* feat: add tests for guidToRawFormat
* feat: add support for parsing b64 credential ids
* refactor: change interface to use Uint8Array for simplification
Technically this deviates from the specification, but nobody is going to be using the authenticator directly but us so it shouldn't matter. We're gonna switch to `passkey-rs` anyways so
* feat: change how the authenticator parses credential ids to support b64
* feat: update sdk service abstraction with documentation and new `userClient$` function
* feat: add uninitialized user client with cache
* feat: initialize user crypto
* feat: initialize org keys
* fix: org crypto not initializing properly
* feat: avoid creating clients unnecessarily
* chore: remove dev print/subscription
* fix: clean up cache
* chore: update sdk version
* feat: implement clean-up logic (#11504)
* chore: bump sdk version to fix build issues
* chore: bump sdk version to fix build issues
* fix: missing constructor parameters
* refactor: simplify free() and delete() calls
* refactor: use a named function for client creation
* fix: client never freeing after refactor
* fix: broken impl and race condition in tests
* feat: add sdk override to desktop build
* feat: add SDK version to browser about dialog
* feat: add sdk override to browser build
* fix: `npm ci` overriding the override
* fix: artifacts not properly downloaded
* fix: switch to new repository
* feat: add debug version function to web
* feat: add sdk-version to CLI
* feat: add version to desktop
* feat: add override to cli
* feat: add override to web
* fix: cli version acting as default command
* fix: consistent workflow input name
* feat: add error handling
* feat: upgrade sdk-internal
* fix: forgot to update package lock
* fix: broken CI build
move sdk version to a regular command
* chore: revert version changes
* refactor: move error handling code
* chore: bump SDK to 0.2.0.main-1
* fix: clean up references to inputs.sdk_commit
* refactor: rename `init` to `applyVersionToWindow`
The original implementation of bufferSourceToUint8Array was incorrect as
it did not consider that TypedArray instances represent a view of the
underlying ArrayBuffer which does not necessarily cover the entire
backing ArrayBuffer. This resulted in the output of this function
containing data which would not be logically contained in the input.
This was partially fixed by #8787 for the common case of the input
already being an Uint8Array, but it was still broken for any other
TypedArrays. But #8222 introduced another copy of the original broken
code, breaking the Uint8Array case again.
Fix this once and hopefully for the last time with a correct
implementation of bufferSourceToUint8Array and using that in the
appropriate places instead of open-coding it. In addition there are now
tests which exercise most edge cases with regards to ArrayBuffer and
TypedArrays.
* Add server settings model and service.
* Inject ServerSettingsService into the login-secondary-content component.
* Fix merge conflict
* Add server settings to old views
* Remove server settings from desktop/mobile
* Cleanup unused code
* Remove changes to default config
* Conditionally show/hide HR element
* Add tests
* PM-5237 - Move ServerSettingsService to jslib-services.module so it is the same across all clients and to solve NullInjectorErrors on desktop & browser extension
* Remove change to v1 components
* Rename ServerSettingsService to DefaultServerSettingsService
* Remove unnecessary map call
* Remove server interface in favor of using ServerSettings class
* Add back HR element
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* update extension autofill concerns to use theme object and type over enum
* mark ThemeType enum as deprecated
* update theming service concerns to use theme object and type over enum
* feat: update sdk service abstraction with documentation and new `userClient$` function
* feat: add uninitialized user client with cache
* feat: initialize user crypto
* feat: initialize org keys
* fix: org crypto not initializing properly
* feat: avoid creating clients unnecessarily
* chore: remove dev print/subscription
* fix: clean up cache
* chore: update sdk version
* feat: implement clean-up logic (#11504)
* chore: bump sdk version to fix build issues
* chore: bump sdk version to fix build issues
* fix: missing constructor parameters
* refactor: simplify free() and delete() calls
* refactor: use a named function for client creation
* fix: client never freeing after refactor
* fix: broken impl and race condition in tests
Follow up PR to #10974, flips the compile time flags to enabled and includes some debug logic to detect if users encounter issues with the WASM bundle in preparation for active consumption of the SDK.
* PM-13114 - WebEnvSvc - use hostname vs domain check for init and setEnv (tests TODO)
* PM-13114 - WebEnvSvc + URLs webpack config - use expected string variable on process.env.URLS to ensure tests can properly mock the WebEnvSvc
* PM-13114 - WebEnvSvc - setEnvironment - fix issue with returning currentRegion urls instead of currentEnv urls.
* PM-13114 - WebEnvSvc - setEnv - refactor names to improve clarity.
* PM-13114 - WebEnvSvc spec file - Test all prod scenarios
* PM-13144 - Work with Justin to move process.env.Urls access into injection token and remove webpack string type conversion.
* PM-13114 - WIP on getting additionalRegionConfigs injected via injection token to default env service.
* PM-13114 - Update all background inits to pass process.env.ADDITIONAL_REGIONS as unknown as RegionConfig[] to env service.
* PM-13114 - WebEnvSvc - adjust order of constructor deps
* PM-13114 - WebEnvSvc - add WebRegionConfig to extend RegionConfig type and be accurate for what the WebEnvSvc uses.
* PM-13114 - WebEnvSvc Tests - US QA tested
* PM-13114 - WebEnvSvc tests - refactor QA naming to make it more clear.
* PM-13114 - WebEnvSvc - test QA EU
* PM-13114 - WebEnvSvc - remove promise resolve per PR feedback.
* Move ownership of biometrics to key-management
* Move biometrics ipc ownership to km
* Move further files to km; split off preload / ipc to km
* Fix linting
* Fix linting
* Fix tests
* Fix tests
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Change ownership of native messaging to key-management
* Move biometrics to libs/key-management
* Add README to capital whitelist
* Update package-lock.json
* Move km to key-management
* Move km to key-management
* Fix build for cli
* Import fixes
* Apply prettier fix
* Fix test
* Import fixes
* Import fixes
* Update libs/key-management/README.md
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update libs/key-management/package.json
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update lock file
* Change imports to top level km package
---------
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Specify enc string decryption key and service.
* Fix issue with identifying `this` type within extended classes
* Folder decryption example
* Test enc string changes
* Fix test name
* test decrypt with key
* remove nord and solarized dark from AppearanceV2 component
- This component already behind the extension refresh feature flag
* update the users theme to system when nord or solarized dark is selected
* For desktop, still allow all theme types by overriding the default theme service.
* change theme on the fly rather than updating local state.
- When the feature flag is removed then a migration will have to take place
* Reduce syncs when signing in with passkeys
* PM-7673: Reduce syncs when creating a passkey (#10824)
* Reduce to syncs when creating a passkey
* Mocked rxjs stream
If the BufferSource is already an Uint8Array which is a view of a subset of the underlying ArrayBuffer then accessing .buffer caused the whole backing buffer to be returned. Fix this by just returning the original Uint8Array as-is.
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Refactor `POPUP_VIEW_MEMORY` to use `disk` rather than memory for the browser extension.
- When FireFox opens the popup in an standalone window memory is lost, thus causing the `popup-route-history` to be lost and back navigation ceases to work
* spelling
* revert state definition change
* add `onUpdated` event for firefox
* rework observable handling
* remove unneeded `from`
* PM-10684 - ServiceContainer - Add better docs
* PM-10684 - UserAutoUnlockKeyService - setUserKeyInMemoryIfAutoUserKeySet - refactor method to return a bool instead of nothing so users can know if a user key was retrieved & set without another call.
* PM-10684 - Remove async code ( Program.ts) responsible for setting the auto user key from the session option handler (event emitter which fires when a user passes --session <sessionKey> to a command). Returning this to synchronous execution prevents a race condition between the setting of the user key and the command executing the exitIfLocked logic in the base-program which would check if the user key had been set to determine if the command should be allowed to execute or if the user was locked. When running a loop from a script, the command would often trigger the exitIfLocked before the auto user key could be set in state from the option:session session.
* PM-10684 - Clean up missed item per PR feedback
* [PM-11419] Login items do not display after adding passkey
* [PM-11419] Login items do not display after adding passkey
* [PM-11419] Incorporating fixes for deleting a cipher from the inline menu as well as authenticating using passkeys
* [PM-11419] Fixing an issue where master password reprompt is ignored for a set passkey cipher
* [PM-11419] Fixing an issue where saving a passkey does not trigger a clearing of cached cipher values
* [PM-11419] Refactoring implementation
* [PM-11419] Ensuring that passkeys must be enabled in order for ciphers to appear
* [PM-11419] Adding an abort event from the active request manager
* [PM-11419] Adding an abort event from the active request manager
* [PM-11419] Working through jest tests within implementation
* [PM-11419] Fixing jest tests within Fido2ClientService and Fido2AuthenticatorService
* [PM-11419] Adding jest tests for added logic within OverlayBackground
* [PM-11419] Adding jest tests for added logic within OverlayBackground
* [PM-11419] Reworking how we handle assuming user presence when master password reprompt is required
* [PM-11419] Reworking how we handle assuming user presence when master password reprompt is required
* [PM-11419] Reworking how we handle assuming user presence when master password reprompt is required
* [PM-11419] Refactoring implementation
* [PM-11419] Incorporating suggestion for reporting failed passkey authentication from the inline menu
* [PM-11419] Reworking positioning of the abort controller that informs the background script of an error
* [PM-11419] Scoping down the behavior surrounding master password reprompt a bit more tightly
* [PM-11419] Reworking how we handle reacting to active fido2 requests to avoid ambiguity
* [PM-11419] Reworking how we handle reacting to active fido2 requests to avoid ambiguity
* [PM-11419] Adjusting implementation to ensure we clear any active requests when the passkeys setting is modified
* Create unavailable message for biometrics when in clamshell mode
* Move browser biometrics
* Inject nativemessagingbackground instead of using constructor
* Fix linting
* Fix build on browser
* Require userId for setting masterKeyEncryptedUserKey
* Replace folders for specified user
* Require userId for collection replace
* Cipher Replace requires userId
* Require UserId to update equivalent domains
* Require userId for policy replace
* sync state updates between fake state for better testing
* Revert to public observable tests
Since they now sync, we can test single-user updates impacting active user observables
* Do not init fake states through sync
Do not sync initial null values, that might wipe out already existing data.
* Require userId for Send replace
* Include userId for organization replace
* Require userId for billing sync data
* Require user Id for key connector sync data
* Allow decode of token by userId
* Require userId for synced key connector updates
* Add userId to policy setting during organization invite accept
* Fix cli
* Handle null userId
---------
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
* [PM-11170] Inline menu should not show incomplete login items along with passkeys
* [PM-11170] Inline menu should not show incomplete login items along with passkeys
* [PM-11170] Incorporating a fix for ciphers not being updated within the inline menu on user actions
* [PM-11170] Ensuring that conditional mediated auth does not trigger the authenticator
* [PM-11170] Adding a jest test to verify conditional mediated UI calls do not trigger the authenticator
* [PM-11170] Adding a jest test to verify conditional mediated UI calls do not trigger the authenticator
* [PM-11170] Reworking implementation to have the BrowserFido2UserInterfaceService trigger the expected behavior for the conditional mediated auth
* [PM-11170] Reworking implementation to have the BrowserFido2UserInterfaceService trigger the expected behavior for the conditional mediated auth
* [PM-11170] Following up on feedback provided during code review, reworking inline menu bypass of the fido2 authenticator to function based on assumeUserPresence param when triggering from the inline menu
* [PM-11170] Following up on feedback provided during code review, reworking inline menu bypass of the fido2 authenticator to function based on assumeUserPresence param when triggering from the inline menu
* [PM-11170] Following up on feedback provided during code review, reworking inline menu bypass of the fido2 authenticator to function based on assumeUserPresence param when triggering from the inline menu
