* [deps] Platform: Update electron to v33
* fix: remove event from minimize
* chore: update electron version in `electron-builder.json`
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
* Use typescript-strict-plugin to iteratively turn on strict
* Add strict testing to pipeline
Can be executed locally through either `npm run test:types` for full type checking including spec files, or `npx tsc-strict` for only tsconfig.json included files.
* turn on strict for scripts directory
* Use plugin for all tsconfigs in monorepo
vscode is capable of executing tsc with plugins, but uses the most relevant tsconfig to do so. If the plugin is not a part of that config, it is skipped and developers get no feedback of strict compile time issues. These updates remedy that at the cost of slightly more complex removal of the plugin when the time comes.
* remove plugin from configs that extend one that already has it
* Update workspace settings to honor strict plugin
* Apply strict-plugin to native message test runner
* Update vscode workspace to use root tsc version
* `./node_modules/.bin/update-strict-comments` 🤖
This is a one-time operation. All future files should adhere to strict type checking.
* Add fixme to `ts-strict-ignore` comments
* `update-strict-comments` 🤖
repeated for new merge files
* feat: update sdk service abstraction with documentation and new `userClient$` function
* feat: add uninitialized user client with cache
* feat: initialize user crypto
* feat: initialize org keys
* fix: org crypto not initializing properly
* feat: avoid creating clients unnecessarily
* chore: remove dev print/subscription
* fix: clean up cache
* chore: update sdk version
* feat: implement clean-up logic (#11504)
* chore: bump sdk version to fix build issues
* chore: bump sdk version to fix build issues
* fix: missing constructor parameters
* refactor: simplify free() and delete() calls
* refactor: use a named function for client creation
* fix: client never freeing after refactor
* fix: broken impl and race condition in tests
* feat: add sdk override to desktop build
* feat: add SDK version to browser about dialog
* feat: add sdk override to browser build
* fix: `npm ci` overriding the override
* fix: artifacts not properly downloaded
* fix: switch to new repository
* feat: add debug version function to web
* feat: add sdk-version to CLI
* feat: add version to desktop
* feat: add override to cli
* feat: add override to web
* fix: cli version acting as default command
* fix: consistent workflow input name
* feat: add error handling
* feat: upgrade sdk-internal
* fix: forgot to update package lock
* fix: broken CI build
move sdk version to a regular command
* chore: revert version changes
* refactor: move error handling code
* chore: bump SDK to 0.2.0.main-1
* fix: clean up references to inputs.sdk_commit
* refactor: rename `init` to `applyVersionToWindow`
* Move ownership of biometrics to key-management
* Move biometrics ipc ownership to km
* Move further files to km; split off preload / ipc to km
* Fix linting
* Fix linting
* Fix tests
* Fix tests
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Change ownership of native messaging to key-management
* Move biometrics to libs/key-management
* Add README to capital whitelist
* Update package-lock.json
* Move km to key-management
* Move km to key-management
* Fix build for cli
* Import fixes
* Apply prettier fix
* Fix test
* Import fixes
* Import fixes
* Update libs/key-management/README.md
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update libs/key-management/package.json
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update lock file
* Change imports to top level km package
---------
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Revert "Remove unnecessary plist keys in desktop_proxy (#10933)"
This reverts commit 4dbb036df1.
* Revert "Fix TestFlight errors caused by desktop_proxy (#10928)"
This reverts commit 40cb4b5353.
* Revert "[PM-5506] Enable electron fuses (#10073)"
This reverts commit 78c5e9c706.
* Revert "[PM-7846] Implement a rust based native messaging proxy and IPC system (#9894)"
This reverts commit 55874b72bf.
* [PM-7846] Implement a rust based native messaging proxy and IPC system
* Only build desktop_proxy
* Bundle the desktop_proxy file
* Make sys deps optional for the proxy
* Restore accidentally deleted after-sign
* Update native cache to contain dist folder
* Add some test logging
* Native module cache seems very aggressive
* Fix invalid directory
* Fix debug print
* Remove cache force
* Remove cache debug code
* Only log to file in debug builds
* Place the binary in the correct place for mac and make sure it's signed
* Fix platform paths
* Test unsigned appx
* Revert "Test unsigned appx"
This reverts commit e47535440a.
* Fix comment
* Remove logs
* Use debug builds in native code, and test private path on MacOS
* Add connected message
* Update IPC API comments
* Update linux to also use XDG_ dir
* Update main.rs comment
* Improve docs and split some tasks spawned into separate functions
* Update send docs and return number of elements sent
* Mark `listen` as async to ensure it runs in a tokio context, handle errors better
* Add log on client channel closed
* Move binary to MacOS folder, and sign it manually so it gets the correct entitlements
* Fix some review comments
* Run prettier
* Added missing zbus_polkit dep
* Extract magic number and increase it to match spec
* Comment fix
* Use Napi object, combine nativeBinding export, always log to file
* Missed one comment
* Remove unnecessary generics
* Correct comment
* Select only codesigning identities
* Filter certificates
* Also add local dev cert
* Remove log
* Fix package ID
* debug_assert won't run the pop() in release mode
* Better error messages
* Fix review comments
* Remove unnecessary comment
* Update napi generated TS file
* Temporary fix for DDG
* Log reloading behavior
* Remove hints from responses.
changing password implies updating the hint, but no longer displays the old one. This is a security risk for shoulder surfing and breaks the escrow model we have where it is only shared via email when requested.
* Update change password hint label
* Enable system lock detection on linux
* Fix order of vault timeout options
* Port to new plit core / napi desktop native crates
* Make unimplemented implementation panic for on_lock
* Remove unecessary String::from
* Update cargo lock
* Extract generation of vault timeout options
* Clone Initial Data In `runMigrator`
- When using test cases, mutating the input data causes problems.
* Migrate `minimizeOnCopy` & `browserIntegrationEnabled`
* Update From Main
* Move Fingerprint Setting
- No Migration Yet
* Add Fingerprint to Migrations
* Convert Messaging to `async`
* Switch to calling `Boolean` for Map Function
* Catch Errors
* Remove LogService
* PM-7392 - EncryptSvc - add new method for detecting if a simple string is an enc string.
* PM-7392 - TokenSvc - add checks when setting and retrieving the access token to improve handling around the access token encryption.
* PM-7392 - (1) Clean up token svc (2) export access token key type for use in tests.
* PM-7392 - Get token svc tests passing; WIP more tests to come for new scenarios.
* PM-7392 - Access token secure storage to disk fallback WIP but mostly functional besides weird logout behavior.
* PM-7392 - Clean up unnecessary comment
* PM-7392 - TokenSvc - refresh token disk storage fallback
* PM-7392 - Fix token service tests in prep for adding tests for new scenarios.
* PM-7392 - TokenSvc tests - Test new setRefreshToken scenarios
* PM-7392 - TokenSvc - getRefreshToken should return null or a value - not undefined.
* PM-7392 - Fix test name.
* PM-7392 - TokenSvc tests - clean up test names that reference removed refresh token migrated flag.
* PM-7392 - getRefreshToken tests done.
* PM-7392 - Fix error quote
* PM-7392 - TokenSvc tests - setAccessToken new scenarios tested.
* PM-7392 - TokenSvc - getAccessToken - if secure storage errors add error to log.
* PM-7392 - TokenSvc tests - getAccessToken - all new scenarios tested
* PM-7392 - EncryptSvc - test new stringIsEncString method
* PM-7392 - Main.ts - fix circ dep issue.
* PM-7392 - Main.ts - remove comment.
* PM-7392 - Don't re-invent the wheel and simply use existing isSerializedEncString static method.
* PM-7392 - Enc String - (1) Add handling for Nan in parseEncryptedString (2) Added null handling to isSerializedEncString. (3) Plan to remove encrypt service implementation
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - Remove encrypt service method
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - Actually fix circ dep issues with Justin. Ty!
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - TokenSvc - update to use EncString instead of EncryptSvc + fix tests.
* PM-7392 - TokenSvc - (1) Remove test code (2) Refactor decryptAccessToken method to accept access token key and error on failure to pass required decryption key to method.
* PM-7392 - Per PR feedback and discussion, do not log the user out if hte refresh token cannot be found. This will allow users to continue to use the app until their access token expires and we will error on trying to refresh it. The app will then still work on a fresh login for 55 min.
* PM-7392 - API service - update doAuthRefresh error to clarify which token cannot be refreshed.
* PM-7392 - Fix SetRefreshToken case where a null input would incorrectly trigger a fallback to disk.
* PM-7392 - If the access token cannot be refreshed due to a missing refresh token or API keys, then surface an error to the user and log it so it isn't a silent failure + we get a log.
* PM-7392 - Fix CLI build errors
* PM-7392 - Per PR feedback, add missing tests (thank you Jake for writing these!)
Co-authored-by: Jake Fink <jfink@bitwarden.com>
* PM-7392 - Per PR feedback, update incorrect comment from 3 releases to 3 months.
* PM-7392 - Per PR feedback, remove links.
* PM-7392 - Per PR feedback, move tests to existing describe.
* PM-7392 - Per PR feedback, adjust all test names to match naming convention.
* PM-7392 - ApiService - refreshIdentityToken - log error before swallowing it so we have a record of it.
* PM-7392 - Fix copy for errorRefreshingAccessToken
* PM-7392 - Per PR feedback, move error handling toast responsibility to client specific app component logic reached via messaging.
* PM-7392 - Swap logout reason from enum to type.
* PM-7392 - ApiService - Stop using messaging to trigger toast to let user know about refresh access token errors; replace with client specific callback logic.
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* PM-7392 - Per PR feedback, adjust enc string changes and tests.
* PM-7392 - Rename file to be type from enum
* PM-7392 - ToastService - we need to await the activeToast.onHidden observable so return the activeToast from the showToast.
* PM-7392 - Desktop AppComp - cleanup messaging
* PM-7392 - Move Logout reason custom type to auth/common
* PM-7392 - WIP - Enhancing logout callback to consider the logout reason + move show toast logic into logout callback
* PM-7392 - Logout callback should simply pass along the LogoutReason instead of handling it - let each client's message listener handle it.
* PM-7392 - More replacements of expired with logoutReason
* PM-7392 - More expired to logoutReason replacements
* PM-7392 - Build new handlers for displaying the logout reason for desktop & web.
* PM-7392 - Revert ToastService changes
* PM-7392 - TokenSvc - Replace messageSender with logout callback per PR feedback.
* PM-7392 - Desktop App comp - replace toast usage with simple dialog to guarantee users will see the reason for them being logged out.
* PM-7392 - Web app comp - fix issue
* PM-7392 - Desktop App comp - don't show cancel btn on simple dialogs.
* PM-7392 - Desktop App comp - Don't open n simple dialogs.
* PM-7392 - Fix browser build
* PM-7392 - Remove logout reason from CLI as each logout call handles messaging on its own.
* PM-7392 - Previously, if a security stamp was invalid, the session was marked as expired. Restore that functionality.
* PM-7392 - Update sync service logoutCallback to include optional user id.
* PM-7392 - Clean up web app comp
* PM-7392 - Web - app comp - only handle actually possible web logout scenarios.
* PM-7392 - Browser Popup app comp - restore done logging out message functionality + add new default logout message
* PM-7392 - Add optional user id to logout callbacks.
* PM-7392 - Main.background.ts - add clarifying comment.
* PM-7392 - Per feedback, use danger simple dialog type for error.
* PM-7392 - Browser Popup - add comment clarifying expectation of seeing toasts.
* PM-7392 - Consolidate invalidSecurityStamp error handling
* PM-7392 - Per PR feedback, REFRESH_ACCESS_TOKEN_ERROR_CALLBACK can be completely sync. + Refactor to method in main.background.
* PM-7392 - Per PR feedback, use a named callback for refreshAccessTokenErrorCallback in CLI
* PM-7392 - Add TODO
* PM-7392 - Re-apply bw.ts changes to new service-container.
* PM-7392 - TokenSvc - tweak error message.
* PM-7392 - Fix test
* PM-7392 - Clean up merge conflict where I duplicated dependencies.
* PM-7392 - Per discussion with product, change default logout toast to be info
* PM-7392 - After merge, add new logout reason to sync service.
* PM-7392 - Remove default logout message per discussion with product since it isn't really visible on desktop or browser.
* PM-7392 - address PR feedback.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Use account service to track accounts and active account
* Remove state service active account Observables.
* Add email verified to account service
* Do not store account info on logged out accounts
* Add account activity tracking to account service
* Use last account activity from account service
* migrate or replicate account service data
* Add `AccountActivityService` that handles storing account last active data
* Move active and next active user to account service
* Remove authenticated accounts from state object
* Fold account activity into account service
* Fix builds
* Fix desktop app switch
* Fix logging out non active user
* Expand helper to handle new authenticated accounts location
* Prefer view observable to tons of async pipes
* Fix `npm run test:types`
* Correct user activity sorting test
* Be more precise about log out messaging
* Fix dev compare errors
All stored values are serializable, the next step wasn't necessary and was erroring on some types that lack `toString`.
* If the account in unlocked on load of lock component, navigate away from lock screen
* Handle no users case for auth service statuses
* Specify account to switch to
* Filter active account out of inactive accounts
* Prefer constructor init
* Improve comparator
* Use helper methods internally
* Fixup component tests
* Clarify name
* Ensure accounts object has only valid userIds
* Capitalize const values
* Prefer descriptive, single-responsibility guards
* Update libs/common/src/state-migrations/migrate.ts
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Fix merge
* Add user Id validation
activity for undefined was being set, which was resulting in requests for the auth status of `"undefined"` (string) userId, due to key enumeration. These changes stop that at both locations, as well as account add for good measure.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Re-register native messaging host integrations on startup
* Check for errors when generating the manifests
* Add log to component
* Switch to Promise.all
* Add injectable service
* Update the change master password dialog on browser
Change text to remove the mention of the bitwarden.com web vault
Change icon to show it's external link
Changes based on Figma attached to PM-2570
* Update the change master password dialog on desktop
Change text to remove the mention of the bitwarden.com web vault
Changes based on Figma attached to PM-2570 and to replicate what is done on browser
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* WIP: First Try at making DesktopSettingsService
Does not work, migrations are ran in renderer but the values are read in main.
* Update window$ retrieval
* Fix DesktopSettings
* Rename Migration
* Add Migration to Builder
* Cleanup
* Update Comments
* Update `migrate.ts`
* Catch Unawaited Promises
* Remove Comments
* Update Tests
* Rename Migration
* Add `alwaysOnTop`
* Make `init` async
* Fix Desktop Build
* Fix error on close due to context differences in background
Desktop background does not have active user information. Also, we want to delete _all_ prompt cancelled data, not just that for the active user. Storing this on global and manipulating observables to active achieves this without needing any user information in the background.
* Remove potentially orphaned data
* Throw nice error if prompt cancelled used without active user
* Register migration
* split prompt cancelled reset to user-specific and global
Refactor environment service to emit a single observable. This required significant changes to how the environment service behaves and tackles much of the tech debt planned for it.
Turns out the HCaptcha accessibility feature on desktop stopped working a while back. This PR resolves it and tweaks the implementation to use norefeerer and noopener for improved sandboxing. This comes with the slight tweak in behaviour namely we now get the cookie when you click the back button.
To fix hcaptcha not working I needed to use the correct session storage.
* Fix nextMock arguments
* Add state for biometric prompts
* Use biometric state for prompts
* Migrate biometric prompt data
* wire up biometric state to logouts
* Add migrator to migrate list
* Remove usages of prompt automatically
Explicitly list non-nulled state as intentional
* `npm run prettier` 🤖
* Fix web lock component
* Disable node integration and enable context isolation
* Review comments
* Log in renderer through IPC
* Missed imports
* Mock electron API
* resourcesPath is undefined in the preload, but process.windowsStore works correctly
* Replace fromBufferToUtf8 conditional implementation for the `buffer` package
The current non-node implementation is different than the node implementation,
as the non-node would break when the contents can't be parsed as a URI component.
Replacing the impl by the `buffer` package makes the result match in both environments.
* Fix lint
* Add some more tests
* Remove buffer from devDependencies
* add flag to deter process reload if cancel is clicked on biometrics
* rename flag
* store biometrics cancelled to disk instead of integrating with process reload
* allow auto-prompt when opening app
The latest version of types/node had some breaking changes related to Timer and Timeout, #6739. It turns out that we incorrectly used the type Timer when Timeout was expected in a few places. This PR resolves them, in an effort to unblock the @types/node upgrade.
