Thomas Rittson
386903f5a9
[Key Connector] QA fixes for CLI and Desktop ( #544 )
...
* Make UserVerificationService compatible with CLI
* Refactor error handling
* Fix i18n key name
* Add apiUseKeyConnector flag to TokenResponse
* Always require keyConnectorUrl to be passed in
* Throw errors in userVerificationService
* Use requestOTP in UserVerificationService
* Remove unused deps
* Fix linting
2021-11-16 07:53:57 +10:00
Thomas Rittson
06c9df97ad
Update Safari importer to be Safari and macOS importer ( #550 )
...
* Rename Safari importer to Safari and macOS
* Order featured import options alphabetically
2021-11-15 19:49:19 +10:00
Thomas Rittson
e02e663ce1
[Linked Fields] Fix QA feedback ( #542 )
...
* Fix bug overwriting custom field types
* Add linkedId to export model for CLI
2021-11-12 05:59:01 +10:00
Kyle Spearrin
b99103d3f7
validate path for directory traversal ( #540 )
...
* validate path for directory traversal
* use previously constructed requestUrl
2021-11-10 15:13:13 -05:00
Kyle Spearrin
1b4a5508bd
Revert "clean api url paths from directory traversal ( #539 )"
...
This reverts commit ea29f580a5
.
2021-11-10 13:37:31 -05:00
Kyle Spearrin
ea29f580a5
clean api url paths from directory traversal ( #539 )
2021-11-09 15:37:58 -05:00
Kyle Spearrin
c4fb4a35ab
don't allow @ character in uriString prefixing ( #538 )
2021-11-09 11:16:40 -05:00
Oscar Hinton
8f177e2d3a
Add support for requesting and using otp for verifying some requests ( #527 )
...
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 17:01:22 +01:00
Thomas Rittson
dbda39e10f
Add Linked Field as custom field type ( #431 )
...
* Basic proof of concept of Linked custom fields
* Linked Fields for all cipher types, use dropdown
* Move linkedFieldOptions to view models
* Move add-edit custom fields to own component
* Fix change handling if cipherType changes
* Use Field.LinkedId to store linked field info
* Refactor accessors in cipherView for type safety
* Use map for linkedFieldOptions
* Refactor: use decorators to record linkable info
* Add ItemView
* Use enums for linked field ids
* Add union type for linkedId enums, add jsdoc comment
* Use parameter properties for linkedFieldOption
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Fix type casting
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2021-11-03 08:03:37 +10:00
Matt Gibson
e90cc40f68
Allow managers to create collections ( #530 )
2021-10-27 13:06:27 -05:00
pan93412
257de6517c
feat: add an importer for Safari (CSV) ( #512 )
...
* feat(importers/safariCsvImporter): add the importer for Safari (CSV)
* Revert changes to package-lock.json
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-10-26 17:00:03 +10:00
Oscar Hinton
71f8ef601f
Add support for crypto agent ( #520 )
2021-10-25 18:21:40 +02:00
Matt Gibson
815b436f7c
Fix Typo. Collection create has full view access ( #523 )
2021-10-20 10:31:25 -05:00
Oscar Hinton
f09fb69882
Remove empty catch blocks, and update tslint rule ( #513 )
2021-10-19 10:32:14 +02:00
Oscar Hinton
14a60773cc
Add logic for fetching organization policies if the user has access through a provider ( #519 )
2021-10-14 09:33:46 +02:00
Oscar Hinton
e3ab324d59
Fix OrganizationSsoResponse not behaving correctly in production ( #515 )
2021-10-12 13:57:08 +02:00
Oscar Hinton
764dc40b36
Change policyAppliesToUser to behave differently for MaximumVaultTimeout ( #514 )
2021-10-11 18:35:06 +02:00
Oscar Hinton
bfa9a1e1bc
Remove Business Portal, add SSO configuration models ( #506 )
2021-10-06 19:36:20 +02:00
Matt Gibson
562e1fe459
Feature/split manage collections permission ( #504 )
...
* Split manage collections permissions
* Convert camel to pascal case for element id -> name
2021-10-01 07:50:30 -05:00
Thomas Rittson
ce71c0c0bd
Add theme enums and platformUtilsService helper ( #497 )
...
* Use enum for themes, add getEffectiveTheme
* Update electron and cli to use theme refactor
2021-09-30 06:37:36 +10:00
Oscar Hinton
206ef610d0
Bump signalr to 5.0.10 ( #502 )
2021-09-28 15:47:19 +02:00
Vincent Salucci
16e998e664
[Reset Password v1] Refactor ForcePasswordReset into AuthResult ( #481 )
2021-09-17 10:53:50 -05:00
Matt Gibson
5cec31f871
Organization autoscaling ( #487 )
...
* Seat autoscaling api changes
* Update all organization subscription
aspects with one api call
* Remove disable autoscale option
* Remove autoscale request references
* Remove autoscale update
2021-09-17 10:20:48 -05:00
Oscar Hinton
83548a6753
Remove deprecated index.ts ( #490 )
...
* Remove deprecated index.ts
* Update tests
2021-09-17 14:57:31 +02:00
Dane Powell
da6fde4b15
Add constants for biometrics auto-prompt option ( #483 )
...
* Add constants for biometrics auto-prompt option
* rename constant
Co-authored-by: Michael Cho <mcho@tutanota.com>
2021-09-16 21:00:13 +02:00
Vincent Salucci
da132217da
[SSO Auto Enroll] Auto Enroll status retrieval ( #486 )
...
* [SSO Auto Enroll] Auto Enroll status retrieval
* Fixed import order
* Updated object property
2021-09-15 12:54:44 -05:00
Oscar Hinton
ee1ea922a9
Disable Private Vault Export Policy ( #482 )
2021-09-14 16:32:06 +02:00
Oscar Hinton
32774561f3
Add MaximumVaultTimeout policy type ( #480 )
2021-09-09 17:05:40 +02:00
Thomas Rittson
5f64d95652
Fixes and cleanup for policyAppliesToUser ( #476 )
...
* Fix canManagePolicies logic to include providers
* Move new logic to isOwner (same as server)
* Refactor policyAppliesToUser
* Use const instead of var
* Fix linting
2021-09-09 07:34:27 +10:00
Oscar Hinton
bbe8d3df48
Revert "Vault Timeout Policy ( #474 )" ( #479 )
...
This reverts commit bba2812fdd
.
2021-09-08 23:06:42 +02:00
Oscar Hinton
bba2812fdd
Vault Timeout Policy ( #474 )
2021-09-08 22:02:19 +02:00
Joseph Flinn
5784a6d4fc
Adding a PayPalConfig environment type ( #478 )
...
* Adding a PayPalConfig environment type for the web vault
* Adding missing semicolon
2021-09-08 12:34:23 -07:00
Vincent Salucci
ef743ea8ca
[SSO] Set password auto enroll update ( #472 )
...
* [SSO/Auto Enroll] Set Password enrolls new user
* Fixed typo
* Linter updates
* Cleanup // Constructor for SetPasswordRequest
2021-09-03 14:49:03 -05:00
Thomas Rittson
6c9485596c
Add event type for ResetSsoLink ( #475 )
2021-09-03 09:59:22 -04:00
Thomas Rittson
30419a625f
Move policy checks within policyService ( #466 )
...
* Move policy logic within policyService
* Remove unneeded import
* Clean up unused code
* Fix linting
* Enforce policies from accepting org invite
* Only exempt owner or admin from policies
* Use canManagePolicies as exemption criteria
* Make orgUser status check more semantic
Co-authored-by: Addison Beck <abeck@bitwarden.com>
Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-08-31 06:52:57 +10:00
Oscar Hinton
daa4f6f9a6
Dynamic Modals ( #417 )
...
* Move backdrop and click handler to modal service since they should not be used in web
* Add support for opening modals using ViewContainerRef
2021-08-26 10:04:29 +02:00
Thomas Rittson
358260596b
Add null check to electronStorageService.Save ( #461 )
...
* Add default value for ForcePasswordReset
* Add null check to electronStorageService instead
* Add default value to ForcePasswordReset
* Update electron/src/services/electronStorage.service.ts
* Fix indention issue from GH suggestion
Co-authored-by: Oscar Hinton <oscar@oscarhinton.com>
2021-08-20 16:01:50 +02:00
Oscar Hinton
f1f5d1a7f2
Revert WebAuthn iFrame handler ( #462 )
2021-08-20 14:46:02 +02:00
Daniel James Smith
309ea8ca9d
Add missing locale entry for AZ language ( #459 )
2021-08-19 22:43:28 +02:00
Matt Gibson
1f0127966e
Generalize token refreshing to include reauth by api key ( #456 )
2021-08-13 08:28:03 -05:00
Matt Gibson
0180d0cce5
Provide information to set webauthn allow in html template ( #455 )
2021-08-12 15:12:31 -05:00
Matt Gibson
c5f236c2e4
Use apikey client secret as captcha validation ( #454 )
...
* Use apikey client secret as captcha validation
* Linter fixes
2021-08-12 15:11:26 -05:00
Thomas Rittson
c694591e4c
Use UrlB64 encoding for auth-email header ( #450 )
2021-08-11 06:33:15 +10:00
Vincent Salucci
c2e434e333
[Reset Password v1] Update Temp Password ( #446 )
...
* [Reset Password v1] Update Temp Password
* Updating router to protected for child classes to access
2021-08-10 08:02:53 -04:00
Matt Gibson
027747246c
Add event type for provider accessing client vault ( #448 )
2021-08-05 07:50:56 -05:00
Matt Gibson
65c998dd0d
Iterate over enum values ( #445 )
2021-07-30 13:57:42 -05:00
Matt Gibson
fdf0eb989b
Provide owner with Provider client org create requst ( #444 )
2021-07-30 08:11:12 -05:00
Matt Gibson
db2e2f1977
Correct ProviderOrgCreate return type ( #442 )
2021-07-29 07:43:38 -05:00
Matt Gibson
ecdd08624f
Feature/cli fail login on captcha request ( #439 )
...
* Fail CLI login if captcha is required by the server.
* Linter fixes
2021-07-23 14:27:48 -05:00
Oscar Hinton
e1ce721364
[Provider] Refresh identity token on full sync ( #437 )
2021-07-23 20:05:34 +02:00
Oscar Hinton
de288913e4
Add helper methods to EnvironmentService for retrieving urls ( #435 )
2021-07-23 20:03:52 +02:00
Matt Gibson
e9d9cd0182
Feature/use hcaptcha on register if bot ( #434 )
...
* Parse captcha required from error messages
CaptchaProtectedAttribute produces an error with captcha information.
We want to parse that data out to make it easily accessible to components
* Don't show error on catpcha
The component should hande this situation.
* Add captchaResponse to captcha protected api endpoints
* Extract captcha logic to abstract base class
* Add captcha to register
* linter fixes
* Make sure to log Captcha required responses
* Match file naming convention
* Separate import into logical groups by folder
* PR review
2021-07-22 12:28:45 -05:00
Matt Gibson
ea0c8267d4
Rename captcha bypass token ( #433 )
2021-07-21 13:35:15 -05:00
Oscar Hinton
8bf0f75d9e
[Provider] ProviderOrganization events ( #432 )
2021-07-21 19:40:52 +02:00
Matt Gibson
1006f50ef3
Feature/use hcaptcha if bot ( #430 )
...
* Handle hcaptch required identity response
* Refactor iframe component for captcha and webauthn
* Send captcha token to server
* Add captcha callback
* Clear captcha state
* Remove captcha storage
* linter fixes
* Rename iframe components to include IFrame
* Remove callback in favor of extenting submit
* Limit publickey credentials access
* Use captcha bypass token to bypass captcha for twofactor auth flows
* Linter fixes
* Set iframe version in components
2021-07-21 07:55:26 -05:00
Thomas Rittson
00acbce556
Add models to update send.key with account key ( #418 )
2021-07-19 07:33:19 +10:00
Oscar Hinton
9f0ca7e4d2
[Provider] Add initial support for providers ( #399 )
2021-07-15 15:07:38 +02:00
Oscar Hinton
75fff66f98
Move regexpEmojiPresentation to Utils class ( #426 )
2021-07-08 16:40:10 +02:00
Thomas Rittson
119699b82c
Fix fingerprint phrases in bulk confirm modal ( #425 )
2021-07-07 20:08:52 +10:00
Oscar Hinton
d10d40697c
Set reprompt to None if null ( #422 )
2021-07-02 20:53:14 +02:00
Thomas Rittson
9ee31ad2fb
Improve URL parsing ( #411 )
...
* Check hostname is valid in getDomain
* fix linting
* Update noop implementation
* Fix tests
* Fix tests
2021-06-23 06:00:14 +10:00
Matt Gibson
18bf616e2e
Correct typo ( #416 )
2021-06-22 07:10:47 -05:00
Matt Gibson
78ae9383fb
Persist API key creds for token refresh. ( #414 )
...
* Persist API key creds for token refresh.
* Linter fixes
2021-06-21 17:48:06 -05:00
Matt Gibson
5e24a70a87
Vault should be locked if key is not in memory ( #413 )
...
Key is loaded on startup if auto key exists.
2021-06-21 17:47:44 -05:00
Matt Gibson
1f83c3c1ba
Fix separate key storage for non desktop ( #409 )
...
* Handle non-desktop, non-split key storage
* Reset vaultTimeoutService on clear.
Fixes issues where unlock was required after login
* Specify electron as desktop client
* Use ElelectronCryptoService to handle desktop-specific tasks
* Linter fixes
2021-06-15 09:55:57 -05:00
Thomas Rittson
d63ee1858d
Add backwards compatability for new local hashing method ( #407 )
...
* Add backwards compatability for existing keyHash
* Minor changes for review comments
2021-06-15 07:35:58 +10:00
Matt Gibson
d2ca46b6f5
Add get key from storage for ensuring biometric browser integration ( #408 )
2021-06-14 14:03:13 -05:00
Thomas Rittson
8797924bd1
Use 2 iterations for local password hashing ( #404 )
...
* Use 2 iterations for local password hashing
* fix typo
2021-06-10 07:24:31 +10:00
Matt Gibson
5ba1416679
Authenticate with secure storage service ( #402 )
...
* Split secure key into use case
Allows us to push authentication for key access as late as possible.
* Do not reload if biometric locked
* Linter fixes
* Fix key upgrade scenario
* Fix boolean value message parsing
* Handle systems which don't support biometrics
* Do not fail key retrieval on secret upgrade
* Ensure old key is removed regardless of upgrade success
* Log errors
2021-06-09 15:53:54 -05:00
Oscar Hinton
d7682cde3b
Move nodeCryptoFunction to jslib-node ( #405 )
...
* Move nodeCryptoFunction to jslib-node
* Fix imports
* Fix tests import
2021-06-09 16:59:45 +02:00
Matt Gibson
ea90aea013
Use encrypted filename filename in Cipher attachment upload blob name ( #403 )
...
* Use EncString type to enforce encryption on filename in Cipher attachment upload
* Fix Cipher attachment test
2021-06-08 14:02:08 -05:00
Thomas Rittson
2e16aef6a2
Add Send-Id header for access requests ( #400 )
...
* Add Send-Id header to postSendAccess request
* Add Send Id header to file access requests
* fix linting
2021-06-08 11:50:35 +10:00
Oscar Hinton
1016bbfb9e
Split jslib into multiple modules ( #363 )
...
* Split jslib into multiple modules
2021-06-03 18:58:57 +02:00