1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-25 12:15:18 +01:00
Commit Graph

344 Commits

Author SHA1 Message Date
Daniel James Smith
255a7381b3
[PM-3609] [Tech-Debt] Add types to password and username generator (#6090)
* Create and use GeneratorOptions

Selection between `password`and `username`

* Use PasswordGeneratorOptions

* Declare and use UsernameGeneratorOptions
2023-09-05 19:48:34 +00:00
Todd Martin
182d5bf5ac
[PM-3758] Handle user decryption options from pre-TDE server response (#6180)
* Mapped pre-TDE server response to UserDecryptionOptions.

* Updated logic on SsoLoginStrategy to match account.

* Linting.

* Adjusted tests.

* Fixed tests.
2023-09-04 22:07:14 -04:00
rr-bw
8669f81c1b
Make WebAuthn a Free Method (#6079)
* remove webauthn premium badge

* update premium two-stop options text for web clients
2023-08-31 11:25:17 -07:00
aj-rosado
066056bd45
[PM-3226] Adding session to ReferenceEventRequest (#6114)
* Adding session to ReferenceEventRequest

* Added comment to regex
2023-08-30 21:27:26 +01:00
Matt Gibson
3340af8084
PM-3585 Improve state migrations (#5009)
* WIP: safer state migrations

Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>

* Add min version check and remove old migrations

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Add rollback and version checking

* Add state version move migration

* Expand tests and improve typing for Migrations

* Remove StateMigration Service

* Rewrite version 5 and 6 migrations

* Add all but initial migration to supported migrations

* Handle stateVersion location in migrator update versions

* Move to unique migrations directory

* Disallow imports outside of state-migrations

* Lint and test fixes

* Do not run migrations if we cannot determine state

* Fix desktop background StateService build

* Document Migration builder class

* Add debug logging to migrations

* Comment on migrator overrides

* Use specific property names

* `npm run prettier` 🤖

* Insert new migration

* Set stateVersion when creating new globals object

* PR comments

* Fix migrate imports

* Move migration building into `migrate` function

* Export current version from migration definitions

* Move file version concerns to migrator

* Update migrate spec to reflect new version requirements

* Fix import paths

* Prefer unique state data

* Remove unnecessary async

* Prefer to not use `any`

---------

Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2023-08-30 17:57:20 +00:00
Todd Martin
e215828e85
[PM-3533] Support onboarding Key Connector users with existing master passwords (#6082)
* Added checks for new KeyConnector URL in all references to the legacy one.

* Updated KeyConnector logoutCallback to be a Promise

* Removed extra dependencies from KeyConnectorService

* Made the logout callback async.

* Adjusted logic to handle having a master password.

* Updated not to return error if master key is not found.

* Undid change to callback to reduce scope of this change.

* Cleaned up functions.

* Updated tests.

* Updated comments.

* Updated comments.

* Updated to use getKeyConnectorUrl helper.
2023-08-24 21:30:52 -04:00
Rui Tomé
2d768dd473
[AC-1552] Fixed issue where Organization members with "Manage groups" permissions can view the Vault tab (#6047) 2023-08-24 12:35:11 +01:00
Todd Martin
5665576147
Trusted Device Encryption feature (#5950)
* PM-1049 - Create first display draft of login-decryption-options base and web components (no data loading or user actions wired up yet; WIP)

* PM-1049 - Update DeviceResponse to match latest properties on backend

* PM-1049 - Add getDevices call to retrieve all user devices to API service

* PM-1049 - WIP on figuring out login decryption options component requirements

* PM-1049 - Add empty login decryption options to desktop

* PM-1049 - Desktop - Update "Log in initiated" translation to be "Login Initiated" per figma and product request

* PM-1049 - Desktop - login decryption options component html done

* PM-1049 - Move login-decryption-options in web into own folder

* PM-1049 - Browser - created html for login-decryption-options component

* PM-1049 - Move newly created getDevices() method out of api.service into proper place in new devices-api.service.

* PM-1049 -Comment cleanup and TODO added

* PM-1049 - Comment cleanup and dependency cleanup across all login-decryption-options comps

* PM-1049 - WIP of building out needed response and regular models for saving new UserDecryptionOptions on the Account in state.

* PM-1049 - Update all User Decryption Options response and state models in light of the back end changes from a list to an object.  Web building now with decryption options stored on state under the account successfully. Must now build out state service methods for retrieving / setting account decryption options for use elsewhere.

* PM-1049 - State Service - setup setters / getters for UserDecryptionOptions off the account

* PM-1049 - StateService - replace User with Acct for decryption options

* PM-1049 - Create domain models vs using response models as response models have a response property w/ the full response nested underneath which we don't need to persist for the user decryption options stored on the account.

* PM-1049 - AcctDecryptionOptions now persist across page refreshes of the login-initiated page to act similarly to refreshes on the lock screen. Accomplished via persisting AcctDecryptionOptions in local storage -- still cleared on logout.

* PM-1049 - IdTokenResponse - only userDecryptionOptions if they exist on the response from the server; I saw a few instances where it did not. Wasn't able to replicate consistently, but I put this check here to be safe.

* PM-1049 - Login Initiated route can only be accessed if user is AuthN w/ locked vault + TDE feature flag is on.

* PM-1049 - LoginDecryptionOptions - (1) Wire up loading logic (2) Retrieve User Acct Decryption options to determine whether or not to show request admin approval btn and approve w/ MP (3) Write up future logic for requestAdminApproval (4) approveWithMasterPassword takes you to the lock screen to login.

* PM-1049 - Apply same guards as in web to login-decryption-options in desktop & browser.

* PM-1049 - (1) Updated dependencies in parent BaseLoginDecryptionOptionsComponent class + child components (2) Retrieve userEmail b/c needed for displaying which email the user is logging in with (3) Add log out functionality (4) Add comments regarding future implementation details for each login approval flow.

* PM-1049 - Web/Browser/Desktop LoginDecryptionOptions - (1) Wire up approval buttons (2) Add conditional margins (3) Loading spinner added (4) Display userEmail + "not you" logout link

* PM-1049 - Add TODOs for future changes needed as part of the Login Approval flows  for TDE

* PM-1049 - TODO: replace base component with business service

* add new storage to replace MasterKey with UserSymKey

* add storage for master key encrypted user symmetric key

* Begin refactor of crypto service to support new key structure

* remove provided key from getKeyForUserEncryption

* add decryption with MasterKey method to crypto service

* update makeKeyPair on crypto service to be generic

* add type to parameter of setUserKey in abstraction of crypto service

* add setUserSymKeyMasterKey so we can set the encrypted user sym key from server

* update cli with new crypto service methods
- decrypt user sym key and set when unlocking

* separate the user key in memory from user keys in storage

* add new memory concept to crypto service calls in cli

* update auth service to use new crypto service

* update register component in lib to use new crypto service

* update register component again with more crypto service

* update sync service to use new crypto service methods

* update send service to use new crypto service methods

* update folder service to use new crypto service methods

* update cipher service to use new crypto service

* update password generation service to use new crypto service

* update vault timeout service with new crypto service

* update collection service to use new crypto service

* update emergency access components to use new crypto service methods

* migrate login strategies to new key model
- decrypt and set user symmetric key if Master Key is available
- rename keys where applicable
- update unit tests

* migrate pin to use user's symmetric key instead of master key
- set up new state
- migrate on lock component
- use new crypto service methods

* update pin key when the user symmetric key is set
- always set the protected pin so we can recreate pin key from user symmetric key
- stop using EncryptionPair in account
- use EncString for both pin key storage
- update migration from old strategy on lock component

* set user symmetric key on lock component
- add missed key suffix types to crypto service methods

* migrate auto key
- add helper to internal crypto service method to migrate

* remove additional keys in state service clean

* clean up the old pin keys in more flows
- in the case that the app is updated while logged in and the user changes their pin, this will clear the old pin keys

* finish migrate auto key if needed
- migrate whenever retrieved from storage
- add back the user symmetric key toggle

* migrate biometrics key
- migrate only on retrieval

* fix crypto calls for key connector and vault timeout settings

* update change password components with new crypto service

* update assortment of leftover old crypto service calls

* update device-crypto service with new crypto service

* remove old EncKey methods from crypto service

* remove clearEncKey from crypto service

* move crypto service jsdoc to abstraction

* add org key type and new method to build a data enc key for orgs

* fix typing of bulk confirm component

* fix EncString serialization issues & various fixes

Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>

* update account model with new keys serialization

* migrate native messaging for biometrics to use new key model
- support backwards compatibility
- update safari web extension to send user key
- add error handling

* add early exit to native messaging flow for errors

* improve error strings in crypto service

* disable disk cache for browser due to bg script/popup race conditions

* clear bio key when pin is migrated as bio is refreshed

* share disk cache to fix syncing issues between contexts

* check for ephemeral pin before process reload

* remove state no longer needed and add JSDOC

* fix linter

* add new types to tests

* remove cryptoMasterKeyB64 from account

* fix tests imports

* use master key for device approvals still

* cleanup old TODOs, add missing crypto service parameters

* fix cli crypto service calls

* share disk cache between contexts on browser

* Revert "share disk cache between contexts on browser"

This reverts commit 56a590c491.

* use user sym key for account changing unlock verification

* add tests to crypto service

* rename 'user symmetric key' with 'user key'

* remove userId from browser crypto service

* updated EncKey to UserKey where applicable

* jsdoc deprecate account properties

* use encrypt service in crypto service

* use encrypt service in crypto service

* require key in validateUserKey

* check storage for user key if missing in memory

* change isPinLockSet to union type

* move biometric check to electron crypto service

* add secondary fallback name for bio key for safari

* migrate master key if found

* pass key to encrypt service

* rename pinLock to pinEnabled

* use org key or user key for encrypting attachments

* refactor makeShareKey to be more clear its for orgs

* rename retrieveUserKeyFromStorage

* clear deprecated keys when setting new user key

* fix cipher service test

* options is nullable while setting user key

* more crypto service refactors
- check for auto key when getting user key
- consolidate getUserKeyFromMemory and FromStorage methods
- move bio key references out of base crypto service
- update either pin key when setting user key instead of lock component
- group deprecated methods
- rename key legacy method

* Feature/PM-1049 - TDEFflow 3 login decryption options - PR feedback changes (#5642)

* PM-1049 - PR Feedback change - Browser - replace incorrect use of routerlink with manual attribute styling to keep anchor styling + tab focus while not having a router action race condition for the log out action to complete.

* PM-1049 - PR Feedback - State Service changes - rename get/setAcctDecryptionOptions to  get/setAccountDecryptionOptions

* PM-1049 - PR Feedback changes - LoginDecryptionOptionsComp - Remove unncessary appA11yTitle directives as title / aria text would be identical to the displayed inner button text.

* DeviceType - Create sets of device types which other components can reference to avoid having to manually define groups of device types.

* PM-1049 - PR Feedback Changes - Update base-login-decryption-options component to leverage async piped observables per best practices. Updated all client templates to leverage new data streams.

* PM-1049 - BaseLoginDecryptionOptionsComp - Add validation service for generic error handling

* PM-1049 - DeviceResponse mistakenly had name as a number instead of a string

* PM-1049 - First draft of creating observable based data store service for Devices so that the base login comp can leverage it instead of calling the devices API service directly (as it will be moved into the SDK in the future).

* PM-1049 - Register new DevicesService on jslib-services module for use in components.

* PM-1049 - Add new hasDevicesOfTypes call to devices data store svc + devices API service.

* PM-1049 - BaseLoginDecryptionOptionsComp - wire up call to devicesService.hasDevicesOfTypes to replace getDevices() to avoid bringing down all trusted device information unnecessarily.

* PM-1049 - LoginDecryptionOptionsComp - Web HTML - clean up loading state so it displays spinner centered properly.

* PM-1049 - LoginDecryptionOptionsComp - Desktop HTML - Don't show login initiated title while page is loading to match other clients behavior.

* PM-1049 - Devices Services - Update naming of hasDevicesOfTypes to match new name on back end + route change to getDevicesExistenseByTypes

* PM-1049 - Device Response & View models - remove keys which are going to be deprecated on the base model

* PM-1049 - DevicesService - devicesBSubject --> devicesSubject rename per PR feedback

* PM-1049 - Devices Services - correct spelling of existence (*facepalm*)

* PM-1049 - Update comment for clarity per PR feedback

* PM-1049 - DevicesSvc - UserSymKey --> UserKey rename

* PM-1049 - BaseLoginDecryptionOptions - replace user email source - get from stateService vs tokenService.

* PM-1049 - BaseLoginDecryptionOptions - Remove uncessary check for userEmail as we will always have it here otherwise everything in the app is broken.

* PM-1049 - BaseLoginDecryptionOptions - Finish cleaning up removal of user email from showReqAdminApprovalBtn$ stream

* PM-1049 - LoginDecryptionOptionsComp - HTML revisions in web & browser to better space out buttons using tailwind or top margin to avoid need for multiple async pipes and shareReplay.

* PM-1049 - DevicesService - of course all observables should have $ suffix. Facepalm.

* PM-1049 - BaseLoginDecryptionOptionsComp - Update verbiage and style of destroy observable used for hooking into ngOnDestroy lifecycle to clean up all observables

* PM-1049 - BaseLoginDecryptionOptions - PR feedback changes - refactor user email to have an underlying bSubject stream to ensure subscription/promise execution separately from the template async pipe subscribing to the stream.

* PM-1049 - DevicesApiService - getDevicesExistenceByTypes - PR feedback - explicitly convert result to boolean instead of casting.

* PM-1049 - BaseLoginDecryptionOptionsComp - Add ShareReplay for getAccountDecryptionOptions + context per PR feedback

* PM-1049 - LoginDecryptionOptionsComp - Completely back away from template async pipe reactive approach as it caused massively increased complexity for little gain. Instead, just focus on reactively pulling asynchronously retrieved data and setting page loading state simply. This just works and is so much less overhead. + Add comments re flows of the component to be done later

* PM-1049- Revert DevicesService implementation from smart data store cache service giant mess into simple, clean data passthrough service to avoid complexity and keep moving forward. YAGNI

Co-authored-by: Andreas Coroiu <andreas@andreascoroiu.com>

* PM-1049 -  DeviceCryptoService - Add decryptUserKey method (WIP)

* PM-1049 - AccountDecryptionOptions - add get helpers for checking for trusted device / key connector decryption option existence.

* PM-1049 - SSO Login Strategy - added comments in setUserKey method for where we will probably be consuming device keys and determining if the device is trusted or not (i.e., if we can get a decrypted user sym key in memory)

* PM-1049 - DeviceCryptoSvc.decryptUserKey - Update method to properly use state service device key retrieval + add TODO to figure out what to do if user has previously had a device key and has cleared their local cache (which will result in the device being untrusted now)

* PM-1049 - SSO Login Strategy - add comment re future passkey login strategy support

* PM-2759 - SSO & 2FA components updated with v0 of navigation logic to send users to LoginDecryptionOptions

* PM-1049 - Account > AccountDecryptionOptions - can't create getter helper methods for determining if user has decryption options b/c of issues w/ account deserialization. Moving past b/c I can just easily check if the given options are not undefined.

* PM-2759 - Add TODOs for deprecation of id token response resetMasterPassword logic and replacement with use of accountDecryptionOptions

---------

Co-authored-by: Andreas Coroiu <andreas@andreascoroiu.com>

* revert sharing disk cache between contexts

* fix tests

* add better tests to crypto service

* add hack to get around duplicate instances of disk cache on browser

* prevent duplicate cache deletes in browser

* fix browser state service tests

* Feature/PM-1212 - TDE - Approve with master password flow (#5706)

* PM-1212 - StateSvc - Add getUserDeviceTrustChoice && setUserDeviceTrustChoice to persist user's choice in local storage in case of refresh on login approval screens (ex: lock)

* PM-1212 - DeviceCryptoSvc - Add getUserDeviceTrustChoice && setUserDeviceTrustChoice as state service is lower level service for caching

* PM-1212 - LoginDecryptionOptionsComp - Save result of rememberEmail checkbox into local storage via deviceCryptoService.setUserDeviceTrustChoice

* PM-1212 - Lock component - after user key is set, check if user chose to establish trust, and if they did, then establish trust and reset choice.

* PM-1212 - Update naming of methods per discussion with Jake + add comment explaining intended single use retrieval and need for resetting the value.

* DeviceCryptoService - Refactor - decryptUserKey --> decryptUserKeyWithDeviceKey to match crypto service refactor naming convention

* PM-1212 - Refactor State Service per PR feedback to store trustDeviceChoiceForDecryption on Account.settings b/c the temp setting is scoped to a user.

* PM-2759 - SSO & 2FA Navigation to TDE Comp - Needs more work - Found scenarios on web with 2FA in which the expected navigation doesn't work. Adding TODO to assist in fixing

* (1) Add Trust to DeviceCryptoService name
(2) Move DeviceTrustCryptoService under auth folder

* PM-1212 - Add tests for new getUserTrustDeviceChoiceForDecryption and setUserTrustDeviceChoiceForDecryption methods + TODOs for future tests.

* PM-1212- Renaming / moving DeviceTrustCryptoService broke all the things - fixed all the client builds.

* PM-1212- Copy doc comment to abstraction per PR feedback

* PM-1212 - BaseLoginDecryptionOptions comp - remove unncessary cast to form control as apparently reactive forms now properly derives types.

* [PM-1203] Replace MP confirmation with verification code (#5656)

* [PM-1203] feat: ask for OTP if user does not have MP

* [PM-1203] feat: add backwards compatibility for accounts/servers without decryption options

* [PM-1203] feat: move hasMasterPassword to user-verification.service

* [PM-1203] fix: remove duplicate implementation from crypto service

* [PM-1203] fix: cli build

* Tweak device trust crypto service implementation to match mobile late… (#5744)

* Tweak device trust crypto service implementation to match mobile latest which results in more single responsibility methods

* Update tests to match device trust crypto service implementation changes

* update comment about state service

* update pinLockType states and add jsdocs

* add missed pinLockType changes

* [PM-1033] Org invite user creation flow 1 (#5611)

* [PM-1033] feat: basic redirection to login initiated

* [PM-1033] feat: add ui for TDE enrollment

* [PM-1033] feat: implement auto-enroll

* [PM-1033] chore: add todo

* [PM-1033] feat: add support in browser

* [PM-1033] feat: add support for desktop

* [PM-1033] feat: improve key check hack to allow regular accounts

* [PM-1033] feat: init asymmetric account keys

* [PM-1033] chore: temporary fix bug from merge

* [PM-1033] feat: properly check if user can go ahead an auto-enroll

* [PM-1033] feat: simplify approval required

* [PM-1033] feat: rewrite using discrete states

* [PM-1033] fix: clean-up and fix merge artifacts

* [PM-1033] chore: clean up empty ng-container

* [PM-1033] fix: new user identification logic

* [PM-1033] feat: optimize data fetching

* [PM-1033] feat: split user creating and reset enrollment

* [PM-1033] fix: add missing loading false statement

* [PM-1033] fix: navigation logic in sso component

* [PM-1033] fix: add missing query param

* [PM-1033] chore: rename to `ExistingUserUntrustedDevice`

* PM-1033 - fix component templates to reference `ExistingUserUntrustedDevice` so clients can build

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>

* remove extra partial key

* set master key on lock component

* rename key hash to password hash on crypto service

* fix cli

* rename enc user key setter in crypto service

* Adds Events & Human Readable Messages (#5746)

* [PM-1202] Hide the Master Password tab on Settings / Security (#5649)

* [PM-1203] feat: ask for OTP if user does not have MP

* [PM-1203] feat: get master password status from decryption options

* [PM-1203] feat: add backwards compatibility for accounts/servers without decryption options

* [PM-1203] feat: move hasMasterPassword to user-verification.service

* fix merge issues

* Change getUserTrustDeviceChoiceForDecryption / setUserTrustDeviceChoiceForDecryption to getShouldTrustDevice / setShouldTrustDevice (#5795)

* Auth/[PM-1260] - Existing User - Login with Trusted Device (Flow 2) (#5775)

* PM-1378 - Refactor - StateSvc.getDeviceKey() must actually convert JSON obj into instance of SymmetricCryptoKey

* TODO: BaseLoginDecryptionOptionsComponent - verify new user check doesn't improperly pick up key connector users

* PM-1260 - Add new encrypted keys to TrustedDeviceUserDecryptionOptionResponse

* PM-1260 - DeviceTrustCryptoSvc - decryptUserKeyWithDeviceKey: (1) update method to optionally accept deviceKey (2) Return null user key when no device key exists (3) decryption of user key now works in the happy path

* PM-1260 - LoginStrategy - SaveAcctInfo - Must persist device key on new account entity created from IdTokenResponse for TDE to work

* PM-1260 - SSO Login Strategy - setUserKey refactor - (1) Refactor existing logic into trySetUserKeyForKeyConnector + setUserKeyMasterKey call and (2) new trySetUserKeyWithDeviceKey method for TDE

* PM-1260 - Refactor DeviceTrustCryptoService.decryptUserKeyWithDeviceKey(...) - Add try catch around decryption attempts which removes device key (and trust) on decryption failure + warn.

* PM-1260 - Account - Add deviceKey to fromJSON

* TODO: add device key tests to account keys

* TODO: figure out state service issues with getDeviceKey or if they are an issue w/ the account deserialization as a whole

* PM-1260 - Add test suite for decryptUserKeyWithDeviceKey

* PM-1260 - Add interfaces for server responses for UserDecryptionOptions to make testing easier without having to use the dreaded any type.

* PM-1260 - SSOLoginStrategy - SetUserKey - Add check looking for key connector url on user decryption options + comment about future deprecation of tokenResponse.keyConnectorUrl

* PM-1260 - SSO Login Strategy Spec file - Add test suite for TDE set user key logic

* PM-1260 - BaseLoginStrategy - add test to verify device key persists on login

* PM-1260 - StateService - verified that settings persist properly post SSO and it's just device keys we must manually instantiate into SymmetricCryptoKeys

* PM-1260 - Remove comment about being unable to feature flag auth service / login strategy code due to circ deps as we don't need to worry about it b/c of the way we've written the new logic to be additive.

* PM-1260 - DevicesApiServiceImplementation - Update constructor to properly use abstraction for API service

* PM-1260 - Browser - AuthService - (1) Add new, required service factories for auth svc and (2) Update auth svc creation in main.background with new deps

* PM-1260 - CLI - Update AuthSvc deps

* PM-1260 - Address PR feedback to add clarity / match conventions

* PM-1260 - Resolving more minor PR feedback

* PM-1260 - DeviceTrustCryptoService - remove debug warn

* PM-1378 - DeviceTrustCryptoSvc - TrustDevice - Fix bug where we only partially encrypted the user key with the device public key b/c I incorrectly passed userKey.encKey (32 bytes) instead of userKey.key (64 bytes) to the rsaEncrypt function which lead to an encryption type mismatch when decrypting the user's private key with the 32 byte decrypted user key obtained after TDE login.  (Updated happy path test to prevent this from happening again)

* PM-1260 - AccountKeys tests - add tests for deviceKey persistence and deserialization

* PM-1260 - DeviceTrustCryptoSvc Test - tweak verbiage per feedback

* PM-1260 - DeviceTrustCryptoSvc - Test verbiage tweak part 2

* Update apps/browser/src/background/service-factories/devices-api-service.factory.ts

per PR feedback

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* Defect - LockComp - After setting user key, must AWAIT retrieval of user's previous choice to have trusted the device or not. (#5804)

* [PM-2928] [PM-2929] [PM-2930] Fixes for: [PM-1203] Replace MP confirmation with verification code (#5798)

* [PM-2928] feat: hide change email if user doen't have MP

* [PM-2929] feat: hide KDF settings if user doesn't have MP

* [PM-2930] feat: remove MP copy

* Removed self-hosted check from TDE SSO config. (#5837)

* [PM-2998] Move Approving Device Check (#5822)

* Switch to retrieving approving device from token response

- Remove exist-by-types API call
- Define `HasApprovingDevices` on TDE options

* Update Naming

* Update Test

* Update Missing Names

* [PM-2908] feat: show account created toast (#5810)

* fix bug where we weren't passing MP on Restart to migrate method in lock

* fix: buffer null error (#5856)

* Auth/[pm-2759] - TDE - SSO and 2FA routing logic (#5829)

* PM-2759 - SsoComp - (1) Temp remove all TDE routing logic (2) Refactor existing navigation logic via new component utility function navigateViaCallbackOrRoute

* PM-2759 - SSO Component - Create test suite for logIn logic

* PM-2759 - SsoComp Tests - add disclaimer regarding testing private methods and props

* PM-1259 - SSO Comp - Refactor LogIn method to use functions for each navigation case for improved readability

* PM-1259 - SSO Comp Tests - Add tests for error case during login + test for new handleLoginError logic

* PM-2759 - SsoComp - Deprecate resetMasterPassword and replace with AccountDecryptionOptions logic + update tests

* PM-2759 - SsoComp + tests - Add trusted device encryption first draft handling which has login success and force password reset handling

* PM-2759 - Minor SsoComp comment and method name tweaks

* PM-2759 - BaseTwoFactorComp - (1) Comment out TDE stuff for now (2) Add test suite (3) Replace global window in base comp constructor with angular injection token for window which follows best practices and allows for mocking so the comp can be unit tested

* PM-2759 - Update child 2FA components to use angular injection token for window like base comp

* PM-2759 - TwoFactorComp - Finish testing all logic in doSubmit

* PM-2759 - TwoFactorComponent - Refactor DoSubmit method logic into multiple simple functions to make logic easier to follow

* PM-2759 - Add newtrustedDeviceOption.hasManageResetPasswordPermission property to match server changes

* PM-2759 - Flag AuthResult.resetMasterPassword property as deprecated

* PM-2759 - SSO comp - TDE routing logic - User without MP and ResetPassword permission must set a MP

* PM-2759 - Update Sso Comp tests to reflect additionally added TDE > MP set required logic (when user has no MP but they can reset other user passwords)

* PM-2759 - SsoComp - Add comment explaining the happy paths better for TDE success navigation

* PM-2759 - SsoComp - Refactor isTrustedDeviceEncEnabled logic into own method

* PM-2759 - SsoComp - As the 2FA comp passes the org id through to each route, going to standardize on doing so across the board for now to avoid any tricky scenarios down the line where it is needed and it's not present

* PM-2759 - SsoComp - Finish renaming orgIdFromState to orgIdentifier

* PM-2759 - SsoComp - update tests for forcePasswordReset flows now passing orgIdentifier as query param

* PM-2759 - SsoComp Tests - Export mockAcctDecryptionOpts permutations so we can share them across SsoComp and TwoFactorComp tests

* PM-2759 - Refactor 2FA comp post login redirect logic to match SSO component + add TDE logic

* PM-2759 - SsoComp - Refactor tests a bit for improved re-use

* PM-2759 - Sso Comp tests - can't export consts from a spec file or the other spec files that import them will re-execute the whole test suite as a nested test suite. TIL.

* PM-2759 - TwoFactorComp tests - All existing navigation scenarios + new TDE scenarios should now be tested.

* PM-2759 - Web - 2FA comp - Fix build error b/c of renamed base comp prop (identifier --> orgIdentifier)

* PM-2759 - Fix SsoLogin strategy tests b/c they were broken w/ the addition of the HasManageResetPasswordPermission prop to the TrustedDeviceOption interface

* PM-2759 - Web TwoFactorComp - goAfterLogIn method must be an arrow function to inherit the parent base component scope so that important things like angular services can be defined. Web 2FA flow does not work without this being an arrow func.

* PM-2759 - Fix typo

* PM-2759 - SsoComp and TwoFactorComp tests -  move service and other mocks into the top level before each to better ensure no crossover between test states per PR feedback

* PM-2759 - SsoComp - add clarity by refactoring unclear comment

* PM-2759 - SsoComp - Per excellent PR feedback, refactor if else statements to  guard statements for better readability / design

* PM-2759 - TwoFactorComp - Replace ifs with guard statements

* PM-2759 - TwoFactorComp - add clarity to comment per PR feedback

* PM-2759 - Replace use of jest.Mocked with MockProxy per PR feedback

* PM-2759 - Use unknown over any per PR feedback

* Bypass Master Password Reprompt if a user does not have a MP set (#5600)

* Add a check for a master password in PasswordRepromptService.enabled()

* Add tests for enabled()

* Update state service method call

* Use UserVerificationService to determine if a user has a master password

* rename password hash to master key hash

* fix cli build from key hash renaming

* [PM-1339] Allow Rotating Device Keys (#5806)

* Merge remote-tracking branch 'origin/feature/trusted-device-encryption' into Auth/pm-1339/rotate-device-keys

* Implement Rotation of Current Device Keys

- Detects if you are on a trusted device
- Will rotate your keys of only this device
- Allows you to still log in through SSO and decrypt your vault because the device is still trusted

* Address PR Feedback

* Move Files to Auth Ownership

* fix: getOrgKeys returning null

* [PM-3143] Trusted device encryption: Refactor reset enroll service (#5869)

* create new reset enrollment service

* refactor: login decryption options according to TODO

* feat: add tests

* PM-3143 - Add override to overriden methods

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>

* generate a master key from master password if needed (#5870)

* [PM-3120] fix: device key not being saved properly (#5882)

* Auth/pm 1050/pm 1051/remaining tde approval flows (#5864)

* fix: remove `Unauth guard` from `/login-with-device`

* [PM-3101] Fix autofill items not working for users without a master password (#5885)

* Add service factories for user verification services

* Update autofill service to check for existence of master password for autofill

* Update the context menu to check for existence of master password for autofill

* context menu test fixes

* [PM-3210] fix: use back navigation (#5907)

* Removed buttons (#5935)

* PM-2759 - Fix broken backwards compatibility for authResult.resetMast… (#5940)

* PM-2759 - Fix broken backwards compatibility for authResult.resetMasterPassword

* PM-2759 - Update TODO with specific tech debt task + target release date

* TDE - State Svc - setDeviceKey should support setting null for future support of clearing device key. (#5942)

* Check if a user has a mp before showing kdf warning (#5929)

* [PM-1200] Unlock settings changes for accounts without master password - clients (#5894)

* [PM-1200] chore: add comment for jake

* [PM-1200] chore: rename to `vault-timeout`

* [PM-1200] feat: initial version of `getAvailableVaultTimeoutActions`

* [PM-1200] feat: implement `getAvailableVaultTimeoutActions`

* [PM-1200] feat: change helper text if only logout is available

* [PM-1200] feat: only show available timeout actions

* [PM-1200] fix: add new service factories and dependencies

* [PM-1200] fix: order of dependencies

`UserVerificationService` is needed by `VaultTimeoutSettingsService`

* [PM-1200] feat: add helper text if no lock method added

* [PM-1200] refactor: simplify prev/new values when changing timeout and action

* [PM-1200] feat: fetch timeout action from new observable

* [PM-1200] refactor: make `getAvailableVaultTimeoutActions` private

* [PM-1200] feat: add test cases for `vaultTimeoutAction$`

* [PM-1200] feat: implement new timeout action logic

* [PM-1200] feat: add dynamic lock options to browser

* [PM-1200] feat: enable/disable action select

* [PM-1200] feat: add support for biometrics

* [PM-1200] feat: add helper text and disable unavailable options

* [PM-1200] feat: update action on unlock method changes

* [PM-1200] feat: update browser to use async pipe

* [PM-1200] fix: element not updating

* [PM-1200] feat: hide masterPassOnRestart pin option

* [PM-1200] feat: hide change master password from browser settins

* [PM-1200] feat: hide change master password from app menu

* [PM-1200] feat: logout if lock is not supported

* [PM-1200] feat: auto logout from lock screen if unlocking is not supported

* [PM-1200] feat: remove lock button from web menus

* Revert "[PM-1200] fix: element not updating"

This reverts commit b27f425f48570d0d5dbc9dedb9797023fef64d8b.

* Revert "[PM-1200] feat: update browser to use async pipe"

This reverts commit 766c15bc3dbadcf7dcef3053b148e7874f8939ce.

* [PM-1200] chore: add comment regarding detectorRef

* [PM-1200] feat: remove lock now button from browser settings

* [PM-1200] feat: add `userId` to unlock settings related methods

* [PM-1200] feat: remove non-lockable accounts from menu

* [PM-1200] fix: cli not building

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>

* [PM-3215][PM-3289] Create MasterKey from Password If Needed (#5931)

* Create MasterKey from Password

- Check if the MasterKey is stored or not
- Create it if it's not

* Add getOrDeriveKey Helper

* Use Helper In More Places

* Changed settings menu to be enabled whenever the account is not locked. (#5965)

* [PM-3169] Login decryption options in extension popup (#5909)

* [PM-3169] refactor: lock guard and add new redirect guard

* [PM-3169] feat: implement fully rewritten routing

* [PM-3169] feat: close SSO window

* [PM-3169] feat: store sso org identifier in state

* [PM-3169] fix: tests

* [PM-3169] feat: get rid of unconventional patch method

* PM-3169 - SSO & 2FA Comps - Update naming of new callback to match existing pattern + add tests for callback logic execution.

* PM-3169 - Update LockGuard to have a special exception for allowing the TDE Login with MP flow

* PM-3169 - Per discussion w/ Jake and Justin, rename login-initiated guard to be tde decryption required guard (more named for functionality vs specific route)

* PM-3169 - Add some additional context to new redirect guard scenario

* PM-3169 - Per PR feedback, replace all callback types with Promise<void> as the return values are not being used.

* PM-3169 - StateSvc - Per PR feedback, update setUserSsoOrganizationIdentifier signature to explicitly use null instead of partial<string> which doesn't do anything

* PM-3169 - Replace onSuccessfulLogin type to compile

* PM-3169 - Add clarification comment for why we are not using a query param for persisting the org identifier

* PM-3169 - Per discussion with Justin, only use memory for SsoOrgId as we don't need to persist it beyond that; tested and it worked on all 3 clients for new user TDE creation

* PM-3169 - Add missing ssoIdentifierRequired translation to desktop and browser

* PM-3169 - After discussing with Justin again, we realized that memory doesn't work on desktop if user refreshes app or closes and re-opens it so must use disk.

* PM-3169 - Per PR feedback, remove hasEverHadUserKey logic as we can just leverage existing getUserKey method to check if we have a user key or not; tested all guards in browser and web with no issues

* PM-3169 - Per design discussion with Danielle, move account created toast after successful account creation vs on load of page.

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>

* [PM-3314] Fixed missing MP prompt on lock component (#5966)

* Updated lock component to handle no master password.

* Added a comment.

* Add Missing Slash (#5967)

* Fix AdminAuthRequest Serialization on Desktop (#5970)

- toJSON isn't being called by ElectronStorageService
- Force it's conversion to JSON earlier so it happens for all storage methods

* Fix issue where we were incorrectly calling setRememberEmailValues in the AdminAuthRequest state - no need to do this as the email is already saved to state. By calling this method, we would actually overwrite the already saved email with null as the user's choice to remember email wasn't persisted through SSO on the login service. (#5972)

* PM-3329 - Restore everHadUserKey logic from PM-3169 which I incorrectly removed in order to fix routing logic so that user can lock and land on the lock screen properly (#5979)

* PM-3210 - TDE - LoginWithDevice routing fix - Mirror PR #5950 in just simply providing a back action on click which works for all app generated scenarios (#5982)

* PM-3332 - TDE - SsoLoginStrategy - For existing admin auth reqs, must… (#5980)

* PM-3332 - TDE - SsoLoginStrategy - For existing admin auth reqs, must manually handle 404 error case to prevent app from hanging and clear the local state if the admin auth req in the DB has been purged; i.e., it should fail silently.

* Add TODO for SSO Login Strategy tests

* PM-3331 - TDE - Firefox - Browser extension - fix access denied error… (#5984)

* PM-3331 - TDE - Firefox - Browser extension - fix access denied error on popup load which was caused by the canAccessFeature guard failing to lookup the TDE feature flag as the server config was returning null even after a successful server call as only returned the value if the user was unauthenticated for some reason

* PM-3331 - After discussion with Andre, further refactor ConfigService logic to always return the latest information from the server so that requests for feature flag data will always get the most up to date information.

* PM-3345 - TDE - Desktop - Biometrics setting submenu tweak - do not s… (#5988)

* PM-3345 - TDE - Desktop - Biometrics setting submenu tweak - do not show require MP or PIN entry on restart if user doesn't have at least one of those options b/c otherwise user can get into a bad state where they cannot unlock

* PM-3345 - TDE - Desktop - Settings comp - if user turns off PIN and Biometric is on + require PIN on restart is enabled then must turn that setting off to prevent bad user state

* PM-3345 - Final tweak to logic

* [PM-2852] Final merge from Key Migration branch to TDE Feature Branch (#5977)

* [PM-3121] Added new copy with exclamation mark

* [PM 3219] Fix key migration locking up the Desktop app (#5990)

* Only check to migrate key on VaultTimeout startup

* Remove desktop specific check

* PM-3332 - LoginWithDevice - Add error handling logic around admin auth request retrieval similar to sso login strategy to prevent error state and allow re-creation of an admin auth request if it has been purged from the server for whatever reason. (#5991)

* PM-3355 - TDE - Browser JIT Account Creation - Browser create user logic still had logic for simply closing the extension tab but as we no longer open the login decryption options in a tab we needed to update the logic here to navigate the user directly onto the vault. (#5993)

* Add distinctUntilChanged to fix multiple value changes for biometrics firing (#5999)

* Add optional chaining to master key (#6007)

* PM-3369 - TDE - Persist user's choice to trust device to state when user ma… (#6000)

* PM-3369 - Persist user's choice to trust device to state when user makes choice + persist previous choices out of state

* PM-3369 - Must set trust device in state on load if it's never been set before

* PM-3369 - Refactor BaseLoginDecOptions to properly set trust device choice in state on load

* Update libs/angular/src/auth/components/base-login-decryption-options.component.ts

Co-authored-by: Jake Fink <jfink@bitwarden.com>

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* Updated email change component to getOrDeriveMasterKey (#6009)

* [PM-3330] Force Update to Lockable Accounts on PIN/Biometric Update (#6006)

* Add Listener For Events that Need To Redraw the Menu

* Send redrawMenu Message When Pin/Biometrics Updated

* DeviceTrustCryptoService - don't worry about checking if a device should establish trust or not if the user doesn't have trusted device encryption on (#6010)

* Auth / pm 3351 / TDE Login - Browser & Desktop vault sync issue fix (#6002)

* PM-3351 - TDE Login on desktop and browser via SSO comp with no 2FA should trigger sync like standard onSuccessfulLogin process used to so user lands on vault with data.

* PM-3351 - 2FA Comp - Refactor onSuccessfulLogin logic to only execute in the success path just like the SSO component + adding specific onSuccessfulLoginTde flow just like SSO comp. + removed unnecessary calls to loginService.clearValues(). Added browser & desktop definitions for onSuccessfulLoginTde which is just a fullSync kick off.

* TODO

* PM-3351 - remove await to restore code back to previous state without hang.

* PM-3351 - 2FA Comp - Don't await onSuccessfulLoginTde b/c it causes a hang

* PM-3351 - remove sso comp incorrect todo

* PM-3351 - SsoComp - don't await onSuccessfulLoginTde for browsers sake

* PM-3351 - SsoComp - remove awaits from  onSuccessfulLoginTde and onSuccessfulLogin to avoid any hangs on desktop and browser

* PM-3351 - Convert onSuccessfulLoginTde to promise<void> as its return is not used + refactor all to be consistent and clearly communciate that the sync won't be awaited.

* PM-3351 - Convert onSuccessfulLogin to promise<void> and update all methods accordingly to more clearly indicate that the syncs and any other logic won't be awaited.

* [PM-3356] Fallback to OTP When MasterPassword Hasn't Been Used (#6017)

* Fallback to OTP When MasterPassword Hasn't Been Used

* Update Test and Rename Method

* Revert "DeviceTrustCryptoService - don't worry about checking if a device should establish trust or not if the user doesn't have trusted device encryption on (#6010)" (#6020)

This reverts commit 6ec22f9570.

* PM-3390 - TDE - Redraw desktop after user creation to update isLocked checks and get menu to be enabled properly (#6018)

* [PM-3383] Hide Change Password menu option for user with no MP (#6022)

* Hide Change Master Password menu item on desktop when a user doesn't have a master password.

* Renamed variable for consistency.

* Updated to base logic on account.

* Fixed menubar

* Resolve merge errors in crypto service spec

* Fixed autofill to use new method on userVerificationService (#6029)

* PM-3456 - TDE Admin Auth Req Flow - FF dead object issue - The foreground popup must retrieve the long lived background services for the new TDE services (the AuthRequestCryptoService service fixes this issue, but the DeviceTrustCryptoService should have been added to services.module as well) (#6037)

* skip auto key check when using biometrics on browser (#6041)

* Added comments for backward compatibility removal. (#6039)

* Updated warning message. (#6059)

* Tde pr feedback (#6051)

* move pin migration to the crypto service

* refactor config service logic

* refactor lock component load logic

* rename key connector methods

* add date to backwards compat todo

* update backwards compat todo

* don't specify defaults in redirectGuard

* nit

* add null & undefined check for userid before using the account

* fix ui tests

* add todo for tech debt

* add todo comment

* Fix storybook per PR feedback

* Desktop & Browser - lock comp - add optional chaining check for focusable input - user can just have biometric and not have a MP or a PIN so must support that.

* Main.background.ts - remove duplicate instantiations of the userVerificationApiService and userVerificationService which were added in two separate PRs

* Per PR feedback - (1) Browser app routing module - fix incorrect import for redirect guard (2) Created index.ts file for auth guards to simplify imports and updated imports

* Per PR feedback, (1) Update jslib-services.module to provide actual instance of VaultTimeoutService (2) Update init service to use concrete VaultTimeoutService vs abstraction.

Co-authored-by: Matt Gibson <git@mgibson.dev>

* Per PR feedback - update services module AuthRequestCryptoService and DeviceTrustCryptoService to use shorthand format.

* Per PR feedback, add devicesService to main background and update services module to ensure the popup leverages the background devicesService

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Matt Gibson <git@mgibson.dev>

* Updated message keys for CrowdIn to pick them up. (#6066)

* TDE PR Feedback resolutions round 2 (#6068)

* Per PR feedback - main.background.ts - move userVerificationService and userVerificationApiService to correct location

* Per PR feedback - JS lib services + vault timeout service updates - (1) Correctly type callbacks based on injection tokens (2) Update vault timeout service to have proper types based on injection tokens

* Per PR Feedback - update web init service to inject actual VaultTimeoutService vs abstraction similar to what we did for desktop here: 55a797d4ff

* Per more feedback - revert incorrect changes to VaultTimeoutService based on existing injection token types for LOGOUT_CALLBACK and LOCKED_CALLBACK.. and instead update the injection token types themselves to match how they are being used.

* Per PR feedback - in browser main.background.ts, inject concrete VaultTimeoutService instead of abstraction so we don't have to cast it anymore (matching web & desktop)

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jacob Fink <jfink@bitwarden.com>
Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com>
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Andreas Coroiu <andreas@andreascoroiu.com>
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: André Bispo <abispo@bitwarden.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com>
Co-authored-by: Matt Gibson <git@mgibson.dev>
2023-08-18 14:05:08 -04:00
Daniel James Smith
15f29c5fb1
[PM-3040] [BEEEP] Extend json-export to include passwordhistory and vault item dates (created, updated, deleted) (#5917)
* Add password history to json exports

Change callout to not mention missing password history any longer

* Added item meta dates to json exports

Added vault items creation-/revision-/deleted-dates to json exports

* Removed unnecessary promises

* Add bitwarden-json-export types

Define types
Use types in vault-export-service
Move existing password-protected type to export-types

* Use bitwarden-json-export types in bitwarden-json-importer

* Clean up passwordHistory if needed

* Define and use bitwarden-csv-export-types
2023-08-15 20:32:40 +02:00
Daniel James Smith
e98cbed437
[AC-1119] [PM-1923] [AC-701] Import into a specified folder or collection (#5683)
* Migrate callouts to the CL ones

* Add folder/collection selection

* Use bitTypography as page header/title

* Migrate submit button to CL

* Migrate fileSelector and fileContents

* Add ability to import into an existing folder/collection

Extended import.service and abstraction to receive importTarget on import()
Pass selectedImportTarget to importService.import()
Wrote unit tests

* Added vault selector, folders/collections selection logic and component library to the import

* Revert changes to the already migrated CL fileSelector, fileContents and header/title

* Fix fileContents input and spacing to submit button

* Use id's instead of name for tghe targetSelector

* Remove unneeded empty line

* Fix import into existing folder/collection

Map ciphers with no folder/no collection to the new rootFolder when selected by the user
Modified and added unit tests

* Added CL to fileSelector and fileInput on vault import

* Added reactive forms and new selector logic to import vault

* Added new texts on Import Vault

* Corrected logic on enable targetSelector

* Removing target selector from being required

* Fixed imports after messing up a merge conflict

* Set No-Folder as default

* Show icons (folder/collection) on targetSelector

* Add icons to vaultSelector

* Set `My Vault` as default of the vaultSelector

* Updates labels based on feedback from design

* Set `My Vault` as default of the vaultSelector pt2

* Improvements to reactive forms on import.component

* Only disabling individual vault import on PersonalOwnership policy

* Use import destination instead of import location

* Add hint to folder/collection dropdown

* Removed required attribute as provided by formGroup

* Display no collection option same as no folder

* Show error on org import with unassigned items

Only admins can have unassigned items (items with no collection)
If these are present in a export/backup file, they should still be imported, to not break existing behaviour. This is limited to admins.
When a member of an org does not set a root collection (no collection option) and any items are unassigned an error message is shown and the import is aborted.

* Removed for-attribute from bit-labels

* Removed bitInput from bit-selects

* Updates to messages.json after PR feedback

* Removed name-attribute from bit-selects

* Removed unneeded variables

* Removed unneeded line break

* Migrate form to use bitSubmit

Rename old submit() to performImport()
Create submit arrow function calling performImport() (which can be overridden/called by org-import.component)
Remove #form and ngNativeValidate
Add bitSubmit and bitFormButton directives
Remove now unneeded loading variable

* Added await to super.performImport()

* Move form check into submit

* AC-1558 - Enable org import with remove individual vault policy

Hide the `My Vault` entry when policy is active
Always check if the policy applies and disable the formGroup if no vault-target is selectable

* [AC-1549] Import page design updates (#5933)

* Display select folder/collection in targetSelector
Filter the no-folder entry from the folderViews-observable
Add labels for the targetSelector placeholders

* Update importTargetHint and remove importTargetOrgHint

* Update language on importUnassignedItemsError

* Add help icon with link to the import documentation

---------

Co-authored-by: Andre Rosado <arosado@bitwarden.com>
2023-08-04 22:05:14 +00:00
Thomas Rittson
b89f31101f
[AC-1512] Feature: Secrets Manager billing - round 2 (#5854)
* [AC-1423] Update organization subscription cloud page (#5614)

* [AC-1423] Add ProgressModule to shared.module.ts

* [AC-1423] Update cloud subscription page styles

- Remove bootstrap styles
- Use CL components where applicable
- Use CL typography directives
- Update heading levels to prepare for new SM sections

* [AC-1423] Add usePasswordManager boolean to organization domain

* [AC-1423] Introduce BitwardenProductType enum

* [AC-1423] Update Organization subscription line items

- Add product type prefix
- Indent addon services like additional storage and service accounts
- Show line items for free plans

* [AC-1423] Simply sort function

* [AC-1423] Remove header border

* [AC-1423] Make "Password Manager" the default fallback for product name

* [AC-1420] Add Secrets Manager subscribe component (#5617)

* [AC-1418] Add secrets manager manage subscription component (#5661)

* [AC-1423] Add minWidth input to bit-progress component

* [AC-1423] Add ProgressModule to shared.module.ts

* [AC-1423] Update cloud subscription page styles

- Remove bootstrap styles
- Use CL components where applicable
- Use CL typography directives
- Update heading levels to prepare for new SM sections

* [AC-1423] Add usePasswordManager boolean to organization domain

* [AC-1423] Introduce BitwardenProductType enum

* [AC-1423] Update Organization subscription line items

- Add product type prefix
- Indent addon services like additional storage and service accounts
- Show line items for free plans

* [AC-1423] Simply sort function

* [AC-1423] Remove header border

* [AC-1423] Remove redundant condition

* [AC-1423] Remove ineffective div

* [AC-1423] Make "Password Manager" the default fallback for product name

* Revert "[AC-1423] Add minWidth input to bit-progress component"

This reverts commit 95b2223a30.

* [AC-1423] Remove minWidth attribute

* [AC-1423] Switch to AddonProductType enum instead of boolean

* Revert "[AC-1423] Switch to AddonProductType enum instead of boolean"

This reverts commit 204f64b4e7.

* [AC-1423] Tweak sorting comment

* [AC-1418] Add initial SecretsManagerAdjustSubscription component

* [AC-1418] Add initial SM adjustment form

* [AC-1418] Adjust organization-subscription-update.request.ts to support both PM and SM

* [AC-1418] Rename service account fields in the options interface

* [AC-1418] Add api service call to update SM subscription

* [AC-1418] Cleanup form html

* [AC-1418] Add missing SM plan properties

* [AC-1418] Add SM subscription adjust form and logic to hide it

* [AC-1418] Add better docs to options interface

* [AC-1418] Fix conflicting required/optional labels for auto-scaling limits

* [AC-1418] Adjust labels and appearance to better match design

* [AC-1418] Use the SM plan for billing interval

* [AC-1418] Hide SM billing adjustment component behind feature flag

* [AC-1418] Update request model to match server

* [AC-1418] Cleanup BitwardenProductType after merge

Add to barrel file and update applicable imports.

* [AC-1418] Revert change to update PM subscription request model

* [AC-1418] Add new update SM subscription request model

* [AC-1418] Add new service method to update SM subscription

* [AC-1418] Use new model and service method

* [AC-1418] Cleanup SM subscription UI flags

* [AC-1418] Move SM adjust subscription component into SM billing module

* [AC-1418] Update SM seat count minimum to 1

* [AC-1418] Add missing currency codes

* [AC-1418] Simplify monthly price calculation

* [AC-1418] Increase PM adjust subscription form input width

* [AC-1418] Add check for null subscription

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* add the additional properties (#5743)

* Allow autoscale limits to be removed, update naming (#5781)

* [AC-1488] Store Organization.SmServiceAccounts as total not additional (#5784)

* Allow autoscale limits to be removed, update naming

* Display additional service accounts only

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>

* [AC-1473] SM beta ending callout (#5719)

* [AC-1423] Add minWidth input to bit-progress component

* [AC-1423] Add ProgressModule to shared.module.ts

* [AC-1423] Update cloud subscription page styles

- Remove bootstrap styles
- Use CL components where applicable
- Use CL typography directives
- Update heading levels to prepare for new SM sections

* [AC-1423] Add usePasswordManager boolean to organization domain

* [AC-1423] Introduce BitwardenProductType enum

* [AC-1423] Update Organization subscription line items

- Add product type prefix
- Indent addon services like additional storage and service accounts
- Show line items for free plans

* [AC-1423] Simply sort function

* [AC-1423] Remove header border

* [AC-1423] Remove redundant condition

* [AC-1423] Remove ineffective div

* [AC-1423] Make "Password Manager" the default fallback for product name

* Revert "[AC-1423] Add minWidth input to bit-progress component"

This reverts commit 95b2223a30.

* [AC-1423] Remove minWidth attribute

* [AC-1423] Switch to AddonProductType enum instead of boolean

* Revert "[AC-1423] Switch to AddonProductType enum instead of boolean"

This reverts commit 204f64b4e7.

* [AC-1423] Tweak sorting comment

* [AC-1418] Add initial SecretsManagerAdjustSubscription component

* [AC-1418] Add initial SM adjustment form

* [AC-1418] Adjust organization-subscription-update.request.ts to support both PM and SM

* [AC-1418] Rename service account fields in the options interface

* [AC-1418] Add api service call to update SM subscription

* [AC-1418] Cleanup form html

* [AC-1418] Add missing SM plan properties

* [AC-1418] Add SM subscription adjust form and logic to hide it

* [AC-1418] Add better docs to options interface

* [AC-1418] Fix conflicting required/optional labels for auto-scaling limits

* [AC-1418] Adjust labels and appearance to better match design

* [AC-1418] Use the SM plan for billing interval

* [AC-1418] Hide SM billing adjustment component behind feature flag

* [AC-1418] Update request model to match server

* [AC-1418] Cleanup BitwardenProductType after merge

Add to barrel file and update applicable imports.

* [AC-1418] Revert change to update PM subscription request model

* [AC-1418] Add new update SM subscription request model

* [AC-1418] Add new service method to update SM subscription

* [AC-1418] Use new model and service method

* [AC-1418] Cleanup SM subscription UI flags

* [AC-1418] Move SM adjust subscription component into SM billing module

* [AC-1418] Update SM seat count minimum to 1

* [AC-1418] Add missing currency codes

* [AC-1418] Simplify monthly price calculation

* add daysRemaining util function and unit tests

* [AC-1474] update organization models to include SM beta flag

* add SM beta callout to org subscription page

* update messages.json

* remove beta field from profile org response

* improve daysRemaining code clarity

* set SM beta in org model constructor

* tweak free SM row visibility

* refactor callout description

* Revert "remove beta field from profile org response"

This reverts commit 6c6249e1ec.

* fix dates

* [AC-1468]: hide adjust SM component if beta user

* add sm beta field to org sub response; remove everywhere else

* fix copy

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* [AC-1531] Fix SM subscribe component not showing in free org billing tab (#5848)

Also:

* Fix spacing in layout

* Send zero values for free plans

* Fix: properly delete enroll component

* remove the beta end message for free org (#5877)

* [AC-1458] Update local organization data after subscribing to Secrets Manager (#5888)

* [AC-1567] Fix max additional service account cost estimate (#5923)

* Fix max additional service account cost estimate

* Update i18n string ref

* Make i18n string keys consistent

* [AC-1461] Secrets Manager seat autoscaling cleanup (#5924)

* Remove unused return value from putOrganizationUserBulkEnableSecretsManager

* Fix service account limit validator (#5926)

* Updated Utils.daysRemaining method to calculate result using Math.floor and updated unit tests.

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
Co-authored-by: Will Martin <contact@willmartian.com>
Co-authored-by: Álison Fernandes <vvolkgang@users.noreply.github.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-08-04 17:52:55 -04:00
Jason Ng
8613b83d98
PM-238 Master Reprompt Enabled Appears on Item in Organization (#5858)
* add-edit components and cipher service updated for organization item saveCiphers
* update cipher service spec file
2023-08-04 11:45:32 -04:00
Vincent Salucci
15597fb4e9
[AC-1529] Update settings tab visibility to include device approvals (#5855)
* fix: update show org settings function, add explicit canManageDeviceApprovals helper, refs AC-1529

* fix: add device approval in org-redirect guard and update passed permission, refs AC-1529
2023-08-04 09:18:48 -05:00
Matt Gibson
36b7d30804
Fix failing crypto tests (#5948)
* Change everything to Uint8Array

related to https://github.com/jestjs/jest/issues/14379

* Work on failing type tests

* Revert changes to custom matcher setup

* Remove last BufferArrays from tests

* Fix custom matcher type errors in vscode

* Remove errant `.buffer` calls on Uint8Arrays

* Encryption Pair should serialize Array Buffer and Uint8Array

* Fix EncArrayBuffer encryption

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2023-08-04 02:13:33 +00:00
Rui Tomé
72a6fa1f7d
[AC-1344] Provider users unable to bulk restore vault items for client organizations (#5259)
* [AC-1344] Simplified DeleteMany and SoftDeleteMany request creation

* [AC-1344] Added method putRestoreManyCiphersAdmin to apiService

* [AC-1344] Added method restoreManyWithServer to cipherService

* [AC-1344] Rewrote if statements and changed the method return type
2023-08-02 16:22:28 +01:00
Conner Turnbull
ab6085cd88
[AC-1562] Added region custom field to PayPal add credits (#5897)
* Added config service func for getting cloud region

* Updated to use `buildServerConfig`
2023-07-25 15:57:29 -04:00
Álison Fernandes
34533f62a9
[AC-1486] Feature: SM Billing Round 1 (#5747)
* [AC-1423] Update organization subscription cloud page (#5614)

* [AC-1423] Add ProgressModule to shared.module.ts

* [AC-1423] Update cloud subscription page styles

- Remove bootstrap styles
- Use CL components where applicable
- Use CL typography directives
- Update heading levels to prepare for new SM sections

* [AC-1423] Add usePasswordManager boolean to organization domain

* [AC-1423] Introduce BitwardenProductType enum

* [AC-1423] Update Organization subscription line items

- Add product type prefix
- Indent addon services like additional storage and service accounts
- Show line items for free plans

* [AC-1420] Add Secrets Manager subscribe component (#5617)

* [AC-1418] Add secrets manager manage subscription component (#5661)

* add additional properties (#5743)

* Allow autoscale limits to be removed, update naming (#5781)

* [AC-1488] Store Organization.SmServiceAccounts as total not additional (#5784)

* Allow autoscale limits to be removed, update naming

* Display additional service accounts only

* [AC-1531] Fix SM subscribe component not showing in free org billing tab (#5848)

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
2023-07-24 18:07:21 -05:00
Vincent Salucci
c3adf96da7
fix: remove extra v2 within us/euUrls, refs AC-1518 (#5825) 2023-07-14 14:19:57 -05:00
Todd Martin
b2374acc7f
[PM-3020] Change initialization of EnvironmentService to default to uninitialized (#5830)
* Set initialized to false on construction of the EnvironmentService

* Add initialization on browser and desktop.

* Added comments.
2023-07-14 15:10:47 -04:00
Oscar Hinton
62575336d5
Remove unused method (#5821) 2023-07-14 12:20:40 +02:00
Todd Martin
baab72eaf2
Found another missing await. (#5819) 2023-07-13 11:23:04 -04:00
Todd Martin
fbf67a819f
[PM-2846][PM-2860] Properly pass region from global to account state (#5764)
* Properly pass region from global to account state

* Fixed comment.

* Updated logic to not set environment if region with predefined URLs is selected.

* Added logic to clear environment URLs in EnvironmentService.

* Fixed comment
2023-07-12 10:44:55 -04:00
Rui Tomé
db2427e05c
[PM-2594] Replacing hardcoded cloud vault urls based on region obtained from ConfigService (#5629)
* [PM-2594] Added property "CloudVault" to EnvironmentServerConfigData and EnvironmentServerConfigResponse

* [PM-2594] Replaced hardcoded vault urls with value obtained from ConfigService

* [PM-2594] Renamed EnvironmentServerConfigResponse.cloudVault to cloudWebVault

* [PM-2594] Updated unit test with new property "cloudWebVault"

* [PM-2594] Added methods to get and set CloudWebVaultUrl on EnvironmentService. Configured ConfigurationService to set value based on cloudVaultRegion

* [PM-2594] Added JSDOC comments to methods getCloudWebVaultUrl and setCloudWebVaultUrl

* [PM-2594] Renamed EnvironmentServerConfigData.cloudVaultRegion to cloudRegion

* [PM-2594] Fixed unit test
2023-07-03 21:43:22 +01:00
Bernd Schoolmann
f5c329030d
Make Argon2 WebAssembly module unload after use (#5072) 2023-07-03 07:12:42 -05:00
Todd Martin
3185c0a61b
[PM-2793] Modified bad base URL logic to not also catch web app (#5699)
* Modified bad base URL logic to not also catch web app.

* Removed EU from check.
2023-06-30 16:34:12 -04:00
André Bispo
05c4d172a7
[PM-142] Add environment selector to trial initiation (#5546) 2023-06-30 16:50:00 +01:00
Will Martin
3b1860b9ee
[SM-771] bulk add SM dialog (#5669)
* add dialog; add service method; add menu button

* update service layer

* update service method; add i18n; add success and error logic

* remove comment

* remove SM Beta copy in member dialog

* refactor error logic to utilize bitAction

* update i18n key

* use i18n in menu option

* use i18n in footer

* rename component file

* rename enableAccess method; remove button; use userName pipe

* only show if SM flag is enabled

* [SM-830] fix: close checkboxes on dialog close
2023-06-29 12:42:27 -04:00
Andreas Coroiu
a73525a80c
[PM-2135] [BEEEP] Refactor and refresh web user verification components (#5377)
* [PM-2135] feat: create new user-verification module

* [PM-2136] feat: add ability to remove form field bottom margin

(cherry picked from commit 05925ff77ed47f3865c2aecade8271390d9e2fa6)

* [PM-2135] feat: refactor user-verification component

* [PM-2135] feat: refactor user-verification-prompt

* [PM-2135] feat: use form validation in prompt

* [PM-2135] feat: change autofocus target

* [PM-2135] chore: clean up old code

* [PM-2135] feat: allow user verification to show invalid password error

* [PM-2135] feat: hack mark as touched to get error to display

* [PM-2135] chore: move to auth

* [PM-2135] fix: hardcoded dialog buttons

* [PM-2135] feat: add onDestroy handler

* [PM-2135] fix: remove unecessary directive input

* [PM-2135] feat: add password toggle

* [PM-2135] chore: add hack comment

* [PM-2135] chore: move services to auth folder and rename

* [PM-2135] fix: show correct error messages

* [PM-2135] fix: re-add non-existant files to whitelist

I honestly don't know why the linter is complaining about this

* Fix capital letters whitelist

* [PM-2135] chore: remove rows that were mistakenly added during merge from master

* [PM-2135] chore: remove rows that were mistakenly added during merge from master

* [PM-2135] feat: disable built-in browser validations

* Revert "[PM-2135] feat: disable built-in browser validations"

This reverts commit 969f75822a.

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2023-06-28 09:02:22 -04:00
André Bispo
c31504cab4
[PM-1593] send password as null if it is not in state (#5634) 2023-06-23 17:21:48 +01:00
André Bispo
4124f7bdc8
[PM-2676] Fix web set environment urls after state init (#5632)
* [PM-2676] Fix web set env urls after state init.

* [PM-2676] Add note to remove workaround
2023-06-20 20:44:46 +01:00
Rui Tomé
d3d17f1496
[AC-1144] Warn admins when removing or revoking users without master password (#5494)
* [AC-1144] Added new messages for warning removing/revoking user without master password

* [AC-1144] Added property 'hasMasterPassword' to OrganizationUserUserDetailsResponse and OrganizationUserView

* [AC-1144] Added user's name to 'No master password' warning

* [AC-1144] Added property 'hasMasterPassword' to ProviderUserResponse

* [AC-1144] Added alert to bulk "remove/revoke users" action when a selected user has no master password

* [AC-1144] Moved 'noMasterPasswordConfirmationDialog' method to BasePeopleComponent

* [AC-1144] Removed await from noMasterPasswordConfirmationDialog

* [AC-1144] Changed ApiService.getProviderUser to output ProviderUserUserDetailsResponse

* [AC-1144] Added warning on removing a provider user without master password

* [AC-1144] Added "No Master password" warning to provider users

* [AC-1144] Added "no master password" warning when removing/revoking user in modal view

* [AC-1144] Reverted changes made to ProviderUsers

* [AC-1144] Converted showNoMasterPasswordWarning() into a property

* [AC-1144] Fixed issue when opening invite member modal
2023-06-16 16:38:55 +01:00
André Bispo
1052f00b87
[PM-2475][PM-2536] Clicking "US" in region selector sets base URL (#5604) 2023-06-16 14:09:16 +01:00
Vincent Salucci
5cd51374d7
[AC-1416] Expose Organization Fingerprint (#5557)
* refactor: change getFingerprint param to fingerprintMaterial, refs PM-1522

* feat: generate and show fingerprint for organization (WIP), refs AC-1416

* feat: update legacy params subscription to best practice (WIP), refs AC-1461

* refactor: update to use reactive forms, refs AC-1416

* refactor: remove boostrap specific classes and update to component library paradigms, refs AC-1416

* refactor: remove boostrap specific classes and update to component library paradigms, refs AC-1416

* refactor: create shared fingerprint component to redude boilerplate for settings fingerprint views, refs AC-1416

* refactor: use grid to emulate col-6 and remove unnecessary theme extensions, refs AC-1416

* refactor: remove negative margin and clean up extra divs, refs AC-1416

* [AC-1431] Add missing UserVerificationModule import (#5555)

* [PM-2238] Add nord and solarize themes (#5491)

* Fix simple configurable dialog stories (#5560)

* chore(deps): update bitwarden/gh-actions digest to 72594be (#5523)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* refactor: remove extra div leftover from card-body class, refs AC-1416

* refactor: use bitTypography for headers, refs AC-1416

* fix: update crypto service abstraction path, refs AC-1416

* refactor: remove try/catch on handler, remove bootstrap class, update api chaining in observable, refs AC-1416

* fix: replace faulty combineLatest logic, refs AC-1416

* refactor: simplify observable logic again, refs AC-1416

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-15 21:03:48 -05:00
Daniel Chateau
9ed59c6fa9
Update request headers sent to AnonAddy API. (#5565) 2023-06-14 22:59:29 +02:00
Robyn MacCallum
2b65b3f0f7
[AC-1383] Move collections to Vault (#5424)
* Move CollectionDialog to Vault

* Fix CollectionDialogModule imports

* Move CollectionAdminService and View to Vault

* Move CollectionService to Vault

* Split GroupService into internal and public facing classes

* Move collection models to vault

* lint spacing fix

* Move collection spec file

* Fix spec import

* Update apps/web/src/app/core/core.module.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Remove CoreOrganizationModule from CollectionDialogModule

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-06-14 08:38:24 -04:00
Andreas Coroiu
37010a6414
[PM-2642] Fix feature flags not working properly when urls load from storage (#5598)
* fix: feature flags not working properly

Due to race conditions the api url is not set during the first fetch och server config. This causes the config to be fetched from `api.bitwarden.com`. The config is then supposed to be re-fetched when the api url is set by the environment service, but due to a missing line this is not done when the urls are set from storage.

* feat: change to `Observable<void>`
2023-06-14 14:10:39 +02:00
Daniel James Smith
3b708d9311
Remove try-catch to display proper api-errors (#5570) 2023-06-14 11:28:32 +02:00
Daniel James Smith
72a5ba455c
[PM-2367] [BEEEP]: Extract password strength from password-generation-service (#5502)
* Extract passwordStrength from passwordGenerationService

Extract passwordStrength from password-generation.service.ts
Create new password-strength.service.ts
Create new password-strength.service.abstraction.ts
Register new password-strength service
Fix usages in libs

* Fix usage in web

* Fix usage in desktop

* Fix usage in CLI

* Fix usage in browser

Move password-generation-factory to tools

* Fix tests

* Change dependency in jslib-services.module
2023-06-13 23:22:25 +02:00
Thomas Rittson
22caae116c
Restrict angular imports (#5597)
* Refactor restricted imports eslint rule, add angular deps

* Move FormValidationErrorsService into libs/angular

* Remove angular decorators from configService

* Remove angular decorator from anonymousHubService
2023-06-13 10:03:32 +10:00
Thales Augusto
c70d67bad3
[PM-1823] Defining the card brand according to its number (#5204)
* Defining the card brand according to its number

* Moving cardBrandByPatterns function to Card View

* Getting Card brand via cardBrandByPatterns function

* Changing cardBrandByPatterns method to static. See:
The reason being that someone wanting to use this outside of the onCardNumberChange would need to know to set the cc-number on the view-model before calling cardBrandByPatterns

* Defining the card brand according to its number on Desktop

* Defining the card brand according to its number on Web
2023-06-09 20:44:33 +02:00
Daniel James Smith
ab260a3653
Fix broken import of misc/utils (#5586) 2023-06-09 11:12:20 +02:00
titanism
d18b45a87e
[PM-1060] Added new forwarder (Forward Email <https://forwardemail.net>) (#4809)
* Added new forwarder (Forward Email <https://forwardemail.net>)

* fix: fixed Basic authorization header

* fix: fixed returned email value

* feat: added verbose message for end-users (e.g. "Not Found" vs. "Domain does not exist on your account." (automatically localized with i18n for user)

* fix: fixed Buffer.from to Utils.fromBufferToB64

* fix: fixed fromBufferToB64 to fromUtf8ToB64

* Remove try-catch to properly display api errors

---------

Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-06-09 09:55:12 +02:00
Jared Snider
806bd8d039
Tech-Debt - [PM-2283] - Update ConfigApiService getServerConfig call to send access token if it exists (#5464)
* PM-2283 - Update config api service get server config call to send authed when we have an access token so that LaunchDarkly on the server can properly acquire user context.

* PM-2283- Replace token service with Auth service per PR feedback

* PM-2283 - Refactor config api service get authed status based on PR feedback.

* PM-2283 - Fix import issues due to platform folder creation and file moves
2023-06-07 17:47:30 -04:00
Matt Gibson
78248db590
Platform/pm 19/platform team file moves (#5460)
* Rename service-factory folder

* Move cryptographic service factories

* Move crypto models

* Move crypto services

* Move domain base class

* Platform code owners

* Move desktop log services

* Move log files

* Establish component library ownership

* Move background listeners

* Move background background

* Move localization to Platform

* Move browser alarms to Platform

* Move browser state to Platform

* Move CLI state to Platform

* Move Desktop native concerns to Platform

* Move flag and misc to Platform

* Lint fixes

* Move electron state to platform

* Move web state to Platform

* Move lib state to Platform

* Fix broken tests

* Rename interface to idiomatic TS

* `npm run prettier` 🤖

* Resolve review feedback

* Set platform as owners of web core and shared

* Expand moved services

* Fix test types

---------

Co-authored-by: Hinton <hinton@users.noreply.github.com>
2023-06-06 15:34:53 -05:00
Jared Snider
0fcfe883b5
Feature/[PM-1378] - Trusted Device Encryption - Establish trust logic for all clients (#5339)
* PM1378 - (1) Create state service methods for securely storing a device symmetric key while following existing pattern of DuckDuckGoKey generation (2) Create makeDeviceKey method on crypto service which leverages the new state service methods for storing the device key.

* PM-1378 - Document CSPRNG types w/ comments explaining what they are and when they should be used.

* PM-1378 - TODO to add tests for makeDeviceKey method

* PM-1378 - Create Devices API service for creating and updating device encrypted master keys + move models according to latest code standards ( I think)

* PM-1378 - TODO clean up - DeviceResponse properly moved next to device api service abstraction per ADR 0013

* PM-1378 - CryptoService makeDeviceKey test written

* PM-1378 - Tweak crypto service makeDeviceKey test to leverage a describe for the function to better group related code.

* PM-1378 - Move known devices call out of API service and into new devices-api.service and update all references. All clients building.

* PM-1378 - Comment clean up

* PM-1378 - Refactor out master key naming as that is a reserved specific key generated from the MP key derivation process + use same property on request object as back end.

* PM-1378 - Missed a use of master key

* PM-1378 - More abstraction updates to remove master key.

* PM-1378 - Convert crypto service makeDeviceKey into getDeviceKey method to consolidate service logic based on PR feedback

* PM-1378- Updating makeDeviceKey --> getDeviceKey tests to match updated code

* PM-1378 - Current work on updating establish trusted device logic in light of new encryption mechanisms (introduction of a device asymmetric key pair in order to allow for key rotation while maintaining trusted devices)

* PM-1378 - (1) CryptoService.TrustDevice() naming refactors (2) Lots of test additions and tweaks for trustDevice()

* PM-1378 - Updated TrustedDeviceKeysRequest names to be consistent across the client side board.

* PM-1378 - Move trusted device crypto service methods out of crypto service into new DeviceCryptoService for better single responsibility design

* PM-1378 - (1) Add getDeviceByIdentifier endpoint to devices api as will need it later (2) Update TrustedDeviceKeysRequest and DeviceResponse models to match latest server side generic encrypted key names

* PM-1378 - PR feedback fix - use JSDOC comments and move from abstraction to implementation

* PM-1378 - Per PR feedback, makeDeviceKey should be private - updated tests with workaround.

* PM-1378- Per PR feedback, refactored deviceKey to use partialKey dict so we can associate userId with specific device keys.

* PM-1378 - Replace deviceId with deviceIdentifier per PR feedback

* PM-1378 - Remove unnecessary createTrustedDeviceKey methods

* PM-1378 - Update device crypto service to leverage updateTrustedDeviceKeys + update tests

* PM-1378 - Update trustDevice logic - (1) Use getEncKey to get user symmetric key as it's the correct method and (2) Attempt to retrieve the userSymKey earlier on and short circuit if it is not found.

* PM-1378 - Replace deviceId with deviceIdentifier because they are not the same thing

* PM-1378 - Per PR feedback, (1) on web/browser extension, store device key in local storage under account.keys existing structure (2) on desktop, store deviceKey in secure storage. (3) Exempt account.keys.deviceKey from being cleared on account reset

* PM-1378 - Desktop testing revealed that I forgot to add userId existence and options reconciliation checks back

* PM-1378 - Per discussion with Jake, create DeviceKey custom type which is really just an opaque<SymmetricCryptoKey> so we can more easily differentiate between key types.

* PM-1378 - Update symmetric-crypto-key.ts opaque DeviceKey to properly setup Opaque type.

* PM-1378 - Fix wrong return type for getDeviceKey on DeviceCryptoServiceAbstraction per PR feedback
2023-05-25 14:17:19 -04:00
André Bispo
b9d3b0aff7
[PM-2398] Fix firefox extension environments bug (#5514) 2023-05-25 18:32:26 +01:00
André Bispo
1a9a328d39
[PM-2347] Refresh configs when environment urls change (#5507)
* [PM-2347] Re fetch feature flags when environment urls change and update UI.
2023-05-25 14:38:23 +01:00
Oscar Hinton
62591a8bc8
[PM-2328] Fix jest deprecations (#5483) 2023-05-22 20:19:16 +02:00
André Bispo
b9fe78796a
[PM-1019] Environment selection clients (#5480)
* [PM-169][PM-142][PM-191] Add Environments to Web and Desktop (#5294)

* [PM-1351] Add property to server-config.response. Change config to be able to fetch without being authed.

* [PM-1351] fetch every hour.

* [PM-1351] fetch on vault sync.

* [PM-1351] browser desktop fetch configs on sync complete.

* [PM-1351] Add methods to retrieve feature flags

* [PM-1351] Add enum to use as key to get values feature flag values

* [PM-1351] Remove debug code

* [PM-1351] Get flags when unauthed. Add enums as params. Hourly always fetch.

* [PM-1351] add check for authed user using auth service

* [PM-169] Web: add drop down to select environment

* [PM-169] Fix pop up menu margins. Add DisplayEuEnvironmentFlag.

* [PM-169] Change menu name.

* [PM-169] Add environment selector ts and html. Add declaration and import on login.module

* [PM-169] Add environment selector to desktop.

* [PM-169] Ignore lint error.

* [PM-169] add takeUntil to subscribes

* [PM-191] PR Fixes, code format

* [PM-168] Add Environments to extension login/registration (#5434)
2023-05-19 17:35:42 +01:00
renovate[bot]
9e32f8d574
chore(deps): update dependency rimraf to v5 (#5468)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
2023-05-19 14:23:44 +02:00
Oscar Hinton
3da7fc7cb3
Deprecated broadcaster (#5461) 2023-05-17 12:27:27 +02:00
Matt Gibson
c58b0c0753
Return error code when any tsc typecheck fails (#5459)
* Return error code when any tsc typecheck fails

* Try with bash

`sh ./scripts/test-types.s` resulted in errors missing `[[`,
which is a bash builtin. It's possible the ubuntu runner is using
some other shell.

* Fix spec type errors

* Switch to node for Windows compatibility
2023-05-16 09:20:40 -05:00
Shane Melton
bcda04ee86
[AC-358] SelfHosted update subscription page (#5101)
* [AC-358] Add selfHostSubscriptionExpiration property to organization-subscription.response.ts

* [AC-358] Update selfHost org subscription template

- Replace "Subscription" with "SubscriptionExpiration"
- Add question mark help link
- Add helper text for grace period
- Add support for graceful fallback in case of missing grace period in subscription response

* Update libs/common/src/billing/models/response/organization-subscription.response.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-358] Remove unnecessary hypen

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-358] Introduce SelfHostedOrganizationSubscription view
- Encapsulate expiration/grace period logic in the new view object.
- Remove API response getters from the angular component
- Replace the API response object with the new view

* [AC-358] Clarify name for new expiration without grace period field

* [AC-358] Update constructor parameter name

* [AC-358] Simplify new selfhost subscription view

- Make expiration date properties public
- Remove obsolete expiration date getters
- Update the component to use new properties
- Add helper to component for determining if the subscription should be rendered as expired (red text)

* [AC-358] Rename isExpired to isExpiredAndOutsideGracePeriod to be more explicit

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-05-15 07:38:53 -07:00
Shane Melton
ab4d8df2ae
[AC-1145] Add trusted devices option to encryption settings on sso config (#5383)
* [AC-1145] Add TDE feature flag

* [AC-1145] Update sso-config to use new member decryption type and remove keyConnectorEnabled

* [AC-1145] Add new TDE option to SSO config form and update to CL radio buttons

* [AC-1145] Update checkboxes to CL checkboxes

* [AC-1145] Fix messages.json warning

* [AC-1145] Update to new form async actions

* [AC-1145] Modify key connector option display logic to check for TDE feature flag

* [AC-1145] Remove obsolete app-checkbox component

* [AC-1145] Update TDE option description to refer to master password reset policy
2023-05-10 12:51:56 -07:00
Oscar Hinton
5f825e10f9
[PM-2132] Move all specs to the src directory (#5367) 2023-05-09 11:27:09 +02:00
Jared Snider
6b26406331
Defect/PM-1196 - SSO with Email 2FA Flow - Email Required error fixed (#5280)
* PM-1196- First draft of solution for solving SSO login with email 2FA not working; this is a working solution but we need to leverage it to build a better solution with a different server generated token vs a OTP.

* PM-1196 - Swap from OTP to SSO Email 2FA session token. Working now, but going to revisit whether or not email should come down from the server. Need to clean up the commented out items if we decide email stays encrypted in the session token.

* PM-1196 - Email needs to come down from server after SSO in order to flow through to the 2FA comp and be sent to the server

* PM-1196 - For email 2FA, if the email is no longer available due to the auth service 2 min expiration clearing the auth state, then we need to show a message explaining that (same message as when a OTP is submitted after expiration) vs actually sending the request without an email and getting a validation error from the server

* PM-1196 - (1) Make optional properties optional (2) Update tests to pass (3) Add new test for Email 2FA having additional auth result information

* PM-1196 - Remove unnecessary optional chaining operator b/c I go my wires crossed on how it works and the login strategy is not going to be null or undefined...
2023-05-04 14:57:11 -04:00
Jared Snider
120fd14213
Remove all TypeScript region use as it is now against the Bitwarden code style guide. (#5356) 2023-05-04 10:48:01 -04:00
Jared Snider
18b2c60ef8
Clean up TODO from Org Domain claiming by adding test for getClaimedOrgDomainByEmail (#5355) 2023-05-04 09:56:46 -04:00
SmithThe4th
50eea96ec5
[PM-1699] Updated low kdf iterations warning (#5170)
* updated low ksf iterations warning

* Removed test implementation

* Removed unused translation and updated key

* Enabled low kdf on this branch for testing

* Removed duplicate showKdf initialiazation

* [PM-1700] Put KDF warning behind a LaunchDarkly Feature Flag (#5308)

* Added feature flag for low kdf iteration

* Added feature flag implementation to component

* Renamed feature flag to align with what is setup on LaunchDarkly
2023-05-04 09:46:12 -04:00
Oscar Hinton
4e1867682f
[PM-1504] Migrate Dialogs to DialogService (#5013)
This PR introduces a generic `DialogService` which can be used by all the clients. This allows us to decouple dialogs from the `PlatformUtilsHelper`.

The `DialogService` provides a new method, `openSimpleDialog` which is the new interface for that type of dialogs.

This gives us 3 different implementations: 
- Web: DialogService modern dialogs
- Browser: SweetAlert
- Desktop: Native electron based
2023-05-02 18:46:03 +02:00
renovate[bot]
7c4b2c04b9
[PM-1905] Update npm (#3940)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2023-05-02 17:25:25 +02:00
Robyn MacCallum
671a9115bb
[PM-1400] Update IconComponent to use OnPush ChangeDetection (#5181)
* Add disableFavicon$ to stateService

* Change IconComponent's ChangeDetectionStrategy and use disableFavicon$ observable

* Only get first result from disableFavicon observable

* Move disabledFavicon$ to SettingsService

* Update usage of disableFavicon to use SettingsService

* Remove getting and setting of disabledFavicon on login

* Settings service observable adjustments

* Fix for popup initially having a null value for the disableFavicon setting in settingsService

* Move disabledFavicon$ subscription to ngOnInit

* feat: experiment with observables

* Remove SettingsService from browser app component

* Fix storybook changes

* Update apps/web/src/app/vault/components/vault-items/vault-items.stories.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix mock function signature

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2023-04-28 15:07:26 -04:00
André Bispo
cfc380c697
[PM-1349] Update client service to retrieve feature flags from API (#5064)
* [PM-1351] Add property to server-config.response. Change config to be able to fetch without being authed.

* [PM-1351] fetch every hour.

* [PM-1351] fetch on vault sync.

* [PM-1351] browser desktop fetch configs on sync complete.

* [PM-1351] Add methods to retrieve feature flags

* [PM-1351] Add enum to use as key to get values feature flag values

* [PM-1351] Remove debug code

* [PM-1351] Get flags when unauthed. Add enums as params. Hourly always fetch.

* [PM-1351] add check for authed user using auth service

* [PM-1351] remove unnecessary timer on account unlock
2023-04-26 15:30:39 +01:00
Jake Fink
dfe69f77f5
[PM-687] emergency access invite lost during sso (#5199)
* [PM-687] refactor observable in base accept component

* [PM-687] add emergency access invitation to global state

* [PM-687] save invite to state and check on login

* [PM-687] move emergency access check above queryParams observable
2023-04-26 08:47:35 -04:00
Jim Hays
9f7bf1132b
[PM-1877] Spellcheck (#5237)
* Bug fix: "vaule" -> "value"

* Bug fix: "aria-descibedby" -> "aria-describedby"

* Bug fix: "chararacter" -> "character"

* Fix typos in comments

* Fix typos in documentation

* Fix typo in test description

* Fix typos in sample data: "childen" -> "children"

* Fix typos in sample data: "pargraphs" -> "paragraphs"

* Fixes to test data: "Additinoal", "Informaion" -> "Additional", "Information"

* Fix typo in test data: "dolhpin" -> "dolphin"

* Fix typo in local variable: "attachement" -> "attachment"

* Fix typo in method name: "detachOrganizastion" -> "detachOrganization"

* Fix typo in method name: "getNewlyAddedDomians" -> "getNewlyAddedDomains"

* Fix typo: "EncyptedMessageResponse" -> "EncryptedMessageResponse"

* Fix typo: "miliseconds" -> "milliseconds"

* Fix typo: "authResponsePushNotifiction" -> "authResponsePushNotification"

* Fix typo: "getPushNotifcationObs" -> "getPushNotificationObs"

* Fix typo: "ExpriationDate" -> "ExpirationDate"

* Fix typo: "OrganizationUserResetPasswordDetailsReponse" -> "OrganizationUserResetPasswordDetailsResponse"

* Fix typo: "DISPLAY_TITLE_ATTRIBUE" -> "DISPLAY_TITLE_ATTRIBUTE"

* Fix typo: "credentialretreivalCommandHandler" -> "credentialRetrievalCommandHandler"

* Fix typo: "buildLoginCredntials" -> "buildLoginCredentials"

* Fix typo: "_mappedCredentialsColums" -> "_mappedCredentialsColumns"

* Fix typo: "_mappedPersonalInfoAsIdentiyColumns" -> "_mappedPersonalInfoAsIdentityColumns"

* Fix typo in input name: "StroageGbAdjustment" -> "StorageGbAdjustment"

* Fix typo in const: "encryptionAlogrithm" -> "encryptionAlgorithm"

---------

Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-04-26 12:16:07 +02:00
Rui Tomé
89c8c48cd4
[AC-1340] Fixed cipher restore for provider users by using the restore-admin endpoints (#5255) 2023-04-21 12:22:34 +01:00
Rui Tomé
aacabf5bdf
[AC-1340] [Defect] Provider users unable to delete vault items for client organizations (#5242)
* [AC-1340] Calling Cipher DeleteAdmin endpoints when user has canEditAnyCollection permission

* [AC-1340] Fixed CLI and Desktop builds

* [AC-1340] Changed CipherService delete methods parameter 'orgAdmin' to 'asAdmin' and to nullable

* [AC-1340] Changed variable names from 'orgAdmin' to 'asAdmin'

* [AC-1340] Reverted change on DeleteCommand
2023-04-20 16:33:29 +01:00
Daniel James Smith
192bb5a7b3
[PM-328] Move exporter to tools (#5070)
* Create and register new libs/exporter

Create package.json
Create tsconfig
Create jest.config
Extend shared and root tsconfig and jest.configs
Register with eslint

* Migrate exportService to libs/exporter

Move exportService (abstraction and impl) into libs/exporter
Refactored exportService to be split into vault-export and event-export
Created barrel-files for both exports
Moved export.service.spec.ts into vault-export
Created an export-helper, which helps build the filename (extract method refactor from ExportService)

* Move components in libs/angular into tools-subfolder

Moved components
Updated imports in jslib-services.module and jslib.module

* Register libs/exporter with browser and fix imports

Move export.component into tools-subfolder

* Register libs/exporter with cli and fix imports

Move export.command into tools-subfolder

* Register libs/exporter with desktop and fix imports

Move export.component into tools-subfolder

* Move export models to libs/exporter

* Update web imports

* Update package-lock.json

* Move export models back as it would create circular dependency

Reponse models in common rely on export models which are in libs/exporter, which relies on common

* Fix up web for event-export

* Update CODEOWNERS

* Add export-models to team-tools-dev

* Simplify domain import

* Moving EventExport into web
2023-04-19 11:30:46 +02:00
Matt Gibson
830af7b06d
Rework Desktop Biometrics (#5234) 2023-04-18 09:09:47 -04:00
Andrew Jorgensen
d77f77cea9
[PM-1803] Fail on unsupported export format (#5197)
* Fail on unsupported export format

Issue #5194: https://github.com/bitwarden/clients/issues/5194

The cli previously would take any value for the export format and
default to unencrypted json if it wasn't a supported format. This
behavior is a little dangerous because if for instance typed
"json_encrypted" instead of "encrypted_json" and naively saved the file
you might be surprised to learn the payload was not actually encrypted
even though the command completed successfully.

This change adds a guard clause when converting the string value passed
in via `--format` into the type `ExportFormat` to ensure that the format
provided is one of the supported types.

* Move isSupportedExportFormat to private method
2023-04-17 21:54:03 +02:00
Shane Melton
07c2c2af20
[AC-1070] Enforce master password policy on login (#4795)
* [EC-1070] Introduce flag for enforcing master password policy on login

* [EC-1070] Update master password policy form

Add the ability to toggle enforceOnLogin flag in web

* [EC-1070] Add API method to retrieve all policies for the current user

* [EC-1070] Refactor forcePasswordReset in state service to support more options

- Use an options class to provide a reason and optional organization id
- Use the OnDiskMemory storage location so the option persists between the same auth session

* [AC-1070] Retrieve single master password policy from identity token response

Additionally, store the policy in the login strategy for future use

* [EC-1070] Introduce master password evaluation in the password login strategy

- If a master password policy is returned from the identity result, evaluate the password.
- If the password does not meet the requirements, save the forcePasswordReset options
- Add support for 2FA by storing the results of the password evaluation on the login strategy instance
- Add unit tests to password login strategy

* [AC-1070] Modify admin password reset component to support update master password on login

- Modify the warning message to depend on the reason

- Use the forcePasswordResetOptions in the update temp password component

* [EC-1070] Require current master password when updating weak mp on login

- Inject user verification service to verify the user
- Conditionally show the current master password field only when updating a weak mp. Admin reset does not require the current master password.

* [EC-1070] Implement password policy check during vault unlock

Checking the master password during unlock is the only applicable place to enforce the master password policy check for SSO users.

* [EC-1070] CLI - Add ability to load MP policies on login

Inject policyApi and organization services into the login command

* [EC-1070] CLI - Refactor update temp password logic to support updating weak passwords

- Introduce new shared method for collecting a valid and confirmed master password from the CLI and generating a new encryption key
- Add separate methods for updating temp passwords and weak passwords.
- Utilize those methods during login flow if not using an API key

* [EC-1070] Add route guard to force password reset when required

* [AC-1070] Use master password policy from verify password response in lock component

* [EC-1070] Update labels in update password component

* [AC-1070] Fix policy service tests

* [AC-1070] CLI - Force sync before any password reset flow

Move up the call to sync the vault before attempting to collect a new master password. Ensures the master password policies are available.

* [AC-1070] Remove unused getAllPolicies method from policy api service

* [AC-1070] Fix missing enforceOnLogin copy in policy service

* [AC-1070] Include current master password on desktop/browser update password page templates

* [AC-1070] Check for forced password reset on account switch in Desktop

* [AC-1070] Rename WeakMasterPasswordOnLogin to WeakMasterPassword

* [AC-1070] Update AuthServiceInitOptions

* [AC-1070] Add None force reset password reason

* [AC-1070] Remove redundant ForcePasswordResetOptions class and replace with ForcePasswordResetReason enum

* [AC-1070] Rename ForceResetPasswordReason file

* [AC-1070] Simplify conditional

* [AC-1070] Refactor logic that saves password reset flag

* [AC-1070] Remove redundant constructors

* [AC-1070] Remove unnecessary state service call

* [AC-1070] Update master password policy component

- Use typed reactive form
- Use CL form components
- Remove bootstrap
- Update error component to support min/max
- Use Utils.minimumPasswordLength value for min value form validation

* [AC-1070] Cleanup leftover html comment

* [AC-1070] Remove overridden default values from MasterPasswordPolicyResponse

* [AC-1070] Hide current master password input in browser for admin password reset

* [AC-1070] Remove clientside user verification

* [AC-1070] Update temp password web component to use CL

- Use CL for form inputs in the Web component template
- Remove most of the bootstrap classes in the Web component template
- Use userVerificationService to build the password request
- Remove redundant current master password null check

* [AC-1070] Replace repeated user inputs email parsing helpers

- Update passwordStrength() method to accept an optional email argument that will be parsed into separate user inputs for use with zxcvbn
- Remove all other repeated getUserInput helper methods that parsed user emails and use the new passwordStrength signature

* [AC-1070] Fix broken login command after forcePasswordReset enum refactor

* [AC-1070] Reduce side effects in base login strategy

- Remove masterPasswordPolicy property from base login.strategy.ts
- Include an IdentityResponse in base startLogin() in addition to AuthResult
- Use the new IdentityResponse to parse the master password policy info only in the PasswordLoginStrategy

* [AC-1070] Cleanup password login strategy tests

* [AC-1070] Remove unused field

* [AC-1070] Strongly type postAccountVerifyPassword API service method

- Remove redundant verify master password response
- Use MasterPasswordPolicyResponse instead

* [AC-1070] Use ForceResetPassword.None during account switch check

* [AC-1070] Fix check for forcePasswordReset reason after addition of None

* [AC-1070] Redirect a user home if on the update temp password page without a reason

* [AC-1070] Use bit-select and bit-option

* [AC-1070] Reduce explicit form control definitions for readability

* [AC-1070] Import SelectModule in Shared web module

* [AC-1070] Add check for missing 'at' symbol

* [AC-1070] Remove redundant unpacking and null coalescing

* [AC-1070] Update passwordStrength signature and add jsdocs

* [AC-1070] Remove variable abbreviation

* [AC-1070] Restore Id attributes on form inputs

* [AC-1070] Clarify input value min/max error messages

* [AC-1070] Add input min/max value example to storybook

* [AC-1070] Add missing spinner to update temp password form

* [AC-1070] Add missing ids to form elements

* [AC-1070] Remove duplicate force sync and update comment

* [AC-1070] Switch backticks to quotation marks

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-04-17 07:35:37 -07:00
Thomas Rittson
ad0c460687
[EC-850] ProviderUser permissions should prevail over member permissions (#5162)
* Apply provider permissions even if also member

* Add org.isMember

* Refactor: extract syncProfileOrganizations method

* Change isNotProvider logic to isMember

* Fix cascading org permissions

* Add memberOrganizations$ observable
2023-04-17 13:09:53 +10:00
Jake Fink
fbbaf10488
[AC-1045] add action to vault timeout policy (#4782) 2023-04-15 00:11:33 +01:00
Rui Tomé
e3f31ac741
[AC-1081] Merge feature/billing-obfuscation (#5172)
* [AC-431] Add new organization invite process (#4841)

* [AC-431] Added properties 'key' and 'keys' to OrganizationUserAcceptRequest

* [AC-431] On organization accept added check for 'initOrganization' flag and send encrypt keys if true

* [AC-431] Reverted changes on AcceptOrganizationComponent and OrganizationUserAcceptRequest

* [AC-431] Created OrganizationUserAcceptInitRequest

* [AC-431] Added method postOrganizationUserAcceptInit to OrganizationUserService

* [AC-431] Created AcceptInitOrganizationComponent and added routing config. Added 'inviteInitAcceptedDesc' to messages

* [AC-431] Remove blank line

* [AC-431] Remove requirement for logging in again

* [AC-431] Removed accept-init-organization.component.html

* Update libs/common/src/abstractions/organization-user/organization-user.service.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-431] Sending collection name when initializing an org

* [AC-431] Deleted component accept-init-organization and incorporated logic into accept-organization

* Update libs/common/src/abstractions/organization-user/organization-user.service.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-431] Returning promise chains

* [AC-431] Moved ReAuth check to org accept only

* [AC-431] Fixed import issues

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-434] Hide billing screen for reseller clients (#4955)

* [AC-434] Retrieving ProviderType for each Org

* [AC-434] Hide subscription details if user cannot manage billing

* [AC-434] Renamed providerType to provider-type

* [AC-434] Reverted change that showed Billing History and Payment Methods tabs

* [AC-434] Hiding Secrets Manager enroll

* [AC-434] Renamed Billing access variables to be more readable

* Apply suggestions from code review

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-434] Reduce duplication in permission code

* [AC-434] npm prettier

* [AC-434] Changed selfhost subscription permission

* [AC-434] Added canEditSubscription check for change plan buttons

* [AC-434] Removed message displaying provider name in subscription

* [AC-434] canEditSubscription logic depends on canViewSubscription

* [AC-434] Hiding next charge value for users without billing edit permission

* [AC-434] Changed canViewSubscription and canEditSubscription to be clearer

* [AC-434] Altered BillingSubscriptionItemResponse.amount and BillingSubscriptionUpcomingInvoiceResponse.amount to nullable

* [AC-434] Reverted change on BillingSubscriptionItemResponse.amount

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Updated IsPaidOrgGuard reference from org.CanManageBilling to canEditSubscription

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-04-14 11:14:18 +01:00
Andreas Coroiu
0bc6add5c3
[AC-974] [Technical Dependency] Refactor Vault Tables (#4967)
* [EC-974] feat: scaffold new vault-items component

* [EC-974] feat: add basic mocked data to story

* [EC-974] feat: add initial table version

* [EC-974] chore: split rows into separate components

* [EC-974] chore: rename item row to cipher row

* [EC-974] feat: create common vault item interface

* [EC-974] feat: use cdk virtual scrolling

* [EC-974] fix: tweak `itemSize`

* [EC-974] chore: move vault-items component to app/vault folder

* [EC-974] feat: initial support for extra column

* [EC-974] feat: start adding org badge

Having issues with modules import

* [EC-974] feat: add working owner column on collections row

* [EC-974] feat: add owner to ciphers

* [EC-974] fix: org name badge bugs when reused

* [EC-974] feat: fix and translate columns

* [EC-974] feat: allow collections to be non-editable

* [EC-974] feat: use data source

* [EC-974] fix: remove profile name from vault items

* [EC-974] feat: add events

* [EC-974] feat: add support for copy event

* [EC-974] feat: add support for collections column

* [EC-974] feat: add support for group badges

* [EC-974] chore: rename for consistency

* [EC-974] feat: change story to use template

* [EC-974] feat: add support for launching

* [EC-974] feat: add support for attachements

* [EC-974] feat: add stories for all use-cases

* [EC-974] feat: add support for cloning

* [EC-974] feat: add support for moving to organization

* [EC-974] feat: add support for editing cipher collections

* [EC-974] feat: add support for event logs

* [EC-974] feat: add support for trash/delete/restore

* [EC-974] feat: add support for editing collections

* [EC-974] feat: add support for access and delete collections

* [EC-974] feat: don't show menu if it's empty

* [EC-974] feat: initial buggy implementation of selection

* [EC-974] feat: implement bulk move

* [EC-974] feat: add support for bulk moving to org

* [EC-974] feat: add support for bulk restore

* [EC-974] feat: add support for bulk delete

* [EC-974] feat: add ability to disable the table

* [EC-974] feat: create new filter function based on routed model

* [EC-974] wip: start replacing vault items component

* [EC-974] feat: add support for fetching ciphers

* [EC-974] feat: hide trash by default

* [EC-974] feat: add support for the rest of the data

* [EC-974] feat: implement organization filtering using org badge

* [EC-974] feat: fix navigation to "my vault"

* [EC-974] feat: don't show bulk move options when filtering on org items

* [EC-974] feat: prepare for disabling table

* [EC-974] fix: add missing router link to collections

* [EC-974] feat: connect all outputs

* [EC-974] fix: list not properly refreshing after delete

* [EC-974] feat: limit selection to top 500 items

* [EC-974] feat: implement refresh tracker

* [EC-974] feat: use refresh tracker to disable vault items

* [EC-974] feat: add empty list message

* [AC-974] feat: add initial load with spinner and fix empty -> show list bug

* [EC-974] feat: replace action promise with simple loading boolean

* [EC-974] feat: refactor individual vault header

* [EC-974] feat: cache and make observables long lived

* [EC-974] feat: implement searching

* [EC-974] feat: add support for showing collections

* [EC-974] feat: add ciphers to org vault list

* [EC-974] feat: show group column

* [EC-974] feat: tweak settings for org vault

* [EC-974] feat: implement search using query params

* [EC-974] feat: add support for events that are common with individual vault

* [EC-974] feat: add support for all events

* [EC-974] feat: add support for empty list message and no permission message

* [EC-974] feat: always show table

* [EC-974] feat: fix layout issues due to incorrect row height

* [EC-974] feat: disable list if empty

* [EC-974] feat: improve sync handling

* [EC-974] feat: improve initial loading sequence

* [EC-974] feat: improve initial load sequence in org vault

* [EC-974] refactor: simplify and optimize data fetching

* [EC-974] feat: use observables from org service

* [EC-974] feat: refactor org vault header

* [EC-974] fix: data not refreshing properly

* [EC-974] fix: avoid collection double fetching

* [EC-974] chore: clean up refresh tracker

* [EC-974] chore: clean up old vault-items components

* [EC-974] chore: clean up old code in vault component

* [EC-974] fix: reduce rows in story

The story ends up too big for chromatic.

* [EC-974] docs: tweak and typo fixes of asyncToObservable docs comment

* [EC-974] fix: `attachements` typo

* [EC-974] chore: remove review question comment

* [EC-974] chore: remove unused `securityCode` if statement

* [EC-974] fix: use `takeUntill` for legacy dialogs

* [EC-974] fix: use CollectionDialogTabType instead of custom strings

* [EC-974] fix: copy implementation

* [EC-974] fix: use `useTotp` to check for premium features

* [EC-974] fix: use `tw-sr-only`

* [EC-974] chore: remove unecessary eslint disable

* [EC-974] fix: clarify vault item event naming

* [EC-974] fix: remove `new` from `app-new-vault-items`

* [EC-974] fix: collection row not disabled during loading

* [EC-974] chore: simplify router links without path changes

* [EC-974] feat: invert filter function to get rid of `cipherPassesFilter`

* [EC-974] fix: move `NestingDelimiter` to collection view

Nesting is currently only a presentational construct, and the concept does not exist in our domain.

* [EC-974] fix: org vault header not updating when switching org

* [EC-974] fix: table sizing jumping around

* [EC-974] fix: list not refreshing after restoring item

* [EC-974] fix: re-add missing unassigned collection

* [EC-974] fix don't show new item button in unassigned collection

* [EC-974] fix: navigations always leading to individual vault

* [EC-974] fix: remove checkbox when collections are not editable

* [EC-974] fix: null reference blocking collections from refreshing after delete

* [EC-974] fix: don't show checbox for collections that user does not have permissions to delete

* [EC-974] fix: navigate away from deleted folder

* [EC-974] chore: clean up un-used output

* [EC-974] fix: org badge changing color randomly

* [EC-974] fix: lint issues after merge

* [EC-974] fix: lower amount of ciphers in story

chromatic doesn't like large snapshots

* [EC-974] fix: "all collections" not taking `organizationId` filter into account

* [EC-974] fix: make sure unassigned appears in table too

* [EC-974] feat: add unassigned to storybook

* [EC-974] fix: forced row height not being applied properly

* [EC-974] fix: hopefully fix table jumping once and for all

* [EC-974] fix: attachemnts getting hidden

* [EC-974] feat: extract collection editable logic to parent component

* [EC-974] feat: separately track editable items

* [EC-974] feat: optimize permission checks

* [EC-974] fix: bulk menu hidden on chrome

:lolcry:

* [EC-974] fix: don't show groups column if org doesnt use groups

* [EC-974] feat: make entire row clickable

* [EC-974] fix: typo resulting in non-editable collections
2023-04-13 14:48:29 -04:00
Justin Baur
7263579eaf
[PM-329] Detangle SearchService & CipherService (#4838)
* Remove Circular Dependency

* Fix Vault Searching

* Remove Unused cipherServiceOptions

* Add searchService Parameter to CipherService

* Fix instantiation of CipherService in test
2023-04-07 11:11:20 -04:00
Thomas Rittson
7899b25ab3
[PM-1426] Refactor uri matching (#5003)
* Move URI matching logic into uriView

* Fix url parsing: always assign default protocol, otherwise no protocol with port is parsed incorrectly

* Codescene: refactor domain matching logic
2023-04-06 13:30:26 +10:00
Vincent Salucci
576d85b268
[AC-1202] Update enums filenames for admin-console/billing teams (#5169)
* refactor: add barrel file for admin-console enums, update references, refs AC-1202

* fix: lint/prettier updates, refs AC-1202

* refactor: add enum suffix, refs AC-1202

* refactor: add barrel file for billing enums, update imports to use it, refs AC-1202

* fix: prettier, refs AC-1202

* refactor: add enum suffix for billing enums, refs AC-1202
2023-04-05 20:34:23 -05:00
aj-rosado
c6bc97cf5c
[PS-2390] Passing folder and collection id on import (#4802)
* PS-2390 - Passing folder and collection id on import
Reading groupingid from lastpass csv as collection or folder id

* PS-2390 - Added toDomain and toModel on FolderWithIdExport model and created CollectionWithIdExport model

* PS-2390 - renamed groupingid into bwcollectionid on lastpass importer

* PS-2390 - Updated collection/folder-with-id export to reuse parent toDomain and toView

* PS-2390 Undo the lastpass importer groupingId rename

* PS-2390 Undo lastpass importer changes

* PS-2390 - Removed externalId set. Cleaning collection-with-id-request to user parent properties

* Lint prettier
2023-04-05 19:15:33 +01:00
Vincent Salucci
bacb8828de
[AC-1266] Enums filename conventions (#5140)
* refactor: update clientType enum

* refactor: update deviceType filename

* refactor: update encryptedExportType filename

* refactor: update encryptionType filename

* refactor: update eventType filename

* refactor: update fieldType filename

* refactor: update fileUploadType filename

* refactor: update hashPurpose filename

* refactor: update htmlStorageLocation filename

* refactor: update kdfType filename

* refactor: update keySuffixOptions filename

* refactor: update linkedIdType filename

* refactor: update logLevelType filename

* refactor: update nativeMessagingVersion filename

* refactor: update notificationType filename

* refactor: update productType filename

* refactor: update secureNoteType filename

* refactor: update stateVersion filename

* refactor: update storageLocation filename

* refactor: update themeType filename

* refactor: update uriMatchType filename

* fix: update kdfType classes missed in initial pass, refs AC-1266

* fix: missing import update for device-type

* refactor: add barrel file for enums and update pathed import statements, refs AC-1266

* fix: incorrect import statements for web, refs AC-1266

* fix: missed import statement updates (browser), refs AC-1266

* fix: missed import statement changes (cli), refs AC-1266

* fix: missed import statement changes (desktop), refs AC-1266

* fix: prettier, refs AC-1266

* refactor: (libs) update relative paths to use barrel file, refs AC-1266

* fix: missed find/replace import statements for SecureNoteType, refs AC-1266

* refactor: apply .enum suffix to enums folder and modify leftover relative paths, refs AC-1266

* fix: find/replace errors for native-messaging-version, refs AC-1266
2023-04-04 22:42:21 -05:00
SmithThe4th
a78ed4c548
[AC-1260] Removed ssoRequired field from the sso details response (#5123)
* Removed ssoRequired field from the sso details response

* Fixed PR comment
2023-04-03 11:45:22 -04:00
Oscar Hinton
a68631c7b7
Fix broken export spec (#5152) 2023-04-03 12:26:11 +02:00
Bernd Schoolmann
1f472ea309
[PS-2264] Make password protected exports support account's iterations and argon2 (#4479)
* Fix encrypted export using fixed PBKDF2 iterations

* Replace hardcoded KdfType in importer

* Clean up kdf handling in password-protected export

* Extract BitwardenPasswordProtectedFileFormat

* Rename bitwarden-json-types

* Move StateService import to fix linting issue

* Make linter happy

* Use abstraction instead of implementation

---------

Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-03-31 13:49:07 +02:00
SmithThe4th
b79554a13b
[PM-283] Fix Reports UI behavior for premium and free users (#4926)
* Prevent rerouting to dispaly modal message, and refactored components where thsi was used

* Added upgrade badge to organization reports view

* created guard to prevent free organization users from accessing reports

* Added isUpgradeRequired getter to organization class

* Modifiewd reports home to pass upgrade badge and add new guard to organization reports module

* Fixed routing bug when routing to billing subscription page

* Refactored to use async pipe and observables

* Renamed getter name to be more descriptive

* Removed checkAccess from reports

* Renamed guard

* Removed unused variables

* Lint fix

* Lint fix

* prettier fix

* Corrected organiztion service reference

* Moved homepage to ngonInit

* [PM-1629] Update the upgrade dialog for users without billing rights (#5102)

* Show dialog with description when user does not have access to the billing page

* switched conditions to nested if to make the logic clearer
2023-03-30 16:27:03 -04:00
Daniel James Smith
e238ea20a9
[PM-328] Move Send to Tools (#5104)
* Move send in libs/common

* Move send in libs/angular

* Move send in browser

* Move send in cli

* Move send in desktop

* Move send in web
2023-03-29 16:23:37 +02:00
Vincent Salucci
5008acfd13
fix: update downstream imports for org-api-key.request file move, refs AC-1202 2023-03-28 14:28:58 -05:00
Vincent Salucci
16f86d1da2
refactor: move organization-api-key.request to admin-console, refs AC-1202 2023-03-28 14:18:40 -05:00
Robyn MacCallum
d799529428
[SG 623] Send Service Refactor (#4327)
* Split out api methods into sendApiService

* Move SendService and abstraction

* Libs updates

* Web updates

* CLI updates

* Desktop updates

* libs send service fixes

* browser factory additions

* Browser updates

* Fix service injection for CLI SendReceiveCommand

* Deprecate directly calling send state service methods

* SendService observables updates

* Update components to use new observables

* Modify CLI to use state service instead of observables

* Remove unnecessary await on get()

* Move delete() to InternalSendService

* SendService unit tests

* Split fileUploadService by send and cipher

* send and cipher service factory updates

* Add file upload methods to get around circular dependency issues

* Move api methods from sendService to sendApiService

* Update cipherService to use fileApi methods

* libs service injection and component changes

* browser service injection and component changes

* Desktop component changes

* Web component changes

* cipher service test fix

* Fix file capitalization

* CLI service import and command updates

* Remove extra abstract fileUploadService

* WIP: Condense callbacks for file upload

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>

* Send callbacks for file upload

* Fix circular service dependencies

* Fix response return on upload

* Fix function definitions

* Service injection fixes and bug fixes

* Fix folder casing

* Service injection cleanup

* Remove deleted file from capital letters whitelist

* Create new SendApiService for popup

* Move cipherFileUploadService to vault

* Move SendFileUploadService methods into SendApiService

* Rename methods to remove 'WithServer'

* Properly subscribe to sendViews

* Fix Send serialization

* Implement fromJSON on sendFile and sendText

* [PM-1347] Fix send key serialization (#4989)

* Properly serialize key on send fromJSON

* Remove call that nulled out decrypted sends

* Fix null checks in fromJSON methods for models

* lint fixes

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2023-03-28 12:37:40 -04:00
aj-rosado
846b15d6d3
[PM-1195] Creating a copy of 'this' on ToJson so that it doesn't change the current view. (#5062) 2023-03-27 11:48:46 +01:00
André Bispo
5d88fabe47
[PM-107][PM-130] Remove fingerprint from request (#4910)
* [PM-108] Fingerprint is calculated based on pubKey

* [PM-108] Change userId to userEmail. Remove fingerprint from AuthResponse

* [PM-130][PM-107] Remove fingerprint from request and clients UI
2023-03-23 11:02:51 +00:00
Daniel James Smith
a5a12a6723
[PM-328] Move common/importer to libs/importer (tools-migration) (#5060)
* Create and register new libs/importer

Create package.json
Create tsconfig
Create jest.config
Extend shared and root tsconfig and jest.configs
Register with eslint

* Move importer-related files to libs/importer

* Move importer-spec-related files to libs/importer

Move import.service.spec

* Update package-lock.json

* Set CODEOWNERS for new libs/importer

* Register libs/importer with cli and fix imports

* Register libs/importer with web and fix imports

* Move importOption into models

Rename importOptions to import-options

* Fix linting issues after updating prettier

* Only expose necessary files from libs/importer

Fix tsconfig files
- Removes the trailing /index on imports in web/cli

As the spec-files no longer can access the internals via @bitwarden/importer they import by path (../src/importers)

* Add barrel files to vendors with more than one importer
2023-03-23 11:43:27 +01:00
Oscar Hinton
23c4d45285
[PM-1415] [BEEEP] Angular 15 (#4719)
* Upgrade Angular to 15

* Remove attr.allow for webauthn
2023-03-22 18:26:04 +01:00
Vincent Salucci
780a563ce0
[AC-1011] Admin Console / Billing code ownership (#4973)
* refactor: move SCIM component to admin-console, refs EC-1011

* refactor: move scimProviderType to admin-console, refs EC-1011

* refactor: move scim-config.api to admin-console, refs EC-1011

* refactor: create models folder and nest existing api contents, refs EC-1011

* refactor: move scim-config to admin-console models, refs EC-1011

* refactor: move billing.component to billing, refs EC-1011

* refactor: remove nested app folder from new billing structure, refs EC-1011

* refactor: move organizations/billing to billing, refs EC-1011

* refactor: move add-credit and adjust-payment to billing/settings, refs EC-1011

* refactor: billing history/sync to billing, refs EC-1011

* refactor: move org plans, payment/method to billing/settings, refs EC-1011

* fix: update legacy file paths for payment-method and tax-info, refs EC-1011

* fix: update imports for scim component, refs EC-1011

* refactor: move subscription and tax-info into billing, refs EC-1011

* refactor: move user-subscription to billing, refs EC-1011

* refactor: move images/cards to billing and update base path, refs EC-1011

* refactor: move payment-method, plan subscription, and plan to billing, refs EC-1011

* refactor: move transaction-type to billing, refs EC-1011

* refactor: move billing-sync-config to billing, refs EC-1011

* refactor: move billing-sync and bit-pay-invoice request to billing, refs EC-1011

* refactor: move org subscription and tax info update requests to billing, refs EC-1011

* fix: broken paths to billing, refs EC-1011

* refactor: move payment request to billing, refs EC-1011

* fix: update remaining imports for payment-request, refs EC-1011

* refactor: move tax-info-update to billing, refs EC-1011

* refactor: move billing-payment, billing-history, and billing responses to billing, refs EC-1011

* refactor: move organization-subscription-responset to billing, refs EC-1011

* refactor: move payment and plan responses to billing, refs EC-1011

* refactor: move subscription response to billing ,refs EC-1011

* refactor: move tax info and rate responses to billing, refs EC-1011

* fix: update remaining path to base response for tax-rate response, refs EC-1011

* refactor: (browser) move organization-service to admin-console, refs EC-1011

* refactor: (browser) move organizaiton-service to admin-console, refs EC-1011

* refactor: (cli) move share command to admin-console, refs EC-1011

* refactor: move organization-collect request model to admin-console, refs EC-1011

* refactor: (web) move organization, collection/user responses to admin-console, refs EC-1011

* refactor: (cli) move selection-read-only to admin-console, refs EC-1011

* refactor: (desktop) move organization-filter to admin-console, refs EC-1011

* refactor: (web) move organization-switcher to admin-console, refs EC-1011

* refactor: (web) move access-selector to admin-console, refs EC-1011

* refactor: (web) move create folder to admin-console, refs EC-1011

* refactor: (web) move org guards folder to admin-console, refs EC-1011

* refactor: (web) move org layout to admin-console, refs EC-1011

* refactor: move manage collections to admin console, refs EC-1011

* refactor: (web) move collection-dialog to admin-console, refs EC-1011

* refactor: (web) move entity users/events and events component to admin-console, refs EC-1011

* refactor: (web) move groups/group-add-edit to admin-console, refs EC-1011

* refactor: (web) move manage, org-manage module, and user-confirm to admin-console, refs EC-1011

* refactor: (web) move people to admin-console, refs EC-1011

* refactor: (web) move reset-password to admin-console, refs EC-1011

* refactor: (web) move organization-routing and module to admin-console, refs EC-1011

* refactor: move admin-console and billing within app scope, refs EC-1011

* fix: update leftover merge conflicts, refs EC-1011

* refactor: (web) member-dialog to admin-console, refs EC-1011

* refactor: (web) move policies to admin-console, refs EC-1011

* refactor: (web) move reporting to admin-console, refs EC-1011

* refactor: (web) move settings to admin-console, refs EC-1011

* refactor: (web) move sponsorships to admin-console, refs EC-1011

* refactor: (web) move tools to admin-console, refs EC-1011

* refactor: (web) move users to admin-console, refs EC-1011

* refactor: (web) move collections to admin-console, refs EC-1011

* refactor: (web) move create-organization to admin-console, refs EC-1011

* refactor: (web) move licensed components to admin-console, refs EC-1011

* refactor: (web) move bit organization modules to admin-console, refs EC-1011

* fix: update leftover import statements for organizations.module, refs EC-1011

* refactor: (web) move personal vault and max timeout to admin-console, refs EC-1011

* refactor: (web) move providers to admin-console, refs EC-1011

* refactor: (libs) move organization service to admin-console, refs EC-1011

* refactor: (libs) move profile org/provider responses and other misc org responses to admin-console, refs EC-1011

* refactor: (libs) move provider request and selectionion-read-only request to admin-console, refs EC-1011

* fix: update missed import path for provider-user-update request, refs EC-1011

* refactor: (libs) move abstractions to admin-console, refs EC-1011

* refactor: (libs) move org/provider enums to admin-console, refs EC-1011

* fix: update downstream import statements from libs changes, refs EC-1011

* refactor: (libs) move data files to admin-console, refs EC-1011

* refactor: (libs) move domain to admin-console, refs EC-1011

* refactor: (libs) move request objects to admin-console, refs EC-1011

* fix: update downstream import changes from libs, refs EC-1011

* refactor: move leftover provider files to admin-console, refs EC-1011

* refactor: (browser) move group policy environment to admin-console, refs EC-1011

* fix: (browser) update downstream import statements, refs EC-1011

* fix: (desktop) update downstream libs moves, refs EC-1011

* fix: (cli) update downstream import changes from libs, refs EC-1011

* refactor: move org-auth related files to admin-console, refs EC-1011

* refactor: (libs) move request objects to admin-console, refs EC-1011

* refactor: move persmissions to admin-console, refs EC-1011

* refactor: move sponsored families to admin-console and fix libs changes, refs EC-1011

* refactor: move collections to admin-console, refs EC-1011

* refactor: move spec file back to spec scope, refs EC-1011

* fix: update downstream imports due to libs changes, refs EC-1011

* fix: udpate downstream import changes due to libs, refs EC-1011

* fix: update downstream imports due to libs changes, refs EC-1011

* fix: update downstream imports from libs changes, refs EC-1011

* fix: update path malformation in jslib-services.module, refs EC-1011

* fix: lint errors from improper casing, refs AC-1011

* fix: update downstream filename changes, refs AC-1011

* fix: (cli) update downstream filename changes, refs AC-1011

* fix: (desktop) update downstream filename changes, refs AC-1011

* fix: (browser) update downstream filename changes, refs AC-1011

* fix: lint errors, refs AC-1011

* fix: prettier, refs AC-1011

* fix: lint fixes for import order, refs AC-1011

* fix: update import path for provider user type, refs AC-1011

* fix: update new codes import paths for admin console structure, refs AC-1011

* fix: lint/prettier, refs AC-1011

* fix: update layout stories path, refs AC-1011

* fix: update comoponents card icons base variable in styles, refs AC-1011

* fix: update provider service path in permissions guard spec, refs AC-1011

* fix: update provider permission guard path, refs AC-1011

* fix: remove unecessary TODO for shared index export statement, refs AC-1011

* refactor: move browser-organization service and cli organization-user response out of admin-console, refs AC-1011

* refactor: move web/browser/desktop collections component to vault domain, refs AC-1011

* refactor: move organization.module out of admin-console scope, refs AC-1011

* fix: prettier, refs AC-1011

* refactor: move organizations-api-key.request out of admin-console scope, refs AC-1011
2023-03-22 10:03:50 -05:00
Oscar Hinton
ff4293b7bd
[PM-1512] Upgrade prettier (#5028)
* Upgrade prettier

* Lock prettier version
2023-03-21 11:28:15 +01:00
Daniel James Smith
ca0a525895
Remove "Mir" CC brand option (#5011) 2023-03-16 13:14:49 +01:00
Thomas Rittson
0d85bdc931
[PM-1397] Display a warning when a user attempts to auto-fill an iframe (#4994)
* add settingsService.getEquivalentDomains
* check that an iframe URL matches cipher.login.uris before autofilling
* disable autofill on page load if it doesn't match
* show a warning to the user on regular autofill if it doesn't match

---------

Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
2023-03-15 11:19:16 +10:00
André Bispo
07b074f184
[PM-108] Login with Device - Change desktop to not get fingerprint from API (#4834)
* [PM-108] Fingerprint is calculated based on pubKey

* [PM-108] Change userId to userEmail. Remove fingerprint from AuthResponse
2023-03-13 15:40:21 +00:00
SmithThe4th
1666488672
[PM-129] Refactor email forwarding providers to remove filtering for self-hosted (#4963)
* Added model for email forwarder options

* Refactored code base to use model and filter based on the new model
2023-03-13 10:00:48 -04:00
Daniel James Smith
d4c812160f
[PM-328] Move generator to tools (#4980)
* Move generator to tools

libs/angular:
- Move generator.component to tools
libs/common:
- Move password generation to tools
- Move username generation including email-forwarders to tools

apps/*
- create tools-subfolder and move files regarding generator functionality
- Update all the imports

.github/:
- Cleaned up whitelist-capital-letters.txt
- Added team-tools-dev folders to CODEOWNERS

* Remove unused barrel file
2023-03-10 21:39:46 +01:00
Daniel James Smith
e9d0f75b8a
[PM-469] [PM-1325] [PS-1165] [PS-1257] Small refactorings/improvements on the desktop app main (#4704)
* Only pass necessary service to power-monitor

PowerMonitorMain only requires the messagingService instead of a full reference to Main

* Remove never changing constructor params

Window.main has a defaultWidth and defaultHeight that never change, so they do not need to get passed in from outside

hideTitleBar is always true, so there is no need to make it a param

* Remove projectName from updater

This is likely another relict from sharing this previously with dircetory-connector and is not needed anymore

* Only pass necessary service to MenuMain

MenuMain only needs service references instead of a full reference to Main

* Refactor biometrics service

Create BiometricsService that takes care of loading the platformspecifc services, hiding the implementation details
Make it clearer which dependencies are needed by a specific biometrics-service (compile-error vs runtime-error)
Add unit tests
Isolate biometrics import/exports with a barrel file

* Fix #3148

recordActivity was only getting called when user-activity in the main window is recognized
When using biometrics to unlock, the Windows Hello/TouchID prompt would be focused and no input would be recognised. LastActive would have an old value and the vault would get locked

* Improve reloading with biometrics

* Mock import of desktop-native

* Add mock for "@bitwarden/desktop-native-linux-x64-musl"

* Revert "Add mock for "@bitwarden/desktop-native-linux-x64-musl""

This reverts commit 69771b94bf.

* mock the exports of desktop-native

* Pass process.platform inot BiometricsService
2023-03-10 21:32:26 +01:00