1
0
mirror of https://github.com/bitwarden/browser synced 2024-12-18 12:22:59 +01:00
Commit Graph

681 Commits

Author SHA1 Message Date
SmithThe4th
e9865c1cec
[PM-5275] Migrate state in Fido2ClientService to State Providers (#7745)
* added state definition and key definition

* created vault settings service

* created enable passkeys migrations

* created enable passkeys migrations

* renamed the state definition

* created vault settings service

* updated enable passkey key definition

* updated references with vault settings service

* renamed files to avoid conflict

* removed set and get enable passkeys from state service

* removed comment

* fixed comments

* added readonly keyword

* removed service registartion from service module

* removed readonly keyword from abstract class

* swicted to used optional chaining

* renamed files

* added disk-local argument for web
2024-02-06 15:15:22 -05:00
Shane Melton
78008a9e1e
[PM-5277] Migrate Sync Service to State Provider (#7680)
* [PM-5277] Introduce lastSync state via State Providers

* [PM-5277] Add migrator and tests

* [PM-5277] Use memory for web storage location

* [PM-5277] Remove lastSync methods from state service

* [PM-5277] Remove lastSync from AccountProfile

* [PM-5277] Use string instead of Date to fix serialization for chrome.storage API in Browser

* [PM-5277] Only set account if lastSync was deleted during migration

* [PM-5277] Fix spec file
2024-02-06 12:00:41 -08:00
SmithThe4th
7e00ece092
[PM-5276] Migrate FolderService to state providers (#7682)
* added state definitionand key definition for folder service

* added data migrations

* created folder to house key definitions

* deleted browser-folder-service and added state provider to the browser

* exposed decrypt function so it can be used by the key definition, updated folder service to use state provider

* removed memory since derived state is now used

* updated test cases

* updated test cases

* updated migrations after merge conflict fix

* added state provider to the folder service constructor

* renamed migration file

* updated comments

* updated comments

* removed service registartion from browser service module and removed unused set and get encrypted folders from state service

* renamed files

* added storage location overides and removed extra methods
2024-02-06 14:51:02 -05:00
Jake Fink
816bcf4f39
[PM-5255] Create login strategy service (#7750)
* refactor login strategies into own service

* create login service factory

* replaces instances of authService with loginStrategyService

* replace more instances of authService

* move logout back to auth service

* add browser dependencies

* fix desktop dependencies

* fix cli dependencies

* fix lint and test files

* fix anonymous hub deps

* fix webauthn-login service deps

* add loginstrategyservice to bg

* move login strategy service and models to auth folder

* revert changes to tsconfig

* use alias for imports

* fix path

---------

Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2024-02-05 14:26:41 -05:00
Jared Snider
c91ceb2014
Auth/PM-5368 & PM-4613 - Web & Browser - Add support for new 2FA Duo Frameless Redirect flow (#7670)
* [PM-5368] Open Duo auth url. Add BroadcastChannel listener for duo result.

* [PM-5368] Remove debug line. Use PlatformUtilService to launch Uri.

* PM-5368 - Some progress on getting new frameless duo implementation in place

* PM-5368 - Base2FAComp - Save off duoFramelessUrl for use later on as user must be given the option to remember the device before launching the duo frameless flow in the new tab.

* PM-5368 - Web - 2FA Comp - (1) Only show larger width when showing backwards compatible duo (2) Stack buttons per new design (3) selectedProviderType === providerType.OrganizationDuo is correct check for when org requires DUO

* PM-5368 - Web - 2FA Comp - translate duo stuff

* PM-4613 - Browser 2FA - Get most of DUO frameless in place. WIP. Must figure out how to transfer state from popup to popout + add popout logic to auth-popout-windows.ts. Converted existing useAnotherTwoStepMethod button to use new comp lib bitButton per design.

* PM-4613 - Browser 2FA Comp - (1) HTML - add margin around duo frameless text to match figma (2) Get popout extension logic working properly - now closes existing popup

* PM-4613 - TODO figure out communication between web and browser as broadcast channel will not work.

* PM-5368 - Base comp + web changes - (1)  Base component now has a setupDuoResultListener method for child classes to override (2) Web overrides setupDuoResultListener and cleans up broadcast channel once a duo result comes through.

* PM-4613 - Browser - (1) Add window message handling to content-message-handler content script to pass along the duo result message to the browser extension (2) 2FA comp - override setupDuoResultListener and use browserMessagingApi to listen to duoResult and submit when it comes through.

* PM-5368 - Web - 2FA comp - only clean up duo result channel on ngDestroy so that user can re-submit if an error occurs.

* PM-5368 and PM-4613 - (1) Update base 2FA comp to only initialize duo result listener once as init is called any time the user changes 2FA option if multiple are present (duo org and duo personal) (2) Each client now will only create a listener once even if it is called more than once (3) On web, only try to clean up the duoResultChannel if it was created to avoid erroring on other 2FA methods.

* PM-5368 - Base 2FA comp - add TODO to remove duo SDK handling once we remove the duo-redirect flag

* PM-5368 - Per PR feedback, avoid repetition of duo provider check by using a new public property for isDuoProvider

* PM-4613 -  Per PR feedback: (1) Deconstruct code out of data (2) Add test for duoResult.

---------

Co-authored-by: André Bispo <abispo@bitwarden.com>
2024-02-05 13:23:50 -05:00
Cesar Gonzalez
25711afaf6
[PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3 (#7800)
* [PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3

* [PM-5976] Safari Browser SSO Initialization Race Condition Attempted Fix 3

* [PM-5976] Removing usage of pinging system and keeping reworked top-level registration of window message listener events

* [PM-5976] Pulling the implementation of the static content script delcaration for the content-message-handler file to the top of the list of content_scripts

* [PM-5976] Pulling the implementation of the static content script delcaration for the content-message-handler file to the top of the list of content_scripts

* [PM-5976] Removing the useCapture value within the window message event listener
2024-02-05 15:23:17 +00:00
MtnBurrit0
e847244817
[DEVOPS-1719] Update Desktop certificates and provisioning profiles (#7777)
* Update provision SHA1

* Update certificates and profiles

* fix linting

* testing upload to test flight

* Add missing key

* Revert "testing upload to test flight"

This reverts commit aa461fa481.
2024-02-05 08:22:07 -07:00
Jared Snider
d047723f04
Auth & Autofill / PM-5976 - Safari Browser SSO Initialization Race Condition Attempted Fix 2 (#7794)
* Implementing pinging system for SSO to address issue on Safari with race condition

* Implementing pinging system for SSO to address issue on Safari with race condition

* [PM-5976] Updating references within sso.ts

---------

Co-authored-by: Cesar Gonzalez <cgonzalez@bitwarden.com>
2024-02-02 21:23:15 +00:00
Will Martin
cb8849c355
Add eslint rule no-floating-promises (#7789)
* add eslint rule no-floating-promises

* add eslint-disable comment to offending lines
2024-02-02 15:13:37 -05:00
github-actions[bot]
f3beb71d6d
Autosync the updated translations (#7779)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-02-02 16:11:46 +00:00
Cesar Gonzalez
6924d031ee
[PM-5877] Update the extension's webpack compilation process to include browserify-path in manifest v3 (#7751) 2024-02-01 14:51:14 +00:00
Matt Gibson
1da6733e71
JSON stringify memory items (#7731)
* JSON stringify memory items

stringification is required so they can be reliably sent through messaging

* Simplify null handling
2024-01-29 19:42:58 +00:00
Bitwarden DevOps
c1e2b1c6b1
Bumped browser,cli,desktop,web version to 2024.2.0 (#7721) 2024-01-29 16:03:31 +00:00
github-actions[bot]
289a5cd002
Autosync the updated translations (#7717)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-01-29 13:36:11 +01:00
aj-rosado
d5de9cbeb2
[AC-1492] Split export service (#7462)
* Split export service into vault and org export service

* Changed CLI logic to use split export logic

* correct unit tests

* Created individual export service, export service making the calls for org and ind vault

* Improved code readability

* Merged PasswordProtectedExport with Export methods to simplify calls

* Some small refactor

* [AC-1492] Managed collections export (#7556)

* Added managed collections export method
Added logic to show orgs on export that the user can export from

* Merge branch 'tools/AC-1492/split-export-services' into tools/AC-1492/export-flexible-collections

# Conflicts:
#	apps/web/src/app/admin-console/organizations/tools/vault-export/org-vault-export.component.ts
#	apps/web/src/app/tools/vault-export/export.component.ts

* Change export to use new organization.flexiblecollection flag

* Little refactor changing parameter names and reduzing the size of export.component.ts ngOnInit

* Removed unused service from export constructor and removed unnecessary default value from org export service parameter

* Simplified organizations selection for vault export to only verify if it has flexiblecollections

* removed unecessary services from ExportComponent constructor on popup

* Fixed possible race condition on managed export
2024-01-29 09:38:16 +00:00
github-actions[bot]
40aefe0a99
Autosync the updated translations (#7693)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-01-26 12:35:26 +01:00
Jared Snider
2c1d215b71
Auth/PM-5242 - Create new User Verification dialog and form input components which support PIN and biometrics verification (#7536)
* PM-5242 - First working draft of copying out web CL implementation of user verification form and dialog components into standalone libs/auth components which could be used in any client.

* PM-5242 - Rename UserVerificationFormComponent to UserVerificationFormInputComponent b/c it doesn't actually have a form and is meant to slot into a form as an input.

* PM-5242 - Update libs/auth angular index to take renamed component into account

* PM-5242 - Clean up UserVerificationDialogComponent as have much cleaner design approach now (maintain existing func while simply adding new requirements for client side validation for passkeys)

* PM-5242 - UserVerificationFormInput component - WIP draft of new client and server split of user verification logic

* PM-5242 - UserVerificationFormInput - WIP - Lots of progress on client side verification layout - more to do

* PM-5242 - UserVerificationFormInputComponent - Add hasMultipleVerificationMethods property so we can only show alternate methods if user has them.

* PM-5242 - UserVerificationFormInputComponent - rename hasMultipleVerificationMethods to hasMultipleClientVerificationOptions

* PM-5242 - Add new user verification biometrics fingerprint icon with proper secondary fill so it displays properly on all themes.

* PM-5242 - Create enum for tracking client user verification states

* PM-5242 - UserVerificationFormInputComponent - WIP - (1) Got biometrics layout working except for error state (2) Emitting active client verification option and biometrics result to dialog (3) Properly identifying if biometrics is enabled in a platform agnostic way (4) Translations TODO

* PM-5242 - UserVerificationDialogComponent - (1) Wire up new inputs and outputs for UserVerificationFormInput (2) Don't show submit button when clientside biometrics verification active

* PM-5242 - UserVerificationFormInputComponent - wired up biometrics failure and retry handling + re-arranged comp properties to put inputs & outputs at the top

* PM-5242 - UserVerificationFormInput component - Add logic to prevent currently active client verification method from being shown an option

* PM-5242 - UserVerificationFormInput - adjust margins

* PM-5242 - User verification dialog and form input comps - replace Verification with VerificationWithSecret type where applicable

* PM-5242 - UserVerificationFormComp - Default to server for backwards compatibility and to avoid requiring the input at all

* PM-5242 - UserVerificationFormInputComp - (1) Rename processChanges to processSecretChanges (2) Short circuit processSecretChanges when biometrics is active (3) Add new function for determining type of verification that has a secret.

* PM-5242 - UserVerificationDialog - Support custom, optional callout in dialog body.

* PM-5242 - UserVerificationDialogComp - support custom confirm button text and type.

* PM-5242 - UserVerificationDialog - Add user verification dialog result type to allow for handling all possible verification scenarios

* PM-5242 - UserVerificationFormInputComp - tweak comment

* PM-5242 - UserVerificationFormInput comp html - add placeholder text for no client verifications found scenario

* PM-5242 - UserVerificationDialogComponent - (1) Add confirm & cancel to dialog result (2) Add cancel method vs using bitDialogClose for specificity (3) Adjust naming of output property to properly specify that it is scoped to client verification (4) Adjust layout of dialog html to handle when no client side verification methods are found.

* PM-5242 - UserVerificationFormInput - Clean up test code

* PM-5242 - UserVerificationFormInput - For server verification, we don't need to check if the user has a local master key hash as we will generate a hash to send to the server for comparison.

* PM-5242 - UserVerificationFormInput html - Remove now unnecessary dev warning as I've provided a default

* PM-5242 - UserVerification Dialog & Form Input - add translations on all clients for all visible text.

* PM-5242 - UserVerificationFormInput html - remove no active client verification handling from form input comp as it is instead emitted upwards to parent dialog component to be handled there.

* PM-5242 - UserVerificationDialogComp - (1) Make UserVerificationDialogResult.noAvailableClientVerificationMethods optional because it isn't needed in cancel flows (thanks Will) (2) Modify static open to intercept closed observable event in order to always return a UserVerificationDialogResult as BitDialog returns empty string when the user clicks the x

* PM-5242 - UserVerificationDialogComp - Simplify dialog param names to remove redundant dialog

* PM-5242 - UserVerificationDialogParams - update comments to match new names

* PM-5242 - UserVerificationDialog Storybook - WIP first draft

* PM-5242 - UserVerificationDialogStoryComponent - WIP - try out having imports the same as the standalone component

* PM-5242 - UserVerificationDialogStoryComponent - more WIP - building now - some stuff displaying

* PM-5242 - UserVerificationDialogStoryComponent - some progress on providers setup

* PM-5242 - Not going to use storybook for user verification dialog

* PM-5242 - UserVerificationDialogComp - move types into own file + add docs

* PM-5242 - Update auth index to export user-verification-dialog.types

* PM-5242 - UserVerificationFormInput & UserVerificationService - Extract out getAvailableVerificationOptions logic into service

* PM-5242 -UserVerificationDialogComponent - Update close logic to handle escape key undefined scenario

* PM-5242 - UserVerificationFormInput - add getInvalidSecretErrorMessage for properly determining invalid secret translation

* PM-5242 - UserVerificationDialogComp - Refactor submit logic to handle different return methodologies in existing MP and OTP user verification service code vs new PIN flow (e.g., throwing an error instead of returning false)

* PM-5242 - PinCryptoService - change error logs to warnings per discussion with Justin

* PM-5242 - UserVerificationFormInput - Biometrics flow on desktop - remove accidentally added period in couldNotCompleteBiometrics translation key.

* PM-5242 - UserVerificationFormInput HTML - Re-arrange order of other client verification options to match design

* PM-5242 - UserVerificationFormInputComponent - Reset inputs as untouched on change of client verification method.

* PM-5242 - UserVerificationDialogComponent - Remove TODO as existing secret change logic turns invalidSecret false when biometrics is swapped to.

* PM-5242 - UserVerificationFormInputComponent - getInvalidSecretErrorMessage - fix PIN error message not being returned.

* PM-5242 - UserVerificationDialogComponent - Add documentation and examples to open method.

* PM-5242 - UserVerificationDialogComponent - tweak open docs

* PM-5242 - Remove accidental period from translation keys on browser & web

* PM-5242 - UserVerificationFormInputComponent - OTP flow needed button module to work

* PM-5242 - UserVerificationDialogParams - Add docs explaining that noAvailableClientVerificationMethods is only for desktop & browser.

* PM-5242 - User-verification-form-input - Adjust layout to meet new design requirements - (1) On load, send OTP without user clicking a button (2) Allow resending of the codes (3) show a code sent message for 3 seconds

* PM-5242 - Browser User Verification - Instantiate PinCryptoService and UserVerification service AFTER instantiating vaultTimeoutSettingsService so that it isn't undefined at run time.

* PM-5242 - JslibServices Module - UserVerificationService - add missing PlatformUtilsServiceAbstraction dependency.

* PM-5242 - Desktop Native Messaging Service - Wrap biometric getUserKeyFromStorage call in try catch because it throws an error if the user cancels the biometrics prompt and doesn't send a response to the browser extension when using the biometrics unlock bridge to the desktop app and OS.

* PM-5242 - Browser Extension - NativeMessagingBackground - if the desktop biometricUnlock command is executed with a canceled (not adjusting misspelling to keep side effects at a min) response, don't bother continuing.

* PM-5242 - BrowserCryptoService - When retrieving the user key via desktop biometrics, return null for user key if the user fails or cancels the biometrics prompt. Otherwise, if there is a user key in memory after unlock, biometrics user verification will always just return the user key from state regardless of if the user has successfully passed the biometrics prompt or not.

* PM-5242 - BrowserCryptoService - extra comments

* PM-5242 - Clean up translations - (1) Remove unused defaultUserVerificationDialogConfirmBtnText (2) Refactor name of defaultUserVerificationDialogTitle to just be verificationRequired which matches existing naming conventions.

* PM-5242 - CLI - fix order of service instantiations to ensure that vaultTimeoutSettingsService isn't undefined for PinCryptoService and UserVerificationService

* PM-5242 - Rename UserVerificationDialogParams to UserVerificationDialogOptions to match existing naming conventions of other CL comps.

* PM-5242 - UserVerificationDialogComponent - dialogParams renamed to dialogOptions

* PM-5242 - UserVerificationService Abstraction - Per PR feedback, use keyof for verificationType

* PM-5242 - UserVerificationBiometricsIcon - Per PR feedback, use https://jakearchibald.github.io/svgomg/ to optimize SVG by 50%.

* PM-5242 - Per PR feedback, clarify UserVerificationDialogOptions.clientSideOnlyVerification comment.

* PM-5242 - UserVerificationTypes - Add comments clarifying all text passed to the UserVerificationDialog are translation keys

* PM-5242 - UserVerificationDialogComp - fix extra new line per PR feedback

* PM-5242 - UserVerificationDialogTypes - per PR feedback and discussion with Will M., export ButtonType from CL so we (and consumers of the dialog) can properly import it via standard CL import.

* PM-5242 - BrowserCryptoService - Adjust comments per PR feedback.

* PM-5242 - UserVerificationDialogComponent - make ActiveClientVerificationOption readonly as it only for component html

* PM-5242 - UserVerificationDialogComp html - finish comment

* PM-5242 - BrowserCryptoService - add returns js doc per PR feedback.

* PM-5242 - UserVerificationDialogComponent - per PR feedback, add unexpected error toast.

* PM-5242  - UserVerificationService - getAvailableVerificationOptions - update params to use keyof like abstraction

* PM-5242 - Mark all existing client specific implemetations of user verification as deprecated.
2024-01-25 14:03:27 -05:00
Justin Baur
c1d5351075
[PM-5535] Migrate Environment Service to StateProvider (#7621)
* Migrate EnvironmentService

* Move Migration Test Helper

* Claim StateDefinition

* Add State Migration

* Update StateServices

* Update EnvironmentService Abstraction

* Update DI

* Update Browser Instantiation

* Fix BrowserEnvironmentService

* Update Desktop & CLI Instantiation

* Update Usage

* Create isStringRecord helper

* Fix Old Tests

* Use Existing AccountService

* Don't Rely on Parameter Mutation

* Fix Conflicts
2024-01-24 14:21:50 -05:00
Cesar Gonzalez
7436f9112d
[PM-5806] Remove the Inline Auto-fill Menu From textarea Fields (#7655)
* [PM-5806] Remove the autofill overlay menu from textarea fields

* [PM-5806] Running prettier

* [PM-5806] Implementing a new AutofillConstant to more easily exclude overlay types

* [PM-5806] Implementing a new AutofillConstant to more easily exclude overlay types
2024-01-23 22:26:37 +00:00
Cesar Gonzalez
219bad0e42
[PM-5682] Chrome's extension API for retrieving closed ShadowRoots from elements causes performance issues when passed a Node with nested children (#7542)
* [PM-5682] Chrome's extension API for retrieving closed ShadowRoots from elements causes performance issues when passed a Node with nested children

* [PM-5682] Updating jest test to reflect logic changes

* [PM-5682] Removing instances of instanceof check to facilitate better performance

* [PM-5682] Fixing jest test to ensure code coverage

* [PM-5682] Fixing merge conflict
2024-01-23 21:53:24 +00:00
Cesar Gonzalez
609296ad2b
[PM-5617] Re-add setting to turn off browser autofill (#7592)
* [PM-5617] Re-Add Setting to Turn Off Default Browser Autofill

* [PM-5617] Re-Add Setting to Turn Off Default Browser Autofill

* [PM-5617] Removing the privacy optional permission from Firefox

* [PM-5617] Adding jest tests to validate the behavior within BrowserApi

* [PM-5617] Adjusting messaging based on feedback from design

* [PM-5617] Adjusting messaging based on feedback from design

* [PM-5617] Adjusting messaging based on feedback from design

* [PM-5617] Removing unnecessary configService dependency
2024-01-23 19:23:08 +00:00
Alex Morask
014281cb93
[AC-1758] Show banner when organization requires a payment method (#7088)
* Add billing banner states to account settings

* Add billing banner service

* Add add-payment-method-banners.component

* Use add-payment-method-banners.component in layouts

* Clear banner on payment method addition

* Ran prettier after CI update

* Finalize banners styling/translations

* Will's (non-Tailwind) feedback

* Review feedback

* Review feedback

* Review feedback

* Replace StateService with StateProvider in BillingBannerService

* Remove StateService methods
2024-01-23 12:47:52 -05:00
Bitwarden DevOps
90628f031d
Bumped browser version to 2024.1.1 (#7647) 2024-01-22 20:47:09 +00:00
Cesar Gonzalez
0127db44a0
[PM-5551] Removing Autofill v2 and AutofillOverlay Feature Flags (#7642)
* [PM-5551] Removing Autofillv2 and AutofillOverlay Feature Flags

* [PM-5551] Fully removing references to autofill v1
2024-01-22 17:11:07 +00:00
Jonathan Prusik
487d17daed
[PM-5531] Improve captcha field autofill disqualification (#7581)
* improve captcha field autofill disqualification

* add tests
2024-01-19 12:38:23 -05:00
Cesar Gonzalez
d85485e5cb
[PM-5488] Master password re-prompt not triggering correctly from autofill action (#7590)
* [PM-5488] Master Password Re-prompt Not Triggering Correctly When Autofilling From Command

* [PM-5488] Master Password Re-prompt Not Triggering Correctly When Autofilling From Command

* [PM-5488] Adjusting how we handle debouncing the password reprompt window
2024-01-19 17:20:21 +00:00
Jonathan Prusik
d77e3c3352
[PM-4437] Bug - Exclude non-standard search inputs from autofill (#7449)
* exclude non-standard search inputs from identity autofill

* exclude non-standard search inputs from all autofill

* check against excluded login field types when loading password fields

* clean up logic and add tests

* add SearchFieldNames values
2024-01-19 11:47:25 -05:00
github-actions[bot]
5adff446d1
Autosync the updated translations (#7610)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-01-19 10:51:26 +01:00
Matt Gibson
a102f8d90a
Hard code account switching off on Safari (#7510)
The better place for this is arguably in environment configurations, but I don't want to expand that functionality more than it has to in hopes that this is a rare/one-off occurrence.
2024-01-17 15:01:24 -05:00
Cesar Gonzalez
c85b43371a
[PM-5670] Autofill not triggering correctly when DOM mutates element with nested form fields (#7518) 2024-01-17 16:21:55 +00:00
Justin Baur
1c8ab3900c
Use Null-ish Comparison vs Strict Null (#7514) 2024-01-17 10:16:02 -05:00
Matt Gibson
160a636fa0
Move key types to central location (#7531) 2024-01-17 07:27:44 -05:00
Jared Snider
756c02cec2
Auth/PM-4596 - Extract PIN and Biometrics unlock method logic into re-useable services for user verification (#7107)
* PM-4596 - PinCryptoService first draft

* PM-4596 - PinCryptoService - Refactor pinKeyEncryptedKey retrievals out into own method getPinKeyEncryptedKeys

* PM-4596 - npm ci + npm run prettier to fix lint issues

* PM-4596 - PinCryptoService - Add kdf types

* PM-4596 - PinCryptoService - Refactor pin validation into own helper method.

* PM-4596 - Rename pin-crypto.service.ts to pin-crypto.service.implementation.ts

* PM-4596 - PinCryptoService - add additional logging for error states.

* PM-4596 - JslibServicesModule - register new PinCryptoService and PinCryptoServiceAbstraction

* PM-4596 - PinCryptoService - modify decryptUserKeyWithPin signature to not require email to match MP verification process in user verification service.

* PM-4596 - Lock components - use new PinCryptoService.decryptUserKeyWithPin(...) to get user key + refactor base comp unlock with pin method to improve

* PM-4596 - Lock component - if too many invalid attempts, added toast explaining that we were logging the user out due to excess PIN entry attempts

* PM-4596 - UserVerificationService - (1) Refactor verifyUser(...) to use switch + separate methods for a cleaner parent method + better extensibility for PIN & biometrics which are TBD (2) Add PIN support to validateInput(...)

* PM-4596 - UserVerificationService - add PIN and biometrics functions to verifyUser(...)

* PM-4596 - PinCryptoService Spec - start test file - instantiates properly

* PM-4596 - PinCryptoService tests - WIP

* PM-4596 - PinCryptoService tests - WIP - got success cases working

* PM-4596 - pin-crypto.service.implementation.spec.ts renamed to pin-crypto.service.spec.ts

* PM-4596 - PinCryptoService.getPinKeyEncryptedKeys(...) - add comment + var name change for clarity

* PM-4596 - PinCryptoService tests - test invalid, null return scenarios

* PM-4596 - CLI - bw.ts - update UserVerificationService instantiation to include new pinCryptoService

* PM-4596 - PinCryptoService - import VaultTimeoutSettingsServiceAbstraction instead of implementation for factory creation to get browser building

* PM-4596 - (1) Create pinCryptoServiceFactory for browser background (2) Add it to the existing userVerificationServiceFactory

* PM-4596 - Browser - Main.background.ts - Add pinCryptoService and add to userVerificationService dependencies

* PM-4596 - UserVerificationService - per PR feedback simplify returns of verifyUserByPIN(...) and verifyUserByBiometrics(...)

* PM-4596 - Messages.json on desktop & browser - per PR feedback, adjust tooManyInvalidPinEntryAttemptsLoggingOut translation text to remove "you"

* PM-4596 - VerificationType enum - fix line copy mistake and give BIOMETRICS own, unique value.

* PM-4596 - VerificationType - rename BIOMETRICS to Biometrics to match existing MasterPassword value case.

* PM-4596  - Update verification type to consider whether or not a secret exists as we have added a new verification which doesn't have a type. Add new server and client side verification types.  Update all relevant code to pass compilation checks.

* PM-4596 - More verification type tweaking

* PM-4596 - Verification - verificationHasSecret - tweak logic to be more dynamic and flexible for future verification types

* PM-4596 - UpdateTempPasswordComp - use new MasterPasswordVerification

* PM-4596 - Desktop - DeleteAcctComp - use VerificationWithSecret to solve compile error w/ accessing secret

* PM-4596 - Per discussions with Andreas & Will, move new Pin Crypto services into libs/auth + added @bitwarden/auth path to CLI tsconfig + added new, required index.ts files for exporting service abstractions & implementations

* PM-4596 - Fixed missed import fixes for lock components across clients for pin crypto service after moving into @bitwarden/auth

* PM-4596 - More PinCryptoService import fixes to get browser & desktop building

* PM-4596 - Update desktop lock comp tests to pass by providing new pin crypto service.

* PM-4596 - User verification service -update todo

* PM-4596 - PinCryptoService - per PR feedback, fix auto import wrong paths.

* PM-4596 - PinCryptoService tests - fix imports per PR feedback

* PM-4596 - UserVerificationSvc - rename method to validateSecretInput per PR feedback

* Fix imports

* PM-4596 - PinCryptoService - Refactor naming for clarity and move test cases into describes per PR feedback

* reorg libs/auth; expose only libs/auth/core to cli app

* PM-4596 - UserVerification - Resolve import issue with importing from libs/auth. Can't use @bitwarden/auth for whatever reason.

* PM-4596 - Fix desktop build by fixing import

* PM-4596 - Provide PinCryptoService to UserVerificationService

* PM-4596 - PinCryptoServiceFactory - you cannot import services from @bitwarden/auth in the background b/c it brings along the libs/auth/components and introduces angular into the background context which doesn't have access to angular which causes random test failures. So, we must separate out the core services just like the CLI to only bring along the angular agnostic services from core.

* PM-4596 - Refactor libs/auth to have angular / common + update all imports per discussion with Matt & Will. Introduced circular dep between PinCryptoService + VaultTimeoutSettingsService + UserVerificationService

* PM-4596 - VaultTimeoutSettingsService - Refactor UserVerificationService out of the service and update all service instantiations and tests. The use of the UserVerificationService.hasMasterPassword method no longer needs to be used for backwards compatibility. This resolves the circular dependency between the PinCryptoService, the UserVerificationService, and the VaultTimeoutSettingsService. We will likely refactor the hasMasterPassword method out of the UserVerificationService in the future.

* PM-4596 - Update CL tsconfig.libs.json to add new auth/common and auth/angular paths for jslib-services.module imports of pin crypto service to work and for test code coverage to run successfully.

* PM-4596 - Address PR feedback

* PM-4596 - Update root tsconfig (only used by storybook) to add new libs/auth paths to fix chromatic build pipeline.

* PM-4596 - Actually update tsconfig with proper routes to fix storybook

* PM-4596 - UserVerificationService - verifyUserByBiometrics - add error handling logic to convert failed or cancelled biometrics verification to a usable boolean

* PM-4596 - Add missing await

* PM-4596 - (1) Add log service and log to user verification service biometric flow to ensure errors are at least revealed to the console (2) Fix factory missing PinCryptoServiceInitOptions

* PM-4596 - Use the correct log service abstraction

* PM-4596 - Remove unused types per PR review

---------

Co-authored-by: William Martin <contact@willmartian.com>
2024-01-16 14:52:06 -05:00
SmithThe4th
38c525b2ab
added icon when the passkey item resides in an org (#7426) 2024-01-16 14:14:52 -05:00
Jonathan Prusik
eae845d900
[PM-4260] [BEEEP] Mask TOTP seeds in cipher edit view - similar to how the password is hidden (#6649)
* PoC disallow changing masked values in edit mode and mask TOTP with password

* toggle totp seed visibility independently from password visibility in edit mode

* cleanup

* add fallback value for when a cipher returns a null value for maskedPassword

* toggle masks off for maskable login properties with no value on load

* do not show mask toggle for password or totp if no value is present
2024-01-12 22:35:30 -05:00
github-actions[bot]
84f59aa62f
Autosync the updated translations (#7534)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-01-12 06:49:11 +01:00
Rui Tomé
48643e45ea
[AC-1893] Removed logic to downgrade Manager roles and remove Edit/Delete any collection permissions for Flexible Collections (#7365) 2024-01-12 07:54:11 +10:00
aj-rosado
99022e2baa
Added dashed line as separator and label for common formats on format selector for import (#7432) 2024-01-11 16:24:40 +00:00
Cesar Gonzalez
1b1336d92c
[PM-5616] Remove document element mutation observer from Autofill Overlay to fix strange DOM manipulation behavior (#7464)
* [PM-5616] Remove document element mutation observer from Autofill Overlay to fix strange DOM manipulation behavior

* [PM-5616] Removing unnecessary jest tests
2024-01-11 15:54:37 +00:00
Todd Martin
7bd8b00fbf
[PM-2260] Remove TDE feature flag and all conditional logic based on it (#7352) 2024-01-10 12:33:11 -05:00
Matt Gibson
46a3834f46
Add state for everHadUserKey (#7208)
* Migrate ever had user key

* Add DI for state providers

* Add state for everHadUserKey

* Use ever had user key migrator

Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <LRNcardozoWDF@users.noreply.github.com>
Co-authored-by: Jason Ng <Jcory.ng@gmail.com>

* Fix test from merge

* Prefer stored observables to getters

getters create a new observable every time they're called, whereas one set in the constructor is created only once.

* Fix another merge issue

* Fix cli background build

---------

Co-authored-by: SmithThe4th <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <LRNcardozoWDF@users.noreply.github.com>
Co-authored-by: Jason Ng <Jcory.ng@gmail.com>
2024-01-10 11:51:45 -05:00
Cesar Gonzalez
b144f5bce7
[PM-5439] TOTP to clipboard does not work with autofill overlay (#7427)
* [PM-5439] TOTP to Clipboard Does not Work with Autofill Overlay

* [PM-5439] Adding jest tests to validate totp copy action when filling using the overlay
2024-01-09 17:23:00 +00:00
Cesar Gonzalez
e3f20d81e2
[PM-5432] Overlay button iframe presents with a white background on websites that use dark mode (#7415)
* [PM-5432] Overlay button iframe presents with a white background

* [PM-5432] Adding method that allows us to update the overlay button color scheme dynamically

* [PM-5432] Adding jest tests to validate implementation changes
2024-01-08 22:15:53 +00:00
Vladan Simić
cc9a347482
[PM-5632] Update Bitwarden extension review URLs (#7470)
* Update Bitwarden extension review URLs

* Update Chrome Web Store URL

* Update browser extension links
2024-01-08 21:08:18 +01:00
github-actions[bot]
a0d2463b41
Autosync the updated translations (#7455)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-01-05 11:41:19 +01:00
Matt Gibson
92f593df08
Remove unnecessary complex types (#7451)
#7290 introduced these types, but during development we switched over to specifying dependencies in type parameters instead of an object. This change meant we no longer needed these `Type` or `ShapeToInstance` types, greatly simplifying the types related to derived state.
2024-01-04 16:50:55 -05:00
Justin Baur
5e11cb212d
Combined State (#7383)
* Introduce Combined State

* Cleanup Test

* Update Fakes

* Address PR Feedback

* Update libs/common/src/platform/state/implementations/default-active-user-state.ts

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Prettier

* Get rid of ReplaySubject reference

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2024-01-04 16:30:20 -05:00
Matt Gibson
06affa9654
Rework derived state (#7290)
* Remove derived state from state classes

* Create provider for derived state

Derived state is automatically stored to memory storage, but can be derived from any observable.

* Fixup state provider method definitions

* Test `DefaultDerivedState`

* remove implementation notes

* Write docs for derived state

* fixup derived state provider types

* Implement buffered delayUntil operator

* Move state types to a common module

* Move mock ports to centra location

* Alias DerivedStateDependency type

* Add dependencies to browser

* Prefer internal rxjs operators for ref counting

* WIP

* Ensure complete on subjects

* Foreground/background messaging for browser

Defers work for browser to the background

* Test foreground port behaviors

* Inject foreground and background derived state services

* remove unnecessary class field

* Adhere to required options

* Add dderived state to CLI

* Prefer type definition in type parameters to options

* Prefer instance method

* Implements factory methods for common uses

* Remove nothing test

* Remove share subject reference

Share manages connector subjects internally and will reuse them until
refcount is 0 and the cleanup time has passed. Saving our own reference
just risks memory leaks without real testability benefits.

* Fix interaction state
2024-01-04 14:47:49 -05:00
rr-bw
5328ffb349
refactor sort() comparison function to be consistent across browsers (#7440)
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2024-01-04 09:20:44 -08:00
Jason Ng
eebd10dfd0
linting failures from community pr update (#7434) 2024-01-03 15:36:48 -05:00