[PM-2367] [BEEEP]: Extract password strength from password-generation-service (#5502)

* Extract passwordStrength from passwordGenerationService

Extract passwordStrength from password-generation.service.ts
Create new password-strength.service.ts
Create new password-strength.service.abstraction.ts
Register new password-strength service
Fix usages in libs

* Fix usage in web

* Fix usage in desktop

* Fix usage in CLI

* Fix usage in browser

Move password-generation-factory to tools

* Fix tests

* Change dependency in jslib-services.module

libs/common/src/tools/generator/password/password-generation.service.abstraction.ts

@@ -1,5 +1,3 @@
-import * as zxcvbn from "zxcvbn";
-
 import { PasswordGeneratorPolicyOptions } from "../../../admin-console/models/domain/password-generator-policy-options";
 
 import { GeneratedPasswordHistory } from "./generated-password-history";
@@ -17,11 +15,6 @@ export abstract class PasswordGenerationServiceAbstraction {
   getHistory: () => Promise<GeneratedPasswordHistory[]>;
   addHistory: (password: string) => Promise<void>;
   clear: (userId?: string) => Promise<void>;
-  passwordStrength: (
-    password: string,
-    email?: string,
-    userInputs?: string[]
-  ) => zxcvbn.ZXCVBNResult;
   normalizeOptions: (
     options: PasswordGeneratorOptions,
     enforcedPolicyOptions: PasswordGeneratorPolicyOptions

libs/common/src/tools/generator/password/password-generation.service.ts

@@ -1,5 +1,3 @@
-import * as zxcvbn from "zxcvbn";
-
 import { PolicyService } from "../../../admin-console/abstractions/policy/policy.service.abstraction";
 import { PolicyType } from "../../../admin-console/enums";
 import { PasswordGeneratorPolicyOptions } from "../../../admin-console/models/domain/password-generator-policy-options";
@@ -387,33 +385,6 @@ export class PasswordGenerationService implements PasswordGenerationServiceAbstr
     await this.stateService.setDecryptedPasswordGenerationHistory(null, { userId: userId });
   }
 
-  /**
-   * Calculates a password strength score using zxcvbn.
-   * @param password The password to calculate the strength of.
-   * @param emailInput An unparsed email address to use as user input.
-   * @param userInputs An array of additional user inputs to use when calculating the strength.
-   */
-  passwordStrength(
-    password: string,
-    emailInput: string = null,
-    userInputs: string[] = null
-  ): zxcvbn.ZXCVBNResult {
-    if (password == null || password.length === 0) {
-      return null;
-    }
-    const globalUserInputs = [
-      "bitwarden",
-      "bit",
-      "warden",
-      ...(userInputs ?? []),
-      ...this.emailToUserInputs(emailInput),
-    ];
-    // Use a hash set to get rid of any duplicate user inputs
-    const finalUserInputs = Array.from(new Set(globalUserInputs));
-    const result = zxcvbn(password, finalUserInputs);
-    return result;
-  }
-
   normalizeOptions(
     options: PasswordGeneratorOptions,
     enforcedPolicyOptions: PasswordGeneratorPolicyOptions
@@ -476,27 +447,6 @@ export class PasswordGenerationService implements PasswordGenerationServiceAbstr
     this.sanitizePasswordLength(options, false);
   }
 
-  /**
-   * Convert an email address into a list of user inputs for zxcvbn by
-   * taking the local part of the email address and splitting it into words.
-   * @param email
-   * @private
-   */
-  private emailToUserInputs(email: string): string[] {
-    if (email == null || email.length === 0) {
-      return [];
-    }
-    const atPosition = email.indexOf("@");
-    if (atPosition < 0) {
-      return [];
-    }
-    return email
-      .substring(0, atPosition)
-      .trim()
-      .toLowerCase()
-      .split(/[^A-Za-z0-9]/);
-  }
-
   private capitalize(str: string) {
     return str.charAt(0).toUpperCase() + str.slice(1);
   }

libs/common/src/tools/password-strength/index.ts

@@ -0,0 +1,2 @@
+export { PasswordStrengthServiceAbstraction } from "./password-strength.service.abstraction";
+export { PasswordStrengthService } from "./password-strength.service";

libs/common/src/tools/password-strength/password-strength.service.abstraction.ts

@@ -0,0 +1,5 @@
+import { ZXCVBNResult } from "zxcvbn";
+
+export abstract class PasswordStrengthServiceAbstraction {
+  getPasswordStrength: (password: string, email?: string, userInputs?: string[]) => ZXCVBNResult;
+}

libs/common/src/tools/password-strength/password-strength.service.ts

@@ -0,0 +1,53 @@
+import * as zxcvbn from "zxcvbn";
+
+import { PasswordStrengthServiceAbstraction } from "./password-strength.service.abstraction";
+
+export class PasswordStrengthService implements PasswordStrengthServiceAbstraction {
+  /**
+   * Calculates a password strength score using zxcvbn.
+   * @param password The password to calculate the strength of.
+   * @param emailInput An unparsed email address to use as user input.
+   * @param userInputs An array of additional user inputs to use when calculating the strength.
+   */
+  getPasswordStrength(
+    password: string,
+    emailInput: string = null,
+    userInputs: string[] = null
+  ): zxcvbn.ZXCVBNResult {
+    if (password == null || password.length === 0) {
+      return null;
+    }
+    const globalUserInputs = [
+      "bitwarden",
+      "bit",
+      "warden",
+      ...(userInputs ?? []),
+      ...this.emailToUserInputs(emailInput),
+    ];
+    // Use a hash set to get rid of any duplicate user inputs
+    const finalUserInputs = Array.from(new Set(globalUserInputs));
+    const result = zxcvbn(password, finalUserInputs);
+    return result;
+  }
+
+  /**
+   * Convert an email address into a list of user inputs for zxcvbn by
+   * taking the local part of the email address and splitting it into words.
+   * @param email
+   * @private
+   */
+  private emailToUserInputs(email: string): string[] {
+    if (email == null || email.length === 0) {
+      return [];
+    }
+    const atPosition = email.indexOf("@");
+    if (atPosition < 0) {
+      return [];
+    }
+    return email
+      .substring(0, atPosition)
+      .trim()
+      .toLowerCase()
+      .split(/[^A-Za-z0-9]/);
+  }
+}