feat(change-password-component): Change Password Update [18720] - Found a bug, working on password policy being present on login.

apps/web/src/app/oss-routing.module.ts

@@ -594,8 +594,7 @@ const routes: Routes = [
       {
         path: "change-password",
         component: ChangePasswordComponent,
-        // TODO: Turn this on with PM-22155 and resolve routing complexities.
-        // canActivate: [authGuard],
+        canActivate: [authGuard],
       },
     ],
   },

libs/auth/src/angular/change-password/change-password.component.ts

@@ -84,14 +84,6 @@ export class ChangePasswordComponent implements OnInit {
       this.policyService.masterPasswordPolicyOptions$(this.userId),
     );
 
-    /**
-     * In the event of the org invitation flow, this will always be ForceSetPasswordReason.None
-     * because the `password-login.strategy` short circuits before setting the force set password
-     * reason. We used to have two separate components, update-temp-password and update-password
-     * which could show discrete messages based on the flow, but we cannot do that with one shared
-     * component. I cannot use the AcceptOrganizationInviteService to determine if we have an org
-     * invite so how can I determine that?
-     */
     this.forceSetPasswordReason = await firstValueFrom(
       this.masterPasswordService.forceSetPasswordReason$(this.userId),
     );

libs/auth/src/angular/login/login.component.ts

@@ -236,6 +236,9 @@ export class LoginComponent implements OnInit, OnDestroy {
     if (
       await this.configService.getFeatureFlag(FeatureFlag.PM16117_ChangeExistingPasswordRefactor)
     ) {
+      // Try to retrieve any org policies from an org invite now so we can send it to the
+      // login strategies. Since it is optional and we only want to be doing this on the
+      // web we will only send in content in the right context.
       const orgPoliciesFromInvite = this.loginComponentService.getOrgPoliciesFromOrgInvite
         ? await this.loginComponentService.getOrgPoliciesFromOrgInvite()
         : null;
@@ -310,7 +313,7 @@ export class LoginComponent implements OnInit, OnDestroy {
          This is now unsupported and requires a downgraded client */
       this.toastService.showToast({
         variant: "error",
-        title: this.i18nService.t("errorOccured"),
+        title: this.i18nService.t("errorOccurred"),
         message: this.i18nService.t("legacyEncryptionUnsupported"),
       });
       return;

libs/auth/src/common/login-strategies/password-login.strategy.ts

@@ -105,7 +105,7 @@ export class PasswordLoginStrategy extends LoginStrategy {
     if (
       await this.configService.getFeatureFlag(FeatureFlag.PM16117_ChangeExistingPasswordRefactor)
     ) {
-      data.passwordPolicy = credentials.masterPasswordPolicies;
+      data.passwordPolicy = credentials.masterPasswordPoliciesFromOrgInvite;
     }
 
     this.cache.next(data);
@@ -183,9 +183,9 @@ export class PasswordLoginStrategy extends LoginStrategy {
     if (
       await this.configService.getFeatureFlag(FeatureFlag.PM16117_ChangeExistingPasswordRefactor)
     ) {
-      // Take credentials from a potential org invite first, then take from
-      masterPasswordPolicyOptions = credentials.masterPasswordPolicies
-        ? credentials.masterPasswordPolicies
+      // !IMPORTANT! Take credentials from a potential org invite first, then take from
+      masterPasswordPolicyOptions = credentials.masterPasswordPoliciesFromOrgInvite
+        ? credentials.masterPasswordPoliciesFromOrgInvite
         : this.getMasterPasswordPolicyOptionsFromResponse(identityResponse);
 
       if (!masterPasswordPolicyOptions?.enforceOnLogin) {

libs/auth/src/common/models/domain/login-credentials.ts

@@ -16,7 +16,7 @@ export class PasswordLoginCredentials {
     public email: string,
     public masterPassword: string,
     public twoFactor?: TokenTwoFactorRequest,
-    public masterPasswordPolicies?: MasterPasswordPolicyOptions,
+    public masterPasswordPoliciesFromOrgInvite?: MasterPasswordPolicyOptions,
   ) {}
 }