Auth/PM-11252 - Registration with Email Verification - Add new redirect connector (#10682)

* PM-11252 - Registration with email verification - Add new signup redirect connector

* PM-11252 - Make the redirect connector generic and extensible while updating it to reference the new fragment based approach which prevents open redirects and prevents the query string from being sent to servers or proxies.

* PM-11252 - PR feedback - refactor redirect to simply forward any fragment onward with no query param parsing required leading to an even more generic solution.

* PM-11252 - Docs

* PM-11252 - PR Feedback - Include styles in chunks to remove need to manually import scss

* PM-11252 - Update redirect html to tailwind.

apps/web/src/connectors/redirect.html

@@ -0,0 +1,29 @@
+<!doctype html>
+<html class="theme_light">
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=1010" />
+    <meta name="theme-color" content="#175DDC" />
+
+    <title>Bitwarden Web vault</title>
+
+    <link rel="apple-touch-icon" sizes="180x180" href="../images/icons/apple-touch-icon.png" />
+    <link rel="icon" type="image/png" sizes="32x32" href="../images/icons/favicon-32x32.png" />
+    <link rel="icon" type="image/png" sizes="16x16" href="../images/icons/favicon-16x16.png" />
+    <link rel="mask-icon" href="../images/icons/safari-pinned-tab.svg" color="#175DDC" />
+    <link rel="manifest" href="../manifest.json" />
+  </head>
+
+  <body class="layout_frontend">
+    <div class="tw-p-8 tw-flex">
+      <img class="new-logo-themed" alt="Bitwarden" />
+      <div class="spinner-container tw-justify-center">
+        <i
+          class="bwi bwi-spinner bwi-spin bwi-3x tw-text-muted"
+          title="Loading"
+          aria-hidden="true"
+        ></i>
+      </div>
+    </div>
+  </body>
+</html>

apps/web/src/connectors/redirect.ts

@@ -0,0 +1,17 @@
+// This redirect connector is used to redirect users to the correct URL after they have been sent here from an email link.
+// The fragment contains the information needed to redirect the user to the correct page.
+// This is required because android app links couldn't properly handle the angular hash based route we originally had in the email link.
+window.addEventListener("load", () => {
+  // ex: https://vault.bitwarden.com/redirect-connector.html#finish-signup?token=fakeToken&email=example%40example.com&fromEmail=true
+  const currentUrl = new URL(window.location.href);
+
+  // Get the fragment (everything after the #)
+  const fragment = currentUrl.hash.substring(1); // Remove the leading #
+
+  if (!fragment) {
+    throw new Error("No fragment found in URL. Cannot determine redirect.");
+  }
+
+  const newUrl = `${window.location.origin}/#/${fragment}`;
+  window.location.href = newUrl;
+});

apps/web/webpack.config.js

@@ -111,6 +111,11 @@ const plugins = [
     filename: "sso-connector.html",
     chunks: ["connectors/sso"],
   }),
+  new HtmlWebpackPlugin({
+    template: "./src/connectors/redirect.html",
+    filename: "redirect-connector.html",
+    chunks: ["connectors/redirect", "styles"],
+  }),
   new HtmlWebpackPlugin({
     template: "./src/connectors/captcha.html",
     filename: "captcha-connector.html",
@@ -325,6 +330,7 @@ const webpackConfig = {
     "connectors/sso": "./src/connectors/sso.ts",
     "connectors/captcha": "./src/connectors/captcha.ts",
     "connectors/duo-redirect": "./src/connectors/duo-redirect.ts",
+    "connectors/redirect": "./src/connectors/redirect.ts",
     styles: ["./src/scss/styles.scss", "./src/scss/tailwind.css"],
     theme_head: "./src/theme.ts",
   },