* [SG-163] Two step login flow web (#3648)
* two step login flow
* moved code from old branch and reafctored
* fixed review comments
* [SG-164] Two Step Login Flow - Browser (#3793)
* Add new messages
* Remove SSO button from home component
* Change create account button to text
* Add top padding to create account link
* Add email input to HomeComponent
* Add continue button to email input
* Add form to home component
* Retreive email from state service
* Redirect to login after submit
* Add error message for invalid email
* Remove email input from login component
* Remove loggingInTo from under MP input
* Style the MP hint link
* Add self hosted domain to email form
* Made the mp hint link bold
* Add the new login button
* Style app-private-mode-warning in its component
* Bitwarden -> Login text change
* Remove the old login button
* Cancel -> Close text change
* Add avatar to login header
* Login -> LoginWithMasterPassword text change
* Add SSO button to login screen
* Add not you button
* Allow all clients to use the email query param on the login component
* Introduct HomeGuard
* Clear remembered email when clicking Not You
* Make remember email opt-in
* Use formGroup.patchValue instead of directly patching individual controls
* [SG-165] Desktop login flow changes (#3814)
* two step login flow
* moved code from old branch and reafctored
* fixed review comments
* Make toggleValidateEmail in base class public
* Add desktop login messages
* Desktop login flow changes
* Fix known device api error
* Only submit if email has been validated
* Clear remembered email when switching accounts
* Fix merge issue
* Add 'login with another device' button
* Remove 'log in with another device' button for now
* Pin login pag content to top instead of center justified
* Leave email if 'Not you?' is clicked
* Continue when enter is hit on email input
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* [SG-750] and [SG-751] Web two step login bug fixes (#3843)
* Continue when enter is hit on email input
* Mark email input as touched on 'continue' so field is validated
* disable login with device on self-hosted (#3895)
* [SG-753] Keep email after hint component is launched in browser (#3883)
* Keep email after hint component is launched in browser
* Use query params instead of state for consistency
* Send email and rememberEmail to home component on navigation (#3897)
* removed avatar and close button from the password screen (#3901)
* [SG-781] Remove extra login page and remove rememberEmail code (#3902)
* Remove browser home guard
* Always remember email for browser
* Remove login landing page button
* [SG-782] Add login service to streamline login form data persistence (#3911)
* Add login service and abstraction
* Inject login service into apps
* Inject and use new service in login component
* Use service in hint component to prefill email
* Add method in LoginService to clear service values
* Add LoginService to two-factor component to clear values
* make login.service variables private
Co-authored-by: Gbubemi Smith <gsmith@bitwarden.com>
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* Add item decryption to encryptService
* Create multithreadEncryptService subclass to handle web workers
* Create encryption web worker
* Refactor cipherService to use new interface
* Update dependencies
* PS-976 - when user has cipher readonly permissions, prevent user from editing cipher fields and make separate api call that only updates Favorite and Folder values
* PS-976 - in the readonly edit cipher view, hide non-operable buttons and display select values as readonly input text
* PS-976 - update failing test
* PS-976 - split cipher saveWithServer call into Create and Update calls
* PS-976 - replace property with function call to get the card expiration month for the readonly view
* MM-976 - when user has readonly permissions hide "delete" button on View Item view, hide generate username/password buttons on Edit Item view
* PS-976 - rename cipherPartialRequest file to align with new naming convention
* Add test cases from previous PR https://github.com/bitwarden/jslib/pull/547
* Install tldts as replacement for tldjs
* Use tldts for hostname and domain retrieval/validation
* Remove usage of old tldjs.noop-implementation
* Add handling of about protocol
* Remove usage of tldEndingRegex and use tldts check instead
* Uninstall @types/tldjs and tldjs
* Updated package-lock.json
* Fix accessibility cookie check
* Rename loginUriView.spec to login-uri-view.spec
* Add test for getDomain failing file links
* getHostName - Return null when given, data, about or file links
* updated content to sentence case
* updated 2fa verbs to match web vault PR
* title case Social Security
* sentence cased missed strings
* fixed 'work' typo on generator strings
* sentence cased Copy username
* updated missed menu options to sentence case
* Initial - add folder id to popup item view
* Add folder service to view component
* Move folder info higher in the item view as proper box
* Add folder name handling to component
* Add folder field to browser view
* Add folder field to desktop view
* Make folder field draggable
following the merging of https://github.com/bitwarden/clients/pull/3321 also make the folder field draggable
* Use `<label>` and readonly `<input>`
In anticipation of https://github.com/bitwarden/clients/pull/3485 being merged
* Changes from review
- change input name to `folderName`, match it in the `for` attribute on the `<label>`
- add an `if` check before querying folder names
* Match `name` to `id`
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add CreationDate to common libs
* Add CreationDate to Browser
* Add CreationDate to CLI
* Add CreationDate to Desktop
* Add CreationDate to Web
* Update tests
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Trim everything at the end of decrypted payload before parsing
* Clarify comment
* Use char code check for nulls
* Extract trim code to function
* make char codes constants
* Fix async subscribe
* Revert "[PS-1066] Browser and Desktop - SSO User does not see Update Master Password screen after Owner does a Admin Password Reset (#3207)"
This reverts commit 0eda418591.
* Make totp countdown `aria-hidden`, add copy of countdown as `sr-only` inside totp button, only make it conditionally "exist" on parent focus
* Make exact same changes to desktop totp
* Tweak copy button accessible name approach
instead of `aria-label`, which overrides the content of the button and, because JAWS has trouble announcing the live region in the desktop app, results in JAWS not announcing ANY countdown at all, this at least announces the current countdown number when the button receives focus in JAWS
* Add `aria-atomic="true"`
avoid JAWS/Firefox only announcing the specific digit that updates, rather than the number as a whole
* Update, run prettier, lint
* Remove orphaned jslibs
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Update imports
* Implement observables in a few places
* Add tests
* Get all clients working
* Use _destroy
* Address PR feedback
* Address PR feedback
* Address feedback
* passwordless login page redesign
* passwordless login page redesign
* restyled login form to use tailwind
* restyled login form to use tailwind
* moved texts on login device template to locales
* made reactive form changes for clients
* added request model
* made more changes
* added implmentation to auth request api
* fixed refrencing issue
* renamed model property
* Added resend notification functionality
* Added new file
* login with device first draft
* login with device first draft
* login with device first draft
* login with device first draft
* connection to anonymous hub
* connection to anonymous hub
* refactored confirm login response
* removed comment
* cleaned up login
* changed uptyped form builder
* changed uptyped form builder
* [SG-168] Update login strategy with passwordless login credentials.
* [SG-168] Removed logs. Changed inputs for passwordless logic strategy. Removed tokenRequestPasswordless it is using the same as password.
* code cleanup
* code cleanup
* removed login with device from self hosted
* fixed PR comments
* added module for login
* fixed post request bug
* added feature flag
* added feature flag
* added feature flag
Co-authored-by: André Bispo <abispo@bitwarden.com>
* [SG-523] Base test runner app for native messages (#3269)
* Base test runner app for native messages
* Remove default test script
* Add case for canceled status
* Modify to allow usage of libs crypto services and functions
* Small adjustments
* Handshake request (#3277)
* Handshake request
* Fix capitalization
* Update info text
* lock node-ipc to 9.2.1
* [SG-569] Native Messaging settings bug (#3285)
* Fix bug where updating setting wasn't starting the native messaging listener
* Update test runner error message
* [SG-532] Implement Status command in Native Messaging Service (#3310)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Add active field to status response
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* Remove in progress file (merge error)
* Move models to their own folder and add index.ts
* Remove file that got un-deleted
* Remove file that will be added in separate command
* Fix imports that got borked
* [SG-533] Implement bw-credential-retrieval (#3334)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Implement bw-credential-retrieval
* Add active field to status response
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* Add error handling for passing a bad public key to handshake
* [SG-534] and [SG-535] Implement Credential Create and Update commands (#3342)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Implement bw-credential-retrieval
* Add active field to status response
* Add bw-credential-create
* Better response handling in test runner
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* bw-cipher-create move type into its own file
* Use LogUtils for all logging
* Implement bw-credential-update
* Give naming conventions for types
* Rename file correctly
* Update handleEncyptedMessage with EncString changes
* [SG-626] Fix Desktop app not showing updated credentials from native messages (#3380)
* Add MessagingService to send messages on login create and update
* Add `not-active-user` error to create and update and other refactors
* [SG-536] Implement bw-generate-password (#3370)
* implement bw-generate-password
* Fix merge conflict resolution errors
* Update apps/desktop/native-messaging-test-runner/src/bw-generate-password.ts
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Logging improvements
* Add NativeMessagingVersion enum
* Add version check in NativeMessagingHandler
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Refactor account status checks and check for locked state in generate command (#3461)
* Add feawture flag to show/hide ddg setting (#3506)
* [SG-649] Add confirmation dialog and tweak shared key retrieval (#3451)
* Add confirmation dialog when completing handshake
* Copy updates for dialog
* HandshakeResponse type fixes
* Add longer timeout for handshake command
* [SG-663] RefactorNativeMessagingHandlerService and strengthen typing (#3551)
* NativeMessageHandlerService refactor and additional types
* Return empty array if no uri to retrieve command
* Move commands from test runner into a separate folder
* Fix bug where confirmation dialog messes with styling
* Enable DDG feature
* Fix generated password not saving to history
* Take credentialId as parameter to update
* Add applicationName to handshake payload
* Add warning text to confirmation modal
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* fixing the bug ps-1319 by using ellipsis pipe which deafultg 25 character length
* pass 20 as the limit length instead default 25
Co-authored-by: dynwee <onwudiweokeke@gmail.com>
* PS-1111 Added prefix "Vault:" for accessibility to vault selector items
* improved html readability
* PS-1111 Added more screen reader accessibility data to the Vault selector on Desktop and Web clients
* PS-1111 removed duplicated aria-label
* PS-1111 Removed unnecessary aria-label attribute
* PS-1111 Changed browser vault item accessibility title from span to button
Allowing whitespace to wrap solves the issue of long link/button text awkwardly breaking out of controls
Widening desktop "pages" prevents some unnecessary wrapping in places like the "Create account" button on the login screen, whose content is slightly wider than it should be (but this is currently masked by the `nowrap`)
Closes https://github.com/bitwarden/clients/issues/2620
* Register Arabic language with native name
* Register Arabic language for web vault
* Register Arabic language for browser
* Register Arabic language for desktop
* Extract into new VaultTimeoutSettingsService
* Ensure new service is instantiated and registered for DI
* Create vaultTimeoutSettingsServiceFactory
* Fix VaultTimeoutServiceFactory
* Remove any and use void instead
* Move vaultTimeoutAbstraction into it's own folder
* Move vaultTimeout service into it's own folder
* Added vaultTimeoutServiceFactory and it's missing dependencies
* Add `role="group"` and accName to URI and custom field groups (browser)
Provides more context when editing fields (to understand what the remove, options, etc buttons are all about)
* Add `aria-describedby` to custom field value fields (browser)
provides further context other than the generic "Value" label
* Add `role="group"` and accName to URI and custom field groups, add `aria-describedby` to custom field value fields (desktop)
* Add `role="group"` and accName to URI and custom field groups, add `aria-describedby` to custom field value fields (web)
* Use `attr.aria-label` instead of `appA11yTitle`
don't need/want the tooltips appearing everywhere
* Register basque language with native name
* Register basque language for web vault
* Register basque language for browser
* Register basque language for desktop
* Change box-headers from generic `<div>` to semantic headings, tweak heading styles
Essentially, a late port to desktop of aspects from https://github.com/bitwarden/clients/pull/2223 (which I hadn't realised at the time also affected the desktop app)
* Change box headers in modals to `<h1>`s
* Fix/normalise modals
* Harmonise modal dialog headings, use `aria-labelledby`
* Add extra margin for desktop settings expanded header buttons
* Only change box-header-expandable background on `:focus-visible` not `:focus`
Avoids having the background colour "stick" when clicking with the mouse until you click somewhere else
* Change subscription to rely on observables and not on BehaviourSubject
* Ensure OnDestroy is added to AppComponent
* Fix check for no active accounts to redirect to the login page instead of lock
* Change subscription handling on SearchBarService
* Fix naming convention: Observables should have a $ suffix
* Remove obsolete linter hint
* Fix activeAccountUnlocked getting exposed as Observable but is instantiated as BehaviourSubject
* [SG-416] Changed UI for TOTP codes on free plan and added link to get Premium. On browser, changed back action of premium.component in order to reuse on cipher details.
* [SSG-416] PR Fix
* [SSG-416] fix formatting
* [SSG-416] Updated desktop free plan OTP UI
* [SSG-416] noticed a bad div tag making file changes erratic
* [SG-416] fixed label
* [SSG-416] Fix formatting
* [SSG-416] Changed bootstrap classes to tailwind
* [SSG-416] Added premium and upgrade badge back. Muted placeholder totp code colors and button.
* [SSG-416] Change learn more to upgrade label on get premium modal. Fixed navigation for premium.
* [SSG-416] Removed unused image file.
* [SG-416] Changed browser "Premium subscription required" text to be all hyperlink.
* [SG-416] Fixed missing resource on browser
* [SG-416] Code format with lint
* Move Web's SharedModule to /app/shared/
This commit relocates `SharedModule` from `/app/modules` to `/app/shared` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference `SharedModule`.
* Move /modules/pipes to /shared/pipes
This commit relocates `PipesModule` from `/app/modules` to `/app/shared` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference `PipesModule`.
* Move LooseComponentsModule to /shared/
This commit relocates `LooseComponentsModule` from `/app/modules` to `/app/shared` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference `LooseComponentsModule`.
* Move VerticalStepperModule to /shared/
This commit relocates `VerticalStepperModule` from `/app/modules` to `/app/shared` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference `VerticalStepperModule`.
* Move TrialInitiationModule to /shared/
This commit relocates `TrialInitiationModule` & `RegisterFormModule` from `/app/modules` to `/app/shared` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference `TrialInitiationModule` or `RegisterFormModule`.
* Move /modules/organization to /organization
This commit relocates all modules in `/app/modules/organization` to `/app/organization` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference the moved modules.
* Move /modules/vault/ to /vault
This commit relocates the IndividualVaultModule to `/app/modules/vault`, and the OrganizationVaultModule to `/app/organization/vault` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference the moved modules.
* Move VaultFiltersModule to /vault
This commit relocates the `VaultFilterModule` to `/app/vault/vault-filter`, and the OrganizationVaultFilterComponent to `/app/organization/vault/vault-filter` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference the moved modules.
* Remove the /modules/ folder from desktop
This commit relocates the `VaultFilterModule` to `/app/vault/vault-filter`, and the OrganizationVaultFilterComponent to `/app/organization/vault/vault-filter` to
align with [ADR #11](https://adr.bitwarden.com/decisions/0011-angular-folder-structure)
All other changes are just to adjust imports that reference the moved modules.
* Move Libs' VaultFiltersComponent to /vault/
This commit moves the lib's logic for `VaultFiltersModule` from
`/modules/` to `/vault/`
All other changes are just to adjust imports that reference the moved
files.
* Rename VaultModule -> SharedVaultModule
* Rename IndividualVaultModule -> VaultModule
* Rename OrganizationVaultModule -> VaultModule
* Rename OrganizationVaultFilterComponent
Rename OrganizationVaultFilterComponent to VaultFilterComponent
* Seperate the two VaultFilterComponents
This commit seperate the `OrganizationVaultFilterComponent` from the `VaultFilerModule`, which is only used by the individual vault.
A `VaultFilterSharedModule` was created to declare shared components and provide shared services between the two implementations.
This was done to align with best practices for NgModules.
* [r] Move VerticalStepperModule to /account/
More specifically, /account/trial/
* [r] Declare PaymentComponent in LooseComponentsModule
`PaymentComponent` is not reused across domains and should not be
declared in `SharedModule`.
I've moved it to `LooseComponentsModule` for now, but later it will need
to be exported from a `SettingsModule`.
* [r] Declare TaxInfoComponent in LooseComponentsModule
* [r] Reloacte Pipes out of /shared/
* [r] Extract locales out of SharedModule
* [r] Add documentation to shared module
* [r] Cleanup imports
* [r] Use an index.ts file for /shared/
* [r] Add eslint rule restricting access to /shared/
Co-authored-by: Hinton <hinton@users.noreply.github.com>
* Added abstractions for PolicyApiService and PolicyService
* Added implementations for PolicyApiService and PolicyService
* Updated all references to new PolicyApiService and PolicyService
* Deleted old PolicyService abstraction and implementation
* Fixed CLI import path for policy.service
* Fixed main.background.ts policyApiService dependency for policyService
* Updated policy-api.service with the correct imports
* [EC-376] Sorted methods order in PolicyApiService
* [EC-376] Removed unused clearCache method from PolicyService
* [EC-376] Added upsert method to PolicyService
* [EC-376] PolicyApiService putPolicy method now upserts data to PolicyService
* Removed check for getBiometricLocked
It always returned false even when no biometrics were used.
* Remove the other check for getBiometricsLocked
* Ensure that biometricFingerprintValidation is reset, when biometrics are disabled
* Removed getBiometricsLocked and setBiometricsLocked
With nothing in the codebase reading the state of getBiometricsLocked, I've removed all places where it was set or saved.
* Refactor execution of reload into a separate method
* Conditonally pass the window object to `BrowserApi.reloadExtension`
* Clarify in comment, that the PIN has to be set with ask for Master Password on restart
* Ensure the process reload is executed on logout
* Use accounts instead of lastActive == null to determine a reload on logout
* Moved identical logic from desktop and browser into system.service
* Simplified check for refresh to handle no accounts found, logout, lock with lastActive longer than 5 seconds
* added a refresh token to avoid the time out issue
* validating for forcePasswordReset for web extension
* checking for forcePasswordReset to know the successRoute to nagivate to
* changes after running prettier
* removing the old implementation and making changes for getForcePasswordReset
* making chnages to lock.component in desktop project for forcePasswordReset
Co-authored-by: dynwee <onwudiweokeke@gmail.com>
* moved password strength to libs
* refactored password strength component
* made changes on desktop and browser to reuse component
* resolved suggestions from PR review
* shared module restructure
* shared module restructure
* [EC-317] feat: add delete account section in settings
* [EC-317] feat: add new delete account modal
* [EC-317] feat: add ability to replace top-most modal
* [EC-317] chore: remove unecessary lint ignore
* [EC-317] fix: so delete account is closed if export vault is opened
* [EC-317] feat: inital delete account design without i18n
* [EC-317] feat: disabled but basic working delete functionality
* [EC-317] feat: implement according to new design
* [EC-317] feat: use translations
* [EC-317] feat: implement working deletion
* [EC-317] feat: add loading state and error messages
* [EC-317] feat: add menu bar item
* [EC-317] feat: update form to support typed reactive forms
* [EC-317] chore: update translation text after design review
* [EC-317] feat: move deletion logic to service
* [EC-317] refactor: update web deletion
* [EC-317] feat: disable submit if secret is empty
* [EC-317] fix: handle errors in components as well
* [EC-317] fix: use abstraction as interface
* [EC-317] refactor: extract deleteAccount from api service
* [EC-317] fix: typo in translations
* [EC-317] chore: rename to accountApiService
* Fix incorrect h2/button nesting, wrap expand/collapse controls around their text and remove unnecessary `appA11yTitle`s, expand `appA11yTitle` where needed to give more context, fix broken `aria-pressed` attributes, tweak styling
* Remove orphaned jslibs
* Remove `appBlurClick` from browser extension controls
* Remove last remaining `appBlurClick` from desktop app controls
* Change any straggler `<a>` links to buttons where appropriate (where they don't open a browser window)
* Add missing `type="button"` to some of the desktop buttons
* Update and run prettier, linter
* Remove orphaned jslibs
* chore: remove superfluous default
* fix: translations
* feat: dont update auto biometric but hide the option
* feat: hide auto biometrics if biometrics are disabled
* refactor: make updateBiometric easier to read and add bug note
* chore: add comment about bug getting resolved
* refactor: merge two if-cases