* create domain settings state provider
* replace callsites for defaultUriMatch and neverDomains with DomainSettingsService equivalents
* replace callsites for equivalentDomains with DomainSettingsService equivalents and clean up unused AccountSettingsSettings
* add migrations for domain settings state
* do not use enum for URI match strategy constants and types
* add getUrlEquivalentDomains test
* PR suggestions/cleanup
* refactor getUrlEquivalentDomains to return an observable
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: ✨ Audrey ✨ <ajensen@bitwarden.com>
* update tests
* add UriMatchStrategy docs notes
* service class renames
* use service abstraction at callsites previously using service class directly
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: ✨ Audrey ✨ <ajensen@bitwarden.com>
* add key definition and StrategyData classes
* use state providers for login strategies
* serialize login data for cache
* use state providers for auth request notification
* fix registrations
* add docs to abstraction
* fix sso strategy
* fix password login strategy tests
* fix base login strategy tests
* fix user api login strategy tests
* PM-3339 add tests for admin auth request in sso strategy
* fix auth request login strategy tests
* fix webauthn login strategy tests
* create login strategy state
* use barrel file in common/spec
* test login strategy cache deserialization
* use global state provider
* add test for login strategy service
* fix auth request storage
* add recursive prototype checking and json deserializers to nested objects
* fix CLI
* Create wrapper for login strategy cache
* use behavior subjects in strategies instead of global state
* rename userApi to userApiKey
* pr feedback
* fix tests
* fix deserialization tests
* fix tests
---------
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* Remove Unused services
* Split platform utils between foreground and background
* Respond to clipboard clearing and biometric unlock
* Use new browser platform utils
* Fix folder name
* Fix imports
* biometrics is supported only on windows and mac
* Reject native messaging with errors
We're now going through the runtime background, which expects error objects in message failures
UI warns the user whenever using secure storage in browser that it's
insecure. This is not a change from the current background behavior,
just uses the already existing services in each context.
* Use state provider to store preferred language
* migrate preferred language
* Use new i18n provider to get LOCAL_ID
* Fix preloaded english i18n
This is a mock service that forces english translations, it doesn't need the i18n interface that allows changing of locales.
* PR improvements
* Fixup merge
* add enableContextMenu to autofillSettings and migrate disableContextMenuItem
* replace usages of disableContextMenuItem with autofill settings service global enableContextMenu
* [PM-5880] Refactor Browser Platform Utils Service to Remove Window Service
* [PM-5880] Implementing BrowserClipboardService to handle clipboard logic between the BrowserPlatformUtils and offscreen document
* [PM-5880] Adjusting how readText is handled within BrowserClipboardService
* [PM-5880] Adjusting how readText is handled within BrowserClipboardService
* [PM-5880] Working through implementation of chrome offscreen API usage
* [PM-5880] Implementing jest tests for the methods added to the BrowserApi class
* [PM-5880] Implementing jest tests for the OffscreenDocument class
* [PM-5880] Working through jest tests for BrowserClipboardService
* [PM-5880] Adding typing information to the clipboard methods present within the BrowserPlatformUtilsService
* [PM-5880] Working on adding ServiceWorkerGlobalScope typing information
* [PM-5880] Updating window references when calling BrowserPlatformUtils methods
* [PM-5880] Finishing out jest tests for the BrowserClipboardService
* [PM-5880] Finishing out jest tests for the BrowserClipboardService
* [PM-5880] Implementing jest tests to validate the changes within BrowserApi
* [PM-5880] Implementing jest tests to ensure coverage within OffscreenDocument
* [PM-5880] Implementing jest tests for the BrowserPlatformUtilsService
* [PM-5880] Removing unused catch statements
* [PM-5880] Implementing jest tests for the BrowserPlatformUtilsService
* [PM-5880] Implementing jest tests for the BrowserPlatformUtilsService
* [PM-5880] Fixing broken tests
* [PM-5879] Removing `backgroundWindow` reference used for determing system theme preference in Safari
* [PM-5879] Removing `backgroundWindow` reference used for determing system theme preference in Safari
* [PM-5879] Reworking factory logic within ThemingService factory
* Migrate existing provider data to StateProvider
Migrate existing provider data to StateProvider
* Rework the ProviderService to call StateProvider
* Unit test the ProviderService
* Update DI to reflect ProviderService's new args
* Add ProviderService to logout chains across products
* Remove provider related stateService methods
* Update libs/common/src/state-migrations/migrations/28-move-provider-state-to-state-provider.spec.ts
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Cover up a copy/paste job
* Compare equality over entire array in a test
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* create user notification settings state provider
* replace state service get/set disableAddLoginNotification and disableChangedPasswordNotification with user notification settings service equivalents
* migrate disableAddLoginNotification and disableChangedPasswordNotification global settings to user notification settings state provider
* add content script messaging the background for enableChangedPasswordPrompt setting
* Implementing feedback to provide on PR
* Implementing feedback to provide on PR
* PR suggestions cleanup
---------
Co-authored-by: Cesar Gonzalez <cgonzalez@bitwarden.com>
* Revert "[PM-5277] Migrate Sync Service to State Provider (#7680)"
This reverts commit 78008a9e1e.
Includes a noop migration builder that allows us to bridge over the deleted migration
* Prefer revert migrations to noop
this revert avoids the need to change behavior between released vs unreleased migrations and keeps some dangerous code out of the repo :success:
* Update ordering of badge settings migrator to be consistent with `rc`, which was cut with only up to version 25
* Fix missing type import
* Establish biometric unlock enabled in state providers
* Use biometric state service for biometric state values
* Migrate biometricUnlock
* Fixup Dependencies
* linter and import fixes
* Fix injection
* Fix merge
* Use boolean constructor as mapper
* Conform to documented test naming conventions
* Commit documentation suggestion
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* Fix merge commit
* Fix test names
---------
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* create badge settings state provider
* replace state service get/set disableBadgeCounter with badge settings service equivalent
* migrate disableBadgeCounter account setting to badge settings state provider
* cleanup and address PR suggestions
* create auth request service
* copy methods from auth crypto service
* register new auth request service
* remove refs to auth request crypto service
* remove auth request crypto service
* remove passwordless login method from login strategy service
* add docs to auth request service
* migrate clearClipboard account setting to autofill settings state provider
* replace state service get/set clearClipboard with autofill settings service equivalents
* PR suggestions cleanup
* Fix nextMock arguments
* Add state for biometric prompts
* Use biometric state for prompts
* Migrate biometric prompt data
* wire up biometric state to logouts
* Add migrator to migrate list
* Remove usages of prompt automatically
Explicitly list non-nulled state as intentional
* `npm run prettier` 🤖
* Fix web lock component
* create key generation service
* replace old key generation service and add references
* use key generation service in key connector service
* use key generation service in send service
* user key generation service in access service
* use key generation service in device trust service
* fix tests
* fix browser
* add createKeyFromMaterial and tests
* create ephemeral key
* fix tests
* rename method and add returns docs
* ignore material in destructure
* modify test
* specify material as key material
* pull out magic strings to properties
* make salt optional and generate if not provided
* fix test
* fix parameters
* update docs to include link to HKDF rfc
* [PM-5741] Reworking usage of `window` object in BrowserApi.reloadExtension method
* [PM-5741] Reworking usage of `window` object in BrowserApi.reloadExtension method
* [PM-673] Safari Notification Bar Does Not Show Folders
* [PM-673] Refactoring Context Menu Implementations to Ensure Pages with No Logins Can Dismiss Notification Bar
* [PM-673] Refactoring typing information for the LockedVaultPendingNotificationsItem typing
* [PM-673] Refactoring typing information for notification background
* [PM-673] Finishing out typing for potential extension messages to the notification bar;
* [PM-673] Working through implementation details for the notification background
* [PM-673] Fixing issues present with messaging re-implementation
* [PM-673] Fixing issue with folders not populating within Safari notification bar
* [PM-673] Fixing jest test issues present within implementation
* [PM-673] Fixing issue present with webVaultUrl vulnerability
* [PM-673] Fixing XSS Vulnerability within Notification Bar;
* [PM-5670] Putting together a partial implementation for having messages appear on network error within the notification bar
* [PM-673] Incorporating status update for when user has successfully saved credentials
* [PM-673] Incorporating status update for when user has successfully saved credentials
* [PM-5949] Refactor typing information for notification bar
* [PM-5949] Fix jest tests for overlay background
* [PM-5949] Removing unnused typing data
* [PM-5949] Fixing lint error
* [PM-5949] Adding jest tests for convertAddLoginQueueMessageToCipherView method
* [PM-5949] Fixing jest test for overlay
* [PM-5950] Fix Context Menu Update Race Condition and Refactor Implementation
* [PM-5950] Adding jest test for cipherContextMenu.update method
* [PM-5950] Adding documentation for method within MainContextMenuHandler
* [PM-5950] Adding jest tests for the mainContextMenuHandler
* [PM-673] Stripping unnecessary work for network drop issue
* [PM-673] Stripping unnecessary work for network drop issue
* [PM-673] Stripping out work done for another ticket
* [PM-5950] Removing unnecessary return value from MainContextMenuHandler.create method
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-673] Implementing unit test coverage for newly introduced logic
* [PM-5950] Fixing unawaited context menu promise
* [PM-673] Merging changes in from main and fixing merge conflicts
* [PM-673] Fixing issue where updates to the added login were not triggering correctly
* [PM-673] Merging changes in from main and fixing merge conflicts
* update collection service to use new state provider framework, remove stateservice from collection service, update collections state provider with migrate file and unit test
* Create MigrationRunner
- Create MigrationRunner Service for running migrations in StateService
- Create web override so that migrations also run against `localStorage`
* Fix Web StateService
* Fix WebMigrationRunner
* Fix CLI
* Fix ElectronStateService
* Update Comment
* More Common Scenarios
* Move libs/exporter into libs/tools/*
Migrating all files from libs/exporter over to libs/tools/export/vault-export/vault-export-core
Rename package to vault-export-core
Fix all file paths
* Update libs and tsconfig imports
* Fix client imports
* Fix eslint, jest and package-lock.json
* Update CODEOWNERS
* Add README.md to whitelist-capital-letters
* Fix vault-export-service tests not running
* Update libs/tools/export/vault-export/README.md
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
* Fix types imports
* Export types from vault-export-core
* Fixed content of README
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
* Begin migration of autofill settings
Co-authored-by: Cesar Gonzalez <cagonzalezcs@users.noreply.github.com>
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
Co-authored-by: Colton Hurst <coltonhurst@users.noreply.github.com>
* add browser dependency for AutofillSettingsService
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* update autofill settings service
* replace usages of stateService get/set autofillOnPageLoad with autofillSettingsService
* replace usages of stateService get/set autofillOnPageLoadDefault with autofillSettingsService
* replace usages of stateService get/set autoCopyTotp with autofillSettingsService
* replace usages of stateService get/set autoFillOnPageLoadCalloutIsDismissed with autofillSettingsService
* replace usages of stateService get/set activateAutoFillOnPageLoadFromPolicy with autofillSettingsService
* replace usages of get/set autoFillOverlayVisibility with autofillSettingsService
* inlineMenuVisibility should use global state
* add the AutofillSettingsService to background scripts
* fix typing
* replace additional usages of get/set autoFillOverlayVisibility and disableAutoTotpCopy with autofillSettingsService equivalents
* replace additional usages of get/set autofillOnPageLoadDefault with autofillSettingsService equivalent
* replace additional usages of get/set activateAutoFillOnPageLoadFromPolicy with autofillSettingsService equivalent
* remove additional deprecated and unused state service calls
* improve naming conventions and consistency
* fix missing mock for policy service test
* replace missing overlay background tests
* cleanup
* fix double inversion
* fix reference to wrong setter
* move handleActivateAutofillPolicy out of BrowserPolicyService
* create state migration script
* resolve linting issues
* remove migrated setting properties
* add AutofillSettingsSErvice to jslib-services
* handle conditional content script loading via autofillOnPageLoad check
* add deprecated note to getFromLocalStorage
* add jsdoc decorators to new autofill service methods
* handle undefined globalState
* move autofill settings out of BrowserPolicyService
* Move autofill settings code out of policyService
* fix tests
* fix typo in state definition
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Cesar Gonzalez <cagonzalezcs@users.noreply.github.com>
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Colton Hurst <coltonhurst@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* Wire up key definitions for OrganizationService
[`AC-2009`: Transition OrganizationService to use StateProvider](
https://bitwarden.atlassian.net/browse/AC-2009)
In order to support the new `StateProvider` APIs for managing
application state this commit modifies `OrganizationService` in the following
ways:
1. Adding a `KeyDefinition` object to `OrganizationService` to store the
`organization` record in `StateProvider`.
1. Injecting `StateProvider` and wiring up `OrganizationService` to read
from the `organizations` key definition for the active user account.
1. Expanding the capabilities of `OrganizationData` to be able to read
itself from a JSON string. Previously this was handled directly by
`StateService`.
1. Updating tests to include requirements for testing against
`StateProvider`.
1. Marking the existing `StateService`-backed `organizations`
`Observable` and `BehaviorSubject` as deprecated.
This is largely unimplemented code with no intended visible effects to
the system. Implementing getting & updating the `organizations` value
from `StateProvider` will the next step in this work.
* Rework null check on OrganizationData
* Remove deprecation signals for the time being
* Move key definition inline with its service
* Create date objects when deserialzing json from state
* added state definition and key definition
* created vault settings service
* created enable passkeys migrations
* created enable passkeys migrations
* renamed the state definition
* created vault settings service
* updated enable passkey key definition
* updated references with vault settings service
* renamed files to avoid conflict
* removed set and get enable passkeys from state service
* removed comment
* fixed comments
* added readonly keyword
* removed service registartion from service module
* removed readonly keyword from abstract class
* swicted to used optional chaining
* renamed files
* added disk-local argument for web
* [PM-5277] Introduce lastSync state via State Providers
* [PM-5277] Add migrator and tests
* [PM-5277] Use memory for web storage location
* [PM-5277] Remove lastSync methods from state service
* [PM-5277] Remove lastSync from AccountProfile
* [PM-5277] Use string instead of Date to fix serialization for chrome.storage API in Browser
* [PM-5277] Only set account if lastSync was deleted during migration
* [PM-5277] Fix spec file
* added state definitionand key definition for folder service
* added data migrations
* created folder to house key definitions
* deleted browser-folder-service and added state provider to the browser
* exposed decrypt function so it can be used by the key definition, updated folder service to use state provider
* removed memory since derived state is now used
* updated test cases
* updated test cases
* updated migrations after merge conflict fix
* added state provider to the folder service constructor
* renamed migration file
* updated comments
* updated comments
* removed service registartion from browser service module and removed unused set and get encrypted folders from state service
* renamed files
* added storage location overides and removed extra methods
* refactor login strategies into own service
* create login service factory
* replaces instances of authService with loginStrategyService
* replace more instances of authService
* move logout back to auth service
* add browser dependencies
* fix desktop dependencies
* fix cli dependencies
* fix lint and test files
* fix anonymous hub deps
* fix webauthn-login service deps
* add loginstrategyservice to bg
* move login strategy service and models to auth folder
* revert changes to tsconfig
* use alias for imports
* fix path
---------
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* Split export service into vault and org export service
* Changed CLI logic to use split export logic
* correct unit tests
* Created individual export service, export service making the calls for org and ind vault
* Improved code readability
* Merged PasswordProtectedExport with Export methods to simplify calls
* Some small refactor
* [AC-1492] Managed collections export (#7556)
* Added managed collections export method
Added logic to show orgs on export that the user can export from
* Merge branch 'tools/AC-1492/split-export-services' into tools/AC-1492/export-flexible-collections
# Conflicts:
# apps/web/src/app/admin-console/organizations/tools/vault-export/org-vault-export.component.ts
# apps/web/src/app/tools/vault-export/export.component.ts
* Change export to use new organization.flexiblecollection flag
* Little refactor changing parameter names and reduzing the size of export.component.ts ngOnInit
* Removed unused service from export constructor and removed unnecessary default value from org export service parameter
* Simplified organizations selection for vault export to only verify if it has flexiblecollections
* removed unecessary services from ExportComponent constructor on popup
* Fixed possible race condition on managed export
* PM-5242 - First working draft of copying out web CL implementation of user verification form and dialog components into standalone libs/auth components which could be used in any client.
* PM-5242 - Rename UserVerificationFormComponent to UserVerificationFormInputComponent b/c it doesn't actually have a form and is meant to slot into a form as an input.
* PM-5242 - Update libs/auth angular index to take renamed component into account
* PM-5242 - Clean up UserVerificationDialogComponent as have much cleaner design approach now (maintain existing func while simply adding new requirements for client side validation for passkeys)
* PM-5242 - UserVerificationFormInput component - WIP draft of new client and server split of user verification logic
* PM-5242 - UserVerificationFormInput - WIP - Lots of progress on client side verification layout - more to do
* PM-5242 - UserVerificationFormInputComponent - Add hasMultipleVerificationMethods property so we can only show alternate methods if user has them.
* PM-5242 - UserVerificationFormInputComponent - rename hasMultipleVerificationMethods to hasMultipleClientVerificationOptions
* PM-5242 - Add new user verification biometrics fingerprint icon with proper secondary fill so it displays properly on all themes.
* PM-5242 - Create enum for tracking client user verification states
* PM-5242 - UserVerificationFormInputComponent - WIP - (1) Got biometrics layout working except for error state (2) Emitting active client verification option and biometrics result to dialog (3) Properly identifying if biometrics is enabled in a platform agnostic way (4) Translations TODO
* PM-5242 - UserVerificationDialogComponent - (1) Wire up new inputs and outputs for UserVerificationFormInput (2) Don't show submit button when clientside biometrics verification active
* PM-5242 - UserVerificationFormInputComponent - wired up biometrics failure and retry handling + re-arranged comp properties to put inputs & outputs at the top
* PM-5242 - UserVerificationFormInput component - Add logic to prevent currently active client verification method from being shown an option
* PM-5242 - UserVerificationFormInput - adjust margins
* PM-5242 - User verification dialog and form input comps - replace Verification with VerificationWithSecret type where applicable
* PM-5242 - UserVerificationFormComp - Default to server for backwards compatibility and to avoid requiring the input at all
* PM-5242 - UserVerificationFormInputComp - (1) Rename processChanges to processSecretChanges (2) Short circuit processSecretChanges when biometrics is active (3) Add new function for determining type of verification that has a secret.
* PM-5242 - UserVerificationDialog - Support custom, optional callout in dialog body.
* PM-5242 - UserVerificationDialogComp - support custom confirm button text and type.
* PM-5242 - UserVerificationDialog - Add user verification dialog result type to allow for handling all possible verification scenarios
* PM-5242 - UserVerificationFormInputComp - tweak comment
* PM-5242 - UserVerificationFormInput comp html - add placeholder text for no client verifications found scenario
* PM-5242 - UserVerificationDialogComponent - (1) Add confirm & cancel to dialog result (2) Add cancel method vs using bitDialogClose for specificity (3) Adjust naming of output property to properly specify that it is scoped to client verification (4) Adjust layout of dialog html to handle when no client side verification methods are found.
* PM-5242 - UserVerificationFormInput - Clean up test code
* PM-5242 - UserVerificationFormInput - For server verification, we don't need to check if the user has a local master key hash as we will generate a hash to send to the server for comparison.
* PM-5242 - UserVerificationFormInput html - Remove now unnecessary dev warning as I've provided a default
* PM-5242 - UserVerification Dialog & Form Input - add translations on all clients for all visible text.
* PM-5242 - UserVerificationFormInput html - remove no active client verification handling from form input comp as it is instead emitted upwards to parent dialog component to be handled there.
* PM-5242 - UserVerificationDialogComp - (1) Make UserVerificationDialogResult.noAvailableClientVerificationMethods optional because it isn't needed in cancel flows (thanks Will) (2) Modify static open to intercept closed observable event in order to always return a UserVerificationDialogResult as BitDialog returns empty string when the user clicks the x
* PM-5242 - UserVerificationDialogComp - Simplify dialog param names to remove redundant dialog
* PM-5242 - UserVerificationDialogParams - update comments to match new names
* PM-5242 - UserVerificationDialog Storybook - WIP first draft
* PM-5242 - UserVerificationDialogStoryComponent - WIP - try out having imports the same as the standalone component
* PM-5242 - UserVerificationDialogStoryComponent - more WIP - building now - some stuff displaying
* PM-5242 - UserVerificationDialogStoryComponent - some progress on providers setup
* PM-5242 - Not going to use storybook for user verification dialog
* PM-5242 - UserVerificationDialogComp - move types into own file + add docs
* PM-5242 - Update auth index to export user-verification-dialog.types
* PM-5242 - UserVerificationFormInput & UserVerificationService - Extract out getAvailableVerificationOptions logic into service
* PM-5242 -UserVerificationDialogComponent - Update close logic to handle escape key undefined scenario
* PM-5242 - UserVerificationFormInput - add getInvalidSecretErrorMessage for properly determining invalid secret translation
* PM-5242 - UserVerificationDialogComp - Refactor submit logic to handle different return methodologies in existing MP and OTP user verification service code vs new PIN flow (e.g., throwing an error instead of returning false)
* PM-5242 - PinCryptoService - change error logs to warnings per discussion with Justin
* PM-5242 - UserVerificationFormInput - Biometrics flow on desktop - remove accidentally added period in couldNotCompleteBiometrics translation key.
* PM-5242 - UserVerificationFormInput HTML - Re-arrange order of other client verification options to match design
* PM-5242 - UserVerificationFormInputComponent - Reset inputs as untouched on change of client verification method.
* PM-5242 - UserVerificationDialogComponent - Remove TODO as existing secret change logic turns invalidSecret false when biometrics is swapped to.
* PM-5242 - UserVerificationFormInputComponent - getInvalidSecretErrorMessage - fix PIN error message not being returned.
* PM-5242 - UserVerificationDialogComponent - Add documentation and examples to open method.
* PM-5242 - UserVerificationDialogComponent - tweak open docs
* PM-5242 - Remove accidental period from translation keys on browser & web
* PM-5242 - UserVerificationFormInputComponent - OTP flow needed button module to work
* PM-5242 - UserVerificationDialogParams - Add docs explaining that noAvailableClientVerificationMethods is only for desktop & browser.
* PM-5242 - User-verification-form-input - Adjust layout to meet new design requirements - (1) On load, send OTP without user clicking a button (2) Allow resending of the codes (3) show a code sent message for 3 seconds
* PM-5242 - Browser User Verification - Instantiate PinCryptoService and UserVerification service AFTER instantiating vaultTimeoutSettingsService so that it isn't undefined at run time.
* PM-5242 - JslibServices Module - UserVerificationService - add missing PlatformUtilsServiceAbstraction dependency.
* PM-5242 - Desktop Native Messaging Service - Wrap biometric getUserKeyFromStorage call in try catch because it throws an error if the user cancels the biometrics prompt and doesn't send a response to the browser extension when using the biometrics unlock bridge to the desktop app and OS.
* PM-5242 - Browser Extension - NativeMessagingBackground - if the desktop biometricUnlock command is executed with a canceled (not adjusting misspelling to keep side effects at a min) response, don't bother continuing.
* PM-5242 - BrowserCryptoService - When retrieving the user key via desktop biometrics, return null for user key if the user fails or cancels the biometrics prompt. Otherwise, if there is a user key in memory after unlock, biometrics user verification will always just return the user key from state regardless of if the user has successfully passed the biometrics prompt or not.
* PM-5242 - BrowserCryptoService - extra comments
* PM-5242 - Clean up translations - (1) Remove unused defaultUserVerificationDialogConfirmBtnText (2) Refactor name of defaultUserVerificationDialogTitle to just be verificationRequired which matches existing naming conventions.
* PM-5242 - CLI - fix order of service instantiations to ensure that vaultTimeoutSettingsService isn't undefined for PinCryptoService and UserVerificationService
* PM-5242 - Rename UserVerificationDialogParams to UserVerificationDialogOptions to match existing naming conventions of other CL comps.
* PM-5242 - UserVerificationDialogComponent - dialogParams renamed to dialogOptions
* PM-5242 - UserVerificationService Abstraction - Per PR feedback, use keyof for verificationType
* PM-5242 - UserVerificationBiometricsIcon - Per PR feedback, use https://jakearchibald.github.io/svgomg/ to optimize SVG by 50%.
* PM-5242 - Per PR feedback, clarify UserVerificationDialogOptions.clientSideOnlyVerification comment.
* PM-5242 - UserVerificationTypes - Add comments clarifying all text passed to the UserVerificationDialog are translation keys
* PM-5242 - UserVerificationDialogComp - fix extra new line per PR feedback
* PM-5242 - UserVerificationDialogTypes - per PR feedback and discussion with Will M., export ButtonType from CL so we (and consumers of the dialog) can properly import it via standard CL import.
* PM-5242 - BrowserCryptoService - Adjust comments per PR feedback.
* PM-5242 - UserVerificationDialogComponent - make ActiveClientVerificationOption readonly as it only for component html
* PM-5242 - UserVerificationDialogComp html - finish comment
* PM-5242 - BrowserCryptoService - add returns js doc per PR feedback.
* PM-5242 - UserVerificationDialogComponent - per PR feedback, add unexpected error toast.
* PM-5242 - UserVerificationService - getAvailableVerificationOptions - update params to use keyof like abstraction
* PM-5242 - Mark all existing client specific implemetations of user verification as deprecated.
* [PM-5617] Re-Add Setting to Turn Off Default Browser Autofill
* [PM-5617] Re-Add Setting to Turn Off Default Browser Autofill
* [PM-5617] Removing the privacy optional permission from Firefox
* [PM-5617] Adding jest tests to validate the behavior within BrowserApi
* [PM-5617] Adjusting messaging based on feedback from design
* [PM-5617] Adjusting messaging based on feedback from design
* [PM-5617] Adjusting messaging based on feedback from design
* [PM-5617] Removing unnecessary configService dependency
* PM-4596 - PinCryptoService first draft
* PM-4596 - PinCryptoService - Refactor pinKeyEncryptedKey retrievals out into own method getPinKeyEncryptedKeys
* PM-4596 - npm ci + npm run prettier to fix lint issues
* PM-4596 - PinCryptoService - Add kdf types
* PM-4596 - PinCryptoService - Refactor pin validation into own helper method.
* PM-4596 - Rename pin-crypto.service.ts to pin-crypto.service.implementation.ts
* PM-4596 - PinCryptoService - add additional logging for error states.
* PM-4596 - JslibServicesModule - register new PinCryptoService and PinCryptoServiceAbstraction
* PM-4596 - PinCryptoService - modify decryptUserKeyWithPin signature to not require email to match MP verification process in user verification service.
* PM-4596 - Lock components - use new PinCryptoService.decryptUserKeyWithPin(...) to get user key + refactor base comp unlock with pin method to improve
* PM-4596 - Lock component - if too many invalid attempts, added toast explaining that we were logging the user out due to excess PIN entry attempts
* PM-4596 - UserVerificationService - (1) Refactor verifyUser(...) to use switch + separate methods for a cleaner parent method + better extensibility for PIN & biometrics which are TBD (2) Add PIN support to validateInput(...)
* PM-4596 - UserVerificationService - add PIN and biometrics functions to verifyUser(...)
* PM-4596 - PinCryptoService Spec - start test file - instantiates properly
* PM-4596 - PinCryptoService tests - WIP
* PM-4596 - PinCryptoService tests - WIP - got success cases working
* PM-4596 - pin-crypto.service.implementation.spec.ts renamed to pin-crypto.service.spec.ts
* PM-4596 - PinCryptoService.getPinKeyEncryptedKeys(...) - add comment + var name change for clarity
* PM-4596 - PinCryptoService tests - test invalid, null return scenarios
* PM-4596 - CLI - bw.ts - update UserVerificationService instantiation to include new pinCryptoService
* PM-4596 - PinCryptoService - import VaultTimeoutSettingsServiceAbstraction instead of implementation for factory creation to get browser building
* PM-4596 - (1) Create pinCryptoServiceFactory for browser background (2) Add it to the existing userVerificationServiceFactory
* PM-4596 - Browser - Main.background.ts - Add pinCryptoService and add to userVerificationService dependencies
* PM-4596 - UserVerificationService - per PR feedback simplify returns of verifyUserByPIN(...) and verifyUserByBiometrics(...)
* PM-4596 - Messages.json on desktop & browser - per PR feedback, adjust tooManyInvalidPinEntryAttemptsLoggingOut translation text to remove "you"
* PM-4596 - VerificationType enum - fix line copy mistake and give BIOMETRICS own, unique value.
* PM-4596 - VerificationType - rename BIOMETRICS to Biometrics to match existing MasterPassword value case.
* PM-4596 - Update verification type to consider whether or not a secret exists as we have added a new verification which doesn't have a type. Add new server and client side verification types. Update all relevant code to pass compilation checks.
* PM-4596 - More verification type tweaking
* PM-4596 - Verification - verificationHasSecret - tweak logic to be more dynamic and flexible for future verification types
* PM-4596 - UpdateTempPasswordComp - use new MasterPasswordVerification
* PM-4596 - Desktop - DeleteAcctComp - use VerificationWithSecret to solve compile error w/ accessing secret
* PM-4596 - Per discussions with Andreas & Will, move new Pin Crypto services into libs/auth + added @bitwarden/auth path to CLI tsconfig + added new, required index.ts files for exporting service abstractions & implementations
* PM-4596 - Fixed missed import fixes for lock components across clients for pin crypto service after moving into @bitwarden/auth
* PM-4596 - More PinCryptoService import fixes to get browser & desktop building
* PM-4596 - Update desktop lock comp tests to pass by providing new pin crypto service.
* PM-4596 - User verification service -update todo
* PM-4596 - PinCryptoService - per PR feedback, fix auto import wrong paths.
* PM-4596 - PinCryptoService tests - fix imports per PR feedback
* PM-4596 - UserVerificationSvc - rename method to validateSecretInput per PR feedback
* Fix imports
* PM-4596 - PinCryptoService - Refactor naming for clarity and move test cases into describes per PR feedback
* reorg libs/auth; expose only libs/auth/core to cli app
* PM-4596 - UserVerification - Resolve import issue with importing from libs/auth. Can't use @bitwarden/auth for whatever reason.
* PM-4596 - Fix desktop build by fixing import
* PM-4596 - Provide PinCryptoService to UserVerificationService
* PM-4596 - PinCryptoServiceFactory - you cannot import services from @bitwarden/auth in the background b/c it brings along the libs/auth/components and introduces angular into the background context which doesn't have access to angular which causes random test failures. So, we must separate out the core services just like the CLI to only bring along the angular agnostic services from core.
* PM-4596 - Refactor libs/auth to have angular / common + update all imports per discussion with Matt & Will. Introduced circular dep between PinCryptoService + VaultTimeoutSettingsService + UserVerificationService
* PM-4596 - VaultTimeoutSettingsService - Refactor UserVerificationService out of the service and update all service instantiations and tests. The use of the UserVerificationService.hasMasterPassword method no longer needs to be used for backwards compatibility. This resolves the circular dependency between the PinCryptoService, the UserVerificationService, and the VaultTimeoutSettingsService. We will likely refactor the hasMasterPassword method out of the UserVerificationService in the future.
* PM-4596 - Update CL tsconfig.libs.json to add new auth/common and auth/angular paths for jslib-services.module imports of pin crypto service to work and for test code coverage to run successfully.
* PM-4596 - Address PR feedback
* PM-4596 - Update root tsconfig (only used by storybook) to add new libs/auth paths to fix chromatic build pipeline.
* PM-4596 - Actually update tsconfig with proper routes to fix storybook
* PM-4596 - UserVerificationService - verifyUserByBiometrics - add error handling logic to convert failed or cancelled biometrics verification to a usable boolean
* PM-4596 - Add missing await
* PM-4596 - (1) Add log service and log to user verification service biometric flow to ensure errors are at least revealed to the console (2) Fix factory missing PinCryptoServiceInitOptions
* PM-4596 - Use the correct log service abstraction
* PM-4596 - Remove unused types per PR review
---------
Co-authored-by: William Martin <contact@willmartian.com>
* Migrate ever had user key
* Add DI for state providers
* Add state for everHadUserKey
* Use ever had user key migrator
Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <LRNcardozoWDF@users.noreply.github.com>
Co-authored-by: Jason Ng <Jcory.ng@gmail.com>
* Fix test from merge
* Prefer stored observables to getters
getters create a new observable every time they're called, whereas one set in the constructor is created only once.
* Fix another merge issue
* Fix cli background build
---------
Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <LRNcardozoWDF@users.noreply.github.com>
Co-authored-by: Jason Ng <Jcory.ng@gmail.com>
* [PM-5439] TOTP to Clipboard Does not Work with Autofill Overlay
* [PM-5439] Adding jest tests to validate totp copy action when filling using the overlay
Justin Baur
Jonathan Prusik
Jake Fink
Matt Gibson
Thomas Rittson
Cesar Gonzalez
Addison Beck
Todd Martin
SmithThe4th
Jason Ng
Daniel James Smith
Addison Beck
Shane Melton
Will Martin
aj-rosado
Jared Snider
Rui Tomé