mirror of
https://github.com/bitwarden/browser
synced 2025-12-19 09:43:23 +00:00
Auth/ps 2298 reorg auth (#4564)
* Move auth service factories to Auth team * Move authentication componenets to Auth team * Move auth guard services to Auth team * Move Duo content script to Auth team * Move auth CLI commands to Auth team * Move Desktop Account components to Auth Team * Move Desktop guards to Auth team * Move two-factor provider images to Auth team * Move web Accounts components to Auth Team * Move web settings components to Auth Team * Move web two factor images to Auth Team * Fix missed import changes for Auth Team * Fix Linting errors * Fix missed CLI imports * Fix missed Desktop imports * Revert images move * Fix missed imports in Web * Move angular lib components to Auth Team * Move angular auth guards to Auth team * Move strategy specs to Auth team * Update .eslintignore for new paths * Move lib common abstractions to Auth team * Move services to Auth team * Move common lib enums to Auth team * Move webauthn iframe to Auth team * Move lib common domain models to Auth team * Move common lib requests to Auth team * Move response models to Auth team * Clean up whitelist * Move bit web components to Auth team * Move SSO and SCIM files to Auth team * Revert move SCIM to Auth team SCIM belongs to Admin Console team * Move captcha to Auth team * Move key connector to Auth team * Move emergency access to auth team * Delete extra file * linter fixes * Move kdf config to auth team * Fix whitelist * Fix duo autoformat * Complete two factor provider request move * Fix whitelist names * Fix login capitalization * Revert hint dependency reordering * Revert hint dependency reordering * Revert hint component This components is being picked up as a move between clients * Move web hint component to Auth team * Move new files to auth team * Fix desktop build * Fix browser build
This commit is contained in:
Matt Gibson
GitHub
@@ -1,29 +0,0 @@
|
||||
import { KdfType } from "../../../enums/kdfType";
|
||||
import { KdfConfig } from "../../domain/kdf-config";
|
||||
import { KeysRequest } from "../keys.request";
|
||||
|
||||
export class SetKeyConnectorKeyRequest {
|
||||
key: string;
|
||||
keys: KeysRequest;
|
||||
kdf: KdfType;
|
||||
kdfIterations: number;
|
||||
kdfMemory?: number;
|
||||
kdfParallelism?: number;
|
||||
orgIdentifier: string;
|
||||
|
||||
constructor(
|
||||
key: string,
|
||||
kdf: KdfType,
|
||||
kdfConfig: KdfConfig,
|
||||
orgIdentifier: string,
|
||||
keys: KeysRequest
|
||||
) {
|
||||
this.key = key;
|
||||
this.kdf = kdf;
|
||||
this.kdfIterations = kdfConfig.iterations;
|
||||
this.kdfMemory = kdfConfig.memory;
|
||||
this.kdfParallelism = kdfConfig.parallelism;
|
||||
this.orgIdentifier = orgIdentifier;
|
||||
this.keys = keys;
|
||||
}
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
export class VerifyOTPRequest {
|
||||
OTP: string;
|
||||
|
||||
constructor(OTP: string) {
|
||||
this.OTP = OTP;
|
||||
}
|
||||
}
|
||||
@@ -1,3 +0,0 @@
|
||||
export abstract class CaptchaProtectedRequest {
|
||||
captchaResponse: string = null;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
export class DeviceVerificationRequest {
|
||||
unknownDeviceVerificationEnabled: boolean;
|
||||
|
||||
constructor(unknownDeviceVerificationEnabled: boolean) {
|
||||
this.unknownDeviceVerificationEnabled = unknownDeviceVerificationEnabled;
|
||||
}
|
||||
}
|
||||
@@ -1,16 +0,0 @@
|
||||
import { PlatformUtilsService } from "../../abstractions/platformUtils.service";
|
||||
import { DeviceType } from "../../enums/deviceType";
|
||||
|
||||
export class DeviceRequest {
|
||||
type: DeviceType;
|
||||
name: string;
|
||||
identifier: string;
|
||||
pushToken?: string;
|
||||
|
||||
constructor(appId: string, platformUtilsService: PlatformUtilsService) {
|
||||
this.type = platformUtilsService.getDevice();
|
||||
this.name = platformUtilsService.getDeviceString();
|
||||
this.identifier = appId;
|
||||
this.pushToken = null;
|
||||
}
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class EmailTokenRequest extends SecretVerificationRequest {
|
||||
newEmail: string;
|
||||
masterPasswordHash: string;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { EmailTokenRequest } from "./email-token.request";
|
||||
|
||||
export class EmailRequest extends EmailTokenRequest {
|
||||
newMasterPasswordHash: string;
|
||||
token: string;
|
||||
key: string;
|
||||
}
|
||||
@@ -1,3 +0,0 @@
|
||||
export class EmergencyAccessAcceptRequest {
|
||||
token: string;
|
||||
}
|
||||
@@ -1,3 +0,0 @@
|
||||
export class EmergencyAccessConfirmRequest {
|
||||
key: string;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { EmergencyAccessType } from "../../enums/emergencyAccessType";
|
||||
|
||||
export class EmergencyAccessInviteRequest {
|
||||
email: string;
|
||||
type: EmergencyAccessType;
|
||||
waitTimeDays: number;
|
||||
}
|
||||
@@ -1,4 +0,0 @@
|
||||
export class EmergencyAccessPasswordRequest {
|
||||
newMasterPasswordHash: string;
|
||||
key: string;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { EmergencyAccessType } from "../../enums/emergencyAccessType";
|
||||
|
||||
export class EmergencyAccessUpdateRequest {
|
||||
type: EmergencyAccessType;
|
||||
waitTimeDays: number;
|
||||
keyEncrypted?: string;
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
import { ClientType } from "../../../enums/clientType";
|
||||
import { Utils } from "../../../misc/utils";
|
||||
import { CaptchaProtectedRequest } from "../captcha-protected.request";
|
||||
import { DeviceRequest } from "../device.request";
|
||||
|
||||
import { TokenTwoFactorRequest } from "./token-two-factor.request";
|
||||
import { TokenRequest } from "./token.request";
|
||||
|
||||
export class PasswordTokenRequest extends TokenRequest implements CaptchaProtectedRequest {
|
||||
constructor(
|
||||
public email: string,
|
||||
public masterPasswordHash: string,
|
||||
public captchaResponse: string,
|
||||
protected twoFactor: TokenTwoFactorRequest,
|
||||
device?: DeviceRequest
|
||||
) {
|
||||
super(twoFactor, device);
|
||||
}
|
||||
|
||||
toIdentityToken(clientId: ClientType) {
|
||||
const obj = super.toIdentityToken(clientId);
|
||||
|
||||
obj.grant_type = "password";
|
||||
obj.username = this.email;
|
||||
obj.password = this.masterPasswordHash;
|
||||
|
||||
if (this.captchaResponse != null) {
|
||||
obj.captchaResponse = this.captchaResponse;
|
||||
}
|
||||
|
||||
return obj;
|
||||
}
|
||||
|
||||
alterIdentityTokenHeaders(headers: Headers) {
|
||||
headers.set("Auth-Email", Utils.fromUtf8ToUrlB64(this.email));
|
||||
}
|
||||
}
|
||||
@@ -1,27 +0,0 @@
|
||||
import { DeviceRequest } from "../device.request";
|
||||
|
||||
import { TokenTwoFactorRequest } from "./token-two-factor.request";
|
||||
import { TokenRequest } from "./token.request";
|
||||
|
||||
export class SsoTokenRequest extends TokenRequest {
|
||||
constructor(
|
||||
public code: string,
|
||||
public codeVerifier: string,
|
||||
public redirectUri: string,
|
||||
protected twoFactor: TokenTwoFactorRequest,
|
||||
device?: DeviceRequest
|
||||
) {
|
||||
super(twoFactor, device);
|
||||
}
|
||||
|
||||
toIdentityToken(clientId: string) {
|
||||
const obj = super.toIdentityToken(clientId);
|
||||
|
||||
obj.grant_type = "authorization_code";
|
||||
obj.code = this.code;
|
||||
obj.code_verifier = this.codeVerifier;
|
||||
obj.redirect_uri = this.redirectUri;
|
||||
|
||||
return obj;
|
||||
}
|
||||
}
|
||||
@@ -1,9 +0,0 @@
|
||||
import { TwoFactorProviderType } from "../../../enums/twoFactorProviderType";
|
||||
|
||||
export class TokenTwoFactorRequest {
|
||||
constructor(
|
||||
public provider: TwoFactorProviderType = null,
|
||||
public token: string = null,
|
||||
public remember: boolean = false
|
||||
) {}
|
||||
}
|
||||
@@ -1,55 +0,0 @@
|
||||
import { DeviceRequest } from "../device.request";
|
||||
|
||||
import { TokenTwoFactorRequest } from "./token-two-factor.request";
|
||||
|
||||
export abstract class TokenRequest {
|
||||
protected device?: DeviceRequest;
|
||||
protected passwordlessAuthRequest: string;
|
||||
|
||||
constructor(protected twoFactor: TokenTwoFactorRequest, device?: DeviceRequest) {
|
||||
this.device = device != null ? device : null;
|
||||
}
|
||||
|
||||
// eslint-disable-next-line
|
||||
alterIdentityTokenHeaders(headers: Headers) {
|
||||
// Implemented in subclass if required
|
||||
}
|
||||
|
||||
setTwoFactor(twoFactor: TokenTwoFactorRequest) {
|
||||
this.twoFactor = twoFactor;
|
||||
}
|
||||
|
||||
setPasswordlessAccessCode(accessCode: string) {
|
||||
this.passwordlessAuthRequest = accessCode;
|
||||
}
|
||||
|
||||
protected toIdentityToken(clientId: string) {
|
||||
const obj: any = {
|
||||
scope: "api offline_access",
|
||||
client_id: clientId,
|
||||
};
|
||||
|
||||
if (this.device) {
|
||||
obj.deviceType = this.device.type;
|
||||
obj.deviceIdentifier = this.device.identifier;
|
||||
obj.deviceName = this.device.name;
|
||||
// no push tokens for browser apps yet
|
||||
// obj.devicePushToken = this.device.pushToken;
|
||||
}
|
||||
|
||||
//passswordless login
|
||||
if (this.passwordlessAuthRequest) {
|
||||
obj.authRequest = this.passwordlessAuthRequest;
|
||||
}
|
||||
|
||||
if (this.twoFactor) {
|
||||
if (this.twoFactor.token && this.twoFactor.provider != null) {
|
||||
obj.twoFactorToken = this.twoFactor.token;
|
||||
obj.twoFactorProvider = this.twoFactor.provider;
|
||||
obj.twoFactorRemember = this.twoFactor.remember ? "1" : "0";
|
||||
}
|
||||
}
|
||||
|
||||
return obj;
|
||||
}
|
||||
}
|
||||
@@ -1,25 +0,0 @@
|
||||
import { DeviceRequest } from "../device.request";
|
||||
|
||||
import { TokenTwoFactorRequest } from "./token-two-factor.request";
|
||||
import { TokenRequest } from "./token.request";
|
||||
|
||||
export class UserApiTokenRequest extends TokenRequest {
|
||||
constructor(
|
||||
public clientId: string,
|
||||
public clientSecret: string,
|
||||
protected twoFactor: TokenTwoFactorRequest,
|
||||
device?: DeviceRequest
|
||||
) {
|
||||
super(twoFactor, device);
|
||||
}
|
||||
|
||||
toIdentityToken() {
|
||||
const obj = super.toIdentityToken(this.clientId);
|
||||
|
||||
obj.scope = this.clientId.startsWith("organization") ? "api.organization" : "api";
|
||||
obj.grant_type = "client_credentials";
|
||||
obj.client_secret = this.clientSecret;
|
||||
|
||||
return obj;
|
||||
}
|
||||
}
|
||||
@@ -1,7 +1,6 @@
|
||||
import { PasswordRequest } from "../../auth/models/request/password.request";
|
||||
import { KdfType } from "../../enums/kdfType";
|
||||
|
||||
import { PasswordRequest } from "./password.request";
|
||||
|
||||
export class KdfRequest extends PasswordRequest {
|
||||
kdf: KdfType;
|
||||
kdfIterations: number;
|
||||
|
||||
@@ -1,7 +0,0 @@
|
||||
export class KeyConnectorUserKeyRequest {
|
||||
key: string;
|
||||
|
||||
constructor(key: string) {
|
||||
this.key = key;
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,5 @@
|
||||
import { OrganizationApiKeyType } from "../../enums/organizationApiKeyType";
|
||||
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
import { OrganizationApiKeyType } from "../../auth/enums/organization-api-key-type";
|
||||
import { SecretVerificationRequest } from "../../auth/models/request/secret-verification.request";
|
||||
|
||||
export class OrganizationApiKeyRequest extends SecretVerificationRequest {
|
||||
type: OrganizationApiKeyType = OrganizationApiKeyType.Default;
|
||||
|
||||
@@ -1,7 +0,0 @@
|
||||
import { SsoConfigApi } from "../../api/sso-config.api";
|
||||
|
||||
export class OrganizationSsoRequest {
|
||||
enabled = false;
|
||||
identifier: string;
|
||||
data: SsoConfigApi;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
export class PasswordHintRequest {
|
||||
email: string;
|
||||
|
||||
constructor(email: string) {
|
||||
this.email = email;
|
||||
}
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class PasswordRequest extends SecretVerificationRequest {
|
||||
newMasterPasswordHash: string;
|
||||
masterPasswordHint: string;
|
||||
key: string;
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
export class PasswordlessAuthRequest {
|
||||
constructor(
|
||||
readonly key: string,
|
||||
readonly masterPasswordHash: string,
|
||||
readonly deviceIdentifier: string,
|
||||
readonly requestApproved: boolean
|
||||
) {}
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
import { AuthRequestType } from "../../enums/authRequestType";
|
||||
|
||||
export class PasswordlessCreateAuthRequest {
|
||||
constructor(
|
||||
readonly email: string,
|
||||
readonly deviceIdentifier: string,
|
||||
readonly publicKey: string,
|
||||
readonly type: AuthRequestType,
|
||||
readonly accessCode: string,
|
||||
readonly fingerprintPhrase: string
|
||||
) {}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import { CaptchaProtectedRequest } from "../../auth/models/request/captcha-protected.request";
|
||||
import { KdfType } from "../../enums/kdfType";
|
||||
|
||||
import { CaptchaProtectedRequest } from "./captcha-protected.request";
|
||||
import { KeysRequest } from "./keys.request";
|
||||
import { ReferenceEventRequest } from "./reference-event.request";
|
||||
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
export class SecretVerificationRequest {
|
||||
masterPasswordHash: string;
|
||||
otp: string;
|
||||
authRequestAccessCode: string;
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
import { KdfType } from "../../enums/kdfType";
|
||||
|
||||
import { KeysRequest } from "./keys.request";
|
||||
|
||||
export class SetPasswordRequest {
|
||||
masterPasswordHash: string;
|
||||
key: string;
|
||||
masterPasswordHint: string;
|
||||
keys: KeysRequest;
|
||||
kdf: KdfType;
|
||||
kdfIterations: number;
|
||||
kdfMemory?: number;
|
||||
kdfParallelism?: number;
|
||||
orgIdentifier: string;
|
||||
|
||||
constructor(
|
||||
masterPasswordHash: string,
|
||||
key: string,
|
||||
masterPasswordHint: string,
|
||||
orgIdentifier: string,
|
||||
keys: KeysRequest,
|
||||
kdf: KdfType,
|
||||
kdfIterations: number,
|
||||
kdfMemory?: number,
|
||||
kdfParallelism?: number
|
||||
) {
|
||||
this.masterPasswordHash = masterPasswordHash;
|
||||
this.key = key;
|
||||
this.masterPasswordHint = masterPasswordHint;
|
||||
this.kdf = kdf;
|
||||
this.kdfIterations = kdfIterations;
|
||||
this.kdfMemory = kdfMemory;
|
||||
this.kdfParallelism = kdfParallelism;
|
||||
this.orgIdentifier = orgIdentifier;
|
||||
this.keys = keys;
|
||||
}
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class TwoFactorEmailRequest extends SecretVerificationRequest {
|
||||
email: string;
|
||||
deviceIdentifier: string;
|
||||
authRequestId: string;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { TwoFactorProviderType } from "../../enums/twoFactorProviderType";
|
||||
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class TwoFactorProviderRequest extends SecretVerificationRequest {
|
||||
type: TwoFactorProviderType;
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class TwoFactorRecoveryRequest extends SecretVerificationRequest {
|
||||
recoveryCode: string;
|
||||
email: string;
|
||||
}
|
||||
@@ -1,10 +0,0 @@
|
||||
export class UpdateProfileRequest {
|
||||
name: string;
|
||||
masterPasswordHint: string;
|
||||
culture = "en-US"; // deprecated
|
||||
|
||||
constructor(name: string, masterPasswordHint: string) {
|
||||
this.name = name;
|
||||
this.masterPasswordHint = masterPasswordHint ? masterPasswordHint : null;
|
||||
}
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class UpdateTwoFactorAuthenticatorRequest extends SecretVerificationRequest {
|
||||
token: string;
|
||||
key: string;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class UpdateTwoFactorDuoRequest extends SecretVerificationRequest {
|
||||
integrationKey: string;
|
||||
secretKey: string;
|
||||
host: string;
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class UpdateTwoFactorEmailRequest extends SecretVerificationRequest {
|
||||
token: string;
|
||||
email: string;
|
||||
}
|
||||
@@ -1,5 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class UpdateTwoFactorWebAuthnDeleteRequest extends SecretVerificationRequest {
|
||||
id: number;
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class UpdateTwoFactorWebAuthnRequest extends SecretVerificationRequest {
|
||||
deviceResponse: PublicKeyCredential;
|
||||
name: string;
|
||||
id: number;
|
||||
}
|
||||
@@ -1,10 +0,0 @@
|
||||
import { SecretVerificationRequest } from "./secret-verification.request";
|
||||
|
||||
export class UpdateTwoFactorYubioOtpRequest extends SecretVerificationRequest {
|
||||
key1: string;
|
||||
key2: string;
|
||||
key3: string;
|
||||
key4: string;
|
||||
key5: string;
|
||||
nfc: boolean;
|
||||
}
|
||||
Reference in New Issue
Block a user