bitwarden-estensione-browser/angular/src/components/register.component.ts

import { Directive, OnInit } from '@angular/core';
import { Router } from '@angular/router';

import { KeysRequest } from 'jslib-common/models/request/keysRequest';
import { ReferenceEventRequest } from 'jslib-common/models/request/referenceEventRequest';
import { RegisterRequest } from 'jslib-common/models/request/registerRequest';

import { ApiService } from 'jslib-common/abstractions/api.service';
import { AuthService } from 'jslib-common/abstractions/auth.service';
import { CryptoService } from 'jslib-common/abstractions/crypto.service';
import { EnvironmentService } from 'jslib-common/abstractions/environment.service';
import { I18nService } from 'jslib-common/abstractions/i18n.service';
import { LogService } from 'jslib-common/abstractions/log.service';
import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
import { StateService } from 'jslib-common/abstractions/state.service';

import { KdfType } from 'jslib-common/enums/kdfType';

import { CaptchaProtectedComponent } from './captchaProtected.component';

@Directive()
export class RegisterComponent extends CaptchaProtectedComponent implements OnInit {
    name: string = '';
    email: string = '';
    masterPassword: string = '';
    confirmMasterPassword: string = '';
    hint: string = '';
    showPassword: boolean = false;
    formPromise: Promise<any>;
    masterPasswordScore: number;
    referenceData: ReferenceEventRequest;
    showTerms = true;
    acceptPolicies: boolean = false;

    protected successRoute = 'login';
    private masterPasswordStrengthTimeout: any;

    constructor(protected authService: AuthService, protected router: Router,
        i18nService: I18nService, protected cryptoService: CryptoService,
        protected apiService: ApiService, protected stateService: StateService,
        platformUtilsService: PlatformUtilsService,
        protected passwordGenerationService: PasswordGenerationService, environmentService: EnvironmentService,
        protected logService: LogService) {
        super(environmentService, i18nService, platformUtilsService);
        this.showTerms = !platformUtilsService.isSelfHost();
    }

    async ngOnInit() {
        this.setupCaptcha();
    }

    get masterPasswordScoreWidth() {
        return this.masterPasswordScore == null ? 0 : (this.masterPasswordScore + 1) * 20;
    }

    get masterPasswordScoreColor() {
        switch (this.masterPasswordScore) {
            case 4:
                return 'success';
            case 3:
                return 'primary';
            case 2:
                return 'warning';
            default:
                return 'danger';
        }
    }

    get masterPasswordScoreText() {
        switch (this.masterPasswordScore) {
            case 4:
                return this.i18nService.t('strong');
            case 3:
                return this.i18nService.t('good');
            case 2:
                return this.i18nService.t('weak');
            default:
                return this.masterPasswordScore != null ? this.i18nService.t('weak') : null;
        }
    }

    async submit() {
        if (!this.acceptPolicies && this.showTerms) {
            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('acceptPoliciesError'));
            return;
        }

        if (this.email == null || this.email === '') {
            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('emailRequired'));
            return;
        }
        if (this.email.indexOf('@') === -1) {
            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('invalidEmail'));
            return;
        }
        if (this.masterPassword == null || this.masterPassword === '') {
            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('masterPassRequired'));
            return;
        }
        if (this.masterPassword.length < 8) {
            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('masterPassLength'));
            return;
        }
        if (this.masterPassword !== this.confirmMasterPassword) {
            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
                this.i18nService.t('masterPassDoesntMatch'));
            return;
        }

        const strengthResult = this.passwordGenerationService.passwordStrength(this.masterPassword,
            this.getPasswordStrengthUserInput());
        if (strengthResult != null && strengthResult.score < 3) {
            const result = await this.platformUtilsService.showDialog(this.i18nService.t('weakMasterPasswordDesc'),
                this.i18nService.t('weakMasterPassword'), this.i18nService.t('yes'), this.i18nService.t('no'),
                'warning');
            if (!result) {
                return;
            }
        }

        if (this.hint === this.masterPassword) {
            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'), this.i18nService.t('hintEqualsPassword'));
            return;
        }

        this.name = this.name === '' ? null : this.name;
        this.email = this.email.trim().toLowerCase();
        const kdf = KdfType.PBKDF2_SHA256;
        const useLowerKdf = this.platformUtilsService.isIE();
        const kdfIterations = useLowerKdf ? 10000 : 100000;
        const key = await this.cryptoService.makeKey(this.masterPassword, this.email, kdf, kdfIterations);
        const encKey = await this.cryptoService.makeEncKey(key);
        const hashedPassword = await this.cryptoService.hashPassword(this.masterPassword, key);
        const keys = await this.cryptoService.makeKeyPair(encKey[0]);
        const request = new RegisterRequest(this.email, this.name, hashedPassword,
            this.hint, encKey[1].encryptedString, kdf, kdfIterations, this.referenceData, this.captchaToken);
        request.keys = new KeysRequest(keys[0], keys[1].encryptedString);
        const orgInvite = await this.stateService.get<any>('orgInvitation');
        if (orgInvite != null && orgInvite.token != null && orgInvite.organizationUserId != null) {
            request.token = orgInvite.token;
            request.organizationUserId = orgInvite.organizationUserId;
        }

        try {
            this.formPromise = this.apiService.postRegister(request);
            try {
                await this.formPromise;
            } catch (e) {
                if (this.handleCaptchaRequired(e)) {
                    return;
                } else {
                    throw e;
                }
            }
            this.platformUtilsService.showToast('success', null, this.i18nService.t('newAccountCreated'));
            this.router.navigate([this.successRoute], { queryParams: { email: this.email } });
        } catch (e) {
            this.logService.error(e);
        }
    }

    togglePassword(confirmField: boolean) {
        this.showPassword = !this.showPassword;
        document.getElementById(confirmField ? 'masterPasswordRetype' : 'masterPassword').focus();
    }

    updatePasswordStrength() {
        if (this.masterPasswordStrengthTimeout != null) {
            clearTimeout(this.masterPasswordStrengthTimeout);
        }
        this.masterPasswordStrengthTimeout = setTimeout(() => {
            const strengthResult = this.passwordGenerationService.passwordStrength(this.masterPassword,
                this.getPasswordStrengthUserInput());
            this.masterPasswordScore = strengthResult == null ? null : strengthResult.score;
        }, 300);
    }

    private getPasswordStrengthUserInput() {
        let userInput: string[] = [];
        const atPosition = this.email.indexOf('@');
        if (atPosition > -1) {
            userInput = userInput.concat(this.email.substr(0, atPosition).trim().toLowerCase().split(/[^A-Za-z0-9]/));
        }
        if (this.name != null && this.name !== '') {
            userInput = userInput.concat(this.name.trim().toLowerCase().split(' '));
        }
        return userInput;
    }
}
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`import { Directive, OnInit } from '@angular/core';`
share components with jslib 2018-04-04 15:47:43 +02:00			`import { Router } from '@angular/router';`

Split jslib into multiple modules (#363) * Split jslib into multiple modules 2021-06-03 18:58:57 +02:00			`import { KeysRequest } from 'jslib-common/models/request/keysRequest';`
			`import { ReferenceEventRequest } from 'jslib-common/models/request/referenceEventRequest';`
			`import { RegisterRequest } from 'jslib-common/models/request/registerRequest';`
share components with jslib 2018-04-04 15:47:43 +02:00
Split jslib into multiple modules (#363) * Split jslib into multiple modules 2021-06-03 18:58:57 +02:00			`import { ApiService } from 'jslib-common/abstractions/api.service';`
			`import { AuthService } from 'jslib-common/abstractions/auth.service';`
			`import { CryptoService } from 'jslib-common/abstractions/crypto.service';`
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`import { EnvironmentService } from 'jslib-common/abstractions/environment.service';`
Split jslib into multiple modules (#363) * Split jslib into multiple modules 2021-06-03 18:58:57 +02:00			`import { I18nService } from 'jslib-common/abstractions/i18n.service';`
Remove empty catch blocks, and update tslint rule (#513) 2021-10-19 10:32:14 +02:00			`import { LogService } from 'jslib-common/abstractions/log.service';`
Split jslib into multiple modules (#363) * Split jslib into multiple modules 2021-06-03 18:58:57 +02:00			`import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';`
			`import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';`
			`import { StateService } from 'jslib-common/abstractions/state.service';`
share components with jslib 2018-04-04 15:47:43 +02:00
Split jslib into multiple modules (#363) * Split jslib into multiple modules 2021-06-03 18:58:57 +02:00			`import { KdfType } from 'jslib-common/enums/kdfType';`
support for prelogin kdf info 2018-08-14 21:12:10 +02:00
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`import { CaptchaProtectedComponent } from './captchaProtected.component';`

			`@Directive()`
			`export class RegisterComponent extends CaptchaProtectedComponent implements OnInit {`
generate keypair on registration 2018-07-03 17:41:55 +02:00			`name: string = '';`
share components with jslib 2018-04-04 15:47:43 +02:00			`email: string = '';`
			`masterPassword: string = '';`
			`confirmMasterPassword: string = '';`
			`hint: string = '';`
			`showPassword: boolean = false;`
			`formPromise: Promise<any>;`
password strength function with zxcvbn 2018-11-13 04:54:18 +01:00			`masterPasswordScore: number;`
reference event data model changes 2020-07-20 21:21:01 +02:00			`referenceData: ReferenceEventRequest;`
Added terms/privacy variables & logic (#193) 2020-11-02 19:50:58 +01:00			`showTerms = true;`
			`acceptPolicies: boolean = false;`
share components with jslib 2018-04-04 15:47:43 +02:00
			`protected successRoute = 'login';`
password strength function with zxcvbn 2018-11-13 04:54:18 +01:00			`private masterPasswordStrengthTimeout: any;`
share components with jslib 2018-04-04 15:47:43 +02:00
			`constructor(protected authService: AuthService, protected router: Router,`
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`i18nService: I18nService, protected cryptoService: CryptoService,`
lower kdf iterations for edge/ie since they use less-performant polyfill 2018-10-02 15:20:32 +02:00			`protected apiService: ApiService, protected stateService: StateService,`
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`platformUtilsService: PlatformUtilsService,`
Remove empty catch blocks, and update tslint rule (#513) 2021-10-19 10:32:14 +02:00			`protected passwordGenerationService: PasswordGenerationService, environmentService: EnvironmentService,`
			`protected logService: LogService) {`
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`super(environmentService, i18nService, platformUtilsService);`
Added terms/privacy variables & logic (#193) 2020-11-02 19:50:58 +01:00			`this.showTerms = !platformUtilsService.isSelfHost();`
			`}`
share components with jslib 2018-04-04 15:47:43 +02:00
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`async ngOnInit() {`
			`this.setupCaptcha();`
			`}`

misc score props moved to jslib 2018-11-15 21:27:04 +01:00			`get masterPasswordScoreWidth() {`
			`return this.masterPasswordScore == null ? 0 : (this.masterPasswordScore + 1) * 20;`
			`}`

			`get masterPasswordScoreColor() {`
			`switch (this.masterPasswordScore) {`
			`case 4:`
			`return 'success';`
			`case 3:`
			`return 'primary';`
			`case 2:`
			`return 'warning';`
			`default:`
			`return 'danger';`
			`}`
			`}`

			`get masterPasswordScoreText() {`
			`switch (this.masterPasswordScore) {`
			`case 4:`
			`return this.i18nService.t('strong');`
			`case 3:`
			`return this.i18nService.t('good');`
			`case 2:`
			`return this.i18nService.t('weak');`
			`default:`
			`return this.masterPasswordScore != null ? this.i18nService.t('weak') : null;`
			`}`
			`}`

share components with jslib 2018-04-04 15:47:43 +02:00			`async submit() {`
Added terms/privacy variables & logic (#193) 2020-11-02 19:50:58 +01:00			`if (!this.acceptPolicies && this.showTerms) {`
			`this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),`
			`this.i18nService.t('acceptPoliciesError'));`
			`return;`
			`}`

share components with jslib 2018-04-04 15:47:43 +02:00			`if (this.email == null \|\| this.email === '') {`
refactor toaster to platform showToast 2018-10-03 05:09:19 +02:00			`this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),`
share components with jslib 2018-04-04 15:47:43 +02:00			`this.i18nService.t('emailRequired'));`
			`return;`
			`}`
			`if (this.email.indexOf('@') === -1) {`
refactor toaster to platform showToast 2018-10-03 05:09:19 +02:00			`this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),`
share components with jslib 2018-04-04 15:47:43 +02:00			`this.i18nService.t('invalidEmail'));`
			`return;`
			`}`
			`if (this.masterPassword == null \|\| this.masterPassword === '') {`
refactor toaster to platform showToast 2018-10-03 05:09:19 +02:00			`this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),`
share components with jslib 2018-04-04 15:47:43 +02:00			`this.i18nService.t('masterPassRequired'));`
			`return;`
			`}`
			`if (this.masterPassword.length < 8) {`
refactor toaster to platform showToast 2018-10-03 05:09:19 +02:00			`this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),`
share components with jslib 2018-04-04 15:47:43 +02:00			`this.i18nService.t('masterPassLength'));`
			`return;`
			`}`
			`if (this.masterPassword !== this.confirmMasterPassword) {`
refactor toaster to platform showToast 2018-10-03 05:09:19 +02:00			`this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),`
share components with jslib 2018-04-04 15:47:43 +02:00			`this.i18nService.t('masterPassDoesntMatch'));`
			`return;`
			`}`

getPasswordStrengthUserInput 2018-11-13 05:22:37 +01:00			`const strengthResult = this.passwordGenerationService.passwordStrength(this.masterPassword,`
			`this.getPasswordStrengthUserInput());`
password strength function with zxcvbn 2018-11-13 04:54:18 +01:00			`if (strengthResult != null && strengthResult.score < 3) {`
			`const result = await this.platformUtilsService.showDialog(this.i18nService.t('weakMasterPasswordDesc'),`
			`this.i18nService.t('weakMasterPassword'), this.i18nService.t('yes'), this.i18nService.t('no'),`
			`'warning');`
			`if (!result) {`
			`return;`
			`}`
			`}`

Add verification for password hint - the hint should not equal the password for security reasons (#194) 2020-12-15 22:04:48 +01:00			`if (this.hint === this.masterPassword) {`
			`this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'), this.i18nService.t('hintEqualsPassword'));`
			`return;`
			`}`

normalize name and email on registration 2018-11-28 14:54:15 +01:00			`this.name = this.name === '' ? null : this.name;`
			`this.email = this.email.trim().toLowerCase();`
rename all to PBKDF2_SHA256 2018-08-28 01:58:49 +02:00			`const kdf = KdfType.PBKDF2_SHA256;`
remove old Edge browser hacks (#168) * remove old Edge browser hacks * Remove final edge hacks * Update constructor parameters * Update search-ciphers.pipe.ts Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> 2020-09-15 16:23:21 +02:00			`const useLowerKdf = this.platformUtilsService.isIE();`
lower kdf iterations for edge/ie since they use less-performant polyfill 2018-10-02 15:20:32 +02:00			`const kdfIterations = useLowerKdf ? 10000 : 100000;`
support for prelogin kdf info 2018-08-14 21:12:10 +02:00			`const key = await this.cryptoService.makeKey(this.masterPassword, this.email, kdf, kdfIterations);`
generate keypair on registration 2018-07-03 17:41:55 +02:00			`const encKey = await this.cryptoService.makeEncKey(key);`
			`const hashedPassword = await this.cryptoService.hashPassword(this.masterPassword, key);`
			`const keys = await this.cryptoService.makeKeyPair(encKey[0]);`
			`const request = new RegisterRequest(this.email, this.name, hashedPassword,`
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`this.hint, encKey[1].encryptedString, kdf, kdfIterations, this.referenceData, this.captchaToken);`
make keypair on login if missing 2018-07-03 18:06:01 +02:00			`request.keys = new KeysRequest(keys[0], keys[1].encryptedString);`
add org invite token to registration if present 2018-07-13 17:06:44 +02:00			`const orgInvite = await this.stateService.get<any>('orgInvitation');`
			`if (orgInvite != null && orgInvite.token != null && orgInvite.organizationUserId != null) {`
			`request.token = orgInvite.token;`
			`request.organizationUserId = orgInvite.organizationUserId;`
			`}`
generate keypair on registration 2018-07-03 17:41:55 +02:00
share components with jslib 2018-04-04 15:47:43 +02:00			`try {`
generate keypair on registration 2018-07-03 17:41:55 +02:00			`this.formPromise = this.apiService.postRegister(request);`
Feature/use hcaptcha on register if bot (#434) * Parse captcha required from error messages CaptchaProtectedAttribute produces an error with captcha information. We want to parse that data out to make it easily accessible to components * Don't show error on catpcha The component should hande this situation. * Add captchaResponse to captcha protected api endpoints * Extract captcha logic to abstract base class * Add captcha to register * linter fixes * Make sure to log Captcha required responses * Match file naming convention * Separate import into logical groups by folder * PR review 2021-07-22 19:28:45 +02:00			`try {`
			`await this.formPromise;`
			`} catch (e) {`
			`if (this.handleCaptchaRequired(e)) {`
			`return;`
			`} else {`
			`throw e;`
			`}`
			`}`
refactor toaster to platform showToast 2018-10-03 05:09:19 +02:00			`this.platformUtilsService.showToast('success', null, this.i18nService.t('newAccountCreated'));`
pass email param on login/register 2018-07-13 16:44:47 +02:00			`this.router.navigate([this.successRoute], { queryParams: { email: this.email } });`
Remove empty catch blocks, and update tslint rule (#513) 2021-10-19 10:32:14 +02:00			`} catch (e) {`
			`this.logService.error(e);`
			`}`
share components with jslib 2018-04-04 15:47:43 +02:00			`}`

			`togglePassword(confirmField: boolean) {`
			`this.showPassword = !this.showPassword;`
			`document.getElementById(confirmField ? 'masterPasswordRetype' : 'masterPassword').focus();`
			`}`
password strength function with zxcvbn 2018-11-13 04:54:18 +01:00
			`updatePasswordStrength() {`
			`if (this.masterPasswordStrengthTimeout != null) {`
			`clearTimeout(this.masterPasswordStrengthTimeout);`
			`}`
			`this.masterPasswordStrengthTimeout = setTimeout(() => {`
getPasswordStrengthUserInput 2018-11-13 05:22:37 +01:00			`const strengthResult = this.passwordGenerationService.passwordStrength(this.masterPassword,`
			`this.getPasswordStrengthUserInput());`
password strength function with zxcvbn 2018-11-13 04:54:18 +01:00			`this.masterPasswordScore = strengthResult == null ? null : strengthResult.score;`
			`}, 300);`
			`}`
getPasswordStrengthUserInput 2018-11-13 05:22:37 +01:00
			`private getPasswordStrengthUserInput() {`
			`let userInput: string[] = [];`
			`const atPosition = this.email.indexOf('@');`
			`if (atPosition > -1) {`
			`userInput = userInput.concat(this.email.substr(0, atPosition).trim().toLowerCase().split(/[^A-Za-z0-9]/));`
			`}`
			`if (this.name != null && this.name !== '') {`
			`userInput = userInput.concat(this.name.trim().toLowerCase().split(' '));`
			`}`
			`return userInput;`
			`}`
share components with jslib 2018-04-04 15:47:43 +02:00			`}`