1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-29 12:55:21 +01:00
Commit Graph

559 Commits

Author SHA1 Message Date
Cesar Gonzalez
8e047f615e
[PM-3574] Fix leak of login credentials to foreign origin due to race condition during autofill (#6700)
* [PM-3574] Fix leak of login credentials to foreign origin due to race condition during autofill

* [PM-3574] Adding a temporary artificial delay to facilitate QA testing

* [PM-3574] Adding a temporary artificial delay to facilitate QA testing

* [PM-4590] Cached Page Details of Formless Input Fields Breaks Autofill

* [PM-3574] Reworking implementation to take into account the page details url

* [PM-3574] Fixing jest tests

* [PM-3574] Fixing jest tests

* [PM-3574] Removing 5 second delay on autofill
2023-11-15 13:17:11 -06:00
xnick
c1f827069d
[PM-969] Fix card number not being populated for Greek provider Eurobank. (#4648)
* Fix card number not being populated for Greek provider Eurobank.

They use the identifier `card.pan` for the card number, both in the `name` attr and the `id`.

* Replace the dot with a dash so that it can be removed in isFieldMatch.

---------

Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com>
2023-11-15 13:09:59 -05:00
Jonathan Prusik
1cbe67d192
[PM-4414] Bugfix - On page URL change, display notifications that have not been dismissed nor expired (#6637)
* on page location change, display notifications that have not been dismissed nor expired

* also dismiss notifications when removing them from the queue during cleanup

* cleanup
2023-11-15 12:05:19 -05:00
KL4RKS
5a879e59c6
Add to TotpFieldNames array in autofill-constants.ts (#6501)
"approvals_code", -- facebook.com
"code", -- cash.app, docker.com, dropbox.com, evernote.com, lincolnfinancial.com, 
"otc", -- live.com
"otc-code", -- evernote.com
"otp-code", -- getpostman.com
"otpcode", -- amazon.com
"pin", -- linkedin.com
"security_code", -- docusign.com
"twofa", -- https://github.com/bitwarden/clients/pull/6413 (but lowercased to match convention)
"verificationCode", -- bestbuy.com

Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com>
2023-11-14 10:34:24 -05:00
pejeio
77be62a4b7
[PM-4108] Add "twoFa" to the TotpFieldNames array in autofill-constants.ts (#6413)
* Update autofill-constants.ts

add "twoFa" to the TotpFieldNames constant

* add "twoFa" to the TotpFieldNames array in autofill-constants.ts
2023-11-13 10:47:47 -05:00
github-actions[bot]
1e41d278e7
Autosync the updated translations (#6852)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-11-10 07:17:38 +00:00
Justin Baur
e1b5b83723
Add State Provider Framework (#6640)
* Add StateDefinition

Add a class for encapsulation information about state
this will often be for a domain but creations of this will
exist outside of a specific domain, hence just the name State.

* Add KeyDefinition

This adds a type that extends state definition into another sub-key
and forces creators to define the data that will be stored and how
to read the data that they expect to be stored.

* Add key-builders helper functions

Adds to function to help building keys for both keys scoped
to a specific user and for keys scoped to global storage.

Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>

* Add updates$ stream to existing storageServices

Original commit by Matt: 823d9546fe
Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>

* Add fromChromeEvent helper

Create a helper that creats an Observable from a chrome event
and removes the listener when the subscription is completed.

* Implement `updates$` property for chrome storage

Use fromChromeEvent to create an observable from chrome
event and map that into our expected shape.

* Add GlobalState Abstractions

* Add UserState Abstractions

* Add Default Implementations of User/Global state

Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>

* Add Barrel File for state

Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>

* Fix ChromeStorageServices

* Rework fromChromeEvent

Rework fromChromeEvent so we have to lie to TS less and
remove unneeded generics. I did this by caring less about
the function and more about the parameters only.

Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>

* Fix UserStateProvider Test

* Add Inner Mock & Assert Calls

* Update Tests to use new keys

Use different key format

* Prefer returns over mutations in update

* Update Tests

* Address PR Feedback

* Be stricter with userId parameter

* Add Better Way To Determine if it was a remove

* Fix Web & Browser Storage Services

* Fix Desktop & CLI Storage Services

* Fix Test Storage Service

* Use createKey Helper

* Prefer implement to extending

* Determine storage location in providers

* Export default providers publicly

* Fix user state tests

* Name tests

* Fix CLI

* Prefer Implement In Chrome Storage

* Remove Secure Storage Option

Also throw an exception for subscribes to the secure storage observable.

* Update apps/browser/src/platform/browser/from-chrome-event.ts

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Enforce state module barrel file

* Fix Linting Error

* Allow state module import from other modules

* Globally Unregister fromChromeEvent Listeners

Changed fromChromeEvent to add its listeners through the BrowserApi, so that
they will be unregistered when safari closes.

* Test default global state

* Use Proper Casing in Parameter

* Address Feedback

* Update libs/common/src/platform/state/key-definition.ts

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Add `buildCacheKey` Method

* Fix lint errors

* Add Comment

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Use Generic in callback parameter

* Refactor Out DerivedStateDefinition

* Persist Listener Return Type

* Add Ticket Link

---------

Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2023-11-09 17:06:42 -05:00
Cesar Gonzalez
cf6ada531e
[PM-3914] Refactor Browser Extension Popout Windows (#6296)
* [PM-3914] Refactor Browser Extension Popouts

* [PM-3914] Refactor Browser Extension Popouts

* [PM-3914] Refactor Browser Extension Popouts

* [PM-3914] Adding enums for the browser popout type

* [PM-3914] Making the methods for getting a window in a targeted manner public

* [PM-3914] Refactoing implementation

* [PM-3914] Updating deprecated api call

* [PM-3914] Fixing issues found when testing behavior

* [PM-3914] Reimplementing behavior based on feedback from platform team

* [PM-3914] Adding method of ensuring previously opened single action window is force closed for vault item password reprompts

* [PM-3914] Taking into consideration feedback regarding the browser popup utils service and implementating requested changes

* [PM-3914] Removing unnecesssary class dependencies

* [PM-3914] Adding method for uniquely setting up password reprompt windows

* [PM-3914] Modifying method

* [PM-3914] Adding jest tests and documentation for AuthPopoutWindow util

* [PM-3914] Adding jest tests and documentation for VaultPopoutWindow

* [PM-3914] Adding jest tests for the debouncing method within autofill service

* [PM-3914] Adding jest tests for the new BrowserApi methods

* [PM-3914] Adding jest tests to the BrowserPopupUtils class

* [PM-3914] Updating inPrivateMode reference

* [PM-3914] Updating inPrivateMode reference

* [PM-3914] Modifying comment

* [PM-3914] Moviing implementation for openCurrentPagePopout to the BrowserPopupUtils

* [PM-3914] Applying feedback

* [PM-3914] Applying feedback

* [PM-3914] Applying feedback

* [PM-3983] Refactoring implementation of `setContentScrollY` to facilitate having a potential delay

* [PM-3914] Applying feedback regarding setContentScrollY to the implementation

* [PM-3914] Modifying early return within the run method of the ContextMenuClickedHandler

* [PM-3914] Adding test for VaultPopoutWindow

* [PM-3914] Applying work done within PM-4366 to facilitate opening the popout window as a popup rather than a normal window

* [PM-3914] Updating the BrowserApi.removeTab method to leverage a callback structure for the promise rather than an async away structure

* [PM-3036] Adding jest tests for added passkeys popout windows

* [PM-3914] Adjsuting logic for turning off the warning when FIDO2 credentials are saved

* [PM-3914] Fixing height to design

* [PM-3914] Fixing call to Fido2 Popout

* [PM-3914] Fixing add/edit from fido2 popout

* [PM-3914] Fixing add/edit from fido2 popout

* [PM-3914] Fixing jest tests for updated elements

* [PM-3914] Reverting how context menu actions are passed to the view component

* [PM-3914] Reverting re-instantiation of config service within main.background.ts

* [PM-3914] Adding jest test for BrowserAPI removeTab method

* [PM-3914] Adding method to handle parsing the popout url path

* [PM-3914] Removing JSDOC comment elements

* [PM-3914] Removing await from method call

* [PM-3914] Simplifying implementation on add/edit

* [PM-3032] Adding more direct reference to view item action in context menus

* [PM-3914] Adjusting routing on Fido2 component to pass the singleActionPopout param to the route when opening the add-edit component

* [PM-3914] Adding singleActionPopout param to the fido2 component routing

* [PM-3914] Updating implementation details for how we build the extension url path

* [PM-3914] Reworking implementation for isSingleActionPopoutOpen to clean up iterative logic

* [PM-3914] Merging work from master and fixing merge conflicts

* [PM-3914] Fixing merge conflict introduced from master

* [PM-3914] Reworking closure of single action popouts to ensure they close the window instead of attempting to close the tab

* [PM-3914] Fixing issue within Opera where lock and login routes can persist if user opens the extension popout in a new window before locking or logging out

* [PM-3914] Setting the extensionUrls that are cheked as a variable outside of the scope fo the openUlockPopout method to ensure it does not have to be rebuilt each time the method is called
2023-11-08 12:57:44 -06:00
Cesar Gonzalez
5fa630aac2
[PM-4590] Cached Page Details of Formless Input Fields Breaks Autofill (#6726) 2023-11-07 13:37:30 +00:00
github-actions[bot]
4fe3d36f10
Bumped browser version to 2023.10.2 (#6816)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-11-06 20:42:24 -05:00
Andreas Coroiu
ffd08a6d6d
[PM-4678] [Defect] Passkey browser fallback broken on iCloud (#6783)
* [PM-4678] fix: add cross-origin frame handling

* [PM-4678] feat: force window and tab focus
2023-11-06 11:14:48 -05:00
Andreas Coroiu
200189c895
[PM-4531] feat: completely disable fido2 injection for excluded sites (#6801) 2023-11-06 11:13:24 -05:00
Andreas Coroiu
e88d0acc8d
[PM-4704] feat: filter non-webauthn calls to credmanager apis (#6803) 2023-11-06 10:42:39 -05:00
github-actions[bot]
456355d07b
Autosync the updated translations (#6779)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-11-06 15:01:59 +00:00
Andreas Coroiu
197059d4fa
[PM-4688] Automatically fallback on passkey retrieval if no passkeys are found (#6787)
* [PM-4688] feat: auto-fallback when credential not found

* [PM-4688] fix: don't show popup unless needed
2023-11-03 12:27:55 -05:00
Andreas Coroiu
62e1e165c4
[PM-4531] Do not override webauthn on excluded domains (#6790)
* [PM-4531] feat: bypass fido2 if origin present in neverDomains

* [PM-4531] feat: bypass fido2 during asserts as well

* [PM-4531] fix: crashes when using `localhost`

* [PM-4531] fix: add missing check

* [PM-4531] fix: broken TLD logic

* [PM-4531] feat: only allow localhost
2023-11-03 12:27:32 -05:00
Andreas Coroiu
665aa2fc0d
[PM-4693] feat: fallback on window close (#6791) 2023-11-03 12:26:36 -05:00
Jared Snider
161c1c63ff
Auth/PM-3275 - Changes to support TDE User without MP being able to Set a Password (#6281)
* PM-3275 - Policy.service - Refactor existing mapPoliciesFromToken internal logic to provide public mapPolicyFromResponse method

* PM-3275 - Add new PolicyApiService.getMasterPasswordPolicyOptsForOrgUser method for use in the set password comp

* PM-3275 - Update set-password.comp to use new policyApiService.getMasterPasswordPoliciesForInvitedUsers method

* PM-3275 - (1) Remove post TDE AuthN set password routing logic from SSO/2FA comps as we cannot set an initial user password until after decryption in order to avoid losing the ability to decrypt existing vault items (a new user key would be created if one didn't exist in memory) (2) Add set password routing logic post TDE decryption in LoginWithDevice/Lock components (3) Add new ForceResetPasswordReason to capture this case so that we can guard against users manually navigating away from the set password screen

* PM-3275 - SyncSvc - Add logic for setting forcePasswordReset reason if TDE user w/out MP went from not having MP reset permission to having it.

* PM-3275 - Rename ForceResetPasswordReason enum to ForceSetPasswordReason + update all references.

* PM-3275 - Removing client deprecated calls to getPoliciesByInvitedUser and helper call getMasterPasswordPoliciesForInvitedUsers

* PM-3275 - PolicyAPI service - remove no longer necessary getPoliciesByInvitedUser method

* PM-3275 - LockComp - TODO cleanup

* PM-3275 - SSO & 2FA comp - cleanup of incorrect routing path

* PM-3275 - (1) State service refactor - change getForcePasswordResetReason / setForcePasswordResetReason to be getForceSetPasswordReason / setForceSetPasswordReason (2) Sync Service - encapsulate setForceSetPasswordReasonIfNeeded logic into own method

* PM-3275 - SetPassword Comp - Rename "identifier" to be "orgSsoIdentifier" for clarity

* PM-3275 - SetPasswordComp - Moving routing from SSO / 2FA comps to Lock / LoginWithDevice comps results in a loss of the the OrgSsoId.  However, as part of the TDE work, we added the OrgSsoId to state so use that as a fallback so we can accurately evaluate if the user needs to be auto enrolled in admin account recovery.

* PM-3275 - SetPasswordComp - add a bit more context to why/when we are reading the user org sso id out of state

* PM-3275 - SetPassword Comp - (1) Add forceSetPasswordReason and ForceSetPasswordReason enum as public props on the class so we can change copy text based on which is set + set  forceSetPasswordReason on ngOnInit (2) Refactor ngOnInit to use a single RxJs observable chain for primary logic as the auto enroll check was occurring before the async getUserSsoOrganizationIdentifier could finish.

* PM-3275 - Desktop - App comp - missed replacing getForcePasswordResetReason with getForceSetPasswordReason

* PM-3275 - TDE Decryption Option Comps - must set ForceSetPasswordReason so that we can properly enforce keeping the user on the component + display the correct copy explaining the scenario to the user.

* PM-3275 - All Clients - SetPasswordComp html - Update page description per product + remove no longer used ssoCompleteRegistration translation.

* PM-3275 - SetPasswordComp - hopefully the final puzzle piece - must clear ForceSetPasswordReason in order to let user navigate back to vault.

* PM-3275 - SyncService - Remove check for previous value of account decryption options hasManageResetPasswordPermission as when a user logged in on a trusted device after having their permissions updated, the initial setting would be true and it would cause the flag to NOT be set when it should have.

* PM-3275 - TDE User Context - (1) Remove explicit navigation to set password screen from post decryption success scenarios on lock & login w/ device comps (2) Move TdeUserWithoutPasswordHasPasswordResetPermission flag setting to SSO / 2FA components to support both trusted and untrusted device scenarios (both of which are now caught by the auth guard).

* PM-3275 - (1) SetPassword comp - adjust set password logic for TDE users to avoid creating a new user asymmetric key pair and setting a new private key in memory. (2) Adjust SetPasswordRequest to allow null keys

* PM-3275 - Remove unused route from login with device comp

* PM-3275 - Sso & 2FA comp tests - Update tests to reflect new routing logic when TDE user needs to set a password

* PM-3275 - Lock comp - per PR feedback, remove unused setPasswordRoute property.

* PM-3275 - SetPasswordComp - Per PR feedback, use explicit null check

* PM-3275 - Per PR Feedback, rename missed forcePasswordResetReason to be forceSetPasswordReason on account model

* PM-3275 - Auth guard - rename forcePasswordResetReason to forceSetPasswordReason

* PM-3275 - SSO / 2FA comps - Per PR feedback, refactor Admin Force Password reset handling to be in one place above the TDE user flows and standard user flows as it applies to both.

* PM-3275 - Per PR feedback, clarify 2FA routing comment

* PM-3275 - Per PR feedback, update set-password comp ngOnInit switchMaps to just return promises as switchMap converts promises to observables internally.

* PM-3275 - Per PR feedback, refactor set password ngOnInit observable chain to avoid using async subscribe and instead simply sequence the calls via switchMap and tap for side effects.

* PM-3275 - Per PR feedback, move tap after filter so we can remove if check

* PM-3275 - Per PR feedback, update policy service mapping methods to use shorthand null checking.

* PM-3275 - SetPassword comp - (1) Move force set password reason logic into onSetPasswordSuccess(...) (2) On onSetPasswordSuccess, must set hasMasterPassword to true for user verification scenarios.

* PM-3275 - Per PR feedback, remove new hasManageResetPasswordPermission flag from profile response and instead simply read the information off the existing profile.organizations data as the information I needed was already present.

* PM-4633 - PolicyService - mapPolicyFromResponse(...) - remove incorrect null check for data.  Policies with internal null data property should still be evaluated and turned into Policy objects or the policy array ends up having null values in it and it causes errors down the line on login after acct creation.
2023-11-03 11:33:10 -04:00
github-actions[bot]
64152b6ed2
Bumped browser version to 2023.10.1 (#6777)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-11-02 16:43:14 -07:00
rr-bw
e3f6f4d1f9
send to webVault url (#6557) 2023-10-31 08:57:50 -07:00
Oscar Hinton
485be21826
[PM-4360] Move organization-domain and organization-user to admin console (#6630)
* Move organization-domain and organization-user to admin console
2023-10-30 22:32:57 +01:00
Will Martin
c325e996f9
[PM-4357] remove disableClose on BrowserSyncVerificationDialog and AwaitDesktopDialog (#6730)
* remove disableClose on BrowserSyncVerificationDialogComponent

* remove disableClose from AwaitDesktopDialogComponent
2023-10-30 12:24:26 -04:00
Justin Baur
d650e94a61
[PM-2910] Add Account Switching Page (#6701)
* Collate browser header concerns into component

Header component has a slots field with a left, center, right, and a
right-most location for a current account, which will link to an account
switcher.

* Use feature flag if OK for production eventually

* Make sure centered content centered

* Allow for disabling header theming for login page

visual gitches exist for links and buttons, due to specifications futher down in the header, but those
items shouldn't use the `no-theme` option. For now, it's just for the
login screen

* Add Account Switching Component

* Collate browser header concerns into component

Header component has a slots field with a left, center, right, and a
right-most location for a current account, which will link to an account
switcher.

* Use feature flag if OK for production eventually

* Add Account Switching Component

* Fix Rebase Issues

* Remove Comments

* Move AccountSwitcher Logic Into Service

* Rename File

* Move Router to Component

* Add Tests for AccountSwitcherService

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2023-10-30 15:34:42 +00:00
github-actions[bot]
3ae92cf83d
Autosync the updated translations (#6721)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-10-30 08:47:22 +00:00
Todd Martin
8e09b6d66b
Bypass user verification on add-edit component as well. (#6713) 2023-10-26 14:10:02 -04:00
Todd Martin
3e62559f44
[PM-4580] Removed user verification requirement (#6711)
* Revert the undefined UV check.

* Adjusted formatting

* Remove restriction on passkeys for users without MPs.

* Removed user verification checks
2023-10-26 17:01:20 +00:00
Andreas Coroiu
8d2a1a89b7
[PM-4553] [Defect] Browser fallback fails on first click on bitwarden (#6706)
* [PM-4553] feat: add focus listener to parent

* [PM-4553] feat: user `window.top` instead
2023-10-26 12:41:37 -04:00
Matt Gibson
782f592c98
Ps/pm 2910/browser header component (#6641)
* Collate browser header concerns into component

Header component has a slots field with a left, center, right, and a
right-most location for a current account, which will link to an account
switcher.

* Use feature flag if OK for production eventually

* Make sure centered content centered

* Allow for disabling header theming for login page

visual gitches exist for links and buttons, due to specifications futher down in the header, but those
items shouldn't use the `no-theme` option. For now, it's just for the
login screen

* Select sr-only headers

* Fix vault-filter center header component

* Correct hover for header buttons/links

* Ensure no visual difference when flag is off
2023-10-25 18:27:32 +00:00
rr-bw
5868d76b91
[PM-3198][PM-3199] Rename PasswordlessLoginStrategy (#6425)
* rename to LoginWithDeviceLoginStrategy

* rename LoginWithDeviceComponent

* update translation for web route

* rename strategy to AuthRequestLoginStrategy

* rename PasswordlessLogInCredentials and PasswordlessCreateAuthRequest

* rename setPasswordlessAccessCode

* rename startPasswordlessLogin() in template files

* rename startPasswordlessLogin() for browser template file

* rename AuthenticationType.Passwordless

* standardize LogInStrategy to LoginStrategy

* standardize PasswordLogInStrategy to PasswordLoginStrategy

* standardize SsoLogInStrategy to SsoLoginStrategy

* standardize UserApiLogInStrategy to UserApiLoginStrategy

* standardize naming of login credentials

* rename log-in-credentials.ts to login-credentials.ts
2023-10-25 11:15:05 -07:00
André Bispo
ae5f8879c7
[PM-3572] Fix timeout action value load on init (#6620) 2023-10-25 15:21:40 +01:00
Will Martin
5b1c1d50eb
add lastpass mfa dialog variant scaffolding; add yubikey variant (#6687) 2023-10-25 12:40:00 +00:00
Kyle Spearrin
afc9128653
[PM-4419] Add lastpass direct importer to browser (#6638)
* Split up import/export into separate modules

* Fix routing and apply PR feedback

* Renamed OrganizationExport exports to OrganizationVaultExport

* Make import dialogs standalone and move them to libs/importer

* Make import.component re-usable

- Move functionality which was previously present on the org-import.component into import.component
- Move import.component into libs/importer
Make import.component standalone
Create import-web.component to represent Web UI
Fix module imports and routing
Remove unused org-import-files

* Enable importing on deskop

Create import-dialog
Create file-menu entry to open import-dialog
Extend messages.json to include all the necessary messages from shared components

* Renamed filenames according to export rename

* Make ImportWebComponent standalone, simplify routing

* Pass organizationId as Input to ImportComponent

* use formLoading and formDisabled outputs

* use formLoading & formDisabled in desktop

* Emit an event when the import succeeds

Remove Angular router from base-component as other clients might not have routing (i.e. desktop)
Move logic that happened on web successful import into the import-web.component

* Enable importing on deskop

Create import-dialog
Create file-menu entry to open import-dialog
Extend messages.json to include all the necessary messages from shared components

* use formLoading & formDisabled in desktop

* Add missing message for importBlockedByPolicy callout

* Remove commented code for submit button

* Implement onSuccessfulImport to close dialog on success

* fix table themes on desktop & browser

* fix fileSelector button styles

* update selectors to use tools prefix; remove unused selectors

* update selectors

* Wall off UI components in libs/importer

Create barrel-file for libs/importer/components
Remove components and dialog exports from libs/importer/index.ts
Extend libs/shared/tsconfig.libs.json to include @bitwarden/importer/ui -> libs/importer/components
Extend apps/web/tsconfig.ts to include @bitwarden/importer/ui
Update all usages

* Rename @bitwarden/importer to @bitwarden/importer/core

Create more barrel files in libs/importer/*
Update imports within libs/importer
Extend tsconfig files
Update imports in web, desktop, browser and cli

* import-lastpass wip

* Lazy-load the ImportWebComponent via both routes

* Fix import path for ImportComponent

* add validation; add shared folders field

* clean up logic

* fill fileContent on account change

* Use SharedModule as import in import-web.component

* show spinner on pending validation; properly debounce; refactor to loadCSVData func

* fix pending submit guard

* hide on web, show on desktop & browser

* reset user agent fieldset styles

* fix validation

* File selector should be displayed as secondary

* update validation

* Fix setUserTypeContext always throwing

* refactor to password dialog approach

* remove control on destroy; dont submit on enter keydown

* helper to serialize vault accounts (#6556)

* helper to serialize vault accounts

* prettier

* add prompts

* Add missing messages for file-password-prompt

* Add missing messages for import-error-dialog

* Add missing message for import-success-dialog

* Create client-info

* Separate submit and handling import, add error-handling

* Move catch and error handling into submit

* Remove AsyncValidator logic from handleImport

* Add support for filtering shared accounts

* add sso flow to lp import (#6574)

* stub out some sso flow

* use computer props

* lastpass callback

* baseOpenIDConnectAuthority

* openIDConnectAuthorityBase

* comments

* camelCase user type context model

* processSigninResponse

* Refactor handleImport

* use large dialogSize

* remove extra setUserTypeContext

* fix passwordGenerationService provider; pass all errors to ValidationErrors

* add await SSO dialog & logic

* Move lastpass related files into separate folder

* Use bitSubmit to override submit preventDefault (#6607)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* Use large dialogSize

* revert jslib changes

* PM-4398 - Add missing importWarning

* make ui class methods async

* add LastPassDirectImportService

* update error handling

* add OOB methods (manual passcode only)

* fix typo

* respond to SSO callback

* localize error messages

* remove uneeded comment

* update i18n

* add await sso i18n

* add not implemented error to service

* fix getting k2

* fix k1 bugs

* null checks should not be strict

* update awaiting sso dialog

* update approveDuoWebSdk

* add browser lastpass oidc/sso connector

* add getRedirectUrlWithParams

* params

* rename to getOidcRedirectUrlWithParams

* refactor oob login flow

* Add messages needed for Lastpass import flow

Taken from https://github.com/bitwarden/clients/pull/6541/files#diff-47e9af6d0d7d691a507534f7955edaa9fb37be8cf1c1981fd2ba898e99b6130d

* Update apps/browser/src/connectors/sso.ts

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>

* Update libs/importer/src/components/lastpass/import-lastpass.component.ts

Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>

* fix error

* Removing fieldset due to merge of https://github.com/bitwarden/clients/pull/6626

* Add sso-connector to manifest.v3

* Make linter happy

* Refactoring to push logic into the service vs the component

Move all methods related to MFA-UI into a LastPassDirectImportUIService
Move all logic around the import into a LastPassDirectImportService
The component now only has the necessary flows but no knowledge on how to use the lastpass import lib or the need for a OIDC client

* Remove unneeded passwordGenerationService

* move all import logic to service

* apply code review: remove name attributes; use protected fields; use formGroup.value

* rename submit method and add comment

* update textarea id

* update i18n

* remove rogue todo comment

* Add missing messages forLastpass import

* extract helper asyncValidatorsFinished

* Remove files related to DuoUI we didn't need to differentiate for MFA via Duo

* Add missing import

* use clientType

* triple =

* lastpassAuthResult for web sso connector

* remove browser sso connector

* use web vault for oidc redirect url

* revert formGroup.value access

* process lastpassAuthResult

* simplify message handler logic

* consolidate logic for lastpass auth result

* swap lastpass logic in sso connector

* add email to signInRequest

* add try again error message

* add try again i18n

* consistent clientinfo id (#6654)



---------

Co-authored-by: William Martin <contact@willmartian.com>

* hide on browser

* show LP importer on browser client

* add missing i18n to browser

* add lastpass prefix

* add shared i18n copy to web and browser

* rename deeplink

* use protected field

* rename el ids

* refactor: remove nested conditional

* update form ids in consuming client components

* remove unnecessary return statement

* fix file id

* use ngIf

* use hidden because of getElementById

* Remove OIDC lib logging

* Forward LP sso callback message to LP direct import service

* Add missing collection label

* Add missing `invalidFilePassword` to messages.json

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: William Martin <contact@willmartian.com>
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
2023-10-24 18:37:48 +00:00
Will Martin
bf1016f1fd
[PM-4433] fix scrolling in browser importer (#6681) 2023-10-24 13:57:54 -04:00
Andreas Coroiu
c3e56152cd
[PM-4401] fix: wait for focus before triggering fallback (#6670)
* [PM-4401] fix: wait for focus before triggering fallback

* [PM-4401] feat: add timeout
2023-10-24 12:33:52 -05:00
Matt Gibson
1d2757e42b
Noop notifications for dev (#6671)
* Noop notifications for dev

We rarely have notifications set up for development environments, this
removes the error messages related to missing server notification
services

* Log actions in noop service

* Add line breaks

* Improve log messages

* Ignore local config at all levels
2023-10-24 15:18:23 +02:00
github-actions[bot]
7ff4a157f9
Bumped browser,cli,desktop,web version to 2023.10.0 (#6674)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-10-23 13:12:03 -07:00
Will Martin
ec866c744e
[PM-4195] LastPass importer flow (#6541)
* Split up import/export into separate modules

* Fix routing and apply PR feedback

* Renamed OrganizationExport exports to OrganizationVaultExport

* Make import dialogs standalone and move them to libs/importer

* Make import.component re-usable

- Move functionality which was previously present on the org-import.component into import.component
- Move import.component into libs/importer
Make import.component standalone
Create import-web.component to represent Web UI
Fix module imports and routing
Remove unused org-import-files

* Enable importing on deskop

Create import-dialog
Create file-menu entry to open import-dialog
Extend messages.json to include all the necessary messages from shared components

* Renamed filenames according to export rename

* Make ImportWebComponent standalone, simplify routing

* Pass organizationId as Input to ImportComponent

* use formLoading and formDisabled outputs

* use formLoading & formDisabled in desktop

* Emit an event when the import succeeds

Remove Angular router from base-component as other clients might not have routing (i.e. desktop)
Move logic that happened on web successful import into the import-web.component

* Enable importing on deskop

Create import-dialog
Create file-menu entry to open import-dialog
Extend messages.json to include all the necessary messages from shared components

* use formLoading & formDisabled in desktop

* Add missing message for importBlockedByPolicy callout

* Remove commented code for submit button

* Implement onSuccessfulImport to close dialog on success

* fix table themes on desktop & browser

* fix fileSelector button styles

* update selectors to use tools prefix; remove unused selectors

* update selectors

* Wall off UI components in libs/importer

Create barrel-file for libs/importer/components
Remove components and dialog exports from libs/importer/index.ts
Extend libs/shared/tsconfig.libs.json to include @bitwarden/importer/ui -> libs/importer/components
Extend apps/web/tsconfig.ts to include @bitwarden/importer/ui
Update all usages

* Rename @bitwarden/importer to @bitwarden/importer/core

Create more barrel files in libs/importer/*
Update imports within libs/importer
Extend tsconfig files
Update imports in web, desktop, browser and cli

* import-lastpass wip

* Lazy-load the ImportWebComponent via both routes

* Fix import path for ImportComponent

* add validation; add shared folders field

* clean up logic

* fill fileContent on account change

* Use SharedModule as import in import-web.component

* show spinner on pending validation; properly debounce; refactor to loadCSVData func

* fix pending submit guard

* hide on web, show on desktop & browser

* reset user agent fieldset styles

* fix validation

* File selector should be displayed as secondary

* update validation

* Fix setUserTypeContext always throwing

* refactor to password dialog approach

* remove control on destroy; dont submit on enter keydown

* helper to serialize vault accounts (#6556)

* helper to serialize vault accounts

* prettier

* add prompts

* Add missing messages for file-password-prompt

* Add missing messages for import-error-dialog

* Add missing message for import-success-dialog

* Create client-info

* Separate submit and handling import, add error-handling

* Move catch and error handling into submit

* Remove AsyncValidator logic from handleImport

* Add support for filtering shared accounts

* add sso flow to lp import (#6574)

* stub out some sso flow

* use computer props

* lastpass callback

* baseOpenIDConnectAuthority

* openIDConnectAuthorityBase

* comments

* camelCase user type context model

* processSigninResponse

* Refactor handleImport

* use large dialogSize

* remove extra setUserTypeContext

* fix passwordGenerationService provider; pass all errors to ValidationErrors

* add await SSO dialog & logic

* Move lastpass related files into separate folder

* Use bitSubmit to override submit preventDefault (#6607)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* Use large dialogSize

* revert jslib changes

* PM-4398 - Add missing importWarning

* make ui class methods async

* add LastPassDirectImportService

* update error handling

* add OOB methods (manual passcode only)

* fix typo

* respond to SSO callback

* localize error messages

* remove uneeded comment

* update i18n

* add await sso i18n

* add not implemented error to service

* fix getting k2

* fix k1 bugs

* null checks should not be strict

* update awaiting sso dialog

* update approveDuoWebSdk

* refactor oob login flow

* Removing fieldset due to merge of https://github.com/bitwarden/clients/pull/6626

* Refactoring to push logic into the service vs the component

Move all methods related to MFA-UI into a LastPassDirectImportUIService
Move all logic around the import into a LastPassDirectImportService
The component now only has the necessary flows but no knowledge on how to use the lastpass import lib or the need for a OIDC client

* Remove unneeded passwordGenerationService

* move all import logic to service

* apply code review: remove name attributes; use protected fields; use formGroup.value

* rename submit method and add comment

* update textarea id

* update i18n

* remove rogue todo comment

* extract helper asyncValidatorsFinished

* Remove files related to DuoUI we didn't need to differentiate for MFA via Duo

* Add missing import

* revert formGroup.value access

* add email to signInRequest

* add try again error message

* add try again i18n

* consistent clientinfo id (#6654)



---------

Co-authored-by: William Martin <contact@willmartian.com>

* hide on browser

* add lastpass prefix

* add shared i18n copy to web and browser

* rename deeplink

* use protected field

* rename el ids

* refactor: remove nested conditional

* update form ids in consuming client components

* remove unnecessary return statement

* fix file id

* use ngIf

* use hidden because of getElementById

* Remove OIDC lib logging

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
2023-10-23 17:46:49 +00:00
Daniel James Smith
8067b26dc6
[PM-3554] Add support for alias creation via self-hosted SimpleLogin (#6077)
* Add support for alias creation via self-hosted SimpleLogin

* Add forwardedSimpleLoginBaseUrl to username-gen-options type

* Only show Server Url on web if on selfhosted bitwarden

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2023-10-23 13:48:15 +02:00
github-actions[bot]
c2613af4f6
Autosync the updated translations (#6664)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-10-23 10:07:40 +00:00
github-actions[bot]
6965c5522e
Autosync the updated translations (#6660)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-10-23 09:57:28 +00:00
Daniel James Smith
3e495ab082
Revert "[PM-4290] Add pop out warning on import page (#6645)" (#6651)
* Revert "[PM-4290] Add pop out warning on import page (#6645)"

This reverts commit 8dc81b603d.

* Change icon on `Import items` in browser-settings

Replace the bwi-angle-right icon with the bwi-external-link and rotate it

Box with arrow pointing to the top right indicates external linkg
Box with arrow pointing to the top left indicates popout window

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2023-10-20 16:03:06 -05:00
Andreas Coroiu
c1494b8494
[PM-4401] Re-add manual ngZone.run execution (#6647)
* [PM-4401] feat: add browser messaging api service

* [PM-4401] feat: use new service

* [PM-4401] chore: rename to `ZonedMessageListenerService`

* [PM-4401] chore: remove polyfill
2023-10-20 11:41:26 -05:00
Daniel James Smith
8dc81b603d
[PM-4290] Add pop out warning on import page (#6645)
* No longer popout automatically

* Add FilePopoutCalloutComponent to import-browser

* Hide fileSelector on base import.component when callout is shown

Extend import.component to receive an input to show/hide the FileSelector
Extend import-browser to check if the callout should be shown via the filePopoutUtilsService and pass the returning value onto the base component

* Renamed showFileSelector to hideFileSelector

The default should be to show the fileSelector, so the input should reflect that as an override.

* Added newline between ngOnInit and method below

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2023-10-20 13:24:42 +00:00
Daniel James Smith
35ed8f1d5e
[PM-4306] Extract file-popout-callout component used within Send on browser (#6564)
* Extract callout in send-add-edit into separate component

- Created new file-popout-callout.component
- Register component within app.module
- Replaced usage within send-add-edit.component

* Override popup header style to fix bit-callout

* [PM-4375] Reuse show file selector callout logic (#6606)

* Added FilePopoutUtilsService with the logic of showing/hiding the popout callout and file selector button

* Added documentation to FilePopoutUtilsService

* Added documentation for class and constructor on FilePopoutUtilsService

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
2023-10-20 12:28:36 +02:00
github-actions[bot]
ca7e1b2501
Autosync the updated translations (#6643)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-10-20 09:04:30 +00:00
Daniel James Smith
87dbe8997d
[PM-4209] Enable importing on browser (#6503)
* Split up import/export into separate modules

* Fix routing and apply PR feedback

* Renamed OrganizationExport exports to OrganizationVaultExport

* Make import dialogs standalone and move them to libs/importer

* Make import.component re-usable

- Move functionality which was previously present on the org-import.component into import.component
- Move import.component into libs/importer
Make import.component standalone
Create import-web.component to represent Web UI
Fix module imports and routing
Remove unused org-import-files

* Enable importing on browser

Create import-dialog
Add routing and routing animations
Settings import items no longer navigates to help page but opens import page
Extend messages.json to include all the necessary messages from shared components

* Fix back navigation

* Renamed filenames according to export rename

* Make ImportWebComponent standalone, simplify routing

* Pass organizationId as Input to ImportComponent

* use formLoading and formDisabled outputs

* add loading and disabled state to import-browser

* override popup header styles

* Emit an event when the import succeeds

Remove Angular router from base-component as other clients might not have routing (i.e. desktop)
Move logic that happened on web successful import into the import-web.component

* Enable importing on browser

Create import-dialog
Add routing and routing animations
Settings import items no longer navigates to help page but opens import page
Extend messages.json to include all the necessary messages from shared components

* Fix back navigation

* add loading and disabled state to import-browser

* override popup header styles

* Add missing message for importBlockedByPolicy callout

* Implement onSuccessfulImport to navigate back to settings

* fix table themes on desktop & browser

* fix fileSelector button styles

* update selectors to use tools prefix; remove unused selectors

* rename selector

* Wall off UI components in libs/importer

Create barrel-file for libs/importer/components
Remove components and dialog exports from libs/importer/index.ts
Extend libs/shared/tsconfig.libs.json to include @bitwarden/importer/ui -> libs/importer/components
Extend apps/web/tsconfig.ts to include @bitwarden/importer/ui
Update all usages

* Rename @bitwarden/importer to @bitwarden/importer/core

Create more barrel files in libs/importer/*
Update imports within libs/importer
Extend tsconfig files
Update imports in web, desktop, browser and cli

* Lazy-load the ImportWebComponent via both routes

* Fix import path for ImportComponent

* Navigate to import opens in popout when navigated from the popup

Make import call async and await router navigate
- If the user has the popup open and selects import, it will navigate to the import page and popout into a new window. This is necessary as any focus-loss (i.e Choose file) would close the popup.
- If the user is using the for example the sidebar or an already popped out window, just navigate to import page

* Use SharedModule as import in import-web.component

* File selector should be displayed as secondary

* Update description of "importData" in messages.json

* Add missing messages for file-password-prompt

* Add missing messages for import-error-dialog

* Add missing message for import-success-dialog

* Use bitSubmit to override submit preventDefault (#6607)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* Add missing importWarning

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: William Martin <contact@willmartian.com>
2023-10-19 21:33:41 +01:00
Matt Gibson
cdcd1809f0
Expand account service (#6622)
* Define account service observable responsibilities

* Establish account service observables and update methods

* Update Account Service observables from state service

This is a temporary stop-gap to avoid needing to reroute all account
activity and status changes through the account service. That can be
done as part of the breakup of state service.

* Add matchers for Observable emissions

* Fix null active account

* Test account service

* Transition account status to account info

* Remove unused matchers

* Remove duplicate class

* Replay active account for late subscriptions

* Add factories for background services

* Fix state service for web

* Allow for optional messaging

This is a temporary hack until the flow of account status can be
reversed from state -> account to account -> state. The foreground
account service will still logout, it's just the background one cannot
send messages

* Fix add account logic

* Do not throw on recoverable errors

It's possible that duplicate entries exist in `activeAccounts` exist
in the wild. If we throw on adding a duplicate account this will cause
applications to be unusable until duplicates are removed it is not
necessary to throw since this is recoverable. with some potential loss
in current account status

* Add documentation to abstraction

* Update libs/common/spec/utils.ts

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* Fix justin's comment :fist-shake:

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2023-10-19 15:41:01 -04:00
Andreas Coroiu
790d666929
[PM-4401] Fix zone.js patch compatibility issues in safari (#6633)
* [PM-4401] fix: zone.js patch compatibility issues in safari

* Update apps/browser/src/platform/polyfills/zone-patch-chrome-runtime.ts

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

---------

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2023-10-19 14:21:53 -04:00
Daniel James Smith
9e290a3fed
[PM-4222] Make importer UI reusable (#6504)
* Split up import/export into separate modules

* Fix routing and apply PR feedback

* Renamed OrganizationExport exports to OrganizationVaultExport

* Make import dialogs standalone and move them to libs/importer

* Make import.component re-usable

- Move functionality which was previously present on the org-import.component into import.component
- Move import.component into libs/importer
Make import.component standalone
Create import-web.component to represent Web UI
Fix module imports and routing
Remove unused org-import-files

* Renamed filenames according to export rename

* Make ImportWebComponent standalone, simplify routing

* Pass organizationId as Input to ImportComponent

* use formLoading and formDisabled outputs

* Emit an event when the import succeeds

Remove Angular router from base-component as other clients might not have routing (i.e. desktop)
Move logic that happened on web successful import into the import-web.component

* fix table themes on desktop & browser

* fix fileSelector button styles

* update selectors to use tools prefix; remove unused selectors

* Wall off UI components in libs/importer

Create barrel-file for libs/importer/components
Remove components and dialog exports from libs/importer/index.ts
Extend libs/shared/tsconfig.libs.json to include @bitwarden/importer/ui -> libs/importer/components
Extend apps/web/tsconfig.ts to include @bitwarden/importer/ui
Update all usages

* Rename @bitwarden/importer to @bitwarden/importer/core

Create more barrel files in libs/importer/*
Update imports within libs/importer
Extend tsconfig files
Update imports in web, desktop, browser and cli

* Lazy-load the ImportWebComponent via both routes

* Use SharedModule as import in import-web.component

* File selector should be displayed as secondary

* Use bitSubmit to override submit preventDefault (#6607)

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: William Martin <contact@willmartian.com>
2023-10-19 11:17:23 +02:00
Oscar Hinton
d0e72f5554
[PM-4360] Move auth owned code into auth (#6595) 2023-10-19 08:03:32 +00:00