* Introduce a new vault-export-api.service to replace the existing getOrganizationExport method in apiService
* Use new vault-export-api.service instead of the ApiService to retrieve organizational export data
* Remove unused method from apiService
* Register VaultExportApiService on browser
* Fxi linting issue by executing `npm run prettier`
* Rename abstraction and implementation of VaultExportApiService
* Use undefined instead of null
* Rename file of default impl of vault-export-api-service
* Fix test broken with 1bcdd80eea
* Define type for exportPromises
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* PM-25075 wip parking work
* remove flag from enums and add fade out
* fix tests
* remove flags from enum file after merge conflict re introduced
* remove dead code paths
* change naming back to bgUnlockPopoutOpened
This change eliminates the circular dependency between messaging and messaging-internal libraries by merging them into a single messaging library.
Previously, messaging-internal imported from @bitwarden/messaging while messaging tried to import from @bitwarden/messaging-internal, creating an unresolvable circular dependency. This also violated Nx best practices by using cross-library file includes in tsconfig.lib.json.
Changes made:
- Moved all messaging-internal code (SubjectMessageSender, helpers, tests) into libs/messaging/src/
- Updated all imports to use relative paths instead of @bitwarden/messaging imports
- Removed the entire messaging-internal library and its configuration files
- Updated external references in apps/browser to import from @bitwarden/messaging
- Fixed libs/messaging/tsconfig.lib.json to use standard src/**/*.ts pattern
- Updated libs/common internal.ts to re-export from messaging instead of messaging-internal
The messaging library now exports both public APIs and internal implementations, which is a cleaner architecture than maintaining two separate libraries with circular dependencies.
Fixes rootDir configuration issues identified in the Nx library systematic fix project.
* PM-20578 Added api to fetch and save data (#15334)
* [PM-20579] Update risk-insights report service to use api service with encryption (#15357)
* Fix type error
* Fix paths for changed key generation service
* Finalize the api services
* Fixing test case for summary date range
* Fixing report service tests. Encryption will be modified in the future
* Fixing encryption service tests
* fixing linting issues
---------
Co-authored-by: Vijay Oommen <voommen@livefront.com>
Co-authored-by: Tom <ttalty@bitwarden.com>
* Implement bank account hosted URL verification with webhook handling notification
* [PM-25491] Create org/provider bank account warning needs to be updated
* encode username for uri and add spec
* verify response from getHibpBreach method
* test/validate for BreachAccountResponse type and length instead of mock response
* feat(notification-processing): [PM-19877] System Notification Implementation - Implemented the full feature set for device approval from extension.
* test(notification-processing): [PM-19877] System Notification Implementation - Updated tests.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* added master password unlock and decryption option fields into identity token connect response
* incorrect master password unlock response parsing
* use sdk
* use sdk
* better type checking on response parsing
* not using sdk
* revert of bad merge conflicts
* revert of bad merge conflicts
* master password unlock setter in state
* unit test coverage for responses processing
* master password unlock in identity user decryption options
* unit test coverage
* unit test coverage
* unit test coverage
* unit test coverage
* lint error
* set master password unlock data in state on identity response and sync response
* revert change in auth's user decryption options
* remove unnecessary cast
* better docs
* change to relative imports
* MasterPasswordUnlockData serialization issue
* explicit undefined type for `syncUserDecryption`
* incorrect identity token response tests
* Add ssoEnabled and ssoMemberDecryptionType properties to ProfileOrganizationResponse
* Add SSO support to Organization model with ssoEnabled and ssoMemberDecryptionType properties, and implement related tests
* Upsert organization SSO settings in memory after save
Updates organization data in memory with new SSO configuration values
to ensure immediate UI updates for Device Approvals page visibility.
* Refactor SSO component to simplify upsertOrganizationWithSsoChanges method
- Updated the method signature to accept a single OrganizationSsoRequest object instead of separate parameters.
- Adjusted the internal logic to directly use properties from the OrganizationSsoRequest for updating the organization state.
* Specify OrganizationData type for updatedOrganization in SSO component
* Add importer dummy lib, add cargo deps for win/mac
* Add Chromium importer source from bitwarden/password-access
* Mod crypto is no more
* Expose some Chromium importer functions via NAPI, replace home with home_dir crate
* Add Chromium importer to the main <-> renderer IPC, export all functions from Rust
* Add password and notes fields to the imported logins
* Fix windows to use homedir instead of home
* Return success/failure results
* Import from account logins and join
* Linux v10 support
* Use mod util on Windows
* Use mod util on macOS
* Refactor to move shared code into chromium.rs
* Fix windows
* Fix Linux as well
* Linux v11 support for Chrome/Gnome, everything is async now
* Support multiple browsers on Linux v11
* Move oo7 to Linux
* Fix Windows
* Fix macOS
* Add support for Brave browser in Linux configuration
* Add support for Opera browser in Linux configuration
* Fix Edge and add Arc on macOS
* Add Opera on macOS
* Add support for Vivaldi browser in macOS configuration
* Add support for Chromium browser in macOS configuration
* Fix Edge on Windows
* Add Opera on Windows
* Add Vivaldi on windows
* Add Chromium to supported browsers on Windows
* stub out UI options for chromium direct import
* call IPC funcs from import-desktop
* add notes to chrome csv importer
* remove (csv) from import tool names and format item names as hostnames
* Add ABE/v20 encryption support
* ABE/v20 architecture description
* Add a build step to produce admin.exe and service.exe
* Add Windows v20/ABE configuration functionality to specify the full path to the admin.exe and service.exe. Use ipc.platform.chromiumImporter.configureWindowsCryptoService to configure the Chromium importer on Windows.
* rename ARCHITECTURE.md to README.md
* aligns with guidance from architecture re: in-repository documentation.
* also fixes a failing lint.
* cargo fmt
* cargo clippy fix
* Declare feature flag for using chromium importer
* Linter fix after executing npm run prettier
* Use feature flag to guard the use of the chromium importer
* Added temporary logging to further debug, why the Angular change detection isn't working as expected
* introduce importer metadata; host metadata from service; includes tests
* fix cli build
* Register autotype module in lib.rs
introduce by a bad merge
* Fix web build
* Fix issue with loaders being undefined and the feature flag turned off
* Add missing Chromium support when selecting chromecsv
* debugging
* remove chromium support from chromecsv metadata
* fix default loader selection
* [PM-24753] cargo lib file (#16090)
* Add new modules
* Fix chromium importer
* Fix compile bugs for toolchain
* remove importer folder
* remove IPC code
* undo setting change
* clippy fixes
* cargo fmt
* clippy fixes
* clippy fixes
* clippy fixes
* clippy fixes
* lint fix
* fix release build
* Add files in CODEOWNERS
* Create tools owned preload.ts
* Move chromium-importer.service under tools-ownership
* Fix typeError
When accessing the Chromium direct import options the file button is hidden, so trying to access it's values will fail
* Fix tools owned preload
* Remove dead code and redundant truncation
* Remove configureWindowsCryptoService function/methods
* Clean up cargo files
* Fix unused async
* Update apps/desktop/desktop_native/bitwarden_chromium_importer/Cargo.toml
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Fix napi deps
* fix lints
* format
* fix linux lint
* fix windows lints
* format
* fix missing `?`
* fix a different missing `?`
---------
Co-authored-by: Dmitry Yakimenko <detunized@gmail.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: ✨ Audrey ✨ <ajensen@bitwarden.com>
Co-authored-by: ✨ Audrey ✨ <audrey@audreyality.com>
Co-authored-by: adudek-bw <adudek@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* feat(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Adds in tests and feature for notifying inactive users.
* feat(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Added feature flag.
* fix(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Implemented trackedMerge.
* tests: remove feature flag use in tests
* tests: remove breadcrumbingPolicyTests and add service tests
* refactor: remove event log use of flag from org-layout component
* refactor: remove new policy code from org-layout component
* refactor: remove event log use of flag from events component
* refactor: remove event log use from collection dialog component
* refactor: remove event log use from vault-header component
* refactor: remove event-log route logic for org-reporting
* refactor: remove logic from org-settings routing
* refactor: remove breadcrumbing function and from billing service
* refactor: remove ConfigService from DI for billing service
* refactor: remove new policy code from policy-edit component
* refactor: remove new policy code from policies component
* refactor: remove feature flag
* fix(Admin Console): revert to use of reactive observables pattern
* fix(Admin Console): remove type artifact from reversion
* Passed in userId on RemovePasswordComponent.
* Added userId on other references to KeyConnectorService methods
* remove password component refactor, test coverage, enabled strict
* explicit user id provided to key connector service
* redirect to / instead when user not logged in or not managing organization
* key connector service explicit user id
* key connector service no longer requires account service
* key connector service missing null type
* cli convert to key connector unit tests
* remove unnecessary SyncService
* error toast not showing on ErrorResponse
* bad import due to merge conflict
* bad import due to merge conflict
* missing loading in remove password component for browser extension
* error handling in remove password component
* organization observable race condition in key-connector
* usesKeyConnector always returns boolean
* unit test coverage
* key connector reactive
* reactive key connector service
* introducing convertAccountRequired$
* cli build fix
* moving message sending side effect to sync
* key connector service unit tests
* fix unit tests
* move key connector components to KM team ownership
* new unit tests in wrong place
* key connector domain shown in remove password component
* type safety improvements
* convert to key connector command localization
* key connector domain in convert to key connector command
* convert to key connector command unit tests with prompt assert
* organization name placement change in the remove password component
* unit test update
* show key connector domain for new sso users
* confirm key connector domain page does not require auth guard
* confirm key connector domain page showing correctly
* key connector url required to be provided when migrating user
* missing locales
* desktop styling
* have to sync and navigate to vault after key connector keys exchange
* logging verbosity
* splitting the web client
* splitting the browser client
* cleanup
* splitting the desktop client
* cleanup
* cleanup
* not necessary if condition
* key connector domain tests fix for sso componrnt and login strategy
* confirm key connector domain base component unit tests coverage
* confirm key connector domain command for cli
* confirm key connector domain command for cli unit tests
* design adjustments
removed repeated text, vertical buttons on desktop, wrong paddings on browser extension
* key connector service unit test coverage
* new linting rules fixes
* accept invitation to organization called twice results in error.
Web vault remembers it's original route destination, which we do not want in case of accepting invitation and Key Connector, since provisioning new user through SSO and Key Connector, the user is already accepted.
* moved required key connector domain confirmation into state
* revert redirect from auth guard
* cleanup
* sso-login.strategy unit test failing
* two-factor-auth.component unit test failing
* two-factor-auth.component unit test coverage
* cli unit test failing
* removal of redundant logs
* removal of un-necessary new lines
* consolidated component
* consolidated component css cleanup
* use KdfConfig type
* consolidate KDF into KdfConfig type in identity token response
* moving KC requiresDomainConfirmation lower in order, after successful auth
* simplification of trySetUserKeyWithMasterKey
* redirect to confirm key connector route when locked but can't unlock yet
---------
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* [PM-24243] Load config service feature flag into SDK client during initialization
* [PM-24243] Bump sdk version
* [PM-24243] Update load_flags to use generic Map instead of strongly typed object
* [PM-24243] Pass entire feature states object into SDK
* [PM-24243] Bump SDK version
* [PM-24243] Fix failing test
* add exclamation badge for at risk passwords on tab
* add berry icon for the badge when pending tasks are present
* remove integration wtih autofill for pending task badge
* add ability to override Never match strategy
- This is helpful for non-autofill purposes but cipher matching is still needed. This will default to the domain.
* add at-risk-cipher badge updater service
* Revert "add exclamation badge for at risk passwords on tab"
This reverts commit a9643c03d5.
* remove nullish-coalescing
* ensure that all user related observables use the same user.id
---------
Co-authored-by: Shane Melton <smelton@bitwarden.com>
* remove flag and instances of use
* feedback jprusik: additional removals of pageContainsShadowDomElements
* feedback jprusik: remove a stray logic branch
* migrate change login password service to use bitwarden server rather than fetch directly
- avoids CSP entirely
* add `HelpUsersUpdatePasswords` policy to policy type
* add `HelpUsersUpdatePasswordsPolicy` components
* allow list description override for policy description
* add `HelpUsersUpdatePasswordsPolicy` when the feature flag is enabled
* apply `HelpUsersUpdatePasswords` to everyone in an org
* use policy to guard the well known password API
* fix tests
* refactor to use `policyAppliesToUser$`
* remove policy work for change password - this was removed from scope
* update copy for show favicon setting - it now handles both favicons and change password urls
* remove favicon setting description - no longer needed
* only call change password service when the setting is enabled
* add popover for permitting cipher details
* import permit popover directly into the settings component
* replace `nativeFetch` with `fetch`
* use string literal to construct URL rather than `URL` class
- The `getIconsUrl` can return with an appended path which the new URL constructor will strip when passed as the base parameter
* use string literal to construct URL rather than `URL` class instance (#16045)
- The `getIconsUrl` can return with an appended path which the new URL constructor will strip when passed as the base parameter
* [PM-24716] UI changes for Change URI work (#16043)
* use platform service to launch the URI
- this allows desktop to open a separate browser instance rather than use electron
* fix spacing on web app
* add bitLink for focus/hover states
* remove spacing around links
* enforce restrictions based on collection type, set default collection type
* fix ts strict errors
* fix default collection enforcement in vault header
* enforce default collection restrictions in vault collection row
* enforce default collection restrictions in AC vault header
* enforce default collection restriction for select all
* fix ts strict error
* switch to signal, fix feature flag
* fix story
* clean up
* remove feature flag, move check for defaultCollecion to CollecitonView
* fix test
* remove unused configService
* fix test: coerce null to undefined for collection Id
* clean up leaky abstraction for default collection
* fix ts-strict error
* fix parens
* add new property to models, update logic, refactor for ts-strict
* fix type
* rename defaultCollection getter
* clean up
* clean up
* clean up, add comment, fix submit
* add comment
* add feature flag
* check model for name
* cleanup readonly logic, remove featureflag logic
* wip
* refactor CollectionRequest into Create and Update models
* fix readonly logic
* cleanup
* set defaultUserCollectionEmail in decryption from Collection
* split save into update/create methods
* fix readonly logic
* fix collections post and put requests
* add defaultUserCollection email to model when submitting collection dialog
* Add back notifications connection on locked accounts
* Updated tests.
* Make sure web push connection service is started synchronously
* Fixed merge conflicts.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* [PM-24229] Ensure existing dates are persisted when using CipherExport.toView
* [PM-24229] Test both null and undefined
* [PM-24229] Add test for copied date values
