From f09d74b4fcc78e71e1c7191a01918ba49e79479e Mon Sep 17 00:00:00 2001 From: Rui Tome Date: Tue, 13 Dec 2022 10:53:41 +0000 Subject: [PATCH] [EC-781] Forcing the user to login to evaluate if the user's password meets the Organization password policy requirements --- .../accept-organization.component.html | 2 +- .../accounts/accept-organization.component.ts | 88 ++----------------- 2 files changed, 6 insertions(+), 84 deletions(-) diff --git a/apps/web/src/app/accounts/accept-organization.component.html b/apps/web/src/app/accounts/accept-organization.component.html index 25d90d93e0c..3aef47df22b 100644 --- a/apps/web/src/app/accounts/accept-organization.component.html +++ b/apps/web/src/app/accounts/accept-organization.component.html @@ -11,7 +11,7 @@

-
+

{{ "joinOrganization" | i18n }}

diff --git a/apps/web/src/app/accounts/accept-organization.component.ts b/apps/web/src/app/accounts/accept-organization.component.ts index be3826fe18c..ab6f7293b63 100644 --- a/apps/web/src/app/accounts/accept-organization.component.ts +++ b/apps/web/src/app/accounts/accept-organization.component.ts @@ -1,18 +1,9 @@ import { Component } from "@angular/core"; import { ActivatedRoute, Params, Router } from "@angular/router"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; -import { CryptoService } from "@bitwarden/common/abstractions/crypto.service"; import { I18nService } from "@bitwarden/common/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/abstractions/log.service"; -import { OrganizationApiServiceAbstraction } from "@bitwarden/common/abstractions/organization/organization-api.service.abstraction"; import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service"; -import { PolicyApiServiceAbstraction } from "@bitwarden/common/abstractions/policy/policy-api.service.abstraction"; -import { PolicyService } from "@bitwarden/common/abstractions/policy/policy.service.abstraction"; import { StateService } from "@bitwarden/common/abstractions/state.service"; -import { Utils } from "@bitwarden/common/misc/utils"; -import { Policy } from "@bitwarden/common/models/domain/policy"; -import { OrganizationUserAcceptRequest } from "@bitwarden/common/models/request/organization-user-accept.request"; import { BaseAcceptComponent } from "../common/base.accept.component"; @@ -30,39 +21,19 @@ export class AcceptOrganizationComponent extends BaseAcceptComponent { platformUtilsService: PlatformUtilsService, i18nService: I18nService, route: ActivatedRoute, - private apiService: ApiService, - stateService: StateService, - private cryptoService: CryptoService, - private policyApiService: PolicyApiServiceAbstraction, - private policyService: PolicyService, - private logService: LogService, - private organizationApiService: OrganizationApiServiceAbstraction + stateService: StateService ) { super(router, platformUtilsService, i18nService, route, stateService); } async authedHandler(qParams: Params): Promise { - this.actionPromise = this.prepareAcceptRequest(qParams).then(async (request) => { - await this.apiService.postOrganizationUserAccept( - qParams.organizationId, - qParams.organizationUserId, - request - ); - }); - - await this.actionPromise; - this.platformUtilService.showToast( - "success", - this.i18nService.t("inviteAccepted"), - this.i18nService.t("inviteAcceptedDesc"), - { timeout: 10000 } - ); - - await this.stateService.setOrganizationInvitation(null); - this.router.navigate(["/vault"]); + // Forcing the user to login to evaluate if the user's password meets the Organization password policy requirements + await this.stateService.setActiveUser(null); + await this.unauthedHandler(qParams); } async unauthedHandler(qParams: Params): Promise { + this.email = qParams.email; this.orgName = qParams.organizationName; if (this.orgName != null) { // Fix URL encoding of space issue with Angular @@ -70,53 +41,4 @@ export class AcceptOrganizationComponent extends BaseAcceptComponent { } await this.stateService.setOrganizationInvitation(qParams); } - - private async prepareAcceptRequest(qParams: Params): Promise { - const request = new OrganizationUserAcceptRequest(); - request.token = qParams.token; - - if (await this.performResetPasswordAutoEnroll(qParams)) { - const response = await this.organizationApiService.getKeys(qParams.organizationId); - - if (response == null) { - throw new Error(this.i18nService.t("resetPasswordOrgKeysError")); - } - - const publicKey = Utils.fromB64ToArray(response.publicKey); - - // RSA Encrypt user's encKey.key with organization public key - const encKey = await this.cryptoService.getEncKey(); - const encryptedKey = await this.cryptoService.rsaEncrypt(encKey.key, publicKey.buffer); - - // Add reset password key to accept request - request.resetPasswordKey = encryptedKey.encryptedString; - } - return request; - } - - private async performResetPasswordAutoEnroll(qParams: Params): Promise { - let policyList: Policy[] = null; - try { - const policies = await this.policyApiService.getPoliciesByToken( - qParams.organizationId, - qParams.token, - qParams.email, - qParams.organizationUserId - ); - policyList = this.policyService.mapPoliciesFromToken(policies); - } catch (e) { - this.logService.error(e); - } - - if (policyList != null) { - const result = this.policyService.getResetPasswordPolicyOptions( - policyList, - qParams.organizationId - ); - // Return true if policy enabled and auto-enroll enabled - return result[1] && result[0].autoEnrollEnabled; - } - - return false; - } }