* community PR reviewed, Update search cancel button to be visible in all themes
* community PR reviewed, Update search cancel button to be visible in all themes 2
* [SG-163] Two step login flow web (#3648)
* two step login flow
* moved code from old branch and reafctored
* fixed review comments
* [SG-164] Two Step Login Flow - Browser (#3793)
* Add new messages
* Remove SSO button from home component
* Change create account button to text
* Add top padding to create account link
* Add email input to HomeComponent
* Add continue button to email input
* Add form to home component
* Retreive email from state service
* Redirect to login after submit
* Add error message for invalid email
* Remove email input from login component
* Remove loggingInTo from under MP input
* Style the MP hint link
* Add self hosted domain to email form
* Made the mp hint link bold
* Add the new login button
* Style app-private-mode-warning in its component
* Bitwarden -> Login text change
* Remove the old login button
* Cancel -> Close text change
* Add avatar to login header
* Login -> LoginWithMasterPassword text change
* Add SSO button to login screen
* Add not you button
* Allow all clients to use the email query param on the login component
* Introduct HomeGuard
* Clear remembered email when clicking Not You
* Make remember email opt-in
* Use formGroup.patchValue instead of directly patching individual controls
* [SG-165] Desktop login flow changes (#3814)
* two step login flow
* moved code from old branch and reafctored
* fixed review comments
* Make toggleValidateEmail in base class public
* Add desktop login messages
* Desktop login flow changes
* Fix known device api error
* Only submit if email has been validated
* Clear remembered email when switching accounts
* Fix merge issue
* Add 'login with another device' button
* Remove 'log in with another device' button for now
* Pin login pag content to top instead of center justified
* Leave email if 'Not you?' is clicked
* Continue when enter is hit on email input
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* [SG-750] and [SG-751] Web two step login bug fixes (#3843)
* Continue when enter is hit on email input
* Mark email input as touched on 'continue' so field is validated
* disable login with device on self-hosted (#3895)
* [SG-753] Keep email after hint component is launched in browser (#3883)
* Keep email after hint component is launched in browser
* Use query params instead of state for consistency
* Send email and rememberEmail to home component on navigation (#3897)
* removed avatar and close button from the password screen (#3901)
* [SG-781] Remove extra login page and remove rememberEmail code (#3902)
* Remove browser home guard
* Always remember email for browser
* Remove login landing page button
* [SG-782] Add login service to streamline login form data persistence (#3911)
* Add login service and abstraction
* Inject login service into apps
* Inject and use new service in login component
* Use service in hint component to prefill email
* Add method in LoginService to clear service values
* Add LoginService to two-factor component to clear values
* make login.service variables private
Co-authored-by: Gbubemi Smith <gsmith@bitwarden.com>
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* Add item decryption to encryptService
* Create multithreadEncryptService subclass to handle web workers
* Create encryption web worker
* Refactor cipherService to use new interface
* Update dependencies
* feat(browser): implement theming for notification bar
* refactor(browser): split notification bar function
* refactor(browser): use own method for getCurrentTheme
* chore(browser): add close.svg file as an asset
this file is embedded in apps/browser/src/notification/bar.html
* feat(browser): change textContrast color on primary buttons
* feat(browser): use dedicated color variable for close button
* feat(browser): use textColor for close button
* feat(browser): implement styling for select fields
* feat(browser): improve close button styling, add hover effect
* PS-976 - when user has cipher readonly permissions, prevent user from editing cipher fields and make separate api call that only updates Favorite and Folder values
* PS-976 - in the readonly edit cipher view, hide non-operable buttons and display select values as readonly input text
* PS-976 - update failing test
* PS-976 - split cipher saveWithServer call into Create and Update calls
* PS-976 - replace property with function call to get the card expiration month for the readonly view
* MM-976 - when user has readonly permissions hide "delete" button on View Item view, hide generate username/password buttons on Edit Item view
* PS-976 - rename cipherPartialRequest file to align with new naming convention
* Add test cases from previous PR https://github.com/bitwarden/jslib/pull/547
* Install tldts as replacement for tldjs
* Use tldts for hostname and domain retrieval/validation
* Remove usage of old tldjs.noop-implementation
* Add handling of about protocol
* Remove usage of tldEndingRegex and use tldts check instead
* Uninstall @types/tldjs and tldjs
* Updated package-lock.json
* Fix accessibility cookie check
* Rename loginUriView.spec to login-uri-view.spec
* Add test for getDomain failing file links
* getHostName - Return null when given, data, about or file links
* Do not autofill if sandboxed
`self.origin` is 'null' if inside a frame with sandboxed csp or iframe tag
* Update apps/browser/src/content/autofill.js
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Record changes in autofill.js
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* updated content to sentence case
* updated 2fa verbs to match web vault PR
* title case Social Security
* sentence cased missed strings
* fixed 'work' typo on generator strings
* sentence cased Copy username
* updated missed menu options to sentence case
* Add translations for en and fi to test with
* Fix file select not being translated
* Add more translations for en and fi to test with
* Update permission labels to locale version
* Revert forms.scss file
* Revert changes
* Specify file selector button type
Co-authored-by: Daniel James Smith <djsmith@web.de>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Update Web styles and CSP to support MultiSelect component
- Include the MultiSelect module in the CL barrel file of exports
- Import the MultiSelect scss into the Web styles.scss
- Add the necessary sha256 hash to webpack CSP policy to support ngSelect inline styles
* Undo removal of 127.0.0.1 from webpack CSP
* Initial - add folder id to popup item view
* Add folder service to view component
* Move folder info higher in the item view as proper box
* Add folder name handling to component
* Add folder field to browser view
* Add folder field to desktop view
* Make folder field draggable
following the merging of https://github.com/bitwarden/clients/pull/3321 also make the folder field draggable
* Use `<label>` and readonly `<input>`
In anticipation of https://github.com/bitwarden/clients/pull/3485 being merged
* Changes from review
- change input name to `folderName`, match it in the `for` attribute on the `<label>`
- add an `if` check before querying folder names
* Match `name` to `id`
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* updated title case to sentence case
also added grammatical improvement to confirmation messages
* capitalized 'vault'
also updated the term personal vault to individual vault
* capitalized 'send'
* capitalized 'provider'
also caught some straggling lowercase 'vaults'
* sentence case 'organizations,' 'owners', and 'admins'
* updated more casing to sentence
* lowercase vault
* Updated Premium to title case
* fixed typos
* Fixed typos and removed 'disable'
* updated two-step login terms
* Fixed missed sentence casing
* Fixed missed sentence case
* lowercased groups
fixed other missed sentence case items as well
* fixe membership casing
* uppercase plan casing
addressed other comments from Fred.
* casing on billing sync and trash
* uppercase Social Security
* fixed single sign-on casing
fixed Enterprise policy casing
* merging in master
* replaced enabled
* fixed typos
Co-authored-by: Patrick <94560851+patrick-bitwarden@users.noreply.github.com>
* Add needed factories for AuthService
WIP: Allow console logs
* Add badge updates
* Init by listener
* Improve tab identification
* Define MV3 background init
* Init services in factories.
Requires conversion of all factories to promises.
We need to initialize in factory since the requester of a service
doesn't necessarily know all dependencies for that service. The only
alternative is to create an out parameter for a
generated init function, which isn't ideal.
* Improve badge setting
* Use `update-badge` in mv2 and mv3
Separates menu and badge updates
* Use update-badge everywhere
* Use BrowserApi where possible
* Update factories
* Merge duplicated methods
* Continue using private mode messager for now
* Add static platform determination.
* Break down methods and extract BrowserApi Concerns
* Prefer strict equals
* Init two-factor service in factory
* Use globalThis types
* Prefer `globalThis`
* Use Window type definition updated with Opera
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
* Distinguish Opera from Safari
Opera includes Gecko, Chrome, Safari, and Opera in its user agent. We need to make sure that
we're not in Opera prior to testing Safari.
* Update import
* Initialize search-service for update badge context
* Build all browser MV3 artifacts
only uploading Chrome, Edge and Opera artifacts for now, as those support manifest V3
Also corrects build artifact to lower case.
* Remove individual dist
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Add generate command
* Add JSDoc
* Minor improvements
* Remove unneeded comment
* Make some properties optional
* Remove main.background.ts changes
* One more
* Lint
* Make all but length optional
* Address PR feedback
* Move generate command code to command
* Address PR feedback
* Use new alarm scheme
* Let feature handle state keys
Moves to a feature folder and creates clipboard-module level state
handler functions.
StateService is being paired down to storage routing, so we are handling storage
specifics in-module.
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Daniel Smith <djsmith85@users.noreply.github.com>
* Missed some changes
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Daniel Smith <djsmith85@users.noreply.github.com>
* Add CreationDate to common libs
* Add CreationDate to Browser
* Add CreationDate to CLI
* Add CreationDate to Desktop
* Add CreationDate to Web
* Update tests
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Copy updated. Transition browser strings to use sentence case for all UI elements, except the following terms:
• Branded Names: Provider(s) + Provider Portal, Send(s) + Send, Directory Connector
• Plan Names: Premium, Families, Teams, Enterprise
* Add windows to platform utils service
Note, this will result in conflicts with several in-flight PRs, but is necessary for following commits.
* Add necessary background service factories
* Simplify autofill command
* Remove noop event service
* Added abstractions for PolicyApiService and PolicyService
* Added implementations for PolicyApiService and PolicyService
* Updated all references to new PolicyApiService and PolicyService
* Deleted old PolicyService abstraction and implementation
* Fixed CLI import path for policy.service
* Fixed main.background.ts policyApiService dependency for policyService
* Ran prettier
* Updated policy-api.service with the correct imports
* [EC-377] Removed methods from StateService that read policies
* [EC-377] Updated policy service getAll method to use observable collection
* [EC-377] Added first unit tests for policy service
* [EC-377] Added more unit tests for Policy Service
* [EC-376] Sorted methods order in PolicyApiService
* [EC-376] Removed unused clearCache method from PolicyService
* [EC-376] Added upsert method to PolicyService
* [EC-376] PolicyApiService putPolicy method now upserts data to PolicyService
* [EC-377] Removed tests for deleted clearCache method
* [EC-377] Added unit test for PolicyService.upsert
* [EC-377] Updated references to state service observables
* [EC-377] Removed getAll method from PolicyService and refactored components to use observable collection
* [EC-377] Updated components to use concatMap instead of async subscribe
* [EC-377] Removed getPolicyForOrganization from policyApiService
* [EC-377] Updated policyAppliesToUser to return observable collection
* [EC-377] Changed policyService.policyAppliesToUser to return observable
* [EC-377] Fixed browser settings.component.ts getting vault timeout
* Updated people.component.ts to get ResetPassword policy through a subscription
* [EC-377] Changed passwordGenerationService.getOptions to return observable
* [EC-377] Fixed CLI generate.command.ts getting enforcePasswordGeneratorPoliciesOnOptions
* [EC-377] Fixed eslint errors on rxjs
* [EC-377] Reverted changes on passwordGeneration.service and vaultTimeout.service
* [EC-377] Removed eslint disable on web/vault/add-edit-component
* [EC-377] Changed AccountData.policies to TemporaryDataEncryption
* [EC-377] Updated import.component to be reactive to policyAppliesToUser$
* [EC-377] Updated importBlockedByPolicy$
* [EC-377] Fixed missing rename
* [EC-377] Updated policyService.masterPasswordPolicyOptions to return observable
* [EC-377] Fixed vaultTimeout imports from merge
* [EC-377] Reverted call to passwordGenerationService.getOptions
* [EC-377] Reverted call to enforcePasswordGeneratorPoliciesOnOptions
* [EC-377] Removed unneeded ngOnDestroy
* Apply suggestions from code review
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* [EC-377] Fixed login.component.ts and register.component.ts
* [EC-377] Updated PolicyService to update vaultTimeout
* [EC-377] Updated PolicyService dependencies
* [EC-377] Renamed policyAppliesToUser to policyAppliesToActiveUser
* [EC-377] VaultTimeoutSettings service now gets the vault timeout directly instead of using observables
* [EC-377] Fixed unit tests by removing unneeded vaultTimeoutSettingsService
* [EC-377] Set getDecryptedPolicies and setDecryptedPolicies as deprecated
* [EC-377] Set PolicyService.getAll as deprecated and updated to use prototype.hasOwnProperty
* [EC-565] Reverted unintended change to vaultTimeoutSettings that was causing a bug to not display the correct vault timeout
* [EC-377] Removed unneeded destroy$ from preferences.component.ts
* [EC-377] Fixed policy.service.ts import of OrganizationService
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: mimartin12 <77340197+mimartin12@users.noreply.github.com>
* Trim everything at the end of decrypted payload before parsing
* Clarify comment
* Use char code check for nulls
* Extract trim code to function
* make char codes constants
* Fix async subscribe
* Revert "[PS-1066] Browser and Desktop - SSO User does not see Update Master Password screen after Owner does a Admin Password Reset (#3207)"
This reverts commit 0eda418591.
* Make totp countdown `aria-hidden`, add copy of countdown as `sr-only` inside totp button, only make it conditionally "exist" on parent focus
* Make exact same changes to desktop totp
* Tweak copy button accessible name approach
instead of `aria-label`, which overrides the content of the button and, because JAWS has trouble announcing the live region in the desktop app, results in JAWS not announcing ANY countdown at all, this at least announces the current countdown number when the button receives focus in JAWS
* Add `aria-atomic="true"`
avoid JAWS/Firefox only announcing the specific digit that updates, rather than the number as a whole
* Update, run prettier, lint
* Remove orphaned jslibs
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add build command for ee
* Add config for ee
* Add build workflow for ee
* Change build pipeline for web ee
* Fix name of workflow in trigger
* Build ee image in web build workflow
* Fix name on matrix
* FIx name of the artifact
* Comment out zip extract
* Add zip extract
* All listing dir before unzip
* Add pwd
* Comment out unzipping
* Fix
* Add matrix instead of two stages
* Remove build web ee workflow
* Fix name
* Update imports
* Implement observables in a few places
* Add tests
* Get all clients working
* Use _destroy
* Address PR feedback
* Address PR feedback
* Address feedback
* passwordless login page redesign
* passwordless login page redesign
* restyled login form to use tailwind
* restyled login form to use tailwind
* moved texts on login device template to locales
* made reactive form changes for clients
* added request model
* made more changes
* added implmentation to auth request api
* fixed refrencing issue
* renamed model property
* Added resend notification functionality
* Added new file
* login with device first draft
* login with device first draft
* login with device first draft
* login with device first draft
* connection to anonymous hub
* connection to anonymous hub
* refactored confirm login response
* removed comment
* cleaned up login
* changed uptyped form builder
* changed uptyped form builder
* [SG-168] Update login strategy with passwordless login credentials.
* [SG-168] Removed logs. Changed inputs for passwordless logic strategy. Removed tokenRequestPasswordless it is using the same as password.
* code cleanup
* code cleanup
* removed login with device from self hosted
* fixed PR comments
* added module for login
* fixed post request bug
* added feature flag
* added feature flag
* added feature flag
Co-authored-by: André Bispo <abispo@bitwarden.com>
* [SG-523] Base test runner app for native messages (#3269)
* Base test runner app for native messages
* Remove default test script
* Add case for canceled status
* Modify to allow usage of libs crypto services and functions
* Small adjustments
* Handshake request (#3277)
* Handshake request
* Fix capitalization
* Update info text
* lock node-ipc to 9.2.1
* [SG-569] Native Messaging settings bug (#3285)
* Fix bug where updating setting wasn't starting the native messaging listener
* Update test runner error message
* [SG-532] Implement Status command in Native Messaging Service (#3310)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Add active field to status response
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* Remove in progress file (merge error)
* Move models to their own folder and add index.ts
* Remove file that got un-deleted
* Remove file that will be added in separate command
* Fix imports that got borked
* [SG-533] Implement bw-credential-retrieval (#3334)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Implement bw-credential-retrieval
* Add active field to status response
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* Add error handling for passing a bad public key to handshake
* [SG-534] and [SG-535] Implement Credential Create and Update commands (#3342)
* Status command start
* Refactor ipc test service and add status command
* fixed linter errors
* Move types into a model file
* Cleanup and comments
* Fix auth status condition
* Remove .vscode settings file. Fix this in a separate work item
* Implement bw-credential-retrieval
* Add active field to status response
* Add bw-credential-create
* Better response handling in test runner
* Extract native messaging types into their own files
* Remove experimental decorators
* Turn off no console lint rule for the test runner
* Casing fix
* Models import casing fixes
* bw-cipher-create move type into its own file
* Use LogUtils for all logging
* Implement bw-credential-update
* Give naming conventions for types
* Rename file correctly
* Update handleEncyptedMessage with EncString changes
* [SG-626] Fix Desktop app not showing updated credentials from native messages (#3380)
* Add MessagingService to send messages on login create and update
* Add `not-active-user` error to create and update and other refactors
* [SG-536] Implement bw-generate-password (#3370)
* implement bw-generate-password
* Fix merge conflict resolution errors
* Update apps/desktop/native-messaging-test-runner/src/bw-generate-password.ts
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Logging improvements
* Add NativeMessagingVersion enum
* Add version check in NativeMessagingHandler
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Refactor account status checks and check for locked state in generate command (#3461)
* Add feawture flag to show/hide ddg setting (#3506)
* [SG-649] Add confirmation dialog and tweak shared key retrieval (#3451)
* Add confirmation dialog when completing handshake
* Copy updates for dialog
* HandshakeResponse type fixes
* Add longer timeout for handshake command
* [SG-663] RefactorNativeMessagingHandlerService and strengthen typing (#3551)
* NativeMessageHandlerService refactor and additional types
* Return empty array if no uri to retrieve command
* Move commands from test runner into a separate folder
* Fix bug where confirmation dialog messes with styling
* Enable DDG feature
* Fix generated password not saving to history
* Take credentialId as parameter to update
* Add applicationName to handshake payload
* Add warning text to confirmation modal
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Clean up dangling behaviorSubject
* Handle null in utils
* fix null check
* Await promises, even in async functions
* Add to/fromJSON methods to State and Accounts
This is needed since all storage in manifest v3 is key-value-pair-based
and session storage of most data is actually serialized into an
encrypted string.
* Simplify AccountKeys json parsing
* Fix account key (de)serialization
* Remove unused DecodedToken state
* Correct filename typo
* Simplify keys `toJSON` tests
* Explain AccountKeys `toJSON` return type
* Remove unnecessary `any`s
* Remove unique ArrayBuffer serialization
* Initialize items in MemoryStorageService
* Revert "Fix account key (de)serialization"
This reverts commit b1dffb5c2c, which was breaking serializations
* Move fromJSON to owning object
* Add DeepJsonify type
* Use Records for storage
* Add new Account Settings to serialized data
* Fix failing serialization tests
* Extract complex type conversion to helper methods
* Remove unnecessary decorator
* Return null from json deserializers
* Remove unnecessary decorators
* Remove obsolete test
* Use type-fest `Jsonify` formatting rules for external library
* Update jsonify comment
Co-authored-by: @eliykat
* Remove erroneous comment
* Fix unintended deep-jsonify changes
* Fix prettierignore
* Fix formatting of deep-jsonify.ts
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* fixing the bug ps-1319 by using ellipsis pipe which deafultg 25 character length
* pass 20 as the limit length instead default 25
Co-authored-by: dynwee <onwudiweokeke@gmail.com>
* Fix repository url to point to the clients repo
* Fix missing description in snapcraft.yml
* Nuspec: Fix links to point to clients repo
* Nuspec: Use the correct brand icon(same as desktop)
* Nuspec:Update description based on other stores (browser)
* PS-1111 Added prefix "Vault:" for accessibility to vault selector items
* improved html readability
* PS-1111 Added more screen reader accessibility data to the Vault selector on Desktop and Web clients
* PS-1111 removed duplicated aria-label
* PS-1111 Removed unnecessary aria-label attribute
* PS-1111 Changed browser vault item accessibility title from span to button
* [refactor] Isolate form validation logic
* [refactor] Relocate a few input scrubbing lines
* [refactor] Isolate RegisterRequest object construction logic
* [refactor] Isolate account registration logic
* [refactor] Isolate login logic
* [fix] Check for captchas during login from trial initiation
* [fix] Avoid a duplicated toast if the account was already created
