diff --git a/src/background/main.background.ts b/src/background/main.background.ts index 0191cdd3e1..bbd455a52c 100644 --- a/src/background/main.background.ts +++ b/src/background/main.background.ts @@ -78,6 +78,7 @@ import BrowserMessagingService from '../services/browserMessaging.service'; import BrowserPlatformUtilsService from '../services/browserPlatformUtils.service'; import BrowserStorageService from '../services/browserStorage.service'; import I18nService from '../services/i18n.service'; +import { PopupUtilsService } from '../popup/services/popup-utils.service'; import { AutofillService as AutofillServiceAbstraction } from '../services/abstractions/autofill.service'; @@ -114,6 +115,7 @@ export default class MainBackground { eventService: EventServiceAbstraction; policyService: PolicyServiceAbstraction; analytics: Analytics; + popupUtilsService: PopupUtilsService; onUpdatedRan: boolean; onReplacedRan: boolean; @@ -200,6 +202,7 @@ export default class MainBackground { this.notificationsService); this.analytics = new Analytics(window, () => BrowserApi.gaFilter(), this.platformUtilsService, this.storageService, this.appIdService); + this.popupUtilsService = new PopupUtilsService(this.platformUtilsService); this.systemService = new SystemService(this.storageService, this.vaultTimeoutService, this.messagingService, this.platformUtilsService, () => { const forceWindowReload = this.platformUtilsService.isSafari() || @@ -217,7 +220,7 @@ export default class MainBackground { this.runtimeBackground = new RuntimeBackground(this, this.autofillService, this.cipherService, this.platformUtilsService as BrowserPlatformUtilsService, this.storageService, this.i18nService, this.analytics, this.notificationsService, this.systemService, this.vaultTimeoutService, this.syncService, - this.authService, this.stateService, this.environmentService); + this.authService, this.stateService, this.environmentService, this.popupUtilsService); this.commandsBackground = new CommandsBackground(this, this.passwordGenerationService, this.platformUtilsService, this.analytics, this.vaultTimeoutService); diff --git a/src/background/runtime.background.ts b/src/background/runtime.background.ts index f4ef117090..ecb0aa3955 100644 --- a/src/background/runtime.background.ts +++ b/src/background/runtime.background.ts @@ -13,6 +13,7 @@ import { ConstantsService } from 'jslib/services/constants.service'; import { EnvironmentService } from 'jslib/abstractions/environment.service'; import { I18nService } from 'jslib/abstractions/i18n.service'; import { NotificationsService } from 'jslib/abstractions/notifications.service'; +import { PopupUtilsService } from '../popup/services/popup-utils.service'; import { StateService } from 'jslib/abstractions/state.service'; import { StorageService } from 'jslib/abstractions/storage.service'; import { SyncService } from 'jslib/abstractions/sync.service'; @@ -33,19 +34,13 @@ export default class RuntimeBackground { private isSafari: boolean; private onInstalledReason: string = null; - formPromise: Promise; - onSuccessfulLoginNavigate: () => Promise; - onSuccessfulLoginTwoFactorNavigate: () => Promise; - loggingIn = false; - private redirectUri = 'https://localhost:8080/sso-connector.html'; - constructor(private main: MainBackground, private autofillService: AutofillService, private cipherService: CipherService, private platformUtilsService: BrowserPlatformUtilsService, private storageService: StorageService, private i18nService: I18nService, private analytics: Analytics, private notificationsService: NotificationsService, private systemService: SystemService, private vaultTimeoutService: VaultTimeoutService, private syncService: SyncService, private authService: AuthService, private stateService: StateService, - private environmentService: EnvironmentService) { + private environmentService: EnvironmentService, private popupUtilsService : PopupUtilsService) { this.isSafari = this.platformUtilsService.isSafari(); this.runtime = this.isSafari ? {} : chrome.runtime; @@ -62,7 +57,6 @@ export default class RuntimeBackground { var vaultUrl = environmentService.webVaultUrl; if(!vaultUrl) { vaultUrl = 'https://vault.bitwarden.com'; - // vaultUrl = 'https://localhost:8080'; } if(!request.referrer) { @@ -75,34 +69,13 @@ export default class RuntimeBackground { if (request.type == "AUTH_RESULT") { try { - this.initiateLogIn(request.code, request.codeVerifier); + popupUtilsService.ProcessSso(request.code, request.state); } - catch { } + catch (error) { } } }); } - async initiateLogIn(code: string, codeVerifier: string) { - this.loggingIn = true; - try { - this.formPromise = this.authService.logInSso(code, codeVerifier, this.redirectUri); - const response = await this.formPromise; - - if (response) { - this.syncService.fullSync(true); - this.main.openPopup(); - - var sidebarName : string = this.platformUtilsService.sidebarViewName(); - var sidebarWindows = chrome.extension.getViews({ type: sidebarName }); - if(sidebarWindows && sidebarWindows.length > 0) { - sidebarWindows[0].location.reload(); - } - } - } catch(error) { } - - this.loggingIn = false; - } - async init() { if (!this.runtime) { return; diff --git a/src/content/sso.ts b/src/content/sso.ts index 7c71aa14ee..70ebd0ec22 100644 --- a/src/content/sso.ts +++ b/src/content/sso.ts @@ -6,7 +6,7 @@ window.addEventListener("message", function(event) { chrome.runtime.sendMessage({ type: event.data.type, code: event.data.code, - codeVerifier: event.data.codeVerifier, + state: event.data.state, referrer: event.source.location.hostname }); } diff --git a/src/popup/accounts/home.component.ts b/src/popup/accounts/home.component.ts index eec60dedca..c1504b313a 100644 --- a/src/popup/accounts/home.component.ts +++ b/src/popup/accounts/home.component.ts @@ -32,25 +32,24 @@ export class HomeComponent { special: false, }; - const state = await this.passwordGenerationService.generatePassword(passwordOptions); + const state = (await this.passwordGenerationService.generatePassword(passwordOptions)) + ':clientId=browser'; let codeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions); const codeVerifierHash = await this.cryptoFunctionService.hash(codeVerifier, 'sha256'); const codeChallenge = Utils.fromBufferToUrlB64(codeVerifierHash); await this.storageService.save(ConstantsService.ssoCodeVerifierKey, codeVerifier); await this.storageService.save(ConstantsService.ssoStateKey, state); - await this.storageService.save(ConstantsService.ssoClientId, ConstantsService.webClientId); let url = this.environmentService.getWebVaultUrl(); if (url == null) { url = 'https://vault.bitwarden.com'; } - const ssoRedirectUri = url + '/sso-connector.html'; + const redirectUri = url + '/sso-connector.html'; // Launch browser - this.platformUtilsService.launchUri(url + '/#/sso?clientId=' + ConstantsService.webClientId + - '&redirectUri=' + encodeURIComponent(ssoRedirectUri) + + window.open(url + '/#/sso?clientId=browser' + + '&redirectUri=' + encodeURIComponent(redirectUri) + '&state=' + state + '&codeChallenge=' + codeChallenge); } } diff --git a/src/popup/accounts/login.component.ts b/src/popup/accounts/login.component.ts index e0f6cd93c8..66873e538c 100644 --- a/src/popup/accounts/login.component.ts +++ b/src/popup/accounts/login.component.ts @@ -2,7 +2,10 @@ import { Component } from '@angular/core'; import { Router } from '@angular/router'; import { AuthService } from 'jslib/abstractions/auth.service'; +import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service'; +import { EnvironmentService } from 'jslib/abstractions/environment.service'; import { I18nService } from 'jslib/abstractions/i18n.service'; +import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service'; import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service'; import { StateService } from 'jslib/abstractions/state.service'; import { StorageService } from 'jslib/abstractions/storage.service'; @@ -16,10 +19,12 @@ import { LoginComponent as BaseLoginComponent } from 'jslib/angular/components/l }) export class LoginComponent extends BaseLoginComponent { constructor(authService: AuthService, router: Router, - platformUtilsService: PlatformUtilsService, i18nService: I18nService, - syncService: SyncService, storageService: StorageService, - stateService: StateService) { - super(authService, router, platformUtilsService, i18nService, storageService, stateService); + protected platformUtilsService: PlatformUtilsService, protected i18nService: I18nService, + protected stateService: StateService, protected environmentService: EnvironmentService, + protected passwordGenerationService: PasswordGenerationService, + protected cryptoFunctionService: CryptoFunctionService, + storageService: StorageService, syncService : SyncService) { + super(authService, router, platformUtilsService, i18nService, stateService, environmentService, passwordGenerationService, cryptoFunctionService, storageService); super.onSuccessfulLogin = () => { return syncService.fullSync(true); }; diff --git a/src/popup/accounts/sso.component.html b/src/popup/accounts/sso.component.html new file mode 100644 index 0000000000..e69de29bb2 diff --git a/src/popup/accounts/sso.component.ts b/src/popup/accounts/sso.component.ts new file mode 100644 index 0000000000..1a0e4a83c6 --- /dev/null +++ b/src/popup/accounts/sso.component.ts @@ -0,0 +1,60 @@ +import { Component } from '@angular/core'; + +import { + ActivatedRoute, + Router, +} from '@angular/router'; + +import { ApiService } from 'jslib/abstractions/api.service'; +import { AuthService } from 'jslib/abstractions/auth.service'; +import BrowserPlatformUtilsService from '../../services/browserPlatformUtils.service'; +import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service'; +import { ConstantsService } from 'jslib/services/constants.service'; +import { EnvironmentService } from 'jslib/abstractions/environment.service'; +import { I18nService } from 'jslib/abstractions/i18n.service'; +import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service'; +import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service'; +import { StateService } from 'jslib/abstractions/state.service'; +import { StorageService } from 'jslib/abstractions/storage.service'; +import { SyncService } from 'jslib/abstractions/sync.service'; + +import { SsoComponent as BaseSsoComponent } from 'jslib/angular/components/sso.component'; + +@Component({ + selector: 'app-sso', + templateUrl: 'sso.component.html', +}) +export class SsoComponent extends BaseSsoComponent { + constructor(authService: AuthService, router: Router, + i18nService: I18nService, route: ActivatedRoute, + storageService: StorageService, stateService: StateService, + platformUtilsService: PlatformUtilsService, apiService: ApiService, + cryptoFunctionService: CryptoFunctionService, passwordGenerationService: PasswordGenerationService, + syncService: SyncService, private browserPlatformUtilsService: BrowserPlatformUtilsService, + private environmentService: EnvironmentService ) { + super(authService, router, i18nService, route, storageService, stateService, platformUtilsService, + apiService, cryptoFunctionService, passwordGenerationService); + + let url = this.environmentService.getWebVaultUrl(); + if (url == null) { + url = 'https://vault.bitwarden.com'; + } + + this.redirectUri = url + '/sso-connector.html'; + this.clientId = 'browser'; + + super.onSuccessfulLogin = () => { + var sidebarName : string = this.browserPlatformUtilsService.sidebarViewName(); + var sidebarWindows = chrome.extension.getViews({ type: sidebarName }); + if(sidebarWindows && sidebarWindows.length > 0) { + sidebarWindows[0].location.reload(); + } + + return syncService.fullSync(true); + }; + + super.onSuccessfulLoginTwoFactorNavigate = () => { + return router.navigate(['2fa']); + } + } +} diff --git a/src/popup/app-routing.module.ts b/src/popup/app-routing.module.ts index b92d9830e0..8a92587a75 100644 --- a/src/popup/app-routing.module.ts +++ b/src/popup/app-routing.module.ts @@ -18,6 +18,7 @@ import { LoginComponent } from './accounts/login.component'; import { RegisterComponent } from './accounts/register.component'; import { TwoFactorOptionsComponent } from './accounts/two-factor-options.component'; import { TwoFactorComponent } from './accounts/two-factor.component'; +import { SsoComponent } from './accounts/sso.component'; import { PasswordGeneratorHistoryComponent } from './generator/password-generator-history.component'; import { PasswordGeneratorComponent } from './generator/password-generator.component'; import { PrivateModeComponent } from './private-mode.component'; @@ -79,6 +80,12 @@ const routes: Routes = [ canActivate: [LaunchGuardService], data: { state: '2fa-options' }, }, + { + path: 'sso', + component: SsoComponent, + canActivate: [LaunchGuardService], + data: { state: 'sso' }, + }, { path: 'register', component: RegisterComponent, diff --git a/src/popup/app.module.ts b/src/popup/app.module.ts index d080cb563d..0f773ba590 100644 --- a/src/popup/app.module.ts +++ b/src/popup/app.module.ts @@ -23,6 +23,7 @@ import { LoginComponent } from './accounts/login.component'; import { RegisterComponent } from './accounts/register.component'; import { TwoFactorOptionsComponent } from './accounts/two-factor-options.component'; import { TwoFactorComponent } from './accounts/two-factor.component'; +import { SsoComponent } from './accounts/sso.component'; import { AppComponent } from './app.component'; import { PasswordGeneratorHistoryComponent } from './generator/password-generator-history.component'; import { PasswordGeneratorComponent } from './generator/password-generator.component'; @@ -206,6 +207,7 @@ registerLocaleData(localeZhTw, 'zh-TW'); TrueFalseValueDirective, TwoFactorOptionsComponent, TwoFactorComponent, + SsoComponent, ViewComponent, ], entryComponents: [], diff --git a/src/popup/services/popup-utils.service.ts b/src/popup/services/popup-utils.service.ts index 2faca3dea7..c7d7f01d45 100644 --- a/src/popup/services/popup-utils.service.ts +++ b/src/popup/services/popup-utils.service.ts @@ -78,4 +78,12 @@ export class PopupUtilsService { // Safari can't open popup in full page tab :( } } + + ProcessSso(code: string, state: string) + { + // Redirect to SSO token validation. + chrome.tabs.create({ + url: 'popup/index.html?uilocation=popout#/sso?code=' + code + '&state=' + state + }); + } }