bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-28 18:43:26 +00:00
Code Issues Releases Wiki Activity

fix(change-password-component): Change Password Update [18720] - Took org invite state out of service and made it accessible.

Browse Source
This commit is contained in:
Patrick Pimentel
2025-06-22 20:31:20 -04:00
parent 815f379c24
commit 735a114baa
33 changed files with 417 additions and 317 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
libs/auth/src/common/login-strategies/password-login.strategy.ts
View File

@@ -163,7 +163,8 @@ export class PasswordLoginStrategy extends LoginStrategy {
credentials: PasswordLoginCredentials,
authResult: AuthResult,
): Promise<void> {
// TODO: PM-21084 - investigate if we should be sending down masterPasswordPolicy on the IdentityDeviceVerificationResponse like we do for the IdentityTwoFactorResponse
// TODO: PM-21084 - investigate if we should be sending down masterPasswordPolicy on the
// IdentityDeviceVerificationResponse like we do for the IdentityTwoFactorResponse
// If the response is a device verification response, we don't need to evaluate the password
if (identityResponse instanceof IdentityDeviceVerificationResponse) {
return;
@@ -175,11 +176,11 @@ export class PasswordLoginStrategy extends LoginStrategy {
if (
await this.configService.getFeatureFlag(FeatureFlag.PM16117_ChangeExistingPasswordRefactor)
) {
// Either take credentials from a potential org invite first, then take from
// the identity response if that doesn't exist.
masterPasswordPolicyOptions = credentials.masterPasswordPoliciesFromOrgInvite
? credentials.masterPasswordPoliciesFromOrgInvite
: this.getMasterPasswordPolicyOptionsFromResponse(identityResponse);
// Get the master password policy options from both the org invite and the identity response
masterPasswordPolicyOptions = this.policyService.combineMasterPasswordPolicyOptions(
credentials.masterPasswordPoliciesFromOrgInvite,
this.getMasterPasswordPolicyOptionsFromResponse(identityResponse),
);
if (!masterPasswordPolicyOptions?.enforceOnLogin) {
return;
@@ -208,6 +209,8 @@ export class PasswordLoginStrategy extends LoginStrategy {
return;
}
// Also set master password policy options here
// Authentication was successful, save the force update password options with the state service
// if there isn't already a reason set (this would only be AdminForcePasswordReset as that can be set server side
// and would have already been processed in the base login strategy processForceSetPasswordReason method)