* feat(notification-processing): [PM-19877] System Notification Implementation - Implemented the full feature set for device approval from extension.
* test(notification-processing): [PM-19877] System Notification Implementation - Updated tests.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* added master password unlock and decryption option fields into identity token connect response
* incorrect master password unlock response parsing
* use sdk
* use sdk
* better type checking on response parsing
* not using sdk
* revert of bad merge conflicts
* revert of bad merge conflicts
* master password unlock setter in state
* unit test coverage for responses processing
* master password unlock in identity user decryption options
* unit test coverage
* unit test coverage
* unit test coverage
* unit test coverage
* lint error
* set master password unlock data in state on identity response and sync response
* revert change in auth's user decryption options
* remove unnecessary cast
* better docs
* change to relative imports
* MasterPasswordUnlockData serialization issue
* explicit undefined type for `syncUserDecryption`
* incorrect identity token response tests
* Passed in userId on RemovePasswordComponent.
* Added userId on other references to KeyConnectorService methods
* remove password component refactor, test coverage, enabled strict
* explicit user id provided to key connector service
* redirect to / instead when user not logged in or not managing organization
* key connector service explicit user id
* key connector service no longer requires account service
* key connector service missing null type
* cli convert to key connector unit tests
* remove unnecessary SyncService
* error toast not showing on ErrorResponse
* bad import due to merge conflict
* bad import due to merge conflict
* missing loading in remove password component for browser extension
* error handling in remove password component
* organization observable race condition in key-connector
* usesKeyConnector always returns boolean
* unit test coverage
* key connector reactive
* reactive key connector service
* introducing convertAccountRequired$
* cli build fix
* moving message sending side effect to sync
* key connector service unit tests
* fix unit tests
* move key connector components to KM team ownership
* new unit tests in wrong place
* key connector domain shown in remove password component
* type safety improvements
* convert to key connector command localization
* key connector domain in convert to key connector command
* convert to key connector command unit tests with prompt assert
* organization name placement change in the remove password component
* unit test update
* show key connector domain for new sso users
* confirm key connector domain page does not require auth guard
* confirm key connector domain page showing correctly
* key connector url required to be provided when migrating user
* missing locales
* desktop styling
* have to sync and navigate to vault after key connector keys exchange
* logging verbosity
* splitting the web client
* splitting the browser client
* cleanup
* splitting the desktop client
* cleanup
* cleanup
* not necessary if condition
* key connector domain tests fix for sso componrnt and login strategy
* confirm key connector domain base component unit tests coverage
* confirm key connector domain command for cli
* confirm key connector domain command for cli unit tests
* design adjustments
removed repeated text, vertical buttons on desktop, wrong paddings on browser extension
* key connector service unit test coverage
* new linting rules fixes
* accept invitation to organization called twice results in error.
Web vault remembers it's original route destination, which we do not want in case of accepting invitation and Key Connector, since provisioning new user through SSO and Key Connector, the user is already accepted.
* moved required key connector domain confirmation into state
* revert redirect from auth guard
* cleanup
* sso-login.strategy unit test failing
* two-factor-auth.component unit test failing
* two-factor-auth.component unit test coverage
* cli unit test failing
* removal of redundant logs
* removal of un-necessary new lines
* consolidated component
* consolidated component css cleanup
* use KdfConfig type
* consolidate KDF into KdfConfig type in identity token response
* moving KC requiresDomainConfirmation lower in order, after successful auth
* simplification of trySetUserKeyWithMasterKey
* redirect to confirm key connector route when locked but can't unlock yet
---------
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Adds `shouldUpdate()` checks to frequently updated disk state in the Auth domain, specifically:
- `account_verifyNewDeviceLogin`
- `token_accessToken`
- `token_refreshToken`
- `masterPassword_masterKeyHash`
This ensures that the state only updates if the new value is different from the previous value, thus avoiding unnecessary updates.
* Move pin service to km ownership
* Run format
* Eslint
* Fix tsconfig
* Fix imports and test
* Clean up imports
* Remove unused dependency on PinService
* Fix comments
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Introduce ActiveUserAccessor
* Use ActiveUserAccessor over AccountService
* Updates tests and testing utils to support ActiveUserAccessor
* Update all injection points
* Fix types test
* Use ternary instead
Migrates the abstract classes in libs/common to be strict ts compatible. Primarily by adding abstract to every field and converting it to a function syntax instead of lambda.
Creates a new `DeviceManagementComponent` that fetches devices and formats them before handing them off to a view component for display.
View components:
- `DeviceManagementTableComponent` - displays on medium to large screens
- `DeviceManagementItemGroupComponent` - displays on small screens
Feature flag: `PM14938_BrowserExtensionLoginApproval`
* feat(change-password-component): Change Password Update [18720] - Very close to complete.
* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Removed temp code to force the state I need to verify correctness.
* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Recover account working with change password component.
* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Made code more dry.
* fix(change-password-component): Change Password Update [18720] - Updates to routing and the extension. Extension is still a wip.
* fix(change-password-component): Change Password Update [18720] - Extension routing changes.
* feat(change-password-component): Change Password Update [18720] - More extension work
* feat(change-password-component): Change Password Update [18720] - Pausing work for now while we wait for product to hear back.
* feat(change-password-component): Change Password Update [18720] - Removed duplicated anon layouts.
* feat(change-password-component): Change Password Update [18720] - Tidied up code.
* feat(change-password-component): Change Password Update [18720] - Small fixes to the styling
* feat(change-password-component): Change Password Update [18720] - Adding more content for the routing.
* feat(change-password-component): Change Password Update [18720] - Removed circular loop for now.
* feat(change-password-component): Change Password Update [18720] - Made comments regarding the change password routing complexities with change-password and auth guard.
* feat(change-password-component): Change Password Update [18720] - Undid some changes because they will be conflicts later on.
* feat(change-password-component): Change Password Update [18720] - Small directive change.
* feat(change-password-component): Change Password Update [18720] - Small changes and added some clarification on where I'm blocked
* feat(change-password-component): Change Password Update [18720] - Org invite is seemingly working, found one bug to iron out.
* refactor(change-password-component): Change Password Update [18720] - Fixed up policy service to be made more clear.
* docs(change-password-component): Change Password Update [18720] - Updated documentation.
* refactor(change-password-component): Change Password Update [18720] - Routing changes and policy service changes.
* fix(change-password-component): Change Password Update [18720] - Wrapping up changes.
* feat(change-password-component): Change Password Update [18720] - Should be working fully
* feat(change-password-component): Change Password Update [18720] - Found a bug, working on password policy being present on login.
* feat(change-password-component): Change Password Update [18720] - Turned on auth guard on other clients for change-password route.
* feat(change-password-component): Change Password Update [18720] - Committing intermediate changes.
* feat(change-password-component): Change Password Update [18720] - The master password policy endpoint has been added! Should be working. Testing now.
* feat(change-password-component): Change Password Update [18720] - Minor fixes.
* feat(change-password-component): Change Password Update [18720] - Undid naming change.
* feat(change-password-component): Change Password Update [18720] - Removed comment.
* feat(change-password-component): Change Password Update [18720] - Removed unneeded code.
* fix(change-password-component): Change Password Update [18720] - Took org invite state out of service and made it accessible.
* fix(change-password-component): Change Password Update [18720] - Small changes.
* fix(change-password-component): Change Password Update [18720] - Split up org invite service into client specific implementations and have them injected into clients properly
* feat(change-password-component): Change Password Update [18720] - Stopping work and going to switch to a new branch to pare down some of the solutions that were made to get this over the finish line
* feat(change-password-component): Change Password Update [18720] - Started to remove functionality in the login.component and the password login strategy.
* feat(change-password-component): Change Password Update [18720] - Removed more unneded changes.
* feat(change-password-component): Change Password Update [18720] - Change password clearing state working properly.
* fix(change-password-component): Change Password Update [18720] - Added docs and moved web implementation.
* comments(change-password-component): Change Password Update [18720] - Added more notes.
* test(change-password-component): Change Password Update [18720] - Added in tests for policy service.
* comment(change-password-component): Change Password Update [18720] - Updated doc with correct ticket number.
* comment(change-password-component): Change Password Update [18720] - Fixed doc.
* test(change-password-component): Change Password Update [18720] - Fixed tests.
* test(change-password-component): Change Password Update [18720] - Fixed linting errors. Have more tests to fix.
* test(change-password-component): Change Password Update [18720] - Added back in ignore for typesafety.
* fix(change-password-component): Change Password Update [18720] - Fixed other type issues.
* test(change-password-component): Change Password Update [18720] - Fixed tests.
* test(change-password-component): Change Password Update [18720] - Fixed more tests.
* test(change-password-component): Change Password Update [18720] - Fixed tiny duplicate code.
* fix(change-password-component): Change Password Update [18720] - Fixed desktop component.
* fix(change-password-component): Change Password Update [18720] - Removed unused code
* fix(change-password-component): Change Password Update [18720] - Fixed locales.
* fix(change-password-component): Change Password Update [18720] - Removed tracing.
* fix(change-password-component): Change Password Update [18720] - Removed duplicative services module entry.
* fix(change-password-component): Change Password Update [18720] - Added comment.
* fix(change-password-component): Change Password Update [18720] - Fixed unneeded call in two factor to get user id.
* fix(change-password-component): Change Password Update [18720] - Fixed a couple of tiny things.
* fix(change-password-component): Change Password Update [18720] - Added comment for later fix.
* fix(change-password-component): Change Password Update [18720] - Fixed linting error.
* PM-18720 - AuthGuard - move call to get isChangePasswordFlagOn down after other conditions for efficiency.
* PM-18720 - PasswordLoginStrategy tests - test new feature flagged combine org invite policies logic for weak password evaluation.
* PM-18720 - CLI - fix dep issue
* PM-18720 - ChangePasswordComp - extract change password warning up out of input password component
* PM-18720 - InputPassword - remove unused dependency.
* PM-18720 - ChangePasswordComp - add callout dep
* PM-18720 - Revert all anon-layout changes
* PM-18720 - Anon Layout - finish reverting changes.
* PM-18720 - WIP move of change password out of libs/auth
* PM-18720 - Clean up remaining imports from moving change password out of libs/auth
* PM-18720 - Add change-password barrel file for better import grouping
* PM-18720 - Change Password comp - restore maxWidth
* PM-18720 - After merge, fix errors
* PM-18720 - Desktop - fix api service import
* PM-18720 - NDV - fix routing.
* PM-18720 - Change Password Comp - add logout service todo
* PM-18720 - PasswordSettings - per feedback, component is already feature flagged behind PM16117_ChangeExistingPasswordRefactor so we can just delete the replaced callout (new text is in change-password comp)
* PM-18720 - Routing Modules - properly flag new component behind feature flag.
* PM-18720 - SSO Login Strategy - fix config service import since it is now in shared deps from main merge.
* PM-18720 - Fix SSO login strategy tests
* PM-18720 - Default Policy Service - address AC PR feedback
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
When a user logs in via SSO after their org has offboarded from TDE, we now show them a helpful error message stating that they must either login on a Trusted device, or ask their admin to assign them a password.
Feature flag: `PM16117_SetInitialPasswordRefactor`
This PR makes it so that `SetInitialPasswordComponent` handles the TDE offboarding flow where an org user now needs to set an initial master password.
Feature flag: `PM16117_SetInitialPasswordRefactor`
* feat: Create methods for calling GET auth-request/pending endpoint.
* feat: update banner service on web, and desktop vault
* test: updated banner test to use auth request services
* fix: DI fixes
* feat: add RequestDeviceId to AuthRequestResponse
* fix: add Browser Approvals feature flags to desktop vault and web vault banner service
* test: fix tests for feature flag
* first draft at an idea dependency graph
* ignore existing errors
* remove conflicting rule regarding internal platform logic in libs
* review: allow components to import from platform
* fix(enums-eslint): Enum Rule for ESLint - Added enums in the warnings for eslint.
* fix(enums-eslint): Enum Rule for ESLint - Updated to error in both places for enums.
* fix(enums-eslint): Enum Rule for ESLint - Added new eslint plugin for warning on enums.
* fix(enums-eslint): Enum Rule for ESLint - Changed based on suggestion.
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* refactor(browser-platform-utils): Remove Deprecation and Fix Code - Changed usages of firefox to private and moved the usages to the preferred public method and removed the deprecations.
* fix(enums-eslint): Enum Rule for ESLint - Updated to error and added disable rules for all other places.
* fix(enums-eslint): Enum Rule for ESLint - Undid other changes by accident
* Consolidates component routing, removing routing to update-temp-password from components. All routing to update-temp-password should happen in the AuthGuard now.
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* feat(device-approval-persistence): [PM-19380] Device Approval Persistence - Added lookup on standard auth requests.
* fix(device-approval-persistence): [PM-19380] Device Approval Persistence - Fixed issue with null value trying to be parsed from the fromJSON function.
---------
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* feat(device-approval-persistence): [PM-9112] Device Approval Persistence - Added in view cache data needed to persist the approval process. Clears after 2 minutes.
Refactor toast calls out of auth services. Toasts are now triggered by an observable emission that gets picked up by an observable pipeline in a new `DeviceTrustToastService` (libs/angular). That observable pipeline is then subscribed by by consuming the `AppComponent` for each client.
* feat(pm-15015) :
- Adding `requestCountryName` to auth requests dialogs, and response models.
- Updated i18n messages.json in Web, Browser, and Desktop to include "Location" translation.
* move vault timeout and vault timeout settings to km
* move browser vault timeout service to km
* fix cli import
* fix imports
* fix some relative imports
* use relative imports within common
* fix imports
* fix new imports
* Fix new imports
* fix spec imports
Adds a banner in the web vault to notify users when they have pending device authentication requests. The banner links to the device management screen. Also implements real-time updates to the device management table when new auth requests are received.
JIRA: PM-15063
* PM-14445: TS strict for Key Management Biometrics
* formatting
* callbacks not null expectations
* state nullability expectations updates
* unit tests fix
* secure channel naming, explicit null check on messageId
* KM-14445: TS strict for Key Management, Keys and Lock component
* conflicts resolution, new strict check failures
* null simplifications
* migrate legacy encryption when no active user throw error instead of hiding it
* throw instead of return
