* PM-22661 - Start bringing in code from original PR
* PM-22661 - SendTokenService - implement and test hash send password
* PM-22661 - Starting to pull in SDK state to SendTokenService
* PM-22661 - WIP on default send token service
* PM-22661 - Build out TS helpers for TryGetSendAccessTokenError
* PM-22661 - WIP
* PM-22661 - Decent progress on getting _tryGetSendAccessToken wired up
* PM-22661 - Finish service implementation (TODO: test)
* PM-22661 - DefaultSendTokenService - clear expired tokens
* PM-22661 - SendTokenService - tests for tryGetSendAccessToken$
* PM-22661 - DefaultSendTokenService - more tests.
* PM-22661 - Refactor to create domain facing type for send access creds so we can internally map to SDK models instead of exposing them.
* PM-22661 - DefaultSendTokenService tests - finish testing error scenarios
* PM-22661 - SendAccessToken - add threshold to expired check to prevent tokens from expiring in flight
* PM-22661 - clean up docs and add invalidateSendAccessToken
* PM-22661 - Add SendAccessToken tests
* PM-22661 - Build out barrel files and provide send token service in jslib-services.
* PM-22661 - Improve credential validation and test the scenarios
* PM-22661 - Add handling for otp_generation_failed
* PM-22661 - npm i sdk version 0.2.0-main.298 which has send access client stuff
* PM-22661 - Bump to latest sdk changes for send access for testing.
* PM-22661 - fix comment to be accurate
* PM-22661 - DefaultSendTokenService - hashSendPassword - to fix compile time error with passing a Uint8Array to Utils.fromBufferToB64, add new overloads to Utils.fromBufferToB64 to handle ArrayBuffer and ArrayBufferView (to allow for Uint8Arrays). Then, test new scenarios to ensure feature parity with old fromBufferToB64 method.
* PM-22661 - Utils.fromBufferToB64 - remove overloads so ordering doesn't break test spies.
* PM-22661 - utils.fromBufferToB64 - re-add overloads to see effects on tests
* PM-22661 - revert utils changes as they will be done in a separate PR.
* PM-22661 - SendTokenService tests - test invalidateSendAccessToken
* PM-22661 - DefaultSendTokenService - add some storage layer tests
* PM-22661 - Per PR feedback fix comment
* PM-22661 - Per PR feedback, optimize writes to state for send access tokens with shouldUpdate.
* PM-22661 - Per PR feedback, update clear to be immutable vs delete (mutation) based.
* PM-22661 - Per PR feedback, re-add should update for clear method.
* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* PM-22661 - Update libs/common/src/auth/send-access/services/default-send-token.service.ts
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
---------
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* Use payment domain
* Fixing lint and test issue
* Fix organization plans tax issue
* PM-26297: Use existing billing address for tax calculation if it exists
* PM-26344: Check existing payment method on submit
Do not update the "last sync time" when an error occurs during the sync process, including a network error when retrieving the account's revision date/time from the server. Update the sync time when a sync fires automatically, or when forced, in order to make it clear to the user that the extension's data is current.
* refactor `canInteract` into a component level usage.
- The default service is going to be used in the CLI which won't make use of the UI-related aspects
* all nested entities to be imported from the vault
* initial add of archive command to the cli
* add archive to oss serve
* check for deleted cipher when attempting to archive
* add searchability/list functionality for archived ciphers
* restore an archived cipher
* unarchive a cipher when a user is editing it and has lost their premium status
* add missing feature flags
* re-export only needed services from the vault
* add needed await
* add prompt when applicable for editing an archived cipher
* move cipher archive service into `common/vault`
* fix testing code
* PM-26186 - Utils.ts - fromBufferToB64 - (1) Add type safety (2) Add ArrayBufferView support (3) Add tests
* PM-26186 - Utils.ts - add overloads so that we can specify callers who pass defined buffers will always get a string back so I don't have to modify all call sites to add a null assertion or "as string"
If a user is part of an org that has the `RequireSso` policy, when that user successfully logs in we add their email to a local `ssoRequiredCache` on their device. The next time this user goes to the `/login` screen on this device, we will use that cache to determine that for this email we should only show the "Use single sign-on" button and disable the alternate login buttons.
These changes are behind the flag: `PM22110_DisableAlternateLoginMethods`
* Refactor provider service calls to include userId parameter
- Updated multiple components and services to pass userId when fetching provider data.
- Adjusted the ProviderService interface to require userId for get, get$, and getAll methods.
- Ensured consistent handling of userId across various components, enhancing data retrieval based on active user context.
* Remove deprecated type safety comments and use the getById utility for fetching providers.
* Update ProviderService methods to return undefined for non-existent providers
- Modified the return types of get$ and get methods in ProviderService to allow for undefined values, enhancing type safety.
- Adjusted the providers$ method to return only defined Provider arrays, ensuring consistent handling of provider data.
* Enhance provider permissions guard tests to include userId parameter
- Updated test cases in provider-permissions.guard.spec.ts to pass userId when calling ProviderService methods.
- Mocked AccountService to provide active account details for improved test coverage.
- Ensured consistent handling of userId across all relevant test scenarios.
* remove promise based api's from provider service, continue refactor
* cleanup observable logic
* cleanup
---------
Co-authored-by: Brandon <btreston@bitwarden.com>
* [PM-19237] Add Archive Filter Type (#13852)
* Browser can archive and unarchive items
* Create Archive Cipher Service
* Add flag and premium permissions to Archive
---------
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Shane <smelton@bitwarden.com>
Co-authored-by: Patrick Pimentel <ppimentel@bitwarden.com>
* encode username for uri and add spec
* verify response from getHibpBreach method
* test/validate for BreachAccountResponse type and length instead of mock response
* - extract dirt api method out of global api service
- create new directory structure
- change imports accordingly
- extract breach account response
- put extracted code into new dirt dir
* codeowners and dep injection for new hibp service
* Add SDK call to decryptManyWithFailures instead of decryptMany
* Move logic back to decryptCiphersWithSdk
* Fix return type of decryptCiphersWithSdk
* Add unit tests for decryptCiphers()
* Add unit tests for decryptManyWithFailures
* Filter out undefined objects from failedCiphers
* Update name for failed-decryption ciphers
* Fix type checking errors in tests
* Fix tests with new changes from main
* Migrate decryptMany call to use decryptManyWithFailures
* Remove deprecated decryptMany function, along with all calls ot the function
* Use OrganizationWarningsService in AC VaultComponent
* Use OrganizationWarningsService in OrgSwitcherComponent
* Use OrganizationWarningsService in VaultFilterComponent
* Use OrganizationWarningsService in VaultComponent
* Use OrganizationWarningsService in SM OverviewComponent
* Remove TrialFlowService from unused codepaths
* Remove TrialFlowService
* Refresh free trial warning on standard payment method update
* Fix lint errors
* Fix lint errors
* Remove FF
* Fix free trial banner on deprecated ac vault component
* Add PhishingDetectionService
* Add a tab listener.
* Get the known phishing domain from the server
* Get the known phishing domain from the server
* Add phishing detection content script.
* Revert "Add phishing detection content script."
This reverts commit ce64d3435a.
* Fix conflicts
* Add build configs.
* Decouple the phishing detection content script logic from the rest of the app.
* move the call to background
* Add communication between the content script and background service.
* Update code to use Log service.
* Resolve conflict
* Add changes for phishing domain report
* Fix initializer order issue.
* Fix domain error.
* Account for no responses.
* Add exit functionality for onclick.
* Wrapped phishing detection feature behind feature flag (#13915)
* push changes for alert
* Removed browser logic for checking feature flag
* move the alert as dialog
* Add functionality to navigate back in history.
* [PM-19814] Add redirect to warning page when a phishing domain is detected.
* [PM-19814] Add the phishing warning page to the Angular popup.
* [PM-19814] Add functionality to display phishing host.
* [PM-19814] Add exit button and learn more link.
* [PM-19814] Add phishing detection feature flag.
* [PM-19814] Move phishing service to phishing directory
* [PM-19814] Add UI to display phishing URL.
* [PM-19814] Disable the URL input and populate it with the phishing URL.
* [PM-19814] Add phishing icon
* [PM-19814] Temporarily remove phishing reporting feature. It can be released separately in another ticket.
* [PM-19814] Clean up
* [PM-19814] Add types to the handlers.
* [PM-19814] Remove logic for handling authentication since the endpoint will be unauthenticated.
* [PM-19814] Fixed as many type issues as possible; added @ts-strict-ignore to the remaining ones.
* [PM-19814] Fix race condition in feature flag check.
* [PM-19814] Update wording for the marketing request.
* [PM-19814] Move phishing detection check from content script to webRequest.onCompleted listener.
* [PM-19814] Use webNavigation.onCompleted for redirect to ensure that the redirect only happens when they land on the page.
* [PM-19814] Remove unused code.
* [PM-19814] Fix merge conflict and update text based on product owner’s request
* [PM-19814] Fix merge conflict
* [PM-19814] Update text
* Resolve the message catalog entries
* Update file for consistent import and exports
* Update imports
* Update another import for BrowserPopupUtils
* Update the rest of the imports for BrowserPopupUtils
* Updates messages
* Rename files
* Current phishing block changes
* Use globalthis for chrome
* Add types file
* Update browser api to include tab navigation and close tab functions
* Update phishing detection to track multiple tabs and not trust info from content script
* Change chrome to browser.
* Fixed phishing detection checking previous url instead of current on navigation. Updated def flag for testing urls.
* Move phishing icon
* Fix chrome specific issues. Add comments to where BrowserApi should be used
* Fix command errors. Typecheck messages. Added guard for phishing detection messages
* Use concat map instead of merge map
* Unformat webfonts.scss file
* Fix lint and import errors
* Move phishing blocker files to dirt folder
* Rename background folder to services
* Add code ownership for phishing blocker
* Update text to use locales on phishing blocker learn more page
* Change navigation from using webapi to browser on updated event for safari support
* Update icon usage
* Fix type issues and add test file
* Fix linting error in test
---------
Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com>
Co-authored-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
* Introduce a new vault-export-api.service to replace the existing getOrganizationExport method in apiService
* Use new vault-export-api.service instead of the ApiService to retrieve organizational export data
* Remove unused method from apiService
* Register VaultExportApiService on browser
* Fxi linting issue by executing `npm run prettier`
* Rename abstraction and implementation of VaultExportApiService
* Use undefined instead of null
* Rename file of default impl of vault-export-api-service
* Fix test broken with 1bcdd80eea
* Define type for exportPromises
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* PM-25075 wip parking work
* remove flag from enums and add fade out
* fix tests
* remove flags from enum file after merge conflict re introduced
* remove dead code paths
* change naming back to bgUnlockPopoutOpened
This change eliminates the circular dependency between messaging and messaging-internal libraries by merging them into a single messaging library.
Previously, messaging-internal imported from @bitwarden/messaging while messaging tried to import from @bitwarden/messaging-internal, creating an unresolvable circular dependency. This also violated Nx best practices by using cross-library file includes in tsconfig.lib.json.
Changes made:
- Moved all messaging-internal code (SubjectMessageSender, helpers, tests) into libs/messaging/src/
- Updated all imports to use relative paths instead of @bitwarden/messaging imports
- Removed the entire messaging-internal library and its configuration files
- Updated external references in apps/browser to import from @bitwarden/messaging
- Fixed libs/messaging/tsconfig.lib.json to use standard src/**/*.ts pattern
- Updated libs/common internal.ts to re-export from messaging instead of messaging-internal
The messaging library now exports both public APIs and internal implementations, which is a cleaner architecture than maintaining two separate libraries with circular dependencies.
Fixes rootDir configuration issues identified in the Nx library systematic fix project.
* PM-20578 Added api to fetch and save data (#15334)
* [PM-20579] Update risk-insights report service to use api service with encryption (#15357)
* Fix type error
* Fix paths for changed key generation service
* Finalize the api services
* Fixing test case for summary date range
* Fixing report service tests. Encryption will be modified in the future
* Fixing encryption service tests
* fixing linting issues
---------
Co-authored-by: Vijay Oommen <voommen@livefront.com>
Co-authored-by: Tom <ttalty@bitwarden.com>
* Implement bank account hosted URL verification with webhook handling notification
* [PM-25491] Create org/provider bank account warning needs to be updated
* encode username for uri and add spec
* verify response from getHibpBreach method
* test/validate for BreachAccountResponse type and length instead of mock response
* feat(notification-processing): [PM-19877] System Notification Implementation - Implemented the full feature set for device approval from extension.
* test(notification-processing): [PM-19877] System Notification Implementation - Updated tests.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* added master password unlock and decryption option fields into identity token connect response
* incorrect master password unlock response parsing
* use sdk
* use sdk
* better type checking on response parsing
* not using sdk
* revert of bad merge conflicts
* revert of bad merge conflicts
* master password unlock setter in state
* unit test coverage for responses processing
* master password unlock in identity user decryption options
* unit test coverage
* unit test coverage
* unit test coverage
* unit test coverage
* lint error
* set master password unlock data in state on identity response and sync response
* revert change in auth's user decryption options
* remove unnecessary cast
* better docs
* change to relative imports
* MasterPasswordUnlockData serialization issue
* explicit undefined type for `syncUserDecryption`
* incorrect identity token response tests
* Add ssoEnabled and ssoMemberDecryptionType properties to ProfileOrganizationResponse
* Add SSO support to Organization model with ssoEnabled and ssoMemberDecryptionType properties, and implement related tests
* Upsert organization SSO settings in memory after save
Updates organization data in memory with new SSO configuration values
to ensure immediate UI updates for Device Approvals page visibility.
* Refactor SSO component to simplify upsertOrganizationWithSsoChanges method
- Updated the method signature to accept a single OrganizationSsoRequest object instead of separate parameters.
- Adjusted the internal logic to directly use properties from the OrganizationSsoRequest for updating the organization state.
* Specify OrganizationData type for updatedOrganization in SSO component
