* [PM-18707] Use different BroadcasterSubscriptionId in base view component to avoid collision with desktop view component
* [PM-18707] Use userId instead of payloadUserId for cipher notification syncs
* [PM-19032] Live Sync on Desktop (#13851)
* migrate the vault-items to an observables rather than async/promises
- this helps keep data in sync with the service state and avoids race conditions
* migrate the view component to an observables rather than async/promises
- this helps keep data in sync with the service state and avoids race conditions
* decrypt saved cipher from server
* bump timeout for upserting ciphers
* mark `go` as async in desktop vault
- previously it was a floating promise
* Revert "mark `go` as async in desktop vault"
This reverts commit fd28f40b18.
* Revert "bump timeout for upserting ciphers"
This reverts commit e963acc377.
* move vault utilities to `common` rather than `lib` to avoid circular dependencies
* use `perUserCache$` for `cipherViews$` to avoid new subscriptions from being created
* use userId from observable rather than locally set to be the most up to date
* [PM-18707] Add clearBuffer$ input to perUserCache$ helper so that the internal share replay buffers can be cleared
* [PM-18707] Rework forceCipherViews$ to clearBuffer$ refactor
- Add dependency for cipherDecryptionKeys$ for the cipherViews so that decryption is never attempted without keys
* [PM-18707] Add overload to perUserCache to satisfy type checker
* [PM-18707] Fix overloads
* [PM-18707] Add check for empty failed to decrypt ciphers
* [PM-18707] Mark vault component for check after observable emits.
The cipherViews$ observable now persists between subscriptions, meaning that updates via the sync push notifications can occur outside the AngularZone causing delays in updating the view.
---------
Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
Co-authored-by: Nick Krantz <nick@livefront.com>
* include tasks with notification cipher data
* send security task information with update success message for notification
* mark completed cipher updates with tasks as complete
* refactor notification confirmation components and add stories
* add keyhole icon
* add conditional footer button to notification confirmation component
* add external link icon
* add external link icon to action button
* add notification confirmation footer story
* use keyhole icon if there are no additional security tasks to complete
* add new message catalog entries to chrome.i18n
* reimplement sending security task information with update success message for notification
* open tasks in extension from confirmation notification button
* update vault message key and dismiss all security tasks for a given cipher upon password update
* resolve changes against updated main branch basis
* put task fetching behind feature flag and update tests
* cleanup
* more cleanup
* Added fork name to tag
* Added logging.
* Added pull_request_target
* Added repository name if on fork.
* Limited characters
* Added sanitization
* Moved to env var for extra security.
Fix issue where modal was not displayed when clicking Manage option for 2FA on Organizations. This adds the OrganizationDuo case to the dialogTitle method to properly handle this provider type.
PM-20180
* PM-19913: Added max length to the generated_for and description peroperties in the FirefoxRelay API payload
* [PM-19913] Added maxLength restriction to the website and generatedBy methods. Added maxLength limit of 200 to the description of addy.io
* fix(PM-18888) : Create more strict checking of redirectURL to protect against open redirect attacks using regex.
* fix : modify comments and check for embedded credentials.
* feat : add testability to duo-redirect connector
* fix : fixing strict typing; Removed styling from duo-redirect.ts which allows us to test without adding additional files and configurations for jest.
* fix : remove duo-redirect.scss
Replace the FallbackRequestedError rejection pattern with direct
AbortController.abort() calls when destroying the Messenger. This
eliminates misleading console errors and ensures correct cancellation
behavior.
The FallbackRequestedError is intended specifically for user-requested
WebAuthn fallbacks, not general message cleanup operations.
Fixes GitHub issue #12663
* Moved saving of SSO email outside of browser/desktop code
* Clarified comments.
* Tests
* Refactored login component services to manage state
* Fixed input on login component
* Fixed tests
* Linting
* Moved web setting in state into web override
* updated tests
* Fixed typing.
* Fixed type safety issues.
* Added comments and renamed for clarity.
* Removed method parameters that weren't used
* Added clarifying comments
* Added more comments.
* Removed test that is not necessary on base
* Test cleanup
* More comments.
* Linting
* Fixed test.
* Fixed base URL
* Fixed typechecking.
* Type checking
* Moved setting of email state to default service
* Added comments.
* Consolidated SSO URL formatting
* Updated comment
* Fixed reference.
* Fixed missing parameter.
* Initialized service.
* Added comments
* Added initialization of new service
* Made email optional due to CLI.
* Fixed comment on handleSsoClick.
* Added SSO email persistence to v1 component.
* Updated login email service.
* Updated setting of remember me
* Removed unnecessary input checking and rearranged functions
* Fixed name
* Added handling of Remember Email to old component for passkey click
* Updated v1 component to persist the email on Continue click
* Fix merge conflicts.
* Merge conflicts in login component.
* Persisted login email on v1 browser component.
* Merge conflicts
* fix(snap) [PM-17464][PM-17463][PM-15587] Allow Snap to use custom callback protocol
* Removed Snap from custom protocol workaround
* Fixed tests.
* Updated case numbers on test
* Resolved PR feedback.
* PM-11502 - LoginEmailSvcAbstraction - mark methods as abstract to satisfy strict ts.
* Removed test
* Changed to persist on leaving fields instead of button click.
* Fixed type checking.
---------
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
- Remove Bootstrap styles from two-factor-setup component and replace with Tailwind equivalents
- Convert two factor components to standalone components to move away from LooseComponents
- Replace ul/li list with bit-item-group and bit-item components
- Integrate with the bit design system
---------
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
* Add setupBusinessUnit to OrganizationBillingApiService
* Add setup-business-unit.component
* Updated designs and cleanup work
* Update existing logos for Provider Portal and Admin Console
* Fix broken test
* PM-17187 Autofill new card information in the popout
* Add new identity autofill to browser extension
* Add ability to save values from autoselect fields
* Add ssoExternalId to OrganizationUserAdminView and OrganizationUserDetailsResponse
- Updated OrganizationUserAdminView to include ssoExternalId property.
- Enhanced OrganizationUserDetailsResponse constructor to initialize ssoExternalId from response data.
* Add SSO External ID copy to messages.json
* Implement SSO External ID field in member dialog
- Added a new input field for ssoExternalId in the member dialog component.
- Introduced visibility logic for both externalId and ssoExternalId based on feature flags.
- Updated form control initialization to include ssoExternalId.
This PR
- Moves the `compareInputs` validator to `libs/auth` (with some minor updates to the validator)
- Adds unit tests for `compareInputs`
- Removes the deprecated input validators from `InputsFieldMatch` along with the `inputs-field-match.validator.ts` file
* feat: add foreground ipc service
* refactor: create abstract ipc service in libs
* wip: remove IPC service complexity
The code was making some wrong assumptions about how IPC is going to work. I'm removing everything and starting the content-script instead
* feat: working message sending from page to background
* refactor: move into common
* feat: somewhat complete web <-> browser link
* wip: ping command from web
* fix: import path
* fix: wip urls
* wip: add console log
* feat: successfull message sending (not receiving)
* feat: implement IPC using new refactored framework
* wip: add some console logs
* wip: almost working ping/pong
* feat: working ping/pong
* chore: clean-up ping/pong and some console logs
* chore: remove unused file
* fix: override lint rule
* chore: remove unused ping message
* feat: add tests for message queue
* fix: adapt to name changes and modifications to SDK branch
* fix: missing import
* fix: remove content script from manifest
The feature is not ready for prodution code yet. We will add dynamic injection with feature-flag support in a follow-up PR
* fix: remove fileless lp
* fix: make same changes to manifest v2
* fix: initialization functions
Add missing error handling, wait for the SDK to load and properly depend on the log service
* feat: use named id field
* chore: update sdk version to include IPC changes
* fix: remove messages$ buffer
* fix: forgot to commit package-lock
* feat: add additional destination check
* feat: only import type in ipc-message
* fix: typing issues
* feat: check message origin
* Remove AES128CBC-HMAC encryption
* Increase test coverage
* Refactor symmetric keys and increase test coverage
* Re-add type 0 encryption
* Fix ts strict warning
* Re-add support for encrypt hmac-less aes
* Add comment about inner()
* Update comment
* Deduplicate encryption type check
* Undo test changes
* Lift out encryption type check to before splitting by encryption type
* Change null to undefined
* Fix test
