Commit Graph

1112 Commits

Author SHA1 Message Date
Justin Baur 657807c96a
[PM-7985] Add & Use InlineDerivedStateProvider (#9131)
* Add & Use InlineDerivedStateProvider

* Remove Comment

* Delete Foreground & Background Derived State
2024-05-13 07:42:29 -04:00
Justin Baur c0216e191a
Use encrypt service in node env secure storage (#9099)
* Use `EncryptService` In `NodeEnvSecureStorage` To Replace Deprecated Methods

* Update Abstract EncryptService Method To Reflect Implementation
2024-05-13 06:51:53 -04:00
✨ Audrey ✨ 4ae208fabc
rotate sends from original key to rotated key (#9130) 2024-05-10 16:08:05 -04:00
Thomas Rittson 8e97c1c8e4
[AC-2500] Update inline menu for collections based on collection permissions (#9080)
* Add view collection options to collection row menus

* Prevent DeleteAnyCollection custom users from viewing collections
2024-05-10 10:50:34 +10:00
Todd Martin a89e148804
[PM-7029] Remove key-rotation-feature-flag (#8816)
* Removed key rotation feature flag.

* Fixed tests

* Removed unused dependency.

* Remove KeyRotationImprovements from default const
2024-05-09 13:24:11 -04:00
rr-bw 7bb8caed42
center secondary content (#9079) 2024-05-08 11:58:21 -07:00
rr-bw a42de41587
[PM-5363] PinService State Providers (#8244)
* move pinKeyEncryptedUserKey

* move pinKeyEncryptedUserKeyEphemeral

* remove comments, move docs

* cleanup

* use UserKeyDefinition

* refactor methods

* add migration

* fix browser dependency

* add tests for migration

* rename to pinService

* move state to PinService

* add PinService dep to CryptoService

* move protectedPin to state provider

* update service deps

* renaming

* move decryptUserKeyWithPin to pinService

* update service injection

* move more methods our of crypto service

* remove CryptoService dep from PinService and update service injection

* remove cryptoService reference

* add method to FakeMasterPasswordService

* fix circular dependency

* fix desktop service injection

* update browser dependencies

* add protectedPin to migrations

* move storePinKey to pinService

* update and clarify documentation

* more jsdoc updates

* update import paths

* refactor isPinLockSet method

* update state definitions

* initialize service before injecting into other services

* initialize service before injecting into other services (bw.ts)

* update clearOn and do additional cleanup

* clarify docs and naming

* assign abstract & private methods, add clarity to decryptAndMigrateOldPinKeyEncryptedMasterKey() method

* derived state (attempt)

* fix typos

* use accountService to get active user email

* use constant userId

* add derived state

* add get and clear for oldPinKeyEncryptedMasterKey

* require userId

* move pinProtected

* add clear methods

* remove pinProtected from account.ts and replace methods

* add methods to create and store pinKeyEncryptedUserKey

* add pinProtected/oldPinKeyEncrypterMasterKey to migration

* update migration tests

* update migration rollback tests

* update to systemService and decryptAndMigrate... method

* remove old test

* increase length of state definition name to meet test requirements

* rename 'TRANSIENT' to 'EPHEMERAL' for consistency

* fix tests for login strategies, vault-export, and fake MP service

* more updates to login-strategy tests

* write new tests for core pinKeyEncrypterUserKey methods and isPinSet

* write new tests for pinProtected and oldPinKeyEncryptedMasterKey methods

* minor test reformatting

* update test for decryptUserKeyWithPin()

* fix bug with oldPinKeyEncryptedMasterKey

* fix tests for vault-timeout-settings.service

* fix bitwarden-password-protected-importer test

* fix login strategy tests and auth-request.service test

* update pinService tests

* fix crypto service tests

* add jsdoc

* fix test file import

* update jsdocs for decryptAndMigrateOldPinKeyEncryptedMasterKey()

* update error messages and jsdocs

* add null checks, move userId retrievals

* update migration tests

* update stateService calls to require userId

* update test for decryptUserKeyWithPin()

* update oldPinKeyEncryptedMasterKey migration tests

* more test updates

* fix factory import

* update tests for isPinSet() and createProtectedPin()

* add test for makePinKey()

* add test for createPinKeyEncryptedUserKey()

* add tests for getPinLockType()

* consolidate userId verification tests

* add tests for storePinKeyEncryptedUserKey()

* fix service dep

* get email based on userId

* use MasterPasswordService instead of internal

* rename protectedPin to userKeyEncryptedPin

* rename to pinKeyEncryptedUserKeyPersistent

* update method params

* fix CryptoService tests

* jsdoc update

* use EncString for userKeyEncryptedPin

* remove comment

* use cryptoFunctionService.compareFast()

* update tests

* cleanup, remove comments

* resolve merge conflict

* fix DI of MasterPasswordService

* more DI fixes
2024-05-08 11:34:47 -07:00
Shane Melton 3a71322510
[AC-1707] Restrict provider access to items (#8265)
* [AC-1707] Add feature flag

* [AC-1707] Prevent loading ciphers for provider users in the org vault when the feature flag is enabled

* [AC-1707] Ensure new canEditAllCiphers logic only applies to organizations that have FC enabled

* [AC-1707] Update editAllCiphers helper to check for restrictProviderAccess feature flag

* [AC-1707] Remove un-used vaultFilterComponent reference

* [AC-1707] Hide vault filter for providers

* [AC-1707] Add search to vault header for provider users

* [AC-1707] Hide New Item button for Providers when restrict provider access feature flag is enabled

* [AC-1707] Remove leftover debug statement

* [AC-1707] Update canEditAllCiphers references to consider the restrictProviderAccessFlag

* [AC-1707] Fix collections component changes from main

* [AC-1707] Fix some feature flag issues from merge with main

* [AC-1707] Avoid 'readonly' collection dialog for providers

* [AC-1707] Fix broken Browser component

* [AC-1707] Fix broken Desktop component

* [AC-1707] Add restrict provider flag to add access badge logic
2024-05-07 12:35:28 -07:00
Matt Gibson de0852431a
[PM-7917] Remove session sync (#9024)
* Remove session sync and MemoryStorageService

* Fix merge
2024-05-07 13:25:49 -04:00
Shane Melton c241aba025
[AC-2555] Cipher collections dialog merge fixes (#9036)
* [AC-2555] Fix missing feature flags in CollectionsComponent

* [AC-2555] Do not filter collections when opening the cipher collections dialog in the org vault
2024-05-07 10:00:47 -07:00
Jason Ng be51f1934a
[AC-1121] Collections Add Access filter and badge (#8404)
* added bit toggle group for add access filter to AC collections
2024-05-07 11:02:50 -04:00
rr-bw 0fb352d8ed
[PM-7343] AnonLayoutComponent Implementation Groundwork (#8585)
* test implementation

* move files

* adjust import and sample router comments

* add storybook docs to anon-layout

* rename to AnonLayoutWrapperComponent

* update storybook docs

* remove references to CL and replace with 'Auth-owned'

* move AnonLayoutWrapperComponent to libs

* add pageTitle input

* add subTitle input

* translate page title/subtitle, and refactor how icon is added

* update tailwind.config and component styles

* adjust spacing between primary and secondary content

* move switch statement to wrapper

* move icon to router file

* update storybook documentation

* fix storybook text color in normal code blocks

* remove sample route

* move wrapper component back to web

* remove sample route

* update storybook docs
2024-05-06 18:34:40 -07:00
Jonathan Prusik 6c21223466
[PM-7662] Suppress welcome window on install when extension is in dev mode (#8864)
* suppress welcome window on install when extension is in dev mode

* use platformUtilsService.isDev instead of process.env.ENV

* use devFlags.skipWelcomeOnInstall instead of platformUtilsService.isDev

* update old dev_flags casing in base configs
2024-05-06 15:25:41 -04:00
cyprain-okeke 425c7914b0
[AC-2558] Provider Admin still sees manage billing options - not the provided image (#9048)
* Fix the issue of provider admin not seeing the image

* Resolve the  case and ternary operator comment
2024-05-06 20:21:11 +01:00
Shane Melton ff3021129e
[PM-6827] Browser Extension Refresh - Tabs Routing (#9004)
* [PM-6827] Add componentRouteSwap util function

* [PM-6827] Add extension-refresh feature flag

* [PM-6827] Add extension-refresh route swap utils

* [PM-6827] Add the TabsV2 component

* [PM-6827] Add the TabsV2 to routing module

* [PM-6827] Fix route prefixes in popup-tab-navigation component
2024-05-06 09:14:47 -07:00
Jake Fink 09ff12fc02
[PM-7919] Add more tde logging (#9035)
* adds additional logging to TDE service

* remove base catch swallowing errors

* add dependency to cli

* fix comment
2024-05-06 11:15:33 -04:00
Will Martin 76cc0f43aa
[CL-280] truncate overflow text in bit-item (#8992) 2024-05-06 10:29:23 -04:00
Justin Baur 869fa29da6
Encourage The Use of UserId in CryptoService (#9033) 2024-05-04 02:04:56 -04:00
Justin Baur e4ef7d362e
[PM-7838] [PM-7864] Ensure AuthStatus Changes Before Exiting (#9018)
* Ensure AuthStatus Changes Before Exiting

* Do Not Display Account Without Name Or Email

* Fix Environment Selectors

* Add AccountService.clean to Web
2024-05-03 16:43:42 -04:00
Justin Baur b46766affd
[PM-7907] No more optional `privateKey` (#9029)
* Update Emergency Access To Get Their Own Key

* Migrate Organization Keys To Get Their Own Key

* Remove Optional Parameters

* Update Abstraction Parameter Name to Match Implementation

* Add @throws Doc
2024-05-03 14:30:45 -04:00
Matt Gibson a4d5717283
Use account service for account enumeration. (#9023) 2024-05-03 14:24:30 -04:00
Alex Morask 0b02d2ee1c
[AC-1970] Add billing navigation group to provider layout (#8941)
* Add billing navigation item to provider layout with empty subscription page behind FF.

* Fixing tests

* Missed build error

* Addison's feedback

* Remove unused function

* Missed one get$ conversion

* Fixed background failure
2024-05-03 12:36:10 -04:00
Jake Fink 4c860e12d7
fix init account validation (#9034) 2024-05-03 12:23:12 -04:00
Jake Fink 69ed6ce1f5
[PM-6727] Part 1: pass userId in login strategies (#9030)
* add validation to initAccount

* pass userId to setMasterKey

* fix key connector tests
2024-05-03 11:54:29 -04:00
Cesar Gonzalez 6b286e9d9e
[PM-7874] Fix lost state when adding a vault item on the current tab view (#9020) 2024-05-02 11:39:48 -05:00
Cesar Gonzalez f51042f813
[PM-7810] Handle Multithread Decryption Through Offscreen API (#8978)
* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* Use a service to track when to open and close offscreen document

There some strangeness around maintaining the offscreen document for more callbacks, that need not have the same reasons and justifications as the original.

We'd need to test, but perhaps the intent is something closer to maintaining a work queue ourselves and creating the offscreen page for only a single reason as it comes in, then waiting for that page to close before opening another.

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Handle Multithread Decryption through Offscreen API

* [PM-7810] Implementing jest tests for OffscreenDocument and BrowserMultithreadEncryptServiceImplementation

* [PM-7810] Separating out the process by which we get decrypted items from the web worker to ensure we do not do duplicate effort

* [PM-7810] Separating out the process by which we get decrypted items from the web worker to ensure we do not do duplicate effort

* Prefer builtin promise flattening

* [PM-7810] Introducing a fallback to the MultithreadEncryptServiceImplementation to ensure we can fallback to single thread decryption if necessary

* [PM-7810] Updating documentation

* [PM-7810] Fixing implementation to leverage the new OffscreenDocumentService

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2024-05-02 16:12:41 +00:00
Justin Baur 4b42ff7171
[PM-3483] Remove `migrateKeyForNeverLockIfNeeded` Logic (#8953)
* Remove `migrateKeyForNeverLockIfNeeded` Logic

* Fix Test

* Remove `migrateAutoKeyIfNeeded`
2024-05-01 15:50:40 -04:00
Shane Melton 89df0e4fad
[AC-1623] Introduce Clone option to individual vault for organization items (#8608)
* [AC-1623] Remove cloneableOrganizationCiphers property
and update canClone to reflect new clone permission logic

* [AC-1623] Remove allowOwnershipAssignment override in orgVault as the same restrictions apply to both vaults

* [AC-1623] Ensure ownershipOptions are restricted for non-admins when cloning an org cipher item
2024-05-01 08:40:12 -07:00
Matt Gibson b4631b0dd1
Ps/improve-log-service (#8989)
* Match console method signatures in logService abstraction

* Add a few usages of improved signature

* Remove reality check test

* Improve electron logging
2024-04-30 12:58:16 -04:00
Matt Gibson 200b0f7534
Correct and test changeover point for userId source in storage migration (#8990) 2024-04-30 12:46:01 -04:00
Alex Morask 418d4642da
Hide grace period note when in self-serve trial (#8768) 2024-04-30 10:55:00 -04:00
Will Martin e7416384dc
[CL-220] item components (#8870) 2024-04-30 10:27:47 -04:00
Matt Gibson c70a5aa024
[PM-6688] Use AccountService as account source (#8893)
* Use account service to track accounts and active account

* Remove state service active account Observables.

* Add email verified to account service

* Do not store account info on logged out accounts

* Add account activity tracking to account service

* Use last account activity from account service

* migrate or replicate account service data

* Add `AccountActivityService` that handles storing account last active data

* Move active and next active user to account service

* Remove authenticated accounts from state object

* Fold account activity into account service

* Fix builds

* Fix desktop app switch

* Fix logging out non active user

* Expand helper to handle new authenticated accounts location

* Prefer view observable to tons of async pipes

* Fix `npm run test:types`

* Correct user activity sorting test

* Be more precise about log out messaging

* Fix dev compare errors

All stored values are serializable, the next step wasn't necessary and was erroring on some types that lack `toString`.

* If the account in unlocked on load of lock component, navigate away from lock screen

* Handle no users case for auth service statuses

* Specify account to switch to

* Filter active account out of inactive accounts

* Prefer constructor init

* Improve comparator

* Use helper methods internally

* Fixup component tests

* Clarify name

* Ensure accounts object has only valid userIds

* Capitalize const values

* Prefer descriptive, single-responsibility guards

* Update libs/common/src/state-migrations/migrate.ts

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* Fix merge

* Add user Id validation

activity for undefined was being set, which was resulting in requests for the auth status of `"undefined"` (string) userId, due to key enumeration. These changes stop that at both locations, as well as account add for good measure.

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-04-30 09:13:02 -04:00
Jared Snider 20de053770
Auth/PM-7811 - Refactor User Auto Unlock Key Hydration Process To Remove Race Conditions (#8979)
* PM-7811 - Refactor UserKeyInitService to UserAutoUnlockKeyService - remove active account listening logic as it introduced race conditions with user key memory retrieval happening before the user auto unlock key was set into memory.

* PM-7811 - CLI - (1) Fix deps (2) On CLI init (pre command execution), if there is an active account, then set the user key in memory from the user auto unlock key.

* PM-7811 - Browser Extension / desktop - (1) Update deps (2) Sets user key in memory if the auto unlock key is set on account switch and background init (must act on all accounts so that account switcher displays unlock status properly).

* PM-7811 - Web - (1) Update deps (2) Sets user key in memory if the auto unlock key is set on init

* PM-7811 - Fix account switcher service changes not being necessary.
2024-04-29 17:43:14 -04:00
Justin Baur 3caa6cb635
[PM-7766] Add `clientType` to MigrationHelper (#8945)
* Add `clientType` to MigrationHelper

* PM-7766 - Fix migration builder tests to take new clientType into account.

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* PM-7766 - Add client type to migration builder tests.

* PM-7766 - Fix migration-helper.spec tests.

* PM-7766 - Fix migrator.spec.ts

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2024-04-29 07:28:58 -04:00
Matt Gibson 88eeebb084
Use a passed in key in derivation so we can validate other keys (#8954)
* Use a passed in key in derivation so we can validate other keys

* Fix user key type tests
2024-04-27 16:32:34 -04:00
Justin Baur 0ecde07525
Run `npm run prettier` (#8950) 2024-04-27 12:37:19 -04:00
findseat 72f411b6e3
Signed-off-by: findseat <penglili@outlook.com> (#8636)
Signed-off-by: findseat <penglili@outlook.com>
2024-04-27 15:15:27 +00:00
Justin Baur a8e4366ec0
Check that `self` is undefined instead of `window` (#8940) 2024-04-26 15:08:59 -04:00
Matt Gibson 089f251a0c
Remove memory storage cache from derived state. Use observable cache and port messaging (#8939) 2024-04-26 15:08:39 -04:00
Jared Snider 7f5efcc18c
PM-7745 - SSO Login Strategy - trySetUserKeyWithDeviceKey should use the user id from the IdTokenResponse and not StateService as I suspect it's not working as expected. Thinking there might be a race condition where the user id is null or maybe incorrect. (#8927) 2024-04-26 10:18:05 -04:00
Victoria League ec37e5e4d3
[CL-219][CL-218][CL-217] Add new extension layout components (#8728) 2024-04-26 09:35:32 -04:00
Oscar Hinton 14b2eb99a2
[PM-2282] Make feature flags type safe (#8612)
Refactors the feature flags in ConfigService to be type safe. It also moves the default value to a centralized location rather than the caller defining it. This ensures consistency across the various places they are used.
2024-04-26 12:57:26 +02:00
Cesar Gonzalez c3d4c7aa3d
[PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components (#8908)
* [PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components

* [PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components
2024-04-25 16:47:20 -05:00
SmithThe4th d8749a0c56
[AC-2359] Ownership does not default to an organization when Remove Individual Vault policy is active (#8910)
* fixed issue with clearing search index state

* clear user index before account is totally cleaned up

* added logout clear on option

* removed redundant clear index from logout

* fixed ownsership dropdown issu where async operations does bot complete early enough before the view is shown
2024-04-25 16:58:25 -04:00
Jake Fink 8afe915be1
[PM-7564] Move 2fa and login strategy service to popup and add state providers to 2fa service (#8820)
* remove 2fa from main.background

* remove login strategy service from main.background

* move 2fa and login strategy service to popup, init in browser

* add state providers to 2fa service
- add deserializer helpers

* use key definitions for global state

* fix calls to 2fa service

* remove extra await

* add delay to wait for active account emission in popup

* add and fix tests

* fix cli

* really fix cli

* remove timeout and wait for active account

* verify expected user is active account

* fix tests

* address feedback
2024-04-25 16:45:23 -04:00
Alex Morask cbf7c292f3
[AC-2485] Add redirects to clients components based on FF and provider status (#8839)
* Add provider clients redirects based on FF and provider status

* Fixing broken test
2024-04-25 15:27:06 -04:00
Ike 1e4158fd87
[PM-5735] Create kdf Service (#8715)
* key connector migration initial

* migrator complete

* fix dependencies

* finalized tests

* fix deps and sync main

* clean up definition file

* fixing tests

* fixed tests

* fixing CLI, Browser, Desktop builds

* fixed factory options

* reverting exports

* implemented UserKeyDefinition clearOn

* Initial Kdf Service Changes

* rename and account setting kdfconfig

* fixing tests and renaming migration

* fixed DI ordering for browser

* rename and fix DI

* Clean up Migrations

* fixing migrations

* begin data structure changes for kdf config

* Make KDF more type safe; co-author: jlf0dev

* fixing tests

* Fixed CLI login and comments

* set now accepts userId and test updates

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-04-25 11:26:01 -07:00
Daniel James Smith dba910d0b9
Create and use `safeGetString()` instead of `instanceof` checks to determine type (#8906)
`safeGetString` takes a `string` or `EncString` and return the appropiate value based on it's type

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-04-24 23:41:35 +02:00
Alex Morask a8ba48898b
Use new endpoint to determine SM standalone (#8904) 2024-04-24 16:29:00 -04:00