1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-05 09:10:53 +01:00
Commit Graph

119 Commits

Author SHA1 Message Date
Shane Melton
07c2c2af20
[AC-1070] Enforce master password policy on login (#4795)
* [EC-1070] Introduce flag for enforcing master password policy on login

* [EC-1070] Update master password policy form

Add the ability to toggle enforceOnLogin flag in web

* [EC-1070] Add API method to retrieve all policies for the current user

* [EC-1070] Refactor forcePasswordReset in state service to support more options

- Use an options class to provide a reason and optional organization id
- Use the OnDiskMemory storage location so the option persists between the same auth session

* [AC-1070] Retrieve single master password policy from identity token response

Additionally, store the policy in the login strategy for future use

* [EC-1070] Introduce master password evaluation in the password login strategy

- If a master password policy is returned from the identity result, evaluate the password.
- If the password does not meet the requirements, save the forcePasswordReset options
- Add support for 2FA by storing the results of the password evaluation on the login strategy instance
- Add unit tests to password login strategy

* [AC-1070] Modify admin password reset component to support update master password on login

- Modify the warning message to depend on the reason

- Use the forcePasswordResetOptions in the update temp password component

* [EC-1070] Require current master password when updating weak mp on login

- Inject user verification service to verify the user
- Conditionally show the current master password field only when updating a weak mp. Admin reset does not require the current master password.

* [EC-1070] Implement password policy check during vault unlock

Checking the master password during unlock is the only applicable place to enforce the master password policy check for SSO users.

* [EC-1070] CLI - Add ability to load MP policies on login

Inject policyApi and organization services into the login command

* [EC-1070] CLI - Refactor update temp password logic to support updating weak passwords

- Introduce new shared method for collecting a valid and confirmed master password from the CLI and generating a new encryption key
- Add separate methods for updating temp passwords and weak passwords.
- Utilize those methods during login flow if not using an API key

* [EC-1070] Add route guard to force password reset when required

* [AC-1070] Use master password policy from verify password response in lock component

* [EC-1070] Update labels in update password component

* [AC-1070] Fix policy service tests

* [AC-1070] CLI - Force sync before any password reset flow

Move up the call to sync the vault before attempting to collect a new master password. Ensures the master password policies are available.

* [AC-1070] Remove unused getAllPolicies method from policy api service

* [AC-1070] Fix missing enforceOnLogin copy in policy service

* [AC-1070] Include current master password on desktop/browser update password page templates

* [AC-1070] Check for forced password reset on account switch in Desktop

* [AC-1070] Rename WeakMasterPasswordOnLogin to WeakMasterPassword

* [AC-1070] Update AuthServiceInitOptions

* [AC-1070] Add None force reset password reason

* [AC-1070] Remove redundant ForcePasswordResetOptions class and replace with ForcePasswordResetReason enum

* [AC-1070] Rename ForceResetPasswordReason file

* [AC-1070] Simplify conditional

* [AC-1070] Refactor logic that saves password reset flag

* [AC-1070] Remove redundant constructors

* [AC-1070] Remove unnecessary state service call

* [AC-1070] Update master password policy component

- Use typed reactive form
- Use CL form components
- Remove bootstrap
- Update error component to support min/max
- Use Utils.minimumPasswordLength value for min value form validation

* [AC-1070] Cleanup leftover html comment

* [AC-1070] Remove overridden default values from MasterPasswordPolicyResponse

* [AC-1070] Hide current master password input in browser for admin password reset

* [AC-1070] Remove clientside user verification

* [AC-1070] Update temp password web component to use CL

- Use CL for form inputs in the Web component template
- Remove most of the bootstrap classes in the Web component template
- Use userVerificationService to build the password request
- Remove redundant current master password null check

* [AC-1070] Replace repeated user inputs email parsing helpers

- Update passwordStrength() method to accept an optional email argument that will be parsed into separate user inputs for use with zxcvbn
- Remove all other repeated getUserInput helper methods that parsed user emails and use the new passwordStrength signature

* [AC-1070] Fix broken login command after forcePasswordReset enum refactor

* [AC-1070] Reduce side effects in base login strategy

- Remove masterPasswordPolicy property from base login.strategy.ts
- Include an IdentityResponse in base startLogin() in addition to AuthResult
- Use the new IdentityResponse to parse the master password policy info only in the PasswordLoginStrategy

* [AC-1070] Cleanup password login strategy tests

* [AC-1070] Remove unused field

* [AC-1070] Strongly type postAccountVerifyPassword API service method

- Remove redundant verify master password response
- Use MasterPasswordPolicyResponse instead

* [AC-1070] Use ForceResetPassword.None during account switch check

* [AC-1070] Fix check for forcePasswordReset reason after addition of None

* [AC-1070] Redirect a user home if on the update temp password page without a reason

* [AC-1070] Use bit-select and bit-option

* [AC-1070] Reduce explicit form control definitions for readability

* [AC-1070] Import SelectModule in Shared web module

* [AC-1070] Add check for missing 'at' symbol

* [AC-1070] Remove redundant unpacking and null coalescing

* [AC-1070] Update passwordStrength signature and add jsdocs

* [AC-1070] Remove variable abbreviation

* [AC-1070] Restore Id attributes on form inputs

* [AC-1070] Clarify input value min/max error messages

* [AC-1070] Add input min/max value example to storybook

* [AC-1070] Add missing spinner to update temp password form

* [AC-1070] Add missing ids to form elements

* [AC-1070] Remove duplicate force sync and update comment

* [AC-1070] Switch backticks to quotation marks

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-04-17 07:35:37 -07:00
Thomas Rittson
ad0c460687
[EC-850] ProviderUser permissions should prevail over member permissions (#5162)
* Apply provider permissions even if also member

* Add org.isMember

* Refactor: extract syncProfileOrganizations method

* Change isNotProvider logic to isMember

* Fix cascading org permissions

* Add memberOrganizations$ observable
2023-04-17 13:09:53 +10:00
Thomas Rittson
7899b25ab3
[PM-1426] Refactor uri matching (#5003)
* Move URI matching logic into uriView

* Fix url parsing: always assign default protocol, otherwise no protocol with port is parsed incorrectly

* Codescene: refactor domain matching logic
2023-04-06 13:30:26 +10:00
Vincent Salucci
576d85b268
[AC-1202] Update enums filenames for admin-console/billing teams (#5169)
* refactor: add barrel file for admin-console enums, update references, refs AC-1202

* fix: lint/prettier updates, refs AC-1202

* refactor: add enum suffix, refs AC-1202

* refactor: add barrel file for billing enums, update imports to use it, refs AC-1202

* fix: prettier, refs AC-1202

* refactor: add enum suffix for billing enums, refs AC-1202
2023-04-05 20:34:23 -05:00
Vincent Salucci
bacb8828de
[AC-1266] Enums filename conventions (#5140)
* refactor: update clientType enum

* refactor: update deviceType filename

* refactor: update encryptedExportType filename

* refactor: update encryptionType filename

* refactor: update eventType filename

* refactor: update fieldType filename

* refactor: update fileUploadType filename

* refactor: update hashPurpose filename

* refactor: update htmlStorageLocation filename

* refactor: update kdfType filename

* refactor: update keySuffixOptions filename

* refactor: update linkedIdType filename

* refactor: update logLevelType filename

* refactor: update nativeMessagingVersion filename

* refactor: update notificationType filename

* refactor: update productType filename

* refactor: update secureNoteType filename

* refactor: update stateVersion filename

* refactor: update storageLocation filename

* refactor: update themeType filename

* refactor: update uriMatchType filename

* fix: update kdfType classes missed in initial pass, refs AC-1266

* fix: missing import update for device-type

* refactor: add barrel file for enums and update pathed import statements, refs AC-1266

* fix: incorrect import statements for web, refs AC-1266

* fix: missed import statement updates (browser), refs AC-1266

* fix: missed import statement changes (cli), refs AC-1266

* fix: missed import statement changes (desktop), refs AC-1266

* fix: prettier, refs AC-1266

* refactor: (libs) update relative paths to use barrel file, refs AC-1266

* fix: missed find/replace import statements for SecureNoteType, refs AC-1266

* refactor: apply .enum suffix to enums folder and modify leftover relative paths, refs AC-1266

* fix: find/replace errors for native-messaging-version, refs AC-1266
2023-04-04 22:42:21 -05:00
Oscar Hinton
a68631c7b7
Fix broken export spec (#5152) 2023-04-03 12:26:11 +02:00
Bernd Schoolmann
1f472ea309
[PS-2264] Make password protected exports support account's iterations and argon2 (#4479)
* Fix encrypted export using fixed PBKDF2 iterations

* Replace hardcoded KdfType in importer

* Clean up kdf handling in password-protected export

* Extract BitwardenPasswordProtectedFileFormat

* Rename bitwarden-json-types

* Move StateService import to fix linting issue

* Make linter happy

* Use abstraction instead of implementation

---------

Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-03-31 13:49:07 +02:00
Daniel James Smith
e238ea20a9
[PM-328] Move Send to Tools (#5104)
* Move send in libs/common

* Move send in libs/angular

* Move send in browser

* Move send in cli

* Move send in desktop

* Move send in web
2023-03-29 16:23:37 +02:00
Robyn MacCallum
d799529428
[SG 623] Send Service Refactor (#4327)
* Split out api methods into sendApiService

* Move SendService and abstraction

* Libs updates

* Web updates

* CLI updates

* Desktop updates

* libs send service fixes

* browser factory additions

* Browser updates

* Fix service injection for CLI SendReceiveCommand

* Deprecate directly calling send state service methods

* SendService observables updates

* Update components to use new observables

* Modify CLI to use state service instead of observables

* Remove unnecessary await on get()

* Move delete() to InternalSendService

* SendService unit tests

* Split fileUploadService by send and cipher

* send and cipher service factory updates

* Add file upload methods to get around circular dependency issues

* Move api methods from sendService to sendApiService

* Update cipherService to use fileApi methods

* libs service injection and component changes

* browser service injection and component changes

* Desktop component changes

* Web component changes

* cipher service test fix

* Fix file capitalization

* CLI service import and command updates

* Remove extra abstract fileUploadService

* WIP: Condense callbacks for file upload

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>

* Send callbacks for file upload

* Fix circular service dependencies

* Fix response return on upload

* Fix function definitions

* Service injection fixes and bug fixes

* Fix folder casing

* Service injection cleanup

* Remove deleted file from capital letters whitelist

* Create new SendApiService for popup

* Move cipherFileUploadService to vault

* Move SendFileUploadService methods into SendApiService

* Rename methods to remove 'WithServer'

* Properly subscribe to sendViews

* Fix Send serialization

* Implement fromJSON on sendFile and sendText

* [PM-1347] Fix send key serialization (#4989)

* Properly serialize key on send fromJSON

* Remove call that nulled out decrypted sends

* Fix null checks in fromJSON methods for models

* lint fixes

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2023-03-28 12:37:40 -04:00
Daniel James Smith
a5a12a6723
[PM-328] Move common/importer to libs/importer (tools-migration) (#5060)
* Create and register new libs/importer

Create package.json
Create tsconfig
Create jest.config
Extend shared and root tsconfig and jest.configs
Register with eslint

* Move importer-related files to libs/importer

* Move importer-spec-related files to libs/importer

Move import.service.spec

* Update package-lock.json

* Set CODEOWNERS for new libs/importer

* Register libs/importer with cli and fix imports

* Register libs/importer with web and fix imports

* Move importOption into models

Rename importOptions to import-options

* Fix linting issues after updating prettier

* Only expose necessary files from libs/importer

Fix tsconfig files
- Removes the trailing /index on imports in web/cli

As the spec-files no longer can access the internals via @bitwarden/importer they import by path (../src/importers)

* Add barrel files to vendors with more than one importer
2023-03-23 11:43:27 +01:00
Vincent Salucci
780a563ce0
[AC-1011] Admin Console / Billing code ownership (#4973)
* refactor: move SCIM component to admin-console, refs EC-1011

* refactor: move scimProviderType to admin-console, refs EC-1011

* refactor: move scim-config.api to admin-console, refs EC-1011

* refactor: create models folder and nest existing api contents, refs EC-1011

* refactor: move scim-config to admin-console models, refs EC-1011

* refactor: move billing.component to billing, refs EC-1011

* refactor: remove nested app folder from new billing structure, refs EC-1011

* refactor: move organizations/billing to billing, refs EC-1011

* refactor: move add-credit and adjust-payment to billing/settings, refs EC-1011

* refactor: billing history/sync to billing, refs EC-1011

* refactor: move org plans, payment/method to billing/settings, refs EC-1011

* fix: update legacy file paths for payment-method and tax-info, refs EC-1011

* fix: update imports for scim component, refs EC-1011

* refactor: move subscription and tax-info into billing, refs EC-1011

* refactor: move user-subscription to billing, refs EC-1011

* refactor: move images/cards to billing and update base path, refs EC-1011

* refactor: move payment-method, plan subscription, and plan to billing, refs EC-1011

* refactor: move transaction-type to billing, refs EC-1011

* refactor: move billing-sync-config to billing, refs EC-1011

* refactor: move billing-sync and bit-pay-invoice request to billing, refs EC-1011

* refactor: move org subscription and tax info update requests to billing, refs EC-1011

* fix: broken paths to billing, refs EC-1011

* refactor: move payment request to billing, refs EC-1011

* fix: update remaining imports for payment-request, refs EC-1011

* refactor: move tax-info-update to billing, refs EC-1011

* refactor: move billing-payment, billing-history, and billing responses to billing, refs EC-1011

* refactor: move organization-subscription-responset to billing, refs EC-1011

* refactor: move payment and plan responses to billing, refs EC-1011

* refactor: move subscription response to billing ,refs EC-1011

* refactor: move tax info and rate responses to billing, refs EC-1011

* fix: update remaining path to base response for tax-rate response, refs EC-1011

* refactor: (browser) move organization-service to admin-console, refs EC-1011

* refactor: (browser) move organizaiton-service to admin-console, refs EC-1011

* refactor: (cli) move share command to admin-console, refs EC-1011

* refactor: move organization-collect request model to admin-console, refs EC-1011

* refactor: (web) move organization, collection/user responses to admin-console, refs EC-1011

* refactor: (cli) move selection-read-only to admin-console, refs EC-1011

* refactor: (desktop) move organization-filter to admin-console, refs EC-1011

* refactor: (web) move organization-switcher to admin-console, refs EC-1011

* refactor: (web) move access-selector to admin-console, refs EC-1011

* refactor: (web) move create folder to admin-console, refs EC-1011

* refactor: (web) move org guards folder to admin-console, refs EC-1011

* refactor: (web) move org layout to admin-console, refs EC-1011

* refactor: move manage collections to admin console, refs EC-1011

* refactor: (web) move collection-dialog to admin-console, refs EC-1011

* refactor: (web) move entity users/events and events component to admin-console, refs EC-1011

* refactor: (web) move groups/group-add-edit to admin-console, refs EC-1011

* refactor: (web) move manage, org-manage module, and user-confirm to admin-console, refs EC-1011

* refactor: (web) move people to admin-console, refs EC-1011

* refactor: (web) move reset-password to admin-console, refs EC-1011

* refactor: (web) move organization-routing and module to admin-console, refs EC-1011

* refactor: move admin-console and billing within app scope, refs EC-1011

* fix: update leftover merge conflicts, refs EC-1011

* refactor: (web) member-dialog to admin-console, refs EC-1011

* refactor: (web) move policies to admin-console, refs EC-1011

* refactor: (web) move reporting to admin-console, refs EC-1011

* refactor: (web) move settings to admin-console, refs EC-1011

* refactor: (web) move sponsorships to admin-console, refs EC-1011

* refactor: (web) move tools to admin-console, refs EC-1011

* refactor: (web) move users to admin-console, refs EC-1011

* refactor: (web) move collections to admin-console, refs EC-1011

* refactor: (web) move create-organization to admin-console, refs EC-1011

* refactor: (web) move licensed components to admin-console, refs EC-1011

* refactor: (web) move bit organization modules to admin-console, refs EC-1011

* fix: update leftover import statements for organizations.module, refs EC-1011

* refactor: (web) move personal vault and max timeout to admin-console, refs EC-1011

* refactor: (web) move providers to admin-console, refs EC-1011

* refactor: (libs) move organization service to admin-console, refs EC-1011

* refactor: (libs) move profile org/provider responses and other misc org responses to admin-console, refs EC-1011

* refactor: (libs) move provider request and selectionion-read-only request to admin-console, refs EC-1011

* fix: update missed import path for provider-user-update request, refs EC-1011

* refactor: (libs) move abstractions to admin-console, refs EC-1011

* refactor: (libs) move org/provider enums to admin-console, refs EC-1011

* fix: update downstream import statements from libs changes, refs EC-1011

* refactor: (libs) move data files to admin-console, refs EC-1011

* refactor: (libs) move domain to admin-console, refs EC-1011

* refactor: (libs) move request objects to admin-console, refs EC-1011

* fix: update downstream import changes from libs, refs EC-1011

* refactor: move leftover provider files to admin-console, refs EC-1011

* refactor: (browser) move group policy environment to admin-console, refs EC-1011

* fix: (browser) update downstream import statements, refs EC-1011

* fix: (desktop) update downstream libs moves, refs EC-1011

* fix: (cli) update downstream import changes from libs, refs EC-1011

* refactor: move org-auth related files to admin-console, refs EC-1011

* refactor: (libs) move request objects to admin-console, refs EC-1011

* refactor: move persmissions to admin-console, refs EC-1011

* refactor: move sponsored families to admin-console and fix libs changes, refs EC-1011

* refactor: move collections to admin-console, refs EC-1011

* refactor: move spec file back to spec scope, refs EC-1011

* fix: update downstream imports due to libs changes, refs EC-1011

* fix: udpate downstream import changes due to libs, refs EC-1011

* fix: update downstream imports due to libs changes, refs EC-1011

* fix: update downstream imports from libs changes, refs EC-1011

* fix: update path malformation in jslib-services.module, refs EC-1011

* fix: lint errors from improper casing, refs AC-1011

* fix: update downstream filename changes, refs AC-1011

* fix: (cli) update downstream filename changes, refs AC-1011

* fix: (desktop) update downstream filename changes, refs AC-1011

* fix: (browser) update downstream filename changes, refs AC-1011

* fix: lint errors, refs AC-1011

* fix: prettier, refs AC-1011

* fix: lint fixes for import order, refs AC-1011

* fix: update import path for provider user type, refs AC-1011

* fix: update new codes import paths for admin console structure, refs AC-1011

* fix: lint/prettier, refs AC-1011

* fix: update layout stories path, refs AC-1011

* fix: update comoponents card icons base variable in styles, refs AC-1011

* fix: update provider service path in permissions guard spec, refs AC-1011

* fix: update provider permission guard path, refs AC-1011

* fix: remove unecessary TODO for shared index export statement, refs AC-1011

* refactor: move browser-organization service and cli organization-user response out of admin-console, refs AC-1011

* refactor: move web/browser/desktop collections component to vault domain, refs AC-1011

* refactor: move organization.module out of admin-console scope, refs AC-1011

* fix: prettier, refs AC-1011

* refactor: move organizations-api-key.request out of admin-console scope, refs AC-1011
2023-03-22 10:03:50 -05:00
Daniel James Smith
2b9bc08c71
Fix subfolders not being created (#4653)
In Bitwarden, subfolders are separated/indicated using forward-slashes
The Keeper CSV export separates folders uses backslashes
Replace backslashes with forwardslashes in processFolder
Added tests to verfiy folder/collection creation
2023-02-17 21:01:21 +01:00
Jared Snider
36633bcb04
[SG-147] - Feature/web-organization-domain-claiming (#4734)
* Feature/SG-680 - Create Domain Verification Comp (#4283)

* domain-base.ts - added link to Architectural docs describing domain base class purpose

* SG-680 - (1) Created Org Domain API and observable based data store service (2) Created required response and request models

* SG-680 - Renaming org domain service abstractions to match existing convention

* SG-680 - (1) Updated getByOrgId method to return array of data to match back end + renamed it as such (2) Updated OrgDomainApiService get methods to update the OrgDomainService observables

* Two-factor-setup comp - change "tabbed-header" class to "page-header" to achieve visual consistency with other settings components.

* SG-680 - Refactor Org Domain API & domain services to conform to ADR 0013 - Avoid layered folder structure for request/response models (i.e., put models near "owner" services)

* SG-680 - Update Organization model to include a canManageDomainVerification check

* SG-680 - Created Domain Verification component and started scaffolding out HTML

* SG-680 - New OrgDomain state and API services need to be registered on jslib-services.module in order to be injectable into components for use (this is what maps abstractions to implementation for dependency injection)

* SG-680 - OrgDomainApiServiceAbstraction should be an abstract class

* SG-680 - Update OrgDomainApiService to use ListResponse and map into OrganizationDomainResponse properly

* SG-680 - Moved domain verification comp into subfolder to add clarity in folder structure

* SG-680 - Good start on Domain Add Edit Dialog

* SG-680 - Domain Add Edit Dialog - (1) Random generation of DNS TXT Record now working (2) DNS TXT Record Copyable (3) Additional translations added (4) Info callout added

* SG-680 - Domain Add Edit Dialog - (1) Added custom validator for domain name (2) Disable verify btn if form invalid

* SG-680 - Updated Domain Name custom validator to pass back error message in format the error.component.ts expected so it can be displayed without an untranslated error prefix of "invalidDomainName"

* Form-button - Added useful note regarding use of the bitFormButton directive and how it requires the use of the bitButton directive as well.

* SG-680 - OrgDomain.service - replace delete with splice as delete doesn't actually alter array. Duh.

* SG-680 -  Domain verification progress - (1) Table layout + loading working for the most part (more translations needed (2) Add & edit opening dialog (3) Dialog first draft of save and verify

* SG-680 - DomainAddEditDialog - Unique domain name enforcement implemented

* SG-680 - Domain Name Custom Reactive forms validator refactor - swapped to regex to support proper domain format (which now enforces the requirement of a .com or similar)

* SG-680 - OrgDomainApi svc - must await send of delete call otherwise runs synchronously. Duh.

* SG-680 - Domain verification progress - (1) CopyDnsTxt added to state service (2) Refactored dialog to use async actions (3) Dialog form changes now mark form controls as touched for more responsive error handling

* SG-680 - Domain-add-edit-dialog - Confirmation required now for domain deletion

* SG-680 - Domain verification table options now supports removing domains with confirmation prompt

* Shared module - merge conflict resolution + removing unused imports so I can check this in.

* SG-680 - Adding missing translations

* SG-680 - Comment clean up + todo

* Revert "Shared module - merge conflict resolution + removing unused imports so I can check this in."

This reverts commit 98fe346e67.

* SG-680 - DomainAddEditDialog - Replace bitAction with leveraging bitSubmit so that when users hit enter in a field the form gets submitted.

* SG-680 - Added httpStatusCode enum

* SG-680 - OrgDomainAPI - Verify endpoint now returns domain response model so upsert to sync obs state service

* SG-680 - Domain Verification comp - (1) Display last checked date (2) Verify first attempt in place (3) justify options content per design

* SG-680 - DomainAddEditDialog - Validation and error handling overhaul

* SG-680 - DomainAddEditDialog - (1) Autofocus domain name on new domain creation (2) Removed form.invalid == form disabled logic because of accessibility concerns

* SG-680 - OrgDomainResponse model refactor - back end is sending lower cased props

* SG-680 - OrgDomain service refactor - (1) Use proper abstraction for i18n svc (2) Don't make non-async methods async for no reason

* SG-680 - OrgDomainService - Added test suite

* SG-680 - Renaming httpStatusCode.enum to strip off .enum in attempt to pass eslint issue

* SG-680 - Renaming httpStatusCode enum file again to remove all capitalized letters to pass eslint rules.

* SG-680 - Updating HttpStatusCode import b/c auto import update missed it.

* SG-680 - DomainAddEditDialog - Don't show callout if domain is verified

* SG-680 - DomainVerificationComp - Add error handling to verify to handle case where domain isn't available

* SG-680 - OrgDomainApiSvc - svc should use abstractions in constructor

* SG-680 - OrgDomainApiSvc - added full test suite

* SG-680 - OrgDomainSvc test suite - fixing broken test

* SG-680 - Domain Verification Validation Scenario: show form control error when domain verification fails  - (1) Enhanced bitSubmit to optionally allowDisabledFormSubmit (2) Enhanced bitInput to optionally allow showErrorsWhenDisabled + added new docs

* SG-680 - Adjusting location & name of the bitInput docs to be in the top level docs section to match historical consensus and existing pattern.

* SG-680 - Removed TODO for adding tests since I've already added tests.

* SG-680 - DomainAddEditDialog - Handle verify domain conflict exceptions just in case

* SG-680 - Adjusting location of Domain verification settings item in the organization settings menu to match figma.

* SG-680 - Removing unnecessary comment

* SG-680 - Domain Verification component - updated svg to not have alt text so it is treated as decorative by screen readers for accessibility.

* SG-680 - Fixing messages.json missing }

* SG-680 - DomainAddEditDialog - Hardcoding inputs to bit-dialog as component vars are not needed for dynamic anything right now.

* SG-680 - Dialog comment refactor

* SG-680 -  OrgDomainSvc - comment and console log removals.

* SG-680 - Updating OrgDomain Service test suites to have better test titles.

* Defect/web org domain claiming bugfixes (#4458)

* SG-949 - OrgDomainVerification - Domain name validator now supports n levels of subdomains as well as top level domains.

* SG-955 - On domain verification error or failure, call to update the individual org domain item to get an updated last checked date on the client.

* SG-953 - In domain verification dialog edit, if verify called and failed, then must manually mark domain name as touched for errors to show up.

* SG-954 - Domain Verification edit dialog - Fixing delete button not having trash icon displayed + added i18n translation for title prop.

* SG-956 - Fixing domain claiming event logs so that they show up on the client (more to do as there are some events missing client & member)

* Form button directive comment update

* SG-977 - Event Log improvements: (1) Add new device type of server (2) Add EventSystemUser mapping to translated value.  The end result is that both SCIM and Domain verification logs properly show server as the client and SCIM or Domain verification as the member.

* Add comment to clarify use of SCIM in EVENT_SYSTEM_USER_TO_TRANSLATION  dict

* DeviceType.Server must be incremented to 22 b/c server master already has a DeviceType.SDK of 21.

* Add SDK w/ value of 21 to DeviceType to match master server

* Defect/web org domain claiming bugfixes the sequel (#4530)

* Update <bit-table> to latest standard so it works again (swap body from ng-container to ng-template)

* Input directive - showErrorsWhenDisabled case doesn't need to care if input isActive or not.

* SG-949 - Update domain name validator regex to prevent http://, https://, and www.

* SG-771 - Added claimed domain logic to web client (#4603)

* SG-771 / SG-772 / SG-743 - Add claimed domain logic which skips entry of Org SSO Id when an org has a claimed and verified domain to web, browser, and desktop.

* Fix lint errors by adding button types

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2023-02-15 15:50:39 -05:00
Matt Gibson
cf972e784c
Auth/ps 2298 reorg auth (#4564)
* Move auth service factories to Auth team

* Move authentication componenets to Auth team

* Move auth guard services to Auth team

* Move Duo content script to Auth team

* Move auth CLI commands to Auth team

* Move Desktop Account components to Auth Team

* Move Desktop guards to Auth team

* Move two-factor provider images to Auth team

* Move web Accounts components to Auth Team

* Move web settings components to Auth Team

* Move web two factor images to Auth Team

* Fix missed import changes for Auth Team

* Fix Linting errors

* Fix missed CLI imports

* Fix missed Desktop imports

* Revert images move

* Fix missed imports in Web

* Move angular lib components to Auth Team

* Move angular auth guards to Auth team

* Move strategy specs to Auth team

* Update .eslintignore for new paths

* Move lib common abstractions to Auth team

* Move services to Auth team

* Move common lib enums to Auth team

* Move webauthn iframe to Auth team

* Move lib common domain models to Auth team

* Move common lib requests to Auth team

* Move response models to Auth team

* Clean up whitelist

* Move bit web components to Auth team

* Move SSO and SCIM files to Auth team

* Revert move SCIM to Auth team

SCIM belongs to Admin Console team

* Move captcha to Auth team

* Move key connector to Auth team

* Move emergency access to auth team

* Delete extra file

* linter fixes

* Move kdf config to auth team

* Fix whitelist

* Fix duo autoformat

* Complete two factor provider request move

* Fix whitelist names

* Fix login capitalization

* Revert hint dependency reordering

* Revert hint dependency reordering

* Revert hint component

This components is being picked up as a move between clients

* Move web hint component to Auth team

* Move new files to auth team

* Fix desktop build

* Fix browser build
2023-02-06 15:53:37 -06:00
Matt Bishop
6df37dd715
[CSA-28] Use path normalization in API requests (#4580)
* Use path normalization in API requests

* Remove CLI webpack config change that's unneeded

* Add additional tests
2023-02-03 14:24:49 -05:00
Robyn MacCallum
7ebedbecfb
[SG-998] and [SG-999] Vault and Autofill team refactor (#4542)
* Move DeprecatedVaultFilterService to vault folder

* [libs] move VaultItemsComponent

* [libs] move AddEditComponent

* [libs] move AddEditCustomFields

* [libs] move attachmentsComponent

* [libs] folderAddEditComponent

* [libs] IconComponent

* [libs] PasswordRepormptComponent

* [libs] PremiumComponent

* [libs] ViewCustomFieldsComponent

* [libs] ViewComponent

* [libs] PasswordRepromptService

* [libs] Move FolderService and FolderApiService abstractions

* [libs] FolderService imports

* [libs] PasswordHistoryComponent

* [libs] move Sync and SyncNotifier abstractions

* [libs] SyncService imports

* [libs] fix file casing for passwordReprompt abstraction

* [libs] SyncNotifier import fix

* [libs] CipherServiceAbstraction

* [libs] PasswordRepromptService abstraction

* [libs] Fix file casing for angular passwordReprompt service

* [libs] fix file casing for SyncNotifierService

* [libs] CipherRepromptType

* [libs] rename CipherRepromptType

* [libs] CipherType

* [libs] Rename CipherType

* [libs] CipherData

* [libs] FolderData

* [libs] PasswordHistoryData

* [libs] AttachmentData

* [libs] CardData

* [libs] FieldData

* [libs] IdentityData

* [libs] LocalData

* [libs] LoginData

* [libs] SecureNoteData

* [libs] LoginUriData

* [libs] Domain classes

* [libs] SecureNote

* [libs] Request models

* [libs] Response models

* [libs] View part 1

* [libs] Views part 2

* [libs] Move folder services

* [libs] Views fixes

* [libs] Move sync services

* [libs] cipher service

* [libs] Types

* [libs] Sync file casing

* [libs] Fix folder service import

* [libs] Move spec files

* [libs] casing fixes on spec files

* [browser] Autofill background, clipboard, commands

* [browser] Fix ContextMenusBackground casing

* [browser] Rename fix

* [browser] Autofill content

* [browser] autofill.js

* [libs] enpass importer spec fix

* [browser] autofill models

* [browser] autofill manifest path updates

* [browser] Autofill notification files

* [browser] autofill services

* [browser] Fix file casing

* [browser] Vault popup loose components

* [browser] Vault components

* [browser] Manifest fixes

* [browser] Vault services

* [cli] vault commands and models

* [browser] File capitilization fixes

* [desktop] Vault components and services

* [web] vault loose components

* [web] Vault components

* [browser] Fix misc-utils import

* [libs] Fix psono spec imports

* [fix] Add comments to address lint rules
2023-01-31 16:08:37 -05:00
Daniel James Smith
b7d38f0f72
[PS-2320] Import API service refactor (#4529)
* Extract import methods from ApiService

Removed methods from ApiService impl and abstraction
Create import-api.service impl and abstraction
Moved import.service into abstractions/import/import.service.abstraction
Moved import.service into services/import/import.service
Change imports to use new services

* Fix import for tests

* Fix imports for CLI

* Fix imports for web

* Fix ModuleImports and dependencies

* Mark ImportApiService methods as async
2023-01-30 20:03:12 +01:00
Daniel James Smith
b1a1068906
[PS-2096] BEEEEP: Add Psono importer (#4286)
* Add psono json importer

Create types for psono export format
Add test files
Write tests for psono-json-importer
Write importer for psono export
Register 'psonojson' with `importOptions`
Import/register psono-json-importer with import.service
Add instructions on how to export from Psono

* Retain all imported data

Ensure all data is retained by adding unmapped properties into custom fields
Each item type has a set of mapped properties, anything not matching will be created as a custom field
Write extensive tests to ensure data is present

* Skipping GPG

We currently cannot import GPG Keys into notes or custom fields

* Add organizational test

Verify that folders get converted to collections when imported by an org

* Remove combined test-file (whole export)

* Remove redundant null type
2023-01-30 13:56:49 +01:00
Bernd Schoolmann
e055e68991
[PS-2251] Implement argon2 kdf (#4468)
* Implement argon2

* Remove argon2 webassembly warning

* Replace magic numbers by enum

* move packages

* cleanup call to argon2

* update call to node argon2

* don't need  wasm-eval

* revert config changes

* Update libs/common/src/enums/kdfType.ts

Co-authored-by: Martin Weinelt <mweinelt@users.noreply.github.com>

* Update kdfType.ts

* apply DEFAULT_PBKDF2_ITERATIONS

* checkIfWasmSupported

Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Martin Weinelt <mweinelt@users.noreply.github.com>
2023-01-26 09:20:12 -05:00
Rui Tomé
4a3bb4b241
[EC-639] Replacing apostrophe char for email values in Policies API request (#4390)
* [EC-639] Replacing single quote char for email values in Policies API request

* [EC-639] Added Utils.encodeRFC3986URIComponent and used in PolicyApiService and TwoFactorAuthenticatorComponent

* [EC-639] Added unit tests for Utils.encodeRFC3986URIComponent
2023-01-25 14:00:46 +00:00
Daniel James Smith
ae3edcc34d
[PS-2108] Enpass importer add support for androidurl's (#4314)
* Move and rename importers ater new naming convention

Create a subfolder to hold all enpass-importers
Change names to new naming convention
Fix imports
Remove entries from whitelist

* Added types for exported enpass json file

* Add unit tests to verify for current behaviour

* Prefer types over enums

* Replace `any` types with defined Enpass types

* Add support for parsing Android urls

Fixes #2831
Added test-file with several combinations
Wrote test cases to verify
2023-01-24 21:03:11 +01:00
Daniel James Smith
6d2a2aa852
dashlane-csv-importer: Set month on import (#4284) 2023-01-23 15:52:38 +01:00
cyprain-okeke
fd346ba65a
[PS 1579]kee pass2 import fails on cli (#4452)
* Fixing queryselector since the existing is failing

* Add the unit test for the keepass fix

* Adding additional test for the query.selector fix

* Fixing a lint error message
2023-01-19 17:12:36 +01:00
Kyle Spearrin
dbb0bbb91c
adjust default kdf iterations to 350k (#4482)
* adjust default kdf iterations to 350k

* update test
2023-01-18 13:20:14 -05:00
Hermann Käser
a6308042b6
[PS-2263] Keeper CSV import: import TOTP to correct field (#4478)
* Keeper CSV import: import TOTP to correct field

* Fix small issue with notes import

Notes field can be null, the ` + "\n"` coerces those to `"null"`.

* Adds unit tests
2023-01-18 10:19:46 +01:00
Thomas Rittson
52665384cf
[EC-836] Trying to confirm 2018 user account to organization returns 404 (#4214)
* Fix migration logic to create keypair for old account

* Rename onSuccessfulLogin to reflect usage

* Rewrite loginStrategy spec with jest-mock-ex

* Rewrite tests with jest-mock-extended

* Assert call order

* Fix linting
2022-12-28 14:12:11 +00:00
Daniel James Smith
d6acc77ba7
[PS-1755] BEEEP: FSecure FSK-Importer improvements (#3877)
* Move FsecureFskImporter into separate folder

* Add types for exported fsk file

* Add new testdata and rewrite existing tests

* Fix #2801 - Use type instead of style property to differentiate between cipher types

* Add setting cipher.favorite

* Remove unmapped property autofillAndroid

* Re-naming files due to new naming convention

Renamed added or changed files of this PR
Fixed all imports
Removed items from the whitelist

* Extract method refactor

Move logic inside of parse loop into parseEntry
Extract handling of Entries of type Login into handleLoginEntry
Extract handling of Entries of type CreditCard into handleCreditCardEntry

* Simplify folder structure

Use vendor name importer folder
Rename /importers/fsecureImporters to /importers/fsecure
Move fsecure-fsk-types.ts out of the types folder into the fsecure-folder
Delete types folder
Fix all the imports

* Move spec and test-data to fsecure importer

* Fix broken import after merge master

* Use the new FSecureFskImporter

Must have messed up during the last merge:
Delete old importer and spec
Fix import of FSecureFskImporter in import.service
2022-12-22 16:59:46 +01:00
Daniel James Smith
8c8d4b3e3e
Add passky importer (#4253)
Create types for passky export format
Add test files
Write tests for passky-json-importer
Write importer for passky export
Register 'passkyjson' with `importOptions`
Import/register passky-json-importer with import.service
Add instructions on how to export from Passky
2022-12-19 21:47:45 +01:00
cyprain-okeke
ac2f171e2c
[PS 1504]Windows CLI - JSON Exports Missing Folders (#4113)
* Replace the FolderView from Observable with getAllDecryptedFromState

* Fixing failed test

* Fixing the PR comment on addressing getEncryptedExport

* Fixing the failing test cases

* Adding some unit test to check folder is exported

* Fixing a failing test

* Rename to getAllFromState to conform

* Please rename to getAllFromState to conform test

Co-authored-by: dynwee <onwudiweokeke@gmail.com>
2022-12-14 15:44:10 +01:00
Matt Gibson
7fbfce953d
[PS-1854] Split services between background and visualizations (#4075)
* Elevate Map <-> Record JSON helpers to Utils

* Build Account from a StateService provided AccountDeserializer

* Allow Manifest V2 usage of session sync

Expands use of SessionSyncer to all Subject types. Correctly handles
replay buffer for each type to ignore the flood of data upon
subscription to each Subject type.

* Create browser-synced Policy Service

* Move BrowserFolderService

* Libs account serialization improvements

* Serialize Browser Accounts

* Separate StateService in background/visualizations

Visualizer state services share storages with background page, which
nicely emulates mv3 synchronization through session/local storage. There
should not be multithreading issues since all of these services are
still running through a single thread, we just now have multiple places
we are reading/writing data from.

Smaller improvements
* Rename browser's state service to BrowserStateService
* Remove unused WithPrototype decorator :celebrate:
* Removed conversion on withPrototypeForArrayMembers. It's reasonable to
think that if the type is maintained, it doesn't need conversion.

Eventually, we should be able to remove the withPrototypeForArrayMembers
decorator as well, but that will require a bit more work on
(de)serialization of the Accounts.data property.

* Make Record <-> Map idempotent

Should we get in a situation where we _think_ an object has been
jsonified, but hasn't been, we need to correctly deal with the object
received to create our target.

* Check all requirements while duck typing

* Name client services after the client

* Use union type to limit initialize options

* Fixup usages of `initializeAs`

* Add OrganizationService to synced services

Co-Authored-By: Daniel James Smith <djsmith85@users.noreply.github.com>

* Add Settings service to synced services

Co-Authored-By: Daniel James Smith <djsmith85@users.noreply.github.com>

* Add missing BrowserStateService

* Fix factories to use browser-specific service overides

* Fix org-service registration in services.module

* Revert "Add missing BrowserStateService"

This reverts commit 81cf384e87.

* Fix session syncer tests

* Fix synced item metadata tests

* Early return null json objects

* Prefer abstract service dependencies

* Prefer minimal browser service overrides

* [SG-632] - Change forwarded providers radio buttons list to dropdown (#4045)

* SG-632 - Changed forwarded providers list of radio buttons to dropdown

* SG-632 - Added role attributes to improve accessibility.

* SG-632 - Added sorting to array and empty option

* SG-632 - Fix styling to match standards.

* rename cipehrs component to vault items component (#4081)

* Update the version hash for the QA Web build artifact to follow SemVer syntax (#4102)

* Remove extra call to toJSON() (#4101)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith@web.de>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
2022-11-23 16:26:57 -06:00
Justin Baur
076e605f10
[PS-1879] Fix Key Connector Migration Flow (#4080)
* Move OrganizationService to fullSync

* Add Tech Debt Tracking Link

* Remove Commented out code

* Add InternalOrganizationService

* Use InternalOrganization in services that get to update state
2022-11-18 16:38:28 -05:00
cyprain-okeke
cba0f31937
[PS 1045] bw login with apikey argument fails on cli (#3959)
* Add fix for bw login with apikey argument fails bug

* Changes after running the prettier

* Revert chnages on the launch.json file

* Changes after running a lint

* Renaming a filename to remove capital letters

* Resolving the error on test run

* Renaming file names due lint errors

* Renaming new files to conform to snake case

* Remove the test for user api login strategy

* Adding the user api login test and file renaming

* Rename file name to organization-api-login.spec.ts

* Fixing the lint error on PR

* Adding the apiLogIn.strategy to whitelist-capital-letters

* Removing all the apiLogIn.strategy in whitelist-capital-letters.

* Fixing PR comment relating OrganizationApiTokenRequest

* Resolve PR comment on OrganizationApiTokenRequest model

* Fixing PR comment of separating organization token model

* fixing the lint error message

* Fixing the lint error

* Reverting the changes on lunch.js

* revert the actual content on launch.json

* Reverting changes relating to organization api login

* Removing the OrganizationIdentityTokenResponse file

* Removing OrganizationIdentityTokenResponse file

Co-authored-by: dynwee <onwudiweokeke@gmail.com>
2022-11-17 12:50:37 +01:00
Daniel James Smith
0e78910582
[PS-1805] BEEEP: Renamed importers based on agreed naming-convention (#3978)
* Rename all importer related files

Renamed all files based on our naming convention which we decided on with https://github.com/bitwarden/adr/blob/master/decisions/0012-angular-filename-convention.md

* Removed entries from whitelist-capital-letters.txt

* Rename missing safeInCloud test data

* Fix broken import

* Renamed folders (removed capital letters)

* Fix filename of BitwardenCsvImporter

* Fix imports of onepassword mac/win importer tests

* Remove already renamed folders from whitelist

* Rename dashlaneImporters to dashlane

Rename the folder
Fix all the imports
Remove dashlaneImporters from white-list

* Rename keeperImporters to keeper

Rename the folder
Fix all the imports
Remove keeperImporters from white-list

* Rename onepasswordImporters to onepassword

Rename the folder
Fix all the imports
Remove onepasswordImporters from white-list

* Rename safeinCloud test data folder

* Fix onepassword importer type imports
2022-11-11 16:20:03 +01:00
Rui Tomé
235fb8f6ee
[EC-739 / EC-740] Add null check to policyFilter on PolicyService (#4039)
* [EC-739 / EC-740] Add null check to policyFilter on PolicyService

* [EC-739 / EC-740] Add unit tests for policy filter
2022-11-11 15:13:27 +00:00
Thomas Rittson
da47992a22
[EC-272] Web workers using EncryptionService (#3532)
* Add item decryption to encryptService
* Create multithreadEncryptService subclass to handle web workers
* Create encryption web worker
* Refactor cipherService to use new interface
* Update dependencies
2022-10-28 07:38:54 +10:00
Oscar Hinton
5f6f4bad82
[SM-251] Migrate to new avatar component (#3600) 2022-10-27 14:38:34 +02:00
Rui Tomé
849ca1661a
[EC-417] Fix lint by renaming files to match angular filename convention (#3891)
* [EC-417] Rename files to match angular filename convention
2022-10-25 10:47:02 +01:00
Rui Tomé
754ea1e09a
[EC-417] Extracting the app name from the Android user item on CSV import (#3254)
* [EC-417] Extracting the app name from the Android user item on CSV import

* [EC-417] Updated android csv pattern to match starting with 'android://'

* [EC-417] Added unit tests for ChromeCsvImporter
2022-10-25 09:49:57 +01:00
Daniel James Smith
8c59eef257
[PS-1123] Improve hostname and domain retrieval (#3168)
* Add test cases from previous PR https://github.com/bitwarden/jslib/pull/547

* Install tldts as replacement for tldjs

* Use tldts for hostname and domain retrieval/validation

* Remove usage of old tldjs.noop-implementation

* Add handling of about protocol

* Remove usage of tldEndingRegex and use tldts check instead

* Uninstall @types/tldjs and tldjs

* Updated package-lock.json

* Fix accessibility cookie check

* Rename loginUriView.spec to login-uri-view.spec

* Add test for getDomain failing file links

* getHostName - Return null when given, data, about or file links
2022-10-24 19:26:50 +02:00
Oscar Hinton
cf2d3f5382
[SM-288] Rename requests and responses to follow naming convention (#3806) 2022-10-18 19:01:42 +02:00
Oscar Hinton
e941f06bac
[SM-288] Rename models to follow naming convention (#3795) 2022-10-14 18:25:50 +02:00
David Frankel
18bc209b73
[PS-1194] Display Creation Date in Clients (#3181)
* Add CreationDate to common libs

* Add CreationDate to Browser

* Add CreationDate to CLI

* Add CreationDate to Desktop

* Add CreationDate to Web

* Update tests

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-10-11 20:25:27 -05:00
Daniel James Smith
ae5110aaee
Fix linting issue caused by #3259 (#3743) 2022-10-11 13:45:59 -04:00
Rui Tomé
3a298bd989
[EC-377] Transition Policy service into providing observables (#3259)
* Added abstractions for PolicyApiService and PolicyService

* Added implementations for PolicyApiService and PolicyService

* Updated all references to new PolicyApiService and PolicyService

* Deleted old PolicyService abstraction and implementation

* Fixed CLI import path for policy.service

* Fixed main.background.ts policyApiService dependency for policyService

* Ran prettier

* Updated policy-api.service with the correct imports

* [EC-377] Removed methods from StateService that read policies

* [EC-377] Updated policy service getAll method to use observable collection

* [EC-377] Added first unit tests for policy service

* [EC-377] Added more unit tests for Policy Service

* [EC-376] Sorted methods order in PolicyApiService

* [EC-376] Removed unused clearCache method from PolicyService

* [EC-376] Added upsert method to PolicyService

* [EC-376] PolicyApiService putPolicy method now upserts data to PolicyService

* [EC-377] Removed tests for deleted clearCache method

* [EC-377] Added unit test for PolicyService.upsert

* [EC-377] Updated references to state service observables

* [EC-377] Removed getAll method from PolicyService and refactored components to use observable collection

* [EC-377] Updated components to use concatMap instead of async subscribe

* [EC-377] Removed getPolicyForOrganization from policyApiService

* [EC-377] Updated policyAppliesToUser to return observable collection

* [EC-377] Changed policyService.policyAppliesToUser to return observable

* [EC-377] Fixed browser settings.component.ts getting vault timeout

* Updated people.component.ts to get ResetPassword policy through a subscription

* [EC-377] Changed passwordGenerationService.getOptions to return observable

* [EC-377] Fixed CLI generate.command.ts getting enforcePasswordGeneratorPoliciesOnOptions

* [EC-377] Fixed eslint errors on rxjs

* [EC-377] Reverted changes on passwordGeneration.service and vaultTimeout.service

* [EC-377] Removed eslint disable on web/vault/add-edit-component

* [EC-377] Changed AccountData.policies to TemporaryDataEncryption

* [EC-377] Updated import.component to be reactive to policyAppliesToUser$

* [EC-377] Updated importBlockedByPolicy$

* [EC-377] Fixed missing rename

* [EC-377] Updated policyService.masterPasswordPolicyOptions to return observable

* [EC-377] Fixed vaultTimeout imports from merge

* [EC-377] Reverted call to passwordGenerationService.getOptions

* [EC-377] Reverted call to enforcePasswordGeneratorPoliciesOnOptions

* [EC-377] Removed unneeded ngOnDestroy

* Apply suggestions from code review

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* [EC-377] Fixed login.component.ts and register.component.ts

* [EC-377] Updated PolicyService to update vaultTimeout

* [EC-377] Updated PolicyService dependencies

* [EC-377] Renamed policyAppliesToUser to policyAppliesToActiveUser

* [EC-377] VaultTimeoutSettings service now gets the vault timeout directly instead of using observables

* [EC-377] Fixed unit tests by removing unneeded vaultTimeoutSettingsService

* [EC-377] Set getDecryptedPolicies and setDecryptedPolicies as deprecated

* [EC-377] Set PolicyService.getAll as deprecated and updated to use prototype.hasOwnProperty

* [EC-565] Reverted unintended change to vaultTimeoutSettings that was causing a bug to not display the correct vault timeout

* [EC-377] Removed unneeded destroy$ from preferences.component.ts

* [EC-377] Fixed policy.service.ts import of OrganizationService

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: mimartin12 <77340197+mimartin12@users.noreply.github.com>
2022-10-11 13:08:48 +01:00
Oscar Hinton
f6b2b75ad8
Forbid substitute (#3734) 2022-10-10 17:19:01 +02:00
Thomas Rittson
162db0b600
[EC-582] Add domain object serialization (#3623) 2022-10-04 06:50:43 +10:00
Justin Baur
c6dccc354c
[PS-1092] Organization Service Observables (#3462)
* Update imports

* Implement observables in a few places

* Add tests

* Get all clients working

* Use _destroy

* Address PR feedback

* Address PR feedback

* Address feedback
2022-09-27 16:25:19 -04:00
Thomas Rittson
5ffa3ccd20
Prevent banned imports into libs/common (#3599)
Also fix typescript-eslint/parser config and fix linting errors
2022-09-27 11:17:43 +10:00
Matt Gibson
df9e6e21c9
Ps 1291/apply to from json pattern to state (#3425)
* Clean up dangling behaviorSubject

* Handle null in utils

* fix null check

* Await promises, even in async functions

* Add to/fromJSON methods to State and Accounts

This is needed since all storage in manifest v3 is key-value-pair-based
and session storage of most data is actually serialized into an
encrypted string.

* Simplify AccountKeys json parsing

* Fix account key (de)serialization

* Remove unused DecodedToken state

* Correct filename typo

* Simplify keys `toJSON` tests

* Explain AccountKeys `toJSON` return type

* Remove unnecessary `any`s

* Remove unique ArrayBuffer serialization

* Initialize items in MemoryStorageService

* Revert "Fix account key (de)serialization"

This reverts commit b1dffb5c2c, which was breaking serializations

* Move fromJSON to owning object

* Add DeepJsonify type

* Use Records for storage

* Add new Account Settings to serialized data

* Fix failing serialization tests

* Extract complex type conversion to helper methods

* Remove unnecessary decorator

* Return null from json deserializers

* Remove unnecessary decorators

* Remove obsolete test

* Use type-fest `Jsonify` formatting rules for external library

* Update jsonify comment

Co-authored-by: @eliykat

* Remove erroneous comment

* Fix unintended deep-jsonify changes

* Fix prettierignore

* Fix formatting of deep-jsonify.ts

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2022-09-22 07:51:14 -05:00
Thomas Rittson
233c85f7a3
[EC-515] Re-enable node consoleLog.service test (#3448) 2022-09-08 08:02:53 +10:00
Thomas Rittson
cff2422d7f
[EC-499] Add encryptService to domain model decryption (#3385)
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-09-02 11:15:19 +10:00
Rui Tomé
595412c5fe
[EC-381] Transition settings service into providing observables (#3253)
* [EC-381] Deleted unused method clearCache from Settings Service

* [EC-381] Marked settings methods as obsolete on State service

* [EC-381] Using observables on settings service

* [EC-381] Added unit tests for Settings service

* [EC-381] Checking userId on clear

* [EC-381] Updated references to StateService activeAccountUnlocked$

* [EC-381] Updated getEquivalentDomains to return observable

* [EC-381] Updated settings service to user concatMap on activeAccountUnlocked$

* [EC-381] Renamed getEquivalentDomains to equivalentDomains

* [EC-381] Completing Behaviors on settings.service tests

* [EC-381] Removed unused settingsPrefix from settings service

* [EC-381] Removed equivalentDomains from settings service and added type AccountSettingsSettings

* [EC-381] Updated settings service settings$ to not be nullable

* [EC-381] Settings default to {}
2022-08-30 15:19:09 +01:00
Daniel James Smith
4c5a46ce13
[PS-1363] Tech debt and small refactorings (#3377)
* Remove cast to any as Utils.gobal got typed with #3131

* BitwardenFileUploadService: Remove unneeded dependency

* Remove allowSoftLock from vaultTimeoutService

* ImportService: Remove dependency on PlatformUtilsSvc
2022-08-25 19:09:27 +02:00
Matt Gibson
5339344630
PS-1133 Feature/mv3 browser observable memory caching (#3245)
* Create sessions sync structure

* Add observing to session-syncer

* Do not run syncer logic in decorator tests

* Extract test constants

* Change Observables to BehaviorSubject

* Move sendMessage to static method in BrowserApi

* Implement session sync

* only watch in manifest v3

* Use session sync on folder service

* Add array observable sync

* Bypass cache on update from message

* Create feature and dev flags for browser

* Protect development-only methods with decorator

* Improve todo comments for long-term residency

* Use class properties in init

* Do not reuse mocks

* Use json (de)serialization patterns

* Fix failing session storage in dev environment

* Split up complex EncString constructor

* Default false for decrypted session storage

* Try removing hydrate EncString method

* PR review

* PR test review
2022-08-16 07:05:03 -05:00
Thomas Rittson
4a1c3eb1ec
[EC-423] Fix unit tests (#3265)
* Create base jest.config file

* Fix various tests that were broken

* Add maxWorkers to jest config

* Undo change to testEnvironment

* Enable tsconfig.spec.json
2022-08-11 11:35:08 +10:00
Justin Baur
43d428b3df
[PS-816] Add Autofill Shortcut to MV3 Extension (#3131)
* Work on background service worker.

* Work on shortcuts

* Work on supporting service worker

* Put new background behind version check

* Fix build

* Use new storage service

* create commands from crypto service (#2995)

* Work on service worker autofill

* Got basic autofill working

* Final touches

* Work on tests

* Revert some changes

* Add modifications

* Remove unused ciphers for now

* Cleanup

* Address PR feedback

* Update lock file

* Update noop service

* Add chrome type

* Handle "/" in branch names

Updates web workflow to handle the `/` in branch names when it's a PR.

* Remove any

Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Micaiah Martin <77340197+mimartin12@users.noreply.github.com>
2022-08-09 21:30:26 -04:00
Daniel James Smith
cfc8858ef9
Fix active account and searchBar observables/subscriptions (#3268)
* Change subscription to rely on observables and not on BehaviourSubject

* Ensure OnDestroy is added to AppComponent

* Fix check for no active accounts to redirect to the login page instead of lock

* Change subscription handling on SearchBarService

* Fix naming convention: Observables should have a $ suffix

* Remove obsolete linter hint

* Fix activeAccountUnlocked getting exposed as Observable but is instantiated as BehaviourSubject
2022-08-09 21:11:51 +02:00
Daniel James Smith
a1e536a5ef
[PS-1175] Resolve issue with processReload not executing (#3240)
* Removed check for getBiometricLocked
It always returned false even when no biometrics were used.

* Remove the other check for getBiometricsLocked

* Ensure that biometricFingerprintValidation is reset, when biometrics are disabled

* Removed getBiometricsLocked and setBiometricsLocked
With nothing in the codebase reading the state of getBiometricsLocked, I've removed all places where it was set or saved.

* Refactor execution of reload into a separate method

* Conditonally pass the window object to `BrowserApi.reloadExtension`

* Clarify in comment, that the PIN has to be set with ask for Master Password on restart

* Ensure the process reload is executed on logout

* Use accounts instead of lastActive == null to determine a reload on logout

* Moved identical logic from desktop and browser into system.service

* Simplified check for refresh to handle no accounts found, logout, lock with lastActive longer than 5 seconds
2022-08-05 20:04:27 +02:00
Thomas Rittson
8626e1d4e6
[EC-281] Add de/serialization methods to CipherView objects (#2970) 2022-08-05 08:07:24 +10:00
Thomas Rittson
83c0456340
[EC-364] Expose key getters on CryptoService (#3170)
* Move resolveLegacyKey to encryptService for utf8 decryption

* Deprecate account.keys.legacyEtmKey

Includes migration to tidy up leftover data

* Use new IEncrypted interface
2022-08-04 07:09:36 +10:00
Oscar Hinton
2011131bb2
[PS-182] Upgrade Angular to V14 (#2948) 2022-07-26 14:48:11 +02:00
Thomas Rittson
c90eb42ead
[EC-271] Refactor CryptoService - move symmetric encryption to EncryptService (#3042)
* move decryptFromBytes, decryptToBytes, and encryptToBytes from CryptoService to EncryptService
* leave redirects in CryptoService
* combine encryptService decryptFromBytes and decryptToBytes methods
* move parsing logic into EncArrayBuffer
* add tests
2022-07-26 11:40:32 +10:00
Oscar Hinton
5c57b5e663
Fix folder tests (#3171) 2022-07-25 13:53:22 +02:00
Thomas Rittson
5e84c630a8
[EC-135] Delay decryption of provider-encrypted org keys (#2902) 2022-07-13 07:08:07 +10:00
Oscar Hinton
23253b3882
[PS-1078] Refactor FolderService to use Observables (#3022) 2022-07-12 20:25:18 +02:00
Oscar Hinton
f79c4f0c65
Extract API logic from FolderService to FolderApiService (#3011) 2022-07-08 15:40:31 +02:00
Matt Gibson
399b8c2b34
PS-813 Add memory storage to state service (#2892)
* Use abstract methods and generics in StorageService

* Prepend `Abstract` to abstract classes

* Create session browser storage service

* Use memory storage service for state memory

* Inject memory storage service

* Maintain filename extensions to help ide formatting

* Preserve state if it's still in memory

* Use jslib's memory storage service

* linter

* Create prototypes on stored objects

* standardize package scripts

* Add type safety to `withPrototype` decorators

* webpack notify manifest version

* Fix desktop

* linter

* Fix script

* Improve prototye application

* do not change prototype if it already matches desired
* fix error with object values prototype application

* Handle null state

* Apply prototypes to browser-specific state

* Add angular language server to recommended extensions

* Improve browser state service tests

* Start testing state Service

* Fix abstract returns

* Move test setup files to not be picked up by default glob matchers

* Add key generation service

* Add low-dependency encrypt service

* Back crypto service with encrypt service.

We'll want to work items that don't require state over to encrypt service

* Add new storage service and tests

* Properly init more stored values

* Fix reload issues when state service is recovering state from session storage

Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Justin Baur <admin@justinbaur.com>

* Simplify encrypt service

* Do not log mac failures for local-backed session storage

* `content` changed to `main` in #2245

* Fix CLI

* Remove loggin

* PR feedback

* Merge remote-tracking branch 'origin/master' into add-memory-storage-to-state-service

* Fix desktop

* Fix decrypt method signature

* Minify if not development

* Key is required

Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Justin Baur <admin@justinbaur.com>
2022-06-27 12:38:12 -05:00
Oscar Hinton
bc639688e8
Use NPM workspace (#2874) 2022-06-14 17:10:53 +02:00
Hinton
d7492e3cf3 Move to libs 2022-06-03 16:24:40 +02:00