* PM-3275 - Policy.service - Refactor existing mapPoliciesFromToken internal logic to provide public mapPolicyFromResponse method
* PM-3275 - Add new PolicyApiService.getMasterPasswordPolicyOptsForOrgUser method for use in the set password comp
* PM-3275 - Update set-password.comp to use new policyApiService.getMasterPasswordPoliciesForInvitedUsers method
* PM-3275 - (1) Remove post TDE AuthN set password routing logic from SSO/2FA comps as we cannot set an initial user password until after decryption in order to avoid losing the ability to decrypt existing vault items (a new user key would be created if one didn't exist in memory) (2) Add set password routing logic post TDE decryption in LoginWithDevice/Lock components (3) Add new ForceResetPasswordReason to capture this case so that we can guard against users manually navigating away from the set password screen
* PM-3275 - SyncSvc - Add logic for setting forcePasswordReset reason if TDE user w/out MP went from not having MP reset permission to having it.
* PM-3275 - Rename ForceResetPasswordReason enum to ForceSetPasswordReason + update all references.
* PM-3275 - Removing client deprecated calls to getPoliciesByInvitedUser and helper call getMasterPasswordPoliciesForInvitedUsers
* PM-3275 - PolicyAPI service - remove no longer necessary getPoliciesByInvitedUser method
* PM-3275 - LockComp - TODO cleanup
* PM-3275 - SSO & 2FA comp - cleanup of incorrect routing path
* PM-3275 - (1) State service refactor - change getForcePasswordResetReason / setForcePasswordResetReason to be getForceSetPasswordReason / setForceSetPasswordReason (2) Sync Service - encapsulate setForceSetPasswordReasonIfNeeded logic into own method
* PM-3275 - SetPassword Comp - Rename "identifier" to be "orgSsoIdentifier" for clarity
* PM-3275 - SetPasswordComp - Moving routing from SSO / 2FA comps to Lock / LoginWithDevice comps results in a loss of the the OrgSsoId. However, as part of the TDE work, we added the OrgSsoId to state so use that as a fallback so we can accurately evaluate if the user needs to be auto enrolled in admin account recovery.
* PM-3275 - SetPasswordComp - add a bit more context to why/when we are reading the user org sso id out of state
* PM-3275 - SetPassword Comp - (1) Add forceSetPasswordReason and ForceSetPasswordReason enum as public props on the class so we can change copy text based on which is set + set forceSetPasswordReason on ngOnInit (2) Refactor ngOnInit to use a single RxJs observable chain for primary logic as the auto enroll check was occurring before the async getUserSsoOrganizationIdentifier could finish.
* PM-3275 - Desktop - App comp - missed replacing getForcePasswordResetReason with getForceSetPasswordReason
* PM-3275 - TDE Decryption Option Comps - must set ForceSetPasswordReason so that we can properly enforce keeping the user on the component + display the correct copy explaining the scenario to the user.
* PM-3275 - All Clients - SetPasswordComp html - Update page description per product + remove no longer used ssoCompleteRegistration translation.
* PM-3275 - SetPasswordComp - hopefully the final puzzle piece - must clear ForceSetPasswordReason in order to let user navigate back to vault.
* PM-3275 - SyncService - Remove check for previous value of account decryption options hasManageResetPasswordPermission as when a user logged in on a trusted device after having their permissions updated, the initial setting would be true and it would cause the flag to NOT be set when it should have.
* PM-3275 - TDE User Context - (1) Remove explicit navigation to set password screen from post decryption success scenarios on lock & login w/ device comps (2) Move TdeUserWithoutPasswordHasPasswordResetPermission flag setting to SSO / 2FA components to support both trusted and untrusted device scenarios (both of which are now caught by the auth guard).
* PM-3275 - (1) SetPassword comp - adjust set password logic for TDE users to avoid creating a new user asymmetric key pair and setting a new private key in memory. (2) Adjust SetPasswordRequest to allow null keys
* PM-3275 - Remove unused route from login with device comp
* PM-3275 - Sso & 2FA comp tests - Update tests to reflect new routing logic when TDE user needs to set a password
* PM-3275 - Lock comp - per PR feedback, remove unused setPasswordRoute property.
* PM-3275 - SetPasswordComp - Per PR feedback, use explicit null check
* PM-3275 - Per PR Feedback, rename missed forcePasswordResetReason to be forceSetPasswordReason on account model
* PM-3275 - Auth guard - rename forcePasswordResetReason to forceSetPasswordReason
* PM-3275 - SSO / 2FA comps - Per PR feedback, refactor Admin Force Password reset handling to be in one place above the TDE user flows and standard user flows as it applies to both.
* PM-3275 - Per PR feedback, clarify 2FA routing comment
* PM-3275 - Per PR feedback, update set-password comp ngOnInit switchMaps to just return promises as switchMap converts promises to observables internally.
* PM-3275 - Per PR feedback, refactor set password ngOnInit observable chain to avoid using async subscribe and instead simply sequence the calls via switchMap and tap for side effects.
* PM-3275 - Per PR feedback, move tap after filter so we can remove if check
* PM-3275 - Per PR feedback, update policy service mapping methods to use shorthand null checking.
* PM-3275 - SetPassword comp - (1) Move force set password reason logic into onSetPasswordSuccess(...) (2) On onSetPasswordSuccess, must set hasMasterPassword to true for user verification scenarios.
* PM-3275 - Per PR feedback, remove new hasManageResetPasswordPermission flag from profile response and instead simply read the information off the existing profile.organizations data as the information I needed was already present.
* PM-4633 - PolicyService - mapPolicyFromResponse(...) - remove incorrect null check for data. Policies with internal null data property should still be evaluated and turned into Policy objects or the policy array ends up having null values in it and it causes errors down the line on login after acct creation.
* Get the url field name ignoring the case format
* Adding test cases for the SecureSafe importer
* Updating test cases and the way the url field is selected
* updating the variable name from url to urlField
* Create libs/tools-folder and README.md
* Assign libs/tools to be owned by team-tools-dev
* Add exception for the capital README in libs/tools
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [PM-3722] fix: wrong translation bug
* [PM-3722] feat: use user verification component during creation
* [PM-3722] feat: use user verification component during deletion
* [PM-3722] feat: improve error handling
* Tweak account switcher button
- if it opens a dialog, it should advertise this with `aria-haspopup="dialog"`, not `aria-haspopup="menu"`
- if it opens a dialog, the `aria-expanded` is pointless (as the user will never get back out into the underlying page to check if it's expanded or collapsed, since it's for a dialog not a disclosure widget or menu)
* Make two variants for button to sort out `aria-label` on logged-in case
* Remove `aria-controls` for button
as it's a dialog that opens, not a disclosure, this is irrelevant
* Fix `overlayPostition` typo
* Simplify approach
just use existing single button, but add visually hidden extra "Switch account" to accName
* Tweak account switch buttons in dialog/dropdown
* Take out the confusing "Logged in as..." a11y text
* Use visible button text (with a few extra `sr-only` parts, for readability) as the button's accName
* Add the "Switch account" context to each of the buttons to make clear what they do
* Fix protonpass importer when totp field is not a URL
* Simplify ProtonPass importer totp handling
* Use getValueOrDefault for totp import in ProtonPass importer
* Use getValueOrDefault for other ProtonPass importer fields
---------
Co-authored-by: ttalty <144813356+ttalty@users.noreply.github.com>
* Adding all messages.json files besides en/ into ownership of team-tools-dev
* Add newline and extend header comment
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Collate browser header concerns into component
Header component has a slots field with a left, center, right, and a
right-most location for a current account, which will link to an account
switcher.
* Use feature flag if OK for production eventually
* Make sure centered content centered
* Allow for disabling header theming for login page
visual gitches exist for links and buttons, due to specifications futher down in the header, but those
items shouldn't use the `no-theme` option. For now, it's just for the
login screen
* Add Account Switching Component
* Collate browser header concerns into component
Header component has a slots field with a left, center, right, and a
right-most location for a current account, which will link to an account
switcher.
* Use feature flag if OK for production eventually
* Add Account Switching Component
* Fix Rebase Issues
* Remove Comments
* Move AccountSwitcher Logic Into Service
* Rename File
* Move Router to Component
* Add Tests for AccountSwitcherService
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Collate browser header concerns into component
Header component has a slots field with a left, center, right, and a
right-most location for a current account, which will link to an account
switcher.
* Use feature flag if OK for production eventually
* Make sure centered content centered
* Allow for disabling header theming for login page
visual gitches exist for links and buttons, due to specifications futher down in the header, but those
items shouldn't use the `no-theme` option. For now, it's just for the
login screen
* Select sr-only headers
* Fix vault-filter center header component
* Correct hover for header buttons/links
* Ensure no visual difference when flag is off
* Split up import/export into separate modules
* Fix routing and apply PR feedback
* Renamed OrganizationExport exports to OrganizationVaultExport
* Make import dialogs standalone and move them to libs/importer
* Make import.component re-usable
- Move functionality which was previously present on the org-import.component into import.component
- Move import.component into libs/importer
Make import.component standalone
Create import-web.component to represent Web UI
Fix module imports and routing
Remove unused org-import-files
* Enable importing on deskop
Create import-dialog
Create file-menu entry to open import-dialog
Extend messages.json to include all the necessary messages from shared components
* Renamed filenames according to export rename
* Make ImportWebComponent standalone, simplify routing
* Pass organizationId as Input to ImportComponent
* use formLoading and formDisabled outputs
* use formLoading & formDisabled in desktop
* Emit an event when the import succeeds
Remove Angular router from base-component as other clients might not have routing (i.e. desktop)
Move logic that happened on web successful import into the import-web.component
* Enable importing on deskop
Create import-dialog
Create file-menu entry to open import-dialog
Extend messages.json to include all the necessary messages from shared components
* use formLoading & formDisabled in desktop
* Add missing message for importBlockedByPolicy callout
* Remove commented code for submit button
* Implement onSuccessfulImport to close dialog on success
* fix table themes on desktop & browser
* fix fileSelector button styles
* update selectors to use tools prefix; remove unused selectors
* update selectors
* Wall off UI components in libs/importer
Create barrel-file for libs/importer/components
Remove components and dialog exports from libs/importer/index.ts
Extend libs/shared/tsconfig.libs.json to include @bitwarden/importer/ui -> libs/importer/components
Extend apps/web/tsconfig.ts to include @bitwarden/importer/ui
Update all usages
* Rename @bitwarden/importer to @bitwarden/importer/core
Create more barrel files in libs/importer/*
Update imports within libs/importer
Extend tsconfig files
Update imports in web, desktop, browser and cli
* import-lastpass wip
* Lazy-load the ImportWebComponent via both routes
* Fix import path for ImportComponent
* add validation; add shared folders field
* clean up logic
* fill fileContent on account change
* Use SharedModule as import in import-web.component
* show spinner on pending validation; properly debounce; refactor to loadCSVData func
* fix pending submit guard
* hide on web, show on desktop & browser
* reset user agent fieldset styles
* fix validation
* File selector should be displayed as secondary
* update validation
* Fix setUserTypeContext always throwing
* refactor to password dialog approach
* remove control on destroy; dont submit on enter keydown
* helper to serialize vault accounts (#6556)
* helper to serialize vault accounts
* prettier
* add prompts
* Add missing messages for file-password-prompt
* Add missing messages for import-error-dialog
* Add missing message for import-success-dialog
* Create client-info
* Separate submit and handling import, add error-handling
* Move catch and error handling into submit
* Remove AsyncValidator logic from handleImport
* Add support for filtering shared accounts
* add sso flow to lp import (#6574)
* stub out some sso flow
* use computer props
* lastpass callback
* baseOpenIDConnectAuthority
* openIDConnectAuthorityBase
* comments
* camelCase user type context model
* processSigninResponse
* Refactor handleImport
* use large dialogSize
* remove extra setUserTypeContext
* fix passwordGenerationService provider; pass all errors to ValidationErrors
* add await SSO dialog & logic
* Move lastpass related files into separate folder
* Use bitSubmit to override submit preventDefault (#6607)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Use large dialogSize
* revert jslib changes
* PM-4398 - Add missing importWarning
* make ui class methods async
* add LastPassDirectImportService
* update error handling
* add OOB methods (manual passcode only)
* fix typo
* respond to SSO callback
* localize error messages
* remove uneeded comment
* update i18n
* add await sso i18n
* add not implemented error to service
* fix getting k2
* fix k1 bugs
* null checks should not be strict
* update awaiting sso dialog
* update approveDuoWebSdk
* add browser lastpass oidc/sso connector
* add getRedirectUrlWithParams
* params
* rename to getOidcRedirectUrlWithParams
* refactor oob login flow
* Add messages needed for Lastpass import flow
Taken from https://github.com/bitwarden/clients/pull/6541/files#diff-47e9af6d0d7d691a507534f7955edaa9fb37be8cf1c1981fd2ba898e99b6130d
* Update apps/browser/src/connectors/sso.ts
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
* Update libs/importer/src/components/lastpass/import-lastpass.component.ts
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
* fix error
* Removing fieldset due to merge of https://github.com/bitwarden/clients/pull/6626
* Add sso-connector to manifest.v3
* Make linter happy
* Refactoring to push logic into the service vs the component
Move all methods related to MFA-UI into a LastPassDirectImportUIService
Move all logic around the import into a LastPassDirectImportService
The component now only has the necessary flows but no knowledge on how to use the lastpass import lib or the need for a OIDC client
* Remove unneeded passwordGenerationService
* move all import logic to service
* apply code review: remove name attributes; use protected fields; use formGroup.value
* rename submit method and add comment
* update textarea id
* update i18n
* remove rogue todo comment
* Add missing messages forLastpass import
* extract helper asyncValidatorsFinished
* Remove files related to DuoUI we didn't need to differentiate for MFA via Duo
* Add missing import
* use clientType
* triple =
* lastpassAuthResult for web sso connector
* remove browser sso connector
* use web vault for oidc redirect url
* revert formGroup.value access
* process lastpassAuthResult
* simplify message handler logic
* consolidate logic for lastpass auth result
* swap lastpass logic in sso connector
* add email to signInRequest
* add try again error message
* add try again i18n
* consistent clientinfo id (#6654)
---------
Co-authored-by: William Martin <contact@willmartian.com>
* hide on browser
* show LP importer on browser client
* add missing i18n to browser
* add lastpass prefix
* add shared i18n copy to web and browser
* rename deeplink
* use protected field
* rename el ids
* refactor: remove nested conditional
* update form ids in consuming client components
* remove unnecessary return statement
* fix file id
* use ngIf
* use hidden because of getElementById
* Remove OIDC lib logging
* Forward LP sso callback message to LP direct import service
* Add missing collection label
* Add missing `invalidFilePassword` to messages.json
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: William Martin <contact@willmartian.com>
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
Andreas Coroiu
Jared Snider
github-actions[bot]
Robyn MacCallum
Jake Fink
Michał Chęciński
ttalty
Daniel James Smith
Daniel García
Alex Morask
Thomas Rittson
Patrick H. Lauke
Bernd Schoolmann
Oscar Hinton
rr-bw
Will Martin
Justin Baur
Todd Martin
Matt Gibson
Opeyemi
André Bispo
Vince Grassia
Kyle Spearrin