bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-17 08:43:33 +00:00
Code Issues Releases Wiki Activity

sso support (#127)

Browse Source 
* support for sso

* created master password boolean

* resetMasterPassword flows

* throw on bad ctor for token request
This commit is contained in:
Kyle Spearrin
2020-07-16 08:59:29 -04:00
committed by GitHub
parent f820cb9186
commit fefef546f0
11 changed files with 148 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/angular/components/lock.component.ts
View File

@@ -1,6 +1,7 @@
import { OnInit } from '@angular/core';
import { Router } from '@angular/router';
import { ApiService } from '../../abstractions/api.service';
import { CryptoService } from '../../abstractions/crypto.service';
import { EnvironmentService } from '../../abstractions/environment.service';
import { I18nService } from '../../abstractions/i18n.service';
@@ -16,6 +17,8 @@ import { ConstantsService } from '../../services/constants.service';
import { CipherString } from '../../models/domain/cipherString';
import { SymmetricCryptoKey } from '../../models/domain/symmetricCryptoKey';
import { PasswordVerificationRequest } from '../../models/request/passwordVerificationRequest';
import { Utils } from '../../misc/utils';
export class LockComponent implements OnInit {
@@ -25,6 +28,7 @@ export class LockComponent implements OnInit {
email: string;
pinLock: boolean = false;
webVaultHostname: string = '';
formPromise: Promise<any>;
protected successRoute: string = 'vault';
protected onSuccessfulSubmit: () => void;
@@ -36,7 +40,8 @@ export class LockComponent implements OnInit {
protected platformUtilsService: PlatformUtilsService, protected messagingService: MessagingService,
protected userService: UserService, protected cryptoService: CryptoService,
protected storageService: StorageService, protected vaultTimeoutService: VaultTimeoutService,
protected environmentService: EnvironmentService, protected stateService: StateService) { }
protected environmentService: EnvironmentService, protected stateService: StateService,
protected apiService: ApiService) { }
async ngOnInit() {
this.pinSet = await this.vaultTimeoutService.isPinLockSet();
@@ -98,9 +103,26 @@ export class LockComponent implements OnInit {
} else {
const key = await this.cryptoService.makeKey(this.masterPassword, this.email, kdf, kdfIterations);
const keyHash = await this.cryptoService.hashPassword(this.masterPassword, key);
const storedKeyHash = await this.cryptoService.getKeyHash();
if (storedKeyHash != null && keyHash != null && storedKeyHash === keyHash) {
let passwordValid = false;
if (keyHash != null) {
const storedKeyHash = await this.cryptoService.getKeyHash();
if (storedKeyHash != null) {
passwordValid = storedKeyHash === keyHash;
} else {
const request = new PasswordVerificationRequest();
request.masterPasswordHash = keyHash;
try {
this.formPromise = this.apiService.postAccountVerifyPassword(request);
await this.formPromise;
passwordValid = true;
await this.cryptoService.setKeyHash(keyHash);
} catch { }
}
}
if (passwordValid) {
if (this.pinSet[0]) {
const protectedPin = await this.storageService.get<string>(ConstantsService.protectedPin);
const encKey = await this.cryptoService.getEncKey(key);

6
src/angular/components/two-factor.component.ts
View File

@@ -52,12 +52,16 @@ export class TwoFactorComponent implements OnInit, OnDestroy {
}
async ngOnInit() {
if (this.authService.email == null || this.authService.masterPasswordHash == null ||
if ((!this.authService.authingWithSso() && !this.authService.authingWithPassword()) ||
this.authService.twoFactorProvidersData == null) {
this.router.navigate([this.loginRoute]);
return;
}
if (this.authService.authingWithSso()) {
this.successRoute = 'lock';
}
if (this.initU2f && this.win != null && this.u2fSupported) {
let customWebVaultUrl: string = null;
if (this.environmentService.baseUrl != null) {