* PM-3287 - Remove resetMasterPassword from authResult and identityTokenResponse and replace with userDecryptionOptions where relevant
* PM-3287 - (1) Move SSO code to SSO section (2) Update error scenario conditional + log user out upon error.
* PM-3287 - Fix comment per PR feedback
* PM-3287 - CLI Login with SSO - move MP validation logic back to original location to avoid putting it before 2FA rejection handling.
* PM-3287 - Update returns
* Implement automatic kdf upgrades
* Fix kdf config not being updated
* Update legacy kdf state on master password unlock sync
* Fix cli build
* Fix
* Deduplicate prompts
* Fix dismiss time
* Fix default kdf setting
* Fix build
* Undo changes
* Fix test
* Fix prettier
* Fix test
* Update libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update libs/common/src/key-management/master-password/abstractions/master-password.service.abstraction.ts
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Only sync when there is at least one migration
* Relative imports
* Add tech debt comment
* Resolve inconsistent prefix
* Clean up
* Update docs
* Use default PBKDF2 iteratinos instead of custom threshold
* Undo type check
* Fix build
* Add comment
* Cleanup
* Cleanup
* Address component feedback
* Use isnullorwhitespace
* Fix tests
* Allow migration only on vault
* Fix tests
* Run prettier
* Fix tests
* Prevent await race condition
* Fix min and default values in kdf migration
* Run sync only when a migration was run
* Update libs/common/src/key-management/encrypted-migrator/default-encrypted-migrator.ts
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Fix link not being blue
* Fix later button on browser
---------
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* feat(user-decryption-options) [PM-26413]: Update UserDecryptionOptionsService and tests to use UserId-only APIs.
* feat(user-decryption-options) [PM-26413]: Update InternalUserDecryptionOptionsService call sites to use UserId-only API.
* feat(user-decryption-options) [PM-26413] Update userDecryptionOptions$ call sites to use the UserId-only API.
* feat(user-decryption-options) [PM-26413]: Update additional call sites.
* feat(user-decryption-options) [PM-26413]: Update dependencies and an additional call site.
* feat(user-verification-service) [PM-26413]: Replace where allowed by unrestricted imports invocation of UserVerificationService.hasMasterPassword (deprecated) with UserDecryptionOptions.hasMasterPasswordById$. Additional work to complete as tech debt tracked in PM-27009.
* feat(user-decryption-options) [PM-26413]: Update for non-null strict adherence.
* feat(user-decryption-options) [PM-26413]: Update type safety and defensive returns.
* chore(user-decryption-options) [PM-26413]: Comment cleanup.
* feat(user-decryption-options) [PM-26413]: Update tests.
* feat(user-decryption-options) [PM-26413]: Standardize null-checking on active account id for new API consumption.
* feat(vault-timeout-settings-service) [PM-26413]: Add test cases to illustrate null active account from AccountService.
* fix(fido2-user-verification-service-spec) [PM-26413]: Update test harness to use FakeAccountService.
* fix(downstream-components) [PM-26413]: Prefer use of the getUserId operator in all authenticated contexts for user id provided to UserDecryptionOptionsService.
---------
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
* Passed in userId on RemovePasswordComponent.
* Added userId on other references to KeyConnectorService methods
* remove password component refactor, test coverage, enabled strict
* explicit user id provided to key connector service
* redirect to / instead when user not logged in or not managing organization
* key connector service explicit user id
* key connector service no longer requires account service
* key connector service missing null type
* cli convert to key connector unit tests
* remove unnecessary SyncService
* error toast not showing on ErrorResponse
* bad import due to merge conflict
* bad import due to merge conflict
* missing loading in remove password component for browser extension
* error handling in remove password component
* organization observable race condition in key-connector
* usesKeyConnector always returns boolean
* unit test coverage
* key connector reactive
* reactive key connector service
* introducing convertAccountRequired$
* cli build fix
* moving message sending side effect to sync
* key connector service unit tests
* fix unit tests
* move key connector components to KM team ownership
* new unit tests in wrong place
* key connector domain shown in remove password component
* type safety improvements
* convert to key connector command localization
* key connector domain in convert to key connector command
* convert to key connector command unit tests with prompt assert
* organization name placement change in the remove password component
* unit test update
* show key connector domain for new sso users
* confirm key connector domain page does not require auth guard
* confirm key connector domain page showing correctly
* key connector url required to be provided when migrating user
* missing locales
* desktop styling
* have to sync and navigate to vault after key connector keys exchange
* logging verbosity
* splitting the web client
* splitting the browser client
* cleanup
* splitting the desktop client
* cleanup
* cleanup
* not necessary if condition
* key connector domain tests fix for sso componrnt and login strategy
* confirm key connector domain base component unit tests coverage
* confirm key connector domain command for cli
* confirm key connector domain command for cli unit tests
* design adjustments
removed repeated text, vertical buttons on desktop, wrong paddings on browser extension
* key connector service unit test coverage
* new linting rules fixes
* accept invitation to organization called twice results in error.
Web vault remembers it's original route destination, which we do not want in case of accepting invitation and Key Connector, since provisioning new user through SSO and Key Connector, the user is already accepted.
* moved required key connector domain confirmation into state
* revert redirect from auth guard
* cleanup
* sso-login.strategy unit test failing
* two-factor-auth.component unit test failing
* two-factor-auth.component unit test coverage
* cli unit test failing
* removal of redundant logs
* removal of un-necessary new lines
* consolidated component
* consolidated component css cleanup
* use KdfConfig type
* consolidate KDF into KdfConfig type in identity token response
* moving KC requiresDomainConfirmation lower in order, after successful auth
* simplification of trySetUserKeyWithMasterKey
* redirect to confirm key connector route when locked but can't unlock yet
---------
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* create libs/assets
* treeshake lib and filter out non-icons from icon story
* update docs
* fix icon colors in browser and desktop
* better name for vault icon
* move illustrations
* Removed flag.
* Fixed tests to no longer reference flag.
* Fixed test.
* Removed duplicate test class.
* Moved files into folders for yubikey and authenticator
* Removed TwoFactorAuthEmailComponentService since it is no longer needed
* Removed export
* Fixed export
* feat(change-password-component): Change Password Update [18720] - Very close to complete.
* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Removed temp code to force the state I need to verify correctness.
* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Recover account working with change password component.
* fix(policy-enforcement): [PM-21085] Fix Bug with Policy Enforcement - Made code more dry.
* fix(change-password-component): Change Password Update [18720] - Updates to routing and the extension. Extension is still a wip.
* fix(change-password-component): Change Password Update [18720] - Extension routing changes.
* feat(change-password-component): Change Password Update [18720] - More extension work
* feat(change-password-component): Change Password Update [18720] - Pausing work for now while we wait for product to hear back.
* feat(change-password-component): Change Password Update [18720] - Removed duplicated anon layouts.
* feat(change-password-component): Change Password Update [18720] - Tidied up code.
* feat(change-password-component): Change Password Update [18720] - Small fixes to the styling
* feat(change-password-component): Change Password Update [18720] - Adding more content for the routing.
* feat(change-password-component): Change Password Update [18720] - Removed circular loop for now.
* feat(change-password-component): Change Password Update [18720] - Made comments regarding the change password routing complexities with change-password and auth guard.
* feat(change-password-component): Change Password Update [18720] - Undid some changes because they will be conflicts later on.
* feat(change-password-component): Change Password Update [18720] - Small directive change.
* feat(change-password-component): Change Password Update [18720] - Small changes and added some clarification on where I'm blocked
* feat(change-password-component): Change Password Update [18720] - Org invite is seemingly working, found one bug to iron out.
* refactor(change-password-component): Change Password Update [18720] - Fixed up policy service to be made more clear.
* docs(change-password-component): Change Password Update [18720] - Updated documentation.
* refactor(change-password-component): Change Password Update [18720] - Routing changes and policy service changes.
* fix(change-password-component): Change Password Update [18720] - Wrapping up changes.
* feat(change-password-component): Change Password Update [18720] - Should be working fully
* feat(change-password-component): Change Password Update [18720] - Found a bug, working on password policy being present on login.
* feat(change-password-component): Change Password Update [18720] - Turned on auth guard on other clients for change-password route.
* feat(change-password-component): Change Password Update [18720] - Committing intermediate changes.
* feat(change-password-component): Change Password Update [18720] - The master password policy endpoint has been added! Should be working. Testing now.
* feat(change-password-component): Change Password Update [18720] - Minor fixes.
* feat(change-password-component): Change Password Update [18720] - Undid naming change.
* feat(change-password-component): Change Password Update [18720] - Removed comment.
* feat(change-password-component): Change Password Update [18720] - Removed unneeded code.
* fix(change-password-component): Change Password Update [18720] - Took org invite state out of service and made it accessible.
* fix(change-password-component): Change Password Update [18720] - Small changes.
* fix(change-password-component): Change Password Update [18720] - Split up org invite service into client specific implementations and have them injected into clients properly
* feat(change-password-component): Change Password Update [18720] - Stopping work and going to switch to a new branch to pare down some of the solutions that were made to get this over the finish line
* feat(change-password-component): Change Password Update [18720] - Started to remove functionality in the login.component and the password login strategy.
* feat(change-password-component): Change Password Update [18720] - Removed more unneded changes.
* feat(change-password-component): Change Password Update [18720] - Change password clearing state working properly.
* fix(change-password-component): Change Password Update [18720] - Added docs and moved web implementation.
* comments(change-password-component): Change Password Update [18720] - Added more notes.
* test(change-password-component): Change Password Update [18720] - Added in tests for policy service.
* comment(change-password-component): Change Password Update [18720] - Updated doc with correct ticket number.
* comment(change-password-component): Change Password Update [18720] - Fixed doc.
* test(change-password-component): Change Password Update [18720] - Fixed tests.
* test(change-password-component): Change Password Update [18720] - Fixed linting errors. Have more tests to fix.
* test(change-password-component): Change Password Update [18720] - Added back in ignore for typesafety.
* fix(change-password-component): Change Password Update [18720] - Fixed other type issues.
* test(change-password-component): Change Password Update [18720] - Fixed tests.
* test(change-password-component): Change Password Update [18720] - Fixed more tests.
* test(change-password-component): Change Password Update [18720] - Fixed tiny duplicate code.
* fix(change-password-component): Change Password Update [18720] - Fixed desktop component.
* fix(change-password-component): Change Password Update [18720] - Removed unused code
* fix(change-password-component): Change Password Update [18720] - Fixed locales.
* fix(change-password-component): Change Password Update [18720] - Removed tracing.
* fix(change-password-component): Change Password Update [18720] - Removed duplicative services module entry.
* fix(change-password-component): Change Password Update [18720] - Added comment.
* fix(change-password-component): Change Password Update [18720] - Fixed unneeded call in two factor to get user id.
* fix(change-password-component): Change Password Update [18720] - Fixed a couple of tiny things.
* fix(change-password-component): Change Password Update [18720] - Added comment for later fix.
* fix(change-password-component): Change Password Update [18720] - Fixed linting error.
* PM-18720 - AuthGuard - move call to get isChangePasswordFlagOn down after other conditions for efficiency.
* PM-18720 - PasswordLoginStrategy tests - test new feature flagged combine org invite policies logic for weak password evaluation.
* PM-18720 - CLI - fix dep issue
* PM-18720 - ChangePasswordComp - extract change password warning up out of input password component
* PM-18720 - InputPassword - remove unused dependency.
* PM-18720 - ChangePasswordComp - add callout dep
* PM-18720 - Revert all anon-layout changes
* PM-18720 - Anon Layout - finish reverting changes.
* PM-18720 - WIP move of change password out of libs/auth
* PM-18720 - Clean up remaining imports from moving change password out of libs/auth
* PM-18720 - Add change-password barrel file for better import grouping
* PM-18720 - Change Password comp - restore maxWidth
* PM-18720 - After merge, fix errors
* PM-18720 - Desktop - fix api service import
* PM-18720 - NDV - fix routing.
* PM-18720 - Change Password Comp - add logout service todo
* PM-18720 - PasswordSettings - per feedback, component is already feature flagged behind PM16117_ChangeExistingPasswordRefactor so we can just delete the replaced callout (new text is in change-password comp)
* PM-18720 - Routing Modules - properly flag new component behind feature flag.
* PM-18720 - SSO Login Strategy - fix config service import since it is now in shared deps from main merge.
* PM-18720 - Fix SSO login strategy tests
* PM-18720 - Default Policy Service - address AC PR feedback
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
* first draft at an idea dependency graph
* ignore existing errors
* remove conflicting rule regarding internal platform logic in libs
* review: allow components to import from platform
* PM-20540 - TwoFactorAuthComponent - Refactor determineDefaultSuccessRoute to rely on user's auth status as the loginStrategyService's state is cleared after successful AuthN
* PM-20540 - DeepLinkGuard - Refactor to exempt login-initiated so that TDE + unlock with MP + deep link works.
* doc: Add documentation and change folder structure.
* test: add test for new excluded route.
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* Consolidates component routing, removing routing to update-temp-password from components. All routing to update-temp-password should happen in the AuthGuard now.
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Add persistence to two-factor authentication in the extension login flow. Implements caching of form state to improve user experience when navigating between authentication steps. Includes feature flag for controlled rollout.
* Moved saving of SSO email outside of browser/desktop code
* Clarified comments.
* Tests
* Refactored login component services to manage state
* Fixed input on login component
* Fixed tests
* Linting
* Moved web setting in state into web override
* updated tests
* Fixed typing.
* Fixed type safety issues.
* Added comments and renamed for clarity.
* Removed method parameters that weren't used
* Added clarifying comments
* Added more comments.
* Removed test that is not necessary on base
* Test cleanup
* More comments.
* Linting
* Fixed test.
* Fixed base URL
* Fixed typechecking.
* Type checking
* Moved setting of email state to default service
* Added comments.
* Consolidated SSO URL formatting
* Updated comment
* Fixed reference.
* Fixed missing parameter.
* Initialized service.
* Added comments
* Added initialization of new service
* Made email optional due to CLI.
* Fixed comment on handleSsoClick.
* Added SSO email persistence to v1 component.
* Updated login email service.
* Updated setting of remember me
* Removed unnecessary input checking and rearranged functions
* Fixed name
* Added handling of Remember Email to old component for passkey click
* Updated v1 component to persist the email on Continue click
* Fix merge conflicts.
* Merge conflicts in login component.
* Persisted login email on v1 browser component.
* Merge conflicts
* fix(snap) [PM-17464][PM-17463][PM-15587] Allow Snap to use custom callback protocol
* Removed Snap from custom protocol workaround
* Fixed tests.
* Updated case numbers on test
* Resolved PR feedback.
* PM-11502 - LoginEmailSvcAbstraction - mark methods as abstract to satisfy strict ts.
* Removed test
* Changed to persist on leaving fields instead of button click.
* Fixed type checking.
---------
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
