mirror of
https://github.com/bitwarden/browser
synced 2025-01-06 07:30:10 +01:00
2c208edb98
* Add sync$ observable * Update lock method Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
187 lines
7.0 KiB
TypeScript
187 lines
7.0 KiB
TypeScript
import { Directive } from "@angular/core";
|
|
import { ActivatedRoute, Router } from "@angular/router";
|
|
import { first } from "rxjs/operators";
|
|
|
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
|
import { CryptoService } from "@bitwarden/common/abstractions/crypto.service";
|
|
import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
|
|
import { MessagingService } from "@bitwarden/common/abstractions/messaging.service";
|
|
import { OrganizationApiServiceAbstraction } from "@bitwarden/common/abstractions/organization/organization-api.service.abstraction";
|
|
import { PasswordGenerationService } from "@bitwarden/common/abstractions/passwordGeneration.service";
|
|
import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service";
|
|
import { PolicyApiServiceAbstraction } from "@bitwarden/common/abstractions/policy/policy-api.service.abstraction";
|
|
import { PolicyService } from "@bitwarden/common/abstractions/policy/policy.service.abstraction";
|
|
import { StateService } from "@bitwarden/common/abstractions/state.service";
|
|
import { SyncService } from "@bitwarden/common/abstractions/sync/sync.service.abstraction";
|
|
import { HashPurpose } from "@bitwarden/common/enums/hashPurpose";
|
|
import { DEFAULT_KDF_ITERATIONS, DEFAULT_KDF_TYPE } from "@bitwarden/common/enums/kdfType";
|
|
import { Utils } from "@bitwarden/common/misc/utils";
|
|
import { EncString } from "@bitwarden/common/models/domain/encString";
|
|
import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
|
|
import { KeysRequest } from "@bitwarden/common/models/request/keysRequest";
|
|
import { OrganizationUserResetPasswordEnrollmentRequest } from "@bitwarden/common/models/request/organizationUserResetPasswordEnrollmentRequest";
|
|
import { SetPasswordRequest } from "@bitwarden/common/models/request/setPasswordRequest";
|
|
|
|
import { ChangePasswordComponent as BaseChangePasswordComponent } from "./change-password.component";
|
|
|
|
@Directive()
|
|
export class SetPasswordComponent extends BaseChangePasswordComponent {
|
|
syncLoading = true;
|
|
showPassword = false;
|
|
hint = "";
|
|
identifier: string = null;
|
|
orgId: string;
|
|
resetPasswordAutoEnroll = false;
|
|
|
|
onSuccessfulChangePassword: () => Promise<void>;
|
|
successRoute = "vault";
|
|
|
|
constructor(
|
|
i18nService: I18nService,
|
|
cryptoService: CryptoService,
|
|
messagingService: MessagingService,
|
|
passwordGenerationService: PasswordGenerationService,
|
|
platformUtilsService: PlatformUtilsService,
|
|
private policyApiService: PolicyApiServiceAbstraction,
|
|
policyService: PolicyService,
|
|
protected router: Router,
|
|
private apiService: ApiService,
|
|
private syncService: SyncService,
|
|
private route: ActivatedRoute,
|
|
stateService: StateService,
|
|
private organizationApiService: OrganizationApiServiceAbstraction
|
|
) {
|
|
super(
|
|
i18nService,
|
|
cryptoService,
|
|
messagingService,
|
|
passwordGenerationService,
|
|
platformUtilsService,
|
|
policyService,
|
|
stateService
|
|
);
|
|
}
|
|
|
|
async ngOnInit() {
|
|
await this.syncService.fullSync(true);
|
|
this.syncLoading = false;
|
|
|
|
// eslint-disable-next-line rxjs/no-async-subscribe
|
|
this.route.queryParams.pipe(first()).subscribe(async (qParams) => {
|
|
if (qParams.identifier != null) {
|
|
this.identifier = qParams.identifier;
|
|
}
|
|
});
|
|
|
|
// Automatic Enrollment Detection
|
|
if (this.identifier != null) {
|
|
try {
|
|
const response = await this.organizationApiService.getAutoEnrollStatus(this.identifier);
|
|
this.orgId = response.id;
|
|
this.resetPasswordAutoEnroll = response.resetPasswordEnabled;
|
|
this.enforcedPolicyOptions =
|
|
await this.policyApiService.getMasterPasswordPoliciesForInvitedUsers(this.orgId);
|
|
} catch {
|
|
this.platformUtilsService.showToast("error", null, this.i18nService.t("errorOccurred"));
|
|
}
|
|
}
|
|
|
|
super.ngOnInit();
|
|
}
|
|
|
|
async setupSubmitActions() {
|
|
this.kdf = DEFAULT_KDF_TYPE;
|
|
this.kdfIterations = DEFAULT_KDF_ITERATIONS;
|
|
return true;
|
|
}
|
|
|
|
async performSubmitActions(
|
|
masterPasswordHash: string,
|
|
key: SymmetricCryptoKey,
|
|
encKey: [SymmetricCryptoKey, EncString]
|
|
) {
|
|
const keys = await this.cryptoService.makeKeyPair(encKey[0]);
|
|
const request = new SetPasswordRequest(
|
|
masterPasswordHash,
|
|
encKey[1].encryptedString,
|
|
this.hint,
|
|
this.kdf,
|
|
this.kdfIterations,
|
|
this.identifier,
|
|
new KeysRequest(keys[0], keys[1].encryptedString)
|
|
);
|
|
try {
|
|
if (this.resetPasswordAutoEnroll) {
|
|
this.formPromise = this.apiService
|
|
.setPassword(request)
|
|
.then(async () => {
|
|
await this.onSetPasswordSuccess(key, encKey, keys);
|
|
return this.organizationApiService.getKeys(this.orgId);
|
|
})
|
|
.then(async (response) => {
|
|
if (response == null) {
|
|
throw new Error(this.i18nService.t("resetPasswordOrgKeysError"));
|
|
}
|
|
const userId = await this.stateService.getUserId();
|
|
const publicKey = Utils.fromB64ToArray(response.publicKey);
|
|
|
|
// RSA Encrypt user's encKey.key with organization public key
|
|
const userEncKey = await this.cryptoService.getEncKey();
|
|
const encryptedKey = await this.cryptoService.rsaEncrypt(
|
|
userEncKey.key,
|
|
publicKey.buffer
|
|
);
|
|
|
|
const resetRequest = new OrganizationUserResetPasswordEnrollmentRequest();
|
|
resetRequest.masterPasswordHash = masterPasswordHash;
|
|
resetRequest.resetPasswordKey = encryptedKey.encryptedString;
|
|
|
|
return this.apiService.putOrganizationUserResetPasswordEnrollment(
|
|
this.orgId,
|
|
userId,
|
|
resetRequest
|
|
);
|
|
});
|
|
} else {
|
|
this.formPromise = this.apiService.setPassword(request).then(async () => {
|
|
await this.onSetPasswordSuccess(key, encKey, keys);
|
|
});
|
|
}
|
|
|
|
await this.formPromise;
|
|
|
|
if (this.onSuccessfulChangePassword != null) {
|
|
this.onSuccessfulChangePassword();
|
|
} else {
|
|
this.router.navigate([this.successRoute]);
|
|
}
|
|
} catch {
|
|
this.platformUtilsService.showToast("error", null, this.i18nService.t("errorOccurred"));
|
|
}
|
|
}
|
|
|
|
togglePassword(confirmField: boolean) {
|
|
this.showPassword = !this.showPassword;
|
|
document.getElementById(confirmField ? "masterPasswordRetype" : "masterPassword").focus();
|
|
}
|
|
|
|
private async onSetPasswordSuccess(
|
|
key: SymmetricCryptoKey,
|
|
encKey: [SymmetricCryptoKey, EncString],
|
|
keys: [string, EncString]
|
|
) {
|
|
await this.stateService.setKdfType(this.kdf);
|
|
await this.stateService.setKdfIterations(this.kdfIterations);
|
|
await this.cryptoService.setKey(key);
|
|
await this.cryptoService.setEncKey(encKey[1].encryptedString);
|
|
await this.cryptoService.setEncPrivateKey(keys[1].encryptedString);
|
|
|
|
const localKeyHash = await this.cryptoService.hashPassword(
|
|
this.masterPassword,
|
|
key,
|
|
HashPurpose.LocalAuthorization
|
|
);
|
|
await this.cryptoService.setKeyHash(localKeyHash);
|
|
}
|
|
}
|