* Fix encrypted export using fixed PBKDF2 iterations
* Replace hardcoded KdfType in importer
* Clean up kdf handling in password-protected export
* Extract BitwardenPasswordProtectedFileFormat
* Rename bitwarden-json-types
* Move StateService import to fix linting issue
* Make linter happy
* Use abstraction instead of implementation
---------
Co-authored-by: Daniel James Smith <djsmith@web.de>
* Split out api methods into sendApiService
* Move SendService and abstraction
* Libs updates
* Web updates
* CLI updates
* Desktop updates
* libs send service fixes
* browser factory additions
* Browser updates
* Fix service injection for CLI SendReceiveCommand
* Deprecate directly calling send state service methods
* SendService observables updates
* Update components to use new observables
* Modify CLI to use state service instead of observables
* Remove unnecessary await on get()
* Move delete() to InternalSendService
* SendService unit tests
* Split fileUploadService by send and cipher
* send and cipher service factory updates
* Add file upload methods to get around circular dependency issues
* Move api methods from sendService to sendApiService
* Update cipherService to use fileApi methods
* libs service injection and component changes
* browser service injection and component changes
* Desktop component changes
* Web component changes
* cipher service test fix
* Fix file capitalization
* CLI service import and command updates
* Remove extra abstract fileUploadService
* WIP: Condense callbacks for file upload
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* Send callbacks for file upload
* Fix circular service dependencies
* Fix response return on upload
* Fix function definitions
* Service injection fixes and bug fixes
* Fix folder casing
* Service injection cleanup
* Remove deleted file from capital letters whitelist
* Create new SendApiService for popup
* Move cipherFileUploadService to vault
* Move SendFileUploadService methods into SendApiService
* Rename methods to remove 'WithServer'
* Properly subscribe to sendViews
* Fix Send serialization
* Implement fromJSON on sendFile and sendText
* [PM-1347] Fix send key serialization (#4989)
* Properly serialize key on send fromJSON
* Remove call that nulled out decrypted sends
* Fix null checks in fromJSON methods for models
* lint fixes
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* add settingsService.getEquivalentDomains
* check that an iframe URL matches cipher.login.uris before autofilling
* disable autofill on page load if it doesn't match
* show a warning to the user on regular autofill if it doesn't match
---------
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* Move auth service factories to Auth team
* Move authentication componenets to Auth team
* Move auth guard services to Auth team
* Move Duo content script to Auth team
* Move auth CLI commands to Auth team
* Move Desktop Account components to Auth Team
* Move Desktop guards to Auth team
* Move two-factor provider images to Auth team
* Move web Accounts components to Auth Team
* Move web settings components to Auth Team
* Move web two factor images to Auth Team
* Fix missed import changes for Auth Team
* Fix Linting errors
* Fix missed CLI imports
* Fix missed Desktop imports
* Revert images move
* Fix missed imports in Web
* Move angular lib components to Auth Team
* Move angular auth guards to Auth team
* Move strategy specs to Auth team
* Update .eslintignore for new paths
* Move lib common abstractions to Auth team
* Move services to Auth team
* Move common lib enums to Auth team
* Move webauthn iframe to Auth team
* Move lib common domain models to Auth team
* Move common lib requests to Auth team
* Move response models to Auth team
* Clean up whitelist
* Move bit web components to Auth team
* Move SSO and SCIM files to Auth team
* Revert move SCIM to Auth team
SCIM belongs to Admin Console team
* Move captcha to Auth team
* Move key connector to Auth team
* Move emergency access to auth team
* Delete extra file
* linter fixes
* Move kdf config to auth team
* Fix whitelist
* Fix duo autoformat
* Complete two factor provider request move
* Fix whitelist names
* Fix login capitalization
* Revert hint dependency reordering
* Revert hint dependency reordering
* Revert hint component
This components is being picked up as a move between clients
* Move web hint component to Auth team
* Move new files to auth team
* Fix desktop build
* Fix browser build
* Split folder service back/foreground
Also splits for folderApiService, since that depends on folderService.
TODO: this split will need to be done for any dependents of a split
service.
* Prefer popup-specific services VaultFilterService
* Prefer popup-specific services i18n
* Prefer popup-specific services configService
* StateService is required for browserSync
* Add Policy Api Service
* Remove unused orgService from PolicyApiService
* Fixup missed dependency
* Attach cryptography services in popup context
* Improve session syncer initialization
* Fix storage reseed on logout
The check for the set vault-timeout needs to happen before all cleaning stateService
Remove check inside of reseedStorage as happens outside prior to calling it (logout/settings.component)
* Remove old limitation to only run on certain browsers
Execute on all browsers besides Safari as it does not support chrome.storage.local.get with an empty key
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/storage/StorageArea/get
* Revert "Remove old limitation to only run on certain browsers"
This reverts commit d7f71aa0b6.
* Add combine helper
* Helper for running multiple actions with single service cache
* Remove unneeded any
* Send identifier through callback
* Extend Tab Message
* Split out ContextMenu logic
* Add tests for ContextMenu actions
* Context Menu Fixes
* Await call to menu handler
* set onUpdatedRan to false when it's ran
* Switch to using new cache per run
* Fix Generate Password Test
* Remove old file from whitelist
* Remove Useless never from Generic
* Update apps/browser/src/background/main.background.ts
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Address PR Feedback
* Specify a Document Url for Context Menu Items
* Update Test
* Use Generate Password Callback
* Remove DocumentUrlPatterns
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Force update of badge icon and text on all windows
Affects MV2 and MV3
No longer pass in tab and windowId to setLoggedOut and setLocked
When the vault is locked or the user logs out, all open windows/tabs need to be updated
Iterating over all active tabs like in 2022.10.1 was missing:
488734577f/apps/browser/src/background/main.background.ts (L859-L867)
Create clearBadgeText function to take care of it.
* Only try to retrieve tab in unlocked state
* Remove lock icon when unlocking on all windows
* Only use windowId to retrieve tab when defined
In MV2 the `windowId` isn't passed into updateBage and fails to retrieve the correct tab to update.
This resorted in the badge not showing a match count in another window.
Fixes#4260
Ensure in MV3 that all listener pass on the windowId if present.
* Fix Firefox private mode
Only pass on the windowId if defined and within Firefox
In private mode the main.background bootstrap-method passes in the windowId
Do not refreshBadge when in private mode
Previously 488734577f/apps/browser/src/background/main.background.ts (L575-L586) setIcon would skip in private mode. Calling refreshBadge without this would update the badge on all windows (normal and private ones)
* Move event.service to it's own folder
Move abstractions/event.service to abstractions/event/event.service
Move services/event.service to services/event/event.service
Fix all the imports
* Extract event-upload from event.service
Move `uploadEvents` from `EventService` to `EventUploadService`
Create event-upload-service-factory
Fix wiring up all the dependencies
* Remove clearEvents from EventService
clearEvents is only related to uploading events and can be moved into EventUploadService
Change the logout-method to only call EventUploadService.uploadEvents as that also calls clearEvents internally
* Rename EventService to EventCollectionService
Rename libs\common\abstraction\event\event.service.ts to libs\common\abstractions\event\event-collection.service.ts
Rename libs\common\services\event\event.service.ts to libs\common\services\event\event-collection.service.ts
Fix all the imports
Fix up service regristration/instantiation
Reanme \browser\src\background\service_factories\event-service.factory.ts to \browser\src\background\service_factories\event-collection-service.factory.ts
* Move interval to upload events to EventUploadSvc
Move the `init()` from event-collection.service to event-upload.service
Change call-site in web, desktop, browser
* Elevate Map <-> Record JSON helpers to Utils
* Build Account from a StateService provided AccountDeserializer
* Allow Manifest V2 usage of session sync
Expands use of SessionSyncer to all Subject types. Correctly handles
replay buffer for each type to ignore the flood of data upon
subscription to each Subject type.
* Create browser-synced Policy Service
* Move BrowserFolderService
* Libs account serialization improvements
* Serialize Browser Accounts
* Separate StateService in background/visualizations
Visualizer state services share storages with background page, which
nicely emulates mv3 synchronization through session/local storage. There
should not be multithreading issues since all of these services are
still running through a single thread, we just now have multiple places
we are reading/writing data from.
Smaller improvements
* Rename browser's state service to BrowserStateService
* Remove unused WithPrototype decorator :celebrate:
* Removed conversion on withPrototypeForArrayMembers. It's reasonable to
think that if the type is maintained, it doesn't need conversion.
Eventually, we should be able to remove the withPrototypeForArrayMembers
decorator as well, but that will require a bit more work on
(de)serialization of the Accounts.data property.
* Make Record <-> Map idempotent
Should we get in a situation where we _think_ an object has been
jsonified, but hasn't been, we need to correctly deal with the object
received to create our target.
* Check all requirements while duck typing
* Name client services after the client
* Use union type to limit initialize options
* Fixup usages of `initializeAs`
* Add OrganizationService to synced services
Co-Authored-By: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add Settings service to synced services
Co-Authored-By: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add missing BrowserStateService
* Fix factories to use browser-specific service overides
* Fix org-service registration in services.module
* Revert "Add missing BrowserStateService"
This reverts commit 81cf384e87.
* Fix session syncer tests
* Fix synced item metadata tests
* Early return null json objects
* Prefer abstract service dependencies
* Prefer minimal browser service overrides
* [SG-632] - Change forwarded providers radio buttons list to dropdown (#4045)
* SG-632 - Changed forwarded providers list of radio buttons to dropdown
* SG-632 - Added role attributes to improve accessibility.
* SG-632 - Added sorting to array and empty option
* SG-632 - Fix styling to match standards.
* rename cipehrs component to vault items component (#4081)
* Update the version hash for the QA Web build artifact to follow SemVer syntax (#4102)
* Remove extra call to toJSON() (#4101)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith@web.de>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* Move OrganizationService to fullSync
* Add Tech Debt Tracking Link
* Remove Commented out code
* Add InternalOrganizationService
* Use InternalOrganization in services that get to update state
* Add item decryption to encryptService
* Create multithreadEncryptService subclass to handle web workers
* Create encryption web worker
* Refactor cipherService to use new interface
* Update dependencies
* Add needed factories for AuthService
WIP: Allow console logs
* Add badge updates
* Init by listener
* Improve tab identification
* Define MV3 background init
* Init services in factories.
Requires conversion of all factories to promises.
We need to initialize in factory since the requester of a service
doesn't necessarily know all dependencies for that service. The only
alternative is to create an out parameter for a
generated init function, which isn't ideal.
* Improve badge setting
* Use `update-badge` in mv2 and mv3
Separates menu and badge updates
* Use update-badge everywhere
* Use BrowserApi where possible
* Update factories
* Merge duplicated methods
* Continue using private mode messager for now
* Add static platform determination.
* Break down methods and extract BrowserApi Concerns
* Prefer strict equals
* Init two-factor service in factory
* Use globalThis types
* Prefer `globalThis`
* Use Window type definition updated with Opera
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
* Distinguish Opera from Safari
Opera includes Gecko, Chrome, Safari, and Opera in its user agent. We need to make sure that
we're not in Opera prior to testing Safari.
* Update import
* Initialize search-service for update badge context
* Build all browser MV3 artifacts
only uploading Chrome, Edge and Opera artifacts for now, as those support manifest V3
Also corrects build artifact to lower case.
* Remove individual dist
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Add windows to platform utils service
Note, this will result in conflicts with several in-flight PRs, but is necessary for following commits.
* Add necessary background service factories
* Simplify autofill command
* Remove noop event service
* Update imports
* Implement observables in a few places
* Add tests
* Get all clients working
* Use _destroy
* Address PR feedback
* Address PR feedback
* Address feedback
* Extract into new VaultTimeoutSettingsService
* Ensure new service is instantiated and registered for DI
* Create vaultTimeoutSettingsServiceFactory
* Fix VaultTimeoutServiceFactory
* Remove any and use void instead
* Move vaultTimeoutAbstraction into it's own folder
* Move vaultTimeout service into it's own folder
* Added vaultTimeoutServiceFactory and it's missing dependencies
* Add more factories
Revert main.background factory usage.
We could still do this, but factories must init their services and so need
to be async, which is not compatible with initializing in constructors
* Fix conflicts
* Create service factories
* Add onInstall hook to service worker
* Add factory helper and common options structure
* Use factories in main.background
* simplify common factory options
* Split factory service cache and options.
Improve factory method base type handling.
* Add dev flag for managed environment.
* Create sessions sync structure
* Add observing to session-syncer
* Do not run syncer logic in decorator tests
* Extract test constants
* Change Observables to BehaviorSubject
* Move sendMessage to static method in BrowserApi
* Implement session sync
* only watch in manifest v3
* Use session sync on folder service
* Add array observable sync
* Bypass cache on update from message
* Create feature and dev flags for browser
* Protect development-only methods with decorator
* Improve todo comments for long-term residency
* Use class properties in init
* Do not reuse mocks
* Use json (de)serialization patterns
* Fix failing session storage in dev environment
* Split up complex EncString constructor
* Default false for decrypted session storage
* Try removing hydrate EncString method
* PR review
* PR test review
* Add managed_schema
* Add note on login page which server you are logging into.
* Implement it
* Remove caching logic since it seems unecessary
* Add error
* Handle error in hasManagedEnvironment
* Fix compile
* Added abstractions for PolicyApiService and PolicyService
* Added implementations for PolicyApiService and PolicyService
* Updated all references to new PolicyApiService and PolicyService
* Deleted old PolicyService abstraction and implementation
* Fixed CLI import path for policy.service
* Fixed main.background.ts policyApiService dependency for policyService
* Updated policy-api.service with the correct imports
* [EC-376] Sorted methods order in PolicyApiService
* [EC-376] Removed unused clearCache method from PolicyService
* [EC-376] Added upsert method to PolicyService
* [EC-376] PolicyApiService putPolicy method now upserts data to PolicyService
* Removed check for getBiometricLocked
It always returned false even when no biometrics were used.
* Remove the other check for getBiometricsLocked
* Ensure that biometricFingerprintValidation is reset, when biometrics are disabled
* Removed getBiometricsLocked and setBiometricsLocked
With nothing in the codebase reading the state of getBiometricsLocked, I've removed all places where it was set or saved.
* Refactor execution of reload into a separate method
* Conditonally pass the window object to `BrowserApi.reloadExtension`
* Clarify in comment, that the PIN has to be set with ask for Master Password on restart
* Ensure the process reload is executed on logout
* Use accounts instead of lastActive == null to determine a reload on logout
* Moved identical logic from desktop and browser into system.service
* Simplified check for refresh to handle no accounts found, logout, lock with lastActive longer than 5 seconds
* Use abstract methods and generics in StorageService
* Prepend `Abstract` to abstract classes
* Create session browser storage service
* Use memory storage service for state memory
* Inject memory storage service
* Maintain filename extensions to help ide formatting
* Preserve state if it's still in memory
* Use jslib's memory storage service
* linter
* Create prototypes on stored objects
* standardize package scripts
* Add type safety to `withPrototype` decorators
* webpack notify manifest version
* Fix desktop
* linter
* Fix script
* Improve prototye application
* do not change prototype if it already matches desired
* fix error with object values prototype application
* Handle null state
* Apply prototypes to browser-specific state
* Add angular language server to recommended extensions
* Improve browser state service tests
* Start testing state Service
* Fix abstract returns
* Move test setup files to not be picked up by default glob matchers
* Add key generation service
* Add low-dependency encrypt service
* Back crypto service with encrypt service.
We'll want to work items that don't require state over to encrypt service
* Add new storage service and tests
* Properly init more stored values
* Fix reload issues when state service is recovering state from session storage
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Justin Baur <admin@justinbaur.com>
* Simplify encrypt service
* Do not log mac failures for local-backed session storage
* `content` changed to `main` in #2245
* Fix CLI
* Remove loggin
* PR feedback
* Merge remote-tracking branch 'origin/master' into add-memory-storage-to-state-service
* Fix desktop
* Fix decrypt method signature
* Minify if not development
* Key is required
Co-authored-by: Thomas Avery <Thomas-Avery@users.noreply.github.com>
Co-authored-by: Justin Baur <admin@justinbaur.com>
* feat(browser): Update auto biometrics copy
* refactor(common): remove TotpService.isAutoCopyEnabled and use state directly
The TotpService was just taking the value from StateService and forwarding it, making it depend on state service.
All services that depended on the TotpService.isAutoCopyEnable flag also depended on StateService.
This therefore simplifies things by using StateService directly.
* feat(browser): update auto totp copy
* feat(browser): update add login notification copy
* feat(browser): update change password notification copy
* feat(browser): update context menu copy
* feat(browser): update show cards current tab copy
* feat(browser): update show identities current tab copy
* feat(browser): update enable favicon copy
* feat(browser): update badge counter copy
* feat(browser): update auto-fill copy
* feat(desktop): update auto biometrics prompt copy
* feat(desktop): update favicon copy
* feat(desktop): adjust copy
* feat(web): update favicons copy
* feat(web): adjust copy
* feat(web): update preference settings to sentence case
* feat(browser): update settings and options page to sentence case
* feat(desktop): update settings to sentence case
* feat(web): update copy
* feat(desktop): update copy
* Initial org filter work
* update jslib
* Move filter to below cipher length check
* don't show vault filter in personal or org folder
* Use family icon for families org
* jslib and auth guard updates
* lint fixes
* rename GroupingsComponent to VaultFilterComponent
* fix no folder showing all items
* Add checks for PersonalOwnership policy
* update css class names
* lint fixes
* cleanup
* Some final cleanup
* import order lint fix
* remove unused import
* Use smaller icon for chevron
* Update src/popup/vault/organization-filter.component.ts
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* Update src/popup/vault/organization-filter.component.ts
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
* fix lint error
* remove extra localizations
* rename orgFilter -> vaultSelect
* Rename orgFilterService to VaultSelectService
* lint fixes
* combine vault select service with vault filter service
* Use base vault filter service methods
* Use VaultFilter model and other small fixes
* lint fixes
* Final restructuring pass
* Update jslib and remove extra function
* Remove extra imports
* remove space
* Remove vaultFilterService from background services
* Update jslib to latest on feature branch
* merge fix
* update jslib
* [feat] Implement EUVR for desktop
Should contain only https://github.com/bitwarden/desktop/pull/1487, with merge resolutions and style fixes
* [fix] Delete unused GroupingsComponentTemplate
* [dep] Update jslib
Co-authored-by: Addison Beck <addisonbeck1@gmail.com>
Bernd Schoolmann
Daniel James Smith
Robyn MacCallum
Vincent Salucci
Thomas Rittson
Justin Baur
Matt Gibson
Brandon Maharaj
Oscar Hinton
Justin Baur
Rui Tomé
Addison Beck
Andreas Coroiu
Oscar Hinton