From 76021b48171b5471a4872cb9d9404c50fbc2fe05 Mon Sep 17 00:00:00 2001
From: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
Date: Mon, 2 Sep 2024 14:59:28 +0100
Subject: [PATCH] Fix mSecure importer and added tests (#10698)

---
 .../spec/msecure-csv-importer.spec.ts         | 113 ++++++++++++++++++
 .../src/importers/msecure-csv-importer.ts     |  51 ++++++--
 2 files changed, 157 insertions(+), 7 deletions(-)
 create mode 100644 libs/importer/spec/msecure-csv-importer.spec.ts

diff --git a/libs/importer/spec/msecure-csv-importer.spec.ts b/libs/importer/spec/msecure-csv-importer.spec.ts
new file mode 100644
index 0000000000..903be3bcb1
--- /dev/null
+++ b/libs/importer/spec/msecure-csv-importer.spec.ts
@@ -0,0 +1,113 @@
+import { CipherType } from "@bitwarden/common/vault/enums";
+
+import { MSecureCsvImporter } from "../src/importers/msecure-csv-importer";
+
+describe("MSecureCsvImporter.parse", () => {
+  let importer: MSecureCsvImporter;
+  beforeEach(() => {
+    importer = new MSecureCsvImporter();
+  });
+
+  it("should correctly parse credit card entries as Secret Notes", async () => {
+    const mockCsvData =
+      `myCreditCard|155089404,Credit Card,,,Card Number|12|41111111111111111,Expiration Date|11|05/2026,Security Code|9|123,Name on Card|0|John Doe,PIN|9|1234,Issuing Bank|0|Visa,Phone Number|4|,Billing Address|0|,`.trim();
+    const result = await importer.parse(mockCsvData);
+
+    expect(result.success).toBe(true);
+    expect(result.ciphers.length).toBe(1);
+    const cipher = result.ciphers[0];
+    expect(cipher.name).toBe("myCreditCard");
+    expect(cipher.type).toBe(CipherType.Card);
+    expect(cipher.card.number).toBe("41111111111111111");
+    expect(cipher.card.expiration).toBe("05 / 2026");
+    expect(cipher.card.code).toBe("123");
+    expect(cipher.card.cardholderName).toBe("John Doe");
+    expect(cipher.card.brand).toBe("Visa");
+  });
+
+  it("should correctly parse login entries", async () => {
+    const mockCsvData = `
+        Bitwarden|810974637,Login,,,Website|2|bitwarden.com,Username|7|bitwarden user,Password|8|bitpassword,
+    `.trim();
+
+    const result = await importer.parse(mockCsvData);
+
+    expect(result.success).toBe(true);
+    expect(result.ciphers.length).toBe(1);
+    const cipher = result.ciphers[0];
+    expect(cipher.name).toBe("Bitwarden");
+    expect(cipher.type).toBe(CipherType.Login);
+    expect(cipher.login.username).toBe("bitwarden user");
+    expect(cipher.login.password).toBe("bitpassword");
+    expect(cipher.login.uris[0].uri).toContain("bitwarden.com");
+  });
+
+  it("should correctly parse login entries with notes", async () => {
+    const mockCsvData =
+      `Example|188987444,Login,,This is a note |,Website|2|example2.com,Username|7|username || lol,Password|8|this is a password,`.trim();
+
+    const result = await importer.parse(mockCsvData);
+
+    expect(result.success).toBe(true);
+    expect(result.ciphers.length).toBe(1);
+    const cipher = result.ciphers[0];
+    expect(cipher.name).toBe("Example");
+    expect(cipher.type).toBe(CipherType.Login);
+    expect(cipher.login.username).toBe("username || lol");
+    expect(cipher.login.password).toBe("this is a password");
+    expect(cipher.login.uris[0].uri).toContain("example2.com");
+    expect(cipher.notes).toBe("This is a note |");
+  });
+
+  it("should correctly parse login entries with a tag", async () => {
+    const mockCsvData = `
+        Website with a tag|1401978655,Login,tag holding it,,Website|2|johndoe.com,Username|7|JohnDoeWebsite,Password|8|JohnDoePassword,
+    `.trim();
+
+    const result = await importer.parse(mockCsvData);
+
+    expect(result.success).toBe(true);
+    expect(result.ciphers.length).toBe(1);
+    const cipher = result.ciphers[0];
+    expect(cipher.name).toBe("Website with a tag");
+    expect(cipher.type).toBe(CipherType.Login);
+    expect(cipher.login.username).toBe("JohnDoeWebsite");
+    expect(cipher.login.password).toBe("JohnDoePassword");
+    expect(cipher.login.uris[0].uri).toContain("johndoe.com");
+    expect(cipher.notes).toBeNull();
+    expect(result.folders[0].name).toContain("tag holding it");
+  });
+
+  it("should handle multiple entries correctly", async () => {
+    const mockCsvData =
+      `myCreditCard|155089404,Credit Card,,,Card Number|12|41111111111111111,Expiration Date|11|05/2026,Security Code|9|123,Name on Card|0|John Doe,PIN|9|1234,Issuing Bank|0|Visa,Phone Number|4|,Billing Address|0|,
+Bitwarden|810974637,Login,,,Website|2|bitwarden.com,Username|7|bitwarden user,Password|8|bitpassword,
+Example|188987444,Login,,This is a note |,Website|2|example2.com,Username|7|username || lol,Password|8|this is a password,
+Website with a tag|1401978655,Login,tag holding it,,Website|2|johndoe.com,Username|7|JohnDoeWebsite,Password|8|JohnDoePassword,`.trim();
+
+    const result = await importer.parse(mockCsvData);
+
+    expect(result.success).toBe(true);
+    expect(result.ciphers.length).toBe(4);
+
+    // Check first entry (Credit Card)
+    const cipher1 = result.ciphers[0];
+    expect(cipher1.name).toBe("myCreditCard");
+    expect(cipher1.type).toBe(CipherType.Card);
+
+    // Check second entry (Login - Bitwarden)
+    const cipher2 = result.ciphers[1];
+    expect(cipher2.name).toBe("Bitwarden");
+    expect(cipher2.type).toBe(CipherType.Login);
+
+    // Check third entry (Login with note - Example)
+    const cipher3 = result.ciphers[2];
+    expect(cipher3.name).toBe("Example");
+    expect(cipher3.type).toBe(CipherType.Login);
+
+    // Check fourth entry (Login with tag - Website with a tag)
+    const cipher4 = result.ciphers[3];
+    expect(cipher4.name).toBe("Website with a tag");
+    expect(cipher4.type).toBe(CipherType.Login);
+  });
+});
diff --git a/libs/importer/src/importers/msecure-csv-importer.ts b/libs/importer/src/importers/msecure-csv-importer.ts
index 788dfd1d4e..e953ce3a8d 100644
--- a/libs/importer/src/importers/msecure-csv-importer.ts
+++ b/libs/importer/src/importers/msecure-csv-importer.ts
@@ -9,7 +9,7 @@ import { Importer } from "./importer";
 export class MSecureCsvImporter extends BaseImporter implements Importer {
   parse(data: string): Promise<ImportResult> {
     const result = new ImportResult();
-    const results = this.parseCsv(data, false);
+    const results = this.parseCsv(data, false, { delimiter: "," });
     if (results == null) {
       result.success = false;
       return Promise.resolve(result);
@@ -21,17 +21,43 @@ export class MSecureCsvImporter extends BaseImporter implements Importer {
       }
 
       const folderName =
-        this.getValueOrDefault(value[0], "Unassigned") !== "Unassigned" ? value[0] : null;
+        this.getValueOrDefault(value[2], "Unassigned") !== "Unassigned" ? value[2] : null;
       this.processFolder(result, folderName);
 
       const cipher = this.initLoginCipher();
-      cipher.name = this.getValueOrDefault(value[2], "--");
+      cipher.name = this.getValueOrDefault(value[0].split("|")[0], "--");
 
       if (value[1] === "Web Logins" || value[1] === "Login") {
-        cipher.login.uris = this.makeUriArray(value[4]);
-        cipher.login.username = this.getValueOrDefault(value[5]);
-        cipher.login.password = this.getValueOrDefault(value[6]);
+        cipher.login.username = this.getValueOrDefault(this.splitValueRetainingLastPart(value[5]));
+        cipher.login.uris = this.makeUriArray(this.splitValueRetainingLastPart(value[4]));
+        cipher.login.password = this.getValueOrDefault(this.splitValueRetainingLastPart(value[6]));
         cipher.notes = !this.isNullOrWhitespace(value[3]) ? value[3].split("\\n").join("\n") : null;
+      } else if (value[1] === "Credit Card") {
+        cipher.type = CipherType.Card;
+        cipher.card.number = this.getValueOrDefault(this.splitValueRetainingLastPart(value[4]));
+
+        const [month, year] = this.getValueOrDefault(
+          this.splitValueRetainingLastPart(value[5]),
+        ).split("/");
+        cipher.card.expMonth = month.trim();
+        cipher.card.expYear = year.trim();
+        cipher.card.code = this.getValueOrDefault(this.splitValueRetainingLastPart(value[6]));
+        cipher.card.cardholderName = this.getValueOrDefault(
+          this.splitValueRetainingLastPart(value[7]),
+        );
+        cipher.card.brand = this.getValueOrDefault(this.splitValueRetainingLastPart(value[9]));
+        cipher.notes =
+          this.getValueOrDefault(value[8].split("|")[0]) +
+          ": " +
+          this.getValueOrDefault(this.splitValueRetainingLastPart(value[8]), "") +
+          "\n" +
+          this.getValueOrDefault(value[10].split("|")[0]) +
+          ": " +
+          this.getValueOrDefault(this.splitValueRetainingLastPart(value[10]), "") +
+          "\n" +
+          this.getValueOrDefault(value[11].split("|")[0]) +
+          ": " +
+          this.getValueOrDefault(this.splitValueRetainingLastPart(value[11]), "");
       } else if (value.length > 3) {
         cipher.type = CipherType.SecureNote;
         cipher.secureNote = new SecureNoteView();
@@ -43,7 +69,11 @@ export class MSecureCsvImporter extends BaseImporter implements Importer {
         }
       }
 
-      if (!this.isNullOrWhitespace(value[1]) && cipher.type !== CipherType.Login) {
+      if (
+        !this.isNullOrWhitespace(value[1]) &&
+        cipher.type !== CipherType.Login &&
+        cipher.type !== CipherType.Card
+      ) {
         cipher.name = value[1] + ": " + cipher.name;
       }
 
@@ -58,4 +88,11 @@ export class MSecureCsvImporter extends BaseImporter implements Importer {
     result.success = true;
     return Promise.resolve(result);
   }
+
+  // mSecure returns values separated by "|" where after the second separator is the value
+  // like "Password|8|myPassword", we want to keep the "myPassword" but also ensure that if
+  // the value contains any "|" it works fine
+  private splitValueRetainingLastPart(value: string) {
+    return value.split("|").slice(0, 2).concat(value.split("|").slice(2).join("|")).pop();
+  }
 }