If a user is part of an org that has the `RequireSso` policy, when that user successfully logs in we add their email to a local `ssoRequiredCache` on their device. The next time this user goes to the `/login` screen on this device, we will use that cache to determine that for this email we should only show the "Use single sign-on" button and disable the alternate login buttons.
These changes are behind the flag: `PM22110_DisableAlternateLoginMethods`
* [PM-19237] Add Archive Filter Type (#13852)
* Browser can archive and unarchive items
* Create Archive Cipher Service
* Add flag and premium permissions to Archive
---------
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Shane <smelton@bitwarden.com>
Co-authored-by: Patrick Pimentel <ppimentel@bitwarden.com>
* Use OrganizationWarningsService in AC VaultComponent
* Use OrganizationWarningsService in OrgSwitcherComponent
* Use OrganizationWarningsService in VaultFilterComponent
* Use OrganizationWarningsService in VaultComponent
* Use OrganizationWarningsService in SM OverviewComponent
* Remove TrialFlowService from unused codepaths
* Remove TrialFlowService
* Refresh free trial warning on standard payment method update
* Fix lint errors
* Fix lint errors
* Remove FF
* Fix free trial banner on deprecated ac vault component
* Add PhishingDetectionService
* Add a tab listener.
* Get the known phishing domain from the server
* Get the known phishing domain from the server
* Add phishing detection content script.
* Revert "Add phishing detection content script."
This reverts commit ce64d3435a.
* Fix conflicts
* Add build configs.
* Decouple the phishing detection content script logic from the rest of the app.
* move the call to background
* Add communication between the content script and background service.
* Update code to use Log service.
* Resolve conflict
* Add changes for phishing domain report
* Fix initializer order issue.
* Fix domain error.
* Account for no responses.
* Add exit functionality for onclick.
* Wrapped phishing detection feature behind feature flag (#13915)
* push changes for alert
* Removed browser logic for checking feature flag
* move the alert as dialog
* Add functionality to navigate back in history.
* [PM-19814] Add redirect to warning page when a phishing domain is detected.
* [PM-19814] Add the phishing warning page to the Angular popup.
* [PM-19814] Add functionality to display phishing host.
* [PM-19814] Add exit button and learn more link.
* [PM-19814] Add phishing detection feature flag.
* [PM-19814] Move phishing service to phishing directory
* [PM-19814] Add UI to display phishing URL.
* [PM-19814] Disable the URL input and populate it with the phishing URL.
* [PM-19814] Add phishing icon
* [PM-19814] Temporarily remove phishing reporting feature. It can be released separately in another ticket.
* [PM-19814] Clean up
* [PM-19814] Add types to the handlers.
* [PM-19814] Remove logic for handling authentication since the endpoint will be unauthenticated.
* [PM-19814] Fixed as many type issues as possible; added @ts-strict-ignore to the remaining ones.
* [PM-19814] Fix race condition in feature flag check.
* [PM-19814] Update wording for the marketing request.
* [PM-19814] Move phishing detection check from content script to webRequest.onCompleted listener.
* [PM-19814] Use webNavigation.onCompleted for redirect to ensure that the redirect only happens when they land on the page.
* [PM-19814] Remove unused code.
* [PM-19814] Fix merge conflict and update text based on product owner’s request
* [PM-19814] Fix merge conflict
* [PM-19814] Update text
* Resolve the message catalog entries
* Update file for consistent import and exports
* Update imports
* Update another import for BrowserPopupUtils
* Update the rest of the imports for BrowserPopupUtils
* Updates messages
* Rename files
* Current phishing block changes
* Use globalthis for chrome
* Add types file
* Update browser api to include tab navigation and close tab functions
* Update phishing detection to track multiple tabs and not trust info from content script
* Change chrome to browser.
* Fixed phishing detection checking previous url instead of current on navigation. Updated def flag for testing urls.
* Move phishing icon
* Fix chrome specific issues. Add comments to where BrowserApi should be used
* Fix command errors. Typecheck messages. Added guard for phishing detection messages
* Use concat map instead of merge map
* Unformat webfonts.scss file
* Fix lint and import errors
* Move phishing blocker files to dirt folder
* Rename background folder to services
* Add code ownership for phishing blocker
* Update text to use locales on phishing blocker learn more page
* Change navigation from using webapi to browser on updated event for safari support
* Update icon usage
* Fix type issues and add test file
* Fix linting error in test
---------
Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com>
Co-authored-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
* PM-25075 wip parking work
* remove flag from enums and add fade out
* fix tests
* remove flags from enum file after merge conflict re introduced
* remove dead code paths
* change naming back to bgUnlockPopoutOpened
* Implement bank account hosted URL verification with webhook handling notification
* [PM-25491] Create org/provider bank account warning needs to be updated
* Add importer dummy lib, add cargo deps for win/mac
* Add Chromium importer source from bitwarden/password-access
* Mod crypto is no more
* Expose some Chromium importer functions via NAPI, replace home with home_dir crate
* Add Chromium importer to the main <-> renderer IPC, export all functions from Rust
* Add password and notes fields to the imported logins
* Fix windows to use homedir instead of home
* Return success/failure results
* Import from account logins and join
* Linux v10 support
* Use mod util on Windows
* Use mod util on macOS
* Refactor to move shared code into chromium.rs
* Fix windows
* Fix Linux as well
* Linux v11 support for Chrome/Gnome, everything is async now
* Support multiple browsers on Linux v11
* Move oo7 to Linux
* Fix Windows
* Fix macOS
* Add support for Brave browser in Linux configuration
* Add support for Opera browser in Linux configuration
* Fix Edge and add Arc on macOS
* Add Opera on macOS
* Add support for Vivaldi browser in macOS configuration
* Add support for Chromium browser in macOS configuration
* Fix Edge on Windows
* Add Opera on Windows
* Add Vivaldi on windows
* Add Chromium to supported browsers on Windows
* stub out UI options for chromium direct import
* call IPC funcs from import-desktop
* add notes to chrome csv importer
* remove (csv) from import tool names and format item names as hostnames
* Add ABE/v20 encryption support
* ABE/v20 architecture description
* Add a build step to produce admin.exe and service.exe
* Add Windows v20/ABE configuration functionality to specify the full path to the admin.exe and service.exe. Use ipc.platform.chromiumImporter.configureWindowsCryptoService to configure the Chromium importer on Windows.
* rename ARCHITECTURE.md to README.md
* aligns with guidance from architecture re: in-repository documentation.
* also fixes a failing lint.
* cargo fmt
* cargo clippy fix
* Declare feature flag for using chromium importer
* Linter fix after executing npm run prettier
* Use feature flag to guard the use of the chromium importer
* Added temporary logging to further debug, why the Angular change detection isn't working as expected
* introduce importer metadata; host metadata from service; includes tests
* fix cli build
* Register autotype module in lib.rs
introduce by a bad merge
* Fix web build
* Fix issue with loaders being undefined and the feature flag turned off
* Add missing Chromium support when selecting chromecsv
* debugging
* remove chromium support from chromecsv metadata
* fix default loader selection
* [PM-24753] cargo lib file (#16090)
* Add new modules
* Fix chromium importer
* Fix compile bugs for toolchain
* remove importer folder
* remove IPC code
* undo setting change
* clippy fixes
* cargo fmt
* clippy fixes
* clippy fixes
* clippy fixes
* clippy fixes
* lint fix
* fix release build
* Add files in CODEOWNERS
* Create tools owned preload.ts
* Move chromium-importer.service under tools-ownership
* Fix typeError
When accessing the Chromium direct import options the file button is hidden, so trying to access it's values will fail
* Fix tools owned preload
* Remove dead code and redundant truncation
* Remove configureWindowsCryptoService function/methods
* Clean up cargo files
* Fix unused async
* Update apps/desktop/desktop_native/bitwarden_chromium_importer/Cargo.toml
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Fix napi deps
* fix lints
* format
* fix linux lint
* fix windows lints
* format
* fix missing `?`
* fix a different missing `?`
---------
Co-authored-by: Dmitry Yakimenko <detunized@gmail.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: ✨ Audrey ✨ <ajensen@bitwarden.com>
Co-authored-by: ✨ Audrey ✨ <audrey@audreyality.com>
Co-authored-by: adudek-bw <adudek@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* feat(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Adds in tests and feature for notifying inactive users.
* feat(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Added feature flag.
* fix(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Implemented trackedMerge.
* tests: remove feature flag use in tests
* tests: remove breadcrumbingPolicyTests and add service tests
* refactor: remove event log use of flag from org-layout component
* refactor: remove new policy code from org-layout component
* refactor: remove event log use of flag from events component
* refactor: remove event log use from collection dialog component
* refactor: remove event log use from vault-header component
* refactor: remove event-log route logic for org-reporting
* refactor: remove logic from org-settings routing
* refactor: remove breadcrumbing function and from billing service
* refactor: remove ConfigService from DI for billing service
* refactor: remove new policy code from policy-edit component
* refactor: remove new policy code from policies component
* refactor: remove feature flag
* fix(Admin Console): revert to use of reactive observables pattern
* fix(Admin Console): remove type artifact from reversion
* remove flag and instances of use
* feedback jprusik: additional removals of pageContainsShadowDomElements
* feedback jprusik: remove a stray logic branch
* Add back notifications connection on locked accounts
* Updated tests.
* Make sure web push connection service is started synchronously
* Fixed merge conflicts.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* feat(notification-processing): [PM-19877] System Notification Implementation - Minor changes to popup logic and removed content in login component.
* docs(notification-processing): [PM-19877] System Notification Implementation - Added more docs.
* docs(notification-processing): [PM-19877] System Notification Implementation - Added markdown document.
* fix(notification-processing): [PM-19877] System Notification Implementation - Updated condition for if notification is supported.
* fix(notification-processing): [PM-19877] System Notification Implementation - Updated services module with correct platform utils service.
* Adding enums for additional event logs for secrets
* updating messages
* Updating messages to be consistent for logs
* Displaying project logs, and fixing search query param searching in projects list, having deleted log for secrets and projects not show as a link
* Viewing secret and project event logs in event modal, adding to the context menu for secrets and projects the ability to view the logs if user has permission. Restricting logs to SM projs and Secs if the logged in user has event log access but not SM access.
* lint
* Lint Fixes
* fix to messages file
* fixing lint
* Bug fix, make sure event logs related to service accounts are still links that take you to the object
* removing unused import
* [NO LOGIC] Rename BillableEntity to BitwardenSubscriber
This helps us maintain paraody with server where we call this choice type ISubscriber. I chose BitwardenSubscriber to avoid overlap with RxJS
* [NO LOGIC] Move subscriber-billing.client to clients folder
* [NO LOGIC] Move organization warnings under organization folder
* Move getWarnings from OrganizationBillingApiService to new OrganizationBillingClient
I'd like us to move away from stashing so much in libs and utilizing the JsLibServicesModule when it's not necessary to do so. These are invocations used exclusively by the Web Vault and, until that changes, they should be treated as such
* Refactor OrganizationWarningsService
There was a case added to the Inactive Subscription warning for a free trial, but free trials do not represent inactive subscriptions so this was semantically incorrect. This creates another method that pulls the free trial warning and shows a dialog asking the user to subscribe if they're on one.
* Implement Tax ID Warnings throughout Admin Console and Provider Portal
* Fix linting error
* Jimmy's feedback
* Updates:
- Update simple dialog to disallow user to close the dialog on acceptance
- Split payment components to provide a "require" component that cannot be closed out of
- Add provider warning service to manage the various provider warnings
* Fix test
* Will's feedback and sync on payment method success
* [PM-22136] Update sdk cipher view map to support uknown uuid type
* [PM-22136] Add key to CipherView for copying to SdkCipherView for encryption
* [PM-22136] Add fromSdk* helpers to Cipher domain objects
* [PM-22136] Add toSdk* helpers to Cipher View objects
* [PM-22136] Add encrypt() to cipher encryption service
* [PM-22136] Add feature flag
* [PM-22136] Use new SDK encrypt method when feature flag is enabled
* [PM-22136] Filter out null/empty URIs
* [PM-22136] Change default value for cipher view arrays to []. See ADR-0014.
* [PM-22136] Keep encrypted key value on attachment so that it is passed to the SDK
* [PM-22136] Keep encrypted key value on CipherView so that it is passed to the SDK during encryption
* [PM-22136] Update failing attachment test
* [PM-22136] Update failing importer tests due to new default value for arrays
* [PM-22136] Update CipherView.fromJson to handle the prototype of EncString for the cipher key
* [PM-22136] Add tickets for followup work
* [PM-22136] Use new set_fido2_credentials SDK method instead
* [PM-22136] Fix missing prototype when decrypting Fido2Credentials
* [PM-22136] Fix test after sdk change
* [PM-22136] Update @bitwarden/sdk-internal version
* [PM-22136] Fix some strict typing errors
* [PM-23348] Migrate move cipher to org to SDK (#15567)
* [PM-23348] Add moveToOrganization method to cipher-encryption.service.ts
* [PM-23348] Use cipherEncryptionService.moveToOrganization in cipherService shareWithServer and shareManyWithServer methods
* [PM-23348] Update cipherFormService to use the shareWithServer() method instead of encrypt()
* [PM-23348] Fix typo
* [PM-23348] Add missing docs
* [PM-22136] Fix EncString import after merge with main
* add `CipherViewLike` and utilities to handle `CipherView` and `CipherViewLike`
* migrate libs needed for web vault to support `CipherViewLike`
* migrate web vault components to support
* add for CipherView. will have to be later
* fetch full CipherView for copying a password
* have only the cipher service utilize SDK migration flag
- This keeps feature flag logic away from the component
- Also cuts down on what is needed for other platforms
* strongly type CipherView for AC vault
- Probably temporary before migration of the AC vault to `CipherListView` SDK
* fix build icon tests by being more gracious with the uri structure
* migrate desktop components to CipherListViews$
* consume card from sdk
* add browser implementation for `CipherListView`
* update copy message for single copiable items
* refactor `getCipherViewLikeLogin` to `getLogin`
* refactor `getCipherViewLikeCard` to `getCard`
* add `hasFido2Credentials` helper
* add decryption failure to cipher like utils
* add todo with ticket
* fix decryption failure typing
* fix copy card messages
* fix addition of organizations and collections for `PopupCipherViewLike`
- accessors were being lost
* refactor to getters to fix re-rendering bug
* fix decryption failure helper
* fix sorting functions for `CipherViewLike`
* formatting
* add `CipherViewLikeUtils` tests
* refactor "copiable" to "copyable" to match SDK
* use `hasOldAttachments` from cipherlistview
* fix typing
* update SDK version
* add feature flag for cipher list view work
* use `CipherViewLikeUtils` for copyable values rather than referring to the cipher directly
* update restricted item type to support CipherViewLike
* add cipher support to `CipherViewLikeUtils`
* update `isCipherListView` check
* refactor CipherLike to a separate type
* refactor `getFullCipherView` into the cipher service
* add optional chaining for `uriChecksum`
* set empty array for decrypted CipherListView
* migrate nudge service to use `cipherListViews`
* update web vault to not depend on `cipherViews$`
* update popup list filters to use `CipherListView`
* fix storybook
* fix tests
* accept undefined as a MY VAULT filter value for cipher list views
* use `LoginUriView` for uri logic (#15530)
* filter out null ciphers from the `_allDecryptedCiphers$` (#15539)
* use `launchUri` to avoid any unexpected behavior in URIs - this appends `http://` when missing
Creates a new `DeviceManagementComponent` that fetches devices and formats them before handing them off to a view component for display.
View components:
- `DeviceManagementTableComponent` - displays on medium to large screens
- `DeviceManagementItemGroupComponent` - displays on small screens
Feature flag: `PM14938_BrowserExtensionLoginApproval`
* [PM-22783] Add initial feature flag and settings toggle for autotype MVP
* [PM-22783] Undo Cargo.lock changes
* [PM-22783] Disable console.log block
* [PM-22783] Lint fix
* [PM-22783] Small updates
* [PM-22783] Build fix
* [PM-22783] Use combineLatest in updating the desktop autotype service
* [PM-22783] Check if the user is on Windows
* [PM-22783] Undo access selector html change, linting keeps removing this
* [PM-22783] Fix failing test
* [PM-22783] Update autotypeEnabled to be stored in service
* [PM-22783] Add todo comments
* [PM-22783] Add SlimConfigService and MainDesktopAutotypeService
* [PM-22783] Small fixes
* Removed flag.
* Fixed tests to no longer reference flag.
* Fixed test.
* Removed duplicate test class.
* Moved files into folders for yubikey and authenticator
* Removed TwoFactorAuthEmailComponentService since it is no longer needed
* Removed export
* Fixed export
* Add new device type for DuckDuckGo browser
* Added feature support property for sync domains
* Added new features
* Added isDuckDuckGo() to CLI
* Addressed PR feedback.
* Renamed new property
* Fixed rename that missed CLI.
* add end user feature flag
* add initial setup extension component and route
* redirect users from registration completion to the setup extension page
* add `hideIcon` to anon layout for web
- matches implementation on the browser.
* integrate with anon layout for extension wrapper
* add initial loading state
* conditionally redirect the user upon initialization
* redirect the user to the vault if the extension is installed
* add initial copy for setup-extension page
* add confirmation dialog for skipping the extension installation
* add success state for setup extension page
* only show loggedin toast when end user activation is not enabled.
* add image alt
* lower threshold for polling extension
* close the dialog when linking to the vault
* update party colors
* use the platform specific registration service to to only forward the web registrations to `/setup-extension`
* call `super` rather than `/vault` directly, it could change in the future
* feat: Create methods for calling GET auth-request/pending endpoint.
* feat: update banner service on web, and desktop vault
* test: updated banner test to use auth request services
* fix: DI fixes
* feat: add RequestDeviceId to AuthRequestResponse
* fix: add Browser Approvals feature flags to desktop vault and web vault banner service
* test: fix tests for feature flag
