mirror of
https://github.com/bitwarden/browser
synced 2025-12-16 00:03:56 +00:00
Merge branch 'master' into feature/org-admin-refresh
This commit is contained in:
Shane Melton
@@ -12,13 +12,13 @@ import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUti
|
||||
import { StateService } from "@bitwarden/common/abstractions/state.service";
|
||||
import { TokenService } from "@bitwarden/common/abstractions/token.service";
|
||||
import { TwoFactorService } from "@bitwarden/common/abstractions/twoFactor.service";
|
||||
import { ApiLogInStrategy } from "@bitwarden/common/misc/logInStrategies/apiLogin.strategy";
|
||||
import { UserApiLogInStrategy } from "@bitwarden/common/misc/logInStrategies/user-api-login.strategy";
|
||||
import { Utils } from "@bitwarden/common/misc/utils";
|
||||
import { ApiLogInCredentials } from "@bitwarden/common/models/domain/log-in-credentials";
|
||||
import { UserApiLogInCredentials } from "@bitwarden/common/models/domain/log-in-credentials";
|
||||
|
||||
import { identityTokenResponseFactory } from "./logIn.strategy.spec";
|
||||
|
||||
describe("ApiLogInStrategy", () => {
|
||||
describe("UserApiLogInStrategy", () => {
|
||||
let cryptoService: SubstituteOf<CryptoService>;
|
||||
let apiService: SubstituteOf<ApiService>;
|
||||
let tokenService: SubstituteOf<TokenService>;
|
||||
@@ -31,8 +31,8 @@ describe("ApiLogInStrategy", () => {
|
||||
let stateService: SubstituteOf<StateService>;
|
||||
let twoFactorService: SubstituteOf<TwoFactorService>;
|
||||
|
||||
let apiLogInStrategy: ApiLogInStrategy;
|
||||
let credentials: ApiLogInCredentials;
|
||||
let apiLogInStrategy: UserApiLogInStrategy;
|
||||
let credentials: UserApiLogInCredentials;
|
||||
|
||||
const deviceId = Utils.newGuid();
|
||||
const keyConnectorUrl = "KEY_CONNECTOR_URL";
|
||||
@@ -55,7 +55,7 @@ describe("ApiLogInStrategy", () => {
|
||||
appIdService.getAppId().resolves(deviceId);
|
||||
tokenService.getTwoFactorToken().resolves(null);
|
||||
|
||||
apiLogInStrategy = new ApiLogInStrategy(
|
||||
apiLogInStrategy = new UserApiLogInStrategy(
|
||||
cryptoService,
|
||||
apiService,
|
||||
tokenService,
|
||||
@@ -69,7 +69,7 @@ describe("ApiLogInStrategy", () => {
|
||||
keyConnectorService
|
||||
);
|
||||
|
||||
credentials = new ApiLogInCredentials(apiClientId, apiClientSecret);
|
||||
credentials = new UserApiLogInCredentials(apiClientId, apiClientSecret);
|
||||
});
|
||||
|
||||
it("sends api key credentials to the server", async () => {
|
||||
@@ -24,9 +24,9 @@ import { EmergencyAccessUpdateRequest } from "../models/request/emergency-access
|
||||
import { EventRequest } from "../models/request/event.request";
|
||||
import { GroupRequest } from "../models/request/group.request";
|
||||
import { IapCheckRequest } from "../models/request/iap-check.request";
|
||||
import { ApiTokenRequest } from "../models/request/identity-token/api-token.request";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
|
||||
import { UserApiTokenRequest } from "../models/request/identity-token/user-api-token.request";
|
||||
import { ImportCiphersRequest } from "../models/request/import-ciphers.request";
|
||||
import { ImportOrganizationCiphersRequest } from "../models/request/import-organization-ciphers.request";
|
||||
import { KdfRequest } from "../models/request/kdf.request";
|
||||
@@ -175,7 +175,7 @@ export abstract class ApiService {
|
||||
) => Promise<any>;
|
||||
|
||||
postIdentityToken: (
|
||||
request: PasswordTokenRequest | SsoTokenRequest | ApiTokenRequest
|
||||
request: PasswordTokenRequest | SsoTokenRequest | UserApiTokenRequest
|
||||
) => Promise<IdentityTokenResponse | IdentityTwoFactorResponse | IdentityCaptchaResponse>;
|
||||
refreshIdentityToken: () => Promise<any>;
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ import { Observable } from "rxjs";
|
||||
import { AuthenticationStatus } from "../enums/authenticationStatus";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import {
|
||||
ApiLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
PasswordlessLogInCredentials,
|
||||
@@ -20,7 +20,7 @@ export abstract class AuthService {
|
||||
|
||||
logIn: (
|
||||
credentials:
|
||||
| ApiLogInCredentials
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
@@ -31,7 +31,7 @@ export abstract class AuthService {
|
||||
) => Promise<AuthResult>;
|
||||
logOut: (callback: () => void) => void;
|
||||
makePreloginKey: (masterPassword: string, email: string) => Promise<SymmetricCryptoKey>;
|
||||
authingWithApiKey: () => boolean;
|
||||
authingWithUserApiKey: () => boolean;
|
||||
authingWithSso: () => boolean;
|
||||
authingWithPassword: () => boolean;
|
||||
authingWithPasswordless: () => boolean;
|
||||
|
||||
@@ -12,6 +12,10 @@ export abstract class FolderService {
|
||||
clearCache: () => Promise<void>;
|
||||
encrypt: (model: FolderView, key?: SymmetricCryptoKey) => Promise<Folder>;
|
||||
get: (id: string) => Promise<Folder>;
|
||||
/**
|
||||
* @deprecated Only use in CLI!
|
||||
*/
|
||||
getFromState: (id: string) => Promise<Folder>;
|
||||
/**
|
||||
* @deprecated Only use in CLI!
|
||||
*/
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
export enum AuthenticationType {
|
||||
Password = 0,
|
||||
Sso = 1,
|
||||
Api = 2,
|
||||
UserApi = 2,
|
||||
Passwordless = 3,
|
||||
}
|
||||
|
||||
@@ -11,23 +11,23 @@ import { TwoFactorProviderType } from "../../enums/twoFactorProviderType";
|
||||
import { Account, AccountProfile, AccountTokens } from "../../models/domain/account";
|
||||
import { AuthResult } from "../../models/domain/auth-result";
|
||||
import {
|
||||
ApiLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
PasswordlessLogInCredentials,
|
||||
} from "../../models/domain/log-in-credentials";
|
||||
import { DeviceRequest } from "../../models/request/device.request";
|
||||
import { ApiTokenRequest } from "../../models/request/identity-token/api-token.request";
|
||||
import { PasswordTokenRequest } from "../../models/request/identity-token/password-token.request";
|
||||
import { SsoTokenRequest } from "../../models/request/identity-token/sso-token.request";
|
||||
import { TokenTwoFactorRequest } from "../../models/request/identity-token/token-two-factor.request";
|
||||
import { UserApiTokenRequest } from "../../models/request/identity-token/user-api-token.request";
|
||||
import { KeysRequest } from "../../models/request/keys.request";
|
||||
import { IdentityCaptchaResponse } from "../../models/response/identity-captcha.response";
|
||||
import { IdentityTokenResponse } from "../../models/response/identity-token.response";
|
||||
import { IdentityTwoFactorResponse } from "../../models/response/identity-two-factor.response";
|
||||
|
||||
export abstract class LogInStrategy {
|
||||
protected abstract tokenRequest: ApiTokenRequest | PasswordTokenRequest | SsoTokenRequest;
|
||||
protected abstract tokenRequest: UserApiTokenRequest | PasswordTokenRequest | SsoTokenRequest;
|
||||
protected captchaBypassToken: string = null;
|
||||
|
||||
constructor(
|
||||
@@ -44,7 +44,7 @@ export abstract class LogInStrategy {
|
||||
|
||||
abstract logIn(
|
||||
credentials:
|
||||
| ApiLogInCredentials
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
|
||||
@@ -9,14 +9,14 @@ import { PlatformUtilsService } from "../../abstractions/platformUtils.service";
|
||||
import { StateService } from "../../abstractions/state.service";
|
||||
import { TokenService } from "../../abstractions/token.service";
|
||||
import { TwoFactorService } from "../../abstractions/twoFactor.service";
|
||||
import { ApiLogInCredentials } from "../../models/domain/log-in-credentials";
|
||||
import { ApiTokenRequest } from "../../models/request/identity-token/api-token.request";
|
||||
import { UserApiLogInCredentials } from "../../models/domain/log-in-credentials";
|
||||
import { UserApiTokenRequest } from "../../models/request/identity-token/user-api-token.request";
|
||||
import { IdentityTokenResponse } from "../../models/response/identity-token.response";
|
||||
|
||||
import { LogInStrategy } from "./logIn.strategy";
|
||||
|
||||
export class ApiLogInStrategy extends LogInStrategy {
|
||||
tokenRequest: ApiTokenRequest;
|
||||
export class UserApiLogInStrategy extends LogInStrategy {
|
||||
tokenRequest: UserApiTokenRequest;
|
||||
|
||||
constructor(
|
||||
cryptoService: CryptoService,
|
||||
@@ -51,8 +51,8 @@ export class ApiLogInStrategy extends LogInStrategy {
|
||||
}
|
||||
}
|
||||
|
||||
async logIn(credentials: ApiLogInCredentials) {
|
||||
this.tokenRequest = new ApiTokenRequest(
|
||||
async logIn(credentials: UserApiLogInCredentials) {
|
||||
this.tokenRequest = new UserApiTokenRequest(
|
||||
credentials.clientId,
|
||||
credentials.clientSecret,
|
||||
await this.buildTwoFactor(),
|
||||
@@ -26,8 +26,8 @@ export class SsoLogInCredentials {
|
||||
) {}
|
||||
}
|
||||
|
||||
export class ApiLogInCredentials {
|
||||
readonly type = AuthenticationType.Api;
|
||||
export class UserApiLogInCredentials {
|
||||
readonly type = AuthenticationType.UserApi;
|
||||
|
||||
constructor(public clientId: string, public clientSecret: string) {}
|
||||
}
|
||||
|
||||
@@ -42,10 +42,12 @@ export abstract class TokenRequest {
|
||||
obj.authRequest = this.passwordlessAuthRequest;
|
||||
}
|
||||
|
||||
if (this.twoFactor.token && this.twoFactor.provider != null) {
|
||||
obj.twoFactorToken = this.twoFactor.token;
|
||||
obj.twoFactorProvider = this.twoFactor.provider;
|
||||
obj.twoFactorRemember = this.twoFactor.remember ? "1" : "0";
|
||||
if (this.twoFactor) {
|
||||
if (this.twoFactor.token && this.twoFactor.provider != null) {
|
||||
obj.twoFactorToken = this.twoFactor.token;
|
||||
obj.twoFactorProvider = this.twoFactor.provider;
|
||||
obj.twoFactorRemember = this.twoFactor.remember ? "1" : "0";
|
||||
}
|
||||
}
|
||||
|
||||
return obj;
|
||||
|
||||
@@ -3,7 +3,7 @@ import { DeviceRequest } from "../device.request";
|
||||
import { TokenTwoFactorRequest } from "./token-two-factor.request";
|
||||
import { TokenRequest } from "./token.request";
|
||||
|
||||
export class ApiTokenRequest extends TokenRequest {
|
||||
export class UserApiTokenRequest extends TokenRequest {
|
||||
constructor(
|
||||
public clientId: string,
|
||||
public clientSecret: string,
|
||||
@@ -31,10 +31,10 @@ import { EmergencyAccessUpdateRequest } from "../models/request/emergency-access
|
||||
import { EventRequest } from "../models/request/event.request";
|
||||
import { GroupRequest } from "../models/request/group.request";
|
||||
import { IapCheckRequest } from "../models/request/iap-check.request";
|
||||
import { ApiTokenRequest } from "../models/request/identity-token/api-token.request";
|
||||
import { PasswordTokenRequest } from "../models/request/identity-token/password-token.request";
|
||||
import { SsoTokenRequest } from "../models/request/identity-token/sso-token.request";
|
||||
import { TokenTwoFactorRequest } from "../models/request/identity-token/token-two-factor.request";
|
||||
import { UserApiTokenRequest } from "../models/request/identity-token/user-api-token.request";
|
||||
import { ImportCiphersRequest } from "../models/request/import-ciphers.request";
|
||||
import { ImportOrganizationCiphersRequest } from "../models/request/import-organization-ciphers.request";
|
||||
import { KdfRequest } from "../models/request/kdf.request";
|
||||
@@ -206,7 +206,7 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
// Auth APIs
|
||||
|
||||
async postIdentityToken(
|
||||
request: ApiTokenRequest | PasswordTokenRequest | SsoTokenRequest
|
||||
request: UserApiTokenRequest | PasswordTokenRequest | SsoTokenRequest
|
||||
): Promise<IdentityTokenResponse | IdentityTwoFactorResponse | IdentityCaptchaResponse> {
|
||||
const headers = new Headers({
|
||||
"Content-Type": "application/x-www-form-urlencoded; charset=utf-8",
|
||||
@@ -219,7 +219,7 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
request.alterIdentityTokenHeaders(headers);
|
||||
|
||||
const identityToken =
|
||||
request instanceof ApiTokenRequest
|
||||
request instanceof UserApiTokenRequest
|
||||
? request.toIdentityToken()
|
||||
: request.toIdentityToken(this.platformUtilsService.getClientType());
|
||||
|
||||
@@ -2271,8 +2271,7 @@ export class ApiService implements ApiServiceAbstraction {
|
||||
|
||||
const appId = await this.appIdService.getAppId();
|
||||
const deviceRequest = new DeviceRequest(appId, this.platformUtilsService);
|
||||
|
||||
const tokenRequest = new ApiTokenRequest(
|
||||
const tokenRequest = new UserApiTokenRequest(
|
||||
clientId,
|
||||
clientSecret,
|
||||
new TokenTwoFactorRequest(),
|
||||
|
||||
@@ -17,13 +17,13 @@ import { AuthenticationStatus } from "../enums/authenticationStatus";
|
||||
import { AuthenticationType } from "../enums/authenticationType";
|
||||
import { KdfType } from "../enums/kdfType";
|
||||
import { KeySuffixOptions } from "../enums/keySuffixOptions";
|
||||
import { ApiLogInStrategy } from "../misc/logInStrategies/apiLogin.strategy";
|
||||
import { PasswordLogInStrategy } from "../misc/logInStrategies/passwordLogin.strategy";
|
||||
import { PasswordlessLogInStrategy } from "../misc/logInStrategies/passwordlessLogin.strategy";
|
||||
import { SsoLogInStrategy } from "../misc/logInStrategies/ssoLogin.strategy";
|
||||
import { UserApiLogInStrategy } from "../misc/logInStrategies/user-api-login.strategy";
|
||||
import { AuthResult } from "../models/domain/auth-result";
|
||||
import {
|
||||
ApiLogInCredentials,
|
||||
UserApiLogInCredentials,
|
||||
PasswordLogInCredentials,
|
||||
SsoLogInCredentials,
|
||||
PasswordlessLogInCredentials,
|
||||
@@ -67,7 +67,7 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
}
|
||||
|
||||
private logInStrategy:
|
||||
| ApiLogInStrategy
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy;
|
||||
@@ -92,7 +92,7 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
|
||||
async logIn(
|
||||
credentials:
|
||||
| ApiLogInCredentials
|
||||
| UserApiLogInCredentials
|
||||
| PasswordLogInCredentials
|
||||
| SsoLogInCredentials
|
||||
| PasswordlessLogInCredentials
|
||||
@@ -100,7 +100,7 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
this.clearState();
|
||||
|
||||
let strategy:
|
||||
| ApiLogInStrategy
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy;
|
||||
@@ -134,8 +134,8 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
this.keyConnectorService
|
||||
);
|
||||
break;
|
||||
case AuthenticationType.Api:
|
||||
strategy = new ApiLogInStrategy(
|
||||
case AuthenticationType.UserApi:
|
||||
strategy = new UserApiLogInStrategy(
|
||||
this.cryptoService,
|
||||
this.apiService,
|
||||
this.tokenService,
|
||||
@@ -203,8 +203,8 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
this.messagingService.send("loggedOut");
|
||||
}
|
||||
|
||||
authingWithApiKey(): boolean {
|
||||
return this.logInStrategy instanceof ApiLogInStrategy;
|
||||
authingWithUserApiKey(): boolean {
|
||||
return this.logInStrategy instanceof UserApiLogInStrategy;
|
||||
}
|
||||
|
||||
authingWithSso(): boolean {
|
||||
@@ -272,7 +272,7 @@ export class AuthService implements AuthServiceAbstraction {
|
||||
|
||||
private saveState(
|
||||
strategy:
|
||||
| ApiLogInStrategy
|
||||
| UserApiLogInStrategy
|
||||
| PasswordLogInStrategy
|
||||
| SsoLogInStrategy
|
||||
| PasswordlessLogInStrategy
|
||||
|
||||
@@ -64,6 +64,20 @@ export class FolderService implements InternalFolderServiceAbstraction {
|
||||
return folders.find((folder) => folder.id === id);
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated For the CLI only
|
||||
* @param id id of the folder
|
||||
*/
|
||||
async getFromState(id: string): Promise<Folder> {
|
||||
const foldersMap = await this.stateService.getEncryptedFolders();
|
||||
const folder = foldersMap[id];
|
||||
if (folder == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return new Folder(folder);
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated Only use in CLI!
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user