Adds a device management tab under settings -> security that allows users to:
- View and manage their account's connected devices
- Remove/deactivate devices
- See device details like platform, last login, and trust status
- Sort and filter device list with virtual scrolling
Resolves PM-1214
* update code owners
* Move lock component v2 to KM
* Add @bitwarden/key-management/angular to tsconfigs
* Move lock component service to KM
* Move lock component v1 to KM
* Update imports
* Move into @bitwarden/key-management
* Revert "Move into @bitwarden/key-management"
This reverts commit b7514fb8c2.
* Add to tsconfig.libs
* add disabledInteractionsUris state to the domain settings service
* add routes and ui for user disabledInteractionsUris state management
* use disabled URIs service state as a preemptive conditon to injecting content scripts
* move disabled domains navigation button from account security settings to autofill settings
* update disabled domain terminology to blocked domain terminology
* update copy
* handle blocked domains initializing with null value
* add dismissable banner to the vault view when the active autofill tab is on the blocked domains list
* add autofill blocked domain indicators to autofill suggestions section header
* add BlockBrowserInjectionsByDomain feature flag and put feature behind it
* update router config to new style
* update tests and cleanup
* use full-width-notice slot for domain script injection blocked banner
* convert thrown error on content script injection block to a warning and early return
* simplify and enspeeden state resolution for blockedInteractionsUris
* refactor feature flag state fetching and update tests
* document domain settings service
* remove vault component presentational updates
* Remove v1 code for Tab/Vault Part 2
* Removal conditional for assign-collections
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* add fixed width to vault list icon
* justify start
* don't display totp capture when in popout
* Revert "don't display totp capture when in popout"
This reverts commit f50b0a6caf.
* use new generator components in desktop app
* add generator to export
* add TODO comment
* use app-specific component
* use vault-owned generator component
* use CipherFormGeneratorComponent
* rename to dialog component. reference ticket number in comment
* use static method for opening dialog
* Remove v1 account security settings
Delete v1 component
Remove conditional routing based on extension refresh feature flag
* Remove unused import
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Migrated folder service from using active user state to single user state
Added extra test cases for encrypted folder and decrypted folders
Updated derived state to use decrypt with key
* Update callers in the web
* Update callers in the browser
* Update callers in libs
* Update callers in cli
* Fixed test
* Fixed folder state test
* Fixed test
* removed duplicate activeUserId
* Added takewhile operator to only make calls when userId is present
* Simplified to accept a single user id instead of an observable
* Required userid to be passed from notification service
* [PM-15635] Folders not working on desktop (#12333)
* Added folders memory state definition
* added decrypted folders state
* Refactored service to remove derived state
* removed combinedstate and added clear decrypted folders to methods
* Fixed test
* Fixed issue with editing folder on the desktop app
* Fixed test
* Changed state name
* fixed ts strict issue
* fixed ts strict issue
* fixed ts strict issue
* removed unnecessasry null encrypteed folder check
* Handle null folderdata
* [PM-16197] "Items with No Folder" shows as a folder to edit name and delete (#12470)
* Force redcryption anytime encryption state changes
* Fixed text file
* revert changes
* create new object with nofolder instead of modifying exisiting object
* Fixed failing test
* switched to use memory-large-object
* Fixed ts sctrict issue
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
On https://github.com/bitwarden/clients/pull/12326 I refactored and
extended a bit of special case logic for process reloads on Safari. This
appears to have caused a regression, and I think it's because I didn't
return from the function when Safari reloads. This makes it still call
`chrome.runtime.reload()`, which makes Safari send an "install" event,
which leads to our extension opening it's Getting Started page.
This commit returns after the location reload in Safari. This is tricky
to test locally as the issue does not appear with sideloaded apps. I'll
test it with Testflight!
* [DEVOPS-1424] Changes to support hardening on the Mac desktop app
* Remove unsigned memory exception
* Remove exceptions from the local (non-MAS) mac builds as well
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Changes for the reseller alert
* Resolve the null error
* Refactor the reseller service
* Fix the a failing test due to null date
* Fix the No overload matches error
* Resolve the null error
* Resolve the null error
* Resolve the null error
* Change the date format
* Remove unwanted comment
* Refactor changes
* Add the feature flag
* Remove lowercasing of View page headers
* Remove lowercasing of Add/edit page headers
* Remove lowercasing of Web ViewAdd/edit page headers
* Fix tests
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* enhancement: UI for multiple totp elements
* add tests
* update snapshots
* update obsolete snapshots
* PM-15593
- Added conditional statement for text displayed in the totp code span
- Added styling to the returned text
* remove method, hard code string.
* PM-15593
- Added getFilteredCiphersForTotpField method
- Implemented getFilteredCiphersForTotpField on update list method
- Updated tests to not always have a top field
* account for no totp code ciphers in totp fields
* Remove Send grouping, type and state
* Delete Send list and add-edit
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove v1 generator, generator history page and extension refresh conditional routing
* Remove unused keys from en/messages.json
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
This PR deletes the legacy lock components from the Angular clients and also removes feature flag control from the routing. The lock component will now be based entirely on the new, recently refreshed LockComponent in libs/auth/angular.
* Remove conditional routing for new vault page (header/footer)
Redirect tabs/current to tabs/vault (new home)
* Remove unused TabsComponent
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Run clippy and rustfmt on CI
* Error on warnings and fix a couple of missed lints
* Move import inside function
* Fix unix lints
* Fix windows lints
* Missed some async tests
* Remove unneeded reference
* force viewOnly to be true for emergency access
* add input to hide password history, applicable when the view is used from emergency view
* add extension refresh version of the emergency view dialog
* allow emergency access to view password history
- `ViewPasswordHistoryService` accepts a cipher id or CipherView. When a CipherView is included, the history component no longer has to fetch the cipher.
* remove unused comments
* Add fixme comment for removing non-extension refresh code
* refactor password history component to accept a full cipher view
- Remove the option to pass in only an id
* starting
* setup first page for new device verification notice
* update designs for first page. rename components and files
* added second page for new device verification notice
* update notice page one with bit radio buttons. routing logic. user email
* updated routing for new device verification notice to show before vault based on flags, and can navigate back to vault after submission
* fix translations. added remind me later link and nav to page 2
* sync the design for mobile and web
* update routes in desktop
* updated styles for desktop
* moved new device verification notice guard
* update types for new device notice page one
* add null check to page one
* types
* types for page one, page two, service, and guard
* types
* update component and guard for null check
* add navigation to two step login btn and account email btn
* remove empty file
* update fill of icons to support light & dark modes
* add question mark to email access verification copy
* remove unused map
* use links for navigation elements
- an empty href is needed so the links are keyboard accessible
* remove clip path from exclamation svg
- No noticeable difference in the end result
* inline email message into markup
---------
Co-authored-by: Nick Krantz <nick@livefront.com>
* Adding more test cases
* Removing unnecessary file
* Test cases update
* Adding the fixme for strict types
* moving the fixme
* add risk insight data service and wire up components to it
* hook up all applications to risk insights report service. add loading state
* link up remaining props to risk insight report
* wire up children to risk insight data service
* add missing copy. remove loading state from risk insights
* fix types
* fix DI issue
* remove @Injectable from RiskInsightsDataService
---------
Co-authored-by: Tom <ttalty@bitwarden.com>
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
* use organization properties for access permissions
* clean up refactor
* simplify logic
* refactor canAccessIntegrationEditor to have all the permission checks
This PR fixes a bug in the LockComponent refresh that affected the setup/save and use passkey flows. The user was wrongly directly to the /vault after unlock instead of to /fido2 (the passkey screen).
Feature Flag: ExtensionRefresh ON
This needs to be done, because Firefox compares the keys case-insensitive when a release is uploaded to the store.
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Consolidates existing SSO components into a single unified component in
libs/auth, matching the new design system. This implementation:
- Creates a new shared SsoComponent with extracted business logic
- Adds feature flag support for unauth-ui-refresh
- Updates page styling including new icons and typography
- Preserves web client claimed domain logic
- Maintains backwards compatibility with legacy views
PM-8114
---------
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* Add the on trial payment option on new UI
* Rename variables correctly
* Resolve the isTrialPaymentOptional and use observable
* use firstValueFrom and remove subscribe
* Resolve the selected plantype
* Changes for free Org
* [deps] Platform: Update electron to v33
* fix: remove event from minimize
* chore: update electron version in `electron-builder.json`
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
* refactor: update domain verification terminology to claimed domains
* feat: add description for claimed domains in domain verification
* Add informational link to claimed domains description in domain verification component
* Update domain verification references to claimed domains in organization layout and SSO component
* Add validation message for invalid domain name format in domain verification
* Add domain claim messages and descriptions to localization files
* Update domain verification navigation text based on feature flag
* Update domain verification dialog to support account deprovisioning feature flag
* Update domain verification component to support account deprovisioning feature flag
* Refactor domain verification dialog to use synchronous feature flag for account deprovisioning
* Refactor domain verification routing to resolve title based on account deprovisioning feature flag
* Update SSO component to conditionally display domain verification link based on account deprovisioning feature flag
* Update event service to conditionally display domain verification messages based on account deprovisioning feature flag
* Update domain verification warning message
* Refactor domain verification navigation text handling based on account deprovisioning feature flag
* Refactor domain verification dialog to use observable for account deprovisioning feature flag
* Refactor domain verification component to use observable for account deprovisioning feature flag
* Fix double prompt when unlocking by ssh request
* Add peercred for unix
* Enable apple-app-store feature
* Add generic parameter
* Update
* Add procinfo for windows
* Show connecting app in ui
* Use struct instead of tuple
* Use atomics instead of mutex
* Fix windows build
* Use is_running function
* Cleanup named pipe listener
* Cleanups
* Cargo fmt
* Replace "" with none
* Rebuild index.d.ts
* Fix is running check
* Add proxy support for file downloads
Instead of using node's native fetch we extend ApiService with NodeApiService to add support for proxies using `node-fetch`
* Add comments to the DownloadCommand
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add proxy support for file uploads
Instead of using node's native fetch we extend ApiService with NodeApiService to add support for proxies using `node-fetch`
* Fix constructors for FileUploadService in browser
* Fix dependency on ApiService within jslib-services.module
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Use typescript-strict-plugin to iteratively turn on strict
* Add strict testing to pipeline
Can be executed locally through either `npm run test:types` for full type checking including spec files, or `npx tsc-strict` for only tsconfig.json included files.
* turn on strict for scripts directory
* Use plugin for all tsconfigs in monorepo
vscode is capable of executing tsc with plugins, but uses the most relevant tsconfig to do so. If the plugin is not a part of that config, it is skipped and developers get no feedback of strict compile time issues. These updates remedy that at the cost of slightly more complex removal of the plugin when the time comes.
* remove plugin from configs that extend one that already has it
* Update workspace settings to honor strict plugin
* Apply strict-plugin to native message test runner
* Update vscode workspace to use root tsc version
* `./node_modules/.bin/update-strict-comments` 🤖
This is a one-time operation. All future files should adhere to strict type checking.
* Add fixme to `ts-strict-ignore` comments
* `update-strict-comments` 🤖
repeated for new merge files
* feat: scaffold desktop_objc
* feat: rename fido2 to autofill
* feat: scaffold electron autofill
* feat: auto call hello world on init
* feat: scaffold call to basic objc function
* feat: simple log that checks if autofill is enabled
* feat: adding some availability guards
* feat: scaffold services and allow calls from inspector
* feat: create custom type for returning strings across rust/objc boundary
* chore: clean up comments
* feat: enable ARC
* feat: add util function `c_string_to_nsstring`
* chore: refactor and rename to `run_command`
* feat: add try-catch around command execution
* feat: properly implement command calling
Add static typing. Add proper error handling.
* feat: add autoreleasepool to avoid memory leaks
* chore: change objc names to camelCase
* fix: error returning
* feat: extract some helper functions into utils class
* feat: scaffold status command
* feat: implement status command
* feat: implement password credential mapping
* wip: implement sync command
This crashes because we are not properly handling the fact that `saveCredentialIdentities` uses callbacks, resulting in a race condition where we try to access a variable (result) that has already gotten dealloc'd.
* feat: first version of callback
* feat: make run_command async
* feat: functioning callback returns
* chore: refactor to make objc code easier to read and use
* feat: refactor everything to use new callback return method
* feat: re-implement status command with callback
* fix: warning about CommandContext not being FFI-safe
* feat: implement sync command using callbacks
* feat: implement manual password credential sync
* feat: add auto syncing
* docs: add todo
* feat: add support for passkeys
* chore: move desktop autofill service to init service
* feat: auto-add all .m files to builder
* fix: native build on unix and windows
* fix: unused compiler warnings
* fix: napi type exports
* feat: add corresponding dist command
* feat: comment signing profile until we fix signing
* fix: build breaking on non-macOS platforms
* chore: cargo lock update
* chore: revert accidental version change
* feat: put sync behind feature flag
* chore: put files in autofill folder
* fix: obj-c code not recompiling on changes
* feat: add `namespace` to commands
* fix: linting complaining about flag
* feat: add autofill as owner of their objc code
* chore: make autofill owner of run_command in core crate
* fix: re-add napi annotation
* fix: remove dev bypass
* [PM-15559] Update admin dialog flows to first try the local state before using the API when not required
* [PM-15559] Clear initial values after creating a new cipher so that they do not override the newly created cipher for subsequent edits
On `/update-temp-password`, on the light theme the "Logout" link was not showing in the upper-left corner because the text color for an `a` link is our primary blue color, which blended in with the headers background color. This PR changes the logout `a` link to a `button` so that it inherits the header text color. It should be a button anyway since it's calling a function and not simply routing.
* Added conditional to check if a cipher can be delete by user
* Added change detection on push
* Added directive to check if user can delete a cipher
* Added directive to check if user can delete a cipher
* Replaced check with directive
* removed takeUntilDestroyed
* Switch to oo7 and drop libsecret
* Fix tests
* Fix windows
* Fix windows
* Fix windows
* Fix windows
* Add migration
* Update apps/desktop/desktop_native/core/src/password/unix.rs
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
* Remove libsecret in ci
* Move allow async to trait level
* Fix comment
* Pin oo7 dependency
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
Add timeout state management for two-factor authentication flows in web, desktop,
and browser extension clients. Includes:
- New timeout screen component with 5-minute session limit
- Updated UI elements and styling
- Comprehensive test coverage
Refs: PM-13659
* Remove bitItem and use plain bitLink button for opening generator history
* Revert desktop back to use bitItem
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* updating new menus to allow tab + enter to submit the link/button
* Updating New actions to use button instead of a for accessibiity purposes
* refactor
* refactor
* test fix
* fixes
* fixing tests
* fixing test
* fixing tests
---------
Co-authored-by: --global <>
* Force unlock when keys are cleared / on first unlock and fix account switching behavior
* Make comment a doc comment
* Pin russh commit
* Cleanup
* Make list messaging explicit
* Add account switching error handling for ssh agent
* Add account switching error handling for ssh agent
* Cleanup
* Changes for web impact by the policy
* Changes to address PR comments
* refactoring changes from pr comments
* Resolve the complex conditionals comment
* resolve the complex conditionals comment
* Resolve the pr comments on user layout
* revert on wanted change
* Refactor and move logic and template into its own component
* Move to a folder owned by the Billing team
* add check for extension prefixes in the three major browsers.
- Firefox does not throw an error or receive the message. Adding checks for Safari and Chrome for safety if this functionality were to change.
* remove unneeded mock rejection
* move prefixes to dedicated array
* refactor protocol check to its own variable
* Add changes for enabled policy
* Remove unused property
* Refactor the changes
* remove duplicated across multiple components
* Add some test and documentations to service
* Correct the comment free family sponsorship for isExemptFromPolicy
