* Update imports
* Implement observables in a few places
* Add tests
* Get all clients working
* Use _destroy
* Address PR feedback
* Address PR feedback
* Address feedback
* passwordless login page redesign
* passwordless login page redesign
* restyled login form to use tailwind
* restyled login form to use tailwind
* moved texts on login device template to locales
* made reactive form changes for clients
* added request model
* made more changes
* added implmentation to auth request api
* fixed refrencing issue
* renamed model property
* Added resend notification functionality
* Added new file
* login with device first draft
* login with device first draft
* login with device first draft
* login with device first draft
* connection to anonymous hub
* connection to anonymous hub
* refactored confirm login response
* removed comment
* cleaned up login
* changed uptyped form builder
* changed uptyped form builder
* [SG-168] Update login strategy with passwordless login credentials.
* [SG-168] Removed logs. Changed inputs for passwordless logic strategy. Removed tokenRequestPasswordless it is using the same as password.
* code cleanup
* code cleanup
* removed login with device from self hosted
* fixed PR comments
* added module for login
* fixed post request bug
* added feature flag
* added feature flag
* added feature flag
Co-authored-by: André Bispo <abispo@bitwarden.com>
* [SG-523] Base test runner app for native messages (#3269)
* Base test runner app for native messages
* Remove default test script
* Add case for canceled status
* Modify to allow usage of libs crypto services and functions
* Small adjustments
* Handshake request (#3277)
* Handshake request
* Fix capitalization
* Update info text
* lock node-ipc to 9.2.1
* [SG-569] Native Messaging settings bug (#3285)
* Fix bug where updating setting wasn't starting the native messaging listener
* Update test runner error message
* [SG-532] Implement Status command in Native Messaging Service (#3310)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Add active field to status response
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* Remove in progress file (merge error)
* Move models to their own folder and add index.ts
* Remove file that got un-deleted
* Remove file that will be added in separate command
* Fix imports that got borked
* [SG-533] Implement bw-credential-retrieval (#3334)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Implement bw-credential-retrieval
* Add active field to status response
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* Add error handling for passing a bad public key to handshake
* [SG-534] and [SG-535] Implement Credential Create and Update commands (#3342)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Implement bw-credential-retrieval
* Add active field to status response
* Add bw-credential-create
* Better response handling in test runner
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* bw-cipher-create move type into its own file
* Use LogUtils for all logging
* Implement bw-credential-update
* Give naming conventions for types
* Rename file correctly
* Update handleEncyptedMessage with EncString changes
* [SG-626] Fix Desktop app not showing updated credentials from native messages (#3380)
* Add MessagingService to send messages on login create and update
* Add `not-active-user` error to create and update and other refactors
* [SG-536] Implement bw-generate-password (#3370)
* implement bw-generate-password
* Fix merge conflict resolution errors
* Update apps/desktop/native-messaging-test-runner/src/bw-generate-password.ts
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Logging improvements
* Add NativeMessagingVersion enum
* Add version check in NativeMessagingHandler
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Refactor account status checks and check for locked state in generate command (#3461)
* Add feawture flag to show/hide ddg setting (#3506)
* [SG-649] Add confirmation dialog and tweak shared key retrieval (#3451)
* Add confirmation dialog when completing handshake
* Copy updates for dialog
* HandshakeResponse type fixes
* Add longer timeout for handshake command
* [SG-663] RefactorNativeMessagingHandlerService and strengthen typing (#3551)
* NativeMessageHandlerService refactor and additional types
* Return empty array if no uri to retrieve command
* Move commands from test runner into a separate folder
* Fix bug where confirmation dialog messes with styling
* Enable DDG feature
* Fix generated password not saving to history
* Take credentialId as parameter to update
* Add applicationName to handshake payload
* Add warning text to confirmation modal
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Clean up dangling behaviorSubject
* Handle null in utils
* fix null check
* Await promises, even in async functions
* Add to/fromJSON methods to State and Accounts
This is needed since all storage in manifest v3 is key-value-pair-based
and session storage of most data is actually serialized into an
encrypted string.
* Simplify AccountKeys json parsing
* Fix account key (de)serialization
* Remove unused DecodedToken state
* Correct filename typo
* Simplify keys `toJSON` tests
* Explain AccountKeys `toJSON` return type
* Remove unnecessary `any`s
* Remove unique ArrayBuffer serialization
* Initialize items in MemoryStorageService
* Revert "Fix account key (de)serialization"
This reverts commit b1dffb5c2c, which was breaking serializations
* Move fromJSON to owning object
* Add DeepJsonify type
* Use Records for storage
* Add new Account Settings to serialized data
* Fix failing serialization tests
* Extract complex type conversion to helper methods
* Remove unnecessary decorator
* Return null from json deserializers
* Remove unnecessary decorators
* Remove obsolete test
* Use type-fest `Jsonify` formatting rules for external library
* Update jsonify comment
Co-authored-by: @eliykat
* Remove erroneous comment
* Fix unintended deep-jsonify changes
* Fix prettierignore
* Fix formatting of deep-jsonify.ts
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Use a captcha bypass during registration
The trial initiation flow has a registration step that automatically
does a login in the background. This has Captcha problems, namely that
it can spawn two captchas in a row - one during registration and one
during login. This is not ideal UX, so we've added a bypass token that
returns from the registration endpoint that can be used to skip the next
captcha.
* [review] Introduce ICaptcheProtectedResponse
* Add structure to display server version on browser
* Add getConfig to State Service interface
* Clean up settings component code
* Switch to ServerConfig, use Observables in the ConfigService, and more
* Fix runtime error
* Sm 90 addison (#3275)
* Use await instead of then
* Rename stateServerConfig -> storedServerConfig
* Move config validation logic to the model
* Use implied check for undefined
* Rename getStateServicerServerConfig -> buildServerConfig
* Rename getApiServiceServerConfig -> pollServerConfig
* Build server config in async
* small fixes and add last seen text
* Move config server to /config folder
* Update with concatMap and other changes
* Config project updates
* Rename fileds to convention and remove unneeded migration
* Update libs/common/src/services/state.service.ts
Update based on Oscar's recommendation
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Update options for Oscar's rec
* Rename abstractions to abstracitons
* Fix null issues and add options
* Combine classes into one file, per Oscar's rec
* Add null checking
* Fix dependency issue
* Add null checks, await, and fix date issue
* Remove unneeded null check
* In progress commit, unsuitable for for more than dev env, just backing up changes made with Oscar
* Fix temp code to force last seen state
* Add localization and escapes in the browser about section
* Call complete on destroy subject rather than unsubscribe
* use mediumDate and formatDate for the last seen date messaging
* Add ThirdPartyServerName in example
* Add deprecated note per Oscar's comment
* [SM-90] Change to using a modal for browser about (#3417)
* Fix inconsistent constructor null checking
* ServerConfig can be null, fixes this
* Switch to call super first, as required
* remove unneeded null checks
* Remove null checks from server-config.data.ts class
* Update via PR comments and add back needed null check in server conf obj
* Remove type annotation from serverConfig$
* Update self-hosted to be <small> per design decision
* Re-fetch config every hour
* Make third party server version <small> and change wording per Oscar's PR comment
* Add expiresSoon function and re-fetch if the serverConfig will expire soon (older than 18 hours)
* Fix misaligned small third party server message text
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* CL-7 Begin Implementing Avatar
* add figma design to parameters
* rework size property
* Update Figma file to correct component
* remove circle input (avatar will always be a circle)
* adjust sizing and limit inputs
* Setup color input and functionality
* Add border option
* fix bug duplicating classes
* Update size for large avatar
* Remove unnecessary class
* Fix typo
* Remove 'dynamic' input (Avatar will now regenerate on changes by default)
* Use Tailwind class instead of an arbitrary value
* Remove gravatars (deprecated, see SG-434)
* Rename methods to a more accurate name
* Rework classList() getter method
* Remove unnecessary logic and services
* Make properties private, and rename for better clarity
* Move sanitizer logic to the TS code rather than the template
* Rework and move function to a common static class in Utils
* Rename 'data' to 'text' for clarity
* Rework classList implementation
* Remove email since we removed gravatars
* Remove template
* set color based on color, id, or text input
* rework generate method
* add explicit null/undefined check
* remove comment
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
* Register Arabic language with native name
* Register Arabic language for web vault
* Register Arabic language for browser
* Register Arabic language for desktop
* Extract into new VaultTimeoutSettingsService
* Ensure new service is instantiated and registered for DI
* Create vaultTimeoutSettingsServiceFactory
* Fix VaultTimeoutServiceFactory
* Remove any and use void instead
* [EC-381] Deleted unused method clearCache from Settings Service
* [EC-381] Marked settings methods as obsolete on State service
* [EC-381] Using observables on settings service
* [EC-381] Added unit tests for Settings service
* [EC-381] Checking userId on clear
* [EC-381] Updated references to StateService activeAccountUnlocked$
* [EC-381] Updated getEquivalentDomains to return observable
* [EC-381] Updated settings service to user concatMap on activeAccountUnlocked$
* [EC-381] Renamed getEquivalentDomains to equivalentDomains
* [EC-381] Completing Behaviors on settings.service tests
* [EC-381] Removed unused settingsPrefix from settings service
* [EC-381] Removed equivalentDomains from settings service and added type AccountSettingsSettings
* [EC-381] Updated settings service settings$ to not be nullable
* [EC-381] Settings default to {}
* Move vaultTimeoutAbstraction into it's own folder
* Move vaultTimeout service into it's own folder
* Added vaultTimeoutServiceFactory and it's missing dependencies
* Rough draft of Export/Import changes w/ password encryption
* fix for encrypted export changes
* Create launch.json
* Updates to export logic modal user secret prompt
* Updates to error handling
* renaming the component for checking the user secret to a name that is more clear about what it accomplishes
* Fixing lint errors
* Adding a comment
* Suggested changes from CR
* Suggested changes from CR
* Making suggested changes
* removing unnecessary properties
* changes suggested
* Fix
* Updating error messages
* Removing unecessary launch.json file commit
* running lint, removing commented code
* removing launch.json
* Updates to remove the userVerificationPromptService
* updates
* Removing unused import, running npm prettier/lint
* Changes to use Form Fields
* Updates
* updates requested by Matt
* Update apps/web/src/app/tools/import-export/export.component.ts
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Suggested Changes from PR
* Fix after merge from Master
* changes to styling
* Removing unused code and cleanup
* Update libs/angular/src/components/user-verification-prompt.component.ts
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Update apps/web/src/locales/en/messages.json
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Changes suggested by Thomas R
* Merging master into branch
* Revert "Merging master into branch"
This reverts commit eb2cdffe49.
* Requested changes and improvements
* merging master into feature branch
* Revert "merging master into feature branch"
This reverts commit e287715251.
* Suggested Changes
* changes
* requested changes
* Requested changes
* removing comments, fixing code
* reducing copied code
* fixing bug
* fixing bug
* changes
* WIP
* Thomas's requested changes
* adding back missing spaces
* change needed after the merge from master into feature branch
* prettier + lint
* Updating the EncryptedExportType Import
* Fixing build errors
Co-authored-by: Thomas Rittson <eliykat@users.noreply.github.com>
* Move FilePasswordPrompt to ImportExportModule
Also remove base class
Also remove duplicate service providers
* Run prettier
* Suggested Changes from Thomas
* only require filePassword and confirmFilePassword if it's type is FileEncrypted
* Update to only enable the field when submitting a file password encrypted file
* Requested changes, moving logic to web
* undoing change to bit button
* Refactor to process file-encrypted imports in main import.component
* Refactor confirm file password check
* Remove UserVerificationPromptService
* Address CodeScene feedback
* Updates to disable the required file password field when needed
* Subscribe to reactive form changes to adjust validators
* style changes requested by suhkleen
* Delete duplicate classes
Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <eliykat@users.noreply.github.com>
* Remove cast to any as Utils.gobal got typed with #3131
* BitwardenFileUploadService: Remove unneeded dependency
* Remove allowSoftLock from vaultTimeoutService
* ImportService: Remove dependency on PlatformUtilsSvc
* Register basque language with native name
* Register basque language for web vault
* Register basque language for browser
* Register basque language for desktop
* Create sessions sync structure
* Add observing to session-syncer
* Do not run syncer logic in decorator tests
* Extract test constants
* Change Observables to BehaviorSubject
* Move sendMessage to static method in BrowserApi
* Implement session sync
* only watch in manifest v3
* Use session sync on folder service
* Add array observable sync
* Bypass cache on update from message
* Create feature and dev flags for browser
* Protect development-only methods with decorator
* Improve todo comments for long-term residency
* Use class properties in init
* Do not reuse mocks
* Use json (de)serialization patterns
* Fix failing session storage in dev environment
* Split up complex EncString constructor
* Default false for decrypted session storage
* Try removing hydrate EncString method
* PR review
* PR test review
* Replace Permissions enum and helper methods with callbacks
* Remove scim feature flag
* Check if org has feature enabled as part of canManage checks
* Pin jest-mock-extended at v2.0.6 to fix compilation error
* Create base jest.config file
* Fix various tests that were broken
* Add maxWorkers to jest config
* Undo change to testEnvironment
* Enable tsconfig.spec.json
* Work on background service worker.
* Work on shortcuts
* Work on supporting service worker
* Put new background behind version check
* Fix build
* Use new storage service
* create commands from crypto service (#2995)
* Work on service worker autofill
* Got basic autofill working
* Final touches
* Work on tests
* Revert some changes
* Add modifications
* Remove unused ciphers for now
* Cleanup
* Address PR feedback
* Update lock file
* Update noop service
* Add chrome type
* Handle "/" in branch names
Updates web workflow to handle the `/` in branch names when it's a PR.
* Remove any
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Micaiah Martin <77340197+mimartin12@users.noreply.github.com>
* Change subscription to rely on observables and not on BehaviourSubject
* Ensure OnDestroy is added to AppComponent
* Fix check for no active accounts to redirect to the login page instead of lock
* Change subscription handling on SearchBarService
* Fix naming convention: Observables should have a $ suffix
* Remove obsolete linter hint
* Fix activeAccountUnlocked getting exposed as Observable but is instantiated as BehaviourSubject
* Add managed_schema
* Add note on login page which server you are logging into.
* Implement it
* Remove caching logic since it seems unecessary
* Add error
* Handle error in hasManagedEnvironment
* Fix compile
* Added abstractions for PolicyApiService and PolicyService
* Added implementations for PolicyApiService and PolicyService
* Updated all references to new PolicyApiService and PolicyService
* Deleted old PolicyService abstraction and implementation
* Fixed CLI import path for policy.service
* Fixed main.background.ts policyApiService dependency for policyService
* Updated policy-api.service with the correct imports
* [EC-376] Sorted methods order in PolicyApiService
* [EC-376] Removed unused clearCache method from PolicyService
* [EC-376] Added upsert method to PolicyService
* [EC-376] PolicyApiService putPolicy method now upserts data to PolicyService
* Removed check for getBiometricLocked
It always returned false even when no biometrics were used.
* Remove the other check for getBiometricsLocked
* Ensure that biometricFingerprintValidation is reset, when biometrics are disabled
* Removed getBiometricsLocked and setBiometricsLocked
With nothing in the codebase reading the state of getBiometricsLocked, I've removed all places where it was set or saved.
* Refactor execution of reload into a separate method
* Conditonally pass the window object to `BrowserApi.reloadExtension`
* Clarify in comment, that the PIN has to be set with ask for Master Password on restart
* Ensure the process reload is executed on logout
* Use accounts instead of lastActive == null to determine a reload on logout
* Moved identical logic from desktop and browser into system.service
* Simplified check for refresh to handle no accounts found, logout, lock with lastActive longer than 5 seconds
* Move resolveLegacyKey to encryptService for utf8 decryption
* Deprecate account.keys.legacyEtmKey
Includes migration to tidy up leftover data
* Use new IEncrypted interface
* [EC-317] feat: add delete account section in settings
* [EC-317] feat: add new delete account modal
* [EC-317] feat: add ability to replace top-most modal
* [EC-317] chore: remove unecessary lint ignore
* [EC-317] fix: so delete account is closed if export vault is opened
* [EC-317] feat: inital delete account design without i18n
* [EC-317] feat: disabled but basic working delete functionality
* [EC-317] feat: implement according to new design
* [EC-317] feat: use translations
* [EC-317] feat: implement working deletion
* [EC-317] feat: add loading state and error messages
* [EC-317] feat: add menu bar item
* [EC-317] feat: update form to support typed reactive forms
* [EC-317] chore: update translation text after design review
* [EC-317] feat: move deletion logic to service
* [EC-317] refactor: update web deletion
* [EC-317] feat: disable submit if secret is empty
* [EC-317] fix: handle errors in components as well
* [EC-317] fix: use abstraction as interface
* [EC-317] refactor: extract deleteAccount from api service
* [EC-317] fix: typo in translations
* [EC-317] chore: rename to accountApiService
* Added properties "userCount", "seats" and "plan" to ProviderOrganizationResponse
* Added text message "numberOfUsers"
* Updated provider clients component with new columns
* Removed never used dependency
* Changed userCount to non nullable number
* Added condition on the component to only show seats number if not null
* Changed view condition to an explicit check
* Added organizationId to EventData and EventRequest
* Added EventType Organization_ClientExportedVault
* Sending organizationId on Organization Export event
* Checking that the user belongs to the organization
* Added organizationExportResponse model
* Added API method to get Organization vault export data
* Updated getOrganizationDecryptedExport to use new API method
* made changes in the errorResponse.ts to return toast message for status 429
* refactor the existing bug implementation
Co-authored-by: dynwee <onwudiweokeke@gmail.com>
* [PS-713] Fix locale search bug
* [PS-713] Add new locales to start at 1 char search
* [PS-713] Switch to ReplaySubject and other edits from PR comments
* PS-713: Add destroy to other sub and make locale inline a const
* PS-713: Use firstValueFrom instead of takeUntil
* PS-713: get this.locale asynchronously
Co-authored-by: Colton Hurst <churst@bitwarden.com>
* feat: add unassigned collection to decrypted collections
* feat: add support for unassigned in individual vault
* fix: dont activate collection when not selected
* fix: remove collection selection completely when pruning
* feat: prune collection selection if selecting my vault
* fix: filter and only show organization ciphers when unassigned collection is selected
* fix: only show unassigned for admins
* feat: add unassigned logic to organizational vault buildFilter
* refactor: move buildFilter to VaultFilterModel
* chore: add buildFilter tests
* fix: bugs in filtering logic
* refactor: use VaultFilter.buildFilter on desktop
* chore: group and reword tests for better readability
* feat: add additional test
* fix: connect unassigned collection to organization
* fix: test by adding missing
* chore: tweak test group naming
* fix: change undefined to null to better reflect real values
* [refactor] Introduce a file download service
* [refactor] Point platformUtilsService.saveFile() callers to fileDownloadService.download() instead
* [refactor] Remove platformUtilsService.saveFile()
* [fix] Force send attachments to always download and never open
* [fix] Remove the window property from FileDownloadRequest
* [fix] Move FileDownloadRequest to /abstractions/fileDownload
* [fix] Simplify FileDownloadRequest to a type
* [fix] Move BrowserApi.saveFile logic into BrowserFileDownloadService
* [fix] Use proper blob types for file downloads
* [fix] forceDownload -> downloadMethod on FileDownloadRequest
* [fix] Remove fileType from FileDownloadRequest
* [fix] Make fileType private
* Use abstract methods and generics in StorageService
* Prepend `Abstract` to abstract classes
* Create session browser storage service
* Use memory storage service for state memory
* Inject memory storage service
* Maintain filename extensions to help ide formatting
* Preserve state if it's still in memory
* Use jslib's memory storage service
* linter
* Create prototypes on stored objects
* standardize package scripts
* Add type safety to `withPrototype` decorators
* webpack notify manifest version
* Fix desktop
* linter
* Fix script
* Improve prototye application
* do not change prototype if it already matches desired
* fix error with object values prototype application
* Handle null state
* Apply prototypes to browser-specific state
* Add angular language server to recommended extensions
* Improve browser state service tests
* Start testing state Service
* Fix abstract returns
* Move test setup files to not be picked up by default glob matchers
* Add key generation service
* Add low-dependency encrypt service
* Back crypto service with encrypt service.
We'll want to work items that don't require state over to encrypt service
* Add new storage service and tests
* Properly init more stored values
* Fix reload issues when state service is recovering state from session storage
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Justin Baur <admin@justinbaur.com>
* Simplify encrypt service
* Do not log mac failures for local-backed session storage
* `content` changed to `main` in #2245
* Fix CLI
* Remove loggin
* PR feedback
* Merge remote-tracking branch 'origin/master' into add-memory-storage-to-state-service
* Fix desktop
* Fix decrypt method signature
* Minify if not development
* Key is required
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Justin Baur <admin@justinbaur.com>
* feat(browser): Update auto biometrics copy
* refactor(common): remove TotpService.isAutoCopyEnabled and use state directly
The TotpService was just taking the value from StateService and forwarding it, making it depend on state service.
All services that depended on the TotpService.isAutoCopyEnable flag also depended on StateService.
This therefore simplifies things by using StateService directly.
* feat(browser): update auto totp copy
* feat(browser): update add login notification copy
* feat(browser): update change password notification copy
* feat(browser): update context menu copy
* feat(browser): update show cards current tab copy
* feat(browser): update show identities current tab copy
* feat(browser): update enable favicon copy
* feat(browser): update badge counter copy
* feat(browser): update auto-fill copy
* feat(desktop): update auto biometrics prompt copy
* feat(desktop): update favicon copy
* feat(desktop): adjust copy
* feat(web): update favicons copy
* feat(web): adjust copy
* feat(web): update preference settings to sentence case
* feat(browser): update settings and options page to sentence case
* feat(desktop): update settings to sentence case
* feat(web): update copy
* feat(desktop): update copy
* PS-589 Added Device Verification section for enable/disable the feature of 2FA email on new device login and the api calls for the new endpoint
* PS-589 prettier fix
* PS-589 Fix import typo because of caps
* PS-589 Improved button to use bitButton directive and loading to have the ngIf on the 2fa setup component
