Bumped version to 2.9.10 (#232 )

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> (cherry picked from commit 7776009a31)
Add rxjs (#231 )
2025-12-16 08:14:01 +00:00 · 2022-02-11 14:23:44 -08:00 · 2022-02-11 16:44:41 -05:00 · 2022-02-10 08:55:56 -08:00 · 2022-02-07 12:12:37 -05:00 · 2022-02-03 14:48:07 -05:00
114 changed files with 27120 additions and 18254 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -7,10 +7,9 @@ root = true
 [*]
 end_of_line = lf
 insert_final_newline = true
-quote_type = single

 # Set default charset
 [*.{js,ts,scss,html}]
 charset = utf-8
 indent_style = space
-indent_size = 4
+indent_size = 2
--- a/.git-blame-ignore-revs
+++ b/.git-blame-ignore-revs
@@ -0,0 +1,2 @@
+# Apply Prettier https://github.com/bitwarden/directory-connector/pull/194
+096196fcd512944d1c3d9c007647a1319b032639
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,33 @@
+## Type of change
+
+- [ ] Bug fix
+- [ ] New feature development
+- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
+- [ ] Build/deploy pipeline (DevOps)
+- [ ] Other
+
+## Objective
+
+<!--Describe what the purpose of this PR is. For example: what bug you're fixing or what new feature you're adding-->
+
+## Code changes
+
+<!--Explain the changes you've made to each file or major component. This should help the reviewer understand your changes-->
+<!--Also refer to any related changes or PRs in other repositories-->
+
+- **file.ext:** Description of what was changed and why
+
+## Screenshots
+
+<!--Required for any UI changes. Delete if not applicable-->
+
+## Testing requirements
+
+<!--What functionality requires testing by QA? This includes testing new behavior and regression testing-->
+
+## Before you submit
+
+- [ ] I have checked for **linting** errors (`npm run lint`) (required)
+- [ ] I have added **unit tests** where it makes sense to do so (encouraged but not required)
+- [ ] This change requires a **documentation update** (notify the documentation team)
+- [ ] This change has particular **deployment requirements** (notify the DevOps team)
--- a/.github/secrets/devid-app-cert.p12.gpg
+++ b/.github/secrets/devid-app-cert.p12.gpg
--- a/.github/secrets/devid-installer-cert.p12.gpg
+++ b/.github/secrets/devid-installer-cert.p12.gpg
--- a/.github/secrets/macdev-cert.p12.gpg
+++ b/.github/secrets/macdev-cert.p12.gpg
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -0,0 +1,688 @@
+---
+name: Build
+
+on:
+  push:
+    branches-ignore:
+      - 'l10n_master'
+
+
+jobs:
+  cloc:
+    name: CLOC
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: Set up CLOC
+        run: |
+          sudo apt update
+          sudo apt -y install cloc
+
+      - name: Print lines of code
+        run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git
+
+
+  setup:
+    name: Setup
+    runs-on: ubuntu-20.04
+    outputs:
+      package_version: ${{ steps.retrieve-version.outputs.package_version }}
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: Get Package Version
+        id: retrieve-version
+        run: |
+          PKG_VERSION=$(jq -r .version src/package.json)
+          echo "::set-output name=package_version::$PKG_VERSION"
+
+
+  linux-cli:
+    name: Build Linux CLI
+    runs-on: ubuntu-20.04
+    needs: setup
+    env:
+      _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
+      _PKG_FETCH_NODE_VERSION: 16.13.0
+      _PKG_FETCH_VERSION: 3.2
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '16'
+
+      - name: Update NPM
+        run: |
+          npm install -g node-gyp
+          node-gyp install $(node -v)
+
+      - name: Get pkg-fetch
+        run: |
+          cd $HOME
+          fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-linux-x64"
+
+          mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION
+          wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-linux-x64"
+
+      - name: Keytar
+        run: |
+          keytarVersion=$(cat src/package.json | jq -r '.dependencies.keytar')
+          keytarTar="keytar-v$keytarVersion-napi-v3-linux-x64.tar"
+
+          keytarTarGz="$keytarTar.gz"
+          keytarUrl="https://github.com/atom/node-keytar/releases/download/v$keytarVersion/$keytarTarGz"
+
+          mkdir -p ./keytar/linux
+          wget $keytarUrl -O ./keytar/linux/$keytarTarGz
+          tar -xvf ./keytar/linux/$keytarTarGz -C ./keytar/linux
+
+      - name: Install
+        run: npm install
+
+      - name: Package CLI
+        run: npm run dist:cli:lin
+
+      - name: Zip
+        run: |
+          zip -j ./dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip ./dist-cli/linux/bwdc ./keytar/linux/build/Release/keytar.node
+
+      - name: Create checksums
+        run: |
+          sha256sum ./dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip | cut -d " " -f 1 > ./dist-cli/bwdc-linux-sha256-$_PACKAGE_VERSION.txt
+
+      - name: Version Test
+        run: |
+          sudo apt install libsecret-1-0 dbus-x11 gnome-keyring
+          eval $(dbus-launch --sh-syntax)
+          
+          eval $(echo -n "" | /usr/bin/gnome-keyring-daemon --login)
+          eval $(/usr/bin/gnome-keyring-daemon --components=secrets --start)
+
+          mkdir -p test/linux
+          unzip ./dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip -d ./test/linux
+
+          testVersion=$(./test/linux/bwdc -v)
+
+          echo "version: $_PACKAGE_VERSION"
+          echo "testVersion: $testVersion"
+
+          if [ "$testVersion" != "$_PACKAGE_VERSION" ]; then
+            echo "Version test failed."
+            exit 1
+          fi
+
+      - name: Upload Linux Zip to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: bwdc-linux-${{ env._PACKAGE_VERSION }}.zip
+          path: ./dist-cli/bwdc-linux-${{ env._PACKAGE_VERSION }}.zip
+          if-no-files-found: error
+
+      - name: Upload Linux checksum to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
+          path: ./dist-cli/bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
+          if-no-files-found: error
+
+
+  macos-cli:
+    name: Build Mac CLI
+    runs-on: macos-11
+    needs: setup
+    env:
+      _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
+      _PKG_FETCH_NODE_VERSION: 16.13.0
+      _PKG_FETCH_VERSION: 3.2
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '16'
+
+      - name: Update NPM
+        run: |
+          npm install -g node-gyp
+          node-gyp install $(node -v)
+
+      - name: Get pkg-fetch
+        run: |
+          cd $HOME
+          fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-macos-x64"
+
+          mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION
+          wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-macos-x64"
+
+      - name: Keytar
+        run: |
+          keytarVersion=$(cat src/package.json | jq -r '.dependencies.keytar')
+          keytarTar="keytar-v$keytarVersion-napi-v3-darwin-x64.tar"
+
+          keytarTarGz="$keytarTar.gz"
+          keytarUrl="https://github.com/atom/node-keytar/releases/download/v$keytarVersion/$keytarTarGz"
+
+          mkdir -p ./keytar/macos
+          wget $keytarUrl -O ./keytar/macos/$keytarTarGz
+          tar -xvf ./keytar/macos/$keytarTarGz -C ./keytar/macos
+
+      - name: Install
+        run: npm install
+
+      - name: Package CLI
+        run: npm run dist:cli:mac
+
+      - name: Zip
+        run: |
+          zip -j ./dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip ./dist-cli/macos/bwdc ./keytar/macos/build/Release/keytar.node
+
+      - name: Create checksums
+        run: |
+          sha256sum ./dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip | cut -d " " -f 1 > ./dist-cli/bwdc-macos-sha256-$_PACKAGE_VERSION.txt
+
+      - name: Version Test
+        run: |
+          mkdir -p test/macos
+          unzip ./dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip -d ./test/macos
+
+          testVersion=$(./test/macos/bwdc -v)
+
+          echo "version: $_PACKAGE_VERSION"
+          echo "testVersion: $testVersion"
+
+          if [ "$testVersion" != "$_PACKAGE_VERSION" ]; then
+            echo "Version test failed."
+            exit 1
+          fi
+
+      - name: Upload Mac Zip to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: bwdc-macos-${{ env._PACKAGE_VERSION }}.zip
+          path: ./dist-cli/bwdc-macos-${{ env._PACKAGE_VERSION }}.zip
+          if-no-files-found: error
+
+      - name: Upload Mac checksum to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
+          path: ./dist-cli/bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
+          if-no-files-found: error
+
+
+  windows-cli:
+    name: Build Windows CLI
+    runs-on: windows-2019
+    needs: setup
+    env:
+      _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
+      _WIN_PKG_FETCH_VERSION: 16.13.0
+      _WIN_PKG_VERSION: 3.2
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: Setup Windows builder
+        run: |
+          choco install checksum --no-progress
+          choco install reshack --no-progress
+
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '16'
+
+      - name: Update NPM
+        run: |
+          npm install -g node-gyp
+          node-gyp install $(node -v)
+
+      - name: Get pkg-fetch
+        shell: pwsh
+        run: |
+          cd $HOME
+          $fetchedUrl = "https://github.com/vercel/pkg-fetch/releases/download/v$env:_WIN_PKG_VERSION/node-v$env:_WIN_PKG_FETCH_VERSION-win-x64"
+
+          New-Item -ItemType directory -Path ./.pkg-cache
+          New-Item -ItemType directory -Path ./.pkg-cache/v$env:_WIN_PKG_VERSION
+          Invoke-RestMethod -Uri $fetchedUrl `
+            -OutFile "./.pkg-cache/v$env:_WIN_PKG_VERSION/fetched-v$env:_WIN_PKG_FETCH_VERSION-win-x64"
+
+      - name: Keytar
+        shell: pwsh
+        run: |
+          $keytarVersion = (Get-Content -Raw -Path ./src/package.json | ConvertFrom-Json).dependencies.keytar
+          $keytarTar = "keytar-v${keytarVersion}-napi-v3-{0}-x64.tar"
+          $keytarTarGz = "${keytarTar}.gz"
+          $keytarUrl = "https://github.com/atom/node-keytar/releases/download/v${keytarVersion}/${keytarTarGz}"
+
+          New-Item -ItemType directory -Path ./keytar/windows | Out-Null
+
+          Invoke-RestMethod -Uri $($keytarUrl -f "win32") -OutFile "./keytar/windows/$($keytarTarGz -f "win32")"
+
+          7z e "./keytar/windows/$($keytarTarGz -f "win32")" -o"./keytar/windows"
+
+          7z e "./keytar/windows/$($keytarTar -f "win32")" -o"./keytar/windows"
+
+      - name: Setup Version Info
+        shell: pwsh
+        run: |
+          $major, $minor, $patch = $env:_PACKAGE_VERSION.split('.')
+
+          $versionInfo = @"
+
+          1 VERSIONINFO
+          FILEVERSION $major,$minor,$patch,0
+          PRODUCTVERSION $major,$minor,$patch,0
+          FILEOS 0x40004
+          FILETYPE 0x1
+          {
+          BLOCK "StringFileInfo"
+          {
+            BLOCK "040904b0"
+            {
+              VALUE "CompanyName", "Bitwarden Inc."
+              VALUE "ProductName", "Bitwarden"
+              VALUE "FileDescription", "Bitwarden Directory Connector CLI"
+              VALUE "FileVersion", "$env:_PACKAGE_VERSION"
+              VALUE "ProductVersion", "$env:_PACKAGE_VERSION"
+              VALUE "OriginalFilename", "bwdc.exe"
+              VALUE "InternalName", "bwdc"
+              VALUE "LegalCopyright", "Copyright Bitwarden Inc."
+            }
+          }
+
+          BLOCK "VarFileInfo"
+          {
+            VALUE "Translation", 0x0409 0x04B0
+          }
+          }
+          "@
+
+          $versionInfo | Out-File ./version-info.rc
+
+      - name: Resource Hacker
+        shell: cmd
+        run: |
+          set PATH=%PATH%;C:\Program Files (x86)\Resource Hacker
+          set WIN_PKG=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\fetched-v%_WIN_PKG_FETCH_VERSION%-win-x64
+          set WIN_PKG_BUILT=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\built-v%_WIN_PKG_FETCH_VERSION%-win-x64
+
+          ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action delete -mask ICONGROUP,1,
+          ResourceHacker -open version-info.rc -save version-info.res -action compile
+          ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action addoverwrite -resource version-info.res
+
+      - name: Install
+        run: npm install
+
+      - name: Package CLI
+        run: npm run dist:cli:win
+
+      - name: Zip
+        shell: cmd
+        run: |
+          7z a ./dist-cli/bwdc-windows-%_PACKAGE_VERSION%.zip ./dist-cli/windows/bwdc.exe ./keytar/windows/keytar.node
+
+      - name: Version Test
+        run: |
+          Expand-Archive -Path "./dist-cli/bwdc-windows-${env:_PACKAGE_VERSION}.zip" -DestinationPath "./test/windows"
+          $testVersion = Invoke-Expression '& ./test/windows/bwdc.exe -v'
+          echo "version: $env:_PACKAGE_VERSION"
+          echo "testVersion: $testVersion"
+          if($testVersion -ne $env:_PACKAGE_VERSION) {
+            Throw "Version test failed."
+          }
+
+      - name: Create checksums
+        run: |
+          checksum -f="./dist-cli/bwdc-windows-${env:_PACKAGE_VERSION}.zip" `
+            -t sha256 | Out-File ./dist-cli/bwdc-windows-sha256-${env:_PACKAGE_VERSION}.txt
+
+      - name: Upload Windows Zip to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: bwdc-windows-${{ env._PACKAGE_VERSION }}.zip
+          path: ./dist-cli/bwdc-windows-${{ env._PACKAGE_VERSION }}.zip
+          if-no-files-found: error
+
+      - name: Upload Windows checksum to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
+          path: ./dist-cli/bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
+          if-no-files-found: error
+
+
+  windows-gui:
+    name: Build Windows GUI
+    runs-on: windows-2019
+    needs: setup
+    env:
+      _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
+    steps:
+      - name: Set up .NET
+        uses: actions/setup-dotnet@a71d1eb2c86af85faa8c772c03fb365e377e45ea
+        with:
+          dotnet-version: "3.1.x"
+
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '16'
+
+      - name: Update NPM
+        run: |
+          npm install -g node-gyp
+          node-gyp install $(node -v)
+
+      - name: Set Node options
+        run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+        shell: pwsh
+
+      - name: Print environment
+        run: |
+          node --version
+          npm --version
+          dotnet --version
+
+      - name: Install AST
+        uses: bitwarden/gh-actions/install-ast@f135c42c8596cb535c5bcb7523c0b2eef89709ac
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: Install Node dependencies
+        run: npm install
+
+      # - name: Run linter
+      #   run: npm run lint
+
+      - name: Build & Sign
+        run: npm run dist:win
+        env:
+          ELECTRON_BUILDER_SIGN: 1
+          SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }}
+          SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }}
+          SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }}
+          SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }}
+          SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }}
+
+      - name: Upload Portable Executable to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe
+          path: ./dist/Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe
+          if-no-files-found: error
+
+      - name: Upload Installer Executable to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe
+          path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe
+          if-no-files-found: error
+
+      - name: Upload Installer Executable Blockmap to GitHub
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap
+          path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap
+          if-no-files-found: error
+
+      - name: Upload latest auto-update artifact
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: latest.yml
+          path: ./dist/latest.yml
+          if-no-files-found: error
+
+
+  linux-gui:
+    name: Build Linux GUI
+    runs-on: ubuntu-20.04
+    needs: setup
+    env:
+      _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
+    steps:
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '16'
+
+      - name: Update NPM
+        run: |
+          npm install -g node-gyp
+          node-gyp install $(node -v)
+
+      - name: Set Node options
+        run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
+
+      - name: Set up environment
+        run: |
+          sudo apt-get update
+          sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev
+          sudo apt-get -y install rpm
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: NPM Install
+        run: npm install
+
+      - name: NPM Rebuild
+        run: npm run rebuild
+
+      - name: NPM Package
+        run: npm run dist:lin
+
+      - name: Upload AppImage
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
+          path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
+          if-no-files-found: error
+
+      - name: Upload latest auto-update artifact
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: latest-linux.yml
+          path: ./dist/latest-linux.yml
+          if-no-files-found: error
+
+
+  macos-gui:
+    name: Build MacOS GUI
+    runs-on: macos-11
+    needs: setup
+    env:
+      _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
+    steps:
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '16'
+
+      - name: Update NPM
+        run: |
+          npm install -g node-gyp
+          node-gyp install $(node -v)
+
+      - name: Set Node options
+        run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
+
+      - name: Print environment
+        run: |
+          node --version
+          npm --version
+          echo "GitHub ref: $GITHUB_REF"
+          echo "GitHub event: $GITHUB_EVENT"
+        shell: bash
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+
+      - name: Decrypt secrets
+        env:
+          DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }}
+        shell: bash
+        run: |
+          mkdir -p $HOME/secrets
+
+          gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \
+            --output "$HOME/secrets/devid-app-cert.p12" \
+            "$GITHUB_WORKSPACE/.github/secrets/devid-app-cert.p12.gpg"
+
+          gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \
+            --output "$HOME/secrets/devid-installer-cert.p12" \
+            "$GITHUB_WORKSPACE/.github/secrets/devid-installer-cert.p12.gpg"
+
+          gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \
+            --output "$HOME/secrets/macdev-cert.p12" \
+            "$GITHUB_WORKSPACE/.github/secrets/macdev-cert.p12.gpg"
+
+      - name: Set up keychain
+        env:
+          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+          DEVID_CERT_PASSWORD: ${{ secrets.DEVID_CERT_PASSWORD }}
+          MACDEV_CERT_PASSWORD: ${{ secrets.MACDEV_CERT_PASSWORD }}
+        shell: bash
+        run: |
+          security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
+          security default-keychain -s build.keychain
+          security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain
+          security set-keychain-settings -lut 1200 build.keychain
+          security import "$HOME/secrets/devid-app-cert.p12" -k build.keychain -P $DEVID_CERT_PASSWORD \
+            -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild
+          security import "$HOME/secrets/devid-installer-cert.p12" -k build.keychain -P $DEVID_CERT_PASSWORD \
+            -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild
+          security import "$HOME/secrets/macdev-cert.p12" -k build.keychain -P $MACDEV_CERT_PASSWORD \
+            -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild
+          security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain
+
+      - name: Load package version
+        run: |
+          $rootPath = $env:GITHUB_WORKSPACE;
+          $packageVersion = (Get-Content -Raw -Path $rootPath\src\package.json | ConvertFrom-Json).version;
+
+          Write-Output "Setting package version to $packageVersion";
+          Write-Output "PACKAGE_VERSION=$packageVersion" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append;
+        shell: pwsh
+
+      - name: Install Node dependencies
+        run: npm install
+
+      # - name: Run linter
+      #   run: npm run lint
+
+      - name: Build application
+        run: npm run dist:mac
+        env:
+          APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }}
+          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
+
+      - name: Rename Zip Artifact
+        run: |
+          cd dist
+          mv "Bitwarden Directory Connector-${{ env._PACKAGE_VERSION }}-mac.zip" \
+             "Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip"
+
+      - name: Upload .zip artifact
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip
+          path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip
+          if-no-files-found: error
+
+      - name: Upload .dmg artifact
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg
+          path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg
+          if-no-files-found: error
+
+      - name: Upload .dmg Blockmap artifact
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap
+          path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap
+          if-no-files-found: error
+
+      - name: Upload latest auto-update artifact
+        uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700  # v2.2.3
+        with:
+          name: latest-mac.yml
+          path: ./dist/latest-mac.yml
+          if-no-files-found: error
+
+
+  check-failures:
+    name: Check for failures
+    runs-on: ubuntu-20.04
+    needs:
+      - cloc
+      - setup
+      - linux-cli
+      - macos-cli
+      - windows-cli
+      - windows-gui
+      - linux-gui
+      - macos-gui
+    steps:
+      - name: Check if any job failed
+        if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }}
+        env:
+          CLOC_STATUS: ${{ needs.cloc.result }}
+          SETUP_STATUS: ${{ needs.setup.result }}
+          LINUX_CLI_STATUS: ${{ needs.linux-cli.result }}
+          MACOS_CLI_STATUS: ${{ needs.macos-cli.result }}
+          WINDOWS_CLI_STATUS: ${{ needs.windows-cli.result }}
+          WINDOWS_GUI_STATUS: ${{ needs.windows-gui.result }}
+          LINUX_GUI_STATUS: ${{ needs.linux-gui.result }}
+          MACOS_GUI_STATUS: ${{ needs.macos-gui.result }}
+        run: |
+          if [ "$CLOC_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$SETUP_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$LINUX_CLI_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$MACOS_CLI_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$WINDOWS_CLI_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$WINDOWS_GUI_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$LINUX_GUI_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$MACOS_GUI_STATUS" = "failure" ]; then
+              exit 1
+          fi
+
+      - name: Login to Azure - Prod Subscription
+        uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
+        if: failure()
+        with:
+          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+
+      - name: Retrieve secrets
+        id: retrieve-secrets
+        uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
+        if: failure()
+        with:
+          keyvault: "bitwarden-prod-kv"
+          secrets: "devops-alerts-slack-webhook-url"
+
+      - name: Notify Slack on failure
+        uses: act10ns/slack@e4e71685b9b239384b0f676a63c32367f59c2522  # v1.2.2
+        if: failure()
+        env:
+          SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}
+        with:
+          status: ${{ job.status }}
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -0,0 +1,94 @@
+---
+name: Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      release_type:
+        description: 'Release Options'
+        required: true
+        default: 'Initial Release'
+        type: choice
+        options:
+          - Initial Release
+          - Redeploy
+
+jobs:
+  setup:
+    name: Setup
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Branch check
+        run: |
+          if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix" ]]; then
+            echo "==================================="
+            echo "[!] Can only release from the 'rc' or 'hotfix' branches"
+            echo "==================================="
+            exit 1
+          fi
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+
+      - name: Retrieve Directory Connector release version
+        id: retrieve-version
+        run: |
+          PKG_VERSION=$(jq -r .version src/package.json)
+          echo "::set-output name=package_version::$PKG_VERSION"
+
+      - name: Check to make sure Mobile release version has been bumped
+        if: ${{ github.event.inputs.release_type == 'Initial Release' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          latest_ver=$(hub release -L 1 -f '%T')
+          latest_ver=${latest_ver:1}
+          echo "Latest version: $latest_ver"
+          ver=${{ steps.retrieve-version.outputs.package_version }}
+          echo "Version: $ver"
+          if [ "$latest_ver" = "$ver" ]; then
+            echo "Version has not been bumped!"
+            exit 1
+          fi
+        shell: bash
+
+      - name: Get branch name
+        id: branch
+        run: |
+          BRANCH_NAME=$(basename ${{ github.ref }})
+          echo "::set-output name=branch-name::$BRANCH_NAME"
+
+      - name: Download all artifacts
+        uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783
+        with:
+          workflow: build.yml
+          workflow_conclusion: success
+          branch: ${{ steps.branch.outputs.branch-name }}
+
+      - name: Create release
+        uses: ncipollo/release-action@95215a3cb6e6a1908b3c44e00b4fdb15548b1e09  # v2.8.5
+        env:
+          PKG_VERSION: ${{ steps.retrieve-version.outputs.package_version }}
+        with:
+          artifacts: "./bwdc-windows-${{ env.PKG_VERSION }}.zip,
+                      ./bwdc-macos-${{ env.PKG_VERSION }}.zip,
+                      ./bwdc-linux-${{ env.PKG_VERSION }}.zip,
+                      ./bwdc-windows-sha256-${{ env.PKG_VERSION }}.txt,
+                      ./bwdc-macos-sha256-${{ env.PKG_VERSION }}.txt,
+                      ./bwdc-linux-sha256-${{ env.PKG_VERSION }}.txt,
+                      ./Bitwarden-Connector-Portable-${{ env.PKG_VERSION }}.exe,
+                      ./Bitwarden-Connector-Installer-${{ env.PKG_VERSION }}.exe,
+                      ./Bitwarden-Connector-Installer-${{ env.PKG_VERSION }}.exe.blockmap,
+                      ./Bitwarden-Connector-${{ env.PKG_VERSION }}-x86_64.AppImage,
+                      ./Bitwarden-Connector-${{ env.PKG_VERSION }}-mac.zip,
+                      ./Bitwarden-Connector-${{ env.PKG_VERSION }}.dmg,
+                      ./Bitwarden-Connector-${{ env.PKG_VERSION }}.dmg.blockmap,
+                      ./latest-linux.yml,
+                      ./latest-mac.yml,
+                      ./latest.yml"
+          commit: ${{ github.sha }}
+          tag: v${{ env.PKG_VERSION }}
+          name: Version ${{ env.PKG_VERSION }}
+          body: "<insert release notes here>"
+          token: ${{ secrets.GITHUB_TOKEN }}
+          draft: true
--- a/.github/workflows/version-bump.yml
+++ b/.github/workflows/version-bump.yml
@@ -0,0 +1,65 @@
+---
+name: Version Bump
+
+on:
+  workflow_dispatch:
+    inputs:
+      version_number:
+        description: "New Version"
+        required: true
+
+jobs:
+  bump_version:
+    name: "Create version_bump_${{ github.event.inputs.version_number }} branch"
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout Branch
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+
+      - name: Create Version Branch
+        run: |
+          git switch -c version_bump_${{ github.event.inputs.version_number }}
+          git push -u origin version_bump_${{ github.event.inputs.version_number }}
+
+      - name: Checkout Version Branch
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        with:
+          ref: version_bump_${{ github.event.inputs.version_number }}
+
+      - name: Bump Version - Package
+        uses: bitwarden/gh-actions/version-bump@03ad9a873c39cdc95dd8d77dbbda67f84db43945
+        with:
+          version: ${{ github.event.inputs.version_number }}
+          file_path: "./src/package.json"
+
+      - name: Commit files
+        run: |
+          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+          git commit -m "Bumped version to ${{ github.event.inputs.version_number }}" -a
+
+      - name: Push changes
+        run: git push -u origin version_bump_${{ github.event.inputs.version_number }}
+
+      - name: Create Version PR
+        env:
+          PR_BRANCH: "version_bump_${{ github.event.inputs.version_number }}"
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          BASE_BRANCH: master
+          TITLE: "Bump version to ${{ github.event.inputs.version_number }}"
+        run: |
+          gh pr create --title "$TITLE" \
+            --base "$BASE" \
+            --head "$PR_BRANCH" \
+            --label "version update" \
+            --label "automated pr" \
+            --body "
+              ## Type of change
+              - [ ] Bug fix
+              - [ ] New feature development
+              - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
+              - [ ] Build/deploy pipeline (DevOps)
+              - [X] Other
+              
+              ## Objective
+              Automated version bump to ${{ github.event.inputs.version_number }}"
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@ yarn-error.log
 .DS_Store
 *.nupkg
 *.provisionprofile
+*.env
--- a/.husky/.gitignore
+++ b/.husky/.gitignore
@@ -0,0 +1 @@
+_
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npx lint-staged
--- a/.prettierignore
+++ b/.prettierignore
@@ -0,0 +1,11 @@
+# Build directories
+build
+dist
+
+jslib
+
+# External libraries / auto synced locales
+src/locales
+
+# Github Workflows
+.github/workflows 
--- a/.prettierrc.json
+++ b/.prettierrc.json
@@ -0,0 +1,3 @@
+{
+  "printWidth": 100
+}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -7,10 +7,7 @@
      "name": "Electron: Main",
      "protocol": "inspector",
      "cwd": "${workspaceRoot}/build",
-          "runtimeArgs": [
-              "--remote-debugging-port=9223",
-              "."
-          ],
+      "runtimeArgs": ["--remote-debugging-port=9223", "."],
      "windows": {
        "runtimeExecutable": "${workspaceFolder}/node_modules/.bin/electron.cmd"
      },
@@ -23,15 +20,21 @@
      "port": 9223,
      "webRoot": "${workspaceFolder}/build",
      "sourceMaps": true
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug CLI",
+      "protocol": "inspector",
+      "cwd": "${workspaceFolder}",
+      "program": "${workspaceFolder}/build-cli/bwdc.js",
+      "args": ["sync"]
    }
  ],
  "compounds": [
    {
      "name": "Electron: All",
-          "configurations": [
-              "Electron: Main",
-              "Electron: Renderer"
-          ]
+      "configurations": ["Electron: Main", "Electron: Renderer"]
    }
  ]
 }
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-[![appveyor build](https://ci.appveyor.com/api/projects/status/github/bitwarden/directory-connector?branch=master&svg=true)](https://ci.appveyor.com/project/bitwarden/directory-connector)
+![Build](https://github.com/bitwarden/directory-connector/workflows/Build/badge.svg)
 [![Join the chat at https://gitter.im/bitwarden/Lobby](https://badges.gitter.im/bitwarden/Lobby.svg)](https://gitter.im/bitwarden/Lobby)

 # Bitwarden Directory Connector
@@ -6,6 +6,7 @@
 The Bitwarden Directory Connector is a a desktop application used to sync your Bitwarden enterprise organization to an existing directory of users and groups.

 Supported directories:
+
 - Active Directory
 - Any other LDAP-based directory
 - Azure Active Directory
@@ -47,7 +48,7 @@ We provide detailed documentation and examples for using the Directory Connector

 **Requirements**

- [Node.js](https://nodejs.org/)
+- [Node.js](https://nodejs.org) v16.13.1 (LTS)
 - Windows users: To compile the native node modules used in the app you will need the Visual C++ toolset, available through the standard Visual Studio installer (recommended) or by installing [`windows-build-tools`](https://github.com/felixrieseberg/windows-build-tools) through `npm`. See more at [Compiling native Addon modules](https://github.com/Microsoft/nodejs-guidelines/blob/master/windows-environment.md#compiling-native-addon-modules).

 **Run the app**
@@ -78,3 +79,23 @@ node ./build-cli/bwdc.js --help
 Code contributions are welcome! Please commit any pull requests against the `master` branch. Learn more about how to contribute by reading the [`CONTRIBUTING.md`](CONTRIBUTING.md) file.

 Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the [`SECURITY.md`](SECURITY.md) file.
+
+### Prettier
+
+We recently migrated to using Prettier as code formatter. All previous branches will need to updated to avoid large merge conflicts using the following steps:
+
+1. Check out your local Branch
+2. Run `git merge 225073aa335d33ad905877b68336a9288e89ea10`
+3. Resolve any merge conflicts, commit.
+4. Run `npm run prettier`
+5. Commit
+6. Run `git merge -Xours 096196fcd512944d1c3d9c007647a1319b032639`
+7. Push
+
+#### Git blame
+
+We also recommend that you configure git to ignore the prettier revision using:
+
+```bash
+git config blame.ignoreRevsFile .git-blame-ignore-revs
+```
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -1,162 +0,0 @@
-image:
- Visual Studio 2017
- Ubuntu1804
-
-branches:
-  except:
-    - l10n_master
-
-environment:
-  WIN_PKG: C:\Users\appveyor\.pkg-cache\v2.5\fetched-v10.4.1-win-x64
-
-stack: node 10
-
-init:
- ps: |
-    if($isWindows -and $env:DEBUG_RDP -eq "true") {
-      iex ((new-object net.webclient).DownloadString(`
-        'https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
-    }
- sh: sudo apt-get update
- sh: sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm
- ps: |
-    if($isWindows) {
-      [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
-      Install-Product node 10
-      $env:PATH = "C:\Program Files (x86)\Resource Hacker;${env:PATH}"
-    }
-    if($env:APPVEYOR_REPO_TAG -eq "true") {
-      $env:RELEASE_NAME = $env:APPVEYOR_REPO_TAG_NAME.TrimStart("v")
-    }
-
-install:
- ps: |
-    $env:PACKAGE_VERSION = (Get-Content -Raw -Path .\src\package.json | ConvertFrom-Json).version
-    $env:PROD_DEPLOY = "false"
-    if($env:APPVEYOR_REPO_TAG -eq "true" -and $env:APPVEYOR_RE_BUILD -eq "True") {
-      $env:PROD_DEPLOY = "true"
-      echo "This is a production deployment."
-    }
-    if($isWindows) {
-      if(Test-Path -Path $env:WIN_PKG) {
-        $env:VER_INFO = "true"
-      }
-      choco install reshack --no-progress
-      choco install cloc --no-progress
-      choco install checksum --no-progress
-      cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git
-      .\make-versioninfo.ps1
-    }
- ps: |
-    if($isWindows) {
-      $keytarVersion = (Get-Content -Raw -Path .\src\package.json | ConvertFrom-Json).dependencies.keytar
-      $nodeModVersion = node -e "console.log(process.config.variables.node_module_version)"
-      $keytarTar = "keytar-v${keytarVersion}-node-v${nodeModVersion}-{0}-x64.tar"
-      $keytarTarGz = "${keytarTar}.gz"
-      $keytarUrl = "https://github.com/atom/node-keytar/releases/download/v${keytarVersion}/${keytarTarGz}"
-
-      New-Item -ItemType directory -Path .\keytar\macos | Out-Null
-      New-Item -ItemType directory -Path .\keytar\linux | Out-Null
-      New-Item -ItemType directory -Path .\keytar\windows | Out-Null
-
-      Invoke-RestMethod -Uri $($keytarUrl -f "darwin") -OutFile ".\keytar\macos\$($keytarTarGz -f "darwin")"
-      Invoke-RestMethod -Uri $($keytarUrl -f "linux") -OutFile ".\keytar\linux\$($keytarTarGz -f "linux")"
-      Invoke-RestMethod -Uri $($keytarUrl -f "win32") -OutFile ".\keytar\windows\$($keytarTarGz -f "win32")"
-
-      7z e ".\keytar\macos\$($keytarTarGz -f "darwin")" -o".\keytar\macos"
-      7z e ".\keytar\linux\$($keytarTarGz -f "linux")" -o".\keytar\linux"
-      7z e ".\keytar\windows\$($keytarTarGz -f "win32")" -o".\keytar\windows"
-
-      7z e ".\keytar\macos\$($keytarTar -f "darwin")" -o".\keytar\macos"
-      7z e ".\keytar\linux\$($keytarTar -f "linux")" -o".\keytar\linux"
-      7z e ".\keytar\windows\$($keytarTar -f "win32")" -o".\keytar\windows"
-    }
-
-before_build:
- node --version
- npm --version
-
-build_script:
- cmd: |
-    if defined VER_INFO ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action delete -mask ICONGROUP,1,
-    if defined VER_INFO ResourceHacker -open version-info.rc -save version-info.res -action compile
-    if defined VER_INFO ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action addoverwrite -resource version-info.res
- sh: npm install
- sh: npm run rebuild
- sh: npm run dist:lin
- cmd: npm install
- cmd: npm run rebuild
- cmd: npm run dist:win:ci
- cmd: npm run reset
- cmd: npm run dist:cli
- cmd: 7z a ./dist-cli/bwdc-windows-%PACKAGE_VERSION%.zip ./dist-cli/windows/bwdc.exe ./keytar/windows/keytar.node
- cmd: 7z a ./dist-cli/bwdc-macos-%PACKAGE_VERSION%.zip ./dist-cli/macos/bwdc ./keytar/macos/keytar.node
- cmd: 7z a ./dist-cli/bwdc-linux-%PACKAGE_VERSION%.zip ./dist-cli/linux/bwdc ./keytar/linux/keytar.node
- ps: |
-    if($isWindows) {
-      Expand-Archive -Path "./dist-cli/bwdc-windows-${env:PACKAGE_VERSION}.zip" -DestinationPath "./test/windows"
-      $testVersion = Invoke-Expression '& ./test/windows/bwdc.exe -v'
-      if($testVersion -ne $env:PACKAGE_VERSION) {
-        Throw "Version test failed."
-      }
-    }
- ps: |
-    if($isWindows) {
-      checksum -f="./dist-cli/bwdc-windows-${env:PACKAGE_VERSION}.zip" `
-        -t sha256 | Out-File ./dist-cli/bwdc-windows-sha256-${env:PACKAGE_VERSION}.txt
-      checksum -f="./dist-cli/bwdc-macos-${env:PACKAGE_VERSION}.zip" `
-        -t sha256 | Out-File ./dist-cli/bwdc-macos-sha256-${env:PACKAGE_VERSION}.txt
-      checksum -f="./dist-cli/bwdc-linux-${env:PACKAGE_VERSION}.zip" `
-        -t sha256 | Out-File ./dist-cli/bwdc-linux-sha256-${env:PACKAGE_VERSION}.txt
-    }
- ps: |
-    if($isLinux) {
-      Push-AppveyorArtifact ./dist/Bitwarden-Connector-${env:PACKAGE_VERSION}-x86_64.AppImage
-    }
-    else {
-      Push-AppveyorArtifact .\dist\Bitwarden-Connector-Portable-${env:PACKAGE_VERSION}.exe
-      Push-AppveyorArtifact .\dist\Bitwarden-Connector-Installer-${env:PACKAGE_VERSION}.exe
-      Push-AppveyorArtifact .\dist-cli\bwdc-windows-${env:PACKAGE_VERSION}.zip
-      Push-AppveyorArtifact .\dist-cli\bwdc-macos-${env:PACKAGE_VERSION}.zip
-      Push-AppveyorArtifact .\dist-cli\bwdc-linux-${env:PACKAGE_VERSION}.zip
-      Push-AppveyorArtifact .\dist-cli\bwdc-windows-sha256-${env:PACKAGE_VERSION}.txt
-      Push-AppveyorArtifact .\dist-cli\bwdc-macos-sha256-${env:PACKAGE_VERSION}.txt
-      Push-AppveyorArtifact .\dist-cli\bwdc-linux-sha256-${env:PACKAGE_VERSION}.txt
-    }
-
-on_finish:
-  - ps: |
-      if($isWindows -and $env:DEBUG_RDP -eq "true") {
-        $blockRdp = $true
-        iex ((new-object net.webclient).DownloadString(`
-          'https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
-      }
-
-for:
- 
-  matrix:
-    only:
-      - image: Visual Studio 2017
-  cache:
-  - '%LOCALAPPDATA%\electron'
-  - '%LOCALAPPDATA%\electron-builder'
-  - 'C:\Users\appveyor\.pkg-cache\'
-
-
-  matrix:
-    only:
-      - image: Ubuntu1804
-  cache:
-  - '/home/appveyor/.cache/electron'
-  - '/home/appveyor/.cache/electron-builder'
-
-deploy:
-  tag: $(APPVEYOR_REPO_TAG_NAME)
-  release: $(RELEASE_NAME)
-  provider: GitHub
-  auth_token: $(GH_TOKEN)
-  artifact: /.*\.(zip|txt)/,
-  force_update: true
-  on:
-    branch: master
-    APPVEYOR_REPO_TAG: true
--- a/gulpfile.js
+++ b/gulpfile.js
@@ -1,31 +0,0 @@
-const gulp = require('gulp');
-const googleWebFonts = require('gulp-google-webfonts');
-const del = require('del');
-
-const paths = {
-    cssDir: './src/css/',
-};
-
-function clean() {
-    return del([paths.cssDir]);
-}
-
-function webfonts() {
-    return gulp.src('./webfonts.list')
-        .pipe(googleWebFonts({
-            fontsDir: 'webfonts',
-            cssFilename: 'webfonts.css',
-            format: 'woff',
-        }))
-        .pipe(gulp.dest(paths.cssDir));
-}
-
-// ref: https://github.com/angular/angular/issues/22524
-function cleanupAotIssue() {
-    return del(['./node_modules/@types/uglify-js/node_modules/source-map/source-map.d.ts']);
-}
-
-exports.clean = clean;
-exports.cleanupAotIssue = cleanupAotIssue;
-exports.webfonts = gulp.series(clean, webfonts);
-exports['prebuild:renderer'] = gulp.parallel(webfonts, cleanupAotIssue);;
--- a/2
+++ b/2
--- a/make-versioninfo.ps1
+++ b/make-versioninfo.ps1
@@ -1,33 +0,0 @@
-$major,$minor,$patch = $env:PACKAGE_VERSION.split('.')
-
-$versionInfo = @"
-
-1 VERSIONINFO
-FILEVERSION $major,$minor,$patch,0
-PRODUCTVERSION $major,$minor,$patch,0
-FILEOS 0x40004
-FILETYPE 0x1
-{
-BLOCK "StringFileInfo"
-{
-	BLOCK "040904b0"
-	{
-		VALUE "CompanyName", "8bit Solutions LLC"
-		VALUE "ProductName", "Bitwarden"
-		VALUE "FileDescription", "Bitwarden Directory Connector CLI"
-		VALUE "FileVersion", "$env:PACKAGE_VERSION"
-		VALUE "ProductVersion", "$env:PACKAGE_VERSION"
-		VALUE "OriginalFilename", "bwdc.exe"
-		VALUE "InternalName", "bwdc"
-		VALUE "LegalCopyright", "Copyright 8bit Solutions LLC"
-	}
-}
-
-BLOCK "VarFileInfo"
-{
-	VALUE "Translation", 0x0409 0x04B0  
-}
-}
-"@
-
-$versionInfo | Out-File ./version-info.rc
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,6 +1,5 @@
 {
-  "name": "bitwarden-directory-connector",
-  "productName": "Bitwarden Directory Connector",
+  "name": "@bitwarden/directory-connector",
  "description": "Sync your user directory to your Bitwarden organization.",
  "version": "0.0.0",
  "keywords": [
@@ -9,7 +8,7 @@
    "vault",
    "password manager"
  ],
-  "author": "8bit Solutions LLC <hello@bitwarden.com> (https://bitwarden.com)",
+  "author": "Bitwarden Inc. <hello@bitwarden.com> (https://bitwarden.com)",
  "homepage": "https://bitwarden.com",
  "repository": {
    "type": "git",
@@ -21,15 +20,18 @@
    "sub:update": "git submodule update --remote",
    "sub:pull": "git submodule foreach git pull origin master",
    "sub:commit": "npm run sub:pull && git commit -am \"update submodule\"",
-    "postinstall": "npm run sub:init",
-    "rebuild": "./node_modules/.bin/electron-rebuild",
+    "preinstall": "npm run sub:init",
+    "symlink:win": "rm -rf ./jslib && cmd /c mklink /J .\\jslib ..\\jslib",
+    "symlink:mac": "npm run symlink:lin",
+    "symlink:lin": "rm -rf ./jslib && ln -s ../jslib ./jslib",
+    "rebuild": "electron-rebuild",
    "reset": "rimraf ./node_modules/keytar/* && npm install",
-    "lint": "tslint src/**/*.ts || true",
-    "lint:fix": "tslint src/**/*.ts --fix",
+    "lint": "tslint 'src/**/*.ts' && prettier --check .",
+    "lint:fix": "tslint 'src/**/*.ts' --fix",
    "build": "concurrently -n Main,Rend -c yellow,cyan \"npm run build:main\" \"npm run build:renderer\"",
    "build:main": "webpack --config webpack.main.js",
-    "build:renderer": "gulp prebuild:renderer && webpack --config webpack.renderer.js",
-    "build:renderer:watch": "gulp prebuild:renderer && webpack --config webpack.renderer.js --watch",
+    "build:renderer": "webpack --config webpack.renderer.js",
+    "build:renderer:watch": "webpack --config webpack.renderer.js --watch",
    "build:dist": "npm run reset && npm run rebuild && npm run build",
    "build:cli": "webpack --config webpack.cli.js",
    "build:cli:watch": "webpack --config webpack.cli.js --watch",
@@ -38,14 +40,14 @@
    "electron": "npm run build:main && concurrently -k -n Main,Rend -c yellow,cyan \"electron --inspect=5858 ./build --watch\" \"npm run build:renderer:watch\"",
    "clean:dist": "rimraf ./dist/*",
    "clean:dist:cli": "rimraf ./dist-cli/*",
-    "pack:lin": "npm run clean:dist && build --linux --x64 -p never",
-    "pack:mac": "npm run clean:dist && build --mac -p never",
-    "pack:win": "npm run clean:dist && build --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"8bit Solutions LLC\"",
-    "pack:win:ci": "npm run clean:dist && build --win --x64 --ia32 -p never",
+    "pack:lin": "npm run clean:dist && electron-builder --linux --x64 -p never",
+    "pack:mac": "npm run clean:dist && electron-builder --mac -p never",
+    "pack:win": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"8bit Solutions LLC\"",
+    "pack:win:ci": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never",
    "pack:cli": "npm run pack:cli:win | npm run pack:cli:mac | npm run pack:cli:lin",
-    "pack:cli:win": "pkg . --targets win-x64 --output ./dist-cli/windows/bwdc.exe",
-    "pack:cli:mac": "pkg . --targets macos-x64 --output ./dist-cli/macos/bwdc",
-    "pack:cli:lin": "pkg . --targets linux-x64 --output ./dist-cli/linux/bwdc",
+    "pack:cli:win": "pkg ./src-cli --targets win-x64 --output ./dist-cli/windows/bwdc.exe",
+    "pack:cli:mac": "pkg ./src-cli --targets macos-x64 --output ./dist-cli/macos/bwdc",
+    "pack:cli:lin": "pkg ./src-cli --targets linux-x64 --output ./dist-cli/linux/bwdc",
    "dist:lin": "npm run build:dist && npm run pack:lin",
    "dist:mac": "npm run build:dist && npm run pack:mac",
    "dist:win": "npm run build:dist && npm run pack:win",
@@ -54,20 +56,31 @@
    "dist:cli:win": "npm run build:cli:prod && npm run clean:dist:cli && npm run pack:cli:win",
    "dist:cli:mac": "npm run build:cli:prod && npm run clean:dist:cli && npm run pack:cli:mac",
    "dist:cli:lin": "npm run build:cli:prod && npm run clean:dist:cli && npm run pack:cli:lin",
-    "publish:lin": "npm run build:dist && npm run clean:dist && build --linux --x64 -p always",
-    "publish:mac": "npm run build:dist && npm run clean:dist && build --mac -p always",
-    "publish:win": "npm run build:dist && npm run clean:dist && build --win --x64 --ia32 -p always -c.win.certificateSubjectName=\"8bit Solutions LLC\""
+    "publish:lin": "npm run build:dist && npm run clean:dist && electron-builder --linux --x64 -p always",
+    "publish:mac": "npm run build:dist && npm run clean:dist && electron-builder --mac -p always",
+    "publish:win": "npm run build:dist && npm run clean:dist && electron-builder --win --x64 --ia32 -p always -c.win.certificateSubjectName=\"8bit Solutions LLC\"",
+    "prettier": "prettier --write .",
+    "prepare": "husky install"
  },
  "build": {
+    "extraMetadata": {
+      "name": "bitwarden-directory-connector"
+    },
+    "productName": "Bitwarden Directory Connector",
    "appId": "com.bitwarden.directory-connector",
-    "copyright": "Copyright © 2015-2018 8bit Solutions LLC",
+    "copyright": "Copyright © 2015-2022 Bitwarden Inc.",
    "directories": {
      "buildResources": "resources",
      "output": "dist",
      "app": "build"
    },
+    "afterSign": "scripts/notarize.js",
    "mac": {
      "category": "public.app-category.productivity",
+      "gatekeeperAssess": false,
+      "hardenedRuntime": true,
+      "entitlements": "resources/entitlements.mac.plist",
+      "entitlementsInherit": "resources/entitlements.mac.plist",
      "target": [
        "dmg",
        "zip"
@@ -77,7 +90,8 @@
      "target": [
        "portable",
        "nsis"
-      ]
+      ],
+      "sign": "scripts/sign.js"
    },
    "linux": {
      "category": "Utility",
@@ -122,97 +136,80 @@
      "artifactName": "Bitwarden-Connector-${version}-${arch}.${ext}"
    }
  },
-  "bin": {
-    "bwdc": "./build-cli/bwdc.js"
-  },
-  "pkg": {
-    "assets": "./build-cli/**/*"
-  },
  "devDependencies": {
-    "@angular/compiler-cli": "^7.2.11",
+    "@angular/compiler-cli": "^12.2.13",
    "@microsoft/microsoft-graph-types": "^1.4.0",
-    "@ngtools/webpack": "^7.2.2",
-    "@types/commander": "^2.12.2",
-    "@types/form-data": "^2.2.1",
-    "@types/inquirer": "^0.0.43",
-    "@types/ldapjs": "^1.0.3",
-    "@types/lowdb": "^1.0.5",
-    "@types/lunr": "^2.1.6",
-    "@types/node": "^10.9.4",
-    "@types/node-fetch": "^2.1.2",
-    "@types/node-forge": "^0.7.5",
-    "@types/papaparse": "^4.5.3",
-    "@types/semver": "^5.5.0",
-    "@types/source-map": "0.5.2",
-    "@types/webcrypto": "^0.0.28",
-    "@types/webpack": "^4.4.11",
-    "@types/zxcvbn": "4.4.0",
-    "clean-webpack-plugin": "^0.1.19",
-    "concurrently": "^4.0.1",
-    "copy-webpack-plugin": "^4.5.2",
-    "cross-env": "^5.2.0",
-    "css-loader": "^1.0.0",
-    "del": "^3.0.0",
-    "electron": "3.0.14",
-    "electron-builder": "20.38.5",
-    "electron-rebuild": "^1.8.2",
-    "electron-reload": "^1.4.0",
-    "extract-text-webpack-plugin": "next",
-    "file-loader": "^2.0.0",
-    "font-awesome": "4.7.0",
-    "gulp": "^4.0.0",
-    "gulp-google-webfonts": "^2.0.0",
-    "html-loader": "^0.5.5",
-    "html-webpack-plugin": "^3.2.0",
-    "node-abi": "^2.5.1",
-    "node-loader": "^0.6.0",
-    "node-sass": "^4.11.0",
-    "pkg": "4.3.4",
-    "rimraf": "^2.6.2",
-    "sass-loader": "^7.1.0",
-    "ts-loader": "^5.3.3",
-    "tslint": "^5.12.1",
+    "@ngtools/webpack": "^12.2.13",
+    "@types/ldapjs": "^1.0.10",
+    "@types/node": "^16.11.12",
+    "@types/proper-lockfile": "^4.1.1",
+    "clean-webpack-plugin": "^4.0.0",
+    "concurrently": "^6.0.2",
+    "copy-webpack-plugin": "^10.0.0",
+    "cross-env": "^7.0.3",
+    "css-loader": "^6.5.1",
+    "electron-builder": "^22.14.5",
+    "electron-notarize": "^1.1.1",
+    "electron-rebuild": "^3.2.5",
+    "electron-reload": "^1.5.0",
+    "html-loader": "^3.0.1",
+    "html-webpack-plugin": "^5.5.0",
+    "husky": "^7.0.4",
+    "lint-staged": "^12.1.3",
+    "mini-css-extract-plugin": "^2.4.5",
+    "node-loader": "^2.0.0",
+    "pkg": "^5.5.1",
+    "prebuild-install": "^5.0.0",
+    "prettier": "^2.5.1",
+    "rimraf": "^3.0.2",
+    "sass": "^1.32.11",
+    "sass-loader": "^12.4.0",
+    "tapable": "^1.1.3",
+    "ts-loader": "^9.2.5",
+    "tsconfig-paths-webpack-plugin": "^3.5.1",
+    "tslint": "~6.1.0",
    "tslint-loader": "^3.5.4",
-    "typescript": "3.2.4",
-    "webpack": "^4.29.0",
-    "webpack-cli": "^3.2.1",
-    "webpack-merge": "^4.2.1",
-    "webpack-node-externals": "^1.7.2"
+    "typescript": "4.3.5",
+    "webpack": "^5.64.4",
+    "webpack-cli": "^4.9.1",
+    "webpack-merge": "^5.8.0",
+    "webpack-node-externals": "^3.0.0"
  },
  "dependencies": {
-    "@angular/animations": "7.2.1",
-    "@angular/common": "7.2.1",
-    "@angular/compiler": "7.2.1",
-    "@angular/core": "7.2.1",
-    "@angular/forms": "7.2.1",
-    "@angular/http": "7.2.1",
-    "@angular/platform-browser": "7.2.1",
-    "@angular/platform-browser-dynamic": "7.2.1",
-    "@angular/router": "7.2.1",
-    "@angular/upgrade": "7.2.1",
-    "@microsoft/microsoft-graph-client": "1.2.0",
-    "@okta/okta-sdk-nodejs": "1.2.0",
-    "angular2-toaster": "6.1.0",
-    "angulartics2": "6.3.0",
-    "big-integer": "1.6.36",
-    "bootstrap": "4.3.1",
-    "chalk": "2.4.1",
-    "commander": "2.18.0",
-    "core-js": "2.6.2",
+    "@angular/animations": "^12.2.13",
+    "@angular/cdk": "^12.2.13",
+    "@angular/common": "^12.2.13",
+    "@angular/compiler": "^12.2.13",
+    "@angular/core": "^12.2.13",
+    "@angular/forms": "^12.2.13",
+    "@angular/platform-browser": "^12.2.13",
+    "@angular/platform-browser-dynamic": "^12.2.13",
+    "@angular/router": "^12.2.13",
+    "@bitwarden/jslib-angular": "file:jslib/angular",
+    "@bitwarden/jslib-common": "file:jslib/common",
+    "@bitwarden/jslib-electron": "file:jslib/electron",
+    "@bitwarden/jslib-node": "file:jslib/node",
+    "@microsoft/microsoft-graph-client": "^2.2.1",
+    "bootstrap": "^4.6.0",
+    "chalk": "^4.1.1",
+    "commander": "^7.2.0",
+    "core-js": "^3.11.0",
    "duo_web_sdk": "git+https://github.com/duosecurity/duo_web_sdk.git",
-    "electron-log": "2.2.17",
-    "electron-store": "1.3.0",
-    "electron-updater": "4.0.6",
-    "form-data": "2.3.2",
-    "googleapis": "33.0.0",
-    "inquirer": "6.2.0",
-    "keytar": "4.4.1",
-    "ldapjs": "git+https://git@github.com/kspearrin/node-ldapjs.git",
-    "lowdb": "1.0.0",
-    "lunr": "2.3.3",
-    "node-fetch": "2.2.0",
-    "node-forge": "0.7.6",
-    "rxjs": "6.3.3",
-    "zone.js": "0.8.28"
+    "form-data": "^4.0.0",
+    "googleapis": "^73.0.0",
+    "inquirer": "8.0.0",
+    "ldapjs": "2.3.1",
+    "lunr": "^2.3.9",
+    "ngx-toastr": "14.1.4",
+    "open": "^8.0.6",
+    "proper-lockfile": "^4.1.2",
+    "rxjs": "^7.4.0"
+  },
+  "engines": {
+    "node": "~16",
+    "npm": "~8"
+  },
+  "lint-staged": {
+    "*": "prettier --ignore-unknown --write"
  }
 }
--- a/resources/entitlements.mac.plist
+++ b/resources/entitlements.mac.plist
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+	<true/>
+	<key>com.apple.security.cs.disable-library-validation</key>
+	<true/>
+</dict>
+</plist>
--- a/scripts/notarize.js
+++ b/scripts/notarize.js
@@ -0,0 +1,18 @@
+require("dotenv").config();
+const { notarize } = require("electron-notarize");
+
+exports.default = async function notarizing(context) {
+  const { electronPlatformName, appOutDir } = context;
+  if (electronPlatformName !== "darwin") {
+    return;
+  }
+  const appleId = process.env.APPLE_ID_USERNAME || process.env.APPLEID;
+  const appleIdPassword = process.env.APPLE_ID_PASSWORD || `@keychain:AC_PASSWORD`;
+  const appName = context.packager.appInfo.productFilename;
+  return await notarize({
+    appBundleId: "com.bitwarden.directory-connector",
+    appPath: `${appOutDir}/${appName}.app`,
+    appleId: appleId,
+    appleIdPassword: appleIdPassword,
+  });
+};
--- a/scripts/sign.js
+++ b/scripts/sign.js
@@ -0,0 +1,20 @@
+exports.default = async function (configuration) {
+  if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 && configuration.path.slice(-4) == ".exe") {
+    console.log(`[*] Signing file: ${configuration.path}`);
+    require("child_process").execSync(
+      `azuresigntool sign ` +
+        `-kvu ${process.env.SIGNING_VAULT_URL} ` +
+        `-kvi ${process.env.SIGNING_CLIENT_ID} ` +
+        `-kvt ${process.env.SIGNING_TENANT_ID} ` +
+        `-kvs ${process.env.SIGNING_CLIENT_SECRET} ` +
+        `-kvc ${process.env.SIGNING_CERT_NAME} ` +
+        `-fd ${configuration.hash} ` +
+        `-du ${configuration.site} ` +
+        `-tr http://timestamp.digicert.com ` +
+        `"${configuration.path}"`,
+      {
+        stdio: "inherit",
+      }
+    );
+  }
+};
--- a/src-cli/package-lock.json
+++ b/src-cli/package-lock.json
--- a/src-cli/package.json
+++ b/src-cli/package.json
@@ -0,0 +1,24 @@
+{
+  "name": "@bitwarden/directory-connector",
+  "productName": "Bitwarden Directory Connector",
+  "description": "Sync your user directory to your Bitwarden organization.",
+  "version": "2.9.5",
+  "author": "Bitwarden Inc. <hello@bitwarden.com> (https://bitwarden.com)",
+  "homepage": "https://bitwarden.com",
+  "license": "GPL-3.0",
+  "main": "main.js",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/bitwarden/directory-connector"
+  },
+  "bin": {
+    "bwdc": "../build-cli/bwdc.js"
+  },
+  "pkg": {
+    "assets": "../build-cli/**/*"
+  },
+  "dependencies": {
+    "browser-hrtime": "^1.1.8",
+    "keytar": "^7.7.0"
+  }
+}
--- a/src/abstractions/state.service.ts
+++ b/src/abstractions/state.service.ts
@@ -0,0 +1,68 @@
+import { StateService as BaseStateServiceAbstraction } from "jslib-common/abstractions/state.service";
+
+import { StorageOptions } from "jslib-common/models/domain/storageOptions";
+
+import { DirectoryType } from "src/enums/directoryType";
+
+import { Account } from "src/models/account";
+import { AzureConfiguration } from "src/models/azureConfiguration";
+import { GSuiteConfiguration } from "src/models/gsuiteConfiguration";
+import { LdapConfiguration } from "src/models/ldapConfiguration";
+import { OktaConfiguration } from "src/models/oktaConfiguration";
+import { OneLoginConfiguration } from "src/models/oneLoginConfiguration";
+import { SyncConfiguration } from "src/models/syncConfiguration";
+
+export abstract class StateService extends BaseStateServiceAbstraction<Account> {
+  getDirectory: <IConfiguration>(type: DirectoryType) => Promise<IConfiguration>;
+  setDirectory: (
+    type: DirectoryType,
+    config:
+      | LdapConfiguration
+      | GSuiteConfiguration
+      | AzureConfiguration
+      | OktaConfiguration
+      | OneLoginConfiguration
+  ) => Promise<any>;
+  getLdapKey: (options?: StorageOptions) => Promise<string>;
+  setLdapKey: (value: string, options?: StorageOptions) => Promise<void>;
+  getGsuiteKey: (options?: StorageOptions) => Promise<string>;
+  setGsuiteKey: (value: string, options?: StorageOptions) => Promise<void>;
+  getAzureKey: (options?: StorageOptions) => Promise<string>;
+  setAzureKey: (value: string, options?: StorageOptions) => Promise<void>;
+  getOktaKey: (options?: StorageOptions) => Promise<string>;
+  setOktaKey: (value: string, options?: StorageOptions) => Promise<void>;
+  getOneLoginKey: (options?: StorageOptions) => Promise<string>;
+  setOneLoginKey: (value: string, options?: StorageOptions) => Promise<void>;
+  getLdapConfiguration: (options?: StorageOptions) => Promise<LdapConfiguration>;
+  setLdapConfiguration: (value: LdapConfiguration, options?: StorageOptions) => Promise<void>;
+  getGsuiteConfiguration: (options?: StorageOptions) => Promise<GSuiteConfiguration>;
+  setGsuiteConfiguration: (value: GSuiteConfiguration, options?: StorageOptions) => Promise<void>;
+  getAzureConfiguration: (options?: StorageOptions) => Promise<AzureConfiguration>;
+  setAzureConfiguration: (value: AzureConfiguration, options?: StorageOptions) => Promise<void>;
+  getOktaConfiguration: (options?: StorageOptions) => Promise<OktaConfiguration>;
+  setOktaConfiguration: (value: OktaConfiguration, options?: StorageOptions) => Promise<void>;
+  getOneLoginConfiguration: (options?: StorageOptions) => Promise<OneLoginConfiguration>;
+  setOneLoginConfiguration: (
+    value: OneLoginConfiguration,
+    options?: StorageOptions
+  ) => Promise<void>;
+  getOrganizationId: (options?: StorageOptions) => Promise<string>;
+  setOrganizationId: (value: string, options?: StorageOptions) => Promise<void>;
+  getSync: (options?: StorageOptions) => Promise<SyncConfiguration>;
+  setSync: (value: SyncConfiguration, options?: StorageOptions) => Promise<void>;
+  getDirectoryType: (options?: StorageOptions) => Promise<DirectoryType>;
+  setDirectoryType: (value: DirectoryType, options?: StorageOptions) => Promise<void>;
+  getUserDelta: (options?: StorageOptions) => Promise<string>;
+  setUserDelta: (value: string, options?: StorageOptions) => Promise<void>;
+  getLastUserSync: (options?: StorageOptions) => Promise<Date>;
+  setLastUserSync: (value: Date, options?: StorageOptions) => Promise<void>;
+  getLastGroupSync: (options?: StorageOptions) => Promise<Date>;
+  setLastGroupSync: (value: Date, options?: StorageOptions) => Promise<void>;
+  getGroupDelta: (options?: StorageOptions) => Promise<string>;
+  setGroupDelta: (value: string, options?: StorageOptions) => Promise<void>;
+  getLastSyncHash: (options?: StorageOptions) => Promise<string>;
+  setLastSyncHash: (value: string, options?: StorageOptions) => Promise<void>;
+  getSyncingDir: (options?: StorageOptions) => Promise<boolean>;
+  setSyncingDir: (value: boolean, options?: StorageOptions) => Promise<void>;
+  clearSyncSettings: (syncHashToo: boolean) => Promise<void>;
+}
--- a/src/app/accounts/apiKey.component.html
+++ b/src/app/accounts/apiKey.component.html
@@ -0,0 +1,60 @@
+<div class="container-fluid">
+  <form #form (ngSubmit)="submit()" [appApiAction]="formPromise">
+    <div class="row justify-content-center">
+      <div class="col-md-8 col-lg-6">
+        <p class="text-center font-weight-bold">{{ "welcome" | i18n }}</p>
+        <p class="text-center">{{ "logInDesc" | i18n }}</p>
+        <div class="card">
+          <h5 class="card-header">{{ "logIn" | i18n }}</h5>
+          <div class="card-body">
+            <div class="form-group">
+              <label for="client_id">{{ "clientId" | i18n }}</label>
+              <input id="client_id" name="ClientId" [(ngModel)]="clientId" class="form-control" />
+            </div>
+            <div class="form-group">
+              <div class="row-main">
+                <label for="client_secret">{{ "clientSecret" | i18n }}</label>
+                <div class="input-group">
+                  <input
+                    type="{{ showSecret ? 'text' : 'password' }}"
+                    id="client_secret"
+                    name="ClientSecret"
+                    [(ngModel)]="clientSecret"
+                    class="form-control"
+                  />
+                  <div class="input-group-append">
+                    <button
+                      type="button"
+                      class="ml-1 btn btn-link"
+                      appA11yTitle="{{ 'toggleVisibility' | i18n }}"
+                      (click)="toggleSecret()"
+                    >
+                      <i
+                        class="bwi bwi-lg"
+                        aria-hidden="true"
+                        [ngClass]="showSecret ? 'bwi-eye-slash' : 'bwi-eye'"
+                      ></i>
+                    </button>
+                  </div>
+                </div>
+              </div>
+            </div>
+            <div class="d-flex">
+              <div>
+                <button type="submit" class="btn btn-primary" [disabled]="form.loading">
+                  <i class="bwi bwi-spinner bwi-fw bwi-spin" [hidden]="!form.loading"></i>
+                  <i class="bwi bwi-sign-in bwi-fw" [hidden]="form.loading"></i>
+                  {{ "logIn" | i18n }}
+                </button>
+              </div>
+              <button type="button" class="btn btn-link ml-auto" (click)="settings()">
+                {{ "settings" | i18n }}
+              </button>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  </form>
+</div>
+<ng-template #environment></ng-template>
--- a/src/app/accounts/apiKey.component.ts
+++ b/src/app/accounts/apiKey.component.ts
@@ -0,0 +1,103 @@
+import { Component, Input, ViewChild, ViewContainerRef } from "@angular/core";
+import { Router } from "@angular/router";
+
+import { EnvironmentComponent } from "./environment.component";
+
+import { AuthService } from "jslib-common/abstractions/auth.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
+
+import { StateService } from "../../abstractions/state.service";
+
+import { ModalService } from "jslib-angular/services/modal.service";
+
+import { HtmlStorageLocation } from "jslib-common/enums/htmlStorageLocation";
+import { Utils } from "jslib-common/misc/utils";
+
+@Component({
+  selector: "app-apiKey",
+  templateUrl: "apiKey.component.html",
+})
+export class ApiKeyComponent {
+  @ViewChild("environment", { read: ViewContainerRef, static: true })
+  environmentModal: ViewContainerRef;
+  @Input() clientId: string = "";
+  @Input() clientSecret: string = "";
+
+  formPromise: Promise<any>;
+  successRoute = "/tabs/dashboard";
+  showSecret: boolean = false;
+
+  constructor(
+    private authService: AuthService,
+    private router: Router,
+    private i18nService: I18nService,
+    private platformUtilsService: PlatformUtilsService,
+    private modalService: ModalService,
+    private logService: LogService,
+    private stateService: StateService
+  ) {}
+
+  async submit() {
+    if (this.clientId == null || this.clientId === "") {
+      this.platformUtilsService.showToast(
+        "error",
+        this.i18nService.t("errorOccurred"),
+        this.i18nService.t("clientIdRequired")
+      );
+      return;
+    }
+    if (!this.clientId.startsWith("organization")) {
+      this.platformUtilsService.showToast(
+        "error",
+        this.i18nService.t("errorOccurred"),
+        this.i18nService.t("orgApiKeyRequired")
+      );
+      return;
+    }
+    if (this.clientSecret == null || this.clientSecret === "") {
+      this.platformUtilsService.showToast(
+        "error",
+        this.i18nService.t("errorOccurred"),
+        this.i18nService.t("clientSecretRequired")
+      );
+      return;
+    }
+    const idParts = this.clientId.split(".");
+
+    if (idParts.length !== 2 || idParts[0] !== "organization" || !Utils.isGuid(idParts[1])) {
+      this.platformUtilsService.showToast(
+        "error",
+        this.i18nService.t("errorOccurred"),
+        this.i18nService.t("invalidClientId")
+      );
+      return;
+    }
+
+    try {
+      this.formPromise = this.authService.logInApiKey(this.clientId, this.clientSecret);
+      await this.formPromise;
+      const organizationId = await this.stateService.getEntityId();
+      await this.stateService.setOrganizationId(organizationId);
+      this.router.navigate([this.successRoute]);
+    } catch (e) {
+      this.logService.error(e);
+    }
+  }
+
+  async settings() {
+    const [modalRef, childComponent] = await this.modalService.openViewRef(
+      EnvironmentComponent,
+      this.environmentModal
+    );
+
+    childComponent.onSaved.subscribe(() => {
+      modalRef.close();
+    });
+  }
+  toggleSecret() {
+    this.showSecret = !this.showSecret;
+    document.getElementById("client_secret").focus();
+  }
+}
--- a/src/app/accounts/environment.component.html
+++ b/src/app/accounts/environment.component.html
@@ -2,35 +2,58 @@
  <div class="modal-dialog">
    <form class="modal-content" (ngSubmit)="submit()">
      <div class="modal-header">
-                <h3 class="modal-title">{{'settings' | i18n}}</h3>
+        <h3 class="modal-title">{{ "settings" | i18n }}</h3>
        <button type="button" class="close" data-dismiss="modal" title="Close">
          <span aria-hidden="true">&times;</span>
        </button>
      </div>
      <div class="modal-body">
-                <h4>{{'selfHostedEnvironment' | i18n}}</h4>
-                <p>{{'selfHostedEnvironmentFooter' | i18n}}</p>
+        <h4>{{ "selfHostedEnvironment" | i18n }}</h4>
+        <p>{{ "selfHostedEnvironmentFooter" | i18n }}</p>
        <div class="form-group">
-                    <label for="baseUrl">{{'baseUrl' | i18n}}</label>
-                    <input id="baseUrl" type="text" name="BaseUrl" [(ngModel)]="baseUrl" class="form-control">
-                    <small class="text-muted form-text">{{'ex' | i18n}} https://bitwarden.company.com</small>
+          <label for="baseUrl">{{ "baseUrl" | i18n }}</label>
+          <input
+            id="baseUrl"
+            type="text"
+            name="BaseUrl"
+            [(ngModel)]="baseUrl"
+            class="form-control"
+          />
+          <small class="text-muted form-text"
+            >{{ "ex" | i18n }} https://bitwarden.company.com</small
+          >
        </div>
-                <h4>{{'customEnvironment' | i18n}}</h4>
-                <p>{{'customEnvironmentFooter' | i18n}}</p>
+        <h4>{{ "customEnvironment" | i18n }}</h4>
+        <p>{{ "customEnvironmentFooter" | i18n }}</p>
        <div class="form-group">
-                    <label for="apiUrl">{{'apiUrl' | i18n}}</label>
-                    <input id="apiUrl" type="text" name="ApiUrl" [(ngModel)]="apiUrl" class="form-control">
+          <label for="webVaultUrl">{{ "webVaultUrl" | i18n }}</label>
+          <input
+            id="webVaultUrl"
+            type="text"
+            name="WebVaultUrl"
+            [(ngModel)]="webVaultUrl"
+            class="form-control"
+          />
        </div>
        <div class="form-group">
-                    <label for="identityUrl">{{'identityUrl' | i18n}}</label>
-                    <input id="identityUrl" type="text" name="IdentityUrl" [(ngModel)]="identityUrl"
-                        class="form-control">
+          <label for="apiUrl">{{ "apiUrl" | i18n }}</label>
+          <input id="apiUrl" type="text" name="ApiUrl" [(ngModel)]="apiUrl" class="form-control" />
+        </div>
+        <div class="form-group">
+          <label for="identityUrl">{{ "identityUrl" | i18n }}</label>
+          <input
+            id="identityUrl"
+            type="text"
+            name="IdentityUrl"
+            [(ngModel)]="identityUrl"
+            class="form-control"
+          />
        </div>
      </div>
      <div class="modal-footer justify-content-start">
        <button type="submit" class="btn btn-primary">
-                    <i class="fa fa-save fa-fw"></i>
-                    {{'save' | i18n}}
+          <i class="bwi bwi-save bwi-fw"></i>
+          {{ "save" | i18n }}
        </button>
      </div>
    </form>
--- a/src/app/accounts/environment.component.ts
+++ b/src/app/accounts/environment.component.ts
@@ -1,18 +1,21 @@
-import { Component } from '@angular/core';
+import { Component } from "@angular/core";

-import { EnvironmentService } from 'jslib/abstractions/environment.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { EnvironmentService } from "jslib-common/abstractions/environment.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";

-import { EnvironmentComponent as BaseEnvironmentComponent } from 'jslib/angular/components/environment.component';
+import { EnvironmentComponent as BaseEnvironmentComponent } from "jslib-angular/components/environment.component";

@Component({
-    selector: 'app-environment',
-    templateUrl: 'environment.component.html',
+  selector: "app-environment",
+  templateUrl: "environment.component.html",
 })
 export class EnvironmentComponent extends BaseEnvironmentComponent {
-    constructor(environmentService: EnvironmentService, i18nService: I18nService,
-        platformUtilsService: PlatformUtilsService) {
+  constructor(
+    environmentService: EnvironmentService,
+    i18nService: I18nService,
+    platformUtilsService: PlatformUtilsService
+  ) {
    super(platformUtilsService, environmentService, i18nService);
  }
 }
--- a/src/app/accounts/login.component.html
+++ b/src/app/accounts/login.component.html
@@ -1,35 +0,0 @@
-<div class="container-fluid">
-    <form #form (ngSubmit)="submit()" [appApiAction]="formPromise">
-        <div class="row justify-content-center">
-            <div class="col-md-8 col-lg-6">
-                <p class="text-center font-weight-bold">{{'welcome' | i18n}}</p>
-                <p class="text-center">{{'logInDesc' | i18n}}</p>
-                <div class="card">
-                    <h5 class="card-header">{{'logIn' | i18n}}</h5>
-                    <div class="card-body">
-                        <div class="form-group">
-                            <label for="email">{{'emailAddress' | i18n}}</label>
-                            <input id="email" type="text" name="Email" [(ngModel)]="email" class="form-control">
-                        </div>
-                        <div class="form-group">
-                            <div class="row-main">
-                                <label for="masterPassword">{{'masterPass' | i18n}}</label>
-                                <input id="masterPassword" type="password" name="MasterPassword"
-                                    [(ngModel)]="masterPassword" class="form-control">
-                            </div>
-                        </div>
-                        <button type="submit" class="btn btn-primary" [disabled]="form.loading">
-                            <i class="fa fa-spinner fa-fw fa-spin" [hidden]="!form.loading"></i>
-                            <i class="fa fa-sign-in fa-fw" [hidden]="form.loading"></i>
-                            {{'logIn' | i18n}}
-                        </button>
-                        <button type="button" class="btn btn-link" (click)="settings()">
-                            {{'settings' | i18n}}
-                        </button>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </form>
-</div>
-<ng-template #environment></ng-template>
--- a/src/app/accounts/login.component.ts
+++ b/src/app/accounts/login.component.ts
@@ -1,43 +0,0 @@
-import {
-    Component,
-    ComponentFactoryResolver,
-    ViewChild,
-    ViewContainerRef,
-} from '@angular/core';
-import { Router } from '@angular/router';
-
-import { EnvironmentComponent } from './environment.component';
-
-import { AuthService } from 'jslib/abstractions/auth.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { StorageService } from 'jslib/abstractions/storage.service';
-
-import { LoginComponent as BaseLoginComponent } from 'jslib/angular/components/login.component';
-import { ModalComponent } from 'jslib/angular/components/modal.component';
-
-@Component({
-    selector: 'app-login',
-    templateUrl: 'login.component.html',
-})
-export class LoginComponent extends BaseLoginComponent {
-    @ViewChild('environment', { read: ViewContainerRef }) environmentModal: ViewContainerRef;
-
-    constructor(authService: AuthService, router: Router,
-        i18nService: I18nService, private componentFactoryResolver: ComponentFactoryResolver,
-        storageService: StorageService, platformUtilsService: PlatformUtilsService) {
-        super(authService, router, platformUtilsService, i18nService, storageService);
-        super.successRoute = '/tabs/dashboard';
-    }
-
-    settings() {
-        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
-        const modal = this.environmentModal.createComponent(factory).instance;
-        const childComponent = modal.show<EnvironmentComponent>(EnvironmentComponent,
-            this.environmentModal);
-
-        childComponent.onSaved.subscribe(() => {
-            modal.close();
-        });
-    }
-}
--- a/src/app/accounts/two-factor-options.component.html
+++ b/src/app/accounts/two-factor-options.component.html
@@ -1,26 +0,0 @@
-<div class="modal fade">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <h3 class="modal-title">{{'twoStepOptions' | i18n}}</h3>
-                <button type="button" class="close" data-dismiss="modal" title="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-            </div>
-            <div class="modal-body">
-                <p *ngFor="let p of providers">
-                    <a href="#" appStopClick (click)="choose(p)">
-                        <strong>{{p.name}}</strong>
-                    </a>
-                    <br /> {{p.description}}
-                </p>
-                <p>
-                    <a href="#" (click)="recover()">
-                        <strong>{{'recoveryCodeTitle' | i18n}}</strong>
-                    </a>
-                    <br /> {{'recoveryCodeDesc' | i18n}}
-                </p>
-            </div>
-        </div>
-    </div>
-</div>
--- a/src/app/accounts/two-factor-options.component.ts
+++ b/src/app/accounts/two-factor-options.component.ts
@@ -1,21 +0,0 @@
-import { Component } from '@angular/core';
-import { Router } from '@angular/router';
-
-import { AuthService } from 'jslib/abstractions/auth.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-
-import {
-    TwoFactorOptionsComponent as BaseTwoFactorOptionsComponent,
-} from 'jslib/angular/components/two-factor-options.component';
-
-@Component({
-    selector: 'app-two-factor-options',
-    templateUrl: 'two-factor-options.component.html',
-})
-export class TwoFactorOptionsComponent extends BaseTwoFactorOptionsComponent {
-    constructor(authService: AuthService, router: Router,
-        i18nService: I18nService, platformUtilsService: PlatformUtilsService) {
-        super(authService, router, i18nService, platformUtilsService, window);
-    }
-}
--- a/src/app/accounts/two-factor.component.html
+++ b/src/app/accounts/two-factor.component.html
@@ -1,70 +0,0 @@
-<div class="container-fluid">
-    <form #form (ngSubmit)="submit()" [appApiAction]="formPromise">
-        <div class="row justify-content-center">
-            <div class="col-md-8 col-lg-6">
-                <div class="card">
-                    <h5 class="card-header">{{title}}</h5>
-                    <div class="card-body">
-                        <ng-container
-                            *ngIf="selectedProviderType === providerType.Email || selectedProviderType === providerType.Authenticator">
-                            <p *ngIf="selectedProviderType === providerType.Authenticator">
-                                {{'enterVerificationCodeApp' | i18n}}
-                            </p>
-                            <p *ngIf="selectedProviderType === providerType.Email">
-                                {{'enterVerificationCodeEmail' | i18n : twoFactorEmail}}
-                            </p>
-                            <div class="form-group">
-                                <label for="code">{{'verificationCode' | i18n}}</label>
-                                <input id="code" type="text" name="Code" [(ngModel)]="token" appAutofocus
-                                    class="form-control">
-                            </div>
-                        </ng-container>
-                        <ng-container *ngIf="selectedProviderType === providerType.Yubikey">
-                            <p>{{'insertYubiKey' | i18n}}</p>
-                            <p><img src="../../images/yubikey.jpg" class="img-fluid rounded" alt=""></p>
-                            <div class="form-group">
-                                <label for="code">{{'verificationCode' | i18n}}</label>
-                                <input id="code" type="password" name="Code" [(ngModel)]="token" appAutofocus
-                                    class="form-control">
-                            </div>
-                        </ng-container>
-                        <ng-container *ngIf="selectedProviderType === providerType.Duo ||
-                                              selectedProviderType === providerType.OrganizationDuo">
-                            <div id="duo-frame">
-                                <iframe id="duo_iframe"></iframe>
-                            </div>
-                        </ng-container>
-                        <div class="form-group"
-                            *ngIf="selectedProviderType != null && selectedProviderType !== providerType.U2f">
-                            <div class="form-check">
-                                <input class="form-check-input" type="checkbox" id="remember" [(ngModel)]="remember"
-                                    name="Remember">
-                                <label class="form-check-label" for="remember">{{'rememberMe' | i18n}}</label>
-                            </div>
-                        </div>
-                        <ng-container class="card-body"
-                            *ngIf="selectedProviderType === null || selectedProviderType === providerType.U2f">
-                            <p>{{'noTwoStepProviders' | i18n}}</p>
-                            <p>{{'noTwoStepProviders2' | i18n}}</p>
-                        </ng-container>
-                        <button type="submit" class="btn btn-primary" [disabled]="form.loading" *ngIf="selectedProviderType != null && selectedProviderType !== providerType.U2f && selectedProviderType !== providerType.Duo && 
-                        selectedProviderType !== providerType.OrganizationDuo">
-                            <i class="fa fa-sign-in fa-fw" [hidden]="form.loading"></i>
-                            <i class="fa fa-spinner fa-fw fa-spin" [hidden]="!form.loading"></i>
-                            {{'continue' | i18n}}
-                        </button>
-                        <a routerLink="/login" class="btn btn-link">{{'cancel' | i18n}}</a>
-                    </div>
-                </div>
-                <div class="text-center mt-3">
-                    <a href="#" appStopClick (click)="anotherMethod()">{{'useAnotherTwoStepMethod' | i18n}}</a>
-                    <a href="#" appStopClick (click)="sendEmail(true)" [appApiAction]="emailPromise"
-                        *ngIf="selectedProviderType === providerType.Email">
-                        {{'sendVerificationCodeEmailAgain' | i18n}}
-                    </a>
-                </div>
-            </div>
-        </div>
-    </form>
-</div>
-<ng-template #twoFactorOptions></ng-template>
--- a/src/app/accounts/two-factor.component.ts
+++ b/src/app/accounts/two-factor.component.ts
@@ -1,53 +0,0 @@
-import {
-    Component,
-    ComponentFactoryResolver,
-    ViewChild,
-    ViewContainerRef,
-} from '@angular/core';
-
-import { Router } from '@angular/router';
-
-import { TwoFactorOptionsComponent } from './two-factor-options.component';
-
-import { TwoFactorProviderType } from 'jslib/enums/twoFactorProviderType';
-
-import { ApiService } from 'jslib/abstractions/api.service';
-import { AuthService } from 'jslib/abstractions/auth.service';
-import { EnvironmentService } from 'jslib/abstractions/environment.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-
-import { ModalComponent } from 'jslib/angular/components/modal.component';
-import { TwoFactorComponent as BaseTwoFactorComponent } from 'jslib/angular/components/two-factor.component';
-
-@Component({
-    selector: 'app-two-factor',
-    templateUrl: 'two-factor.component.html',
-})
-export class TwoFactorComponent extends BaseTwoFactorComponent {
-    @ViewChild('twoFactorOptions', { read: ViewContainerRef }) twoFactorOptionsModal: ViewContainerRef;
-
-    constructor(authService: AuthService, router: Router,
-        i18nService: I18nService, apiService: ApiService,
-        platformUtilsService: PlatformUtilsService, environmentService: EnvironmentService,
-        private componentFactoryResolver: ComponentFactoryResolver) {
-        super(authService, router, i18nService, apiService, platformUtilsService, window, environmentService);
-        super.successRoute = '/tabs/dashboard';
-    }
-
-    anotherMethod() {
-        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
-        const modal = this.twoFactorOptionsModal.createComponent(factory).instance;
-        const childComponent = modal.show<TwoFactorOptionsComponent>(TwoFactorOptionsComponent,
-            this.twoFactorOptionsModal);
-
-        childComponent.onProviderSelected.subscribe(async (provider: TwoFactorProviderType) => {
-            modal.close();
-            this.selectedProviderType = provider;
-            await this.init();
-        });
-        childComponent.onRecoverSelected.subscribe(() => {
-            modal.close();
-        });
-    }
-}
--- a/src/app/app-routing.module.ts
+++ b/src/app/app-routing.module.ts
@@ -1,48 +1,43 @@
-import { NgModule } from '@angular/core';
-import {
-    RouterModule,
-    Routes,
-} from '@angular/router';
+import { NgModule } from "@angular/core";
+import { RouterModule, Routes } from "@angular/router";

-import { AuthGuardService } from './services/auth-guard.service';
-import { LaunchGuardService } from './services/launch-guard.service';
+import { AuthGuardService } from "./services/auth-guard.service";
+import { LaunchGuardService } from "./services/launch-guard.service";

-import { LoginComponent } from './accounts/login.component';
-import { TwoFactorComponent } from './accounts/two-factor.component';
-import { DashboardComponent } from './tabs/dashboard.component';
-import { MoreComponent } from './tabs/more.component';
-import { SettingsComponent } from './tabs/settings.component';
-import { TabsComponent } from './tabs/tabs.component';
+import { ApiKeyComponent } from "./accounts/apiKey.component";
+import { DashboardComponent } from "./tabs/dashboard.component";
+import { MoreComponent } from "./tabs/more.component";
+import { SettingsComponent } from "./tabs/settings.component";
+import { TabsComponent } from "./tabs/tabs.component";

 const routes: Routes = [
-    { path: '', redirectTo: '/login', pathMatch: 'full' },
+  { path: "", redirectTo: "/login", pathMatch: "full" },
  {
-        path: 'login',
-        component: LoginComponent,
+    path: "login",
+    component: ApiKeyComponent,
    canActivate: [LaunchGuardService],
  },
-    { path: '2fa', component: TwoFactorComponent },
  {
-        path: 'tabs',
+    path: "tabs",
    component: TabsComponent,
    children: [
      {
-                path: '',
-                redirectTo: '/tabs/dashboard',
-                pathMatch: 'full',
+        path: "",
+        redirectTo: "/tabs/dashboard",
+        pathMatch: "full",
      },
      {
-                path: 'dashboard',
+        path: "dashboard",
        component: DashboardComponent,
        canActivate: [AuthGuardService],
      },
      {
-                path: 'settings',
+        path: "settings",
        component: SettingsComponent,
        canActivate: [AuthGuardService],
      },
      {
-                path: 'more',
+        path: "more",
        component: MoreComponent,
        canActivate: [AuthGuardService],
      },
@@ -51,10 +46,12 @@ const routes: Routes = [
 ];

@NgModule({
-    imports: [RouterModule.forRoot(routes, {
+  imports: [
+    RouterModule.forRoot(routes, {
      useHash: true,
      /*enableTracing: true,*/
-    })],
+    }),
+  ],
  exports: [RouterModule],
 })
-export class AppRoutingModule { }
+export class AppRoutingModule {}
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@@ -1,104 +1,75 @@
-import {
-    BodyOutputType,
-    Toast,
-    ToasterConfig,
-    ToasterContainerComponent,
-    ToasterService,
-} from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';
-import { Angulartics2GoogleAnalytics } from 'angulartics2/ga';
-
 import {
  Component,
-    ComponentFactoryResolver,
  NgZone,
  OnInit,
  SecurityContext,
-    Type,
  ViewChild,
  ViewContainerRef,
-} from '@angular/core';
-import { DomSanitizer } from '@angular/platform-browser';
-import { Router } from '@angular/router';
+} from "@angular/core";
+import { DomSanitizer } from "@angular/platform-browser";
+import { Router } from "@angular/router";
+import { IndividualConfig, ToastrService } from "ngx-toastr";

-import { ModalComponent } from 'jslib/angular/components/modal.component';
+import { AuthService } from "jslib-common/abstractions/auth.service";
+import { BroadcasterService } from "jslib-common/abstractions/broadcaster.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";
+import { MessagingService } from "jslib-common/abstractions/messaging.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
+import { TokenService } from "jslib-common/abstractions/token.service";

-import { BroadcasterService } from 'jslib/angular/services/broadcaster.service';
+import { SyncService } from "../services/sync.service";

-import { ApiService } from 'jslib/abstractions/api.service';
-import { AuthService } from 'jslib/abstractions/auth.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { MessagingService } from 'jslib/abstractions/messaging.service';
-import { StateService } from 'jslib/abstractions/state.service';
-import { StorageService } from 'jslib/abstractions/storage.service';
-import { TokenService } from 'jslib/abstractions/token.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { StateService } from "../abstractions/state.service";

-import { ConfigurationService } from '../services/configuration.service';
-import { SyncService } from '../services/sync.service';
-
-const BroadcasterSubscriptionId = 'AppComponent';
+const BroadcasterSubscriptionId = "AppComponent";

@Component({
-    selector: 'app-root',
+  selector: "app-root",
  styles: [],
-    template: `
-        <toaster-container [toasterconfig]="toasterConfig"></toaster-container>
-        <ng-template #settings></ng-template>
+  template: ` <ng-template #settings></ng-template>
    <router-outlet></router-outlet>`,
 })
 export class AppComponent implements OnInit {
-    @ViewChild('settings', { read: ViewContainerRef }) settingsRef: ViewContainerRef;
+  @ViewChild("settings", { read: ViewContainerRef, static: true }) settingsRef: ViewContainerRef;

-    toasterConfig: ToasterConfig = new ToasterConfig({
-        showCloseButton: true,
-        mouseoverTimerStop: true,
-        animation: 'flyRight',
-        limit: 5,
-    });
-
-    private lastActivity: number = null;
-    private modal: ModalComponent = null;
-
-    constructor(private angulartics2GoogleAnalytics: Angulartics2GoogleAnalytics,
-        private broadcasterService: BroadcasterService, private userService: UserService,
-        private tokenService: TokenService, private storageService: StorageService,
-        private authService: AuthService, private router: Router, private analytics: Angulartics2,
-        private toasterService: ToasterService, private i18nService: I18nService,
-        private sanitizer: DomSanitizer, private ngZone: NgZone,
-        private componentFactoryResolver: ComponentFactoryResolver, private messagingService: MessagingService,
-        private configurationService: ConfigurationService, private syncService: SyncService,
-        private stateService: StateService, private apiService: ApiService) {
-        (window as any).BitwardenToasterService = toasterService;
-    }
+  constructor(
+    private broadcasterService: BroadcasterService,
+    private tokenService: TokenService,
+    private authService: AuthService,
+    private router: Router,
+    private toastrService: ToastrService,
+    private i18nService: I18nService,
+    private sanitizer: DomSanitizer,
+    private ngZone: NgZone,
+    private platformUtilsService: PlatformUtilsService,
+    private messagingService: MessagingService,
+    private syncService: SyncService,
+    private stateService: StateService,
+    private logService: LogService
+  ) {}

  ngOnInit() {
    this.broadcasterService.subscribe(BroadcasterSubscriptionId, async (message: any) => {
      this.ngZone.run(async () => {
        switch (message.command) {
-                    case 'loggedIn':
-                        if (await this.userService.isAuthenticated()) {
-                            const profile = await this.apiService.getProfile();
-                            this.stateService.save('profileOrganizations', profile.organizations);
-                        }
+          case "syncScheduleStarted":
+          case "syncScheduleStopped":
+            this.stateService.setSyncingDir(message.command === "syncScheduleStarted");
            break;
-                    case 'syncScheduleStarted':
-                    case 'syncScheduleStopped':
-                        this.stateService.save('syncingDir', message.command === 'syncScheduleStarted');
-                        break;
-                    case 'logout':
+          case "logout":
            this.logOut(!!message.expired);
            break;
-                    case 'checkDirSync':
+          case "checkDirSync":
            try {
-                            const syncConfig = await this.configurationService.getSync();
+              const syncConfig = await this.stateService.getSync();
              if (syncConfig.interval == null || syncConfig.interval < 5) {
                return;
              }

              const syncInterval = syncConfig.interval * 60000;
-                            const lastGroupSync = await this.configurationService.getLastGroupSyncDate();
-                            const lastUserSync = await this.configurationService.getLastUserSyncDate();
+              const lastGroupSync = await this.stateService.getLastGroupSync();
+              const lastUserSync = await this.stateService.getLastUserSync();
              let lastSync: Date = null;
              if (lastGroupSync != null && lastUserSync == null) {
                lastSync = lastGroupSync;
@@ -120,17 +91,18 @@ export class AppComponent implements OnInit {
              if (lastSyncAgo >= syncInterval) {
                await this.syncService.sync(false, false);
              }
-                        } catch { }
+            } catch (e) {
+              this.logService.error(e);
+            }

-                        this.messagingService.send('scheduleNextDirSync');
+            this.messagingService.send("scheduleNextDirSync");
            break;
-                    case 'showToast':
+          case "showToast":
            this.showToast(message);
            break;
-                    case 'analyticsEventTrack':
-                        this.analytics.eventTrack.next({
-                            action: message.action,
-                            properties: { label: message.label },
+          case "ssoCallback":
+            this.router.navigate(["sso"], {
+              queryParams: { code: message.code, state: message.state },
            });
            break;
          default:
@@ -144,61 +116,46 @@ export class AppComponent implements OnInit {
  }

  private async logOut(expired: boolean) {
-        const userId = await this.userService.getUserId();
-
-        await Promise.all([
-            this.tokenService.clearToken(),
-            this.userService.clear(),
-        ]);
+    await this.tokenService.clearToken();
+    await this.stateService.clean();

    this.authService.logOut(async () => {
-            this.analytics.eventTrack.next({ action: 'Logged Out' });
      if (expired) {
-                this.toasterService.popAsync('warning', this.i18nService.t('loggedOut'),
-                    this.i18nService.t('loginExpired'));
+        this.platformUtilsService.showToast(
+          "warning",
+          this.i18nService.t("loggedOut"),
+          this.i18nService.t("loginExpired")
+        );
      }
-            this.router.navigate(['login']);
-        });
-    }
-
-    private openModal<T>(type: Type<T>, ref: ViewContainerRef) {
-        if (this.modal != null) {
-            this.modal.close();
-        }
-
-        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
-        this.modal = ref.createComponent(factory).instance;
-        const childComponent = this.modal.show<T>(type, ref);
-
-        this.modal.onClosed.subscribe(() => {
-            this.modal = null;
+      this.router.navigate(["login"]);
    });
  }

  private showToast(msg: any) {
-        const toast: Toast = {
-            type: msg.type,
-            title: msg.title,
-        };
-        if (typeof (msg.text) === 'string') {
-            toast.body = msg.text;
+    let message = "";
+
+    const options: Partial<IndividualConfig> = {};
+
+    if (typeof msg.text === "string") {
+      message = msg.text;
    } else if (msg.text.length === 1) {
-            toast.body = msg.text[0];
+      message = msg.text[0];
    } else {
-            let message = '';
-            msg.text.forEach((t: string) =>
-                message += ('<p>' + this.sanitizer.sanitize(SecurityContext.HTML, t) + '</p>'));
-            toast.body = message;
-            toast.bodyOutputType = BodyOutputType.TrustedHtml;
+      msg.text.forEach(
+        (t: string) =>
+          (message += "<p>" + this.sanitizer.sanitize(SecurityContext.HTML, t) + "</p>")
+      );
+      options.enableHtml = true;
    }
    if (msg.options != null) {
      if (msg.options.trustedHtml === true) {
-                toast.bodyOutputType = BodyOutputType.TrustedHtml;
+        options.enableHtml = true;
      }
      if (msg.options.timeout != null && msg.options.timeout > 0) {
-                toast.timeout = msg.options.timeout;
+        options.timeOut = msg.options.timeout;
      }
    }
-        this.toasterService.popAsync(toast);
+
+    this.toastrService.show(message, msg.title, options, "toast-" + msg.type);
  }
 }
--- a/src/app/app.module.ts
+++ b/src/app/app.module.ts
@@ -1,43 +1,38 @@
-import 'core-js';
-import 'zone.js/dist/zone';
+import "core-js/stable";
+import "zone.js/dist/zone";

-import { ToasterModule } from 'angular2-toaster';
-import { Angulartics2Module } from 'angulartics2';
-import { Angulartics2GoogleAnalytics } from 'angulartics2/ga';
+import { AppRoutingModule } from "./app-routing.module";
+import { ServicesModule } from "./services/services.module";

-import { AppRoutingModule } from './app-routing.module';
-import { ServicesModule } from './services/services.module';
+import { NgModule } from "@angular/core";
+import { FormsModule } from "@angular/forms";
+import { BrowserModule } from "@angular/platform-browser";
+import { BrowserAnimationsModule } from "@angular/platform-browser/animations";

-import { NgModule } from '@angular/core';
-import { FormsModule } from '@angular/forms';
-import { BrowserModule } from '@angular/platform-browser';
-import { BrowserAnimationsModule } from '@angular/platform-browser/animations';
+import { AppComponent } from "./app.component";

-import { AppComponent } from './app.component';
+import { CalloutComponent } from "jslib-angular/components/callout.component";
+import { IconComponent } from "jslib-angular/components/icon.component";
+import { BitwardenToastModule } from "jslib-angular/components/toastr.component";

-import { IconComponent } from 'jslib/angular/components/icon.component';
-import { ModalComponent } from 'jslib/angular/components/modal.component';
+import { ApiKeyComponent } from "./accounts/apiKey.component";
+import { EnvironmentComponent } from "./accounts/environment.component";
+import { DashboardComponent } from "./tabs/dashboard.component";
+import { MoreComponent } from "./tabs/more.component";
+import { SettingsComponent } from "./tabs/settings.component";
+import { TabsComponent } from "./tabs/tabs.component";

-import { EnvironmentComponent } from './accounts/environment.component';
-import { LoginComponent } from './accounts/login.component';
-import { TwoFactorOptionsComponent } from './accounts/two-factor-options.component';
-import { TwoFactorComponent } from './accounts/two-factor.component';
-import { DashboardComponent } from './tabs/dashboard.component';
-import { MoreComponent } from './tabs/more.component';
-import { SettingsComponent } from './tabs/settings.component';
-import { TabsComponent } from './tabs/tabs.component';
+import { A11yTitleDirective } from "jslib-angular/directives/a11y-title.directive";
+import { ApiActionDirective } from "jslib-angular/directives/api-action.directive";
+import { AutofocusDirective } from "jslib-angular/directives/autofocus.directive";
+import { BlurClickDirective } from "jslib-angular/directives/blur-click.directive";
+import { BoxRowDirective } from "jslib-angular/directives/box-row.directive";
+import { FallbackSrcDirective } from "jslib-angular/directives/fallback-src.directive";
+import { StopClickDirective } from "jslib-angular/directives/stop-click.directive";
+import { StopPropDirective } from "jslib-angular/directives/stop-prop.directive";

-import { A11yTitleDirective } from 'jslib/angular/directives/a11y-title.directive';
-import { ApiActionDirective } from 'jslib/angular/directives/api-action.directive';
-import { AutofocusDirective } from 'jslib/angular/directives/autofocus.directive';
-import { BlurClickDirective } from 'jslib/angular/directives/blur-click.directive';
-import { BoxRowDirective } from 'jslib/angular/directives/box-row.directive';
-import { FallbackSrcDirective } from 'jslib/angular/directives/fallback-src.directive';
-import { StopClickDirective } from 'jslib/angular/directives/stop-click.directive';
-import { StopPropDirective } from 'jslib/angular/directives/stop-prop.directive';
-
-import { I18nPipe } from 'jslib/angular/pipes/i18n.pipe';
-import { SearchCiphersPipe } from 'jslib/angular/pipes/search-ciphers.pipe';
+import { I18nPipe } from "jslib-angular/pipes/i18n.pipe";
+import { SearchCiphersPipe } from "jslib-angular/pipes/search-ciphers.pipe";

@NgModule({
  imports: [
@@ -46,42 +41,34 @@ import { SearchCiphersPipe } from 'jslib/angular/pipes/search-ciphers.pipe';
    FormsModule,
    AppRoutingModule,
    ServicesModule,
-        Angulartics2Module.forRoot([Angulartics2GoogleAnalytics], {
-            pageTracking: {
-                clearQueryParams: true,
-            },
+    BitwardenToastModule.forRoot({
+      maxOpened: 5,
+      autoDismiss: true,
+      closeButton: true,
    }),
-        ToasterModule.forRoot(),
  ],
  declarations: [
    A11yTitleDirective,
    ApiActionDirective,
+    ApiKeyComponent,
    AppComponent,
    AutofocusDirective,
    BlurClickDirective,
    BoxRowDirective,
+    CalloutComponent,
    DashboardComponent,
    EnvironmentComponent,
    FallbackSrcDirective,
    I18nPipe,
    IconComponent,
-        LoginComponent,
-        ModalComponent,
    MoreComponent,
    SearchCiphersPipe,
    SettingsComponent,
    StopClickDirective,
    StopPropDirective,
    TabsComponent,
-        TwoFactorComponent,
-        TwoFactorOptionsComponent,
-    ],
-    entryComponents: [
-        EnvironmentComponent,
-        ModalComponent,
-        TwoFactorOptionsComponent,
  ],
  providers: [],
  bootstrap: [AppComponent],
 })
-export class AppModule { }
+export class AppModule {}
--- a/src/app/dummy.module.ts
+++ b/src/app/dummy.module.ts
@@ -1,16 +0,0 @@
-import { NgModule } from '@angular/core';
-
-import { InputVerbatimDirective } from 'jslib/angular/directives/input-verbatim.directive';
-import { TrueFalseValueDirective } from 'jslib/angular/directives/true-false-value.directive';
-import { SearchPipe } from 'jslib/angular/pipes/search.pipe';
-
-@NgModule({
-    imports: [],
-    declarations: [
-        InputVerbatimDirective,
-        TrueFalseValueDirective,
-        SearchPipe,
-    ],
-})
-export class DummyModule {
-}
--- a/src/app/main.ts
+++ b/src/app/main.ts
@@ -1,12 +1,12 @@
-import { enableProdMode } from '@angular/core';
-import { platformBrowserDynamic } from '@angular/platform-browser-dynamic';
+import { enableProdMode } from "@angular/core";
+import { platformBrowserDynamic } from "@angular/platform-browser-dynamic";

-import { isDev } from 'jslib/electron/utils';
+import { isDev } from "jslib-electron/utils";

 // tslint:disable-next-line
-require('../scss/styles.scss');
+require("../scss/styles.scss");

-import { AppModule } from './app.module';
+import { AppModule } from "./app.module";

 if (!isDev()) {
  enableProdMode();
--- a/src/app/services/auth-guard.service.ts
+++ b/src/app/services/auth-guard.service.ts
@@ -1,21 +1,18 @@
-import { Injectable } from '@angular/core';
-import {
-    CanActivate,
-    Router,
-} from '@angular/router';
+import { Injectable } from "@angular/core";
+import { CanActivate } from "@angular/router";

-import { MessagingService } from 'jslib/abstractions/messaging.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { MessagingService } from "jslib-common/abstractions/messaging.service";
+
+import { StateService } from "../../abstractions/state.service";

@Injectable()
 export class AuthGuardService implements CanActivate {
-    constructor(private userService: UserService, private router: Router,
-        private messagingService: MessagingService) { }
+  constructor(private stateService: StateService, private messagingService: MessagingService) {}

  async canActivate() {
-        const isAuthed = await this.userService.isAuthenticated();
+    const isAuthed = await this.stateService.getIsAuthenticated();
    if (!isAuthed) {
-            this.messagingService.send('logout');
+      this.messagingService.send("logout");
      return false;
    }

--- a/src/app/services/launch-guard.service.ts
+++ b/src/app/services/launch-guard.service.ts
@@ -1,22 +1,19 @@
-import { Injectable } from '@angular/core';
-import {
-    CanActivate,
-    Router,
-} from '@angular/router';
+import { Injectable } from "@angular/core";
+import { CanActivate, Router } from "@angular/router";

-import { UserService } from 'jslib/abstractions/user.service';
+import { StateService } from "../../abstractions/state.service";

@Injectable()
 export class LaunchGuardService implements CanActivate {
-    constructor(private userService: UserService, private router: Router) { }
+  constructor(private stateService: StateService, private router: Router) {}

  async canActivate() {
-        const isAuthed = await this.userService.isAuthenticated();
+    const isAuthed = await this.stateService.getIsAuthenticated();
    if (!isAuthed) {
      return true;
    }

-        this.router.navigate(['/tabs/dashboard']);
+    this.router.navigate(["/tabs/dashboard"]);
    return false;
  }
 }
--- a/src/app/services/services.module.ts
+++ b/src/app/services/services.module.ts
@@ -1,146 +1,237 @@
-import { remote } from 'electron';
+import { APP_INITIALIZER, Injector, NgModule } from "@angular/core";

-import {
-    APP_INITIALIZER,
-    NgModule,
-} from '@angular/core';
+import { ElectronLogService } from "jslib-electron/services/electronLog.service";
+import { ElectronPlatformUtilsService } from "jslib-electron/services/electronPlatformUtils.service";
+import { ElectronRendererMessagingService } from "jslib-electron/services/electronRendererMessaging.service";
+import { ElectronRendererSecureStorageService } from "jslib-electron/services/electronRendererSecureStorage.service";
+import { ElectronRendererStorageService } from "jslib-electron/services/electronRendererStorage.service";

-import { ToasterModule } from 'angular2-toaster';
+import { AuthGuardService } from "./auth-guard.service";
+import { LaunchGuardService } from "./launch-guard.service";

-import { ElectronLogService } from 'jslib/electron/services/electronLog.service';
-import { ElectronPlatformUtilsService } from 'jslib/electron/services/electronPlatformUtils.service';
-import { ElectronRendererMessagingService } from 'jslib/electron/services/electronRendererMessaging.service';
-import { ElectronRendererSecureStorageService } from 'jslib/electron/services/electronRendererSecureStorage.service';
-import { ElectronStorageService } from 'jslib/electron/services/electronStorage.service';
+import { I18nService } from "../../services/i18n.service";
+import { SyncService } from "../../services/sync.service";

-import { AuthGuardService } from './auth-guard.service';
-import { LaunchGuardService } from './launch-guard.service';
+import { JslibServicesModule } from "jslib-angular/services/jslib-services.module";

-import { ConfigurationService } from '../../services/configuration.service';
-import { I18nService } from '../../services/i18n.service';
-import { SyncService } from '../../services/sync.service';
+import { ContainerService } from "jslib-common/services/container.service";

-import { BroadcasterService } from 'jslib/angular/services/broadcaster.service';
-import { ValidationService } from 'jslib/angular/services/validation.service';
+import { NodeApiService } from "jslib-node/services/nodeApi.service";
+import { NodeCryptoFunctionService } from "jslib-node/services/nodeCryptoFunction.service";

-import { Analytics } from 'jslib/misc/analytics';
+import { ApiService as ApiServiceAbstraction } from "jslib-common/abstractions/api.service";
+import { AppIdService as AppIdServiceAbstraction } from "jslib-common/abstractions/appId.service";
+import { AuthService as AuthServiceAbstraction } from "jslib-common/abstractions/auth.service";
+import { BroadcasterService as BroadcasterServiceAbstraction } from "jslib-common/abstractions/broadcaster.service";
+import { CryptoService as CryptoServiceAbstraction } from "jslib-common/abstractions/crypto.service";
+import { CryptoFunctionService as CryptoFunctionServiceAbstraction } from "jslib-common/abstractions/cryptoFunction.service";
+import { EnvironmentService as EnvironmentServiceAbstraction } from "jslib-common/abstractions/environment.service";
+import { I18nService as I18nServiceAbstraction } from "jslib-common/abstractions/i18n.service";
+import { KeyConnectorService as KeyConnectorServiceAbstraction } from "jslib-common/abstractions/keyConnector.service";
+import { LogService as LogServiceAbstraction } from "jslib-common/abstractions/log.service";
+import { MessagingService as MessagingServiceAbstraction } from "jslib-common/abstractions/messaging.service";
+import { PlatformUtilsService as PlatformUtilsServiceAbstraction } from "jslib-common/abstractions/platformUtils.service";
+import { StateMigrationService as StateMigrationServiceAbstraction } from "jslib-common/abstractions/stateMigration.service";
+import { StorageService as StorageServiceAbstraction } from "jslib-common/abstractions/storage.service";
+import { TokenService as TokenServiceAbstraction } from "jslib-common/abstractions/token.service";
+import { VaultTimeoutService as VaultTimeoutServiceAbstraction } from "jslib-common/abstractions/vaultTimeout.service";

-import { ApiService } from 'jslib/services/api.service';
-import { AppIdService } from 'jslib/services/appId.service';
-import { AuthService } from 'jslib/services/auth.service';
-import { ConstantsService } from 'jslib/services/constants.service';
-import { ContainerService } from 'jslib/services/container.service';
-import { CryptoService } from 'jslib/services/crypto.service';
-import { EnvironmentService } from 'jslib/services/environment.service';
-import { NodeCryptoFunctionService } from 'jslib/services/nodeCryptoFunction.service';
-import { StateService } from 'jslib/services/state.service';
-import { TokenService } from 'jslib/services/token.service';
-import { UserService } from 'jslib/services/user.service';
+import { StateService as StateServiceAbstraction } from "../../abstractions/state.service";

-import { ApiService as ApiServiceAbstraction } from 'jslib/abstractions/api.service';
-import { AppIdService as AppIdServiceAbstraction } from 'jslib/abstractions/appId.service';
-import { AuthService as AuthServiceAbstraction } from 'jslib/abstractions/auth.service';
-import { CryptoService as CryptoServiceAbstraction } from 'jslib/abstractions/crypto.service';
-import { CryptoFunctionService as CryptoFunctionServiceAbstraction } from 'jslib/abstractions/cryptoFunction.service';
-import { EnvironmentService as EnvironmentServiceAbstraction } from 'jslib/abstractions/environment.service';
-import { I18nService as I18nServiceAbstraction } from 'jslib/abstractions/i18n.service';
-import { LogService as LogServiceAbstraction } from 'jslib/abstractions/log.service';
-import { MessagingService as MessagingServiceAbstraction } from 'jslib/abstractions/messaging.service';
-import { PlatformUtilsService as PlatformUtilsServiceAbstraction } from 'jslib/abstractions/platformUtils.service';
-import { StateService as StateServiceAbstraction } from 'jslib/abstractions/state.service';
-import { StorageService as StorageServiceAbstraction } from 'jslib/abstractions/storage.service';
-import { TokenService as TokenServiceAbstraction } from 'jslib/abstractions/token.service';
-import { UserService as UserServiceAbstraction } from 'jslib/abstractions/user.service';
+import { ApiService, refreshToken } from "../../services/api.service";
+import { AuthService } from "../../services/auth.service";
+import { StateService } from "../../services/state.service";
+import { StateMigrationService } from "../../services/stateMigration.service";

-const logService = new ElectronLogService();
-const i18nService = new I18nService(window.navigator.language, './locales');
-const stateService = new StateService();
-const broadcasterService = new BroadcasterService();
-const messagingService = new ElectronRendererMessagingService(broadcasterService);
-const platformUtilsService = new ElectronPlatformUtilsService(i18nService, messagingService, true);
-const storageService: StorageServiceAbstraction = new ElectronStorageService(remote.app.getPath('userData'));
-const secureStorageService: StorageServiceAbstraction = new ElectronRendererSecureStorageService();
-const cryptoFunctionService: CryptoFunctionServiceAbstraction = new NodeCryptoFunctionService();
-const cryptoService = new CryptoService(storageService, secureStorageService, cryptoFunctionService);
-const appIdService = new AppIdService(storageService);
-const tokenService = new TokenService(storageService);
-const apiService = new ApiService(tokenService, platformUtilsService,
-    async (expired: boolean) => messagingService.send('logout', { expired: expired }));
-const environmentService = new EnvironmentService(apiService, storageService, null);
-const userService = new UserService(tokenService, storageService);
-const containerService = new ContainerService(cryptoService);
-const authService = new AuthService(cryptoService, apiService, userService, tokenService, appIdService,
-    i18nService, platformUtilsService, messagingService, false);
-const configurationService = new ConfigurationService(storageService, secureStorageService);
-const syncService = new SyncService(configurationService, logService, cryptoFunctionService, apiService,
-    messagingService, i18nService);
+import { Account } from "../../models/account";

-const analytics = new Analytics(window, () => true, platformUtilsService, storageService, appIdService);
-containerService.attachToWindow(window);
+import { StateFactory } from "jslib-common/factories/stateFactory";

-export function initFactory(): Function {
+import { GlobalState } from "jslib-common/models/domain/globalState";
+
+function refreshTokenCallback(injector: Injector) {
+  return () => {
+    const stateService = injector.get(StateServiceAbstraction);
+    const authService = injector.get(AuthServiceAbstraction);
+    return refreshToken(stateService, authService);
+  };
+}
+
+export function initFactory(
+  environmentService: EnvironmentServiceAbstraction,
+  i18nService: I18nService,
+  authService: AuthService,
+  platformUtilsService: PlatformUtilsServiceAbstraction,
+  stateService: StateServiceAbstraction,
+  cryptoService: CryptoServiceAbstraction
+): Function {
  return async () => {
+    await stateService.init();
    await environmentService.setUrlsFromStorage();
    await i18nService.init();
    authService.init();
    const htmlEl = window.document.documentElement;
-        htmlEl.classList.add('os_' + platformUtilsService.getDeviceString());
-        htmlEl.classList.add('locale_' + i18nService.translationLocale);
-        window.document.title = i18nService.t('bitwardenDirectoryConnector');
+    htmlEl.classList.add("os_" + platformUtilsService.getDeviceString());
+    htmlEl.classList.add("locale_" + i18nService.translationLocale);
+    window.document.title = i18nService.t("bitwardenDirectoryConnector");

    let installAction = null;
-        const installedVersion = await storageService.get<string>(ConstantsService.installedVersionKey);
-        const currentVersion = platformUtilsService.getApplicationVersion();
+    const installedVersion = await stateService.getInstalledVersion();
+    const currentVersion = await platformUtilsService.getApplicationVersion();
    if (installedVersion == null) {
-            installAction = 'install';
+      installAction = "install";
    } else if (installedVersion !== currentVersion) {
-            installAction = 'update';
+      installAction = "update";
    }

    if (installAction != null) {
-            await storageService.save(ConstantsService.installedVersionKey, currentVersion);
+      await stateService.setInstalledVersion(currentVersion);
    }

-        window.setTimeout(async () => {
-            if (await userService.isAuthenticated()) {
-                const profile = await apiService.getProfile();
-                stateService.save('profileOrganizations', profile.organizations);
-            }
-        }, 500);
+    const containerService = new ContainerService(cryptoService);
+    containerService.attachToWindow(window);
  };
 }

@NgModule({
-    imports: [
-        ToasterModule,
-    ],
+  imports: [JslibServicesModule],
  declarations: [],
  providers: [
-        ValidationService,
-        AuthGuardService,
-        LaunchGuardService,
-        { provide: AuthServiceAbstraction, useValue: authService },
-        { provide: EnvironmentServiceAbstraction, useValue: environmentService },
-        { provide: TokenServiceAbstraction, useValue: tokenService },
-        { provide: I18nServiceAbstraction, useValue: i18nService },
-        { provide: CryptoServiceAbstraction, useValue: cryptoService },
-        { provide: PlatformUtilsServiceAbstraction, useValue: platformUtilsService },
-        { provide: ApiServiceAbstraction, useValue: apiService },
-        { provide: UserServiceAbstraction, useValue: userService },
-        { provide: MessagingServiceAbstraction, useValue: messagingService },
-        { provide: BroadcasterService, useValue: broadcasterService },
-        { provide: StorageServiceAbstraction, useValue: storageService },
-        { provide: StateServiceAbstraction, useValue: stateService },
-        { provide: LogServiceAbstraction, useValue: logService },
-        { provide: ConfigurationService, useValue: configurationService },
-        { provide: SyncService, useValue: syncService },
    {
      provide: APP_INITIALIZER,
      useFactory: initFactory,
-            deps: [],
+      deps: [
+        EnvironmentServiceAbstraction,
+        I18nServiceAbstraction,
+        AuthServiceAbstraction,
+        PlatformUtilsServiceAbstraction,
+        StateServiceAbstraction,
+        CryptoServiceAbstraction,
+      ],
      multi: true,
    },
+    { provide: LogServiceAbstraction, useClass: ElectronLogService, deps: [] },
+    {
+      provide: I18nServiceAbstraction,
+      useFactory: (window: Window) => new I18nService(window.navigator.language, "./locales"),
+      deps: ["WINDOW"],
+    },
+    {
+      provide: MessagingServiceAbstraction,
+      useClass: ElectronRendererMessagingService,
+      deps: [BroadcasterServiceAbstraction],
+    },
+    { provide: StorageServiceAbstraction, useClass: ElectronRendererStorageService },
+    { provide: "SECURE_STORAGE", useClass: ElectronRendererSecureStorageService },
+    {
+      provide: PlatformUtilsServiceAbstraction,
+      useFactory: (
+        i18nService: I18nServiceAbstraction,
+        messagingService: MessagingServiceAbstraction,
+        stateService: StateServiceAbstraction
+      ) => new ElectronPlatformUtilsService(i18nService, messagingService, true, stateService),
+      deps: [I18nServiceAbstraction, MessagingServiceAbstraction, StateServiceAbstraction],
+    },
+    { provide: CryptoFunctionServiceAbstraction, useClass: NodeCryptoFunctionService, deps: [] },
+    {
+      provide: ApiServiceAbstraction,
+      useFactory: (
+        tokenService: TokenServiceAbstraction,
+        platformUtilsService: PlatformUtilsServiceAbstraction,
+        environmentService: EnvironmentServiceAbstraction,
+        messagingService: MessagingServiceAbstraction,
+        injector: Injector
+      ) =>
+        new NodeApiService(
+          tokenService,
+          platformUtilsService,
+          environmentService,
+          async (expired: boolean) => messagingService.send("logout", { expired: expired }),
+          "Bitwarden_DC/" +
+            platformUtilsService.getApplicationVersion() +
+            " (" +
+            platformUtilsService.getDeviceString().toUpperCase() +
+            ")",
+          refreshTokenCallback(injector)
+        ),
+      deps: [
+        TokenServiceAbstraction,
+        PlatformUtilsServiceAbstraction,
+        EnvironmentServiceAbstraction,
+        MessagingServiceAbstraction,
+        Injector,
+      ],
+    },
+    {
+      provide: AuthServiceAbstraction,
+      useClass: AuthService,
+      deps: [
+        CryptoServiceAbstraction,
+        ApiServiceAbstraction,
+        TokenServiceAbstraction,
+        AppIdServiceAbstraction,
+        I18nServiceAbstraction,
+        PlatformUtilsServiceAbstraction,
+        MessagingServiceAbstraction,
+        VaultTimeoutServiceAbstraction,
+        LogServiceAbstraction,
+        CryptoFunctionServiceAbstraction,
+        EnvironmentServiceAbstraction,
+        KeyConnectorServiceAbstraction,
+        StateServiceAbstraction,
+      ],
+    },
+    {
+      provide: SyncService,
+      useClass: SyncService,
+      deps: [
+        LogServiceAbstraction,
+        CryptoFunctionServiceAbstraction,
+        ApiServiceAbstraction,
+        MessagingServiceAbstraction,
+        I18nServiceAbstraction,
+        EnvironmentServiceAbstraction,
+        StateServiceAbstraction,
+      ],
+    },
+    AuthGuardService,
+    LaunchGuardService,
+    {
+      provide: StateMigrationServiceAbstraction,
+      useFactory: (
+        storageService: StorageServiceAbstraction,
+        secureStorageService: StorageServiceAbstraction
+      ) =>
+        new StateMigrationService(
+          storageService,
+          secureStorageService,
+          new StateFactory(GlobalState, Account)
+        ),
+      deps: [StorageServiceAbstraction, "SECURE_STORAGE"],
+    },
+    {
+      provide: StateServiceAbstraction,
+      useFactory: (
+        storageService: StorageServiceAbstraction,
+        secureStorageService: StorageServiceAbstraction,
+        logService: LogServiceAbstraction,
+        stateMigrationService: StateMigrationServiceAbstraction
+      ) =>
+        new StateService(
+          storageService,
+          secureStorageService,
+          logService,
+          stateMigrationService,
+          true,
+          new StateFactory(GlobalState, Account)
+        ),
+      deps: [
+        StorageServiceAbstraction,
+        "SECURE_STORAGE",
+        LogServiceAbstraction,
+        StateMigrationServiceAbstraction,
+      ],
+    },
  ],
 })
-export class ServicesModule {
-}
+export class ServicesModule {}
--- a/src/app/tabs/dashboard.component.html
+++ b/src/app/tabs/dashboard.component.html
@@ -1,91 +1,108 @@
 <div class="card mb-3">
-    <h3 class="card-header">{{'sync' | i18n}}</h3>
+  <h3 class="card-header">{{ "sync" | i18n }}</h3>
  <div class="card-body">
    <p>
-            {{'lastGroupSync' | i18n}}:
+      {{ "lastGroupSync" | i18n }}:
      <span *ngIf="!lastGroupSync">-</span>
-            {{lastGroupSync | date:'medium'}}
-            <br /> {{'lastUserSync' | i18n}}:
+      {{ lastGroupSync | date: "medium" }}
+      <br />
+      {{ "lastUserSync" | i18n }}:
      <span *ngIf="!lastUserSync">-</span>
-            {{lastUserSync | date:'medium'}}
+      {{ lastUserSync | date: "medium" }}
    </p>
    <p>
-            {{'syncStatus' | i18n}}:
-            <strong *ngIf="syncRunning" class="text-success">{{'running' | i18n}}</strong>
-            <strong *ngIf="!syncRunning" class="text-danger">{{'stopped' | i18n}}</strong>
+      {{ "syncStatus" | i18n }}:
+      <strong *ngIf="syncRunning" class="text-success">{{ "running" | i18n }}</strong>
+      <strong *ngIf="!syncRunning" class="text-danger">{{ "stopped" | i18n }}</strong>
    </p>
-        <button #startBtn (click)="start()" [appApiAction]="startPromise" class="btn btn-primary"
-            [disabled]="startBtn.loading">
-            <i class="fa fa-play fa-fw" [hidden]="startBtn.loading"></i>
-            <i class="fa fa-spinner fa-fw fa-spin" [hidden]="!startBtn.loading"></i>
-            {{'startSync' | i18n}}
+    <form #startForm [appApiAction]="startPromise" class="d-inline">
+      <button (click)="start()" class="btn btn-primary" [disabled]="startForm.loading">
+        <i class="bwi bwi-play bwi-fw" [hidden]="startForm.loading"></i>
+        <i class="bwi bwi-spinner bwi-fw bwi-spin" [hidden]="!startForm.loading"></i>
+        {{ "startSync" | i18n }}
      </button>
+    </form>
    <button (click)="stop()" class="btn btn-primary">
-            <i class="fa fa-stop fa-fw"></i>
-            {{'stopSync' | i18n}}
+      <i class="bwi bwi-stop bwi-fw"></i>
+      {{ "stopSync" | i18n }}
    </button>
-        <button #syncBtn (click)="sync()" [appApiAction]="syncPromise" class="btn btn-primary"
-            [disabled]="syncBtn.loading">
-            <i class="fa fa-refresh fa-fw" [ngClass]="{'fa-spin': syncBtn.loading}"></i>
-            {{'syncNow' | i18n}}
+    <form #syncForm [appApiAction]="syncPromise" class="d-inline">
+      <button (click)="sync()" class="btn btn-primary" [disabled]="syncForm.loading">
+        <i class="bwi bwi-refresh bwi-fw" [ngClass]="{ 'bwi-spin': syncForm.loading }"></i>
+        {{ "syncNow" | i18n }}
      </button>
+    </form>
  </div>
 </div>
 <div class="card">
-    <h3 class="card-header">{{'testing' | i18n}}</h3>
+  <h3 class="card-header">{{ "testing" | i18n }}</h3>
  <div class="card-body">
-        <p>{{'testingDesc' | i18n}}</p>
-        <button #simBtn (click)="simulate()" [appApiAction]="simPromise" class="btn btn-primary"
-            [disabled]="simBtn.loading">
-            <i class="fa fa-spinner fa-fw fa-spin" [hidden]="!simBtn.loading"></i>
-            <i class="fa fa-bug fa-fw" [hidden]="simBtn.loading"></i>
-            {{'testNow' | i18n}}
+    <p>{{ "testingDesc" | i18n }}</p>
+    <form #simForm [appApiAction]="simPromise" class="d-inline">
+      <button (click)="simulate()" class="btn btn-primary" [disabled]="simForm.loading">
+        <i class="bwi bwi-spinner bwi-fw bwi-spin" [hidden]="!simForm.loading"></i>
+        <i class="bwi bwi-bug bwi-fw" [hidden]="simForm.loading"></i>
+        {{ "testNow" | i18n }}
      </button>
+    </form>
    <div class="form-check mt-2">
-            <input class="form-check-input" type="checkbox" id="simSinceLast" [(ngModel)]="simSinceLast">
-            <label class="form-check-label" for="simSinceLast">{{'testLastSync' | i18n}}</label>
+      <input
+        class="form-check-input"
+        type="checkbox"
+        id="simSinceLast"
+        [(ngModel)]="simSinceLast"
+      />
+      <label class="form-check-label" for="simSinceLast">{{ "testLastSync" | i18n }}</label>
    </div>
-        <ng-container *ngIf="!simBtn.loading && (simUsers || simGroups)">
+    <ng-container *ngIf="!simForm.loading && (simUsers || simGroups)">
      <hr />
      <div class="row">
        <div class="col-lg">
-                    <h4>{{'users' | i18n}}</h4>
-                    <ul class="fa-ul testing-list" *ngIf="simEnabledUsers && simEnabledUsers.length">
-                        <li *ngFor="let u of simEnabledUsers" title="{{u.referenceId}}">
-                            <i class="fa-li fa fa-user"></i>
-                            {{u.displayName}}
+          <h4>{{ "users" | i18n }}</h4>
+          <ul class="bwi-ul testing-list" *ngIf="simEnabledUsers && simEnabledUsers.length">
+            <li *ngFor="let u of simEnabledUsers" title="{{ u.referenceId }}">
+              <i class="bwi bwi-li bwi-user"></i>
+              {{ u.displayName }}
            </li>
          </ul>
-                    <p *ngIf="!simEnabledUsers || !simEnabledUsers.length">{{'noUsers' | i18n}}</p>
-                    <h4>{{'disabledUsers' | i18n}}</h4>
-                    <ul class="fa-ul testing-list" *ngIf="simDisabledUsers && simDisabledUsers.length">
-                        <li *ngFor="let u of simDisabledUsers" title="{{u.referenceId}}">
-                            <i class="fa-li fa fa-user"></i>
-                            {{u.displayName}}
+          <p *ngIf="!simEnabledUsers || !simEnabledUsers.length">
+            {{ "noUsers" | i18n }}
+          </p>
+          <h4>{{ "disabledUsers" | i18n }}</h4>
+          <ul class="bwi-ul testing-list" *ngIf="simDisabledUsers && simDisabledUsers.length">
+            <li *ngFor="let u of simDisabledUsers" title="{{ u.referenceId }}">
+              <i class="bwi bwi-li bwi-user"></i>
+              {{ u.displayName }}
            </li>
          </ul>
-                    <p *ngIf="!simDisabledUsers || !simDisabledUsers.length">{{'noUsers' | i18n}}</p>
-                    <h4>{{'deletedUsers' | i18n}}</h4>
-                    <ul class="fa-ul testing-list" *ngIf="simDeletedUsers && simDeletedUsers.length">
-                        <li *ngFor="let u of simDeletedUsers" title="{{u.referenceId}}">
-                            <i class="fa-li fa fa-user"></i>
-                            {{u.displayName}}
+          <p *ngIf="!simDisabledUsers || !simDisabledUsers.length">
+            {{ "noUsers" | i18n }}
+          </p>
+          <h4>{{ "deletedUsers" | i18n }}</h4>
+          <ul class="bwi-ul testing-list" *ngIf="simDeletedUsers && simDeletedUsers.length">
+            <li *ngFor="let u of simDeletedUsers" title="{{ u.referenceId }}">
+              <i class="bwi bwi-li bwi-user"></i>
+              {{ u.displayName }}
            </li>
          </ul>
-                    <p *ngIf="!simDeletedUsers || !simDeletedUsers.length">{{'noUsers' | i18n}}</p>
+          <p *ngIf="!simDeletedUsers || !simDeletedUsers.length">
+            {{ "noUsers" | i18n }}
+          </p>
        </div>
        <div class="col-lg">
-                    <h4>{{'groups' | i18n}}</h4>
-                    <ul class="fa-ul testing-list" *ngIf="simGroups && simGroups.length">
-                        <li *ngFor="let g of simGroups" title="{{g.referenceId}}">
-                            <i class="fa-li fa fa-sitemap"></i>
-                            {{g.displayName}}
+          <h4>{{ "groups" | i18n }}</h4>
+          <ul class="bwi-ul testing-list" *ngIf="simGroups && simGroups.length">
+            <li *ngFor="let g of simGroups" title="{{ g.referenceId }}">
+              <i class="bwi bwi-li bwi-sitemap"></i>
+              {{ g.displayName }}
              <ul class="small" *ngIf="g.users && g.users.length">
-                                <li *ngFor="let u of g.users" title="{{u.referenceId}}">{{u.displayName}}</li>
+                <li *ngFor="let u of g.users" title="{{ u.referenceId }}">
+                  {{ u.displayName }}
+                </li>
              </ul>
            </li>
          </ul>
-                    <p *ngIf="!simGroups || !simGroups.length">{{'noGroups' | i18n}}</p>
+          <p *ngIf="!simGroups || !simGroups.length">{{ "noGroups" | i18n }}</p>
        </div>
      </div>
    </ng-container>
--- a/src/app/tabs/dashboard.component.ts
+++ b/src/app/tabs/dashboard.component.ts
@@ -1,33 +1,25 @@
-import {
-    ChangeDetectorRef,
-    Component,
-    NgZone,
-    OnDestroy,
-    OnInit,
-} from '@angular/core';
+import { ChangeDetectorRef, Component, NgZone, OnDestroy, OnInit } from "@angular/core";

-import { ToasterService } from 'angular2-toaster';
+import { BroadcasterService } from "jslib-common/abstractions/broadcaster.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { MessagingService } from "jslib-common/abstractions/messaging.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";

-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { MessagingService } from 'jslib/abstractions/messaging.service';
-import { StateService } from 'jslib/abstractions/state.service';
+import { SyncService } from "../../services/sync.service";

-import { SyncService } from '../../services/sync.service';
+import { GroupEntry } from "../../models/groupEntry";
+import { SimResult } from "../../models/simResult";
+import { UserEntry } from "../../models/userEntry";

-import { GroupEntry } from '../../models/groupEntry';
-import { SimResult } from '../../models/simResult';
-import { UserEntry } from '../../models/userEntry';
-import { ConfigurationService } from '../../services/configuration.service';
+import { ConnectorUtils } from "../../utils";

-import { BroadcasterService } from 'jslib/angular/services/broadcaster.service';
+import { StateService } from "../../abstractions/state.service";

-import { ConnectorUtils } from '../../utils';
-
-const BroadcasterSubscriptionId = 'DashboardComponent';
+const BroadcasterSubscriptionId = "DashboardComponent";

@Component({
-    selector: 'app-dashboard',
-    templateUrl: 'dashboard.component.html',
+  selector: "app-dashboard",
+  templateUrl: "dashboard.component.html",
 })
 export class DashboardComponent implements OnInit, OnDestroy {
  simGroups: GroupEntry[];
@@ -43,17 +35,22 @@ export class DashboardComponent implements OnInit, OnDestroy {
  lastUserSync: Date;
  syncRunning: boolean;

-    constructor(private i18nService: I18nService, private syncService: SyncService,
-        private configurationService: ConfigurationService, private broadcasterService: BroadcasterService,
-        private ngZone: NgZone, private messagingService: MessagingService,
-        private toasterService: ToasterService, private changeDetectorRef: ChangeDetectorRef,
-        private stateService: StateService) { }
+  constructor(
+    private i18nService: I18nService,
+    private syncService: SyncService,
+    private broadcasterService: BroadcasterService,
+    private ngZone: NgZone,
+    private messagingService: MessagingService,
+    private platformUtilsService: PlatformUtilsService,
+    private changeDetectorRef: ChangeDetectorRef,
+    private stateService: StateService
+  ) {}

  async ngOnInit() {
    this.broadcasterService.subscribe(BroadcasterSubscriptionId, async (message: any) => {
      this.ngZone.run(async () => {
        switch (message.command) {
-                    case 'dirSyncCompleted':
+          case "dirSyncCompleted":
            this.updateLastSync();
            break;
          default:
@@ -64,7 +61,7 @@ export class DashboardComponent implements OnInit, OnDestroy {
      });
    });

-        this.syncRunning = !!(await this.stateService.get('syncingDir'));
+    this.syncRunning = !!(await this.stateService.getSyncingDir());
    this.updateLastSync();
  }

@@ -75,15 +72,15 @@ export class DashboardComponent implements OnInit, OnDestroy {
  async start() {
    this.startPromise = this.syncService.sync(false, false);
    await this.startPromise;
-        this.messagingService.send('scheduleNextDirSync');
+    this.messagingService.send("scheduleNextDirSync");
    this.syncRunning = true;
-        this.toasterService.popAsync('success', null, this.i18nService.t('syncingStarted'));
+    this.platformUtilsService.showToast("success", null, this.i18nService.t("syncingStarted"));
  }

  async stop() {
-        this.messagingService.send('cancelDirSync');
+    this.messagingService.send("cancelDirSync");
    this.syncRunning = false;
-        this.toasterService.popAsync('success', null, this.i18nService.t('syncingStopped'));
+    this.platformUtilsService.showToast("success", null, this.i18nService.t("syncingStopped"));
  }

  async sync() {
@@ -91,8 +88,11 @@ export class DashboardComponent implements OnInit, OnDestroy {
    const result = await this.syncPromise;
    const groupCount = result[0] != null ? result[0].length : 0;
    const userCount = result[1] != null ? result[1].length : 0;
-        this.toasterService.popAsync('success', null,
-            this.i18nService.t('syncCounts', groupCount.toString(), userCount.toString()));
+    this.platformUtilsService.showToast(
+      "success",
+      null,
+      this.i18nService.t("syncCounts", groupCount.toString(), userCount.toString())
+    );
  }

  async simulate() {
@@ -103,7 +103,11 @@ export class DashboardComponent implements OnInit, OnDestroy {
    this.simDeletedUsers = [];

    try {
-            this.simPromise = ConnectorUtils.simulate(this.syncService, this.i18nService, this.simSinceLast);
+      this.simPromise = ConnectorUtils.simulate(
+        this.syncService,
+        this.i18nService,
+        this.simSinceLast
+      );
      const result = await this.simPromise;
      this.simGroups = result.groups;
      this.simUsers = result.users;
@@ -117,7 +121,7 @@ export class DashboardComponent implements OnInit, OnDestroy {
  }

  private async updateLastSync() {
-        this.lastGroupSync = await this.configurationService.getLastGroupSyncDate();
-        this.lastUserSync = await this.configurationService.getLastUserSyncDate();
+    this.lastGroupSync = await this.stateService.getLastGroupSync();
+    this.lastUserSync = await this.stateService.getLastUserSync();
  }
 }
--- a/src/app/tabs/more.component.html
+++ b/src/app/tabs/more.component.html
@@ -1,30 +1,36 @@
 <div class="row">
  <div class="col-sm">
    <div class="card">
-            <h3 class="card-header">{{'about' | i18n}}</h3>
+      <h3 class="card-header">{{ "about" | i18n }}</h3>
      <div class="card-body">
        <p>
-                    {{'bitwardenDirectoryConnector' | i18n}}
-                    <br /> {{'version' | i18n : version}}
-                    <br /> &copy; 8bit Solutions LLC 2015-{{year}}
+          {{ "bitwardenDirectoryConnector" | i18n }}
+          <br />
+          {{ "version" | i18n: version }} <br />
+          &copy; Bitwarden Inc. LLC 2015-{{ year }}
        </p>
-                <button class="btn btn-primary" type="button" (click)="update()" [disabled]="checkingForUpdate">
-                    <i class="fa fa-download fa-fw" [hidden]="checkingForUpdate"></i>
-                    <i class="fa fa-spinner fa-fw fa-spin" [hidden]="!checkingForUpdate"></i>
-                    {{'checkForUpdates' | i18n}}
+        <button
+          class="btn btn-primary"
+          type="button"
+          (click)="update()"
+          [disabled]="checkingForUpdate"
+        >
+          <i class="bwi bwi-download bwi-fw" [hidden]="checkingForUpdate"></i>
+          <i class="bwi bwi-spinner bwi-fw bwi-spin" [hidden]="!checkingForUpdate"></i>
+          {{ "checkForUpdates" | i18n }}
        </button>
      </div>
    </div>
  </div>
  <div class="col-sm">
    <div class="card">
-            <h3 class="card-header">{{'other' | i18n}}</h3>
+      <h3 class="card-header">{{ "other" | i18n }}</h3>
      <div class="card-body">
        <button class="btn btn-primary" type="button" (click)="logOut()">
-                    {{'logOut' | i18n}}
+          {{ "logOut" | i18n }}
        </button>
        <button class="btn btn-primary" type="button" (click)="clearCache()">
-                    {{'clearSyncCache' | i18n}}
+          {{ "clearSyncCache" | i18n }}
        </button>
      </div>
    </div>
--- a/src/app/tabs/more.component.ts
+++ b/src/app/tabs/more.component.ts
@@ -1,45 +1,41 @@
-import {
-    ChangeDetectorRef,
-    Component,
-    NgZone,
-    OnDestroy,
-    OnInit,
-} from '@angular/core';
+import { ChangeDetectorRef, Component, NgZone, OnInit } from "@angular/core";

-import { ToasterService } from 'angular2-toaster';
+import { BroadcasterService } from "jslib-common/abstractions/broadcaster.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { MessagingService } from "jslib-common/abstractions/messaging.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";

-import { BroadcasterService } from 'jslib/angular/services/broadcaster.service';
+import { StateService } from "../../abstractions/state.service";

-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { MessagingService } from 'jslib/abstractions/messaging.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-
-import { ConfigurationService } from '../../services/configuration.service';
-
-const BroadcasterSubscriptionId = 'MoreComponent';
+const BroadcasterSubscriptionId = "MoreComponent";

@Component({
-    selector: 'app-more',
-    templateUrl: 'more.component.html',
+  selector: "app-more",
+  templateUrl: "more.component.html",
 })
 export class MoreComponent implements OnInit {
  version: string;
  year: string;
  checkingForUpdate = false;

-    constructor(private platformUtilsService: PlatformUtilsService, private i18nService: I18nService,
-        private messagingService: MessagingService, private configurationService: ConfigurationService,
-        private toasterService: ToasterService, private broadcasterService: BroadcasterService,
-        private ngZone: NgZone, private changeDetectorRef: ChangeDetectorRef) { }
+  constructor(
+    private platformUtilsService: PlatformUtilsService,
+    private i18nService: I18nService,
+    private messagingService: MessagingService,
+    private broadcasterService: BroadcasterService,
+    private ngZone: NgZone,
+    private changeDetectorRef: ChangeDetectorRef,
+    private stateService: StateService
+  ) {}

-    ngOnInit() {
+  async ngOnInit() {
    this.broadcasterService.subscribe(BroadcasterSubscriptionId, async (message: any) => {
      this.ngZone.run(async () => {
        switch (message.command) {
-                    case 'checkingForUpdate':
+          case "checkingForUpdate":
            this.checkingForUpdate = true;
            break;
-                    case 'doneCheckingForUpdate':
+          case "doneCheckingForUpdate":
            this.checkingForUpdate = false;
            break;
          default:
@@ -51,7 +47,7 @@ export class MoreComponent implements OnInit {
    });

    this.year = new Date().getFullYear().toString();
-        this.version = this.platformUtilsService.getApplicationVersion();
+    this.version = await this.platformUtilsService.getApplicationVersion();
  }

  ngOnDestroy() {
@@ -59,20 +55,23 @@ export class MoreComponent implements OnInit {
  }

  update() {
-        this.messagingService.send('checkForUpdate');
+    this.messagingService.send("checkForUpdate");
  }

  async logOut() {
    const confirmed = await this.platformUtilsService.showDialog(
-            this.i18nService.t('logOutConfirmation'), this.i18nService.t('logOut'),
-            this.i18nService.t('yes'), this.i18nService.t('cancel'));
+      this.i18nService.t("logOutConfirmation"),
+      this.i18nService.t("logOut"),
+      this.i18nService.t("yes"),
+      this.i18nService.t("cancel")
+    );
    if (confirmed) {
-            this.messagingService.send('logout');
+      this.messagingService.send("logout");
    }
  }

  async clearCache() {
-        await this.configurationService.clearStatefulSettings(true);
-        this.toasterService.popAsync('success', null, this.i18nService.t('syncCacheCleared'));
+    await this.stateService.clearSyncSettings(true);
+    this.platformUtilsService.showToast("success", null, this.i18nService.t("syncCacheCleared"));
  }
 }
--- a/src/app/tabs/settings.component.html
+++ b/src/app/tabs/settings.component.html
@@ -1,333 +1,753 @@
 <div class="row">
  <div class="col-sm">
    <div class="card mb-3">
-            <h3 class="card-header">{{'directory' | i18n}}</h3>
+      <h3 class="card-header">{{ "directory" | i18n }}</h3>
      <div class="card-body">
        <div class="form-group">
-                    <label for="directory">{{'type' | i18n}}</label>
+          <label for="directory">{{ "type" | i18n }}</label>
          <select class="form-control" id="directory" name="Directory" [(ngModel)]="directory">
-                        <option *ngFor="let o of directoryOptions" [ngValue]="o.value">{{o.name}}</option>
+            <option *ngFor="let o of directoryOptions" [ngValue]="o.value">
+              {{ o.name }}
+            </option>
          </select>
        </div>
        <div [hidden]="directory != directoryType.Ldap">
          <div class="form-group">
-                        <label for="hostname">{{'serverHostname' | i18n}}</label>
-                        <input type="text" class="form-control" id="hostname" name="Hostname"
-                            [(ngModel)]="ldap.hostname">
-                        <small class="text-muted form-text">{{'ex' | i18n}} ad.company.com</small>
+            <label for="hostname">{{ "serverHostname" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="hostname"
+              name="Hostname"
+              [(ngModel)]="ldap.hostname"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} ad.company.com</small>
          </div>
          <div class="form-group">
-                        <label for="port">{{'port' | i18n}}</label>
-                        <input type="text" class="form-control" id="port" name="Port" [(ngModel)]="ldap.port">
-                        <small class="text-muted form-text">{{'ex' | i18n}} 389</small>
+            <label for="port">{{ "port" | i18n }}</label>
+            <input type="text" class="form-control" id="port" name="Port" [(ngModel)]="ldap.port" />
+            <small class="text-muted form-text">{{ "ex" | i18n }} 389</small>
          </div>
          <div class="form-group">
-                        <label for="rootPath">{{'rootPath' | i18n}}</label>
-                        <input type="text" class="form-control" id="rootPath" name="RootPath"
-                            [(ngModel)]="ldap.rootPath">
-                        <small class="text-muted form-text">{{'ex' | i18n}} dc=company,dc=com</small>
+            <label for="rootPath">{{ "rootPath" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="rootPath"
+              name="RootPath"
+              [(ngModel)]="ldap.rootPath"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} dc=company,dc=com</small>
          </div>
          <div class="form-group">
            <div class="form-check">
-                            <input class="form-check-input" type="checkbox" id="ad" [(ngModel)]="ldap.ad" name="AD">
-                            <label class="form-check-label" for="ad">{{'ldapAd' | i18n}}</label>
+              <input
+                class="form-check-input"
+                type="checkbox"
+                id="ad"
+                [(ngModel)]="ldap.ad"
+                name="AD"
+              />
+              <label class="form-check-label" for="ad">{{ "ldapAd" | i18n }}</label>
+            </div>
+          </div>
+          <div class="form-group" *ngIf="!ldap.ad">
+            <div class="form-check">
+              <input
+                class="form-check-input"
+                type="checkbox"
+                id="pagedSearch"
+                [(ngModel)]="ldap.pagedSearch"
+                name="PagedSearch"
+              />
+              <label class="form-check-label" for="pagedSearch">{{
+                "ldapPagedResults" | i18n
+              }}</label>
            </div>
          </div>
          <div class="form-group">
            <div class="form-check">
-                            <input class="form-check-input" type="checkbox" id="ssl" [(ngModel)]="ldap.ssl" name="SSL">
-                            <label class="form-check-label" for="ssl">{{'ldapSsl' | i18n}}</label>
+              <input
+                class="form-check-input"
+                type="checkbox"
+                id="ldapEncrypted"
+                [(ngModel)]="ldap.ssl"
+                name="Encrypted"
+              />
+              <label class="form-check-label" for="ldapEncrypted">{{
+                "ldapEncrypted" | i18n
+              }}</label>
            </div>
          </div>
          <div class="ml-4" *ngIf="ldap.ssl">
-                        <p>{{'ldapSslUntrustedDesc' | i18n}}</p>
            <div class="form-group">
-                            <label for="sslCertPath">{{'ldapSslCert' | i18n}}</label>
-                            <input type="file" class="form-control-file mb-2" id="sslCertPath_file"
-                                (change)="setSslPath('sslCertPath')">
-                            <input type="text" class="form-control" id="sslCertPath" name="SSLCertPath"
-                                [(ngModel)]="ldap.sslCertPath">
+              <div class="form-radio">
+                <input
+                  class="form-radio-input"
+                  type="radio"
+                  [value]="false"
+                  id="ssl"
+                  [(ngModel)]="ldap.startTls"
+                  name="SSL"
+                />
+                <label class="form-radio-label" for="ssl">{{ "ldapSsl" | i18n }}</label>
+              </div>
+              <div class="form-radio">
+                <input
+                  class="form-radio-input"
+                  type="radio"
+                  [value]="true"
+                  id="startTls"
+                  [(ngModel)]="ldap.startTls"
+                  name="StartTLS"
+                />
+                <label class="form-radio-label" for="startTls">{{ "ldapTls" | i18n }}</label>
+              </div>
+            </div>
+            <div class="ml-4" *ngIf="ldap.startTls">
+              <p>{{ "ldapTlsUntrustedDesc" | i18n }}</p>
+              <div class="form-group">
+                <label for="tlsCaPath">{{ "ldapTlsCa" | i18n }}</label>
+                <input
+                  type="file"
+                  class="form-control-file mb-2"
+                  id="tlsCaPath_file"
+                  (change)="setSslPath('tlsCaPath')"
+                />
+                <input
+                  type="text"
+                  class="form-control"
+                  id="tlsCaPath"
+                  name="TLSCaPath"
+                  [(ngModel)]="ldap.tlsCaPath"
+                />
+              </div>
+            </div>
+            <div class="ml-4" *ngIf="!ldap.startTls">
+              <p>{{ "ldapSslUntrustedDesc" | i18n }}</p>
+              <div class="form-group">
+                <label for="sslCertPath">{{ "ldapSslCert" | i18n }}</label>
+                <input
+                  type="file"
+                  class="form-control-file mb-2"
+                  id="sslCertPath_file"
+                  (change)="setSslPath('sslCertPath')"
+                />
+                <input
+                  type="text"
+                  class="form-control"
+                  id="sslCertPath"
+                  name="SSLCertPath"
+                  [(ngModel)]="ldap.sslCertPath"
+                />
              </div>
              <div class="form-group">
-                            <label for="sslKeyPath">{{'ldapSslKey' | i18n}}</label>
-                            <input type="file" class="form-control-file mb-2" id="sslKeyPath_file"
-                                (change)="setSslPath('sslKeyPath')">
-                            <input type="text" class="form-control" id="sslKeyPath" name="SSLKeyPath"
-                                [(ngModel)]="ldap.sslKeyPath">
+                <label for="sslKeyPath">{{ "ldapSslKey" | i18n }}</label>
+                <input
+                  type="file"
+                  class="form-control-file mb-2"
+                  id="sslKeyPath_file"
+                  (change)="setSslPath('sslKeyPath')"
+                />
+                <input
+                  type="text"
+                  class="form-control"
+                  id="sslKeyPath"
+                  name="SSLKeyPath"
+                  [(ngModel)]="ldap.sslKeyPath"
+                />
              </div>
              <div class="form-group">
-                            <label for="sslCaPath">{{'ldapSslCa' | i18n}}</label>
-                            <input type="file" class="form-control-file mb-2" id="sslCaPath_file"
-                                (change)="setSslPath('sslCaPath')">
-                            <input type="text" class="form-control" id="sslCaPath" name="SSLCaPath"
-                                [(ngModel)]="ldap.sslCaPath">
+                <label for="sslCaPath">{{ "ldapSslCa" | i18n }}</label>
+                <input
+                  type="file"
+                  class="form-control-file mb-2"
+                  id="sslCaPath_file"
+                  (change)="setSslPath('sslCaPath')"
+                />
+                <input
+                  type="text"
+                  class="form-control"
+                  id="sslCaPath"
+                  name="SSLCaPath"
+                  [(ngModel)]="ldap.sslCaPath"
+                />
+              </div>
            </div>
            <div class="form-group">
              <div class="form-check">
-                                <input class="form-check-input" type="checkbox" id="sslAllowUnauthorized"
-                                    [(ngModel)]="ldap.sslAllowUnauthorized" name="SSLAllowUnauthorized">
-                                <label class="form-check-label"
-                                    for="sslAllowUnauthorized">{{'ldapSslAllowUnauthorized' | i18n}}</label>
+                <input
+                  class="form-check-input"
+                  type="checkbox"
+                  id="certDoNotVerify"
+                  [(ngModel)]="ldap.sslAllowUnauthorized"
+                  name="CertDoNoVerify"
+                />
+                <label class="form-check-label" for="certDoNotVerify">{{
+                  "ldapCertDoNotVerify" | i18n
+                }}</label>
              </div>
            </div>
          </div>
          <div class="form-group" [hidden]="true">
            <div class="form-check">
-                            <input class="form-check-input" type="checkbox" id="currentUser"
-                                [(ngModel)]="ldap.currentUser" name="CurrentUser">
-                            <label class="form-check-label" for="currentUser">{{'currentUser' | i18n}}</label>
+              <input
+                class="form-check-input"
+                type="checkbox"
+                id="currentUser"
+                [(ngModel)]="ldap.currentUser"
+                name="CurrentUser"
+              />
+              <label class="form-check-label" for="currentUser">{{ "currentUser" | i18n }}</label>
            </div>
          </div>
          <div [hidden]="ldap.currentUser">
            <div class="form-group">
-                            <label for="username">{{'username' | i18n}}</label>
-                            <input type="text" class="form-control" id="username" name="Username"
-                                [(ngModel)]="ldap.username">
-                            <small class="text-muted form-text" *ngIf="ldap.ad">{{'ex' | i18n}} company\admin</small>
-                            <small class="text-muted form-text" *ngIf="!ldap.ad">{{'ex' | i18n}}
-                                cn=admin,dc=company,dc=com</small>
+              <label for="username">{{ "username" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="username"
+                name="Username"
+                [(ngModel)]="ldap.username"
+              />
+              <small class="text-muted form-text" *ngIf="ldap.ad"
+                >{{ "ex" | i18n }} company\admin</small
+              >
+              <small class="text-muted form-text" *ngIf="!ldap.ad"
+                >{{ "ex" | i18n }} cn=admin,dc=company,dc=com</small
+              >
            </div>
            <div class="form-group">
-                            <label for="password">{{'password' | i18n}}</label>
-                            <input type="password" class="form-control" id="password" name="Password"
-                                [(ngModel)]="ldap.password">
+              <label for="password">{{ "password" | i18n }}</label>
+              <div class="input-group">
+                <input
+                  type="{{ showLdapPassword ? 'text' : 'password' }}"
+                  class="form-control"
+                  id="password"
+                  name="Password"
+                  [(ngModel)]="ldap.password"
+                />
+                <div class="input-group-append">
+                  <button
+                    type="button"
+                    class="btn btn-outline-secondary"
+                    appA11yTitle="{{ 'toggleVisibility' | i18n }}"
+                    (click)="toggleLdapPassword()"
+                  >
+                    <i
+                      class="bwi bwi-lg"
+                      aria-hidden="true"
+                      [ngClass]="showLdapPassword ? 'bwi-eye-slash' : 'bwi-eye'"
+                    ></i>
+                  </button>
+                </div>
+              </div>
            </div>
          </div>
        </div>
        <div [hidden]="directory != directoryType.AzureActiveDirectory">
          <div class="form-group">
-                        <label for="tenant">{{'tenant' | i18n}}</label>
-                        <input type="text" class="form-control" id="tenant" name="Tenant" [(ngModel)]="azure.tenant">
-                        <small class="text-muted form-text">{{'ex' | i18n}} companyad.onmicrosoft.com</small>
+            <label for="identityAuthority">{{ "identityAuthority" | i18n }}</label>
+            <select
+              class="form-control"
+              id="identityAuthority"
+              name="IdentityAuthority"
+              [(ngModel)]="azure.identityAuthority"
+            >
+              <option value="login.microsoftonline.com">Azure AD Public</option>
+              <option value="login.microsoftonline.us">Azure AD Government</option>
+            </select>
          </div>
          <div class="form-group">
-                        <label for="applicationId">{{'applicationId' | i18n}}</label>
-                        <input type="text" class="form-control" id="applicationId" name="ApplicationId"
-                            [(ngModel)]="azure.applicationId">
+            <label for="tenant">{{ "tenant" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="tenant"
+              name="Tenant"
+              [(ngModel)]="azure.tenant"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} companyad.onmicrosoft.com</small>
          </div>
          <div class="form-group">
-                        <label for="secretKey">{{'secretKey' | i18n}}</label>
-                        <input type="text" class="form-control" id="secretKey" name="SecretKey" [(ngModel)]="azure.key">
+            <label for="applicationId">{{ "applicationId" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="applicationId"
+              name="ApplicationId"
+              [(ngModel)]="azure.applicationId"
+            />
+          </div>
+          <div class="form-group">
+            <label for="secretKey">{{ "secretKey" | i18n }}</label>
+            <div class="input-group">
+              <input
+                type="{{ showAzureKey ? 'text' : 'password' }}"
+                class="form-control"
+                id="secretKey"
+                name="SecretKey"
+                [(ngModel)]="azure.key"
+              />
+              <div class="input-group-append">
+                <button
+                  type="button"
+                  class="btn btn-outline-secondary"
+                  appA11yTitle="{{ 'toggleVisibility' | i18n }}"
+                  (click)="toggleAzureKey()"
+                >
+                  <i
+                    class="bwi bwi-lg"
+                    aria-hidden="true"
+                    [ngClass]="showAzureKey ? 'bwi-eye-slash' : 'bwi-eye'"
+                  ></i>
+                </button>
+              </div>
+            </div>
          </div>
        </div>
        <div [hidden]="directory != directoryType.Okta">
          <div class="form-group">
-                        <label for="orgUrl">{{'organizationUrl' | i18n}}</label>
-                        <input type="text" class="form-control" id="orgUrl" name="OrgUrl" [(ngModel)]="okta.orgUrl">
-                        <small class="text-muted form-text">{{'ex' | i18n}} https://mycompany.okta.com/</small>
+            <label for="orgUrl">{{ "organizationUrl" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="orgUrl"
+              name="OrgUrl"
+              [(ngModel)]="okta.orgUrl"
+            />
+            <small class="text-muted form-text"
+              >{{ "ex" | i18n }} https://mycompany.okta.com/</small
+            >
          </div>
          <div class="form-group">
-                        <label for="oktaToken">{{'token' | i18n}}</label>
-                        <input type="text" class="form-control" id="oktaToken" name="OktaToken"
-                            [(ngModel)]="okta.token">
+            <label for="oktaToken">{{ "token" | i18n }}</label>
+            <div class="input-group">
+              <input
+                type="{{ showOktaKey ? 'text' : 'password' }}"
+                class="form-control"
+                id="oktaToken"
+                name="OktaToken"
+                [(ngModel)]="okta.token"
+              />
+              <div class="input-group-append">
+                <button
+                  type="button"
+                  class="btn btn-outline-secondary"
+                  appA11yTitle="{{ 'toggleVisibility' | i18n }}"
+                  (click)="toggleOktaKey()"
+                >
+                  <i
+                    class="bwi bwi-lg"
+                    aria-hidden="true"
+                    [ngClass]="showOktaKey ? 'bwi-eye-slash' : 'bwi-eye'"
+                  ></i>
+                </button>
+              </div>
+            </div>
+          </div>
+        </div>
+        <div [hidden]="directory != directoryType.OneLogin">
+          <div class="form-group">
+            <label for="oneLoginClientId">{{ "clientId" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="oneLoginClientId"
+              name="OneLoginClientId"
+              [(ngModel)]="oneLogin.clientId"
+            />
+          </div>
+          <div class="form-group">
+            <label for="oneLoginClientSecret">{{ "clientSecret" | i18n }}</label>
+            <div class="input-group">
+              <input
+                type="{{ showOneLoginSecret ? 'text' : 'password' }}"
+                class="form-control"
+                id="oneLoginClientSecret"
+                name="OneLoginClientSecret"
+                [(ngModel)]="oneLogin.clientSecret"
+              />
+              <div class="input-group-append">
+                <button
+                  type="button"
+                  class="btn btn-outline-secondary"
+                  appA11yTitle="{{ 'toggleVisibility' | i18n }}"
+                  (click)="toggleOneLoginSecret()"
+                >
+                  <i
+                    class="bwi bwi-lg"
+                    aria-hidden="true"
+                    [ngClass]="showOneLoginSecret ? 'bwi-eye-slash' : 'bwi-eye'"
+                  ></i>
+                </button>
+              </div>
+            </div>
+          </div>
+          <div class="form-group">
+            <label for="oneLoginRegion">{{ "region" | i18n }}</label>
+            <select
+              class="form-control"
+              id="oneLoginRegion"
+              name="OneLoginRegion"
+              [(ngModel)]="oneLogin.region"
+            >
+              <option value="us">US</option>
+              <option value="eu">EU</option>
+            </select>
          </div>
        </div>
        <div [hidden]="directory != directoryType.GSuite">
          <div class="form-group">
-                        <label for="domain">{{'domain' | i18n}}</label>
-                        <input type="text" class="form-control" id="domain" name="Domain" [(ngModel)]="gsuite.domain">
-                        <small class="text-muted form-text">{{'ex' | i18n}} company.com</small>
+            <label for="domain">{{ "domain" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="domain"
+              name="Domain"
+              [(ngModel)]="gsuite.domain"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} company.com</small>
          </div>
          <div class="form-group">
-                        <label for="adminUser">{{'adminUser' | i18n}}</label>
-                        <input type="text" class="form-control" id="adminUser" name="AdminUser"
-                            [(ngModel)]="gsuite.adminUser">
-                        <small class="text-muted form-text">{{'ex' | i18n}} admin@company.com</small>
+            <label for="adminUser">{{ "adminUser" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="adminUser"
+              name="AdminUser"
+              [(ngModel)]="gsuite.adminUser"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} admin@company.com</small>
          </div>
          <div class="form-group">
-                        <label for="customerId">{{'customerId' | i18n}}</label>
-                        <input type="text" class="form-control" id="customerId" name="CustomerId"
-                            [(ngModel)]="gsuite.customer">
-                        <small class="text-muted form-text">{{'ex' | i18n}} 39204722352</small>
+            <label for="customerId">{{ "customerId" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="customerId"
+              name="CustomerId"
+              [(ngModel)]="gsuite.customer"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} 39204722352</small>
          </div>
          <div class="form-group">
-                        <label for="keyFile">{{'jsonKeyFile' | i18n}}</label>
-                        <input type="file" class="form-control-file" id="keyFile" accept=".json"
-                            (change)="parseKeyFile()">
-                        <small class="text-muted form-text">{{'ex' | i18n}} My Project-jksd3jd223.json</small>
+            <label for="keyFile">{{ "jsonKeyFile" | i18n }}</label>
+            <input
+              type="file"
+              class="form-control-file"
+              id="keyFile"
+              accept=".json"
+              (change)="parseKeyFile()"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} My Project-jksd3jd223.json</small>
          </div>
          <div class="form-group" [hidden]="!gsuite.clientEmail">
-                        <label for="clientEmail">{{'clientEmail' | i18n}}</label>
-                        <input type="text" class="form-control" id="clientEmail" name="ClientEmail"
-                            [(ngModel)]="gsuite.clientEmail">
+            <label for="clientEmail">{{ "clientEmail" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="clientEmail"
+              name="ClientEmail"
+              [(ngModel)]="gsuite.clientEmail"
+            />
          </div>
          <div class="form-group" [hidden]="!gsuite.privateKey">
-                        <label for="privateKey">{{'privateKey' | i18n}}</label>
-                        <textarea class="form-control text-monospace" id="privateKey" name="PrivateKey"
-                            [(ngModel)]="gsuite.privateKey">
+            <label for="privateKey">{{ "privateKey" | i18n }}</label>
+            <textarea
+              class="form-control text-monospace"
+              id="privateKey"
+              name="PrivateKey"
+              [(ngModel)]="gsuite.privateKey"
+            >
            </textarea>
          </div>
        </div>
      </div>
    </div>
-
-        <div class="card mb-3">
-            <h3 class="card-header">{{'account' | i18n}}</h3>
-            <div class="card-body">
-                <div class="form-group">
-                    <label for="organizationId">{{'organization' | i18n}}</label>
-                    <select class="form-control" id="organizationId" name="OrganizationId" [(ngModel)]="organizationId">
-                        <option *ngFor="let o of organizationOptions" [ngValue]="o.value">{{o.name}}</option>
-                    </select>
-                </div>
-            </div>
-        </div>
  </div>
  <div class="col-sm">
    <div class="card">
-            <h3 class="card-header">{{'sync' | i18n}}</h3>
+      <h3 class="card-header">{{ "sync" | i18n }}</h3>
      <div class="card-body">
        <div class="form-group">
-                    <label for="interval">{{'interval' | i18n}}</label>
-                    <input type="number" min="5" class="form-control" id="interval" name="Interval"
-                        [(ngModel)]="sync.interval">
-                    <small class="text-muted form-text">{{'intervalMin' | i18n}}</small>
+          <label for="interval">{{ "interval" | i18n }}</label>
+          <input
+            type="number"
+            min="5"
+            class="form-control"
+            id="interval"
+            name="Interval"
+            [(ngModel)]="sync.interval"
+          />
+          <small class="text-muted form-text">{{ "intervalMin" | i18n }}</small>
        </div>
        <div class="form-group">
          <div class="form-check">
-                        <input class="form-check-input" type="checkbox" id="removeDisabled"
-                            [(ngModel)]="sync.removeDisabled" name="RemoveDisabled">
-                        <label class="form-check-label" for="removeDisabled">{{'removeDisabled' | i18n}}</label>
+            <input
+              class="form-check-input"
+              type="checkbox"
+              id="removeDisabled"
+              [(ngModel)]="sync.removeDisabled"
+              name="RemoveDisabled"
+            />
+            <label class="form-check-label" for="removeDisabled">{{
+              "removeDisabled" | i18n
+            }}</label>
          </div>
        </div>
        <div class="form-group">
          <div class="form-check">
-                        <input class="form-check-input" type="checkbox" id="overwriteExisting"
-                            [(ngModel)]="sync.overwriteExisting" name="OverwriteExisting">
-                        <label class="form-check-label" for="overwriteExisting">{{'overwriteExisting' | i18n}}</label>
+            <input
+              class="form-check-input"
+              type="checkbox"
+              id="overwriteExisting"
+              [(ngModel)]="sync.overwriteExisting"
+              name="OverwriteExisting"
+            />
+            <label class="form-check-label" for="overwriteExisting">{{
+              "overwriteExisting" | i18n
+            }}</label>
+          </div>
+        </div>
+        <div class="form-group">
+          <div class="form-check">
+            <input
+              class="form-check-input"
+              type="checkbox"
+              id="largeImport"
+              [(ngModel)]="sync.largeImport"
+              name="LargeImport"
+            />
+            <label class="form-check-label" for="largeImport">{{ "largeImport" | i18n }}</label>
          </div>
        </div>
        <div [hidden]="directory != directoryType.Ldap">
          <div [hidden]="ldap.ad">
            <div class="form-group">
-                            <label for="memberAttribute">{{'memberAttribute' | i18n}}</label>
-                            <input type="text" class="form-control" id="memberAttribute" name="MemberAttribute"
-                                [(ngModel)]="sync.memberAttribute">
-                            <small class="text-muted form-text">{{'ex' | i18n}} uniqueMember</small>
+              <label for="memberAttribute">{{ "memberAttribute" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="memberAttribute"
+                name="MemberAttribute"
+                [(ngModel)]="sync.memberAttribute"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} uniqueMember</small>
            </div>
            <div class="form-group">
-                            <label for="creationDateAttribute">{{'creationDateAttribute' | i18n}}</label>
-                            <input type="text" class="form-control" id="creationDateAttribute"
-                                name="CreationDateAttribute" [(ngModel)]="sync.creationDateAttribute">
-                            <small class="text-muted form-text">{{'ex' | i18n}} whenCreated</small>
+              <label for="creationDateAttribute">{{ "creationDateAttribute" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="creationDateAttribute"
+                name="CreationDateAttribute"
+                [(ngModel)]="sync.creationDateAttribute"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} whenCreated</small>
            </div>
            <div class="form-group">
-                            <label for="revisionDateAttribute">{{'revisionDateAttribute' | i18n}}</label>
-                            <input type="text" class="form-control" id="revisionDateAttribute"
-                                name="RevisionDateAttribute" [(ngModel)]="sync.revisionDateAttribute">
-                            <small class="text-muted form-text">{{'ex' | i18n}} whenChanged</small>
+              <label for="revisionDateAttribute">{{ "revisionDateAttribute" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="revisionDateAttribute"
+                name="RevisionDateAttribute"
+                [(ngModel)]="sync.revisionDateAttribute"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} whenChanged</small>
            </div>
          </div>
-
+        </div>
+        <div [hidden]="directory != directoryType.Ldap && directory != directoryType.OneLogin">
          <div class="form-group">
            <div class="form-check">
-                            <input class="form-check-input" type="checkbox" id="useEmailPrefixSuffix"
-                                [(ngModel)]="sync.useEmailPrefixSuffix" name="UseEmailPrefixSuffix">
-                            <label class="form-check-label"
-                                for="useEmailPrefixSuffix">{{'useEmailPrefixSuffix' | i18n}}</label>
+              <input
+                class="form-check-input"
+                type="checkbox"
+                id="useEmailPrefixSuffix"
+                [(ngModel)]="sync.useEmailPrefixSuffix"
+                name="UseEmailPrefixSuffix"
+              />
+              <label class="form-check-label" for="useEmailPrefixSuffix">{{
+                "useEmailPrefixSuffix" | i18n
+              }}</label>
            </div>
          </div>
          <div [hidden]="!sync.useEmailPrefixSuffix">
-                        <div class="form-group" [hidden]="ldap.ad">
-                            <label for="emailPrefixAttribute">{{'emailPrefixAttribute' | i18n}}</label>
-                            <input type="text" class="form-control" id="emailPrefixAttribute"
-                                name="EmailPrefixAttribute" [(ngModel)]="sync.emailPrefixAttribute">
-                            <small class="text-muted form-text">{{'ex' | i18n}} accountName</small>
+            <div class="form-group" [hidden]="ldap.ad || directory != directoryType.Ldap">
+              <label for="emailPrefixAttribute">{{ "emailPrefixAttribute" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="emailPrefixAttribute"
+                name="EmailPrefixAttribute"
+                [(ngModel)]="sync.emailPrefixAttribute"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} accountName</small>
            </div>
            <div class="form-group">
-                            <label for="emailSuffix">{{'emailSuffix' | i18n}}</label>
-                            <input type="text" class="form-control" id="emailSuffix" name="EmailSuffix"
-                                [(ngModel)]="sync.emailSuffix">
-                            <small class="text-muted form-text">{{'ex' | i18n}} @company.com</small>
+              <label for="emailSuffix">{{ "emailSuffix" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="emailSuffix"
+                name="EmailSuffix"
+                [(ngModel)]="sync.emailSuffix"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} @company.com</small>
            </div>
          </div>
        </div>

        <div class="form-group">
          <div class="form-check">
-                        <input class="form-check-input" type="checkbox" id="syncUsers" [(ngModel)]="sync.users"
-                            name="SyncUsers">
-                        <label class="form-check-label" for="syncUsers">{{'syncUsers' | i18n}}</label>
+            <input
+              class="form-check-input"
+              type="checkbox"
+              id="syncUsers"
+              [(ngModel)]="sync.users"
+              name="SyncUsers"
+            />
+            <label class="form-check-label" for="syncUsers">{{ "syncUsers" | i18n }}</label>
          </div>
        </div>
        <div [hidden]="!sync.users">
          <div class="form-group">
-                        <label for="userFilter">{{'userFilter' | i18n}}</label>
-                        <textarea class="form-control" id="userFilter" name="UserFilter"
-                            [(ngModel)]="sync.userFilter"></textarea>
-                        <small class="text-muted form-text" *ngIf="directory === directoryType.Ldap">{{'ex' | i18n}}
-                            (&amp;(givenName=John)(|(l=Dallas)(l=Austin)))</small>
-                        <small class="text-muted form-text"
-                            *ngIf="directory === directoryType.AzureActiveDirectory">{{'ex' | i18n}}
-                            exclude:joe@company.com</small>
-                        <small class="text-muted form-text" *ngIf="directory === directoryType.Okta">{{'ex' | i18n}}
-                            exclude:joe@company.com | profile.firstName eq "John"</small>
-                        <small class="text-muted form-text" *ngIf="directory === directoryType.GSuite">{{'ex' | i18n}}
-                            exclude:joe@company.com | orgName=Engineering</small>
+            <label for="userFilter">{{ "userFilter" | i18n }}</label>
+            <textarea
+              class="form-control"
+              id="userFilter"
+              name="UserFilter"
+              [(ngModel)]="sync.userFilter"
+            ></textarea>
+            <small class="text-muted form-text" *ngIf="directory === directoryType.Ldap"
+              >{{ "ex" | i18n }} (&amp;(givenName=John)(|(l=Dallas)(l=Austin)))</small
+            >
+            <small
+              class="text-muted form-text"
+              *ngIf="directory === directoryType.AzureActiveDirectory"
+              >{{ "ex" | i18n }} exclude:joe@company.com</small
+            >
+            <small class="text-muted form-text" *ngIf="directory === directoryType.Okta"
+              >{{ "ex" | i18n }} exclude:joe@company.com | profile.firstName eq "John"</small
+            >
+            <small class="text-muted form-text" *ngIf="directory === directoryType.GSuite"
+              >{{ "ex" | i18n }} exclude:joe@company.com | orgName=Engineering</small
+            >
          </div>
          <div class="form-group" [hidden]="directory != directoryType.Ldap">
-                        <label for="userPath">{{'userPath' | i18n}}</label>
-                        <input type="text" class="form-control" id="userPath" name="UserPath"
-                            [(ngModel)]="sync.userPath">
-                        <small class="text-muted form-text">{{'ex' | i18n}} CN=Users</small>
+            <label for="userPath">{{ "userPath" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="userPath"
+              name="UserPath"
+              [(ngModel)]="sync.userPath"
+            />
+            <small class="text-muted form-text">{{ "ex" | i18n }} CN=Users</small>
          </div>
          <div [hidden]="directory != directoryType.Ldap || ldap.ad">
            <div class="form-group">
-                            <label for="userObjectClass">{{'userObjectClass' | i18n}}</label>
-                            <input type="text" class="form-control" id="userObjectClass" name="UserObjectClass"
-                                [(ngModel)]="sync.userObjectClass">
-                            <small class="text-muted form-text">{{'ex' | i18n}} inetOrgPerson</small>
+              <label for="userObjectClass">{{ "userObjectClass" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="userObjectClass"
+                name="UserObjectClass"
+                [(ngModel)]="sync.userObjectClass"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} inetOrgPerson</small>
            </div>
            <div class="form-group">
-                            <label for="userEmailAttribute">{{'userEmailAttribute' | i18n}}</label>
-                            <input type="text" class="form-control" id="userEmailAttribute" name="UserEmailAttribute"
-                                [(ngModel)]="sync.userEmailAttribute">
-                            <small class="text-muted form-text">{{'ex' | i18n}} mail</small>
+              <label for="userEmailAttribute">{{ "userEmailAttribute" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="userEmailAttribute"
+                name="UserEmailAttribute"
+                [(ngModel)]="sync.userEmailAttribute"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} mail</small>
            </div>
          </div>
        </div>

        <div class="form-group">
          <div class="form-check">
-                        <input class="form-check-input" type="checkbox" id="syncGroups" [(ngModel)]="sync.groups"
-                            name="SyncGroups">
-                        <label class="form-check-label" for="syncGroups">{{'syncGroups' | i18n}}</label>
+            <input
+              class="form-check-input"
+              type="checkbox"
+              id="syncGroups"
+              [(ngModel)]="sync.groups"
+              name="SyncGroups"
+            />
+            <label class="form-check-label" for="syncGroups">{{
+              (directory !== directoryType.OneLogin ? "syncGroups" : "syncGroupsOneLogin") | i18n
+            }}</label>
          </div>
        </div>
        <div [hidden]="!sync.groups">
          <div class="form-group">
-                        <label for="groupFilter">{{'groupFilter' | i18n}}</label>
-                        <textarea class="form-control" id="groupFilter" name="GroupFilter"
-                            [(ngModel)]="sync.groupFilter"></textarea>
-                        <small class="text-muted form-text" *ngIf="directory === directoryType.Ldap">{{'ex' | i18n}}
-                            (&amp;!(name=Sales*)!(name=IT*))</small>
-                        <small class="text-muted form-text"
-                            *ngIf="directory === directoryType.AzureActiveDirectory">{{'ex' | i18n}}
-                            include:Sales,IT</small>
-                        <small class="text-muted form-text" *ngIf="directory === directoryType.Okta">{{'ex' | i18n}}
-                            include:Sales,IT | type eq "APP_GROUP"</small>
-                        <small class="text-muted form-text" *ngIf="directory === directoryType.GSuite">{{'ex' | i18n}}
-                            include:Sales,IT</small>
+            <label for="groupFilter">{{
+              (directory !== directoryType.OneLogin ? "groupFilter" : "groupFilterOneLogin") | i18n
+            }}</label>
+            <textarea
+              class="form-control"
+              id="groupFilter"
+              name="GroupFilter"
+              [(ngModel)]="sync.groupFilter"
+            ></textarea>
+            <small class="text-muted form-text" *ngIf="directory === directoryType.Ldap"
+              >{{ "ex" | i18n }} (&amp;!(name=Sales*)!(name=IT*))</small
+            >
+            <small
+              class="text-muted form-text"
+              *ngIf="directory === directoryType.AzureActiveDirectory"
+              >{{ "ex" | i18n }} include:Sales,IT</small
+            >
+            <small class="text-muted form-text" *ngIf="directory === directoryType.Okta"
+              >{{ "ex" | i18n }} include:Sales,IT | type eq "APP_GROUP"</small
+            >
+            <small class="text-muted form-text" *ngIf="directory === directoryType.GSuite"
+              >{{ "ex" | i18n }} include:Sales,IT</small
+            >
          </div>
          <div class="form-group" [hidden]="directory != directoryType.Ldap">
-                        <label for="groupPath">{{'groupPath' | i18n}}</label>
-                        <input type="text" class="form-control" id="groupPath" name="GroupPath"
-                            [(ngModel)]="sync.groupPath">
-                        <small class="text-muted form-text" *ngIf="!ldap.ad">{{'ex' | i18n}} CN=Groups</small>
-                        <small class="text-muted form-text" *ngIf="ldap.ad">{{'ex' | i18n}} CN=Users</small>
+            <label for="groupPath">{{ "groupPath" | i18n }}</label>
+            <input
+              type="text"
+              class="form-control"
+              id="groupPath"
+              name="GroupPath"
+              [(ngModel)]="sync.groupPath"
+            />
+            <small class="text-muted form-text" *ngIf="!ldap.ad">{{ "ex" | i18n }} CN=Groups</small>
+            <small class="text-muted form-text" *ngIf="ldap.ad">{{ "ex" | i18n }} CN=Users</small>
          </div>
          <div [hidden]="directory != directoryType.Ldap || ldap.ad">
            <div class="form-group">
-                            <label for="groupObjectClass">{{'groupObjectClass' | i18n}}</label>
-                            <input type="text" class="form-control" id="groupObjectClass" name="GroupObjectClass"
-                                [(ngModel)]="sync.groupObjectClass">
-                            <small class="text-muted form-text">{{'ex' | i18n}} groupOfUniqueNames</small>
+              <label for="groupObjectClass">{{ "groupObjectClass" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="groupObjectClass"
+                name="GroupObjectClass"
+                [(ngModel)]="sync.groupObjectClass"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} groupOfUniqueNames</small>
            </div>
            <div class="form-group">
-                            <label for="groupNameAttribute">{{'groupNameAttribute' | i18n}}</label>
-                            <input type="text" class="form-control" id="groupNameAttribute" name="GroupNameAttribute"
-                                [(ngModel)]="sync.groupNameAttribute">
-                            <small class="text-muted form-text">{{'ex' | i18n}} name</small>
+              <label for="groupNameAttribute">{{ "groupNameAttribute" | i18n }}</label>
+              <input
+                type="text"
+                class="form-control"
+                id="groupNameAttribute"
+                name="GroupNameAttribute"
+                [(ngModel)]="sync.groupNameAttribute"
+              />
+              <small class="text-muted form-text">{{ "ex" | i18n }} name</small>
            </div>
          </div>
        </div>
--- a/src/app/tabs/settings.component.ts
+++ b/src/app/tabs/settings.component.ts
@@ -1,31 +1,23 @@
-import {
-    ChangeDetectorRef,
-    Component,
-    NgZone,
-    OnDestroy,
-    OnInit,
-} from '@angular/core';
+import { ChangeDetectorRef, Component, NgZone, OnDestroy, OnInit } from "@angular/core";

-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { StateService } from 'jslib/abstractions/state.service';
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";

-import { ProfileOrganizationResponse } from 'jslib/models/response/profileOrganizationResponse';
+import { DirectoryType } from "../../enums/directoryType";

-import { ConfigurationService } from '../../services/configuration.service';
+import { AzureConfiguration } from "../../models/azureConfiguration";
+import { GSuiteConfiguration } from "../../models/gsuiteConfiguration";
+import { LdapConfiguration } from "../../models/ldapConfiguration";
+import { OktaConfiguration } from "../../models/oktaConfiguration";
+import { OneLoginConfiguration } from "../../models/oneLoginConfiguration";
+import { SyncConfiguration } from "../../models/syncConfiguration";

-import { DirectoryType } from '../../enums/directoryType';
-
-import { AzureConfiguration } from '../../models/azureConfiguration';
-import { GSuiteConfiguration } from '../../models/gsuiteConfiguration';
-import { LdapConfiguration } from '../../models/ldapConfiguration';
-import { OktaConfiguration } from '../../models/oktaConfiguration';
-import { SyncConfiguration } from '../../models/syncConfiguration';
-
-import { ConnectorUtils } from '../../utils';
+import { StateService } from "../../abstractions/state.service";
+import { ConnectorUtils } from "../../utils";

@Component({
-    selector: 'app-settings',
-    templateUrl: 'settings.component.html',
+  selector: "app-settings",
+  templateUrl: "settings.component.html",
 })
 export class SettingsComponent implements OnInit, OnDestroy {
  directory: DirectoryType;
@@ -34,43 +26,48 @@ export class SettingsComponent implements OnInit, OnDestroy {
  gsuite = new GSuiteConfiguration();
  azure = new AzureConfiguration();
  okta = new OktaConfiguration();
+  oneLogin = new OneLoginConfiguration();
  sync = new SyncConfiguration();
-    organizationId: string;
  directoryOptions: any[];
-    organizationOptions: any[];
+  showLdapPassword: boolean = false;
+  showAzureKey: boolean = false;
+  showOktaKey: boolean = false;
+  showOneLoginSecret: boolean = false;

-    constructor(private i18nService: I18nService, private configurationService: ConfigurationService,
-        private changeDetectorRef: ChangeDetectorRef, private ngZone: NgZone,
-        private stateService: StateService) {
+  constructor(
+    private i18nService: I18nService,
+    private changeDetectorRef: ChangeDetectorRef,
+    private ngZone: NgZone,
+    private logService: LogService,
+    private stateService: StateService
+  ) {
    this.directoryOptions = [
-            { name: i18nService.t('select'), value: null },
-            { name: 'Active Directory / LDAP', value: DirectoryType.Ldap },
-            { name: 'Azure Active Directory', value: DirectoryType.AzureActiveDirectory },
-            { name: 'G Suite (Google)', value: DirectoryType.GSuite },
-            { name: 'Okta', value: DirectoryType.Okta },
+      { name: this.i18nService.t("select"), value: null },
+      { name: "Active Directory / LDAP", value: DirectoryType.Ldap },
+      { name: "Azure Active Directory", value: DirectoryType.AzureActiveDirectory },
+      { name: "G Suite (Google)", value: DirectoryType.GSuite },
+      { name: "Okta", value: DirectoryType.Okta },
+      { name: "OneLogin", value: DirectoryType.OneLogin },
    ];
  }

  async ngOnInit() {
-        this.organizationOptions = [{ name: this.i18nService.t('select'), value: null }];
-        const orgs = await this.stateService.get<ProfileOrganizationResponse[]>('profileOrganizations');
-        if (orgs != null) {
-            for (const org of orgs) {
-                this.organizationOptions.push({ name: org.name, value: org.id });
-            }
-        }
-
-        this.organizationId = await this.configurationService.getOrganizationId();
-        this.directory = await this.configurationService.getDirectoryType();
-        this.ldap = (await this.configurationService.getDirectory<LdapConfiguration>(DirectoryType.Ldap)) ||
-            this.ldap;
-        this.gsuite = (await this.configurationService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
+    this.directory = await this.stateService.getDirectoryType();
+    this.ldap =
+      (await this.stateService.getDirectory<LdapConfiguration>(DirectoryType.Ldap)) || this.ldap;
+    this.gsuite =
+      (await this.stateService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
      this.gsuite;
-        this.azure = (await this.configurationService.getDirectory<AzureConfiguration>(
-            DirectoryType.AzureActiveDirectory)) || this.azure;
-        this.okta = (await this.configurationService.getDirectory<OktaConfiguration>(
-            DirectoryType.Okta)) || this.okta;
-        this.sync = (await this.configurationService.getSync()) || this.sync;
+    this.azure =
+      (await this.stateService.getDirectory<AzureConfiguration>(
+        DirectoryType.AzureActiveDirectory
+      )) || this.azure;
+    this.okta =
+      (await this.stateService.getDirectory<OktaConfiguration>(DirectoryType.Okta)) || this.okta;
+    this.oneLogin =
+      (await this.stateService.getDirectory<OneLoginConfiguration>(DirectoryType.OneLogin)) ||
+      this.oneLogin;
+    this.sync = (await this.stateService.getSync()) || this.sync;
  }

  async ngOnDestroy() {
@@ -79,23 +76,26 @@ export class SettingsComponent implements OnInit, OnDestroy {

  async submit() {
    ConnectorUtils.adjustConfigForSave(this.ldap, this.sync);
-        await this.configurationService.saveOrganizationId(this.organizationId);
-        await this.configurationService.saveDirectoryType(this.directory);
-        await this.configurationService.saveDirectory(DirectoryType.Ldap, this.ldap);
-        await this.configurationService.saveDirectory(DirectoryType.GSuite, this.gsuite);
-        await this.configurationService.saveDirectory(DirectoryType.AzureActiveDirectory, this.azure);
-        await this.configurationService.saveDirectory(DirectoryType.Okta, this.okta);
-        await this.configurationService.saveSync(this.sync);
+    if (this.ldap != null && this.ldap.ad) {
+      this.ldap.pagedSearch = true;
+    }
+    await this.stateService.setDirectoryType(this.directory);
+    await this.stateService.setDirectory(DirectoryType.Ldap, this.ldap);
+    await this.stateService.setDirectory(DirectoryType.GSuite, this.gsuite);
+    await this.stateService.setDirectory(DirectoryType.AzureActiveDirectory, this.azure);
+    await this.stateService.setDirectory(DirectoryType.Okta, this.okta);
+    await this.stateService.setDirectory(DirectoryType.OneLogin, this.oneLogin);
+    await this.stateService.setSync(this.sync);
  }

  parseKeyFile() {
-        const filePicker = (document.getElementById('keyFile') as HTMLInputElement);
+    const filePicker = document.getElementById("keyFile") as HTMLInputElement;
    if (filePicker.files == null || filePicker.files.length < 0) {
      return;
    }

    const reader = new FileReader();
-        reader.readAsText(filePicker.files[0], 'utf-8');
+    reader.readAsText(filePicker.files[0], "utf-8");
    reader.onload = (evt) => {
      this.ngZone.run(async () => {
        try {
@@ -104,20 +104,22 @@ export class SettingsComponent implements OnInit, OnDestroy {
            this.gsuite.clientEmail = result.client_email;
            this.gsuite.privateKey = result.private_key;
          }
-                } catch { }
+        } catch (e) {
+          this.logService.error(e);
+        }
        this.changeDetectorRef.detectChanges();
      });

      // reset file input
      // ref: https://stackoverflow.com/a/20552042
-            filePicker.type = '';
-            filePicker.type = 'file';
-            filePicker.value = '';
+      filePicker.type = "";
+      filePicker.type = "file";
+      filePicker.value = "";
    };
  }

  setSslPath(id: string) {
-        const filePicker = (document.getElementById(id + '_file') as HTMLInputElement);
+    const filePicker = document.getElementById(id + "_file") as HTMLInputElement;
    if (filePicker.files == null || filePicker.files.length < 0) {
      return;
    }
@@ -125,8 +127,28 @@ export class SettingsComponent implements OnInit, OnDestroy {
    (this.ldap as any)[id] = filePicker.files[0].path;
    // reset file input
    // ref: https://stackoverflow.com/a/20552042
-        filePicker.type = '';
-        filePicker.type = 'file';
-        filePicker.value = '';
+    filePicker.type = "";
+    filePicker.type = "file";
+    filePicker.value = "";
+  }
+
+  toggleLdapPassword() {
+    this.showLdapPassword = !this.showLdapPassword;
+    document.getElementById("password").focus();
+  }
+
+  toggleAzureKey() {
+    this.showAzureKey = !this.showAzureKey;
+    document.getElementById("secretKey").focus();
+  }
+
+  toggleOktaKey() {
+    this.showOktaKey = !this.showOktaKey;
+    document.getElementById("oktaToken").focus();
+  }
+
+  toggleOneLoginSecret() {
+    this.showOneLoginSecret = !this.showOneLoginSecret;
+    document.getElementById("oneLoginClientSecret").focus();
  }
 }
--- a/src/app/tabs/tabs.component.html
+++ b/src/app/tabs/tabs.component.html
@@ -2,20 +2,20 @@
  <ul class="nav nav-tabs mb-3">
    <li class="nav-item">
      <a class="nav-link" routerLink="dashboard" routerLinkActive="active">
-                <i class="fa fa-dashboard"></i>
-                {{'dashboard' | i18n}}
+        <i class="bwi bwi-dashboard"></i>
+        {{ "dashboard" | i18n }}
      </a>
    </li>
    <li class="nav-item">
      <a class="nav-link" routerLink="settings" routerLinkActive="active">
-                <i class="fa fa-cogs"></i>
-                {{'settings' | i18n}}
+        <i class="bwi bwi-cogs"></i>
+        {{ "settings" | i18n }}
      </a>
    </li>
    <li class="nav-item">
      <a class="nav-link" routerLink="more" routerLinkActive="active">
-                <i class="fa fa-sliders"></i>
-                {{'more' | i18n}}
+        <i class="bwi bwi-sliders"></i>
+        {{ "more" | i18n }}
      </a>
    </li>
  </ul>
--- a/src/app/tabs/tabs.component.ts
+++ b/src/app/tabs/tabs.component.ts
@@ -1,7 +1,7 @@
-import { Component } from '@angular/core';
+import { Component } from "@angular/core";

@Component({
-    selector: 'app-tabs',
-    templateUrl: 'tabs.component.html',
+  selector: "app-tabs",
+  templateUrl: "tabs.component.html",
 })
-export class TabsComponent { }
+export class TabsComponent {}
--- a/src/bwdc.ts
+++ b/src/bwdc.ts
@@ -1,97 +1,260 @@
-import * as fs from 'fs';
-import * as path from 'path';
+import * as fs from "fs";
+import * as path from "path";

-import { LogLevelType } from 'jslib/enums/logLevelType';
+import { LogLevelType } from "jslib-common/enums/logLevelType";

-import { AuthService } from 'jslib/services/auth.service';
+import { AuthService } from "./services/auth.service";

-import { ConfigurationService } from './services/configuration.service';
-import { I18nService } from './services/i18n.service';
-import { KeytarSecureStorageService } from './services/keytarSecureStorage.service';
-import { SyncService } from './services/sync.service';
+import { I18nService } from "./services/i18n.service";
+import { KeytarSecureStorageService } from "./services/keytarSecureStorage.service";
+import { LowdbStorageService } from "./services/lowdbStorage.service";
+import { StateService } from "./services/state.service";
+import { StateMigrationService } from "./services/stateMigration.service";
+import { SyncService } from "./services/sync.service";

-import { CliPlatformUtilsService } from 'jslib/cli/services/cliPlatformUtils.service';
-import { ConsoleLogService } from 'jslib/cli/services/consoleLog.service';
+import { CliPlatformUtilsService } from "jslib-node/cli/services/cliPlatformUtils.service";
+import { ConsoleLogService } from "jslib-node/cli/services/consoleLog.service";
+import { NodeApiService } from "jslib-node/services/nodeApi.service";
+import { NodeCryptoFunctionService } from "jslib-node/services/nodeCryptoFunction.service";

-import { AppIdService } from 'jslib/services/appId.service';
-import { ConstantsService } from 'jslib/services/constants.service';
-import { ContainerService } from 'jslib/services/container.service';
-import { CryptoService } from 'jslib/services/crypto.service';
-import { EnvironmentService } from 'jslib/services/environment.service';
-import { LowdbStorageService } from 'jslib/services/lowdbStorage.service';
-import { NodeApiService } from 'jslib/services/nodeApi.service';
-import { NodeCryptoFunctionService } from 'jslib/services/nodeCryptoFunction.service';
-import { NoopMessagingService } from 'jslib/services/noopMessaging.service';
-import { TokenService } from 'jslib/services/token.service';
-import { UserService } from 'jslib/services/user.service';
+import { AppIdService } from "jslib-common/services/appId.service";
+import { CipherService } from "jslib-common/services/cipher.service";
+import { CollectionService } from "jslib-common/services/collection.service";
+import { ContainerService } from "jslib-common/services/container.service";
+import { CryptoService } from "jslib-common/services/crypto.service";
+import { EnvironmentService } from "jslib-common/services/environment.service";
+import { FileUploadService } from "jslib-common/services/fileUpload.service";
+import { FolderService } from "jslib-common/services/folder.service";
+import { KeyConnectorService } from "jslib-common/services/keyConnector.service";
+import { NoopMessagingService } from "jslib-common/services/noopMessaging.service";
+import { OrganizationService } from "jslib-common/services/organization.service";
+import { PasswordGenerationService } from "jslib-common/services/passwordGeneration.service";
+import { PolicyService } from "jslib-common/services/policy.service";
+import { ProviderService } from "jslib-common/services/provider.service";
+import { SearchService } from "jslib-common/services/search.service";
+import { SendService } from "jslib-common/services/send.service";
+import { SettingsService } from "jslib-common/services/settings.service";
+import { TokenService } from "jslib-common/services/token.service";

-import { Program } from './program';
+import { StorageService as StorageServiceAbstraction } from "jslib-common/abstractions/storage.service";
+
+import { Program } from "./program";
+
+import { Account } from "./models/account";
+
+import { GlobalStateFactory } from "jslib-common/factories/globalStateFactory";
+import { StateFactory } from "jslib-common/factories/stateFactory";
+
+import { GlobalState } from "jslib-common/models/domain/globalState";

 // tslint:disable-next-line
-const packageJson = require('./package.json');
+const packageJson = require("./package.json");

+export let searchService: SearchService = null;
 export class Main {
  dataFilePath: string;
  logService: ConsoleLogService;
  messagingService: NoopMessagingService;
  storageService: LowdbStorageService;
-    secureStorageService: KeytarSecureStorageService;
+  secureStorageService: StorageServiceAbstraction;
  i18nService: I18nService;
  platformUtilsService: CliPlatformUtilsService;
-    constantsService: ConstantsService;
  cryptoService: CryptoService;
  tokenService: TokenService;
  appIdService: AppIdService;
  apiService: NodeApiService;
  environmentService: EnvironmentService;
-    userService: UserService;
  containerService: ContainerService;
  cryptoFunctionService: NodeCryptoFunctionService;
  authService: AuthService;
-    configurationService: ConfigurationService;
+  collectionService: CollectionService;
+  cipherService: CipherService;
+  fileUploadService: FileUploadService;
+  folderService: FolderService;
+  searchService: SearchService;
+  sendService: SendService;
+  settingsService: SettingsService;
  syncService: SyncService;
+  passwordGenerationService: PasswordGenerationService;
+  policyService: PolicyService;
+  keyConnectorService: KeyConnectorService;
  program: Program;
+  stateService: StateService;
+  stateMigrationService: StateMigrationService;
+  organizationService: OrganizationService;
+  providerService: ProviderService;

  constructor() {
-        const applicationName = 'Bitwarden Directory Connector';
+    const applicationName = "Bitwarden Directory Connector";
    if (process.env.BITWARDENCLI_CONNECTOR_APPDATA_DIR) {
      this.dataFilePath = path.resolve(process.env.BITWARDENCLI_CONNECTOR_APPDATA_DIR);
    } else if (process.env.BITWARDEN_CONNECTOR_APPDATA_DIR) {
      this.dataFilePath = path.resolve(process.env.BITWARDEN_CONNECTOR_APPDATA_DIR);
-        } else if (fs.existsSync(path.join(__dirname, 'bitwarden-connector-appdata'))) {
-            this.dataFilePath = path.join(__dirname, 'bitwarden-connector-appdata');
-        } else if (process.platform === 'darwin') {
-            this.dataFilePath = path.join(process.env.HOME, 'Library/Application Support/' + applicationName);
-        } else if (process.platform === 'win32') {
+    } else if (fs.existsSync(path.join(__dirname, "bitwarden-connector-appdata"))) {
+      this.dataFilePath = path.join(__dirname, "bitwarden-connector-appdata");
+    } else if (process.platform === "darwin") {
+      this.dataFilePath = path.join(
+        process.env.HOME,
+        "Library/Application Support/" + applicationName
+      );
+    } else if (process.platform === "win32") {
      this.dataFilePath = path.join(process.env.APPDATA, applicationName);
    } else if (process.env.XDG_CONFIG_HOME) {
      this.dataFilePath = path.join(process.env.XDG_CONFIG_HOME, applicationName);
    } else {
-            this.dataFilePath = path.join(process.env.HOME, '.config/' + applicationName);
+      this.dataFilePath = path.join(process.env.HOME, ".config/" + applicationName);
    }

-        this.i18nService = new I18nService('en', './locales');
-        this.platformUtilsService = new CliPlatformUtilsService('connector', packageJson);
-        this.logService = new ConsoleLogService(this.platformUtilsService.isDev(),
-            (level) => process.env.BWCLI_DEBUG !== 'true' && level <= LogLevelType.Info);
+    const plaintextSecrets = process.env.BITWARDENCLI_CONNECTOR_PLAINTEXT_SECRETS === "true";
+    this.i18nService = new I18nService("en", "./locales");
+    this.platformUtilsService = new CliPlatformUtilsService("connector", packageJson);
+    this.logService = new ConsoleLogService(
+      this.platformUtilsService.isDev(),
+      (level) => process.env.BITWARDENCLI_CONNECTOR_DEBUG !== "true" && level <= LogLevelType.Info
+    );
    this.cryptoFunctionService = new NodeCryptoFunctionService();
-        this.storageService = new LowdbStorageService(null, this.dataFilePath, true);
-        this.secureStorageService = new KeytarSecureStorageService(applicationName);
-        this.cryptoService = new CryptoService(this.storageService, this.secureStorageService,
-            this.cryptoFunctionService);
+    this.storageService = new LowdbStorageService(
+      this.logService,
+      null,
+      this.dataFilePath,
+      false,
+      true
+    );
+    this.secureStorageService = plaintextSecrets
+      ? this.storageService
+      : new KeytarSecureStorageService(applicationName);
+
+    this.stateMigrationService = new StateMigrationService(
+      this.storageService,
+      this.secureStorageService,
+      new StateFactory(GlobalState, Account)
+    );
+
+    this.stateService = new StateService(
+      this.storageService,
+      this.secureStorageService,
+      this.logService,
+      this.stateMigrationService,
+      process.env.BITWARDENCLI_CONNECTOR_PLAINTEXT_SECRETS !== "true",
+      new StateFactory(GlobalState, Account)
+    );
+
+    this.cryptoService = new CryptoService(
+      this.cryptoFunctionService,
+      this.platformUtilsService,
+      this.logService,
+      this.stateService
+    );
+
    this.appIdService = new AppIdService(this.storageService);
-        this.tokenService = new TokenService(this.storageService);
+    this.tokenService = new TokenService(this.stateService);
    this.messagingService = new NoopMessagingService();
-        this.apiService = new NodeApiService(this.tokenService, this.platformUtilsService,
-            async (expired: boolean) => await this.logout());
-        this.environmentService = new EnvironmentService(this.apiService, this.storageService, null);
-        this.userService = new UserService(this.tokenService, this.storageService);
+    this.environmentService = new EnvironmentService(this.stateService);
+    this.apiService = new NodeApiService(
+      this.tokenService,
+      this.platformUtilsService,
+      this.environmentService,
+      async (expired: boolean) => await this.logout(),
+      "Bitwarden_DC/" +
+        this.platformUtilsService.getApplicationVersion() +
+        " (" +
+        this.platformUtilsService.getDeviceString().toUpperCase() +
+        ")",
+      (clientId, clientSecret) => this.authService.logInApiKey(clientId, clientSecret)
+    );
    this.containerService = new ContainerService(this.cryptoService);
-        this.authService = new AuthService(this.cryptoService, this.apiService, this.userService, this.tokenService,
-            this.appIdService, this.i18nService, this.platformUtilsService, this.messagingService, true);
-        this.configurationService = new ConfigurationService(this.storageService, this.secureStorageService);
-        this.syncService = new SyncService(this.configurationService, this.logService, this.cryptoFunctionService,
-            this.apiService, this.messagingService, this.i18nService);
+
+    this.organizationService = new OrganizationService(this.stateService);
+
+    this.keyConnectorService = new KeyConnectorService(
+      this.stateService,
+      this.cryptoService,
+      this.apiService,
+      this.tokenService,
+      this.logService,
+      this.organizationService
+    );
+
+    this.authService = new AuthService(
+      this.cryptoService,
+      this.apiService,
+      this.tokenService,
+      this.appIdService,
+      this.i18nService,
+      this.platformUtilsService,
+      this.messagingService,
+      null,
+      this.logService,
+      this.cryptoFunctionService,
+      this.environmentService,
+      this.keyConnectorService,
+      this.stateService
+    );
+
+    this.syncService = new SyncService(
+      this.logService,
+      this.cryptoFunctionService,
+      this.apiService,
+      this.messagingService,
+      this.i18nService,
+      this.environmentService,
+      this.stateService
+    );
+
+    this.policyService = new PolicyService(
+      this.stateService,
+      this.organizationService,
+      this.apiService
+    );
+
+    this.passwordGenerationService = new PasswordGenerationService(
+      this.cryptoService,
+      this.policyService,
+      this.stateService
+    );
+
+    this.settingsService = new SettingsService(this.stateService);
+
+    this.fileUploadService = new FileUploadService(this.logService, this.apiService);
+
+    this.cipherService = new CipherService(
+      this.cryptoService,
+      this.settingsService,
+      this.apiService,
+      this.fileUploadService,
+      this.i18nService,
+      () => searchService,
+      this.logService,
+      this.stateService
+    );
+
+    this.searchService = new SearchService(this.cipherService, this.logService, this.i18nService);
+
+    this.folderService = new FolderService(
+      this.cryptoService,
+      this.apiService,
+      this.i18nService,
+      this.cipherService,
+      this.stateService
+    );
+
+    this.collectionService = new CollectionService(
+      this.cryptoService,
+      this.i18nService,
+      this.stateService
+    );
+
+    this.sendService = new SendService(
+      this.cryptoService,
+      this.apiService,
+      this.fileUploadService,
+      this.i18nService,
+      this.cryptoFunctionService,
+      this.stateService
+    );
+
+    this.providerService = new ProviderService(this.stateService);
+
    this.program = new Program(this);
  }

@@ -101,14 +264,13 @@ export class Main {
  }

  async logout() {
-        await Promise.all([
-            this.tokenService.clearToken(),
-            this.userService.clear(),
-        ]);
+    await this.tokenService.clearToken();
+    await this.stateService.clean();
  }

  private async init() {
-        this.storageService.init();
+    await this.storageService.init();
+    await this.stateService.init();
    this.containerService.attachToWindow(global);
    await this.environmentService.setUrlsFromStorage();
    // Dev Server URLs. Comment out the line above.
@@ -117,14 +279,14 @@ export class Main {
    //     api: 'http://localhost:4000',
    //     identity: 'http://localhost:33656',
    // });
-        const locale = await this.storageService.get<string>(ConstantsService.localeKey);
+    const locale = await this.stateService.getLocale();
    await this.i18nService.init(locale);
    this.authService.init();

-        const installedVersion = await this.storageService.get<string>(ConstantsService.installedVersionKey);
-        const currentVersion = this.platformUtilsService.getApplicationVersion();
+    const installedVersion = await this.stateService.getInstalledVersion();
+    const currentVersion = await this.platformUtilsService.getApplicationVersion();
    if (installedVersion == null || installedVersion !== currentVersion) {
-            await this.storageService.save(ConstantsService.installedVersionKey, currentVersion);
+      await this.stateService.setInstalledVersion(currentVersion);
    }
  }
 }
--- a/src/commands/clearCache.command.ts
+++ b/src/commands/clearCache.command.ts
@@ -1,19 +1,18 @@
-import * as program from 'commander';
+import * as program from "commander";

-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { I18nService } from "jslib-common/abstractions/i18n.service";

-import { ConfigurationService } from '../services/configuration.service';
-
-import { Response } from 'jslib/cli/models/response';
-import { MessageResponse } from 'jslib/cli/models/response/messageResponse';
+import { Response } from "jslib-node/cli/models/response";
+import { MessageResponse } from "jslib-node/cli/models/response/messageResponse";
+import { StateService } from "../abstractions/state.service";

 export class ClearCacheCommand {
-    constructor(private configurationService: ConfigurationService, private i18nService: I18nService) { }
+  constructor(private i18nService: I18nService, private stateService: StateService) {}

-    async run(cmd: program.Command): Promise<Response> {
+  async run(cmd: program.OptionValues): Promise<Response> {
    try {
-            await this.configurationService.clearStatefulSettings(true);
-            const res = new MessageResponse(this.i18nService.t('syncCacheCleared'), null);
+      await this.stateService.clearSyncSettings(true);
+      const res = new MessageResponse(this.i18nService.t("syncCacheCleared"), null);
      return Response.success(res);
    } catch (e) {
      return Response.error(e);
--- a/src/commands/config.command.ts
+++ b/src/commands/config.command.ts
@@ -1,22 +1,25 @@
-import * as program from 'commander';
+import * as program from "commander";

-import { EnvironmentService } from 'jslib/abstractions/environment.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { EnvironmentService } from "jslib-common/abstractions/environment.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";

-import { ConfigurationService } from '../services/configuration.service';
+import { StateService } from "../abstractions/state.service";

-import { DirectoryType } from '../enums/directoryType';
+import { DirectoryType } from "../enums/directoryType";

-import { Response } from 'jslib/cli/models/response';
-import { MessageResponse } from 'jslib/cli/models/response/messageResponse';
+import { Response } from "jslib-node/cli/models/response";
+import { MessageResponse } from "jslib-node/cli/models/response/messageResponse";

-import { AzureConfiguration } from '../models/azureConfiguration';
-import { GSuiteConfiguration } from '../models/gsuiteConfiguration';
-import { LdapConfiguration } from '../models/ldapConfiguration';
-import { OktaConfiguration } from '../models/oktaConfiguration';
-import { SyncConfiguration } from '../models/syncConfiguration';
+import { AzureConfiguration } from "../models/azureConfiguration";
+import { GSuiteConfiguration } from "../models/gsuiteConfiguration";
+import { LdapConfiguration } from "../models/ldapConfiguration";
+import { OktaConfiguration } from "../models/oktaConfiguration";
+import { OneLoginConfiguration } from "../models/oneLoginConfiguration";
+import { SyncConfiguration } from "../models/syncConfiguration";

-import { ConnectorUtils } from '../utils';
+import { ConnectorUtils } from "../utils";
+
+import { NodeUtils } from "jslib-common/misc/nodeUtils";

 export class ConfigCommand {
  private directory: DirectoryType;
@@ -24,45 +27,59 @@ export class ConfigCommand {
  private gsuite = new GSuiteConfiguration();
  private azure = new AzureConfiguration();
  private okta = new OktaConfiguration();
+  private oneLogin = new OneLoginConfiguration();
  private sync = new SyncConfiguration();

-    constructor(private environmentService: EnvironmentService, private i18nService: I18nService,
-        private configurationService: ConfigurationService) { }
+  constructor(
+    private environmentService: EnvironmentService,
+    private i18nService: I18nService,
+    private stateService: StateService
+  ) {}

-    async run(setting: string, value: string, cmd: program.Command): Promise<Response> {
+  async run(setting: string, value: string, options: program.OptionValues): Promise<Response> {
    setting = setting.toLowerCase();
+    if (value == null || value === "") {
+      if (options.secretfile) {
+        value = await NodeUtils.readFirstLine(options.secretfile);
+      } else if (options.secretenv && process.env[options.secretenv]) {
+        value = process.env[options.secretenv];
+      }
+    }
    try {
      switch (setting) {
-                case 'server':
+        case "server":
          await this.setServer(value);
          break;
-                case 'directory':
+        case "directory":
          await this.setDirectory(value);
          break;
-                case 'ldap.password':
+        case "ldap.password":
          await this.setLdapPassword(value);
          break;
-                case 'gsuite.key':
+        case "gsuite.key":
          await this.setGSuiteKey(value);
          break;
-                case 'azure.key':
+        case "azure.key":
          await this.setAzureKey(value);
          break;
-                case 'okta.token':
+        case "okta.token":
          await this.setOktaToken(value);
          break;
+        case "onelogin.secret":
+          await this.setOneLoginSecret(value);
+          break;
        default:
-                    return Response.badRequest('Unknown setting.');
+          return Response.badRequest("Unknown setting.");
      }
    } catch (e) {
      return Response.error(e);
    }
-        const res = new MessageResponse(this.i18nService.t('savedSetting', setting), null);
+    const res = new MessageResponse(this.i18nService.t("savedSetting", setting), null);
    return Response.success(res);
  }

  private async setServer(url: string) {
-        url = (url === 'null' || url === 'bitwarden.com' || url === 'https://bitwarden.com' ? null : url);
+    url = url === "null" || url === "bitwarden.com" || url === "https://bitwarden.com" ? null : url;
    await this.environmentService.setUrls({
      base: url,
    });
@@ -70,8 +87,8 @@ export class ConfigCommand {

  private async setDirectory(type: string) {
    const dir = parseInt(type, null);
-        if (dir < DirectoryType.Ldap || dir > DirectoryType.Okta) {
-            throw new Error('Invalid directory type value.');
+    if (dir < DirectoryType.Ldap || dir > DirectoryType.OneLogin) {
+      throw new Error("Invalid directory type value.");
    }
    await this.loadConfig();
    this.directory = dir;
@@ -102,26 +119,39 @@ export class ConfigCommand {
    await this.saveConfig();
  }

+  private async setOneLoginSecret(secret: string) {
+    await this.loadConfig();
+    this.oneLogin.clientSecret = secret;
+    await this.saveConfig();
+  }
+
  private async loadConfig() {
-        this.directory = await this.configurationService.getDirectoryType();
-        this.ldap = (await this.configurationService.getDirectory<LdapConfiguration>(DirectoryType.Ldap)) ||
-            this.ldap;
-        this.gsuite = (await this.configurationService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
+    this.directory = await this.stateService.getDirectoryType();
+    this.ldap =
+      (await this.stateService.getDirectory<LdapConfiguration>(DirectoryType.Ldap)) || this.ldap;
+    this.gsuite =
+      (await this.stateService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
      this.gsuite;
-        this.azure = (await this.configurationService.getDirectory<AzureConfiguration>(
-            DirectoryType.AzureActiveDirectory)) || this.azure;
-        this.okta = (await this.configurationService.getDirectory<OktaConfiguration>(
-            DirectoryType.Okta)) || this.okta;
-        this.sync = (await this.configurationService.getSync()) || this.sync;
+    this.azure =
+      (await this.stateService.getDirectory<AzureConfiguration>(
+        DirectoryType.AzureActiveDirectory
+      )) || this.azure;
+    this.okta =
+      (await this.stateService.getDirectory<OktaConfiguration>(DirectoryType.Okta)) || this.okta;
+    this.oneLogin =
+      (await this.stateService.getDirectory<OneLoginConfiguration>(DirectoryType.OneLogin)) ||
+      this.oneLogin;
+    this.sync = (await this.stateService.getSync()) || this.sync;
  }

  private async saveConfig() {
    ConnectorUtils.adjustConfigForSave(this.ldap, this.sync);
-        await this.configurationService.saveDirectoryType(this.directory);
-        await this.configurationService.saveDirectory(DirectoryType.Ldap, this.ldap);
-        await this.configurationService.saveDirectory(DirectoryType.GSuite, this.gsuite);
-        await this.configurationService.saveDirectory(DirectoryType.AzureActiveDirectory, this.azure);
-        await this.configurationService.saveDirectory(DirectoryType.Okta, this.okta);
-        await this.configurationService.saveSync(this.sync);
+    await this.stateService.setDirectoryType(this.directory);
+    await this.stateService.setDirectory(DirectoryType.Ldap, this.ldap);
+    await this.stateService.setDirectory(DirectoryType.GSuite, this.gsuite);
+    await this.stateService.setDirectory(DirectoryType.AzureActiveDirectory, this.azure);
+    await this.stateService.setDirectory(DirectoryType.Okta, this.okta);
+    await this.stateService.setDirectory(DirectoryType.OneLogin, this.oneLogin);
+    await this.stateService.setSync(this.sync);
  }
 }
--- a/src/commands/lastSync.command.ts
+++ b/src/commands/lastSync.command.ts
@@ -1,26 +1,28 @@
-import * as program from 'commander';
+import * as program from "commander";

-import { ConfigurationService } from '../services/configuration.service';
+import { StateService } from "../abstractions/state.service";

-import { Response } from 'jslib/cli/models/response';
-import { StringResponse } from 'jslib/cli/models/response/stringResponse';
+import { Response } from "jslib-node/cli/models/response";
+import { StringResponse } from "jslib-node/cli/models/response/stringResponse";

 export class LastSyncCommand {
-    constructor(private configurationService: ConfigurationService) { }
+  constructor(private stateService: StateService) {}

-    async run(object: string, cmd: program.Command): Promise<Response> {
+  async run(object: string): Promise<Response> {
    try {
      switch (object.toLowerCase()) {
-                case 'groups':
-                    const groupsDate = await this.configurationService.getLastGroupSyncDate();
-                    const groupsRes = new StringResponse(groupsDate == null ? null : groupsDate.toISOString());
+        case "groups":
+          const groupsDate = await this.stateService.getLastGroupSync();
+          const groupsRes = new StringResponse(
+            groupsDate == null ? null : groupsDate.toISOString()
+          );
          return Response.success(groupsRes);
-                case 'users':
-                    const usersDate = await this.configurationService.getLastUserSyncDate();
+        case "users":
+          const usersDate = await this.stateService.getLastUserSync();
          const usersRes = new StringResponse(usersDate == null ? null : usersDate.toISOString());
          return Response.success(usersRes);
        default:
-                    return Response.badRequest('Unknown object.');
+          return Response.badRequest("Unknown object.");
      }
    } catch (e) {
      return Response.error(e);
--- a/src/commands/sync.command.ts
+++ b/src/commands/sync.command.ts
@@ -1,22 +1,22 @@
-import * as program from 'commander';
+import { I18nService } from "jslib-common/abstractions/i18n.service";

-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { SyncService } from "../services/sync.service";

-import { SyncService } from '../services/sync.service';
-
-import { Response } from 'jslib/cli/models/response';
-import { MessageResponse } from 'jslib/cli/models/response/messageResponse';
+import { Response } from "jslib-node/cli/models/response";
+import { MessageResponse } from "jslib-node/cli/models/response/messageResponse";

 export class SyncCommand {
-    constructor(private syncService: SyncService, private i18nService: I18nService) { }
+  constructor(private syncService: SyncService, private i18nService: I18nService) {}

-    async run(cmd: program.Command): Promise<Response> {
+  async run(): Promise<Response> {
    try {
      const result = await this.syncService.sync(false, false);
      const groupCount = result[0] != null ? result[0].length : 0;
      const userCount = result[1] != null ? result[1].length : 0;
-            const res = new MessageResponse(this.i18nService.t('syncingComplete'),
-                this.i18nService.t('syncCounts', groupCount.toString(), userCount.toString()));
+      const res = new MessageResponse(
+        this.i18nService.t("syncingComplete"),
+        this.i18nService.t("syncCounts", groupCount.toString(), userCount.toString())
+      );
      return Response.success(res);
    } catch (e) {
      return Response.error(e);
--- a/src/commands/test.command.ts
+++ b/src/commands/test.command.ts
@@ -1,20 +1,24 @@
-import * as program from 'commander';
+import * as program from "commander";

-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { I18nService } from "jslib-common/abstractions/i18n.service";

-import { SyncService } from '../services/sync.service';
+import { SyncService } from "../services/sync.service";

-import { ConnectorUtils } from '../utils';
+import { ConnectorUtils } from "../utils";

-import { Response } from 'jslib/cli/models/response';
-import { TestResponse } from '../models/response/testResponse';
+import { Response } from "jslib-node/cli/models/response";
+import { TestResponse } from "../models/response/testResponse";

 export class TestCommand {
-    constructor(private syncService: SyncService, private i18nService: I18nService) { }
+  constructor(private syncService: SyncService, private i18nService: I18nService) {}

-    async run(cmd: program.Command): Promise<Response> {
+  async run(cmd: program.OptionValues): Promise<Response> {
    try {
-            const result = await ConnectorUtils.simulate(this.syncService, this.i18nService, cmd.last || false);
+      const result = await ConnectorUtils.simulate(
+        this.syncService,
+        this.i18nService,
+        cmd.last || false
+      );
      const res = new TestResponse(result);
      return Response.success(res);
    } catch (e) {
--- a/src/enums/directoryType.ts
+++ b/src/enums/directoryType.ts
@@ -3,4 +3,5 @@ export enum DirectoryType {
  AzureActiveDirectory = 1,
  GSuite = 2,
  Okta = 3,
+  OneLogin = 4,
 }
--- a/src/global.d.ts
+++ b/src/global.d.ts
@@ -1,3 +1,3 @@
 declare function escape(s: string): string;
 declare function unescape(s: string): string;
-declare module 'duo_web_sdk';
+declare module "duo_web_sdk";
--- a/src/index.html
+++ b/src/index.html
@@ -1,16 +1,19 @@
 <!DOCTYPE html>
 <html>
-<head>
-    <meta charset="UTF-8">
-    <meta http-equiv="Content-Security-Policy" content="default-src 'self'; style-src 'self' 'unsafe-inline';
-        img-src 'self' data: *; child-src *; frame-src *; connect-src *;">
-    <meta name="viewport" content="width=device-width, initial-scale=1">
+  <head>
+    <meta charset="UTF-8" />
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="default-src 'self'; style-src 'self' 'unsafe-inline';
+        img-src 'self' data: *; child-src *; frame-src *; connect-src *;"
+    />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
    <title>Bitwarden Directory Connector</title>
-    <base href="">
-</head>
-<body>
+    <base href="" />
+  </head>
+  <body>
    <app-root>
-        <div id="loading"><i class="fa fa-spinner fa-spin fa-3x"></i></div>
+      <div id="loading"><i class="bwi bwi-spinner bwi-spin bwi-3x"></i></div>
    </app-root>
-</body>
+  </body>
 </html>
--- a/src/locales/en/messages.json
+++ b/src/locales/en/messages.json
@@ -20,12 +20,30 @@
    "emailRequired": {
        "message": "Email address is required."
    },
+    "clientIdRequired": {
+        "message": "Client Id is required."
+    },
+    "invalidClientId": {
+        "message": "Invalid Client Id provided."
+    },
+    "clientSecretRequired": {
+        "message": "Client Secret is required."
+    },
+    "orgApiKeyRequired": {
+        "message": "Api Key must belong to an Organization"
+    },
+    "failedToSaveCredentials": {
+        "message": "Failed to save credentials"
+    },
    "invalidEmail": {
        "message": "Invalid email address."
    },
    "masterPassRequired": {
        "message": "Master password is required."
    },
+    "missingRequiredInput": {
+        "message": "Missing required input."
+    },
    "unexpectedError": {
        "message": "An unexpected error has occurred."
    },
@@ -140,6 +158,9 @@
    "baseUrl": {
        "message": "Server URL"
    },
+    "webVaultUrl": {
+        "message": "Web Vault Server URL"
+    },
    "apiUrl": {
        "message": "API Server URL"
    },
@@ -333,6 +354,9 @@
    "rootPath": {
        "message": "Root Path"
    },
+    "identityAuthority": {
+        "message": "Identity Authority"
+    },
    "tenant": {
        "message": "Tenant"
    },
@@ -399,6 +423,12 @@
    "groupFilter": {
        "message": "Group Filter"
    },
+    "syncGroupsOneLogin": {
+        "message": "Sync roles"
+    },
+    "groupFilterOneLogin": {
+        "message": "Role Filter"
+    },
    "groupObjectClass": {
        "message": "Group Object Class"
    },
@@ -414,8 +444,33 @@
    "sync": {
        "message": "Sync"
    },
+    "duplicateEmails": {
+        "message": "Emails must be unique. Multiple entries pulled with the following emails:",
+        "desription": "Error message displayed when duplicate email addresses are synced. Followed by a list of duplicate emails."
+    },
+    "andMore": {
+        "message": "and $NUMBER$ more...",
+        "placeholders": {
+            "NUMBER": {
+                "content": "$1",
+                "example": "10"
+            }
+        }
+    },
+    "ldapEncrypted": {
+        "message": "This server uses an encrypted connection"
+    },
+    "ldapTls": {
+        "message": "Use TLS (STARTTLS)"
+    },
+    "ldapTlsCa": {
+        "message": "Certificate CA Chain (PEM)"
+    },
    "ldapSsl": {
-        "message": "This server uses SSL (LDAPS)"
+        "message": "Use SSL (LDAPS)"
+    },
+    "ldapTlsUntrustedDesc": {
+        "message": "If your LDAP server uses a self-signed certificate for STARTTLS, you can configure certificate options below."
    },
    "ldapSslUntrustedDesc": {
        "message": "If your LDAPS server uses an untrusted certificate you can configure certificate options below."
@@ -429,12 +484,15 @@
    "ldapSslKey": {
        "message": "Certificate Private Key (PEM)"
    },
-    "ldapSslAllowUnauthorized": {
-        "message": "Allow untrusted SSL connections (not recommended)."
+    "ldapCertDoNotVerify": {
+        "message": "Do not verify server certificates (not recommended)."
    },
    "ldapAd": {
        "message": "This server uses Active Directory"
    },
+    "ldapPagedResults": {
+        "message": "This server pages search results"
+    },
    "select": {
        "message": "Select"
    },
@@ -551,7 +609,7 @@
        "message": "Welcome to the Bitwarden Directory Connector"
    },
    "logInDesc": {
-        "message": "Log in as an organization admin user below."
+        "message": "Log in with an organization API key below."
    },
    "dirConfigIncomplete": {
        "message": "Directory configuration incomplete."
@@ -585,7 +643,127 @@
            }
        }
    },
+    "largeImport": {
+        "message": "More than 2000 users or groups are expected to sync."
+    },
    "overwriteExisting": {
        "message": "Overwrite existing organization users based on current sync settings."
+    },
+    "clientId": {
+        "message": "Client ID"
+    },
+    "clientSecret": {
+        "message": "Client Secret"
+    },
+    "region": {
+        "message": "Region"
+    },
+    "enterpriseSingleSignOn": {
+        "message": "Enterprise Single Sign-On"
+    },
+    "setMasterPassword": {
+        "message": "Set Master Password"
+    },
+    "ssoCompleteRegistration": {
+        "message": "In order to complete logging in with SSO, please set a master password to access and protect your vault."
+    },
+    "newMasterPass": {
+        "message": "New Master Password"
+    },
+    "confirmNewMasterPass": {
+        "message": "Confirm New Master Password"
+    },
+    "masterPasswordPolicyInEffect": {
+        "message": "One or more organization policies require your master password to meet the following requirements:"
+    },
+    "policyInEffectMinComplexity": {
+        "message": "Minimum complexity score of $SCORE$",
+        "placeholders": {
+            "score": {
+                "content": "$1",
+                "example": "4"
+            }
+        }
+    },
+    "policyInEffectMinLength": {
+        "message": "Minimum length of $LENGTH$",
+        "placeholders": {
+            "length": {
+                "content": "$1",
+                "example": "14"
+            }
+        }
+    },
+    "policyInEffectUppercase": {
+        "message": "Contain one or more uppercase characters"
+    },
+    "policyInEffectLowercase": {
+        "message": "Contain one or more lowercase characters"
+    },
+    "policyInEffectNumbers": {
+        "message": "Contain one or more numbers"
+    },
+    "policyInEffectSpecial": {
+        "message": "Contain one or more of the following special characters $CHARS$",
+        "placeholders": {
+            "chars": {
+                "content": "$1",
+                "example": "!@#$%^&*"
+            }
+        }
+    },
+    "masterPassDesc": {
+        "message": "The master password is the password you use to access your vault. It is very important that you do not forget your master password. There is no way to recover the password in the event that you forget it."
+    },
+    "reTypeMasterPass": {
+        "message": "Re-type Master Password"
+    },
+    "masterPassHint": {
+        "message": "Master Password Hint (optional)"
+    },
+    "masterPassHintDesc": {
+        "message": "A master password hint can help you remember your password if you forget it."
+    },
+    "strong": {
+        "message": "Strong",
+        "description": "ex. A strong password. Scale: Weak -> Good -> Strong"
+    },
+    "good": {
+        "message": "Good",
+        "description": "ex. A good password. Scale: Weak -> Good -> Strong"
+    },
+    "weak": {
+        "message": "Weak",
+        "description": "ex. A weak password. Scale: Weak -> Good -> Strong"
+    },
+    "weakMasterPassword": {
+        "message": "Weak Master Password"
+    },
+    "weakMasterPasswordDesc": {
+        "message": "The master password you have chosen is weak. You should use a strong master password (or a passphrase) to properly protect your Bitwarden account. Are you sure you want to use this master password?"
+    },
+    "errorOccurred": {
+        "message": "An error has occurred."
+    },
+    "error": {
+        "message": "Error"
+    },
+    "masterPassLength": {
+        "message": "Master password must be at least 8 characters long."
+    },
+    "masterPassDoesntMatch": {
+        "message": "Master password confirmation does not match."
+    },
+    "masterPasswordPolicyRequirementsNotMet": {
+        "message": "Your new master password does not meet the policy requirements."
+    },
+    "loading": {
+        "message": "Loading"
+    },
+    "setMasterPasswordRedirect": {
+        "message": "In order to log in with SSO from the Directory Connector, you must first log in through the web vault to set your master password."
+    },
+    "launchWebVault": {
+        "message": "Launch Web Vault"
    }
 }
--- a/src/main.ts
+++ b/src/main.ts
@@ -1,17 +1,25 @@
-import { app } from 'electron';
-import * as path from 'path';
+import { app } from "electron";
+import * as path from "path";

-import { MenuMain } from './main/menu.main';
-import { MessagingMain } from './main/messaging.main';
-import { I18nService } from './services/i18n.service';
+import { MenuMain } from "./main/menu.main";
+import { MessagingMain } from "./main/messaging.main";
+import { I18nService } from "./services/i18n.service";

-import { KeytarStorageListener } from 'jslib/electron/keytarStorageListener';
-import { ElectronLogService } from 'jslib/electron/services/electronLog.service';
-import { ElectronMainMessagingService } from 'jslib/electron/services/electronMainMessaging.service';
-import { ElectronStorageService } from 'jslib/electron/services/electronStorage.service';
-import { TrayMain } from 'jslib/electron/tray.main';
-import { UpdaterMain } from 'jslib/electron/updater.main';
-import { WindowMain } from 'jslib/electron/window.main';
+import { KeytarStorageListener } from "jslib-electron/keytarStorageListener";
+import { ElectronLogService } from "jslib-electron/services/electronLog.service";
+import { ElectronMainMessagingService } from "jslib-electron/services/electronMainMessaging.service";
+import { ElectronStorageService } from "jslib-electron/services/electronStorage.service";
+import { TrayMain } from "jslib-electron/tray.main";
+import { UpdaterMain } from "jslib-electron/updater.main";
+import { WindowMain } from "jslib-electron/window.main";
+
+import { StateService } from "./services/state.service";
+
+import { Account } from "./models/account";
+
+import { StateFactory } from "jslib-common/factories/stateFactory";
+
+import { GlobalState } from "jslib-common/models/domain/globalState";

 export class Main {
  logService: ElectronLogService;
@@ -19,6 +27,7 @@ export class Main {
  storageService: ElectronStorageService;
  messagingService: ElectronMainMessagingService;
  keytarStorageListener: KeytarStorageListener;
+  stateService: StateService;

  windowMain: WindowMain;
  messagingMain: MessagingMain;
@@ -31,56 +40,114 @@ export class Main {
    let appDataPath = null;
    if (process.env.BITWARDEN_CONNECTOR_APPDATA_DIR != null) {
      appDataPath = process.env.BITWARDEN_CONNECTOR_APPDATA_DIR;
-        } else if (process.platform === 'win32' && process.env.PORTABLE_EXECUTABLE_DIR != null) {
-            appDataPath = path.join(process.env.PORTABLE_EXECUTABLE_DIR, 'bitwarden-connector-appdata');
+    } else if (process.platform === "win32" && process.env.PORTABLE_EXECUTABLE_DIR != null) {
+      appDataPath = path.join(process.env.PORTABLE_EXECUTABLE_DIR, "bitwarden-connector-appdata");
    }

    if (appDataPath != null) {
-            app.setPath('userData', appDataPath);
+      app.setPath("userData", appDataPath);
    }
-        app.setPath('logs', path.join(app.getPath('userData'), 'logs'));
+    app.setPath("logs", path.join(app.getPath("userData"), "logs"));

    const args = process.argv.slice(1);
-        const watch = args.some((val) => val === '--watch');
+    const watch = args.some((val) => val === "--watch");

    if (watch) {
      // tslint:disable-next-line
-            require('electron-reload')(__dirname, {});
+      require("electron-reload")(__dirname, {});
    }

-        this.logService = new ElectronLogService(null, app.getPath('userData'));
-        this.i18nService = new I18nService('en', './locales/');
-        this.storageService = new ElectronStorageService(app.getPath('userData'));
+    this.logService = new ElectronLogService(null, app.getPath("userData"));
+    this.i18nService = new I18nService("en", "./locales/");
+    this.storageService = new ElectronStorageService(app.getPath("userData"));
+    this.stateService = new StateService(
+      this.storageService,
+      null,
+      this.logService,
+      null,
+      true,
+      new StateFactory(GlobalState, Account)
+    );
+
+    this.windowMain = new WindowMain(
+      this.stateService,
+      this.logService,
+      false,
+      800,
+      600,
+      (arg) => this.processDeepLink(arg),
+      null
+    );

-        this.windowMain = new WindowMain(this.storageService, false, 800, 600);
    this.menuMain = new MenuMain(this);
-        this.updaterMain = new UpdaterMain(this.i18nService, this.windowMain, 'directory-connector', () => {
-            this.messagingService.send('checkingForUpdate');
-        }, () => {
-            this.messagingService.send('doneCheckingForUpdate');
-        }, () => {
-            this.messagingService.send('doneCheckingForUpdate');
-        }, 'bitwardenDirectoryConnector');
-        this.trayMain = new TrayMain(this.windowMain, this.i18nService, this.storageService);
-        this.messagingMain = new MessagingMain(this.windowMain, this.menuMain, this.updaterMain, this.trayMain);
+    this.updaterMain = new UpdaterMain(
+      this.i18nService,
+      this.windowMain,
+      "directory-connector",
+      () => {
+        this.messagingService.send("checkingForUpdate");
+      },
+      () => {
+        this.messagingService.send("doneCheckingForUpdate");
+      },
+      () => {
+        this.messagingService.send("doneCheckingForUpdate");
+      },
+      "bitwardenDirectoryConnector"
+    );
+
+    this.trayMain = new TrayMain(this.windowMain, this.i18nService, this.stateService);
+
+    this.messagingMain = new MessagingMain(
+      this.windowMain,
+      this.menuMain,
+      this.updaterMain,
+      this.trayMain
+    );
    this.messagingService = new ElectronMainMessagingService(this.windowMain, (message) => {
      this.messagingMain.onMessage(message);
    });

-        this.keytarStorageListener = new KeytarStorageListener('Bitwarden Directory Connector');
+    this.keytarStorageListener = new KeytarStorageListener("Bitwarden Directory Connector", null);
  }

  bootstrap() {
    this.keytarStorageListener.init();
-        this.windowMain.init().then(async () => {
+    this.windowMain.init().then(
+      async () => {
        await this.i18nService.init(app.getLocale());
        this.menuMain.init();
        this.messagingMain.init();
        await this.updaterMain.init();
-            await this.trayMain.init(this.i18nService.t('bitwardenDirectoryConnector'));
-        }, (e: any) => {
+        await this.trayMain.init(this.i18nService.t("bitwardenDirectoryConnector"));
+
+        if (!app.isDefaultProtocolClient("bwdc")) {
+          app.setAsDefaultProtocolClient("bwdc");
+        }
+
+        // Process protocol for macOS
+        app.on("open-url", (event, url) => {
+          event.preventDefault();
+          this.processDeepLink([url]);
+        });
+      },
+      (e: any) => {
        // tslint:disable-next-line
        console.error(e);
+      }
+    );
+  }
+
+  private processDeepLink(argv: string[]): void {
+    argv
+      .filter((s) => s.indexOf("bwdc://") === 0)
+      .forEach((s) => {
+        const url = new URL(s);
+        const code = url.searchParams.get("code");
+        const receivedState = url.searchParams.get("state");
+        if (code != null && receivedState != null) {
+          this.messagingService.send("ssoCallback", { code: code, state: receivedState });
+        }
      });
  }
 }
--- a/src/main/menu.main.ts
+++ b/src/main/menu.main.ts
@@ -1,12 +1,8 @@
-import {
-    Menu,
-    MenuItem,
-    MenuItemConstructorOptions,
-} from 'electron';
+import { Menu, MenuItem, MenuItemConstructorOptions } from "electron";

-import { Main } from '../main';
+import { Main } from "../main";

-import { BaseMenu } from 'jslib/electron/baseMenu';
+import { BaseMenu } from "jslib-electron/baseMenu";

 export class MenuMain extends BaseMenu {
  menu: Menu;
@@ -25,22 +21,22 @@ export class MenuMain extends BaseMenu {
    const template: MenuItemConstructorOptions[] = [
      this.editMenuItemOptions,
      {
-                label: this.i18nService.t('view'),
+        label: this.i18nService.t("view"),
        submenu: this.viewSubMenuItemOptions,
      },
      this.windowMenuItemOptions,
    ];

-        if (process.platform === 'darwin') {
+    if (process.platform === "darwin") {
      const firstMenuPart: MenuItemConstructorOptions[] = [
        {
-                    label: this.i18nService.t('aboutBitwarden'),
-                    role: 'about',
+          label: this.i18nService.t("aboutBitwarden"),
+          role: "about",
        },
      ];

      template.unshift({
-                label: this.main.i18nService.t('bitwardenDirectoryConnector'),
+        label: this.main.i18nService.t("bitwardenDirectoryConnector"),
        submenu: firstMenuPart.concat(this.macAppMenuItemOptions),
      });

@@ -48,19 +44,24 @@ export class MenuMain extends BaseMenu {
      template[template.length - 1].submenu = this.macWindowSubmenuOptions;
    }

-        (template[template.length - 1].submenu as MenuItemConstructorOptions[]).splice(1, 0,
+    (template[template.length - 1].submenu as MenuItemConstructorOptions[]).splice(
+      1,
+      0,
      {
-                label: this.main.i18nService.t(process.platform === 'darwin' ? 'hideToMenuBar' : 'hideToTray'),
-                click: () => this.main.messagingService.send('hideToTray'),
-                accelerator: 'CmdOrCtrl+Shift+M',
+        label: this.main.i18nService.t(
+          process.platform === "darwin" ? "hideToMenuBar" : "hideToTray"
+        ),
+        click: () => this.main.messagingService.send("hideToTray"),
+        accelerator: "CmdOrCtrl+Shift+M",
      },
      {
-                type: 'checkbox',
-                label: this.main.i18nService.t('alwaysOnTop'),
+        type: "checkbox",
+        label: this.main.i18nService.t("alwaysOnTop"),
        checked: this.windowMain.win.isAlwaysOnTop(),
        click: () => this.main.windowMain.toggleAlwaysOnTop(),
-                accelerator: 'CmdOrCtrl+Shift+T',
-            });
+        accelerator: "CmdOrCtrl+Shift+T",
+      }
+    );

    this.menu = Menu.buildFromTemplate(template);
    Menu.setApplicationMenu(this.menu);
--- a/src/main/messaging.main.ts
+++ b/src/main/messaging.main.ts
@@ -1,43 +1,44 @@
-import {
-    app,
-    ipcMain,
-} from 'electron';
+import { app, ipcMain } from "electron";

-import { TrayMain } from 'jslib/electron/tray.main';
-import { UpdaterMain } from 'jslib/electron/updater.main';
-import { WindowMain } from 'jslib/electron/window.main';
+import { TrayMain } from "jslib-electron/tray.main";
+import { UpdaterMain } from "jslib-electron/updater.main";
+import { WindowMain } from "jslib-electron/window.main";

-import { MenuMain } from './menu.main';
+import { MenuMain } from "./menu.main";

 const SyncCheckInterval = 60 * 1000; // 1 minute

 export class MessagingMain {
  private syncTimeout: NodeJS.Timer;

-    constructor(private windowMain: WindowMain, private menuMain: MenuMain,
-        private updaterMain: UpdaterMain, private trayMain: TrayMain) { }
+  constructor(
+    private windowMain: WindowMain,
+    private menuMain: MenuMain,
+    private updaterMain: UpdaterMain,
+    private trayMain: TrayMain
+  ) {}

  init() {
-        ipcMain.on('messagingService', async (event: any, message: any) => this.onMessage(message));
+    ipcMain.on("messagingService", async (event: any, message: any) => this.onMessage(message));
  }

  onMessage(message: any) {
    switch (message.command) {
-            case 'checkForUpdate':
+      case "checkForUpdate":
        this.updaterMain.checkForUpdate(true);
        break;
-            case 'scheduleNextDirSync':
+      case "scheduleNextDirSync":
        this.scheduleNextSync();
        break;
-            case 'cancelDirSync':
-                this.windowMain.win.webContents.send('messagingService', {
-                    command: 'syncScheduleStopped',
+      case "cancelDirSync":
+        this.windowMain.win.webContents.send("messagingService", {
+          command: "syncScheduleStopped",
        });
        if (this.syncTimeout) {
          global.clearTimeout(this.syncTimeout);
        }
        break;
-            case 'hideToTray':
+      case "hideToTray":
        this.trayMain.hideToTray();
        break;
      default:
@@ -46,8 +47,8 @@ export class MessagingMain {
  }

  private scheduleNextSync() {
-        this.windowMain.win.webContents.send('messagingService', {
-            command: 'syncScheduleStarted',
+    this.windowMain.win.webContents.send("messagingService", {
+      command: "syncScheduleStarted",
    });

    if (this.syncTimeout) {
@@ -59,8 +60,8 @@ export class MessagingMain {
        return;
      }

-            this.windowMain.win.webContents.send('messagingService', {
-                command: 'checkDirSync',
+      this.windowMain.win.webContents.send("messagingService", {
+        command: "checkDirSync",
      });
    }, SyncCheckInterval);
  }
--- a/src/models/IConfiguration.ts
+++ b/src/models/IConfiguration.ts
@@ -0,0 +1,2 @@
+// tslint:disable-next-line
+export interface IConfiguration {}
--- a/src/models/account.ts
+++ b/src/models/account.ts
@@ -0,0 +1,47 @@
+import { Account as BaseAccount } from "jslib-common/models/domain/account";
+
+import { DirectoryType } from "src/enums/directoryType";
+
+import { AzureConfiguration } from "./azureConfiguration";
+import { GSuiteConfiguration } from "./gsuiteConfiguration";
+import { LdapConfiguration } from "./ldapConfiguration";
+import { OktaConfiguration } from "./oktaConfiguration";
+import { OneLoginConfiguration } from "./oneLoginConfiguration";
+import { SyncConfiguration } from "./syncConfiguration";
+
+export class Account extends BaseAccount {
+  directoryConfigurations?: DirectoryConfigurations = new DirectoryConfigurations();
+  directorySettings: DirectorySettings = new DirectorySettings();
+  clientKeys: ClientKeys = new ClientKeys();
+
+  constructor(init: Partial<Account>) {
+    super(init);
+    this.directoryConfigurations = init?.directoryConfigurations ?? new DirectoryConfigurations();
+    this.directorySettings = init?.directorySettings ?? new DirectorySettings();
+  }
+}
+
+export class ClientKeys {
+  clientId: string;
+  clientSecret: string;
+}
+
+export class DirectoryConfigurations {
+  ldap: LdapConfiguration;
+  gsuite: GSuiteConfiguration;
+  azure: AzureConfiguration;
+  okta: OktaConfiguration;
+  oneLogin: OneLoginConfiguration;
+}
+
+export class DirectorySettings {
+  organizationId?: string;
+  sync?: SyncConfiguration;
+  directoryType?: DirectoryType;
+  userDelta?: string;
+  groupDelta?: string;
+  lastUserSync?: Date;
+  lastGroupSync?: Date;
+  lastSyncHash?: string;
+  syncingDir?: boolean;
+}
--- a/src/models/azureConfiguration.ts
+++ b/src/models/azureConfiguration.ts
@@ -1,4 +1,7 @@
-export class AzureConfiguration {
+import { IConfiguration } from "./IConfiguration";
+
+export class AzureConfiguration implements IConfiguration {
+  identityAuthority: string;
  tenant: string;
  applicationId: string;
  key: string;
--- a/src/models/groupEntry.ts
+++ b/src/models/groupEntry.ts
@@ -1,4 +1,4 @@
-import { Entry } from './entry';
+import { Entry } from "./entry";

 export class GroupEntry extends Entry {
  name: string;
--- a/src/models/gsuiteConfiguration.ts
+++ b/src/models/gsuiteConfiguration.ts
@@ -1,4 +1,6 @@
-export class GSuiteConfiguration {
+import { IConfiguration } from "./IConfiguration";
+
+export class GSuiteConfiguration implements IConfiguration {
  clientEmail: string;
  privateKey: string;
  domain: string;
--- a/src/models/ldapConfiguration.ts
+++ b/src/models/ldapConfiguration.ts
@@ -1,5 +1,9 @@
-export class LdapConfiguration {
+import { IConfiguration } from "./IConfiguration";
+
+export class LdapConfiguration implements IConfiguration {
  ssl = false;
+  startTls = false;
+  tlsCaPath: string;
  sslAllowUnauthorized = false;
  sslCertPath: string;
  sslKeyPath: string;
@@ -12,4 +16,5 @@ export class LdapConfiguration {
  username: string;
  password: string;
  ad = true;
+  pagedSearch = true;
 }
--- a/src/models/oktaConfiguration.ts
+++ b/src/models/oktaConfiguration.ts
@@ -1,4 +1,6 @@
-export class OktaConfiguration {
+import { IConfiguration } from "./IConfiguration";
+
+export class OktaConfiguration implements IConfiguration {
  orgUrl: string;
  token: string;
 }
--- a/src/models/oneLoginConfiguration.ts
+++ b/src/models/oneLoginConfiguration.ts
@@ -0,0 +1,7 @@
+import { IConfiguration } from "./IConfiguration";
+
+export class OneLoginConfiguration implements IConfiguration {
+  clientId: string;
+  clientSecret: string;
+  region = "us";
+}
--- a/src/models/response/groupResponse.ts
+++ b/src/models/response/groupResponse.ts
@@ -1,4 +1,4 @@
-import { GroupEntry } from '../groupEntry';
+import { GroupEntry } from "../groupEntry";

 export class GroupResponse {
  externalId: string;
--- a/src/models/response/testResponse.ts
+++ b/src/models/response/testResponse.ts
@@ -1,9 +1,9 @@
-import { GroupResponse } from './groupResponse';
-import { UserResponse } from './userResponse';
+import { GroupResponse } from "./groupResponse";
+import { UserResponse } from "./userResponse";

-import { SimResult } from '../simResult';
+import { SimResult } from "../simResult";

-import { BaseResponse } from 'jslib/cli/models/response/baseResponse';
+import { BaseResponse } from "jslib-node/cli/models/response/baseResponse";

 export class TestResponse implements BaseResponse {
  object: string;
@@ -13,10 +13,13 @@ export class TestResponse implements BaseResponse {
  deletedUsers: UserResponse[] = [];

  constructor(result: SimResult) {
-        this.object = 'test';
+    this.object = "test";
    this.groups = result.groups != null ? result.groups.map((g) => new GroupResponse(g)) : [];
-        this.enabledUsers = result.enabledUsers != null ? result.enabledUsers.map((u) => new UserResponse(u)) : [];
-        this.disabledUsers = result.disabledUsers != null ? result.disabledUsers.map((u) => new UserResponse(u)) : [];
-        this.deletedUsers = result.deletedUsers != null ? result.deletedUsers.map((u) => new UserResponse(u)) : [];
+    this.enabledUsers =
+      result.enabledUsers != null ? result.enabledUsers.map((u) => new UserResponse(u)) : [];
+    this.disabledUsers =
+      result.disabledUsers != null ? result.disabledUsers.map((u) => new UserResponse(u)) : [];
+    this.deletedUsers =
+      result.deletedUsers != null ? result.deletedUsers.map((u) => new UserResponse(u)) : [];
  }
 }
--- a/src/models/response/userResponse.ts
+++ b/src/models/response/userResponse.ts
@@ -1,4 +1,4 @@
-import { UserEntry } from '../userEntry';
+import { UserEntry } from "../userEntry";

 export class UserResponse {
  externalId: string;
--- a/src/models/simResult.ts
+++ b/src/models/simResult.ts
@@ -1,5 +1,5 @@
-import { GroupEntry } from './groupEntry';
-import { UserEntry } from './userEntry';
+import { GroupEntry } from "./groupEntry";
+import { UserEntry } from "./userEntry";

 export class SimResult {
  groups: GroupEntry[] = [];
--- a/src/models/syncConfiguration.ts
+++ b/src/models/syncConfiguration.ts
@@ -6,6 +6,7 @@ export class SyncConfiguration {
  groupFilter: string;
  removeDisabled = false;
  overwriteExisting = false;
+  largeImport = false;
  // Ldap properties
  groupObjectClass: string;
  userObjectClass: string;
--- a/src/models/userEntry.ts
+++ b/src/models/userEntry.ts
@@ -1,4 +1,4 @@
-import { Entry } from './entry';
+import { Entry } from "./entry";

 export class UserEntry extends Entry {
  email: string;
--- a/src/package-lock.json
+++ b/src/package-lock.json
--- a/src/package.json
+++ b/src/package.json
@@ -1,9 +1,9 @@
 {
-  "name": "bitwarden-directory-connector",
+  "name": "@bitwarden/directory-connector",
  "productName": "Bitwarden Directory Connector",
  "description": "Sync your user directory to your Bitwarden organization.",
-  "version": "2.6.1",
-  "author": "8bit Solutions LLC <hello@bitwarden.com> (https://bitwarden.com)",
+  "version": "2.9.10",
+  "author": "Bitwarden Inc. <hello@bitwarden.com> (https://bitwarden.com)",
  "homepage": "https://bitwarden.com",
  "license": "GPL-3.0",
  "main": "main.js",
@@ -12,9 +12,11 @@
    "url": "https://github.com/bitwarden/directory-connector"
  },
  "dependencies": {
-    "electron-log": "2.2.17",
-    "electron-store": "1.3.0",
-    "electron-updater": "4.0.6",
-    "keytar": "4.4.1"
+    "browser-hrtime": "^1.1.8",
+    "electron-log": "4.4.1",
+    "electron-store": "8.0.1",
+    "electron-updater": "4.6.1",
+    "keytar": "7.7.0",
+    "rxjs": "^7.4.0"
  }
 }
--- a/src/program.ts
+++ b/src/program.ts
@@ -1,265 +1,321 @@
-import * as chk from 'chalk';
-import * as program from 'commander';
-import * as path from 'path';
+import * as chalk from "chalk";
+import * as program from "commander";
+import * as path from "path";

-import { Main } from './bwdc';
+import { Main } from "./bwdc";

-import { ClearCacheCommand } from './commands/clearCache.command';
-import { ConfigCommand } from './commands/config.command';
-import { LastSyncCommand } from './commands/lastSync.command';
-import { SyncCommand } from './commands/sync.command';
-import { TestCommand } from './commands/test.command';
+import { ClearCacheCommand } from "./commands/clearCache.command";
+import { ConfigCommand } from "./commands/config.command";
+import { LastSyncCommand } from "./commands/lastSync.command";
+import { SyncCommand } from "./commands/sync.command";
+import { TestCommand } from "./commands/test.command";

-import { LoginCommand } from 'jslib/cli/commands/login.command';
-import { LogoutCommand } from 'jslib/cli/commands/logout.command';
-import { UpdateCommand } from 'jslib/cli/commands/update.command';
+import { LoginCommand } from "jslib-node/cli/commands/login.command";
+import { LogoutCommand } from "jslib-node/cli/commands/logout.command";
+import { UpdateCommand } from "jslib-node/cli/commands/update.command";

-import { BaseProgram } from 'jslib/cli/baseProgram';
+import { BaseProgram } from "jslib-node/cli/baseProgram";

-import { Response } from 'jslib/cli/models/response';
-import { StringResponse } from 'jslib/cli/models/response/stringResponse';
+import { Response } from "jslib-node/cli/models/response";
+import { StringResponse } from "jslib-node/cli/models/response/stringResponse";
+
+import { Utils } from "jslib-common/misc/utils";

-const chalk = chk.default;
 const writeLn = (s: string, finalLine: boolean = false, error: boolean = false) => {
  const stream = error ? process.stderr : process.stdout;
-    if (finalLine && process.platform === 'win32') {
+  if (finalLine && process.platform === "win32") {
    stream.write(s);
  } else {
-        stream.write(s + '\n');
+    stream.write(s + "\n");
  }
 };

 export class Program extends BaseProgram {
  constructor(private main: Main) {
-        super(main.userService, writeLn);
+    super(main.stateService, writeLn);
  }

-    run() {
+  async run() {
    program
-            .option('--pretty', 'Format output. JSON is tabbed with two spaces.')
-            .option('--raw', 'Return raw output instead of a descriptive message.')
-            .option('--response', 'Return a JSON formatted version of response output.')
-            .option('--quiet', 'Don\'t return anything to stdout.')
-            .version(this.main.platformUtilsService.getApplicationVersion(), '-v, --version');
+      .option("--pretty", "Format output. JSON is tabbed with two spaces.")
+      .option("--raw", "Return raw output instead of a descriptive message.")
+      .option("--response", "Return a JSON formatted version of response output.")
+      .option("--cleanexit", "Exit with a success exit code (0) unless an error is thrown.")
+      .option("--quiet", "Don't return anything to stdout.")
+      .option("--nointeraction", "Do not prompt for interactive user input.")
+      .version(await this.main.platformUtilsService.getApplicationVersion(), "-v, --version");

-        program.on('option:pretty', () => {
-            process.env.BW_PRETTY = 'true';
+    program.on("option:pretty", () => {
+      process.env.BW_PRETTY = "true";
    });

-        program.on('option:raw', () => {
-            process.env.BW_RAW = 'true';
+    program.on("option:raw", () => {
+      process.env.BW_RAW = "true";
    });

-        program.on('option:quiet', () => {
-            process.env.BW_QUIET = 'true';
+    program.on("option:quiet", () => {
+      process.env.BW_QUIET = "true";
    });

-        program.on('option:response', () => {
-            process.env.BW_RESPONSE = 'true';
+    program.on("option:response", () => {
+      process.env.BW_RESPONSE = "true";
    });

-        program.on('command:*', () => {
-            writeLn(chalk.redBright('Invalid command: ' + program.args.join(' ')), false, true);
-            writeLn('See --help for a list of available commands.', true, true);
+    program.on("option:cleanexit", () => {
+      process.env.BW_CLEANEXIT = "true";
+    });
+
+    program.on("option:nointeraction", () => {
+      process.env.BW_NOINTERACTION = "true";
+    });
+
+    program.on("command:*", () => {
+      writeLn(chalk.redBright("Invalid command: " + program.args.join(" ")), false, true);
+      writeLn("See --help for a list of available commands.", true, true);
      process.exitCode = 1;
    });

-        program.on('--help', () => {
-            writeLn('\n  Examples:');
-            writeLn('');
-            writeLn('    bwdc login');
-            writeLn('    bwdc test');
-            writeLn('    bwdc sync');
-            writeLn('    bwdc last-sync');
-            writeLn('    bwdc config server https://bw.company.com');
-            writeLn('    bwdc update');
-            writeLn('', true);
+    program.on("--help", () => {
+      writeLn("\n  Examples:");
+      writeLn("");
+      writeLn("    bwdc login");
+      writeLn("    bwdc test");
+      writeLn("    bwdc sync");
+      writeLn("    bwdc last-sync");
+      writeLn("    bwdc config server https://bw.company.com");
+      writeLn("    bwdc update");
+      writeLn("", true);
    });

    program
-            .command('login [email] [password]')
-            .description('Log into a user account.')
-            .option('--method <method>', 'Two-step login method.')
-            .option('--code <code>', 'Two-step login code.')
-            .on('--help', () => {
-                writeLn('\n  Notes:');
-                writeLn('');
-                writeLn('    See docs for valid `method` enum values.');
-                writeLn('');
-                writeLn('  Examples:');
-                writeLn('');
-                writeLn('    bw login');
-                writeLn('    bw login john@example.com myPassword321');
-                writeLn('    bw login john@example.com myPassword321 --method 1 --code 249213');
-                writeLn('', true);
+      .command("login [clientId] [clientSecret]")
+      .description("Log into an organization account.", {
+        clientId: "Client_id part of your organization's API key",
+        clientSecret: "Client_secret part of your organization's API key",
      })
-            .action(async (email: string, password: string, cmd: program.Command) => {
+      .action(async (clientId: string, clientSecret: string, options: program.OptionValues) => {
        await this.exitIfAuthed();
-                const command = new LoginCommand(this.main.authService, this.main.apiService, this.main.i18nService);
-                const response = await command.run(email, password, cmd);
+        const command = new LoginCommand(
+          this.main.authService,
+          this.main.apiService,
+          this.main.i18nService,
+          this.main.environmentService,
+          this.main.passwordGenerationService,
+          this.main.cryptoFunctionService,
+          this.main.platformUtilsService,
+          this.main.stateService,
+          this.main.cryptoService,
+          this.main.policyService,
+          "connector"
+        );
+
+        if (!Utils.isNullOrWhitespace(clientId)) {
+          process.env.BW_CLIENTID = clientId;
+        }
+        if (!Utils.isNullOrWhitespace(clientSecret)) {
+          process.env.BW_CLIENTSECRET = clientSecret;
+        }
+
+        options = Object.assign(options ?? {}, { apikey: true }); // force apikey use
+        const response = await command.run(null, null, options);
        this.processResponse(response);
      });

    program
-            .command('logout')
-            .description('Log out of the current user account.')
-            .on('--help', () => {
-                writeLn('\n  Examples:');
-                writeLn('');
-                writeLn('    bw logout');
-                writeLn('', true);
+      .command("logout")
+      .description("Log out of the current user account.")
+      .on("--help", () => {
+        writeLn("\n  Examples:");
+        writeLn("");
+        writeLn("    bwdc logout");
+        writeLn("", true);
      })
-            .action(async (cmd) => {
+      .action(async () => {
        await this.exitIfNotAuthed();
-                const command = new LogoutCommand(this.main.authService, this.main.i18nService,
-                    async () => await this.main.logout());
-                const response = await command.run(cmd);
+        const command = new LogoutCommand(
+          this.main.authService,
+          this.main.i18nService,
+          async () => await this.main.logout()
+        );
+        const response = await command.run();
        this.processResponse(response);
      });

    program
-            .command('test')
-            .description('Test a simulated sync.')
-            .option('-l, --last', 'Since the last successful sync.')
-            .on('--help', () => {
-                writeLn('\n  Examples:');
-                writeLn('');
-                writeLn('    bwdc test');
-                writeLn('    bwdc test --last');
-                writeLn('', true);
+      .command("test")
+      .description("Test a simulated sync.")
+      .option("-l, --last", "Since the last successful sync.")
+      .on("--help", () => {
+        writeLn("\n  Examples:");
+        writeLn("");
+        writeLn("    bwdc test");
+        writeLn("    bwdc test --last");
+        writeLn("", true);
      })
-            .action(async (cmd) => {
+      .action(async (options: program.OptionValues) => {
        await this.exitIfNotAuthed();
        const command = new TestCommand(this.main.syncService, this.main.i18nService);
-                const response = await command.run(cmd);
+        const response = await command.run(options);
        this.processResponse(response);
      });

    program
-            .command('sync')
-            .description('Sync the directory.')
-            .on('--help', () => {
-                writeLn('\n  Examples:');
-                writeLn('');
-                writeLn('    bwdc sync');
-                writeLn('', true);
+      .command("sync")
+      .description("Sync the directory.")
+      .on("--help", () => {
+        writeLn("\n  Examples:");
+        writeLn("");
+        writeLn("    bwdc sync");
+        writeLn("", true);
      })
-            .action(async (cmd) => {
+      .action(async () => {
        await this.exitIfNotAuthed();
        const command = new SyncCommand(this.main.syncService, this.main.i18nService);
-                const response = await command.run(cmd);
+        const response = await command.run();
        this.processResponse(response);
      });

    program
-            .command('last-sync <object>')
-            .description('Get the last successful sync date.')
-            .on('--help', () => {
-                writeLn('\n  Notes:');
-                writeLn('');
-                writeLn('    Returns empty response if no sync has been performed for the given object.');
-                writeLn('');
-                writeLn('  Examples:');
-                writeLn('');
-                writeLn('    bwdc last-sync groups');
-                writeLn('    bwdc last-sync users');
-                writeLn('', true);
+      .command("last-sync <object>")
+      .description("Get the last successful sync date.")
+      .on("--help", () => {
+        writeLn("\n  Notes:");
+        writeLn("");
+        writeLn("    Returns empty response if no sync has been performed for the given object.");
+        writeLn("");
+        writeLn("  Examples:");
+        writeLn("");
+        writeLn("    bwdc last-sync groups");
+        writeLn("    bwdc last-sync users");
+        writeLn("", true);
      })
-            .action(async (object: string, cmd: program.Command) => {
+      .action(async (object: string) => {
        await this.exitIfNotAuthed();
-                const command = new LastSyncCommand(this.main.configurationService);
-                const response = await command.run(object, cmd);
+        const command = new LastSyncCommand(this.main.stateService);
+        const response = await command.run(object);
        this.processResponse(response);
      });

    program
-            .command('config <setting> <value>')
-            .description('Configure settings.')
-            .on('--help', () => {
-                writeLn('\n  Settings:');
-                writeLn('');
-                writeLn('    server - On-premise hosted installation URL.');
-                writeLn('    directory - The type of directory to use.');
-                writeLn('    ldap.password - The password for connection to this LDAP server.');
-                writeLn('    azure.key - The Azure AD secret key.');
-                writeLn('    gsuite.key - The G Suite private key.');
-                writeLn('    okta.token - The Okta token.');
-                writeLn('');
-                writeLn('  Examples:');
-                writeLn('');
-                writeLn('    bwdc config server https://bw.company.com');
-                writeLn('    bwdc config server bitwarden.com');
-                writeLn('    bwdc config directory 1');
-                writeLn('    bwdc config ldap.password <password>');
-                writeLn('    bwdc config azure.key <key>');
-                writeLn('    bwdc config gsuite.key <key>');
-                writeLn('    bwdc config okta.token <token>');
-                writeLn('', true);
+      .command("config <setting> [value]")
+      .description("Configure settings.")
+      .option("--secretenv <variable-name>", "Read secret from the named environment variable.")
+      .option("--secretfile <filename>", "Read secret from first line of the named file.")
+      .on("--help", () => {
+        writeLn("\n  Settings:");
+        writeLn("");
+        writeLn("    server - On-premise hosted installation URL.");
+        writeLn("    directory - The type of directory to use.");
+        writeLn("    ldap.password - The password for connection to this LDAP server.");
+        writeLn("    azure.key - The Azure AD secret key.");
+        writeLn("    gsuite.key - The G Suite private key.");
+        writeLn("    okta.token - The Okta token.");
+        writeLn("    onelogin.secret - The OneLogin client secret.");
+        writeLn("");
+        writeLn("  Examples:");
+        writeLn("");
+        writeLn("    bwdc config server https://bw.company.com");
+        writeLn("    bwdc config server bitwarden.com");
+        writeLn("    bwdc config directory 1");
+        writeLn("    bwdc config ldap.password <password>");
+        writeLn("    bwdc config ldap.password --secretenv LDAP_PWD");
+        writeLn("    bwdc config azure.key <key>");
+        writeLn("    bwdc config gsuite.key <key>");
+        writeLn("    bwdc config okta.token <token>");
+        writeLn("    bwdc config onelogin.secret <secret>");
+        writeLn("", true);
      })
-            .action(async (setting, value, cmd) => {
-                const command = new ConfigCommand(this.main.environmentService, this.main.i18nService,
-                    this.main.configurationService);
-                const response = await command.run(setting, value, cmd);
+      .action(async (setting: string, value: string, options: program.OptionValues) => {
+        const command = new ConfigCommand(
+          this.main.environmentService,
+          this.main.i18nService,
+          this.main.stateService
+        );
+        const response = await command.run(setting, value, options);
        this.processResponse(response);
      });

    program
-            .command('data-file')
-            .description('Path to data.json database file.')
-            .on('--help', () => {
-                writeLn('\n  Examples:');
-                writeLn('');
-                writeLn('    bwdc data-file');
-                writeLn('', true);
+      .command("data-file")
+      .description("Path to data.json database file.")
+      .on("--help", () => {
+        writeLn("\n  Examples:");
+        writeLn("");
+        writeLn("    bwdc data-file");
+        writeLn("", true);
      })
      .action(() => {
        this.processResponse(
-                    Response.success(new StringResponse(path.join(this.main.dataFilePath, 'data.json'))));
+          Response.success(new StringResponse(path.join(this.main.dataFilePath, "data.json")))
+        );
      });

    program
-            .command('clear-cache')
-            .description('Clear the sync cache.')
-            .on('--help', () => {
-                writeLn('\n  Examples:');
-                writeLn('');
-                writeLn('    bwdc clear-cache');
-                writeLn('', true);
+      .command("clear-cache")
+      .description("Clear the sync cache.")
+      .on("--help", () => {
+        writeLn("\n  Examples:");
+        writeLn("");
+        writeLn("    bwdc clear-cache");
+        writeLn("", true);
      })
-            .action(async (cmd) => {
-                const command = new ClearCacheCommand(this.main.configurationService, this.main.i18nService);
-                const response = await command.run(cmd);
+      .action(async (options: program.OptionValues) => {
+        const command = new ClearCacheCommand(this.main.i18nService, this.main.stateService);
+        const response = await command.run(options);
        this.processResponse(response);
      });

    program
-            .command('update')
-            .description('Check for updates.')
-            .on('--help', () => {
-                writeLn('\n  Notes:');
-                writeLn('');
-                writeLn('    Returns the URL to download the newest version of this CLI tool.');
-                writeLn('');
-                writeLn('    Use the `--raw` option to return only the download URL for the update.');
-                writeLn('');
-                writeLn('  Examples:');
-                writeLn('');
-                writeLn('    bwdc update');
-                writeLn('    bwdc update --raw');
-                writeLn('', true);
+      .command("update")
+      .description("Check for updates.")
+      .on("--help", () => {
+        writeLn("\n  Notes:");
+        writeLn("");
+        writeLn("    Returns the URL to download the newest version of this CLI tool.");
+        writeLn("");
+        writeLn("    Use the `--raw` option to return only the download URL for the update.");
+        writeLn("");
+        writeLn("  Examples:");
+        writeLn("");
+        writeLn("    bwdc update");
+        writeLn("    bwdc update --raw");
+        writeLn("", true);
      })
-            .action(async (cmd) => {
-                const command = new UpdateCommand(this.main.platformUtilsService, this.main.i18nService,
-                    'directory-connector', 'bwdc', false);
-                const response = await command.run(cmd);
+      .action(async () => {
+        const command = new UpdateCommand(
+          this.main.platformUtilsService,
+          this.main.i18nService,
+          "directory-connector",
+          "bwdc",
+          false
+        );
+        const response = await command.run();
        this.processResponse(response);
      });

-        program
-            .parse(process.argv);
+    program.parse(process.argv);

    if (process.argv.slice(2).length === 0) {
      program.outputHelp();
    }
  }
+
+  async exitIfAuthed() {
+    const authed = await this.stateService.getIsAuthenticated();
+    if (authed) {
+      const type = await this.stateService.getEntityType();
+      const id = await this.stateService.getEntityId();
+      this.processResponse(
+        Response.error("You are already logged in as " + type + "." + id + "."),
+        true
+      );
+    }
+  }
+
+  async exitIfNotAuthed() {
+    const authed = await this.stateService.getIsAuthenticated();
+    if (!authed) {
+      this.processResponse(Response.error("You are not logged in."), true);
+    }
+  }
 }
--- a/src/scss/bootstrap.scss
+++ b/src/scss/bootstrap.scss
@@ -1,5 +1,15 @@
-$theme-colors: ( "primary": #3c8dbc, "primary-accent": #286090, "danger": #dd4b39, "success": #00a65a, "info": #555555, "warning": #bf7e16);
-$font-family-sans-serif: 'Open Sans','Helvetica Neue',Helvetica,Arial,sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol';
+$theme-colors: (
+  "primary": #175ddc,
+  "primary-accent": #1252a3,
+  "danger": #dd4b39,
+  "success": #00a65a,
+  "info": #555555,
+  "warning": #bf7e16,
+  "secondary": #ced4da,
+  "secondary-alt": #1a3b66,
+);
+$font-family-sans-serif: "Open Sans", "Helvetica Neue", Helvetica, Arial, sans-serif,
+  "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";

 $h1-font-size: 2rem;
 $h2-font-size: 1.3rem;
@@ -8,4 +18,13 @@ $h4-font-size: 1rem;
 $h5-font-size: 1rem;
 $h6-font-size: 1rem;

+$primary: map_get($theme-colors, "primary");
+$primary-accent: map_get($theme-colors, "primary-accent");
+$success: map_get($theme-colors, "success");
+$info: map_get($theme-colors, "info");
+$warning: map_get($theme-colors, "warning");
+$danger: map_get($theme-colors, "danger");
+$secondary: map_get($theme-colors, "secondary");
+$secondary-alt: map_get($theme-colors, "secondary-alt");
+
@import "~bootstrap/scss/bootstrap.scss";
--- a/src/scss/misc.scss
+++ b/src/scss/misc.scss
@@ -10,7 +10,7 @@ h1 {

  small {
    color: $text-muted;
-        font-size: $h1-font-size * .5;
+    font-size: $h1-font-size * 0.5;
  }
 }

@@ -28,7 +28,7 @@ h4 {
 }

 #duo-frame {
-    background: url('../images/loading.svg') 0 0 no-repeat;
+  background: url("../images/loading.svg") 0 0 no-repeat;
  height: 380px;

  iframe {
@@ -53,3 +53,91 @@ ul.testing-list {
    text-decoration: line-through;
  }
 }
+
+.callout {
+  padding: 10px;
+  margin-bottom: 10px;
+  border: 1px solid #000000;
+  border-left-width: 5px;
+  border-radius: 3px;
+  border-color: #ddd;
+  background-color: white;
+
+  .callout-heading {
+    margin-top: 0;
+  }
+
+  h3.callout-heading {
+    font-weight: bold;
+    text-transform: uppercase;
+  }
+
+  &.callout-primary {
+    border-left-color: $primary;
+
+    .callout-heading {
+      color: $primary;
+    }
+  }
+
+  &.callout-info {
+    border-left-color: $info;
+
+    .callout-heading {
+      color: $info;
+    }
+  }
+
+  &.callout-danger {
+    border-left-color: $danger;
+
+    .callout-heading {
+      color: $danger;
+    }
+  }
+
+  &.callout-success {
+    border-left-color: $success;
+
+    .callout-heading {
+      color: $success;
+    }
+  }
+
+  &.callout-warning {
+    border-left-color: $warning;
+
+    .callout-heading {
+      color: $warning;
+    }
+  }
+
+  ul {
+    padding-left: 40px;
+    margin: 0;
+  }
+}
+
+.btn[class*="btn-outline-"] {
+  &:not(:hover) {
+    border-color: $secondary;
+    background-color: #fbfbfb;
+  }
+}
+
+.btn-outline-secondary {
+  color: $text-muted;
+
+  &:hover:not(:disabled) {
+    color: $body-color;
+  }
+
+  &:disabled {
+    opacity: 1;
+  }
+
+  &:focus,
+  &.focus {
+    box-shadow: 0 0 0 $btn-focus-width rgba(mix(color-yiq($primary), $primary, 15%), 0.5);
+  }
+}
--- a/src/scss/plugins.scss
+++ b/src/scss/plugins.scss
@@ -1,38 +1,38 @@
-$fa-font-path: "~font-awesome/fonts";
-@import "~font-awesome/scss/font-awesome.scss";
-@import "~angular2-toaster/toaster";
+@import "~ngx-toastr/toastr";

@import "~bootstrap/scss/_variables.scss";

-#toast-container {
+.toast-container {
  .toast-close-button {
-        right: -0.15em;
+    font-size: 18px;
+    margin-right: 4px;
  }

-    .toast {
-        opacity: 1 !important;
+  .ngx-toastr {
+    align-items: center;
    background-image: none !important;
    border-radius: $border-radius;
    box-shadow: 0 0 8px rgba(0, 0, 0, 0.35);
    display: flex;
-        align-items: center;
+    padding: 15px;
+
+    .toast-close-button {
+      position: absolute;
+      right: 5px;
+      top: 0;
+    }

    &:hover {
      box-shadow: 0 0 10px rgba(0, 0, 0, 0.6);
    }

-        &:before {
-            font-family: FontAwesome;
+    .icon i::before {
+      float: left;
+      font-style: normal;
+      font-family: $icomoon-font-family;
      font-size: 25px;
      line-height: 20px;
-            float: left;
-            color: #ffffff;
-            padding-right: 10px;
-            margin: auto 0 auto -36px;
-        }
-
-        .toaster-icon {
-            display: none;
+      padding-right: 15px;
    }

    .toast-message {
@@ -45,40 +45,36 @@ $fa-font-path: "~font-awesome/fonts";
      }
    }

-        &.toast-danger, &.toast-error {
-            background-image: none !important;
+    &.toast-danger,
+    &.toast-error {
      background-color: $danger;

-            &:before {
-                content: "\f0e7";
-                margin-left: -30px;
+      .icon i::before {
+        content: map_get($icons, "error");
      }
    }

    &.toast-warning {
-            background-image: none !important;
      background-color: $warning;

-            &:before {
-                content: "\f071";
+      .icon i::before {
+        content: map_get($icons, "exclamation-triangle");
      }
    }

    &.toast-info {
-            background-image: none !important;
      background-color: $info;

-            &:before {
-                content: "\f05a";
+      .icon i:before {
+        content: map_get($icons, "info-circle");
      }
    }

    &.toast-success {
-            background-image: none !important;
      background-color: $success;

-            &:before {
-                content: "\f00C";
+      .icon i:before {
+        content: map_get($icons, "check");
      }
    }
  }
--- a/src/scss/styles.scss
+++ b/src/scss/styles.scss
@@ -1,4 +1,5 @@
-@import "../css/webfonts.css";
+@import "../../jslib/angular/src/scss/webfonts.css";
+@import "../../jslib/angular/src/scss/bwicons/styles/style.scss";
@import "bootstrap.scss";
@import "pages.scss";
@import "misc.scss";
--- a/src/services/api.service.ts
+++ b/src/services/api.service.ts
@@ -0,0 +1,36 @@
+import { AuthService } from "jslib-common/abstractions/auth.service";
+import { EnvironmentService } from "jslib-common/abstractions/environment.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
+import { TokenService } from "jslib-common/abstractions/token.service";
+import { StateService } from "../abstractions/state.service";
+
+import { ApiService as ApiServiceBase } from "jslib-common/services/api.service";
+
+export async function refreshToken(stateService: StateService, authService: AuthService) {
+  try {
+    const clientId = await stateService.getApiKeyClientId();
+    const clientSecret = await stateService.getApiKeyClientSecret();
+    if (clientId != null && clientSecret != null) {
+      await authService.logInApiKey(clientId, clientSecret);
+    }
+  } catch (e) {
+    return Promise.reject(e);
+  }
+}
+
+export class ApiService extends ApiServiceBase {
+  constructor(
+    tokenService: TokenService,
+    platformUtilsService: PlatformUtilsService,
+    environmentService: EnvironmentService,
+    private refreshTokenCallback: () => Promise<void>,
+    logoutCallback: (expired: boolean) => Promise<void>,
+    customUserAgent: string = null
+  ) {
+    super(tokenService, platformUtilsService, environmentService, logoutCallback, customUserAgent);
+  }
+
+  doRefreshToken(): Promise<void> {
+    return this.refreshTokenCallback();
+  }
+}
--- a/src/services/auth.service.ts
+++ b/src/services/auth.service.ts
@@ -0,0 +1,119 @@
+import { ApiService } from "jslib-common/abstractions/api.service";
+import { AppIdService } from "jslib-common/abstractions/appId.service";
+import { CryptoService } from "jslib-common/abstractions/crypto.service";
+import { CryptoFunctionService } from "jslib-common/abstractions/cryptoFunction.service";
+import { EnvironmentService } from "jslib-common/abstractions/environment.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { KeyConnectorService } from "jslib-common/abstractions/keyConnector.service";
+import { LogService } from "jslib-common/abstractions/log.service";
+import { MessagingService } from "jslib-common/abstractions/messaging.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
+import { TokenService } from "jslib-common/abstractions/token.service";
+import { VaultTimeoutService } from "jslib-common/abstractions/vaultTimeout.service";
+import { StateService } from "../abstractions/state.service";
+
+import { AuthService as AuthServiceBase } from "jslib-common/services/auth.service";
+
+import { Account, DirectoryConfigurations, DirectorySettings } from "src/models/account";
+
+import { AccountKeys, AccountProfile, AccountTokens } from "jslib-common/models/domain/account";
+import { AuthResult } from "jslib-common/models/domain/authResult";
+
+import { DeviceRequest } from "jslib-common/models/request/deviceRequest";
+import { TokenRequest } from "jslib-common/models/request/tokenRequest";
+
+import { IdentityTokenResponse } from "jslib-common/models/response/identityTokenResponse";
+
+export class AuthService extends AuthServiceBase {
+  constructor(
+    cryptoService: CryptoService,
+    apiService: ApiService,
+    tokenService: TokenService,
+    appIdService: AppIdService,
+    i18nService: I18nService,
+    platformUtilsService: PlatformUtilsService,
+    messagingService: MessagingService,
+    vaultTimeoutService: VaultTimeoutService,
+    logService: LogService,
+    cryptoFunctionService: CryptoFunctionService,
+    environmentService: EnvironmentService,
+    keyConnectorService: KeyConnectorService,
+    stateService: StateService
+  ) {
+    super(
+      cryptoService,
+      apiService,
+      tokenService,
+      appIdService,
+      i18nService,
+      platformUtilsService,
+      messagingService,
+      vaultTimeoutService,
+      logService,
+      cryptoFunctionService,
+      keyConnectorService,
+      environmentService,
+      stateService,
+      false
+    );
+  }
+
+  async logInApiKey(clientId: string, clientSecret: string): Promise<AuthResult> {
+    this.selectedTwoFactorProviderType = null;
+    if (clientId.startsWith("organization")) {
+      return await this.organizationLogInHelper(clientId, clientSecret);
+    }
+    return await super.logInApiKey(clientId, clientSecret);
+  }
+
+  private async organizationLogInHelper(clientId: string, clientSecret: string) {
+    const appId = await this.appIdService.getAppId();
+    const entityId = clientId.split("organization.")[1];
+    const deviceRequest = new DeviceRequest(appId, this.platformUtilsService);
+    const request = new TokenRequest(
+      null,
+      null,
+      [clientId, clientSecret],
+      null,
+      null,
+      false,
+      null,
+      deviceRequest
+    );
+
+    const response = await this.apiService.postIdentityToken(request);
+    const result = new AuthResult();
+    result.twoFactor = !(response as any).accessToken;
+
+    const tokenResponse = response as IdentityTokenResponse;
+    result.resetMasterPassword = tokenResponse.resetMasterPassword;
+    await this.stateService.addAccount(
+      new Account({
+        profile: {
+          ...new AccountProfile(),
+          ...{
+            userId: entityId,
+            apiKeyClientId: clientId,
+            entityId: entityId,
+          },
+        },
+        tokens: {
+          ...new AccountTokens(),
+          ...{
+            accessToken: tokenResponse.accessToken,
+            refreshToken: tokenResponse.refreshToken,
+          },
+        },
+        keys: {
+          ...new AccountKeys(),
+          ...{
+            apiKeyClientSecret: clientSecret,
+          },
+        },
+        directorySettings: new DirectorySettings(),
+        directoryConfigurations: new DirectoryConfigurations(),
+      })
+    );
+    return result;
+  }
+}
--- a/src/services/azure-directory.service.ts
+++ b/src/services/azure-directory.service.ts
@@ -1,25 +1,29 @@
-import * as graph from '@microsoft/microsoft-graph-client';
-import * as graphType from '@microsoft/microsoft-graph-types';
-import * as https from 'https';
-import * as querystring from 'querystring';
+import * as graph from "@microsoft/microsoft-graph-client";
+import * as graphType from "@microsoft/microsoft-graph-types";
+import * as https from "https";
+import * as querystring from "querystring";

-import { DirectoryType } from '../enums/directoryType';
+import { DirectoryType } from "../enums/directoryType";

-import { AzureConfiguration } from '../models/azureConfiguration';
-import { GroupEntry } from '../models/groupEntry';
-import { SyncConfiguration } from '../models/syncConfiguration';
-import { UserEntry } from '../models/userEntry';
+import { AzureConfiguration } from "../models/azureConfiguration";
+import { GroupEntry } from "../models/groupEntry";
+import { SyncConfiguration } from "../models/syncConfiguration";
+import { UserEntry } from "../models/userEntry";

-import { BaseDirectoryService } from './baseDirectory.service';
-import { ConfigurationService } from './configuration.service';
-import { DirectoryService } from './directory.service';
+import { BaseDirectoryService } from "./baseDirectory.service";
+import { IDirectoryService } from "./directory.service";

-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { LogService } from 'jslib/abstractions/log.service';
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";
+import { StateService } from "../abstractions/state.service";

-const NextLink = '@odata.nextLink';
-const DeltaLink = '@odata.deltaLink';
-const ObjectType = '@odata.type';
+const AzurePublicIdentityAuhtority = "login.microsoftonline.com";
+const AzureGovermentIdentityAuhtority = "login.microsoftonline.us";
+
+const NextLink = "@odata.nextLink";
+const DeltaLink = "@odata.deltaLink";
+const ObjectType = "@odata.type";
+const UserSelectParams = "?$select=id,mail,userPrincipalName,displayName,accountEnabled";

 enum UserSetType {
  IncludeUser,
@@ -28,32 +32,36 @@ enum UserSetType {
  ExcludeGroup,
 }

-export class AzureDirectoryService extends BaseDirectoryService implements DirectoryService {
+export class AzureDirectoryService extends BaseDirectoryService implements IDirectoryService {
  private client: graph.Client;
  private dirConfig: AzureConfiguration;
  private syncConfig: SyncConfiguration;
  private accessToken: string;
  private accessTokenExpiration: Date;

-    constructor(private configurationService: ConfigurationService, private logService: LogService,
-        private i18nService: I18nService) {
+  constructor(
+    private logService: LogService,
+    private i18nService: I18nService,
+    private stateService: StateService
+  ) {
    super();
    this.init();
  }

  async getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
-        const type = await this.configurationService.getDirectoryType();
+    const type = await this.stateService.getDirectoryType();
    if (type !== DirectoryType.AzureActiveDirectory) {
      return;
    }

-        this.dirConfig = await this.configurationService.getDirectory<AzureConfiguration>(
-            DirectoryType.AzureActiveDirectory);
+    this.dirConfig = await this.stateService.getDirectory<AzureConfiguration>(
+      DirectoryType.AzureActiveDirectory
+    );
    if (this.dirConfig == null) {
      return;
    }

-        this.syncConfig = await this.configurationService.getSync();
+    this.syncConfig = await this.stateService.getSync();
    if (this.syncConfig == null) {
      return;
    }
@@ -67,9 +75,9 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc

    let groups: GroupEntry[];
    if (this.syncConfig.groups) {
-            const setFilter = this.createCustomSet(this.syncConfig.groupFilter);
+      const setFilter = await this.createAadCustomSet(this.syncConfig.groupFilter);
      groups = await this.getGroups(setFilter);
-            users = this.filterUsersFromGroupsSet(users, groups, setFilter);
+      users = this.filterUsersFromGroupsSet(users, groups, setFilter, this.syncConfig);
    }

    return [groups, users];
@@ -77,40 +85,28 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc

  private async getCurrentUsers(): Promise<UserEntry[]> {
    const entryIds = new Set<string>();
-        const entries: UserEntry[] = [];
-        const userReq = this.client.api('/users');
-        let res = await userReq.get();
+    let entries: UserEntry[] = [];
+    let users: graphType.User[];
    const setFilter = this.createCustomUserSet(this.syncConfig.userFilter);
-        while (true) {
-            const users: graphType.User[] = res.value;
-            if (users != null) {
-                for (const user of users) {
-                    if (user.id == null || entryIds.has(user.id)) {
-                        continue;
-                    }
-                    const entry = this.buildUser(user);
-                    if (await this.filterOutUserResult(setFilter, entry)) {
-                        continue;
-                    }
+    const userIdsToExclude = new Set<string>();

-                    if (!entry.disabled && !entry.deleted &&
-                        (entry.email == null || entry.email.indexOf('#') > -1)) {
-                        continue;
-                    }
-
-                    entries.push(entry);
-                    entryIds.add(user.id);
-                }
-            }
-
-            if (res[NextLink] == null) {
-                break;
+    // Only get users for the groups provided in includeGroup filter
+    if (setFilter != null && setFilter[0] === UserSetType.IncludeGroup) {
+      users = await this.getUsersByGroups(setFilter);
+      // Get the users in the excludedGroups and filter them out from all users
+    } else if (setFilter != null && setFilter[0] === UserSetType.ExcludeGroup) {
+      (await this.getUsersByGroups(setFilter)).forEach((user: graphType.User) =>
+        userIdsToExclude.add(user.id)
+      );
+      const userReq = this.client.api("/users" + UserSelectParams);
+      users = await this.getUsersByResource(userReq);
    } else {
-                const nextReq = this.client.api(res[NextLink]);
-                res = await nextReq.get();
+      const userReq = this.client.api("/users" + UserSelectParams);
+      users = await this.getUsersByResource(userReq);
    }
+    if (users != null) {
+      entries = await this.buildUserEntries(users, userIdsToExclude, setFilter);
    }
-
    return entries;
  }

@@ -119,7 +115,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
    const entries: UserEntry[] = [];

    let res: any = null;
-        const token = await this.configurationService.getUserDeltaToken();
+    const token = await this.stateService.getUserDelta();
    if (!force && token != null) {
      try {
        const deltaReq = this.client.api(token);
@@ -130,7 +126,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
    }

    if (res == null) {
-            const userReq = this.client.api('/users/delta');
+      const userReq = this.client.api("/users/delta" + UserSelectParams);
      res = await userReq.get();
    }

@@ -143,10 +139,16 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
            continue;
          }
          const entry = this.buildUser(user);
-                    if (!entry.disabled && !entry.deleted) {
+          if (!entry.deleted) {
            continue;
          }
-                    if (await this.filterOutUserResult(setFilter, entry)) {
+
+          if (
+            setFilter != null &&
+            (setFilter[0] === UserSetType.IncludeUser ||
+              setFilter[0] === UserSetType.ExcludeUser) &&
+            (await this.filterOutUserResult(setFilter, entry))
+          ) {
            continue;
          }

@@ -157,7 +159,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc

      if (res[NextLink] == null) {
        if (res[DeltaLink] != null && saveDelta) {
-                    await this.configurationService.saveUserDeltaToken(res[DeltaLink]);
+          await this.stateService.setUserDelta(res[DeltaLink]);
        }
        break;
      } else {
@@ -169,37 +171,87 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
    return entries;
  }

+  private async createAadCustomSet(filter: string): Promise<[boolean, Set<string>]> {
+    if (filter == null || filter === "") {
+      return null;
+    }
+
+    const mainParts = filter.split("|");
+    if (mainParts.length < 1 || mainParts[0] == null || mainParts[0].trim() === "") {
+      return null;
+    }
+
+    const parts = mainParts[0].split(":");
+    if (parts.length !== 2) {
+      return null;
+    }
+
+    const keyword = parts[0].trim().toLowerCase();
+    let exclude = true;
+    if (keyword === "include") {
+      exclude = false;
+    } else if (keyword === "exclude") {
+      exclude = true;
+    } else if (keyword === "excludeadministrativeunit") {
+      exclude = true;
+    } else if (keyword === "includeadministrativeunit") {
+      exclude = false;
+    } else {
+      return null;
+    }
+
+    const set = new Set<string>();
+    const pieces = parts[1].split(",");
+    if (keyword === "excludeadministrativeunit" || keyword === "includeadministrativeunit") {
+      for (const p of pieces) {
+        const auMembers = await this.client
+          .api(`https://graph.microsoft.com/v1.0/directory/administrativeUnits/${p}/members`)
+          .get();
+        for (const auMember of auMembers.value) {
+          if (auMember["@odata.type"] === "#microsoft.graph.group") {
+            set.add(auMember.displayName.toLowerCase());
+          }
+        }
+      }
+    } else {
+      for (const p of pieces) {
+        set.add(p.trim().toLowerCase());
+      }
+    }
+    return [exclude, set];
+  }
+
  private createCustomUserSet(filter: string): [UserSetType, Set<string>] {
-        if (filter == null || filter === '') {
+    if (filter == null || filter === "") {
      return null;
    }

-        const mainParts = filter.split('|');
-        if (mainParts.length < 1 || mainParts[0] == null || mainParts[0].trim() === '') {
+    const mainParts = filter.split("|");
+    if (mainParts.length < 1 || mainParts[0] == null || mainParts[0].trim() === "") {
      return null;
    }

-        const parts = mainParts[0].split(':');
+    const parts = mainParts[0].split(":");
    if (parts.length !== 2) {
      return null;
    }

    const keyword = parts[0].trim().toLowerCase();
    let userSetType = UserSetType.IncludeUser;
-        if (keyword === 'include') {
+    if (keyword === "include") {
      userSetType = UserSetType.IncludeUser;
-        } else if (keyword === 'exclude') {
+    } else if (keyword === "exclude") {
      userSetType = UserSetType.ExcludeUser;
-        } else if (keyword === 'includegroup') {
+    } else if (keyword === "includegroup") {
      userSetType = UserSetType.IncludeGroup;
-        } else if (keyword === 'excludegroup') {
+    } else if (keyword === "excludegroup") {
      userSetType = UserSetType.ExcludeGroup;
    } else {
      return null;
    }

    const set = new Set<string>();
-        const pieces = parts[1].split(',');
+    const pieces = parts[1].split(",");
    for (const p of pieces) {
      set.add(p.trim().toLowerCase());
    }
@@ -207,7 +259,10 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
    return [userSetType, set];
  }

-    private async filterOutUserResult(setFilter: [UserSetType, Set<string>], user: UserEntry): Promise<boolean> {
+  private async filterOutUserResult(
+    setFilter: [UserSetType, Set<string>],
+    user: UserEntry
+  ): Promise<boolean> {
    if (setFilter == null) {
      return false;
    }
@@ -223,21 +278,6 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
      return this.filterOutResult([userSetTypeExclude, setFilter[1]], user.email);
    }

-        try {
-            const memberGroups = await this.client.api(`/users/${user.externalId}/checkMemberGroups`).post({
-                groupIds: Array.from(setFilter[1]),
-            });
-            if (memberGroups.value.length > 0 && setFilter[0] === UserSetType.IncludeGroup) {
-                return false;
-            } else if (memberGroups.value.length > 0 && setFilter[0] === UserSetType.ExcludeGroup) {
-                return true;
-            } else if (memberGroups.value.length === 0 && setFilter[0] === UserSetType.IncludeGroup) {
-                return true;
-            } else if (memberGroups.value.length === 0 && setFilter[0] === UserSetType.ExcludeGroup) {
-                return false;
-            }
-        } catch { }
-
    return false;
  }

@@ -247,8 +287,10 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
    entry.externalId = user.id;
    entry.email = user.mail;

-        if (user.userPrincipalName && (entry.email == null || entry.email === '' ||
-            entry.email.indexOf('onmicrosoft.com') > -1)) {
+    if (
+      user.userPrincipalName &&
+      (entry.email == null || entry.email === "" || entry.email.indexOf("onmicrosoft.com") > -1)
+    ) {
      entry.email = user.userPrincipalName;
    }

@@ -258,7 +300,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc

    entry.disabled = user.accountEnabled == null ? false : !user.accountEnabled;

-        if ((user as any)['@removed'] != null && (user as any)['@removed'].reason === 'changed') {
+    if ((user as any)["@removed"] != null && (user as any)["@removed"].reason === "changed") {
      entry.deleted = true;
    }

@@ -268,7 +310,7 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
  private async getGroups(setFilter: [boolean, Set<string>]): Promise<GroupEntry[]> {
    const entryIds = new Set<string>();
    const entries: GroupEntry[] = [];
-        const groupsReq = this.client.api('/groups');
+    const groupsReq = this.client.api("/groups");
    let res = await groupsReq.get();
    while (true) {
      const groups: graphType.Group[] = res.value;
@@ -298,24 +340,88 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
    return entries;
  }

+  private async getUsersByResource(usersRequest: graph.GraphRequest) {
+    const users: graphType.User[] = [];
+    let res = await usersRequest.get();
+    res.value.forEach((user: graphType.User) => users.push(user));
+    while (res[NextLink] != null) {
+      const nextReq = this.client.api(res[NextLink]);
+      res = await nextReq.get();
+      res.value.forEach((user: graphType.User) => users.push(user));
+    }
+    return users;
+  }
+
+  private async getUsersByGroups(setFilter: [UserSetType, Set<string>]): Promise<graphType.User[]> {
+    const users: graphType.User[] = [];
+    for (const group of setFilter[1]) {
+      const groupUsersReq = this.client.api(
+        `/groups/${group}/transitiveMembers` + UserSelectParams
+      );
+      users.push(...(await this.getUsersByResource(groupUsersReq)));
+    }
+    return users;
+  }
+
+  private async buildUserEntries(
+    users: graphType.User[],
+    userIdsToExclude: Set<string>,
+    setFilter: [UserSetType, Set<string>]
+  ) {
+    const entryIds = new Set<string>();
+    const entries: UserEntry[] = [];
+
+    for (const user of users) {
+      if (user.id == null || entryIds.has(user.id) || userIdsToExclude.has(user.id)) {
+        continue;
+      }
+      const entry = this.buildUser(user);
+
+      if (
+        setFilter != null &&
+        (setFilter[0] === UserSetType.IncludeUser || setFilter[0] === UserSetType.ExcludeUser) &&
+        (await this.filterOutUserResult(setFilter, entry))
+      ) {
+        continue;
+      }
+      if (!this.isInvalidUser(entry)) {
+        entries.push(entry);
+        entryIds.add(user.id);
+      }
+    }
+    return entries;
+  }
+
+  private isInvalidUser(user: UserEntry): boolean {
+    return !user.disabled && !user.deleted && (user.email == null || user.email.indexOf("#") > -1);
+  }
+
  private async buildGroup(group: graphType.Group): Promise<GroupEntry> {
    const entry = new GroupEntry();
    entry.referenceId = group.id;
    entry.externalId = group.id;
    entry.name = group.displayName;

-        const memReq = this.client.api('/groups/' + group.id + '/members');
-        const memRes = await memReq.get();
+    const memReq = this.client.api("/groups/" + group.id + "/members");
+    let memRes = await memReq.get();
+    while (true) {
      const members: any = memRes.value;
      if (members != null) {
        for (const member of members) {
-                if (member[ObjectType] === '#microsoft.graph.group') {
+          if (member[ObjectType] === "#microsoft.graph.group") {
            entry.groupMemberReferenceIds.add((member as graphType.Group).id);
-                } else if (member[ObjectType] === '#microsoft.graph.user') {
+          } else if (member[ObjectType] === "#microsoft.graph.user") {
            entry.userMemberExternalIds.add((member as graphType.User).id);
          }
        }
      }
+      if (memRes[NextLink] == null) {
+        break;
+      } else {
+        const nextMemReq = this.client.api(memRes[NextLink]);
+        memRes = await nextMemReq.get();
+      }
+    }

    return entry;
  }
@@ -323,9 +429,24 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
  private init() {
    this.client = graph.Client.init({
      authProvider: (done) => {
-                if (this.dirConfig.applicationId == null || this.dirConfig.key == null ||
-                    this.dirConfig.tenant == null) {
-                    done(this.i18nService.t('dirConfigIncomplete'), null);
+        if (
+          this.dirConfig.applicationId == null ||
+          this.dirConfig.key == null ||
+          this.dirConfig.tenant == null
+        ) {
+          done(new Error(this.i18nService.t("dirConfigIncomplete")), null);
+          return;
+        }
+
+        const identityAuthority =
+          this.dirConfig.identityAuthority != null
+            ? this.dirConfig.identityAuthority
+            : AzurePublicIdentityAuhtority;
+        if (
+          identityAuthority !== AzurePublicIdentityAuhtority &&
+          identityAuthority !== AzureGovermentIdentityAuhtority
+        ) {
+          done(new Error(this.i18nService.t("dirConfigIncomplete")), null);
          return;
        }

@@ -340,32 +461,42 @@ export class AzureDirectoryService extends BaseDirectoryService implements Direc
        const data = querystring.stringify({
          client_id: this.dirConfig.applicationId,
          client_secret: this.dirConfig.key,
-                    grant_type: 'client_credentials',
-                    scope: 'https://graph.microsoft.com/.default',
+          grant_type: "client_credentials",
+          scope: "https://graph.microsoft.com/.default",
        });

-                const req = https.request({
-                    host: 'login.microsoftonline.com',
-                    path: '/' + this.dirConfig.tenant + '/oauth2/v2.0/token',
-                    method: 'POST',
+        const req = https
+          .request(
+            {
+              host: identityAuthority,
+              path: "/" + this.dirConfig.tenant + "/oauth2/v2.0/token",
+              method: "POST",
              headers: {
-                        'Content-Type': 'application/x-www-form-urlencoded',
-                        'Content-Length': Buffer.byteLength(data),
+                "Content-Type": "application/x-www-form-urlencoded",
+                "Content-Length": Buffer.byteLength(data),
              },
-                }, (res) => {
-                    res.setEncoding('utf8');
-                    res.on('data', (chunk: string) => {
+            },
+            (res) => {
+              res.setEncoding("utf8");
+              res.on("data", (chunk: string) => {
                const d = JSON.parse(chunk);
                if (res.statusCode === 200 && d.access_token != null) {
                  this.setAccessTokenExpiration(d.access_token, d.expires_in);
                  done(null, d.access_token);
                } else if (d.error != null && d.error_description != null) {
-                            done(d.error + ' (' + res.statusCode + '): ' + d.error_description, null);
+                  const shortError = d.error_description?.split("\n", 1)[0];
+                  const err = new Error(d.error + " (" + res.statusCode + "): " + shortError);
+                  // tslint:disable-next-line
+                  console.error(d.error_description);
+                  done(err, null);
                } else {
-                            done('Unknown error (' + res.statusCode + ').', null);
+                  const err = new Error("Unknown error (" + res.statusCode + ").");
+                  done(err, null);
                }
              });
-                }).on('error', (err) => {
+            }
+          )
+          .on("error", (err) => {
            done(err, null);
          });

--- a/src/services/baseDirectory.service.ts
+++ b/src/services/baseDirectory.service.ts
@@ -1,14 +1,16 @@
-import { GroupEntry } from '../models/groupEntry';
-import { UserEntry } from '../models/userEntry';
+import { SyncConfiguration } from "../models/syncConfiguration";
+
+import { GroupEntry } from "../models/groupEntry";
+import { UserEntry } from "../models/userEntry";

 export abstract class BaseDirectoryService {
  protected createDirectoryQuery(filter: string) {
-        if (filter == null || filter === '') {
+    if (filter == null || filter === "") {
      return null;
    }

-        const mainParts = filter.split('|');
-        if (mainParts.length < 2 || mainParts[1] == null || mainParts[1].trim() === '') {
+    const mainParts = filter.split("|");
+    if (mainParts.length < 2 || mainParts[1] == null || mainParts[1].trim() === "") {
      return null;
    }

@@ -16,32 +18,32 @@ export abstract class BaseDirectoryService {
  }

  protected createCustomSet(filter: string): [boolean, Set<string>] {
-        if (filter == null || filter === '') {
+    if (filter == null || filter === "") {
      return null;
    }

-        const mainParts = filter.split('|');
-        if (mainParts.length < 1 || mainParts[0] == null || mainParts[0].trim() === '') {
+    const mainParts = filter.split("|");
+    if (mainParts.length < 1 || mainParts[0] == null || mainParts[0].trim() === "") {
      return null;
    }

-        const parts = mainParts[0].split(':');
+    const parts = mainParts[0].split(":");
    if (parts.length !== 2) {
      return null;
    }

    const keyword = parts[0].trim().toLowerCase();
    let exclude = true;
-        if (keyword === 'include') {
+    if (keyword === "include") {
      exclude = false;
-        } else if (keyword === 'exclude') {
+    } else if (keyword === "exclude") {
      exclude = true;
    } else {
      return null;
    }

    const set = new Set<string>();
-        const pieces = parts[1].split(',');
+    const pieces = parts[1].split(",");
    for (const p of pieces) {
      set.add(p.trim().toLowerCase());
    }
@@ -51,7 +53,7 @@ export abstract class BaseDirectoryService {

  protected filterOutResult(setFilter: [boolean, Set<string>], result: string) {
    if (setFilter != null) {
-            const cleanResult = result != null ? result.trim().toLowerCase() : '--';
+      const cleanResult = result != null ? result.trim().toLowerCase() : "--";
      const excluded = setFilter[0];
      const set = setFilter[1];

@@ -65,14 +67,21 @@ export abstract class BaseDirectoryService {
    return false;
  }

-    protected filterUsersFromGroupsSet(users: UserEntry[], groups: GroupEntry[],
-        setFilter: [boolean, Set<string>]): UserEntry[] {
+  protected filterUsersFromGroupsSet(
+    users: UserEntry[],
+    groups: GroupEntry[],
+    setFilter: [boolean, Set<string>],
+    syncConfig: SyncConfiguration
+  ): UserEntry[] {
    if (setFilter == null || users == null) {
      return users;
    }

    return users.filter((u) => {
-            if (u.disabled || u.deleted) {
+      if (u.deleted) {
+        return true;
+      }
+      if (u.disabled && syncConfig.removeDisabled) {
        return true;
      }

--- a/src/services/configuration.service.ts
+++ b/src/services/configuration.service.ts
@@ -1,210 +0,0 @@
-import { DirectoryType } from '../enums/directoryType';
-
-import { StorageService } from 'jslib/abstractions/storage.service';
-import { AzureConfiguration } from '../models/azureConfiguration';
-import { GSuiteConfiguration } from '../models/gsuiteConfiguration';
-import { LdapConfiguration } from '../models/ldapConfiguration';
-import { OktaConfiguration } from '../models/oktaConfiguration';
-import { SyncConfiguration } from '../models/syncConfiguration';
-
-const StoredSecurely = '[STORED SECURELY]';
-const Keys = {
-    ldap: 'ldapPassword',
-    gsuite: 'gsuitePrivateKey',
-    azure: 'azureKey',
-    okta: 'oktaToken',
-    directoryConfigPrefix: 'directoryConfig_',
-    sync: 'syncConfig',
-    directoryType: 'directoryType',
-    userDelta: 'userDeltaToken',
-    groupDelta: 'groupDeltaToken',
-    lastUserSync: 'lastUserSync',
-    lastGroupSync: 'lastGroupSync',
-    lastSyncHash: 'lastSyncHash',
-    organizationId: 'organizationId',
-};
-
-export class ConfigurationService {
-    constructor(private storageService: StorageService, private secureStorageService: StorageService) { }
-
-    async getDirectory<T>(type: DirectoryType): Promise<T> {
-        const config = await this.storageService.get<T>(Keys.directoryConfigPrefix + type);
-        if (config == null) {
-            return config;
-        }
-
-        switch (type) {
-            case DirectoryType.Ldap:
-                (config as any).password = await this.secureStorageService.get<string>(Keys.ldap);
-                break;
-            case DirectoryType.AzureActiveDirectory:
-                (config as any).key = await this.secureStorageService.get<string>(Keys.azure);
-                break;
-            case DirectoryType.Okta:
-                (config as any).token = await this.secureStorageService.get<string>(Keys.okta);
-                break;
-            case DirectoryType.GSuite:
-                (config as any).privateKey = await this.secureStorageService.get<string>(Keys.gsuite);
-                break;
-        }
-        return config;
-    }
-
-    async saveDirectory(type: DirectoryType,
-        config: LdapConfiguration | GSuiteConfiguration | AzureConfiguration | OktaConfiguration): Promise<any> {
-        const savedConfig: any = Object.assign({}, config);
-        switch (type) {
-            case DirectoryType.Ldap:
-                if (savedConfig.password == null) {
-                    await this.secureStorageService.remove(Keys.ldap);
-                } else {
-                    await this.secureStorageService.save(Keys.ldap, savedConfig.password);
-                    savedConfig.password = StoredSecurely;
-                }
-                break;
-            case DirectoryType.AzureActiveDirectory:
-                if (savedConfig.key == null) {
-                    await this.secureStorageService.remove(Keys.azure);
-                } else {
-                    await this.secureStorageService.save(Keys.azure, savedConfig.key);
-                    savedConfig.key = StoredSecurely;
-                }
-                break;
-            case DirectoryType.Okta:
-                if (savedConfig.token == null) {
-                    await this.secureStorageService.remove(Keys.okta);
-                } else {
-                    await this.secureStorageService.save(Keys.okta, savedConfig.token);
-                    savedConfig.token = StoredSecurely;
-                }
-                break;
-            case DirectoryType.GSuite:
-                if (savedConfig.privateKey == null) {
-                    await this.secureStorageService.remove(Keys.gsuite);
-                } else {
-                    (config as GSuiteConfiguration).privateKey = savedConfig.privateKey =
-                        savedConfig.privateKey.replace(/\\n/g, '\n');
-                    await this.secureStorageService.save(Keys.gsuite, savedConfig.privateKey);
-                    savedConfig.privateKey = StoredSecurely;
-                }
-                break;
-        }
-        await this.storageService.save(Keys.directoryConfigPrefix + type, savedConfig);
-    }
-
-    getSync(): Promise<SyncConfiguration> {
-        return this.storageService.get<SyncConfiguration>(Keys.sync);
-    }
-
-    saveSync(config: SyncConfiguration) {
-        return this.storageService.save(Keys.sync, config);
-    }
-
-    getDirectoryType(): Promise<DirectoryType> {
-        return this.storageService.get<DirectoryType>(Keys.directoryType);
-    }
-
-    async saveDirectoryType(type: DirectoryType) {
-        const currentType = await this.getDirectoryType();
-        if (type !== currentType) {
-            await this.clearStatefulSettings();
-        }
-
-        return this.storageService.save(Keys.directoryType, type);
-    }
-
-    getUserDeltaToken(): Promise<string> {
-        return this.storageService.get<string>(Keys.userDelta);
-    }
-
-    saveUserDeltaToken(token: string) {
-        if (token == null) {
-            return this.storageService.remove(Keys.userDelta);
-        } else {
-            return this.storageService.save(Keys.userDelta, token);
-        }
-    }
-
-    getGroupDeltaToken(): Promise<string> {
-        return this.storageService.get<string>(Keys.groupDelta);
-    }
-
-    saveGroupDeltaToken(token: string) {
-        if (token == null) {
-            return this.storageService.remove(Keys.groupDelta);
-        } else {
-            return this.storageService.save(Keys.groupDelta, token);
-        }
-    }
-
-    async getLastUserSyncDate(): Promise<Date> {
-        const dateString = await this.storageService.get<string>(Keys.lastUserSync);
-        if (dateString == null) {
-            return null;
-        }
-        return new Date(dateString);
-    }
-
-    saveLastUserSyncDate(date: Date) {
-        if (date == null) {
-            return this.storageService.remove(Keys.lastUserSync);
-        } else {
-            return this.storageService.save(Keys.lastUserSync, date);
-        }
-    }
-
-    async getLastGroupSyncDate(): Promise<Date> {
-        const dateString = await this.storageService.get<string>(Keys.lastGroupSync);
-        if (dateString == null) {
-            return null;
-        }
-        return new Date(dateString);
-    }
-
-    saveLastGroupSyncDate(date: Date) {
-        if (date == null) {
-            return this.storageService.remove(Keys.lastGroupSync);
-        } else {
-            return this.storageService.save(Keys.lastGroupSync, date);
-        }
-    }
-
-    getLastSyncHash(): Promise<string> {
-        return this.storageService.get<string>(Keys.lastSyncHash);
-    }
-
-    saveLastSyncHash(hash: string) {
-        if (hash == null) {
-            return this.storageService.remove(Keys.lastSyncHash);
-        } else {
-            return this.storageService.save(Keys.lastSyncHash, hash);
-        }
-    }
-
-    getOrganizationId(): Promise<string> {
-        return this.storageService.get<string>(Keys.organizationId);
-    }
-
-    async saveOrganizationId(id: string) {
-        const currentId = await this.getOrganizationId();
-        if (currentId !== id) {
-            await this.clearStatefulSettings();
-        }
-
-        if (id == null) {
-            return this.storageService.remove(Keys.organizationId);
-        } else {
-            return this.storageService.save(Keys.organizationId, id);
-        }
-    }
-
-    async clearStatefulSettings(hashToo = false) {
-        await this.saveUserDeltaToken(null);
-        await this.saveGroupDeltaToken(null);
-        await this.saveLastGroupSyncDate(null);
-        await this.saveLastUserSyncDate(null);
-        if (hashToo) {
-            await this.saveLastSyncHash(null);
-        }
-    }
-}
--- a/src/services/directory.service.ts
+++ b/src/services/directory.service.ts
@@ -1,6 +1,6 @@
-import { GroupEntry } from '../models/groupEntry';
-import { UserEntry } from '../models/userEntry';
+import { GroupEntry } from "../models/groupEntry";
+import { UserEntry } from "../models/userEntry";

-export interface DirectoryService {
+export interface IDirectoryService {
  getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]>;
 }
--- a/src/services/gsuite-directory.service.ts
+++ b/src/services/gsuite-directory.service.ts
@@ -1,55 +1,57 @@
-import { JWT } from 'google-auth-library';
-import {
-    admin_directory_v1,
-    google,
-} from 'googleapis';
+import { JWT } from "google-auth-library";
+import { admin_directory_v1, google } from "googleapis";

-import { DirectoryType } from '../enums/directoryType';
+import { DirectoryType } from "../enums/directoryType";

-import { GroupEntry } from '../models/groupEntry';
-import { GSuiteConfiguration } from '../models/gsuiteConfiguration';
-import { SyncConfiguration } from '../models/syncConfiguration';
-import { UserEntry } from '../models/userEntry';
+import { GroupEntry } from "../models/groupEntry";
+import { GSuiteConfiguration } from "../models/gsuiteConfiguration";
+import { SyncConfiguration } from "../models/syncConfiguration";
+import { UserEntry } from "../models/userEntry";

-import { BaseDirectoryService } from './baseDirectory.service';
-import { ConfigurationService } from './configuration.service';
-import { DirectoryService } from './directory.service';
+import { BaseDirectoryService } from "./baseDirectory.service";
+import { IDirectoryService } from "./directory.service";

-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { LogService } from 'jslib/abstractions/log.service';
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";
+import { StateService } from "../abstractions/state.service";

-export class GSuiteDirectoryService extends BaseDirectoryService implements DirectoryService {
+export class GSuiteDirectoryService extends BaseDirectoryService implements IDirectoryService {
  private client: JWT;
  private service: admin_directory_v1.Admin;
  private authParams: any;
  private dirConfig: GSuiteConfiguration;
  private syncConfig: SyncConfiguration;

-    constructor(private configurationService: ConfigurationService, private logService: LogService,
-        private i18nService: I18nService) {
+  constructor(
+    private logService: LogService,
+    private i18nService: I18nService,
+    private stateService: StateService
+  ) {
    super();
-        this.service = google.admin('directory_v1');
+    this.service = google.admin("directory_v1");
  }

  async getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
-        const type = await this.configurationService.getDirectoryType();
+    const type = await this.stateService.getDirectoryType();
    if (type !== DirectoryType.GSuite) {
      return;
    }

-        this.dirConfig = await this.configurationService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite);
+    this.dirConfig = await this.stateService.getDirectory<GSuiteConfiguration>(
+      DirectoryType.GSuite
+    );
    if (this.dirConfig == null) {
      return;
    }

-        this.syncConfig = await this.configurationService.getSync();
+    this.syncConfig = await this.stateService.getSync();
    if (this.syncConfig == null) {
      return;
    }

    await this.auth();

-        let users: UserEntry[];
+    let users: UserEntry[] = [];
    if (this.syncConfig.users) {
      users = await this.getUsers();
    }
@@ -57,8 +59,8 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
    let groups: GroupEntry[];
    if (this.syncConfig.groups) {
      const setFilter = this.createCustomSet(this.syncConfig.groupFilter);
-            groups = await this.getGroups(setFilter);
-            users = this.filterUsersFromGroupsSet(users, groups, setFilter);
+      groups = await this.getGroups(setFilter, users);
+      users = this.filterUsersFromGroupsSet(users, groups, setFilter, this.syncConfig);
    }

    return [groups, users];
@@ -71,11 +73,11 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire

    const filter = this.createCustomSet(this.syncConfig.userFilter);
    while (true) {
-            this.logService.info('Querying users - nextPageToken:' + nextPageToken);
+      this.logService.info("Querying users - nextPageToken:" + nextPageToken);
      const p = Object.assign({ query: query, pageToken: nextPageToken }, this.authParams);
      const res = await this.service.users.list(p);
      if (res.status !== 200) {
-                throw new Error('User list API failed: ' + res.statusText);
+        throw new Error("User list API failed: " + res.statusText);
      }

      nextPageToken = res.data.nextPageToken;
@@ -98,11 +100,14 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire

    nextPageToken = null;
    while (true) {
-            this.logService.info('Querying deleted users - nextPageToken:' + nextPageToken);
-            const p = Object.assign({ showDeleted: true, query: query, pageToken: nextPageToken }, this.authParams);
+      this.logService.info("Querying deleted users - nextPageToken:" + nextPageToken);
+      const p = Object.assign(
+        { showDeleted: true, query: query, pageToken: nextPageToken },
+        this.authParams
+      );
      const delRes = await this.service.users.list(p);
      if (delRes.status !== 200) {
-                throw new Error('Deleted user list API failed: ' + delRes.statusText);
+        throw new Error("Deleted user list API failed: " + delRes.statusText);
      }

      nextPageToken = delRes.data.nextPageToken;
@@ -127,7 +132,7 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
  }

  private buildUser(user: admin_directory_v1.Schema$User, deleted: boolean) {
-        if ((user.emails == null || user.emails === '') && !deleted) {
+    if ((user.emails == null || user.emails === "") && !deleted) {
      return null;
    }

@@ -140,23 +145,26 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
    return entry;
  }

-    private async getGroups(setFilter: [boolean, Set<string>]): Promise<GroupEntry[]> {
+  private async getGroups(
+    setFilter: [boolean, Set<string>],
+    users: UserEntry[]
+  ): Promise<GroupEntry[]> {
    const entries: GroupEntry[] = [];
    let nextPageToken: string = null;

    while (true) {
-            this.logService.info('Querying groups - nextPageToken:' + nextPageToken);
+      this.logService.info("Querying groups - nextPageToken:" + nextPageToken);
      const p = Object.assign({ pageToken: nextPageToken }, this.authParams);
      const res = await this.service.groups.list(p);
      if (res.status !== 200) {
-                throw new Error('Group list API failed: ' + res.statusText);
+        throw new Error("Group list API failed: " + res.statusText);
      }

      nextPageToken = res.data.nextPageToken;
      if (res.data.groups != null) {
        for (const group of res.data.groups) {
          if (!this.filterOutResult(setFilter, group.name)) {
-                        const entry = await this.buildGroup(group);
+            const entry = await this.buildGroup(group, users);
            entries.push(entry);
          }
        }
@@ -170,7 +178,7 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
    return entries;
  }

-    private async buildGroup(group: admin_directory_v1.Schema$Group) {
+  private async buildGroup(group: admin_directory_v1.Schema$Group, users: UserEntry[]) {
    let nextPageToken: string = null;

    const entry = new GroupEntry();
@@ -182,7 +190,7 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
      const p = Object.assign({ groupKey: group.id, pageToken: nextPageToken }, this.authParams);
      const memRes = await this.service.members.list(p);
      if (memRes.status !== 200) {
-                this.logService.warning('Group member list API failed: ' + memRes.statusText);
+        this.logService.warning("Group member list API failed: " + memRes.statusText);
        return entry;
      }

@@ -192,18 +200,18 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
          if (member.type == null) {
            continue;
          }
-                    if (member.role == null || member.role.toLowerCase() !== 'member') {
-                        continue;
-                    }
-                    if (member.status == null || member.status.toLowerCase() !== 'active') {
-                        continue;
-                    }
-
          const type = member.type.toLowerCase();
-                    if (type === 'user') {
+          if (type === "user") {
+            if (member.status == null || member.status.toLowerCase() !== "active") {
+              continue;
+            }
            entry.userMemberExternalIds.add(member.id);
-                    } else if (type === 'group') {
+          } else if (type === "group") {
            entry.groupMemberReferenceIds.add(member.id);
+          } else if (type === "customer") {
+            for (const user of users) {
+              entry.userMemberExternalIds.add(user.externalId);
+            }
          }
        }
      }
@@ -217,9 +225,13 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
  }

  private async auth() {
-        if (this.dirConfig.clientEmail == null || this.dirConfig.privateKey == null ||
-            this.dirConfig.adminUser == null || this.dirConfig.domain == null) {
-            throw new Error(this.i18nService.t('dirConfigIncomplete'));
+    if (
+      this.dirConfig.clientEmail == null ||
+      this.dirConfig.privateKey == null ||
+      this.dirConfig.adminUser == null ||
+      this.dirConfig.domain == null
+    ) {
+      throw new Error(this.i18nService.t("dirConfigIncomplete"));
    }

    this.client = new google.auth.JWT({
@@ -227,9 +239,9 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
      key: this.dirConfig.privateKey != null ? this.dirConfig.privateKey.trimLeft() : null,
      subject: this.dirConfig.adminUser,
      scopes: [
-                'https://www.googleapis.com/auth/admin.directory.user.readonly',
-                'https://www.googleapis.com/auth/admin.directory.group.readonly',
-                'https://www.googleapis.com/auth/admin.directory.group.member.readonly',
+        "https://www.googleapis.com/auth/admin.directory.user.readonly",
+        "https://www.googleapis.com/auth/admin.directory.group.readonly",
+        "https://www.googleapis.com/auth/admin.directory.group.member.readonly",
      ],
    });

@@ -238,10 +250,10 @@ export class GSuiteDirectoryService extends BaseDirectoryService implements Dire
    this.authParams = {
      auth: this.client,
    };
-        if (this.dirConfig.domain != null && this.dirConfig.domain.trim() !== '') {
+    if (this.dirConfig.domain != null && this.dirConfig.domain.trim() !== "") {
      this.authParams.domain = this.dirConfig.domain;
    }
-        if (this.dirConfig.customer != null && this.dirConfig.customer.trim() !== '') {
+    if (this.dirConfig.customer != null && this.dirConfig.customer.trim() !== "") {
      this.authParams.customer = this.dirConfig.customer;
    }
  }
--- a/src/services/i18n.service.ts
+++ b/src/services/i18n.service.ts
@@ -1,14 +1,17 @@
-import * as fs from 'fs';
-import * as path from 'path';
+import * as fs from "fs";
+import * as path from "path";

-import { I18nService as BaseI18nService } from 'jslib/services/i18n.service';
+import { I18nService as BaseI18nService } from "jslib-common/services/i18n.service";

 export class I18nService extends BaseI18nService {
  constructor(systemLanguage: string, localesDirectory: string) {
    super(systemLanguage, localesDirectory, (formattedLocale: string) => {
-            const filePath = path.join(__dirname, this.localesDirectory + '/' + formattedLocale + '/messages.json');
-            const localesJson = fs.readFileSync(filePath, 'utf8');
-            const locales = JSON.parse(localesJson.replace(/^\uFEFF/, '')); // strip the BOM
+      const filePath = path.join(
+        __dirname,
+        this.localesDirectory + "/" + formattedLocale + "/messages.json"
+      );
+      const localesJson = fs.readFileSync(filePath, "utf8");
+      const locales = JSON.parse(localesJson.replace(/^\uFEFF/, "")); // strip the BOM
      return Promise.resolve(locales);
    });
  }
--- a/src/services/keytarSecureStorage.service.ts
+++ b/src/services/keytarSecureStorage.service.ts
@@ -1,13 +1,9 @@
-import {
-    deletePassword,
-    getPassword,
-    setPassword,
-} from 'keytar';
+import { deletePassword, getPassword, setPassword } from "keytar";

-import { StorageService } from 'jslib/abstractions/storage.service';
+import { StorageService } from "jslib-common/abstractions/storage.service";

 export class KeytarSecureStorageService implements StorageService {
-    constructor(private serviceName: string) { }
+  constructor(private serviceName: string) {}

  get<T>(key: string): Promise<T> {
    return getPassword(this.serviceName, key).then((val) => {
@@ -15,6 +11,10 @@ export class KeytarSecureStorageService implements StorageService {
    });
  }

+  async has(key: string): Promise<boolean> {
+    return (await this.get(key)) != null;
+  }
+
  save(key: string, obj: any): Promise<any> {
    return setPassword(this.serviceName, key, JSON.stringify(obj));
  }
--- a/src/services/ldap-directory.service.ts
+++ b/src/services/ldap-directory.service.ts
@@ -1,43 +1,48 @@
-import * as fs from 'fs';
-import * as ldap from 'ldapjs';
+import * as fs from "fs";
+import * as ldap from "ldapjs";

-import { DirectoryType } from '../enums/directoryType';
+import { checkServerIdentity, PeerCertificate } from "tls";

-import { GroupEntry } from '../models/groupEntry';
-import { LdapConfiguration } from '../models/ldapConfiguration';
-import { SyncConfiguration } from '../models/syncConfiguration';
-import { UserEntry } from '../models/userEntry';
+import { DirectoryType } from "../enums/directoryType";

-import { ConfigurationService } from './configuration.service';
-import { DirectoryService } from './directory.service';
+import { GroupEntry } from "../models/groupEntry";
+import { LdapConfiguration } from "../models/ldapConfiguration";
+import { SyncConfiguration } from "../models/syncConfiguration";
+import { UserEntry } from "../models/userEntry";

-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { LogService } from 'jslib/abstractions/log.service';
+import { IDirectoryService } from "./directory.service";

-import { Utils } from 'jslib/misc/utils';
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";
+import { StateService } from "../abstractions/state.service";
+
+import { Utils } from "jslib-common/misc/utils";

 const UserControlAccountDisabled = 2;

-export class LdapDirectoryService implements DirectoryService {
+export class LdapDirectoryService implements IDirectoryService {
  private client: ldap.Client;
  private dirConfig: LdapConfiguration;
  private syncConfig: SyncConfiguration;

-    constructor(private configurationService: ConfigurationService, private logService: LogService,
-        private i18nService: I18nService) { }
+  constructor(
+    private logService: LogService,
+    private i18nService: I18nService,
+    private stateService: StateService
+  ) {}

  async getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
-        const type = await this.configurationService.getDirectoryType();
+    const type = await this.stateService.getDirectoryType();
    if (type !== DirectoryType.Ldap) {
      return;
    }

-        this.dirConfig = await this.configurationService.getDirectory<LdapConfiguration>(DirectoryType.Ldap);
+    this.dirConfig = await this.stateService.getDirectory<LdapConfiguration>(DirectoryType.Ldap);
    if (this.dirConfig == null) {
      return;
    }

-        this.syncConfig = await this.configurationService.getSync();
+    this.syncConfig = await this.stateService.getSync();
    if (this.syncConfig == null) {
      return;
    }
@@ -64,31 +69,40 @@ export class LdapDirectoryService implements DirectoryService {
  }

  private async getUsers(force: boolean): Promise<UserEntry[]> {
-        const lastSync = await this.configurationService.getLastUserSyncDate();
+    const lastSync = await this.stateService.getLastUserSync();
    let filter = this.buildBaseFilter(this.syncConfig.userObjectClass, this.syncConfig.userFilter);
    filter = this.buildRevisionFilter(filter, force, lastSync);

    const path = this.makeSearchPath(this.syncConfig.userPath);
-        this.logService.info('User search: ' + path + ' => ' + filter);
+    this.logService.info("User search: " + path + " => " + filter);

-        const regularUsers = await this.search<UserEntry>(path, filter, (se: any) => this.buildUser(se, false));
+    const regularUsers = await this.search<UserEntry>(path, filter, (se: any) =>
+      this.buildUser(se, false)
+    );
    if (!this.dirConfig.ad) {
      return regularUsers;
    }

    try {
-            let deletedFilter = this.buildBaseFilter(this.syncConfig.userObjectClass, '(isDeleted=TRUE)');
+      let deletedFilter = this.buildBaseFilter(this.syncConfig.userObjectClass, "(isDeleted=TRUE)");
      deletedFilter = this.buildRevisionFilter(deletedFilter, force, lastSync);

-            const deletedPath = this.makeSearchPath('CN=Deleted Objects');
-            this.logService.info('Deleted user search: ' + deletedPath + ' => ' + deletedFilter);
+      const deletedPath = this.makeSearchPath("CN=Deleted Objects");
+      this.logService.info("Deleted user search: " + deletedPath + " => " + deletedFilter);

-            const delControl = new (ldap as any).Control({ type: '1.2.840.113556.1.4.417', criticality: true });
-            const deletedUsers = await this.search<UserEntry>(deletedPath, deletedFilter,
-                (se: any) => this.buildUser(se, true), [delControl]);
+      const delControl = new (ldap as any).Control({
+        type: "1.2.840.113556.1.4.417",
+        criticality: true,
+      });
+      const deletedUsers = await this.search<UserEntry>(
+        deletedPath,
+        deletedFilter,
+        (se: any) => this.buildUser(se, true),
+        [delControl]
+      );
      return regularUsers.concat(deletedUsers);
    } catch (e) {
-            this.logService.warning('Cannot query deleted users.');
+      this.logService.warning("Cannot query deleted users.");
      return regularUsers;
    }
  }
@@ -105,8 +119,12 @@ export class LdapDirectoryService implements DirectoryService {
    user.externalId = this.getExternalId(searchEntry, user.referenceId);
    user.disabled = this.entryDisabled(searchEntry);
    user.email = this.getAttr(searchEntry, this.syncConfig.userEmailAttribute);
-        if (user.email == null && this.syncConfig.useEmailPrefixSuffix &&
-            this.syncConfig.emailPrefixAttribute != null && this.syncConfig.emailSuffix != null) {
+    if (
+      user.email == null &&
+      this.syncConfig.useEmailPrefixSuffix &&
+      this.syncConfig.emailPrefixAttribute != null &&
+      this.syncConfig.emailSuffix != null
+    ) {
      const prefixAttr = this.getAttr(searchEntry, this.syncConfig.emailPrefixAttribute);
      if (prefixAttr != null) {
        user.email = prefixAttr + this.syncConfig.emailSuffix;
@@ -117,7 +135,7 @@ export class LdapDirectoryService implements DirectoryService {
      user.email = user.email.trim().toLowerCase();
    }

-        if (!user.deleted && (user.email == null || user.email.trim() === '')) {
+    if (!user.deleted && (user.email == null || user.email.trim() === "")) {
      return null;
    }

@@ -127,15 +145,18 @@ export class LdapDirectoryService implements DirectoryService {
  private async getGroups(force: boolean): Promise<GroupEntry[]> {
    const entries: GroupEntry[] = [];

-        const lastSync = await this.configurationService.getLastUserSyncDate();
-        const originalFilter = this.buildBaseFilter(this.syncConfig.groupObjectClass, this.syncConfig.groupFilter);
+    const lastSync = await this.stateService.getLastUserSync();
+    const originalFilter = this.buildBaseFilter(
+      this.syncConfig.groupObjectClass,
+      this.syncConfig.groupFilter
+    );
    let filter = originalFilter;
    const revisionFilter = this.buildRevisionFilter(filter, force, lastSync);
    const searchSinceRevision = filter !== revisionFilter;
    filter = revisionFilter;

    const path = this.makeSearchPath(this.syncConfig.groupPath);
-        this.logService.info('Group search: ' + path + ' => ' + filter);
+    this.logService.info("Group search: " + path + " => " + filter);

    let groupSearchEntries: any[] = [];
    const initialSearchGroupIds = await this.search<string>(path, filter, (se: any) => {
@@ -149,7 +170,10 @@ export class LdapDirectoryService implements DirectoryService {
      groupSearchEntries = await this.search<string>(path, originalFilter, (se: any) => se);
    }

-        const userFilter = this.buildBaseFilter(this.syncConfig.userObjectClass, this.syncConfig.userFilter);
+    const userFilter = this.buildBaseFilter(
+      this.syncConfig.userObjectClass,
+      this.syncConfig.userFilter
+    );
    const userPath = this.makeSearchPath(this.syncConfig.userPath);
    const userIdMap = new Map<string, string>();
    await this.search<string>(userPath, userFilter, (se: any) => {
@@ -178,7 +202,7 @@ export class LdapDirectoryService implements DirectoryService {

    group.name = this.getAttr(searchEntry, this.syncConfig.groupNameAttribute);
    if (group.name == null) {
-            group.name = this.getAttr(searchEntry, 'cn');
+      group.name = this.getAttr(searchEntry, "cn");
    }

    if (group.name == null) {
@@ -200,7 +224,7 @@ export class LdapDirectoryService implements DirectoryService {
  }

  private getExternalId(searchEntry: any, referenceId: string) {
-        const attrObj = this.getAttrObj(searchEntry, 'objectGUID');
+    const attrObj = this.getAttrObj(searchEntry, "objectGUID");
    if (attrObj != null && attrObj._vals != null && attrObj._vals.length > 0) {
      return this.bufToGuid(attrObj._vals[0]);
    } else {
@@ -210,32 +234,35 @@ export class LdapDirectoryService implements DirectoryService {

  private buildBaseFilter(objectClass: string, subFilter: string): string {
    let filter = this.buildObjectClassFilter(objectClass);
-        if (subFilter != null && subFilter.trim() !== '') {
-            filter = '(&' + filter + subFilter + ')';
+    if (subFilter != null && subFilter.trim() !== "") {
+      filter = "(&" + filter + subFilter + ")";
    }
    return filter;
  }

  private buildObjectClassFilter(objectClass: string): string {
-        return '(&(objectClass=' + objectClass + '))';
+    return "(&(objectClass=" + objectClass + "))";
  }

  private buildRevisionFilter(baseFilter: string, force: boolean, lastRevisionDate: Date) {
    const revisionAttr = this.syncConfig.revisionDateAttribute;
-        if (!force && lastRevisionDate != null && revisionAttr != null && revisionAttr.trim() !== '') {
-            const dateString = lastRevisionDate.toISOString().replace(/[-:T]/g, '').substr(0, 16) + 'Z';
-            baseFilter = '(&' + baseFilter + '(' + revisionAttr + '>=' + dateString + '))';
+    if (!force && lastRevisionDate != null && revisionAttr != null && revisionAttr.trim() !== "") {
+      const dateString = lastRevisionDate.toISOString().replace(/[-:T]/g, "").substr(0, 16) + "Z";
+      baseFilter = "(&" + baseFilter + "(" + revisionAttr + ">=" + dateString + "))";
    }

    return baseFilter;
  }

  private makeSearchPath(pathPrefix: string) {
-        if (this.dirConfig.rootPath != null && this.dirConfig.rootPath.trim() !== '') {
+    if (this.dirConfig.rootPath.toLowerCase().indexOf("dc=") === -1) {
+      return pathPrefix;
+    }
+    if (this.dirConfig.rootPath != null && this.dirConfig.rootPath.trim() !== "") {
      const trimmedRootPath = this.dirConfig.rootPath.trim().toLowerCase();
-            let path = trimmedRootPath.substr(trimmedRootPath.indexOf('dc='));
-            if (pathPrefix != null && pathPrefix.trim() !== '') {
-                path = pathPrefix.trim() + ',' + path;
+      let path = trimmedRootPath.substr(trimmedRootPath.indexOf("dc="));
+      if (pathPrefix != null && pathPrefix.trim() !== "") {
+        path = pathPrefix.trim() + "," + path;
      }
      return path;
    }
@@ -249,7 +276,12 @@ export class LdapDirectoryService implements DirectoryService {
    }

    const attrs = searchEntry.attributes.filter((a: any) => a.type === attr);
-        if (attrs == null || attrs.length === 0 || attrs[0].vals == null || attrs[0].vals.length === 0) {
+    if (
+      attrs == null ||
+      attrs.length === 0 ||
+      attrs[0].vals == null ||
+      attrs[0].vals.length === 0
+    ) {
      return null;
    }

@@ -273,24 +305,30 @@ export class LdapDirectoryService implements DirectoryService {
  }

  private entryDisabled(searchEntry: any): boolean {
-        const c = this.getAttr(searchEntry, 'userAccountControl');
+    const c = this.getAttr(searchEntry, "userAccountControl");
    if (c != null) {
      try {
        const control = parseInt(c, null);
        // tslint:disable-next-line
        return (control & UserControlAccountDisabled) === UserControlAccountDisabled;
-            } catch { }
+      } catch (e) {
+        this.logService.error(e);
+      }
    }

    return false;
  }

-    private async search<T>(path: string, filter: string, processEntry: (searchEntry: any) => T,
-        controls: ldap.Control[] = []): Promise<T[]> {
+  private async search<T>(
+    path: string,
+    filter: string,
+    processEntry: (searchEntry: any) => T,
+    controls: ldap.Control[] = []
+  ): Promise<T[]> {
    const options: ldap.SearchOptions = {
      filter: filter,
-            scope: 'sub',
-            paged: true,
+      scope: "sub",
+      paged: this.dirConfig.pagedSearch,
    };
    const entries: T[] = [];
    return new Promise<T[]>((resolve, reject) => {
@@ -300,18 +338,18 @@ export class LdapDirectoryService implements DirectoryService {
          return;
        }

-                res.on('error', (resErr) => {
+        res.on("error", (resErr) => {
          reject(resErr);
        });

-                res.on('searchEntry', (entry) => {
+        res.on("searchEntry", (entry) => {
          const e = processEntry(entry);
          if (e != null) {
            entries.push(e);
          }
        });

-                res.on('end', (result) => {
+        res.on("end", (result) => {
          resolve(entries);
        });
      });
@@ -319,51 +357,89 @@ export class LdapDirectoryService implements DirectoryService {
  }

  private async bind(): Promise<any> {
-        return new Promise((resolve, reject) => {
+    return new Promise<void>((resolve, reject) => {
      if (this.dirConfig.hostname == null || this.dirConfig.port == null) {
-                reject(this.i18nService.t('dirConfigIncomplete'));
+        reject(this.i18nService.t("dirConfigIncomplete"));
        return;
      }
-
-            const url = 'ldap' + (this.dirConfig.ssl ? 's' : '') + '://' + this.dirConfig.hostname +
-                ':' + this.dirConfig.port;
+      const protocol = "ldap" + (this.dirConfig.ssl && !this.dirConfig.startTls ? "s" : "");
+      const url = protocol + "://" + this.dirConfig.hostname + ":" + this.dirConfig.port;
      const options: ldap.ClientOptions = {
        url: url.trim().toLowerCase(),
      };
-            if (this.dirConfig.ssl) {
+
      const tlsOptions: any = {};
-                if (this.dirConfig.sslAllowUnauthorized != null) {
+      if (this.dirConfig.ssl) {
+        if (this.dirConfig.sslAllowUnauthorized) {
          tlsOptions.rejectUnauthorized = !this.dirConfig.sslAllowUnauthorized;
        }
-                if (this.dirConfig.sslCaPath != null && this.dirConfig.sslCaPath !== '' &&
-                    fs.existsSync(this.dirConfig.sslCaPath)) {
+        if (!this.dirConfig.startTls) {
+          if (
+            this.dirConfig.sslCaPath != null &&
+            this.dirConfig.sslCaPath !== "" &&
+            fs.existsSync(this.dirConfig.sslCaPath)
+          ) {
            tlsOptions.ca = [fs.readFileSync(this.dirConfig.sslCaPath)];
          }
-                if (this.dirConfig.sslCertPath != null && this.dirConfig.sslCertPath !== '' &&
-                    fs.existsSync(this.dirConfig.sslCertPath)) {
+          if (
+            this.dirConfig.sslCertPath != null &&
+            this.dirConfig.sslCertPath !== "" &&
+            fs.existsSync(this.dirConfig.sslCertPath)
+          ) {
            tlsOptions.cert = fs.readFileSync(this.dirConfig.sslCertPath);
          }
-                if (this.dirConfig.sslKeyPath != null && this.dirConfig.sslKeyPath !== '' &&
-                    fs.existsSync(this.dirConfig.sslKeyPath)) {
+          if (
+            this.dirConfig.sslKeyPath != null &&
+            this.dirConfig.sslKeyPath !== "" &&
+            fs.existsSync(this.dirConfig.sslKeyPath)
+          ) {
            tlsOptions.key = fs.readFileSync(this.dirConfig.sslKeyPath);
          }
-                if (Object.keys(tlsOptions).length > 0) {
+        } else {
+          if (
+            this.dirConfig.tlsCaPath != null &&
+            this.dirConfig.tlsCaPath !== "" &&
+            fs.existsSync(this.dirConfig.tlsCaPath)
+          ) {
+            tlsOptions.ca = [fs.readFileSync(this.dirConfig.tlsCaPath)];
+          }
+        }
+      }
+
+      tlsOptions.checkServerIdentity = this.checkServerIdentityAltNames;
      options.tlsOptions = tlsOptions;
-                }
-            }

      this.client = ldap.createClient(options);

-            const user = this.dirConfig.username == null || this.dirConfig.username.trim() === '' ? null :
-                this.dirConfig.username;
-            const pass = this.dirConfig.password == null || this.dirConfig.password.trim() === '' ? null :
-                this.dirConfig.password;
+      const user =
+        this.dirConfig.username == null || this.dirConfig.username.trim() === ""
+          ? null
+          : this.dirConfig.username;
+      const pass =
+        this.dirConfig.password == null || this.dirConfig.password.trim() === ""
+          ? null
+          : this.dirConfig.password;

      if (user == null || pass == null) {
-                reject(this.i18nService.t('usernamePasswordNotConfigured'));
+        reject(this.i18nService.t("usernamePasswordNotConfigured"));
        return;
      }

+      if (this.dirConfig.startTls && this.dirConfig.ssl) {
+        this.client.starttls(options.tlsOptions, undefined, (err, res) => {
+          if (err != null) {
+            reject(err.message);
+          } else {
+            this.client.bind(user, pass, (err2) => {
+              if (err2 != null) {
+                reject(err2.message);
+              } else {
+                resolve();
+              }
+            });
+          }
+        });
+      } else {
        this.client.bind(user, pass, (err) => {
          if (err != null) {
            reject(err.message);
@@ -371,10 +447,11 @@ export class LdapDirectoryService implements DirectoryService {
            resolve();
          }
        });
+      }
    });
  }

-    private async unbind(): Promise<any> {
+  private async unbind(): Promise<void> {
    return new Promise((resolve, reject) => {
      this.client.unbind((err) => {
        if (err != null) {
@@ -393,8 +470,35 @@ export class LdapDirectoryService implements DirectoryService {
    const p3 = arr.slice(6, 8).reverse().buffer;
    const p4 = arr.slice(8, 10).buffer;
    const p5 = arr.slice(10).buffer;
-        const guid = Utils.fromBufferToHex(p1) + '-' + Utils.fromBufferToHex(p2) + '-' + Utils.fromBufferToHex(p3) +
-            '-' + Utils.fromBufferToHex(p4) + '-' + Utils.fromBufferToHex(p5);
+    const guid =
+      Utils.fromBufferToHex(p1) +
+      "-" +
+      Utils.fromBufferToHex(p2) +
+      "-" +
+      Utils.fromBufferToHex(p3) +
+      "-" +
+      Utils.fromBufferToHex(p4) +
+      "-" +
+      Utils.fromBufferToHex(p5);
    return guid.toLowerCase();
  }
+
+  private checkServerIdentityAltNames(host: string, cert: PeerCertificate) {
+    // Fixes the cert representation when subject is empty and altNames are present
+    // Required for node versions < 12.14.1 (which could be used for bwdc cli)
+    // Adapted from: https://github.com/auth0/ad-ldap-connector/commit/1f4dd2be6ed93dda591dd31ed5483a9b452a8d2a
+    // See https://github.com/nodejs/node/issues/11771 for details
+    if (cert && cert.subject == null && /(IP|DNS|URL)/.test(cert.subjectaltname)) {
+      cert.subject = {
+        C: null,
+        ST: null,
+        L: null,
+        O: null,
+        OU: null,
+        CN: null,
+      };
+    }
+
+    return checkServerIdentity(host, cert);
+  }
 }
--- a/src/services/lowdbStorage.service.ts
+++ b/src/services/lowdbStorage.service.ts
@@ -0,0 +1,34 @@
+import * as lock from "proper-lockfile";
+
+import { LogService } from "jslib-common/abstractions/log.service";
+
+import { LowdbStorageService as LowdbStorageServiceBase } from "jslib-node/services/lowdbStorage.service";
+
+import { Utils } from "jslib-common/misc/utils";
+
+export class LowdbStorageService extends LowdbStorageServiceBase {
+  constructor(
+    logService: LogService,
+    defaults?: any,
+    dir?: string,
+    allowCache = false,
+    private requireLock = false
+  ) {
+    super(logService, defaults, dir, allowCache);
+  }
+
+  protected async lockDbFile<T>(action: () => T): Promise<T> {
+    if (this.requireLock && !Utils.isNullOrWhitespace(this.dataFilePath)) {
+      this.logService.info("acquiring db file lock");
+      return await lock.lock(this.dataFilePath, { retries: 3 }).then((release) => {
+        try {
+          return action();
+        } finally {
+          release();
+        }
+      });
+    } else {
+      return action();
+    }
+  }
+}
--- a/src/services/okta-directory.service.ts
+++ b/src/services/okta-directory.service.ts
@@ -1,55 +1,54 @@
-import { DirectoryType } from '../enums/directoryType';
+import { DirectoryType } from "../enums/directoryType";

-import { GroupEntry } from '../models/groupEntry';
-import { OktaConfiguration } from '../models/oktaConfiguration';
-import { SyncConfiguration } from '../models/syncConfiguration';
-import { UserEntry } from '../models/userEntry';
+import { GroupEntry } from "../models/groupEntry";
+import { OktaConfiguration } from "../models/oktaConfiguration";
+import { SyncConfiguration } from "../models/syncConfiguration";
+import { UserEntry } from "../models/userEntry";

-import { BaseDirectoryService } from './baseDirectory.service';
-import { ConfigurationService } from './configuration.service';
-import { DirectoryService } from './directory.service';
+import { BaseDirectoryService } from "./baseDirectory.service";
+import { IDirectoryService } from "./directory.service";

-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { LogService } from 'jslib/abstractions/log.service';
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";

-// tslint:disable-next-line
-const okta = require('@okta/okta-sdk-nodejs');
+import * as https from "https";
+import { StateService } from "../abstractions/state.service";

-export class OktaDirectoryService extends BaseDirectoryService implements DirectoryService {
+const DelayBetweenBuildGroupCallsInMilliseconds = 500;
+
+export class OktaDirectoryService extends BaseDirectoryService implements IDirectoryService {
  private dirConfig: OktaConfiguration;
  private syncConfig: SyncConfiguration;
-    private client: any;
+  private lastBuildGroupCall: number;

-    constructor(private configurationService: ConfigurationService, private logService: LogService,
-        private i18nService: I18nService) {
+  constructor(
+    private logService: LogService,
+    private i18nService: I18nService,
+    private stateService: StateService
+  ) {
    super();
  }

  async getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
-        const type = await this.configurationService.getDirectoryType();
+    const type = await this.stateService.getDirectoryType();
    if (type !== DirectoryType.Okta) {
      return;
    }

-        this.dirConfig = await this.configurationService.getDirectory<OktaConfiguration>(DirectoryType.Okta);
+    this.dirConfig = await this.stateService.getDirectory<OktaConfiguration>(DirectoryType.Okta);
    if (this.dirConfig == null) {
      return;
    }

-        this.syncConfig = await this.configurationService.getSync();
+    this.syncConfig = await this.stateService.getSync();
    if (this.syncConfig == null) {
      return;
    }

    if (this.dirConfig.orgUrl == null || this.dirConfig.token == null) {
-            throw new Error(this.i18nService.t('dirConfigIncomplete'));
+      throw new Error(this.i18nService.t("dirConfigIncomplete"));
    }

-        this.client = new okta.Client({
-            orgUrl: this.dirConfig.orgUrl,
-            token: this.dirConfig.token,
-        });
-
    let users: UserEntry[];
    if (this.syncConfig.users) {
      users = await this.getUsers(force);
@@ -59,7 +58,7 @@ export class OktaDirectoryService extends BaseDirectoryService implements Direct
    if (this.syncConfig.groups) {
      const setFilter = this.createCustomSet(this.syncConfig.groupFilter);
      groups = await this.getGroups(this.forceGroup(force, users), setFilter);
-            users = this.filterUsersFromGroupsSet(users, groups, setFilter);
+      users = this.filterUsersFromGroupsSet(users, groups, setFilter, this.syncConfig);
    }

    return [groups, users];
@@ -67,30 +66,38 @@ export class OktaDirectoryService extends BaseDirectoryService implements Direct

  private async getUsers(force: boolean): Promise<UserEntry[]> {
    const entries: UserEntry[] = [];
-        const lastSync = await this.configurationService.getLastUserSyncDate();
+    const lastSync = await this.stateService.getLastUserSync();
    const oktaFilter = this.buildOktaFilter(this.syncConfig.userFilter, force, lastSync);
    const setFilter = this.createCustomSet(this.syncConfig.userFilter);

-        this.logService.info('Querying users.');
-        const usersPromise = this.client.listUsers({ filter: oktaFilter }).each((user: any) => {
+    this.logService.info("Querying users.");
+    const usersPromise = this.apiGetMany(
+      "users?filter=" + this.encodeUrlParameter(oktaFilter)
+    ).then((users: any[]) => {
+      for (const user of users) {
        const entry = this.buildUser(user);
        if (entry != null && !this.filterOutResult(setFilter, entry.email)) {
          entries.push(entry);
        }
+      }
    });

    // Deactivated users have to be queried for separately, only when no filter is provided in the first query
    let deactUsersPromise: any;
-        if (oktaFilter == null || oktaFilter.indexOf('lastUpdated ') === -1) {
+    if (oktaFilter == null || oktaFilter.indexOf("lastUpdated ") === -1) {
      let deactOktaFilter = 'status eq "DEPROVISIONED"';
      if (oktaFilter != null) {
-                deactOktaFilter = '(' + oktaFilter + ') and ' + deactOktaFilter;
+        deactOktaFilter = "(" + oktaFilter + ") and " + deactOktaFilter;
      }
-            deactUsersPromise = this.client.listUsers({ filter: deactOktaFilter }).each((user: any) => {
+      deactUsersPromise = this.apiGetMany(
+        "users?filter=" + this.encodeUrlParameter(deactOktaFilter)
+      ).then((users: any[]) => {
+        for (const user of users) {
          const entry = this.buildUser(user);
          if (entry != null && !this.filterOutResult(setFilter, entry.email)) {
            entries.push(entry);
          }
+        }
      });
    } else {
      deactUsersPromise = Promise.resolve();
@@ -105,23 +112,32 @@ export class OktaDirectoryService extends BaseDirectoryService implements Direct
    entry.externalId = user.id;
    entry.referenceId = user.id;
    entry.email = user.profile.email != null ? user.profile.email.trim().toLowerCase() : null;
-        entry.deleted = user.status === 'DEPROVISIONED';
-        entry.disabled = user.status === 'SUSPENDED';
+    entry.deleted = user.status === "DEPROVISIONED";
+    entry.disabled = user.status === "SUSPENDED";
    return entry;
  }

-    private async getGroups(force: boolean, setFilter: [boolean, Set<string>]): Promise<GroupEntry[]> {
+  private async getGroups(
+    force: boolean,
+    setFilter: [boolean, Set<string>]
+  ): Promise<GroupEntry[]> {
    const entries: GroupEntry[] = [];
-        const lastSync = await this.configurationService.getLastGroupSyncDate();
+    const lastSync = await this.stateService.getLastGroupSync();
    const oktaFilter = this.buildOktaFilter(this.syncConfig.groupFilter, force, lastSync);

-        this.logService.info('Querying groups.');
-        await this.client.listGroups({ filter: oktaFilter }).each(async (group: any) => {
+    this.logService.info("Querying groups.");
+    await this.apiGetMany("groups?filter=" + this.encodeUrlParameter(oktaFilter)).then(
+      async (groups: any[]) => {
+        for (const group of groups.filter(
+          (g) => !this.filterOutResult(setFilter, g.profile.name)
+        )) {
          const entry = await this.buildGroup(group);
-            if (entry != null && !this.filterOutResult(setFilter, entry.name)) {
+          if (entry != null) {
            entries.push(entry);
          }
-        });
+        }
+      }
+    );
    return entries;
  }

@@ -131,8 +147,18 @@ export class OktaDirectoryService extends BaseDirectoryService implements Direct
    entry.referenceId = group.id;
    entry.name = group.profile.name;

-        await this.client.listGroupUsers(group.id).each((user: any) => {
+    // throttle some to avoid rate limiting
+    const neededDelay =
+      DelayBetweenBuildGroupCallsInMilliseconds - (Date.now() - this.lastBuildGroupCall);
+    if (neededDelay > 0) {
+      await new Promise((resolve) => setTimeout(resolve, neededDelay));
+    }
+    this.lastBuildGroupCall = Date.now();
+
+    await this.apiGetMany("groups/" + group.id + "/users").then((users: any[]) => {
+      for (const user of users) {
        entry.userMemberExternalIds.add(user.id);
+      }
    });

    return entry;
@@ -140,7 +166,7 @@ export class OktaDirectoryService extends BaseDirectoryService implements Direct

  private buildOktaFilter(baseFilter: string, force: boolean, lastSync: Date) {
    baseFilter = this.createDirectoryQuery(baseFilter);
-        baseFilter = baseFilter == null || baseFilter.trim() === '' ? null : baseFilter;
+    baseFilter = baseFilter == null || baseFilter.trim() === "" ? null : baseFilter;
    if (force || lastSync == null) {
      return baseFilter;
    }
@@ -150,6 +176,94 @@ export class OktaDirectoryService extends BaseDirectoryService implements Direct
      return updatedFilter;
    }

-        return '(' + baseFilter + ') and ' + updatedFilter;
+    return "(" + baseFilter + ") and " + updatedFilter;
+  }
+
+  private encodeUrlParameter(filter: string): string {
+    return filter == null ? "" : encodeURIComponent(filter);
+  }
+
+  private async apiGetCall(url: string): Promise<[any, Map<string, string | string[]>]> {
+    const u = new URL(url);
+    return new Promise((resolve) => {
+      https.get(
+        {
+          hostname: u.hostname,
+          path: u.pathname + u.search,
+          port: 443,
+          headers: {
+            Authorization: "SSWS " + this.dirConfig.token,
+            Accept: "application/json",
+          },
+        },
+        (res) => {
+          let body = "";
+
+          res.on("data", (chunk) => {
+            body += chunk;
+          });
+
+          res.on("end", () => {
+            if (res.statusCode !== 200) {
+              resolve(null);
+              return;
+            }
+
+            const responseJson = JSON.parse(body);
+            if (res.headers != null) {
+              const headersMap = new Map<string, string | string[]>();
+              for (const key in res.headers) {
+                if (res.headers.hasOwnProperty(key)) {
+                  const val = res.headers[key];
+                  headersMap.set(key.toLowerCase(), val);
+                }
+              }
+              resolve([responseJson, headersMap]);
+              return;
+            }
+            resolve([responseJson, null]);
+          });
+
+          res.on("error", () => {
+            resolve(null);
+          });
+        }
+      );
+    });
+  }
+
+  private async apiGetMany(endpoint: string, currentData: any[] = []): Promise<any[]> {
+    const url =
+      endpoint.indexOf("https://") === 0 ? endpoint : `${this.dirConfig.orgUrl}/api/v1/${endpoint}`;
+    const response = await this.apiGetCall(url);
+    if (response == null || response[0] == null || !Array.isArray(response[0])) {
+      throw new Error("API call failed.");
+    }
+    if (response[0].length === 0) {
+      return currentData;
+    }
+    currentData = currentData.concat(response[0]);
+    if (response[1] == null) {
+      return currentData;
+    }
+    const linkHeader = response[1].get("link");
+    if (linkHeader == null || Array.isArray(linkHeader)) {
+      return currentData;
+    }
+    let nextLink: string = null;
+    const linkHeaderParts = linkHeader.split(",");
+    for (const part of linkHeaderParts) {
+      if (part.indexOf('; rel="next"') > -1) {
+        const subParts = part.split(";");
+        if (subParts.length > 0 && subParts[0].indexOf("https://") > -1) {
+          nextLink = subParts[0].replace(">", "").replace("<", "").trim();
+          break;
+        }
+      }
+    }
+    if (nextLink == null) {
+      return currentData;
+    }
+    return this.apiGetMany(nextLink, currentData);
  }
 }
--- a/Show More
+++ b/Show More