diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 5ba84c1f195..2550f0fddbe 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -8,6 +8,8 @@ apps/desktop/desktop_native @bitwarden/team-platform-dev apps/desktop/desktop_native/objc/src/native/autofill @bitwarden/team-autofill-dev apps/desktop/desktop_native/core/src/autofill @bitwarden/team-autofill-dev +## No ownership for Cargo.toml to allow dependency updates +apps/desktop/desktop_native/Cargo.toml ## Auth team files ## apps/browser/src/auth @bitwarden/team-auth-dev diff --git a/.github/renovate.json5 b/.github/renovate.json5 index bde87563dd1..01361a97404 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -168,15 +168,20 @@ matchPackageNames: [ "@emotion/css", "@webcomponents/custom-elements", + "bitwarden-russh", "bytes", "concurrently", "cross-env", "del", + "ed25519", "lit", "patch-package", + "pkcs8", "prettier", "prettier-plugin-tailwindcss", "rimraf", + "ssh-encoding", + "ssh-key", "@storybook/web-components-webpack5", "tabbable", "tldts", @@ -210,31 +215,68 @@ "@types/node-forge", "@types/node-ipc", "@yao-pkg/pkg", + "anyhow", + "arboard", "babel-loader", + "base64", + "bindgen", "browserslist", + "byteorder", + "bytes", + "core-foundation", "copy-webpack-plugin", + "dirs", "electron", "electron-builder", "electron-log", "electron-reload", "electron-store", "electron-updater", + "embed_plist", + "futures", + "hex", + "homedir", "html-webpack-injector", "html-webpack-plugin", + "interprocess", "json5", + "keytar", + "libc", + "log", "lowdb", + "napi", + "napi-build", + "napi-derive", "node-forge", "node-ipc", + "oo7", + "oslog", + "pin-project", "pkg", + "rand", "rxjs", + "scopeguard", + "security-framework", + "security-framework-sys", + "serde", + "serde_json", + "simplelog", + "sysinfo", "tsconfig-paths-webpack-plugin", "type-fest", + "typenum", "typescript", "typescript-strict-plugin", + "uniffi", "webpack", "webpack-cli", "webpack-dev-server", "webpack-node-externals", + "widestring", + "windows", + "windows-registry", + "zbus", + "zbus_polkit", ], description: "Platform owned dependencies", commitMessagePrefix: "[deps] Platform:", @@ -352,7 +394,17 @@ reviewers: ["team:team-vault-dev"], }, { - matchPackageNames: ["@types/argon2-browser", "argon2", "argon2-browser", "big-integer"], + matchPackageNames: [ + "@types/argon2-browser", + "aes", + "argon2", + "argon2-browser", + "big-integer", + "cbc", + "rsa", + "russh-cryptovec", + "sha2", + ], description: "Key Management owned dependencies", commitMessagePrefix: "[deps] KM:", reviewers: ["team:team-key-management-dev"], diff --git a/apps/browser/src/_locales/en/messages.json b/apps/browser/src/_locales/en/messages.json index 127e07f25e8..86977b950f3 100644 --- a/apps/browser/src/_locales/en/messages.json +++ b/apps/browser/src/_locales/en/messages.json @@ -3338,9 +3338,6 @@ "loginWithDevice": { "message": "Log in with device" }, - "loginWithDeviceEnabledInfo": { - "message": "Log in with device must be set up in the settings of the Bitwarden app. Need another option?" - }, "fingerprintPhraseHeader": { "message": "Fingerprint phrase" }, @@ -3353,9 +3350,6 @@ "viewAllLogInOptions": { "message": "View all log in options" }, - "viewAllLoginOptionsV1": { - "message": "View all log in options" - }, "notificationSentDevice": { "message": "A notification has been sent to your device." }, @@ -3546,9 +3540,6 @@ "adminApprovalRequestSentToAdmins": { "message": "Your request has been sent to your admin." }, - "youWillBeNotifiedOnceApproved": { - "message": "You will be notified once approved." - }, "troubleLoggingIn": { "message": "Trouble logging in?" }, diff --git a/apps/browser/src/auth/popup/home.component.html b/apps/browser/src/auth/popup/home.component.html deleted file mode 100644 index 08043cf88bb..00000000000 --- a/apps/browser/src/auth/popup/home.component.html +++ /dev/null @@ -1,36 +0,0 @@ - -
-
-
-

{{ "loginOrCreateNewAccount" | i18n }}

-
-
-
-
- - -
- -
- - -
-
-
-
- -
-
-

- {{ "newAroundHere" | i18n }} - {{ "createAccount" | i18n }} -

-
-
diff --git a/apps/browser/src/auth/popup/home.component.ts b/apps/browser/src/auth/popup/home.component.ts deleted file mode 100644 index 0c4510204d1..00000000000 --- a/apps/browser/src/auth/popup/home.component.ts +++ /dev/null @@ -1,130 +0,0 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore -import { Component, OnDestroy, OnInit, ViewChild } from "@angular/core"; -import { FormBuilder, Validators } from "@angular/forms"; -import { ActivatedRoute, Router } from "@angular/router"; -import { Subject, firstValueFrom, switchMap, takeUntil, tap } from "rxjs"; - -import { EnvironmentSelectorComponent } from "@bitwarden/angular/auth/components/environment-selector.component"; -import { LoginEmailServiceAbstraction } from "@bitwarden/auth/common"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; -import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { ToastService } from "@bitwarden/components"; - -import { AccountSwitcherService } from "./account-switching/services/account-switcher.service"; - -@Component({ - selector: "app-home", - templateUrl: "home.component.html", -}) -export class HomeComponent implements OnInit, OnDestroy { - @ViewChild(EnvironmentSelectorComponent, { static: true }) - environmentSelector!: EnvironmentSelectorComponent; - private destroyed$: Subject = new Subject(); - - loginInitiated = false; - formGroup = this.formBuilder.group({ - email: ["", [Validators.required, Validators.email]], - rememberEmail: [false], - }); - - constructor( - protected platformUtilsService: PlatformUtilsService, - private formBuilder: FormBuilder, - private router: Router, - private i18nService: I18nService, - private loginEmailService: LoginEmailServiceAbstraction, - private accountSwitcherService: AccountSwitcherService, - private toastService: ToastService, - private configService: ConfigService, - private route: ActivatedRoute, - ) {} - - async ngOnInit(): Promise { - this.listenForUnauthUiRefreshFlagChanges(); - - const email = await firstValueFrom(this.loginEmailService.loginEmail$); - const rememberEmail = this.loginEmailService.getRememberEmail(); - - if (email != null) { - this.formGroup.patchValue({ email, rememberEmail }); - } else { - const storedEmail = await firstValueFrom(this.loginEmailService.storedEmail$); - - if (storedEmail != null) { - this.formGroup.patchValue({ email: storedEmail, rememberEmail: true }); - } - } - - this.environmentSelector.onOpenSelfHostedSettings - .pipe( - switchMap(async () => { - await this.setLoginEmailValues(); - await this.router.navigate(["environment"]); - }), - takeUntil(this.destroyed$), - ) - .subscribe(); - } - - ngOnDestroy(): void { - this.destroyed$.next(); - this.destroyed$.complete(); - } - - private listenForUnauthUiRefreshFlagChanges() { - this.configService - .getFeatureFlag$(FeatureFlag.UnauthenticatedExtensionUIRefresh) - .pipe( - tap(async (flag) => { - // If the flag is turned ON, we must force a reload to ensure the correct UI is shown - if (flag) { - const qParams = await firstValueFrom(this.route.queryParams); - - const uniqueQueryParams = { - ...qParams, - // adding a unique timestamp to the query params to force a reload - t: new Date().getTime().toString(), - }; - - await this.router.navigate(["/login"], { - queryParams: uniqueQueryParams, - }); - } - }), - takeUntil(this.destroyed$), - ) - .subscribe(); - } - - get availableAccounts$() { - return this.accountSwitcherService.availableAccounts$; - } - - async submit() { - this.formGroup.markAllAsTouched(); - - if (this.formGroup.invalid) { - this.toastService.showToast({ - variant: "error", - title: this.i18nService.t("errorOccured"), - message: this.i18nService.t("invalidEmail"), - }); - return; - } - - await this.setLoginEmailValues(); - await this.router.navigate(["login"], { - queryParams: { email: this.formGroup.controls.email.value }, - }); - } - - async setLoginEmailValues() { - // Note: Browser saves email settings here instead of the login component - this.loginEmailService.setRememberEmail(this.formGroup.controls.rememberEmail.value); - await this.loginEmailService.setLoginEmail(this.formGroup.controls.email.value); - await this.loginEmailService.saveEmailSettings(); - } -} diff --git a/apps/browser/src/auth/popup/login-v1.component.html b/apps/browser/src/auth/popup/login-v1.component.html deleted file mode 100644 index 145a9cbc754..00000000000 --- a/apps/browser/src/auth/popup/login-v1.component.html +++ /dev/null @@ -1,81 +0,0 @@ -
-
-

- {{ "logIn" | i18n }} -

-
-
-
-
-
-
- - - - -
-
- -
-
-
- -
-
-
- -
-
- -
-
diff --git a/apps/browser/src/auth/popup/login-v1.component.ts b/apps/browser/src/auth/popup/login-v1.component.ts deleted file mode 100644 index b2c52f248c6..00000000000 --- a/apps/browser/src/auth/popup/login-v1.component.ts +++ /dev/null @@ -1,142 +0,0 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore -import { Component, NgZone, OnInit } from "@angular/core"; -import { FormBuilder } from "@angular/forms"; -import { ActivatedRoute, Router } from "@angular/router"; -import { firstValueFrom } from "rxjs"; - -import { LoginComponentV1 as BaseLoginComponent } from "@bitwarden/angular/auth/components/login-v1.component"; -import { FormValidationErrorsService } from "@bitwarden/angular/platform/abstractions/form-validation-errors.service"; -import { - LoginStrategyServiceAbstraction, - LoginEmailServiceAbstraction, -} from "@bitwarden/auth/common"; -import { DevicesApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices-api.service.abstraction"; -import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction"; -import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service"; -import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { StateService } from "@bitwarden/common/platform/abstractions/state.service"; -import { Utils } from "@bitwarden/common/platform/misc/utils"; -import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; -import { ToastService } from "@bitwarden/components"; -import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; - -@Component({ - selector: "app-login", - templateUrl: "login-v1.component.html", -}) -export class LoginComponentV1 extends BaseLoginComponent implements OnInit { - constructor( - devicesApiService: DevicesApiServiceAbstraction, - appIdService: AppIdService, - loginStrategyService: LoginStrategyServiceAbstraction, - router: Router, - protected platformUtilsService: PlatformUtilsService, - protected i18nService: I18nService, - protected stateService: StateService, - protected environmentService: EnvironmentService, - protected passwordGenerationService: PasswordGenerationServiceAbstraction, - protected cryptoFunctionService: CryptoFunctionService, - syncService: SyncService, - logService: LogService, - ngZone: NgZone, - formBuilder: FormBuilder, - formValidationErrorService: FormValidationErrorsService, - route: ActivatedRoute, - loginEmailService: LoginEmailServiceAbstraction, - ssoLoginService: SsoLoginServiceAbstraction, - toastService: ToastService, - ) { - super( - devicesApiService, - appIdService, - loginStrategyService, - router, - platformUtilsService, - i18nService, - stateService, - environmentService, - passwordGenerationService, - cryptoFunctionService, - logService, - ngZone, - formBuilder, - formValidationErrorService, - route, - loginEmailService, - ssoLoginService, - toastService, - ); - this.onSuccessfulLogin = async () => { - await syncService.fullSync(true); - }; - this.successRoute = "/tabs/vault"; - } - - async ngOnInit(): Promise { - await super.ngOnInit(); - await this.validateEmail(); - } - - settings() { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate(["environment"]); - } - - async launchSsoBrowser() { - // Save off email for SSO - await this.ssoLoginService.setSsoEmail(this.formGroup.value.email); - - // Generate necessary sso params - const passwordOptions: any = { - type: "password", - length: 64, - uppercase: true, - lowercase: true, - numbers: true, - special: false, - }; - - const state = - (await this.passwordGenerationService.generatePassword(passwordOptions)) + - ":clientId=browser"; - const codeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions); - const codeVerifierHash = await this.cryptoFunctionService.hash(codeVerifier, "sha256"); - const codeChallenge = Utils.fromBufferToUrlB64(codeVerifierHash); - - await this.ssoLoginService.setCodeVerifier(codeVerifier); - await this.ssoLoginService.setSsoState(state); - - const env = await firstValueFrom(this.environmentService.environment$); - let url = env.getWebVaultUrl(); - if (url == null) { - url = "https://vault.bitwarden.com"; - } - - const redirectUri = url + "/sso-connector.html"; - - // Launch browser - this.platformUtilsService.launchUri( - url + - "/#/sso?clientId=browser" + - "&redirectUri=" + - encodeURIComponent(redirectUri) + - "&state=" + - state + - "&codeChallenge=" + - codeChallenge + - "&email=" + - encodeURIComponent(this.formGroup.controls.email.value), - ); - } - - async saveEmailSettings() { - // values should be saved on home component - return; - } -} diff --git a/apps/browser/src/auth/popup/login-via-auth-request-v1.component.html b/apps/browser/src/auth/popup/login-via-auth-request-v1.component.html deleted file mode 100644 index 34c0cbe9614..00000000000 --- a/apps/browser/src/auth/popup/login-via-auth-request-v1.component.html +++ /dev/null @@ -1,68 +0,0 @@ - diff --git a/apps/browser/src/auth/popup/login-via-auth-request-v1.component.ts b/apps/browser/src/auth/popup/login-via-auth-request-v1.component.ts deleted file mode 100644 index 66c69d0a41a..00000000000 --- a/apps/browser/src/auth/popup/login-via-auth-request-v1.component.ts +++ /dev/null @@ -1,85 +0,0 @@ -import { Location } from "@angular/common"; -import { Component } from "@angular/core"; -import { Router } from "@angular/router"; - -import { LoginViaAuthRequestComponentV1 as BaseLoginViaAuthRequestComponentV1 } from "@bitwarden/angular/auth/components/login-via-auth-request-v1.component"; -import { - AuthRequestServiceAbstraction, - LoginStrategyServiceAbstraction, - LoginEmailServiceAbstraction, -} from "@bitwarden/auth/common"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; -import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; -import { AnonymousHubService } from "@bitwarden/common/auth/abstractions/anonymous-hub.service"; -import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service"; -import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractions/device-trust.service.abstraction"; -import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service"; -import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service"; -import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; -import { ToastService } from "@bitwarden/components"; -import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; -import { KeyService } from "@bitwarden/key-management"; - -@Component({ - selector: "app-login-via-auth-request", - templateUrl: "login-via-auth-request-v1.component.html", -}) -export class LoginViaAuthRequestComponentV1 extends BaseLoginViaAuthRequestComponentV1 { - constructor( - router: Router, - keyService: KeyService, - cryptoFunctionService: CryptoFunctionService, - appIdService: AppIdService, - passwordGenerationService: PasswordGenerationServiceAbstraction, - apiService: ApiService, - authService: AuthService, - logService: LogService, - environmentService: EnvironmentService, - i18nService: I18nService, - platformUtilsService: PlatformUtilsService, - anonymousHubService: AnonymousHubService, - validationService: ValidationService, - loginEmailService: LoginEmailServiceAbstraction, - syncService: SyncService, - deviceTrustService: DeviceTrustServiceAbstraction, - authRequestService: AuthRequestServiceAbstraction, - loginStrategyService: LoginStrategyServiceAbstraction, - accountService: AccountService, - private location: Location, - toastService: ToastService, - ) { - super( - router, - keyService, - cryptoFunctionService, - appIdService, - passwordGenerationService, - apiService, - authService, - logService, - environmentService, - i18nService, - platformUtilsService, - anonymousHubService, - validationService, - accountService, - loginEmailService, - deviceTrustService, - authRequestService, - loginStrategyService, - toastService, - ); - this.onSuccessfulLogin = async () => { - await syncService.fullSync(true); - }; - } - - protected back() { - this.location.back(); - } -} diff --git a/apps/browser/src/autofill/popup/settings/autofill.component.ts b/apps/browser/src/autofill/popup/settings/autofill.component.ts index f0b73838ba4..7bd6c93bb64 100644 --- a/apps/browser/src/autofill/popup/settings/autofill.component.ts +++ b/apps/browser/src/autofill/popup/settings/autofill.component.ts @@ -364,7 +364,7 @@ export class AutofillComponent implements OnInit { return; } - BrowserApi.updateDefaultBrowserAutofillSettings(!this.defaultBrowserAutofillDisabled); + await BrowserApi.updateDefaultBrowserAutofillSettings(!this.defaultBrowserAutofillDisabled); } private handleOverrideDialogAccept = async () => { diff --git a/apps/browser/src/autofill/spec/autofill-mocks.ts b/apps/browser/src/autofill/spec/autofill-mocks.ts index 6e175906d30..8279c98c5b4 100644 --- a/apps/browser/src/autofill/spec/autofill-mocks.ts +++ b/apps/browser/src/autofill/spec/autofill-mocks.ts @@ -103,6 +103,7 @@ export function createChromeTabMock(customFields = {}): chrome.tabs.Tab { selected: true, discarded: false, autoDiscardable: false, + frozen: false, groupId: 2, url: "https://jest-testing-website.com", ...customFields, diff --git a/apps/browser/src/platform/browser/browser-api.spec.ts b/apps/browser/src/platform/browser/browser-api.spec.ts index 6e8a0f3002d..f6bf7d4069b 100644 --- a/apps/browser/src/platform/browser/browser-api.spec.ts +++ b/apps/browser/src/platform/browser/browser-api.spec.ts @@ -2,6 +2,8 @@ import { mock } from "jest-mock-extended"; import { BrowserApi } from "./browser-api"; +type ChromeSettingsGet = chrome.types.ChromeSetting["get"]; + describe("BrowserApi", () => { const executeScriptResult = ["value"]; @@ -468,19 +470,23 @@ describe("BrowserApi", () => { describe("browserAutofillSettingsOverridden", () => { it("returns true if the browser autofill settings are overridden", async () => { - const expectedDetails = { - value: false, - levelOfControl: "controlled_by_this_extension", - } as chrome.types.ChromeSettingGetResultDetails; - chrome.privacy.services.autofillAddressEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); - chrome.privacy.services.autofillCreditCardEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); - chrome.privacy.services.passwordSavingEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); + const mockFn = jest.fn< + void, + [ + details: chrome.types.ChromeSettingGetDetails, + callback: (details: chrome.types.ChromeSettingGetResult) => void, + ], + never + >((details, callback) => { + callback({ + value: false, + levelOfControl: "controlled_by_this_extension", + }); + }); + chrome.privacy.services.autofillAddressEnabled.get = mockFn as unknown as ChromeSettingsGet; + chrome.privacy.services.autofillCreditCardEnabled.get = + mockFn as unknown as ChromeSettingsGet; + chrome.privacy.services.passwordSavingEnabled.get = mockFn as unknown as ChromeSettingsGet; const result = await BrowserApi.browserAutofillSettingsOverridden(); @@ -488,19 +494,24 @@ describe("BrowserApi", () => { }); it("returns false if the browser autofill settings are not overridden", async () => { - const expectedDetails = { - value: true, - levelOfControl: "controlled_by_this_extension", - } as chrome.types.ChromeSettingGetResultDetails; - chrome.privacy.services.autofillAddressEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); - chrome.privacy.services.autofillCreditCardEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); - chrome.privacy.services.passwordSavingEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); + const mockFn = jest.fn< + void, + [ + details: chrome.types.ChromeSettingGetDetails, + callback: (details: chrome.types.ChromeSettingGetResult) => void, + ], + never + >((details, callback) => { + callback({ + value: true, + levelOfControl: "controlled_by_this_extension", + }); + }); + + chrome.privacy.services.autofillAddressEnabled.get = mockFn as unknown as ChromeSettingsGet; + chrome.privacy.services.autofillCreditCardEnabled.get = + mockFn as unknown as ChromeSettingsGet; + chrome.privacy.services.passwordSavingEnabled.get = mockFn as unknown as ChromeSettingsGet; const result = await BrowserApi.browserAutofillSettingsOverridden(); @@ -508,19 +519,23 @@ describe("BrowserApi", () => { }); it("returns false if the browser autofill settings are not controlled by the extension", async () => { - const expectedDetails = { - value: false, - levelOfControl: "controlled_by_other_extensions", - } as chrome.types.ChromeSettingGetResultDetails; - chrome.privacy.services.autofillAddressEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); - chrome.privacy.services.autofillCreditCardEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); - chrome.privacy.services.passwordSavingEnabled.get = jest.fn((details, callback) => - callback(expectedDetails), - ); + const mockFn = jest.fn< + void, + [ + details: chrome.types.ChromeSettingGetDetails, + callback: (details: chrome.types.ChromeSettingGetResult) => void, + ], + never + >((details, callback) => { + callback({ + value: false, + levelOfControl: "controlled_by_other_extensions", + }); + }); + chrome.privacy.services.autofillAddressEnabled.get = mockFn as unknown as ChromeSettingsGet; + chrome.privacy.services.autofillCreditCardEnabled.get = + mockFn as unknown as ChromeSettingsGet; + chrome.privacy.services.passwordSavingEnabled.get = mockFn as unknown as ChromeSettingsGet; const result = await BrowserApi.browserAutofillSettingsOverridden(); diff --git a/apps/browser/src/platform/browser/browser-api.ts b/apps/browser/src/platform/browser/browser-api.ts index 293fca4d029..ec16c883bfb 100644 --- a/apps/browser/src/platform/browser/browser-api.ts +++ b/apps/browser/src/platform/browser/browser-api.ts @@ -504,7 +504,9 @@ export class BrowserApi { * * @param permissions - The permissions to check. */ - static async permissionsGranted(permissions: string[]): Promise { + static async permissionsGranted( + permissions: chrome.runtime.ManifestPermissions[], + ): Promise { return new Promise((resolve) => chrome.permissions.contains({ permissions }, (result) => resolve(result)), ); @@ -594,7 +596,7 @@ export class BrowserApi { * Identifies if the browser autofill settings are overridden by the extension. */ static async browserAutofillSettingsOverridden(): Promise { - const checkOverrideStatus = (details: chrome.types.ChromeSettingGetResultDetails) => + const checkOverrideStatus = (details: chrome.types.ChromeSettingGetResult) => details.levelOfControl === "controlled_by_this_extension" && !details.value; const autofillAddressOverridden: boolean = await new Promise((resolve) => @@ -623,10 +625,10 @@ export class BrowserApi { * * @param value - Determines whether to enable or disable the autofill settings. */ - static updateDefaultBrowserAutofillSettings(value: boolean) { - chrome.privacy.services.autofillAddressEnabled.set({ value }); - chrome.privacy.services.autofillCreditCardEnabled.set({ value }); - chrome.privacy.services.passwordSavingEnabled.set({ value }); + static async updateDefaultBrowserAutofillSettings(value: boolean) { + await chrome.privacy.services.autofillAddressEnabled.set({ value }); + await chrome.privacy.services.autofillCreditCardEnabled.set({ value }); + await chrome.privacy.services.passwordSavingEnabled.set({ value }); } /** diff --git a/apps/browser/src/popup/app.module.ts b/apps/browser/src/popup/app.module.ts index a190cb134ac..72117a2f900 100644 --- a/apps/browser/src/popup/app.module.ts +++ b/apps/browser/src/popup/app.module.ts @@ -22,10 +22,7 @@ import { CurrentAccountComponent } from "../auth/popup/account-switching/current import { EnvironmentComponent } from "../auth/popup/environment.component"; import { ExtensionAnonLayoutWrapperComponent } from "../auth/popup/extension-anon-layout-wrapper/extension-anon-layout-wrapper.component"; import { HintComponent } from "../auth/popup/hint.component"; -import { HomeComponent } from "../auth/popup/home.component"; import { LoginDecryptionOptionsComponentV1 } from "../auth/popup/login-decryption-options/login-decryption-options-v1.component"; -import { LoginComponentV1 } from "../auth/popup/login-v1.component"; -import { LoginViaAuthRequestComponentV1 } from "../auth/popup/login-via-auth-request-v1.component"; import { RemovePasswordComponent } from "../auth/popup/remove-password.component"; import { SetPasswordComponent } from "../auth/popup/set-password.component"; import { AccountSecurityComponent } from "../auth/popup/settings/account-security.component"; @@ -98,9 +95,6 @@ import "../platform/popup/locales"; ColorPasswordCountPipe, EnvironmentComponent, HintComponent, - HomeComponent, - LoginViaAuthRequestComponentV1, - LoginComponentV1, LoginDecryptionOptionsComponentV1, SetPasswordComponent, SsoComponentV1, diff --git a/apps/browser/src/popup/scss/base.scss b/apps/browser/src/popup/scss/base.scss index bfa037eea23..7a8d39c6f3e 100644 --- a/apps/browser/src/popup/scss/base.scss +++ b/apps/browser/src/popup/scss/base.scss @@ -448,38 +448,6 @@ main:not(popup-page main) { width: 100%; } -.login-with-device { - .fingerprint-phrase-header { - padding-top: 1rem; - display: block; - } - - @include themify($themes) { - .fingerprint-text { - color: themed("codeColor"); - font-family: SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", - monospace; - padding: 1rem 0; - } - } - - .resend-notification { - padding-bottom: 1rem; - a { - cursor: pointer; - } - } - - .footer { - padding-top: 1rem; - - a { - padding-top: 1rem; - display: block; - } - } -} - #login-initiated { .margin-auto { margin: auto; diff --git a/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.html b/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.html index 4d617ff7786..c952260a9a9 100644 --- a/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.html +++ b/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.html @@ -27,12 +27,7 @@ {{ "note" | i18n }} - + {{ "typeSshKey" | i18n }} diff --git a/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.ts b/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.ts index db3fff04bbb..bb452b89c7b 100644 --- a/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.ts +++ b/apps/browser/src/vault/popup/components/vault-v2/new-item-dropdown/new-item-dropdown-v2.component.ts @@ -5,8 +5,6 @@ import { Component, Input, OnInit } from "@angular/core"; import { Router, RouterLink } from "@angular/router"; import { JslibModule } from "@bitwarden/angular/jslib.module"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; -import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { Utils } from "@bitwarden/common/platform/misc/utils"; import { CollectionId, OrganizationId } from "@bitwarden/common/types/guid"; import { CipherType } from "@bitwarden/common/vault/enums"; @@ -40,13 +38,9 @@ export class NewItemDropdownV2Component implements OnInit { constructor( private router: Router, private dialogService: DialogService, - private configService: ConfigService, ) {} - sshKeysEnabled = false; - async ngOnInit() { - this.sshKeysEnabled = await this.configService.getFeatureFlag(FeatureFlag.SSHKeyVaultItem); this.tab = await BrowserApi.getTabFromCurrentWindow(); } diff --git a/apps/cli/src/auth/commands/login.command.ts b/apps/cli/src/auth/commands/login.command.ts index 985816fb0dd..8fae8302bc9 100644 --- a/apps/cli/src/auth/commands/login.command.ts +++ b/apps/cli/src/auth/commands/login.command.ts @@ -21,6 +21,7 @@ import { PolicyService } from "@bitwarden/common/admin-console/abstractions/poli import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service"; import { KeyConnectorService } from "@bitwarden/common/auth/abstractions/key-connector.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { TwoFactorService } from "@bitwarden/common/auth/abstractions/two-factor.service"; import { TwoFactorProviderType } from "@bitwarden/common/auth/enums/two-factor-provider-type"; import { AuthResult } from "@bitwarden/common/auth/models/domain/auth-result"; @@ -58,6 +59,7 @@ export class LoginCommand { protected loginStrategyService: LoginStrategyServiceAbstraction, protected authService: AuthService, protected apiService: ApiService, + protected masterPasswordApiService: MasterPasswordApiService, protected cryptoFunctionService: CryptoFunctionService, protected environmentService: EnvironmentService, protected passwordGenerationService: PasswordGenerationServiceAbstraction, @@ -321,7 +323,7 @@ export class LoginCommand { })({ type: "input", name: "token", - message: "New device login code:", + message: "New device verification required. Enter OTP sent to login email:", }); newDeviceToken = answer.token; } @@ -454,7 +456,7 @@ export class LoginCommand { request.newMasterPasswordHash = newPasswordHash; request.key = newUserKey[1].encryptedString; - await this.apiService.postPassword(request); + await this.masterPasswordApiService.postPassword(request); return await this.handleUpdatePasswordSuccessResponse(); } catch (e) { @@ -491,7 +493,7 @@ export class LoginCommand { request.newMasterPasswordHash = newPasswordHash; request.masterPasswordHint = hint; - await this.apiService.putUpdateTempPassword(request); + await this.masterPasswordApiService.putUpdateTempPassword(request); return await this.handleUpdatePasswordSuccessResponse(); } catch (e) { diff --git a/apps/cli/src/program.ts b/apps/cli/src/program.ts index a118985bf0d..c6b79c7dff2 100644 --- a/apps/cli/src/program.ts +++ b/apps/cli/src/program.ts @@ -155,6 +155,7 @@ export class Program extends BaseProgram { this.serviceContainer.loginStrategyService, this.serviceContainer.authService, this.serviceContainer.apiService, + this.serviceContainer.masterPasswordApiService, this.serviceContainer.cryptoFunctionService, this.serviceContainer.environmentService, this.serviceContainer.passwordGenerationService, diff --git a/apps/cli/src/service-container/service-container.ts b/apps/cli/src/service-container/service-container.ts index 555337736c7..72faca48a33 100644 --- a/apps/cli/src/service-container/service-container.ts +++ b/apps/cli/src/service-container/service-container.ts @@ -36,6 +36,7 @@ import { AccountService } from "@bitwarden/common/auth/abstractions/account.serv import { AvatarService as AvatarServiceAbstraction } from "@bitwarden/common/auth/abstractions/avatar.service"; import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractions/device-trust.service.abstraction"; import { DevicesApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices-api.service.abstraction"; +import { MasterPasswordApiService as MasterPasswordApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { AccountServiceImplementation, @@ -46,6 +47,7 @@ import { AvatarService } from "@bitwarden/common/auth/services/avatar.service"; import { DeviceTrustService } from "@bitwarden/common/auth/services/device-trust.service.implementation"; import { DevicesApiServiceImplementation } from "@bitwarden/common/auth/services/devices-api.service.implementation"; import { KeyConnectorService } from "@bitwarden/common/auth/services/key-connector.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/services/master-password/master-password-api.service.implementation"; import { MasterPasswordService } from "@bitwarden/common/auth/services/master-password/master-password.service"; import { TokenService } from "@bitwarden/common/auth/services/token.service"; import { TwoFactorService } from "@bitwarden/common/auth/services/two-factor.service"; @@ -280,6 +282,7 @@ export class ServiceContainer { sdkLoadService: SdkLoadService; cipherAuthorizationService: CipherAuthorizationService; ssoUrlService: SsoUrlService; + masterPasswordApiService: MasterPasswordApiServiceAbstraction; constructor() { let p = null; @@ -843,6 +846,8 @@ export class ServiceContainer { this.organizationService, this.accountService, ); + + this.masterPasswordApiService = new MasterPasswordApiService(this.apiService, this.logService); } async logout() { diff --git a/apps/desktop/desktop_native/Cargo.toml b/apps/desktop/desktop_native/Cargo.toml index 5478d397651..5d4c547b750 100644 --- a/apps/desktop/desktop_native/Cargo.toml +++ b/apps/desktop/desktop_native/Cargo.toml @@ -9,11 +9,55 @@ edition = "2021" publish = false [workspace.dependencies] +aes = "=0.8.4" anyhow = "=1.0.94" +arboard = { version = "=3.4.1", default-features = false } +argon2 = "=0.5.3" +base64 = "=0.22.1" +bindgen = "0.71.1" +bitwarden-russh = { git = "https://github.com/bitwarden/bitwarden-russh.git", rev = "3d48f140fd506412d186203238993163a8c4e536" } +byteorder = "=1.5.0" +bytes = "1.9.0" +cbc = "=0.1.2" +core-foundation = "=0.10.0" +dirs = "=6.0.0" +ed25519 = "=2.2.3" +embed_plist = "=1.2.2" +futures = "=0.3.31" +hex = "=0.4.3" +homedir = "=0.3.4" +interprocess = "=2.2.1" +keytar = "=0.1.6" +libc = "=0.2.169" log = "=0.4.25" +napi = "=2.16.15" +napi-build = "=2.1.4" +napi-derive = "=2.16.13" +oo7 = "=0.3.3" +oslog = "=0.2.0" +pin-project = "=1.1.8" +pkcs8 = "=0.10.2" +rand = "=0.8.5" +rsa = "=0.9.6" +russh-cryptovec = "=0.7.3" +scopeguard = "=1.2.0" +security-framework = "=3.1.0" +security-framework-sys = "=2.13.0" serde = "=1.0.209" serde_json = "=1.0.127" -tokio = "=1.43.0" -tokio-util = "=0.7.13" -tokio-stream = "=0.1.15" +sha2 = "=0.10.8" +simplelog = "=0.12.2" +ssh-encoding = "=0.2.0" +ssh-key = {version = "=0.6.7", default-features = false } +sysinfo = "0.33.1" thiserror = "=1.0.69" +tokio = "=1.43.0" +tokio-stream = "=0.1.15" +tokio-util = "=0.7.13" +typenum = "=1.17.0" +uniffi = "=0.28.3" +widestring = "=1.1.0" +windows = "=0.58.0" +windows-registry = "=0.4.0" +zbus = "=4.4.0" +zbus_polkit = "=4.0.0" diff --git a/apps/desktop/desktop_native/core/Cargo.toml b/apps/desktop/desktop_native/core/Cargo.toml index 8a0bcd0e0a7..346f3bde96b 100644 --- a/apps/desktop/desktop_native/core/Cargo.toml +++ b/apps/desktop/desktop_native/core/Cargo.toml @@ -18,47 +18,47 @@ default = [ manual_test = [] [dependencies] -aes = "=0.8.4" +aes = { workspace = true } anyhow = { workspace = true } -arboard = { version = "=3.4.1", default-features = false, features = [ +arboard = { workspace = true, features = [ "wayland-data-control", ] } -argon2 = { version = "=0.5.3", features = ["zeroize"] } -base64 = "=0.22.1" -byteorder = "=1.5.0" -cbc = { version = "=0.1.2", features = ["alloc"] } -homedir = "=0.3.4" -pin-project = "=1.1.8" -dirs = "=6.0.0" -futures = "=0.3.31" -interprocess = { version = "=2.2.1", features = ["tokio"] } +argon2 = { workspace = true, features = ["zeroize"] } +base64 = { workspace = true } +byteorder = { workspace = true } +cbc = { workspace = true, features = ["alloc"] } +homedir = { workspace = true } +pin-project = { workspace = true } +dirs = { workspace = true } +futures = { workspace = true } +interprocess = { workspace = true, features = ["tokio"] } log = { workspace = true } -rand = "=0.8.5" -russh-cryptovec = "=0.7.3" -scopeguard = "=1.2.0" -sha2 = "=0.10.8" -ssh-encoding = "=0.2.0" -ssh-key = { version = "=0.6.7", default-features = false, features = [ +rand = { workspace = true } +russh-cryptovec = { workspace = true } +scopeguard = { workspace = true } +sha2 = { workspace = true } +ssh-encoding = { workspace = true } +ssh-key = { workspace = true, features = [ "encryption", "ed25519", "rsa", "getrandom", ] } -bitwarden-russh = { git = "https://github.com/bitwarden/bitwarden-russh.git", rev = "3d48f140fd506412d186203238993163a8c4e536" } +bitwarden-russh = { workspace = true } tokio = { workspace = true, features = ["io-util", "sync", "macros", "net"] } tokio-stream = { workspace = true, features = ["net"] } tokio-util = { workspace = true, features = ["codec"] } thiserror = { workspace = true } -typenum = "=1.17.0" -pkcs8 = { version = "=0.10.2", features = ["alloc", "encryption", "pem"] } -rsa = "=0.9.6" -ed25519 = { version = "=2.2.3", features = ["pkcs8"] } -bytes = "1.9.0" -sysinfo = { version = "0.33.1", features = ["windows"] } +typenum = { workspace = true } +pkcs8 = { workspace = true, features = ["alloc", "encryption", "pem"] } +rsa = { workspace = true } +ed25519 = { workspace = true, features = ["pkcs8"] } +bytes = { workspace = true } +sysinfo = { workspace = true, features = ["windows"] } [target.'cfg(windows)'.dependencies] -widestring = { version = "=1.1.0", optional = true } -windows = { version = "=0.58.0", features = [ +widestring = { workspace = true, optional = true } +windows = { workspace = true, features = [ "Foundation", "Security_Credentials_UI", "Security_Cryptography", @@ -72,17 +72,17 @@ windows = { version = "=0.58.0", features = [ ], optional = true } [target.'cfg(windows)'.dev-dependencies] -keytar = "=0.1.6" +keytar = { workspace = true } [target.'cfg(target_os = "macos")'.dependencies] -core-foundation = { version = "=0.10.0", optional = true } -security-framework = { version = "=3.1.0", optional = true } -security-framework-sys = { version = "=2.13.0", optional = true } +core-foundation = { workspace = true, optional = true } +security-framework = { workspace = true, optional = true } +security-framework-sys = { workspace = true, optional = true } desktop_objc = { path = "../objc" } [target.'cfg(target_os = "linux")'.dependencies] -oo7 = "=0.3.3" -libc = "=0.2.169" +oo7 = { workspace = true } +libc = { workspace = true } -zbus = { version = "=4.4.0", optional = true } -zbus_polkit = { version = "=4.0.0", optional = true } +zbus = { workspace = true, optional = true } +zbus_polkit = { workspace = true, optional = true } diff --git a/apps/desktop/desktop_native/macos_provider/Cargo.toml b/apps/desktop/desktop_native/macos_provider/Cargo.toml index e160f7f35d6..cf7338f23cf 100644 --- a/apps/desktop/desktop_native/macos_provider/Cargo.toml +++ b/apps/desktop/desktop_native/macos_provider/Cargo.toml @@ -15,16 +15,16 @@ bench = false [dependencies] desktop_core = { path = "../core" } -futures = "=0.3.31" +futures = { workspace = true } log = { workspace = true } serde = { workspace = true, features = ["derive"] } serde_json = { workspace = true } tokio = { workspace = true, features = ["sync"] } tokio-util = { workspace = true } -uniffi = { version = "=0.28.3", features = ["cli"] } +uniffi = { workspace = true, features = ["cli"] } [target.'cfg(target_os = "macos")'.dependencies] -oslog = "=0.2.0" +oslog = { workspace = true } [build-dependencies] -uniffi = { version = "=0.28.3", features = ["build"] } +uniffi = { workspace = true, features = ["build"] } diff --git a/apps/desktop/desktop_native/napi/Cargo.toml b/apps/desktop/desktop_native/napi/Cargo.toml index a9513fa49a8..f5b6d6b7c04 100644 --- a/apps/desktop/desktop_native/napi/Cargo.toml +++ b/apps/desktop/desktop_native/napi/Cargo.toml @@ -14,12 +14,12 @@ default = [] manual_test = [] [dependencies] -base64 = "=0.22.1" -hex = "=0.4.3" +base64 = { workspace = true } +hex = { workspace = true } anyhow = { workspace = true } desktop_core = { path = "../core" } -napi = { version = "=2.16.15", features = ["async"] } -napi-derive = "=2.16.13" +napi = { workspace = true, features = ["async"] } +napi-derive = { workspace = true } serde = { workspace = true, features = ["derive"] } serde_json = { workspace = true } tokio = { workspace = true } @@ -27,7 +27,7 @@ tokio-util = { workspace = true } tokio-stream = { workspace = true } [target.'cfg(windows)'.dependencies] -windows-registry = "=0.4.0" +windows-registry = { workspace = true } [build-dependencies] -napi-build = "=2.1.4" +napi-build = { workspace = true } diff --git a/apps/desktop/desktop_native/proxy/Cargo.toml b/apps/desktop/desktop_native/proxy/Cargo.toml index 10ff1ed8eae..a9a1a5aca28 100644 --- a/apps/desktop/desktop_native/proxy/Cargo.toml +++ b/apps/desktop/desktop_native/proxy/Cargo.toml @@ -8,11 +8,11 @@ publish = { workspace = true } [dependencies] anyhow = { workspace = true } desktop_core = { path = "../core" } -futures = "=0.3.31" +futures = { workspace = true } log = { workspace = true } -simplelog = "=0.12.2" +simplelog = { workspace = true } tokio = { workspace = true, features = ["io-std", "io-util", "macros", "rt"] } tokio-util = { workspace = true, features = ["codec"] } [target.'cfg(target_os = "macos")'.dependencies] -embed_plist = "=1.2.2" +embed_plist = { workspace = true } diff --git a/apps/desktop/desktop_native/windows-plugin-authenticator/Cargo.toml b/apps/desktop/desktop_native/windows-plugin-authenticator/Cargo.toml index 3443fed4fd6..d58a6ecd748 100644 --- a/apps/desktop/desktop_native/windows-plugin-authenticator/Cargo.toml +++ b/apps/desktop/desktop_native/windows-plugin-authenticator/Cargo.toml @@ -6,4 +6,5 @@ version = { workspace = true } publish = { workspace = true } [target.'cfg(target_os = "windows")'.build-dependencies] -bindgen = "0.71.1" +bindgen = { workspace = true } + diff --git a/apps/desktop/src/app/accounts/settings.component.html b/apps/desktop/src/app/accounts/settings.component.html index e76526a6618..bcbd9969f96 100644 --- a/apps/desktop/src/app/accounts/settings.component.html +++ b/apps/desktop/src/app/accounts/settings.component.html @@ -423,7 +423,7 @@ "enableHardwareAccelerationDesc" | i18n }} -
+
- diff --git a/apps/desktop/src/auth/login/login-v1.component.ts b/apps/desktop/src/auth/login/login-v1.component.ts deleted file mode 100644 index ff8688353be..00000000000 --- a/apps/desktop/src/auth/login/login-v1.component.ts +++ /dev/null @@ -1,266 +0,0 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore -import { Component, NgZone, OnDestroy, OnInit, ViewChild, ViewContainerRef } from "@angular/core"; -import { FormBuilder } from "@angular/forms"; -import { ActivatedRoute, Router } from "@angular/router"; -import { Subject, firstValueFrom, takeUntil, tap } from "rxjs"; - -import { LoginComponentV1 as BaseLoginComponent } from "@bitwarden/angular/auth/components/login-v1.component"; -import { FormValidationErrorsService } from "@bitwarden/angular/platform/abstractions/form-validation-errors.service"; -import { ModalService } from "@bitwarden/angular/services/modal.service"; -import { - LoginStrategyServiceAbstraction, - LoginEmailServiceAbstraction, -} from "@bitwarden/auth/common"; -import { DevicesApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices-api.service.abstraction"; -import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; -import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service"; -import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service"; -import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; -import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { StateService } from "@bitwarden/common/platform/abstractions/state.service"; -import { Utils } from "@bitwarden/common/platform/misc/utils"; -import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; -import { ToastService } from "@bitwarden/components"; -import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; - -import { EnvironmentComponent } from "../environment.component"; - -const BroadcasterSubscriptionId = "LoginComponent"; - -@Component({ - selector: "app-login", - templateUrl: "login-v1.component.html", -}) -export class LoginComponentV1 extends BaseLoginComponent implements OnInit, OnDestroy { - @ViewChild("environment", { read: ViewContainerRef, static: true }) - environmentModal: ViewContainerRef; - - protected componentDestroyed$: Subject = new Subject(); - webVaultHostname = ""; - - showingModal = false; - - private deferFocus: boolean = null; - - get loggedEmail() { - return this.formGroup.value.email; - } - - constructor( - devicesApiService: DevicesApiServiceAbstraction, - appIdService: AppIdService, - loginStrategyService: LoginStrategyServiceAbstraction, - router: Router, - i18nService: I18nService, - syncService: SyncService, - private modalService: ModalService, - platformUtilsService: PlatformUtilsService, - stateService: StateService, - environmentService: EnvironmentService, - passwordGenerationService: PasswordGenerationServiceAbstraction, - cryptoFunctionService: CryptoFunctionService, - private broadcasterService: BroadcasterService, - ngZone: NgZone, - private messagingService: MessagingService, - logService: LogService, - formBuilder: FormBuilder, - formValidationErrorService: FormValidationErrorsService, - route: ActivatedRoute, - loginEmailService: LoginEmailServiceAbstraction, - ssoLoginService: SsoLoginServiceAbstraction, - toastService: ToastService, - private configService: ConfigService, - ) { - super( - devicesApiService, - appIdService, - loginStrategyService, - router, - platformUtilsService, - i18nService, - stateService, - environmentService, - passwordGenerationService, - cryptoFunctionService, - logService, - ngZone, - formBuilder, - formValidationErrorService, - route, - loginEmailService, - ssoLoginService, - toastService, - ); - this.onSuccessfulLogin = () => { - return syncService.fullSync(true); - }; - } - - async ngOnInit() { - this.listenForUnauthUiRefreshFlagChanges(); - - await super.ngOnInit(); - await this.getLoginWithDevice(this.loggedEmail); - this.broadcasterService.subscribe(BroadcasterSubscriptionId, async (message: any) => { - this.ngZone.run(() => { - switch (message.command) { - case "windowHidden": - this.onWindowHidden(); - break; - case "windowIsFocused": - if (this.deferFocus === null) { - this.deferFocus = !message.windowIsFocused; - if (!this.deferFocus) { - this.focusInput(); - } - } else if (this.deferFocus && message.windowIsFocused) { - this.focusInput(); - this.deferFocus = false; - } - break; - default: - } - }); - }); - this.messagingService.send("getWindowIsFocused"); - } - - ngOnDestroy() { - this.broadcasterService.unsubscribe(BroadcasterSubscriptionId); - this.componentDestroyed$.next(); - this.componentDestroyed$.complete(); - } - - private listenForUnauthUiRefreshFlagChanges() { - this.configService - .getFeatureFlag$(FeatureFlag.UnauthenticatedExtensionUIRefresh) - .pipe( - tap(async (flag) => { - if (flag) { - const qParams = await firstValueFrom(this.route.queryParams); - - const uniqueQueryParams = { - ...qParams, - // adding a unique timestamp to the query params to force a reload - t: new Date().getTime().toString(), - }; - - await this.router.navigate(["/"], { - queryParams: uniqueQueryParams, - }); - } - }), - takeUntil(this.componentDestroyed$), - ) - .subscribe(); - } - - async settings() { - const [modal, childComponent] = await this.modalService.openViewRef( - EnvironmentComponent, - this.environmentModal, - ); - - modal.onShown.pipe(takeUntil(this.componentDestroyed$)).subscribe(() => { - this.showingModal = true; - }); - - modal.onClosed.pipe(takeUntil(this.componentDestroyed$)).subscribe(() => { - this.showingModal = false; - }); - - // eslint-disable-next-line rxjs/no-async-subscribe - childComponent.onSaved.pipe(takeUntil(this.componentDestroyed$)).subscribe(async () => { - modal.close(); - await this.getLoginWithDevice(this.loggedEmail); - }); - } - - onWindowHidden() { - this.showPassword = false; - } - - async continue() { - await super.validateEmail(); - if (!this.formGroup.controls.email.valid) { - this.toastService.showToast({ - variant: "error", - title: this.i18nService.t("errorOccured"), - message: this.i18nService.t("invalidEmail"), - }); - return; - } - this.focusInput(); - } - - async submit() { - if (!this.validatedEmail) { - return; - } - - await super.submit(); - if (this.captchaSiteKey) { - const content = document.getElementById("content") as HTMLDivElement; - content.setAttribute("style", "width:335px"); - } - } - - private focusInput() { - const email = this.loggedEmail; - document.getElementById(email == null || email === "" ? "email" : "masterPassword")?.focus(); - } - - async launchSsoBrowser(clientId: string, ssoRedirectUri: string) { - if (!ipc.platform.isAppImage && !ipc.platform.isSnapStore && !ipc.platform.isDev) { - return super.launchSsoBrowser(clientId, ssoRedirectUri); - } - const email = this.formGroup.controls.email.value; - - // Save off email for SSO - await this.ssoLoginService.setSsoEmail(email); - - // Generate necessary sso params - const passwordOptions: any = { - type: "password", - length: 64, - uppercase: true, - lowercase: true, - numbers: true, - special: false, - }; - const state = await this.passwordGenerationService.generatePassword(passwordOptions); - const ssoCodeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions); - const codeVerifierHash = await this.cryptoFunctionService.hash(ssoCodeVerifier, "sha256"); - const codeChallenge = Utils.fromBufferToUrlB64(codeVerifierHash); - - // Save sso params - await this.ssoLoginService.setSsoState(state); - await this.ssoLoginService.setCodeVerifier(ssoCodeVerifier); - - try { - await ipc.platform.localhostCallbackService.openSsoPrompt(codeChallenge, state, email); - // FIXME: Remove when updating file. Eslint update - // eslint-disable-next-line @typescript-eslint/no-unused-vars - } catch (err) { - this.platformUtilsService.showToast( - "error", - this.i18nService.t("errorOccured"), - this.i18nService.t("ssoError"), - ); - } - } - - /** - * Force the validatedEmail flag to false, which will show the login page. - */ - invalidateEmail() { - this.validatedEmail = false; - } -} diff --git a/apps/desktop/src/auth/login/login-via-auth-request-v1.component.html b/apps/desktop/src/auth/login/login-via-auth-request-v1.component.html deleted file mode 100644 index 9825949f7ec..00000000000 --- a/apps/desktop/src/auth/login/login-via-auth-request-v1.component.html +++ /dev/null @@ -1,80 +0,0 @@ -
-
- Bitwarden - - -

{{ "logInRequestSent" | i18n }}

- -
-
-
-
-

- {{ "notificationSentDevicePart1" | i18n }} - {{ "notificationSentDeviceAnchor" | i18n }}. {{ "notificationSentDevicePart2" | i18n }} -

-
- -
-

{{ "fingerprintPhraseHeader" | i18n }}

- {{ fingerprintPhrase }} -
- -
- {{ - "resendNotification" | i18n - }} -
- -
-

- {{ "needAnotherOption" | i18n }} - - {{ "viewAllLoginOptions" | i18n }} - -

-
-
-
-
- - - -

{{ "adminApprovalRequested" | i18n }}

- -
-
-
-
-

{{ "adminApprovalRequestSentToAdmins" | i18n }}

-

{{ "youWillBeNotifiedOnceApproved" | i18n }}

-
- -
-

{{ "fingerprintPhraseHeader" | i18n }}

- {{ fingerprintPhrase }} -
- -
-

- {{ "troubleLoggingIn" | i18n }} - - {{ "viewAllLoginOptions" | i18n }} - -

-
-
-
-
- -
-
- diff --git a/apps/desktop/src/auth/login/login-via-auth-request-v1.component.ts b/apps/desktop/src/auth/login/login-via-auth-request-v1.component.ts deleted file mode 100644 index 30e693b9ac6..00000000000 --- a/apps/desktop/src/auth/login/login-via-auth-request-v1.component.ts +++ /dev/null @@ -1,117 +0,0 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore -import { Location } from "@angular/common"; -import { Component, ViewChild, ViewContainerRef } from "@angular/core"; -import { Router } from "@angular/router"; - -import { LoginViaAuthRequestComponentV1 as BaseLoginViaAuthRequestComponentV1 } from "@bitwarden/angular/auth/components/login-via-auth-request-v1.component"; -import { ModalService } from "@bitwarden/angular/services/modal.service"; -import { - AuthRequestServiceAbstraction, - LoginStrategyServiceAbstraction, - LoginEmailServiceAbstraction, -} from "@bitwarden/auth/common"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; -import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; -import { AnonymousHubService } from "@bitwarden/common/auth/abstractions/anonymous-hub.service"; -import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service"; -import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractions/device-trust.service.abstraction"; -import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service"; -import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service"; -import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; -import { ToastService } from "@bitwarden/components"; -import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; -import { KeyService } from "@bitwarden/key-management"; - -import { EnvironmentComponent } from "../environment.component"; - -@Component({ - selector: "app-login-via-auth-request", - templateUrl: "login-via-auth-request-v1.component.html", -}) -export class LoginViaAuthRequestComponentV1 extends BaseLoginViaAuthRequestComponentV1 { - @ViewChild("environment", { read: ViewContainerRef, static: true }) - environmentModal: ViewContainerRef; - showingModal = false; - - constructor( - protected router: Router, - keyService: KeyService, - cryptoFunctionService: CryptoFunctionService, - appIdService: AppIdService, - passwordGenerationService: PasswordGenerationServiceAbstraction, - apiService: ApiService, - authService: AuthService, - logService: LogService, - environmentService: EnvironmentService, - i18nService: I18nService, - platformUtilsService: PlatformUtilsService, - anonymousHubService: AnonymousHubService, - validationService: ValidationService, - private modalService: ModalService, - syncService: SyncService, - loginEmailService: LoginEmailServiceAbstraction, - deviceTrustService: DeviceTrustServiceAbstraction, - authRequestService: AuthRequestServiceAbstraction, - loginStrategyService: LoginStrategyServiceAbstraction, - accountService: AccountService, - private location: Location, - toastService: ToastService, - ) { - super( - router, - keyService, - cryptoFunctionService, - appIdService, - passwordGenerationService, - apiService, - authService, - logService, - environmentService, - i18nService, - platformUtilsService, - anonymousHubService, - validationService, - accountService, - loginEmailService, - deviceTrustService, - authRequestService, - loginStrategyService, - toastService, - ); - - this.onSuccessfulLogin = () => { - return syncService.fullSync(true); - }; - } - - async settings() { - const [modal, childComponent] = await this.modalService.openViewRef( - EnvironmentComponent, - this.environmentModal, - ); - - // eslint-disable-next-line rxjs-angular/prefer-takeuntil - modal.onShown.subscribe(() => { - this.showingModal = true; - }); - // eslint-disable-next-line rxjs-angular/prefer-takeuntil - modal.onClosed.subscribe(() => { - this.showingModal = false; - }); - - // eslint-disable-next-line rxjs-angular/prefer-takeuntil - childComponent.onSaved.subscribe(() => { - modal.close(); - }); - } - - back() { - this.location.back(); - } -} diff --git a/apps/desktop/src/auth/login/login.module.ts b/apps/desktop/src/auth/login/login.module.ts index 427cbcb2069..6fe9f9b07d3 100644 --- a/apps/desktop/src/auth/login/login.module.ts +++ b/apps/desktop/src/auth/login/login.module.ts @@ -6,17 +6,10 @@ import { EnvironmentSelectorComponent } from "@bitwarden/angular/auth/components import { SharedModule } from "../../app/shared/shared.module"; import { LoginDecryptionOptionsComponentV1 } from "./login-decryption-options/login-decryption-options-v1.component"; -import { LoginComponentV1 } from "./login-v1.component"; -import { LoginViaAuthRequestComponentV1 } from "./login-via-auth-request-v1.component"; @NgModule({ imports: [SharedModule, RouterModule], - declarations: [ - LoginComponentV1, - LoginViaAuthRequestComponentV1, - EnvironmentSelectorComponent, - LoginDecryptionOptionsComponentV1, - ], - exports: [LoginComponentV1, LoginViaAuthRequestComponentV1], + declarations: [EnvironmentSelectorComponent, LoginDecryptionOptionsComponentV1], + exports: [], }) export class LoginModule {} diff --git a/apps/desktop/src/auth/set-password.component.ts b/apps/desktop/src/auth/set-password.component.ts index ed4e8de5b3d..a41c87e1cdb 100644 --- a/apps/desktop/src/auth/set-password.component.ts +++ b/apps/desktop/src/auth/set-password.component.ts @@ -9,6 +9,7 @@ import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-conso import { PolicyApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/policy/policy-api.service.abstraction"; import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction"; import { EncryptService } from "@bitwarden/common/key-management/crypto/abstractions/encrypt.service"; @@ -40,6 +41,7 @@ export class SetPasswordComponent extends BaseSetPasswordComponent implements On policyApiService: PolicyApiServiceAbstraction, policyService: PolicyService, router: Router, + masterPasswordApiService: MasterPasswordApiService, syncService: SyncService, route: ActivatedRoute, private broadcasterService: BroadcasterService, @@ -63,6 +65,7 @@ export class SetPasswordComponent extends BaseSetPasswordComponent implements On policyApiService, policyService, router, + masterPasswordApiService, apiService, syncService, route, diff --git a/apps/desktop/src/autofill/services/ssh-agent.service.ts b/apps/desktop/src/autofill/services/ssh-agent.service.ts index 87c6de75a95..bf7167c0240 100644 --- a/apps/desktop/src/autofill/services/ssh-agent.service.ts +++ b/apps/desktop/src/autofill/services/ssh-agent.service.ts @@ -24,8 +24,6 @@ import { import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service"; import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; -import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; import { CommandDefinition, MessageListener } from "@bitwarden/common/platform/messaging"; @@ -58,23 +56,13 @@ export class SshAgentService implements OnDestroy { private toastService: ToastService, private i18nService: I18nService, private desktopSettingsService: DesktopSettingsService, - private configService: ConfigService, private accountService: AccountService, ) {} async init() { - this.configService - .getFeatureFlag$(FeatureFlag.SSHAgent) - .pipe( - concatMap(async (enabled) => { - this.isFeatureFlagEnabled = enabled; - if (!(await ipc.platform.sshAgent.isLoaded()) && enabled) { - await ipc.platform.sshAgent.init(); - } - }), - takeUntil(this.destroy$), - ) - .subscribe(); + if (!(await ipc.platform.sshAgent.isLoaded())) { + await ipc.platform.sshAgent.init(); + } await this.initListeners(); } diff --git a/apps/desktop/src/locales/en/messages.json b/apps/desktop/src/locales/en/messages.json index 7739ab84577..0bc76287adb 100644 --- a/apps/desktop/src/locales/en/messages.json +++ b/apps/desktop/src/locales/en/messages.json @@ -3060,9 +3060,6 @@ "adminApprovalRequestSentToAdmins": { "message": "Your request has been sent to your admin." }, - "youWillBeNotifiedOnceApproved": { - "message": "You will be notified once approved." - }, "troubleLoggingIn": { "message": "Trouble logging in?" }, diff --git a/apps/desktop/src/scss/pages.scss b/apps/desktop/src/scss/pages.scss index fda75e834f3..5f8f501d420 100644 --- a/apps/desktop/src/scss/pages.scss +++ b/apps/desktop/src/scss/pages.scss @@ -1,7 +1,6 @@ @import "variables.scss"; #login-page, -#login-with-device-page, #lock-page, #sso-page, #set-password-page, @@ -191,7 +190,6 @@ } #login-page, -#login-with-device-page, #login-decryption-options-page { flex-direction: column; justify-content: unset; @@ -222,41 +220,6 @@ } } -#login-with-device-page { - .content { - display: block; - padding-top: 70px; - width: 350px !important; - - .fingerprint { - margin: auto; - width: 315px; - - .fingerpint-header { - padding-left: 15px; - } - } - - .section { - margin-bottom: 30px; - } - - .another-method { - display: flex; - margin: auto; - .description-text { - padding-right: 5px; - } - } - - code { - @include themify($themes) { - color: themed("codeColor"); - } - } - } -} - #login-approval-page { .section-title { padding: 20px; diff --git a/apps/desktop/src/vault/app/vault/vault-filter/filters/type-filter.component.html b/apps/desktop/src/vault/app/vault/vault-filter/filters/type-filter.component.html index 55e10980ad1..c3dcd191dfc 100644 --- a/apps/desktop/src/vault/app/vault/vault-filter/filters/type-filter.component.html +++ b/apps/desktop/src/vault/app/vault/vault-filter/filters/type-filter.component.html @@ -82,7 +82,6 @@
  • -
    • - -
    -

    {{ "or" | i18n }}

    - - - {{ "logInWithPasskey" | i18n }} - -
    - -
    - -

    - {{ "newAroundHere" | i18n }} - - - {{ "createAccount" | i18n }} - -

    - - -
    -
    - - {{ "masterPass" | i18n }} - - - - {{ "getMasterPasswordHint" | i18n }} -
    - -
    - -
    - -
    - -
    - -
    - -
    - -
    - - - {{ "enterpriseSingleSignOn" | i18n }} - -
    - -
    - -
    -

    {{ "loggingInAs" | i18n }} {{ loggedEmail }}

    - {{ "notYou" | i18n }} -
    -
    - diff --git a/apps/web/src/app/auth/login/login-v1.component.ts b/apps/web/src/app/auth/login/login-v1.component.ts deleted file mode 100644 index 247aee4828c..00000000000 --- a/apps/web/src/app/auth/login/login-v1.component.ts +++ /dev/null @@ -1,224 +0,0 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore -import { Component, NgZone, OnInit } from "@angular/core"; -import { FormBuilder } from "@angular/forms"; -import { ActivatedRoute, Router } from "@angular/router"; -import { takeUntil } from "rxjs"; -import { first } from "rxjs/operators"; - -import { LoginComponentV1 as BaseLoginComponent } from "@bitwarden/angular/auth/components/login-v1.component"; -import { FormValidationErrorsService } from "@bitwarden/angular/platform/abstractions/form-validation-errors.service"; -import { - LoginStrategyServiceAbstraction, - LoginEmailServiceAbstraction, -} from "@bitwarden/auth/common"; -import { PolicyApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/policy/policy-api.service.abstraction"; -import { InternalPolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; -import { PolicyData } from "@bitwarden/common/admin-console/models/data/policy.data"; -import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options"; -import { Policy } from "@bitwarden/common/admin-console/models/domain/policy"; -import { DevicesApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices-api.service.abstraction"; -import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction"; -import { AuthResult } from "@bitwarden/common/auth/models/domain/auth-result"; -import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service"; -import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { StateService } from "@bitwarden/common/platform/abstractions/state.service"; -import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength"; -import { UserId } from "@bitwarden/common/types/guid"; -import { ToastService } from "@bitwarden/components"; -import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; - -import { RouterService } from "../../core"; -import { AcceptOrganizationInviteService } from "../organization-invite/accept-organization.service"; -import { OrganizationInvite } from "../organization-invite/organization-invite"; - -@Component({ - selector: "app-login", - templateUrl: "login-v1.component.html", -}) -export class LoginComponentV1 extends BaseLoginComponent implements OnInit { - showResetPasswordAutoEnrollWarning = false; - enforcedPasswordPolicyOptions: MasterPasswordPolicyOptions; - policies: Policy[]; - - constructor( - private acceptOrganizationInviteService: AcceptOrganizationInviteService, - devicesApiService: DevicesApiServiceAbstraction, - appIdService: AppIdService, - loginStrategyService: LoginStrategyServiceAbstraction, - router: Router, - i18nService: I18nService, - route: ActivatedRoute, - platformUtilsService: PlatformUtilsService, - environmentService: EnvironmentService, - passwordGenerationService: PasswordGenerationServiceAbstraction, - private passwordStrengthService: PasswordStrengthServiceAbstraction, - cryptoFunctionService: CryptoFunctionService, - private policyApiService: PolicyApiServiceAbstraction, - private policyService: InternalPolicyService, - logService: LogService, - ngZone: NgZone, - protected stateService: StateService, - private routerService: RouterService, - formBuilder: FormBuilder, - formValidationErrorService: FormValidationErrorsService, - loginEmailService: LoginEmailServiceAbstraction, - ssoLoginService: SsoLoginServiceAbstraction, - toastService: ToastService, - ) { - super( - devicesApiService, - appIdService, - loginStrategyService, - router, - platformUtilsService, - i18nService, - stateService, - environmentService, - passwordGenerationService, - cryptoFunctionService, - logService, - ngZone, - formBuilder, - formValidationErrorService, - route, - loginEmailService, - ssoLoginService, - toastService, - ); - this.onSuccessfulLoginNavigate = this.goAfterLogIn; - } - - submitForm = async (showToast = true) => { - return await this.submitFormHelper(showToast); - }; - - private async submitFormHelper(showToast: boolean) { - await super.submit(showToast); - } - - async ngOnInit() { - // eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe - this.route.queryParams.pipe(first()).subscribe(async (qParams) => { - // If there is a query parameter called 'org', set previousUrl to `/create-organization?org=paramValue` - if (qParams.org != null) { - const route = this.router.createUrlTree(["create-organization"], { - queryParams: { plan: qParams.org }, - }); - this.routerService.setPreviousUrl(route.toString()); - } - - /** - * If there is a query parameter called 'sponsorshipToken', that means they are coming - * from an email for sponsoring a families organization. If so, then set the prevousUrl - * to `/setup/families-for-enterprise?token=paramValue` - */ - if (qParams.sponsorshipToken != null) { - const route = this.router.createUrlTree(["setup/families-for-enterprise"], { - queryParams: { token: qParams.sponsorshipToken }, - }); - this.routerService.setPreviousUrl(route.toString()); - } - - await super.ngOnInit(); - }); - - // If there's an existing org invite, use it to get the password policies - const orgInvite = await this.acceptOrganizationInviteService.getOrganizationInvite(); - if (orgInvite != null) { - await this.initPasswordPolicies(orgInvite); - } - } - - async goAfterLogIn(userId: UserId) { - const masterPassword = this.formGroup.value.masterPassword; - - // Check master password against policy - if (this.enforcedPasswordPolicyOptions != null) { - const strengthResult = this.passwordStrengthService.getPasswordStrength( - masterPassword, - this.formGroup.value.email, - ); - const masterPasswordScore = strengthResult == null ? null : strengthResult.score; - - // If invalid, save policies and require update - if ( - !this.policyService.evaluateMasterPassword( - masterPasswordScore, - masterPassword, - this.enforcedPasswordPolicyOptions, - ) - ) { - const policiesData: { [id: string]: PolicyData } = {}; - this.policies.map((p) => (policiesData[p.id] = PolicyData.fromPolicy(p))); - await this.policyService.replace(policiesData, userId); - await this.router.navigate(["update-password"]); - return; - } - } - - this.loginEmailService.clearValues(); - await this.router.navigate([this.successRoute]); - } - - async goToHint() { - await this.saveEmailSettings(); - await this.router.navigateByUrl("/hint"); - } - - async goToRegister() { - if (this.emailFormControl.valid) { - await this.router.navigate(["/signup"], { - queryParams: { email: this.emailFormControl.value }, - }); - return; - } - - await this.router.navigate(["/signup"]); - } - - protected override async handleMigrateEncryptionKey(result: AuthResult): Promise { - if (!result.requiresEncryptionKeyMigration) { - return false; - } - await this.router.navigate(["migrate-legacy-encryption"]); - return true; - } - - private async initPasswordPolicies(invite: OrganizationInvite): Promise { - try { - this.policies = await this.policyApiService.getPoliciesByToken( - invite.organizationId, - invite.token, - invite.email, - invite.organizationUserId, - ); - } catch (e) { - this.logService.error(e); - } - - if (this.policies == null) { - return; - } - - const resetPasswordPolicy = this.policyService.getResetPasswordPolicyOptions( - this.policies, - invite.organizationId, - ); - - // Set to true if policy enabled and auto-enroll enabled - this.showResetPasswordAutoEnrollWarning = - resetPasswordPolicy[1] && resetPasswordPolicy[0].autoEnrollEnabled; - - this.policyService - .masterPasswordPolicyOptions$(this.policies) - .pipe(takeUntil(this.destroy$)) - .subscribe((enforcedPasswordPolicyOptions) => { - this.enforcedPasswordPolicyOptions = enforcedPasswordPolicyOptions; - }); - } -} diff --git a/apps/web/src/app/auth/login/login-via-auth-request-v1.component.html b/apps/web/src/app/auth/login/login-via-auth-request-v1.component.html deleted file mode 100644 index ed157eb9cf4..00000000000 --- a/apps/web/src/app/auth/login/login-via-auth-request-v1.component.html +++ /dev/null @@ -1,70 +0,0 @@ -
    -
    - - - -

    - {{ "loginOrCreateNewAccount" | i18n }} -

    - -
    -

    {{ "logInRequestSent" | i18n }}

    - -

    - {{ "notificationSentDeviceComplete" | i18n }} -

    - -
    -

    {{ "fingerprintPhraseHeader" | i18n }}

    -

    - {{ fingerprintPhrase }} -

    -
    - -
    - {{ - "resendNotification" | i18n - }} -
    - -
    - -
    - {{ "loginWithDeviceEnabledNote" | i18n }} - {{ "viewAllLoginOptions" | i18n }} -
    -
    -     - - -
    -

    {{ "adminApprovalRequested" | i18n }}

    - -
    -

    {{ "adminApprovalRequestSentToAdmins" | i18n }}

    -

    {{ "youWillBeNotifiedOnceApproved" | i18n }}

    -
    - -
    -

    {{ "fingerprintPhraseHeader" | i18n }}

    -

    - {{ fingerprintPhrase }} -

    -
    - -
    - -
    - {{ "troubleLoggingIn" | i18n }} - {{ "viewAllLoginOptions" | i18n }} -
    -
    -     -
    -
    diff --git a/apps/web/src/app/auth/login/login-via-auth-request-v1.component.ts b/apps/web/src/app/auth/login/login-via-auth-request-v1.component.ts deleted file mode 100644 index 8a8883e035b..00000000000 --- a/apps/web/src/app/auth/login/login-via-auth-request-v1.component.ts +++ /dev/null @@ -1,9 +0,0 @@ -import { Component } from "@angular/core"; - -import { LoginViaAuthRequestComponentV1 as BaseLoginViaAuthRequestComponentV1 } from "@bitwarden/angular/auth/components/login-via-auth-request-v1.component"; - -@Component({ - selector: "app-login-via-auth-request", - templateUrl: "login-via-auth-request-v1.component.html", -}) -export class LoginViaAuthRequestComponentV1 extends BaseLoginViaAuthRequestComponentV1 {} diff --git a/apps/web/src/app/auth/login/login.module.ts b/apps/web/src/app/auth/login/login.module.ts index a33a6b8a5a8..12f908324a3 100644 --- a/apps/web/src/app/auth/login/login.module.ts +++ b/apps/web/src/app/auth/login/login.module.ts @@ -5,23 +5,11 @@ import { CheckboxModule } from "@bitwarden/components"; import { SharedModule } from "../../../app/shared"; import { LoginDecryptionOptionsComponentV1 } from "./login-decryption-options/login-decryption-options-v1.component"; -import { LoginComponentV1 } from "./login-v1.component"; -import { LoginViaAuthRequestComponentV1 } from "./login-via-auth-request-v1.component"; import { LoginViaWebAuthnComponent } from "./login-via-webauthn/login-via-webauthn.component"; @NgModule({ imports: [SharedModule, CheckboxModule], - declarations: [ - LoginComponentV1, - LoginViaAuthRequestComponentV1, - LoginDecryptionOptionsComponentV1, - LoginViaWebAuthnComponent, - ], - exports: [ - LoginComponentV1, - LoginViaAuthRequestComponentV1, - LoginDecryptionOptionsComponentV1, - LoginViaWebAuthnComponent, - ], + declarations: [LoginDecryptionOptionsComponentV1, LoginViaWebAuthnComponent], + exports: [LoginDecryptionOptionsComponentV1, LoginViaWebAuthnComponent], }) export class LoginModule {} diff --git a/apps/web/src/app/auth/settings/change-password.component.ts b/apps/web/src/app/auth/settings/change-password.component.ts index eb98f7fde07..f4a71d81e77 100644 --- a/apps/web/src/app/auth/settings/change-password.component.ts +++ b/apps/web/src/app/auth/settings/change-password.component.ts @@ -5,10 +5,10 @@ import { Router } from "@angular/router"; import { firstValueFrom, map } from "rxjs"; import { ChangePasswordComponent as BaseChangePasswordComponent } from "@bitwarden/angular/auth/components/change-password.component"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { AuditService } from "@bitwarden/common/abstractions/audit.service"; import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction"; import { PasswordRequest } from "@bitwarden/common/auth/models/request/password.request"; @@ -50,7 +50,7 @@ export class ChangePasswordComponent private auditService: AuditService, private cipherService: CipherService, private syncService: SyncService, - private apiService: ApiService, + private masterPasswordApiService: MasterPasswordApiService, private router: Router, dialogService: DialogService, private userVerificationService: UserVerificationService, @@ -213,14 +213,14 @@ export class ChangePasswordComponent try { if (this.rotateUserKey) { - this.formPromise = this.apiService.postPassword(request).then(async () => { + this.formPromise = this.masterPasswordApiService.postPassword(request).then(async () => { // we need to save this for local masterkey verification during rotation await this.masterPasswordService.setMasterKeyHash(newLocalKeyHash, userId as UserId); await this.masterPasswordService.setMasterKey(newMasterKey, userId as UserId); return this.updateKey(); }); } else { - this.formPromise = this.apiService.postPassword(request); + this.formPromise = this.masterPasswordApiService.postPassword(request); } await this.formPromise; diff --git a/apps/web/src/app/core/core.module.ts b/apps/web/src/app/core/core.module.ts index 03b27733238..e73973bd290 100644 --- a/apps/web/src/app/core/core.module.ts +++ b/apps/web/src/app/core/core.module.ts @@ -51,6 +51,7 @@ import { import { AccountApiService as AccountApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/account-api.service"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction"; import { ClientType } from "@bitwarden/common/enums"; @@ -286,6 +287,7 @@ const safeProviders: SafeProvider[] = [ useClass: WebSetPasswordJitService, deps: [ ApiService, + MasterPasswordApiService, KeyServiceAbstraction, EncryptService, I18nServiceAbstraction, diff --git a/apps/web/src/app/vault/individual-vault/add-edit.component.ts b/apps/web/src/app/vault/individual-vault/add-edit.component.ts index 68fcee367f1..d8739465938 100644 --- a/apps/web/src/app/vault/individual-vault/add-edit.component.ts +++ b/apps/web/src/app/vault/individual-vault/add-edit.component.ts @@ -15,7 +15,6 @@ import { isCardExpired } from "@bitwarden/common/autofill/utils"; import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service"; import { ProductTierType } from "@bitwarden/common/billing/enums"; import { EventType } from "@bitwarden/common/enums"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; @@ -107,17 +106,6 @@ export class AddEditComponent extends BaseAddEditComponent implements OnInit, On await super.ngOnInit(); await this.load(); - // https://bitwarden.atlassian.net/browse/PM-10413 - // cannot generate ssh keys so block creation - if ( - this.type === CipherType.SshKey && - this.cipherId == null && - !(await this.configService.getFeatureFlag(FeatureFlag.SSHKeyVaultItem)) - ) { - this.type = CipherType.Login; - this.cipher.type = CipherType.Login; - } - this.viewOnly = !this.cipher.edit && this.editMode; // remove when all the title for all clients are updated to New Item if (this.cloneMode || !this.editMode) { diff --git a/apps/web/src/app/vault/individual-vault/vault-filter/components/vault-filter.component.ts b/apps/web/src/app/vault/individual-vault/vault-filter/components/vault-filter.component.ts index 923cb33b055..786c5de740e 100644 --- a/apps/web/src/app/vault/individual-vault/vault-filter/components/vault-filter.component.ts +++ b/apps/web/src/app/vault/individual-vault/vault-filter/components/vault-filter.component.ts @@ -7,7 +7,6 @@ import { firstValueFrom, merge, Subject, switchMap, takeUntil } from "rxjs"; import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { PolicyType } from "@bitwarden/common/admin-console/enums"; import { BillingApiServiceAbstraction } from "@bitwarden/common/billing/abstractions/billing-api.service.abstraction"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; @@ -247,16 +246,13 @@ export class VaultFilterComponent implements OnInit, OnDestroy { type: CipherType.SecureNote, icon: "bwi-sticky-note", }, - ]; - - if (await this.configService.getFeatureFlag(FeatureFlag.SSHKeyVaultItem)) { - allTypeFilters.push({ + { id: "sshKey", name: this.i18nService.t("typeSshKey"), type: CipherType.SshKey, icon: "bwi-key", - }); - } + }, + ]; const typeFilterSection: VaultFilterSection = { data$: this.vaultFilterService.buildTypeTree( diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json index 68900b2ed74..3e47e2b2279 100644 --- a/apps/web/src/locales/en/messages.json +++ b/apps/web/src/locales/en/messages.json @@ -8681,9 +8681,6 @@ "adminApprovalRequestSentToAdmins": { "message": "Your request has been sent to your admin." }, - "youWillBeNotifiedOnceApproved": { - "message": "You will be notified once approved." - }, "troubleLoggingIn": { "message": "Trouble logging in?" }, diff --git a/libs/angular/src/auth/components/environment-selector.component.ts b/libs/angular/src/auth/components/environment-selector.component.ts index c984b7f0cba..16a249dda97 100644 --- a/libs/angular/src/auth/components/environment-selector.component.ts +++ b/libs/angular/src/auth/components/environment-selector.component.ts @@ -1,5 +1,3 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore import { animate, state, style, transition, trigger } from "@angular/animations"; import { ConnectedPosition } from "@angular/cdk/overlay"; import { Component, EventEmitter, Output, Input, OnInit, OnDestroy } from "@angular/core"; @@ -7,8 +5,6 @@ import { ActivatedRoute } from "@angular/router"; import { Observable, map, Subject, takeUntil } from "rxjs"; import { SelfHostedEnvConfigDialogComponent } from "@bitwarden/auth/angular"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; -import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { EnvironmentService, Region, @@ -88,7 +84,6 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy { protected environmentService: EnvironmentService, private route: ActivatedRoute, private dialogService: DialogService, - private configService: ConfigService, private toastService: ToastService, private i18nService: I18nService, ) {} @@ -113,24 +108,18 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy { } /** - * Opens the self-hosted settings dialog. - * - * If the `UnauthenticatedExtensionUIRefresh` feature flag is enabled, - * the self-hosted settings dialog is opened directly. Otherwise, the - * `onOpenSelfHostedSettings` event is emitted. + * Opens the self-hosted settings dialog when the self-hosted option is selected. */ - if (option === Region.SelfHosted) { - if (await this.configService.getFeatureFlag(FeatureFlag.UnauthenticatedExtensionUIRefresh)) { - if (await SelfHostedEnvConfigDialogComponent.open(this.dialogService)) { - this.toastService.showToast({ - variant: "success", - title: null, - message: this.i18nService.t("environmentSaved"), - }); - } - } else { - this.onOpenSelfHostedSettings.emit(); - } + if ( + option === Region.SelfHosted && + (await SelfHostedEnvConfigDialogComponent.open(this.dialogService)) + ) { + this.toastService.showToast({ + variant: "success", + title: "", + message: this.i18nService.t("environmentSaved"), + }); + return; } diff --git a/libs/angular/src/auth/components/login-v1.component.ts b/libs/angular/src/auth/components/login-v1.component.ts deleted file mode 100644 index 26903716edf..00000000000 --- a/libs/angular/src/auth/components/login-v1.component.ts +++ /dev/null @@ -1,401 +0,0 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore -import { Directive, ElementRef, NgZone, OnDestroy, OnInit, ViewChild } from "@angular/core"; -import { FormBuilder, Validators } from "@angular/forms"; -import { ActivatedRoute, NavigationSkipped, Router } from "@angular/router"; -import { Subject, firstValueFrom, of } from "rxjs"; -import { switchMap, take, takeUntil } from "rxjs/operators"; - -import { - LoginStrategyServiceAbstraction, - LoginEmailServiceAbstraction, - PasswordLoginCredentials, -} from "@bitwarden/auth/common"; -import { DevicesApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices-api.service.abstraction"; -import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction"; -import { AuthResult } from "@bitwarden/common/auth/models/domain/auth-result"; -import { ForceSetPasswordReason } from "@bitwarden/common/auth/models/domain/force-set-password-reason"; -import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service"; -import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { StateService } from "@bitwarden/common/platform/abstractions/state.service"; -import { Utils } from "@bitwarden/common/platform/misc/utils"; -import { UserId } from "@bitwarden/common/types/guid"; -import { ToastService } from "@bitwarden/components"; -import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; - -import { - AllValidationErrors, - FormValidationErrorsService, -} from "../../platform/abstractions/form-validation-errors.service"; - -import { CaptchaProtectedComponent } from "./captcha-protected.component"; - -@Directive() -export class LoginComponentV1 extends CaptchaProtectedComponent implements OnInit, OnDestroy { - @ViewChild("masterPasswordInput", { static: true }) masterPasswordInput: ElementRef; - - showPassword = false; - formPromise: Promise; - - onSuccessfulLogin: () => Promise; - onSuccessfulLoginNavigate: (userId: UserId) => Promise; - onSuccessfulLoginTwoFactorNavigate: () => Promise; - onSuccessfulLoginForceResetNavigate: () => Promise; - - showLoginWithDevice: boolean; - validatedEmail = false; - paramEmailSet = false; - - get emailFormControl() { - return this.formGroup.controls.email; - } - - formGroup = this.formBuilder.nonNullable.group({ - email: ["", [Validators.required, Validators.email]], - masterPassword: [ - "", - [Validators.required, Validators.minLength(Utils.originalMinimumPasswordLength)], - ], - rememberEmail: [false], - }); - - protected twoFactorRoute = "2fa"; - protected successRoute = "vault"; - protected forcePasswordResetRoute = "update-temp-password"; - - protected destroy$ = new Subject(); - - get loggedEmail() { - return this.formGroup.controls.email.value; - } - - constructor( - protected devicesApiService: DevicesApiServiceAbstraction, - protected appIdService: AppIdService, - protected loginStrategyService: LoginStrategyServiceAbstraction, - protected router: Router, - platformUtilsService: PlatformUtilsService, - i18nService: I18nService, - protected stateService: StateService, - environmentService: EnvironmentService, - protected passwordGenerationService: PasswordGenerationServiceAbstraction, - protected cryptoFunctionService: CryptoFunctionService, - protected logService: LogService, - protected ngZone: NgZone, - protected formBuilder: FormBuilder, - protected formValidationErrorService: FormValidationErrorsService, - protected route: ActivatedRoute, - protected loginEmailService: LoginEmailServiceAbstraction, - protected ssoLoginService: SsoLoginServiceAbstraction, - protected toastService: ToastService, - ) { - super(environmentService, i18nService, platformUtilsService, toastService); - } - - async ngOnInit() { - this.route?.queryParams - .pipe( - switchMap((params) => { - if (!params) { - // If no params,loadEmailSettings from state - return this.loadEmailSettings(); - } - - const queryParamsEmail = params.email; - - if (queryParamsEmail != null && queryParamsEmail.indexOf("@") > -1) { - this.formGroup.controls.email.setValue(queryParamsEmail); - this.paramEmailSet = true; - } - - // If paramEmailSet is false, loadEmailSettings from state - return this.paramEmailSet ? of(null) : this.loadEmailSettings(); - }), - takeUntil(this.destroy$), - ) - .subscribe(); - - // If the user navigates to /login from /login, reset the validatedEmail flag - // This should bring the user back to the login screen with the email field - this.router.events.pipe(takeUntil(this.destroy$)).subscribe((event) => { - if (event instanceof NavigationSkipped && event.url === "/login") { - this.validatedEmail = false; - } - }); - - // Backup check to handle unknown case where activatedRoute is not available - // This shouldn't happen under normal circumstances - if (!this.route) { - await this.loadEmailSettings(); - } - } - - ngOnDestroy() { - this.destroy$.next(); - this.destroy$.complete(); - } - - async submit(showToast = true) { - await this.setupCaptcha(); - - this.formGroup.markAllAsTouched(); - - //web - if (this.formGroup.invalid && !showToast) { - return; - } - - //desktop, browser; This should be removed once all clients use reactive forms - if (this.formGroup.invalid && showToast) { - const errorText = this.getErrorToastMessage(); - this.toastService.showToast({ - variant: "error", - title: this.i18nService.t("errorOccurred"), - message: errorText, - }); - return; - } - - try { - const credentials = new PasswordLoginCredentials( - this.formGroup.controls.email.value, - this.formGroup.controls.masterPassword.value, - this.captchaToken, - undefined, - ); - - this.formPromise = this.loginStrategyService.logIn(credentials); - const response = await this.formPromise; - - await this.saveEmailSettings(); - - if (this.handleCaptchaRequired(response)) { - return; - } else if (await this.handleMigrateEncryptionKey(response)) { - return; - } else if (response.requiresTwoFactor) { - if (this.onSuccessfulLoginTwoFactorNavigate != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLoginTwoFactorNavigate(); - } else { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate([this.twoFactorRoute]); - } - } else if (response.forcePasswordReset != ForceSetPasswordReason.None) { - if (this.onSuccessfulLoginForceResetNavigate != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLoginForceResetNavigate(); - } else { - this.loginEmailService.clearValues(); - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate([this.forcePasswordResetRoute]); - } - } else { - if (this.onSuccessfulLogin != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLogin(); - } - - if (this.onSuccessfulLoginNavigate != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLoginNavigate(response.userId); - } else { - this.loginEmailService.clearValues(); - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate([this.successRoute]); - } - } - } catch (e) { - this.logService.error(e); - } - } - - togglePassword() { - this.showPassword = !this.showPassword; - if (this.ngZone.isStable) { - document.getElementById("masterPassword").focus(); - } else { - this.ngZone.onStable - .pipe(take(1)) - .subscribe(() => document.getElementById("masterPassword").focus()); - } - } - - async startAuthRequestLogin() { - this.formGroup.get("masterPassword")?.clearValidators(); - this.formGroup.get("masterPassword")?.updateValueAndValidity(); - - if (!this.formGroup.valid) { - return; - } - - await this.saveEmailSettings(); - await this.router.navigate(["/login-with-device"]); - } - - async launchSsoBrowser(clientId: string, ssoRedirectUri: string) { - // Save off email for SSO - await this.ssoLoginService.setSsoEmail(this.formGroup.value.email); - - // Generate necessary sso params - const passwordOptions: any = { - type: "password", - length: 64, - uppercase: true, - lowercase: true, - numbers: true, - special: false, - }; - const state = await this.passwordGenerationService.generatePassword(passwordOptions); - const ssoCodeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions); - const codeVerifierHash = await this.cryptoFunctionService.hash(ssoCodeVerifier, "sha256"); - const codeChallenge = Utils.fromBufferToUrlB64(codeVerifierHash); - - // Save sso params - await this.ssoLoginService.setSsoState(state); - await this.ssoLoginService.setCodeVerifier(ssoCodeVerifier); - - // Build URI - const env = await firstValueFrom(this.environmentService.environment$); - const webUrl = env.getWebVaultUrl(); - - // Launch browser - this.platformUtilsService.launchUri( - webUrl + - "/#/sso?clientId=" + - clientId + - "&redirectUri=" + - encodeURIComponent(ssoRedirectUri) + - "&state=" + - state + - "&codeChallenge=" + - codeChallenge + - "&email=" + - encodeURIComponent(this.formGroup.controls.email.value), - ); - } - - async validateEmail() { - this.formGroup.controls.email.markAsTouched(); - const emailValid = this.formGroup.get("email").valid; - - if (emailValid) { - this.toggleValidateEmail(true); - await this.getLoginWithDevice(this.loggedEmail); - } - } - - toggleValidateEmail(value: boolean) { - this.validatedEmail = value; - if (!this.validatedEmail) { - // Reset master password only when going from validated to not validated - // so that autofill can work properly - this.formGroup.controls.masterPassword.reset(); - } else { - // Mark MP as untouched so that, when users enter email and hit enter, - // the MP field doesn't load with validation errors - this.formGroup.controls.masterPassword.markAsUntouched(); - - // When email is validated, focus on master password after - // waiting for input to be rendered - if (this.ngZone.isStable) { - this.masterPasswordInput?.nativeElement?.focus(); - } else { - this.ngZone.onStable.pipe(take(1)).subscribe(() => { - this.masterPasswordInput?.nativeElement?.focus(); - }); - } - } - } - - private async loadEmailSettings() { - // Try to load from memory first - const email = await firstValueFrom(this.loginEmailService.loginEmail$); - const rememberEmail = this.loginEmailService.getRememberEmail(); - - if (email) { - this.formGroup.controls.email.setValue(email); - this.formGroup.controls.rememberEmail.setValue(rememberEmail); - } else { - // If not in memory, check email on disk - const storedEmail = await firstValueFrom(this.loginEmailService.storedEmail$); - if (storedEmail) { - // If we have a stored email, rememberEmail should default to true - this.formGroup.controls.email.setValue(storedEmail); - this.formGroup.controls.rememberEmail.setValue(true); - } - } - } - - protected async saveEmailSettings() { - // Save off email for SSO - await this.ssoLoginService.setSsoEmail(this.formGroup.value.email); - - this.loginEmailService.setLoginEmail(this.formGroup.value.email); - this.loginEmailService.setRememberEmail(this.formGroup.value.rememberEmail); - await this.loginEmailService.saveEmailSettings(); - } - - // Legacy accounts used the master key to encrypt data. Migration is required but only performed on web - protected async handleMigrateEncryptionKey(result: AuthResult): Promise { - if (!result.requiresEncryptionKeyMigration) { - return false; - } - - this.toastService.showToast({ - variant: "error", - title: this.i18nService.t("errorOccured"), - message: this.i18nService.t("encryptionKeyMigrationRequired"), - }); - return true; - } - - private getErrorToastMessage() { - const error: AllValidationErrors = this.formValidationErrorService - .getFormValidationErrors(this.formGroup.controls) - .shift(); - - if (error) { - switch (error.errorName) { - case "email": - return this.i18nService.t("invalidEmail"); - case "minlength": - return this.i18nService.t("masterPasswordMinlength", Utils.originalMinimumPasswordLength); - default: - return this.i18nService.t(this.errorTag(error)); - } - } - - return; - } - - private errorTag(error: AllValidationErrors): string { - const name = error.errorName.charAt(0).toUpperCase() + error.errorName.slice(1); - return `${error.controlName}${name}`; - } - - async getLoginWithDevice(email: string) { - try { - const deviceIdentifier = await this.appIdService.getAppId(); - this.showLoginWithDevice = await this.devicesApiService.getKnownDevice( - email, - deviceIdentifier, - ); - // FIXME: Remove when updating file. Eslint update - // eslint-disable-next-line @typescript-eslint/no-unused-vars - } catch (e) { - this.showLoginWithDevice = false; - } - } -} diff --git a/libs/angular/src/auth/components/login-via-auth-request-v1.component.ts b/libs/angular/src/auth/components/login-via-auth-request-v1.component.ts deleted file mode 100644 index 7f5a5c3f299..00000000000 --- a/libs/angular/src/auth/components/login-via-auth-request-v1.component.ts +++ /dev/null @@ -1,538 +0,0 @@ -// FIXME: Update this file to be type safe and remove this and next line -// @ts-strict-ignore -import { Directive, OnDestroy, OnInit } from "@angular/core"; -import { IsActiveMatchOptions, Router } from "@angular/router"; -import { Subject, firstValueFrom, map, takeUntil } from "rxjs"; - -import { - AuthRequestLoginCredentials, - AuthRequestServiceAbstraction, - LoginStrategyServiceAbstraction, - LoginEmailServiceAbstraction, -} from "@bitwarden/auth/common"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; -import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; -import { AnonymousHubService } from "@bitwarden/common/auth/abstractions/anonymous-hub.service"; -import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service"; -import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractions/device-trust.service.abstraction"; -import { AuthRequestType } from "@bitwarden/common/auth/enums/auth-request-type"; -import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status"; -import { AdminAuthRequestStorable } from "@bitwarden/common/auth/models/domain/admin-auth-req-storable"; -import { AuthResult } from "@bitwarden/common/auth/models/domain/auth-result"; -import { ForceSetPasswordReason } from "@bitwarden/common/auth/models/domain/force-set-password-reason"; -import { AuthRequest } from "@bitwarden/common/auth/models/request/auth.request"; -import { AuthRequestResponse } from "@bitwarden/common/auth/models/response/auth-request.response"; -import { HttpStatusCode } from "@bitwarden/common/enums/http-status-code.enum"; -import { ErrorResponse } from "@bitwarden/common/models/response/error.response"; -import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service"; -import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service"; -import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service"; -import { Utils } from "@bitwarden/common/platform/misc/utils"; -import { UserId } from "@bitwarden/common/types/guid"; -import { ToastService } from "@bitwarden/components"; -import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy"; -import { KeyService } from "@bitwarden/key-management"; - -import { CaptchaProtectedComponent } from "./captcha-protected.component"; - -enum State { - StandardAuthRequest, - AdminAuthRequest, -} - -@Directive() -export class LoginViaAuthRequestComponentV1 - extends CaptchaProtectedComponent - implements OnInit, OnDestroy -{ - private destroy$ = new Subject(); - userAuthNStatus: AuthenticationStatus; - email: string; - showResendNotification = false; - authRequest: AuthRequest; - fingerprintPhrase: string; - onSuccessfulLoginTwoFactorNavigate: () => Promise; - onSuccessfulLogin: () => Promise; - onSuccessfulLoginNavigate: () => Promise; - onSuccessfulLoginForceResetNavigate: () => Promise; - - protected adminApprovalRoute = "admin-approval-requested"; - - protected StateEnum = State; - protected state = State.StandardAuthRequest; - protected webVaultUrl: string; - protected twoFactorRoute = "2fa"; - protected successRoute = "vault"; - protected forcePasswordResetRoute = "update-temp-password"; - private resendTimeout = 12000; - protected deviceManagementUrl: string; - - private authRequestKeyPair: { publicKey: Uint8Array; privateKey: Uint8Array }; - - constructor( - protected router: Router, - private keyService: KeyService, - private cryptoFunctionService: CryptoFunctionService, - private appIdService: AppIdService, - private passwordGenerationService: PasswordGenerationServiceAbstraction, - private apiService: ApiService, - private authService: AuthService, - private logService: LogService, - environmentService: EnvironmentService, - i18nService: I18nService, - platformUtilsService: PlatformUtilsService, - private anonymousHubService: AnonymousHubService, - private validationService: ValidationService, - private accountService: AccountService, - private loginEmailService: LoginEmailServiceAbstraction, - private deviceTrustService: DeviceTrustServiceAbstraction, - private authRequestService: AuthRequestServiceAbstraction, - private loginStrategyService: LoginStrategyServiceAbstraction, - protected toastService: ToastService, - ) { - super(environmentService, i18nService, platformUtilsService, toastService); - - // Get the web vault URL from the environment service - environmentService.environment$.pipe(takeUntil(this.destroy$)).subscribe((env) => { - this.webVaultUrl = env.getWebVaultUrl(); - this.deviceManagementUrl = `${this.webVaultUrl}/#/settings/security/device-management`; - }); - - // Gets signalR push notification - // Only fires on approval to prevent enumeration - this.authRequestService.authRequestPushNotification$ - .pipe(takeUntil(this.destroy$)) - .subscribe((id) => { - this.verifyAndHandleApprovedAuthReq(id).catch((e: Error) => { - this.toastService.showToast({ - variant: "error", - title: this.i18nService.t("error"), - message: e.message, - }); - this.logService.error("Failed to use approved auth request: " + e.message); - }); - }); - } - - async ngOnInit() { - this.email = await firstValueFrom(this.loginEmailService.loginEmail$); - this.userAuthNStatus = await this.authService.getAuthStatus(); - - const matchOptions: IsActiveMatchOptions = { - paths: "exact", - queryParams: "ignored", - fragment: "ignored", - matrixParams: "ignored", - }; - - if (this.router.isActive(this.adminApprovalRoute, matchOptions)) { - this.state = State.AdminAuthRequest; - } - - if (this.state === State.AdminAuthRequest) { - // Pull email from state for admin auth reqs b/c it is available - // This also prevents it from being lost on refresh as the - // login service email does not persist. - this.email = await firstValueFrom( - this.accountService.activeAccount$.pipe(map((a) => a?.email)), - ); - const userId = (await firstValueFrom(this.accountService.activeAccount$)).id; - - if (!this.email) { - this.toastService.showToast({ - variant: "error", - title: null, - message: this.i18nService.t("userEmailMissing"), - }); - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate(["/login-initiated"]); - return; - } - - // We only allow a single admin approval request to be active at a time - // so must check state to see if we have an existing one or not - const adminAuthReqStorable = await this.authRequestService.getAdminAuthRequest(userId); - - if (adminAuthReqStorable) { - await this.handleExistingAdminAuthRequest(adminAuthReqStorable, userId); - } else { - // No existing admin auth request; so we need to create one - await this.startAuthRequestLogin(); - } - } else { - // Standard auth request - // TODO: evaluate if we can remove the setting of this.email in the constructor - this.email = await firstValueFrom(this.loginEmailService.loginEmail$); - - if (!this.email) { - this.toastService.showToast({ - variant: "error", - title: null, - message: this.i18nService.t("userEmailMissing"), - }); - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate(["/login"]); - return; - } - - await this.startAuthRequestLogin(); - } - } - - async ngOnDestroy() { - await this.anonymousHubService.stopHubConnection(); - this.destroy$.next(); - this.destroy$.complete(); - } - - private async handleExistingAdminAuthRequest( - adminAuthReqStorable: AdminAuthRequestStorable, - userId: UserId, - ) { - // Note: on login, the SSOLoginStrategy will also call to see an existing admin auth req - // has been approved and handle it if so. - - // Regardless, we always retrieve the auth request from the server verify and handle status changes here as well - let adminAuthReqResponse: AuthRequestResponse; - try { - adminAuthReqResponse = await this.apiService.getAuthRequest(adminAuthReqStorable.id); - } catch (error) { - if (error instanceof ErrorResponse && error.statusCode === HttpStatusCode.NotFound) { - return await this.handleExistingAdminAuthReqDeletedOrDenied(userId); - } - } - - // Request doesn't exist anymore - if (!adminAuthReqResponse) { - return await this.handleExistingAdminAuthReqDeletedOrDenied(userId); - } - - // Re-derive the user's fingerprint phrase - // It is important to not use the server's public key here as it could have been compromised via MITM - const derivedPublicKeyArrayBuffer = await this.cryptoFunctionService.rsaExtractPublicKey( - adminAuthReqStorable.privateKey, - ); - this.fingerprintPhrase = await this.authRequestService.getFingerprintPhrase( - this.email, - derivedPublicKeyArrayBuffer, - ); - - // Request denied - if (adminAuthReqResponse.isAnswered && !adminAuthReqResponse.requestApproved) { - return await this.handleExistingAdminAuthReqDeletedOrDenied(userId); - } - - // Request approved - if (adminAuthReqResponse.requestApproved) { - return await this.handleApprovedAdminAuthRequest( - adminAuthReqResponse, - adminAuthReqStorable.privateKey, - userId, - ); - } - - // Request still pending response from admin - // set keypair and create hub connection so that any approvals will be received via push notification - this.authRequestKeyPair = { privateKey: adminAuthReqStorable.privateKey, publicKey: null }; - await this.anonymousHubService.createHubConnection(adminAuthReqStorable.id); - } - - private async handleExistingAdminAuthReqDeletedOrDenied(userId: UserId) { - // clear the admin auth request from state - await this.authRequestService.clearAdminAuthRequest(userId); - - // start new auth request - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.startAuthRequestLogin(); - } - - private async buildAuthRequest(authRequestType: AuthRequestType) { - const authRequestKeyPairArray = await this.cryptoFunctionService.rsaGenerateKeyPair(2048); - - this.authRequestKeyPair = { - publicKey: authRequestKeyPairArray[0], - privateKey: authRequestKeyPairArray[1], - }; - - const deviceIdentifier = await this.appIdService.getAppId(); - const publicKey = Utils.fromBufferToB64(this.authRequestKeyPair.publicKey); - const accessCode = await this.passwordGenerationService.generatePassword({ - type: "password", - length: 25, - }); - - this.fingerprintPhrase = await this.authRequestService.getFingerprintPhrase( - this.email, - this.authRequestKeyPair.publicKey, - ); - - this.authRequest = new AuthRequest( - this.email, - deviceIdentifier, - publicKey, - authRequestType, - accessCode, - ); - } - - async startAuthRequestLogin() { - this.showResendNotification = false; - - try { - let reqResponse: AuthRequestResponse; - - if (this.state === State.AdminAuthRequest) { - await this.buildAuthRequest(AuthRequestType.AdminApproval); - reqResponse = await this.apiService.postAdminAuthRequest(this.authRequest); - - const adminAuthReqStorable = new AdminAuthRequestStorable({ - id: reqResponse.id, - privateKey: this.authRequestKeyPair.privateKey, - }); - - const userId = (await firstValueFrom(this.accountService.activeAccount$)).id; - await this.authRequestService.setAdminAuthRequest(adminAuthReqStorable, userId); - } else { - await this.buildAuthRequest(AuthRequestType.AuthenticateAndUnlock); - reqResponse = await this.apiService.postAuthRequest(this.authRequest); - } - - if (reqResponse.id) { - await this.anonymousHubService.createHubConnection(reqResponse.id); - } - } catch (e) { - this.logService.error(e); - } - - setTimeout(() => { - this.showResendNotification = true; - }, this.resendTimeout); - } - - private async verifyAndHandleApprovedAuthReq(requestId: string) { - try { - // Retrieve the auth request from server and verify it's approved - let authReqResponse: AuthRequestResponse; - - switch (this.state) { - case State.StandardAuthRequest: - // Unauthed - access code required for user verification - authReqResponse = await this.apiService.getAuthResponse( - requestId, - this.authRequest.accessCode, - ); - break; - - case State.AdminAuthRequest: - // Authed - no access code required - authReqResponse = await this.apiService.getAuthRequest(requestId); - break; - - default: - break; - } - - if (!authReqResponse.requestApproved) { - return; - } - - // Approved so proceed: - - // 4 Scenarios to handle for approved auth requests: - // Existing flow 1: - // - Anon Login with Device > User is not AuthN > receives approval from device with pubKey(masterKey) - // > decrypt masterKey > must authenticate > gets masterKey(userKey) > decrypt userKey and proceed to vault - - // 3 new flows from TDE: - // Flow 2: - // - Post SSO > User is AuthN > SSO login strategy success sets masterKey(userKey) > receives approval from device with pubKey(masterKey) - // > decrypt masterKey > decrypt userKey > establish trust if required > proceed to vault - // Flow 3: - // - Post SSO > User is AuthN > Receives approval from device with pubKey(userKey) > decrypt userKey > establish trust if required > proceed to vault - // Flow 4: - // - Anon Login with Device > User is not AuthN > receives approval from device with pubKey(userKey) - // > decrypt userKey > must authenticate > set userKey > proceed to vault - - // if user has authenticated via SSO - if (this.userAuthNStatus === AuthenticationStatus.Locked) { - const userId = (await firstValueFrom(this.accountService.activeAccount$)).id; - return await this.handleApprovedAdminAuthRequest( - authReqResponse, - this.authRequestKeyPair.privateKey, - userId, - ); - } - - // Flow 1 and 4: - const loginAuthResult = await this.loginViaAuthRequestStrategy(requestId, authReqResponse); - await this.handlePostLoginNavigation(loginAuthResult); - } catch (error) { - if (error instanceof ErrorResponse) { - let errorRoute = "/login"; - if (this.state === State.AdminAuthRequest) { - errorRoute = "/login-initiated"; - } - - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate([errorRoute]); - this.validationService.showError(error); - return; - } - - this.logService.error(error); - } - } - - async handleApprovedAdminAuthRequest( - adminAuthReqResponse: AuthRequestResponse, - privateKey: ArrayBuffer, - userId: UserId, - ) { - // See verifyAndHandleApprovedAuthReq(...) for flow details - // it's flow 2 or 3 based on presence of masterPasswordHash - if (adminAuthReqResponse.masterPasswordHash) { - // Flow 2: masterPasswordHash is not null - // key is authRequestPublicKey(masterKey) + we have authRequestPublicKey(masterPasswordHash) - await this.authRequestService.setKeysAfterDecryptingSharedMasterKeyAndHash( - adminAuthReqResponse, - privateKey, - userId, - ); - } else { - // Flow 3: masterPasswordHash is null - // we can assume key is authRequestPublicKey(userKey) and we can just decrypt with userKey and proceed to vault - await this.authRequestService.setUserKeyAfterDecryptingSharedUserKey( - adminAuthReqResponse, - privateKey, - userId, - ); - } - - // clear the admin auth request from state so it cannot be used again (it's a one time use) - // TODO: this should eventually be enforced via deleting this on the server once it is used - await this.authRequestService.clearAdminAuthRequest(userId); - - this.toastService.showToast({ - variant: "success", - title: null, - message: this.i18nService.t("loginApproved"), - }); - - // Now that we have a decrypted user key in memory, we can check if we - // need to establish trust on the current device - const activeAccount = await firstValueFrom(this.accountService.activeAccount$); - await this.deviceTrustService.trustDeviceIfRequired(activeAccount.id); - - // TODO: don't forget to use auto enrollment service everywhere we trust device - - await this.handleSuccessfulLoginNavigation(); - } - - // Authentication helper - private async buildAuthRequestLoginCredentials( - requestId: string, - response: AuthRequestResponse, - ): Promise { - // if masterPasswordHash has a value, we will always receive key as authRequestPublicKey(masterKey) + authRequestPublicKey(masterPasswordHash) - // if masterPasswordHash is null, we will always receive key as authRequestPublicKey(userKey) - if (response.masterPasswordHash) { - const { masterKey, masterKeyHash } = - await this.authRequestService.decryptPubKeyEncryptedMasterKeyAndHash( - response.key, - response.masterPasswordHash, - this.authRequestKeyPair.privateKey, - ); - - return new AuthRequestLoginCredentials( - this.email, - this.authRequest.accessCode, - requestId, - null, // no userKey - masterKey, - masterKeyHash, - ); - } else { - const userKey = await this.authRequestService.decryptPubKeyEncryptedUserKey( - response.key, - this.authRequestKeyPair.privateKey, - ); - return new AuthRequestLoginCredentials( - this.email, - this.authRequest.accessCode, - requestId, - userKey, - null, // no masterKey - null, // no masterKeyHash - ); - } - } - - private async loginViaAuthRequestStrategy( - requestId: string, - authReqResponse: AuthRequestResponse, - ): Promise { - // Note: credentials change based on if the authReqResponse.key is a encryptedMasterKey or UserKey - const credentials = await this.buildAuthRequestLoginCredentials(requestId, authReqResponse); - - // Note: keys are set by AuthRequestLoginStrategy success handling - return await this.loginStrategyService.logIn(credentials); - } - - // Routing logic - private async handlePostLoginNavigation(loginResponse: AuthResult) { - if (loginResponse.requiresTwoFactor) { - if (this.onSuccessfulLoginTwoFactorNavigate != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLoginTwoFactorNavigate(); - } else { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate([this.twoFactorRoute]); - } - } else if (loginResponse.forcePasswordReset != ForceSetPasswordReason.None) { - if (this.onSuccessfulLoginForceResetNavigate != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLoginForceResetNavigate(); - } else { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate([this.forcePasswordResetRoute]); - } - } else { - await this.handleSuccessfulLoginNavigation(); - } - } - - private async handleSuccessfulLoginNavigation() { - if (this.state === State.StandardAuthRequest) { - // Only need to set remembered email on standard login with auth req flow - await this.loginEmailService.saveEmailSettings(); - } - - if (this.onSuccessfulLogin != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLogin(); - } - - if (this.onSuccessfulLoginNavigate != null) { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.onSuccessfulLoginNavigate(); - } else { - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.router.navigate([this.successRoute]); - } - } -} diff --git a/libs/angular/src/auth/components/set-password.component.ts b/libs/angular/src/auth/components/set-password.component.ts index de079a7ebca..3d14eecd963 100644 --- a/libs/angular/src/auth/components/set-password.component.ts +++ b/libs/angular/src/auth/components/set-password.component.ts @@ -17,6 +17,7 @@ import { PolicyService } from "@bitwarden/common/admin-console/abstractions/poli import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options"; import { OrganizationAutoEnrollStatusResponse } from "@bitwarden/common/admin-console/models/response/organization-auto-enroll-status.response"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction"; import { ForceSetPasswordReason } from "@bitwarden/common/auth/models/domain/force-set-password-reason"; @@ -62,6 +63,7 @@ export class SetPasswordComponent extends BaseChangePasswordComponent implements private policyApiService: PolicyApiServiceAbstraction, policyService: PolicyService, protected router: Router, + private masterPasswordApiService: MasterPasswordApiService, private apiService: ApiService, private syncService: SyncService, private route: ActivatedRoute, @@ -195,7 +197,7 @@ export class SetPasswordComponent extends BaseChangePasswordComponent implements ); try { if (this.resetPasswordAutoEnroll) { - this.formPromise = this.apiService + this.formPromise = this.masterPasswordApiService .setPassword(request) .then(async () => { await this.onSetPasswordSuccess(masterKey, userKey, newKeyPair); @@ -222,7 +224,7 @@ export class SetPasswordComponent extends BaseChangePasswordComponent implements ); }); } else { - this.formPromise = this.apiService.setPassword(request).then(async () => { + this.formPromise = this.masterPasswordApiService.setPassword(request).then(async () => { await this.onSetPasswordSuccess(masterKey, userKey, newKeyPair); }); } diff --git a/libs/angular/src/auth/components/update-password.component.ts b/libs/angular/src/auth/components/update-password.component.ts index e6cefd40d1d..a7c5fdfe131 100644 --- a/libs/angular/src/auth/components/update-password.component.ts +++ b/libs/angular/src/auth/components/update-password.component.ts @@ -3,10 +3,10 @@ import { Directive } from "@angular/core"; import { Router } from "@angular/router"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction"; import { VerificationType } from "@bitwarden/common/auth/enums/verification-type"; @@ -40,7 +40,7 @@ export class UpdatePasswordComponent extends BaseChangePasswordComponent { policyService: PolicyService, keyService: KeyService, messagingService: MessagingService, - private apiService: ApiService, + private masterPasswordApiService: MasterPasswordApiService, private userVerificationService: UserVerificationService, private logService: LogService, dialogService: DialogService, @@ -117,9 +117,7 @@ export class UpdatePasswordComponent extends BaseChangePasswordComponent { request.key = newUserKey[1].encryptedString; // Update user's password - // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling. - // eslint-disable-next-line @typescript-eslint/no-floating-promises - this.apiService.postPassword(request); + await this.masterPasswordApiService.postPassword(request); this.toastService.showToast({ variant: "success", diff --git a/libs/angular/src/auth/components/update-temp-password.component.ts b/libs/angular/src/auth/components/update-temp-password.component.ts index 95c56d08486..9375bd03baa 100644 --- a/libs/angular/src/auth/components/update-temp-password.component.ts +++ b/libs/angular/src/auth/components/update-temp-password.component.ts @@ -4,10 +4,10 @@ import { Directive, OnInit } from "@angular/core"; import { Router } from "@angular/router"; import { firstValueFrom, map } from "rxjs"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { MasterPasswordPolicyOptions } from "@bitwarden/common/admin-console/models/domain/master-password-policy-options"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction"; import { VerificationType } from "@bitwarden/common/auth/enums/verification-type"; @@ -52,7 +52,7 @@ export class UpdateTempPasswordComponent extends BaseChangePasswordComponent imp policyService: PolicyService, keyService: KeyService, messagingService: MessagingService, - private apiService: ApiService, + private masterPasswordApiService: MasterPasswordApiService, private syncService: SyncService, private logService: LogService, private userVerificationService: UserVerificationService, @@ -202,7 +202,7 @@ export class UpdateTempPasswordComponent extends BaseChangePasswordComponent imp request.newMasterPasswordHash = masterPasswordHash; request.masterPasswordHint = this.hint; - return this.apiService.putUpdateTempPassword(request); + return this.masterPasswordApiService.putUpdateTempPassword(request); } private async updatePassword(newMasterPasswordHash: string, userKey: [UserKey, EncString]) { @@ -214,7 +214,7 @@ export class UpdateTempPasswordComponent extends BaseChangePasswordComponent imp request.newMasterPasswordHash = newMasterPasswordHash; request.key = userKey[1].encryptedString; - return this.apiService.postPassword(request); + return this.masterPasswordApiService.postPassword(request); } private async updateTdeOffboardingPassword( @@ -226,6 +226,6 @@ export class UpdateTempPasswordComponent extends BaseChangePasswordComponent imp request.newMasterPasswordHash = masterPasswordHash; request.masterPasswordHint = this.hint; - return this.apiService.putUpdateTdeOffboardingPassword(request); + return this.masterPasswordApiService.putUpdateTdeOffboardingPassword(request); } } diff --git a/libs/angular/src/auth/functions/unauth-ui-refresh-redirect.spec.ts b/libs/angular/src/auth/functions/unauth-ui-refresh-redirect.spec.ts deleted file mode 100644 index 887f528d547..00000000000 --- a/libs/angular/src/auth/functions/unauth-ui-refresh-redirect.spec.ts +++ /dev/null @@ -1,66 +0,0 @@ -import { TestBed } from "@angular/core/testing"; -import { Navigation, Router, UrlTree } from "@angular/router"; -import { mock, MockProxy } from "jest-mock-extended"; - -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; -import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; - -import { unauthUiRefreshRedirect } from "./unauth-ui-refresh-redirect"; - -describe("unauthUiRefreshRedirect", () => { - let configService: MockProxy; - let router: MockProxy; - - beforeEach(() => { - configService = mock(); - router = mock(); - - TestBed.configureTestingModule({ - providers: [ - { provide: ConfigService, useValue: configService }, - { provide: Router, useValue: router }, - ], - }); - }); - - it("returns true when UnauthenticatedExtensionUIRefresh flag is disabled", async () => { - configService.getFeatureFlag.mockResolvedValue(false); - - const result = await TestBed.runInInjectionContext(() => - unauthUiRefreshRedirect("/redirect")(), - ); - - expect(result).toBe(true); - expect(configService.getFeatureFlag).toHaveBeenCalledWith( - FeatureFlag.UnauthenticatedExtensionUIRefresh, - ); - expect(router.parseUrl).not.toHaveBeenCalled(); - }); - - it("returns UrlTree when UnauthenticatedExtensionUIRefresh flag is enabled and preserves query params", async () => { - configService.getFeatureFlag.mockResolvedValue(true); - - const urlTree = new UrlTree(); - urlTree.queryParams = { test: "test" }; - - const navigation: Navigation = { - extras: {}, - id: 0, - initialUrl: new UrlTree(), - extractedUrl: urlTree, - trigger: "imperative", - previousNavigation: undefined, - }; - - router.getCurrentNavigation.mockReturnValue(navigation); - - await TestBed.runInInjectionContext(() => unauthUiRefreshRedirect("/redirect")()); - - expect(configService.getFeatureFlag).toHaveBeenCalledWith( - FeatureFlag.UnauthenticatedExtensionUIRefresh, - ); - expect(router.createUrlTree).toHaveBeenCalledWith(["/redirect"], { - queryParams: urlTree.queryParams, - }); - }); -}); diff --git a/libs/angular/src/auth/functions/unauth-ui-refresh-redirect.ts b/libs/angular/src/auth/functions/unauth-ui-refresh-redirect.ts deleted file mode 100644 index 2cb53d5324f..00000000000 --- a/libs/angular/src/auth/functions/unauth-ui-refresh-redirect.ts +++ /dev/null @@ -1,29 +0,0 @@ -import { inject } from "@angular/core"; -import { UrlTree, Router } from "@angular/router"; - -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; -import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; - -/** - * Helper function to redirect to a new URL based on the UnauthenticatedExtensionUIRefresh feature flag. - * @param redirectUrl - The URL to redirect to if the UnauthenticatedExtensionUIRefresh flag is enabled. - */ -export function unauthUiRefreshRedirect(redirectUrl: string): () => Promise { - return async () => { - const configService = inject(ConfigService); - const router = inject(Router); - const shouldRedirect = await configService.getFeatureFlag( - FeatureFlag.UnauthenticatedExtensionUIRefresh, - ); - if (shouldRedirect) { - const currentNavigation = router.getCurrentNavigation(); - const queryParams = currentNavigation?.extractedUrl?.queryParams || {}; - - // Preserve query params when redirecting as it is likely that the refreshed component - // will be consuming the same query params. - return router.createUrlTree([redirectUrl], { queryParams }); - } else { - return true; - } - }; -} diff --git a/libs/angular/src/services/jslib-services.module.ts b/libs/angular/src/services/jslib-services.module.ts index 0069dd3e30f..906b99d096e 100644 --- a/libs/angular/src/services/jslib-services.module.ts +++ b/libs/angular/src/services/jslib-services.module.ts @@ -91,6 +91,7 @@ import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractio import { DevicesServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices/devices.service.abstraction"; import { DevicesApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices-api.service.abstraction"; import { KeyConnectorService as KeyConnectorServiceAbstraction } from "@bitwarden/common/auth/abstractions/key-connector.service"; +import { MasterPasswordApiService as MasterPasswordApiServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction, MasterPasswordServiceAbstraction, @@ -113,6 +114,7 @@ import { DeviceTrustService } from "@bitwarden/common/auth/services/device-trust import { DevicesServiceImplementation } from "@bitwarden/common/auth/services/devices/devices.service.implementation"; import { DevicesApiServiceImplementation } from "@bitwarden/common/auth/services/devices-api.service.implementation"; import { KeyConnectorService } from "@bitwarden/common/auth/services/key-connector.service"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/services/master-password/master-password-api.service.implementation"; import { MasterPasswordService } from "@bitwarden/common/auth/services/master-password/master-password.service"; import { PasswordResetEnrollmentServiceImplementation } from "@bitwarden/common/auth/services/password-reset-enrollment.service.implementation"; import { SsoLoginService } from "@bitwarden/common/auth/services/sso-login.service"; @@ -304,6 +306,8 @@ import { import { SafeInjectionToken } from "@bitwarden/ui-common"; import { DefaultTaskService, + DefaultEndUserNotificationService, + EndUserNotificationService, NewDeviceVerificationNoticeService, PasswordRepromptService, TaskService, @@ -1348,6 +1352,7 @@ const safeProviders: SafeProvider[] = [ useClass: DefaultSetPasswordJitService, deps: [ ApiServiceAbstraction, + MasterPasswordApiService, KeyService, EncryptService, I18nServiceAbstraction, @@ -1465,6 +1470,11 @@ const safeProviders: SafeProvider[] = [ useClass: DefaultTaskService, deps: [StateProvider, ApiServiceAbstraction, OrganizationServiceAbstraction, ConfigService], }), + safeProvider({ + provide: EndUserNotificationService, + useClass: DefaultEndUserNotificationService, + deps: [StateProvider, ApiServiceAbstraction], + }), safeProvider({ provide: DeviceTrustToastServiceAbstraction, useClass: DeviceTrustToastService, @@ -1475,6 +1485,11 @@ const safeProviders: SafeProvider[] = [ ToastService, ], }), + safeProvider({ + provide: MasterPasswordApiServiceAbstraction, + useClass: MasterPasswordApiService, + deps: [ApiServiceAbstraction, LogService], + }), ]; @NgModule({ diff --git a/libs/angular/src/vault/components/add-edit.component.ts b/libs/angular/src/vault/components/add-edit.component.ts index c843d186625..eed90c2ba70 100644 --- a/libs/angular/src/vault/components/add-edit.component.ts +++ b/libs/angular/src/vault/components/add-edit.component.ts @@ -15,7 +15,6 @@ import { AccountService } from "@bitwarden/common/auth/abstractions/account.serv import { getUserId } from "@bitwarden/common/auth/services/account.service"; import { normalizeExpiryYearFormat } from "@bitwarden/common/autofill/utils"; import { EventType } from "@bitwarden/common/enums"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { UriMatchStrategy } from "@bitwarden/common/models/domain/domain-service"; import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; @@ -208,10 +207,7 @@ export class AddEditComponent implements OnInit, OnDestroy { this.writeableCollections = await this.loadCollections(); this.canUseReprompt = await this.passwordRepromptService.enabled(); - const sshKeysEnabled = await this.configService.getFeatureFlag(FeatureFlag.SSHKeyVaultItem); - if (sshKeysEnabled) { - this.typeOptions.push({ name: this.i18nService.t("typeSshKey"), value: CipherType.SshKey }); - } + this.typeOptions.push({ name: this.i18nService.t("typeSshKey"), value: CipherType.SshKey }); } ngOnDestroy() { diff --git a/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.spec.ts b/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.spec.ts index 726110663fc..69d82a3bb77 100644 --- a/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.spec.ts +++ b/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.spec.ts @@ -9,6 +9,7 @@ import { import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; import { OrganizationKeysResponse } from "@bitwarden/common/admin-console/models/response/organization-keys.response"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { SetPasswordRequest } from "@bitwarden/common/auth/models/request/set-password.request"; import { EncryptService } from "@bitwarden/common/key-management/crypto/abstractions/encrypt.service"; @@ -31,6 +32,7 @@ describe("DefaultSetPasswordJitService", () => { let sut: DefaultSetPasswordJitService; let apiService: MockProxy; + let masterPasswordApiService: MockProxy; let keyService: MockProxy; let encryptService: MockProxy; let i18nService: MockProxy; @@ -42,6 +44,7 @@ describe("DefaultSetPasswordJitService", () => { beforeEach(() => { apiService = mock(); + masterPasswordApiService = mock(); keyService = mock(); encryptService = mock(); i18nService = mock(); @@ -53,6 +56,7 @@ describe("DefaultSetPasswordJitService", () => { sut = new DefaultSetPasswordJitService( apiService, + masterPasswordApiService, keyService, encryptService, i18nService, @@ -148,7 +152,7 @@ describe("DefaultSetPasswordJitService", () => { keyService.makeKeyPair.mockResolvedValue(keyPair); - apiService.setPassword.mockResolvedValue(undefined); + masterPasswordApiService.setPassword.mockResolvedValue(undefined); masterPasswordService.setForceSetPasswordReason.mockResolvedValue(undefined); userDecryptionOptionsSubject.next(new UserDecryptionOptions({ hasMasterPassword: true })); @@ -185,7 +189,7 @@ describe("DefaultSetPasswordJitService", () => { await sut.setPassword(credentials); // Assert - expect(apiService.setPassword).toHaveBeenCalledWith(setPasswordRequest); + expect(masterPasswordApiService.setPassword).toHaveBeenCalledWith(setPasswordRequest); }); it("should set password successfully (given no user key)", async () => { @@ -196,7 +200,7 @@ describe("DefaultSetPasswordJitService", () => { await sut.setPassword(credentials); // Assert - expect(apiService.setPassword).toHaveBeenCalledWith(setPasswordRequest); + expect(masterPasswordApiService.setPassword).toHaveBeenCalledWith(setPasswordRequest); }); it("should handle reset password auto enroll", async () => { @@ -210,7 +214,7 @@ describe("DefaultSetPasswordJitService", () => { await sut.setPassword(credentials); // Assert - expect(apiService.setPassword).toHaveBeenCalledWith(setPasswordRequest); + expect(masterPasswordApiService.setPassword).toHaveBeenCalledWith(setPasswordRequest); expect(organizationApiService.getKeys).toHaveBeenCalledWith(orgId); expect(encryptService.rsaEncrypt).toHaveBeenCalledWith(userKey.key, orgPublicKey); expect( diff --git a/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.ts b/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.ts index 6c9ce8f9267..65428ff4dff 100644 --- a/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.ts +++ b/libs/auth/src/angular/set-password-jit/default-set-password-jit.service.ts @@ -9,6 +9,7 @@ import { import { InternalUserDecryptionOptionsServiceAbstraction } from "@bitwarden/auth/common"; import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; +import { MasterPasswordApiService } from "@bitwarden/common/auth/abstractions/master-password-api.service.abstraction"; import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction"; import { ForceSetPasswordReason } from "@bitwarden/common/auth/models/domain/force-set-password-reason"; import { SetPasswordRequest } from "@bitwarden/common/auth/models/request/set-password.request"; @@ -29,6 +30,7 @@ import { export class DefaultSetPasswordJitService implements SetPasswordJitService { constructor( protected apiService: ApiService, + protected masterPasswordApiService: MasterPasswordApiService, protected keyService: KeyService, protected encryptService: EncryptService, protected i18nService: I18nService, @@ -77,7 +79,7 @@ export class DefaultSetPasswordJitService implements SetPasswordJitService { kdfConfig.iterations, ); - await this.apiService.setPassword(request); + await this.masterPasswordApiService.setPassword(request); // Clear force set password reason to allow navigation back to vault. await this.masterPasswordService.setForceSetPasswordReason(ForceSetPasswordReason.None, userId); diff --git a/libs/common/src/abstractions/api.service.ts b/libs/common/src/abstractions/api.service.ts index fe3f356719b..013b36f6358 100644 --- a/libs/common/src/abstractions/api.service.ts +++ b/libs/common/src/abstractions/api.service.ts @@ -38,7 +38,6 @@ import { ProviderUserUserDetailsResponse, } from "../admin-console/models/response/provider/provider-user.response"; import { SelectionReadOnlyResponse } from "../admin-console/models/response/selection-read-only.response"; -import { AuthRequest } from "../auth/models/request/auth.request"; import { DeviceVerificationRequest } from "../auth/models/request/device-verification.request"; import { DisableTwoFactorAuthenticatorRequest } from "../auth/models/request/disable-two-factor-authenticator.request"; import { EmailTokenRequest } from "../auth/models/request/email-token.request"; @@ -49,17 +48,13 @@ import { UserApiTokenRequest } from "../auth/models/request/identity-token/user- import { WebAuthnLoginTokenRequest } from "../auth/models/request/identity-token/webauthn-login-token.request"; import { KeyConnectorUserKeyRequest } from "../auth/models/request/key-connector-user-key.request"; import { PasswordHintRequest } from "../auth/models/request/password-hint.request"; -import { PasswordRequest } from "../auth/models/request/password.request"; import { PasswordlessAuthRequest } from "../auth/models/request/passwordless-auth.request"; import { SecretVerificationRequest } from "../auth/models/request/secret-verification.request"; import { SetKeyConnectorKeyRequest } from "../auth/models/request/set-key-connector-key.request"; -import { SetPasswordRequest } from "../auth/models/request/set-password.request"; import { TwoFactorEmailRequest } from "../auth/models/request/two-factor-email.request"; import { TwoFactorProviderRequest } from "../auth/models/request/two-factor-provider.request"; import { TwoFactorRecoveryRequest } from "../auth/models/request/two-factor-recovery.request"; import { UpdateProfileRequest } from "../auth/models/request/update-profile.request"; -import { UpdateTdeOffboardingPasswordRequest } from "../auth/models/request/update-tde-offboarding-password.request"; -import { UpdateTempPasswordRequest } from "../auth/models/request/update-temp-password.request"; import { UpdateTwoFactorAuthenticatorRequest } from "../auth/models/request/update-two-factor-authenticator.request"; import { UpdateTwoFactorDuoRequest } from "../auth/models/request/update-two-factor-duo.request"; import { UpdateTwoFactorEmailRequest } from "../auth/models/request/update-two-factor-email.request"; @@ -169,8 +164,6 @@ export abstract class ApiService { postPrelogin: (request: PreloginRequest) => Promise; postEmailToken: (request: EmailTokenRequest) => Promise; postEmail: (request: EmailRequest) => Promise; - postPassword: (request: PasswordRequest) => Promise; - setPassword: (request: SetPasswordRequest) => Promise; postSetKeyConnectorKey: (request: SetKeyConnectorKeyRequest) => Promise; postSecurityStamp: (request: SecretVerificationRequest) => Promise; getAccountRevisionDate: () => Promise; @@ -189,13 +182,8 @@ export abstract class ApiService { postAccountKdf: (request: KdfRequest) => Promise; postUserApiKey: (id: string, request: SecretVerificationRequest) => Promise; postUserRotateApiKey: (id: string, request: SecretVerificationRequest) => Promise; - putUpdateTempPassword: (request: UpdateTempPasswordRequest) => Promise; - putUpdateTdeOffboardingPassword: (request: UpdateTdeOffboardingPasswordRequest) => Promise; postConvertToKeyConnector: () => Promise; //passwordless - postAuthRequest: (request: AuthRequest) => Promise; - postAdminAuthRequest: (request: AuthRequest) => Promise; - getAuthResponse: (id: string, accessCode: string) => Promise; getAuthRequest: (id: string) => Promise; putAuthRequest: (id: string, request: PasswordlessAuthRequest) => Promise; getAuthRequests: () => Promise>; diff --git a/libs/common/src/auth/abstractions/master-password-api.service.abstraction.ts b/libs/common/src/auth/abstractions/master-password-api.service.abstraction.ts new file mode 100644 index 00000000000..442347ca456 --- /dev/null +++ b/libs/common/src/auth/abstractions/master-password-api.service.abstraction.ts @@ -0,0 +1,28 @@ +import { PasswordRequest } from "../models/request/password.request"; +import { SetPasswordRequest } from "../models/request/set-password.request"; +import { UpdateTdeOffboardingPasswordRequest } from "../models/request/update-tde-offboarding-password.request"; +import { UpdateTempPasswordRequest } from "../models/request/update-temp-password.request"; + +export abstract class MasterPasswordApiService { + /** + * POSTs a SetPasswordRequest to "/accounts/set-password" + */ + abstract setPassword: (request: SetPasswordRequest) => Promise; + + /** + * POSTs a PasswordRequest to "/accounts/password" + */ + abstract postPassword: (request: PasswordRequest) => Promise; + + /** + * PUTs an UpdateTempPasswordRequest to "/accounts/update-temp-password" + */ + abstract putUpdateTempPassword: (request: UpdateTempPasswordRequest) => Promise; + + /** + * PUTs an UpdateTdeOffboardingPasswordRequest to "/accounts/update-tde-offboarding-password" + */ + abstract putUpdateTdeOffboardingPassword: ( + request: UpdateTdeOffboardingPasswordRequest, + ) => Promise; +} diff --git a/libs/common/src/auth/services/master-password/master-password-api.service.implementation.ts b/libs/common/src/auth/services/master-password/master-password-api.service.implementation.ts new file mode 100644 index 00000000000..a91ccab24ef --- /dev/null +++ b/libs/common/src/auth/services/master-password/master-password-api.service.implementation.ts @@ -0,0 +1,85 @@ +import { ApiService } from "@bitwarden/common/abstractions/api.service"; +import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; + +import { MasterPasswordApiService as MasterPasswordApiServiceAbstraction } from "../../abstractions/master-password-api.service.abstraction"; +import { PasswordRequest } from "../../models/request/password.request"; +import { SetPasswordRequest } from "../../models/request/set-password.request"; +import { UpdateTdeOffboardingPasswordRequest } from "../../models/request/update-tde-offboarding-password.request"; +import { UpdateTempPasswordRequest } from "../../models/request/update-temp-password.request"; + +export class MasterPasswordApiService implements MasterPasswordApiServiceAbstraction { + constructor( + private apiService: ApiService, + private logService: LogService, + ) {} + + async setPassword(request: SetPasswordRequest): Promise { + try { + const response = await this.apiService.send( + "POST", + "/accounts/set-password", + request, + true, + false, + ); + + return response; + } catch (e: unknown) { + this.logService.error(e); + throw e; + } + } + + async postPassword(request: PasswordRequest): Promise { + try { + const response = await this.apiService.send( + "POST", + "/accounts/password", + request, + true, + false, + ); + + return response; + } catch (e: unknown) { + this.logService.error(e); + throw e; + } + } + + async putUpdateTempPassword(request: UpdateTempPasswordRequest): Promise { + try { + const response = await this.apiService.send( + "PUT", + "/accounts/update-temp-password", + request, + true, + false, + ); + + return response; + } catch (e: unknown) { + this.logService.error(e); + throw e; + } + } + + async putUpdateTdeOffboardingPassword( + request: UpdateTdeOffboardingPasswordRequest, + ): Promise { + try { + const response = await this.apiService.send( + "PUT", + "/accounts/update-tde-offboarding-password", + request, + true, + false, + ); + + return response; + } catch (e: unknown) { + this.logService.error(e); + throw e; + } + } +} diff --git a/libs/common/src/auth/services/master-password/master-password-api.service.spec.ts b/libs/common/src/auth/services/master-password/master-password-api.service.spec.ts new file mode 100644 index 00000000000..64d4fdf1c7b --- /dev/null +++ b/libs/common/src/auth/services/master-password/master-password-api.service.spec.ts @@ -0,0 +1,130 @@ +import { mock, MockProxy } from "jest-mock-extended"; + +import { ApiService } from "@bitwarden/common/abstractions/api.service"; +import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; +import { KdfType } from "@bitwarden/key-management"; + +import { PasswordRequest } from "../../models/request/password.request"; +import { SetPasswordRequest } from "../../models/request/set-password.request"; +import { UpdateTdeOffboardingPasswordRequest } from "../../models/request/update-tde-offboarding-password.request"; +import { UpdateTempPasswordRequest } from "../../models/request/update-temp-password.request"; + +import { MasterPasswordApiService } from "./master-password-api.service.implementation"; + +describe("MasterPasswordApiService", () => { + let apiService: MockProxy; + let logService: MockProxy; + + let sut: MasterPasswordApiService; + + beforeEach(() => { + apiService = mock(); + logService = mock(); + + sut = new MasterPasswordApiService(apiService, logService); + }); + + it("should instantiate", () => { + expect(sut).not.toBeFalsy(); + }); + + describe("setPassword", () => { + it("should call apiService.send with the correct parameters", async () => { + // Arrange + const request = new SetPasswordRequest( + "masterPasswordHash", + "key", + "masterPasswordHint", + "orgIdentifier", + { + publicKey: "publicKey", + encryptedPrivateKey: "encryptedPrivateKey", + }, + KdfType.PBKDF2_SHA256, + 600_000, + ); + + // Act + await sut.setPassword(request); + + // Assert + expect(apiService.send).toHaveBeenCalledWith( + "POST", + "/accounts/set-password", + request, + true, + false, + ); + }); + }); + + describe("postPassword", () => { + it("should call apiService.send with the correct parameters", async () => { + // Arrange + const request = { + newMasterPasswordHash: "newMasterPasswordHash", + masterPasswordHint: "masterPasswordHint", + key: "key", + masterPasswordHash: "masterPasswordHash", + } as PasswordRequest; + + // Act + await sut.postPassword(request); + + // Assert + expect(apiService.send).toHaveBeenCalledWith( + "POST", + "/accounts/password", + request, + true, + false, + ); + }); + }); + + describe("putUpdateTempPassword", () => { + it("should call apiService.send with the correct parameters", async () => { + // Arrange + const request = { + masterPasswordHint: "masterPasswordHint", + newMasterPasswordHash: "newMasterPasswordHash", + key: "key", + } as UpdateTempPasswordRequest; + + // Act + await sut.putUpdateTempPassword(request); + + // Assert + expect(apiService.send).toHaveBeenCalledWith( + "PUT", + "/accounts/update-temp-password", + request, + true, + false, + ); + }); + }); + + describe("putUpdateTdeOffboardingPassword", () => { + it("should call apiService.send with the correct parameters", async () => { + // Arrange + const request = { + masterPasswordHint: "masterPasswordHint", + newMasterPasswordHash: "newMasterPasswordHash", + key: "key", + } as UpdateTdeOffboardingPasswordRequest; + + // Act + await sut.putUpdateTdeOffboardingPassword(request); + + // Assert + expect(apiService.send).toHaveBeenCalledWith( + "PUT", + "/accounts/update-tde-offboarding-password", + request, + true, + false, + ); + }); + }); +}); diff --git a/libs/common/src/enums/feature-flag.enum.ts b/libs/common/src/enums/feature-flag.enum.ts index 3c68ad314fc..12931f61a74 100644 --- a/libs/common/src/enums/feature-flag.enum.ts +++ b/libs/common/src/enums/feature-flag.enum.ts @@ -27,18 +27,18 @@ export enum FeatureFlag { EnableRiskInsightsNotifications = "enable-risk-insights-notifications", DesktopSendUIRefresh = "desktop-send-ui-refresh", - PM4154_BulkEncryptionService = "PM-4154-bulk-encryption-service", - VaultBulkManagementAction = "vault-bulk-management-action", - UnauthenticatedExtensionUIRefresh = "unauth-ui-refresh", - SSHKeyVaultItem = "ssh-key-vault-item", - SSHAgent = "ssh-agent", - CipherKeyEncryption = "cipher-key-encryption", - TrialPaymentOptional = "PM-8163-trial-payment", - SecurityTasks = "security-tasks", + /* Vault */ + PM9111ExtensionPersistAddEditForm = "pm-9111-extension-persist-add-edit-form", NewDeviceVerificationTemporaryDismiss = "new-device-temporary-dismiss", NewDeviceVerificationPermanentDismiss = "new-device-permanent-dismiss", + VaultBulkManagementAction = "vault-bulk-management-action", + SecurityTasks = "security-tasks", + + PM4154_BulkEncryptionService = "PM-4154-bulk-encryption-service", + UnauthenticatedExtensionUIRefresh = "unauth-ui-refresh", + CipherKeyEncryption = "cipher-key-encryption", + TrialPaymentOptional = "PM-8163-trial-payment", MacOsNativeCredentialSync = "macos-native-credential-sync", - PM9111ExtensionPersistAddEditForm = "pm-9111-extension-persist-add-edit-form", PrivateKeyRegeneration = "pm-12241-private-key-regeneration", ResellerManagedOrgAlert = "PM-15814-alert-owners-of-reseller-managed-orgs", AccountDeprovisioningBanner = "pm-17120-account-deprovisioning-admin-console-banner", @@ -83,18 +83,18 @@ export const DefaultFeatureFlagValue = { [FeatureFlag.EnableRiskInsightsNotifications]: FALSE, [FeatureFlag.DesktopSendUIRefresh]: FALSE, - [FeatureFlag.PM4154_BulkEncryptionService]: FALSE, - [FeatureFlag.VaultBulkManagementAction]: FALSE, - [FeatureFlag.UnauthenticatedExtensionUIRefresh]: FALSE, - [FeatureFlag.SSHKeyVaultItem]: FALSE, - [FeatureFlag.SSHAgent]: FALSE, - [FeatureFlag.CipherKeyEncryption]: FALSE, - [FeatureFlag.TrialPaymentOptional]: FALSE, - [FeatureFlag.SecurityTasks]: FALSE, + /* Vault */ + [FeatureFlag.PM9111ExtensionPersistAddEditForm]: FALSE, [FeatureFlag.NewDeviceVerificationTemporaryDismiss]: FALSE, [FeatureFlag.NewDeviceVerificationPermanentDismiss]: FALSE, + [FeatureFlag.VaultBulkManagementAction]: FALSE, + [FeatureFlag.SecurityTasks]: FALSE, + + [FeatureFlag.PM4154_BulkEncryptionService]: FALSE, + [FeatureFlag.UnauthenticatedExtensionUIRefresh]: FALSE, + [FeatureFlag.CipherKeyEncryption]: FALSE, + [FeatureFlag.TrialPaymentOptional]: FALSE, [FeatureFlag.MacOsNativeCredentialSync]: FALSE, - [FeatureFlag.PM9111ExtensionPersistAddEditForm]: FALSE, [FeatureFlag.PrivateKeyRegeneration]: FALSE, [FeatureFlag.ResellerManagedOrgAlert]: FALSE, [FeatureFlag.AccountDeprovisioningBanner]: FALSE, diff --git a/libs/common/src/platform/state/state-definitions.ts b/libs/common/src/platform/state/state-definitions.ts index 58fb3f18250..82cb8bb1e37 100644 --- a/libs/common/src/platform/state/state-definitions.ts +++ b/libs/common/src/platform/state/state-definitions.ts @@ -201,3 +201,4 @@ export const NEW_DEVICE_VERIFICATION_NOTICE = new StateDefinition( export const VAULT_APPEARANCE = new StateDefinition("vaultAppearance", "disk"); export const SECURITY_TASKS_DISK = new StateDefinition("securityTasks", "disk"); export const AT_RISK_PASSWORDS_PAGE_DISK = new StateDefinition("atRiskPasswordsPage", "disk"); +export const NOTIFICATION_DISK = new StateDefinition("notifications", "disk"); diff --git a/libs/common/src/services/api.service.ts b/libs/common/src/services/api.service.ts index 7a43daccf6e..93e455ada80 100644 --- a/libs/common/src/services/api.service.ts +++ b/libs/common/src/services/api.service.ts @@ -43,7 +43,6 @@ import { } from "../admin-console/models/response/provider/provider-user.response"; import { SelectionReadOnlyResponse } from "../admin-console/models/response/selection-read-only.response"; import { TokenService } from "../auth/abstractions/token.service"; -import { AuthRequest } from "../auth/models/request/auth.request"; import { DeviceVerificationRequest } from "../auth/models/request/device-verification.request"; import { DisableTwoFactorAuthenticatorRequest } from "../auth/models/request/disable-two-factor-authenticator.request"; import { EmailTokenRequest } from "../auth/models/request/email-token.request"; @@ -56,17 +55,13 @@ import { UserApiTokenRequest } from "../auth/models/request/identity-token/user- import { WebAuthnLoginTokenRequest } from "../auth/models/request/identity-token/webauthn-login-token.request"; import { KeyConnectorUserKeyRequest } from "../auth/models/request/key-connector-user-key.request"; import { PasswordHintRequest } from "../auth/models/request/password-hint.request"; -import { PasswordRequest } from "../auth/models/request/password.request"; import { PasswordlessAuthRequest } from "../auth/models/request/passwordless-auth.request"; import { SecretVerificationRequest } from "../auth/models/request/secret-verification.request"; import { SetKeyConnectorKeyRequest } from "../auth/models/request/set-key-connector-key.request"; -import { SetPasswordRequest } from "../auth/models/request/set-password.request"; import { TwoFactorEmailRequest } from "../auth/models/request/two-factor-email.request"; import { TwoFactorProviderRequest } from "../auth/models/request/two-factor-provider.request"; import { TwoFactorRecoveryRequest } from "../auth/models/request/two-factor-recovery.request"; import { UpdateProfileRequest } from "../auth/models/request/update-profile.request"; -import { UpdateTdeOffboardingPasswordRequest } from "../auth/models/request/update-tde-offboarding-password.request"; -import { UpdateTempPasswordRequest } from "../auth/models/request/update-temp-password.request"; import { UpdateTwoFactorAuthenticatorRequest } from "../auth/models/request/update-two-factor-authenticator.request"; import { UpdateTwoFactorDuoRequest } from "../auth/models/request/update-two-factor-duo.request"; import { UpdateTwoFactorEmailRequest } from "../auth/models/request/update-two-factor-email.request"; @@ -279,22 +274,6 @@ export class ApiService implements ApiServiceAbstraction { } // TODO: PM-3519: Create and move to AuthRequest Api service - // TODO: PM-9724: Remove legacy auth request methods when we remove legacy LoginViaAuthRequestV1Components - async postAuthRequest(request: AuthRequest): Promise { - const r = await this.send("POST", "/auth-requests/", request, false, true); - return new AuthRequestResponse(r); - } - async postAdminAuthRequest(request: AuthRequest): Promise { - const r = await this.send("POST", "/auth-requests/admin-request", request, true, true); - return new AuthRequestResponse(r); - } - - async getAuthResponse(id: string, accessCode: string): Promise { - const path = `/auth-requests/${id}/response?code=${accessCode}`; - const r = await this.send("GET", path, null, false, true); - return new AuthRequestResponse(r); - } - async getAuthRequest(id: string): Promise { const path = `/auth-requests/${id}`; const r = await this.send("GET", path, null, true, true); @@ -374,14 +353,6 @@ export class ApiService implements ApiServiceAbstraction { return this.send("POST", "/accounts/email", request, true, false); } - postPassword(request: PasswordRequest): Promise { - return this.send("POST", "/accounts/password", request, true, false); - } - - setPassword(request: SetPasswordRequest): Promise { - return this.send("POST", "/accounts/set-password", request, true, false); - } - postSetKeyConnectorKey(request: SetKeyConnectorKeyRequest): Promise { return this.send("POST", "/accounts/set-key-connector-key", request, true, false); } @@ -479,14 +450,6 @@ export class ApiService implements ApiServiceAbstraction { return new ApiKeyResponse(r); } - putUpdateTempPassword(request: UpdateTempPasswordRequest): Promise { - return this.send("PUT", "/accounts/update-temp-password", request, true, false); - } - - putUpdateTdeOffboardingPassword(request: UpdateTdeOffboardingPasswordRequest): Promise { - return this.send("PUT", "/accounts/update-tde-offboarding-password", request, true, false); - } - postConvertToKeyConnector(): Promise { return this.send("POST", "/accounts/convert-to-key-connector", null, true, false); } diff --git a/libs/common/src/types/guid.ts b/libs/common/src/types/guid.ts index 5ad498c115a..7a0ec4c1d58 100644 --- a/libs/common/src/types/guid.ts +++ b/libs/common/src/types/guid.ts @@ -11,3 +11,4 @@ export type CipherId = Opaque; export type SendId = Opaque; export type IndexedEntityId = Opaque; export type SecurityTaskId = Opaque; +export type NotificationId = Opaque; diff --git a/libs/vault/src/cipher-view/cipher-view.component.ts b/libs/vault/src/cipher-view/cipher-view.component.ts index 3782b866f1d..1df96656da5 100644 --- a/libs/vault/src/cipher-view/cipher-view.component.ts +++ b/libs/vault/src/cipher-view/cipher-view.component.ts @@ -171,6 +171,10 @@ export class CipherViewComponent implements OnChanges, OnDestroy { } async checkPendingChangePasswordTasks(userId: UserId): Promise { + if (!(await firstValueFrom(this.isSecurityTasksEnabled$))) { + return; + } + const tasks = await firstValueFrom(this.defaultTaskService.pendingTasks$(userId)); this.hadPendingChangePasswordTask = tasks?.some((task) => { diff --git a/libs/vault/src/cipher-view/item-history/item-history-v2.component.html b/libs/vault/src/cipher-view/item-history/item-history-v2.component.html index 19d1cfe1744..c069e36dde1 100644 --- a/libs/vault/src/cipher-view/item-history/item-history-v2.component.html +++ b/libs/vault/src/cipher-view/item-history/item-history-v2.component.html @@ -3,12 +3,12 @@

    {{ "itemHistory" | i18n }}

    -

    +

    {{ "lastEdited" | i18n }}: {{ cipher.revisionDate | date: "medium" }}

    {{ "datePasswordUpdated" | i18n }}: diff --git a/libs/vault/src/index.ts b/libs/vault/src/index.ts index d21e430f0a3..f359b7289ae 100644 --- a/libs/vault/src/index.ts +++ b/libs/vault/src/index.ts @@ -26,6 +26,7 @@ export * from "./components/carousel"; export * as VaultIcons from "./icons"; export * from "./tasks"; +export * from "./notifications"; export { DefaultSshImportPromptService } from "./services/default-ssh-import-prompt.service"; export { SshImportPromptService } from "./services/ssh-import-prompt.service"; diff --git a/libs/vault/src/notifications/abstractions/end-user-notification.service.ts b/libs/vault/src/notifications/abstractions/end-user-notification.service.ts new file mode 100644 index 00000000000..2ed7e1de631 --- /dev/null +++ b/libs/vault/src/notifications/abstractions/end-user-notification.service.ts @@ -0,0 +1,49 @@ +import { Observable } from "rxjs"; + +import { UserId } from "@bitwarden/common/types/guid"; + +import { NotificationView } from "../models"; + +/** + * A service for retrieving and managing notifications for end users. + */ +export abstract class EndUserNotificationService { + /** + * Observable of all notifications for the given user. + * @param userId + */ + abstract notifications$(userId: UserId): Observable; + + /** + * Observable of all unread notifications for the given user. + * @param userId + */ + abstract unreadNotifications$(userId: UserId): Observable; + + /** + * Mark a notification as read. + * @param notificationId + * @param userId + */ + abstract markAsRead(notificationId: any, userId: UserId): Promise; + + /** + * Mark a notification as deleted. + * @param notificationId + * @param userId + */ + abstract markAsDeleted(notificationId: any, userId: UserId): Promise; + + /** + * Create/update a notification in the state for the user specified within the notification. + * @remarks This method should only be called when a notification payload is received from the web socket. + * @param notification + */ + abstract upsert(notification: Notification): Promise; + + /** + * Clear all notifications from state for the given user. + * @param userId + */ + abstract clearState(userId: UserId): Promise; +} diff --git a/libs/vault/src/notifications/index.ts b/libs/vault/src/notifications/index.ts new file mode 100644 index 00000000000..0c9d5c0d16b --- /dev/null +++ b/libs/vault/src/notifications/index.ts @@ -0,0 +1,2 @@ +export * from "./abstractions/end-user-notification.service"; +export * from "./services/default-end-user-notification.service"; diff --git a/libs/vault/src/notifications/models/index.ts b/libs/vault/src/notifications/models/index.ts new file mode 100644 index 00000000000..b782335caa9 --- /dev/null +++ b/libs/vault/src/notifications/models/index.ts @@ -0,0 +1,3 @@ +export * from "./notification-view"; +export * from "./notification-view.data"; +export * from "./notification-view.response"; diff --git a/libs/vault/src/notifications/models/notification-view.data.ts b/libs/vault/src/notifications/models/notification-view.data.ts new file mode 100644 index 00000000000..07c147052ad --- /dev/null +++ b/libs/vault/src/notifications/models/notification-view.data.ts @@ -0,0 +1,37 @@ +import { Jsonify } from "type-fest"; + +import { NotificationId } from "@bitwarden/common/types/guid"; + +import { NotificationViewResponse } from "./notification-view.response"; + +export class NotificationViewData { + id: NotificationId; + priority: number; + title: string; + body: string; + date: Date; + readDate: Date | null; + deletedDate: Date | null; + + constructor(response: NotificationViewResponse) { + this.id = response.id; + this.priority = response.priority; + this.title = response.title; + this.body = response.body; + this.date = response.date; + this.readDate = response.readDate; + this.deletedDate = response.deletedDate; + } + + static fromJSON(obj: Jsonify) { + return Object.assign(new NotificationViewData({} as NotificationViewResponse), obj, { + id: obj.id, + priority: obj.priority, + title: obj.title, + body: obj.body, + date: new Date(obj.date), + readDate: obj.readDate ? new Date(obj.readDate) : null, + deletedDate: obj.deletedDate ? new Date(obj.deletedDate) : null, + }); + } +} diff --git a/libs/vault/src/notifications/models/notification-view.response.ts b/libs/vault/src/notifications/models/notification-view.response.ts new file mode 100644 index 00000000000..bbebf25bd4e --- /dev/null +++ b/libs/vault/src/notifications/models/notification-view.response.ts @@ -0,0 +1,23 @@ +import { BaseResponse } from "@bitwarden/common/models/response/base.response"; +import { NotificationId } from "@bitwarden/common/types/guid"; + +export class NotificationViewResponse extends BaseResponse { + id: NotificationId; + priority: number; + title: string; + body: string; + date: Date; + readDate: Date; + deletedDate: Date; + + constructor(response: any) { + super(response); + this.id = this.getResponseProperty("Id"); + this.priority = this.getResponseProperty("Priority"); + this.title = this.getResponseProperty("Title"); + this.body = this.getResponseProperty("Body"); + this.date = this.getResponseProperty("Date"); + this.readDate = this.getResponseProperty("ReadDate"); + this.deletedDate = this.getResponseProperty("DeletedDate"); + } +} diff --git a/libs/vault/src/notifications/models/notification-view.ts b/libs/vault/src/notifications/models/notification-view.ts new file mode 100644 index 00000000000..b577a889d05 --- /dev/null +++ b/libs/vault/src/notifications/models/notification-view.ts @@ -0,0 +1,21 @@ +import { NotificationId } from "@bitwarden/common/types/guid"; + +export class NotificationView { + id: NotificationId; + priority: number; + title: string; + body: string; + date: Date; + readDate: Date | null; + deletedDate: Date | null; + + constructor(obj: any) { + this.id = obj.id; + this.priority = obj.priority; + this.title = obj.title; + this.body = obj.body; + this.date = obj.date; + this.readDate = obj.readDate; + this.deletedDate = obj.deletedDate; + } +} diff --git a/libs/vault/src/notifications/services/default-end-user-notification.service.spec.ts b/libs/vault/src/notifications/services/default-end-user-notification.service.spec.ts new file mode 100644 index 00000000000..ac4304998bc --- /dev/null +++ b/libs/vault/src/notifications/services/default-end-user-notification.service.spec.ts @@ -0,0 +1,193 @@ +import { TestBed } from "@angular/core/testing"; +import { firstValueFrom } from "rxjs"; + +import { ApiService } from "@bitwarden/common/abstractions/api.service"; +import { StateProvider } from "@bitwarden/common/platform/state"; +import { NotificationId, UserId } from "@bitwarden/common/types/guid"; +import { DefaultEndUserNotificationService } from "@bitwarden/vault"; + +import { FakeStateProvider, mockAccountServiceWith } from "../../../../common/spec"; +import { NotificationViewResponse } from "../models"; +import { NOTIFICATIONS } from "../state/end-user-notification.state"; + +describe("End User Notification Center Service", () => { + let fakeStateProvider: FakeStateProvider; + + const mockApiSend = jest.fn(); + + let testBed: TestBed; + + beforeEach(async () => { + mockApiSend.mockClear(); + + fakeStateProvider = new FakeStateProvider(mockAccountServiceWith("user-id" as UserId)); + + testBed = TestBed.configureTestingModule({ + imports: [], + providers: [ + DefaultEndUserNotificationService, + { + provide: StateProvider, + useValue: fakeStateProvider, + }, + { + provide: ApiService, + useValue: { + send: mockApiSend, + }, + }, + ], + }); + }); + + describe("notifications$", () => { + it("should return notifications from state when not null", async () => { + fakeStateProvider.singleUser.mockFor("user-id" as UserId, NOTIFICATIONS, [ + { + id: "notification-id" as NotificationId, + } as NotificationViewResponse, + ]); + + const { notifications$ } = testBed.inject(DefaultEndUserNotificationService); + + const result = await firstValueFrom(notifications$("user-id" as UserId)); + + expect(result.length).toBe(1); + expect(mockApiSend).not.toHaveBeenCalled(); + }); + + it("should return notifications API when state is null", async () => { + mockApiSend.mockResolvedValue({ + data: [ + { + id: "notification-id", + }, + ] as NotificationViewResponse[], + }); + + fakeStateProvider.singleUser.mockFor("user-id" as UserId, NOTIFICATIONS, null as any); + + const { notifications$ } = testBed.inject(DefaultEndUserNotificationService); + + const result = await firstValueFrom(notifications$("user-id" as UserId)); + + expect(result.length).toBe(1); + expect(mockApiSend).toHaveBeenCalledWith("GET", "/notifications", null, true, true); + }); + + it("should share the same observable for the same user", async () => { + const { notifications$ } = testBed.inject(DefaultEndUserNotificationService); + + const first = notifications$("user-id" as UserId); + const second = notifications$("user-id" as UserId); + + expect(first).toBe(second); + }); + }); + + describe("unreadNotifications$", () => { + it("should return unread notifications from state when read value is null", async () => { + fakeStateProvider.singleUser.mockFor("user-id" as UserId, NOTIFICATIONS, [ + { + id: "notification-id" as NotificationId, + readDate: null as any, + } as NotificationViewResponse, + ]); + + const { unreadNotifications$ } = testBed.inject(DefaultEndUserNotificationService); + + const result = await firstValueFrom(unreadNotifications$("user-id" as UserId)); + + expect(result.length).toBe(1); + expect(mockApiSend).not.toHaveBeenCalled(); + }); + }); + + describe("getNotifications", () => { + it("should call getNotifications returning notifications from API", async () => { + mockApiSend.mockResolvedValue({ + data: [ + { + id: "notification-id", + }, + ] as NotificationViewResponse[], + }); + const service = testBed.inject(DefaultEndUserNotificationService); + + await service.getNotifications("user-id" as UserId); + + expect(mockApiSend).toHaveBeenCalledWith("GET", "/notifications", null, true, true); + }); + }); + it("should update local state when notifications are updated", async () => { + mockApiSend.mockResolvedValue({ + data: [ + { + id: "notification-id", + }, + ] as NotificationViewResponse[], + }); + + const mock = fakeStateProvider.singleUser.mockFor( + "user-id" as UserId, + NOTIFICATIONS, + null as any, + ); + + const service = testBed.inject(DefaultEndUserNotificationService); + + await service.getNotifications("user-id" as UserId); + + expect(mock.nextMock).toHaveBeenCalledWith([ + expect.objectContaining({ + id: "notification-id" as NotificationId, + } as NotificationViewResponse), + ]); + }); + + describe("clear", () => { + it("should clear the local notification state for the user", async () => { + const mock = fakeStateProvider.singleUser.mockFor("user-id" as UserId, NOTIFICATIONS, [ + { + id: "notification-id" as NotificationId, + } as NotificationViewResponse, + ]); + + const service = testBed.inject(DefaultEndUserNotificationService); + + await service.clearState("user-id" as UserId); + + expect(mock.nextMock).toHaveBeenCalledWith([]); + }); + }); + + describe("markAsDeleted", () => { + it("should send an API request to mark the notification as deleted", async () => { + const service = testBed.inject(DefaultEndUserNotificationService); + + await service.markAsDeleted("notification-id" as NotificationId, "user-id" as UserId); + expect(mockApiSend).toHaveBeenCalledWith( + "DELETE", + "/notifications/notification-id/delete", + null, + true, + false, + ); + }); + }); + + describe("markAsRead", () => { + it("should send an API request to mark the notification as read", async () => { + const service = testBed.inject(DefaultEndUserNotificationService); + + await service.markAsRead("notification-id" as NotificationId, "user-id" as UserId); + expect(mockApiSend).toHaveBeenCalledWith( + "PATCH", + "/notifications/notification-id/read", + null, + true, + false, + ); + }); + }); +}); diff --git a/libs/vault/src/notifications/services/default-end-user-notification.service.ts b/libs/vault/src/notifications/services/default-end-user-notification.service.ts new file mode 100644 index 00000000000..517a968f8af --- /dev/null +++ b/libs/vault/src/notifications/services/default-end-user-notification.service.ts @@ -0,0 +1,104 @@ +import { Injectable } from "@angular/core"; +import { map, Observable, switchMap } from "rxjs"; + +import { ApiService } from "@bitwarden/common/abstractions/api.service"; +import { ListResponse } from "@bitwarden/common/models/response/list.response"; +import { StateProvider } from "@bitwarden/common/platform/state"; +import { UserId } from "@bitwarden/common/types/guid"; + +import { filterOutNullish, perUserCache$ } from "../../utils/observable-utilities"; +import { EndUserNotificationService } from "../abstractions/end-user-notification.service"; +import { NotificationView, NotificationViewData, NotificationViewResponse } from "../models"; +import { NOTIFICATIONS } from "../state/end-user-notification.state"; + +/** + * A service for retrieving and managing notifications for end users. + */ +@Injectable() +export class DefaultEndUserNotificationService implements EndUserNotificationService { + constructor( + private stateProvider: StateProvider, + private apiService: ApiService, + ) {} + + notifications$ = perUserCache$((userId: UserId): Observable => { + return this.notificationState(userId).state$.pipe( + switchMap(async (notifications) => { + if (notifications == null) { + await this.fetchNotificationsFromApi(userId); + } + return notifications; + }), + filterOutNullish(), + map((notifications) => + notifications.map((notification) => new NotificationView(notification)), + ), + ); + }); + + unreadNotifications$ = perUserCache$((userId: UserId): Observable => { + return this.notifications$(userId).pipe( + map((notifications) => notifications.filter((notification) => notification.readDate == null)), + ); + }); + + async markAsRead(notificationId: any, userId: UserId): Promise { + await this.apiService.send("PATCH", `/notifications/${notificationId}/read`, null, true, false); + await this.getNotifications(userId); + } + + async markAsDeleted(notificationId: any, userId: UserId): Promise { + await this.apiService.send( + "DELETE", + `/notifications/${notificationId}/delete`, + null, + true, + false, + ); + await this.getNotifications(userId); + } + + upsert(notification: Notification): any {} + + async clearState(userId: UserId): Promise { + await this.updateNotificationState(userId, []); + } + + async getNotifications(userId: UserId) { + await this.fetchNotificationsFromApi(userId); + } + + /** + * Fetches the notifications from the API and updates the local state + * @param userId + * @private + */ + private async fetchNotificationsFromApi(userId: UserId): Promise { + const res = await this.apiService.send("GET", "/notifications", null, true, true); + const response = new ListResponse(res, NotificationViewResponse); + const notificationData = response.data.map((n) => new NotificationView(n)); + await this.updateNotificationState(userId, notificationData); + } + + /** + * Updates the local state with notifications and returns the updated state + * @param userId + * @param notifications + * @private + */ + private updateNotificationState( + userId: UserId, + notifications: NotificationViewData[], + ): Promise { + return this.notificationState(userId).update(() => notifications); + } + + /** + * Returns the local state for notifications + * @param userId + * @private + */ + private notificationState(userId: UserId) { + return this.stateProvider.getUser(userId, NOTIFICATIONS); + } +} diff --git a/libs/vault/src/notifications/state/end-user-notification.state.ts b/libs/vault/src/notifications/state/end-user-notification.state.ts new file mode 100644 index 00000000000..644c8e42429 --- /dev/null +++ b/libs/vault/src/notifications/state/end-user-notification.state.ts @@ -0,0 +1,15 @@ +import { Jsonify } from "type-fest"; + +import { NOTIFICATION_DISK, UserKeyDefinition } from "@bitwarden/common/platform/state"; + +import { NotificationViewData } from "../models"; + +export const NOTIFICATIONS = UserKeyDefinition.array( + NOTIFICATION_DISK, + "notifications", + { + deserializer: (notification: Jsonify) => + NotificationViewData.fromJSON(notification), + clearOn: ["logout", "lock"], + }, +); diff --git a/package-lock.json b/package-lock.json index 7cb1d50947a..023b36afadc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -96,7 +96,7 @@ "@storybook/theming": "8.5.2", "@storybook/web-components-webpack5": "8.5.2", "@types/argon2-browser": "1.18.4", - "@types/chrome": "0.0.280", + "@types/chrome": "0.0.306", "@types/firefox-webext-browser": "120.0.4", "@types/inquirer": "8.2.10", "@types/jest": "29.5.12", @@ -10904,9 +10904,9 @@ } }, "node_modules/@types/chrome": { - "version": "0.0.280", - "resolved": "https://registry.npmjs.org/@types/chrome/-/chrome-0.0.280.tgz", - "integrity": "sha512-AotSmZrL9bcZDDmSI1D9dE7PGbhOur5L0cKxXd7IqbVizQWCY4gcvupPUVsQ4FfDj3V2tt/iOpomT9EY0s+w1g==", + "version": "0.0.306", + "resolved": "https://registry.npmjs.org/@types/chrome/-/chrome-0.0.306.tgz", + "integrity": "sha512-95kgcqvTNcaZCXmx/kIKY6uo83IaRNT3cuPxYqlB2Iu+HzKDCP4t7TUe7KhJijTdibcvn+SzziIcfSLIlgRnhQ==", "dev": true, "license": "MIT", "dependencies": { diff --git a/package.json b/package.json index a421d87b5de..571ec82fcda 100644 --- a/package.json +++ b/package.json @@ -58,7 +58,7 @@ "@storybook/theming": "8.5.2", "@storybook/web-components-webpack5": "8.5.2", "@types/argon2-browser": "1.18.4", - "@types/chrome": "0.0.280", + "@types/chrome": "0.0.306", "@types/firefox-webext-browser": "120.0.4", "@types/inquirer": "8.2.10", "@types/jest": "29.5.12",