Auth - Prefer signal & change detection (#16950)

2025-12-06 00:13:28 +00:00 · 2025-10-23 03:28:47 +02:00
parent 0ec3f661d5
commit 29dccd6352
96 changed files with 311 additions and 3 deletions
--- a/libs/angular/src/auth/components/authentication-timeout.component.ts
+++ b/libs/angular/src/auth/components/authentication-timeout.component.ts
@@ -9,6 +9,8 @@ import { ButtonModule } from "@bitwarden/components";
 * This component is used to display a message to the user that their authentication session has expired.
 * It provides a button to navigate to the login page.
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-authentication-timeout",
  imports: [CommonModule, JslibModule, ButtonModule, RouterModule],
--- a/libs/angular/src/auth/components/two-factor-icon.component.ts
+++ b/libs/angular/src/auth/components/two-factor-icon.component.ts
@@ -9,13 +9,19 @@ import {
  TwoFactorAuthWebAuthnIcon,
 } from "@bitwarden/assets/svg";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-two-factor-icon",
  templateUrl: "./two-factor-icon.component.html",
  standalone: false,
 })
 export class TwoFactorIconComponent {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() provider: any;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() name: string;

  protected readonly IconProviderMap: { [key: number | string]: Icon } = {
--- a/libs/angular/src/auth/components/user-verification.component.ts
+++ b/libs/angular/src/auth/components/user-verification.component.ts
@@ -26,6 +26,8 @@ import { KeyService } from "@bitwarden/key-management";
 })
 export class UserVerificationComponent implements ControlValueAccessor, OnInit, OnDestroy {
  private _invalidSecret = false;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input()
  get invalidSecret() {
    return this._invalidSecret;
@@ -43,6 +45,8 @@ export class UserVerificationComponent implements ControlValueAccessor, OnInit,
    }
    this.secret.updateValueAndValidity({ emitEvent: false });
  }
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() invalidSecretChange = new EventEmitter<boolean>();

  hasMasterPassword = true;
--- a/libs/angular/src/auth/device-management/device-management-item-group.component.ts
+++ b/libs/angular/src/auth/device-management/device-management-item-group.component.ts
@@ -8,6 +8,8 @@ import { I18nPipe } from "@bitwarden/ui-common";
 import { DeviceDisplayData } from "./device-management.component";

 /** Displays user devices in an item list view */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  standalone: true,
  selector: "auth-device-management-item-group",
@@ -15,7 +17,11 @@ import { DeviceDisplayData } from "./device-management.component";
  imports: [BadgeModule, CommonModule, ItemModule, I18nPipe],
 })
 export class DeviceManagementItemGroupComponent {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() devices: DeviceDisplayData[] = [];
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() onAuthRequestAnswered = new EventEmitter<DevicePendingAuthRequest>();

  protected answerAuthRequest(pendingAuthRequest: DevicePendingAuthRequest | null) {
--- a/libs/angular/src/auth/device-management/device-management-table.component.ts
+++ b/libs/angular/src/auth/device-management/device-management-table.component.ts
@@ -15,6 +15,8 @@ import {
 import { DeviceDisplayData } from "./device-management.component";

 /** Displays user devices in a sortable table view */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  standalone: true,
  selector: "auth-device-management-table",
@@ -22,7 +24,11 @@ import { DeviceDisplayData } from "./device-management.component";
  imports: [BadgeModule, ButtonModule, CommonModule, JslibModule, LinkModule, TableModule],
 })
 export class DeviceManagementTableComponent implements OnChanges {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() devices: DeviceDisplayData[] = [];
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() onAuthRequestAnswered = new EventEmitter<DevicePendingAuthRequest>();

  protected tableDataSource = new TableDataSource<DeviceDisplayData>();
--- a/libs/angular/src/auth/device-management/device-management.component.ts
+++ b/libs/angular/src/auth/device-management/device-management.component.ts
@@ -50,6 +50,8 @@ export interface DeviceDisplayData {
 * - Medium to Large screens = `bit-table` view
 * - Small screens = `bit-item-group` view
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  standalone: true,
  selector: "auth-device-management",
--- a/libs/angular/src/auth/environment-selector/environment-selector.component.ts
+++ b/libs/angular/src/auth/environment-selector/environment-selector.component.ts
@@ -20,6 +20,8 @@ import {
 } from "@bitwarden/components";
 import { I18nPipe } from "@bitwarden/ui-common";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "environment-selector",
  templateUrl: "environment-selector.component.html",
--- a/libs/angular/src/auth/guards/active-auth.guard.spec.ts
+++ b/libs/angular/src/auth/guards/active-auth.guard.spec.ts
@@ -13,6 +13,8 @@ import { LogService } from "@bitwarden/common/platform/abstractions/log.service"

 import { activeAuthGuard } from "./active-auth.guard";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({ template: "", standalone: false })
 class EmptyComponent {}

--- a/libs/angular/src/auth/login-approval/login-approval-dialog.component.ts
+++ b/libs/angular/src/auth/login-approval/login-approval-dialog.component.ts
@@ -33,6 +33,8 @@ export interface LoginApprovalDialogParams {
  notificationId: string;
 }

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "login-approval-dialog.component.html",
  imports: [AsyncActionsModule, ButtonModule, CommonModule, DialogModule, JslibModule],
--- a/libs/angular/src/auth/login-via-webauthn/login-via-webauthn.component.ts
+++ b/libs/angular/src/auth/login-via-webauthn/login-via-webauthn.component.ts
@@ -31,6 +31,8 @@ import {
 import { KeyService } from "@bitwarden/key-management";

 export type State = "assert" | "assertFailed";
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-login-via-webauthn",
  templateUrl: "login-via-webauthn.component.html",
--- a/libs/angular/src/auth/password-management/change-password/change-password.component.ts
+++ b/libs/angular/src/auth/password-management/change-password/change-password.component.ts
@@ -39,12 +39,16 @@ import { ChangePasswordService } from "./change-password.service.abstraction";
 * and by design to maintain a strong security posture as some flows could have the user
 * end up at a change password without having one before.
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-change-password",
  templateUrl: "change-password.component.html",
  imports: [InputPasswordComponent, I18nPipe, CalloutComponent, CommonModule],
 })
 export class ChangePasswordComponent implements OnInit {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() inputPasswordFlow: InputPasswordFlow = InputPasswordFlow.ChangePassword;

  activeAccount: Account | null = null;
--- a/libs/angular/src/auth/password-management/set-initial-password/set-initial-password.component.ts
+++ b/libs/angular/src/auth/password-management/set-initial-password/set-initial-password.component.ts
@@ -45,6 +45,8 @@ import {
  SetInitialPasswordUserType,
 } from "./set-initial-password.service.abstraction";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  standalone: true,
  templateUrl: "set-initial-password.component.html",
--- a/libs/auth/src/angular/fingerprint-dialog/fingerprint-dialog.component.ts
+++ b/libs/auth/src/angular/fingerprint-dialog/fingerprint-dialog.component.ts
@@ -9,6 +9,8 @@ export type FingerprintDialogData = {
  fingerprint: string[];
 };

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "fingerprint-dialog.component.html",
  imports: [JslibModule, ButtonModule, DialogModule],
--- a/libs/auth/src/angular/input-password/input-password.component.ts
+++ b/libs/auth/src/angular/input-password/input-password.component.ts
@@ -99,6 +99,8 @@ interface InputPasswordForm {
  rotateUserKey?: FormControl<boolean>;
 }

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-input-password",
  templateUrl: "./input-password.component.html",
@@ -118,24 +120,48 @@ interface InputPasswordForm {
  ],
 })
 export class InputPasswordComponent implements OnInit {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @ViewChild(PasswordStrengthV2Component) passwordStrengthComponent:
    | PasswordStrengthV2Component
    | undefined = undefined;

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() onPasswordFormSubmit = new EventEmitter<PasswordInputResult>();
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() onSecondaryButtonClick = new EventEmitter<void>();
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() isSubmitting = new EventEmitter<boolean>();

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input({ required: true }) flow!: InputPasswordFlow;

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input({ transform: (val: string) => val?.trim().toLowerCase() }) email?: string;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() userId?: UserId;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() loading = false;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() masterPasswordPolicyOptions?: MasterPasswordPolicyOptions;

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() inlineButtons = false;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() primaryButtonText?: Translation;
  protected primaryButtonTextStr: string = "";
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() secondaryButtonText?: Translation;
  protected secondaryButtonTextStr: string = "";

--- a/libs/auth/src/angular/login-decryption-options/login-decryption-options.component.ts
+++ b/libs/auth/src/angular/login-decryption-options/login-decryption-options.component.ts
@@ -50,6 +50,8 @@ enum State {
  ExistingUserUntrustedDevice,
 }

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "./login-decryption-options.component.html",
  imports: [
--- a/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.ts
+++ b/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.ts
@@ -56,6 +56,8 @@ const matchOptions: IsActiveMatchOptions = {
  matrixParams: "ignored",
 };

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "./login-via-auth-request.component.html",
  imports: [ButtonModule, CommonModule, JslibModule, LinkModule, RouterModule],
--- a/libs/auth/src/angular/login/login-secondary-content.component.ts
+++ b/libs/auth/src/angular/login/login-secondary-content.component.ts
@@ -8,6 +8,8 @@ import { DefaultServerSettingsService } from "@bitwarden/common/platform/service
 // eslint-disable-next-line no-restricted-imports
 import { LinkModule } from "@bitwarden/components";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  imports: [CommonModule, JslibModule, LinkModule, RouterModule],
  template: `
--- a/libs/auth/src/angular/login/login.component.ts
+++ b/libs/auth/src/angular/login/login.component.ts
@@ -67,6 +67,8 @@ export enum LoginUiState {
  MASTER_PASSWORD_ENTRY = "MasterPasswordEntry",
 }

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "./login.component.html",
  imports: [
@@ -83,6 +85,8 @@ export enum LoginUiState {
  ],
 })
 export class LoginComponent implements OnInit, OnDestroy {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @ViewChild("masterPasswordInputRef") masterPasswordInputRef: ElementRef | undefined;

  private destroy$ = new Subject<void>();
--- a/libs/auth/src/angular/new-device-verification/new-device-verification.component.ts
+++ b/libs/auth/src/angular/new-device-verification/new-device-verification.component.ts
@@ -30,6 +30,8 @@ import { NewDeviceVerificationComponentService } from "./new-device-verification
 /**
 * Component for verifying a new device via a one-time password (OTP).
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-new-device-verification",
  templateUrl: "./new-device-verification.component.html",
--- a/libs/auth/src/angular/password-callout/password-callout.component.ts
+++ b/libs/auth/src/angular/password-callout/password-callout.component.ts
@@ -10,13 +10,19 @@ import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.servic
 // eslint-disable-next-line no-restricted-imports
 import { CalloutModule } from "@bitwarden/components";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-password-callout",
  templateUrl: "password-callout.component.html",
  imports: [CommonModule, JslibModule, CalloutModule],
 })
 export class PasswordCalloutComponent {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() message = "masterPasswordPolicyInEffect";
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() policy: MasterPasswordPolicyOptions;

  constructor(private i18nService: I18nService) {}
--- a/libs/auth/src/angular/password-hint/password-hint.component.ts
+++ b/libs/auth/src/angular/password-hint/password-hint.component.ts
@@ -22,6 +22,8 @@ import {
  ToastService,
 } from "@bitwarden/components";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "./password-hint.component.html",
  imports: [
--- a/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.ts
+++ b/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.ts
@@ -25,12 +25,16 @@ import { SelfHostedEnvConfigDialogComponent } from "../../self-hosted-env-config
 * Component for selecting the environment to register with in the email verification registration flow.
 * Outputs the selected region to the parent component so it can respond as necessary.
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-registration-env-selector",
  templateUrl: "registration-env-selector.component.html",
  imports: [CommonModule, JslibModule, ReactiveFormsModule, FormFieldModule, SelectModule],
 })
 export class RegistrationEnvSelectorComponent implements OnInit, OnDestroy {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() selectedRegionChange = new EventEmitter<RegionConfig | Region.SelfHosted | null>();

  ServerEnvironmentType = Region;
--- a/libs/auth/src/angular/registration/registration-finish/registration-finish.component.ts
+++ b/libs/auth/src/angular/registration/registration-finish/registration-finish.component.ts
@@ -31,6 +31,8 @@ import { PasswordInputResult } from "../../input-password/password-input-result"

 import { RegistrationFinishService } from "./registration-finish.service";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-registration-finish",
  templateUrl: "./registration-finish.component.html",
--- a/libs/auth/src/angular/registration/registration-link-expired/registration-link-expired.component.ts
+++ b/libs/auth/src/angular/registration/registration-link-expired/registration-link-expired.component.ts
@@ -19,6 +19,8 @@ export interface RegistrationLinkExpiredComponentData {
  loginRoute: string;
 }

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-registration-link-expired",
  templateUrl: "./registration-link-expired.component.html",
--- a/libs/auth/src/angular/registration/registration-start/registration-start-secondary.component.ts
+++ b/libs/auth/src/angular/registration/registration-start/registration-start-secondary.component.ts
@@ -18,6 +18,8 @@ export interface RegistrationStartSecondaryComponentData {
  loginRoute: string;
 }

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-registration-start-secondary",
  templateUrl: "./registration-start-secondary.component.html",
--- a/libs/auth/src/angular/registration/registration-start/registration-start.component.ts
+++ b/libs/auth/src/angular/registration/registration-start/registration-start.component.ts
@@ -40,6 +40,8 @@ const DEFAULT_MARKETING_EMAILS_PREF_BY_REGION: Record<Region, boolean> = {
  [Region.SelfHosted]: false,
 };

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-registration-start",
  templateUrl: "./registration-start.component.html",
@@ -57,6 +59,8 @@ const DEFAULT_MARKETING_EMAILS_PREF_BY_REGION: Record<Region, boolean> = {
  ],
 })
 export class RegistrationStartComponent implements OnInit, OnDestroy {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() registrationStartStateChange = new EventEmitter<RegistrationStartState>();

  state: RegistrationStartState = RegistrationStartState.USER_DATA_ENTRY;
--- a/libs/auth/src/angular/self-hosted-env-config-dialog/self-hosted-env-config-dialog.component.ts
+++ b/libs/auth/src/angular/self-hosted-env-config-dialog/self-hosted-env-config-dialog.component.ts
@@ -54,6 +54,8 @@ function selfHostedEnvSettingsFormValidator(): ValidatorFn {
 /**
 * Dialog for configuring self-hosted environment settings.
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "self-hosted-env-config-dialog",
  templateUrl: "self-hosted-env-config-dialog.component.html",
--- a/libs/auth/src/angular/sso/sso.component.ts
+++ b/libs/auth/src/angular/sso/sso.component.ts
@@ -62,6 +62,8 @@ interface QueryParams {
 /**
 * This component handles the SSO flow.
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "sso.component.html",
  imports: [
--- a/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-authenticator/two-factor-auth-authenticator.component.ts
+++ b/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-authenticator/two-factor-auth-authenticator.component.ts
@@ -14,6 +14,8 @@ import {
  AsyncActionsModule,
 } from "@bitwarden/components";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-two-factor-auth-authenticator",
  templateUrl: "two-factor-auth-authenticator.component.html",
@@ -32,7 +34,11 @@ import {
  providers: [],
 })
 export class TwoFactorAuthAuthenticatorComponent {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input({ required: true }) tokenFormControl: FormControl | undefined = undefined;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() tokenChange = new EventEmitter<{ token: string }>();

  onTokenChange(event: Event) {
--- a/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-duo/two-factor-auth-duo.component.ts
+++ b/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-duo/two-factor-auth-duo.component.ts
@@ -25,6 +25,8 @@ import {
  TwoFactorAuthDuoComponentService,
 } from "./two-factor-auth-duo-component.service";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-two-factor-auth-duo",
  template: "",
@@ -43,7 +45,11 @@ import {
  providers: [],
 })
 export class TwoFactorAuthDuoComponent implements OnInit {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() tokenEmitter = new EventEmitter<string>();
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() providerData: any;

  duoFramelessUrl: string | undefined = undefined;
--- a/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-email/two-factor-auth-email-component-cache.service.ts
+++ b/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-email/two-factor-auth-email-component-cache.service.ts
@@ -36,7 +36,7 @@ export class TwoFactorAuthEmailComponentCacheService {
  /**
   * Signal for the cached email state.
   */
-  private emailCache: WritableSignal<TwoFactorAuthEmailComponentCache | null> =
+  private readonly emailCache: WritableSignal<TwoFactorAuthEmailComponentCache | null> =
    this.viewCacheService.signal<TwoFactorAuthEmailComponentCache | null>({
      key: TWO_FACTOR_AUTH_EMAIL_COMPONENT_CACHE_KEY,
      initialValue: null,
--- a/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-email/two-factor-auth-email.component.ts
+++ b/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-email/two-factor-auth-email.component.ts
@@ -26,6 +26,8 @@ import {

 import { TwoFactorAuthEmailComponentCacheService } from "./two-factor-auth-email-component-cache.service";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-two-factor-auth-email",
  templateUrl: "two-factor-auth-email.component.html",
@@ -49,7 +51,11 @@ import { TwoFactorAuthEmailComponentCacheService } from "./two-factor-auth-email
  ],
 })
 export class TwoFactorAuthEmailComponent implements OnInit {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input({ required: true }) tokenFormControl: FormControl | undefined = undefined;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() tokenChange = new EventEmitter<{ token: string }>();

  twoFactorEmail: string | undefined = undefined;
--- a/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-webauthn/two-factor-auth-webauthn.component.ts
+++ b/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-webauthn/two-factor-auth-webauthn.component.ts
@@ -32,6 +32,8 @@ export interface WebAuthnResult {
  remember?: boolean;
 }

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-two-factor-auth-webauthn",
  templateUrl: "two-factor-auth-webauthn.component.html",
@@ -50,7 +52,11 @@ export interface WebAuthnResult {
  providers: [],
 })
 export class TwoFactorAuthWebAuthnComponent implements OnInit, OnDestroy {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() webAuthnResultEmitter = new EventEmitter<WebAuthnResult>();
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() webAuthnInNewTabEmitter = new EventEmitter<boolean>();

  webAuthnReady = false;
--- a/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-yubikey/two-factor-auth-yubikey.component.ts
+++ b/libs/auth/src/angular/two-factor-auth/child-components/two-factor-auth-yubikey/two-factor-auth-yubikey.component.ts
@@ -14,6 +14,8 @@ import {
  AsyncActionsModule,
 } from "@bitwarden/components";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-two-factor-auth-yubikey",
  templateUrl: "two-factor-auth-yubikey.component.html",
@@ -32,5 +34,7 @@ import {
  providers: [],
 })
 export class TwoFactorAuthYubikeyComponent {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input({ required: true }) tokenFormControl: FormControl | undefined = undefined;
 }
--- a/libs/auth/src/angular/two-factor-auth/two-factor-auth-component-cache.service.ts
+++ b/libs/auth/src/angular/two-factor-auth/two-factor-auth-component-cache.service.ts
@@ -42,7 +42,7 @@ export class TwoFactorAuthComponentCacheService {
  /**
   * Signal for the cached TwoFactorAuthData.
   */
-  private twoFactorAuthComponentCache: WritableSignal<TwoFactorAuthComponentCache | null> =
+  private readonly twoFactorAuthComponentCache: WritableSignal<TwoFactorAuthComponentCache | null> =
    this.viewCacheService.signal<TwoFactorAuthComponentCache | null>({
      key: TWO_FACTOR_AUTH_COMPONENT_CACHE_KEY,
      initialValue: null,
--- a/libs/auth/src/angular/two-factor-auth/two-factor-auth.component.spec.ts
+++ b/libs/auth/src/angular/two-factor-auth/two-factor-auth.component.spec.ts
@@ -46,6 +46,8 @@ import { TwoFactorAuthComponentCacheService } from "./two-factor-auth-component-
 import { TwoFactorAuthComponentService } from "./two-factor-auth-component.service";
 import { TwoFactorAuthComponent } from "./two-factor-auth.component";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({ standalone: false })
 class TestTwoFactorComponent extends TwoFactorAuthComponent {}

--- a/libs/auth/src/angular/two-factor-auth/two-factor-auth.component.ts
+++ b/libs/auth/src/angular/two-factor-auth/two-factor-auth.component.ts
@@ -75,6 +75,8 @@ import {
  TwoFactorOptionsDialogResult,
 } from "./two-factor-options.component";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-two-factor-auth",
  templateUrl: "two-factor-auth.component.html",
@@ -99,6 +101,8 @@ import {
  ],
 })
 export class TwoFactorAuthComponent implements OnInit, OnDestroy {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @ViewChild("continueButton", { read: ElementRef, static: false }) continueButton:
    | ElementRef
    | undefined = undefined;
@@ -114,6 +118,8 @@ export class TwoFactorAuthComponent implements OnInit, OnDestroy {
  twoFactorProviders: Map<TwoFactorProviderType, { [key: string]: string }> | null = null;
  selectedProviderData: { [key: string]: string } | undefined;

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @ViewChild("duoComponent") duoComponent!: TwoFactorAuthDuoComponent;

  form = this.formBuilder.group({
--- a/libs/auth/src/angular/two-factor-auth/two-factor-auth.guard.spec.ts
+++ b/libs/auth/src/angular/two-factor-auth/two-factor-auth.guard.spec.ts
@@ -11,6 +11,8 @@ import { LoginStrategyServiceAbstraction } from "../../common";

 import { TwoFactorAuthGuard } from "./two-factor-auth.guard";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({ template: "", standalone: true })
 export class EmptyComponent {}

--- a/libs/auth/src/angular/two-factor-auth/two-factor-options.component.ts
+++ b/libs/auth/src/angular/two-factor-auth/two-factor-options.component.ts
@@ -30,6 +30,8 @@ export type TwoFactorOptionsDialogResult = {
  type: TwoFactorProviderType;
 };

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-two-factor-options",
  templateUrl: "two-factor-options.component.html",
--- a/libs/auth/src/angular/user-verification/user-verification-dialog.component.ts
+++ b/libs/auth/src/angular/user-verification/user-verification-dialog.component.ts
@@ -30,6 +30,8 @@ import {
 } from "./user-verification-dialog.types";
 import { UserVerificationFormInputComponent } from "./user-verification-form-input.component";

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  templateUrl: "user-verification-dialog.component.html",
  imports: [
--- a/libs/auth/src/angular/user-verification/user-verification-form-input.component.ts
+++ b/libs/auth/src/angular/user-verification/user-verification-form-input.component.ts
@@ -40,6 +40,8 @@ import { ActiveClientVerificationOption } from "./active-client-verification-opt
 * This is exposed to the parent component via the ControlValueAccessor interface (e.g. bind it to a FormControl).
 * Use UserVerificationService to verify the user's input.
 */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "app-user-verification-form-input",
  templateUrl: "user-verification-form-input.component.html",
@@ -69,8 +71,12 @@ import { ActiveClientVerificationOption } from "./active-client-verification-opt
  ],
 })
 export class UserVerificationFormInputComponent implements ControlValueAccessor, OnInit, OnDestroy {
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() verificationType: "server" | "client" = "server"; // server represents original behavior
  private _invalidSecret = false;
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input()
  get invalidSecret() {
    return this._invalidSecret;
@@ -88,11 +94,17 @@ export class UserVerificationFormInputComponent implements ControlValueAccessor,
    }
    this.secret.updateValueAndValidity({ emitEvent: false });
  }
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() invalidSecretChange = new EventEmitter<boolean>();

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() activeClientVerificationOptionChange =
    new EventEmitter<ActiveClientVerificationOption>();

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-output-emitter-ref
  @Output() biometricsVerificationResultChange = new EventEmitter<boolean>();

  readonly Icons = { UserVerificationBiometricsIcon };
--- a/libs/auth/src/angular/vault-timeout-input/vault-timeout-input.component.ts
+++ b/libs/auth/src/angular/vault-timeout-input/vault-timeout-input.component.ts
@@ -44,6 +44,8 @@ type VaultTimeoutForm = FormGroup<{

 type VaultTimeoutFormValue = VaultTimeoutForm["value"];

+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
  selector: "auth-vault-timeout-input",
  templateUrl: "vault-timeout-input.component.html",
@@ -110,6 +112,8 @@ export class VaultTimeoutInputComponent
    }),
  });

+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
  @Input() vaultTimeoutOptions: VaultTimeoutOption[];

  vaultTimeoutPolicy: Policy;
--- a/libs/auth/src/common/services/auth-request/default-login-via-auth-request-cache.service.ts
+++ b/libs/auth/src/common/services/auth-request/default-login-via-auth-request-cache.service.ts
@@ -16,7 +16,7 @@ const LOGIN_VIA_AUTH_CACHE_KEY = "login-via-auth-request-form-cache";
 export class LoginViaAuthRequestCacheService {
  private viewCacheService: ViewCacheService = inject(ViewCacheService);

-  private defaultLoginViaAuthRequestCache: WritableSignal<LoginViaAuthRequestView | null> =
+  private readonly defaultLoginViaAuthRequestCache: WritableSignal<LoginViaAuthRequestView | null> =
    this.viewCacheService.signal<LoginViaAuthRequestView | null>({
      key: LOGIN_VIA_AUTH_CACHE_KEY,
      initialValue: null,