session-storage

The new implementation stores each value to a unique location, prefixed with `session_` to help indicate the purpose.

I've also removed the complexity around session keys, favoring passing in a pre-defined value that is determined lazily once for the service worker. This is more in line with how I expect a key-protected storage would work.

* Remove decrypted session flag

This has been nothing but an annoyance. If it's ever added back, it needs to have some way to determine if the session key matches the one it was written with

* Remove unnecessary string interpolation

* Remove sync Lazy

This is better done as a separate class.

* Handle async through type

* prefer two factory calls to incorrect value on races.

* Fix type

* Remove log

* Update libs/common/src/platform/misc/lazy.ts

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-04-22 10:14:38 -04:00
Matt Gibson
b5362ca1ce
Browser MV3: Default store values to session storage (#8844)
* Introduce browser large object storage location.

This location is encrypted and serialized to disk in order to allow for storage of uncountable things like vault items that take a significant amount of time to prepare, but are not guaranteed to fit within session storage.

however, limit the need to write to disk is a big benefit, so _most_ things are written to storage.session instead, where things specifically flagged as large will be moved to disk-backed memory

* Store derived values in large object store for browser

* Fix AbstractMemoryStorageService implementation
2024-04-22 08:55:19 -04:00
Jared Snider
91f1d9fb86
Auth/PM-6689 - Migrate Security Stamp to Token Service and State Provider (#8792)
* PM-6689 - Add security stamp to Token state

* PM-6689 - Remove Security Stamp from account and state service

* PM-6689 - Add security stamp get and set to token service + abstraction + tests

* PM-6689 - Add migration for security stamp, test it, and register it with migrator

* PM-6689 - Update sync service + deps to use token service.

* PM-6689 - Cleanup missed usages of account tokens which has been removed.

* PM-6689 - Per PR feedback, remove unnecessary data migration as the security stamp is only in memory and doesn't need to be migrated.
2024-04-19 16:44:24 -04:00
Cesar Gonzalez
14cb4bc5aa
[PM-7581] Validate cache state from external contexts within LocalBackedSessionStorage (#8842)
* [PM-7581] Validate cache state from external contexts within LocalBackedSessionStorage

* [PM-7581] Continuing with exploring refining the LocalBackedSessionStorage

* [PM-7558] Fix Vault Load Times

* [PM-7558] Committing before reworking LocalBackedSessionStorage to function without extending the MemoryStorageService

* [PM-7558] Working through refinement of LocalBackedSessionStorage

* [PM-7558] Reverting some changes

* [PM-7558] Refining implementation and removing unnecessary params from localBackedSessionStorage

* [PM-7558] Fixing logic for getting the local session state

* [PM-7558] Adding a method to avoid calling bypass cache when a key is known to be a null value

* [PM-7558] Fixing tests in a temporary manner

* [PM-7558] Removing unnecessary chagnes that affect mv2

* [PM-7558] Removing unnecessary chagnes that affect mv2

* [PM-7558] Adding partition for LocalBackedSessionStorageService

* [PM-7558] Wrapping duplicate cache save early return within isDev call

* [PM-7558] Wrapping duplicate cache save early return within isDev call

* [PM-7558] Wrapping duplicate cache save early return within isDev call
2024-04-19 19:55:34 +00:00
Jonathan Prusik
ec1af0cf9f
[PM-7610] [MV3] Guard overlay visibility and autofill on page load settings from awaiting indefinitely when there is no active account (#8833)
* guard overlay visibility and autofill on page load settings from awaiting indefinitely when there is no active account

* cleanup
2024-04-19 15:21:54 -04:00
Justin Baur
395ed3f5d4
[PM-7489] Introduce MessageSender & MessageListener (#8709)
* Introduce MessageSender

* Update `messageSenderFactory`

* Remove Comment

* Use BrowserApi

* Update Comment

* Rename to CommandDefinition

* Add More Documentation to MessageSender

* Add `EMPTY` helpers and remove NoopMessageSender

* Calm Down Logging

* Limit Logging On Known Errors

* Use `messageStream` Parameter

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Add eslint rules

* Update Error Handling

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>

* Delete Lazy Classes In Favor of Observable Factories

* Remove Fido Messages

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
2024-04-19 15:02:40 -04:00
Jared Snider
fffef95c5e
Auth/PM-7235 - Refactor AuthService.getAuthStatus, deprecate everBeenUnlocked, and handle initialization of auto user key on client init (#8590)
* PM-7235 - AuthSvc - Refactor getAuthStatus to simply use the cryptoService.hasUserKey check to determine the user's auth status.

* PM-7235 - CryptoSvc - getUserKey - remove setUserKey side effect if auto key is stored. Will move to app init

* PM-7235 - For each client init service, add setUserKeyInMemoryIfAutoUserKeySet logic

* PM-7235 - CryptoSvc tests - remove uncessary test.

* PM-7235 - Create UserKeyInitService and inject into all init services with new listening logic to support acct switching.

* PM-7235 - UserKeyInitSvc - minor refactor of setUserKeyInMemoryIfAutoUserKeySet

* PM-7235 - Add test suite for UserKeyInitService

* PM-7235 - Remove everBeenUnlocked as it is no longer needed

* PM-7235 - Fix tests

* PM-7235 - UserKeyInitSvc - per PR feedback, add error handling to protect observable stream from being cancelled in case of an error

* PM-7235 - Fix tests

* Update libs/common/src/platform/services/user-key-init.service.ts

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Update libs/common/src/platform/services/user-key-init.service.ts

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* PM-7235 - AuthSvc - Per PR review, for getAuthStatus, only check user key existence in memory.

* PM-7235 - remove not useful test per PR feedback.

* PM-7235 - Per PR feedback, update cryptoService.hasUserKey to only check memory for the user key.

* PM-7235 - Per PR feedback, move user key init service listener to main.background instead of init service

* PM-7235 - UserKeyInitSvc tests - fix tests to plass

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2024-04-19 11:20:13 -04:00
Cesar Gonzalez
9277465951
[PM-5744] Adjust Fido2 Content Script Injection to Meet mv3 Requirements (#8222)
* [PM-5876] Adjust LP Fileless Importer to Suppress Download with DOM Append in Manifest v3

* [PM-5876] Incorporating jest tests for affected logic

* [PM-5876] Fixing jest test that leverages rxjs

* [PM-5876] Updating documentation within BrowserApi.executeScriptInTab

* [PM-5876] Implementing jest tests for the new LP suppress download content scripts

* [PM-5876] Adding a change to webpack to ensure we do not package the mv2 side script for `lp-suppress-import-download.mv2.ts` if building the extension for mv3

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing changes based on feedback during code review

* [PM-5876] Implementing a configuration to feed the script injection of the Fileless Importer CSV download supression script

* [PM-5744] Adjust injection of `page-script.ts` within FIDO 2 implementation to ensure mv3 compatibility

* [PM-5744] Adjusting structure of manifest.json to clean up implementation and ensure consistency between mv2 and mv3

* [PM-5744] Reverting inclusion of the ConsoleLogService

* [PM-4791] Injected content scripts prevent proper XML file display and disrupt XML responses

* [PM-5744] Adjust FIDO2 content script injection methodology to be compatible with manifest v3

* [PM-5744] Adjusting references to Fido2Service to mirror change of name to Fido2Background

* [PM-5744] Migrating runtime background messages that are associated with Fido2 into Fido2Background

* [PM-5744] Fixing named reference within Fido2Background

* [PM-5744] Migrating all Fido2 messages from the runtime.background.ts script to the fido2.background.ts script

* [PM-5744] Removing unnecessary dependency from runtime background

* [PM-5744] Removing unnecessary dependency from runtime background

* [PM-5744] Reworking how we handle init of Fido2Background

* [PM-5744] Reworking page-script.ts to ensure that it can destory its global values on unload

* [PM-5744] Reworking page-script.ts to ensure that it can destory its global values on unload

* [PM-5744] Implementing separated injection methodology between manifest v2 and v3

* [PM-4791] Adjsuting reference for Fido2 script injection to ensure it only triggers on https protocol types

* [PM-5744] Removing unnecessary message and handling reload of content scripts based on updates on observable

* [PM-5744] Refactoring content-script implementation for fido2

* [PM-5744] Refactoring content-script implementation for fido2

* [PM-5744] Reworking implementation to avoid having multiple contenType checks within the FIDO2 content scripts

* [PM-5744] Re-implementing the messageWithResponse within runtime.background.ts

* [PM-5744] Reverting change to autofill.service.ts

* [PM-5744] Removing return value from runtime.background.ts process message call

* [PM-5744] Reworking how we handle injection of the fido2 page and content script elements

* [PM-5744] Adjusting how we override the navigator.credentials request/reponse structure

* [PM-5744] Working through jest tests for the fido2Background implementation

* [PM-5744] Finalizing jest tests for the Fido2Background implementation

* [PM-5744] Stubbing out jest tests for content-script and page-script

* [PM-5744] Implementing a methodology that allows us to dynamically set and unset content scripts

* [PM-5744] Applying cleanup to page-script.ts to lighten the footprint of the script

* [PM-5744] Further simplifying page-script implementation

* [PM-5744] Reworking Fido2Utils to remove references to the base Utils methods to allow the page-script.ts file to render at a lower file size

* [PM-5744] Reworking Fido2Utils to remove references to the base Utils methods to allow the page-script.ts file to render at a lower file size

* [PM-5744] Implementing the `RegisterContentScriptPolyfill` as a separately compiled file as opposed to an import

* [PM-5744] Implementing methodology to ensure that the RegisterContentScript polyfill is not built in cases where it is not needed

* [PM-5744] Implementing methodology to ensure that the RegisterContentScript polyfill is not built in cases where it is not needed

* [PM-5744] Reverting package-lock.json

* [PM-5744] Implementing a methodology to ensure we can instantiate the RegisterContentScript polyfill in a siloed manner

* [PM-5744] Migrating chrome extension api calls to the BrowserApi class

* [PM-5744] Implementing typing information within the RegisterContentScriptsPolyfill

* [PM-5744] Removing any eslint-disable references within the RegisterContentScriptsPolyfill

* [PM-5744] Refactoring polyfill implementation

* [PM-5744] Refactoring polyfill implementation

* [PM-5744] Fixing an issue where Safari was not resolving the await chrome proxy

* [PM-5744] Fixing jest tests for the page-script append method

* [PM-5744] Fixing an issue found where collection of page details can trigger a context invalidated message when the extension is refreshed

* [PM-5744] Implementing jest tests for the added BrowserApi methods

* [PM-5744] Refactoring Fido2Background implementation

* [PM-5744] Refactoring Fido2Background implementation

* [PM-5744] Adding enums to the implementation for the Fido2 Content Scripts and working through jest tests for the BrowserApi and Fido2Background classes

* [PM-5744] Adding comments to the FIDO2 content-script.ts file

* [PM-5744] Adding jest tests for the Fido2 content-script.ts

* [PM-5744] Adding jest tests for the Fido2 content-script.ts

* [PM-5744] Adding jest tests for the Fido2 page-script.ts

* [PM-5744] Working through an attempt to jest test the page-script.ts file

* [PM-5744] Finalizing jest tests for the page-script.ts implementation

* [PM-5744] Applying stricter type information for the passed params within fido2-testing-utils.ts

* [PM-5744] Adjusting documentation

* [PM-5744] Adjusting implementation of jest tests to use mock proxies

* [PM-5744] Adjusting jest tests to simply implementation

* [PM-5744] Adjust jest tests based on code review feedback

* [PM-5744] Adjust jest tests based on code review feedback

* [PM-5744] Adjust jest tests based on code review feedback

* [PM-5744] Adjusting jest tests to based on feedback

* [PM-5744] Adjusting jest tests to based on feedback

* [PM-5744] Adjusting jest tests to based on feedback

* [PM-5744] Adjusting conditional within page-script.ts

* [PM-5744] Removing unnecessary global reference to the messager

* [PM-5744] Updating jest tests

* [PM-5744] Updating jest tests

* [PM-5744] Updating jest tests

* [PM-5744] Updating jest tests

* [PM-5744] Updating how we export the Fido2Background class

* [PM-5744] Adding duplciate jest tests to fido2-utils.ts to ensure we maintain functionality for utils methods pulled from platform utils

* [PM-5189] Addressing code review feedback

* [PM-5744] Applying code review feedback, reworking obserable subscription within fido2 background

* [PM-5744] Reworking jest tests to avoid mocking `firstValueFrom`

* [PM-5744] Reworking jest tests to avoid usage of private methods

* [PM-5744] Reworking jest tests to avoid usage of private methods

* [PM-5744] Implementing jest tests for the ScriptInjectorService and updating references within the Browser Extension to use the new service

* [PM-5744] Converting ScriptInjectorService to a dependnecy instead of a static class

* [PM-5744] Reworking typing for the ScriptInjectorService

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting implementation based on feedback provided during code review

* [PM-5744] Adjusting how the ScriptInjectorService accepts the config to simplify the data structure

* [PM-5744] Updating jest tests to cover edge cases within ScriptInjectorService

* [PM-5744] Updating jest tests to reference the ScriptInjectorService directly rather than the underlying ExecuteScript api call

* [PM-5744] Updating jest tests to reflect provided feedback during code review

* [PM-5744] Updating jest tests to reflect provided feedback during code review

* [PM-5744] Updating documentation based on code review feedback

* [PM-5744] Updating how we extend the abstract ScriptInjectorService

* [PM-5744] Updating reference to the frame property on the ScriptInjectionConfig
2024-04-18 16:05:16 +00:00
Daniel García
912b7c136e
[PM-5796] Improve desktop biometric browser integration error handling (#7727)
* Re-register native messaging host integrations on startup

* Check for errors when generating the manifests

* Add log to component

* Switch to Promise.all

* Add injectable service
2024-04-18 17:40:39 +02:00
Justin Baur
0c557c6ab8
Guard Background Only and MV2 Only Actions (#8773) 2024-04-17 10:13:05 -04:00
Carlos Gonçalves
06acdefa91
[PM-5273] Migrate state in CipherService (#8314)
* PM-5273 Initial migration work for localData

* PM-5273 Encrypted and Decrypted ciphers migration to state provider

* pm-5273 Update references

* pm5273 Ensure prototype on cipher

* PM-5273 Add CipherId

* PM-5273 Remove migrated methods and updated references

* pm-5273 Fix versions

* PM-5273 Added missing options

* Conflict resolution

* Revert "Conflict resolution"

This reverts commit 0c0c2039ed.

* PM-5273 Fix PR comments

* Pm-5273 Fix comments

* PM-5273 Changed decryptedCiphers to use ActiveUserState

* PM-5273 Fix tests

* PM-5273 Fix pr comments
2024-04-16 17:37:03 +01:00
Jake Fink
576431d29e
[PM-5499] auth request service migrations (#8597)
* move auth request storage to service

* create migrations for auth requests

* fix tests

* fix browser

* fix login strategy

* update migration

* use correct test descriptions in migration
2024-04-15 12:34:30 -04:00
Matt Gibson
8d698d9d84
[PM-7169][PM-5267] Remove auth status from account info (#8539)
* remove active account unlocked from state service

* Remove status from account service `AccountInfo`

* Fixup lingering usages of status

Fixup missed factories

* Fixup account info usage

* fixup CLI build

* Fixup current account type

* Add helper for all auth statuses to auth service

* Fix tests

* Uncomment mistakenly commented code

* Rework logged out account exclusion tests

* Correct test description

* Avoid getters returning observables

* fixup type
2024-04-12 09:25:45 +02:00
SmithThe4th
c2b91d2d46
[PM-4700] Fixed issue with clearing search index state (#8686)
* fixed issue with clearing search index state

* Decrease snap description character length to reach 128 limit (#8687)

* clear user index before account is totally cleaned up

* [AC-2436] Fix flashing unassigned items banner (#8689)

* Fix flashing banner for users who shouldn't see it

* Emit the right value the first time

* simplify further

* restore comment

* added logout clear on option

* removed redundant clear index from logout

---------

Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-04-11 17:53:16 +01:00
Justin Baur
16c289d680
Prefer Passed In UserId (#8602) 2024-04-10 17:55:20 -05:00
rr-bw
4a3cd24510
instantiate service (#8671) 2024-04-10 10:30:09 -07:00
Cesar Gonzalez
1e7329d1ef
[PM-7370] Remove usage of BrowserMessagingPrivateModeBackgroundService and MultithreadEncryptService from manifest v3 (#8654) 2024-04-10 16:23:02 +00:00
SmithThe4th
2bce6c538c
[PM-6194] Refactor injection of services in browser services module (#8380)
* refactored injector of services on the browser service module

* refactored the search and popup serach service to use state provider

* renamed back to default

* removed token service that was readded during merge conflict

* Updated search service construction on the cli

* updated to use user key definition

* Reafctored all components that refernce issearchable

* removed commented variable

* added uncommited code to remove dependencies not needed anymore

* added uncommited code to remove dependencies not needed anymore
2024-04-10 14:02:46 +01:00
Matt Gibson
560033cb88
Remove usages of chrome.storage (#8664)
* Enable clearing and retrieving all values from local storage

I didn't add these methods to the base abstract class because we don't currently have a use case for them. If we develop one, we can just lift it up.

* Use new browser local storage methods for reseed task

* Remove the now dangerous methods enabling usage of `chrome.storage`

Any direct reference to chrome storage needs to handle serialization tags, which is best dealt with through the classes implementing `AbstractChromeStorageService`
2024-04-10 08:01:34 -05:00
Jake Fink
9d10825dbd
[PM-5362] Add MP Service (attempt #2) (#8619)
* create mp and kdf service

* update mp service interface to not rely on active user

* rename observable methods

* update crypto service with new MP service

* add master password service to login strategies
- make fake service for easier testing
- fix crypto service tests

* update auth service and finish strategies

* auth request refactors

* more service refactors and constructor updates

* setMasterKey refactors

* remove master key methods from crypto service

* remove master key and hash from state service

* missed fixes

* create migrations and fix references

* fix master key imports

* default force set password reason to none

* add password reset reason observable factory to service

* remove kdf changes and migrate only disk data

* update migration number

* fix sync service deps

* use disk for force set password state

* fix desktop migration

* fix sso test

* fix tests

* fix more tests

* fix even more tests

* fix even more tests

* fix cli

* remove kdf service abstraction

* add missing deps for browser

* fix merge conflicts

* clear reset password reason on lock or logout

* fix tests

* fix other tests

* add jsdocs to abstraction

* use state provider in crypto service

* inverse master password service factory

* add clearOn to master password service

* add parameter validation to master password service

* add component level userId

* add missed userId

* migrate key hash

* fix login strategy service

* delete crypto master key from account

* migrate master key encrypted user key

* rename key hash to master key hash

* use mp service for getMasterKeyEncryptedUserKey

* fix tests

* fix user key decryption logic

* add clear methods to mp service

* fix circular dep and encryption issue

* fix test

* remove extra account service call

* use EncString in state provider

* fix tests

* return to using encrypted string for serialization
2024-04-09 20:50:20 -04:00
Tom
3d052242df
[PM-5578] [PM-5579] [PM-5580] [PM-5581] Send Browser State Provider (#8232)
* Replacing state service with state provider

* Documentation indicating the differences between the 2 states used.

* Creating key definition, updating comments, and modifying test cases

* Adding the key definitions tests

* Documenting the observables

* Fixing the test issue with the awaitAsync import

* Removing browser state service stuff for merge fix

* no need to redefine interface members

* Renaming to DefaultBrowserStateService
2024-04-08 10:30:39 -04:00
Jonathan Prusik
216bbdb44c
fix notification bar content script using old server config state storage (#8618) 2024-04-05 16:36:52 -05:00
Addison Beck
6df52262a9
Clear provider state on logout (#8563) 2024-04-05 13:10:55 -05:00
Addison Beck
2ff990edd2
Update policy service to clear its own state (#8564) 2024-04-05 13:10:24 -05:00
Jake Fink
775c8a1bbe
Revert "[PM-5362]Create MP Service for state provider migration (#7623)" (#8617)
This reverts commit b1abfb0a5c.
2024-04-04 16:17:09 +00:00
Jake Fink
b1abfb0a5c
[PM-5362]Create MP Service for state provider migration (#7623)
* create mp and kdf service

* update mp service interface to not rely on active user

* rename observable methods

* update crypto service with new MP service

* add master password service to login strategies
- make fake service for easier testing
- fix crypto service tests

* update auth service and finish strategies

* auth request refactors

* more service refactors and constructor updates

* setMasterKey refactors

* remove master key methods from crypto service

* remove master key and hash from state service

* missed fixes

* create migrations and fix references

* fix master key imports

* default force set password reason to none

* add password reset reason observable factory to service

* remove kdf changes and migrate only disk data

* update migration number

* fix sync service deps

* use disk for force set password state

* fix desktop migration

* fix sso test

* fix tests

* fix more tests

* fix even more tests

* fix even more tests

* fix cli

* remove kdf service abstraction

* add missing deps for browser

* fix merge conflicts

* clear reset password reason on lock or logout

* fix tests

* fix other tests

* add jsdocs to abstraction

* use state provider in crypto service

* inverse master password service factory

* add clearOn to master password service

* add parameter validation to master password service

* add component level userId

* add missed userId

* migrate key hash

* fix login strategy service

* delete crypto master key from account

* migrate master key encrypted user key

* rename key hash to master key hash

* use mp service for getMasterKeyEncryptedUserKey

* fix tests
2024-04-04 14:22:41 +00:00
Cesar Gonzalez
daa9e742e7
[PM-7247] Update AutofillService reference within Angular DI to remove the getBgService call (#8591)
* [PM-7247] Update AutofillService dependency reference within Angular to remove getBgService call

* [PM-7247] Update AutofillService reference within Angular DI to remove the getBgService call
2024-04-03 14:03:10 -05:00
Tom
a6e178f1e6
[PM-5574] sends state provider (#8373)
* Adding the key definitions and tests and initial send state service

* Adding the abstraction and implementing

* Planning comments

* Everything but fixing the send tests

* Moving send tests over to the state provider

* jslib needed name refactor

* removing get/set encrypted sends from web vault state service

* browser send state service factory

* Fixing conflicts

* Removing send service from services module and fixing send service observable

* Commenting the migrator to be clear on why only encrypted

* No need for service factories in browser

* browser send service is no longer needed

* Key def test cases to use toStrictEqual

* Running prettier

* Creating send test data to avoid code duplication

* Adding state provider and account service to send in cli

* Fixing the send service test cases

* Fixing state definition keys

* Moving to observables and implementing encryption service

* Fixing key def tests

* The cli was using the deprecated get method

* The observables init doesn't need to happen in constructor

* Missed commented out code

* If enc key is null get user key

* Service factory fix
2024-04-02 12:39:06 -04:00
Justin Baur
b338e14623
LocalBackedSessionStorage Updates (#8542) 2024-04-02 09:18:34 -04:00
Jared Snider
c202c93378
Auth/PM-5268 - DeviceTrustCryptoService state provider migration (#7882)
* PM-5268 - Add DEVICE_TRUST_DISK to state definitions

* PM-5268 - DeviceTrustCryptoService - Get most of state provider refactor done - WIP - commented out stuff for now.

* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - WIP - got first draft of migrator in place and working on tests. Rollback tests are failing for some reason TBD.

* PM-5268 - more WIP on device trust crypto service migrator tests

* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - Refactor based on call with platform

* PM-5268 - DeviceTrustCryptoServiceStateProviderMigrator - tests passing

* PM-5268 - Update DeviceTrustCryptoService to convert over to state providers + update all service instantiations / dependencies to ensure state provider is passed in or injected.

* PM-5268 - Register new migration

* PM-5268 - Temporarily remove device trust crypto service from migrator to ease merge conflicts as there are 6 more migrators before I can apply mine in main.

* PM-5268 - Update migration numbers of DeviceTrustCryptoServiceStateProviderMigrator based on latest migrations from main.

* PM-5268 - (1) Export new KeyDefinitions from DeviceTrustCryptoService for use in test suite (2) Update DeviceTrustCryptoService test file to use state provider.

* PM-5268 - Fix DeviceTrustCryptoServiceStateProviderMigrator tests to use proper versions

* PM-5268 - Actually fix all instances of DeviceTrustCryptoServiceStateProviderMigrator test failures

* PM-5268 - Clean up state service, account, and login strategy of all migrated references

* PM-5268 - Account - finish cleaning up device key

* PM-5268 - StateService - clean up last reference to device key

* PM-5268 - Remove even more device key refs. *facepalm*

* PM-5268 - Finish resolving merge conflicts by incrementing migration version from 22 to 23

* PM-5268 - bump migration versions

* PM-5268 - DeviceTrustCryptoService - Implement secure storage functionality for getDeviceKey and setDeviceKey (to achieve feature parity with the ElectronStateService implementation prior to the state provider migration). Tests to follow shortly.

* PM-5268 - DeviceTrustCryptoService tests - getDeviceKey now tested with all new secure storage scenarios. SetDeviceKey tests to follow.

* PM-5268 - DeviceTrustCryptoService tests - test all setDeviceKey scenarios with state provider & secure storage

* PM-5268 - Update DeviceTrustCryptoService deps to actually use secure storage svc on platforms that support it.

* PM-5268 - Bump migration version due to merge conflicts.

* PM-5268 - Bump migration version

* PM-5268 - tweak jsdocs to be single line per PR feedback

* PM-5268 - DeviceTrustCryptoSvc - improve debuggability.

* PM-5268 - Remove state service as a dependency on the device trust crypto service (woo!)

* PM-5268 - Update migration test json to correctly reflect reality.

* PM-5268 - DeviceTrustCryptoSvc - getDeviceKey - add throw error for active user id missing.

* PM-5268 - Fix tests

* PM-5268 - WIP start on adding user id to every method on device trust crypto service.

* PM-5268 - Update lock comp dependencies across clients

* PM-5268 - Update login via auth request deps across clients to add acct service.

* PM-5268 - UserKeyRotationSvc - add acct service to get active acct id for call to rotateDevicesTrust and then update tests.

* PM-5268 - WIP on trying to fix device trust crypto svc tests.

* PM-5268 - More WIP device trust crypto svc tests passing

* PM-5268 - Device Trust crypto service - get all tests passing

* PM-5268 - DeviceTrustCryptoService.getDeviceKey - fix secure storage b64 to symmetric crypto key conversion

* PM-5268 - Add more tests and update test names

* PM-5268 - rename state to indicate it was disk local

* PM-5268 - DeviceTrustCryptoService - save symmetric key in JSON format

* PM-5268 - Fix lock comp tests by adding acct service dep

* PM-5268 - Update set device key tests to pass

* PM-5268 - Bump migration versions again

* PM-5268 - Fix user key rotation svc tests

* PM-5268 - Update web jest config to allow use of common spec in user-key-rotation-svc tests

* PM-5268 - Bump migration version

* PM-5268 - Per PR feedback, save off user id

* PM-5268 - bump migration version

* PM-5268 - Per PR feedback, remove unnecessary await.

* PM-5268 - Bump migration verson
2024-04-01 16:02:58 -04:00
Matt Gibson
136226b6be
Observable auth statuses (#8537)
* Observable has token

* Allow access to user key state observable

* Create observable auth status

* Fix DI
2024-04-01 19:15:54 +00:00
rr-bw
2e51d96416
[PM-5264] Implement StateProvider in LoginEmailService (#7662)
* setup StateProvider in LoginService

* replace implementations

* replace implementation

* remove stateService

* change storage location for web to 'disk-local'

* implement migrate() method of Migrator

* add RememberedEmailMigrator to migrate.ts

* add rollback

* add tests

* replace implementation

* replace implementation

* add StateProvider to Desktop services

* rename LoginService to RememberEmailService

* update state definition

* rename file

* rename to storedEmail

* rename service to EmailService to avoid confusion

* add jsdocs

* refactor login.component.ts

* fix typos

* fix test

* rename to LoginEmailService

* update factory

* more renaming

* remove duplicate logic and rename method

* convert storedEmail to observable

* refactor to remove setStoredEmail() method

* move service to libs/auth/common

* address floating promises

* remove comment

* remove unnecessary deps in service registration
2024-03-30 11:00:27 -07:00
Cesar Gonzalez
670f33daa8
[PM-5743] Implement eslint rule for usage of window object in background script (#7849)
* [PM-5742] Rework Usage of Extension APIs that Cannot be Called with the Background Service Worker

* [PM-5742] Implementing jest tests for the updated BrowserApi methods

* [PM-5742] Implementing jest tests to validate logic within added API calls

* [PM-5742] Implementing jest tests to validate logic within added API calls

* [PM-5742] Fixing broken Jest tests

* [PM-5742] Fixing linter error

* [PM-5887] Refactor WebCryptoFunction to Remove Usage of the window Object in the Background Script

* [PM-5878] Rework `window` call within OverlayBackground to function within AutofillOverlayIframe service

* [PM-6122] Rework `window` call within NotificationBackground to function within content script

* [PM-5881] Adjust usage of the `chrome.extension.getViews` API to ensure expected behavior in manifest v3

* [PM-5881] Reworking how we handle early returns from `reloadOpenWindows`

* [PM-5881] Implementing jest test to validate changes within BrowserApi.reloadOpenWindows

* [PM-5743] Implement eslint rule to impeede usage of the `window` object in the background script

* [PM-5743] Working through fixing eslint rule errors, and setting up ignore statements for lines that will be refactored at a later date

* [PM-5743] Fixing broken jest tests

* [PM-5879] Removing `backgroundWindow` reference used for determing system theme preference in Safari

* [PM-5879] Removing `backgroundWindow` reference used for determing system theme preference in Safari

* [PM-5743] Updating references to NodeJS.Timeout

* [PM-5743] Adding notification bar and overaly content scripts to the eslint excluded files key

* [PM-5743] Adding other excluded files from the eslint rule

* [PM-5743] Reworking implementation to have the .eslintrc.json file present within the browser subdirectory
2024-03-29 15:55:23 +00:00
Ike
3d19e3489c
[PM-5269] Key Connector state migration (#8327)
* key connector migration initial

* migrator complete

* fix dependencies

* finalized tests

* fix deps and sync main

* clean up definition file

* fixing tests

* fixed tests

* fixing CLI, Browser, Desktop builds

* fixed factory options

* reverting exports

* implemented UserKeyDefinition clearOn

* Update KeyConnector MIgration

* updated migrator and tests to match profile object

* removed unused service and updated clear

* dep fix

* dep fixes

* clear usesKeyConnector on logout
2024-03-28 12:50:24 -04:00
Matt Gibson
62ad39e697
Ps/pm 5965/better config polling (#8325)
* Create tracker that can await until expected observables are received.

* Test dates are almost equal

* Remove unused class method

* Allow for updating active account in accout service fake

* Correct observable tracker behavior

Clarify documentation

* Transition config service to state provider

Updates the config fetching behavior to be lazy and ensure that any emitted value has been updated if older than a configurable value (statically compiled).

If desired, config fetching can be ensured fresh through an async.

* Update calls to config service in DI and bootstrapping

* Migrate account server configs

* Fix global config fetching

* Test migration rollback

* Adhere to implementation naming convention

* Adhere to abstract class naming convention

* Complete config abstraction rename

* Remove unnecessary cli config service

* Fix builds

* Validate observable does not complete

* Use token service to determine authed or unauthed config pull

* Remove superfluous factory config

* Name describe blocks after the thing they test

* Remove implementation documentation

Unfortunately the experience when linking to external documentation is quite poor. Instead of following the link and retrieving docs, you get a link that can be clicked to take you out of context to the docs. No link _does_ retrieve docs, but lacks indication in the implementation that documentation exists at all.

On the balance, removing the link is the better experience.

* Fix storybook
2024-03-27 10:03:09 -07:00
Tom
e98d29d2c8
[PM-5593] Removing BrowserSendService from services (#8512)
* Removing send service from services, removed browser send, and pointed to send services

* Make linter happy

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-03-27 12:34:15 -04:00
Jared Snider
a66e224d32
Auth/PM-7072 - Token Service - Access Token Secure Storage Refactor (#8412)
* PM-5263 - TokenSvc - WIP on access token secure storage refactor

* PM-5263 - Add key generation svc to token svc.

* PM-5263 - TokenSvc - more progress on encrypt access token work.

* PM-5263 - TokenSvc TODO cleanup

* PM-5263 - TokenSvc - rename

* PM-5263 - TokenSvc - decryptAccess token must return null as that is a valid case.

* PM-5263 - Add EncryptSvc dep to TokenSvc

* PM-5263 - Add secure storage to token service

* PM-5263 - TokenSvc - (1) Finish implementing accessTokenKey stored in secure storage + encrypted access token stored on disk  (2) Remove no longer necessary migration flag as the presence of the accessTokenKey now serves the same purpose.

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* PM-5263 - TokenSvc - (1) Tweak return structure of decryptAccessToken to be more debuggable (2) Add TODO to add more error handling.

* PM-5263 - TODO: update tests

* PM-5263 - add temp logs

* PM-5263 - TokenSvc - remove logs now that I don't need them.

* fix tests for access token

* PM-5263 - TokenSvc test cleanup - small tweaks / cleanup

* PM-5263 - TokenService - per PR feedback from Justin - add error message to error message if possible.

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-03-26 18:41:14 -04:00
Justin Baur
f7014a973c
[PM-7071] Fallback to Emitting null When No Active User (#8486)
* Fallback to Emitting `null` When No Active User

* Fix Tests

* Update Test Names to Follow Convention

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix CLI Build

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2024-03-26 12:06:33 -04:00
Jake Fink
a46767dee2
add auth status to auth service (#8377)
* add auth status to auth service

* fix auth service factory
2024-03-26 13:56:20 +00:00
Oscar Hinton
e767295c86
[PM-5979] Refactor EnvironmentService (#8040)
Refactor environment service to emit a single observable. This required significant changes to how the environment service behaves and tackles much of the tech debt planned for it.
2024-03-21 09:09:44 -07:00
Jake Fink
2111b37c32
[PM-5404, PM-3518] Migrate user decryption options to new service (#7344)
* create new user decryption options service

* rename new service to user decryption options

* add hasMasterPassword to user decryption options service

* migrate device trust service to new user decryption options service

* add migration for user-decryption-options

* migrate sync service and calls to trust-device-service

* rename abstraction file

* migrate two factor component

* migrate two factor spec

* migrate sso component

* migrate set-password component

* migrate base login decryption component

* migrate organization options component

* fix component imports

* add missing imports
- remove state service calls
- add update user decryption options method

* remove acct decryption options from account

* lint

* fix tests and linting

* fix browser

* fix desktop

* add user decryption options service to cli

* remove default value from migration

* bump migration number

* fix merge conflict

* fix vault timeout settings

* fix cli

* more fixes

* add user decryption options service to deps of vault timeout settings service

* update login strategy service with user decryption options

* remove early return from sync bandaid for user decryption options

* move user decryption options service to lib/auth

* move user decryption options to libs/auth

* fix reference

* fix browser

* check user decryption options after 2fa check

* update migration and revert tsconfig changes

* add more documentation

* clear user decryption options on logout

* fix tests by creating helper for user decryption options

* fix tests

* pr feedback

* fix factory

* update migration

* add tests

* update missed migration num in test
2024-03-21 00:33:57 +00:00
Jonathan Prusik
13e1672c69
[PM-6658] Migrate disableFavicon to Domain Settings service and remove Settings service (#8333)
* add showFavicons to domain settings

* replace usages of disableFavicon with showFavicons via the domain settings service and remove/replace settings service

* create migration for disableFavicon

* cleanup
2024-03-19 10:14:49 +00:00