* [PM-16098] Add decryptionFailure flag to CipherView
* [PM-16098] Add failedToDecryptCiphers$ observable to CipherService
* [PM-16098] Introduce decryption-failure-dialog.component
* [PM-16098] Disable cipher rows for the Web Vault
* [PM-16098] Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher
* [PM-16098] Browser - Show decryption error dialog on vault load or when attempting to view/edit a corrupted cipher
* [PM-16098] Desktop - Show decryption error dialog on vault load or when attempting to view a corrupted cipher. Remove edit/clone context menu options and footer actions.
* [PM-16098] Add CS link to decryption failure dialog
* [PM-16098] Return cipherViews and move filtering of isDeleted to consumers
* [PM-16098] Throw an error when retrieving cipher data for key rotation when a decryption failure is present
* [PM-16098] Properly filter out deleted, corrupted ciphers when showing dialog within the Vault
* [PM-16098] Show the decryption error dialog when attempting to view a cipher in trash and disable the restore option
* [PM-16098] Exclude failed to decrypt ciphers from getAllDecrypted method and cipherViews$ observable
* [PM-16098] Avoid re-sorting remainingCiphers$ as it was redundant
* [PM-16098] Update tests
* [PM-16098] Prevent opening view dialog in AC for corrupted ciphers
* [PM-16098] Remove withLatestFrom operator that was causing race conditions when navigating away from the individual vault
* [PM-16098] Ensure decryption error dialog is only shown once on Desktop when switching accounts
Adds a device management tab under settings -> security that allows users to:
- View and manage their account's connected devices
- Remove/deactivate devices
- See device details like platform, last login, and trust status
- Sort and filter device list with virtual scrolling
Resolves PM-1214
* update code owners
* Move lock component v2 to KM
* Add @bitwarden/key-management/angular to tsconfigs
* Move lock component service to KM
* Move lock component v1 to KM
* Update imports
* Move into @bitwarden/key-management
* Revert "Move into @bitwarden/key-management"
This reverts commit b7514fb8c2.
* Add to tsconfig.libs
* add disabledInteractionsUris state to the domain settings service
* add routes and ui for user disabledInteractionsUris state management
* use disabled URIs service state as a preemptive conditon to injecting content scripts
* move disabled domains navigation button from account security settings to autofill settings
* update disabled domain terminology to blocked domain terminology
* update copy
* handle blocked domains initializing with null value
* add dismissable banner to the vault view when the active autofill tab is on the blocked domains list
* add autofill blocked domain indicators to autofill suggestions section header
* add BlockBrowserInjectionsByDomain feature flag and put feature behind it
* update router config to new style
* update tests and cleanup
* use full-width-notice slot for domain script injection blocked banner
* convert thrown error on content script injection block to a warning and early return
* simplify and enspeeden state resolution for blockedInteractionsUris
* refactor feature flag state fetching and update tests
* document domain settings service
* remove vault component presentational updates
* Remove v1 code for Tab/Vault Part 2
* Removal conditional for assign-collections
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* add fixed width to vault list icon
* justify start
* don't display totp capture when in popout
* Revert "don't display totp capture when in popout"
This reverts commit f50b0a6caf.
* Remove v1 account security settings
Delete v1 component
Remove conditional routing based on extension refresh feature flag
* Remove unused import
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Migrated folder service from using active user state to single user state
Added extra test cases for encrypted folder and decrypted folders
Updated derived state to use decrypt with key
* Update callers in the web
* Update callers in the browser
* Update callers in libs
* Update callers in cli
* Fixed test
* Fixed folder state test
* Fixed test
* removed duplicate activeUserId
* Added takewhile operator to only make calls when userId is present
* Simplified to accept a single user id instead of an observable
* Required userid to be passed from notification service
* [PM-15635] Folders not working on desktop (#12333)
* Added folders memory state definition
* added decrypted folders state
* Refactored service to remove derived state
* removed combinedstate and added clear decrypted folders to methods
* Fixed test
* Fixed issue with editing folder on the desktop app
* Fixed test
* Changed state name
* fixed ts strict issue
* fixed ts strict issue
* fixed ts strict issue
* removed unnecessasry null encrypteed folder check
* Handle null folderdata
* [PM-16197] "Items with No Folder" shows as a folder to edit name and delete (#12470)
* Force redcryption anytime encryption state changes
* Fixed text file
* revert changes
* create new object with nofolder instead of modifying exisiting object
* Fixed failing test
* switched to use memory-large-object
* Fixed ts sctrict issue
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
On https://github.com/bitwarden/clients/pull/12326 I refactored and
extended a bit of special case logic for process reloads on Safari. This
appears to have caused a regression, and I think it's because I didn't
return from the function when Safari reloads. This makes it still call
`chrome.runtime.reload()`, which makes Safari send an "install" event,
which leads to our extension opening it's Getting Started page.
This commit returns after the location reload in Safari. This is tricky
to test locally as the issue does not appear with sideloaded apps. I'll
test it with Testflight!
* Remove lowercasing of View page headers
* Remove lowercasing of Add/edit page headers
* Remove lowercasing of Web ViewAdd/edit page headers
* Fix tests
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* enhancement: UI for multiple totp elements
* add tests
* update snapshots
* update obsolete snapshots
* PM-15593
- Added conditional statement for text displayed in the totp code span
- Added styling to the returned text
* remove method, hard code string.
* PM-15593
- Added getFilteredCiphersForTotpField method
- Implemented getFilteredCiphersForTotpField on update list method
- Updated tests to not always have a top field
* account for no totp code ciphers in totp fields
* Remove Send grouping, type and state
* Delete Send list and add-edit
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove v1 generator, generator history page and extension refresh conditional routing
* Remove unused keys from en/messages.json
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
This PR deletes the legacy lock components from the Angular clients and also removes feature flag control from the routing. The lock component will now be based entirely on the new, recently refreshed LockComponent in libs/auth/angular.
* Remove conditional routing for new vault page (header/footer)
Redirect tabs/current to tabs/vault (new home)
* Remove unused TabsComponent
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* force viewOnly to be true for emergency access
* add input to hide password history, applicable when the view is used from emergency view
* add extension refresh version of the emergency view dialog
* allow emergency access to view password history
- `ViewPasswordHistoryService` accepts a cipher id or CipherView. When a CipherView is included, the history component no longer has to fetch the cipher.
* remove unused comments
* Add fixme comment for removing non-extension refresh code
* refactor password history component to accept a full cipher view
- Remove the option to pass in only an id
* starting
* setup first page for new device verification notice
* update designs for first page. rename components and files
* added second page for new device verification notice
* update notice page one with bit radio buttons. routing logic. user email
* updated routing for new device verification notice to show before vault based on flags, and can navigate back to vault after submission
* fix translations. added remind me later link and nav to page 2
* sync the design for mobile and web
* update routes in desktop
* updated styles for desktop
* moved new device verification notice guard
* update types for new device notice page one
* add null check to page one
* types
* types for page one, page two, service, and guard
* types
* update component and guard for null check
* add navigation to two step login btn and account email btn
* remove empty file
* update fill of icons to support light & dark modes
* add question mark to email access verification copy
* remove unused map
* use links for navigation elements
- an empty href is needed so the links are keyboard accessible
* remove clip path from exclamation svg
- No noticeable difference in the end result
* inline email message into markup
---------
Co-authored-by: Nick Krantz <nick@livefront.com>
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
This PR fixes a bug in the LockComponent refresh that affected the setup/save and use passkey flows. The user was wrongly directly to the /vault after unlock instead of to /fido2 (the passkey screen).
Feature Flag: ExtensionRefresh ON
This needs to be done, because Firefox compares the keys case-insensitive when a release is uploaded to the store.
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Consolidates existing SSO components into a single unified component in
libs/auth, matching the new design system. This implementation:
- Creates a new shared SsoComponent with extracted business logic
- Adds feature flag support for unauth-ui-refresh
- Updates page styling including new icons and typography
- Preserves web client claimed domain logic
- Maintains backwards compatibility with legacy views
PM-8114
---------
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* Add proxy support for file uploads
Instead of using node's native fetch we extend ApiService with NodeApiService to add support for proxies using `node-fetch`
* Fix constructors for FileUploadService in browser
* Fix dependency on ApiService within jslib-services.module
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Use typescript-strict-plugin to iteratively turn on strict
* Add strict testing to pipeline
Can be executed locally through either `npm run test:types` for full type checking including spec files, or `npx tsc-strict` for only tsconfig.json included files.
* turn on strict for scripts directory
* Use plugin for all tsconfigs in monorepo
vscode is capable of executing tsc with plugins, but uses the most relevant tsconfig to do so. If the plugin is not a part of that config, it is skipped and developers get no feedback of strict compile time issues. These updates remedy that at the cost of slightly more complex removal of the plugin when the time comes.
* remove plugin from configs that extend one that already has it
* Update workspace settings to honor strict plugin
* Apply strict-plugin to native message test runner
* Update vscode workspace to use root tsc version
* `./node_modules/.bin/update-strict-comments` 🤖
This is a one-time operation. All future files should adhere to strict type checking.
* Add fixme to `ts-strict-ignore` comments
* `update-strict-comments` 🤖
repeated for new merge files
On `/update-temp-password`, on the light theme the "Logout" link was not showing in the upper-left corner because the text color for an `a` link is our primary blue color, which blended in with the headers background color. This PR changes the logout `a` link to a `button` so that it inherits the header text color. It should be a button anyway since it's calling a function and not simply routing.
* Added conditional to check if a cipher can be delete by user
* Added change detection on push
* Added directive to check if user can delete a cipher
* Added directive to check if user can delete a cipher
* Replaced check with directive
* removed takeUntilDestroyed
Add timeout state management for two-factor authentication flows in web, desktop,
and browser extension clients. Includes:
- New timeout screen component with 5-minute session limit
- Updated UI elements and styling
- Comprehensive test coverage
Refs: PM-13659
* updating new menus to allow tab + enter to submit the link/button
* Updating New actions to use button instead of a for accessibiity purposes
* refactor
* refactor
* test fix
* fixes
* fixing tests
* fixing test
* fixing tests
---------
Co-authored-by: --global <>
* add check for extension prefixes in the three major browsers.
- Firefox does not throw an error or receive the message. Adding checks for Safari and Chrome for safety if this functionality were to change.
* remove unneeded mock rejection
* move prefixes to dedicated array
* refactor protocol check to its own variable
* Add changes for enabled policy
* Remove unused property
* Refactor the changes
* remove duplicated across multiple components
* Add some test and documentations to service
* Correct the comment free family sponsorship for isExemptFromPolicy
* catch errors from `tabSendMessage`
- Removes the need for a timeout when fetching page details
* Add parameter to reject on error
- allows each implementation to decide if they want to handle the error or not
In the legacy `AccountSercurityV1Component` the `updateBiometric(enabled: boolean)` method had an `else` block to handle an `enabled` value of `false`. The new `AccountSecurityComponent` is missing this block, which makes it so the user cannot disable biometrics because we aren't handling the case where they uncheck the biometrics checkbox. This PR just adds the `else` block in the new component so we handle a `false` value.
Feature Flag: ExtensionRefresh ON
Creates a refreshed and consolidated `LoginDecryptionOptionsComponent` for use on all visual clients, which will be used when the `UnauthenticatedExtensionUIRefresh` feature flag is on.
- Introduce using i18n by importing JslibModule
- Use i18n within markup
- Ensure navButtons.labels is a key that is present in the en/messages.json
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* PM-12077 - Initial work on web process reload - more testing required.
* PM-12077 - Clarify comment
* PM-12077 - Improving UX of logout with process reload.
* PM-12077 - Final tweaks for process reload
* PM-12077 - Remove no longer accurate comment.
* PM-12077 - Per PR feedback, clean up logout reason
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Creates a refreshed and consolidated LoginViaAuthRequestComponent for use on all visual clients, which will be used when the UnauthenticatedExtensionUIRefresh feature flag is on.
* move vault headings to their own component
* update aria-label to bind to the data attribute
* move vault headings to the vault-v2 folder
* integrate disclosure trigger to hide vault filters
* remove built in margin on search component
- spacing will be managed by the parent component
* add event emitter so consuming components can know when disclosure status has changed
* add filter badge when filters are selected and the filters are hidden
* persist filter visibility state to disk
* add supporting text for the filter button
* remove extra file
* only read from stored state on component launch.
- I noticed delays when trying to use stored state as the source of truth
* use two-way data binding for change event
* update vault headers to use two way data binds from disclosure component
- also adjust consuming changes
* add border thickness
* add ticket to the FIXME
* move number of filters observable into service
* move state coordination into filter service
* only expose state and update methods from filter service
* simplify observables to avoid needed state lifecycle methods
* remove comment
* fix test imports
* update badge colors
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Refactor the remaining logic from gulp. Part of the browser build script
refactor effort.
Webpack is now responsible for performing most of the operations previously
done by gulp. This includes: - Setting browser specific class - Building the
manifest file The `package.json` is modified to include browser specific
commands for `build`, `build:prod`, `build:watch` and `dist`.
# Manifests
Manifests now uses the `copy-webpack-plugin` `transform` feature. The logic is
located in `apps/browser/webpack/manifest.js`. It reads a template, which
supports some basic operations primarily overriding with browser specific
fields using `__browser__`. The `manifest.json` for both regular and mv3
builds are identical to our existing manifests except:
- `applications` renamed to `browser_specific_settings`.
- `permissions` sorted alphabetically.
# Safari build
Safari requires additional packaging commands. This is implemented as a
powershell script due to the cross-platform nature, and since we generally
require powershell in our distribution pipelines. An alternative would be to
write it in bash, but bash is less powerful and would require some additional
commands like `jq`. Another alternative is to write it using js, but that would
require additional dependencies.
* feat: update sdk service abstraction with documentation and new `userClient$` function
* feat: add uninitialized user client with cache
* feat: initialize user crypto
* feat: initialize org keys
* fix: org crypto not initializing properly
* feat: avoid creating clients unnecessarily
* chore: remove dev print/subscription
* fix: clean up cache
* chore: update sdk version
* feat: implement clean-up logic (#11504)
* chore: bump sdk version to fix build issues
* chore: bump sdk version to fix build issues
* fix: missing constructor parameters
* refactor: simplify free() and delete() calls
* refactor: use a named function for client creation
* fix: client never freeing after refactor
* fix: broken impl and race condition in tests
* feat: add sdk override to desktop build
* feat: add SDK version to browser about dialog
* feat: add sdk override to browser build
* fix: `npm ci` overriding the override
* fix: artifacts not properly downloaded
* fix: switch to new repository
* feat: add debug version function to web
* feat: add sdk-version to CLI
* feat: add version to desktop
* feat: add override to cli
* feat: add override to web
* fix: cli version acting as default command
* fix: consistent workflow input name
* feat: add error handling
* feat: upgrade sdk-internal
* fix: forgot to update package lock
* fix: broken CI build
move sdk version to a regular command
* chore: revert version changes
* refactor: move error handling code
* chore: bump SDK to 0.2.0.main-1
* fix: clean up references to inputs.sdk_commit
* refactor: rename `init` to `applyVersionToWindow`
