bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-14 07:13:32 +00:00
Code Issues Releases Wiki Activity

[PM-8280] email forwarders (#11563)

Browse Source 
* forwarder lookup and generation support
* localize algorithm names and descriptions in the credential generator service
* add encryption support to UserStateSubject
* move generic rx utilities to common
* move icon button labels to generator configurations
This commit is contained in:
✨ Audrey ✨
2024-10-23 12:11:42 -04:00
committed by GitHub
parent e67577cc39
commit eff9a423da
45 changed files with 3403 additions and 1005 deletions
Download Patch File Download Diff File Expand all files Collapse all files

376
libs/tools/generator/components/src/credential-generator.component.ts
View File

@@ -2,11 +2,12 @@ import { Component, EventEmitter, Input, NgZone, OnDestroy, OnInit, Output } fro
import { FormBuilder } from "@angular/forms";
import {
BehaviorSubject,
concat,
catchError,
combineLatest,
combineLatestWith,
distinctUntilChanged,
filter,
map,
of,
ReplaySubject,
Subject,
switchMap,
@@ -16,25 +17,32 @@ import {
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
import { IntegrationId } from "@bitwarden/common/tools/integration";
import { UserId } from "@bitwarden/common/types/guid";
import { ToastService } from "@bitwarden/components";
import { Option } from "@bitwarden/components/src/select/option";
import {
AlgorithmInfo,
CredentialAlgorithm,
CredentialCategory,
CredentialGeneratorInfo,
CredentialGeneratorService,
GeneratedCredential,
Generators,
getForwarderConfiguration,
isEmailAlgorithm,
isForwarderIntegration,
isPasswordAlgorithm,
isSameAlgorithm,
isUsernameAlgorithm,
PasswordAlgorithm,
toCredentialGeneratorConfiguration,
} from "@bitwarden/generator-core";
/** root category that drills into username and email categories */
// constants used to identify navigation selections that are not
// generator algorithms
const IDENTIFIER = "identifier";
/** options available for the top-level navigation */
type RootNavValue = PasswordAlgorithm | typeof IDENTIFIER;
const FORWARDER = "forwarder";
const NONE_SELECTED = "none";
@Component({
selector: "tools-credential-generator",
@@ -43,6 +51,8 @@ type RootNavValue = PasswordAlgorithm | typeof IDENTIFIER;
export class CredentialGeneratorComponent implements OnInit, OnDestroy {
constructor(
private generatorService: CredentialGeneratorService,
private toastService: ToastService,
private logService: LogService,
private i18nService: I18nService,
private accountService: AccountService,
private zone: NgZone,
@@ -59,59 +69,25 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
@Output()
readonly onGenerated = new EventEmitter<GeneratedCredential>();
protected root$ = new BehaviorSubject<{ nav: RootNavValue }>({
protected root$ = new BehaviorSubject<{ nav: string }>({
nav: null,
});
/**
* Emits the copy button aria-label respective of the selected credential type
*
* FIXME: Move label and logic to `AlgorithmInfo` within the `CredentialGeneratorService`.
*/
protected credentialTypeCopyLabel$ = this.root$.pipe(
map(({ nav }) => {
if (nav === "password") {
return this.i18nService.t("copyPassword");
}
if (nav === "passphrase") {
return this.i18nService.t("copyPassphrase");
}
return this.i18nService.t("copyUsername");
}),
);
/**
* Emits the generate button aria-label respective of the selected credential type
*
* FIXME: Move label and logic to `AlgorithmInfo` within the `CredentialGeneratorService`.
*/
protected credentialTypeGenerateLabel$ = this.root$.pipe(
map(({ nav }) => {
if (nav === "password") {
return this.i18nService.t("generatePassword");
}
if (nav === "passphrase") {
return this.i18nService.t("generatePassphrase");
}
return this.i18nService.t("generateUsername");
}),
);
protected onRootChanged(nav: RootNavValue) {
protected onRootChanged(value: { nav: string }) {
// prevent subscription cycle
if (this.root$.value.nav !== nav) {
if (this.root$.value.nav !== value.nav) {
this.zone.run(() => {
this.root$.next({ nav });
this.root$.next(value);
});
}
}
protected username = this.formBuilder.group({
nav: [null as CredentialAlgorithm],
nav: [null as string],
});
protected forwarder = this.formBuilder.group({
nav: [null as string],
});
async ngOnInit() {
@@ -130,16 +106,29 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
this.generatorService
.algorithms$(["email", "username"], { userId$: this.userId$ })
.pipe(
map((algorithms) => this.toOptions(algorithms)),
map((algorithms) => {
const usernames = algorithms.filter((a) => !isForwarderIntegration(a.id));
const usernameOptions = this.toOptions(usernames);
usernameOptions.push({ value: FORWARDER, label: this.i18nService.t("forwardedEmail") });
const forwarders = algorithms.filter((a) => isForwarderIntegration(a.id));
const forwarderOptions = this.toOptions(forwarders);
forwarderOptions.unshift({ value: NONE_SELECTED, label: this.i18nService.t("select") });
return [usernameOptions, forwarderOptions] as const;
}),
takeUntil(this.destroyed),
)
.subscribe(this.usernameOptions$);
.subscribe(([usernames, forwarders]) => {
this.usernameOptions$.next(usernames);
this.forwarderOptions$.next(forwarders);
});
this.generatorService
.algorithms$("password", { userId$: this.userId$ })
.pipe(
map((algorithms) => {
const options = this.toOptions(algorithms) as Option<RootNavValue>[];
const options = this.toOptions(algorithms);
options.push({ value: IDENTIFIER, label: this.i18nService.t("username") });
return options;
}),
@@ -149,7 +138,7 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
this.algorithm$
.pipe(
map((a) => a?.descriptionKey && this.i18nService.t(a?.descriptionKey)),
map((a) => a?.description),
takeUntil(this.destroyed),
)
.subscribe((hint) => {
@@ -162,7 +151,7 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
this.algorithm$
.pipe(
map((a) => a.category),
map((a) => a?.category),
distinctUntilChanged(),
takeUntil(this.destroyed),
)
@@ -177,7 +166,22 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
// wire up the generator
this.algorithm$
.pipe(
filter((algorithm) => !!algorithm),
switchMap((algorithm) => this.typeToGenerator$(algorithm.id)),
catchError((error: unknown, generator) => {
if (typeof error === "string") {
this.toastService.showToast({
message: error,
variant: "error",
title: "",
});
} else {
this.logService.error(error);
}
// continue with origin stream
return generator;
}),
takeUntil(this.destroyed),
)
.subscribe((generated) => {
@@ -189,35 +193,116 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
});
});
// assume the last-visible generator algorithm is the user's preferred one
const preferences = await this.generatorService.preferences({ singleUserId$: this.userId$ });
// normalize cascade selections; introduce subjects to allow changes
// from user selections and changes from preference updates to
// update the template
type CascadeValue = { nav: string; algorithm?: CredentialAlgorithm };
const activeRoot$ = new Subject<CascadeValue>();
const activeIdentifier$ = new Subject<CascadeValue>();
const activeForwarder$ = new Subject<CascadeValue>();
this.root$
.pipe(
filter(({ nav }) => !!nav),
switchMap((root) => {
if (root.nav === IDENTIFIER) {
return concat(of(this.username.value), this.username.valueChanges);
map(
(root): CascadeValue =>
root.nav === IDENTIFIER
? { nav: root.nav }
: { nav: root.nav, algorithm: JSON.parse(root.nav) },
),
takeUntil(this.destroyed),
)
.subscribe(activeRoot$);
this.username.valueChanges
.pipe(
map(
(username): CascadeValue =>
username.nav === FORWARDER
? { nav: username.nav }
: { nav: username.nav, algorithm: JSON.parse(username.nav) },
),
takeUntil(this.destroyed),
)
.subscribe(activeIdentifier$);
this.forwarder.valueChanges
.pipe(
map(
(forwarder): CascadeValue =>
forwarder.nav === NONE_SELECTED
? { nav: forwarder.nav }
: { nav: forwarder.nav, algorithm: JSON.parse(forwarder.nav) },
),
takeUntil(this.destroyed),
)
.subscribe(activeForwarder$);
// update forwarder cascade visibility
combineLatest([activeRoot$, activeIdentifier$, activeForwarder$])
.pipe(
map(([root, username, forwarder]) => {
const showForwarder = !root.algorithm && !username.algorithm;
const forwarderId =
showForwarder && isForwarderIntegration(forwarder.algorithm)
? forwarder.algorithm.forwarder
: null;
return [showForwarder, forwarderId] as const;
}),
distinctUntilChanged((prev, next) => prev[0] === next[0] && prev[1] === next[1]),
takeUntil(this.destroyed),
)
.subscribe(([showForwarder, forwarderId]) => {
// update subjects within the angular zone so that the
// template bindings refresh immediately
this.zone.run(() => {
this.showForwarder$.next(showForwarder);
this.forwarderId$.next(forwarderId);
});
});
// update active algorithm
combineLatest([activeRoot$, activeIdentifier$, activeForwarder$])
.pipe(
map(([root, username, forwarder]) => {
const selection = root.algorithm ?? username.algorithm ?? forwarder.algorithm;
if (selection) {
return this.generatorService.algorithm(selection);
} else {
return of(root as { nav: PasswordAlgorithm });
return null;
}
}),
filter(({ nav }) => !!nav),
distinctUntilChanged((prev, next) => isSameAlgorithm(prev?.id, next?.id)),
takeUntil(this.destroyed),
)
.subscribe((algorithm) => {
// update subjects within the angular zone so that the
// template bindings refresh immediately
this.zone.run(() => {
this.algorithm$.next(algorithm);
});
});
// assume the last-selected generator algorithm is the user's preferred one
const preferences = await this.generatorService.preferences({ singleUserId$: this.userId$ });
this.algorithm$
.pipe(
filter((algorithm) => !!algorithm),
withLatestFrom(preferences),
takeUntil(this.destroyed),
)
.subscribe(([{ nav: algorithm }, preference]) => {
.subscribe(([algorithm, preference]) => {
function setPreference(category: CredentialCategory) {
const p = preference[category];
p.algorithm = algorithm;
p.algorithm = algorithm.id;
p.updated = new Date();
}
// `is*Algorithm` decides `algorithm`'s type, which flows into `setPreference`
if (isEmailAlgorithm(algorithm)) {
if (isEmailAlgorithm(algorithm.id)) {
setPreference("email");
} else if (isUsernameAlgorithm(algorithm)) {
} else if (isUsernameAlgorithm(algorithm.id)) {
setPreference("username");
} else if (isPasswordAlgorithm(algorithm)) {
} else if (isPasswordAlgorithm(algorithm.id)) {
setPreference("password");
} else {
return;
@@ -227,34 +312,74 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
});
// populate the form with the user's preferences to kick off interactivity
preferences.pipe(takeUntil(this.destroyed)).subscribe(({ email, username, password }) => {
// the last preference set by the user "wins"
const userNav = email.updated > username.updated ? email : username;
const rootNav: any = userNav.updated > password.updated ? IDENTIFIER : password.algorithm;
const credentialType = rootNav === IDENTIFIER ? userNav.algorithm : password.algorithm;
// update navigation; break subscription loop
this.onRootChanged(rootNav);
this.username.setValue({ nav: userNav.algorithm }, { emitEvent: false });
// load algorithm metadata
const algorithm = this.generatorService.algorithm(credentialType);
// update subjects within the angular zone so that the
// template bindings refresh immediately
this.zone.run(() => {
this.algorithm$.next(algorithm);
});
});
// generate on load unless the generator prohibits it
this.algorithm$
preferences
.pipe(
distinctUntilChanged((prev, next) => prev.id === next.id),
filter((a) => !a.onlyOnRequest),
map(({ email, username, password }) => {
const forwarderPref = isForwarderIntegration(email.algorithm) ? email : null;
const usernamePref = email.updated > username.updated ? email : username;
// inject drilldown flags
const forwarderNav = !forwarderPref
? NONE_SELECTED
: JSON.stringify(forwarderPref.algorithm);
const userNav = forwarderPref ? FORWARDER : JSON.stringify(usernamePref.algorithm);
const rootNav =
usernamePref.updated > password.updated
? IDENTIFIER
: JSON.stringify(password.algorithm);
// construct cascade metadata
const cascade = {
root: {
selection: { nav: rootNav },
active: {
nav: rootNav,
algorithm: rootNav === IDENTIFIER ? null : password.algorithm,
} as CascadeValue,
},
username: {
selection: { nav: userNav },
active: {
nav: userNav,
algorithm: forwarderPref ? null : usernamePref.algorithm,
},
},
forwarder: {
selection: { nav: forwarderNav },
active: {
nav: forwarderNav,
algorithm: forwarderPref?.algorithm,
},
},
};
return cascade;
}),
takeUntil(this.destroyed),
)
.subscribe(() => this.generate$.next());
.subscribe(({ root, username, forwarder }) => {
// update navigation; break subscription loop
this.onRootChanged(root.selection);
this.username.setValue(username.selection, { emitEvent: false });
this.forwarder.setValue(forwarder.selection, { emitEvent: false });
// update cascade visibility
activeRoot$.next(root.active);
activeIdentifier$.next(username.active);
activeForwarder$.next(forwarder.active);
});
// automatically regenerate when the algorithm switches if the algorithm
// allows it; otherwise set a placeholder
this.algorithm$.pipe(takeUntil(this.destroyed)).subscribe((a) => {
this.zone.run(() => {
if (!a || a.onlyOnRequest) {
this.value$.next("-");
} else {
this.generate$.next();
}
});
});
}
private typeToGenerator$(type: CredentialAlgorithm) {
@@ -278,20 +403,61 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
case "passphrase":
return this.generatorService.generate$(Generators.passphrase, dependencies);
default:
throw new Error(`Invalid generator type: "${type}"`);
}
if (isForwarderIntegration(type)) {
const forwarder = getForwarderConfiguration(type.forwarder);
const configuration = toCredentialGeneratorConfiguration(forwarder);
const generator = this.generatorService.generate$(configuration, dependencies);
return generator;
}
throw new Error(`Invalid generator type: "${type}"`);
}
/** Lists the credential types of the username algorithm box. */
protected usernameOptions$ = new BehaviorSubject<Option<CredentialAlgorithm>[]>([]);
/** Lists the top-level credential types supported by the component.
* @remarks This is string-typed because angular doesn't support
* structural equality for objects, which prevents `CredentialAlgorithm`
* from being selectable within a dropdown when its value contains a
* `ForwarderIntegration`.
*/
protected rootOptions$ = new BehaviorSubject<Option<string>[]>([]);
/** Lists the top-level credential types supported by the component. */
protected rootOptions$ = new BehaviorSubject<Option<RootNavValue>[]>([]);
/** Lists the credential types of the username algorithm box. */
protected usernameOptions$ = new BehaviorSubject<Option<string>[]>([]);
/** Lists the credential types of the username algorithm box. */
protected forwarderOptions$ = new BehaviorSubject<Option<string>[]>([]);
/** Tracks the currently selected forwarder. */
protected forwarderId$ = new BehaviorSubject<IntegrationId>(null);
/** Tracks forwarder control visibility */
protected showForwarder$ = new BehaviorSubject<boolean>(false);
/** tracks the currently selected credential type */
protected algorithm$ = new ReplaySubject<CredentialGeneratorInfo>(1);
protected algorithm$ = new ReplaySubject<AlgorithmInfo>(1);
protected showAlgorithm$ = this.algorithm$.pipe(
combineLatestWith(this.showForwarder$),
map(([algorithm, showForwarder]) => (showForwarder ? null : algorithm)),
);
/**
* Emits the copy button aria-label respective of the selected credential type
*/
protected credentialTypeCopyLabel$ = this.algorithm$.pipe(
filter((algorithm) => !!algorithm),
map(({ copy }) => copy),
);
/**
* Emits the generate button aria-label respective of the selected credential type
*/
protected credentialTypeGenerateLabel$ = this.algorithm$.pipe(
filter((algorithm) => !!algorithm),
map(({ copy }) => copy),
);
/** Emits hint key for the currently selected credential type */
protected credentialTypeHint$ = new ReplaySubject<string>(1);
@@ -308,10 +474,10 @@ export class CredentialGeneratorComponent implements OnInit, OnDestroy {
/** Emits when a new credential is requested */
protected readonly generate$ = new Subject<void>();
private toOptions(algorithms: CredentialGeneratorInfo[]) {
const options: Option<CredentialAlgorithm>[] = algorithms.map((algorithm) => ({
value: algorithm.id,
label: this.i18nService.t(algorithm.nameKey),
private toOptions(algorithms: AlgorithmInfo[]) {
const options: Option<string>[] = algorithms.map((algorithm) => ({
value: JSON.stringify(algorithm.id),
label: algorithm.name,
}));
return options;