* [AC-1144] Added new messages for warning removing/revoking user without master password
* [AC-1144] Added property 'hasMasterPassword' to OrganizationUserUserDetailsResponse and OrganizationUserView
* [AC-1144] Added user's name to 'No master password' warning
* [AC-1144] Added property 'hasMasterPassword' to ProviderUserResponse
* [AC-1144] Added alert to bulk "remove/revoke users" action when a selected user has no master password
* [AC-1144] Moved 'noMasterPasswordConfirmationDialog' method to BasePeopleComponent
* [AC-1144] Removed await from noMasterPasswordConfirmationDialog
* [AC-1144] Changed ApiService.getProviderUser to output ProviderUserUserDetailsResponse
* [AC-1144] Added warning on removing a provider user without master password
* [AC-1144] Added "No Master password" warning to provider users
* [AC-1144] Added "no master password" warning when removing/revoking user in modal view
* [AC-1144] Reverted changes made to ProviderUsers
* [AC-1144] Converted showNoMasterPasswordWarning() into a property
* [AC-1144] Fixed issue when opening invite member modal
* fix: feature flags not working properly
Due to race conditions the api url is not set during the first fetch och server config. This causes the config to be fetched from `api.bitwarden.com`. The config is then supposed to be re-fetched when the api url is set by the environment service, but due to a missing line this is not done when the urls are set from storage.
* feat: change to `Observable<void>`
* Extract passwordStrength from passwordGenerationService
Extract passwordStrength from password-generation.service.ts
Create new password-strength.service.ts
Create new password-strength.service.abstraction.ts
Register new password-strength service
Fix usages in libs
* Fix usage in web
* Fix usage in desktop
* Fix usage in CLI
* Fix usage in browser
Move password-generation-factory to tools
* Fix tests
* Change dependency in jslib-services.module
* Defining the card brand according to its number
* Moving cardBrandByPatterns function to Card View
* Getting Card brand via cardBrandByPatterns function
* Changing cardBrandByPatterns method to static. See:
The reason being that someone wanting to use this outside of the onCardNumberChange would need to know to set the cc-number on the view-model before calling cardBrandByPatterns
* Defining the card brand according to its number on Desktop
* Defining the card brand according to its number on Web
* Added new forwarder (Forward Email <https://forwardemail.net>)
* fix: fixed Basic authorization header
* fix: fixed returned email value
* feat: added verbose message for end-users (e.g. "Not Found" vs. "Domain does not exist on your account." (automatically localized with i18n for user)
* fix: fixed Buffer.from to Utils.fromBufferToB64
* fix: fixed fromBufferToB64 to fromUtf8ToB64
* Remove try-catch to properly display api errors
---------
Co-authored-by: Daniel James Smith <djsmith@web.de>
* PM-2283 - Update config api service get server config call to send authed when we have an access token so that LaunchDarkly on the server can properly acquire user context.
* PM-2283- Replace token service with Auth service per PR feedback
* PM-2283 - Refactor config api service get authed status based on PR feedback.
* PM-2283 - Fix import issues due to platform folder creation and file moves
* Rename service-factory folder
* Move cryptographic service factories
* Move crypto models
* Move crypto services
* Move domain base class
* Platform code owners
* Move desktop log services
* Move log files
* Establish component library ownership
* Move background listeners
* Move background background
* Move localization to Platform
* Move browser alarms to Platform
* Move browser state to Platform
* Move CLI state to Platform
* Move Desktop native concerns to Platform
* Move flag and misc to Platform
* Lint fixes
* Move electron state to platform
* Move web state to Platform
* Move lib state to Platform
* Fix broken tests
* Rename interface to idiomatic TS
* `npm run prettier` 🤖
* Resolve review feedback
* Set platform as owners of web core and shared
* Expand moved services
* Fix test types
---------
Co-authored-by: Hinton <hinton@users.noreply.github.com>
* PM1378 - (1) Create state service methods for securely storing a device symmetric key while following existing pattern of DuckDuckGoKey generation (2) Create makeDeviceKey method on crypto service which leverages the new state service methods for storing the device key.
* PM-1378 - Document CSPRNG types w/ comments explaining what they are and when they should be used.
* PM-1378 - TODO to add tests for makeDeviceKey method
* PM-1378 - Create Devices API service for creating and updating device encrypted master keys + move models according to latest code standards ( I think)
* PM-1378 - TODO clean up - DeviceResponse properly moved next to device api service abstraction per ADR 0013
* PM-1378 - CryptoService makeDeviceKey test written
* PM-1378 - Tweak crypto service makeDeviceKey test to leverage a describe for the function to better group related code.
* PM-1378 - Move known devices call out of API service and into new devices-api.service and update all references. All clients building.
* PM-1378 - Comment clean up
* PM-1378 - Refactor out master key naming as that is a reserved specific key generated from the MP key derivation process + use same property on request object as back end.
* PM-1378 - Missed a use of master key
* PM-1378 - More abstraction updates to remove master key.
* PM-1378 - Convert crypto service makeDeviceKey into getDeviceKey method to consolidate service logic based on PR feedback
* PM-1378- Updating makeDeviceKey --> getDeviceKey tests to match updated code
* PM-1378 - Current work on updating establish trusted device logic in light of new encryption mechanisms (introduction of a device asymmetric key pair in order to allow for key rotation while maintaining trusted devices)
* PM-1378 - (1) CryptoService.TrustDevice() naming refactors (2) Lots of test additions and tweaks for trustDevice()
* PM-1378 - Updated TrustedDeviceKeysRequest names to be consistent across the client side board.
* PM-1378 - Move trusted device crypto service methods out of crypto service into new DeviceCryptoService for better single responsibility design
* PM-1378 - (1) Add getDeviceByIdentifier endpoint to devices api as will need it later (2) Update TrustedDeviceKeysRequest and DeviceResponse models to match latest server side generic encrypted key names
* PM-1378 - PR feedback fix - use JSDOC comments and move from abstraction to implementation
* PM-1378 - Per PR feedback, makeDeviceKey should be private - updated tests with workaround.
* PM-1378- Per PR feedback, refactored deviceKey to use partialKey dict so we can associate userId with specific device keys.
* PM-1378 - Replace deviceId with deviceIdentifier per PR feedback
* PM-1378 - Remove unnecessary createTrustedDeviceKey methods
* PM-1378 - Update device crypto service to leverage updateTrustedDeviceKeys + update tests
* PM-1378 - Update trustDevice logic - (1) Use getEncKey to get user symmetric key as it's the correct method and (2) Attempt to retrieve the userSymKey earlier on and short circuit if it is not found.
* PM-1378 - Replace deviceId with deviceIdentifier because they are not the same thing
* PM-1378 - Per PR feedback, (1) on web/browser extension, store device key in local storage under account.keys existing structure (2) on desktop, store deviceKey in secure storage. (3) Exempt account.keys.deviceKey from being cleared on account reset
* PM-1378 - Desktop testing revealed that I forgot to add userId existence and options reconciliation checks back
* PM-1378 - Per discussion with Jake, create DeviceKey custom type which is really just an opaque<SymmetricCryptoKey> so we can more easily differentiate between key types.
* PM-1378 - Update symmetric-crypto-key.ts opaque DeviceKey to properly setup Opaque type.
* PM-1378 - Fix wrong return type for getDeviceKey on DeviceCryptoServiceAbstraction per PR feedback
* [PM-169][PM-142][PM-191] Add Environments to Web and Desktop (#5294)
* [PM-1351] Add property to server-config.response. Change config to be able to fetch without being authed.
* [PM-1351] fetch every hour.
* [PM-1351] fetch on vault sync.
* [PM-1351] browser desktop fetch configs on sync complete.
* [PM-1351] Add methods to retrieve feature flags
* [PM-1351] Add enum to use as key to get values feature flag values
* [PM-1351] Remove debug code
* [PM-1351] Get flags when unauthed. Add enums as params. Hourly always fetch.
* [PM-1351] add check for authed user using auth service
* [PM-169] Web: add drop down to select environment
* [PM-169] Fix pop up menu margins. Add DisplayEuEnvironmentFlag.
* [PM-169] Change menu name.
* [PM-169] Add environment selector ts and html. Add declaration and import on login.module
* [PM-169] Add environment selector to desktop.
* [PM-169] Ignore lint error.
* [PM-169] add takeUntil to subscribes
* [PM-191] PR Fixes, code format
* [PM-168] Add Environments to extension login/registration (#5434)
* Return error code when any tsc typecheck fails
* Try with bash
`sh ./scripts/test-types.s` resulted in errors missing `[[`,
which is a bash builtin. It's possible the ubuntu runner is using
some other shell.
* Fix spec type errors
* Switch to node for Windows compatibility
* [AC-358] Add selfHostSubscriptionExpiration property to organization-subscription.response.ts
* [AC-358] Update selfHost org subscription template
- Replace "Subscription" with "SubscriptionExpiration"
- Add question mark help link
- Add helper text for grace period
- Add support for graceful fallback in case of missing grace period in subscription response
* Update libs/common/src/billing/models/response/organization-subscription.response.ts
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-358] Remove unnecessary hypen
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-358] Introduce SelfHostedOrganizationSubscription view
- Encapsulate expiration/grace period logic in the new view object.
- Remove API response getters from the angular component
- Replace the API response object with the new view
* [AC-358] Clarify name for new expiration without grace period field
* [AC-358] Update constructor parameter name
* [AC-358] Simplify new selfhost subscription view
- Make expiration date properties public
- Remove obsolete expiration date getters
- Update the component to use new properties
- Add helper to component for determining if the subscription should be rendered as expired (red text)
* [AC-358] Rename isExpired to isExpiredAndOutsideGracePeriod to be more explicit
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-1145] Add TDE feature flag
* [AC-1145] Update sso-config to use new member decryption type and remove keyConnectorEnabled
* [AC-1145] Add new TDE option to SSO config form and update to CL radio buttons
* [AC-1145] Update checkboxes to CL checkboxes
* [AC-1145] Fix messages.json warning
* [AC-1145] Update to new form async actions
* [AC-1145] Modify key connector option display logic to check for TDE feature flag
* [AC-1145] Remove obsolete app-checkbox component
* [AC-1145] Update TDE option description to refer to master password reset policy
* PM-1196- First draft of solution for solving SSO login with email 2FA not working; this is a working solution but we need to leverage it to build a better solution with a different server generated token vs a OTP.
* PM-1196 - Swap from OTP to SSO Email 2FA session token. Working now, but going to revisit whether or not email should come down from the server. Need to clean up the commented out items if we decide email stays encrypted in the session token.
* PM-1196 - Email needs to come down from server after SSO in order to flow through to the 2FA comp and be sent to the server
* PM-1196 - For email 2FA, if the email is no longer available due to the auth service 2 min expiration clearing the auth state, then we need to show a message explaining that (same message as when a OTP is submitted after expiration) vs actually sending the request without an email and getting a validation error from the server
* PM-1196 - (1) Make optional properties optional (2) Update tests to pass (3) Add new test for Email 2FA having additional auth result information
* PM-1196 - Remove unnecessary optional chaining operator b/c I go my wires crossed on how it works and the login strategy is not going to be null or undefined...
* updated low ksf iterations warning
* Removed test implementation
* Removed unused translation and updated key
* Enabled low kdf on this branch for testing
* Removed duplicate showKdf initialiazation
* [PM-1700] Put KDF warning behind a LaunchDarkly Feature Flag (#5308)
* Added feature flag for low kdf iteration
* Added feature flag implementation to component
* Renamed feature flag to align with what is setup on LaunchDarkly
This PR introduces a generic `DialogService` which can be used by all the clients. This allows us to decouple dialogs from the `PlatformUtilsHelper`.
The `DialogService` provides a new method, `openSimpleDialog` which is the new interface for that type of dialogs.
This gives us 3 different implementations:
- Web: DialogService modern dialogs
- Browser: SweetAlert
- Desktop: Native electron based
* Add disableFavicon$ to stateService
* Change IconComponent's ChangeDetectionStrategy and use disableFavicon$ observable
* Only get first result from disableFavicon observable
* Move disabledFavicon$ to SettingsService
* Update usage of disableFavicon to use SettingsService
* Remove getting and setting of disabledFavicon on login
* Settings service observable adjustments
* Fix for popup initially having a null value for the disableFavicon setting in settingsService
* Move disabledFavicon$ subscription to ngOnInit
* feat: experiment with observables
* Remove SettingsService from browser app component
* Fix storybook changes
* Update apps/web/src/app/vault/components/vault-items/vault-items.stories.ts
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* Fix mock function signature
---------
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>