add launchSsoBrowserWindow() to default service

libs/angular/src/services/jslib-services.module.ts

@@ -1313,7 +1313,13 @@ const safeProviders: SafeProvider[] = [
   safeProvider({
     provide: LoginService,
     useClass: DefaultLoginService,
-    deps: [],
+    deps: [
+      SsoLoginServiceAbstraction,
+      PasswordGenerationServiceAbstraction,
+      CryptoFunctionServiceAbstraction,
+      EnvironmentService,
+      PlatformUtilsServiceAbstraction,
+    ],
   }),
 ];
 

libs/auth/src/angular/login/default-login.service.ts

@@ -1,16 +1,25 @@
 import { UrlTree } from "@angular/router";
+import { firstValueFrom } from "rxjs";
 
-import { LoginService, PasswordPolicies } from "./login.service";
+import { LoginService, PasswordPolicies } from "@bitwarden/auth/angular";
+import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction";
+import { CryptoFunctionService } from "@bitwarden/common/platform/abstractions/crypto-function.service";
+import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
+import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
+import { Utils } from "@bitwarden/common/platform/misc/utils";
+import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy";
 
 export class DefaultLoginService implements LoginService {
-  async launchSsoBrowserWindow(email: string): Promise<void | null> {
-    return null;
-  }
-
-  getShowPasswordlessFlag(): boolean {
-    return null;
-  }
+  constructor(
+    protected ssoLoginService: SsoLoginServiceAbstraction,
+    // TODO-rr-bw: refactor to not use deprecated service
+    protected passwordGenerationService: PasswordGenerationServiceAbstraction,
+    protected cryptoFunctionService: CryptoFunctionService,
+    protected environmentService: EnvironmentService,
+    protected platformUtilsService: PlatformUtilsService,
+  ) {}
 
+  // Web
   setPreviousUrl(route: UrlTree): void | null {
     return null;
   }
@@ -18,4 +27,70 @@ export class DefaultLoginService implements LoginService {
   async getOrgPolicies(): Promise<PasswordPolicies | null> {
     return null;
   }
+
+  // Web/Browser
+  getShowPasswordlessFlag(): boolean {
+    return null;
+  }
+
+  // Used on Browser and overriden on Desktop
+  async launchSsoBrowserWindow(
+    email: string,
+    clientId: "browser" | "desktop",
+  ): Promise<void | null> {
+    // Save email for SSO
+    await this.ssoLoginService.setSsoEmail(email);
+
+    // Generate SSO params
+    const passwordOptions: any = {
+      type: "password",
+      length: 64,
+      uppercase: true,
+      lowercase: true,
+      numbers: true,
+      special: false,
+    };
+
+    let state = await this.passwordGenerationService.generatePassword(passwordOptions);
+    // TODO-rr-bw: verify this is correct. Pulling this from original browser login component launchSsoBrowser method
+    if (clientId === "browser") {
+      state += ":clientId=browser";
+    }
+
+    const codeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions);
+    const codeVerifierHash = await this.cryptoFunctionService.hash(codeVerifier, "sha256");
+    const codeChallenge = Utils.fromBufferToUrlB64(codeVerifierHash);
+
+    // Save SSO params
+    await this.ssoLoginService.setSsoState(state);
+    await this.ssoLoginService.setCodeVerifier(codeVerifier);
+
+    // Build URL
+    const env = await firstValueFrom(this.environmentService.environment$);
+    let url = env.getWebVaultUrl();
+    // TODO-rr-bw: verify this is correct. Pulling this from original browser login component launchSsoBrowser method
+    if (url == null) {
+      url = "https://vault.bitwarden.com";
+    }
+
+    const redirectUri =
+      clientId === "browser"
+        ? url + "/sso-connector.html" // Browser
+        : "bitwarden://sso-callback"; // Desktop
+
+    // Launch browser window with URL
+    this.platformUtilsService.launchUri(
+      url +
+        "/#/sso?clientId=" +
+        clientId +
+        "&redirectUri=" +
+        encodeURIComponent(redirectUri) +
+        "&state=" +
+        state +
+        "&codeChallenge=" +
+        codeChallenge +
+        "&email=" +
+        encodeURIComponent(email),
+    );
+  }
 }

libs/auth/src/angular/login/login.component.html

@@ -155,7 +155,7 @@
         bitButton
         block
         buttonType="secondary"
-        (click)="launchSsoBrowserWindow()"
+        (click)="launchSsoBrowserWindow('browser')"
       >
         <i class="bwi bwi-provider tw-mr-1"></i>
         {{ "useSingleSignOn" | i18n }}

libs/auth/src/angular/login/login.component.ts

@@ -279,8 +279,8 @@ export class LoginComponent implements OnInit, OnDestroy {
     }
   }
 
-  protected async launchSsoBrowserWindow(): Promise<void> {
-    await this.loginService.launchSsoBrowserWindow(this.loggedEmail);
+  protected async launchSsoBrowserWindow(clientId: "browser" | "desktop"): Promise<void> {
+    await this.loginService.launchSsoBrowserWindow(this.loggedEmail, clientId);
   }
 
   protected async goAfterLogIn(userId: UserId): Promise<void> {

libs/auth/src/angular/login/login.service.ts

@@ -10,11 +10,13 @@ export interface PasswordPolicies {
 }
 
 export abstract class LoginService {
-  // Browser/Desktop
-  launchSsoBrowserWindow: (email: string) => Promise<void>;
-
   // Web
-  getShowPasswordlessFlag: () => boolean;
   getOrgPolicies: () => Promise<PasswordPolicies | null>;
   setPreviousUrl: (route: UrlTree) => void | null;
+
+  // Web/Browser
+  getShowPasswordlessFlag: () => boolean;
+
+  // Used on Browser and overriden on Desktop
+  launchSsoBrowserWindow: (email: string, clientId: "browser" | "desktop") => Promise<void>;
 }