1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-30 13:03:53 +01:00
Commit Graph

282 Commits

Author SHA1 Message Date
Jacob Fink
91ac281da0
migrate login strategies to new key model
- decrypt and set user symmetric key if Master Key is available
- rename keys where applicable
- update unit tests
2023-06-19 09:46:06 -04:00
Jacob Fink
82bc7662a1
update collection service to use new crypto service 2023-06-19 09:42:54 -04:00
Jacob Fink
46abba2135
update vault timeout service with new crypto service 2023-06-19 09:42:54 -04:00
Jacob Fink
ffc23bfcdb
update password generation service to use new crypto service 2023-06-19 09:42:54 -04:00
Jacob Fink
7a037724d5
update cipher service to use new crypto service 2023-06-19 09:42:54 -04:00
Jacob Fink
7d8c4a430a
update folder service to use new crypto service methods 2023-06-19 09:42:53 -04:00
Jacob Fink
3452e39b9d
update send service to use new crypto service methods 2023-06-19 09:42:53 -04:00
Jacob Fink
076ab184fd
update sync service to use new crypto service methods 2023-06-19 09:42:53 -04:00
Jacob Fink
f466c91469
update auth service to use new crypto service 2023-06-19 09:42:52 -04:00
Jacob Fink
4772166e83
separate the user key in memory from user keys in storage 2023-06-19 09:42:51 -04:00
Jacob Fink
f0438e5dd2
add setUserSymKeyMasterKey so we can set the encrypted user sym key from server 2023-06-19 09:42:51 -04:00
Jacob Fink
c7feae6238
add type to parameter of setUserKey in abstraction of crypto service 2023-06-19 09:42:50 -04:00
Jacob Fink
820c71d1a1
update makeKeyPair on crypto service to be generic 2023-06-19 09:42:50 -04:00
Jacob Fink
6dc454e5e7
add decryption with MasterKey method to crypto service 2023-06-19 09:42:02 -04:00
Jacob Fink
acd3ef2204
remove provided key from getKeyForUserEncryption 2023-06-19 09:42:01 -04:00
Jacob Fink
4ce2a17ea4
Begin refactor of crypto service to support new key structure 2023-06-19 09:42:01 -04:00
Jacob Fink
bc4b3f3d74
add storage for master key encrypted user symmetric key 2023-06-19 09:35:51 -04:00
Jacob Fink
702dfb7eaf
add new storage to replace MasterKey with UserSymKey 2023-06-19 09:35:50 -04:00
Rui Tomé
d3d17f1496
[AC-1144] Warn admins when removing or revoking users without master password (#5494)
* [AC-1144] Added new messages for warning removing/revoking user without master password

* [AC-1144] Added property 'hasMasterPassword' to OrganizationUserUserDetailsResponse and OrganizationUserView

* [AC-1144] Added user's name to 'No master password' warning

* [AC-1144] Added property 'hasMasterPassword' to ProviderUserResponse

* [AC-1144] Added alert to bulk "remove/revoke users" action when a selected user has no master password

* [AC-1144] Moved 'noMasterPasswordConfirmationDialog' method to BasePeopleComponent

* [AC-1144] Removed await from noMasterPasswordConfirmationDialog

* [AC-1144] Changed ApiService.getProviderUser to output ProviderUserUserDetailsResponse

* [AC-1144] Added warning on removing a provider user without master password

* [AC-1144] Added "No Master password" warning to provider users

* [AC-1144] Added "no master password" warning when removing/revoking user in modal view

* [AC-1144] Reverted changes made to ProviderUsers

* [AC-1144] Converted showNoMasterPasswordWarning() into a property

* [AC-1144] Fixed issue when opening invite member modal
2023-06-16 16:38:55 +01:00
André Bispo
1052f00b87
[PM-2475][PM-2536] Clicking "US" in region selector sets base URL (#5604) 2023-06-16 14:09:16 +01:00
Vincent Salucci
5cd51374d7
[AC-1416] Expose Organization Fingerprint (#5557)
* refactor: change getFingerprint param to fingerprintMaterial, refs PM-1522

* feat: generate and show fingerprint for organization (WIP), refs AC-1416

* feat: update legacy params subscription to best practice (WIP), refs AC-1461

* refactor: update to use reactive forms, refs AC-1416

* refactor: remove boostrap specific classes and update to component library paradigms, refs AC-1416

* refactor: remove boostrap specific classes and update to component library paradigms, refs AC-1416

* refactor: create shared fingerprint component to redude boilerplate for settings fingerprint views, refs AC-1416

* refactor: use grid to emulate col-6 and remove unnecessary theme extensions, refs AC-1416

* refactor: remove negative margin and clean up extra divs, refs AC-1416

* [AC-1431] Add missing UserVerificationModule import (#5555)

* [PM-2238] Add nord and solarize themes (#5491)

* Fix simple configurable dialog stories (#5560)

* chore(deps): update bitwarden/gh-actions digest to 72594be (#5523)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* refactor: remove extra div leftover from card-body class, refs AC-1416

* refactor: use bitTypography for headers, refs AC-1416

* fix: update crypto service abstraction path, refs AC-1416

* refactor: remove try/catch on handler, remove bootstrap class, update api chaining in observable, refs AC-1416

* fix: replace faulty combineLatest logic, refs AC-1416

* refactor: simplify observable logic again, refs AC-1416

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-15 21:03:48 -05:00
Daniel Chateau
9ed59c6fa9
Update request headers sent to AnonAddy API. (#5565) 2023-06-14 22:59:29 +02:00
Robyn MacCallum
2b65b3f0f7
[AC-1383] Move collections to Vault (#5424)
* Move CollectionDialog to Vault

* Fix CollectionDialogModule imports

* Move CollectionAdminService and View to Vault

* Move CollectionService to Vault

* Split GroupService into internal and public facing classes

* Move collection models to vault

* lint spacing fix

* Move collection spec file

* Fix spec import

* Update apps/web/src/app/core/core.module.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Remove CoreOrganizationModule from CollectionDialogModule

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-06-14 08:38:24 -04:00
Andreas Coroiu
37010a6414
[PM-2642] Fix feature flags not working properly when urls load from storage (#5598)
* fix: feature flags not working properly

Due to race conditions the api url is not set during the first fetch och server config. This causes the config to be fetched from `api.bitwarden.com`. The config is then supposed to be re-fetched when the api url is set by the environment service, but due to a missing line this is not done when the urls are set from storage.

* feat: change to `Observable<void>`
2023-06-14 14:10:39 +02:00
Daniel James Smith
3b708d9311
Remove try-catch to display proper api-errors (#5570) 2023-06-14 11:28:32 +02:00
Daniel James Smith
72a5ba455c
[PM-2367] [BEEEP]: Extract password strength from password-generation-service (#5502)
* Extract passwordStrength from passwordGenerationService

Extract passwordStrength from password-generation.service.ts
Create new password-strength.service.ts
Create new password-strength.service.abstraction.ts
Register new password-strength service
Fix usages in libs

* Fix usage in web

* Fix usage in desktop

* Fix usage in CLI

* Fix usage in browser

Move password-generation-factory to tools

* Fix tests

* Change dependency in jslib-services.module
2023-06-13 23:22:25 +02:00
Thomas Rittson
22caae116c
Restrict angular imports (#5597)
* Refactor restricted imports eslint rule, add angular deps

* Move FormValidationErrorsService into libs/angular

* Remove angular decorators from configService

* Remove angular decorator from anonymousHubService
2023-06-13 10:03:32 +10:00
Thales Augusto
c70d67bad3
[PM-1823] Defining the card brand according to its number (#5204)
* Defining the card brand according to its number

* Moving cardBrandByPatterns function to Card View

* Getting Card brand via cardBrandByPatterns function

* Changing cardBrandByPatterns method to static. See:
The reason being that someone wanting to use this outside of the onCardNumberChange would need to know to set the cc-number on the view-model before calling cardBrandByPatterns

* Defining the card brand according to its number on Desktop

* Defining the card brand according to its number on Web
2023-06-09 20:44:33 +02:00
Daniel James Smith
ab260a3653
Fix broken import of misc/utils (#5586) 2023-06-09 11:12:20 +02:00
titanism
d18b45a87e
[PM-1060] Added new forwarder (Forward Email <https://forwardemail.net>) (#4809)
* Added new forwarder (Forward Email <https://forwardemail.net>)

* fix: fixed Basic authorization header

* fix: fixed returned email value

* feat: added verbose message for end-users (e.g. "Not Found" vs. "Domain does not exist on your account." (automatically localized with i18n for user)

* fix: fixed Buffer.from to Utils.fromBufferToB64

* fix: fixed fromBufferToB64 to fromUtf8ToB64

* Remove try-catch to properly display api errors

---------

Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-06-09 09:55:12 +02:00
Jared Snider
806bd8d039
Tech-Debt - [PM-2283] - Update ConfigApiService getServerConfig call to send access token if it exists (#5464)
* PM-2283 - Update config api service get server config call to send authed when we have an access token so that LaunchDarkly on the server can properly acquire user context.

* PM-2283- Replace token service with Auth service per PR feedback

* PM-2283 - Refactor config api service get authed status based on PR feedback.

* PM-2283 - Fix import issues due to platform folder creation and file moves
2023-06-07 17:47:30 -04:00
Matt Gibson
78248db590
Platform/pm 19/platform team file moves (#5460)
* Rename service-factory folder

* Move cryptographic service factories

* Move crypto models

* Move crypto services

* Move domain base class

* Platform code owners

* Move desktop log services

* Move log files

* Establish component library ownership

* Move background listeners

* Move background background

* Move localization to Platform

* Move browser alarms to Platform

* Move browser state to Platform

* Move CLI state to Platform

* Move Desktop native concerns to Platform

* Move flag and misc to Platform

* Lint fixes

* Move electron state to platform

* Move web state to Platform

* Move lib state to Platform

* Fix broken tests

* Rename interface to idiomatic TS

* `npm run prettier` 🤖

* Resolve review feedback

* Set platform as owners of web core and shared

* Expand moved services

* Fix test types

---------

Co-authored-by: Hinton <hinton@users.noreply.github.com>
2023-06-06 15:34:53 -05:00
Jared Snider
0fcfe883b5
Feature/[PM-1378] - Trusted Device Encryption - Establish trust logic for all clients (#5339)
* PM1378 - (1) Create state service methods for securely storing a device symmetric key while following existing pattern of DuckDuckGoKey generation (2) Create makeDeviceKey method on crypto service which leverages the new state service methods for storing the device key.

* PM-1378 - Document CSPRNG types w/ comments explaining what they are and when they should be used.

* PM-1378 - TODO to add tests for makeDeviceKey method

* PM-1378 - Create Devices API service for creating and updating device encrypted master keys + move models according to latest code standards ( I think)

* PM-1378 - TODO clean up - DeviceResponse properly moved next to device api service abstraction per ADR 0013

* PM-1378 - CryptoService makeDeviceKey test written

* PM-1378 - Tweak crypto service makeDeviceKey test to leverage a describe for the function to better group related code.

* PM-1378 - Move known devices call out of API service and into new devices-api.service and update all references. All clients building.

* PM-1378 - Comment clean up

* PM-1378 - Refactor out master key naming as that is a reserved specific key generated from the MP key derivation process + use same property on request object as back end.

* PM-1378 - Missed a use of master key

* PM-1378 - More abstraction updates to remove master key.

* PM-1378 - Convert crypto service makeDeviceKey into getDeviceKey method to consolidate service logic based on PR feedback

* PM-1378- Updating makeDeviceKey --> getDeviceKey tests to match updated code

* PM-1378 - Current work on updating establish trusted device logic in light of new encryption mechanisms (introduction of a device asymmetric key pair in order to allow for key rotation while maintaining trusted devices)

* PM-1378 - (1) CryptoService.TrustDevice() naming refactors (2) Lots of test additions and tweaks for trustDevice()

* PM-1378 - Updated TrustedDeviceKeysRequest names to be consistent across the client side board.

* PM-1378 - Move trusted device crypto service methods out of crypto service into new DeviceCryptoService for better single responsibility design

* PM-1378 - (1) Add getDeviceByIdentifier endpoint to devices api as will need it later (2) Update TrustedDeviceKeysRequest and DeviceResponse models to match latest server side generic encrypted key names

* PM-1378 - PR feedback fix - use JSDOC comments and move from abstraction to implementation

* PM-1378 - Per PR feedback, makeDeviceKey should be private - updated tests with workaround.

* PM-1378- Per PR feedback, refactored deviceKey to use partialKey dict so we can associate userId with specific device keys.

* PM-1378 - Replace deviceId with deviceIdentifier per PR feedback

* PM-1378 - Remove unnecessary createTrustedDeviceKey methods

* PM-1378 - Update device crypto service to leverage updateTrustedDeviceKeys + update tests

* PM-1378 - Update trustDevice logic - (1) Use getEncKey to get user symmetric key as it's the correct method and (2) Attempt to retrieve the userSymKey earlier on and short circuit if it is not found.

* PM-1378 - Replace deviceId with deviceIdentifier because they are not the same thing

* PM-1378 - Per PR feedback, (1) on web/browser extension, store device key in local storage under account.keys existing structure (2) on desktop, store deviceKey in secure storage. (3) Exempt account.keys.deviceKey from being cleared on account reset

* PM-1378 - Desktop testing revealed that I forgot to add userId existence and options reconciliation checks back

* PM-1378 - Per discussion with Jake, create DeviceKey custom type which is really just an opaque<SymmetricCryptoKey> so we can more easily differentiate between key types.

* PM-1378 - Update symmetric-crypto-key.ts opaque DeviceKey to properly setup Opaque type.

* PM-1378 - Fix wrong return type for getDeviceKey on DeviceCryptoServiceAbstraction per PR feedback
2023-05-25 14:17:19 -04:00
André Bispo
b9d3b0aff7
[PM-2398] Fix firefox extension environments bug (#5514) 2023-05-25 18:32:26 +01:00
André Bispo
1a9a328d39
[PM-2347] Refresh configs when environment urls change (#5507)
* [PM-2347] Re fetch feature flags when environment urls change and update UI.
2023-05-25 14:38:23 +01:00
Oscar Hinton
62591a8bc8
[PM-2328] Fix jest deprecations (#5483) 2023-05-22 20:19:16 +02:00
André Bispo
b9fe78796a
[PM-1019] Environment selection clients (#5480)
* [PM-169][PM-142][PM-191] Add Environments to Web and Desktop (#5294)

* [PM-1351] Add property to server-config.response. Change config to be able to fetch without being authed.

* [PM-1351] fetch every hour.

* [PM-1351] fetch on vault sync.

* [PM-1351] browser desktop fetch configs on sync complete.

* [PM-1351] Add methods to retrieve feature flags

* [PM-1351] Add enum to use as key to get values feature flag values

* [PM-1351] Remove debug code

* [PM-1351] Get flags when unauthed. Add enums as params. Hourly always fetch.

* [PM-1351] add check for authed user using auth service

* [PM-169] Web: add drop down to select environment

* [PM-169] Fix pop up menu margins. Add DisplayEuEnvironmentFlag.

* [PM-169] Change menu name.

* [PM-169] Add environment selector ts and html. Add declaration and import on login.module

* [PM-169] Add environment selector to desktop.

* [PM-169] Ignore lint error.

* [PM-169] add takeUntil to subscribes

* [PM-191] PR Fixes, code format

* [PM-168] Add Environments to extension login/registration (#5434)
2023-05-19 17:35:42 +01:00
renovate[bot]
9e32f8d574
chore(deps): update dependency rimraf to v5 (#5468)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
2023-05-19 14:23:44 +02:00
Oscar Hinton
3da7fc7cb3
Deprecated broadcaster (#5461) 2023-05-17 12:27:27 +02:00
Matt Gibson
c58b0c0753
Return error code when any tsc typecheck fails (#5459)
* Return error code when any tsc typecheck fails

* Try with bash

`sh ./scripts/test-types.s` resulted in errors missing `[[`,
which is a bash builtin. It's possible the ubuntu runner is using
some other shell.

* Fix spec type errors

* Switch to node for Windows compatibility
2023-05-16 09:20:40 -05:00
Shane Melton
bcda04ee86
[AC-358] SelfHosted update subscription page (#5101)
* [AC-358] Add selfHostSubscriptionExpiration property to organization-subscription.response.ts

* [AC-358] Update selfHost org subscription template

- Replace "Subscription" with "SubscriptionExpiration"
- Add question mark help link
- Add helper text for grace period
- Add support for graceful fallback in case of missing grace period in subscription response

* Update libs/common/src/billing/models/response/organization-subscription.response.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-358] Remove unnecessary hypen

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-358] Introduce SelfHostedOrganizationSubscription view
- Encapsulate expiration/grace period logic in the new view object.
- Remove API response getters from the angular component
- Replace the API response object with the new view

* [AC-358] Clarify name for new expiration without grace period field

* [AC-358] Update constructor parameter name

* [AC-358] Simplify new selfhost subscription view

- Make expiration date properties public
- Remove obsolete expiration date getters
- Update the component to use new properties
- Add helper to component for determining if the subscription should be rendered as expired (red text)

* [AC-358] Rename isExpired to isExpiredAndOutsideGracePeriod to be more explicit

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-05-15 07:38:53 -07:00
Shane Melton
ab4d8df2ae
[AC-1145] Add trusted devices option to encryption settings on sso config (#5383)
* [AC-1145] Add TDE feature flag

* [AC-1145] Update sso-config to use new member decryption type and remove keyConnectorEnabled

* [AC-1145] Add new TDE option to SSO config form and update to CL radio buttons

* [AC-1145] Update checkboxes to CL checkboxes

* [AC-1145] Fix messages.json warning

* [AC-1145] Update to new form async actions

* [AC-1145] Modify key connector option display logic to check for TDE feature flag

* [AC-1145] Remove obsolete app-checkbox component

* [AC-1145] Update TDE option description to refer to master password reset policy
2023-05-10 12:51:56 -07:00
Oscar Hinton
5f825e10f9
[PM-2132] Move all specs to the src directory (#5367) 2023-05-09 11:27:09 +02:00
Jared Snider
6b26406331
Defect/PM-1196 - SSO with Email 2FA Flow - Email Required error fixed (#5280)
* PM-1196- First draft of solution for solving SSO login with email 2FA not working; this is a working solution but we need to leverage it to build a better solution with a different server generated token vs a OTP.

* PM-1196 - Swap from OTP to SSO Email 2FA session token. Working now, but going to revisit whether or not email should come down from the server. Need to clean up the commented out items if we decide email stays encrypted in the session token.

* PM-1196 - Email needs to come down from server after SSO in order to flow through to the 2FA comp and be sent to the server

* PM-1196 - For email 2FA, if the email is no longer available due to the auth service 2 min expiration clearing the auth state, then we need to show a message explaining that (same message as when a OTP is submitted after expiration) vs actually sending the request without an email and getting a validation error from the server

* PM-1196 - (1) Make optional properties optional (2) Update tests to pass (3) Add new test for Email 2FA having additional auth result information

* PM-1196 - Remove unnecessary optional chaining operator b/c I go my wires crossed on how it works and the login strategy is not going to be null or undefined...
2023-05-04 14:57:11 -04:00
Jared Snider
120fd14213
Remove all TypeScript region use as it is now against the Bitwarden code style guide. (#5356) 2023-05-04 10:48:01 -04:00
Jared Snider
18b2c60ef8
Clean up TODO from Org Domain claiming by adding test for getClaimedOrgDomainByEmail (#5355) 2023-05-04 09:56:46 -04:00
SmithThe4th
50eea96ec5
[PM-1699] Updated low kdf iterations warning (#5170)
* updated low ksf iterations warning

* Removed test implementation

* Removed unused translation and updated key

* Enabled low kdf on this branch for testing

* Removed duplicate showKdf initialiazation

* [PM-1700] Put KDF warning behind a LaunchDarkly Feature Flag (#5308)

* Added feature flag for low kdf iteration

* Added feature flag implementation to component

* Renamed feature flag to align with what is setup on LaunchDarkly
2023-05-04 09:46:12 -04:00
Oscar Hinton
4e1867682f
[PM-1504] Migrate Dialogs to DialogService (#5013)
This PR introduces a generic `DialogService` which can be used by all the clients. This allows us to decouple dialogs from the `PlatformUtilsHelper`.

The `DialogService` provides a new method, `openSimpleDialog` which is the new interface for that type of dialogs.

This gives us 3 different implementations: 
- Web: DialogService modern dialogs
- Browser: SweetAlert
- Desktop: Native electron based
2023-05-02 18:46:03 +02:00
renovate[bot]
7c4b2c04b9
[PM-1905] Update npm (#3940)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2023-05-02 17:25:25 +02:00
Robyn MacCallum
671a9115bb
[PM-1400] Update IconComponent to use OnPush ChangeDetection (#5181)
* Add disableFavicon$ to stateService

* Change IconComponent's ChangeDetectionStrategy and use disableFavicon$ observable

* Only get first result from disableFavicon observable

* Move disabledFavicon$ to SettingsService

* Update usage of disableFavicon to use SettingsService

* Remove getting and setting of disabledFavicon on login

* Settings service observable adjustments

* Fix for popup initially having a null value for the disableFavicon setting in settingsService

* Move disabledFavicon$ subscription to ngOnInit

* feat: experiment with observables

* Remove SettingsService from browser app component

* Fix storybook changes

* Update apps/web/src/app/vault/components/vault-items/vault-items.stories.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix mock function signature

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2023-04-28 15:07:26 -04:00