mirror of
https://github.com/bitwarden/browser
synced 2025-12-12 14:23:32 +00:00
fe96aa85f2f38942a15bedf15c281e673819c13c
21 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Justin Baur
|
fe96aa85f2 |
[PM-12007] Fix vault timeout action logout with account switching (#11008)
* Protect Against Toast Error * Use `concatMap` Instead of `switchMap` |
||
Cesar Gonzalez
|
974162b1a4 |
[PM-6426] Create TaskSchedulerService and update long lived timeouts in the extension to leverage the new service (#8566)
* [PM-6426] Create TaskSchedulerService and update usage of long lived timeouts * [PM-6426] Implementing nextSync timeout using TaskScheduler * [PM-6426] Implementing systemClearClipboard using TaskScheduler * [PM-6426] Fixing race condition with setting/unsetting active alarms * [PM-6426] Implementing clear clipboard call on generatePasswordToClipboard with the TaskSchedulerService * [PM-6426] Implementing abortTimeout for Fido2ClientService using TaskSchedulerService * [PM-6426] Implementing reconnect timer timeout for NotificationService using the TaskSchedulerService * [PM-6426] Implementing reconnect timer timeout for NotificationService using the TaskSchedulerService * [PM-6426] Implementing sessionTimeout for LoginStrategyService using TaskSchedulerService * [PM-6426] Implementing eventUploadInterval using TaskScheduler * [PM-6426] Adding jest tests for the base TaskSchedulerService class * [PM-6426] Updating jest tests for GeneratePasswordToClipboardCommand * [PM-6426] Setting up the full sync process as an interval rather than a timeout * [PM-6426] Renaming the scheduleNextSync alarm name * [PM-6426] Fixing dependency references in services.module.ts * [PM-6426] Adding jest tests for added BrowserApi methods * [PM-6426] Refactoring small detail for how we identify the clear clipboard timeout in SystemService * [PM-6426] Ensuring that we await clearing an established scheduled task for the notification service * [PM-6426] Changing the name of the state definition for the TaskScheduler * [PM-6426] Implementing jest tests for the BrowserTaskSchedulerService * [PM-6426] Implementing jest tests for the BrowserTaskSchedulerService * [PM-6426] Adding jest tests for the base TaskSchedulerService class * [PM-6426] Finalizing jest tests for BrowserTaskScheduler class * [PM-6426] Finalizing documentation on BrowserTaskSchedulerService * [PM-6426] Fixing jest test for LoginStrategyService * [PM-6426] Implementing compatibility for the browser.alarms api * [PM-6426] Fixing how we check for the browser alarms api * [PM-6426] Adding jest tests to the BrowserApi implementation * [PM-6426] Aligning the implementation with our code guidelines for Angular components * [PM-6426] Fixing jest tests and lint errors * [PM-6426] Moving alarms api calls out of BrowserApi and structuring them within the BrowserTaskSchedulerService * [PM-6426] Reworking implementation to register handlers separately from the call to those handlers * [PM-6426] Adjusting how we register the fullSync scheduled task * [PM-6426] Implementing approach for incorporating the user UUID when setting task handlers * [PM-6426] Attempting to re-work implementation to facilitate userId-spcific alarms * [PM-6426] Refactoring smaller details of the implementation * [PM-6426] Working through the details of the implementation and setting up final refinments * [PM-6426] Fixing some issues surrounding duplicate alarms triggering * [PM-6426] Adjusting name for generate password to clipboard command task name * [PM-6426] Fixing generate password to clipboard command jest tests * [PM-6426] Working through jest tests and implementing a method to guard against setting a task without having a registered callback * [PM-6426] Working through jest tests and implementing a method to guard against setting a task without having a registered callback * [PM-6426] Implementing methodology for having a fallback to setTimeout if the browser context is lost in some manner * [PM-6426] Working through jest tests * [PM-6426] Working through jest tests * [PM-6426] Working through jest tests * [PM-6426] Working through jest tests * [PM-6426] Finalizing stepped setInterval implementation * [PM-6426] Implementing Jest tests for DefaultTaskSchedulerService * [PM-6426] Adjusting jest tests * [PM-6426] Adjusting jest tests * [PM-6426] Adjusting jest tests * [PM-6426] Fixing issues identified in code review * [PM-6426] Fixing issues identified in code review * [PM-6426] Removing user-based alarms and fixing an issue found with setting steppedd alarm interavals * [PM-6426] Removing user-based alarms and fixing an issue found with setting steppedd alarm interavals * [PM-6426] Fixing issue with typing information on a test * [PM-6426] Using the getUpperBoundDelayInMinutes method to handle setting stepped alarms and setTimeout fallbacks * [PM-6426] Removing the potential for the TaskScheduler to be optional * [PM-6426] Reworking implementation to leverage subscription based deregistration of alarms * [PM-6426] Fixing jest tests * [PM-6426] Implementing foreground and background task scheduler services to avoid duplication of task scheudlers and to have the background setup as a fallback to the poopup tasks * [PM-6426] Implementing foreground and background task scheduler services to avoid duplication of task scheudlers and to have the background setup as a fallback to the poopup tasks * [PM-6426] Merging main into branch * [PM-6426] Fixing issues with the CLI Service Container implementation * [PM-6426] Reworking swallowed promises to contain a catch statement allow us to debug potential issues with registrations of alarms * [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService * [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService * [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService * [PM-6426] Adding jest tests to the ForegroundTaskSchedulerService and the BackgroundTaskSchedulerService * [PM-6426] Adjusting implementation based on code review feedback * [PM-6426] Reworking file structure * [PM-6426] Reworking file structure * [PM-6426] Adding comments to provide clarity on how the login strategy cache experiation state is used * [PM-6426] Catching and logging erorrs that appear from methods that return a promise within VaultTimeoutService |
||
Jared Snider
|
f691854387 |
Auth - PM-7392 & PM-7436 - Token Service - Desktop - Add disk fallback for secure storage failures (#8913)
* PM-7392 - EncryptSvc - add new method for detecting if a simple string is an enc string. * PM-7392 - TokenSvc - add checks when setting and retrieving the access token to improve handling around the access token encryption. * PM-7392 - (1) Clean up token svc (2) export access token key type for use in tests. * PM-7392 - Get token svc tests passing; WIP more tests to come for new scenarios. * PM-7392 - Access token secure storage to disk fallback WIP but mostly functional besides weird logout behavior. * PM-7392 - Clean up unnecessary comment * PM-7392 - TokenSvc - refresh token disk storage fallback * PM-7392 - Fix token service tests in prep for adding tests for new scenarios. * PM-7392 - TokenSvc tests - Test new setRefreshToken scenarios * PM-7392 - TokenSvc - getRefreshToken should return null or a value - not undefined. * PM-7392 - Fix test name. * PM-7392 - TokenSvc tests - clean up test names that reference removed refresh token migrated flag. * PM-7392 - getRefreshToken tests done. * PM-7392 - Fix error quote * PM-7392 - TokenSvc tests - setAccessToken new scenarios tested. * PM-7392 - TokenSvc - getAccessToken - if secure storage errors add error to log. * PM-7392 - TokenSvc tests - getAccessToken - all new scenarios tested * PM-7392 - EncryptSvc - test new stringIsEncString method * PM-7392 - Main.ts - fix circ dep issue. * PM-7392 - Main.ts - remove comment. * PM-7392 - Don't re-invent the wheel and simply use existing isSerializedEncString static method. * PM-7392 - Enc String - (1) Add handling for Nan in parseEncryptedString (2) Added null handling to isSerializedEncString. (3) Plan to remove encrypt service implementation Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> * PM-7392 - Remove encrypt service method Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> * PM-7392 - Actually fix circ dep issues with Justin. Ty! Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> * PM-7392 - TokenSvc - update to use EncString instead of EncryptSvc + fix tests. * PM-7392 - TokenSvc - (1) Remove test code (2) Refactor decryptAccessToken method to accept access token key and error on failure to pass required decryption key to method. * PM-7392 - Per PR feedback and discussion, do not log the user out if hte refresh token cannot be found. This will allow users to continue to use the app until their access token expires and we will error on trying to refresh it. The app will then still work on a fresh login for 55 min. * PM-7392 - API service - update doAuthRefresh error to clarify which token cannot be refreshed. * PM-7392 - Fix SetRefreshToken case where a null input would incorrectly trigger a fallback to disk. * PM-7392 - If the access token cannot be refreshed due to a missing refresh token or API keys, then surface an error to the user and log it so it isn't a silent failure + we get a log. * PM-7392 - Fix CLI build errors * PM-7392 - Per PR feedback, add missing tests (thank you Jake for writing these!) Co-authored-by: Jake Fink <jfink@bitwarden.com> * PM-7392 - Per PR feedback, update incorrect comment from 3 releases to 3 months. * PM-7392 - Per PR feedback, remove links. * PM-7392 - Per PR feedback, move tests to existing describe. * PM-7392 - Per PR feedback, adjust all test names to match naming convention. * PM-7392 - ApiService - refreshIdentityToken - log error before swallowing it so we have a record of it. * PM-7392 - Fix copy for errorRefreshingAccessToken * PM-7392 - Per PR feedback, move error handling toast responsibility to client specific app component logic reached via messaging. * PM-7392 - Swap logout reason from enum to type. * PM-7392 - ApiService - Stop using messaging to trigger toast to let user know about refresh access token errors; replace with client specific callback logic. Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * PM-7392 - Per PR feedback, adjust enc string changes and tests. * PM-7392 - Rename file to be type from enum * PM-7392 - ToastService - we need to await the activeToast.onHidden observable so return the activeToast from the showToast. * PM-7392 - Desktop AppComp - cleanup messaging * PM-7392 - Move Logout reason custom type to auth/common * PM-7392 - WIP - Enhancing logout callback to consider the logout reason + move show toast logic into logout callback * PM-7392 - Logout callback should simply pass along the LogoutReason instead of handling it - let each client's message listener handle it. * PM-7392 - More replacements of expired with logoutReason * PM-7392 - More expired to logoutReason replacements * PM-7392 - Build new handlers for displaying the logout reason for desktop & web. * PM-7392 - Revert ToastService changes * PM-7392 - TokenSvc - Replace messageSender with logout callback per PR feedback. * PM-7392 - Desktop App comp - replace toast usage with simple dialog to guarantee users will see the reason for them being logged out. * PM-7392 - Web app comp - fix issue * PM-7392 - Desktop App comp - don't show cancel btn on simple dialogs. * PM-7392 - Desktop App comp - Don't open n simple dialogs. * PM-7392 - Fix browser build * PM-7392 - Remove logout reason from CLI as each logout call handles messaging on its own. * PM-7392 - Previously, if a security stamp was invalid, the session was marked as expired. Restore that functionality. * PM-7392 - Update sync service logoutCallback to include optional user id. * PM-7392 - Clean up web app comp * PM-7392 - Web - app comp - only handle actually possible web logout scenarios. * PM-7392 - Browser Popup app comp - restore done logging out message functionality + add new default logout message * PM-7392 - Add optional user id to logout callbacks. * PM-7392 - Main.background.ts - add clarifying comment. * PM-7392 - Per feedback, use danger simple dialog type for error. * PM-7392 - Browser Popup - add comment clarifying expectation of seeing toasts. * PM-7392 - Consolidate invalidSecurityStamp error handling * PM-7392 - Per PR feedback, REFRESH_ACCESS_TOKEN_ERROR_CALLBACK can be completely sync. + Refactor to method in main.background. * PM-7392 - Per PR feedback, use a named callback for refreshAccessTokenErrorCallback in CLI * PM-7392 - Add TODO * PM-7392 - Re-apply bw.ts changes to new service-container. * PM-7392 - TokenSvc - tweak error message. * PM-7392 - Fix test * PM-7392 - Clean up merge conflict where I duplicated dependencies. * PM-7392 - Per discussion with product, change default logout toast to be info * PM-7392 - After merge, add new logout reason to sync service. * PM-7392 - Remove default logout message per discussion with product since it isn't really visible on desktop or browser. * PM-7392 - address PR feedback. --------- Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> Co-authored-by: Jake Fink <jfink@bitwarden.com> Co-authored-by: Matt Gibson <mgibson@bitwarden.com> |
||
|
Jared Snider
|
473c5311fa |
Auth/PM-5501 - VaultTimeoutSettingsService State Provider Migration (#8604)
* PM-5501 - VaultTimeoutSettingsSvc - refactor var names in getVaultTimeoutAction * PM-5501 - Add state definitions and key definitions + test deserialization of key defs. * PM-5501 - Add state provider dep to VaultTimeoutSettingsSvc * PM-5501 - Refactor getVaultTimeout * PM-5501 - VaultTimeoutSettingsService - Build getMaxVaultTimeoutPolicyByUserId helper * PM-5501 - (1) Update state definitions (2) convert KeyDefs to UserKeyDefs (2) Remove everBeenUnlocked as we won't need it * PM-5501 - VaultTimeoutSettingsSvc - POC for getVaultTimeoutActionByUserId$ method + new private determineVaultTimeoutAction helper. * PM-5501 - VaultTimeoutSettingsSvc - build set and observable get methods for vault timeout settings * PM-5501 - Update web references to use new vault timeout setting service methods * PM-5501 - VaultTimeoutSettingsSvc - write up abstraction js docs * PM-5501 - VaultTimeoutSettingsSvc abstraction - finish tweaks * PM-5501 - VaultTimeoutSettingsSvc - add catchError blocks to observables to protect outer observables and prevent cancellation in case of error. * PM-5501 - Remove vault timeout settings from state service implementation. * PM-5501 - VaultTimeoutSettingsServiceStateProviderMigrator first draft * PM-5501 - WIP - replace some state service calls with calls to vault timeout settings svc. * PM-5501 - Replace state service calls in login strategies to get vault timeout settings data with VaultTimeoutSettingsService calls. * PM-5501 - Fix login strategy tests * PM-5501 - Update login strategy tests to pass * PM-5501 - CryptoSvc - share VaultTimeout user key def to allow crypto svc access to the vault timeout without creating a circular dep. * PM-5501 - Fix dependency injections. * PM-5501 - ApiSvc - replace state svc with vault timeout settings svc. * PM-5501 - VaultTimeoutSettingsServiceStateProviderMigrator more cleanup * PM-5501 - Test VaultTimeoutSettingsServiceStateProviderMigrator * PM-5501 - VaultTimeoutSettingsSvc tests updated * PM-5501 - Update all setVaultTimeoutOptions references * PM-5501 - VaultTimeoutSettingsSvc - Update setVaultTimeoutOptions to remove unnecessary logic and clean up clearTokens condition. * PM-5501 - Fix vault timeout service tests * PM-5501 - Update VaultTimeoutSettings state tests to pass * PM-5501 - Desktop - system svc - fix build by replacing use of removed method. * PM-5501 - Fix CLI by properly configuring super class deps in NodeApiService * PM-5501 - Actually finish getitng deps fixed to get CLI to build * PM-5501 - VaultTimeoutSettingsSvc.determineVaultTimeoutAction - pass userId to getAvailableVaultTimeoutActions to prevent hang waiting for an active user. * PM-5501 - VaultTimeoutSettingSvc test - enhance getVaultTimeoutActionByUserId$ to also test PIN scenarios as an unlock method * PM-5501 - bump migration version * PM-5501 - Refactor migration to ensure the migration persists null vault timeout values. * PM-5501 - Bump migration version * PM-5501 - Fix web build issues introduced by merging main. * PM-5501 - Bump migration version * PM-5501 - PreferencesComponent - revert dep change from InternalPolicyService to standard PolicyService abstraction * PM-5501 - Address all PR feedback from Jake Co-authored-by: Jake Fink <jfink@bitwarden.com> * PM-5501 - VaultTimeoutSettingsSvc tests - add tests for setVaultTimeoutOptions * PM-5501 - VaultTimeoutSettingsSvc - setVaultTimeoutOptions - Update tests to use platform's desired syntax. * PM-5501 - Fix tests * PM-5501 - Create new VaultTimeout type * PM-5501 - Create new DEFAULT_VAULT_TIMEOUT to allow each client to inject their default timeout into the VaultTimeoutSettingService * PM-5501 - Migrate client default vault timeout to new injection token * PM-5501 - Update VaultTimeoutSettingsSvc to use VaultTimeout type and apply default vault timeout if it is null. * PM-5501 - Update vaultTimeout: number to be vaultTimeout: VaultTimeout everywhere I could find it. * PM-5501 - More changes based on changing vaultTimeout from number to VaultTimeout type. * PM-5501 - VaultTimeoutSvc - Update shouldLock logic which previously checked for null (never) or any negative values (any strings except never) with a simple string type check. * PM-5501 - More cleanup of vaultTimeout type change - replacing null checks with "never" checks * PM-5501 - VaultTimeoutSettingsSvc - refactor determineVaultTimeout to properly treat string and numeric vault timeouts. * PM-5501 - Update vault timeout settings service tests to reflect new VaultTimeout type. * PM-5501 - VaultTimeoutSettingsService - add more test cases for getVaultTimeoutByUserId * PM-5501 - (1) Remove "immediately" as 0 is numerically meaningful and can be used with Math.min (2) Add VaultTimeoutOption interface for use in all places we show the user a list of vault timeout options. * PM-5501 - VaultTimeoutSettingSvc - update tests to use 0 as immediately. * PM-5501 - VaultTimeoutInputComp - Add new types and update applyVaultTimeoutPolicy logic appropriately. * PM-5501 - Add new types to all preferences and setting components across clients. * PM-5501 - Fix bug on web where navigating to the preferences page throws an error b/c the validatorChange function isn't defined. * PM-5501 - WIP on updating vault timeout setting migration and rollback + testing it. * PM-5501 - Update VaultTimeoutSettingsSvc state provider migration and tests to map existing possible values into new VaultTImeout type. * PM-5501 - Fix vault timeout settings state tests by changing number to new VaultTimeout type. * PM-5501 - Fix crypto svc auto key refresh test to use "never" instead of null. * PM-5501 - Add clarifying comment to vaulttimeout type * PM-5501 - Desktop app comp - replace systemTimeoutOptions with vault timeout type. * PM-5501 - Update vault timeout service tests to use VaultTimeout type. * PM-5501 - VaultTimeoutSettingsSvc - (1) Fix bug where vault timeout action didn't have a default like it did before (2) Fix bug in userHasMasterPassword where it would incorrectly return the active user stream for a given user id as a fallback. There is no guarantee the given user would match the active user so the paths are mutually exclusive. * PM-5501 - Login Strategy fix - Move retrieval of vault timeout settings and setting of the tokens until after account init and user decryption options set as those opts are needed to properly determine the user's available vault timeout actions. * PM-5501 - Fix vault timeout settings svc tests * PM-5501 - VaultTimeoutSettingSvc - move default logic to determine methods + refactor default vault timeout action to properly default to lock in scenarios the user has lock available. * Update libs/angular/src/components/settings/vault-timeout-input.component.ts Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com> * PM-5501 - Per PR feedback, cleanup commented out vault timeout options * PM-5501 - Fix vault timeout input comp lint issues * PM-5501 - Per PR feedback from Cesar, update VaultTimeout type to use const so we can avoid any magic string usage. Awesome. Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com> * PM-5501 - CLI - use "never" as default vault timeout instead of null. * PM-5501 - Fix broken tests * PM-5501 - Bump migration version * PM-5501 - Fix build errors after merging main. * PM-5501 - Update mockMigrationHelper to pass along client type so tests will respect it. * PM-5501 - Update VaultTimeoutSettingsServiceStateProviderMigrator and tests to use new CLI client type to convert undefined values to never so that CLI users don't lose their session upon running this migration. * PM-5501 - Bump migration version * PM-5501 - Fix migration tests to use new authenticated user format * PM-5501 Update rollback tests * PM-5501 - Adjust migration based on feedback. * PM-5501 - Per Jake's find, fix missed -2 Co-authored-by: Jake Fink <jfink@bitwarden.com> * PM-5501 - Add user id to needsStorageReseed. Co-authored-by: Jake Fink <jfink@bitwarden.com> * PM-5501 - Per PR feedback, setVaultTimeoutOptions shouldn't accept null for vault timeout anymore. * PM-5501 - Per PR feedback, add null checks for set methods for setting vault timeout or vault timeout action. * PM-5501 - Per PR feedback, add more context as to why we need vault timeout settings to persist after logout. * PM-5501 - Per PR feedback, fix userHasMasterPassword * PM-5501 - VaultTimeoutSettingsService - fix userHasMasterPassword check by checking for null decryption options. * PM-5501 - Remove state service from vault timeout settings service (WOOO) * PM-5501 - Bump migration version * PM-5501 - Account Security comp - refactor to consider ease of debugging. * PM-5501 - (1) Add checks for null vault timeout and vault timeout actions (2) Add tests for new scenarios. * PM-5501 - VaultTimeoutSettingsSvc - setVaultTimeoutOptions - fix bug where nullish check would throw incorrectly if immediately (0) was picked as the timeout. * PM-5501 - Per PR feedback, clean up remaining token service methods which accept null for timeout and add tests. . * PM-5501 - Fix nit --------- Co-authored-by: Jake Fink <jfink@bitwarden.com> Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com> |
||
|
Justin Baur
|
e4ef7d362e |
[PM-7838] [PM-7864] Ensure AuthStatus Changes Before Exiting (#9018)
* Ensure AuthStatus Changes Before Exiting * Do Not Display Account Without Name Or Email * Fix Environment Selectors * Add AccountService.clean to Web |
||
|
Justin Baur
|
4b42ff7171 |
[PM-3483] Remove migrateKeyForNeverLockIfNeeded Logic (#8953)
* Remove `migrateKeyForNeverLockIfNeeded` Logic * Fix Test * Remove `migrateAutoKeyIfNeeded` |
||
Matt Gibson
|
c70a5aa024 |
[PM-6688] Use AccountService as account source (#8893)
* Use account service to track accounts and active account * Remove state service active account Observables. * Add email verified to account service * Do not store account info on logged out accounts * Add account activity tracking to account service * Use last account activity from account service * migrate or replicate account service data * Add `AccountActivityService` that handles storing account last active data * Move active and next active user to account service * Remove authenticated accounts from state object * Fold account activity into account service * Fix builds * Fix desktop app switch * Fix logging out non active user * Expand helper to handle new authenticated accounts location * Prefer view observable to tons of async pipes * Fix `npm run test:types` * Correct user activity sorting test * Be more precise about log out messaging * Fix dev compare errors All stored values are serializable, the next step wasn't necessary and was erroring on some types that lack `toString`. * If the account in unlocked on load of lock component, navigate away from lock screen * Handle no users case for auth service statuses * Specify account to switch to * Filter active account out of inactive accounts * Prefer constructor init * Improve comparator * Use helper methods internally * Fixup component tests * Clarify name * Ensure accounts object has only valid userIds * Capitalize const values * Prefer descriptive, single-responsibility guards * Update libs/common/src/state-migrations/migrate.ts Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> * Fix merge * Add user Id validation activity for undefined was being set, which was resulting in requests for the auth status of `"undefined"` (string) userId, due to key enumeration. These changes stop that at both locations, as well as account add for good measure. --------- Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> |
||
|
Jared Snider
|
fffef95c5e |
Auth/PM-7235 - Refactor AuthService.getAuthStatus, deprecate everBeenUnlocked, and handle initialization of auto user key on client init (#8590)
* PM-7235 - AuthSvc - Refactor getAuthStatus to simply use the cryptoService.hasUserKey check to determine the user's auth status. * PM-7235 - CryptoSvc - getUserKey - remove setUserKey side effect if auto key is stored. Will move to app init * PM-7235 - For each client init service, add setUserKeyInMemoryIfAutoUserKeySet logic * PM-7235 - CryptoSvc tests - remove uncessary test. * PM-7235 - Create UserKeyInitService and inject into all init services with new listening logic to support acct switching. * PM-7235 - UserKeyInitSvc - minor refactor of setUserKeyInMemoryIfAutoUserKeySet * PM-7235 - Add test suite for UserKeyInitService * PM-7235 - Remove everBeenUnlocked as it is no longer needed * PM-7235 - Fix tests * PM-7235 - UserKeyInitSvc - per PR feedback, add error handling to protect observable stream from being cancelled in case of an error * PM-7235 - Fix tests * Update libs/common/src/platform/services/user-key-init.service.ts Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Update libs/common/src/platform/services/user-key-init.service.ts Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * PM-7235 - AuthSvc - Per PR review, for getAuthStatus, only check user key existence in memory. * PM-7235 - remove not useful test per PR feedback. * PM-7235 - Per PR feedback, update cryptoService.hasUserKey to only check memory for the user key. * PM-7235 - Per PR feedback, move user key init service listener to main.background instead of init service * PM-7235 - UserKeyInitSvc tests - fix tests to plass --------- Co-authored-by: Matt Gibson <mgibson@bitwarden.com> |
||
SmithThe4th
|
2bce6c538c |
[PM-6194] Refactor injection of services in browser services module (#8380)
* refactored injector of services on the browser service module * refactored the search and popup serach service to use state provider * renamed back to default * removed token service that was readded during merge conflict * Updated search service construction on the cli * updated to use user key definition * Reafctored all components that refernce issearchable * removed commented variable * added uncommited code to remove dependencies not needed anymore * added uncommited code to remove dependencies not needed anymore |
||
Jake Fink
|
9d10825dbd |
[PM-5362] Add MP Service (attempt #2) (#8619)
* create mp and kdf service * update mp service interface to not rely on active user * rename observable methods * update crypto service with new MP service * add master password service to login strategies - make fake service for easier testing - fix crypto service tests * update auth service and finish strategies * auth request refactors * more service refactors and constructor updates * setMasterKey refactors * remove master key methods from crypto service * remove master key and hash from state service * missed fixes * create migrations and fix references * fix master key imports * default force set password reason to none * add password reset reason observable factory to service * remove kdf changes and migrate only disk data * update migration number * fix sync service deps * use disk for force set password state * fix desktop migration * fix sso test * fix tests * fix more tests * fix even more tests * fix even more tests * fix cli * remove kdf service abstraction * add missing deps for browser * fix merge conflicts * clear reset password reason on lock or logout * fix tests * fix other tests * add jsdocs to abstraction * use state provider in crypto service * inverse master password service factory * add clearOn to master password service * add parameter validation to master password service * add component level userId * add missed userId * migrate key hash * fix login strategy service * delete crypto master key from account * migrate master key encrypted user key * rename key hash to master key hash * use mp service for getMasterKeyEncryptedUserKey * fix tests * fix user key decryption logic * add clear methods to mp service * fix circular dep and encryption issue * fix test * remove extra account service call * use EncString in state provider * fix tests * return to using encrypted string for serialization |
||
|
Matt Gibson
|
c02723d6a6 |
Specify clearOn options for platform services (#8584)
* Use UserKeys in biometric state * Remove global clear todo. Answer is never * User UserKeys in crypto state * Clear userkey on both lock and logout via User Key Definitions * Use UserKeyDefinitions in environment service * Rely on userKeyDefinition to clear org keys * Rely on userKeyDefinition to clear provider keys * Rely on userKeyDefinition to clear user keys * Rely on userKeyDefinitions to clear user asym key pair |
||
|
Jake Fink
|
775c8a1bbe |
Revert "[PM-5362]Create MP Service for state provider migration (#7623)" (#8617)
This reverts commit
|
||
|
Jake Fink
|
b1abfb0a5c |
[PM-5362]Create MP Service for state provider migration (#7623)
* create mp and kdf service * update mp service interface to not rely on active user * rename observable methods * update crypto service with new MP service * add master password service to login strategies - make fake service for easier testing - fix crypto service tests * update auth service and finish strategies * auth request refactors * more service refactors and constructor updates * setMasterKey refactors * remove master key methods from crypto service * remove master key and hash from state service * missed fixes * create migrations and fix references * fix master key imports * default force set password reason to none * add password reset reason observable factory to service * remove kdf changes and migrate only disk data * update migration number * fix sync service deps * use disk for force set password state * fix desktop migration * fix sso test * fix tests * fix more tests * fix even more tests * fix even more tests * fix cli * remove kdf service abstraction * add missing deps for browser * fix merge conflicts * clear reset password reason on lock or logout * fix tests * fix other tests * add jsdocs to abstraction * use state provider in crypto service * inverse master password service factory * add clearOn to master password service * add parameter validation to master password service * add component level userId * add missed userId * migrate key hash * fix login strategy service * delete crypto master key from account * migrate master key encrypted user key * rename key hash to master key hash * use mp service for getMasterKeyEncryptedUserKey * fix tests |
||
|
Justin Baur
|
c3eba7f2c8 |
[PM-6404] Fully Integrate clearOn Events (#8134)
* Add New KeyDefinitionOption * Add New Services * Add WebStorageServiceProvider Tests * Update Error Message * Add `UserKeyDefinition` * Fix Deserialization Helpers * Fix KeyDefinition * Add `UserKeyDefinition` * Fix Deserialization Helpers * Fix KeyDefinition * Move `ClearEvent` * Cleanup * Fix Imports * Integrate onClear Events * Remove Accidental Addition * Fix Test * Add VaultTimeoutService Tests * Only Register When Current State is Null * Address Feedback |
||
Jason Ng
|
3edf098aaf |
PM-5274 Migrate Collection Service State (#7732)
* update collection service to use new state provider framework, remove stateservice from collection service, update collections state provider with migrate file and unit test |
||
Will Martin
|
cb8849c355 |
Add eslint rule no-floating-promises (#7789)
* add eslint rule no-floating-promises * add eslint-disable comment to offending lines |
||
|
Justin Baur
|
3deb6ea0c8 | Only Keep Active User Alive When A View is Open (#7045) | ||
renovate[bot]
|
28de9439be |
[deps] Autofill: Update prettier to v3 (#7014)
* [deps] Autofill: Update prettier to v3 * prettier formatting updates --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com> |
||
|
Justin Baur
|
3451ee8133 |
Vault Timeout Service Tests & Bug Fix (#7021)
* Add Tests to VaultTimeoutService * Fix Bug Get availableTimeoutActions for the user actually locking instead of getting the timeout actions for the active user. |
||
|
Jake Fink
|
8c06508435 |
[PM-3726] Force migration of legacy user's encryption key (#6195)
* [PM-3726] migrate legacy user's encryption key * [PM-3726] add 2fa support and pr feedback * [PM-3726] revert launch.json & webpack.config changes * [PM-3726] remove update key component - also remove card in vault since legacy users can't login * [PM-3726] Fix i18n & PR feedback * [PM-3726] make standalone component * [PM-3726] linter * [PM-3726] missing await * [PM-3726] logout legacy users with vault timeout to never * [PM-3726] add await * [PM-3726] skip auto key migration for legacy users * [PM-3726] pr feedback * [PM-3726] move check for web into migrate method --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com> |
||
Todd Martin
|
5665576147 |
Trusted Device Encryption feature (#5950)
* PM-1049 - Create first display draft of login-decryption-options base and web components (no data loading or user actions wired up yet; WIP) * PM-1049 - Update DeviceResponse to match latest properties on backend * PM-1049 - Add getDevices call to retrieve all user devices to API service * PM-1049 - WIP on figuring out login decryption options component requirements * PM-1049 - Add empty login decryption options to desktop * PM-1049 - Desktop - Update "Log in initiated" translation to be "Login Initiated" per figma and product request * PM-1049 - Desktop - login decryption options component html done * PM-1049 - Move login-decryption-options in web into own folder * PM-1049 - Browser - created html for login-decryption-options component * PM-1049 - Move newly created getDevices() method out of api.service into proper place in new devices-api.service. * PM-1049 -Comment cleanup and TODO added * PM-1049 - Comment cleanup and dependency cleanup across all login-decryption-options comps * PM-1049 - WIP of building out needed response and regular models for saving new UserDecryptionOptions on the Account in state. * PM-1049 - Update all User Decryption Options response and state models in light of the back end changes from a list to an object. Web building now with decryption options stored on state under the account successfully. Must now build out state service methods for retrieving / setting account decryption options for use elsewhere. * PM-1049 - State Service - setup setters / getters for UserDecryptionOptions off the account * PM-1049 - StateService - replace User with Acct for decryption options * PM-1049 - Create domain models vs using response models as response models have a response property w/ the full response nested underneath which we don't need to persist for the user decryption options stored on the account. * PM-1049 - AcctDecryptionOptions now persist across page refreshes of the login-initiated page to act similarly to refreshes on the lock screen. Accomplished via persisting AcctDecryptionOptions in local storage -- still cleared on logout. * PM-1049 - IdTokenResponse - only userDecryptionOptions if they exist on the response from the server; I saw a few instances where it did not. Wasn't able to replicate consistently, but I put this check here to be safe. * PM-1049 - Login Initiated route can only be accessed if user is AuthN w/ locked vault + TDE feature flag is on. * PM-1049 - LoginDecryptionOptions - (1) Wire up loading logic (2) Retrieve User Acct Decryption options to determine whether or not to show request admin approval btn and approve w/ MP (3) Write up future logic for requestAdminApproval (4) approveWithMasterPassword takes you to the lock screen to login. * PM-1049 - Apply same guards as in web to login-decryption-options in desktop & browser. * PM-1049 - (1) Updated dependencies in parent BaseLoginDecryptionOptionsComponent class + child components (2) Retrieve userEmail b/c needed for displaying which email the user is logging in with (3) Add log out functionality (4) Add comments regarding future implementation details for each login approval flow. * PM-1049 - Web/Browser/Desktop LoginDecryptionOptions - (1) Wire up approval buttons (2) Add conditional margins (3) Loading spinner added (4) Display userEmail + "not you" logout link * PM-1049 - Add TODOs for future changes needed as part of the Login Approval flows for TDE * PM-1049 - TODO: replace base component with business service * add new storage to replace MasterKey with UserSymKey * add storage for master key encrypted user symmetric key * Begin refactor of crypto service to support new key structure * remove provided key from getKeyForUserEncryption * add decryption with MasterKey method to crypto service * update makeKeyPair on crypto service to be generic * add type to parameter of setUserKey in abstraction of crypto service * add setUserSymKeyMasterKey so we can set the encrypted user sym key from server * update cli with new crypto service methods - decrypt user sym key and set when unlocking * separate the user key in memory from user keys in storage * add new memory concept to crypto service calls in cli * update auth service to use new crypto service * update register component in lib to use new crypto service * update register component again with more crypto service * update sync service to use new crypto service methods * update send service to use new crypto service methods * update folder service to use new crypto service methods * update cipher service to use new crypto service * update password generation service to use new crypto service * update vault timeout service with new crypto service * update collection service to use new crypto service * update emergency access components to use new crypto service methods * migrate login strategies to new key model - decrypt and set user symmetric key if Master Key is available - rename keys where applicable - update unit tests * migrate pin to use user's symmetric key instead of master key - set up new state - migrate on lock component - use new crypto service methods * update pin key when the user symmetric key is set - always set the protected pin so we can recreate pin key from user symmetric key - stop using EncryptionPair in account - use EncString for both pin key storage - update migration from old strategy on lock component * set user symmetric key on lock component - add missed key suffix types to crypto service methods * migrate auto key - add helper to internal crypto service method to migrate * remove additional keys in state service clean * clean up the old pin keys in more flows - in the case that the app is updated while logged in and the user changes their pin, this will clear the old pin keys * finish migrate auto key if needed - migrate whenever retrieved from storage - add back the user symmetric key toggle * migrate biometrics key - migrate only on retrieval * fix crypto calls for key connector and vault timeout settings * update change password components with new crypto service * update assortment of leftover old crypto service calls * update device-crypto service with new crypto service * remove old EncKey methods from crypto service * remove clearEncKey from crypto service * move crypto service jsdoc to abstraction * add org key type and new method to build a data enc key for orgs * fix typing of bulk confirm component * fix EncString serialization issues & various fixes Co-authored-by: Matt Gibson <MGibson1@users.noreply.github.com> * update account model with new keys serialization * migrate native messaging for biometrics to use new key model - support backwards compatibility - update safari web extension to send user key - add error handling * add early exit to native messaging flow for errors * improve error strings in crypto service * disable disk cache for browser due to bg script/popup race conditions * clear bio key when pin is migrated as bio is refreshed * share disk cache to fix syncing issues between contexts * check for ephemeral pin before process reload * remove state no longer needed and add JSDOC * fix linter * add new types to tests * remove cryptoMasterKeyB64 from account * fix tests imports * use master key for device approvals still * cleanup old TODOs, add missing crypto service parameters * fix cli crypto service calls * share disk cache between contexts on browser * Revert "share disk cache between contexts on browser" This reverts commit |