* PM-4596 - PinCryptoService first draft
* PM-4596 - PinCryptoService - Refactor pinKeyEncryptedKey retrievals out into own method getPinKeyEncryptedKeys
* PM-4596 - npm ci + npm run prettier to fix lint issues
* PM-4596 - PinCryptoService - Add kdf types
* PM-4596 - PinCryptoService - Refactor pin validation into own helper method.
* PM-4596 - Rename pin-crypto.service.ts to pin-crypto.service.implementation.ts
* PM-4596 - PinCryptoService - add additional logging for error states.
* PM-4596 - JslibServicesModule - register new PinCryptoService and PinCryptoServiceAbstraction
* PM-4596 - PinCryptoService - modify decryptUserKeyWithPin signature to not require email to match MP verification process in user verification service.
* PM-4596 - Lock components - use new PinCryptoService.decryptUserKeyWithPin(...) to get user key + refactor base comp unlock with pin method to improve
* PM-4596 - Lock component - if too many invalid attempts, added toast explaining that we were logging the user out due to excess PIN entry attempts
* PM-4596 - UserVerificationService - (1) Refactor verifyUser(...) to use switch + separate methods for a cleaner parent method + better extensibility for PIN & biometrics which are TBD (2) Add PIN support to validateInput(...)
* PM-4596 - UserVerificationService - add PIN and biometrics functions to verifyUser(...)
* PM-4596 - PinCryptoService Spec - start test file - instantiates properly
* PM-4596 - PinCryptoService tests - WIP
* PM-4596 - PinCryptoService tests - WIP - got success cases working
* PM-4596 - pin-crypto.service.implementation.spec.ts renamed to pin-crypto.service.spec.ts
* PM-4596 - PinCryptoService.getPinKeyEncryptedKeys(...) - add comment + var name change for clarity
* PM-4596 - PinCryptoService tests - test invalid, null return scenarios
* PM-4596 - CLI - bw.ts - update UserVerificationService instantiation to include new pinCryptoService
* PM-4596 - PinCryptoService - import VaultTimeoutSettingsServiceAbstraction instead of implementation for factory creation to get browser building
* PM-4596 - (1) Create pinCryptoServiceFactory for browser background (2) Add it to the existing userVerificationServiceFactory
* PM-4596 - Browser - Main.background.ts - Add pinCryptoService and add to userVerificationService dependencies
* PM-4596 - UserVerificationService - per PR feedback simplify returns of verifyUserByPIN(...) and verifyUserByBiometrics(...)
* PM-4596 - Messages.json on desktop & browser - per PR feedback, adjust tooManyInvalidPinEntryAttemptsLoggingOut translation text to remove "you"
* PM-4596 - VerificationType enum - fix line copy mistake and give BIOMETRICS own, unique value.
* PM-4596 - VerificationType - rename BIOMETRICS to Biometrics to match existing MasterPassword value case.
* PM-4596 - Update verification type to consider whether or not a secret exists as we have added a new verification which doesn't have a type. Add new server and client side verification types. Update all relevant code to pass compilation checks.
* PM-4596 - More verification type tweaking
* PM-4596 - Verification - verificationHasSecret - tweak logic to be more dynamic and flexible for future verification types
* PM-4596 - UpdateTempPasswordComp - use new MasterPasswordVerification
* PM-4596 - Desktop - DeleteAcctComp - use VerificationWithSecret to solve compile error w/ accessing secret
* PM-4596 - Per discussions with Andreas & Will, move new Pin Crypto services into libs/auth + added @bitwarden/auth path to CLI tsconfig + added new, required index.ts files for exporting service abstractions & implementations
* PM-4596 - Fixed missed import fixes for lock components across clients for pin crypto service after moving into @bitwarden/auth
* PM-4596 - More PinCryptoService import fixes to get browser & desktop building
* PM-4596 - Update desktop lock comp tests to pass by providing new pin crypto service.
* PM-4596 - User verification service -update todo
* PM-4596 - PinCryptoService - per PR feedback, fix auto import wrong paths.
* PM-4596 - PinCryptoService tests - fix imports per PR feedback
* PM-4596 - UserVerificationSvc - rename method to validateSecretInput per PR feedback
* Fix imports
* PM-4596 - PinCryptoService - Refactor naming for clarity and move test cases into describes per PR feedback
* reorg libs/auth; expose only libs/auth/core to cli app
* PM-4596 - UserVerification - Resolve import issue with importing from libs/auth. Can't use @bitwarden/auth for whatever reason.
* PM-4596 - Fix desktop build by fixing import
* PM-4596 - Provide PinCryptoService to UserVerificationService
* PM-4596 - PinCryptoServiceFactory - you cannot import services from @bitwarden/auth in the background b/c it brings along the libs/auth/components and introduces angular into the background context which doesn't have access to angular which causes random test failures. So, we must separate out the core services just like the CLI to only bring along the angular agnostic services from core.
* PM-4596 - Refactor libs/auth to have angular / common + update all imports per discussion with Matt & Will. Introduced circular dep between PinCryptoService + VaultTimeoutSettingsService + UserVerificationService
* PM-4596 - VaultTimeoutSettingsService - Refactor UserVerificationService out of the service and update all service instantiations and tests. The use of the UserVerificationService.hasMasterPassword method no longer needs to be used for backwards compatibility. This resolves the circular dependency between the PinCryptoService, the UserVerificationService, and the VaultTimeoutSettingsService. We will likely refactor the hasMasterPassword method out of the UserVerificationService in the future.
* PM-4596 - Update CL tsconfig.libs.json to add new auth/common and auth/angular paths for jslib-services.module imports of pin crypto service to work and for test code coverage to run successfully.
* PM-4596 - Address PR feedback
* PM-4596 - Update root tsconfig (only used by storybook) to add new libs/auth paths to fix chromatic build pipeline.
* PM-4596 - Actually update tsconfig with proper routes to fix storybook
* PM-4596 - UserVerificationService - verifyUserByBiometrics - add error handling logic to convert failed or cancelled biometrics verification to a usable boolean
* PM-4596 - Add missing await
* PM-4596 - (1) Add log service and log to user verification service biometric flow to ensure errors are at least revealed to the console (2) Fix factory missing PinCryptoServiceInitOptions
* PM-4596 - Use the correct log service abstraction
* PM-4596 - Remove unused types per PR review
---------
Co-authored-by: William Martin <contact@willmartian.com>
* PoC disallow changing masked values in edit mode and mask TOTP with password
* toggle totp seed visibility independently from password visibility in edit mode
* cleanup
* add fallback value for when a cipher returns a null value for maskedPassword
* toggle masks off for maskable login properties with no value on load
* do not show mask toggle for password or totp if no value is present
* [PM-5616] Remove document element mutation observer from Autofill Overlay to fix strange DOM manipulation behavior
* [PM-5616] Removing unnecessary jest tests
* Migrate ever had user key
* Add DI for state providers
* Add state for everHadUserKey
* Use ever had user key migrator
Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <LRNcardozoWDF@users.noreply.github.com>
Co-authored-by: Jason Ng <Jcory.ng@gmail.com>
* Fix test from merge
* Prefer stored observables to getters
getters create a new observable every time they're called, whereas one set in the constructor is created only once.
* Fix another merge issue
* Fix cli background build
---------
Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <LRNcardozoWDF@users.noreply.github.com>
Co-authored-by: Jason Ng <Jcory.ng@gmail.com>
* [PM-5439] TOTP to Clipboard Does not Work with Autofill Overlay
* [PM-5439] Adding jest tests to validate totp copy action when filling using the overlay
* [PM-5432] Overlay button iframe presents with a white background
* [PM-5432] Adding method that allows us to update the overlay button color scheme dynamically
* [PM-5432] Adding jest tests to validate implementation changes
#7290 introduced these types, but during development we switched over to specifying dependencies in type parameters instead of an object. This change meant we no longer needed these `Type` or `ShapeToInstance` types, greatly simplifying the types related to derived state.
* Remove derived state from state classes
* Create provider for derived state
Derived state is automatically stored to memory storage, but can be derived from any observable.
* Fixup state provider method definitions
* Test `DefaultDerivedState`
* remove implementation notes
* Write docs for derived state
* fixup derived state provider types
* Implement buffered delayUntil operator
* Move state types to a common module
* Move mock ports to centra location
* Alias DerivedStateDependency type
* Add dependencies to browser
* Prefer internal rxjs operators for ref counting
* WIP
* Ensure complete on subjects
* Foreground/background messaging for browser
Defers work for browser to the background
* Test foreground port behaviors
* Inject foreground and background derived state services
* remove unnecessary class field
* Adhere to required options
* Add dderived state to CLI
* Prefer type definition in type parameters to options
* Prefer instance method
* Implements factory methods for common uses
* Remove nothing test
* Remove share subject reference
Share manages connector subjects internally and will reuse them until
refcount is 0 and the cleanup time has passed. Saving our own reference
just risks memory leaks without real testability benefits.
* Fix interaction state
* feat: add missing tests for `isFido2FeatureEnabled`
* feat: add user logged in check
* chore: rewrite with cartesian product
* chore: remove test
The test was more complex than the actual function, removing.
* feat: add domain exclusion
* feat: add origin equal vault case
* chore: clean up the old code from `content-secript`
* feat: return early to avoid making api calls
* fix: prettier linting
* fix: incorrect logic inversion
---------
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
* Hide account switcher in addEdit generator
* Handle AddEditCipher deserialization
* Opaque types are not serializable
* Better handle jsonification of login uris
* Ensure we don't overwrite original with clone
* Ensure cipherView prototype is always restored if it exists
* make spacing consistent between log out and lock all buttons
* update color of avatar when no active account
* separate active account from other available accounts
* remove unnecessary ng-container
* migrate to DialogService
* use static method
* add reactive form dependencies
* begin migrating to reactive forms
* migrate template inputs to use CL
* update set-pin.component.ts file to work with reactive forms
* migrate desktop template and class file to Dialog and ReactiveForms
* update settings page
* remove old properties
* update settings form upon dialog close
* refactor ngOnInit()
* remove duplicate validator (already have a validator in class file)
* Import libs/importer and instantiate ImportService
* Create ImportApi and ImportService factories
* Add libs/importer to desktop
* [PM-4075] Setup Feature Flag for Browser Fileless Import
* [PM-4032] Detect Lastpass Export Page and Supress Download Prompt
* [PM-4032] Implementing jest tests for the FilelessImporterBackground class
* [PM-4075] Setup Feature Flag for Browser Fileless Import (#6391)
* [PM-4032] Implementing jest tests for the FilelessImporterBackground class
* [PM-4032] Implementing jest tests for the LpFilelessImporter class
* [PM-4032] Modifying variable name
* [PM-4032] Modifying verbiage on jest tests to feature present tense actions and updating behavior within FilelessImporterBackground to ensure logic is triggered on expected port names only
* [PM-4032] Modifying documentation present above handlePortOnConnect method
* [PM-4032] Modifying documentation present above handlePortOnConnect method
* [PM-4032] Applying early return if the user has a policy that removes the individual vault
* [PM-4032] Reverting change made to notification bar
* [PM-4032] Applying a static declaration to the filelessImporterPortNames property
* [PM-4032] Modifying test for handlPortOnConnect method to follow provided feedback
* [PM-4032] Applying feedback to jest test messages
* [PM-4032] Reworking LpFilelessImporter to simplify testing structure and leverage public facing methods rather than testing private methods
* [PM-4032] Reworking FilelessImporterBackground class
* [PM-4032] Adding implementation details that facilitate triggering onMessage listeners within a chrome.runtime.connection port
* [PM-4032] Implementing reworked jest tests for FilelessImporterBackground
* [PM-4032] Adjusting naming of jest test
* [PM-4032] Reworking test setup implementation to better fit approach discussed within overlay PR work
* [PM-4032] Running prettier
* [PM-4032] Removing added line break
* [PM-4033] Display import prompt to user (#6407)
* [PM-4033] Display Import Prompt to the User
* [PM-4033] Adding jest tests for LpFilelessImporter
* [PM-4033] Finalization of Jest tests
* [PM-4033] Finalization of Jest tests
* [PM-4033] Removing values from the whitelist capital letters file
* [PM-4033] Addressing jest test coverage in LpFilelessImporter
* [PM-4033] Addressing jest test coverage in LpFilelessImporter
* [PM-4033] Adding documentation to the added methods within the NotificationBackground class
* [PM-4033] Adding documentation to the added methods within the bar.ts content script
* [PM-4033] Removing unnecessary method within lp-fileless-importer content script
* [PM-4033] Removing method that is not currently used within FilelessImporterBackground
* [PM-4033] Adding jest tests for the implementation
* [PM-4035] Import LastPass Export Page Data (#6408)
* [PM-4035] Import LastPass Export Page Data
* [PM-4035] Import LastPass Export Page Data
* [PM-4035] Adding jest tests for the LPFilelessImporter class
* [PM-4035] Adding jest tests for the FilelessImporterBackground class
* [PM-4035] Fixing references to innerHtml and updating them to reference textContent
* [PM-4035] Removing eslint-disable and adding logging service to bar.ts
* [PM-4035] Adding typing information to LpImporter classes
* [PM-4035] Adding typing information to LpImporter classes
* [PM-4035] Adding typing information for FilelessImportType
* [PM-4035] Updating type reference for the filelessImportType
* [PM-4032] Refactoring implementation for NotificationBackground.doNotificationQueueCheck to remove repetition
* [PM-4032] Refactoring early returns within NotificationBackground
* [PM-4032] Adding context for a test case for the FilelessImporterBackground
* [PM-4032] Removing magic number by referencing the notification port within a test for cancelFilelessImport
* [PM-4032] Adding documentation to the constructor
* [PM-4032] Switching logic to use a switch statement rather than multiple if statements
* [PM-4032] Removing unnecessary early return from the mutation observer implementation within `lp-fileless-importer.ts
* [PM-4032] Adding return to the mutation observer when we have found the expected text node
* [PM-4032] Refactoring implementation of the handleMutation method
* [PM-4032] Modifying implementation for pushUnlocKVaultToQueue to send a notification message instead of adding the item to the queue
* [PM-4032] Modifying implementation for how we handle mutations within the lp-fileless-importer
* [PM-4032] Adding space between the iteration over added nodes within LpFilelessImporter.handleMutation
* [PM-4032] Reworking logic within the doNotificationCheck method to remove for loop
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [PM-5303] Cannot login with SSO
* [PM-5303] Adding documentation to newly created ContentMessageHandler class
* [PM-5303] Updating manifest v3 implementation to use the newly scoped name
* [PM-5303] Adding jest tests to implementation
* Added new locales text
* expose the sender url to be used in the use browser link component
* Modified use browser link to have a dropdown of two options, just once or always for this site
* modified component to use the use browser link component
* refactored method
* Made style changes and also updated the windows popout height
* ran prettier
* corrected google domain
* [PM-5281] [PM-5282] Disable User Interaction Post 'Always for this Site' Selection and Preserve Prior Exclusions (#7237)
* Added new domain alongside existing domains when saving to state
* Added an overlay whne user clicks always for this site to prevent further interaction on the page
* changed opacity
* moved overlay to fido2-use-browser-link
* removed private method and renamed variable
* Navigate to home from account switcher
Also updates the main background handling of logout to either finish switch or logout, depending on which occurred
* Prefer observable guards
we were racing the account switch process on `accountService` and this async guard. It only depended on account status, which is available from `accountService`, so the correct move was to observe that status.
The unauthGuardFn allows for updating homepage depending on window state because popout windows have different nav to other locations.
* Add light LinkType to link directive
* add skip link to bit-layout; update i18n for all apps
* install storybook interaction testing packages
* update storybook config
* add skiplink story to bit-layout
* update route and focus logic
* remove focus ring
Justin Baur
Matt Gibson
Jared Snider
SmithThe4th
Jonathan Prusik
github-actions[bot]
Rui Tomé
aj-rosado
Cesar Gonzalez
Todd Martin
Vladan Simić
rr-bw
Jason Ng
Bernd Schoolmann
Bitwarden DevOps
Andreas Coroiu
Daniel James Smith
Will Martin