* refactor PolicyService.getAll$ to make userId not optional
* add fix to browser
* fix test to read from mock singleUserState
* remove nested pipes, cleanup
* [deps] Platform: Update electron to v34
* Update electron-builder.json electron version
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
Migrates the following components to not use bootstrap.
- apps/web/src/app/components/environment-selector/environment-selector.component.html
- apps/web/src/app/layouts/frontend-layout.component.html
- apps/web/src/app/layouts/org-switcher/org-switcher.component.html
- apps/web/src/app/settings/domain-rules.component.html
- bitwarden_license/bit-web/src/app/secrets-manager/projects/project/project-secrets.component.html
- bitwarden_license/bit-web/src/app/secrets-manager/settings/porting/sm-import.component.html
* create service to load sdk on application init
* Eagerly load CLI SDK
* Remove wasm logging to api
* Fix imports
* Eagerly load Desktop renderer SDK
Note: If the main process ever requires an SDK, we'll need to load it there, too.
In that event, it's probably a good idea to move to IPC for all SDK functions to avoid
loading the SDK for every window.
* init wasm module from sdk load service
* Use default client factory
* Fix type imports
* Resolve jest module import errors
A CLI sdk load service that async imports our wasm binary doesn't seem to be needed to run, but jest isn't dealing with the ESM import properly.
* Fix linting
* remove example code
Add device verification flow that requires users to enter an OTP when logging in from an unrecognized device. This includes:
- New device verification route and guard
- Email OTP verification component
- Authentication timeout handling
PM-8221
* send the user back to vault after deleting from edit view
* [PM-17443] Navigation After Deletion (#13023)
* navigate to vault tab after cipher deletion
---------
Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
* [PM-15506] Wire up vNextOrganizationService for libs/common and libs/angular (#12683)
* Wire up vNextOrganizationService in PolicyService
* Wire vNextOrganizationService in SyncService
* wire vNextOrganizationService for EventCollectionService
* wire vNextOrganizationService for KeyConnectorService
* wire up vNextOrganizationService for CipherAuthorizationService
* Wire up vNextOrganizationService in PolicyService
* Wire vNextOrganizationService in SyncService
* wire vNextOrganizationService for EventCollectionService
* wire vNextOrganizationService for KeyConnectorService
* wire up vNextOrganizationService for CipherAuthorizationService
* wire vNextOrganizationService for share.component
* wire vNextOrganizationService for collections.component
* wire vNextOrganizationServcie for add-account-credit-dialog
* wire vNextOrganizationService for vault-filter.service
* fix browser errors for vNextOrganizationService implementation in libs
* fix desktop errors for vNextOrganizationService implementation for libs
* fix linter errors
* fix CLI errors on vNextOrganizationServcie implementations for libs
* [PM-15506] Wire up vNextOrganizationService for web client (#12810)
PR to a feature branch, no need to review until this goes to main.
* implement vNextOrganization service for browser client (#12844)
PR to feature branch, no need for review yet.
* wire vNextOrganizationService for licence and some web router guards
* wire vNextOrganizationService in tests
* remove vNext notation for OrganizationService and related
* Merge branch 'main' into ac/pm-15506-vNextOrganizationService
* fix tsstrict error
* fix test, fix ts strict error
* Modify Edge and Chrome artifacts to build Mv3 version to mimic Chrome
* Added back the Mv3 scripts so that workflows run on the PR will pass
* Removed unused Mv3 scripts
* Added back Opera
* remove todo
* Retrieve cache cipher for add-edit form
* user prefilled cipher for add-edit form
* add listener for clearing view cache
* clear local cache when clearing global state
* track initial value of cache for down stream logic that should only occur on non-cached values
* add feature flag for edit form persistence
* add tests for cipher form cache service
* fix optional initialValues
* add services to cipher form storybook
* fix strict types
* rename variables to be platform agnostic
* use deconstructed collectionIds variable to avoid them be overwritten
* use the originalCipherView for initial values
* add comment about signal equality
* prevent events from being emitted when adding uris to the existing form
- This stops other values from being overwrote in the initialization process
* add check for cached cipher when adding initial uris
* Fix biometrics unlock window being empty
* Add trust on sensitive action
* Add dialog for outdated desktop app and fix spelling
* Use updated fingerprint method
* Refactor connected app trust
* Move connected apps to ephemeral value store and show error on outdated browser
* Move trust logic to only occur when fingerprint setting is enabled
* Add more tests
* Simplify code
* Update ephemeral value list call to "listEphemeralValueKeys"
* Fix trust being ignored
* add restore function to vault item dialog
* update comment
* revert removing of delete button
* use canDeleteCipher$
* put canRestore in class property
* set showRestore after canDeleteCipher is set
* don't allow restore for 'edit except password' permission
* show login credentials if only passkey is present
* Revert "show login credentials if only passkey is present"
This reverts commit dc2f2367c2.
* Update Figma links
updated existing Figma links to point to the new file and added Figma links to components missing them
* Added last missing Figma links
Extract core functionality from `libs/angular` to allow teams to depend on `libs/ui-common` instead.
Moves the following functionality to `ui-common`.
- `I18nPipe`. `libs/angular` still has an old copy but `components` depends on the new variant from `ui-common`.
- `safeProvider`, `SafeProvider` and `SafeInjectionToken`. `libs/angular`re-exports these to avoid needing to update all consumers.
* Remove LP fileless importer
- Remove content scripts
- Remove additions to message handlers and notifcation queue
- Remove UI elements for the importer
- Remove the actual importer code
- Remove unsued keys from en/messages.json
Remove feature flag "browser-fileless-
import"
Update webpack.config and manifest files to no longer include content scripts
* Move feature flag idp-auto-submit-login under autofill grouping
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [COMMUNITY] Debounce requestIdleCallback a single time every 100ms, as opposed to call requestIdleCallback on debounce method
Potential fix for #12031
* [COMMUNITY] Fixing broken jest mock of the debounce utils method
* [COMMUNITY] Fixing broken jest mock of the debounce utils method
* [COMMUNITY] Fixing broken jest mock of the debounce utils method
* PM-14051 -initial storybook set up
-Initial stories and folder structure
* clean up typing on existing stories
* add icons file
* assign packages to autofill
* row stories
* row storiescd
* -change file nnames to avoid rendering in main storybook instance - fix folder structure to set prep for doc creation
* remove babel loader
* -fix folder structure -add new package json -edit main to correct ts-config path
* edit package name
* Fix biometrics not working in firefox or windows
* Remove logs
* Update badge after biometric unlock
* Add removal todo note
* Remove debug logging
* Fix type warnings
* Fix userkey typing in background biometrics service
* Simplify types for userkey in foreground-browser-biometrics and runtime.background.ts
* Add process reload logging
* Fix autoprompt not working when no process reload happened
* Fix biometric unlock badge in mv2
* Fix instant reprompt on firefox lock
* Remove biometrics autoprompt on firefox (#12856)
This is due to missing await before process reload, triggered by lock, effectively disabling the biometrics auto prompt on safari.
This should be detected by eslint, but due to misconfiguration, nothing was reported. Also fixed two other missing awaits on biometrics unlock.
* Org at risk members click on the card
* Fixing at risk member counts
* At risk member text modification
* Changing ok button to close
* PM-16891 added a dialog for at risk apps
* PM-16891 fixing order of imports (linting error)
* PM-16891 updated PR comments
---------
Co-authored-by: Tom <ttalty@bitwarden.com>
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
* Fix biometrics not working in firefox or windows
* Remove logs
* Update badge after biometric unlock
* Add removal todo note
* Remove debug logging
* Fix type warnings
* Fix userkey typing in background biometrics service
* Simplify types for userkey in foreground-browser-biometrics and runtime.background.ts
* Add process reload logging
* Fix autoprompt not working when no process reload happened
* Fix instant reprompt on firefox lock
* Fix biometrics enabling error on chrome
* Update apps/browser/src/key-management/biometrics/foreground-browser-biometrics.ts
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* FIx build & linting
---------
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* [deps] SM: Update typescript-eslint monorepo to v8
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Fix biometrics not working in firefox or windows
* Remove logs
* Update badge after biometric unlock
* Add removal todo note
* Remove debug logging
* Fix type warnings
* Fix userkey typing in background biometrics service
* Simplify types for userkey in foreground-browser-biometrics and runtime.background.ts
* update menu and button position for multi-input totp
* update test to better handle breaking changes
* fix sizing bug by filtering duplicate opid fields
* update getTotpFields usage
* revert private changes per feedback
* Update apps/browser/src/autofill/utils/index.ts with positive fucntion
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
* fix type and update rectNotZero function
---------
Co-authored-by: Evan Bassler <evanbassler@EvanBasslersMBP.attlocal.net>
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
Co-authored-by: Evan Bassler <evanbassler@Mac.attlocal.net>
* Revert "remove vault component presentational updates"
This reverts commit fe40dd8464.
* update vault popup autofill service to enable moving state closer to blocked domain component callsites
* hide autofill actions from suggestions if the current tab location is on the blocklist
* update autofill suggestions section title
* update blocked domain section indicator tooltip message
* create and use blocked-injection-banner component
* update blocked URI banner with deeplink to settings
* remove blocked URI indicator for suggestions section
* fix suggested items showing cipher external link button
* fix message catalog updates
* move currentURIIsBlocked state fetching into VaultListItemsContainerComponent
* leverage shareReplay caching for new state additions to VaultPopupAutofillService
* have blocked-injection-banner component consume observable rather than init value
* fix tests
* use observables in the vault-list-items-container template
* PM-16947 - JsLibServices - register default DefaultLoginApprovalComponentService
* PM-16947 - DeviceResponse - add interface for DevicePendingAuthRequest
* PM-16947 - Web translations - migrate all LoginApprovalComponent translations from desktop to web
* PM-16947 - LoginApprovalComp - (1) Add loading state (2) Refactor to return proper boolean results (3) Don't create race condition by trying to respond to the close event in the dialog and re-sending responses upon approve or deny click
* PM-16947 - DeviceManagementComponent - added support for approving and denying auth requests.
* PM-16947 - LoginApprovalComp - Add validation error
* PM-16947 - LoginApprovalComponent - remove validation service for now.
* PM-16947 - Re add validation
* PM-16947 - Fix LoginApprovalComponent tests
* Fix biometrics button showing up when biometrics is not enabled
* Fix tests
* Fix timeout when desktop app is not started
* Update comments for legacy biometrics removal
* [PM-5718] Fix totp generation for free orgs in old add-edit component
* [PM-5718] Fix totp generation for free orgs in view cipher view component
* [PM-5718] Cleanup merge conflicts
* Don't generate totp code for premium users or free orgs
* Added redirect to organization helper page
* Changed text to learn more
* Only show upgrade message to premium users
* Show upgrade message to free users with free orgs as well
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* adjust generator dialog buttons to match browser extension UI
* put dialog label into generator config
* fix types. remove i18n key
* use event emitted pattern for getting algorithm config
* favor arrow function
* move function call
* append key to i18n prop
* fix test
* Migrated banner service from using active user state
* Fixed unit tests for the vault banner service
* Updated component to pass user id required by the banner service
* Updated component tests
* Added comments
* Fixed unit tests
* Updated vault banner service to use lastSync$ version and removed polling
* Updated to use UserDecryptionOptions
* Updated to use getKdfConfig$
* Updated shouldShowVerifyEmailBanner to use account observable
* Added takewhile operator to only make calls when userId is present
* Simplified to use sing userId
* Simplified to use sing userId
* [PM-16098] Add decryptionFailure flag to CipherView
* [PM-16098] Add failedToDecryptCiphers$ observable to CipherService
* [PM-16098] Introduce decryption-failure-dialog.component
* [PM-16098] Disable cipher rows for the Web Vault
* [PM-16098] Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher
* [PM-16098] Browser - Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher
* [PM-16098] Desktop - Show decryption error dialog on vault load or when attempting to view a corrupted cipher. Remove edit/clone context menu options and footer actions.
* [PM-16098] Add CS link to decryption failure dialog
* [PM-16098] Return cipherViews and move filtering of isDeleted to consumers
* [PM-16098] Throw an error when retrieving cipher data for key rotation when a decryption failure is present
* [PM-16098] Properly filter out deleted, corrupted ciphers when showing dialog within the Vault
* [PM-16098] Show the decryption error dialog when attempting to view a cipher in trash and disable the restore option
* [PM-16098] Exclude failed to decrypt ciphers from getAllDecrypted method and cipherViews$ observable
* [PM-16098] Avoid re-sorting remainingCiphers$ as it was redundant
* [PM-16098] Update tests
* [PM-16098] Prevent opening view dialog in AC for corrupted ciphers
* [PM-16098] Remove withLatestFrom operator that was causing race conditions when navigating away from the individual vault
* [PM-16098] Ensure decryption error dialog is only shown once on Desktop when switching accounts
Adds a device management tab under settings -> security that allows users to:
- View and manage their account's connected devices
- Remove/deactivate devices
- See device details like platform, last login, and trust status
- Sort and filter device list with virtual scrolling
Resolves PM-1214
* update code owners
* Move lock component v2 to KM
* Add @bitwarden/key-management/angular to tsconfigs
* Move lock component service to KM
* Move lock component v1 to KM
* Update imports
* Move into @bitwarden/key-management
* Revert "Move into @bitwarden/key-management"
This reverts commit b7514fb8c2.
* Add to tsconfig.libs
* add disabledInteractionsUris state to the domain settings service
* add routes and ui for user disabledInteractionsUris state management
* use disabled URIs service state as a preemptive conditon to injecting content scripts
* move disabled domains navigation button from account security settings to autofill settings
* update disabled domain terminology to blocked domain terminology
* update copy
* handle blocked domains initializing with null value
* add dismissable banner to the vault view when the active autofill tab is on the blocked domains list
* add autofill blocked domain indicators to autofill suggestions section header
* add BlockBrowserInjectionsByDomain feature flag and put feature behind it
* update router config to new style
* update tests and cleanup
* use full-width-notice slot for domain script injection blocked banner
* convert thrown error on content script injection block to a warning and early return
* simplify and enspeeden state resolution for blockedInteractionsUris
* refactor feature flag state fetching and update tests
* document domain settings service
* remove vault component presentational updates
* Remove v1 code for Tab/Vault Part 2
* Removal conditional for assign-collections
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* add fixed width to vault list icon
* justify start
* don't display totp capture when in popout
* Revert "don't display totp capture when in popout"
This reverts commit f50b0a6caf.
* use new generator components in desktop app
* add generator to export
* add TODO comment
* use app-specific component
* use vault-owned generator component
* use CipherFormGeneratorComponent
* rename to dialog component. reference ticket number in comment
* use static method for opening dialog
* Remove v1 account security settings
Delete v1 component
Remove conditional routing based on extension refresh feature flag
* Remove unused import
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Migrated folder service from using active user state to single user state
Added extra test cases for encrypted folder and decrypted folders
Updated derived state to use decrypt with key
* Update callers in the web
* Update callers in the browser
* Update callers in libs
* Update callers in cli
* Fixed test
* Fixed folder state test
* Fixed test
* removed duplicate activeUserId
* Added takewhile operator to only make calls when userId is present
* Simplified to accept a single user id instead of an observable
* Required userid to be passed from notification service
* [PM-15635] Folders not working on desktop (#12333)
* Added folders memory state definition
* added decrypted folders state
* Refactored service to remove derived state
* removed combinedstate and added clear decrypted folders to methods
* Fixed test
* Fixed issue with editing folder on the desktop app
* Fixed test
* Changed state name
* fixed ts strict issue
* fixed ts strict issue
* fixed ts strict issue
* removed unnecessasry null encrypteed folder check
* Handle null folderdata
* [PM-16197] "Items with No Folder" shows as a folder to edit name and delete (#12470)
* Force redcryption anytime encryption state changes
* Fixed text file
* revert changes
* create new object with nofolder instead of modifying exisiting object
* Fixed failing test
* switched to use memory-large-object
* Fixed ts sctrict issue
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
On https://github.com/bitwarden/clients/pull/12326 I refactored and
extended a bit of special case logic for process reloads on Safari. This
appears to have caused a regression, and I think it's because I didn't
return from the function when Safari reloads. This makes it still call
`chrome.runtime.reload()`, which makes Safari send an "install" event,
which leads to our extension opening it's Getting Started page.
This commit returns after the location reload in Safari. This is tricky
to test locally as the issue does not appear with sideloaded apps. I'll
test it with Testflight!
* [DEVOPS-1424] Changes to support hardening on the Mac desktop app
* Remove unsigned memory exception
* Remove exceptions from the local (non-MAS) mac builds as well
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Changes for the reseller alert
* Resolve the null error
* Refactor the reseller service
* Fix the a failing test due to null date
* Fix the No overload matches error
* Resolve the null error
* Resolve the null error
* Resolve the null error
* Change the date format
* Remove unwanted comment
* Refactor changes
* Add the feature flag
* Remove lowercasing of View page headers
* Remove lowercasing of Add/edit page headers
* Remove lowercasing of Web ViewAdd/edit page headers
* Fix tests
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* enhancement: UI for multiple totp elements
* add tests
* update snapshots
* update obsolete snapshots
* PM-15593
- Added conditional statement for text displayed in the totp code span
- Added styling to the returned text
* remove method, hard code string.
* PM-15593
- Added getFilteredCiphersForTotpField method
- Implemented getFilteredCiphersForTotpField on update list method
- Updated tests to not always have a top field
* account for no totp code ciphers in totp fields
* Remove Send grouping, type and state
* Delete Send list and add-edit
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove v1 generator, generator history page and extension refresh conditional routing
* Remove unused keys from en/messages.json
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
This PR deletes the legacy lock components from the Angular clients and also removes feature flag control from the routing. The lock component will now be based entirely on the new, recently refreshed LockComponent in libs/auth/angular.
* Remove conditional routing for new vault page (header/footer)
Redirect tabs/current to tabs/vault (new home)
* Remove unused TabsComponent
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Run clippy and rustfmt on CI
* Error on warnings and fix a couple of missed lints
* Move import inside function
* Fix unix lints
* Fix windows lints
* Missed some async tests
* Remove unneeded reference
* force viewOnly to be true for emergency access
* add input to hide password history, applicable when the view is used from emergency view
* add extension refresh version of the emergency view dialog
* allow emergency access to view password history
- `ViewPasswordHistoryService` accepts a cipher id or CipherView. When a CipherView is included, the history component no longer has to fetch the cipher.
* remove unused comments
* Add fixme comment for removing non-extension refresh code
* refactor password history component to accept a full cipher view
- Remove the option to pass in only an id
* starting
* setup first page for new device verification notice
* update designs for first page. rename components and files
* added second page for new device verification notice
* update notice page one with bit radio buttons. routing logic. user email
* updated routing for new device verification notice to show before vault based on flags, and can navigate back to vault after submission
* fix translations. added remind me later link and nav to page 2
* sync the design for mobile and web
* update routes in desktop
* updated styles for desktop
* moved new device verification notice guard
* update types for new device notice page one
* add null check to page one
* types
* types for page one, page two, service, and guard
* types
* update component and guard for null check
* add navigation to two step login btn and account email btn
* remove empty file
* update fill of icons to support light & dark modes
* add question mark to email access verification copy
* remove unused map
* use links for navigation elements
- an empty href is needed so the links are keyboard accessible
* remove clip path from exclamation svg
- No noticeable difference in the end result
* inline email message into markup
---------
Co-authored-by: Nick Krantz <nick@livefront.com>
* Adding more test cases
* Removing unnecessary file
* Test cases update
* Adding the fixme for strict types
* moving the fixme
* add risk insight data service and wire up components to it
* hook up all applications to risk insights report service. add loading state
* link up remaining props to risk insight report
* wire up children to risk insight data service
* add missing copy. remove loading state from risk insights
* fix types
* fix DI issue
* remove @Injectable from RiskInsightsDataService
---------
Co-authored-by: Tom <ttalty@bitwarden.com>
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
