bitwarden/directory-connector
1
0
Fork 0
mirror of https://github.com/bitwarden/directory-connector synced 2026-01-23 04:43:22 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: bitwarden:renovate/node-24.x
Branches Tags
bitwarden:renovate/node-24.x bitwarden:renovate/gh-minor bitwarden:context-rules bitwarden:ps/replace-deprecated-codecov-test-results-action bitwarden:renovate/lock-file-maintenance bitwarden:renovate/typescript-eslint-monorepo bitwarden:main bitwarden:renovate/cross-env-10.x bitwarden:renovate/electron-updater-6.x bitwarden:rc bitwarden:gsuite-documentation bitwarden:jared/typescript-upgrade bitwarden:renovate/jest-preset-angular-16.x bitwarden:renovate/electron-store-11.x bitwarden:jared/typescript-5.x bitwarden:googleapi-failure-test bitwarden:sugi bitwarden:ac/pm-24898/upgrade-yao bitwarden:jmccannon/test-dc bitwarden:split-build-release-workflows bitwarden:jmccannon/github-node-upgrade bitwarden:feat/disable-suspended-google-accounts-ci bitwarden:ac/pm-15283/upgrade-angular-to-19 bitwarden:ac/pm-11803/deps-update-ldapjs-to-v3 bitwarden:vvolkgang-patch-2 bitwarden:vvolkgang-patch-1 bitwarden:version_bump_vgrassia/test-version-bump_2024-09-11 bitwarden:ac/addison/ac-2777/directory-connector-code-cleanup bitwarden:mimartin12-patch-1 bitwarden:AC-1743/upgrade-node bitwarden:AC-1743/Safe-Major-Upgrades bitwarden:husky-testing bitwarden:ac-1743 bitwarden:update-ast-action bitwarden:DEVOPS-1262-update-all-directory-connector-pipelines-to-use-the-new-ci-only-key-vault bitwarden:DEVOPS-1039-update-release-flow-dry-run-step-names bitwarden:DEVOPS-986-Update-download-artifacts bitwarden:refactor/injectable-services-2 bitwarden:update-ldapjs-2.9.8
bitwarden:v2026.1.0 bitwarden:v2025.12.0 bitwarden:v2025.11.0 bitwarden:v2025.10.0 bitwarden:v2025.9.0 bitwarden:v2025.8.0 bitwarden:v2025.7.0 bitwarden:v2025.6.1 bitwarden:v2025.6.0 bitwarden:v2025.5.0 bitwarden:v2025.4.0 bitwarden:v2025.3.0 bitwarden:v2025.1.0 bitwarden:v2024.10.0 bitwarden:v2024.9.0 bitwarden:v2024.3.2 bitwarden:v2023.10.0 bitwarden:v2022.11.0 bitwarden:v2022.6.0 bitwarden:v2.10.2 bitwarden:v2.10.1 bitwarden:v2.10.0 bitwarden:v2.9.10 bitwarden:v2.9.9 bitwarden:v2.9.8 bitwarden:v2.9.7 bitwarden:v2.9.6 bitwarden:v2.9.5 bitwarden:v2.9.4 bitwarden:v2.9.3 bitwarden:v2.9.2 bitwarden:v2.9.1 bitwarden:v2.9.0 bitwarden:v2.8.2 bitwarden:v2.8.1 bitwarden:v2.8.0 bitwarden:v2.7.0 bitwarden:v2.6.2 bitwarden:v2.6.1 bitwarden:v2.6.0 bitwarden:v2.5.3 bitwarden:v2.5.2 bitwarden:v2.5.1 bitwarden:v2.5.0 bitwarden:v2.4.0 bitwarden:v2.3.0 bitwarden:v2.2.0 bitwarden:v2.1.0 bitwarden:v2.0.4 bitwarden:v2.0.3 bitwarden:v2.0.2 bitwarden:v2.0.1 bitwarden:v2.0.0 bitwarden:v1.2.0 bitwarden:v1.1.3 bitwarden:v1.1.2 bitwarden:v1.1.1 bitwarden:v1.1.0 bitwarden:v1.0.0
..
compare: bitwarden:context-rules
Branches Tags
bitwarden:renovate/node-24.x bitwarden:renovate/gh-minor bitwarden:context-rules bitwarden:ps/replace-deprecated-codecov-test-results-action bitwarden:renovate/lock-file-maintenance bitwarden:renovate/typescript-eslint-monorepo bitwarden:main bitwarden:renovate/cross-env-10.x bitwarden:renovate/electron-updater-6.x bitwarden:rc bitwarden:gsuite-documentation bitwarden:jared/typescript-upgrade bitwarden:renovate/jest-preset-angular-16.x bitwarden:renovate/electron-store-11.x bitwarden:jared/typescript-5.x bitwarden:googleapi-failure-test bitwarden:sugi bitwarden:ac/pm-24898/upgrade-yao bitwarden:jmccannon/test-dc bitwarden:split-build-release-workflows bitwarden:jmccannon/github-node-upgrade bitwarden:feat/disable-suspended-google-accounts-ci bitwarden:ac/pm-15283/upgrade-angular-to-19 bitwarden:ac/pm-11803/deps-update-ldapjs-to-v3 bitwarden:vvolkgang-patch-2 bitwarden:vvolkgang-patch-1 bitwarden:version_bump_vgrassia/test-version-bump_2024-09-11 bitwarden:ac/addison/ac-2777/directory-connector-code-cleanup bitwarden:mimartin12-patch-1 bitwarden:AC-1743/upgrade-node bitwarden:AC-1743/Safe-Major-Upgrades bitwarden:husky-testing bitwarden:ac-1743 bitwarden:update-ast-action bitwarden:DEVOPS-1262-update-all-directory-connector-pipelines-to-use-the-new-ci-only-key-vault bitwarden:DEVOPS-1039-update-release-flow-dry-run-step-names bitwarden:DEVOPS-986-Update-download-artifacts bitwarden:refactor/injectable-services-2 bitwarden:update-ldapjs-2.9.8
bitwarden:v2026.1.0 bitwarden:v2025.12.0 bitwarden:v2025.11.0 bitwarden:v2025.10.0 bitwarden:v2025.9.0 bitwarden:v2025.8.0 bitwarden:v2025.7.0 bitwarden:v2025.6.1 bitwarden:v2025.6.0 bitwarden:v2025.5.0 bitwarden:v2025.4.0 bitwarden:v2025.3.0 bitwarden:v2025.1.0 bitwarden:v2024.10.0 bitwarden:v2024.9.0 bitwarden:v2024.3.2 bitwarden:v2023.10.0 bitwarden:v2022.11.0 bitwarden:v2022.6.0 bitwarden:v2.10.2 bitwarden:v2.10.1 bitwarden:v2.10.0 bitwarden:v2.9.10 bitwarden:v2.9.9 bitwarden:v2.9.8 bitwarden:v2.9.7 bitwarden:v2.9.6 bitwarden:v2.9.5 bitwarden:v2.9.4 bitwarden:v2.9.3 bitwarden:v2.9.2 bitwarden:v2.9.1 bitwarden:v2.9.0 bitwarden:v2.8.2 bitwarden:v2.8.1 bitwarden:v2.8.0 bitwarden:v2.7.0 bitwarden:v2.6.2 bitwarden:v2.6.1 bitwarden:v2.6.0 bitwarden:v2.5.3 bitwarden:v2.5.2 bitwarden:v2.5.1 bitwarden:v2.5.0 bitwarden:v2.4.0 bitwarden:v2.3.0 bitwarden:v2.2.0 bitwarden:v2.1.0 bitwarden:v2.0.4 bitwarden:v2.0.3 bitwarden:v2.0.2 bitwarden:v2.0.1 bitwarden:v2.0.0 bitwarden:v1.2.0 bitwarden:v1.1.3 bitwarden:v1.1.2 bitwarden:v1.1.1 bitwarden:v1.1.0 bitwarden:v1.0.0

2 Commits
renovate/n ... context-ru

Author SHA1 Message Date
Sven
22fe0bc482 Claude upgrade shenanigans 2026-01-22 11:00:40 -06:00
Sven
5b1dd63c49 Claude upgrade shenanigans 2026-01-22 10:59:05 -06:00
28 changed files with 7845 additions and 4897 deletions
Expand all files Collapse all files

775
.claude/CLAUDE.md
View File

@@ -1,203 +1,706 @@
# Bitwarden Directory Connector
# Bitwarden Directory Connector - Claude Code Configuration
## Project Overview
Sync users and groups from enterprise directory services (LDAP, Entra ID, Google Workspace, Okta, OneLogin) to Bitwarden organizations. Available as both a desktop GUI (Electron + Angular) and a CLI tool (`bwdc`).
Directory Connector is a TypeScript application that synchronizes users and groups from directory services to Bitwarden organizations. It provides both a desktop GUI (built with Angular and Electron) and a CLI tool (bwdc).
## Overview
**Supported Directory Services:**
### What This Project Does
- LDAP (Lightweight Directory Access Protocol) - includes Active Directory and general LDAP servers
- Microsoft Entra ID (formerly Azure Active Directory)
- Google Workspace
- Okta
- OneLogin
- Connects to enterprise identity providers and retrieves user/group membership data
- Syncs that data to Bitwarden organizations via the Directory Connector API
- Provides both a desktop GUI application (Electron) and a command-line interface (`bwdc`)
**Technologies:**
### Key Concepts
- TypeScript
- Angular (GUI)
- Electron (Desktop wrapper)
- Node
- Jest for testing
- **Directory Service**: An identity provider (LDAP, Entra ID, GSuite, Okta, OneLogin) that stores users and groups
- **Sync**: The process of fetching entries from a directory and importing them to Bitwarden
- **Delta Sync**: Incremental synchronization that only fetches changes since the last sync
- **Entry**: Base class for `UserEntry` and `GroupEntry` - the core data models
- **Force Sync**: Ignores delta tokens and fetches all entries fresh
- **Test Mode**: Simulates sync without making API calls or updating state
## Code Architecture & Structure
---
### Directory Organization
## Architecture & Patterns
### System Architecture
```
src/
├── abstractions/ # Interface definitions (e.g., IDirectoryService)
├── services/ # Business logic implementations for directory services, sync, auth
├── models/ # Data models (UserEntry, GroupEntry, etc.)
├── commands/ # CLI command implementations
├── app/ # Angular GUI components
└── utils/ # Test utilities and fixtures
src-cli/ # CLI-specific code (imports common code from src/)
jslib/ # Legacy folder structure (mix of deprecated/unused and current code - new code should not be added here)
User Request (GUI/CLI)
┌───────────────────────────────────┐
│ Entry Points │
│ main.ts (GUI) │ bwdc.ts (CLI) │
└───────────────────────────────────┘
┌───────────────────────────────────┐
SyncService │
│ Orchestrates the sync flow │
└───────────────────────────────────┘
┌───────────────────────────────────┐
│ DirectoryFactoryService │
│ Creates appropriate IDirectory │
└───────────────────────────────────┘
┌─────────────────────────────────────────────────────┐
│ Directory Services │
│ ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────────┐ │
│ │ LDAP │ │ EntraID │ │ GSuite │ │ Okta/1Login │ │
│ └─────────┘ └─────────┘ └─────────┘ └─────────────┘ │
└─────────────────────────────────────────────────────┘
┌───────────────────────────────────┐
│ [GroupEntry[], UserEntry[]]│
└───────────────────────────────────┘
┌───────────────────────────────────┐
│ RequestBuilder (Batched) │
│ SingleRequestBuilder (<2000) │
│ BatchRequestBuilder (>2000) │
└───────────────────────────────────┘
┌───────────────────────────────────┐
│ Bitwarden API │
│ POST /import endpoint │
└───────────────────────────────────┘
```
### Key Architectural Patterns
1. **Abstractions = Interfaces**: All interfaces are defined in `/abstractions`
2. **Services = Business Logic**: Implementations live in `/services`
3. **Directory Service Pattern**: Each directory provider implements `IDirectoryService` interface
4. **Separation of Concerns**: GUI (Angular app) and CLI (commands) share the same service layer
## Development Conventions
### Code Organization
**File Naming:**
```
src/
├── abstractions/ # Interface definitions (IDirectoryService, etc.)
├── app/ # Angular GUI components
│ ├── tabs/ # Tab-based navigation (Dashboard, Settings, More)
│ └── services/ # Angular service providers
├── commands/ # CLI command implementations
├── enums/ # TypeScript enums (DirectoryType, etc.)
├── models/ # Data models (Entry, UserEntry, GroupEntry)
├── services/ # Business logic implementations
│ └── directory-services/ # One service per directory provider
├── bwdc.ts # CLI entry point
├── main.ts # Electron main process entry point
└── program.ts # CLI command routing (Commander.js)
- kebab-case for files: `ldap-directory.service.ts`
- Descriptive names that reflect purpose
jslib/ # Legacy shared libraries (do not add new code here)
utils/ # Integration test fixtures
└── openldap/ # Docker configs, test data, certificates
```
**Class/Function Naming:**
### Key Principles
- PascalCase for classes and interfaces
- camelCase for functions and variables
- Descriptive names that indicate purpose
1. **Shared Service Layer**: GUI (Angular) and CLI share identical service implementations
2. **Factory Pattern**: `DirectoryFactoryService` instantiates the correct `IDirectoryService` based on `DirectoryType`
3. **Secure Storage**: Credentials stored in system keychain via `KeytarSecureStorageService`
4. **Delta Tracking**: Incremental sync via delta tokens to minimize API calls
**File Structure:**
### Core Patterns
- Keep files focused on single responsibility
- Create new service files for distinct directory integrations
- Separate models into individual files when complex
#### Directory Service Pattern
### TypeScript Conventions
**Purpose**: Abstract different identity providers behind a common interface
**Import Patterns:**
**Interface** (`src/abstractions/directory.service.ts`):
- Use path aliases (`@/`) for project imports
- `@/` - project root
- `@/jslib/` - jslib folder
- ESLint enforces alphabetized import ordering with newlines between groups
```typescript
export interface IDirectoryService {
getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]>;
}
```
**Type Safety:**
**Implementations** in `src/services/directory-services/`:
- Avoid `any` types - use proper typing or `unknown` with type guards
- Prefer interfaces for contracts, types for unions/intersections
- Use strict null checks - handle `null` and `undefined` explicitly
- Leverage TypeScript's type inference where appropriate
- `ldap-directory.service.ts` - LDAP/Active Directory
- `entra-id-directory.service.ts` - Microsoft Entra ID (Azure AD)
- `gsuite-directory.service.ts` - Google Workspace
- `okta-directory.service.ts` - Okta
- `onelogin-directory.service.ts` - OneLogin
**Configuration:**
**Factory** (`src/services/directory-factory.service.ts`):
- Use configuration files or environment variables
- Never hardcode URLs or configuration values
```typescript
createService(type: DirectoryType): IDirectoryService
```
## Security Best Practices
#### State Service Pattern
**Credential Handling:**
**Purpose**: Manage persistent state and credential storage
- Never log directory service credentials, API keys, or tokens
- Use secure storage mechanisms for sensitive data
- Credentials should never be hardcoded
- Store credentials encrypted, never in plain text
**Implementation** (`src/services/state.service.ts`):
**Sensitive Data:**
- Configuration and sync settings stored in LowDB (JSON file)
- Sensitive data (passwords, API keys) stored in system keychain
- File locking via `proper-lockfile` to prevent concurrent access corruption
- Platform-specific app data directories:
- macOS: `~/Library/Application Support/Bitwarden Directory Connector`
- Windows: `%APPDATA%/Bitwarden Directory Connector`
- Linux: `~/.config/Bitwarden Directory Connector` or `$XDG_CONFIG_HOME`
- User and group data from directories should be handled securely
- Avoid exposing sensitive information in error messages
- Sanitize data before logging
- Be cautious with data persistence
---
**Input Validation:**
## Development Guide
- Validate and sanitize data from external directory services
- Check for injection vulnerabilities (LDAP injection, etc.)
- Validate configuration inputs from users
### Adding a New Directory Service
**API Security:**
**1. Create the enum value** (`src/enums/directoryType.ts`)
- Ensure authentication flows are implemented correctly
- Verify SSL/TLS is used for all external connections
- Check for secure token storage and refresh mechanisms
```typescript
export enum DirectoryType {
Ldap = 0,
EntraID = 1,
GSuite = 2,
Okta = 3,
OneLogin = 4,
NewProvider = 5, // Add here
}
```
## Error Handling
**2. Create the configuration model** (`src/models/newProviderConfiguration.ts`)
**Best Practices:**
```typescript
export class NewProviderConfiguration {
apiUrl: string;
apiToken: string;
// Provider-specific settings
}
```
1. **Try-catch for async operations** - Always wrap external API calls
2. **Meaningful error messages** - Provide context for debugging
3. **Error propagation** - Don't swallow errors silently
4. **User-facing errors** - Separate user messages from developer logs
**3. Implement the directory service** (`src/services/directory-services/newprovider-directory.service.ts`)
## Performance Best Practices
```typescript
import { IDirectoryService } from "@/src/abstractions/directory.service";
import { GroupEntry } from "@/src/models/groupEntry";
import { UserEntry } from "@/src/models/userEntry";
import { BaseDirectoryService } from "./base-directory.service";
**Large Dataset Handling:**
export class NewProviderDirectoryService extends BaseDirectoryService implements IDirectoryService {
constructor(
private logService: LogService,
private i18nService: I18nService,
private stateService: StateService,
) {
super();
}
- Use pagination for large user/group lists
- Avoid loading entire datasets into memory at once
- Consider streaming or batch processing for large operations
async getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
const config = await this.stateService.getDirectory<NewProviderConfiguration>(
DirectoryType.NewProvider,
);
const syncConfig = await this.stateService.getSync();
**API Rate Limiting:**
const groups: GroupEntry[] = [];
const users: UserEntry[] = [];
- Respect rate limits for Microsoft Graph API, Google Admin SDK, etc.
- Consider batching large API calls where necessary
// Fetch from provider API
// Apply filters using inherited filter methods
**Memory Management:**
return [groups, users];
}
}
```
- Close connections and clean up resources
- Remove event listeners when components are destroyed
- Be cautious with caching large datasets
**4. Register in the factory** (`src/services/directory-factory.service.ts`)
```typescript
case DirectoryType.NewProvider:
return new NewProviderDirectoryService(
this.logService,
this.i18nService,
this.stateService
);
```
**5. Add state service support** (`src/services/state.service.ts`)
```typescript
// Add to secure storage keys if credentials involved
// Add configuration getter/setter methods
```
**6. Write tests** (`src/services/directory-services/newprovider-directory.service.spec.ts`)
### Common Patterns
#### Error Handling with State Rollback
```typescript
async sync(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
// Store initial state for rollback
const startingUserDelta = await this.stateService.getUserDelta();
const startingGroupDelta = await this.stateService.getGroupDelta();
try {
// Perform sync operations
const [groups, users] = await this.directoryService.getEntries(force, test);
// ... process and submit
return [groups, users];
} catch (e) {
if (!test) {
// Rollback deltas on failure
await this.stateService.setUserDelta(startingUserDelta);
await this.stateService.setGroupDelta(startingGroupDelta);
}
this.messagingService.send("dirSyncCompleted", { successfully: false });
throw e;
}
}
```
#### Filter Processing
```typescript
// In BaseDirectoryService
protected buildIncludeSet(filter: string): Set<string> {
// Parse filter like "include:user1@example.com,user2@example.com"
}
protected buildExcludeSet(filter: string): Set<string> {
// Parse filter like "exclude:user1@example.com"
}
protected shouldIncludeUser(user: UserEntry, include: Set<string>, exclude: Set<string>): boolean {
if (exclude.has(user.email)) return false;
if (include.size === 0) return true;
return include.has(user.email);
}
```
### Running the Desktop GUI (Development)
```bash
npm install
npm run rebuild # Rebuild native modules (keytar)
npm run electron # Run GUI with hot reload
```
### Running the CLI (Development)
```bash
npm install
npm run build:cli:watch # Build CLI with watch mode
node ./build-cli/bwdc.js --help # Run CLI commands
```
---
## Data Models
### Core Types
```typescript
// Base entry class (src/models/entry.ts)
abstract class Entry {
referenceId: string; // Unique ID within the directory (e.g., DN for LDAP)
externalId: string; // ID used for Bitwarden import
}
// User entry (src/models/userEntry.ts)
class UserEntry extends Entry {
email: string;
disabled: boolean;
deleted: boolean;
}
// Group entry (src/models/groupEntry.ts)
class GroupEntry extends Entry {
name: string;
userMemberExternalIds: Set<string>; // External IDs of member users
groupMemberReferenceIds: Set<string>; // Reference IDs of nested groups
users: UserEntry[]; // Populated for display/simulation
}
```
### Directory Type Enum
```typescript
// src/enums/directoryType.ts
enum DirectoryType {
Ldap = 0,
EntraID = 1,
GSuite = 2,
Okta = 3,
OneLogin = 4,
}
```
### Configuration Models
Each directory provider has a configuration class in `src/models/`:
- `LdapConfiguration` - hostname, port, SSL/TLS, bind credentials, auth mode
- `EntraIdConfiguration` - tenant, client ID, secret key
- `GSuiteConfiguration` - domain, admin user, client email, private key
- `OktaConfiguration` - organization URL, API token
- `OneLoginConfiguration` - client ID, client secret, region
### Sync Configuration
```typescript
// src/models/syncConfiguration.ts
interface SyncConfiguration {
users: boolean; // Sync users
groups: boolean; // Sync groups
interval: number; // Minutes between syncs (minimum 5)
userFilter: string; // Include/exclude filter
groupFilter: string; // Include/exclude filter
removeDisabled: boolean; // Remove disabled users from org
overwriteExisting: boolean; // Overwrite existing entries
largeImport: boolean; // Enable for >2000 entries
// LDAP-specific
groupObjectClass: string;
userObjectClass: string;
groupPath: string;
userPath: string;
// ... additional LDAP attributes
}
```
---
## Security & Configuration
### Security Rules
**MANDATORY - These rules have no exceptions:**
1. **Never log credentials**: API keys, passwords, tokens, and secrets must never appear in logs
2. **Never hardcode secrets**: All URLs, credentials, and sensitive data must come from configuration
3. **Use KeytarSecureStorageService**: All credentials must be stored in the system keychain
4. **Validate external data**: Sanitize all data received from directory services
5. **LDAP injection prevention**: Be cautious with user-provided LDAP filters
### Secure Storage Keys
The following are stored in the system keychain (not plain JSON):
- `ldapPassword` - LDAP bind password
- `gsuitePrivateKey` - Google Workspace private key
- `entraKey` - Microsoft Entra ID client secret
- `oktaToken` - Okta API token
- `oneLoginClientSecret` - OneLogin client secret
- User/group delta tokens
- Sync hashes
### Environment Variables
| Variable | Required | Description | Example |
| ------------------------------------------ | -------- | ---------------------------------------- | -------------------- |
| `BITWARDENCLI_CONNECTOR_APPDATA_DIR` | No | CLI app data directory override | `/custom/path` |
| `BITWARDEN_CONNECTOR_APPDATA_DIR` | No | GUI app data directory override | `/custom/path` |
| `BITWARDENCLI_CONNECTOR_PLAINTEXT_SECRETS` | No | Store secrets in plain text (debug only) | `true` |
| `BITWARDENCLI_CONNECTOR_DEBUG` | No | Enable debug logging | `true` |
| `BW_CLIENTID` | No | CLI login client ID | `organization.xxxxx` |
| `BW_CLIENTSECRET` | No | CLI login client secret | `xxxxx` |
| `BW_NOINTERACTION` | No | Disable interactive prompts | `true` |
| `BW_PRETTY` | No | Pretty-print JSON output | `true` |
| `BW_RAW` | No | Raw output (no formatting) | `true` |
| `BW_RESPONSE` | No | JSON response format | `true` |
| `BW_QUIET` | No | Suppress stdout | `true` |
### Authentication & Authorization
- **API Token Authentication**: Uses organization `clientId` + `clientSecret`
- **Token Storage**: Access tokens and refresh tokens stored securely via Keytar
- **Token Refresh**: Automatic refresh when access token expires
- **Auth Service**: `src/services/auth.service.ts` handles the authentication flow
---
## Testing
**Framework:**
### Test Structure
- Jest with jest-preset-angular
- jest-mock-extended for type-safe mocks with `mock<Type>()`
```
src/
├── services/
│ ├── sync.service.spec.ts # Unit tests (colocated)
│ ├── sync.service.integration.spec.ts # Integration tests
│ └── directory-services/
│ ├── ldap-directory.service.spec.ts
│ └── ldap-directory.service.integration.spec.ts
utils/
└── openldap/
├── config-fixtures.ts # Test configuration helpers
├── user-fixtures.ts # Expected user data
├── group-fixtures.ts # Expected group data
├── certs/ # TLS certificates
└── docker-compose.yml # LDAP container config
```
**Test Organization:**
### Writing Tests
- Tests colocated with source files
- `*.spec.ts` - Unit tests for individual components/services
- `*.integration.spec.ts` - Integration tests against live directory services
- Test helpers located in `utils/` directory
**Unit Test Template**:
**Test Naming:**
```typescript
import { mock, MockProxy } from "jest-mock-extended";
- Descriptive, human-readable test names
- Example: `'should return empty array when no users exist in directory'`
describe("ServiceName", () => {
let logService: MockProxy<LogService>;
let stateService: MockProxy<StateService>;
let service: ServiceUnderTest;
**Test Coverage:**
beforeEach(() => {
logService = mock();
stateService = mock();
service = new ServiceUnderTest(logService, stateService);
});
- New features must include tests
- Bug fixes should include regression tests
- Changes to core sync logic or directory specific logic require integration tests
it("should do something", async () => {
// Arrange
stateService.getSomeValue.mockResolvedValue(expectedValue);
**Testing Approach:**
// Act
const result = await service.doSomething();
- **Unit tests**: Mock external API calls using jest-mock-extended
- **Integration tests**: Use live directory services (Docker containers or configured cloud services)
- Focus on critical paths (authentication, sync, data transformation)
- Test error scenarios and edge cases (empty results, malformed data, connection failures), not just happy paths
// Assert
expect(result).toEqual(expectedResult);
});
});
```
## Directory Service Patterns
**Integration Test Template** (see `ldap-directory.service.integration.spec.ts`):
### IDirectoryService Interface
```typescript
// Requires Docker containers running
// npm run test:integration:setup
All directory services implement this core interface with methods:
describe("ldapDirectoryService", () => {
let stateService: MockProxy<StateService>;
let directoryService: LdapDirectoryService;
- `getUsers()` - Retrieve users from directory and transform them into standard objects
- `getGroups()` - Retrieve groups from directory and transform them into standard objects
- Connection and authentication handling
beforeEach(() => {
stateService = mock();
stateService.getDirectoryType.mockResolvedValue(DirectoryType.Ldap);
stateService.getDirectory
.calledWith(DirectoryType.Ldap)
.mockResolvedValue(getLdapConfiguration());
});
### Service-Specific Implementations
it("syncs users and groups", async () => {
const result = await directoryService.getEntries(true, true);
expect(result).toEqual([groupFixtures, userFixtures]);
});
});
```
Each directory service has unique authentication and query patterns:
### Running Tests
- **LDAP**: Direct LDAP queries, bind authentication
- **Microsoft Entra ID**: Microsoft Graph API, OAuth tokens
- **Google Workspace**: Google Admin SDK, service account credentials
- **Okta/OneLogin**: REST APIs with API tokens
```bash
npm test # All unit tests (excludes integration)
npm test -- path/to/file.spec.ts # Single test file
npm run test:watch # Watch mode
# Integration tests
npm run test:integration:setup # Start Docker containers
npm run test:integration # Run integration tests
npm run test:integration:watch # Watch mode for integration
```
### Test Environment
- **Mocking**: `jest-mock-extended` with `mock<Type>()` for type-safe mocks
- **Alternative**: `@fluffy-spoon/substitute` available for some tests
- **Integration**: Docker containers for LDAP (OpenLDAP)
- **Fixtures**: Located in `utils/openldap/`
---
## Code Style & Standards
### Formatting
- **Prettier**: Auto-formatting enforced via pre-commit hooks
- **Config**: `.prettierrc` in project root
### Naming Conventions
- `camelCase` for: variables, functions, method names
- `PascalCase` for: classes, interfaces, types, enums
- `SCREAMING_SNAKE_CASE` for: constants (rare in this codebase)
### Imports
**Path Aliases:**
- `@/` maps to project root
- Example: `import { SyncService } from "@/src/services/sync.service"`
**Import Order (ESLint enforced):**
1. External packages (node_modules)
2. jslib imports (`@/jslib/...`)
3. Project imports (`@/src/...`)
4. Alphabetized within each group with newlines between groups
```typescript
// External
import { mock, MockProxy } from "jest-mock-extended";
// jslib
import { LogService } from "@/jslib/common/src/abstractions/log.service";
// Project
import { DirectoryType } from "@/src/enums/directoryType";
import { SyncService } from "@/src/services/sync.service";
```
### Comments
- Avoid unnecessary comments; code should be self-documenting
- Use JSDoc only for public APIs that need documentation
- Inline comments for complex logic only
### Pre-commit Hooks
- **Husky**: Runs `lint-staged` on commit
- **lint-staged**: Runs Prettier on all files, ESLint on TypeScript files
```bash
npm run lint # Check ESLint + Prettier
npm run lint:fix # Auto-fix ESLint issues
npm run prettier # Auto-format with Prettier
npm run test:types # TypeScript type checking
```
---
## Anti-Patterns
### DO
- ✅ Use `KeytarSecureStorageService` for all credential storage
- ✅ Implement `IDirectoryService` interface for new directory providers
- ✅ Use the factory pattern via `DirectoryFactoryService`
- ✅ Write unit tests with `jest-mock-extended` mocks
- ✅ Handle errors with state rollback (delta tokens)
- ✅ Use path aliases (`@/src/...`) for imports
- ✅ Validate data from external directory services
- ✅ Use `force` and `test` parameters consistently in sync methods
### DON'T
- ❌ Log credentials, API keys, or tokens
- ❌ Hardcode URLs, secrets, or configuration values
- ❌ Store sensitive data in LowDB (JSON) - use Keytar
- ❌ Skip input validation for LDAP filters (injection risk)
- ❌ Use `any` types without explicit justification
- ❌ Add new code to `jslib/` (legacy, read-only)
- ❌ Ignore delta token rollback on sync failure
- ❌ Bypass `overwriteExisting` validation for batch imports (>2000 entries)
---
## Deployment
### Building
**Desktop GUI (Electron):**
```bash
npm run build # Build main + renderer
npm run build:dist # Full distribution build
npm run dist:win # Windows installer
npm run dist:mac # macOS installer
npm run dist:lin # Linux packages (AppImage, RPM)
```
**CLI Tool:**
```bash
npm run build:cli:prod # Production build
npm run dist:cli:win # Windows executable
npm run dist:cli:mac # macOS executable
npm run dist:cli:lin # Linux executable
```
### Versioning
Follow semantic versioning: `MAJOR.MINOR.PATCH`
- Version format: `YYYY.MM.PATCH` (e.g., `2025.12.0`)
- Managed in `package.json`
### Publishing
- **CI/CD**: GitHub Actions workflows in `.github/workflows/`
- **build.yml**: Multi-platform builds with code signing
- **release.yml**: Version bumping and publishing
- **Code Signing**: Azure Key Vault (Windows), App Store Connect (macOS)
- **Auto-update**: Electron Updater for GUI application
---
## Troubleshooting
### Common Issues
#### LDAP Connection Failures
**Problem**: Cannot connect to LDAP server, timeout or connection refused
**Solution**:
1. Verify hostname and port are correct
2. Check SSL/TLS settings match server configuration
3. For StartTLS, ensure SSL is enabled and use the non-secure port (389)
4. For LDAPS, use port 636 and provide CA certificate path
#### Keytar/Native Module Issues
**Problem**: `Error: Module did not self-register` or keytar-related crashes
**Solution**:
```bash
npm run rebuild # Rebuild native modules for current Electron version
npm run reset # Full reset of keytar module
```
#### Sync Hash Mismatch
**Problem**: Sync runs but no changes appear in Bitwarden
**Solution**: The sync service skips if the hash matches the previous sync. Use force sync:
```bash
bwdc sync --force # CLI
# Or clear cache
bwdc clear-cache
```
#### Large Import Failures
**Problem**: Sync fails for organizations with >2000 users/groups
**Solution**: Enable `largeImport` in sync settings. Note: `overwriteExisting` is incompatible with batch mode.
### Debug Tips
- Enable debug logging: `BITWARDENCLI_CONNECTOR_DEBUG=true`
- View data file location: `bwdc data-file`
- Test sync without making changes: `bwdc test`
- Check last sync times: `bwdc last-sync users` / `bwdc last-sync groups`
---
## References
- [Architectural Decision Records (ADRs)](https://contributing.bitwarden.com/architecture/adr/)
- [Contributing Guidelines](https://contributing.bitwarden.com/contributing/)
- [Code Style](https://contributing.bitwarden.com/contributing/code-style/)
- [Security Whitepaper](https://bitwarden.com/help/bitwarden-security-white-paper/)
- [Security Definitions](https://contributing.bitwarden.com/architecture/security/definitions)
### Official Documentation
- [Directory Sync CLI Documentation](https://bitwarden.com/help/directory-sync-cli/)
- [Directory Connector Help](https://bitwarden.com/help/directory-sync/)
### Internal Documentation
- [Bitwarden Contributing Guidelines](https://contributing.bitwarden.com/contributing/)
- [Code Style Guide](https://contributing.bitwarden.com/contributing/code-style/)
### Tools & Libraries
- [ldapts](https://github.com/ldapts/ldapts) - LDAP client for Node.js
- [Keytar](https://github.com/atom/node-keytar) - Native keychain access
- [Commander.js](https://github.com/tj/commander.js) - CLI framework
- [LowDB](https://github.com/typicode/lowdb) - JSON database
- [Microsoft Graph Client](https://github.com/microsoftgraph/msgraph-sdk-javascript) - Entra ID API
- [Google APIs](https://github.com/googleapis/google-api-nodejs-client) - GSuite API

30
.claude/commands/code-explainer.md Normal file
View File

@@ -0,0 +1,30 @@
---
description: "Provides a brief explanation of the code attached, including key components, notable patterns, and a code walkthrough."
---
# Code Explainer
Provide a brief explanation of the code attached. I'm trying to better understand it.
## Key Components
- Main classes/functions and their roles
- Important dependencies
- Critical flows
## Notable Patterns
- Design patterns used
- Architecture decisions
- Important abstractions
## Code Walkthrough
- How it works
- Key decision points
- Important considerations
## Gotchas & Tips
- Edge cases to watch for
- Performance considerations

156
ESM_MIGRATION_PLAN.md Normal file
View File

@@ -0,0 +1,156 @@
# ESM Migration Plan
## Migration Status: Partial Success
The ESM migration has been **partially completed**. The source code is now ESM-compatible with `"type": "module"` in package.json, and webpack outputs CommonJS bundles (`.cjs`) for Node.js compatibility.
### What Works
- ✅ CLI build (`bwdc.cjs`) - builds and runs successfully
- ✅ Electron main process (`main.cjs`) - builds successfully
- ✅ All 130 tests pass
- ✅ Source code uses ESM syntax (import/export)
### What Doesn't Work
- ❌ Electron renderer build - **pre-existing type errors in jslib** (not caused by this migration)
The renderer build was failing with 37 TypeScript errors in `jslib/` **before** the ESM migration began. These are ArrayBuffer/SharedArrayBuffer type compatibility issues in the jslib submodule that need to be addressed separately.
---
## Changes Made
### 1. package.json
```json
{
"type": "module",
"main": "main.cjs"
}
```
### 2. tsconfig.json
```json
{
"compilerOptions": {
"moduleResolution": "node",
"module": "ES2020",
"skipLibCheck": true,
"noEmitOnError": false
}
}
```
### 3. Webpack Configurations
**CLI (webpack.cli.cjs)**
- Output changed to `.cjs` extension
- Added `transpileOnly: true` to ts-loader for faster builds
**Main (webpack.main.cjs)**
- Output changed to `.cjs` extension
- Added `transpileOnly: true` to ts-loader
**Renderer (webpack.renderer.cjs)**
- Created separate `tsconfig.renderer.json` to isolate Angular compilation
- Removed ESM output experiments (not compatible with Angular's webpack plugin)
### 4. src-cli/package.json
```json
{
"type": "module",
"bin": {
"bwdc": "../build-cli/bwdc.cjs"
}
}
```
### 5. New File: tsconfig.renderer.json
Dedicated TypeScript config for Angular renderer to isolate from jslib type issues.
---
## Architecture Decision
### Why CJS Output Instead of ESM Output?
The migration uses a **hybrid approach**:
- **Source code**: ESM syntax (`import`/`export`)
- **Build output**: CommonJS (`.cjs` files)
This approach was chosen because:
1. **lowdb v1 incompatibility**: The legacy lowdb v1 used in jslib doesn't work properly with ESM output due to lodash interop issues
2. **Native module compatibility**: keytar and other native modules work better with CJS
3. **Electron compatibility**: Electron's main process ESM support is still maturing
4. **jslib constraints**: The jslib submodule is read-only and contains CJS-only patterns
The webpack bundler transpiles ESM source to CJS output, giving us modern syntax in the codebase while maintaining runtime compatibility.
---
## Blocking Issues for Full ESM
### 1. jslib Submodule (Read-Only)
The jslib folder contains:
- `lowdb` v1.0.0 usage (CJS-only, v7 is ESM but has breaking API changes)
- `node-fetch` v2.7.0 usage (CJS-only, v3 is ESM-only)
- Pre-existing TypeScript errors (ArrayBuffer type mismatches)
### 2. Angular Webpack Plugin
The `@ngtools/webpack` plugin does its own TypeScript compilation and doesn't support `transpileOnly` mode, so it surfaces type errors from jslib.
---
## Future Work
To complete full ESM migration:
1. **Update jslib submodule** - Fix type errors, upgrade to ESM-compatible dependencies
2. **Upgrade lowdb** - From v1 to v7 (requires rewriting storage layer)
3. **Remove node-fetch** - Use native `fetch` (Node 18+) or upgrade to v3
4. **Enable ESM output** - Once dependencies are updated, change webpack output to ESM
---
## Testing the Migration
```bash
# Build CLI
npm run build:cli
node ./build-cli/bwdc.cjs --help
# Build Electron main
npm run build:main
# Run tests
npm test
```
---
## Files Changed
| File | Change |
| ------------------------ | ---------------------------------------------------- |
| `package.json` | Added `"type": "module"`, changed main to `main.cjs` |
| `tsconfig.json` | Added `skipLibCheck`, `noEmitOnError` |
| `tsconfig.renderer.json` | New file for Angular compilation |
| `webpack.cli.cjs` | Output to `.cjs`, added `transpileOnly` |
| `webpack.main.cjs` | Output to `.cjs`, added `transpileOnly` |
| `webpack.renderer.cjs` | Use separate tsconfig |
| `src-cli/package.json` | Added `"type": "module"`, updated bin path |

10
angular.json
View File

@@ -18,17 +18,15 @@
"prefix": "app",
"architect": {
"build": {
"builder": "@angular/build:application",
"builder": "@angular-devkit/build-angular:browser",
"options": {
"outputPath": {
"base": "dist"
},
"outputPath": "dist",
"index": "src/index.html",
"main": "src/main.ts",
"tsConfig": "tsconfig.json",
"assets": [],
"styles": [],
"scripts": [],
"browser": "src/main.ts"
"scripts": []
}
}
}

11
jest.config.cjs
View File

@@ -24,13 +24,20 @@ module.exports = {
roots: ["<rootDir>"],
modulePaths: [compilerOptions.baseUrl],
moduleNameMapper: pathsToModuleNameMapper(compilerOptions.paths, { prefix: "<rootDir>/" }),
moduleNameMapper: {
...pathsToModuleNameMapper(compilerOptions.paths, { prefix: "<rootDir>/" }),
// ESM compatibility: mock import.meta.url for tests
"^(\\.{1,2}/.*)\\.js$": "$1",
},
setupFilesAfterEnv: ["<rootDir>/test.setup.ts"],
// Workaround for a memory leak that crashes tests in CI:
// https://github.com/facebook/jest/issues/9430#issuecomment-1149882002
// Also anecdotally improves performance when run locally
maxWorkers: 3,
// ESM support
extensionsToTreatAsEsm: [".ts"],
transform: {
"^.+\\.tsx?$": [
"jest-preset-angular",
@@ -43,6 +50,8 @@ module.exports = {
// Makes tests run faster and reduces size/rate of leak, but loses typechecking on test code
// See https://bitwarden.atlassian.net/browse/EC-497 for more info
isolatedModules: true,
// ESM support
useESM: true,
},
],
},

67
jslib/angular/src/components/toastr.component.ts
View File

@@ -13,47 +13,42 @@ import {
@Component({
selector: "[toast-component2]",
template: `
@if (options.closeButton) {
<button (click)="remove()" type="button" class="toast-close-button" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
}
<button
*ngIf="options.closeButton"
(click)="remove()"
type="button"
class="toast-close-button"
aria-label="Close"
>
<span aria-hidden="true">&times;</span>
</button>
<div class="icon">
<i></i>
</div>
<div>
@if (title) {
<div [class]="options.titleClass" [attr.aria-label]="title">
{{ title }}
@if (duplicatesCount) {
[{{ duplicatesCount + 1 }}]
}
</div>
}
@if (message && options.enableHtml) {
<div
role="alertdialog"
aria-live="polite"
[class]="options.messageClass"
[innerHTML]="message"
></div>
}
@if (message && !options.enableHtml) {
<div
role="alertdialog"
aria-live="polite"
[class]="options.messageClass"
[attr.aria-label]="message"
>
{{ message }}
</div>
}
</div>
@if (options.progressBar) {
<div>
<div class="toast-progress" [style.width]="width + '%'"></div>
<div *ngIf="title" [class]="options.titleClass" [attr.aria-label]="title">
{{ title }} <ng-container *ngIf="duplicatesCount">[{{ duplicatesCount + 1 }}]</ng-container>
</div>
}
<div
*ngIf="message && options.enableHtml"
role="alertdialog"
aria-live="polite"
[class]="options.messageClass"
[innerHTML]="message"
></div>
<div
*ngIf="message && !options.enableHtml"
role="alertdialog"
aria-live="polite"
[class]="options.messageClass"
[attr.aria-label]="message"
>
{{ message }}
</div>
</div>
<div *ngIf="options.progressBar">
<div class="toast-progress" [style.width]="width + '%'"></div>
</div>
`,
animations: [
trigger("flyInOut", [

4
jslib/common/spec/domain/symmetricCryptoKey.spec.ts
View File

@@ -9,7 +9,7 @@ describe("SymmetricCryptoKey", () => {
new SymmetricCryptoKey(null);
};
expect(t).toThrow("Must provide key");
expect(t).toThrowError("Must provide key");
});
describe("guesses encKey from key length", () => {
@@ -63,7 +63,7 @@ describe("SymmetricCryptoKey", () => {
new SymmetricCryptoKey(makeStaticByteArray(30));
};
expect(t).toThrow("Unable to determine encType.");
expect(t).toThrowError("Unable to determine encType.");
});
});
});

2
jslib/common/spec/utils.ts
View File

@@ -33,5 +33,5 @@ export function makeStaticByteArray(length: number, start = 0) {
for (let i = 0; i < length; i++) {
arr[i] = start + i;
}
return arr.buffer;
return arr;
}

5
jslib/common/src/misc/nodeUtils.ts
View File

@@ -26,4 +26,9 @@ export class NodeUtils {
.on("error", (err) => reject(err));
});
}
// https://stackoverflow.com/a/31394257
static bufferToArrayBuffer(buf: Buffer): ArrayBuffer {
return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
}
}

14
jslib/common/src/misc/utils.ts
View File

@@ -36,7 +36,7 @@ export class Utils {
Utils.global = Utils.isNode && !Utils.isBrowser ? global : window;
}
static fromB64ToArray(str: string): Uint8Array<ArrayBuffer> {
static fromB64ToArray(str: string): Uint8Array {
if (Utils.isNode) {
return new Uint8Array(Buffer.from(str, "base64"));
} else {
@@ -49,11 +49,11 @@ export class Utils {
}
}
static fromUrlB64ToArray(str: string): Uint8Array<ArrayBuffer> {
static fromUrlB64ToArray(str: string): Uint8Array {
return Utils.fromB64ToArray(Utils.fromUrlB64ToB64(str));
}
static fromHexToArray(str: string): Uint8Array<ArrayBuffer> {
static fromHexToArray(str: string): Uint8Array {
if (Utils.isNode) {
return new Uint8Array(Buffer.from(str, "hex"));
} else {
@@ -65,7 +65,7 @@ export class Utils {
}
}
static fromUtf8ToArray(str: string): Uint8Array<ArrayBuffer> {
static fromUtf8ToArray(str: string): Uint8Array {
if (Utils.isNode) {
return new Uint8Array(Buffer.from(str, "utf8"));
} else {
@@ -78,7 +78,7 @@ export class Utils {
}
}
static fromByteStringToArray(str: string): Uint8Array<ArrayBuffer> {
static fromByteStringToArray(str: string): Uint8Array {
const arr = new Uint8Array(str.length);
for (let i = 0; i < str.length; i++) {
arr[i] = str.charCodeAt(i);
@@ -99,8 +99,8 @@ export class Utils {
}
}
static fromBufferToUrlB64(buffer: Uint8Array<ArrayBuffer>): string {
return Utils.fromB64toUrlB64(Utils.fromBufferToB64(buffer.buffer));
static fromBufferToUrlB64(buffer: ArrayBuffer): string {
return Utils.fromB64toUrlB64(Utils.fromBufferToB64(buffer));
}
static fromB64toUrlB64(b64Str: string) {

6
jslib/common/src/services/crypto.service.ts
View File

@@ -636,9 +636,9 @@ export class CryptoService implements CryptoServiceAbstraction {
const encBytes = new Uint8Array(encBuf);
const encType = encBytes[0];
let ctBytes: Uint8Array<ArrayBuffer> = null;
let ivBytes: Uint8Array<ArrayBuffer> = null;
let macBytes: Uint8Array<ArrayBuffer> = null;
let ctBytes: Uint8Array = null;
let ivBytes: Uint8Array = null;
let macBytes: Uint8Array = null;
switch (encType) {
case EncryptionType.AesCbc128_HmacSha256_B64:

8
jslib/node/spec/services/nodeCryptoFunction.service.spec.ts
View File

@@ -94,7 +94,7 @@ describe("NodeCrypto Function Service", () => {
it("should fail with prk too small", async () => {
const cryptoFunctionService = new NodeCryptoFunctionService();
const f = cryptoFunctionService.hkdfExpand(
Utils.fromB64ToArray(prk16Byte).buffer,
Utils.fromB64ToArray(prk16Byte),
"info",
32,
"sha256",
@@ -105,7 +105,7 @@ describe("NodeCrypto Function Service", () => {
it("should fail with outputByteSize is too large", async () => {
const cryptoFunctionService = new NodeCryptoFunctionService();
const f = cryptoFunctionService.hkdfExpand(
Utils.fromB64ToArray(prk32Byte).buffer,
Utils.fromB64ToArray(prk32Byte),
"info",
8161,
"sha256",
@@ -341,7 +341,7 @@ function testHkdf(
utf8Key: string,
unicodeKey: string,
) {
const ikm = Utils.fromB64ToArray("criAmKtfzxanbgea5/kelQ==").buffer;
const ikm = Utils.fromB64ToArray("criAmKtfzxanbgea5/kelQ==");
const regularSalt = "salt";
const utf8Salt = "üser_salt";
@@ -393,7 +393,7 @@ function testHkdfExpand(
it("should create valid " + algorithm + " " + outputByteSize + " byte okm", async () => {
const cryptoFunctionService = new NodeCryptoFunctionService();
const okm = await cryptoFunctionService.hkdfExpand(
Utils.fromB64ToArray(b64prk).buffer,
Utils.fromB64ToArray(b64prk),
info,
outputByteSize,
algorithm,

11083
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

49
package.json
View File

@@ -2,7 +2,8 @@
"name": "@bitwarden/directory-connector",
"productName": "Bitwarden Directory Connector",
"description": "Sync your user directory to your Bitwarden organization.",
"version": "2026.1.0",
"version": "2025.12.0",
"type": "module",
"keywords": [
"bitwarden",
"password",
@@ -16,7 +17,7 @@
"url": "https://github.com/bitwarden/directory-connector"
},
"license": "GPL-3.0",
"main": "main.js",
"main": "main.cjs",
"scripts": {
"sub:init": "git submodule update --init --recursive",
"sub:update": "git submodule update --remote",
@@ -73,19 +74,19 @@
"test:types": "npx tsc --noEmit"
},
"devDependencies": {
"@angular-eslint/eslint-plugin-template": "21.1.0",
"@angular-eslint/template-parser": "21.1.0",
"@angular/build": "21.0.5",
"@angular/compiler-cli": "21.0.8",
"@angular-devkit/build-angular": "20.3.3",
"@angular-eslint/eslint-plugin-template": "20.7.0",
"@angular-eslint/template-parser": "20.7.0",
"@angular/compiler-cli": "20.3.15",
"@electron/notarize": "2.5.0",
"@electron/rebuild": "4.0.1",
"@fluffy-spoon/substitute": "1.208.0",
"@microsoft/microsoft-graph-types": "2.43.1",
"@ngtools/webpack": "21.0.5",
"@ngtools/webpack": "20.3.3",
"@types/inquirer": "8.2.10",
"@types/jest": "30.0.0",
"@types/jest": "29.5.14",
"@types/lowdb": "1.0.15",
"@types/node": "24.10.9",
"@types/node": "22.19.2",
"@types/node-fetch": "2.6.12",
"@types/node-forge": "1.3.11",
"@types/proper-lockfile": "4.1.4",
@@ -94,9 +95,7 @@
"@typescript-eslint/eslint-plugin": "8.50.0",
"@typescript-eslint/parser": "8.50.0",
"@yao-pkg/pkg": "5.16.1",
"babel-loader": "9.2.1",
"clean-webpack-plugin": "4.0.0",
"jest-environment-jsdom": "30.2.0",
"concurrently": "9.2.0",
"copy-webpack-plugin": "13.0.0",
"cross-env": "7.0.3",
@@ -119,10 +118,10 @@
"html-loader": "5.1.0",
"html-webpack-plugin": "5.6.3",
"husky": "9.1.7",
"jest": "30.2.0",
"jest": "29.7.0",
"jest-junit": "16.0.0",
"jest-mock-extended": "4.0.0",
"jest-preset-angular": "16.0.0",
"jest-preset-angular": "14.6.0",
"lint-staged": "16.2.6",
"mini-css-extract-plugin": "2.9.2",
"minimatch": "5.1.2",
@@ -137,7 +136,7 @@
"ts-loader": "9.5.2",
"tsconfig-paths-webpack-plugin": "4.2.0",
"type-fest": "5.3.0",
"typescript": "5.9.3",
"typescript": "5.8.3",
"webpack": "5.104.1",
"webpack-cli": "6.0.1",
"webpack-merge": "6.0.1",
@@ -145,16 +144,16 @@
"zone.js": "0.15.1"
},
"dependencies": {
"@angular/animations": "21.0.8",
"@angular/cdk": "21.0.6",
"@angular/cli": "21.0.5",
"@angular/common": "21.0.8",
"@angular/compiler": "21.0.8",
"@angular/core": "21.0.8",
"@angular/forms": "21.0.8",
"@angular/platform-browser": "21.0.8",
"@angular/platform-browser-dynamic": "21.0.8",
"@angular/router": "21.0.8",
"@angular/animations": "20.3.15",
"@angular/cdk": "20.2.14",
"@angular/cli": "20.3.3",
"@angular/common": "20.3.15",
"@angular/compiler": "20.3.15",
"@angular/core": "20.3.15",
"@angular/forms": "20.3.15",
"@angular/platform-browser": "20.3.15",
"@angular/platform-browser-dynamic": "20.3.15",
"@angular/router": "20.3.15",
"@microsoft/microsoft-graph-client": "3.0.7",
"big-integer": "1.6.52",
"bootstrap": "5.3.7",
@@ -166,7 +165,7 @@
"https-proxy-agent": "7.0.6",
"inquirer": "8.2.6",
"keytar": "7.9.0",
"ldapts": "8.1.3",
"ldapts": "8.0.1",
"lowdb": "1.0.0",
"ngx-toastr": "19.1.0",
"node-fetch": "2.7.0",

5
src-cli/package.json
View File

@@ -3,16 +3,17 @@
"productName": "Bitwarden Directory Connector",
"description": "Sync your user directory to your Bitwarden organization.",
"version": "2.9.5",
"type": "module",
"author": "Bitwarden Inc. <hello@bitwarden.com> (https://bitwarden.com)",
"homepage": "https://bitwarden.com",
"license": "GPL-3.0",
"main": "main.js",
"main": "main.mjs",
"repository": {
"type": "git",
"url": "https://github.com/bitwarden/directory-connector"
},
"bin": {
"bwdc": "../build-cli/bwdc.js"
"bwdc": "../build-cli/bwdc.cjs"
},
"pkg": {
"assets": "../build-cli/**/*"

7
src/app/main.ts
View File

@@ -1,4 +1,4 @@
import { enableProdMode, provideZoneChangeDetection } from "@angular/core";
import { enableProdMode } from "@angular/core";
import { platformBrowserDynamic } from "@angular/platform-browser-dynamic";
import { isDev } from "@/jslib/electron/src/utils";
@@ -11,7 +11,4 @@ if (!isDev()) {
enableProdMode();
}
platformBrowserDynamic().bootstrapModule(AppModule, {
applicationProviders: [provideZoneChangeDetection()],
preserveWhitespaces: true,
});
platformBrowserDynamic().bootstrapModule(AppModule, { preserveWhitespaces: true });

124
src/app/tabs/dashboard.component.html
View File

@@ -3,25 +3,17 @@
<div class="card-body">
<p>
{{ "lastGroupSync" | i18n }}:
@if (!lastGroupSync) {
<span>-</span>
}
<span *ngIf="!lastGroupSync">-</span>
{{ lastGroupSync | date: "medium" }}
<br />
{{ "lastUserSync" | i18n }}:
@if (!lastUserSync) {
<span>-</span>
}
<span *ngIf="!lastUserSync">-</span>
{{ lastUserSync | date: "medium" }}
</p>
<p>
{{ "syncStatus" | i18n }}:
@if (syncRunning) {
<strong class="text-success">{{ "running" | i18n }}</strong>
}
@if (!syncRunning) {
<strong class="text-danger">{{ "stopped" | i18n }}</strong>
}
<strong *ngIf="syncRunning" class="text-success">{{ "running" | i18n }}</strong>
<strong *ngIf="!syncRunning" class="text-danger">{{ "stopped" | i18n }}</strong>
</p>
<form #startForm [appApiAction]="startPromise" class="d-inline">
<button
@@ -68,85 +60,57 @@
/>
<label class="form-check-label" for="simSinceLast">{{ "testLastSync" | i18n }}</label>
</div>
@if (!simForm.loading && (simUsers || simGroups)) {
<ng-container *ngIf="!simForm.loading && (simUsers || simGroups)">
<hr />
<div class="row">
<div class="col-lg">
<h4>{{ "users" | i18n }}</h4>
@if (simEnabledUsers && simEnabledUsers.length) {
<ul class="bwi-ul testing-list">
@for (u of simEnabledUsers; track u) {
<li title="{{ u.referenceId }}">
<i class="bwi bwi-li bwi-user"></i>
{{ u.displayName }}
</li>
}
</ul>
}
@if (!simEnabledUsers || !simEnabledUsers.length) {
<p>
{{ "noUsers" | i18n }}
</p>
}
<ul class="bwi-ul testing-list" *ngIf="simEnabledUsers && simEnabledUsers.length">
<li *ngFor="let u of simEnabledUsers" title="{{ u.referenceId }}">
<i class="bwi bwi-li bwi-user"></i>
{{ u.displayName }}
</li>
</ul>
<p *ngIf="!simEnabledUsers || !simEnabledUsers.length">
{{ "noUsers" | i18n }}
</p>
<h4>{{ "disabledUsers" | i18n }}</h4>
@if (simDisabledUsers && simDisabledUsers.length) {
<ul class="bwi-ul testing-list">
@for (u of simDisabledUsers; track u) {
<li title="{{ u.referenceId }}">
<i class="bwi bwi-li bwi-user"></i>
{{ u.displayName }}
</li>
}
</ul>
}
@if (!simDisabledUsers || !simDisabledUsers.length) {
<p>
{{ "noUsers" | i18n }}
</p>
}
<ul class="bwi-ul testing-list" *ngIf="simDisabledUsers && simDisabledUsers.length">
<li *ngFor="let u of simDisabledUsers" title="{{ u.referenceId }}">
<i class="bwi bwi-li bwi-user"></i>
{{ u.displayName }}
</li>
</ul>
<p *ngIf="!simDisabledUsers || !simDisabledUsers.length">
{{ "noUsers" | i18n }}
</p>
<h4>{{ "deletedUsers" | i18n }}</h4>
@if (simDeletedUsers && simDeletedUsers.length) {
<ul class="bwi-ul testing-list">
@for (u of simDeletedUsers; track u) {
<li title="{{ u.referenceId }}">
<i class="bwi bwi-li bwi-user"></i>
{{ u.displayName }}
</li>
}
</ul>
}
@if (!simDeletedUsers || !simDeletedUsers.length) {
<p>
{{ "noUsers" | i18n }}
</p>
}
<ul class="bwi-ul testing-list" *ngIf="simDeletedUsers && simDeletedUsers.length">
<li *ngFor="let u of simDeletedUsers" title="{{ u.referenceId }}">
<i class="bwi bwi-li bwi-user"></i>
{{ u.displayName }}
</li>
</ul>
<p *ngIf="!simDeletedUsers || !simDeletedUsers.length">
{{ "noUsers" | i18n }}
</p>
</div>
<div class="col-lg">
<h4>{{ "groups" | i18n }}</h4>
@if (simGroups && simGroups.length) {
<ul class="bwi-ul testing-list">
@for (g of simGroups; track g) {
<li title="{{ g.referenceId }}">
<i class="bwi bwi-li bwi-sitemap"></i>
{{ g.displayName }}
@if (g.users && g.users.length) {
<ul class="small">
@for (u of g.users; track u) {
<li title="{{ u.referenceId }}">
{{ u.displayName }}
</li>
}
</ul>
}
<ul class="bwi-ul testing-list" *ngIf="simGroups && simGroups.length">
<li *ngFor="let g of simGroups" title="{{ g.referenceId }}">
<i class="bwi bwi-li bwi-sitemap"></i>
{{ g.displayName }}
<ul class="small" *ngIf="g.users && g.users.length">
<li *ngFor="let u of g.users" title="{{ u.referenceId }}">
{{ u.displayName }}
</li>
}
</ul>
}
@if (!simGroups || !simGroups.length) {
<p>{{ "noGroups" | i18n }}</p>
}
</ul>
</li>
</ul>
<p *ngIf="!simGroups || !simGroups.length">{{ "noGroups" | i18n }}</p>
</div>
</div>
}
</ng-container>
</div>
</div>

330
src/app/tabs/settings.component.html
View File

@@ -6,11 +6,9 @@
<div class="mb-3">
<label for="directory" class="form-label">{{ "type" | i18n }}</label>
<select class="form-select" id="directory" name="Directory" [(ngModel)]="directory">
@for (o of directoryOptions; track o) {
<option [ngValue]="o.value">
{{ o.name }}
</option>
}
<option *ngFor="let o of directoryOptions" [ngValue]="o.value">
{{ o.name }}
</option>
</select>
</div>
<div [hidden]="directory != directoryType.Ldap">
@@ -53,22 +51,20 @@
<label class="form-check-label" for="ad">{{ "ldapAd" | i18n }}</label>
</div>
</div>
@if (!ldap.ad) {
<div class="mb-3">
<div class="form-check">
<input
class="form-check-input"
type="checkbox"
id="pagedSearch"
[(ngModel)]="ldap.pagedSearch"
name="PagedSearch"
/>
<label class="form-check-label" for="pagedSearch">{{
"ldapPagedResults" | i18n
}}</label>
</div>
<div class="mb-3" *ngIf="!ldap.ad">
<div class="form-check">
<input
class="form-check-input"
type="checkbox"
id="pagedSearch"
[(ngModel)]="ldap.pagedSearch"
name="PagedSearch"
/>
<label class="form-check-label" for="pagedSearch">{{
"ldapPagedResults" | i18n
}}</label>
</div>
}
</div>
<div class="mb-3">
<div class="form-check">
<input
@@ -83,122 +79,116 @@
}}</label>
</div>
</div>
@if (ldap.ssl) {
<div class="ms-4">
<div class="mb-3">
<div class="form-check">
<input
class="form-check-input"
type="radio"
[value]="false"
id="ssl"
[(ngModel)]="ldap.startTls"
name="SSL"
/>
<label class="form-check-label" for="ssl">{{ "ldapSsl" | i18n }}</label>
</div>
<div class="form-check">
<input
class="form-check-input"
type="radio"
[value]="true"
id="startTls"
[(ngModel)]="ldap.startTls"
name="StartTLS"
/>
<label class="form-check-label" for="startTls">{{ "ldapTls" | i18n }}</label>
</div>
<div class="ms-4" *ngIf="ldap.ssl">
<div class="mb-3">
<div class="form-check">
<input
class="form-check-input"
type="radio"
[value]="false"
id="ssl"
[(ngModel)]="ldap.startTls"
name="SSL"
/>
<label class="form-check-label" for="ssl">{{ "ldapSsl" | i18n }}</label>
</div>
@if (ldap.startTls) {
<div class="ms-4">
<p>{{ "ldapTlsUntrustedDesc" | i18n }}</p>
<div class="mb-3">
<label for="tlsCaPath" class="form-label">{{ "ldapTlsCa" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="tlsCaPath_file"
(change)="setSslPath('tlsCaPath')"
/>
<input
type="text"
class="form-control"
id="tlsCaPath"
name="TLSCaPath"
[(ngModel)]="ldap.tlsCaPath"
/>
</div>
</div>
}
@if (!ldap.startTls) {
<div class="ms-4">
<p>{{ "ldapSslUntrustedDesc" | i18n }}</p>
<div class="mb-3">
<label for="sslCertPath" class="form-label">{{ "ldapSslCert" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="sslCertPath_file"
(change)="setSslPath('sslCertPath')"
/>
<input
type="text"
class="form-control"
id="sslCertPath"
name="SSLCertPath"
[(ngModel)]="ldap.sslCertPath"
/>
</div>
<div class="mb-3">
<label for="sslKeyPath" class="form-label">{{ "ldapSslKey" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="sslKeyPath_file"
(change)="setSslPath('sslKeyPath')"
/>
<input
type="text"
class="form-control"
id="sslKeyPath"
name="SSLKeyPath"
[(ngModel)]="ldap.sslKeyPath"
/>
</div>
<div class="mb-3">
<label for="sslCaPath" class="form-label">{{ "ldapSslCa" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="sslCaPath_file"
(change)="setSslPath('sslCaPath')"
/>
<input
type="text"
class="form-control"
id="sslCaPath"
name="SSLCaPath"
[(ngModel)]="ldap.sslCaPath"
/>
</div>
</div>
}
<div class="mb-3">
<div class="form-check">
<input
class="form-check-input"
type="checkbox"
id="certDoNotVerify"
[(ngModel)]="ldap.sslAllowUnauthorized"
name="CertDoNoVerify"
/>
<label class="form-check-label" for="certDoNotVerify">{{
"ldapCertDoNotVerify" | i18n
}}</label>
</div>
<div class="form-check">
<input
class="form-check-input"
type="radio"
[value]="true"
id="startTls"
[(ngModel)]="ldap.startTls"
name="StartTLS"
/>
<label class="form-check-label" for="startTls">{{ "ldapTls" | i18n }}</label>
</div>
</div>
}
<div class="ms-4" *ngIf="ldap.startTls">
<p>{{ "ldapTlsUntrustedDesc" | i18n }}</p>
<div class="mb-3">
<label for="tlsCaPath" class="form-label">{{ "ldapTlsCa" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="tlsCaPath_file"
(change)="setSslPath('tlsCaPath')"
/>
<input
type="text"
class="form-control"
id="tlsCaPath"
name="TLSCaPath"
[(ngModel)]="ldap.tlsCaPath"
/>
</div>
</div>
<div class="ms-4" *ngIf="!ldap.startTls">
<p>{{ "ldapSslUntrustedDesc" | i18n }}</p>
<div class="mb-3">
<label for="sslCertPath" class="form-label">{{ "ldapSslCert" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="sslCertPath_file"
(change)="setSslPath('sslCertPath')"
/>
<input
type="text"
class="form-control"
id="sslCertPath"
name="SSLCertPath"
[(ngModel)]="ldap.sslCertPath"
/>
</div>
<div class="mb-3">
<label for="sslKeyPath" class="form-label">{{ "ldapSslKey" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="sslKeyPath_file"
(change)="setSslPath('sslKeyPath')"
/>
<input
type="text"
class="form-control"
id="sslKeyPath"
name="SSLKeyPath"
[(ngModel)]="ldap.sslKeyPath"
/>
</div>
<div class="mb-3">
<label for="sslCaPath" class="form-label">{{ "ldapSslCa" | i18n }}</label>
<input
type="file"
class="form-control mb-2"
id="sslCaPath_file"
(change)="setSslPath('sslCaPath')"
/>
<input
type="text"
class="form-control"
id="sslCaPath"
name="SSLCaPath"
[(ngModel)]="ldap.sslCaPath"
/>
</div>
</div>
<div class="mb-3">
<div class="form-check">
<input
class="form-check-input"
type="checkbox"
id="certDoNotVerify"
[(ngModel)]="ldap.sslAllowUnauthorized"
name="CertDoNoVerify"
/>
<label class="form-check-label" for="certDoNotVerify">{{
"ldapCertDoNotVerify" | i18n
}}</label>
</div>
</div>
</div>
<div class="mb-3" [hidden]="true">
<div class="form-check">
<input
@@ -221,12 +211,10 @@
name="Username"
[(ngModel)]="ldap.username"
/>
@if (ldap.ad) {
<div class="form-text">{{ "ex" | i18n }} company\admin</div>
}
@if (!ldap.ad) {
<div class="form-text">{{ "ex" | i18n }} cn=admin,dc=company,dc=com</div>
}
<div class="form-text" *ngIf="ldap.ad">{{ "ex" | i18n }} company\admin</div>
<div class="form-text" *ngIf="!ldap.ad">
{{ "ex" | i18n }} cn=admin,dc=company,dc=com
</div>
</div>
<div class="mb-3">
<label for="password" class="form-label">{{ "password" | i18n }}</label>
@@ -616,24 +604,18 @@
name="UserFilter"
[(ngModel)]="sync.userFilter"
></textarea>
@if (directory === directoryType.Ldap) {
<div class="form-text">
{{ "ex" | i18n }} (&amp;(givenName=John)(|(l=Dallas)(l=Austin)))
</div>
}
@if (directory === directoryType.EntraID) {
<div class="form-text">{{ "ex" | i18n }} exclude:joe&#64;company.com</div>
}
@if (directory === directoryType.Okta) {
<div class="form-text">
{{ "ex" | i18n }} exclude:joe&#64;company.com | profile.firstName eq "John"
</div>
}
@if (directory === directoryType.GSuite) {
<div class="form-text">
{{ "ex" | i18n }} exclude:joe&#64;company.com | orgUnitPath=/Engineering
</div>
}
<div class="form-text" *ngIf="directory === directoryType.Ldap">
{{ "ex" | i18n }} (&amp;(givenName=John)(|(l=Dallas)(l=Austin)))
</div>
<div class="form-text" *ngIf="directory === directoryType.EntraID">
{{ "ex" | i18n }} exclude:joe&#64;company.com
</div>
<div class="form-text" *ngIf="directory === directoryType.Okta">
{{ "ex" | i18n }} exclude:joe&#64;company.com | profile.firstName eq "John"
</div>
<div class="form-text" *ngIf="directory === directoryType.GSuite">
{{ "ex" | i18n }} exclude:joe&#64;company.com | orgUnitPath=/Engineering
</div>
</div>
<div class="mb-3" [hidden]="directory != directoryType.Ldap">
<label for="userPath" class="form-label">{{ "userPath" | i18n }}</label>
@@ -699,20 +681,18 @@
name="GroupFilter"
[(ngModel)]="sync.groupFilter"
></textarea>
@if (directory === directoryType.Ldap) {
<div class="form-text">
{{ "ex" | i18n }} (&amp;(objectClass=group)(!(cn=Sales*))(!(cn=IT*)))
</div>
}
@if (directory === directoryType.EntraID) {
<div class="form-text">{{ "ex" | i18n }} include:Sales,IT</div>
}
@if (directory === directoryType.Okta) {
<div class="form-text">{{ "ex" | i18n }} include:Sales,IT | type eq "APP_GROUP"</div>
}
@if (directory === directoryType.GSuite) {
<div class="form-text">{{ "ex" | i18n }} include:Sales,IT</div>
}
<div class="form-text" *ngIf="directory === directoryType.Ldap">
{{ "ex" | i18n }} (&amp;(objectClass=group)(!(cn=Sales*))(!(cn=IT*)))
</div>
<div class="form-text" *ngIf="directory === directoryType.EntraID">
{{ "ex" | i18n }} include:Sales,IT
</div>
<div class="form-text" *ngIf="directory === directoryType.Okta">
{{ "ex" | i18n }} include:Sales,IT | type eq "APP_GROUP"
</div>
<div class="form-text" *ngIf="directory === directoryType.GSuite">
{{ "ex" | i18n }} include:Sales,IT
</div>
</div>
<div class="mb-3" [hidden]="directory != directoryType.Ldap">
<label for="groupPath" class="form-label">{{ "groupPath" | i18n }}</label>
@@ -723,12 +703,8 @@
name="GroupPath"
[(ngModel)]="sync.groupPath"
/>
@if (!ldap.ad) {
<div class="form-text">{{ "ex" | i18n }} CN=Groups</div>
}
@if (ldap.ad) {
<div class="form-text">{{ "ex" | i18n }} CN=Users</div>
}
<div class="form-text" *ngIf="!ldap.ad">{{ "ex" | i18n }} CN=Groups</div>
<div class="form-text" *ngIf="ldap.ad">{{ "ex" | i18n }} CN=Users</div>
</div>
<div [hidden]="directory != directoryType.Ldap || ldap.ad">
<div class="mb-3">

2
src/scss/bootstrap.scss vendored
View File

@@ -28,4 +28,4 @@ $danger: map_get($theme-colors, "danger");
$secondary: map_get($theme-colors, "secondary");
$secondary-alt: map_get($theme-colors, "secondary-alt");
@import "bootstrap/scss/bootstrap.scss";
@import "~bootstrap/scss/bootstrap.scss";

2
src/scss/environment.scss
View File

@@ -1,4 +1,4 @@
@import "bootstrap/scss/_variables.scss";
@import "~bootstrap/scss/_variables.scss";
html.os_windows {
body {

2
src/scss/misc.scss
View File

@@ -1,4 +1,4 @@
@import "bootstrap/scss/_variables.scss";
@import "~bootstrap/scss/_variables.scss";
body {
padding: 10px 0 20px 0;

4
src/scss/plugins.scss
View File

@@ -1,6 +1,6 @@
@import "ngx-toastr/toastr";
@import "~ngx-toastr/toastr";
@import "bootstrap/scss/_variables.scss";
@import "~bootstrap/scss/_variables.scss";
.toast-container {
.toast-close-button {

4
test.setup.ts
View File

@@ -1,7 +1,7 @@
import { webcrypto } from "crypto";
import { TextEncoder, TextDecoder } from "util";
Object.assign(globalThis, { TextEncoder, TextDecoder });
import "jest-preset-angular/setup-jest";
Object.defineProperty(window, "CSS", { value: null });
Object.defineProperty(window, "getComputedStyle", {
value: () => {

6
tsconfig.json
View File

@@ -5,9 +5,9 @@
},
"compilerOptions": {
"pretty": true,
"moduleResolution": "bundler",
"moduleResolution": "node",
"noImplicitAny": true,
"target": "ES2016",
"target": "ES2020",
"module": "ES2020",
"lib": ["es5", "es6", "es7", "dom"],
"sourceMap": true,
@@ -18,6 +18,8 @@
"outDir": "dist",
"baseUrl": ".",
"resolveJsonModule": true,
"skipLibCheck": true,
"noEmitOnError": false,
"paths": {
"tldjs": ["./jslib/common/src/misc/tldjs.noop"],
"@/*": ["./*"]

13
tsconfig.renderer.json Normal file
View File

@@ -0,0 +1,13 @@
{
"extends": "./tsconfig.json",
"angularCompilerOptions": {
"strictTemplates": true,
"preserveWhitespaces": true
},
"compilerOptions": {
"skipLibCheck": true,
"noEmitOnError": false
},
"include": ["src/app"],
"exclude": ["jslib", "**/*.spec.ts"]
}

9
webpack.cli.cjs
View File

@@ -14,7 +14,12 @@ const ENV = (process.env.ENV = process.env.NODE_ENV);
const moduleRules = [
{
test: /\.ts$/,
use: "ts-loader",
use: {
loader: "ts-loader",
options: {
transpileOnly: true,
},
},
exclude: path.resolve(__dirname, "node_modules"),
},
{
@@ -62,7 +67,7 @@ const config = {
modules: [path.resolve("node_modules")],
},
output: {
filename: "[name].js",
filename: "[name].cjs",
path: path.resolve(__dirname, "build-cli"),
},
module: { rules: moduleRules },

10
webpack.main.cjs
View File

@@ -10,7 +10,12 @@ const common = {
rules: [
{
test: /\.tsx?$/,
use: "ts-loader",
use: {
loader: "ts-loader",
options: {
transpileOnly: true,
},
},
exclude: /node_modules\/(?!(@bitwarden)\/).*/,
},
],
@@ -57,6 +62,9 @@ const main = {
],
}),
],
output: {
filename: "[name].cjs",
},
externals: {
"electron-reload": "commonjs2 electron-reload",
keytar: "commonjs2 keytar",

4
webpack.renderer.cjs
View File

@@ -38,7 +38,7 @@ const common = {
plugins: [],
resolve: {
extensions: [".tsx", ".ts", ".js", ".json"],
plugins: [new TsconfigPathsPlugin({ configFile: "./tsconfig.json" })],
plugins: [new TsconfigPathsPlugin({ configFile: "./tsconfig.renderer.json" })],
symlinks: false,
modules: [path.resolve("node_modules")],
},
@@ -113,7 +113,7 @@ const renderer = {
},
plugins: [
new AngularWebpackPlugin({
tsConfigPath: "tsconfig.json",
tsConfigPath: "tsconfig.renderer.json",
entryModule: "src/app/app.module#AppModule",
sourceMap: true,
}),