[PM-7330] Create SetPasswordComponent (email verification) (#9810)

* setup SetPassword component

* accept query params

* add InputPasswordComponent to template

* add route

* add dynamic translation with org name

* feature flag route

* setup onInit

* add set password logic

* move to libs

* remove comments

* update AuthGuard routing

* use ToastService

* replace deprecated methods

* replace orgId input with policy input

* use getter for msg instead of ngOnInit

* cleanup

* refactor to use services

* more refactoring of service

* address browser routing and translations

* add desktop service

* simplify queryParam handler

* remove ngOnDestroy

* small edits

* use inject()

* add jsdocs

* create basic tests

* add success toasts on successfuly set password

* add tests

* update feature-flag

* move model to service

* refactor client services to override setPassword()

* add error handling to setPassword()

* move auto enroll logic to service

* update tests

* fix test

* adjust padding on password-callout list

* revert refactor of auto enroll logic

* refactor keyPair generation to own method

* update page title and button text

* update pageSubtitle and translations

* fix test

apps/web/src/app/auth/core/services/index.ts

@@ -1,2 +1,3 @@
 export * from "./webauthn-login";
+export * from "./set-password-jit";
 export * from "./registration";

apps/web/src/app/auth/core/services/registration/web-registration-finish.service.spec.ts

@@ -145,6 +145,7 @@ describe("DefaultRegistrationFinishService", () => {
       passwordInputResult = {
         masterKey: masterKey,
         masterKeyHash: "masterKeyHash",
+        localMasterKeyHash: "localMasterKeyHash",
         kdfConfig: DEFAULT_KDF_CONFIG,
         hint: "hint",
       };

apps/web/src/app/auth/core/services/set-password-jit/index.ts

@@ -0,0 +1 @@
+export * from "./web-set-password-jit.service";

apps/web/src/app/auth/core/services/set-password-jit/web-set-password-jit.service.ts

@@ -0,0 +1,27 @@
+import { inject } from "@angular/core";
+
+import {
+  DefaultSetPasswordJitService,
+  SetPasswordCredentials,
+  SetPasswordJitService,
+} from "@bitwarden/auth/angular";
+
+import { RouterService } from "../../../../core/router.service";
+import { AcceptOrganizationInviteService } from "../../../organization-invite/accept-organization.service";
+
+export class WebSetPasswordJitService
+  extends DefaultSetPasswordJitService
+  implements SetPasswordJitService
+{
+  routerService = inject(RouterService);
+  acceptOrganizationInviteService = inject(AcceptOrganizationInviteService);
+
+  override async setPassword(credentials: SetPasswordCredentials) {
+    await super.setPassword(credentials);
+
+    // SSO JIT accepts org invites when setting their MP, meaning
+    // we can clear the deep linked url for accepting it.
+    await this.routerService.getAndClearLoginRedirectUrl();
+    await this.acceptOrganizationInviteService.clearOrganizationInvitation();
+  }
+}

apps/web/src/app/core/core.module.ts

@@ -17,11 +17,20 @@ import {
 } from "@bitwarden/angular/services/injection-tokens";
 import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.module";
 import { ModalService as ModalServiceAbstraction } from "@bitwarden/angular/services/modal.service";
-import { RegistrationFinishService as RegistrationFinishServiceAbstraction } from "@bitwarden/auth/angular";
+import {
+  SetPasswordJitService,
+  RegistrationFinishService as RegistrationFinishServiceAbstraction,
+} from "@bitwarden/auth/angular";
+import { InternalUserDecryptionOptionsServiceAbstraction } from "@bitwarden/auth/common";
+import { ApiService } from "@bitwarden/common/abstractions/api.service";
+import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction";
+import { OrganizationUserService } from "@bitwarden/common/admin-console/abstractions/organization-user/organization-user.service";
 import { PolicyApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/policy/policy-api.service.abstraction";
 import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
 import { AccountApiService as AccountApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/account-api.service";
 import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
+import { KdfConfigService } from "@bitwarden/common/auth/abstractions/kdf-config.service";
+import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction";
 import { ClientType } from "@bitwarden/common/enums";
 import { CryptoService as CryptoServiceAbstraction } from "@bitwarden/common/platform/abstractions/crypto.service";
 import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
@@ -48,7 +57,7 @@ import {
 import { VaultTimeout, VaultTimeoutStringType } from "@bitwarden/common/types/vault-timeout.type";
 
 import { PolicyListService } from "../admin-console/core/policy-list.service";
-import { WebRegistrationFinishService } from "../auth";
+import { WebSetPasswordJitService, WebRegistrationFinishService } from "../auth";
 import { AcceptOrganizationInviteService } from "../auth/organization-invite/accept-organization.service";
 import { HtmlStorageService } from "../core/html-storage.service";
 import { I18nService } from "../core/i18n.service";
@@ -184,6 +193,20 @@ const safeProviders: SafeProvider[] = [
       PolicyService,
     ],
   }),
+  safeProvider({
+    provide: SetPasswordJitService,
+    useClass: WebSetPasswordJitService,
+    deps: [
+      ApiService,
+      CryptoServiceAbstraction,
+      I18nServiceAbstraction,
+      KdfConfigService,
+      InternalMasterPasswordServiceAbstraction,
+      OrganizationApiServiceAbstraction,
+      OrganizationUserService,
+      InternalUserDecryptionOptionsServiceAbstraction,
+    ],
+  }),
 ];
 
 @NgModule({

apps/web/src/app/oss-routing.module.ts

@@ -17,6 +17,7 @@ import {
   RegistrationStartComponent,
   RegistrationStartSecondaryComponent,
   RegistrationStartSecondaryComponentData,
+  SetPasswordJitComponent,
   LockIcon,
   RegistrationLinkExpiredComponent,
 } from "@bitwarden/auth/angular";
@@ -206,6 +207,15 @@ const routes: Routes = [
           },
         ],
       },
+      {
+        path: "set-password-jit",
+        canActivate: [canAccessFeature(FeatureFlag.EmailVerification)],
+        component: SetPasswordJitComponent,
+        data: {
+          pageTitle: "joinOrganization",
+          pageSubtitle: "finishJoiningThisOrganizationBySettingAMasterPassword",
+        } satisfies AnonLayoutWrapperData,
+      },
       {
         path: "signup-link-expired",
         canActivate: [canAccessFeature(FeatureFlag.EmailVerification), unauthGuardFn()],

apps/web/src/locales/en/messages.json

@@ -3471,6 +3471,9 @@
   "joinOrganizationDesc": {
     "message": "You've been invited to join the organization listed above. To accept the invitation, you need to log in or create a new Bitwarden account."
   },
+  "finishJoiningThisOrganizationBySettingAMasterPassword": {
+    "message": "Finish joining this organization by setting a master password."
+  },
   "inviteAccepted": {
     "message": "Invitation accepted"
   },