Commit Graph

1323 Commits

Author SHA1 Message Date
Matt Gibson ea0c8267d4
Rename captcha bypass token (#433) 2021-07-21 13:35:15 -05:00
Oscar Hinton 8bf0f75d9e
[Provider] ProviderOrganization events (#432) 2021-07-21 19:40:52 +02:00
Matt Gibson 1006f50ef3
Feature/use hcaptcha if bot (#430)
* Handle hcaptch required identity response

* Refactor iframe component for captcha and webauthn

* Send captcha token to server

* Add captcha callback

* Clear captcha state

* Remove captcha storage

* linter fixes

* Rename iframe components to include IFrame

* Remove callback in favor of extenting submit

* Limit publickey credentials access

* Use captcha bypass token to bypass captcha for twofactor auth flows

* Linter fixes

* Set iframe version in components
2021-07-21 07:55:26 -05:00
Thomas Rittson 00acbce556
Add models to update send.key with account key (#418) 2021-07-19 07:33:19 +10:00
Addison Beck 58be5796b0
Resolved Safari Date/Time Issues In Send (#428)
* cleaned up date and time logic for Send

* time rename

* fixed casing

* added suffix
2021-07-16 13:53:46 -04:00
Oscar Hinton 48d2ffc8d7
Add UserNamePipe (#429) 2021-07-16 15:24:14 +02:00
Oscar Hinton 9f0ca7e4d2
[Provider] Add initial support for providers (#399) 2021-07-15 15:07:38 +02:00
Thomas Rittson c9b13e4d1b
Expand CONTRIBUTING.md to include submodule info and workflows (#421)
* Add guidance for jslib workflows for community

* Minor typos and wording

* Update CONTRIBUTING.md

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-07-09 08:04:16 +10:00
Oscar Hinton 75fff66f98
Move regexpEmojiPresentation to Utils class (#426) 2021-07-08 16:40:10 +02:00
Thomas Rittson 119699b82c
Fix fingerprint phrases in bulk confirm modal (#425) 2021-07-07 20:08:52 +10:00
Thomas Rittson f711c48696
Transpile unicode property escape regex for backwards compatibility (#424)
* Revert "Update color-password.pipe.js to handle Unicode/Emoji correctly accross platforms. (#354)"

This reverts commit b6f102938f.
Reason: incompatible with FF <= 77

* Revert "Revert "Update color-password.pipe.js to handle Unicode/Emoji correctly accross platforms. (#354)""

This reverts commit 4a0b2641ebb0c9c797f1cd06f6b2401659c1f65d.

* Transpile unicode property escape regex

For compatibility with <= FF 77 and other older browsers

* Fix linting
2021-07-07 07:43:22 +10:00
Oscar Hinton d10d40697c
Set reprompt to None if null (#422) 2021-07-02 20:53:14 +02:00
Shashank S aff5ad1faa
feat: radio button options (#420) 2021-07-02 11:33:11 +10:00
Thomas Rittson 6f6b5a5503
[macOS] Don't enable secure input when app is not in focus (#419)
* Don't engage macOS secure input if not focused

* Refactor to use focusInputOnPageLoad

* Refactor to remove focusInputOnPageLoad
2021-07-02 10:06:54 +10:00
Thomas Rittson 9ee31ad2fb
Improve URL parsing (#411)
* Check hostname is valid in getDomain

* fix linting

* Update noop implementation

* Fix tests

* Fix tests
2021-06-23 06:00:14 +10:00
Matt Gibson 18bf616e2e
Correct typo (#416) 2021-06-22 07:10:47 -05:00
Matt Gibson 78ae9383fb
Persist API key creds for token refresh. (#414)
* Persist API key creds for token refresh.

* Linter fixes
2021-06-21 17:48:06 -05:00
Matt Gibson 5e24a70a87
Vault should be locked if key is not in memory (#413)
Key is loaded on startup if auto key exists.
2021-06-21 17:47:44 -05:00
Matt Gibson f568c87289
Add org name to moved to org success toast (#412) 2021-06-18 07:17:42 -05:00
Matt Gibson 1f83c3c1ba
Fix separate key storage for non desktop (#409)
* Handle non-desktop, non-split key storage

* Reset vaultTimeoutService on clear.

Fixes issues where unlock was required after login

* Specify electron as desktop client

* Use ElelectronCryptoService to handle desktop-specific tasks

* Linter fixes
2021-06-15 09:55:57 -05:00
Thomas Rittson d63ee1858d
Add backwards compatability for new local hashing method (#407)
* Add backwards compatability for existing keyHash

* Minor changes for review comments
2021-06-15 07:35:58 +10:00
Matt Gibson d2ca46b6f5
Add get key from storage for ensuring biometric browser integration (#408) 2021-06-14 14:03:13 -05:00
Thomas Rittson 8797924bd1
Use 2 iterations for local password hashing (#404)
* Use 2 iterations for local password hashing

* fix typo
2021-06-10 07:24:31 +10:00
Matt Gibson 5ba1416679
Authenticate with secure storage service (#402)
* Split secure key into use case

Allows us to push authentication for key access as late as possible.

* Do not reload if biometric locked

* Linter fixes

* Fix key upgrade scenario

* Fix boolean value message parsing

* Handle systems which don't support biometrics

* Do not fail key retrieval on secret upgrade

* Ensure old key is removed regardless of upgrade success

* Log errors
2021-06-09 15:53:54 -05:00
Oscar Hinton d7682cde3b
Move nodeCryptoFunction to jslib-node (#405)
* Move nodeCryptoFunction to jslib-node

* Fix imports

* Fix tests import
2021-06-09 16:59:45 +02:00
Thomas Rittson fdc6f7b1d2
Refactor canactivate guards (#401)
* Refactor route guards to allow for subclassing

* fix linting
2021-06-09 07:35:03 +10:00
Matt Gibson ea90aea013
Use encrypted filename filename in Cipher attachment upload blob name (#403)
* Use EncString type to enforce encryption on filename in Cipher attachment upload

* Fix Cipher attachment test
2021-06-08 14:02:08 -05:00
Thomas Rittson 2e16aef6a2
Add Send-Id header for access requests (#400)
* Add Send-Id header to postSendAccess request

* Add Send Id header to file access requests

* fix linting
2021-06-08 11:50:35 +10:00
Oscar Hinton ff387622e0
Add button to open webauthn new tab (#398) 2021-06-07 18:38:15 +02:00
Oscar Hinton 1016bbfb9e
Split jslib into multiple modules (#363)
* Split jslib into multiple modules
2021-06-03 18:58:57 +02:00
Thomas Rittson b1d9b84eae
Add null check when calling win.webContents (#397) 2021-06-02 07:00:44 +10:00
Kyle Spearrin ca61e13b57
add auth-email header (#394) 2021-05-28 15:41:41 -04:00
Oscar Hinton 25a91313ad
Password reprompt fixes (#393)
* Hide card secrets, and ensure password is reprompted when navigating away

* Check password reprompt before downloading attachments
2021-05-28 19:38:04 +02:00
Thomas Rittson dddcc2bc93
Add encKey validation for org import/export (#392) 2021-05-28 06:48:10 +10:00
Thomas Rittson 6fbe33043b
[Autofill on Page Load options] Make logins autofill on page load by default (#391)
* Make logins autofill on page load by default

* fix linting
2021-05-27 07:02:12 +10:00
Vincent Salucci 324e0909bc
[Reset Password] Add AdminResetPassword event type (#390) 2021-05-26 15:50:55 -05:00
Oscar Hinton 2c297e2f45
Bump NPM to v7 (#389)
* Try bumping npm again

* Add NPM requirement to readme
2021-05-26 21:45:23 +02:00
Thomas Rittson 25917faf91
add support for --cleanexit option (#388) 2021-05-26 07:39:40 +10:00
Oscar Hinton bacb84ca78
Bulk confirm (#386)
* Add api for bulk confirm

* Rename OrganizationUserBulkConfirmResponse to OrganizationUserBulkResponse

* Add keys to contructor for OrganizationUserBulkConfirmRequest

* Linting
2021-05-25 19:02:49 +02:00
Vincent Salucci 395ded02aa
[Reset Password] Update Crypto and Policy services (#387) 2021-05-24 13:29:50 -05:00
Thomas Rittson 5f1ad85dd1
Fix lockGuard logic (#384)
* Fix lockGuard logic

* add missing return values
2021-05-20 21:05:17 +10:00
Thomas Rittson 3ab710389b
Minor tweak so old server doesn't break autofill (#385) 2021-05-20 06:47:45 +10:00
Matt Gibson 79e6d012c5
Use organization api key for auth (#382)
* Create UserService for Api Keys

* Limit scope request for organization keys

* Expose necessary services for org key-based auth service

* Linter fixes

* Add public import models

Since public import is tied tightly to the private api, constructors are
provided to maintain coupling in case of changes

* Do not parallelize file access

This storage is sometims backed by lowdb files. Parallel writes can
cause issues.

* Match file name to class

* Serialize storageService promises

* Prefer multiple awaits to .then chains

* Linter fixes
2021-05-19 14:12:08 -05:00
Vincent Salucci 73ec484b17
[Reset Password] Admin Actions (#349)
* [Reset Password] Admin Actions

* Updated password reset apis to use orgUser.Id instead of orgUser.UserId

* Added new ResetPassword policy type

* Added all necessary changes for organization changes

* Added get/post for org keys // Added org keys reponse model

* Fixed lint errors
2021-05-19 09:40:48 -05:00
Thomas Rittson c8eca37183
Convert Sets to Arrays before saving locally (#383) 2021-05-19 10:10:20 +10:00
Thomas Rittson 3d4ecaeb6a
"Auto-fill on page load" options (#199)
* add autofill on page load props to models and view

For new per-login autofill on page load settings

* filter and cache ciphers per autofill setting

Used by the new autofill on page load feature to identify
matching ciphers and filter according to their autofill setting

* fix null check on array

* fix linting and style errors

* change cacheKey to avoid collision with real url

* Fix linting, set default value for aopl-options

* Fix linting

* update UI

* Remove autofillOnPageLoad from export

* Change enum to boolean

* Add storage key for autofillOnPageLoad default

* fix style
2021-05-18 10:08:28 +10:00
Vince Grassia 7b3f9f12a4
Pin versions of actions in workflow (#381) 2021-05-17 12:46:54 -04:00
Matt Gibson a6bac4e7cd
Add largImport to request model (#378) 2021-05-17 09:43:27 -05:00
Oscar Hinton 6b9246c272
Bulk remove organization users (#376)
* Add support for bulk deleeting org users

* Rename to UserBulkDeleteRequest

* Combine UserBulkReinviteRequest and DeleteRequest to OrganizationUserBulkRequest
2021-05-17 10:11:15 +02:00
Thomas Rittson 8659d0975d
Remove old code for opting into TOTP copy (#379) 2021-05-17 13:20:44 +10:00