mirror of
https://github.com/bitwarden/browser
synced 2025-12-06 00:13:28 +00:00
38c4eeb27d
* Move kdf to km ownership * Fix duplicate import * Remove whitespace * Fix double imports * Fix desktop build * Fix test error * Fix imports * Move ownership of kdftype to km * Fix imports --------- Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
249 lines
8.8 KiB
TypeScript
249 lines
8.8 KiB
TypeScript
import { Component, OnDestroy, OnInit } from "@angular/core";
|
|
import { Router } from "@angular/router";
|
|
import { firstValueFrom, map } from "rxjs";
|
|
|
|
import { ChangePasswordComponent as BaseChangePasswordComponent } from "@bitwarden/angular/auth/components/change-password.component";
|
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
|
import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
|
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
|
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
|
import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction";
|
|
import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction";
|
|
import { PasswordRequest } from "@bitwarden/common/auth/models/request/password.request";
|
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
|
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
|
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
|
import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
|
|
import { HashPurpose } from "@bitwarden/common/platform/enums";
|
|
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
|
|
import { UserId } from "@bitwarden/common/types/guid";
|
|
import { MasterKey, UserKey } from "@bitwarden/common/types/key";
|
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
|
import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction";
|
|
import { DialogService, ToastService } from "@bitwarden/components";
|
|
import { PasswordGenerationServiceAbstraction } from "@bitwarden/generator-legacy";
|
|
import { KdfConfigService, KeyService } from "@bitwarden/key-management";
|
|
|
|
import { UserKeyRotationService } from "../../key-management/key-rotation/user-key-rotation.service";
|
|
|
|
@Component({
|
|
selector: "app-change-password",
|
|
templateUrl: "change-password.component.html",
|
|
})
|
|
export class ChangePasswordComponent
|
|
extends BaseChangePasswordComponent
|
|
implements OnInit, OnDestroy
|
|
{
|
|
rotateUserKey = false;
|
|
currentMasterPassword: string;
|
|
masterPasswordHint: string;
|
|
checkForBreaches = true;
|
|
characterMinimumMessage = "";
|
|
|
|
constructor(
|
|
i18nService: I18nService,
|
|
keyService: KeyService,
|
|
messagingService: MessagingService,
|
|
stateService: StateService,
|
|
passwordGenerationService: PasswordGenerationServiceAbstraction,
|
|
platformUtilsService: PlatformUtilsService,
|
|
policyService: PolicyService,
|
|
private auditService: AuditService,
|
|
private cipherService: CipherService,
|
|
private syncService: SyncService,
|
|
private apiService: ApiService,
|
|
private router: Router,
|
|
dialogService: DialogService,
|
|
private userVerificationService: UserVerificationService,
|
|
private keyRotationService: UserKeyRotationService,
|
|
kdfConfigService: KdfConfigService,
|
|
masterPasswordService: InternalMasterPasswordServiceAbstraction,
|
|
accountService: AccountService,
|
|
toastService: ToastService,
|
|
) {
|
|
super(
|
|
i18nService,
|
|
keyService,
|
|
messagingService,
|
|
passwordGenerationService,
|
|
platformUtilsService,
|
|
policyService,
|
|
stateService,
|
|
dialogService,
|
|
kdfConfigService,
|
|
masterPasswordService,
|
|
accountService,
|
|
toastService,
|
|
);
|
|
}
|
|
|
|
async ngOnInit() {
|
|
if (!(await this.userVerificationService.hasMasterPassword())) {
|
|
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
|
this.router.navigate(["/settings/security/two-factor"]);
|
|
}
|
|
|
|
await super.ngOnInit();
|
|
|
|
this.characterMinimumMessage = this.i18nService.t("characterMinimum", this.minimumLength);
|
|
}
|
|
|
|
async rotateUserKeyClicked() {
|
|
if (this.rotateUserKey) {
|
|
const ciphers = await this.cipherService.getAllDecrypted();
|
|
let hasOldAttachments = false;
|
|
if (ciphers != null) {
|
|
for (let i = 0; i < ciphers.length; i++) {
|
|
if (ciphers[i].organizationId == null && ciphers[i].hasOldAttachments) {
|
|
hasOldAttachments = true;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (hasOldAttachments) {
|
|
const learnMore = await this.dialogService.openSimpleDialog({
|
|
title: { key: "warning" },
|
|
content: { key: "oldAttachmentsNeedFixDesc" },
|
|
acceptButtonText: { key: "learnMore" },
|
|
cancelButtonText: { key: "close" },
|
|
type: "warning",
|
|
});
|
|
|
|
if (learnMore) {
|
|
this.platformUtilsService.launchUri(
|
|
"https://bitwarden.com/help/attachments/#add-storage-space",
|
|
);
|
|
}
|
|
this.rotateUserKey = false;
|
|
return;
|
|
}
|
|
|
|
const result = await this.dialogService.openSimpleDialog({
|
|
title: { key: "rotateEncKeyTitle" },
|
|
content:
|
|
this.i18nService.t("updateEncryptionKeyWarning") +
|
|
" " +
|
|
this.i18nService.t("updateEncryptionKeyExportWarning") +
|
|
" " +
|
|
this.i18nService.t("rotateEncKeyConfirmation"),
|
|
type: "warning",
|
|
});
|
|
|
|
if (!result) {
|
|
this.rotateUserKey = false;
|
|
}
|
|
}
|
|
}
|
|
|
|
async submit() {
|
|
if (
|
|
this.masterPasswordHint != null &&
|
|
this.masterPasswordHint.toLowerCase() === this.masterPassword.toLowerCase()
|
|
) {
|
|
this.toastService.showToast({
|
|
variant: "error",
|
|
title: this.i18nService.t("errorOccurred"),
|
|
message: this.i18nService.t("hintEqualsPassword"),
|
|
});
|
|
return;
|
|
}
|
|
|
|
this.leakedPassword = false;
|
|
if (this.checkForBreaches) {
|
|
this.leakedPassword = (await this.auditService.passwordLeaked(this.masterPassword)) > 0;
|
|
}
|
|
|
|
await super.submit();
|
|
}
|
|
|
|
async setupSubmitActions() {
|
|
if (this.currentMasterPassword == null || this.currentMasterPassword === "") {
|
|
this.toastService.showToast({
|
|
variant: "error",
|
|
title: this.i18nService.t("errorOccurred"),
|
|
message: this.i18nService.t("masterPasswordRequired"),
|
|
});
|
|
return false;
|
|
}
|
|
|
|
if (this.rotateUserKey) {
|
|
await this.syncService.fullSync(true);
|
|
}
|
|
|
|
return super.setupSubmitActions();
|
|
}
|
|
|
|
async performSubmitActions(
|
|
newMasterPasswordHash: string,
|
|
newMasterKey: MasterKey,
|
|
newUserKey: [UserKey, EncString],
|
|
) {
|
|
const masterKey = await this.keyService.makeMasterKey(
|
|
this.currentMasterPassword,
|
|
await firstValueFrom(this.accountService.activeAccount$.pipe(map((a) => a?.email))),
|
|
await this.kdfConfigService.getKdfConfig(),
|
|
);
|
|
|
|
const userId = await firstValueFrom(this.accountService.activeAccount$.pipe(map((a) => a?.id)));
|
|
const newLocalKeyHash = await this.keyService.hashMasterKey(
|
|
this.masterPassword,
|
|
newMasterKey,
|
|
HashPurpose.LocalAuthorization,
|
|
);
|
|
|
|
const userKey = await this.masterPasswordService.decryptUserKeyWithMasterKey(masterKey, userId);
|
|
if (userKey == null) {
|
|
this.toastService.showToast({
|
|
variant: "error",
|
|
title: null,
|
|
message: this.i18nService.t("invalidMasterPassword"),
|
|
});
|
|
return;
|
|
}
|
|
|
|
const request = new PasswordRequest();
|
|
request.masterPasswordHash = await this.keyService.hashMasterKey(
|
|
this.currentMasterPassword,
|
|
masterKey,
|
|
);
|
|
request.masterPasswordHint = this.masterPasswordHint;
|
|
request.newMasterPasswordHash = newMasterPasswordHash;
|
|
request.key = newUserKey[1].encryptedString;
|
|
|
|
try {
|
|
if (this.rotateUserKey) {
|
|
this.formPromise = this.apiService.postPassword(request).then(async () => {
|
|
// we need to save this for local masterkey verification during rotation
|
|
await this.masterPasswordService.setMasterKeyHash(newLocalKeyHash, userId as UserId);
|
|
await this.masterPasswordService.setMasterKey(newMasterKey, userId as UserId);
|
|
return this.updateKey();
|
|
});
|
|
} else {
|
|
this.formPromise = this.apiService.postPassword(request);
|
|
}
|
|
|
|
await this.formPromise;
|
|
|
|
this.toastService.showToast({
|
|
variant: "success",
|
|
title: this.i18nService.t("masterPasswordChanged"),
|
|
message: this.i18nService.t("logBackIn"),
|
|
});
|
|
this.messagingService.send("logout");
|
|
} catch {
|
|
this.toastService.showToast({
|
|
variant: "error",
|
|
title: null,
|
|
message: this.i18nService.t("errorOccurred"),
|
|
});
|
|
}
|
|
}
|
|
|
|
private async updateKey() {
|
|
const user = await firstValueFrom(this.accountService.activeAccount$);
|
|
await this.keyRotationService.rotateUserKeyAndEncryptedData(this.masterPassword, user);
|
|
}
|
|
}
|