1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-10-29 07:59:42 +01:00
Commit Graph

55 Commits

Author SHA1 Message Date
Kyle Spearrin
bfdd3561da
Username generator (#734)
* add support for username generation

* remove unused Router

* pr feedback
2022-03-24 12:19:19 -04:00
Oscar Hinton
5b7b2a03dd
Remove Internet Explorer logic (#723) 2022-03-24 10:42:11 +01:00
Vincent Salucci
48a4c27fe7
[Captcha] Failed login attempts (#698)
* [Captcha] Failed login attempts

* Fix logIn.strategy test

* Updated with the stark majority of requested changes

* Fix typo

* Unused import
2022-03-02 19:47:57 -06:00
Addison Beck
78b5f15042
[feature] Implement scope warning for exports (#688)
* [feature] Add a hasOrganizations() service method

* [feature] Add a component to warn users about export scope
2022-02-23 13:56:46 +10:00
Matt Gibson
1fb3d54014
Feature/password protected export (#689)
* Simplify password protected file format

* no items to import is not an error

* Await inner importer

* Add export format type

* Error if import file is password protected

* Update tests

* Test password protected with normat json importer

* Simplify imports

* Ignore code coverage directory

* Expand importer options  without changing display options

* Import password require import error handling

* Use interface

* Fix curlies

* linter fixes

* Add null of empty util

* Lint fixes

* run prettier

* Move import options to separate enum file

* Fix imports
2022-02-23 13:02:07 +10:00
Oscar Hinton
60878cd4ed
Add eslint (#610) 2022-02-22 15:39:11 +01:00
Addison Beck
a6092916d8
[bug] Persistantly store collapsedGroupings (#686)
Collapsed groupings have regressed to not maintaining their state through restarting clients.

The state mangement refactor erroniously began saving this field to memory instead of disk, but there were some other issues that changing this brought on that are also fixed in this commit.

Changes:
1. Save collapsedGroupings persistantly in StateService
2. Adjust the type of collapsedGroupings on the Account model from a Set<string> to a string[]
	* This is the way we were storing this value in previous releases, and saving the entire set object breaks.
3. Adjust the StateService getter/setter for collapsedGroupings to expect a string[]
4. Extract a string[] from the GroupingsComponent groupings that is a Set<string> before saving
2022-02-15 12:54:22 -05:00
Addison Beck
b7bb16c18a
[bug] Toggle tokens appropriatly based on timeout action (#661) 2022-02-09 23:01:43 +01:00
Oscar Hinton
8130fce404
Add headers for client type and client version (#651) 2022-02-08 11:18:10 +01:00
Matt Gibson
7afb748791
Feature/password protected export (#612)
* Add password protected export

* Run prettier

* Test password protected export service

* Create type for known import type strings

* Test import service changes

* Test bitwarden password importer

* Run prettier

* Remove unnecessary class properties

* Run prettier

* Tslint fixes

* Add KdfType to password protected export

* Linter fixes

* run prettier
2022-02-07 09:33:10 -06:00
Thomas Rittson
aa2bdd00be
[Tech debt] Refactor authService and remove LogInHelper (#588)
* Use different strategy classes for different types of login
* General refactor and cleanup of auth logic
* Create subclasses for different types of login credentials
* Create subclasses for different types of tokenRequests
* Create TwoFactorService, move code out of authService
* refactor base CLI commands to use new interface
2022-02-01 09:51:32 +10:00
Addison Beck
6c61f53d8b
[bug] Always save environmentUrls passed to setUrls (#641)
* [bug] Always save environmentUrls passed to setUrls

* [bug] Remove parameter from abstraction as well

* [bug] Correct type in abstraction
2022-01-28 08:15:02 -05:00
Addison Beck
ca5b057b43
[refactor] Use ThemeType enum instead of string (#642) 2022-01-28 11:28:36 +01:00
Addison Beck
83305313f9
[bug] Properly define stored window state (#638) 2022-01-27 10:44:09 -05:00
Oscar Hinton
e1d4c4c903
Expose getKeyFromStorage with userId (#633) 2022-01-25 15:45:02 +01:00
Addison Beck
4074c2a45f
[Bug] [Account Switching] Ensure EnvironmentUrls Pull From The Correction Location On Account Add (#602)
* [bug] Fully initilize environmentUrls default value

We want the full environmentUrls object to be saved to storage with null values as an indicator of using BW cloud.
Currently the initilization behavior creates an empty object instead. Setting property values returns the correct behavior.

* [bug] Return the correct environmentUrls when scaffloging a new account

To allow for setting environmentUrls before an account is created we save that value as a global setting and then apply it to any newly authed accounts.
There is a bug that will instead save the urls used by the previous logged in account, making account switching with multiple servers cause errors.

This commit resolves this by specifically getting environementUrls from global state when creating a new account
2022-01-10 12:25:38 -05:00
Jake Fink
3d7b427b0e
Use MP policies when registering a new user through SSO (#587)
* use MP policies when registering a new user through SSO

* prettier and linting
2021-12-21 12:02:56 -05:00
Addison Beck
9e26336549
[feat(Account Switching)] Allow for extending application state (#584)
* [feat(Account Switching)] Allow for extending application state

* [bug(Account Switching)] Remove hardcoded dev urls

* [bug(Account Switching)] Init Account when signing in

* [bug(Account Switching)] Check for state migration version in local storage for web

* [bug(Account Switching)] Fix never lock configurations

* [chore] Prettier merge

* [bug] Move environmentUrls to global state

* [chore] Ran prettier

* [bug]change storage location for enityId and type

* [style] Ran prettier

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
2021-12-20 08:48:47 -05:00
Oscar Hinton
193434461d
Apply Prettier (#581) 2021-12-16 13:36:21 +01:00
Addison Beck
f90b3456d5
[Account Switching] [Feature] Allow clients to store data for more than one user (#491)
* [refactor] Extract, rename, and expand StorageServiceOptions

* Pulled StorageServiceOptions into its own file
* Renamed StorageServiceOptions to StorageOptions
* Pulled KeySuffixOpptions into its own file
* Converted KeySuffixOptions into an enum from a union type

* [refactor] Expand StateService into a full coverage storage proxy

* Expand StateService to allow it to manage all data points of the application state regardless of memory.
* Expand StateService to allow for storing and managing multiple accounts

* [refactor] Create helper services for managing organization and provider state data

* [refactor] Implement StateService across service layer

* Remove service level variables used for in memory data storage and replaced with calls to StateService
* Remove direct calls to StorageService in favor of using StateService as a proxy

* [feature] Implement account switching capable services across components and processes

* Replace calls to StorageService and deprecated services with calls to a StateService

* [chore] Remove unused services

Several services are no longer in use because of the expanded state service. These have simply been removed.

* [bug] Add loginRedirect to the account model

* [bug] Add awaits to newly async calls in TokenService

* [bug] Add several missing awaits

* [bug] Add state service handlers for AutoConfirmFingerprint

* [bug] Move TwoFactorToken to global state

* Update unauth-guard.service.ts

Add back return true

* [refactor] Slim down the boilerplate needed to manage options on StateService calls

* [bug] Allow the lock message handler to manipulate a specific acount

* [bug] Add missing await to auth guard

* [bug] Adjust state scope of several biometric data points

* [bug] Ensure vault locking logic can operate over non-active accounts

* [style] Fix lint complaints

* [bug] Move disableFavicon to global state

* [refactor] Remove an unecassary parameter from a StorageOptions instance

* [bug] Ensure HtmlStorageService paths are accounted for in StateService

* [feature] Add a server url helper to the account model for the account switcher

* [refactor] Remove some unused getters from the account model

* [bug] Ensure locking and logging out can function over any user

* Fix account getting set to null in getAccountFromDisk

* [bug] Ensure lock component is always working with the latest active account in state

* [chore] Update recent KeyConnector changes to use stateService

* [style] Fix lint complaints

* [chore] Resolve TokenService merge issues from KeyConnector

* [bug] Add missing service arguement

* [bug] Correct several default storage option types

* [bug] Check for the right key in hasEncKey

* [bug] Add enableFullWidth to the account model

* [style] Fix lint complaints

* [review] Revist remember email

* [refactor] Remove RememberEmail from state

* setDisableFavicon to correct storage location

* [bug] Convert vault lock loop returns into continues to not skip secondary accounts

* [review] Sorted state service methods

* [bug] Correct neverDomains type on the account model

* [review] Rename stateService.purge to stateService.clean

* [review] [refactor] Extract lock refresh logic to a load function

* [review] [refactor] Extract some timeout logic to dedicated functions

* [review] [refactor] Move AuthenticationStatus to a dedicated file

* [review] [refactor] Rename Globals to GlobalState

* [style] Fix lint complaints

* [review] Remove unused global state property for decodedToken

* [review] [bug] Adjust state scope for OrganizationInvitation

* [review] [bug] Put back the homepage variable in lock guard

* [review] Un-try-catch the window creation function

* Revert "[review] [bug] Adjust state scope for OrganizationInvitation"

This reverts commit caa4574a65d9d0c3573a7529ed2221764fd55497.

* [bug] Change || to && in recent vault timeout refactor

* [bug] Keep up with entire state in storage instead of just accounts and globals

Not having access to the last active user was creating issues across clients when restarting the process.
For example: when refreshing the page on web we no longer maintain an understanding of who is logged in.

To resolve this I converted all storage save operations to get and save an entire state object, instead of specifying accounts and globals.
This allows for more flexible saving, like saving activeUserId as a top level storage item.

* [style] Fix lint complaints

* Revert "[bug] Keep up with entire state in storage instead of just accounts and globals"

This reverts commit e8970725be472386358c1e2f06f53663c4979e0e.

* [bug] Initialize GlobalState by default

* [bug] Only get key hash from storage

* [bug] Remove settings storage location overrides

* [bug] Only save accessToken to storage

* [refactor] Remove unecassary argements from electron crypto state calls

* [bug] Ensure keys and tokens load and save to the right locations for web

* [style] Fix lint complaints

* [bug] Remove keySuffix storage option and split uses into unique methods

The keySuffix options don't work with saving serialized json as a storage object - use cases simply overwrite each other in state.
This commit breaks Auto and Biometric keys into distinct storage items and adjusts logic accordingly.

* [bug] Add default vault timeouts to new accounts

* [bug] Save appId as a top level storage item

* [bug] Add missing await to timeout logic

* [bug] Adjust state scope for everBeenUnlocked

* [bug] Clear access tokens when loading account state from disk

* [bug] Adjust theme to be a global state item

* [bug] Adjust null checking for window in state

* [bug] Correct getGlobals not pulling from the stored state item

* [bug] Null check in memory account before claiming it has a userId

* [bug] Scaffold secure storage service when building storage objects on init

* [bug] Adjusted state scope of event collection

* [bug] Adjusted state scope of vault timeout and action

* [bug] Grab account from normal storage if secure storage is requested but does not exist

* [bug] Create a State if one is requested from memory before it exists

* [bug] Ensure all storage locations are cleared on state clean

* [style] Fix lint complaints

* [bug] Remove uneeded clearing of access token

* [bug] Reset tokens when toggling

* [refactor] Split up the Account model

Until this point the account model has been very flat, holding many kinds of data.

In order to be able to prune data at appropriate times, for example clearing keys at logout without clearing QoL settings like locale,
the Account model has been divided into logical chunks.

* [bug] Correct the serverUrl helpers return

* Fix sends always coming back as empty in browser

* Get settings properly (I think)

* [bug] Fix lint error

* [bug] Add missing await to identity token refresh

This was causing weird behavior in web that was creating a lot of 429s

* [bug] Scaffold memory storage for web

Not properly creating storage objects on signin was creating weird behavior when logging out, locking, and logging back in.
Namely, encrypted data that was recently synced had nowhere to save to and was lost.

* [bug] Implement better null handling in a few places for retrieving state

* [bug] Update correct storage locations on account removal

* [bug] Added missing awaits to lock component

* [bug] Reload lock component on account switching vs. account update

* [bug] Store master keys correctly

* [bug] Move some biometrics storage items to global state

* [feature] Add platform helper isMac()

* [refactor] Comment emphasis and call order refresh

* [refactor] Remove unecassary using

* [bug] Relocate authenticationStatus check logic to component

* [bug] Stop not clearing everything on state clean

* [style] Fix lint complaints

* [bug] Correct mismatched uses of encrypted and decrypted pin states

* Add browser specific state classes and methods

* lint fixes

* [bug] Migrate existing persistant data to new schema

* [style] Fix lint complaints

* [bug] Dont clear settings on state clean

* [bug] Maintain the right storage items on logout

* [chore] resolve issues from merge

* [bug] Resolve settings clearing on lock

* [chore] Added a comment

* [review] fromatting for code review

* Revert browser state items

Co-authored-by: Robyn MacCallum <nickersthecat@gmail.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
2021-12-13 11:15:16 -05:00
Oscar Hinton
a6b95b15e3
Add toastr component (#568) 2021-12-07 19:15:56 +01:00
Matt Gibson
d02fcd082e
Add sponsorship pre validate endpoint (#564) 2021-11-24 14:19:03 -06:00
Justin Baur
b4f475251a
Feature/families for enterprise (#549)
* Families for enterprise/account settings (#541)

* Add node tests to pipeline (#525)

* Add support for crypto agent (#520)

* feat: add an importer for Safari (CSV) (#512)

* feat(importers/safariCsvImporter): add the importer for Safari (CSV)

* Revert changes to package-lock.json

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* Dynamically set electron user agent (#524)

* Dynamically set electron user agent

* PR review

* linter fixes

* Test agent static version does not change

* Fix formatting

* Add role="alert" to callouts only when enforceAlert is passed (#528)

* Add role="alert" to callouts when enforceAlert is passed

* Remove ElementRef and do a different way

* Rename input variable

* Add PR template (#529)

* Allow managers to create collections (#530)

* Pass in null for sso organziation for now. (#531)

This will bypass cryptoagent

* Add Linked Field as custom field type (#431)

* Basic proof of concept of Linked custom fields

* Linked Fields for all cipher types, use dropdown

* Move linkedFieldOptions to view models

* Move add-edit custom fields to own component

* Fix change handling if cipherType changes

* Use Field.LinkedId to store linked field info

* Refactor accessors in cipherView for type safety

* Use map for linkedFieldOptions

* Refactor: use decorators to record linkable info

* Add ItemView

* Use enums for linked field ids

* Add union type for linkedId enums, add jsdoc comment

* Use parameter properties for linkedFieldOption

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Fix type casting

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Update electron to 14.2.0 (#534)

* Update electron to 14.1.1

* Update electron to 14.2.0 and fix it to this version

* Removed ^ from electron in electron/package-lock.json

* [Linked fields] Reset linkedIds if cipher type changes (#535)

* Reset linkedIds if cipher type changes

* Only reset linkedId if !editmode

* Add call to server

* Fix linting

* Add call to server

* Fix linting

* Run linting

* Add new properties to organization

* Remove organizationUserId from request model

* Added in org sponsorship calls

* Sponsorship redeem existing org flow

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Oscar Hinton <oscar@oscarhinton.com>
Co-authored-by: pan93412 <pan93412@gmail.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Robyn MacCallum <nickersthecat@gmail.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* Revoke sponsorship uses organization id

* Expect information in billing items on whether the item is sponsored

* Families for enterprise/redeem card (#546)

* Add userservice helper

* Run linter

* Add resend email to api service (#548)

* Remove unneeded imports

* Remove unneeded files

* Add newline

* Reorder import

* Remove accidental newline

* Fix lint issue

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Oscar Hinton <oscar@oscarhinton.com>
Co-authored-by: pan93412 <pan93412@gmail.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Robyn MacCallum <nickersthecat@gmail.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-11-19 17:24:55 -05:00
Thomas Rittson
07dde6e321
Add getKeyConnectorAlive to ApiService (#543) 2021-11-18 21:11:55 +10:00
Thomas Rittson
386903f5a9
[Key Connector] QA fixes for CLI and Desktop (#544)
* Make UserVerificationService compatible with CLI

* Refactor error handling

* Fix i18n key name

* Add apiUseKeyConnector flag to TokenResponse

* Always require keyConnectorUrl to be passed in

* Throw errors in userVerificationService

* Use requestOTP in UserVerificationService

* Remove unused deps

* Fix linting
2021-11-16 07:53:57 +10:00
Oscar Hinton
8f177e2d3a
Add support for requesting and using otp for verifying some requests (#527)
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 17:01:22 +01:00
Oscar Hinton
71f8ef601f
Add support for crypto agent (#520) 2021-10-25 18:21:40 +02:00
Oscar Hinton
bfa9a1e1bc
Remove Business Portal, add SSO configuration models (#506) 2021-10-06 19:36:20 +02:00
Thomas Rittson
ce71c0c0bd
Add theme enums and platformUtilsService helper (#497)
* Use enum for themes, add getEffectiveTheme

* Update electron and cli to use theme refactor
2021-09-30 06:37:36 +10:00
Matt Gibson
5cec31f871
Organization autoscaling (#487)
* Seat autoscaling api changes

* Update all organization subscription
aspects with one api call

* Remove disable autoscale option

* Remove autoscale request references

* Remove autoscale update
2021-09-17 10:20:48 -05:00
Oscar Hinton
83548a6753
Remove deprecated index.ts (#490)
* Remove deprecated index.ts

* Update tests
2021-09-17 14:57:31 +02:00
Vincent Salucci
da132217da
[SSO Auto Enroll] Auto Enroll status retrieval (#486)
* [SSO Auto Enroll] Auto Enroll status retrieval

* Fixed import order

* Updated object property
2021-09-15 12:54:44 -05:00
Oscar Hinton
32774561f3
Add MaximumVaultTimeout policy type (#480) 2021-09-09 17:05:40 +02:00
Oscar Hinton
bbe8d3df48
Revert "Vault Timeout Policy (#474)" (#479)
This reverts commit bba2812fdd.
2021-09-08 23:06:42 +02:00
Oscar Hinton
bba2812fdd
Vault Timeout Policy (#474) 2021-09-08 22:02:19 +02:00
Joseph Flinn
5784a6d4fc
Adding a PayPalConfig environment type (#478)
* Adding a PayPalConfig environment type for the web vault

* Adding missing semicolon
2021-09-08 12:34:23 -07:00
Vincent Salucci
ef743ea8ca
[SSO] Set password auto enroll update (#472)
* [SSO/Auto Enroll] Set Password enrolls new user

* Fixed typo

* Linter updates

* Cleanup // Constructor for SetPasswordRequest
2021-09-03 14:49:03 -05:00
Thomas Rittson
30419a625f
Move policy checks within policyService (#466)
* Move policy logic within policyService

* Remove unneeded import

* Clean up unused code

* Fix linting

* Enforce policies from accepting org invite

* Only exempt owner or admin from policies

* Use canManagePolicies as exemption criteria

* Make orgUser status check more semantic

Co-authored-by: Addison Beck <abeck@bitwarden.com>

Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-08-31 06:52:57 +10:00
Oscar Hinton
daa4f6f9a6
Dynamic Modals (#417)
* Move backdrop and click handler to modal service since they should not be used in web

* Add support for opening modals using ViewContainerRef
2021-08-26 10:04:29 +02:00
Matt Gibson
1f0127966e
Generalize token refreshing to include reauth by api key (#456) 2021-08-13 08:28:03 -05:00
Matt Gibson
c5f236c2e4
Use apikey client secret as captcha validation (#454)
* Use apikey client secret as captcha validation

* Linter fixes
2021-08-12 15:11:26 -05:00
Vincent Salucci
c2e434e333
[Reset Password v1] Update Temp Password (#446)
* [Reset Password v1] Update Temp Password

* Updating router to protected for child classes to access
2021-08-10 08:02:53 -04:00
Matt Gibson
fdf0eb989b
Provide owner with Provider client org create requst (#444) 2021-07-30 08:11:12 -05:00
Matt Gibson
db2e2f1977
Correct ProviderOrgCreate return type (#442) 2021-07-29 07:43:38 -05:00
Oscar Hinton
de288913e4
Add helper methods to EnvironmentService for retrieving urls (#435) 2021-07-23 20:03:52 +02:00
Matt Gibson
1006f50ef3
Feature/use hcaptcha if bot (#430)
* Handle hcaptch required identity response

* Refactor iframe component for captcha and webauthn

* Send captcha token to server

* Add captcha callback

* Clear captcha state

* Remove captcha storage

* linter fixes

* Rename iframe components to include IFrame

* Remove callback in favor of extenting submit

* Limit publickey credentials access

* Use captcha bypass token to bypass captcha for twofactor auth flows

* Linter fixes

* Set iframe version in components
2021-07-21 07:55:26 -05:00
Oscar Hinton
9f0ca7e4d2
[Provider] Add initial support for providers (#399) 2021-07-15 15:07:38 +02:00
Matt Gibson
78ae9383fb
Persist API key creds for token refresh. (#414)
* Persist API key creds for token refresh.

* Linter fixes
2021-06-21 17:48:06 -05:00
Matt Gibson
5e24a70a87
Vault should be locked if key is not in memory (#413)
Key is loaded on startup if auto key exists.
2021-06-21 17:47:44 -05:00
Thomas Rittson
d63ee1858d
Add backwards compatability for new local hashing method (#407)
* Add backwards compatability for existing keyHash

* Minor changes for review comments
2021-06-15 07:35:58 +10:00