* [bug] Fix logout timeout action for inactive accounts
* Pass userId in to the logout callback parameter to the vaultTimeoutService. The message handle in desktop already expects this.
* Set lastActive on account login, and null it on account deauthentication. This prevents an issue where newly logged in accounts immediatly time out due to inactivity.
* Add userId to locked callbacks
* Add userId to log out callback
* Add password protected export
* Run prettier
* Test password protected export service
* Create type for known import type strings
* Test import service changes
* Test bitwarden password importer
* Run prettier
* Remove unnecessary class properties
* Run prettier
* Tslint fixes
* Add KdfType to password protected export
* Linter fixes
* run prettier
* Use Identity server routes
We've moved `prelogin` and `register` endpoints to the Indentity project
Reflecting that change here
* Only update path for dev environment
* Use different strategy classes for different types of login
* General refactor and cleanup of auth logic
* Create subclasses for different types of login credentials
* Create subclasses for different types of tokenRequests
* Create TwoFactorService, move code out of authService
* refactor base CLI commands to use new interface
Some clients have unique global setting defaults (and unique global settings)
For example: the web vault defaults to light theme, but most clients with theme support default to system theme.
The current way we handle GlobalState is buried in jslib and not easily extendible in clients.
To fix this, we need to treat GlobalState as a generic in the StateService and StateMigration service and allow for its extension in those methods and anywhere GlobalState is inited.
* Add testdata, create types for keeperjson import
* Create keeperjson importer and tests
* Register, Create instance of keeperjson importer
* Move keeperCsvImporter to keeperImporters folder
* Fixed import of BaseImporter
* Removed unnecessary check for key
* Move instantiation of importer into beforeEach
* Fixed the second import with a wrong path
* Adjust types based on new test export
* Add test case for empty notes and custom fields
* Implement logic for failed test case
* Removed test expectation
* [bug] Ensure globals set before migration is run are not lost
Some fields, like biometrics, are set before we can run the state migration
For some use cases, like initial install, this can lead to migration clearing those fields when it doesn't find them in storage.
This commit sets up an order of checks for migrating globals that considers fields that may already have been set.
* [style] Ran prettier
There is a use case that overrides locally set environmentUrls: an initial boot of a logged out application.
We override environmentUrls with whatever the tempory settings store has, even if different urls are added before authenticating.
This commit ensures we always use input environmentUrls.
With the move to a central StateService we erroniously cut out search indexing from the process of setting decrypted ciphers to memory.
This commit calls the method responsible for setting decrypted ciphers and indexing when decrypting, instead of setting decrypted ciphers directly.
Some clients, like Directory Connector, use different key for their user identifier: entityId
We currently only check for userId in the migration service, but need to account for both.
A couple of helper methods were recently added to the StateMigrationService, but they were set to private and can't be used in children.
Some clients, like the Directory Connector, extend the StateMigrationService and need access to these methods.
The following data points are currently scoped to an account but are made global with this commit:
* Enable Menu Bar Icon
* Minimize To Menu Bar
* Close To Menu Bar
* Start To Menu Bar
Note: these are all electron specific fields
Currently the StateMigrationService depends on a userId key for running migrations, but if there is not an authenticated user saved to storage that userId is not present.
These changes allow for migrating state data even without an active user. For account specific settings like clearClipboard we now temporarily store those values together in disk state until an account is authed that they can be added to. Temp account state is then cleared.
Some notes:
* In order for this to work we need GlobalState.stateVersion to have a default value of StateVersion.One instead of StateVersion.Latest. Defaulting it to latest was causing migrations to not run on some clients (like desktop) that try to access storage before migrations have been run but save a version as if migrations did run.
* I also noticed we aren't clearing old state items from before migrating, and added a case for this to the migrator.
* I extracted a few bits of reused code into private methods in the stateMigration service. Things like get/set from storage, default options, etc.
* Move CLI Key Connector check out of base class
* Add missing await
* Move safe operation out of try/catch block
* Move Key Connector migration check to unlock command
* Set convertAccountRequired flag in syncService
* Remove unneeded service
* [bug] Improve state management performance
Large vaults see a clear degrade in performance using the state service, especially when multiple vaults are authed and unlocked at the same time.
Some changes made to address this:
1. Clearing in memory decrypted data for non active accounts. This really should have been something we were doing anyway, but letting go of that memory burden has a noticable performance boost.
2. Not loading a bunch of unecsassary data from disk accounts into memory on application startup. This was being done to initilize in memory accounts, but brought a lot of extra baggage with it like storing encrypted data in memory, even though it is never referenced that way.
3. Breaking the on disk state object up into seperate keys for accounts instead of storing everything together under a "state" key. This ensures there is less information fetched from disk each time we call for an account.
There were some restructuring changes needed to facilitate these items:
1. We need to be able to construct an account in the StateService, but typescript doesn't allow for new() constraints on generics so a factory needs to be created and passed into the StateService for this to work.
2. Since we can't reference an all-knowing "accounts" object for on disk state anymore we have to maintain a list of authenticated accounts, and this has been added.
3. The StateMigration service needed to be updated to break up the accounts object, so current dev and QA state will be broken and need to be reset.
Some other general refactorings that were helpful gettings this working:
1. Added a constant for keys to the StateService and StateMigrationService.
2. Bundling everything needed to deauthenticate a user into a dedicated method.
3. Bundling all the disk storage clear methods (that should be refactored later into client specific state services) into one helper method.
4. Bundling everything needed to dynamically select a new active user into a dedicated method.
* [bug] Set environmentUrls appropriatly on account add
* [bug] Stop tracking activity without an active user
* [bug] Remove lastActive from globalState and globalState migration
* [style] Ran prettier
The client side storage restructuring work incorrectly checks if a vault has ever been unlocked to determine neverLock scenerios, but production does the opposite.
This creates an inability to never manually lock neverLock vaults.
This commit sets that condition back to the way it was.
* [bug] Fully initilize environmentUrls default value
We want the full environmentUrls object to be saved to storage with null values as an indicator of using BW cloud.
Currently the initilization behavior creates an empty object instead. Setting property values returns the correct behavior.
* [bug] Return the correct environmentUrls when scaffloging a new account
To allow for setting environmentUrls before an account is created we save that value as a global setting and then apply it to any newly authed accounts.
There is a bug that will instead save the urls used by the previous logged in account, making account switching with multiple servers cause errors.
This commit resolves this by specifically getting environementUrls from global state when creating a new account
* [refactor] Restructure EnvironmentUrls in state
* Patch up (add missing fields) and more extensivly use the EnvironmentUrls class instead of passing around an any
* Add environmentUrls to the AccountSettings model in addition to GlobalState for use in both scopes
* Move EnvironmentUrls initialization to the model level and out of StateSerice
* Adjust the StateMigrationService to account for these changes
* [refactor] Improve order of operations for LockGuardService
We currently jump through a bunch of hoops to verify users can access the Lock page, like checking authentication first.
If a user is not authenticated, they are not locked, so we can improve performance for the happy path of this serivice by checking isLocked first and using isAuthenticated to deviate from the normal flow if needed.
* [bug] Subscribe to State.accounts in EnvironmentService and set urls accordingly
The EnvironmentService has no context for account changes currently and does not update actively used urls based on active account.
This commit addresses this issue by subscribing to State.accounts and resetting the service's urls on account change.
* [bug] Clear AccessToken from State on clean
In order for logout flows to function as expected we need to deauthenticate users when cleaning up state before checking for the next active user
Otherwise the service will continue to think the user being logged out is active
* [refactor] Stop pushing accounts when modifying disk state
There is no reason to push new accounts to subscribers when updating disk state.
Subscribers recieve a copy of in memory state, so changes to disk will not be refelected and have to be fetched seperatly from the service.
Pushing when saving disk state is just creating an unecassary performance burden.
* [refactor] Default to in memory active user if availible, even when accessing disk state
Sometimes we need to pull activeUserId from storage to access a bit of data, like on initial boot, but most of the time this isn't necassary.
Since we pull this userId a lot, checking disk each time is a performance burden. Defaulting to the in memory user ID if avaible helps alleviate this.
* [style] Ran prettier
* [style] Change a let to a const
* [feat(Account Switching)] Allow for extending application state
* [bug(Account Switching)] Remove hardcoded dev urls
* [bug(Account Switching)] Init Account when signing in
* [bug(Account Switching)] Check for state migration version in local storage for web
* [bug(Account Switching)] Fix never lock configurations
* [chore] Prettier merge
* [bug] Move environmentUrls to global state
* [chore] Ran prettier
* [bug]change storage location for enityId and type
* [style] Ran prettier
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>