diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 78003b00ff2..9eace676f4f 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -6,6 +6,7 @@ ## Secrets Manager team files ## bitwarden_license/bit-web/src/app/secrets-manager @bitwarden/team-secrets-manager-dev +apps/web/src/app/secrets-manager/ @bitwarden/team-secrets-manager-dev ## Auth team files ## apps/browser/src/auth @bitwarden/team-auth-dev diff --git a/apps/browser/src/_locales/en/messages.json b/apps/browser/src/_locales/en/messages.json index 4bd656a282c..d908b267f4b 100644 --- a/apps/browser/src/_locales/en/messages.json +++ b/apps/browser/src/_locales/en/messages.json @@ -13,6 +13,9 @@ "loginOrCreateNewAccount": { "message": "Log in or create a new account to access your secure vault." }, + "inviteAccepted": { + "message": "Invitation accepted" + }, "createAccount": { "message": "Create account" }, @@ -68,6 +71,12 @@ "masterPassHint": { "message": "Master password hint (optional)" }, + "joinOrganization": { + "message": "Join organization" + }, + "finishJoiningThisOrganizationBySettingAMasterPassword": { + "message": "Finish joining this organization by setting a master password." + }, "tab": { "message": "Tab" }, @@ -3037,6 +3046,10 @@ "message": "Unlock your account to view matching logins", "description": "Text to display in overlay when the account is locked." }, + "unlockYourAccountToViewAutofillSuggestions": { + "message": "Unlock your account to view autofill suggestions", + "description": "Text to display in overlay when the account is locked." + }, "unlockAccount": { "message": "Unlock account", "description": "Button text to display in overlay when the account is locked." @@ -3061,6 +3074,22 @@ "message": "Add new vault item", "description": "Screen reader text (aria-label) for new item button in overlay" }, + "newLogin": { + "message": "New login", + "description": "Button text to display within inline menu when there are no matching items on a login field" + }, + "addNewLoginItem": { + "message": "Add new vault login item", + "description": "Screen reader text (aria-label) for new login button within inline menu" + }, + "newCard": { + "message": "New card", + "description": "Button text to display within inline menu when there are no matching items on a credit card field" + }, + "addNewCardItem": { + "message": "Add new vault card item", + "description": "Screen reader text (aria-label) for new card button within inline menu" + }, "bitwardenOverlayMenuAvailable": { "message": "Bitwarden auto-fill menu available. Press the down arrow key to select.", "description": "Screen reader text for announcing when the overlay opens on the page" @@ -3734,6 +3763,10 @@ } } }, + "cardNumberEndsWith": { + "message": "card number ends with", + "description": "Used within the inline menu to provide an aria description when users are attempting to fill a card cipher." + }, "loginCredentials": { "message": "Login credentials" }, diff --git a/apps/browser/src/autofill/background/abstractions/overlay.background.ts b/apps/browser/src/autofill/background/abstractions/overlay.background.ts index 3c67872e238..763261cae26 100644 --- a/apps/browser/src/autofill/background/abstractions/overlay.background.ts +++ b/apps/browser/src/autofill/background/abstractions/overlay.background.ts @@ -34,6 +34,7 @@ export type WebsiteIconData = { export type FocusedFieldData = { focusedFieldStyles: Partial; focusedFieldRects: Partial; + filledByCipherType?: CipherType; tabId?: number; frameId?: number; }; @@ -50,13 +51,26 @@ export type InlineMenuPosition = { list?: InlineMenuElementPosition; }; +export type NewLoginCipherData = { + uri?: string; + hostname: string; + username: string; + password: string; +}; + +export type NewCardCipherData = { + cardholderName: string; + number: string; + expirationMonth: string; + expirationYear: string; + expirationDate?: string; + cvv: string; +}; + export type OverlayAddNewItemMessage = { - login?: { - uri?: string; - hostname: string; - username: string; - password: string; - }; + addNewCipherType?: CipherType; + login?: NewLoginCipherData; + card?: NewCardCipherData; }; export type CloseInlineMenuMessage = { @@ -91,6 +105,7 @@ export type OverlayPortMessage = { command: string; direction?: string; inlineMenuCipherId?: string; + addNewCipherType?: CipherType; }; export type InlineMenuCipherData = { @@ -178,7 +193,7 @@ export type InlineMenuListPortMessageHandlers = { autofillInlineMenuBlurred: () => void; unlockVault: ({ port }: PortConnectionParam) => void; fillAutofillInlineMenuCipher: ({ message, port }: PortOnMessageHandlerParams) => void; - addNewVaultItem: ({ port }: PortConnectionParam) => void; + addNewVaultItem: ({ message, port }: PortOnMessageHandlerParams) => void; viewSelectedCipher: ({ message, port }: PortOnMessageHandlerParams) => void; redirectAutofillInlineMenuFocusOut: ({ message, port }: PortOnMessageHandlerParams) => void; updateAutofillInlineMenuListHeight: ({ message, port }: PortOnMessageHandlerParams) => void; @@ -187,5 +202,5 @@ export type InlineMenuListPortMessageHandlers = { export interface OverlayBackground { init(): Promise; removePageDetails(tabId: number): void; - updateOverlayCiphers(): Promise; + updateOverlayCiphers(updateAllCipherTypes?: boolean): Promise; } diff --git a/apps/browser/src/autofill/background/overlay.background.spec.ts b/apps/browser/src/autofill/background/overlay.background.spec.ts index 41d9d8ec32e..de668cd8178 100644 --- a/apps/browser/src/autofill/background/overlay.background.spec.ts +++ b/apps/browser/src/autofill/background/overlay.background.spec.ts @@ -322,6 +322,7 @@ describe("OverlayBackground", () => { it("removes the page details and port key for a specific tab from the pageDetailsForTab object", async () => { await initOverlayElementPorts(); const tabId = 1; + portKeyForTabSpy[tabId] = "portKey"; sendMockExtensionMessage( { command: "collectPageDetailsResponse", details: createAutofillPageDetailsMock() }, mock({ tab: createChromeTabMock({ id: tabId }), frameId: 1 }), @@ -705,6 +706,13 @@ describe("OverlayBackground", () => { type: CipherType.Card, card: { subTitle: "subtitle-2" }, }); + const cipher3 = mock({ + id: "id-3", + localData: { lastUsedDate: 222 }, + name: "name-3", + type: CipherType.Login, + login: { username: "username-3", uri: url }, + }); beforeEach(() => { activeAccountStatusMock$.next(AuthenticationStatus.Unlocked); @@ -751,16 +759,53 @@ describe("OverlayBackground", () => { ); }); - it("queries all ciphers for the given url, sort them by last used, and format them for usage in the overlay", async () => { + it("queries all cipher types, sorts them by last used, and formats them for usage in the overlay", async () => { getTabFromCurrentWindowIdSpy.mockResolvedValueOnce(tab); cipherService.getAllDecryptedForUrl.mockResolvedValue([cipher1, cipher2]); cipherService.sortCiphersByLastUsedThenName.mockReturnValue(-1); await overlayBackground.updateOverlayCiphers(); + expect(BrowserApi.getTabFromCurrentWindowId).toHaveBeenCalled(); + expect(cipherService.getAllDecryptedForUrl).toHaveBeenCalledWith(url, [CipherType.Card]); + expect(cipherService.sortCiphersByLastUsedThenName).toHaveBeenCalled(); + expect(overlayBackground["inlineMenuCiphers"]).toStrictEqual( + new Map([ + ["inline-menu-cipher-0", cipher2], + ["inline-menu-cipher-1", cipher1], + ]), + ); + }); + + it("queries only login ciphers when not updating all cipher types", async () => { + overlayBackground["cardAndIdentityCiphers"] = new Set([]); + getTabFromCurrentWindowIdSpy.mockResolvedValueOnce(tab); + cipherService.getAllDecryptedForUrl.mockResolvedValue([cipher3, cipher1]); + cipherService.sortCiphersByLastUsedThenName.mockReturnValue(-1); + + await overlayBackground.updateOverlayCiphers(false); + expect(BrowserApi.getTabFromCurrentWindowId).toHaveBeenCalled(); expect(cipherService.getAllDecryptedForUrl).toHaveBeenCalledWith(url); expect(cipherService.sortCiphersByLastUsedThenName).toHaveBeenCalled(); + expect(overlayBackground["inlineMenuCiphers"]).toStrictEqual( + new Map([ + ["inline-menu-cipher-0", cipher1], + ["inline-menu-cipher-1", cipher3], + ]), + ); + }); + + it("queries all cipher types when the card and identity ciphers set is not built when only updating login ciphers", async () => { + getTabFromCurrentWindowIdSpy.mockResolvedValueOnce(tab); + cipherService.getAllDecryptedForUrl.mockResolvedValue([cipher1, cipher2]); + cipherService.sortCiphersByLastUsedThenName.mockReturnValue(-1); + + await overlayBackground.updateOverlayCiphers(false); + + expect(BrowserApi.getTabFromCurrentWindowId).toHaveBeenCalled(); + expect(cipherService.getAllDecryptedForUrl).toHaveBeenCalledWith(url, [CipherType.Card]); + expect(cipherService.sortCiphersByLastUsedThenName).toHaveBeenCalled(); expect(overlayBackground["inlineMenuCiphers"]).toStrictEqual( new Map([ ["inline-menu-cipher-0", cipher2], @@ -771,6 +816,7 @@ describe("OverlayBackground", () => { it("posts an `updateOverlayListCiphers` message to the overlay list port, and send a `updateAutofillInlineMenuListCiphers` message to the tab indicating that the list of ciphers is populated", async () => { overlayBackground["inlineMenuListPort"] = mock(); + overlayBackground["focusedFieldData"] = createFocusedFieldDataMock({ tabId: tab.id }); cipherService.getAllDecryptedForUrl.mockResolvedValue([cipher1, cipher2]); cipherService.sortCiphersByLastUsedThenName.mockReturnValue(-1); getTabFromCurrentWindowIdSpy.mockResolvedValueOnce(tab); @@ -780,21 +826,6 @@ describe("OverlayBackground", () => { expect(overlayBackground["inlineMenuListPort"].postMessage).toHaveBeenCalledWith({ command: "updateAutofillInlineMenuListCiphers", ciphers: [ - { - card: cipher2.card.subTitle, - favorite: cipher2.favorite, - icon: { - fallbackImage: "", - icon: "bwi-credit-card", - image: undefined, - imageEnabled: true, - }, - id: "inline-menu-cipher-0", - login: null, - name: "name-2", - reprompt: cipher2.reprompt, - type: 3, - }, { card: null, favorite: cipher1.favorite, @@ -810,7 +841,7 @@ describe("OverlayBackground", () => { }, name: "name-1", reprompt: cipher1.reprompt, - type: 1, + type: CipherType.Login, }, ], }); @@ -884,6 +915,7 @@ describe("OverlayBackground", () => { sendMockExtensionMessage( { command: "autofillOverlayAddNewVaultItem", + addNewCipherType: CipherType.Login, login: { uri: "https://tacos.com", hostname: "", @@ -899,6 +931,29 @@ describe("OverlayBackground", () => { expect(sendMessageSpy).toHaveBeenCalledWith("inlineAutofillMenuRefreshAddEditCipher"); expect(openAddEditVaultItemPopoutSpy).toHaveBeenCalled(); }); + + it("creates a new card cipher", async () => { + sendMockExtensionMessage( + { + command: "autofillOverlayAddNewVaultItem", + addNewCipherType: CipherType.Card, + card: { + cardholderName: "cardholderName", + number: "4242424242424242", + expirationMonth: "12", + expirationYear: "2025", + expirationDate: "12/25", + cvv: "123", + }, + }, + sender, + ); + await flushPromises(); + + expect(cipherService.setAddEditCipherInfo).toHaveBeenCalled(); + expect(sendMessageSpy).toHaveBeenCalledWith("inlineAutofillMenuRefreshAddEditCipher"); + expect(openAddEditVaultItemPopoutSpy).toHaveBeenCalled(); + }); }); describe("checkIsInlineMenuCiphersPopulated message handler", () => { @@ -929,8 +984,9 @@ describe("OverlayBackground", () => { it("returns true if the overlay login ciphers are populated", async () => { overlayBackground["inlineMenuCiphers"] = new Map([ - ["inline-menu-cipher-0", mock()], + ["inline-menu-cipher-0", mock({ type: CipherType.Login })], ]); + await overlayBackground["getInlineMenuCipherData"](); sendMockExtensionMessage( { command: "checkIsInlineMenuCiphersPopulated" }, @@ -2029,12 +2085,16 @@ describe("OverlayBackground", () => { sendMockExtensionMessage({ command: "updateFocusedFieldData", focusedFieldData }, sender); await flushPromises(); - sendPortMessage(listMessageConnectorSpy, { command: "addNewVaultItem", portKey }); + sendPortMessage(listMessageConnectorSpy, { + command: "addNewVaultItem", + portKey, + addNewCipherType: CipherType.Login, + }); await flushPromises(); expect(tabsSendMessageSpy).toHaveBeenCalledWith( sender.tab, - { command: "addNewVaultItemFromOverlay" }, + { command: "addNewVaultItemFromOverlay", addNewCipherType: CipherType.Login }, { frameId: sender.frameId }, ); }); diff --git a/apps/browser/src/autofill/background/overlay.background.ts b/apps/browser/src/autofill/background/overlay.background.ts index 74ec5071099..76b0f4b76ec 100644 --- a/apps/browser/src/autofill/background/overlay.background.ts +++ b/apps/browser/src/autofill/background/overlay.background.ts @@ -19,6 +19,7 @@ import { ThemeStateService } from "@bitwarden/common/platform/theming/theme-stat import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service"; import { CipherType } from "@bitwarden/common/vault/enums"; import { buildCipherIcon } from "@bitwarden/common/vault/icon/build-cipher-icon"; +import { CardView } from "@bitwarden/common/vault/models/view/card.view"; import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view"; import { LoginUriView } from "@bitwarden/common/vault/models/view/login-uri.view"; import { LoginView } from "@bitwarden/common/vault/models/view/login.view"; @@ -54,6 +55,8 @@ import { CloseInlineMenuMessage, InlineMenuPosition, ToggleInlineMenuHiddenMessage, + NewLoginCipherData, + NewCardCipherData, } from "./abstractions/overlay.background"; export class OverlayBackground implements OverlayBackgroundInterface { @@ -69,6 +72,8 @@ export class OverlayBackground implements OverlayBackgroundInterface { private inlineMenuCiphers: Map = new Map(); private inlineMenuPageTranslations: Record; private inlineMenuPosition: InlineMenuPosition = {}; + private cardAndIdentityCiphers: Set | null = null; + private currentInlineMenuCiphersCount: number = 0; private delayedCloseTimeout: number | NodeJS.Timeout; private startInlineMenuFadeInSubject = new Subject(); private cancelInlineMenuFadeInSubject = new Subject(); @@ -132,7 +137,7 @@ export class OverlayBackground implements OverlayBackgroundInterface { autofillInlineMenuBlurred: () => this.checkInlineMenuButtonFocused(), unlockVault: ({ port }) => this.unlockVault(port), fillAutofillInlineMenuCipher: ({ message, port }) => this.fillInlineMenuCipher(message, port), - addNewVaultItem: ({ port }) => this.getNewVaultItemDetails(port), + addNewVaultItem: ({ message, port }) => this.getNewVaultItemDetails(message, port), viewSelectedCipher: ({ message, port }) => this.viewSelectedCipher(message, port), redirectAutofillInlineMenuFocusOut: ({ message, port }) => this.redirectInlineMenuFocusOut(message, port), @@ -220,7 +225,7 @@ export class OverlayBackground implements OverlayBackgroundInterface { * Queries all ciphers for the given url, and sorts them by last used. Will not update the * list of ciphers if the extension is not unlocked. */ - async updateOverlayCiphers() { + async updateOverlayCiphers(updateAllCipherTypes = true) { const authStatus = await firstValueFrom(this.authService.activeAccountStatus$); if (authStatus !== AuthenticationStatus.Unlocked) { if (this.focusedFieldData) { @@ -235,9 +240,7 @@ export class OverlayBackground implements OverlayBackgroundInterface { } this.inlineMenuCiphers = new Map(); - const ciphersViews = ( - await this.cipherService.getAllDecryptedForUrl(currentTab?.url || "") - ).sort((a, b) => this.cipherService.sortCiphersByLastUsedThenName(a, b)); + const ciphersViews = await this.getCipherViews(currentTab, updateAllCipherTypes); for (let cipherIndex = 0; cipherIndex < ciphersViews.length; cipherIndex++) { this.inlineMenuCiphers.set(`inline-menu-cipher-${cipherIndex}`, ciphersViews[cipherIndex]); } @@ -249,6 +252,51 @@ export class OverlayBackground implements OverlayBackgroundInterface { }); } + /** + * Gets the decrypted ciphers within a user's vault based on the current tab's URL. + * + * @param currentTab - The current tab + * @param updateAllCipherTypes - Identifies credit card and identity cipher types should also be updated + */ + private async getCipherViews( + currentTab: chrome.tabs.Tab, + updateAllCipherTypes: boolean, + ): Promise { + if (updateAllCipherTypes || !this.cardAndIdentityCiphers) { + return this.getAllCipherTypeViews(currentTab); + } + + const cipherViews = ( + await this.cipherService.getAllDecryptedForUrl(currentTab?.url || "") + ).sort((a, b) => this.cipherService.sortCiphersByLastUsedThenName(a, b)); + + return cipherViews.concat(...this.cardAndIdentityCiphers); + } + + /** + * Queries all cipher types from the user's vault returns them sorted by last used. + * + * @param currentTab - The current tab + */ + private async getAllCipherTypeViews(currentTab: chrome.tabs.Tab): Promise { + if (!this.cardAndIdentityCiphers) { + this.cardAndIdentityCiphers = new Set([]); + } + + this.cardAndIdentityCiphers.clear(); + const cipherViews = ( + await this.cipherService.getAllDecryptedForUrl(currentTab.url, [CipherType.Card]) + ).sort((a, b) => this.cipherService.sortCiphersByLastUsedThenName(a, b)); + for (let cipherIndex = 0; cipherIndex < cipherViews.length; cipherIndex++) { + const cipherView = cipherViews[cipherIndex]; + if (cipherView.type === CipherType.Card && !this.cardAndIdentityCiphers.has(cipherView)) { + this.cardAndIdentityCiphers.add(cipherView); + } + } + + return cipherViews; + } + /** * Strips out unnecessary data from the ciphers and returns an array of * objects that contain the cipher data needed for the inline menu list. @@ -260,6 +308,9 @@ export class OverlayBackground implements OverlayBackgroundInterface { for (let cipherIndex = 0; cipherIndex < inlineMenuCiphersArray.length; cipherIndex++) { const [inlineMenuCipherId, cipher] = inlineMenuCiphersArray[cipherIndex]; + if (this.focusedFieldData?.filledByCipherType !== cipher.type) { + continue; + } inlineMenuCipherData.push({ id: inlineMenuCipherId, @@ -273,6 +324,7 @@ export class OverlayBackground implements OverlayBackgroundInterface { }); } + this.currentInlineMenuCiphersCount = inlineMenuCipherData.length; return inlineMenuCipherData; } @@ -1062,7 +1114,7 @@ export class OverlayBackground implements OverlayBackgroundInterface { buttonPageTitle: this.i18nService.translate("bitwardenOverlayButton"), toggleBitwardenVaultOverlay: this.i18nService.translate("toggleBitwardenVaultOverlay"), listPageTitle: this.i18nService.translate("bitwardenVault"), - unlockYourAccount: this.i18nService.translate("unlockYourAccountToViewMatchingLogins"), + unlockYourAccount: this.i18nService.translate("unlockYourAccountToViewAutofillSuggestions"), unlockAccount: this.i18nService.translate("unlockAccount"), fillCredentialsFor: this.i18nService.translate("fillCredentialsFor"), username: this.i18nService.translate("username")?.toLowerCase(), @@ -1070,6 +1122,11 @@ export class OverlayBackground implements OverlayBackgroundInterface { noItemsToShow: this.i18nService.translate("noItemsToShow"), newItem: this.i18nService.translate("newItem"), addNewVaultItem: this.i18nService.translate("addNewVaultItem"), + newLogin: this.i18nService.translate("newLogin"), + addNewLoginItem: this.i18nService.translate("addNewLoginItem"), + newCard: this.i18nService.translate("newCard"), + addNewCardItem: this.i18nService.translate("addNewCardItem"), + cardNumberEndsWith: this.i18nService.translate("cardNumberEndsWith"), }; } @@ -1100,16 +1157,20 @@ export class OverlayBackground implements OverlayBackgroundInterface { * Triggers adding a new vault item from the overlay. Gathers data * input by the user before calling to open the add/edit window. * + * @param addNewCipherType - The type of cipher to add * @param sender - The sender of the port message */ - private getNewVaultItemDetails({ sender }: chrome.runtime.Port) { - if (!this.senderTabHasFocusedField(sender)) { + private getNewVaultItemDetails( + { addNewCipherType }: OverlayPortMessage, + { sender }: chrome.runtime.Port, + ) { + if (!addNewCipherType || !this.senderTabHasFocusedField(sender)) { return; } void BrowserApi.tabSendMessage( sender.tab, - { command: "addNewVaultItemFromOverlay" }, + { command: "addNewVaultItemFromOverlay", addNewCipherType }, { frameId: this.focusedFieldData.frameId || 0, }, @@ -1120,18 +1181,60 @@ export class OverlayBackground implements OverlayBackgroundInterface { * Handles adding a new vault item from the overlay. Gathers data login * data captured in the extension message. * + * @param addNewCipherType - The type of cipher to add * @param login - The login data captured from the extension message + * @param card - The card data captured from the extension message * @param sender - The sender of the extension message */ private async addNewVaultItem( - { login }: OverlayAddNewItemMessage, + { addNewCipherType, login, card }: OverlayAddNewItemMessage, sender: chrome.runtime.MessageSender, ) { - if (!login) { + if (!addNewCipherType) { return; } - this.closeInlineMenu(sender); + const cipherView: CipherView = this.buildNewVaultItemCipherView({ + addNewCipherType, + login, + card, + }); + + if (cipherView) { + this.closeInlineMenu(sender); + await this.cipherService.setAddEditCipherInfo({ + cipher: cipherView, + collectionIds: cipherView.collectionIds, + }); + + await this.openAddEditVaultItemPopout(sender.tab, { cipherId: cipherView.id }); + await BrowserApi.sendMessage("inlineAutofillMenuRefreshAddEditCipher"); + } + } + + /** + * Builds and returns a new cipher view with the provided vault item data. + * + * @param addNewCipherType - The type of cipher to add + * @param login - The login data captured from the extension message + * @param card - The card data captured from the extension message + */ + private buildNewVaultItemCipherView({ addNewCipherType, login, card }: OverlayAddNewItemMessage) { + if (login && addNewCipherType === CipherType.Login) { + return this.buildLoginCipherView(login); + } + + if (card && addNewCipherType === CipherType.Card) { + return this.buildCardCipherView(card); + } + } + + /** + * Builds a new login cipher view with the provided login data. + * + * @param login - The login data captured from the extension message + */ + private buildLoginCipherView(login: NewLoginCipherData) { const uriView = new LoginUriView(); uriView.uri = login.uri; @@ -1146,13 +1249,30 @@ export class OverlayBackground implements OverlayBackgroundInterface { cipherView.type = CipherType.Login; cipherView.login = loginView; - await this.cipherService.setAddEditCipherInfo({ - cipher: cipherView, - collectionIds: cipherView.collectionIds, - }); + return cipherView; + } - await this.openAddEditVaultItemPopout(sender.tab, { cipherId: cipherView.id }); - await BrowserApi.sendMessage("inlineAutofillMenuRefreshAddEditCipher"); + /** + * Builds a new card cipher view with the provided card data. + * + * @param card - The card data captured from the extension message + */ + private buildCardCipherView(card: NewCardCipherData) { + const cardView = new CardView(); + cardView.cardholderName = card.cardholderName || ""; + cardView.number = card.number || ""; + cardView.expMonth = card.expirationMonth || ""; + cardView.expYear = card.expirationYear || ""; + cardView.code = card.cvv || ""; + cardView.brand = card.number ? CardView.getCardBrandByPatterns(card.number) : ""; + + const cipherView = new CipherView(); + cipherView.name = ""; + cipherView.folderId = null; + cipherView.type = CipherType.Card; + cipherView.card = cardView; + + return cipherView; } /** @@ -1209,7 +1329,7 @@ export class OverlayBackground implements OverlayBackgroundInterface { * @param sender - The sender of the message */ private checkIsInlineMenuCiphersPopulated(sender: chrome.runtime.MessageSender) { - return this.senderTabHasFocusedField(sender) && this.inlineMenuCiphers.size > 0; + return this.senderTabHasFocusedField(sender) && this.currentInlineMenuCiphersCount > 0; } /** @@ -1477,6 +1597,7 @@ export class OverlayBackground implements OverlayBackgroundInterface { portName: isInlineMenuListPort ? AutofillOverlayPort.ListMessageConnector : AutofillOverlayPort.ButtonMessageConnector, + filledByCipherType: this.focusedFieldData?.filledByCipherType, }); void this.updateInlineMenuPosition( { diff --git a/apps/browser/src/autofill/background/tabs.background.ts b/apps/browser/src/autofill/background/tabs.background.ts index f68ae6c6edc..0513220c277 100644 --- a/apps/browser/src/autofill/background/tabs.background.ts +++ b/apps/browser/src/autofill/background/tabs.background.ts @@ -104,7 +104,7 @@ export default class TabsBackground { return; } - await this.overlayBackground.updateOverlayCiphers(); + await this.overlayBackground.updateOverlayCiphers(false); if (this.main.onUpdatedRan) { return; @@ -134,7 +134,7 @@ export default class TabsBackground { await Promise.all([ this.main.refreshBadge(), this.main.refreshMenu(), - this.overlayBackground.updateOverlayCiphers(), + this.overlayBackground.updateOverlayCiphers(false), ]); }; } diff --git a/apps/browser/src/autofill/content/abstractions/autofill-init.ts b/apps/browser/src/autofill/content/abstractions/autofill-init.ts index 8b00b4ecc9e..ba815a0f29a 100644 --- a/apps/browser/src/autofill/content/abstractions/autofill-init.ts +++ b/apps/browser/src/autofill/content/abstractions/autofill-init.ts @@ -1,4 +1,5 @@ import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status"; +import { CipherType } from "@bitwarden/common/vault/enums"; import { AutofillOverlayElementType } from "../../enums/autofill-overlay.enum"; import AutofillScript from "../../models/autofill-script"; @@ -18,6 +19,7 @@ export type AutofillExtensionMessage = { isFocusingFieldElement?: boolean; authStatus?: AuthenticationStatus; isOpeningFullInlineMenu?: boolean; + addNewCipherType?: CipherType; data?: { direction?: "previous" | "next" | "current"; forceCloseInlineMenu?: boolean; diff --git a/apps/browser/src/autofill/models/autofill-field.ts b/apps/browser/src/autofill/models/autofill-field.ts index 0636190d955..26f01bdeac8 100644 --- a/apps/browser/src/autofill/models/autofill-field.ts +++ b/apps/browser/src/autofill/models/autofill-field.ts @@ -1,3 +1,5 @@ +import { CipherType } from "@bitwarden/common/vault/enums"; + /** * Represents a single field that is collected from the page source and is potentially autofilled. */ @@ -106,4 +108,6 @@ export default class AutofillField { rel?: string | null; checked?: boolean; + + filledByCipherType?: CipherType; } diff --git a/apps/browser/src/autofill/overlay/inline-menu/abstractions/autofill-inline-menu-list.ts b/apps/browser/src/autofill/overlay/inline-menu/abstractions/autofill-inline-menu-list.ts index 1687029074b..5a00ffbaaa8 100644 --- a/apps/browser/src/autofill/overlay/inline-menu/abstractions/autofill-inline-menu-list.ts +++ b/apps/browser/src/autofill/overlay/inline-menu/abstractions/autofill-inline-menu-list.ts @@ -1,4 +1,5 @@ import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status"; +import { CipherType } from "@bitwarden/common/vault/enums"; import { InlineMenuCipherData } from "../../../background/abstractions/overlay.background"; @@ -14,6 +15,7 @@ export type InitAutofillInlineMenuListMessage = AutofillInlineMenuListMessage & theme: string; translations: Record; ciphers?: InlineMenuCipherData[]; + filledByCipherType?: CipherType; portKey: string; }; diff --git a/apps/browser/src/autofill/overlay/inline-menu/pages/list/__snapshots__/autofill-inline-menu-list.spec.ts.snap b/apps/browser/src/autofill/overlay/inline-menu/pages/list/__snapshots__/autofill-inline-menu-list.spec.ts.snap index 1b44636b089..3b0e84514f2 100644 --- a/apps/browser/src/autofill/overlay/inline-menu/pages/list/__snapshots__/autofill-inline-menu-list.spec.ts.snap +++ b/apps/browser/src/autofill/overlay/inline-menu/pages/list/__snapshots__/autofill-inline-menu-list.spec.ts.snap @@ -1,6 +1,6 @@ // Jest Snapshot v1, https://goo.gl/fbAQLP -exports[`AutofillInlineMenuList initAutofillInlineMenuList the inline menu with an empty list of ciphers creates the views for the no results inline menu 1`] = ` +exports[`AutofillInlineMenuList initAutofillInlineMenuList the inline menu with an empty list of ciphers creates the views for the no results inline menu that does not have a fill by cipher type 1`] = `
@@ -13,7 +13,7 @@ exports[`AutofillInlineMenuList initAutofillInlineMenuList the inline menu with class="inline-menu-list-button-container" >
`; -exports[`AutofillInlineMenuList initAutofillInlineMenuList the list of ciphers for an authenticated user creates the view for a list of ciphers 1`] = ` +exports[`AutofillInlineMenuList initAutofillInlineMenuList the inline menu with an empty list of ciphers creates the views for the no results inline menu that should be filled by a card cipher 1`] = ` +
+
+ noItemsToShow +
+
+ +
+
+`; + +exports[`AutofillInlineMenuList initAutofillInlineMenuList the inline menu with an empty list of ciphers creates the views for the no results inline menu that should be filled by a login cipher 1`] = ` +
+
+ noItemsToShow +
+
+ +
+
+`; + +exports[`AutofillInlineMenuList initAutofillInlineMenuList the list of ciphers for an authenticated user creates the view for a list of login ciphers 1`] = `
@@ -87,7 +186,7 @@ exports[`AutofillInlineMenuList initAutofillInlineMenuList the list of ciphers f website login 1 + + + +
+ + + +`; + +exports[`AutofillInlineMenuList initAutofillInlineMenuList the list of ciphers for an authenticated user creates the views for a list of card ciphers 1`] = ` +
+
    +
  • +
    + + +
    +
    • +
  • +
    + + +
    +
    • +
  • +
    + + +
    +
    • +
  • +
    + + +
    +
    • +
  • +
    + + +
    +
    • +
  • +
    + -

    {{ pageTitle }}

    +

    + {{ pageTitle }} +

    +
    diff --git a/apps/browser/src/platform/popup/layout/popup-header.component.ts b/apps/browser/src/platform/popup/layout/popup-header.component.ts index 1b491ea881c..1e41f7ccbe0 100644 --- a/apps/browser/src/platform/popup/layout/popup-header.component.ts +++ b/apps/browser/src/platform/popup/layout/popup-header.component.ts @@ -1,6 +1,6 @@ import { BooleanInput, coerceBooleanProperty } from "@angular/cdk/coercion"; import { CommonModule, Location } from "@angular/common"; -import { Component, Input } from "@angular/core"; +import { Component, Input, Signal, inject } from "@angular/core"; import { JslibModule } from "@bitwarden/angular/jslib.module"; import { @@ -10,6 +10,8 @@ import { TypographyModule, } from "@bitwarden/components"; +import { PopupPageComponent } from "./popup-page.component"; + @Component({ selector: "popup-header", templateUrl: "popup-header.component.html", @@ -17,6 +19,12 @@ import { imports: [TypographyModule, CommonModule, IconButtonModule, JslibModule, AsyncActionsModule], }) export class PopupHeaderComponent { + protected pageContentScrolled: Signal = inject(PopupPageComponent).isScrolled; + + /** Background color */ + @Input() + background: "default" | "alt" = "default"; + /** Display the back button, which uses Location.back() to go back one page in history */ @Input() get showBackButton() { diff --git a/apps/browser/src/platform/popup/layout/popup-layout.mdx b/apps/browser/src/platform/popup/layout/popup-layout.mdx index 49f76501aea..aa11b4099a9 100644 --- a/apps/browser/src/platform/popup/layout/popup-layout.mdx +++ b/apps/browser/src/platform/popup/layout/popup-layout.mdx @@ -74,6 +74,9 @@ Basic usage example: - `showBackButton`: optional, defaults to `false` - Toggles the back button to appear. The back button uses `Location.back()` to navigate back one page in history. +- `background`: optional + - `"default"` uses a white background + - `"alt"` uses a transparent background **Slots** @@ -92,6 +95,12 @@ Usage example: ``` +### Transparent header + + + + + Common interactive elements to insert into the `end` slot are: - `app-current-account`: shows current account and switcher diff --git a/apps/browser/src/platform/popup/layout/popup-layout.stories.ts b/apps/browser/src/platform/popup/layout/popup-layout.stories.ts index 408988dca3b..3d067b53056 100644 --- a/apps/browser/src/platform/popup/layout/popup-layout.stories.ts +++ b/apps/browser/src/platform/popup/layout/popup-layout.stories.ts @@ -303,6 +303,7 @@ export default { MockSettingsPageComponent, MockVaultPagePoppedComponent, NoItemsModule, + VaultComponent, ], providers: [ { @@ -311,6 +312,7 @@ export default { return new I18nMockService({ back: "Back", loading: "Loading", + search: "Search", }); }, }, @@ -421,3 +423,20 @@ export const Loading: Story = { `, }), }; + +export const TransparentHeader: Story = { + render: (args) => ({ + props: args, + template: /* HTML */ ` + + + 🤠 Custom Content + + + + + `, + }), +}; diff --git a/apps/browser/src/platform/popup/layout/popup-page.component.html b/apps/browser/src/platform/popup/layout/popup-page.component.html index d53ef24803d..e62f9e70f91 100644 --- a/apps/browser/src/platform/popup/layout/popup-page.component.html +++ b/apps/browser/src/platform/popup/layout/popup-page.component.html @@ -1,20 +1,21 @@
    -
    +
    - - - - -
    -
    -     -
    diff --git a/apps/browser/src/platform/popup/layout/popup-page.component.ts b/apps/browser/src/platform/popup/layout/popup-page.component.ts index 0ce13ac4a49..50db3e370fc 100644 --- a/apps/browser/src/platform/popup/layout/popup-page.component.ts +++ b/apps/browser/src/platform/popup/layout/popup-page.component.ts @@ -1,5 +1,5 @@ import { CommonModule } from "@angular/common"; -import { Component, Input, inject } from "@angular/core"; +import { Component, Input, inject, signal } from "@angular/core"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; @@ -17,6 +17,13 @@ export class PopupPageComponent { @Input() loading = false; + protected scrolled = signal(false); + isScrolled = this.scrolled.asReadonly(); + /** Accessible loading label for the spinner. Defaults to "loading" */ @Input() loadingText?: string = this.i18nService.t("loading"); + + handleScroll(event: Event) { + this.scrolled.set((event.currentTarget as HTMLElement).scrollTop !== 0); + } } diff --git a/apps/browser/src/popup/app-routing.module.ts b/apps/browser/src/popup/app-routing.module.ts index bb9d0383785..57195564c78 100644 --- a/apps/browser/src/popup/app-routing.module.ts +++ b/apps/browser/src/popup/app-routing.module.ts @@ -16,6 +16,7 @@ import { RegistrationStartComponent, RegistrationStartSecondaryComponent, RegistrationStartSecondaryComponentData, + SetPasswordJitComponent, } from "@bitwarden/auth/angular"; import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; @@ -409,6 +410,15 @@ const routes: Routes = [ }, ], }, + { + path: "set-password-jit", + canActivate: [canAccessFeature(FeatureFlag.EmailVerification)], + component: SetPasswordJitComponent, + data: { + pageTitle: "joinOrganization", + pageSubtitle: "finishJoiningThisOrganizationBySettingAMasterPassword", + } satisfies AnonLayoutWrapperData, + }, ], }, { diff --git a/apps/browser/src/tools/popup/generator/generator.component.html b/apps/browser/src/tools/popup/generator/generator.component.html index 4c39c22b488..d92d32a5623 100644 --- a/apps/browser/src/tools/popup/generator/generator.component.html +++ b/apps/browser/src/tools/popup/generator/generator.component.html @@ -240,7 +240,7 @@ />
    - + , + path: Cow<'static, str>, +} + +const SCREEN_LOCK_MONITORS: [ScreenLock; 2] = [ + ScreenLock { + interface: Cow::Borrowed("org.gnome.ScreenSaver"), + path: Cow::Borrowed("/org/gnome/ScreenSaver"), + }, + ScreenLock { + interface: Cow::Borrowed("org.freedesktop.ScreenSaver"), + path: Cow::Borrowed("/org/freedesktop/ScreenSaver"), + }, +]; + +pub async fn on_lock(tx: tokio::sync::mpsc::Sender<()>) -> Result<(), Box> { + let connection = Connection::session().await?; + + let proxy = zbus::fdo::DBusProxy::new(&connection).await?; + for monitor in SCREEN_LOCK_MONITORS.iter() { + let match_rule = MatchRule::builder() + .msg_type(zbus::MessageType::Signal) + .interface(monitor.interface.clone())? + .member("ActiveChanged")? + .build(); + proxy.add_match_rule(match_rule).await?; + } + + tokio::spawn(async move { + while let Ok(Some(_)) = zbus::MessageStream::from(&connection).try_next().await { + tx.send(()).await.unwrap(); + } + }); + + Ok(()) +} + +pub async fn is_lock_monitor_available() -> bool { + let connection = Connection::session().await.unwrap(); + for monitor in SCREEN_LOCK_MONITORS { + let res = connection.call_method(Some(monitor.interface.clone()), monitor.path.clone(), Some(monitor.interface.clone()), "GetActive", &()).await; + if res.is_ok() { + return true; + } + } + false +} diff --git a/apps/desktop/desktop_native/core/src/powermonitor/mod.rs b/apps/desktop/desktop_native/core/src/powermonitor/mod.rs new file mode 100644 index 00000000000..2a996395508 --- /dev/null +++ b/apps/desktop/desktop_native/core/src/powermonitor/mod.rs @@ -0,0 +1,5 @@ +#[cfg_attr(target_os = "linux", path = "linux.rs")] +#[cfg_attr(target_os = "windows", path = "unimplemented.rs")] +#[cfg_attr(target_os = "macos", path = "unimplemented.rs")] +mod powermonitor; +pub use powermonitor::*; diff --git a/apps/desktop/desktop_native/core/src/powermonitor/unimplemented.rs b/apps/desktop/desktop_native/core/src/powermonitor/unimplemented.rs new file mode 100644 index 00000000000..0078c0bf921 --- /dev/null +++ b/apps/desktop/desktop_native/core/src/powermonitor/unimplemented.rs @@ -0,0 +1,7 @@ +pub async fn on_lock(_: tokio::sync::mpsc::Sender<()>) -> Result<(), Box> { + unimplemented!(); +} + +pub async fn is_lock_monitor_available() -> bool { + return false; +} diff --git a/apps/desktop/desktop_native/napi/index.d.ts b/apps/desktop/desktop_native/napi/index.d.ts index abfc998de04..fdb48543e8d 100644 --- a/apps/desktop/desktop_native/napi/index.d.ts +++ b/apps/desktop/desktop_native/napi/index.d.ts @@ -41,3 +41,7 @@ export namespace clipboards { export function read(): Promise export function write(text: string, password: boolean): Promise } +export namespace powermonitors { + export function onLock(callback: (err: Error | null, ) => any): Promise + export function isLockMonitorAvailable(): Promise +} diff --git a/apps/desktop/desktop_native/napi/index.js b/apps/desktop/desktop_native/napi/index.js index 75617ee2f1a..92e58a21705 100644 --- a/apps/desktop/desktop_native/napi/index.js +++ b/apps/desktop/desktop_native/napi/index.js @@ -206,8 +206,9 @@ if (!nativeBinding) { throw new Error(`Failed to load native binding`) } -const { passwords, biometrics, clipboards } = nativeBinding +const { passwords, biometrics, clipboards, powermonitors } = nativeBinding module.exports.passwords = passwords module.exports.biometrics = biometrics module.exports.clipboards = clipboards +module.exports.powermonitors = powermonitors diff --git a/apps/desktop/desktop_native/napi/src/lib.rs b/apps/desktop/desktop_native/napi/src/lib.rs index e2e7eb7244f..fdb3efcc095 100644 --- a/apps/desktop/desktop_native/napi/src/lib.rs +++ b/apps/desktop/desktop_native/napi/src/lib.rs @@ -1,6 +1,5 @@ #[macro_use] extern crate napi_derive; - #[napi] pub mod passwords { /// Fetch the stored password from the keychain. @@ -142,3 +141,26 @@ pub mod clipboards { .map_err(|e| napi::Error::from_reason(e.to_string())) } } + +#[napi] +pub mod powermonitors { + use napi::{threadsafe_function::{ErrorStrategy::CalleeHandled, ThreadsafeFunction, ThreadsafeFunctionCallMode}, tokio}; + + #[napi] + pub async fn on_lock(callback: ThreadsafeFunction<(), CalleeHandled>) -> napi::Result<()> { + let (tx, mut rx) = tokio::sync::mpsc::channel::<()>(32); + desktop_core::powermonitor::on_lock(tx).await.map_err(|e| napi::Error::from_reason(e.to_string()))?; + tokio::spawn(async move { + while let Some(message) = rx.recv().await { + callback.call(Ok(message.into()), ThreadsafeFunctionCallMode::NonBlocking); + } + }); + Ok(()) + } + + #[napi] + pub async fn is_lock_monitor_available() -> napi::Result { + Ok(desktop_core::powermonitor::is_lock_monitor_available().await) + } + +} diff --git a/apps/desktop/electron-builder.json b/apps/desktop/electron-builder.json index 0ca295f9b92..5f137f8ae30 100644 --- a/apps/desktop/electron-builder.json +++ b/apps/desktop/electron-builder.json @@ -25,7 +25,7 @@ "**/node_modules/argon2/package.json", "**/node_modules/argon2/build/Release/argon2.node" ], - "electronVersion": "31.2.1", + "electronVersion": "31.3.0", "generateUpdatesFilesForAllChannels": true, "publish": { "provider": "generic", diff --git a/apps/desktop/src/app/accounts/settings.component.ts b/apps/desktop/src/app/accounts/settings.component.ts index 2ef5df2c7cb..4f006f23642 100644 --- a/apps/desktop/src/app/accounts/settings.component.ts +++ b/apps/desktop/src/app/accounts/settings.component.ts @@ -46,7 +46,7 @@ export class SettingsComponent implements OnInit { protected readonly VaultTimeoutAction = VaultTimeoutAction; showMinToTray = false; - vaultTimeoutOptions: VaultTimeoutOption[]; + vaultTimeoutOptions: VaultTimeoutOption[] = []; localeOptions: any[]; themeOptions: any[]; clearClipboardOptions: any[]; @@ -161,29 +161,6 @@ export class SettingsComponent implements OnInit { // DuckDuckGo browser is only for macos initially this.showDuckDuckGoIntegrationOption = isMac; - this.vaultTimeoutOptions = [ - { name: this.i18nService.t("oneMinute"), value: 1 }, - { name: this.i18nService.t("fiveMinutes"), value: 5 }, - { name: this.i18nService.t("fifteenMinutes"), value: 15 }, - { name: this.i18nService.t("thirtyMinutes"), value: 30 }, - { name: this.i18nService.t("oneHour"), value: 60 }, - { name: this.i18nService.t("fourHours"), value: 240 }, - { name: this.i18nService.t("onIdle"), value: VaultTimeoutStringType.OnIdle }, - { name: this.i18nService.t("onSleep"), value: VaultTimeoutStringType.OnSleep }, - ]; - - if (this.platformUtilsService.getDevice() !== DeviceType.LinuxDesktop) { - this.vaultTimeoutOptions.push({ - name: this.i18nService.t("onLocked"), - value: VaultTimeoutStringType.OnLocked, - }); - } - - this.vaultTimeoutOptions = this.vaultTimeoutOptions.concat([ - { name: this.i18nService.t("onRestart"), value: VaultTimeoutStringType.OnRestart }, - { name: this.i18nService.t("never"), value: VaultTimeoutStringType.Never }, - ]); - const localeOptions: any[] = []; this.i18nService.supportedTranslationLocales.forEach((locale) => { let name = locale; @@ -215,6 +192,8 @@ export class SettingsComponent implements OnInit { } async ngOnInit() { + this.vaultTimeoutOptions = await this.generateVaultTimeoutOptions(); + this.userHasMasterPassword = await this.userVerificationService.hasMasterPassword(); this.isWindows = (await this.platformUtilsService.getDevice()) === DeviceType.WindowsDesktop; @@ -718,6 +697,33 @@ export class SettingsComponent implements OnInit { ); } + private async generateVaultTimeoutOptions(): Promise { + let vaultTimeoutOptions: VaultTimeoutOption[] = [ + { name: this.i18nService.t("oneMinute"), value: 1 }, + { name: this.i18nService.t("fiveMinutes"), value: 5 }, + { name: this.i18nService.t("fifteenMinutes"), value: 15 }, + { name: this.i18nService.t("thirtyMinutes"), value: 30 }, + { name: this.i18nService.t("oneHour"), value: 60 }, + { name: this.i18nService.t("fourHours"), value: 240 }, + { name: this.i18nService.t("onIdle"), value: VaultTimeoutStringType.OnIdle }, + { name: this.i18nService.t("onSleep"), value: VaultTimeoutStringType.OnSleep }, + ]; + + if (await ipc.platform.powermonitor.isLockMonitorAvailable()) { + vaultTimeoutOptions.push({ + name: this.i18nService.t("onLocked"), + value: VaultTimeoutStringType.OnLocked, + }); + } + + vaultTimeoutOptions = vaultTimeoutOptions.concat([ + { name: this.i18nService.t("onRestart"), value: VaultTimeoutStringType.OnRestart }, + { name: this.i18nService.t("never"), value: VaultTimeoutStringType.Never }, + ]); + + return vaultTimeoutOptions; + } + ngOnDestroy() { this.destroy$.next(); this.destroy$.complete(); diff --git a/apps/desktop/src/app/app-routing.module.ts b/apps/desktop/src/app/app-routing.module.ts index 0e3f10345a1..a93299e45a4 100644 --- a/apps/desktop/src/app/app-routing.module.ts +++ b/apps/desktop/src/app/app-routing.module.ts @@ -16,6 +16,7 @@ import { RegistrationStartComponent, RegistrationStartSecondaryComponent, RegistrationStartSecondaryComponentData, + SetPasswordJitComponent, } from "@bitwarden/auth/angular"; import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; @@ -149,6 +150,15 @@ const routes: Routes = [ }, ], }, + { + path: "set-password-jit", + canActivate: [canAccessFeature(FeatureFlag.EmailVerification)], + component: SetPasswordJitComponent, + data: { + pageTitle: "joinOrganization", + pageSubtitle: "finishJoiningThisOrganizationBySettingAMasterPassword", + } satisfies AnonLayoutWrapperData, + }, ], }, ]; diff --git a/apps/desktop/src/app/services/desktop-set-password-jit.service.ts b/apps/desktop/src/app/services/desktop-set-password-jit.service.ts new file mode 100644 index 00000000000..f6ea3d0ce84 --- /dev/null +++ b/apps/desktop/src/app/services/desktop-set-password-jit.service.ts @@ -0,0 +1,21 @@ +import { inject } from "@angular/core"; + +import { + DefaultSetPasswordJitService, + SetPasswordCredentials, + SetPasswordJitService, +} from "@bitwarden/auth/angular"; +import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service"; + +export class DesktopSetPasswordJitService + extends DefaultSetPasswordJitService + implements SetPasswordJitService +{ + messagingService = inject(MessagingService); + + override async setPassword(credentials: SetPasswordCredentials) { + await super.setPassword(credentials); + + this.messagingService.send("redrawMenu"); + } +} diff --git a/apps/desktop/src/app/services/services.module.ts b/apps/desktop/src/app/services/services.module.ts index c0b4bf4eb1c..85bfbc09f63 100644 --- a/apps/desktop/src/app/services/services.module.ts +++ b/apps/desktop/src/app/services/services.module.ts @@ -18,16 +18,30 @@ import { CLIENT_TYPE, } from "@bitwarden/angular/services/injection-tokens"; import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.module"; +import { SetPasswordJitService } from "@bitwarden/auth/angular"; +import { + InternalUserDecryptionOptionsServiceAbstraction, + PinServiceAbstraction, +} from "@bitwarden/auth/common"; +import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service"; +import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; +import { OrganizationUserService } from "@bitwarden/common/admin-console/abstractions/organization-user/organization-user.service"; import { PolicyService as PolicyServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { AccountService as AccountServiceAbstraction } from "@bitwarden/common/auth/abstractions/account.service"; import { AuthService as AuthServiceAbstraction } from "@bitwarden/common/auth/abstractions/auth.service"; -import { KdfConfigService as KdfConfigServiceAbstraction } from "@bitwarden/common/auth/abstractions/kdf-config.service"; +import { + KdfConfigService, + KdfConfigService as KdfConfigServiceAbstraction, +} from "@bitwarden/common/auth/abstractions/kdf-config.service"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { AutofillSettingsServiceAbstraction } from "@bitwarden/common/autofill/services/autofill-settings.service"; import { ClientType } from "@bitwarden/common/enums"; import { CryptoFunctionService as CryptoFunctionServiceAbstraction } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { CryptoService as CryptoServiceAbstraction } from "@bitwarden/common/platform/abstractions/crypto.service"; +import { + CryptoService, + CryptoService as CryptoServiceAbstraction, +} from "@bitwarden/common/platform/abstractions/crypto.service"; import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service"; import { FileDownloadService } from "@bitwarden/common/platform/abstractions/file-download/file-download.service"; import { I18nService as I18nServiceAbstraction } from "@bitwarden/common/platform/abstractions/i18n.service"; @@ -56,7 +70,6 @@ import { CipherService as CipherServiceAbstraction } from "@bitwarden/common/vau import { DialogService } from "@bitwarden/components"; import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; -import { PinServiceAbstraction } from "../../../../../libs/auth/src/common/abstractions"; import { DesktopAutofillSettingsService } from "../../autofill/services/desktop-autofill-settings.service"; import { DesktopSettingsService } from "../../platform/services/desktop-settings.service"; import { ElectronCryptoService } from "../../platform/services/electron-crypto.service"; @@ -77,6 +90,7 @@ import { NativeMessagingService } from "../../services/native-messaging.service" import { SearchBarService } from "../layout/search/search-bar.service"; import { DesktopFileDownloadService } from "./desktop-file-download.service"; +import { DesktopSetPasswordJitService } from "./desktop-set-password-jit.service"; import { InitService } from "./init.service"; import { NativeMessagingManifestService } from "./native-messaging-manifest.service"; import { RendererCryptoFunctionService } from "./renderer-crypto-function.service"; @@ -254,6 +268,20 @@ const safeProviders: SafeProvider[] = [ provide: CLIENT_TYPE, useValue: ClientType.Desktop, }), + safeProvider({ + provide: SetPasswordJitService, + useClass: DesktopSetPasswordJitService, + deps: [ + ApiService, + CryptoService, + I18nServiceAbstraction, + KdfConfigService, + InternalMasterPasswordServiceAbstraction, + OrganizationApiServiceAbstraction, + OrganizationUserService, + InternalUserDecryptionOptionsServiceAbstraction, + ], + }), ]; @NgModule({ diff --git a/apps/desktop/src/app/tools/generator.component.html b/apps/desktop/src/app/tools/generator.component.html index 9af67522deb..0a8043fe594 100644 --- a/apps/desktop/src/app/tools/generator.component.html +++ b/apps/desktop/src/app/tools/generator.component.html @@ -265,7 +265,7 @@ />
    - + { this.messagingService.send("systemLocked"); }); + } else { + powermonitors + .onLock(() => { + this.messagingService.send("systemLocked"); + }) + .catch((error) => { + this.logService.error("Error setting up lock monitor", { error }); + }); } + ipcMain.handle("powermonitor.isLockMonitorAvailable", async (_event: any, _message: any) => { + if (process.platform !== "linux") { + return true; + } else { + return await powermonitors.isLockMonitorAvailable(); + } + }); // System idle global.setInterval(() => { diff --git a/apps/desktop/src/platform/preload.ts b/apps/desktop/src/platform/preload.ts index d81d6476526..b3007753eed 100644 --- a/apps/desktop/src/platform/preload.ts +++ b/apps/desktop/src/platform/preload.ts @@ -59,6 +59,11 @@ const clipboard = { write: (message: ClipboardWriteMessage) => ipcRenderer.invoke("clipboard.write", message), }; +const powermonitor = { + isLockMonitorAvailable: (): Promise => + ipcRenderer.invoke("powermonitor.isLockMonitorAvailable"), +}; + const nativeMessaging = { sendReply: (message: EncryptedMessageResponse | UnencryptedMessageResponse) => { ipcRenderer.send("nativeMessagingReply", message); @@ -148,6 +153,7 @@ export default { passwords, biometric, clipboard, + powermonitor, nativeMessaging, crypto, }; diff --git a/apps/web/src/app/admin-console/organizations/policies/master-password.component.html b/apps/web/src/app/admin-console/organizations/policies/master-password.component.html index 85670f7d193..63a59208cc0 100644 --- a/apps/web/src/app/admin-console/organizations/policies/master-password.component.html +++ b/apps/web/src/app/admin-console/organizations/policies/master-password.component.html @@ -50,6 +50,6 @@ - !@#$%^&* + !@#$%^&*
    diff --git a/apps/web/src/app/admin-console/organizations/policies/password-generator.component.html b/apps/web/src/app/admin-console/organizations/policies/password-generator.component.html index 80df5fa2e6a..63d6671afec 100644 --- a/apps/web/src/app/admin-console/organizations/policies/password-generator.component.html +++ b/apps/web/src/app/admin-console/organizations/policies/password-generator.component.html @@ -44,7 +44,7 @@ - !@#$%^&* + !@#$%^&*

    {{ "passphrase" | i18n }}

    diff --git a/apps/web/src/app/auth/core/services/index.ts b/apps/web/src/app/auth/core/services/index.ts index 6a28efcbaad..c85f0f3204c 100644 --- a/apps/web/src/app/auth/core/services/index.ts +++ b/apps/web/src/app/auth/core/services/index.ts @@ -1,2 +1,3 @@ export * from "./webauthn-login"; +export * from "./set-password-jit"; export * from "./registration"; diff --git a/apps/web/src/app/auth/core/services/registration/web-registration-finish.service.spec.ts b/apps/web/src/app/auth/core/services/registration/web-registration-finish.service.spec.ts index 999e603ef6a..007165a1bca 100644 --- a/apps/web/src/app/auth/core/services/registration/web-registration-finish.service.spec.ts +++ b/apps/web/src/app/auth/core/services/registration/web-registration-finish.service.spec.ts @@ -145,6 +145,7 @@ describe("DefaultRegistrationFinishService", () => { passwordInputResult = { masterKey: masterKey, masterKeyHash: "masterKeyHash", + localMasterKeyHash: "localMasterKeyHash", kdfConfig: DEFAULT_KDF_CONFIG, hint: "hint", }; diff --git a/apps/web/src/app/auth/core/services/set-password-jit/index.ts b/apps/web/src/app/auth/core/services/set-password-jit/index.ts new file mode 100644 index 00000000000..fc119fd964f --- /dev/null +++ b/apps/web/src/app/auth/core/services/set-password-jit/index.ts @@ -0,0 +1 @@ +export * from "./web-set-password-jit.service"; diff --git a/apps/web/src/app/auth/core/services/set-password-jit/web-set-password-jit.service.ts b/apps/web/src/app/auth/core/services/set-password-jit/web-set-password-jit.service.ts new file mode 100644 index 00000000000..62175f1256d --- /dev/null +++ b/apps/web/src/app/auth/core/services/set-password-jit/web-set-password-jit.service.ts @@ -0,0 +1,27 @@ +import { inject } from "@angular/core"; + +import { + DefaultSetPasswordJitService, + SetPasswordCredentials, + SetPasswordJitService, +} from "@bitwarden/auth/angular"; + +import { RouterService } from "../../../../core/router.service"; +import { AcceptOrganizationInviteService } from "../../../organization-invite/accept-organization.service"; + +export class WebSetPasswordJitService + extends DefaultSetPasswordJitService + implements SetPasswordJitService +{ + routerService = inject(RouterService); + acceptOrganizationInviteService = inject(AcceptOrganizationInviteService); + + override async setPassword(credentials: SetPasswordCredentials) { + await super.setPassword(credentials); + + // SSO JIT accepts org invites when setting their MP, meaning + // we can clear the deep linked url for accepting it. + await this.routerService.getAndClearLoginRedirectUrl(); + await this.acceptOrganizationInviteService.clearOrganizationInvitation(); + } +} diff --git a/apps/web/src/app/auth/settings/two-factor-authenticator.component.ts b/apps/web/src/app/auth/settings/two-factor-authenticator.component.ts index 7672ef70281..b4bef9f74e3 100644 --- a/apps/web/src/app/auth/settings/two-factor-authenticator.component.ts +++ b/apps/web/src/app/auth/settings/two-factor-authenticator.component.ts @@ -7,9 +7,12 @@ import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction"; import { TwoFactorProviderType } from "@bitwarden/common/auth/enums/two-factor-provider-type"; +import { DisableTwoFactorAuthenticatorRequest } from "@bitwarden/common/auth/models/request/disable-two-factor-authenticator.request"; import { UpdateTwoFactorAuthenticatorRequest } from "@bitwarden/common/auth/models/request/update-two-factor-authenticator.request"; import { TwoFactorAuthenticatorResponse } from "@bitwarden/common/auth/models/response/two-factor-authenticator.response"; import { AuthResponse } from "@bitwarden/common/auth/types/auth-response"; +import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; +import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; @@ -43,6 +46,7 @@ export class TwoFactorAuthenticatorComponent @Output() onChangeStatus = new EventEmitter(); type = TwoFactorProviderType.Authenticator; key: string; + private userVerificationToken: string; override componentName = "app-two-factor-authenticator"; qrScriptError = false; @@ -63,6 +67,7 @@ export class TwoFactorAuthenticatorComponent logService: LogService, private accountService: AccountService, dialogService: DialogService, + private configService: ConfigService, ) { super( apiService, @@ -112,16 +117,46 @@ export class TwoFactorAuthenticatorComponent const request = await this.buildRequestModel(UpdateTwoFactorAuthenticatorRequest); request.token = this.formGroup.value.token; request.key = this.key; + request.userVerificationToken = this.userVerificationToken; const response = await this.apiService.putTwoFactorAuthenticator(request); await this.processResponse(response); this.onUpdated.emit(true); } + protected override async disableMethod() { + const twoFactorAuthenticatorTokenFeatureFlag = await this.configService.getFeatureFlag( + FeatureFlag.AuthenticatorTwoFactorToken, + ); + if (twoFactorAuthenticatorTokenFeatureFlag === false) { + return super.disableMethod(); + } + + const confirmed = await this.dialogService.openSimpleDialog({ + title: { key: "disable" }, + content: { key: "twoStepDisableDesc" }, + type: "warning", + }); + + if (!confirmed) { + return; + } + + const request = await this.buildRequestModel(DisableTwoFactorAuthenticatorRequest); + request.type = this.type; + request.key = this.key; + request.userVerificationToken = this.userVerificationToken; + await this.apiService.deleteTwoFactorAuthenticator(request); + this.enabled = false; + this.platformUtilsService.showToast("success", null, this.i18nService.t("twoStepDisabled")); + this.onUpdated.emit(false); + } + private async processResponse(response: TwoFactorAuthenticatorResponse) { this.formGroup.get("token").setValue(null); this.enabled = response.enabled; this.key = response.key; + this.userVerificationToken = response.userVerificationToken; await this.waitForQRiousToLoadOrError().catch((error) => { this.logService.error(error); diff --git a/apps/web/src/app/billing/individual/user-subscription.component.html b/apps/web/src/app/billing/individual/user-subscription.component.html index 5f9e6463f1b..08eec09ff97 100644 --- a/apps/web/src/app/billing/individual/user-subscription.component.html +++ b/apps/web/src/app/billing/individual/user-subscription.component.html @@ -65,7 +65,7 @@ - {{ i.name }} {{ i.quantity > 1 ? "×" + i.quantity : "" }} @ + {{ i.name }} {{ i.quantity > 1 ? "×" + i.quantity : "" }} @ {{ i.amount | currency: "$" }} {{ i.quantity * i.amount | currency: "$" }} /{{ i.interval | i18n }} diff --git a/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html b/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html index dff6cc5c611..35cb0c2ac79 100644 --- a/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html +++ b/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html @@ -75,7 +75,7 @@ {{ i.productName | i18n }} - - {{ i.name }} {{ i.quantity > 1 ? "×" + i.quantity : "" }} @ + {{ i.name }} {{ i.quantity > 1 ? "×" + i.quantity : "" }} @ {{ i.amount | currency: "$" }} diff --git a/apps/web/src/app/core/core.module.ts b/apps/web/src/app/core/core.module.ts index 93a5a9c00a7..45cfa8a3552 100644 --- a/apps/web/src/app/core/core.module.ts +++ b/apps/web/src/app/core/core.module.ts @@ -17,11 +17,20 @@ import { } from "@bitwarden/angular/services/injection-tokens"; import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.module"; import { ModalService as ModalServiceAbstraction } from "@bitwarden/angular/services/modal.service"; -import { RegistrationFinishService as RegistrationFinishServiceAbstraction } from "@bitwarden/auth/angular"; +import { + SetPasswordJitService, + RegistrationFinishService as RegistrationFinishServiceAbstraction, +} from "@bitwarden/auth/angular"; +import { InternalUserDecryptionOptionsServiceAbstraction } from "@bitwarden/auth/common"; +import { ApiService } from "@bitwarden/common/abstractions/api.service"; +import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; +import { OrganizationUserService } from "@bitwarden/common/admin-console/abstractions/organization-user/organization-user.service"; import { PolicyApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/policy/policy-api.service.abstraction"; import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { AccountApiService as AccountApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/account-api.service"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; +import { KdfConfigService } from "@bitwarden/common/auth/abstractions/kdf-config.service"; +import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { ClientType } from "@bitwarden/common/enums"; import { CryptoService as CryptoServiceAbstraction } from "@bitwarden/common/platform/abstractions/crypto.service"; import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; @@ -48,7 +57,7 @@ import { import { VaultTimeout, VaultTimeoutStringType } from "@bitwarden/common/types/vault-timeout.type"; import { PolicyListService } from "../admin-console/core/policy-list.service"; -import { WebRegistrationFinishService } from "../auth"; +import { WebSetPasswordJitService, WebRegistrationFinishService } from "../auth"; import { AcceptOrganizationInviteService } from "../auth/organization-invite/accept-organization.service"; import { HtmlStorageService } from "../core/html-storage.service"; import { I18nService } from "../core/i18n.service"; @@ -184,6 +193,20 @@ const safeProviders: SafeProvider[] = [ PolicyService, ], }), + safeProvider({ + provide: SetPasswordJitService, + useClass: WebSetPasswordJitService, + deps: [ + ApiService, + CryptoServiceAbstraction, + I18nServiceAbstraction, + KdfConfigService, + InternalMasterPasswordServiceAbstraction, + OrganizationApiServiceAbstraction, + OrganizationUserService, + InternalUserDecryptionOptionsServiceAbstraction, + ], + }), ]; @NgModule({ diff --git a/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.html b/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.html index c91e14fa529..08195d95bf9 100644 --- a/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.html +++ b/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.html @@ -15,21 +15,45 @@ class="tw-mt-2 tw-flex tw-w-full tw-flex-col tw-gap-2 tw-border-0" > {{ "moreFromBitwarden" | i18n }} - - - diff --git a/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.spec.ts b/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.spec.ts index d7400e478c1..a07f56db2d7 100644 --- a/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.spec.ts +++ b/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.component.spec.ts @@ -80,7 +80,10 @@ describe("NavigationProductSwitcherComponent", () => { isActive: false, name: "Other Product", icon: "bwi-lock", - marketingRoute: "https://www.example.com/", + marketingRoute: { + route: "https://www.example.com/", + external: true, + }, }, ], }); @@ -100,7 +103,10 @@ describe("NavigationProductSwitcherComponent", () => { isActive: false, name: "Other Product", icon: "bwi-lock", - marketingRoute: "https://www.example.com/", + marketingRoute: { + route: "https://www.example.com/", + external: true, + }, otherProductOverrides: { name: "Alternate name" }, }, ], @@ -117,7 +123,10 @@ describe("NavigationProductSwitcherComponent", () => { isActive: false, name: "Other Product", icon: "bwi-lock", - marketingRoute: "https://www.example.com/", + marketingRoute: { + route: "https://www.example.com/", + external: true, + }, otherProductOverrides: { name: "Alternate name", supportingText: "Supporting Text" }, }, ], @@ -134,9 +143,27 @@ describe("NavigationProductSwitcherComponent", () => { mockProducts$.next({ bento: [], other: [ - { name: "AA Product", icon: "bwi-lock", marketingRoute: "https://www.example.com/" }, - { name: "Test Product", icon: "bwi-lock", marketingRoute: "https://www.example.com/" }, - { name: "Organizations", icon: "bwi-lock", marketingRoute: "https://www.example.com/" }, + { + name: "AA Product", + icon: "bwi-lock", + marketingRoute: { + route: "https://www.example.com/", + external: true, + }, + }, + { + name: "Test Product", + icon: "bwi-lock", + marketingRoute: { + route: "https://www.example.com/", + external: true, + }, + }, + { + name: "Organizations", + icon: "bwi-lock", + marketingRoute: { route: "https://www.example.com/", external: true }, + }, ], }); @@ -157,7 +184,10 @@ describe("NavigationProductSwitcherComponent", () => { { name: "Organizations", icon: "bwi-lock", - marketingRoute: "https://www.example.com/", + marketingRoute: { + route: "https://www.example.com/", + external: true, + }, isActive: true, }, ], diff --git a/apps/web/src/app/layouts/product-switcher/product-switcher-content.component.html b/apps/web/src/app/layouts/product-switcher/product-switcher-content.component.html index 62d8b6a075e..55f72401946 100644 --- a/apps/web/src/app/layouts/product-switcher/product-switcher-content.component.html +++ b/apps/web/src/app/layouts/product-switcher/product-switcher-content.component.html @@ -34,17 +34,30 @@ class="tw-mt-4 tw-flex tw-w-full tw-flex-col tw-gap-2 tw-border-0 tw-border-t tw-border-solid tw-border-t-text-muted tw-p-2 tw-pb-0" > {{ "moreFromBitwarden" | i18n }} - - - {{ product.name }} - - + + + + + {{ product.name }} + + + + + + {{ product.name }} + + +
    diff --git a/apps/web/src/app/layouts/product-switcher/shared/product-switcher.service.ts b/apps/web/src/app/layouts/product-switcher/shared/product-switcher.service.ts index 434391cd50c..28474d792a5 100644 --- a/apps/web/src/app/layouts/product-switcher/shared/product-switcher.service.ts +++ b/apps/web/src/app/layouts/product-switcher/shared/product-switcher.service.ts @@ -30,7 +30,13 @@ export type ProductSwitcherItem = { /** * Route for items in the `otherProducts$` section */ - marketingRoute?: string | any[]; + marketingRoute?: { + route: string | any[]; + external: boolean; + }; + /** + * Route definition for external/internal routes for items in the `otherProducts$` section + */ /** * Used to apply css styles to show when a button is selected @@ -136,7 +142,10 @@ export class ProductSwitcherService { name: "Password Manager", icon: "bwi-lock", appRoute: "/vault", - marketingRoute: "https://bitwarden.com/products/personal/", + marketingRoute: { + route: "https://bitwarden.com/products/personal/", + external: true, + }, isActive: !this.router.url.includes("/sm/") && !this.router.url.includes("/organizations/") && @@ -146,7 +155,10 @@ export class ProductSwitcherService { name: "Secrets Manager", icon: "bwi-cli", appRoute: ["/sm", smOrg?.id], - marketingRoute: "https://bitwarden.com/products/secrets-manager/", + marketingRoute: { + route: "/sm-landing", + external: false, + }, isActive: this.router.url.includes("/sm/"), otherProductOverrides: { supportingText: this.i18n.transform("secureYourInfrastructure"), @@ -156,7 +168,10 @@ export class ProductSwitcherService { name: "Admin Console", icon: "bwi-business", appRoute: ["/organizations", acOrg?.id], - marketingRoute: "https://bitwarden.com/products/business/", + marketingRoute: { + route: "https://bitwarden.com/products/business/", + external: true, + }, isActive: this.router.url.includes("/organizations/"), }, provider: { @@ -168,7 +183,10 @@ export class ProductSwitcherService { orgs: { name: "Organizations", icon: "bwi-business", - marketingRoute: "https://bitwarden.com/products/business/", + marketingRoute: { + route: "https://bitwarden.com/products/business/", + external: true, + }, otherProductOverrides: { name: "Share your passwords", supportingText: this.i18n.transform("protectYourFamilyOrBusiness"), diff --git a/apps/web/src/app/oss-routing.module.ts b/apps/web/src/app/oss-routing.module.ts index a4172ad03ea..034f65366aa 100644 --- a/apps/web/src/app/oss-routing.module.ts +++ b/apps/web/src/app/oss-routing.module.ts @@ -17,6 +17,7 @@ import { RegistrationStartComponent, RegistrationStartSecondaryComponent, RegistrationStartSecondaryComponentData, + SetPasswordJitComponent, LockIcon, RegistrationLinkExpiredComponent, } from "@bitwarden/auth/angular"; @@ -59,6 +60,8 @@ import { EnvironmentSelectorComponent } from "./components/environment-selector/ import { DataProperties } from "./core"; import { FrontendLayoutComponent } from "./layouts/frontend-layout.component"; import { UserLayoutComponent } from "./layouts/user-layout.component"; +import { RequestSMAccessComponent } from "./secrets-manager/secrets-manager-landing/request-sm-access.component"; +import { SMLandingComponent } from "./secrets-manager/secrets-manager-landing/sm-landing.component"; import { DomainRulesComponent } from "./settings/domain-rules.component"; import { PreferencesComponent } from "./settings/preferences.component"; import { GeneratorComponent } from "./tools/generator.component"; @@ -206,6 +209,15 @@ const routes: Routes = [ }, ], }, + { + path: "set-password-jit", + canActivate: [canAccessFeature(FeatureFlag.EmailVerification)], + component: SetPasswordJitComponent, + data: { + pageTitle: "joinOrganization", + pageSubtitle: "finishJoiningThisOrganizationBySettingAMasterPassword", + } satisfies AnonLayoutWrapperData, + }, { path: "signup-link-expired", canActivate: [canAccessFeature(FeatureFlag.EmailVerification), unauthGuardFn()], @@ -405,6 +417,16 @@ const routes: Routes = [ component: SendComponent, data: { titleId: "send" } satisfies DataProperties, }, + { + path: "sm-landing", + component: SMLandingComponent, + data: { titleId: "moreProductsFromBitwarden" }, + }, + { + path: "request-sm-access", + component: RequestSMAccessComponent, + data: { titleId: "requestAccessToSecretsManager" }, + }, { path: "create-organization", component: CreateOrganizationComponent, diff --git a/apps/web/src/app/secrets-manager/models/requests/request-sm-access.request.ts b/apps/web/src/app/secrets-manager/models/requests/request-sm-access.request.ts new file mode 100644 index 00000000000..fb580b93ee4 --- /dev/null +++ b/apps/web/src/app/secrets-manager/models/requests/request-sm-access.request.ts @@ -0,0 +1,6 @@ +import { Guid } from "@bitwarden/common/src/types/guid"; + +export class RequestSMAccessRequest { + OrganizationId: Guid; + EmailContent: string; +} diff --git a/apps/web/src/app/secrets-manager/secrets-manager-landing/request-sm-access.component.html b/apps/web/src/app/secrets-manager/secrets-manager-landing/request-sm-access.component.html new file mode 100644 index 00000000000..901ce0d178a --- /dev/null +++ b/apps/web/src/app/secrets-manager/secrets-manager-landing/request-sm-access.component.html @@ -0,0 +1,39 @@ + + + +
    +
    +
    +

    {{ "youNeedApprovalFromYourAdminToTrySecretsManager" | i18n }}

    + + {{ "addANote" | i18n }} + + + + {{ "organization" | i18n }} + + + + +
    + + +
    +
    +
    +
    +     diff --git a/apps/web/src/app/secrets-manager/secrets-manager-landing/request-sm-access.component.ts b/apps/web/src/app/secrets-manager/secrets-manager-landing/request-sm-access.component.ts new file mode 100644 index 00000000000..890cbe8ca12 --- /dev/null +++ b/apps/web/src/app/secrets-manager/secrets-manager-landing/request-sm-access.component.ts @@ -0,0 +1,75 @@ +import { Component, OnInit } from "@angular/core"; +import { FormControl, FormGroup, Validators } from "@angular/forms"; +import { Router } from "@angular/router"; + +import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; +import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; +import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; +import { Guid } from "@bitwarden/common/types/guid"; +import { NoItemsModule, SearchModule, ToastService } from "@bitwarden/components"; + +import { HeaderModule } from "../../layouts/header/header.module"; +import { OssModule } from "../../oss.module"; +import { SharedModule } from "../../shared/shared.module"; +import { RequestSMAccessRequest } from "../models/requests/request-sm-access.request"; + +import { SmLandingApiService } from "./sm-landing-api.service"; + +@Component({ + selector: "app-request-sm-access", + standalone: true, + templateUrl: "request-sm-access.component.html", + imports: [SharedModule, SearchModule, NoItemsModule, HeaderModule, OssModule], +}) +export class RequestSMAccessComponent implements OnInit { + requestAccessForm = new FormGroup({ + requestAccessEmailContents: new FormControl( + this.i18nService.t("requestAccessSMDefaultEmailContent"), + [Validators.required], + ), + selectedOrganization: new FormControl(null, [Validators.required]), + }); + organizations: Organization[] = []; + + constructor( + private router: Router, + private i18nService: I18nService, + private organizationService: OrganizationService, + private smLandingApiService: SmLandingApiService, + private toastService: ToastService, + ) {} + + async ngOnInit() { + this.organizations = (await this.organizationService.getAll()) + .filter((e) => e.enabled) + .sort((a, b) => a.name.localeCompare(b.name)); + + if (this.organizations === null || this.organizations.length < 1) { + await this.navigateToCreateOrganizationPage(); + } + } + + submit = async () => { + this.requestAccessForm.markAllAsTouched(); + if (this.requestAccessForm.invalid) { + return; + } + + const formValue = this.requestAccessForm.value; + const request = new RequestSMAccessRequest(); + request.OrganizationId = formValue.selectedOrganization.id as Guid; + request.EmailContent = formValue.requestAccessEmailContents; + + await this.smLandingApiService.requestSMAccessFromAdmins(request); + this.toastService.showToast({ + variant: "success", + title: null, + message: this.i18nService.t("smAccessRequestEmailSent"), + }); + await this.router.navigate(["/"]); + }; + + async navigateToCreateOrganizationPage() { + await this.router.navigate(["/create-organization"]); + } +} diff --git a/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing-api.service.ts b/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing-api.service.ts new file mode 100644 index 00000000000..db2b2ee69a1 --- /dev/null +++ b/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing-api.service.ts @@ -0,0 +1,16 @@ +import { Injectable } from "@angular/core"; + +import { ApiService } from "@bitwarden/common/abstractions/api.service"; + +import { RequestSMAccessRequest } from "../models/requests/request-sm-access.request"; + +@Injectable({ + providedIn: "root", +}) +export class SmLandingApiService { + constructor(private apiService: ApiService) {} + + async requestSMAccessFromAdmins(request: RequestSMAccessRequest): Promise { + await this.apiService.send("POST", "/request-access/request-sm-access", request, true, false); + } +} diff --git a/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing.component.html b/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing.component.html new file mode 100644 index 00000000000..659baa7fde1 --- /dev/null +++ b/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing.component.html @@ -0,0 +1,53 @@ + + +
    +
    + +
    +
    +

    {{ "bitwardenSecretsManager" | i18n }}

    + +

    + {{ "developmentDevOpsAndITTeamsChooseBWSecret" | i18n }} +

    +
      +
    • + {{ "centralizeSecretsManagement" | i18n }} + {{ "centralizeSecretsManagementDescription" | i18n }} +
      • +
    • + {{ "preventSecretLeaks" | i18n }} {{ "preventSecretLeaksDescription" | i18n }} +
      • +
    • + {{ "enhanceDeveloperProductivity" | i18n }} + {{ "enhanceDeveloperProductivityDescription" | i18n }} +
      • +
    • + {{ "strengthenBusinessSecurity" | i18n }} + {{ "strengthenBusinessSecurityDescription" | i18n }} +
      • +
    +     + +

    + {{ "giveMembersAccess" | i18n }} +

    +
      +
    • + {{ "openYourOrganizations" | i18n }} {{ "members" | i18n }} + {{ "viewAndSelectTheMembers" | i18n }} +
      • +
    • + {{ "usingTheMenuSelect" | i18n }} {{ "activateSecretsManager" | i18n }} + {{ "toGrantAccessToSelectedMembers" | i18n }} +
      • +
    +     + + + {{ "learnMore" | i18n }} + +
    +
    diff --git a/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing.component.ts b/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing.component.ts new file mode 100644 index 00000000000..392f8403bde --- /dev/null +++ b/apps/web/src/app/secrets-manager/secrets-manager-landing/sm-landing.component.ts @@ -0,0 +1,76 @@ +import { Component } from "@angular/core"; + +import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; +import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; +import { NoItemsModule, SearchModule } from "@bitwarden/components"; + +import { HeaderModule } from "../../layouts/header/header.module"; +import { SharedModule } from "../../shared/shared.module"; + +@Component({ + selector: "app-sm-landing", + standalone: true, + imports: [SharedModule, SearchModule, NoItemsModule, HeaderModule], + templateUrl: "sm-landing.component.html", +}) +export class SMLandingComponent { + tryItNowUrl: string; + learnMoreUrl: string = "https://bitwarden.com/help/secrets-manager-overview/"; + imageSrc: string = "../images/sm.webp"; + showSecretsManagerInformation: boolean = true; + showGiveMembersAccessInstructions: boolean = false; + + constructor(private organizationService: OrganizationService) {} + + async ngOnInit() { + const enabledOrganizations = (await this.organizationService.getAll()).filter((e) => e.enabled); + + if (enabledOrganizations.length > 0) { + this.handleEnabledOrganizations(enabledOrganizations); + } else { + // Person is not part of any orgs they need to be in an organization in order to use SM + this.tryItNowUrl = "/create-organization"; + } + } + + private handleEnabledOrganizations(enabledOrganizations: Organization[]) { + // People get to this page because SM (Secrets Manager) isn't enabled for them (or the Organization they are a part of) + // 1 - SM is enabled for the Organization but not that user + //1a - person is Admin+ (Admin or higher) and just needs instructions on how to enable it for themselves + //1b - person is beneath admin status and needs to request SM access from Administrators/Owners + // 2 - SM is not enabled for the organization yet + //2a - person is Owner/Provider - Direct them to the subscription/billing page + //2b - person is Admin - Direct them to request access page where an email is sent to owner/admins + //2c - person is user - Direct them to request access page where an email is sent to owner/admins + + // We use useSecretsManager because we want to get the first org the person is a part of where SM is enabled but they don't have access enabled yet + const adminPlusNeedsInstructionsToEnableSM = enabledOrganizations.find( + (o) => o.isAdmin && o.useSecretsManager, + ); + const ownerNeedsToEnableSM = enabledOrganizations.find( + (o) => o.isOwner && !o.useSecretsManager, + ); + + // 1a If Organization has SM Enabled, but this logged in person does not have it enabled, but they are admin+ then give them instructions to enable. + if (adminPlusNeedsInstructionsToEnableSM != undefined) { + this.showHowToEnableSMForMembers(adminPlusNeedsInstructionsToEnableSM.id); + } + // 2a Owners can enable SM in the subscription area of Admin Console. + else if (ownerNeedsToEnableSM != undefined) { + this.tryItNowUrl = `/organizations/${ownerNeedsToEnableSM.id}/billing/subscription`; + } + // 1b and 2b 2c, they must be lower than an Owner, and they need access, or want their org to have access to SM. + else { + this.tryItNowUrl = "/request-sm-access"; + } + } + + private showHowToEnableSMForMembers(orgId: string) { + this.showGiveMembersAccessInstructions = true; + this.showSecretsManagerInformation = false; + this.learnMoreUrl = + "https://bitwarden.com/help/secrets-manager-quick-start/#give-members-access"; + this.imageSrc = "../images/sm-give-access.png"; + this.tryItNowUrl = `/organizations/${orgId}/members`; + } +} diff --git a/apps/web/src/app/tools/generator.component.html b/apps/web/src/app/tools/generator.component.html index f52d1f020d3..d73fe377011 100644 --- a/apps/web/src/app/tools/generator.component.html +++ b/apps/web/src/app/tools/generator.component.html @@ -210,7 +210,7 @@ [disabled]="enforcedPasswordPolicyOptions?.useSpecial" attr.aria-label="{{ 'specialCharacters' | i18n }}" /> - +
    {{ "important" | i18n }} {{ "masterPassImportant" | i18n }} - {{ minPasswordMsg }}. + {{ minPasswordLengthMsg }}. diff --git a/libs/auth/src/angular/input-password/input-password.component.ts b/libs/auth/src/angular/input-password/input-password.component.ts index 7b5651492e1..0fa5d0ac41c 100644 --- a/libs/auth/src/angular/input-password/input-password.component.ts +++ b/libs/auth/src/angular/input-password/input-password.component.ts @@ -1,4 +1,4 @@ -import { Component, EventEmitter, Input, OnInit, Output } from "@angular/core"; +import { Component, EventEmitter, Input, Output } from "@angular/core"; import { ReactiveFormsModule, FormBuilder, Validators } from "@angular/forms"; import { JslibModule } from "@bitwarden/angular/jslib.module"; @@ -12,6 +12,7 @@ import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/mod import { DEFAULT_KDF_CONFIG } from "@bitwarden/common/auth/models/domain/kdf-config"; import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; +import { HashPurpose } from "@bitwarden/common/platform/enums"; import { Utils } from "@bitwarden/common/platform/misc/utils"; import { AsyncActionsModule, @@ -48,17 +49,16 @@ import { PasswordInputResult } from "./password-input-result"; JslibModule, ], }) -export class InputPasswordComponent implements OnInit { +export class InputPasswordComponent { @Output() onPasswordFormSubmit = new EventEmitter(); @Input({ required: true }) email: string; - @Input() protected buttonText: string; + @Input() buttonText: string; @Input() masterPasswordPolicyOptions: MasterPasswordPolicyOptions | null = null; @Input() loading: boolean = false; private minHintLength = 0; protected maxHintLength = 50; - protected minPasswordLength = Utils.minimumPasswordLength; protected minPasswordMsg = ""; protected passwordStrengthScore: PasswordStrengthScore; @@ -103,17 +103,14 @@ export class InputPasswordComponent implements OnInit { private toastService: ToastService, ) {} - async ngOnInit() { + get minPasswordLengthMsg() { if ( this.masterPasswordPolicyOptions != null && this.masterPasswordPolicyOptions.minLength > 0 ) { - this.minPasswordMsg = this.i18nService.t( - "characterMinimum", - this.masterPasswordPolicyOptions.minLength, - ); + return this.i18nService.t("characterMinimum", this.masterPasswordPolicyOptions.minLength); } else { - this.minPasswordMsg = this.i18nService.t("characterMinimum", this.minPasswordLength); + return this.i18nService.t("characterMinimum", this.minPasswordLength); } } @@ -181,9 +178,16 @@ export class InputPasswordComponent implements OnInit { const masterKeyHash = await this.cryptoService.hashMasterKey(password, masterKey); + const localMasterKeyHash = await this.cryptoService.hashMasterKey( + password, + masterKey, + HashPurpose.LocalAuthorization, + ); + this.onPasswordFormSubmit.emit({ masterKey, masterKeyHash, + localMasterKeyHash, kdfConfig, hint: this.formGroup.controls.hint.value, }); diff --git a/libs/auth/src/angular/input-password/password-input-result.ts b/libs/auth/src/angular/input-password/password-input-result.ts index 0a74b88a2e8..ce9f0b7386b 100644 --- a/libs/auth/src/angular/input-password/password-input-result.ts +++ b/libs/auth/src/angular/input-password/password-input-result.ts @@ -4,6 +4,7 @@ import { MasterKey } from "@bitwarden/common/types/key"; export interface PasswordInputResult { masterKey: MasterKey; masterKeyHash: string; + localMasterKeyHash: string; kdfConfig: PBKDF2KdfConfig; hint: string; } diff --git a/libs/auth/src/angular/password-callout/password-callout.component.html b/libs/auth/src/angular/password-callout/password-callout.component.html index f8a73ab6234..589d2a20456 100644 --- a/libs/auth/src/angular/password-callout/password-callout.component.html +++ b/libs/auth/src/angular/password-callout/password-callout.component.html @@ -1,7 +1,7 @@ {{ message | i18n }} -
      +
      • {{ "policyInEffectMinComplexity" | i18n: getPasswordScoreAlertDisplay() }}
        • diff --git a/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.html b/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.html index 9785bf05ab5..5135fb61922 100644 --- a/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.html +++ b/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.html @@ -1,4 +1,4 @@ -
        + {{ "creatingAccountOn" | i18n }} diff --git a/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.ts b/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.ts index 268fb1cc996..d5e588cdd96 100644 --- a/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.ts +++ b/libs/auth/src/angular/registration/registration-env-selector/registration-env-selector.component.ts @@ -44,6 +44,7 @@ export class RegistrationEnvSelectorComponent implements OnInit, OnDestroy { private selectedRegionFromEnv: RegionConfig | Region.SelfHosted; + hideEnvSelector = false; isDesktopOrBrowserExtension = false; private destroy$ = new Subject(); @@ -59,9 +60,15 @@ export class RegistrationEnvSelectorComponent implements OnInit, OnDestroy { const clientType = platformUtilsService.getClientType(); this.isDesktopOrBrowserExtension = clientType === ClientType.Desktop || clientType === ClientType.Browser; + + this.hideEnvSelector = clientType === ClientType.Web && this.platformUtilsService.isSelfHost(); } async ngOnInit() { + if (this.hideEnvSelector) { + return; + } + await this.initSelectedRegionAndListenForEnvChanges(); this.listenForSelectedRegionChanges(); } diff --git a/libs/auth/src/angular/registration/registration-finish/default-registration-finish.service.spec.ts b/libs/auth/src/angular/registration/registration-finish/default-registration-finish.service.spec.ts index 94eccfce2f3..b4c8026a5e5 100644 --- a/libs/auth/src/angular/registration/registration-finish/default-registration-finish.service.spec.ts +++ b/libs/auth/src/angular/registration/registration-finish/default-registration-finish.service.spec.ts @@ -54,6 +54,7 @@ describe("DefaultRegistrationFinishService", () => { passwordInputResult = { masterKey: masterKey, masterKeyHash: "masterKeyHash", + localMasterKeyHash: "localMasterKeyHash", kdfConfig: DEFAULT_KDF_CONFIG, hint: "hint", }; diff --git a/libs/auth/src/angular/registration/registration-finish/registration-finish.component.html b/libs/auth/src/angular/registration/registration-finish/registration-finish.component.html index 70ca948f93d..e42ed91166a 100644 --- a/libs/auth/src/angular/registration/registration-finish/registration-finish.component.html +++ b/libs/auth/src/angular/registration/registration-finish/registration-finish.component.html @@ -1,4 +1,4 @@ -