[PM-15283] [PM-15284] [PM-15286] Upgrade Angular to 19.

.github/renovate.json

@@ -7,12 +7,6 @@
       "groupName": "gh minor",
       "matchManagers": ["github-actions"],
       "matchUpdateTypes": ["minor", "patch"]
-    },
-    {
-      "groupName": "Google Libraries",
-      "matchPackagePatterns": ["google-auth-library", "googleapis"],
-      "matchManagers": ["npm"],
-      "groupSlug": "google-libraries"
     }
   ]
 }

.github/workflows/build.yml

@@ -5,25 +5,33 @@ on:
   push:
     branches:
       - "main"
-      - "rc"
-      - "hotfix-rc"
   workflow_dispatch: {}
 
-permissions:
-  contents: read
-
 jobs:
+  cloc:
+    name: CLOC
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+
+      - name: Set up CLOC
+        run: |
+          sudo apt update
+          sudo apt -y install cloc
+
+      - name: Print lines of code
+        run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git
+
+
   setup:
     name: Setup
     runs-on: ubuntu-24.04
-    permissions:
-      contents: read
     outputs:
       package_version: ${{ steps.retrieve-version.outputs.package_version }}
-      node_version: ${{ steps.retrieve-node-version.outputs.node_version }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Get Package Version
         id: retrieve-version
@@ -31,12 +39,6 @@ jobs:
           PKG_VERSION=$(jq -r .version package.json)
           echo "package_version=$PKG_VERSION" >> $GITHUB_OUTPUT
 
-      - name: Get Node Version
-        id: retrieve-node-version
-        run: |
-          NODE_NVMRC=$(cat .nvmrc)
-          NODE_VERSION=${NODE_NVMRC/v/''}
-          echo "node_version=$NODE_VERSION" >> $GITHUB_OUTPUT
 
   linux-cli:
     name: Build Linux CLI
@@ -44,25 +46,32 @@ jobs:
     needs: setup
     env:
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
-      _NODE_VERSION: ${{ needs.setup.outputs.node_version }}
+      _PKG_FETCH_NODE_VERSION: 18.5.0
-    permissions:
+      _PKG_FETCH_VERSION: 3.4
-      contents: read
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
-          node-version: ${{ env._NODE_VERSION }}
+          node-version: '18'
 
       - name: Update NPM
         run: |
           npm install -g node-gyp
           node-gyp install $(node -v)
 
+      - name: Get pkg-fetch
+        run: |
+          cd $HOME
+          fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-linux-x64"
+
+          mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION
+          wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-linux-x64"
+
       - name: Keytar
         run: |
           keytarVersion=$(cat package.json | jq -r '.dependencies.keytar')
@@ -84,6 +93,11 @@ jobs:
       - name: Zip
         run: zip -j dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip dist-cli/linux/bwdc keytar/linux/build/Release/keytar.node
 
+      - name: Create checksums
+        run: |
+          shasum -a 256 dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip | \
+            cut -d " " -f 1 > dist-cli/bwdc-linux-sha256-$_PACKAGE_VERSION.txt
+
       - name: Version Test
         run: |
           sudo apt-get update
@@ -107,38 +121,52 @@ jobs:
           fi
 
       - name: Upload Linux Zip to GitHub
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: bwdc-linux-${{ env._PACKAGE_VERSION }}.zip
           path: ./dist-cli/bwdc-linux-${{ env._PACKAGE_VERSION }}.zip
           if-no-files-found: error
 
+      - name: Upload Linux checksum to GitHub
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        with:
+          name: bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
+          path: ./dist-cli/bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
+          if-no-files-found: error
+
 
   macos-cli:
     name: Build Mac CLI
     runs-on: macos-13
     needs: setup
-    permissions:
-      contents: read
     env:
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
-      _NODE_VERSION: ${{ needs.setup.outputs.node_version }}
+      _PKG_FETCH_NODE_VERSION: 18.5.0
+      _PKG_FETCH_VERSION: 3.4
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
-          node-version: ${{ env._NODE_VERSION }}
+          node-version: '18'
 
       - name: Update NPM
         run: |
           npm install -g node-gyp
           node-gyp install $(node -v)
 
+      - name: Get pkg-fetch
+        run: |
+          cd $HOME
+          fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-macos-x64"
+
+          mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION
+          wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-macos-x64"
+
       - name: Keytar
         run: |
           keytarVersion=$(cat package.json | jq -r '.dependencies.keytar')
@@ -160,6 +188,11 @@ jobs:
       - name: Zip
         run: zip -j dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip dist-cli/macos/bwdc keytar/macos/build/Release/keytar.node
 
+      - name: Create checksums
+        run: |
+          shasum -a 256 dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip | \
+            cut -d " " -f 1 > dist-cli/bwdc-macos-sha256-$_PACKAGE_VERSION.txt
+
       - name: Version Test
         run: |
           mkdir -p test/macos
@@ -176,42 +209,59 @@ jobs:
           fi
 
       - name: Upload Mac Zip to GitHub
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: bwdc-macos-${{ env._PACKAGE_VERSION }}.zip
           path: ./dist-cli/bwdc-macos-${{ env._PACKAGE_VERSION }}.zip
           if-no-files-found: error
 
+      - name: Upload Mac checksum to GitHub
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        with:
+          name: bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
+          path: ./dist-cli/bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
+          if-no-files-found: error
 
   windows-cli:
     name: Build Windows CLI
     runs-on: windows-2022
     needs: setup
-    permissions:
-      contents: read
     env:
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
-      _NODE_VERSION: ${{ needs.setup.outputs.node_version }}
+      _WIN_PKG_FETCH_VERSION: 18.5.0
+      _WIN_PKG_VERSION: 3.4
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Setup Windows builder
         run: |
           choco install checksum --no-progress
+          choco install reshack --no-progress
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
-          node-version: ${{ env._NODE_VERSION }}
+          node-version: '18'
 
       - name: Update NPM
         run: |
           npm install -g node-gyp
           node-gyp install $(node -v)
 
+      - name: Get pkg-fetch
+        shell: pwsh
+        run: |
+          cd $HOME
+          $fetchedUrl = "https://github.com/vercel/pkg-fetch/releases/download/v$env:_WIN_PKG_VERSION/node-v$env:_WIN_PKG_FETCH_VERSION-win-x64"
+
+          New-Item -ItemType directory -Path ./.pkg-cache
+          New-Item -ItemType directory -Path ./.pkg-cache/v$env:_WIN_PKG_VERSION
+          Invoke-RestMethod -Uri $fetchedUrl `
+            -OutFile "./.pkg-cache/v$env:_WIN_PKG_VERSION/fetched-v$env:_WIN_PKG_FETCH_VERSION-win-x64"
+
       - name: Keytar
         shell: pwsh
         run: |
@@ -228,6 +278,54 @@ jobs:
 
           7z e "./keytar/windows/$($keytarTar -f "win32")" -o"./keytar/windows"
 
+      - name: Setup Version Info
+        shell: pwsh
+        run: |
+          $major, $minor, $patch = $env:_PACKAGE_VERSION.split('.')
+
+          $versionInfo = @"
+
+          1 VERSIONINFO
+          FILEVERSION $major,$minor,$patch,0
+          PRODUCTVERSION $major,$minor,$patch,0
+          FILEOS 0x40004
+          FILETYPE 0x1
+          {
+          BLOCK "StringFileInfo"
+          {
+            BLOCK "040904b0"
+            {
+              VALUE "CompanyName", "Bitwarden Inc."
+              VALUE "ProductName", "Bitwarden"
+              VALUE "FileDescription", "Bitwarden Directory Connector CLI"
+              VALUE "FileVersion", "$env:_PACKAGE_VERSION"
+              VALUE "ProductVersion", "$env:_PACKAGE_VERSION"
+              VALUE "OriginalFilename", "bwdc.exe"
+              VALUE "InternalName", "bwdc"
+              VALUE "LegalCopyright", "Copyright Bitwarden Inc."
+            }
+          }
+
+          BLOCK "VarFileInfo"
+          {
+            VALUE "Translation", 0x0409 0x04B0
+          }
+          }
+          "@
+
+          $versionInfo | Out-File ./version-info.rc
+
+      - name: Resource Hacker
+        shell: cmd
+        run: |
+          set PATH=%PATH%;C:\Program Files (x86)\Resource Hacker
+          set WIN_PKG=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\fetched-v%_WIN_PKG_FETCH_VERSION%-win-x64
+          set WIN_PKG_BUILT=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\built-v%_WIN_PKG_FETCH_VERSION%-win-x64
+
+          ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action delete -mask ICONGROUP,1,
+          ResourceHacker -open version-info.rc -save version-info.res -action compile
+          ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action addoverwrite -resource version-info.res
+
       - name: Install
         run: npm install
 
@@ -249,36 +347,44 @@ jobs:
             Throw "Version test failed."
           }
 
+      - name: Create checksums
+        run: |
+          checksum -f="./dist-cli/bwdc-windows-${env:_PACKAGE_VERSION}.zip" `
+            -t sha256 | Out-File ./dist-cli/bwdc-windows-sha256-${env:_PACKAGE_VERSION}.txt
+
       - name: Upload Windows Zip to GitHub
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: bwdc-windows-${{ env._PACKAGE_VERSION }}.zip
           path: ./dist-cli/bwdc-windows-${{ env._PACKAGE_VERSION }}.zip
           if-no-files-found: error
 
+      - name: Upload Windows checksum to GitHub
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        with:
+          name: bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
+          path: ./dist-cli/bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
+          if-no-files-found: error
+
 
   windows-gui:
     name: Build Windows GUI
     runs-on: windows-2022
     needs: setup
-    permissions:
-      contents: read
-      id-token: write
     env:
       NODE_OPTIONS: --max_old_space_size=4096
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
-      _NODE_VERSION: ${{ needs.setup.outputs.node_version }}
       HUSKY: 0
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
-          node-version: ${{ env._NODE_VERSION }}
+          node-version: '18'
 
       - name: Update NPM
         run: |
@@ -296,60 +402,39 @@ jobs:
       - name: Install Node dependencies
         run: npm install
 
-      - name: Log in to Azure
-        uses: bitwarden/gh-actions/azure-login@main
-        with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
-
-      - name: Retrieve secrets
-        id: retrieve-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: "bitwarden-ci"
-          secrets: "code-signing-vault-url,
-            code-signing-client-id,
-            code-signing-tenant-id,
-            code-signing-client-secret,
-            code-signing-cert-name"
-
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Build & Sign
         run: npm run dist:win
         env:
           ELECTRON_BUILDER_SIGN: 1
-          SIGNING_VAULT_URL: ${{ steps.retrieve-secrets.outputs.code-signing-vault-url }}
+          SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }}
-          SIGNING_CLIENT_ID: ${{ steps.retrieve-secrets.outputs.code-signing-client-id }}
+          SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }}
-          SIGNING_TENANT_ID: ${{ steps.retrieve-secrets.outputs.code-signing-tenant-id }}
+          SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }}
-          SIGNING_CLIENT_SECRET: ${{ steps.retrieve-secrets.outputs.code-signing-client-secret }}
+          SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }}
-          SIGNING_CERT_NAME: ${{ steps.retrieve-secrets.outputs.code-signing-cert-name }}
+          SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }}
 
       - name: Upload Portable Executable to GitHub
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe
           path: ./dist/Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe
           if-no-files-found: error
 
       - name: Upload Installer Executable to GitHub
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe
           path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe
           if-no-files-found: error
 
       - name: Upload Installer Executable Blockmap to GitHub
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap
           path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap
           if-no-files-found: error
 
       - name: Upload latest auto-update artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: latest.yml
           path: ./dist/latest.yml
@@ -360,23 +445,20 @@ jobs:
     name: Build Linux GUI
     runs-on: ubuntu-24.04
     needs: setup
-    permissions:
-      contents: read
     env:
       NODE_OPTIONS: --max_old_space_size=4096
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
-      _NODE_VERSION: ${{ needs.setup.outputs.node_version }}
       HUSKY: 0
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
-          node-version: ${{ env._NODE_VERSION }}
+          node-version: '18'
 
       - name: Update NPM
         run: |
@@ -399,14 +481,14 @@ jobs:
         run: npm run dist:lin
 
       - name: Upload AppImage
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
           path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
           if-no-files-found: error
 
       - name: Upload latest auto-update artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: latest-linux.yml
           path: ./dist/latest-linux.yml
@@ -417,24 +499,20 @@ jobs:
     name: Build MacOS GUI
     runs-on: macos-13
     needs: setup
-    permissions:
-      contents: read
-      id-token: write
     env:
       NODE_OPTIONS: --max_old_space_size=4096
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
-      _NODE_VERSION: ${{ needs.setup.outputs.node_version }}
       HUSKY: 0
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
-          node-version: ${{ env._NODE_VERSION }}
+          node-version: '18'
 
       - name: Update NPM
         run: |
@@ -449,18 +527,9 @@ jobs:
           echo "GitHub event: $GITHUB_EVENT"
 
       - name: Login to Azure
-        uses: bitwarden/gh-actions/azure-login@main
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
-
-      - name: Get Azure Key Vault secrets
-        id: get-kv-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: gh-directory-connector
-          secrets: "KEYCHAIN-PASSWORD,APP-STORE-CONNECT-AUTH-KEY,APP-STORE-CONNECT-TEAM-ISSUER"
 
       - name: Get certificates
         run: |
@@ -475,12 +544,9 @@ jobs:
           az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/macdev-cert |
             jq -r .value | base64 -d > $HOME/certificates/macdev-cert.p12
 
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Set up keychain
         env:
-          KEYCHAIN_PASSWORD: ${{ steps.get-kv-secrets.outputs.KEYCHAIN-PASSWORD }}
+          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
         run: |
           security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
           security default-keychain -s build.keychain
@@ -514,40 +580,40 @@ jobs:
         run: |
           mkdir ~/private_keys
           cat << EOF > ~/private_keys/AuthKey_UFD296548T.p8
-          ${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-AUTH-KEY }}
+          ${{ secrets.APP_STORE_CONNECT_AUTH_KEY }}
           EOF
 
       - name: Build application
         run: npm run dist:mac
         env:
-          APP_STORE_CONNECT_TEAM_ISSUER: ${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-TEAM-ISSUER }}
+          APP_STORE_CONNECT_TEAM_ISSUER: ${{ secrets.APP_STORE_CONNECT_TEAM_ISSUER }}
           APP_STORE_CONNECT_AUTH_KEY: UFD296548T
           APP_STORE_CONNECT_AUTH_KEY_PATH: ~/private_keys/AuthKey_UFD296548T.p8
           CSC_FOR_PULL_REQUEST: true
 
       - name: Upload .zip artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip
           path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip
           if-no-files-found: error
 
       - name: Upload .dmg artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg
           path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg
           if-no-files-found: error
 
       - name: Upload .dmg Blockmap artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap
           path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap
           if-no-files-found: error
 
       - name: Upload latest auto-update artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: latest-mac.yml
           path: ./dist/latest-mac.yml
@@ -558,6 +624,7 @@ jobs:
     name: Check for failures
     runs-on: ubuntu-24.04
     needs:
+      - cloc
       - setup
       - linux-cli
       - macos-cli
@@ -565,24 +632,16 @@ jobs:
       - windows-gui
       - linux-gui
       - macos-gui
-    permissions:
-      id-token: write
     steps:
       - name: Check if any job failed
-        if: |
+        if: github.ref == 'refs/heads/main' && contains(needs.*.result, 'failure')
-          (github.ref == 'refs/heads/main'
-          || github.ref == 'refs/heads/rc'
-          || github.ref == 'refs/heads/hotfix-rc')
-          && contains(needs.*.result, 'failure')
         run: exit 1
 
-      - name: Log in to Azure
+      - name: Login to Azure - CI subscription
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         if: failure()
-        uses: bitwarden/gh-actions/azure-login@main
         with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
@@ -592,9 +651,6 @@ jobs:
           keyvault: "bitwarden-ci"
           secrets: "devops-alerts-slack-webhook-url"
 
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Notify Slack on failure
         uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d # v2.1.0
         if: failure()

.github/workflows/enforce-labels.yml

@@ -3,9 +3,6 @@ name: Enforce PR labels
 on:
   pull_request:
     types: [labeled, unlabeled, opened, edited, synchronize]
-permissions:
-  contents: read
-  pull-requests: read
 jobs:
   enforce-label:
     name: EnforceLabel

.github/workflows/integration-test.yml

@@ -8,28 +8,47 @@ on:
     paths:
       - ".github/workflows/integration-test.yml" # this file
       - "src/services/ldap-directory.service*" # we only have integration for LDAP testing at the moment
-      - "./openldap/**/*" # any change to test fixtures
+      - "./openldap*" # any change to test fixtures
       - "./docker-compose.yml" # any change to Docker configuration
-      - "./package.json" # dependencies
   pull_request:
     paths:
       - ".github/workflows/integration-test.yml" # this file
       - "src/services/ldap-directory.service*" # we only have integration for LDAP testing at the moment
-      - "./openldap/**/*" # any change to test fixtures
+      - "./openldap*" # any change to test fixtures
       - "./docker-compose.yml" # any change to Docker configuration
-      - "./package.json" # dependencies
+
+jobs:
+  check-test-secrets:
+    name: Check for test secrets
+    runs-on: ubuntu-22.04
+    outputs:
+      available: ${{ steps.check-test-secrets.outputs.available }}
     permissions:
       contents: read
-  checks: write # required by dorny/test-reporter to upload its results
+
-jobs:
+    steps:
+      - name: Check
+        id: check-test-secrets
+        run: |
+          if [ "${{ secrets.CODECOV_TOKEN }}" != '' ]; then
+            echo "available=true" >> $GITHUB_OUTPUT;
+          else
+            echo "available=false" >> $GITHUB_OUTPUT;
+          fi
+
   testing:
     name: Run tests
     if: ${{ startsWith(github.head_ref, 'version_bump_') == false }}
     runs-on: ubuntu-22.04
+    needs: check-test-secrets
+    permissions:
+      checks: write
+      contents: read
+      pull-requests: write
 
     steps:
       - name: Check out repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Get Node version
         id: retrieve-node-version
@@ -39,7 +58,7 @@ jobs:
           echo "node_version=$NODE_VERSION" >> $GITHUB_OUTPUT
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
@@ -61,7 +80,7 @@ jobs:
 
       - name: Report test results
         uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1
-        if: ${{ github.event.pull_request.head.repo.full_name == github.repository && !cancelled() }}
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' && !cancelled() }}
         with:
           name: Test Results
           path: "junit.xml"
@@ -69,7 +88,13 @@ jobs:
           fail-on-error: true
 
       - name: Upload coverage to codecov.io
-        uses: codecov/codecov-action@5a605bd92782ce0810fa3b8acc235c921b497052 # v5.2.0
+        uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' }}
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
       - name: Upload results to codecov.io
-        uses: codecov/test-results-action@4e79e65778be1cecd5df25e14af1eafb6df80ea9 # v1.0.2
+        uses: codecov/test-results-action@1b5b448b98e58ba90d1a1a1d9fcb72ca2263be46 # v1.0.0
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' }}
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/release.yml

@@ -13,27 +13,22 @@ on:
           - Redeploy
           - Dry Run
 
-permissions:
-  contents: read
-
 jobs:
   setup:
     name: Setup
     runs-on: ubuntu-24.04
-    permissions:
-      contents: read
     outputs:
-      release_version: ${{ steps.version.outputs.version }}
+      release-version: ${{ steps.version.outputs.version }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Branch check
-        if: ${{ inputs.release_type != 'Dry Run' }}
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
         run: |
-          if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+          if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
             echo "==================================="
-            echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+            echo "[!] Can only release from the 'main' branch"
             echo "==================================="
             exit 1
           fi
@@ -42,7 +37,7 @@ jobs:
         id: version
         uses: bitwarden/gh-actions/release-version-check@main
         with:
-          release-type: ${{ inputs.release_type }}
+          release-type: ${{ github.event.inputs.release_type }}
           project-type: ts
           file: package.json
 
@@ -50,13 +45,9 @@ jobs:
     name: Release
     runs-on: ubuntu-24.04
     needs: setup
-    permissions:
-      actions: read
-      packages: read
-      contents: write
     steps:
       - name: Download all artifacts
-        if: ${{ inputs.release_type != 'Dry Run' }}
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
         uses: bitwarden/gh-actions/download-artifacts@main
         with:
           workflow: build.yml
@@ -64,7 +55,7 @@ jobs:
           branch: ${{ github.ref_name }}
 
       - name: Dry Run - Download all artifacts
-        if: ${{ inputs.release_type == 'Dry Run' }}
+        if: ${{ github.event.inputs.release_type == 'Dry Run' }}
         uses: bitwarden/gh-actions/download-artifacts@main
         with:
           workflow: build.yml
@@ -72,14 +63,17 @@ jobs:
           branch: main
 
       - name: Create release
-        if: ${{ inputs.release_type != 'Dry Run' }}
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
-        uses: ncipollo/release-action@cdcc88a9acf3ca41c16c37bb7d21b9ad48560d87 # v1.15.0
+        uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
         env:
-          PKG_VERSION: ${{ needs.setup.outputs.release_version }}
+          PKG_VERSION: ${{ needs.setup.outputs.release-version }}
         with:
           artifacts: "./bwdc-windows-${{ env.PKG_VERSION }}.zip,
                       ./bwdc-macos-${{ env.PKG_VERSION }}.zip,
                       ./bwdc-linux-${{ env.PKG_VERSION }}.zip,
+                      ./bwdc-windows-sha256-${{ env.PKG_VERSION }}.txt,
+                      ./bwdc-macos-sha256-${{ env.PKG_VERSION }}.txt,
+                      ./bwdc-linux-sha256-${{ env.PKG_VERSION }}.txt,
                       ./Bitwarden-Connector-Portable-${{ env.PKG_VERSION }}.exe,
                       ./Bitwarden-Connector-Installer-${{ env.PKG_VERSION }}.exe,
                       ./Bitwarden-Connector-Installer-${{ env.PKG_VERSION }}.exe.blockmap,

.github/workflows/scan.yml

@@ -5,48 +5,74 @@ on:
   push:
     branches:
       - "main"
-  pull_request:
-    types: [opened, synchronize, reopened]
-    branches-ignore:
-      - "main"
   pull_request_target:
-    types: [opened, synchronize, reopened]
+    types: [opened, synchronize]
-    branches:
-      - "main"
-
-permissions: {}
 
 jobs:
   check-run:
     name: Check PR run
     uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
-    permissions:
-      contents: read
 
   sast:
-    name: Checkmarx
+    name: SAST scan
-    uses: bitwarden/gh-actions/.github/workflows/_checkmarx.yml@main
+    runs-on: ubuntu-24.04
     needs: check-run
-    secrets:
-      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
     permissions:
       contents: read
       pull-requests: write
       security-events: write
-      id-token: write
+
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - name: Scan with Checkmarx
+        uses: checkmarx/ast-github-action@ed196cdaec9cd1bc5aacac4ca2010dd773b20893 # 2.0.35
+        env:
+          INCREMENTAL: "${{ contains(github.event_name, 'pull_request') && '--sast-incremental' || '' }}"
+        with:
+          project_name: ${{ github.repository }}
+          cx_tenant: ${{ secrets.CHECKMARX_TENANT }}
+          base_uri: https://ast.checkmarx.net/
+          cx_client_id: ${{ secrets.CHECKMARX_CLIENT_ID }}
+          cx_client_secret: ${{ secrets.CHECKMARX_SECRET }}
+          additional_params: |
+            --report-format sarif \
+            --filter "state=TO_VERIFY;PROPOSED_NOT_EXPLOITABLE;CONFIRMED;URGENT" \
+            --output-path . ${{ env.INCREMENTAL }}
+
+      - name: Upload Checkmarx results to GitHub
+        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+        with:
+          sarif_file: cx_result.sarif
 
   quality:
-    name: Sonar
+    name: Quality scan
-    uses: bitwarden/gh-actions/.github/workflows/_sonar.yml@main
+    runs-on: ubuntu-24.04
     needs: check-run
-    secrets:
-      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
     permissions:
       contents: read
       pull-requests: write
-      id-token: write
 
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+        with:
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - name: Scan with SonarCloud
+        uses: sonarsource/sonarcloud-github-action@eb211723266fe8e83102bac7361f0a05c3ac1d1b # v3.0.0
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          args: >
+            -Dsonar.organization=${{ github.repository_owner }}
+            -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
+            -Dsonar.tests=.
+            -Dsonar.sources=.
+            -Dsonar.test.inclusions=**/*.spec.ts
+            -Dsonar.exclusions=**/*.spec.ts

.github/workflows/test.yml

@@ -5,24 +5,40 @@ on:
   push:
     branches:
       - "main"
-      - "rc"
-      - "hotfix-rc"
   pull_request:
 
+jobs:
+  check-test-secrets:
+    name: Check for test secrets
+    runs-on: ubuntu-24.04
+    outputs:
+      available: ${{ steps.check-test-secrets.outputs.available }}
     permissions:
       contents: read
-  checks: write # required by dorny/test-reporter to upload its results
 
-jobs:
+    steps:
+      - name: Check
+        id: check-test-secrets
+        run: |
+          if [ "${{ secrets.CODECOV_TOKEN }}" != '' ]; then
+            echo "available=true" >> $GITHUB_OUTPUT;
+          else
+            echo "available=false" >> $GITHUB_OUTPUT;
+          fi
 
   testing:
     name: Run tests
     if: ${{ startsWith(github.head_ref, 'version_bump_') == false }}
     runs-on: ubuntu-24.04
+    needs: check-test-secrets
+    permissions:
+      checks: write
+      contents: read
+      pull-requests: write
 
     steps:
       - name: Check out repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Get Node version
         id: retrieve-node-version
@@ -32,7 +48,7 @@ jobs:
           echo "node_version=$NODE_VERSION" >> $GITHUB_OUTPUT
 
       - name: Set up Node
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: 'npm'
           cache-dependency-path: '**/package-lock.json'
@@ -52,7 +68,7 @@ jobs:
 
       - name: Report test results
         uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1
-        if: ${{ github.event.pull_request.head.repo.full_name == github.repository && !cancelled() }}
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' && !cancelled() }}
         with:
           name: Test Results
           path: "junit.xml"
@@ -60,7 +76,13 @@ jobs:
           fail-on-error: true
 
       - name: Upload coverage to codecov.io
-        uses: codecov/codecov-action@5a605bd92782ce0810fa3b8acc235c921b497052 # v5.2.0
+        uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' }}
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
       - name: Upload results to codecov.io
-        uses: codecov/test-results-action@4e79e65778be1cecd5df25e14af1eafb6df80ea9 # v1.0.2
+        uses: codecov/test-results-action@1b5b448b98e58ba90d1a1a1d9fcb72ca2263be46 # v1.0.0
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' }}
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/version-bump.yml

@@ -8,15 +8,10 @@ on:
         required: false
         type: string
 
-permissions: {}
-
 jobs:
   bump_version:
     name: Bump Version
     runs-on: ubuntu-24.04
-    permissions:
-      contents: write
-      id-token: write
     steps:
       - name: Validate version input
         if: ${{ inputs.version_number_override != '' }}
@@ -24,32 +19,15 @@ jobs:
         with:
           version: ${{ inputs.version_number_override }}
 
-      - name: Log in to Azure
-        uses: bitwarden/gh-actions/azure-login@main
-        with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
-
-      - name: Get Azure Key Vault secrets
-        id: get-kv-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: gh-org-bitwarden
-          secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"
-
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Generate GH App token
-        uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
+        uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
         id: app-token
         with:
-          app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
+          app-id: ${{ secrets.BW_GHAPP_ID }}
-          private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
+          private-key: ${{ secrets.BW_GHAPP_KEY }}
 
       - name: Checkout Branch
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           token: ${{ steps.app-token.outputs.token }}
 

.nvmrc

@@ -1 +1 @@
-v20
+v18

README.md

@@ -9,7 +9,7 @@ Supported directories:
 
 - Active Directory
 - Any other LDAP-based directory
-- Microsoft Entra ID
+- Azure Active Directory
 - G Suite (Google)
 - Okta
 

jslib/angular/src/components/callout.component.html

@@ -0,0 +1,35 @@
+<div
+  #callout
+  class="callout callout-{{ calloutStyle }}"
+  [ngClass]="{ clickable: clickable }"
+  [attr.role]="useAlertRole ? 'alert' : null"
+>
+  <h3 class="callout-heading" *ngIf="title">
+    <i class="bwi {{ icon }}" *ngIf="icon" aria-hidden="true"></i>
+    {{ title }}
+  </h3>
+  <div class="enforced-policy-options" *ngIf="enforcedPolicyOptions">
+    {{ enforcedPolicyMessage }}
+    <ul>
+      <li *ngIf="enforcedPolicyOptions?.minComplexity > 0">
+        {{ "policyInEffectMinComplexity" | i18n: getPasswordScoreAlertDisplay() }}
+      </li>
+      <li *ngIf="enforcedPolicyOptions?.minLength > 0">
+        {{ "policyInEffectMinLength" | i18n: enforcedPolicyOptions?.minLength.toString() }}
+      </li>
+      <li *ngIf="enforcedPolicyOptions?.requireUpper">
+        {{ "policyInEffectUppercase" | i18n }}
+      </li>
+      <li *ngIf="enforcedPolicyOptions?.requireLower">
+        {{ "policyInEffectLowercase" | i18n }}
+      </li>
+      <li *ngIf="enforcedPolicyOptions?.requireNumbers">
+        {{ "policyInEffectNumbers" | i18n }}
+      </li>
+      <li *ngIf="enforcedPolicyOptions?.requireSpecial">
+        {{ "policyInEffectSpecial" | i18n: "!@#$%^&*" }}
+      </li>
+    </ul>
+  </div>
+  <ng-content></ng-content>
+</div>

jslib/angular/src/components/callout.component.ts

@@ -0,0 +1,78 @@
+import { Component, Input, OnInit } from "@angular/core";
+
+import { I18nService } from "@/jslib/common/src/abstractions/i18n.service";
+import { MasterPasswordPolicyOptions } from "@/jslib/common/src/models/domain/masterPasswordPolicyOptions";
+
+@Component({
+  selector: "app-callout",
+  templateUrl: "callout.component.html",
+})
+export class CalloutComponent implements OnInit {
+  @Input() type = "info";
+  @Input() icon: string;
+  @Input() title: string;
+  @Input() clickable: boolean;
+  @Input() enforcedPolicyOptions: MasterPasswordPolicyOptions;
+  @Input() enforcedPolicyMessage: string;
+  @Input() useAlertRole = false;
+
+  calloutStyle: string;
+
+  constructor(private i18nService: I18nService) {}
+
+  ngOnInit() {
+    this.calloutStyle = this.type;
+
+    if (this.enforcedPolicyMessage === undefined) {
+      this.enforcedPolicyMessage = this.i18nService.t("masterPasswordPolicyInEffect");
+    }
+
+    if (this.type === "warning" || this.type === "danger") {
+      if (this.type === "danger") {
+        this.calloutStyle = "danger";
+      }
+      if (this.title === undefined) {
+        this.title = this.i18nService.t("warning");
+      }
+      if (this.icon === undefined) {
+        this.icon = "bwi-exclamation-triangle";
+      }
+    } else if (this.type === "error") {
+      this.calloutStyle = "danger";
+      if (this.title === undefined) {
+        this.title = this.i18nService.t("error");
+      }
+      if (this.icon === undefined) {
+        this.icon = "bwi-error";
+      }
+    } else if (this.type === "tip") {
+      this.calloutStyle = "success";
+      if (this.title === undefined) {
+        this.title = this.i18nService.t("tip");
+      }
+      if (this.icon === undefined) {
+        this.icon = "bwi-lightbulb";
+      }
+    }
+  }
+
+  getPasswordScoreAlertDisplay() {
+    if (this.enforcedPolicyOptions == null) {
+      return "";
+    }
+
+    let str: string;
+    switch (this.enforcedPolicyOptions.minComplexity) {
+      case 4:
+        str = this.i18nService.t("strong");
+        break;
+      case 3:
+        str = this.i18nService.t("good");
+        break;
+      default:
+        str = this.i18nService.t("weak");
+        break;
+    }
+    return str + " (" + this.enforcedPolicyOptions.minComplexity + ")";
+  }
+}

jslib/angular/src/components/icon.component.html

@@ -0,0 +1,11 @@
+<div class="icon" aria-hidden="true">
+  <img
+    [src]="image"
+    appFallbackSrc="{{ fallbackImage }}"
+    *ngIf="imageEnabled && image"
+    alt=""
+    decoding="async"
+    loading="lazy"
+  />
+  <i class="bwi bwi-fw bwi-lg {{ icon }}" *ngIf="!imageEnabled || !image"></i>
+</div>

jslib/angular/src/components/icon.component.ts

@@ -0,0 +1,115 @@
+import { Component, Input, OnChanges } from "@angular/core";
+
+import { EnvironmentService } from "@/jslib/common/src/abstractions/environment.service";
+import { StateService } from "@/jslib/common/src/abstractions/state.service";
+import { CipherType } from "@/jslib/common/src/enums/cipherType";
+import { Utils } from "@/jslib/common/src/misc/utils";
+import { CipherView } from "@/jslib/common/src/models/view/cipherView";
+
+/**
+ * Provides a mapping from supported card brands to
+ * the filenames of icon that should be present in images/cards folder of clients.
+ */
+const cardIcons: Record<string, string> = {
+  Visa: "card-visa",
+  Mastercard: "card-mastercard",
+  Amex: "card-amex",
+  Discover: "card-discover",
+  "Diners Club": "card-diners-club",
+  JCB: "card-jcb",
+  Maestro: "card-maestro",
+  UnionPay: "card-union-pay",
+};
+
+@Component({
+  selector: "app-vault-icon",
+  templateUrl: "icon.component.html",
+})
+export class IconComponent implements OnChanges {
+  @Input() cipher: CipherView;
+  icon: string;
+  image: string;
+  fallbackImage: string;
+  imageEnabled: boolean;
+
+  private iconsUrl: string;
+
+  constructor(
+    environmentService: EnvironmentService,
+    private stateService: StateService,
+  ) {
+    this.iconsUrl = environmentService.getIconsUrl();
+  }
+
+  async ngOnChanges() {
+    // Components may be re-used when using cdk-virtual-scroll. Which puts the component in a weird state,
+    // to avoid this we reset all state variables.
+    this.image = null;
+    this.fallbackImage = null;
+    this.imageEnabled = !(await this.stateService.getDisableFavicon());
+    this.load();
+  }
+
+  protected load() {
+    switch (this.cipher.type) {
+      case CipherType.Login:
+        this.icon = "bwi-globe";
+        this.setLoginIcon();
+        break;
+      case CipherType.SecureNote:
+        this.icon = "bwi-sticky-note";
+        break;
+      case CipherType.Card:
+        this.icon = "bwi-credit-card";
+        this.setCardIcon();
+        break;
+      case CipherType.Identity:
+        this.icon = "bwi-id-card";
+        break;
+      default:
+        break;
+    }
+  }
+
+  private setLoginIcon() {
+    if (this.cipher.login.uri) {
+      let hostnameUri = this.cipher.login.uri;
+      let isWebsite = false;
+
+      if (hostnameUri.indexOf("androidapp://") === 0) {
+        this.icon = "bwi-android";
+        this.image = null;
+      } else if (hostnameUri.indexOf("iosapp://") === 0) {
+        this.icon = "bwi-apple";
+        this.image = null;
+      } else if (
+        this.imageEnabled &&
+        hostnameUri.indexOf("://") === -1 &&
+        hostnameUri.indexOf(".") > -1
+      ) {
+        hostnameUri = "http://" + hostnameUri;
+        isWebsite = true;
+      } else if (this.imageEnabled) {
+        isWebsite = hostnameUri.indexOf("http") === 0 && hostnameUri.indexOf(".") > -1;
+      }
+
+      if (this.imageEnabled && isWebsite) {
+        try {
+          this.image = this.iconsUrl + "/" + Utils.getHostname(hostnameUri) + "/icon.png";
+          this.fallbackImage = "images/bwi-globe.png";
+        } catch (e) {
+          // Ignore error since the fallback icon will be shown if image is null.
+        }
+      }
+    } else {
+      this.image = null;
+    }
+  }
+
+  private setCardIcon() {
+    const brand = this.cipher.card.brand;
+    if (this.imageEnabled && brand in cardIcons) {
+      this.icon = "credit-card-icon " + cardIcons[brand];
+    }
+  }
+}

jslib/angular/src/components/password-reprompt.component.ts

@@ -0,0 +1,41 @@
+import { Directive } from "@angular/core";
+
+import { CryptoService } from "@/jslib/common/src/abstractions/crypto.service";
+import { I18nService } from "@/jslib/common/src/abstractions/i18n.service";
+import { PlatformUtilsService } from "@/jslib/common/src/abstractions/platformUtils.service";
+
+import { ModalRef } from "./modal/modal.ref";
+
+/**
+ * Used to verify the user's Master Password for the "Master Password Re-prompt" feature only.
+ * See UserVerificationComponent for any other situation where you need to verify the user's identity.
+ */
+@Directive()
+export class PasswordRepromptComponent {
+  showPassword = false;
+  masterPassword = "";
+
+  constructor(
+    private modalRef: ModalRef,
+    private cryptoService: CryptoService,
+    private platformUtilsService: PlatformUtilsService,
+    private i18nService: I18nService,
+  ) {}
+
+  togglePassword() {
+    this.showPassword = !this.showPassword;
+  }
+
+  async submit() {
+    if (!(await this.cryptoService.compareAndUpdateKeyHash(this.masterPassword, null))) {
+      this.platformUtilsService.showToast(
+        "error",
+        this.i18nService.t("errorOccurred"),
+        this.i18nService.t("invalidMasterPassword"),
+      );
+      return;
+    }
+
+    this.modalRef.close(true);
+  }
+}

jslib/angular/src/components/toastr.component.ts

@@ -60,7 +60,6 @@ import {
     ]),
   ],
   preserveWhitespaces: false,
-  standalone: false,
 })
 export class BitwardenToast extends BaseToast {
   constructor(

jslib/angular/src/directives/a11y-title.directive.ts

@@ -2,7 +2,6 @@ import { Directive, ElementRef, Input, Renderer2 } from "@angular/core";
 
 @Directive({
   selector: "[appA11yTitle]",
-  standalone: false,
 })
 export class A11yTitleDirective {
   @Input() set appA11yTitle(title: string) {

jslib/angular/src/directives/api-action.directive.ts

@@ -13,7 +13,6 @@ import { ValidationService } from "../services/validation.service";
  */
 @Directive({
   selector: "[appApiAction]",
-  standalone: false,
 })
 export class ApiActionDirective implements OnChanges {
   @Input() appApiAction: Promise<any>;

jslib/angular/src/directives/autofocus.directive.ts

@@ -5,7 +5,6 @@ import { Utils } from "@/jslib/common/src/misc/utils";
 
 @Directive({
   selector: "[appAutofocus]",
-  standalone: false,
 })
 export class AutofocusDirective {
   @Input() set appAutofocus(condition: boolean | string) {

jslib/angular/src/directives/blur-click.directive.ts

@@ -2,7 +2,6 @@ import { Directive, ElementRef, HostListener } from "@angular/core";
 
 @Directive({
   selector: "[appBlurClick]",
-  standalone: false,
 })
 export class BlurClickDirective {
   constructor(private el: ElementRef) {}

jslib/angular/src/directives/box-row.directive.ts

@@ -2,7 +2,6 @@ import { Directive, ElementRef, HostListener, OnInit } from "@angular/core";
 
 @Directive({
   selector: "[appBoxRow]",
-  standalone: false,
 })
 export class BoxRowDirective implements OnInit {
   el: HTMLElement = null;

jslib/angular/src/directives/fallback-src.directive.ts

@@ -2,7 +2,6 @@ import { Directive, ElementRef, HostListener, Input } from "@angular/core";
 
 @Directive({
   selector: "[appFallbackSrc]",
-  standalone: false,
 })
 export class FallbackSrcDirective {
   @Input("appFallbackSrc") appFallbackSrc: string;

jslib/angular/src/directives/stop-click.directive.ts

@@ -2,7 +2,6 @@ import { Directive, HostListener } from "@angular/core";
 
 @Directive({
   selector: "[appStopClick]",
-  standalone: false,
 })
 export class StopClickDirective {
   @HostListener("click", ["$event"]) onClick($event: MouseEvent) {

jslib/angular/src/directives/stop-prop.directive.ts

@@ -2,7 +2,6 @@ import { Directive, HostListener } from "@angular/core";
 
 @Directive({
   selector: "[appStopProp]",
-  standalone: false,
 })
 export class StopPropDirective {
   @HostListener("click", ["$event"]) onClick($event: MouseEvent) {

jslib/angular/src/pipes/i18n.pipe.ts

@@ -4,7 +4,6 @@ import { I18nService } from "@/jslib/common/src/abstractions/i18n.service";
 
 @Pipe({
   name: "i18n",
-  standalone: false,
 })
 export class I18nPipe implements PipeTransform {
   constructor(private i18nService: I18nService) {}

jslib/angular/src/pipes/search-ciphers.pipe.ts

@@ -0,0 +1,41 @@
+import { Pipe, PipeTransform } from "@angular/core";
+
+import { CipherView } from "@/jslib/common/src/models/view/cipherView";
+
+@Pipe({
+  name: "searchCiphers",
+})
+export class SearchCiphersPipe implements PipeTransform {
+  transform(ciphers: CipherView[], searchText: string, deleted = false): CipherView[] {
+    if (ciphers == null || ciphers.length === 0) {
+      return [];
+    }
+
+    if (searchText == null || searchText.length < 2) {
+      return ciphers.filter((c) => {
+        return deleted !== c.isDeleted;
+      });
+    }
+
+    searchText = searchText.trim().toLowerCase();
+    return ciphers.filter((c) => {
+      if (deleted !== c.isDeleted) {
+        return false;
+      }
+      if (c.name != null && c.name.toLowerCase().indexOf(searchText) > -1) {
+        return true;
+      }
+      if (searchText.length >= 8 && c.id.startsWith(searchText)) {
+        return true;
+      }
+      if (c.subTitle != null && c.subTitle.toLowerCase().indexOf(searchText) > -1) {
+        return true;
+      }
+      if (c.login && c.login.uri != null && c.login.uri.toLowerCase().indexOf(searchText) > -1) {
+        return true;
+      }
+
+      return false;
+    });
+  }
+}

jslib/common/spec/domain/attachment.spec.ts

@@ -0,0 +1,83 @@
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
+
+import { CryptoService } from "@/jslib/common/src/abstractions/crypto.service";
+import { AttachmentData } from "@/jslib/common/src/models/data/attachmentData";
+import { Attachment } from "@/jslib/common/src/models/domain/attachment";
+import { SymmetricCryptoKey } from "@/jslib/common/src/models/domain/symmetricCryptoKey";
+import { ContainerService } from "@/jslib/common/src/services/container.service";
+
+import { makeStaticByteArray, mockEnc } from "../utils";
+
+describe("Attachment", () => {
+  let data: AttachmentData;
+
+  beforeEach(() => {
+    data = {
+      id: "id",
+      url: "url",
+      fileName: "fileName",
+      key: "key",
+      size: "1100",
+      sizeName: "1.1 KB",
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new AttachmentData();
+    const attachment = new Attachment(data);
+
+    expect(attachment).toEqual({
+      id: null,
+      url: null,
+      size: undefined,
+      sizeName: null,
+      key: null,
+      fileName: null,
+    });
+  });
+
+  it("Convert", () => {
+    const attachment = new Attachment(data);
+
+    expect(attachment).toEqual({
+      size: "1100",
+      id: "id",
+      url: "url",
+      sizeName: "1.1 KB",
+      fileName: { encryptedString: "fileName", encryptionType: 0 },
+      key: { encryptedString: "key", encryptionType: 0 },
+    });
+  });
+
+  it("toAttachmentData", () => {
+    const attachment = new Attachment(data);
+    expect(attachment.toAttachmentData()).toEqual(data);
+  });
+
+  it("Decrypt", async () => {
+    const attachment = new Attachment();
+    attachment.id = "id";
+    attachment.url = "url";
+    attachment.size = "1100";
+    attachment.sizeName = "1.1 KB";
+    attachment.key = mockEnc("key");
+    attachment.fileName = mockEnc("fileName");
+
+    const cryptoService = Substitute.for<CryptoService>();
+    cryptoService.getOrgKey(null).resolves(null);
+    cryptoService.decryptToBytes(Arg.any(), Arg.any()).resolves(makeStaticByteArray(32));
+
+    (window as any).bitwardenContainerService = new ContainerService(cryptoService);
+
+    const view = await attachment.decrypt(null);
+
+    expect(view).toEqual({
+      id: "id",
+      url: "url",
+      size: "1100",
+      sizeName: "1.1 KB",
+      fileName: "fileName",
+      key: expect.any(SymmetricCryptoKey),
+    });
+  });
+});

jslib/common/spec/domain/card.spec.ts

@@ -0,0 +1,73 @@
+import { CardData } from "@/jslib/common/src/models/data/cardData";
+import { Card } from "@/jslib/common/src/models/domain/card";
+
+import { mockEnc } from "../utils";
+
+describe("Card", () => {
+  let data: CardData;
+
+  beforeEach(() => {
+    data = {
+      cardholderName: "encHolder",
+      brand: "encBrand",
+      number: "encNumber",
+      expMonth: "encMonth",
+      expYear: "encYear",
+      code: "encCode",
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new CardData();
+    const card = new Card(data);
+
+    expect(card).toEqual({
+      cardholderName: null,
+      brand: null,
+      number: null,
+      expMonth: null,
+      expYear: null,
+      code: null,
+    });
+  });
+
+  it("Convert", () => {
+    const card = new Card(data);
+
+    expect(card).toEqual({
+      cardholderName: { encryptedString: "encHolder", encryptionType: 0 },
+      brand: { encryptedString: "encBrand", encryptionType: 0 },
+      number: { encryptedString: "encNumber", encryptionType: 0 },
+      expMonth: { encryptedString: "encMonth", encryptionType: 0 },
+      expYear: { encryptedString: "encYear", encryptionType: 0 },
+      code: { encryptedString: "encCode", encryptionType: 0 },
+    });
+  });
+
+  it("toCardData", () => {
+    const card = new Card(data);
+    expect(card.toCardData()).toEqual(data);
+  });
+
+  it("Decrypt", async () => {
+    const card = new Card();
+    card.cardholderName = mockEnc("cardHolder");
+    card.brand = mockEnc("brand");
+    card.number = mockEnc("number");
+    card.expMonth = mockEnc("expMonth");
+    card.expYear = mockEnc("expYear");
+    card.code = mockEnc("code");
+
+    const view = await card.decrypt(null);
+
+    expect(view).toEqual({
+      _brand: "brand",
+      _number: "number",
+      _subTitle: null,
+      cardholderName: "cardHolder",
+      code: "code",
+      expMonth: "expMonth",
+      expYear: "expYear",
+    });
+  });
+});

jslib/common/spec/domain/cipher.spec.ts

@@ -0,0 +1,599 @@
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
+
+import { CipherRepromptType } from "@/jslib/common/src/enums/cipherRepromptType";
+import { CipherType } from "@/jslib/common/src/enums/cipherType";
+import { FieldType } from "@/jslib/common/src/enums/fieldType";
+import { SecureNoteType } from "@/jslib/common/src/enums/secureNoteType";
+import { UriMatchType } from "@/jslib/common/src/enums/uriMatchType";
+import { CipherData } from "@/jslib/common/src/models/data/cipherData";
+import { Card } from "@/jslib/common/src/models/domain/card";
+import { Cipher } from "@/jslib/common/src/models/domain/cipher";
+import { Identity } from "@/jslib/common/src/models/domain/identity";
+import { Login } from "@/jslib/common/src/models/domain/login";
+import { SecureNote } from "@/jslib/common/src/models/domain/secureNote";
+import { CardView } from "@/jslib/common/src/models/view/cardView";
+import { IdentityView } from "@/jslib/common/src/models/view/identityView";
+import { LoginView } from "@/jslib/common/src/models/view/loginView";
+
+import { mockEnc } from "../utils";
+
+describe("Cipher DTO", () => {
+  it("Convert from empty CipherData", () => {
+    const data = new CipherData();
+    const cipher = new Cipher(data);
+
+    expect(cipher).toEqual({
+      id: null,
+      userId: null,
+      organizationId: null,
+      folderId: null,
+      name: null,
+      notes: null,
+      type: undefined,
+      favorite: undefined,
+      organizationUseTotp: undefined,
+      edit: undefined,
+      viewPassword: true,
+      revisionDate: null,
+      collectionIds: undefined,
+      localData: null,
+      deletedDate: null,
+      reprompt: undefined,
+      attachments: null,
+      fields: null,
+      passwordHistory: null,
+    });
+  });
+
+  describe("LoginCipher", () => {
+    let cipherData: CipherData;
+
+    beforeEach(() => {
+      cipherData = {
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        userId: "userId",
+        edit: true,
+        viewPassword: true,
+        organizationUseTotp: true,
+        favorite: false,
+        revisionDate: "2022-01-31T12:00:00.000Z",
+        type: CipherType.Login,
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        deletedDate: null,
+        reprompt: CipherRepromptType.None,
+        login: {
+          uris: [{ uri: "EncryptedString", match: UriMatchType.Domain }],
+          username: "EncryptedString",
+          password: "EncryptedString",
+          passwordRevisionDate: "2022-01-31T12:00:00.000Z",
+          totp: "EncryptedString",
+          autofillOnPageLoad: false,
+        },
+        passwordHistory: [
+          { password: "EncryptedString", lastUsedDate: "2022-01-31T12:00:00.000Z" },
+        ],
+        attachments: [
+          {
+            id: "a1",
+            url: "url",
+            size: "1100",
+            sizeName: "1.1 KB",
+            fileName: "file",
+            key: "EncKey",
+          },
+          {
+            id: "a2",
+            url: "url",
+            size: "1100",
+            sizeName: "1.1 KB",
+            fileName: "file",
+            key: "EncKey",
+          },
+        ],
+        fields: [
+          {
+            name: "EncryptedString",
+            value: "EncryptedString",
+            type: FieldType.Text,
+            linkedId: null,
+          },
+          {
+            name: "EncryptedString",
+            value: "EncryptedString",
+            type: FieldType.Hidden,
+            linkedId: null,
+          },
+        ],
+      };
+    });
+
+    it("Convert", () => {
+      const cipher = new Cipher(cipherData);
+
+      expect(cipher).toEqual({
+        id: "id",
+        userId: "userId",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: { encryptedString: "EncryptedString", encryptionType: 0 },
+        notes: { encryptedString: "EncryptedString", encryptionType: 0 },
+        type: 1,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        collectionIds: undefined,
+        localData: null,
+        deletedDate: null,
+        reprompt: 0,
+        login: {
+          passwordRevisionDate: new Date("2022-01-31T12:00:00.000Z"),
+          autofillOnPageLoad: false,
+          username: { encryptedString: "EncryptedString", encryptionType: 0 },
+          password: { encryptedString: "EncryptedString", encryptionType: 0 },
+          totp: { encryptedString: "EncryptedString", encryptionType: 0 },
+          uris: [{ match: 0, uri: { encryptedString: "EncryptedString", encryptionType: 0 } }],
+        },
+        attachments: [
+          {
+            fileName: { encryptedString: "file", encryptionType: 0 },
+            id: "a1",
+            key: { encryptedString: "EncKey", encryptionType: 0 },
+            size: "1100",
+            sizeName: "1.1 KB",
+            url: "url",
+          },
+          {
+            fileName: { encryptedString: "file", encryptionType: 0 },
+            id: "a2",
+            key: { encryptedString: "EncKey", encryptionType: 0 },
+            size: "1100",
+            sizeName: "1.1 KB",
+            url: "url",
+          },
+        ],
+        fields: [
+          {
+            linkedId: null,
+            name: { encryptedString: "EncryptedString", encryptionType: 0 },
+            type: 0,
+            value: { encryptedString: "EncryptedString", encryptionType: 0 },
+          },
+          {
+            linkedId: null,
+            name: { encryptedString: "EncryptedString", encryptionType: 0 },
+            type: 1,
+            value: { encryptedString: "EncryptedString", encryptionType: 0 },
+          },
+        ],
+        passwordHistory: [
+          {
+            lastUsedDate: new Date("2022-01-31T12:00:00.000Z"),
+            password: { encryptedString: "EncryptedString", encryptionType: 0 },
+          },
+        ],
+      });
+    });
+
+    it("toCipherData", () => {
+      const cipher = new Cipher(cipherData);
+      expect(cipher.toCipherData("userId")).toEqual(cipherData);
+    });
+
+    it("Decrypt", async () => {
+      const cipher = new Cipher();
+      cipher.id = "id";
+      cipher.organizationId = "orgId";
+      cipher.folderId = "folderId";
+      cipher.edit = true;
+      cipher.viewPassword = true;
+      cipher.organizationUseTotp = true;
+      cipher.favorite = false;
+      cipher.revisionDate = new Date("2022-01-31T12:00:00.000Z");
+      cipher.type = CipherType.Login;
+      cipher.name = mockEnc("EncryptedString");
+      cipher.notes = mockEnc("EncryptedString");
+      cipher.deletedDate = null;
+      cipher.reprompt = CipherRepromptType.None;
+
+      const loginView = new LoginView();
+      loginView.username = "username";
+      loginView.password = "password";
+
+      const login = Substitute.for<Login>();
+      login.decrypt(Arg.any(), Arg.any()).resolves(loginView);
+      cipher.login = login;
+
+      const cipherView = await cipher.decrypt();
+
+      expect(cipherView).toMatchObject({
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        type: 1,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        login: loginView,
+        attachments: null,
+        fields: null,
+        passwordHistory: null,
+        collectionIds: undefined,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        deletedDate: null,
+        reprompt: 0,
+        localData: undefined,
+      });
+    });
+  });
+
+  describe("SecureNoteCipher", () => {
+    let cipherData: CipherData;
+
+    beforeEach(() => {
+      cipherData = {
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        userId: "userId",
+        edit: true,
+        viewPassword: true,
+        organizationUseTotp: true,
+        favorite: false,
+        revisionDate: "2022-01-31T12:00:00.000Z",
+        type: CipherType.SecureNote,
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        deletedDate: null,
+        reprompt: CipherRepromptType.None,
+        secureNote: {
+          type: SecureNoteType.Generic,
+        },
+      };
+    });
+
+    it("Convert", () => {
+      const cipher = new Cipher(cipherData);
+
+      expect(cipher).toEqual({
+        id: "id",
+        userId: "userId",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: { encryptedString: "EncryptedString", encryptionType: 0 },
+        notes: { encryptedString: "EncryptedString", encryptionType: 0 },
+        type: 2,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        collectionIds: undefined,
+        localData: null,
+        deletedDate: null,
+        reprompt: 0,
+        secureNote: { type: SecureNoteType.Generic },
+        attachments: null,
+        fields: null,
+        passwordHistory: null,
+      });
+    });
+
+    it("toCipherData", () => {
+      const cipher = new Cipher(cipherData);
+      expect(cipher.toCipherData("userId")).toEqual(cipherData);
+    });
+
+    it("Decrypt", async () => {
+      const cipher = new Cipher();
+      cipher.id = "id";
+      cipher.organizationId = "orgId";
+      cipher.folderId = "folderId";
+      cipher.edit = true;
+      cipher.viewPassword = true;
+      cipher.organizationUseTotp = true;
+      cipher.favorite = false;
+      cipher.revisionDate = new Date("2022-01-31T12:00:00.000Z");
+      cipher.type = CipherType.SecureNote;
+      cipher.name = mockEnc("EncryptedString");
+      cipher.notes = mockEnc("EncryptedString");
+      cipher.deletedDate = null;
+      cipher.reprompt = CipherRepromptType.None;
+      cipher.secureNote = new SecureNote();
+      cipher.secureNote.type = SecureNoteType.Generic;
+
+      const cipherView = await cipher.decrypt();
+
+      expect(cipherView).toMatchObject({
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        type: 2,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        secureNote: { type: 0 },
+        attachments: null,
+        fields: null,
+        passwordHistory: null,
+        collectionIds: undefined,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        deletedDate: null,
+        reprompt: 0,
+        localData: undefined,
+      });
+    });
+  });
+
+  describe("CardCipher", () => {
+    let cipherData: CipherData;
+
+    beforeEach(() => {
+      cipherData = {
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        userId: "userId",
+        edit: true,
+        viewPassword: true,
+        organizationUseTotp: true,
+        favorite: false,
+        revisionDate: "2022-01-31T12:00:00.000Z",
+        type: CipherType.Card,
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        deletedDate: null,
+        reprompt: CipherRepromptType.None,
+        card: {
+          cardholderName: "EncryptedString",
+          brand: "EncryptedString",
+          number: "EncryptedString",
+          expMonth: "EncryptedString",
+          expYear: "EncryptedString",
+          code: "EncryptedString",
+        },
+      };
+    });
+
+    it("Convert", () => {
+      const cipher = new Cipher(cipherData);
+
+      expect(cipher).toEqual({
+        id: "id",
+        userId: "userId",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: { encryptedString: "EncryptedString", encryptionType: 0 },
+        notes: { encryptedString: "EncryptedString", encryptionType: 0 },
+        type: 3,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        collectionIds: undefined,
+        localData: null,
+        deletedDate: null,
+        reprompt: 0,
+        card: {
+          cardholderName: { encryptedString: "EncryptedString", encryptionType: 0 },
+          brand: { encryptedString: "EncryptedString", encryptionType: 0 },
+          number: { encryptedString: "EncryptedString", encryptionType: 0 },
+          expMonth: { encryptedString: "EncryptedString", encryptionType: 0 },
+          expYear: { encryptedString: "EncryptedString", encryptionType: 0 },
+          code: { encryptedString: "EncryptedString", encryptionType: 0 },
+        },
+        attachments: null,
+        fields: null,
+        passwordHistory: null,
+      });
+    });
+
+    it("toCipherData", () => {
+      const cipher = new Cipher(cipherData);
+      expect(cipher.toCipherData("userId")).toEqual(cipherData);
+    });
+
+    it("Decrypt", async () => {
+      const cipher = new Cipher();
+      cipher.id = "id";
+      cipher.organizationId = "orgId";
+      cipher.folderId = "folderId";
+      cipher.edit = true;
+      cipher.viewPassword = true;
+      cipher.organizationUseTotp = true;
+      cipher.favorite = false;
+      cipher.revisionDate = new Date("2022-01-31T12:00:00.000Z");
+      cipher.type = CipherType.Card;
+      cipher.name = mockEnc("EncryptedString");
+      cipher.notes = mockEnc("EncryptedString");
+      cipher.deletedDate = null;
+      cipher.reprompt = CipherRepromptType.None;
+
+      const cardView = new CardView();
+      cardView.cardholderName = "cardholderName";
+      cardView.number = "4111111111111111";
+
+      const card = Substitute.for<Card>();
+      card.decrypt(Arg.any(), Arg.any()).resolves(cardView);
+      cipher.card = card;
+
+      const cipherView = await cipher.decrypt();
+
+      expect(cipherView).toMatchObject({
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        type: 3,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        card: cardView,
+        attachments: null,
+        fields: null,
+        passwordHistory: null,
+        collectionIds: undefined,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        deletedDate: null,
+        reprompt: 0,
+        localData: undefined,
+      });
+    });
+  });
+
+  describe("IdentityCipher", () => {
+    let cipherData: CipherData;
+
+    beforeEach(() => {
+      cipherData = {
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        userId: "userId",
+        edit: true,
+        viewPassword: true,
+        organizationUseTotp: true,
+        favorite: false,
+        revisionDate: "2022-01-31T12:00:00.000Z",
+        type: CipherType.Identity,
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        deletedDate: null,
+        reprompt: CipherRepromptType.None,
+        identity: {
+          title: "EncryptedString",
+          firstName: "EncryptedString",
+          middleName: "EncryptedString",
+          lastName: "EncryptedString",
+          address1: "EncryptedString",
+          address2: "EncryptedString",
+          address3: "EncryptedString",
+          city: "EncryptedString",
+          state: "EncryptedString",
+          postalCode: "EncryptedString",
+          country: "EncryptedString",
+          company: "EncryptedString",
+          email: "EncryptedString",
+          phone: "EncryptedString",
+          ssn: "EncryptedString",
+          username: "EncryptedString",
+          passportNumber: "EncryptedString",
+          licenseNumber: "EncryptedString",
+        },
+      };
+    });
+
+    it("Convert", () => {
+      const cipher = new Cipher(cipherData);
+
+      expect(cipher).toEqual({
+        id: "id",
+        userId: "userId",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: { encryptedString: "EncryptedString", encryptionType: 0 },
+        notes: { encryptedString: "EncryptedString", encryptionType: 0 },
+        type: 4,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        collectionIds: undefined,
+        localData: null,
+        deletedDate: null,
+        reprompt: 0,
+        identity: {
+          title: { encryptedString: "EncryptedString", encryptionType: 0 },
+          firstName: { encryptedString: "EncryptedString", encryptionType: 0 },
+          middleName: { encryptedString: "EncryptedString", encryptionType: 0 },
+          lastName: { encryptedString: "EncryptedString", encryptionType: 0 },
+          address1: { encryptedString: "EncryptedString", encryptionType: 0 },
+          address2: { encryptedString: "EncryptedString", encryptionType: 0 },
+          address3: { encryptedString: "EncryptedString", encryptionType: 0 },
+          city: { encryptedString: "EncryptedString", encryptionType: 0 },
+          state: { encryptedString: "EncryptedString", encryptionType: 0 },
+          postalCode: { encryptedString: "EncryptedString", encryptionType: 0 },
+          country: { encryptedString: "EncryptedString", encryptionType: 0 },
+          company: { encryptedString: "EncryptedString", encryptionType: 0 },
+          email: { encryptedString: "EncryptedString", encryptionType: 0 },
+          phone: { encryptedString: "EncryptedString", encryptionType: 0 },
+          ssn: { encryptedString: "EncryptedString", encryptionType: 0 },
+          username: { encryptedString: "EncryptedString", encryptionType: 0 },
+          passportNumber: { encryptedString: "EncryptedString", encryptionType: 0 },
+          licenseNumber: { encryptedString: "EncryptedString", encryptionType: 0 },
+        },
+        attachments: null,
+        fields: null,
+        passwordHistory: null,
+      });
+    });
+
+    it("toCipherData", () => {
+      const cipher = new Cipher(cipherData);
+      expect(cipher.toCipherData("userId")).toEqual(cipherData);
+    });
+
+    it("Decrypt", async () => {
+      const cipher = new Cipher();
+      cipher.id = "id";
+      cipher.organizationId = "orgId";
+      cipher.folderId = "folderId";
+      cipher.edit = true;
+      cipher.viewPassword = true;
+      cipher.organizationUseTotp = true;
+      cipher.favorite = false;
+      cipher.revisionDate = new Date("2022-01-31T12:00:00.000Z");
+      cipher.type = CipherType.Identity;
+      cipher.name = mockEnc("EncryptedString");
+      cipher.notes = mockEnc("EncryptedString");
+      cipher.deletedDate = null;
+      cipher.reprompt = CipherRepromptType.None;
+
+      const identityView = new IdentityView();
+      identityView.firstName = "firstName";
+      identityView.lastName = "lastName";
+
+      const identity = Substitute.for<Identity>();
+      identity.decrypt(Arg.any(), Arg.any()).resolves(identityView);
+      cipher.identity = identity;
+
+      const cipherView = await cipher.decrypt();
+
+      expect(cipherView).toMatchObject({
+        id: "id",
+        organizationId: "orgId",
+        folderId: "folderId",
+        name: "EncryptedString",
+        notes: "EncryptedString",
+        type: 4,
+        favorite: false,
+        organizationUseTotp: true,
+        edit: true,
+        viewPassword: true,
+        identity: identityView,
+        attachments: null,
+        fields: null,
+        passwordHistory: null,
+        collectionIds: undefined,
+        revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+        deletedDate: null,
+        reprompt: 0,
+        localData: undefined,
+      });
+    });
+  });
+});

jslib/common/spec/domain/collection.spec.ts

@@ -0,0 +1,66 @@
+import { CollectionData } from "@/jslib/common/src/models/data/collectionData";
+import { Collection } from "@/jslib/common/src/models/domain/collection";
+
+import { mockEnc } from "../utils";
+
+describe("Collection", () => {
+  let data: CollectionData;
+
+  beforeEach(() => {
+    data = {
+      id: "id",
+      organizationId: "orgId",
+      name: "encName",
+      externalId: "extId",
+      readOnly: true,
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new CollectionData({} as any);
+    const card = new Collection(data);
+
+    expect(card).toEqual({
+      externalId: null,
+      hidePasswords: null,
+      id: null,
+      name: null,
+      organizationId: null,
+      readOnly: null,
+    });
+  });
+
+  it("Convert", () => {
+    const collection = new Collection(data);
+
+    expect(collection).toEqual({
+      id: "id",
+      organizationId: "orgId",
+      name: { encryptedString: "encName", encryptionType: 0 },
+      externalId: "extId",
+      readOnly: true,
+      hidePasswords: null,
+    });
+  });
+
+  it("Decrypt", async () => {
+    const collection = new Collection();
+    collection.id = "id";
+    collection.organizationId = "orgId";
+    collection.name = mockEnc("encName");
+    collection.externalId = "extId";
+    collection.readOnly = false;
+    collection.hidePasswords = false;
+
+    const view = await collection.decrypt();
+
+    expect(view).toEqual({
+      externalId: "extId",
+      hidePasswords: false,
+      id: "id",
+      name: "encName",
+      organizationId: "orgId",
+      readOnly: false,
+    });
+  });
+});

jslib/common/spec/domain/field.spec.ts

@@ -0,0 +1,64 @@
+import { FieldType } from "@/jslib/common/src/enums/fieldType";
+import { FieldData } from "@/jslib/common/src/models/data/fieldData";
+import { Field } from "@/jslib/common/src/models/domain/field";
+
+import { mockEnc } from "../utils";
+
+describe("Field", () => {
+  let data: FieldData;
+
+  beforeEach(() => {
+    data = {
+      type: FieldType.Text,
+      name: "encName",
+      value: "encValue",
+      linkedId: null,
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new FieldData();
+    const field = new Field(data);
+
+    expect(field).toEqual({
+      type: undefined,
+      name: null,
+      value: null,
+      linkedId: undefined,
+    });
+  });
+
+  it("Convert", () => {
+    const field = new Field(data);
+
+    expect(field).toEqual({
+      type: FieldType.Text,
+      name: { encryptedString: "encName", encryptionType: 0 },
+      value: { encryptedString: "encValue", encryptionType: 0 },
+      linkedId: null,
+    });
+  });
+
+  it("toFieldData", () => {
+    const field = new Field(data);
+    expect(field.toFieldData()).toEqual(data);
+  });
+
+  it("Decrypt", async () => {
+    const field = new Field();
+    field.type = FieldType.Text;
+    field.name = mockEnc("encName");
+    field.value = mockEnc("encValue");
+
+    const view = await field.decrypt(null);
+
+    expect(view).toEqual({
+      type: 0,
+      name: "encName",
+      value: "encValue",
+      newField: false,
+      showCount: false,
+      showValue: false,
+    });
+  });
+});

jslib/common/spec/domain/folder.spec.ts

@@ -0,0 +1,42 @@
+import { FolderData } from "@/jslib/common/src/models/data/folderData";
+import { Folder } from "@/jslib/common/src/models/domain/folder";
+
+import { mockEnc } from "../utils";
+
+describe("Folder", () => {
+  let data: FolderData;
+
+  beforeEach(() => {
+    data = {
+      id: "id",
+      userId: "userId",
+      name: "encName",
+      revisionDate: "2022-01-31T12:00:00.000Z",
+    };
+  });
+
+  it("Convert", () => {
+    const field = new Folder(data);
+
+    expect(field).toEqual({
+      id: "id",
+      name: { encryptedString: "encName", encryptionType: 0 },
+      revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+    });
+  });
+
+  it("Decrypt", async () => {
+    const folder = new Folder();
+    folder.id = "id";
+    folder.name = mockEnc("encName");
+    folder.revisionDate = new Date("2022-01-31T12:00:00.000Z");
+
+    const view = await folder.decrypt();
+
+    expect(view).toEqual({
+      id: "id",
+      name: "encName",
+      revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+    });
+  });
+});

jslib/common/spec/domain/identity.spec.ts

@@ -0,0 +1,134 @@
+import { IdentityData } from "@/jslib/common/src/models/data/identityData";
+import { Identity } from "@/jslib/common/src/models/domain/identity";
+
+import { mockEnc } from "../utils";
+
+describe("Identity", () => {
+  let data: IdentityData;
+
+  beforeEach(() => {
+    data = {
+      title: "enctitle",
+      firstName: "encfirstName",
+      middleName: "encmiddleName",
+      lastName: "enclastName",
+      address1: "encaddress1",
+      address2: "encaddress2",
+      address3: "encaddress3",
+      city: "enccity",
+      state: "encstate",
+      postalCode: "encpostalCode",
+      country: "enccountry",
+      company: "enccompany",
+      email: "encemail",
+      phone: "encphone",
+      ssn: "encssn",
+      username: "encusername",
+      passportNumber: "encpassportNumber",
+      licenseNumber: "enclicenseNumber",
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new IdentityData();
+    const identity = new Identity(data);
+
+    expect(identity).toEqual({
+      address1: null,
+      address2: null,
+      address3: null,
+      city: null,
+      company: null,
+      country: null,
+      email: null,
+      firstName: null,
+      lastName: null,
+      licenseNumber: null,
+      middleName: null,
+      passportNumber: null,
+      phone: null,
+      postalCode: null,
+      ssn: null,
+      state: null,
+      title: null,
+      username: null,
+    });
+  });
+
+  it("Convert", () => {
+    const identity = new Identity(data);
+
+    expect(identity).toEqual({
+      title: { encryptedString: "enctitle", encryptionType: 0 },
+      firstName: { encryptedString: "encfirstName", encryptionType: 0 },
+      middleName: { encryptedString: "encmiddleName", encryptionType: 0 },
+      lastName: { encryptedString: "enclastName", encryptionType: 0 },
+      address1: { encryptedString: "encaddress1", encryptionType: 0 },
+      address2: { encryptedString: "encaddress2", encryptionType: 0 },
+      address3: { encryptedString: "encaddress3", encryptionType: 0 },
+      city: { encryptedString: "enccity", encryptionType: 0 },
+      state: { encryptedString: "encstate", encryptionType: 0 },
+      postalCode: { encryptedString: "encpostalCode", encryptionType: 0 },
+      country: { encryptedString: "enccountry", encryptionType: 0 },
+      company: { encryptedString: "enccompany", encryptionType: 0 },
+      email: { encryptedString: "encemail", encryptionType: 0 },
+      phone: { encryptedString: "encphone", encryptionType: 0 },
+      ssn: { encryptedString: "encssn", encryptionType: 0 },
+      username: { encryptedString: "encusername", encryptionType: 0 },
+      passportNumber: { encryptedString: "encpassportNumber", encryptionType: 0 },
+      licenseNumber: { encryptedString: "enclicenseNumber", encryptionType: 0 },
+    });
+  });
+
+  it("toIdentityData", () => {
+    const identity = new Identity(data);
+    expect(identity.toIdentityData()).toEqual(data);
+  });
+
+  it("Decrypt", async () => {
+    const identity = new Identity();
+
+    identity.title = mockEnc("mockTitle");
+    identity.firstName = mockEnc("mockFirstName");
+    identity.middleName = mockEnc("mockMiddleName");
+    identity.lastName = mockEnc("mockLastName");
+    identity.address1 = mockEnc("mockAddress1");
+    identity.address2 = mockEnc("mockAddress2");
+    identity.address3 = mockEnc("mockAddress3");
+    identity.city = mockEnc("mockCity");
+    identity.state = mockEnc("mockState");
+    identity.postalCode = mockEnc("mockPostalCode");
+    identity.country = mockEnc("mockCountry");
+    identity.company = mockEnc("mockCompany");
+    identity.email = mockEnc("mockEmail");
+    identity.phone = mockEnc("mockPhone");
+    identity.ssn = mockEnc("mockSsn");
+    identity.username = mockEnc("mockUsername");
+    identity.passportNumber = mockEnc("mockPassportNumber");
+    identity.licenseNumber = mockEnc("mockLicenseNumber");
+
+    const view = await identity.decrypt(null);
+
+    expect(view).toEqual({
+      _firstName: "mockFirstName",
+      _lastName: "mockLastName",
+      _subTitle: null,
+      address1: "mockAddress1",
+      address2: "mockAddress2",
+      address3: "mockAddress3",
+      city: "mockCity",
+      company: "mockCompany",
+      country: "mockCountry",
+      email: "mockEmail",
+      licenseNumber: "mockLicenseNumber",
+      middleName: "mockMiddleName",
+      passportNumber: "mockPassportNumber",
+      phone: "mockPhone",
+      postalCode: "mockPostalCode",
+      ssn: "mockSsn",
+      state: "mockState",
+      title: "mockTitle",
+      username: "mockUsername",
+    });
+  });
+});

jslib/common/spec/domain/login.spec.ts

@@ -0,0 +1,101 @@
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
+
+import { UriMatchType } from "@/jslib/common/src/enums/uriMatchType";
+import { LoginData } from "@/jslib/common/src/models/data/loginData";
+import { Login } from "@/jslib/common/src/models/domain/login";
+import { LoginUri } from "@/jslib/common/src/models/domain/loginUri";
+import { LoginUriView } from "@/jslib/common/src/models/view/loginUriView";
+
+import { mockEnc } from "../utils";
+
+describe("Login DTO", () => {
+  it("Convert from empty LoginData", () => {
+    const data = new LoginData();
+    const login = new Login(data);
+
+    expect(login).toEqual({
+      passwordRevisionDate: null,
+      autofillOnPageLoad: undefined,
+      username: null,
+      password: null,
+      totp: null,
+    });
+  });
+
+  it("Convert from full LoginData", () => {
+    const data: LoginData = {
+      uris: [{ uri: "uri", match: UriMatchType.Domain }],
+      username: "username",
+      password: "password",
+      passwordRevisionDate: "2022-01-31T12:00:00.000Z",
+      totp: "123",
+      autofillOnPageLoad: false,
+    };
+    const login = new Login(data);
+
+    expect(login).toEqual({
+      passwordRevisionDate: new Date("2022-01-31T12:00:00.000Z"),
+      autofillOnPageLoad: false,
+      username: { encryptedString: "username", encryptionType: 0 },
+      password: { encryptedString: "password", encryptionType: 0 },
+      totp: { encryptedString: "123", encryptionType: 0 },
+      uris: [{ match: 0, uri: { encryptedString: "uri", encryptionType: 0 } }],
+    });
+  });
+
+  it("Initialize without LoginData", () => {
+    const login = new Login();
+
+    expect(login).toEqual({});
+  });
+
+  it("Decrypts correctly", async () => {
+    const loginUri = Substitute.for<LoginUri>();
+    const loginUriView = new LoginUriView();
+    loginUriView.uri = "decrypted uri";
+    loginUri.decrypt(Arg.any()).resolves(loginUriView);
+
+    const login = new Login();
+    login.uris = [loginUri];
+    login.username = mockEnc("encrypted username");
+    login.password = mockEnc("encrypted password");
+    login.passwordRevisionDate = new Date("2022-01-31T12:00:00.000Z");
+    login.totp = mockEnc("encrypted totp");
+    login.autofillOnPageLoad = true;
+
+    const loginView = await login.decrypt(null);
+    expect(loginView).toEqual({
+      username: "encrypted username",
+      password: "encrypted password",
+      passwordRevisionDate: new Date("2022-01-31T12:00:00.000Z"),
+      totp: "encrypted totp",
+      uris: [
+        {
+          match: null,
+          _uri: "decrypted uri",
+          _domain: null,
+          _hostname: null,
+          _host: null,
+          _canLaunch: null,
+        },
+      ],
+      autofillOnPageLoad: true,
+    });
+  });
+
+  it("Converts from LoginData and back", () => {
+    const data: LoginData = {
+      uris: [{ uri: "uri", match: UriMatchType.Domain }],
+      username: "username",
+      password: "password",
+      passwordRevisionDate: "2022-01-31T12:00:00.000Z",
+      totp: "123",
+      autofillOnPageLoad: false,
+    };
+    const login = new Login(data);
+
+    const loginData = login.toLoginData();
+
+    expect(loginData).toEqual(data);
+  });
+});

jslib/common/spec/domain/loginUri.spec.ts

@@ -0,0 +1,57 @@
+import { UriMatchType } from "@/jslib/common/src/enums/uriMatchType";
+import { LoginUriData } from "@/jslib/common/src/models/data/loginUriData";
+import { LoginUri } from "@/jslib/common/src/models/domain/loginUri";
+
+import { mockEnc } from "../utils";
+
+describe("LoginUri", () => {
+  let data: LoginUriData;
+
+  beforeEach(() => {
+    data = {
+      uri: "encUri",
+      match: UriMatchType.Domain,
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new LoginUriData();
+    const loginUri = new LoginUri(data);
+
+    expect(loginUri).toEqual({
+      match: null,
+      uri: null,
+    });
+  });
+
+  it("Convert", () => {
+    const loginUri = new LoginUri(data);
+
+    expect(loginUri).toEqual({
+      match: 0,
+      uri: { encryptedString: "encUri", encryptionType: 0 },
+    });
+  });
+
+  it("toLoginUriData", () => {
+    const loginUri = new LoginUri(data);
+    expect(loginUri.toLoginUriData()).toEqual(data);
+  });
+
+  it("Decrypt", async () => {
+    const loginUri = new LoginUri();
+    loginUri.match = UriMatchType.Exact;
+    loginUri.uri = mockEnc("uri");
+
+    const view = await loginUri.decrypt(null);
+
+    expect(view).toEqual({
+      _canLaunch: null,
+      _domain: null,
+      _host: null,
+      _hostname: null,
+      _uri: "uri",
+      match: 3,
+    });
+  });
+});

jslib/common/spec/domain/password.spec.ts

@@ -0,0 +1,51 @@
+import { PasswordHistoryData } from "@/jslib/common/src/models/data/passwordHistoryData";
+import { Password } from "@/jslib/common/src/models/domain/password";
+
+import { mockEnc } from "../utils";
+
+describe("Password", () => {
+  let data: PasswordHistoryData;
+
+  beforeEach(() => {
+    data = {
+      password: "encPassword",
+      lastUsedDate: "2022-01-31T12:00:00.000Z",
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new PasswordHistoryData();
+    const password = new Password(data);
+
+    expect(password).toMatchObject({
+      password: null,
+    });
+  });
+
+  it("Convert", () => {
+    const password = new Password(data);
+
+    expect(password).toEqual({
+      password: { encryptedString: "encPassword", encryptionType: 0 },
+      lastUsedDate: new Date("2022-01-31T12:00:00.000Z"),
+    });
+  });
+
+  it("toPasswordHistoryData", () => {
+    const password = new Password(data);
+    expect(password.toPasswordHistoryData()).toEqual(data);
+  });
+
+  it("Decrypt", async () => {
+    const password = new Password();
+    password.password = mockEnc("password");
+    password.lastUsedDate = new Date("2022-01-31T12:00:00.000Z");
+
+    const view = await password.decrypt(null);
+
+    expect(view).toEqual({
+      password: "password",
+      lastUsedDate: new Date("2022-01-31T12:00:00.000Z"),
+    });
+  });
+});

jslib/common/spec/domain/secureNote.spec.ts

@@ -0,0 +1,46 @@
+import { SecureNoteType } from "@/jslib/common/src/enums/secureNoteType";
+import { SecureNoteData } from "@/jslib/common/src/models/data/secureNoteData";
+import { SecureNote } from "@/jslib/common/src/models/domain/secureNote";
+
+describe("SecureNote", () => {
+  let data: SecureNoteData;
+
+  beforeEach(() => {
+    data = {
+      type: SecureNoteType.Generic,
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new SecureNoteData();
+    const secureNote = new SecureNote(data);
+
+    expect(secureNote).toEqual({
+      type: undefined,
+    });
+  });
+
+  it("Convert", () => {
+    const secureNote = new SecureNote(data);
+
+    expect(secureNote).toEqual({
+      type: 0,
+    });
+  });
+
+  it("toSecureNoteData", () => {
+    const secureNote = new SecureNote(data);
+    expect(secureNote.toSecureNoteData()).toEqual(data);
+  });
+
+  it("Decrypt", async () => {
+    const secureNote = new SecureNote();
+    secureNote.type = SecureNoteType.Generic;
+
+    const view = await secureNote.decrypt(null);
+
+    expect(view).toEqual({
+      type: 0,
+    });
+  });
+});

jslib/common/spec/domain/send.spec.ts

@@ -0,0 +1,144 @@
+import { Substitute, Arg, SubstituteOf } from "@fluffy-spoon/substitute";
+
+import { CryptoService } from "@/jslib/common/src/abstractions/crypto.service";
+import { SendType } from "@/jslib/common/src/enums/sendType";
+import { SendData } from "@/jslib/common/src/models/data/sendData";
+import { EncString } from "@/jslib/common/src/models/domain/encString";
+import { Send } from "@/jslib/common/src/models/domain/send";
+import { SendText } from "@/jslib/common/src/models/domain/sendText";
+import { ContainerService } from "@/jslib/common/src/services/container.service";
+
+import { makeStaticByteArray, mockEnc } from "../utils";
+
+describe("Send", () => {
+  let data: SendData;
+
+  beforeEach(() => {
+    data = {
+      id: "id",
+      accessId: "accessId",
+      userId: "userId",
+      type: SendType.Text,
+      name: "encName",
+      notes: "encNotes",
+      text: {
+        text: "encText",
+        hidden: true,
+      },
+      file: null,
+      key: "encKey",
+      maxAccessCount: null,
+      accessCount: 10,
+      revisionDate: "2022-01-31T12:00:00.000Z",
+      expirationDate: "2022-01-31T12:00:00.000Z",
+      deletionDate: "2022-01-31T12:00:00.000Z",
+      password: "password",
+      disabled: false,
+      hideEmail: true,
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new SendData();
+    const send = new Send(data);
+
+    expect(send).toEqual({
+      id: null,
+      accessId: null,
+      userId: null,
+      type: undefined,
+      name: null,
+      notes: null,
+      text: undefined,
+      file: undefined,
+      key: null,
+      maxAccessCount: undefined,
+      accessCount: undefined,
+      revisionDate: null,
+      expirationDate: null,
+      deletionDate: null,
+      password: undefined,
+      disabled: undefined,
+      hideEmail: undefined,
+    });
+  });
+
+  it("Convert", () => {
+    const send = new Send(data);
+
+    expect(send).toEqual({
+      id: "id",
+      accessId: "accessId",
+      userId: "userId",
+      type: SendType.Text,
+      name: { encryptedString: "encName", encryptionType: 0 },
+      notes: { encryptedString: "encNotes", encryptionType: 0 },
+      text: {
+        text: { encryptedString: "encText", encryptionType: 0 },
+        hidden: true,
+      },
+      key: { encryptedString: "encKey", encryptionType: 0 },
+      maxAccessCount: null,
+      accessCount: 10,
+      revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+      expirationDate: new Date("2022-01-31T12:00:00.000Z"),
+      deletionDate: new Date("2022-01-31T12:00:00.000Z"),
+      password: "password",
+      disabled: false,
+      hideEmail: true,
+    });
+  });
+
+  it("Decrypt", async () => {
+    const text = Substitute.for<SendText>();
+    text.decrypt(Arg.any()).resolves("textView" as any);
+
+    const send = new Send();
+    send.id = "id";
+    send.accessId = "accessId";
+    send.userId = "userId";
+    send.type = SendType.Text;
+    send.name = mockEnc("name");
+    send.notes = mockEnc("notes");
+    send.text = text;
+    send.key = mockEnc("key");
+    send.accessCount = 10;
+    send.revisionDate = new Date("2022-01-31T12:00:00.000Z");
+    send.expirationDate = new Date("2022-01-31T12:00:00.000Z");
+    send.deletionDate = new Date("2022-01-31T12:00:00.000Z");
+    send.password = "password";
+    send.disabled = false;
+    send.hideEmail = true;
+
+    const cryptoService = Substitute.for<CryptoService>();
+    cryptoService.decryptToBytes(send.key, null).resolves(makeStaticByteArray(32));
+    cryptoService.makeSendKey(Arg.any()).resolves("cryptoKey" as any);
+
+    (window as any).bitwardenContainerService = new ContainerService(cryptoService);
+
+    const view = await send.decrypt();
+
+    text.received(1).decrypt("cryptoKey" as any);
+    (send.name as SubstituteOf<EncString>).received(1).decrypt(null, "cryptoKey" as any);
+
+    expect(view).toMatchObject({
+      id: "id",
+      accessId: "accessId",
+      name: "name",
+      notes: "notes",
+      type: 0,
+      key: expect.anything(),
+      cryptoKey: "cryptoKey",
+      file: expect.anything(),
+      text: "textView",
+      maxAccessCount: undefined,
+      accessCount: 10,
+      revisionDate: new Date("2022-01-31T12:00:00.000Z"),
+      expirationDate: new Date("2022-01-31T12:00:00.000Z"),
+      deletionDate: new Date("2022-01-31T12:00:00.000Z"),
+      password: "password",
+      disabled: false,
+      hideEmail: true,
+    });
+  });
+});

jslib/common/spec/domain/sendAccess.spec.ts

@@ -0,0 +1,84 @@
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
+
+import { SendType } from "@/jslib/common/src/enums/sendType";
+import { SendAccess } from "@/jslib/common/src/models/domain/sendAccess";
+import { SendText } from "@/jslib/common/src/models/domain/sendText";
+import { SendAccessResponse } from "@/jslib/common/src/models/response/sendAccessResponse";
+
+import { mockEnc } from "../utils";
+
+describe("SendAccess", () => {
+  let request: SendAccessResponse;
+
+  beforeEach(() => {
+    request = {
+      id: "id",
+      type: SendType.Text,
+      name: "encName",
+      file: null,
+      text: {
+        text: "encText",
+        hidden: true,
+      },
+      expirationDate: new Date("2022-01-31T12:00:00.000Z"),
+      creatorIdentifier: "creatorIdentifier",
+    } as SendAccessResponse;
+  });
+
+  it("Convert from empty", () => {
+    const request = new SendAccessResponse({});
+    const sendAccess = new SendAccess(request);
+
+    expect(sendAccess).toEqual({
+      id: null,
+      type: undefined,
+      name: null,
+      creatorIdentifier: null,
+      expirationDate: null,
+    });
+  });
+
+  it("Convert", () => {
+    const sendAccess = new SendAccess(request);
+
+    expect(sendAccess).toEqual({
+      id: "id",
+      type: 0,
+      name: { encryptedString: "encName", encryptionType: 0 },
+      text: {
+        hidden: true,
+        text: { encryptedString: "encText", encryptionType: 0 },
+      },
+      expirationDate: new Date("2022-01-31T12:00:00.000Z"),
+      creatorIdentifier: "creatorIdentifier",
+    });
+  });
+
+  it("Decrypt", async () => {
+    const sendAccess = new SendAccess();
+    sendAccess.id = "id";
+    sendAccess.type = SendType.Text;
+    sendAccess.name = mockEnc("name");
+
+    const text = Substitute.for<SendText>();
+    text.decrypt(Arg.any()).resolves({} as any);
+    sendAccess.text = text;
+
+    sendAccess.expirationDate = new Date("2022-01-31T12:00:00.000Z");
+    sendAccess.creatorIdentifier = "creatorIdentifier";
+
+    const view = await sendAccess.decrypt(null);
+
+    text.received(1).decrypt(Arg.any());
+
+    expect(view).toEqual({
+      id: "id",
+      type: 0,
+      name: "name",
+      text: {},
+      file: expect.anything(),
+      expirationDate: new Date("2022-01-31T12:00:00.000Z"),
+      creatorIdentifier: "creatorIdentifier",
+    });
+  });
+});

jslib/common/spec/domain/sendFile.spec.ts

@@ -0,0 +1,57 @@
+import { SendFileData } from "@/jslib/common/src/models/data/sendFileData";
+import { SendFile } from "@/jslib/common/src/models/domain/sendFile";
+
+import { mockEnc } from "../utils";
+
+describe("SendFile", () => {
+  let data: SendFileData;
+
+  beforeEach(() => {
+    data = {
+      id: "id",
+      size: "1100",
+      sizeName: "1.1 KB",
+      fileName: "encFileName",
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new SendFileData();
+    const sendFile = new SendFile(data);
+
+    expect(sendFile).toEqual({
+      fileName: null,
+      id: null,
+      size: undefined,
+      sizeName: null,
+    });
+  });
+
+  it("Convert", () => {
+    const sendFile = new SendFile(data);
+
+    expect(sendFile).toEqual({
+      id: "id",
+      size: "1100",
+      sizeName: "1.1 KB",
+      fileName: { encryptedString: "encFileName", encryptionType: 0 },
+    });
+  });
+
+  it("Decrypt", async () => {
+    const sendFile = new SendFile();
+    sendFile.id = "id";
+    sendFile.size = "1100";
+    sendFile.sizeName = "1.1 KB";
+    sendFile.fileName = mockEnc("fileName");
+
+    const view = await sendFile.decrypt(null);
+
+    expect(view).toEqual({
+      fileName: "fileName",
+      id: "id",
+      size: "1100",
+      sizeName: "1.1 KB",
+    });
+  });
+});

jslib/common/spec/domain/sendText.spec.ts

@@ -0,0 +1,47 @@
+import { SendTextData } from "@/jslib/common/src/models/data/sendTextData";
+import { SendText } from "@/jslib/common/src/models/domain/sendText";
+
+import { mockEnc } from "../utils";
+
+describe("SendText", () => {
+  let data: SendTextData;
+
+  beforeEach(() => {
+    data = {
+      text: "encText",
+      hidden: false,
+    };
+  });
+
+  it("Convert from empty", () => {
+    const data = new SendTextData();
+    const secureNote = new SendText(data);
+
+    expect(secureNote).toEqual({
+      hidden: undefined,
+      text: null,
+    });
+  });
+
+  it("Convert", () => {
+    const secureNote = new SendText(data);
+
+    expect(secureNote).toEqual({
+      hidden: false,
+      text: { encryptedString: "encText", encryptionType: 0 },
+    });
+  });
+
+  it("Decrypt", async () => {
+    const secureNote = new SendText();
+    secureNote.text = mockEnc("text");
+    secureNote.hidden = true;
+
+    const view = await secureNote.decrypt(null);
+
+    expect(view).toEqual({
+      text: "text",
+      hidden: true,
+    });
+  });
+});

jslib/common/src/abstractions/api.service.ts

@@ -2,9 +2,9 @@ import { ApiTokenRequest } from "../models/request/identityToken/apiTokenRequest
 import { PasswordTokenRequest } from "../models/request/identityToken/passwordTokenRequest";
 import { SsoTokenRequest } from "../models/request/identityToken/ssoTokenRequest";
 import { OrganizationImportRequest } from "../models/request/organizationImportRequest";
-import { IdentityCaptchaResponse } from "../models/response/identityCaptchaResponse";
+import { IdentityCaptchaResponse } from '../models/response/identityCaptchaResponse';
-import { IdentityTokenResponse } from "../models/response/identityTokenResponse";
+import { IdentityTokenResponse } from '../models/response/identityTokenResponse';
-import { IdentityTwoFactorResponse } from "../models/response/identityTwoFactorResponse";
+import { IdentityTwoFactorResponse } from '../models/response/identityTwoFactorResponse';
 
 export abstract class ApiService {
   postIdentityToken: (

jslib/common/src/abstractions/state.service.ts

@@ -3,14 +3,26 @@ import { Observable } from "rxjs";
 import { KdfType } from "../enums/kdfType";
 import { ThemeType } from "../enums/themeType";
 import { UriMatchType } from "../enums/uriMatchType";
+import { CipherData } from "../models/data/cipherData";
+import { CollectionData } from "../models/data/collectionData";
+import { EventData } from "../models/data/eventData";
+import { FolderData } from "../models/data/folderData";
 import { OrganizationData } from "../models/data/organizationData";
+import { PolicyData } from "../models/data/policyData";
 import { ProviderData } from "../models/data/providerData";
+import { SendData } from "../models/data/sendData";
 import { Account } from "../models/domain/account";
 import { EncString } from "../models/domain/encString";
 import { EnvironmentUrls } from "../models/domain/environmentUrls";
+import { GeneratedPasswordHistory } from "../models/domain/generatedPasswordHistory";
+import { Policy } from "../models/domain/policy";
 import { StorageOptions } from "../models/domain/storageOptions";
 import { SymmetricCryptoKey } from "../models/domain/symmetricCryptoKey";
 import { WindowState } from "../models/domain/windowState";
+import { CipherView } from "../models/view/cipherView";
+import { CollectionView } from "../models/view/collectionView";
+import { FolderView } from "../models/view/folderView";
+import { SendView } from "../models/view/sendView";
 
 export abstract class StateService<T extends Account = Account> {
   accounts$: Observable<{ [userId: string]: T }>;
@@ -33,6 +45,8 @@ export abstract class StateService<T extends Account = Account> {
   setApiKeyClientSecret: (value: string, options?: StorageOptions) => Promise<void>;
   getAutoConfirmFingerPrints: (options?: StorageOptions) => Promise<boolean>;
   setAutoConfirmFingerprints: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getAutoFillOnPageLoadDefault: (options?: StorageOptions) => Promise<boolean>;
+  setAutoFillOnPageLoadDefault: (value: boolean, options?: StorageOptions) => Promise<void>;
   getBiometricAwaitingAcceptance: (options?: StorageOptions) => Promise<boolean>;
   setBiometricAwaitingAcceptance: (value: boolean, options?: StorageOptions) => Promise<void>;
   getBiometricFingerprintValidated: (options?: StorageOptions) => Promise<boolean>;
@@ -61,11 +75,17 @@ export abstract class StateService<T extends Account = Account> {
   setCryptoMasterKeyBiometric: (value: string, options?: StorageOptions) => Promise<void>;
   getDecodedToken: (options?: StorageOptions) => Promise<any>;
   setDecodedToken: (value: any, options?: StorageOptions) => Promise<void>;
+  getDecryptedCiphers: (options?: StorageOptions) => Promise<CipherView[]>;
+  setDecryptedCiphers: (value: CipherView[], options?: StorageOptions) => Promise<void>;
+  getDecryptedCollections: (options?: StorageOptions) => Promise<CollectionView[]>;
+  setDecryptedCollections: (value: CollectionView[], options?: StorageOptions) => Promise<void>;
   getDecryptedCryptoSymmetricKey: (options?: StorageOptions) => Promise<SymmetricCryptoKey>;
   setDecryptedCryptoSymmetricKey: (
     value: SymmetricCryptoKey,
     options?: StorageOptions,
   ) => Promise<void>;
+  getDecryptedFolders: (options?: StorageOptions) => Promise<FolderView[]>;
+  setDecryptedFolders: (value: FolderView[], options?: StorageOptions) => Promise<void>;
   getDecryptedOrganizationKeys: (
     options?: StorageOptions,
   ) => Promise<Map<string, SymmetricCryptoKey>>;
@@ -73,8 +93,17 @@ export abstract class StateService<T extends Account = Account> {
     value: Map<string, SymmetricCryptoKey>,
     options?: StorageOptions,
   ) => Promise<void>;
+  getDecryptedPasswordGenerationHistory: (
+    options?: StorageOptions,
+  ) => Promise<GeneratedPasswordHistory[]>;
+  setDecryptedPasswordGenerationHistory: (
+    value: GeneratedPasswordHistory[],
+    options?: StorageOptions,
+  ) => Promise<void>;
   getDecryptedPinProtected: (options?: StorageOptions) => Promise<EncString>;
   setDecryptedPinProtected: (value: EncString, options?: StorageOptions) => Promise<void>;
+  getDecryptedPolicies: (options?: StorageOptions) => Promise<Policy[]>;
+  setDecryptedPolicies: (value: Policy[], options?: StorageOptions) => Promise<void>;
   getDecryptedPrivateKey: (options?: StorageOptions) => Promise<ArrayBuffer>;
   setDecryptedPrivateKey: (value: ArrayBuffer, options?: StorageOptions) => Promise<void>;
   getDecryptedProviderKeys: (options?: StorageOptions) => Promise<Map<string, SymmetricCryptoKey>>;
@@ -82,54 +111,111 @@ export abstract class StateService<T extends Account = Account> {
     value: Map<string, SymmetricCryptoKey>,
     options?: StorageOptions,
   ) => Promise<void>;
+  getDecryptedSends: (options?: StorageOptions) => Promise<SendView[]>;
+  setDecryptedSends: (value: SendView[], options?: StorageOptions) => Promise<void>;
   getDefaultUriMatch: (options?: StorageOptions) => Promise<UriMatchType>;
   setDefaultUriMatch: (value: UriMatchType, options?: StorageOptions) => Promise<void>;
+  getDisableAddLoginNotification: (options?: StorageOptions) => Promise<boolean>;
+  setDisableAddLoginNotification: (value: boolean, options?: StorageOptions) => Promise<void>;
   getDisableAutoBiometricsPrompt: (options?: StorageOptions) => Promise<boolean>;
   setDisableAutoBiometricsPrompt: (value: boolean, options?: StorageOptions) => Promise<void>;
   getDisableAutoTotpCopy: (options?: StorageOptions) => Promise<boolean>;
   setDisableAutoTotpCopy: (value: boolean, options?: StorageOptions) => Promise<void>;
   getDisableBadgeCounter: (options?: StorageOptions) => Promise<boolean>;
   setDisableBadgeCounter: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getDisableChangedPasswordNotification: (options?: StorageOptions) => Promise<boolean>;
+  setDisableChangedPasswordNotification: (
+    value: boolean,
+    options?: StorageOptions,
+  ) => Promise<void>;
   getDisableContextMenuItem: (options?: StorageOptions) => Promise<boolean>;
   setDisableContextMenuItem: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getDisableFavicon: (options?: StorageOptions) => Promise<boolean>;
+  setDisableFavicon: (value: boolean, options?: StorageOptions) => Promise<void>;
   getDisableGa: (options?: StorageOptions) => Promise<boolean>;
   setDisableGa: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getDontShowCardsCurrentTab: (options?: StorageOptions) => Promise<boolean>;
+  setDontShowCardsCurrentTab: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getDontShowIdentitiesCurrentTab: (options?: StorageOptions) => Promise<boolean>;
+  setDontShowIdentitiesCurrentTab: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEmail: (options?: StorageOptions) => Promise<string>;
   setEmail: (value: string, options?: StorageOptions) => Promise<void>;
   getEmailVerified: (options?: StorageOptions) => Promise<boolean>;
   setEmailVerified: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEnableAlwaysOnTop: (options?: StorageOptions) => Promise<boolean>;
   setEnableAlwaysOnTop: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getEnableAutoFillOnPageLoad: (options?: StorageOptions) => Promise<boolean>;
+  setEnableAutoFillOnPageLoad: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEnableBiometric: (options?: StorageOptions) => Promise<boolean>;
   setEnableBiometric: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getEnableBrowserIntegration: (options?: StorageOptions) => Promise<boolean>;
+  setEnableBrowserIntegration: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getEnableBrowserIntegrationFingerprint: (options?: StorageOptions) => Promise<boolean>;
+  setEnableBrowserIntegrationFingerprint: (
+    value: boolean,
+    options?: StorageOptions,
+  ) => Promise<void>;
   getEnableCloseToTray: (options?: StorageOptions) => Promise<boolean>;
   setEnableCloseToTray: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEnableFullWidth: (options?: StorageOptions) => Promise<boolean>;
   setEnableFullWidth: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getEnableGravitars: (options?: StorageOptions) => Promise<boolean>;
+  setEnableGravitars: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEnableMinimizeToTray: (options?: StorageOptions) => Promise<boolean>;
   setEnableMinimizeToTray: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEnableStartToTray: (options?: StorageOptions) => Promise<boolean>;
   setEnableStartToTray: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEnableTray: (options?: StorageOptions) => Promise<boolean>;
   setEnableTray: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getEncryptedCiphers: (options?: StorageOptions) => Promise<{ [id: string]: CipherData }>;
+  setEncryptedCiphers: (
+    value: { [id: string]: CipherData },
+    options?: StorageOptions,
+  ) => Promise<void>;
+  getEncryptedCollections: (options?: StorageOptions) => Promise<{ [id: string]: CollectionData }>;
+  setEncryptedCollections: (
+    value: { [id: string]: CollectionData },
+    options?: StorageOptions,
+  ) => Promise<void>;
   getEncryptedCryptoSymmetricKey: (options?: StorageOptions) => Promise<string>;
   setEncryptedCryptoSymmetricKey: (value: string, options?: StorageOptions) => Promise<void>;
+  getEncryptedFolders: (options?: StorageOptions) => Promise<{ [id: string]: FolderData }>;
+  setEncryptedFolders: (
+    value: { [id: string]: FolderData },
+    options?: StorageOptions,
+  ) => Promise<void>;
   getEncryptedOrganizationKeys: (options?: StorageOptions) => Promise<any>;
   setEncryptedOrganizationKeys: (
     value: Map<string, SymmetricCryptoKey>,
     options?: StorageOptions,
   ) => Promise<void>;
+  getEncryptedPasswordGenerationHistory: (
+    options?: StorageOptions,
+  ) => Promise<GeneratedPasswordHistory[]>;
+  setEncryptedPasswordGenerationHistory: (
+    value: GeneratedPasswordHistory[],
+    options?: StorageOptions,
+  ) => Promise<void>;
   getEncryptedPinProtected: (options?: StorageOptions) => Promise<string>;
   setEncryptedPinProtected: (value: string, options?: StorageOptions) => Promise<void>;
+  getEncryptedPolicies: (options?: StorageOptions) => Promise<{ [id: string]: PolicyData }>;
+  setEncryptedPolicies: (
+    value: { [id: string]: PolicyData },
+    options?: StorageOptions,
+  ) => Promise<void>;
   getEncryptedPrivateKey: (options?: StorageOptions) => Promise<string>;
   setEncryptedPrivateKey: (value: string, options?: StorageOptions) => Promise<void>;
   getEncryptedProviderKeys: (options?: StorageOptions) => Promise<any>;
   setEncryptedProviderKeys: (value: any, options?: StorageOptions) => Promise<void>;
+  getEncryptedSends: (options?: StorageOptions) => Promise<{ [id: string]: SendData }>;
+  setEncryptedSends: (value: { [id: string]: SendData }, options?: StorageOptions) => Promise<void>;
   getEntityId: (options?: StorageOptions) => Promise<string>;
   getEnvironmentUrls: (options?: StorageOptions) => Promise<EnvironmentUrls>;
   setEnvironmentUrls: (value: EnvironmentUrls, options?: StorageOptions) => Promise<void>;
   getEquivalentDomains: (options?: StorageOptions) => Promise<any>;
   setEquivalentDomains: (value: string, options?: StorageOptions) => Promise<void>;
+  getEventCollection: (options?: StorageOptions) => Promise<EventData[]>;
+  setEventCollection: (value: EventData[], options?: StorageOptions) => Promise<void>;
   getEverBeenUnlocked: (options?: StorageOptions) => Promise<boolean>;
   setEverBeenUnlocked: (value: boolean, options?: StorageOptions) => Promise<void>;
   getForcePasswordReset: (options?: StorageOptions) => Promise<boolean>;

jslib/common/src/enums/eventType.ts

@@ -0,0 +1,72 @@
+export enum EventType {
+  User_LoggedIn = 1000,
+  User_ChangedPassword = 1001,
+  User_Updated2fa = 1002,
+  User_Disabled2fa = 1003,
+  User_Recovered2fa = 1004,
+  User_FailedLogIn = 1005,
+  User_FailedLogIn2fa = 1006,
+  User_ClientExportedVault = 1007,
+  User_UpdatedTempPassword = 1008,
+  User_MigratedKeyToKeyConnector = 1009,
+
+  Cipher_Created = 1100,
+  Cipher_Updated = 1101,
+  Cipher_Deleted = 1102,
+  Cipher_AttachmentCreated = 1103,
+  Cipher_AttachmentDeleted = 1104,
+  Cipher_Shared = 1105,
+  Cipher_UpdatedCollections = 1106,
+  Cipher_ClientViewed = 1107,
+  Cipher_ClientToggledPasswordVisible = 1108,
+  Cipher_ClientToggledHiddenFieldVisible = 1109,
+  Cipher_ClientToggledCardCodeVisible = 1110,
+  Cipher_ClientCopiedPassword = 1111,
+  Cipher_ClientCopiedHiddenField = 1112,
+  Cipher_ClientCopiedCardCode = 1113,
+  Cipher_ClientAutofilled = 1114,
+  Cipher_SoftDeleted = 1115,
+  Cipher_Restored = 1116,
+  Cipher_ClientToggledCardNumberVisible = 1117,
+
+  Collection_Created = 1300,
+  Collection_Updated = 1301,
+  Collection_Deleted = 1302,
+
+  Group_Created = 1400,
+  Group_Updated = 1401,
+  Group_Deleted = 1402,
+
+  OrganizationUser_Invited = 1500,
+  OrganizationUser_Confirmed = 1501,
+  OrganizationUser_Updated = 1502,
+  OrganizationUser_Removed = 1503,
+  OrganizationUser_UpdatedGroups = 1504,
+  OrganizationUser_UnlinkedSso = 1505,
+  OrganizationUser_ResetPassword_Enroll = 1506,
+  OrganizationUser_ResetPassword_Withdraw = 1507,
+  OrganizationUser_AdminResetPassword = 1508,
+  OrganizationUser_ResetSsoLink = 1509,
+  OrganizationUser_FirstSsoLogin = 1510,
+
+  Organization_Updated = 1600,
+  Organization_PurgedVault = 1601,
+  // Organization_ClientExportedVault = 1602,
+  Organization_VaultAccessed = 1603,
+  Organization_EnabledSso = 1604,
+  Organization_DisabledSso = 1605,
+  Organization_EnabledKeyConnector = 1606,
+  Organization_DisabledKeyConnector = 1607,
+
+  Policy_Updated = 1700,
+
+  ProviderUser_Invited = 1800,
+  ProviderUser_Confirmed = 1801,
+  ProviderUser_Updated = 1802,
+  ProviderUser_Removed = 1803,
+
+  ProviderOrganization_Created = 1900,
+  ProviderOrganization_Added = 1901,
+  ProviderOrganization_Removed = 1902,
+  ProviderOrganization_VaultAccessed = 1903,
+}

jslib/common/src/enums/linkedIdType.ts

@@ -0,0 +1,40 @@
+export type LinkedIdType = LoginLinkedId | CardLinkedId | IdentityLinkedId;
+
+// LoginView
+export enum LoginLinkedId {
+  Username = 100,
+  Password = 101,
+}
+
+// CardView
+export enum CardLinkedId {
+  CardholderName = 300,
+  ExpMonth = 301,
+  ExpYear = 302,
+  Code = 303,
+  Brand = 304,
+  Number = 305,
+}
+
+// IdentityView
+export enum IdentityLinkedId {
+  Title = 400,
+  MiddleName = 401,
+  Address1 = 402,
+  Address2 = 403,
+  Address3 = 404,
+  City = 405,
+  State = 406,
+  PostalCode = 407,
+  Country = 408,
+  Company = 409,
+  Email = 410,
+  Phone = 411,
+  Ssn = 412,
+  Username = 413,
+  PassportNumber = 414,
+  LicenseNumber = 415,
+  FirstName = 416,
+  LastName = 417,
+  FullName = 418,
+}

jslib/common/src/enums/policyType.ts

@@ -0,0 +1,13 @@
+export enum PolicyType {
+  TwoFactorAuthentication = 0, // Requires users to have 2fa enabled
+  MasterPassword = 1, // Sets minimum requirements for master password complexity
+  PasswordGenerator = 2, // Sets minimum requirements/default type for generated passwords/passphrases
+  SingleOrg = 3, // Allows users to only be apart of one organization
+  RequireSso = 4, // Requires users to authenticate with SSO
+  PersonalOwnership = 5, // Disables personal vault ownership for adding/cloning items
+  DisableSend = 6, // Disables the ability to create and edit Bitwarden Sends
+  SendOptions = 7, // Sets restrictions or defaults for Bitwarden Sends
+  ResetPassword = 8, // Allows orgs to use reset password : also can enable auto-enrollment during invite flow
+  MaximumVaultTimeout = 9, // Sets the maximum allowed vault timeout
+  DisablePersonalVaultExport = 10, // Disable personal vault export
+}

jslib/common/src/enums/secureNoteType.ts

@@ -0,0 +1,3 @@
+export enum SecureNoteType {
+  Generic = 0,
+}

jslib/common/src/enums/sendType.ts

@@ -0,0 +1,4 @@
+export enum SendType {
+  Text = 0,
+  File = 1,
+}

jslib/common/src/misc/captcha_iframe.ts

@@ -0,0 +1,38 @@
+import { I18nService } from "../abstractions/i18n.service";
+
+import { IFrameComponent } from "./iframe_component";
+
+export class CaptchaIFrame extends IFrameComponent {
+  constructor(
+    win: Window,
+    webVaultUrl: string,
+    private i18nService: I18nService,
+    successCallback: (message: string) => any,
+    errorCallback: (message: string) => any,
+    infoCallback: (message: string) => any,
+  ) {
+    super(
+      win,
+      webVaultUrl,
+      "captcha-connector.html",
+      "hcaptcha_iframe",
+      successCallback,
+      errorCallback,
+      (message: string) => {
+        const parsedMessage = JSON.parse(message);
+        if (typeof parsedMessage !== "string") {
+          this.iframe.height = parsedMessage.height.toString();
+          this.iframe.width = parsedMessage.width.toString();
+        } else {
+          infoCallback(parsedMessage);
+        }
+      },
+    );
+  }
+
+  init(siteKey: string): void {
+    super.initComponent(
+      this.createParams({ siteKey: siteKey, locale: this.i18nService.translationLocale }, 1),
+    );
+  }
+}

jslib/common/src/misc/iframe_component.ts

@@ -0,0 +1,94 @@
+export abstract class IFrameComponent {
+  iframe: HTMLIFrameElement;
+  private connectorLink: HTMLAnchorElement;
+  private parseFunction = this.parseMessage.bind(this);
+
+  constructor(
+    private win: Window,
+    protected webVaultUrl: string,
+    private path: string,
+    private iframeId: string,
+    public successCallback?: (message: string) => any,
+    public errorCallback?: (message: string) => any,
+    public infoCallback?: (message: string) => any,
+  ) {
+    this.connectorLink = win.document.createElement("a");
+  }
+
+  stop() {
+    this.sendMessage("stop");
+  }
+
+  start() {
+    this.sendMessage("start");
+  }
+
+  sendMessage(message: any) {
+    if (!this.iframe || !this.iframe.src || !this.iframe.contentWindow) {
+      return;
+    }
+
+    this.iframe.contentWindow.postMessage(message, this.iframe.src);
+  }
+
+  base64Encode(str: string): string {
+    return btoa(
+      encodeURIComponent(str).replace(/%([0-9A-F]{2})/g, (match, p1) => {
+        return String.fromCharCode(("0x" + p1) as any);
+      }),
+    );
+  }
+
+  cleanup() {
+    this.win.removeEventListener("message", this.parseFunction, false);
+  }
+
+  protected createParams(data: any, version: number) {
+    return new URLSearchParams({
+      data: this.base64Encode(JSON.stringify(data)),
+      parent: encodeURIComponent(this.win.document.location.href),
+      v: version.toString(),
+    });
+  }
+
+  protected initComponent(params: URLSearchParams): void {
+    this.connectorLink.href = `${this.webVaultUrl}/${this.path}?${params}`;
+    this.iframe = this.win.document.getElementById(this.iframeId) as HTMLIFrameElement;
+    this.iframe.src = this.connectorLink.href;
+
+    this.win.addEventListener("message", this.parseFunction, false);
+  }
+
+  private parseMessage(event: MessageEvent) {
+    if (!this.validMessage(event)) {
+      return;
+    }
+
+    const parts: string[] = event.data.split("|");
+    if (parts[0] === "success" && this.successCallback) {
+      this.successCallback(parts[1]);
+    } else if (parts[0] === "error" && this.errorCallback) {
+      this.errorCallback(parts[1]);
+    } else if (parts[0] === "info" && this.infoCallback) {
+      this.infoCallback(parts[1]);
+    }
+  }
+
+  private validMessage(event: MessageEvent) {
+    if (
+      event.origin == null ||
+      event.origin === "" ||
+      event.origin !== (this.connectorLink as any).origin ||
+      event.data == null ||
+      typeof event.data !== "string"
+    ) {
+      return false;
+    }
+
+    return (
+      event.data.indexOf("success|") === 0 ||
+      event.data.indexOf("error|") === 0 ||
+      event.data.indexOf("info|") === 0
+    );
+  }
+}

jslib/common/src/misc/linkedFieldOption.decorator.ts

@@ -0,0 +1,30 @@
+import { LinkedIdType } from "../enums/linkedIdType";
+import { ItemView } from "../models/view/itemView";
+
+export class LinkedMetadata {
+  constructor(
+    readonly propertyKey: string,
+    private readonly _i18nKey?: string,
+  ) {}
+
+  get i18nKey() {
+    return this._i18nKey ?? this.propertyKey;
+  }
+}
+
+/**
+ * A decorator used to set metadata used by Linked custom fields. Apply it to a class property or getter to make it
+ *    available as a Linked custom field option.
+ * @param id - A unique value that is saved in the Field model. It is used to look up the decorated class property.
+ * @param i18nKey - The i18n key used to describe the decorated class property in the UI. If it is null, then the name
+ *    of the class property will be used as the i18n key.
+ */
+export function linkedFieldOption(id: LinkedIdType, i18nKey?: string) {
+  return (prototype: ItemView, propertyKey: string) => {
+    if (prototype.linkedFieldOptions == null) {
+      prototype.linkedFieldOptions = new Map<LinkedIdType, LinkedMetadata>();
+    }
+
+    prototype.linkedFieldOptions.set(id, new LinkedMetadata(propertyKey, i18nKey));
+  };
+}

jslib/common/src/misc/webauthn_iframe.ts

@@ -0,0 +1,106 @@
+import { I18nService } from "../abstractions/i18n.service";
+import { PlatformUtilsService } from "../abstractions/platformUtils.service";
+
+export class WebAuthnIFrame {
+  private iframe: HTMLIFrameElement = null;
+  private connectorLink: HTMLAnchorElement;
+  private parseFunction = this.parseMessage.bind(this);
+
+  constructor(
+    private win: Window,
+    private webVaultUrl: string,
+    private webAuthnNewTab: boolean,
+    private platformUtilsService: PlatformUtilsService,
+    private i18nService: I18nService,
+    private successCallback: Function, // eslint-disable-line
+    private errorCallback: Function, // eslint-disable-line
+    private infoCallback: Function, // eslint-disable-line
+  ) {
+    this.connectorLink = win.document.createElement("a");
+  }
+
+  init(data: any): void {
+    const params = new URLSearchParams({
+      data: this.base64Encode(JSON.stringify(data)),
+      parent: encodeURIComponent(this.win.document.location.href),
+      btnText: encodeURIComponent(this.i18nService.t("webAuthnAuthenticate")),
+      v: "1",
+    });
+
+    if (this.webAuthnNewTab) {
+      // Firefox fallback which opens the webauthn page in a new tab
+      params.append("locale", this.i18nService.translationLocale);
+      this.platformUtilsService.launchUri(
+        `${this.webVaultUrl}/webauthn-fallback-connector.html?${params}`,
+      );
+    } else {
+      this.connectorLink.href = `${this.webVaultUrl}/webauthn-connector.html?${params}`;
+      this.iframe = this.win.document.getElementById("webauthn_iframe") as HTMLIFrameElement;
+      this.iframe.allow = "publickey-credentials-get " + new URL(this.webVaultUrl).origin;
+      this.iframe.src = this.connectorLink.href;
+
+      this.win.addEventListener("message", this.parseFunction, false);
+    }
+  }
+
+  stop() {
+    this.sendMessage("stop");
+  }
+
+  start() {
+    this.sendMessage("start");
+  }
+
+  sendMessage(message: any) {
+    if (!this.iframe || !this.iframe.src || !this.iframe.contentWindow) {
+      return;
+    }
+
+    this.iframe.contentWindow.postMessage(message, this.iframe.src);
+  }
+
+  base64Encode(str: string): string {
+    return btoa(
+      encodeURIComponent(str).replace(/%([0-9A-F]{2})/g, (match, p1) => {
+        return String.fromCharCode(("0x" + p1) as any);
+      }),
+    );
+  }
+
+  cleanup() {
+    this.win.removeEventListener("message", this.parseFunction, false);
+  }
+
+  private parseMessage(event: MessageEvent) {
+    if (!this.validMessage(event)) {
+      return;
+    }
+
+    const parts: string[] = event.data.split("|");
+    if (parts[0] === "success" && this.successCallback) {
+      this.successCallback(parts[1]);
+    } else if (parts[0] === "error" && this.errorCallback) {
+      this.errorCallback(parts[1]);
+    } else if (parts[0] === "info" && this.infoCallback) {
+      this.infoCallback(parts[1]);
+    }
+  }
+
+  private validMessage(event: MessageEvent) {
+    if (
+      event.origin == null ||
+      event.origin === "" ||
+      event.origin !== (this.connectorLink as any).origin ||
+      event.data == null ||
+      typeof event.data !== "string"
+    ) {
+      return false;
+    }
+
+    return (
+      event.data.indexOf("success|") === 0 ||
+      event.data.indexOf("error|") === 0 ||
+      event.data.indexOf("info|") === 0
+    );
+  }
+}

jslib/common/src/models/api/cardApi.ts

@@ -0,0 +1,23 @@
+import { BaseResponse } from "../response/baseResponse";
+
+export class CardApi extends BaseResponse {
+  cardholderName: string;
+  brand: string;
+  number: string;
+  expMonth: string;
+  expYear: string;
+  code: string;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.cardholderName = this.getResponseProperty("CardholderName");
+    this.brand = this.getResponseProperty("Brand");
+    this.number = this.getResponseProperty("Number");
+    this.expMonth = this.getResponseProperty("ExpMonth");
+    this.expYear = this.getResponseProperty("ExpYear");
+    this.code = this.getResponseProperty("Code");
+  }
+}

jslib/common/src/models/api/fieldApi.ts

@@ -0,0 +1,21 @@
+import { FieldType } from "../../enums/fieldType";
+import { LinkedIdType } from "../../enums/linkedIdType";
+import { BaseResponse } from "../response/baseResponse";
+
+export class FieldApi extends BaseResponse {
+  name: string;
+  value: string;
+  type: FieldType;
+  linkedId: LinkedIdType;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.type = this.getResponseProperty("Type");
+    this.name = this.getResponseProperty("Name");
+    this.value = this.getResponseProperty("Value");
+    this.linkedId = this.getResponseProperty("linkedId");
+  }
+}

jslib/common/src/models/api/identityApi.ts

@@ -0,0 +1,47 @@
+import { BaseResponse } from "../response/baseResponse";
+
+export class IdentityApi extends BaseResponse {
+  title: string;
+  firstName: string;
+  middleName: string;
+  lastName: string;
+  address1: string;
+  address2: string;
+  address3: string;
+  city: string;
+  state: string;
+  postalCode: string;
+  country: string;
+  company: string;
+  email: string;
+  phone: string;
+  ssn: string;
+  username: string;
+  passportNumber: string;
+  licenseNumber: string;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.title = this.getResponseProperty("Title");
+    this.firstName = this.getResponseProperty("FirstName");
+    this.middleName = this.getResponseProperty("MiddleName");
+    this.lastName = this.getResponseProperty("LastName");
+    this.address1 = this.getResponseProperty("Address1");
+    this.address2 = this.getResponseProperty("Address2");
+    this.address3 = this.getResponseProperty("Address3");
+    this.city = this.getResponseProperty("City");
+    this.state = this.getResponseProperty("State");
+    this.postalCode = this.getResponseProperty("PostalCode");
+    this.country = this.getResponseProperty("Country");
+    this.company = this.getResponseProperty("Company");
+    this.email = this.getResponseProperty("Email");
+    this.phone = this.getResponseProperty("Phone");
+    this.ssn = this.getResponseProperty("SSN");
+    this.username = this.getResponseProperty("Username");
+    this.passportNumber = this.getResponseProperty("PassportNumber");
+    this.licenseNumber = this.getResponseProperty("LicenseNumber");
+  }
+}

jslib/common/src/models/api/loginApi.ts

@@ -0,0 +1,29 @@
+import { BaseResponse } from "../response/baseResponse";
+
+import { LoginUriApi } from "./loginUriApi";
+
+export class LoginApi extends BaseResponse {
+  uris: LoginUriApi[];
+  username: string;
+  password: string;
+  passwordRevisionDate: string;
+  totp: string;
+  autofillOnPageLoad: boolean;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.username = this.getResponseProperty("Username");
+    this.password = this.getResponseProperty("Password");
+    this.passwordRevisionDate = this.getResponseProperty("PasswordRevisionDate");
+    this.totp = this.getResponseProperty("Totp");
+    this.autofillOnPageLoad = this.getResponseProperty("AutofillOnPageLoad");
+
+    const uris = this.getResponseProperty("Uris");
+    if (uris != null) {
+      this.uris = uris.map((u: any) => new LoginUriApi(u));
+    }
+  }
+}

jslib/common/src/models/api/loginUriApi.ts

@@ -0,0 +1,17 @@
+import { UriMatchType } from "../../enums/uriMatchType";
+import { BaseResponse } from "../response/baseResponse";
+
+export class LoginUriApi extends BaseResponse {
+  uri: string;
+  match: UriMatchType = null;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.uri = this.getResponseProperty("Uri");
+    const match = this.getResponseProperty("Match");
+    this.match = match != null ? match : null;
+  }
+}

jslib/common/src/models/api/secureNoteApi.ts

@@ -0,0 +1,14 @@
+import { SecureNoteType } from "../../enums/secureNoteType";
+import { BaseResponse } from "../response/baseResponse";
+
+export class SecureNoteApi extends BaseResponse {
+  type: SecureNoteType;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.type = this.getResponseProperty("Type");
+  }
+}

jslib/common/src/models/api/sendFileApi.ts

@@ -0,0 +1,19 @@
+import { BaseResponse } from "../response/baseResponse";
+
+export class SendFileApi extends BaseResponse {
+  id: string;
+  fileName: string;
+  size: string;
+  sizeName: string;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.id = this.getResponseProperty("Id");
+    this.fileName = this.getResponseProperty("FileName");
+    this.size = this.getResponseProperty("Size");
+    this.sizeName = this.getResponseProperty("SizeName");
+  }
+}

jslib/common/src/models/api/sendTextApi.ts

@@ -0,0 +1,15 @@
+import { BaseResponse } from "../response/baseResponse";
+
+export class SendTextApi extends BaseResponse {
+  text: string;
+  hidden: boolean;
+
+  constructor(data: any = null) {
+    super(data);
+    if (data == null) {
+      return;
+    }
+    this.text = this.getResponseProperty("Text");
+    this.hidden = this.getResponseProperty("Hidden") || false;
+  }
+}

jslib/common/src/models/data/attachmentData.ts

@@ -0,0 +1,22 @@
+import { AttachmentResponse } from "../response/attachmentResponse";
+
+export class AttachmentData {
+  id: string;
+  url: string;
+  fileName: string;
+  key: string;
+  size: string;
+  sizeName: string;
+
+  constructor(response?: AttachmentResponse) {
+    if (response == null) {
+      return;
+    }
+    this.id = response.id;
+    this.url = response.url;
+    this.fileName = response.fileName;
+    this.key = response.key;
+    this.size = response.size;
+    this.sizeName = response.sizeName;
+  }
+}

jslib/common/src/models/data/cardData.ts

@@ -0,0 +1,23 @@
+import { CardApi } from "../api/cardApi";
+
+export class CardData {
+  cardholderName: string;
+  brand: string;
+  number: string;
+  expMonth: string;
+  expYear: string;
+  code: string;
+
+  constructor(data?: CardApi) {
+    if (data == null) {
+      return;
+    }
+
+    this.cardholderName = data.cardholderName;
+    this.brand = data.brand;
+    this.number = data.number;
+    this.expMonth = data.expMonth;
+    this.expYear = data.expYear;
+    this.code = data.code;
+  }
+}

jslib/common/src/models/data/cipherData.ts

@@ -0,0 +1,85 @@
+import { CipherRepromptType } from "../../enums/cipherRepromptType";
+import { CipherType } from "../../enums/cipherType";
+import { CipherResponse } from "../response/cipherResponse";
+
+import { AttachmentData } from "./attachmentData";
+import { CardData } from "./cardData";
+import { FieldData } from "./fieldData";
+import { IdentityData } from "./identityData";
+import { LoginData } from "./loginData";
+import { PasswordHistoryData } from "./passwordHistoryData";
+import { SecureNoteData } from "./secureNoteData";
+
+export class CipherData {
+  id: string;
+  organizationId: string;
+  folderId: string;
+  userId: string;
+  edit: boolean;
+  viewPassword: boolean;
+  organizationUseTotp: boolean;
+  favorite: boolean;
+  revisionDate: string;
+  type: CipherType;
+  name: string;
+  notes: string;
+  login?: LoginData;
+  secureNote?: SecureNoteData;
+  card?: CardData;
+  identity?: IdentityData;
+  fields?: FieldData[];
+  attachments?: AttachmentData[];
+  passwordHistory?: PasswordHistoryData[];
+  collectionIds?: string[];
+  deletedDate: string;
+  reprompt: CipherRepromptType;
+
+  constructor(response?: CipherResponse, userId?: string, collectionIds?: string[]) {
+    if (response == null) {
+      return;
+    }
+
+    this.id = response.id;
+    this.organizationId = response.organizationId;
+    this.folderId = response.folderId;
+    this.userId = userId;
+    this.edit = response.edit;
+    this.viewPassword = response.viewPassword;
+    this.organizationUseTotp = response.organizationUseTotp;
+    this.favorite = response.favorite;
+    this.revisionDate = response.revisionDate;
+    this.type = response.type;
+    this.name = response.name;
+    this.notes = response.notes;
+    this.collectionIds = collectionIds != null ? collectionIds : response.collectionIds;
+    this.deletedDate = response.deletedDate;
+    this.reprompt = response.reprompt;
+
+    switch (this.type) {
+      case CipherType.Login:
+        this.login = new LoginData(response.login);
+        break;
+      case CipherType.SecureNote:
+        this.secureNote = new SecureNoteData(response.secureNote);
+        break;
+      case CipherType.Card:
+        this.card = new CardData(response.card);
+        break;
+      case CipherType.Identity:
+        this.identity = new IdentityData(response.identity);
+        break;
+      default:
+        break;
+    }
+
+    if (response.fields != null) {
+      this.fields = response.fields.map((f) => new FieldData(f));
+    }
+    if (response.attachments != null) {
+      this.attachments = response.attachments.map((a) => new AttachmentData(a));
+    }
+    if (response.passwordHistory != null) {
+      this.passwordHistory = response.passwordHistory.map((ph) => new PasswordHistoryData(ph));
+    }
+  }
+}

jslib/common/src/models/data/collectionData.ts

@@ -0,0 +1,17 @@
+import { CollectionDetailsResponse } from "../response/collectionResponse";
+
+export class CollectionData {
+  id: string;
+  organizationId: string;
+  name: string;
+  externalId: string;
+  readOnly: boolean;
+
+  constructor(response: CollectionDetailsResponse) {
+    this.id = response.id;
+    this.organizationId = response.organizationId;
+    this.name = response.name;
+    this.externalId = response.externalId;
+    this.readOnly = response.readOnly;
+  }
+}

jslib/common/src/models/data/eventData.ts

@@ -0,0 +1,7 @@
+import { EventType } from "../../enums/eventType";
+
+export class EventData {
+  type: EventType;
+  cipherId: string;
+  date: string;
+}

jslib/common/src/models/data/fieldData.ts

@@ -0,0 +1,20 @@
+import { FieldType } from "../../enums/fieldType";
+import { LinkedIdType } from "../../enums/linkedIdType";
+import { FieldApi } from "../api/fieldApi";
+
+export class FieldData {
+  type: FieldType;
+  name: string;
+  value: string;
+  linkedId: LinkedIdType;
+
+  constructor(response?: FieldApi) {
+    if (response == null) {
+      return;
+    }
+    this.type = response.type;
+    this.name = response.name;
+    this.value = response.value;
+    this.linkedId = response.linkedId;
+  }
+}

jslib/common/src/models/data/folderData.ts

@@ -0,0 +1,15 @@
+import { FolderResponse } from "../response/folderResponse";
+
+export class FolderData {
+  id: string;
+  userId: string;
+  name: string;
+  revisionDate: string;
+
+  constructor(response: FolderResponse, userId: string) {
+    this.userId = userId;
+    this.name = response.name;
+    this.id = response.id;
+    this.revisionDate = response.revisionDate;
+  }
+}

jslib/common/src/models/data/identityData.ts

@@ -0,0 +1,47 @@
+import { IdentityApi } from "../api/identityApi";
+
+export class IdentityData {
+  title: string;
+  firstName: string;
+  middleName: string;
+  lastName: string;
+  address1: string;
+  address2: string;
+  address3: string;
+  city: string;
+  state: string;
+  postalCode: string;
+  country: string;
+  company: string;
+  email: string;
+  phone: string;
+  ssn: string;
+  username: string;
+  passportNumber: string;
+  licenseNumber: string;
+
+  constructor(data?: IdentityApi) {
+    if (data == null) {
+      return;
+    }
+
+    this.title = data.title;
+    this.firstName = data.firstName;
+    this.middleName = data.middleName;
+    this.lastName = data.lastName;
+    this.address1 = data.address1;
+    this.address2 = data.address2;
+    this.address3 = data.address3;
+    this.city = data.city;
+    this.state = data.state;
+    this.postalCode = data.postalCode;
+    this.country = data.country;
+    this.company = data.company;
+    this.email = data.email;
+    this.phone = data.phone;
+    this.ssn = data.ssn;
+    this.username = data.username;
+    this.passportNumber = data.passportNumber;
+    this.licenseNumber = data.licenseNumber;
+  }
+}

jslib/common/src/models/data/loginData.ts

@@ -0,0 +1,28 @@
+import { LoginApi } from "../api/loginApi";
+
+import { LoginUriData } from "./loginUriData";
+
+export class LoginData {
+  uris: LoginUriData[];
+  username: string;
+  password: string;
+  passwordRevisionDate: string;
+  totp: string;
+  autofillOnPageLoad: boolean;
+
+  constructor(data?: LoginApi) {
+    if (data == null) {
+      return;
+    }
+
+    this.username = data.username;
+    this.password = data.password;
+    this.passwordRevisionDate = data.passwordRevisionDate;
+    this.totp = data.totp;
+    this.autofillOnPageLoad = data.autofillOnPageLoad;
+
+    if (data.uris) {
+      this.uris = data.uris.map((u) => new LoginUriData(u));
+    }
+  }
+}

jslib/common/src/models/data/loginUriData.ts

@@ -0,0 +1,15 @@
+import { UriMatchType } from "../../enums/uriMatchType";
+import { LoginUriApi } from "../api/loginUriApi";
+
+export class LoginUriData {
+  uri: string;
+  match: UriMatchType = null;
+
+  constructor(data?: LoginUriApi) {
+    if (data == null) {
+      return;
+    }
+    this.uri = data.uri;
+    this.match = data.match;
+  }
+}

jslib/common/src/models/data/passwordHistoryData.ts

@@ -0,0 +1,15 @@
+import { PasswordHistoryResponse } from "../response/passwordHistoryResponse";
+
+export class PasswordHistoryData {
+  password: string;
+  lastUsedDate: string;
+
+  constructor(response?: PasswordHistoryResponse) {
+    if (response == null) {
+      return;
+    }
+
+    this.password = response.password;
+    this.lastUsedDate = response.lastUsedDate;
+  }
+}

jslib/common/src/models/data/policyData.ts

@@ -0,0 +1,18 @@
+import { PolicyType } from "../../enums/policyType";
+import { PolicyResponse } from "../response/policyResponse";
+
+export class PolicyData {
+  id: string;
+  organizationId: string;
+  type: PolicyType;
+  data: any;
+  enabled: boolean;
+
+  constructor(response: PolicyResponse) {
+    this.id = response.id;
+    this.organizationId = response.organizationId;
+    this.type = response.type;
+    this.data = response.data;
+    this.enabled = response.enabled;
+  }
+}

jslib/common/src/models/data/secureNoteData.ts

@@ -0,0 +1,14 @@
+import { SecureNoteType } from "../../enums/secureNoteType";
+import { SecureNoteApi } from "../api/secureNoteApi";
+
+export class SecureNoteData {
+  type: SecureNoteType;
+
+  constructor(data?: SecureNoteApi) {
+    if (data == null) {
+      return;
+    }
+
+    this.type = data.type;
+  }
+}

jslib/common/src/models/data/sendData.ts

@@ -0,0 +1,58 @@
+import { SendType } from "../../enums/sendType";
+import { SendResponse } from "../response/sendResponse";
+
+import { SendFileData } from "./sendFileData";
+import { SendTextData } from "./sendTextData";
+
+export class SendData {
+  id: string;
+  accessId: string;
+  userId: string;
+  type: SendType;
+  name: string;
+  notes: string;
+  file: SendFileData;
+  text: SendTextData;
+  key: string;
+  maxAccessCount?: number;
+  accessCount: number;
+  revisionDate: string;
+  expirationDate: string;
+  deletionDate: string;
+  password: string;
+  disabled: boolean;
+  hideEmail: boolean;
+
+  constructor(response?: SendResponse, userId?: string) {
+    if (response == null) {
+      return;
+    }
+
+    this.id = response.id;
+    this.accessId = response.accessId;
+    this.userId = userId;
+    this.type = response.type;
+    this.name = response.name;
+    this.notes = response.notes;
+    this.key = response.key;
+    this.maxAccessCount = response.maxAccessCount;
+    this.accessCount = response.accessCount;
+    this.revisionDate = response.revisionDate;
+    this.expirationDate = response.expirationDate;
+    this.deletionDate = response.deletionDate;
+    this.password = response.password;
+    this.disabled = response.disable;
+    this.hideEmail = response.hideEmail;
+
+    switch (this.type) {
+      case SendType.Text:
+        this.text = new SendTextData(response.text);
+        break;
+      case SendType.File:
+        this.file = new SendFileData(response.file);
+        break;
+      default:
+        break;
+    }
+  }
+}

jslib/common/src/models/data/sendFileData.ts

@@ -0,0 +1,19 @@
+import { SendFileApi } from "../api/sendFileApi";
+
+export class SendFileData {
+  id: string;
+  fileName: string;
+  size: string;
+  sizeName: string;
+
+  constructor(data?: SendFileApi) {
+    if (data == null) {
+      return;
+    }
+
+    this.id = data.id;
+    this.fileName = data.fileName;
+    this.size = data.size;
+    this.sizeName = data.sizeName;
+  }
+}

jslib/common/src/models/data/sendTextData.ts

@@ -0,0 +1,15 @@
+import { SendTextApi } from "../api/sendTextApi";
+
+export class SendTextData {
+  text: string;
+  hidden: boolean;
+
+  constructor(data?: SendTextApi) {
+    if (data == null) {
+      return;
+    }
+
+    this.text = data.text;
+    this.hidden = data.hidden;
+  }
+}

jslib/common/src/models/domain/account.ts

@@ -1,11 +1,23 @@
 import { AuthenticationStatus } from "../../enums/authenticationStatus";
 import { KdfType } from "../../enums/kdfType";
 import { UriMatchType } from "../../enums/uriMatchType";
+import { CipherData } from "../data/cipherData";
+import { CollectionData } from "../data/collectionData";
+import { EventData } from "../data/eventData";
+import { FolderData } from "../data/folderData";
 import { OrganizationData } from "../data/organizationData";
+import { PolicyData } from "../data/policyData";
 import { ProviderData } from "../data/providerData";
+import { SendData } from "../data/sendData";
+import { CipherView } from "../view/cipherView";
+import { CollectionView } from "../view/collectionView";
+import { FolderView } from "../view/folderView";
+import { SendView } from "../view/sendView";
 
 import { EncString } from "./encString";
 import { EnvironmentUrls } from "./environmentUrls";
+import { GeneratedPasswordHistory } from "./generatedPasswordHistory";
+import { Policy } from "./policy";
 import { SymmetricCryptoKey } from "./symmetricCryptoKey";
 
 export class EncryptionPair<TEncrypted, TDecrypted> {
@@ -19,15 +31,27 @@ export class DataEncryptionPair<TEncrypted, TDecrypted> {
 }
 
 export class AccountData {
-  ciphers?: any = new DataEncryptionPair<any, any>();
+  ciphers?: DataEncryptionPair<CipherData, CipherView> = new DataEncryptionPair<
-  folders?: DataEncryptionPair<any, any> = new DataEncryptionPair<any, any>();
+    CipherData,
+    CipherView
+  >();
+  folders?: DataEncryptionPair<FolderData, FolderView> = new DataEncryptionPair<
+    FolderData,
+    FolderView
+  >();
   localData?: any;
-  sends?: any = new DataEncryptionPair<any, any>();
+  sends?: DataEncryptionPair<SendData, SendView> = new DataEncryptionPair<SendData, SendView>();
-  collections?: DataEncryptionPair<any, any> = new DataEncryptionPair<any, any>();
+  collections?: DataEncryptionPair<CollectionData, CollectionView> = new DataEncryptionPair<
-  policies?: DataEncryptionPair<any, any> = new DataEncryptionPair<any, any>();
+    CollectionData,
-  passwordGenerationHistory?: EncryptionPair<any[], any[]> = new EncryptionPair<any[], any[]>();
+    CollectionView
+  >();
+  policies?: DataEncryptionPair<PolicyData, Policy> = new DataEncryptionPair<PolicyData, Policy>();
+  passwordGenerationHistory?: EncryptionPair<
+    GeneratedPasswordHistory[],
+    GeneratedPasswordHistory[]
+  > = new EncryptionPair<GeneratedPasswordHistory[], GeneratedPasswordHistory[]>();
   addEditCipherInfo?: any;
-  eventCollection?: any[];
+  eventCollection?: EventData[];
   organizations?: { [id: string]: OrganizationData };
   providers?: { [id: string]: ProviderData };
 }

jslib/common/src/models/domain/attachment.ts

@@ -0,0 +1,87 @@
+import { CryptoService } from "../../abstractions/crypto.service";
+import { Utils } from "../../misc/utils";
+import { AttachmentData } from "../data/attachmentData";
+import { AttachmentView } from "../view/attachmentView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class Attachment extends Domain {
+  id: string;
+  url: string;
+  size: string;
+  sizeName: string; // Readable size, ex: "4.2 KB" or "1.43 GB"
+  key: EncString;
+  fileName: EncString;
+
+  constructor(obj?: AttachmentData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.size = obj.size;
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        id: null,
+        url: null,
+        sizeName: null,
+        fileName: null,
+        key: null,
+      },
+      ["id", "url", "sizeName"],
+    );
+  }
+
+  async decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<AttachmentView> {
+    const view = await this.decryptObj(
+      new AttachmentView(this),
+      {
+        fileName: null,
+      },
+      orgId,
+      encKey,
+    );
+
+    if (this.key != null) {
+      let cryptoService: CryptoService;
+      const containerService = (Utils.global as any).bitwardenContainerService;
+      if (containerService) {
+        cryptoService = containerService.getCryptoService();
+      } else {
+        throw new Error("global bitwardenContainerService not initialized.");
+      }
+
+      try {
+        const orgKey = await cryptoService.getOrgKey(orgId);
+        const decValue = await cryptoService.decryptToBytes(this.key, orgKey ?? encKey);
+        view.key = new SymmetricCryptoKey(decValue);
+      } catch (e) {
+        // TODO: error?
+      }
+    }
+
+    return view;
+  }
+
+  toAttachmentData(): AttachmentData {
+    const a = new AttachmentData();
+    a.size = this.size;
+    this.buildDataModel(
+      this,
+      a,
+      {
+        id: null,
+        url: null,
+        sizeName: null,
+        fileName: null,
+        key: null,
+      },
+      ["id", "url", "sizeName"],
+    );
+    return a;
+  }
+}

jslib/common/src/models/domain/card.ts

@@ -0,0 +1,65 @@
+import { CardData } from "../data/cardData";
+import { CardView } from "../view/cardView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class Card extends Domain {
+  cardholderName: EncString;
+  brand: EncString;
+  number: EncString;
+  expMonth: EncString;
+  expYear: EncString;
+  code: EncString;
+
+  constructor(obj?: CardData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        cardholderName: null,
+        brand: null,
+        number: null,
+        expMonth: null,
+        expYear: null,
+        code: null,
+      },
+      [],
+    );
+  }
+
+  decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<CardView> {
+    return this.decryptObj(
+      new CardView(),
+      {
+        cardholderName: null,
+        brand: null,
+        number: null,
+        expMonth: null,
+        expYear: null,
+        code: null,
+      },
+      orgId,
+      encKey,
+    );
+  }
+
+  toCardData(): CardData {
+    const c = new CardData();
+    this.buildDataModel(this, c, {
+      cardholderName: null,
+      brand: null,
+      number: null,
+      expMonth: null,
+      expYear: null,
+      code: null,
+    });
+    return c;
+  }
+}

jslib/common/src/models/domain/cipher.ts

@@ -0,0 +1,238 @@
+import { CipherRepromptType } from "../../enums/cipherRepromptType";
+import { CipherType } from "../../enums/cipherType";
+import { CipherData } from "../data/cipherData";
+import { CipherView } from "../view/cipherView";
+
+import { Attachment } from "./attachment";
+import { Card } from "./card";
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { Field } from "./field";
+import { Identity } from "./identity";
+import { Login } from "./login";
+import { Password } from "./password";
+import { SecureNote } from "./secureNote";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class Cipher extends Domain {
+  id: string;
+  organizationId: string;
+  folderId: string;
+  name: EncString;
+  notes: EncString;
+  type: CipherType;
+  favorite: boolean;
+  organizationUseTotp: boolean;
+  edit: boolean;
+  viewPassword: boolean;
+  revisionDate: Date;
+  localData: any;
+  login: Login;
+  identity: Identity;
+  card: Card;
+  secureNote: SecureNote;
+  attachments: Attachment[];
+  fields: Field[];
+  passwordHistory: Password[];
+  collectionIds: string[];
+  deletedDate: Date;
+  reprompt: CipherRepromptType;
+
+  constructor(obj?: CipherData, localData: any = null) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        id: null,
+        userId: null,
+        organizationId: null,
+        folderId: null,
+        name: null,
+        notes: null,
+      },
+      ["id", "userId", "organizationId", "folderId"],
+    );
+
+    this.type = obj.type;
+    this.favorite = obj.favorite;
+    this.organizationUseTotp = obj.organizationUseTotp;
+    this.edit = obj.edit;
+    if (obj.viewPassword != null) {
+      this.viewPassword = obj.viewPassword;
+    } else {
+      this.viewPassword = true; // Default for already synced Ciphers without viewPassword
+    }
+    this.revisionDate = obj.revisionDate != null ? new Date(obj.revisionDate) : null;
+    this.collectionIds = obj.collectionIds;
+    this.localData = localData;
+    this.deletedDate = obj.deletedDate != null ? new Date(obj.deletedDate) : null;
+    this.reprompt = obj.reprompt;
+
+    switch (this.type) {
+      case CipherType.Login:
+        this.login = new Login(obj.login);
+        break;
+      case CipherType.SecureNote:
+        this.secureNote = new SecureNote(obj.secureNote);
+        break;
+      case CipherType.Card:
+        this.card = new Card(obj.card);
+        break;
+      case CipherType.Identity:
+        this.identity = new Identity(obj.identity);
+        break;
+      default:
+        break;
+    }
+
+    if (obj.attachments != null) {
+      this.attachments = obj.attachments.map((a) => new Attachment(a));
+    } else {
+      this.attachments = null;
+    }
+
+    if (obj.fields != null) {
+      this.fields = obj.fields.map((f) => new Field(f));
+    } else {
+      this.fields = null;
+    }
+
+    if (obj.passwordHistory != null) {
+      this.passwordHistory = obj.passwordHistory.map((ph) => new Password(ph));
+    } else {
+      this.passwordHistory = null;
+    }
+  }
+
+  async decrypt(encKey?: SymmetricCryptoKey): Promise<CipherView> {
+    const model = new CipherView(this);
+
+    await this.decryptObj(
+      model,
+      {
+        name: null,
+        notes: null,
+      },
+      this.organizationId,
+      encKey,
+    );
+
+    switch (this.type) {
+      case CipherType.Login:
+        model.login = await this.login.decrypt(this.organizationId, encKey);
+        break;
+      case CipherType.SecureNote:
+        model.secureNote = await this.secureNote.decrypt(this.organizationId, encKey);
+        break;
+      case CipherType.Card:
+        model.card = await this.card.decrypt(this.organizationId, encKey);
+        break;
+      case CipherType.Identity:
+        model.identity = await this.identity.decrypt(this.organizationId, encKey);
+        break;
+      default:
+        break;
+    }
+
+    const orgId = this.organizationId;
+
+    if (this.attachments != null && this.attachments.length > 0) {
+      const attachments: any[] = [];
+      await this.attachments.reduce((promise, attachment) => {
+        return promise
+          .then(() => {
+            return attachment.decrypt(orgId, encKey);
+          })
+          .then((decAttachment) => {
+            attachments.push(decAttachment);
+          });
+      }, Promise.resolve());
+      model.attachments = attachments;
+    }
+
+    if (this.fields != null && this.fields.length > 0) {
+      const fields: any[] = [];
+      await this.fields.reduce((promise, field) => {
+        return promise
+          .then(() => {
+            return field.decrypt(orgId, encKey);
+          })
+          .then((decField) => {
+            fields.push(decField);
+          });
+      }, Promise.resolve());
+      model.fields = fields;
+    }
+
+    if (this.passwordHistory != null && this.passwordHistory.length > 0) {
+      const passwordHistory: any[] = [];
+      await this.passwordHistory.reduce((promise, ph) => {
+        return promise
+          .then(() => {
+            return ph.decrypt(orgId, encKey);
+          })
+          .then((decPh) => {
+            passwordHistory.push(decPh);
+          });
+      }, Promise.resolve());
+      model.passwordHistory = passwordHistory;
+    }
+
+    return model;
+  }
+
+  toCipherData(userId: string): CipherData {
+    const c = new CipherData();
+    c.id = this.id;
+    c.organizationId = this.organizationId;
+    c.folderId = this.folderId;
+    c.userId = this.organizationId != null ? userId : null;
+    c.edit = this.edit;
+    c.viewPassword = this.viewPassword;
+    c.organizationUseTotp = this.organizationUseTotp;
+    c.favorite = this.favorite;
+    c.revisionDate = this.revisionDate != null ? this.revisionDate.toISOString() : null;
+    c.type = this.type;
+    c.collectionIds = this.collectionIds;
+    c.deletedDate = this.deletedDate != null ? this.deletedDate.toISOString() : null;
+    c.reprompt = this.reprompt;
+
+    this.buildDataModel(this, c, {
+      name: null,
+      notes: null,
+    });
+
+    switch (c.type) {
+      case CipherType.Login:
+        c.login = this.login.toLoginData();
+        break;
+      case CipherType.SecureNote:
+        c.secureNote = this.secureNote.toSecureNoteData();
+        break;
+      case CipherType.Card:
+        c.card = this.card.toCardData();
+        break;
+      case CipherType.Identity:
+        c.identity = this.identity.toIdentityData();
+        break;
+      default:
+        break;
+    }
+
+    if (this.fields != null) {
+      c.fields = this.fields.map((f) => f.toFieldData());
+    }
+    if (this.attachments != null) {
+      c.attachments = this.attachments.map((a) => a.toAttachmentData());
+    }
+    if (this.passwordHistory != null) {
+      c.passwordHistory = this.passwordHistory.map((ph) => ph.toPasswordHistoryData());
+    }
+    return c;
+  }
+}

jslib/common/src/models/domain/collection.ts

@@ -0,0 +1,45 @@
+import { CollectionData } from "../data/collectionData";
+import { CollectionView } from "../view/collectionView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+
+export class Collection extends Domain {
+  id: string;
+  organizationId: string;
+  name: EncString;
+  externalId: string;
+  readOnly: boolean;
+  hidePasswords: boolean;
+
+  constructor(obj?: CollectionData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        id: null,
+        organizationId: null,
+        name: null,
+        externalId: null,
+        readOnly: null,
+        hidePasswords: null,
+      },
+      ["id", "organizationId", "externalId", "readOnly", "hidePasswords"],
+    );
+  }
+
+  decrypt(): Promise<CollectionView> {
+    return this.decryptObj(
+      new CollectionView(this),
+      {
+        name: null,
+      },
+      this.organizationId,
+    );
+  }
+}

jslib/common/src/models/domain/field.ts

@@ -0,0 +1,62 @@
+import { FieldType } from "../../enums/fieldType";
+import { LinkedIdType } from "../../enums/linkedIdType";
+import { FieldData } from "../data/fieldData";
+import { FieldView } from "../view/fieldView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class Field extends Domain {
+  name: EncString;
+  value: EncString;
+  type: FieldType;
+  linkedId: LinkedIdType;
+
+  constructor(obj?: FieldData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.type = obj.type;
+    this.linkedId = obj.linkedId;
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        name: null,
+        value: null,
+      },
+      [],
+    );
+  }
+
+  decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<FieldView> {
+    return this.decryptObj(
+      new FieldView(this),
+      {
+        name: null,
+        value: null,
+      },
+      orgId,
+      encKey,
+    );
+  }
+
+  toFieldData(): FieldData {
+    const f = new FieldData();
+    this.buildDataModel(
+      this,
+      f,
+      {
+        name: null,
+        value: null,
+        type: null,
+        linkedId: null,
+      },
+      ["type", "linkedId"],
+    );
+    return f;
+  }
+}

jslib/common/src/models/domain/folder.ts

@@ -0,0 +1,40 @@
+import { FolderData } from "../data/folderData";
+import { FolderView } from "../view/folderView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+
+export class Folder extends Domain {
+  id: string;
+  name: EncString;
+  revisionDate: Date;
+
+  constructor(obj?: FolderData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        id: null,
+        name: null,
+      },
+      ["id"],
+    );
+
+    this.revisionDate = obj.revisionDate != null ? new Date(obj.revisionDate) : null;
+  }
+
+  decrypt(): Promise<FolderView> {
+    return this.decryptObj(
+      new FolderView(this),
+      {
+        name: null,
+      },
+      null,
+    );
+  }
+}

jslib/common/src/models/domain/generatedPasswordHistory.ts

@@ -0,0 +1,9 @@
+export class GeneratedPasswordHistory {
+  password: string;
+  date: number;
+
+  constructor(password: string, date: number) {
+    this.password = password;
+    this.date = date;
+  }
+}

jslib/common/src/models/domain/identity.ts

@@ -0,0 +1,113 @@
+import { IdentityData } from "../data/identityData";
+import { IdentityView } from "../view/identityView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class Identity extends Domain {
+  title: EncString;
+  firstName: EncString;
+  middleName: EncString;
+  lastName: EncString;
+  address1: EncString;
+  address2: EncString;
+  address3: EncString;
+  city: EncString;
+  state: EncString;
+  postalCode: EncString;
+  country: EncString;
+  company: EncString;
+  email: EncString;
+  phone: EncString;
+  ssn: EncString;
+  username: EncString;
+  passportNumber: EncString;
+  licenseNumber: EncString;
+
+  constructor(obj?: IdentityData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        title: null,
+        firstName: null,
+        middleName: null,
+        lastName: null,
+        address1: null,
+        address2: null,
+        address3: null,
+        city: null,
+        state: null,
+        postalCode: null,
+        country: null,
+        company: null,
+        email: null,
+        phone: null,
+        ssn: null,
+        username: null,
+        passportNumber: null,
+        licenseNumber: null,
+      },
+      [],
+    );
+  }
+
+  decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<IdentityView> {
+    return this.decryptObj(
+      new IdentityView(),
+      {
+        title: null,
+        firstName: null,
+        middleName: null,
+        lastName: null,
+        address1: null,
+        address2: null,
+        address3: null,
+        city: null,
+        state: null,
+        postalCode: null,
+        country: null,
+        company: null,
+        email: null,
+        phone: null,
+        ssn: null,
+        username: null,
+        passportNumber: null,
+        licenseNumber: null,
+      },
+      orgId,
+      encKey,
+    );
+  }
+
+  toIdentityData(): IdentityData {
+    const i = new IdentityData();
+    this.buildDataModel(this, i, {
+      title: null,
+      firstName: null,
+      middleName: null,
+      lastName: null,
+      address1: null,
+      address2: null,
+      address3: null,
+      city: null,
+      state: null,
+      postalCode: null,
+      country: null,
+      company: null,
+      email: null,
+      phone: null,
+      ssn: null,
+      username: null,
+      passportNumber: null,
+      licenseNumber: null,
+    });
+    return i;
+  }
+}

jslib/common/src/models/domain/login.ts

@@ -0,0 +1,88 @@
+import { LoginData } from "../data/loginData";
+import { LoginView } from "../view/loginView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { LoginUri } from "./loginUri";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class Login extends Domain {
+  uris: LoginUri[];
+  username: EncString;
+  password: EncString;
+  passwordRevisionDate?: Date;
+  totp: EncString;
+  autofillOnPageLoad: boolean;
+
+  constructor(obj?: LoginData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.passwordRevisionDate =
+      obj.passwordRevisionDate != null ? new Date(obj.passwordRevisionDate) : null;
+    this.autofillOnPageLoad = obj.autofillOnPageLoad;
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        username: null,
+        password: null,
+        totp: null,
+      },
+      [],
+    );
+
+    if (obj.uris) {
+      this.uris = [];
+      obj.uris.forEach((u) => {
+        this.uris.push(new LoginUri(u));
+      });
+    }
+  }
+
+  async decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<LoginView> {
+    const view = await this.decryptObj(
+      new LoginView(this),
+      {
+        username: null,
+        password: null,
+        totp: null,
+      },
+      orgId,
+      encKey,
+    );
+
+    if (this.uris != null) {
+      view.uris = [];
+      for (let i = 0; i < this.uris.length; i++) {
+        const uri = await this.uris[i].decrypt(orgId, encKey);
+        view.uris.push(uri);
+      }
+    }
+
+    return view;
+  }
+
+  toLoginData(): LoginData {
+    const l = new LoginData();
+    l.passwordRevisionDate =
+      this.passwordRevisionDate != null ? this.passwordRevisionDate.toISOString() : null;
+    l.autofillOnPageLoad = this.autofillOnPageLoad;
+    this.buildDataModel(this, l, {
+      username: null,
+      password: null,
+      totp: null,
+    });
+
+    if (this.uris != null && this.uris.length > 0) {
+      l.uris = [];
+      this.uris.forEach((u) => {
+        l.uris.push(u.toLoginUriData());
+      });
+    }
+
+    return l;
+  }
+}

jslib/common/src/models/domain/loginUri.ts

@@ -0,0 +1,54 @@
+import { UriMatchType } from "../../enums/uriMatchType";
+import { LoginUriData } from "../data/loginUriData";
+import { LoginUriView } from "../view/loginUriView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class LoginUri extends Domain {
+  uri: EncString;
+  match: UriMatchType;
+
+  constructor(obj?: LoginUriData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.match = obj.match;
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        uri: null,
+      },
+      [],
+    );
+  }
+
+  decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<LoginUriView> {
+    return this.decryptObj(
+      new LoginUriView(this),
+      {
+        uri: null,
+      },
+      orgId,
+      encKey,
+    );
+  }
+
+  toLoginUriData(): LoginUriData {
+    const u = new LoginUriData();
+    this.buildDataModel(
+      this,
+      u,
+      {
+        uri: null,
+        match: null,
+      },
+      ["match"],
+    );
+    return u;
+  }
+}

jslib/common/src/models/domain/masterPasswordPolicyOptions.ts

@@ -0,0 +1,10 @@
+import Domain from "./domainBase";
+
+export class MasterPasswordPolicyOptions extends Domain {
+  minComplexity = 0;
+  minLength = 0;
+  requireUpper = false;
+  requireLower = false;
+  requireNumbers = false;
+  requireSpecial = false;
+}

jslib/common/src/models/domain/password.ts

@@ -0,0 +1,43 @@
+import { PasswordHistoryData } from "../data/passwordHistoryData";
+import { PasswordHistoryView } from "../view/passwordHistoryView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class Password extends Domain {
+  password: EncString;
+  lastUsedDate: Date;
+
+  constructor(obj?: PasswordHistoryData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(this, obj, {
+      password: null,
+    });
+    this.lastUsedDate = new Date(obj.lastUsedDate);
+  }
+
+  decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<PasswordHistoryView> {
+    return this.decryptObj(
+      new PasswordHistoryView(this),
+      {
+        password: null,
+      },
+      orgId,
+      encKey,
+    );
+  }
+
+  toPasswordHistoryData(): PasswordHistoryData {
+    const ph = new PasswordHistoryData();
+    ph.lastUsedDate = this.lastUsedDate.toISOString();
+    this.buildDataModel(this, ph, {
+      password: null,
+    });
+    return ph;
+  }
+}

jslib/common/src/models/domain/passwordGeneratorPolicyOptions.ts

@@ -0,0 +1,31 @@
+import Domain from "./domainBase";
+
+export class PasswordGeneratorPolicyOptions extends Domain {
+  defaultType = "";
+  minLength = 0;
+  useUppercase = false;
+  useLowercase = false;
+  useNumbers = false;
+  numberCount = 0;
+  useSpecial = false;
+  specialCount = 0;
+  minNumberWords = 0;
+  capitalize = false;
+  includeNumber = false;
+
+  inEffect() {
+    return (
+      this.defaultType !== "" ||
+      this.minLength > 0 ||
+      this.numberCount > 0 ||
+      this.specialCount > 0 ||
+      this.useUppercase ||
+      this.useLowercase ||
+      this.useNumbers ||
+      this.useSpecial ||
+      this.minNumberWords > 0 ||
+      this.capitalize ||
+      this.includeNumber
+    );
+  }
+}

jslib/common/src/models/domain/policy.ts

@@ -0,0 +1,25 @@
+import { PolicyType } from "../../enums/policyType";
+import { PolicyData } from "../data/policyData";
+
+import Domain from "./domainBase";
+
+export class Policy extends Domain {
+  id: string;
+  organizationId: string;
+  type: PolicyType;
+  data: any;
+  enabled: boolean;
+
+  constructor(obj?: PolicyData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.id = obj.id;
+    this.organizationId = obj.organizationId;
+    this.type = obj.type;
+    this.data = obj.data;
+    this.enabled = obj.enabled;
+  }
+}

jslib/common/src/models/domain/resetPasswordPolicyOptions.ts

@@ -0,0 +1,5 @@
+import Domain from "./domainBase";
+
+export class ResetPasswordPolicyOptions extends Domain {
+  autoEnrollEnabled = false;
+}

jslib/common/src/models/domain/secureNote.ts

@@ -0,0 +1,29 @@
+import { SecureNoteType } from "../../enums/secureNoteType";
+import { SecureNoteData } from "../data/secureNoteData";
+import { SecureNoteView } from "../view/secureNoteView";
+
+import Domain from "./domainBase";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class SecureNote extends Domain {
+  type: SecureNoteType;
+
+  constructor(obj?: SecureNoteData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.type = obj.type;
+  }
+
+  decrypt(orgId: string, encKey?: SymmetricCryptoKey): Promise<SecureNoteView> {
+    return Promise.resolve(new SecureNoteView(this));
+  }
+
+  toSecureNoteData(): SecureNoteData {
+    const n = new SecureNoteData();
+    n.type = this.type;
+    return n;
+  }
+}

jslib/common/src/models/domain/send.ts

@@ -0,0 +1,114 @@
+import { CryptoService } from "../../abstractions/crypto.service";
+import { SendType } from "../../enums/sendType";
+import { Utils } from "../../misc/utils";
+import { SendData } from "../data/sendData";
+import { SendView } from "../view/sendView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SendFile } from "./sendFile";
+import { SendText } from "./sendText";
+
+export class Send extends Domain {
+  id: string;
+  accessId: string;
+  userId: string;
+  type: SendType;
+  name: EncString;
+  notes: EncString;
+  file: SendFile;
+  text: SendText;
+  key: EncString;
+  maxAccessCount?: number;
+  accessCount: number;
+  revisionDate: Date;
+  expirationDate: Date;
+  deletionDate: Date;
+  password: string;
+  disabled: boolean;
+  hideEmail: boolean;
+
+  constructor(obj?: SendData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        id: null,
+        accessId: null,
+        userId: null,
+        name: null,
+        notes: null,
+        key: null,
+      },
+      ["id", "accessId", "userId"],
+    );
+
+    this.type = obj.type;
+    this.maxAccessCount = obj.maxAccessCount;
+    this.accessCount = obj.accessCount;
+    this.password = obj.password;
+    this.disabled = obj.disabled;
+    this.revisionDate = obj.revisionDate != null ? new Date(obj.revisionDate) : null;
+    this.deletionDate = obj.deletionDate != null ? new Date(obj.deletionDate) : null;
+    this.expirationDate = obj.expirationDate != null ? new Date(obj.expirationDate) : null;
+    this.hideEmail = obj.hideEmail;
+
+    switch (this.type) {
+      case SendType.Text:
+        this.text = new SendText(obj.text);
+        break;
+      case SendType.File:
+        this.file = new SendFile(obj.file);
+        break;
+      default:
+        break;
+    }
+  }
+
+  async decrypt(): Promise<SendView> {
+    const model = new SendView(this);
+
+    let cryptoService: CryptoService;
+    const containerService = (Utils.global as any).bitwardenContainerService;
+    if (containerService) {
+      cryptoService = containerService.getCryptoService();
+    } else {
+      throw new Error("global bitwardenContainerService not initialized.");
+    }
+
+    try {
+      model.key = await cryptoService.decryptToBytes(this.key, null);
+      model.cryptoKey = await cryptoService.makeSendKey(model.key);
+    } catch (e) {
+      // TODO: error?
+    }
+
+    await this.decryptObj(
+      model,
+      {
+        name: null,
+        notes: null,
+      },
+      null,
+      model.cryptoKey,
+    );
+
+    switch (this.type) {
+      case SendType.File:
+        model.file = await this.file.decrypt(model.cryptoKey);
+        break;
+      case SendType.Text:
+        model.text = await this.text.decrypt(model.cryptoKey);
+        break;
+      default:
+        break;
+    }
+
+    return model;
+  }
+}

jslib/common/src/models/domain/sendAccess.ts

@@ -0,0 +1,77 @@
+import { SendType } from "../../enums/sendType";
+import { SendAccessResponse } from "../response/sendAccessResponse";
+import { SendAccessView } from "../view/sendAccessView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SendFile } from "./sendFile";
+import { SendText } from "./sendText";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class SendAccess extends Domain {
+  id: string;
+  type: SendType;
+  name: EncString;
+  file: SendFile;
+  text: SendText;
+  expirationDate: Date;
+  creatorIdentifier: string;
+
+  constructor(obj?: SendAccessResponse) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        id: null,
+        name: null,
+        expirationDate: null,
+        creatorIdentifier: null,
+      },
+      ["id", "expirationDate", "creatorIdentifier"],
+    );
+
+    this.type = obj.type;
+
+    switch (this.type) {
+      case SendType.Text:
+        this.text = new SendText(obj.text);
+        break;
+      case SendType.File:
+        this.file = new SendFile(obj.file);
+        break;
+      default:
+        break;
+    }
+  }
+
+  async decrypt(key: SymmetricCryptoKey): Promise<SendAccessView> {
+    const model = new SendAccessView(this);
+
+    await this.decryptObj(
+      model,
+      {
+        name: null,
+      },
+      null,
+      key,
+    );
+
+    switch (this.type) {
+      case SendType.File:
+        model.file = await this.file.decrypt(key);
+        break;
+      case SendType.Text:
+        model.text = await this.text.decrypt(key);
+        break;
+      default:
+        break;
+    }
+
+    return model;
+  }
+}

jslib/common/src/models/domain/sendFile.ts

@@ -0,0 +1,44 @@
+import { SendFileData } from "../data/sendFileData";
+import { SendFileView } from "../view/sendFileView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class SendFile extends Domain {
+  id: string;
+  size: string;
+  sizeName: string;
+  fileName: EncString;
+
+  constructor(obj?: SendFileData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.size = obj.size;
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        id: null,
+        sizeName: null,
+        fileName: null,
+      },
+      ["id", "sizeName"],
+    );
+  }
+
+  async decrypt(key: SymmetricCryptoKey): Promise<SendFileView> {
+    const view = await this.decryptObj(
+      new SendFileView(this),
+      {
+        fileName: null,
+      },
+      null,
+      key,
+    );
+    return view;
+  }
+}

jslib/common/src/models/domain/sendText.ts

@@ -0,0 +1,39 @@
+import { SendTextData } from "../data/sendTextData";
+import { SendTextView } from "../view/sendTextView";
+
+import Domain from "./domainBase";
+import { EncString } from "./encString";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+export class SendText extends Domain {
+  text: EncString;
+  hidden: boolean;
+
+  constructor(obj?: SendTextData) {
+    super();
+    if (obj == null) {
+      return;
+    }
+
+    this.hidden = obj.hidden;
+    this.buildDomainModel(
+      this,
+      obj,
+      {
+        text: null,
+      },
+      [],
+    );
+  }
+
+  decrypt(key: SymmetricCryptoKey): Promise<SendTextView> {
+    return this.decryptObj(
+      new SendTextView(this),
+      {
+        text: null,
+      },
+      null,
+      key,
+    );
+  }
+}

jslib/common/src/models/domain/sortedCiphersCache.ts

@@ -0,0 +1,87 @@
+import { CipherView } from "../view/cipherView";
+
+const CacheTTL = 3000;
+
+export class SortedCiphersCache {
+  private readonly sortedCiphersByUrl: Map<string, Ciphers> = new Map<string, Ciphers>();
+  private readonly timeouts: Map<string, any> = new Map<string, any>();
+
+  constructor(private readonly comparator: (a: CipherView, b: CipherView) => number) {}
+
+  isCached(url: string) {
+    return this.sortedCiphersByUrl.has(url);
+  }
+
+  addCiphers(url: string, ciphers: CipherView[]) {
+    ciphers.sort(this.comparator);
+    this.sortedCiphersByUrl.set(url, new Ciphers(ciphers));
+    this.resetTimer(url);
+  }
+
+  getLastUsed(url: string) {
+    this.resetTimer(url);
+    return this.isCached(url) ? this.sortedCiphersByUrl.get(url).getLastUsed() : null;
+  }
+
+  getLastLaunched(url: string) {
+    return this.isCached(url) ? this.sortedCiphersByUrl.get(url).getLastLaunched() : null;
+  }
+
+  getNext(url: string) {
+    this.resetTimer(url);
+    return this.isCached(url) ? this.sortedCiphersByUrl.get(url).getNext() : null;
+  }
+
+  updateLastUsedIndex(url: string) {
+    if (this.isCached(url)) {
+      this.sortedCiphersByUrl.get(url).updateLastUsedIndex();
+    }
+  }
+
+  clear() {
+    this.sortedCiphersByUrl.clear();
+    this.timeouts.clear();
+  }
+
+  private resetTimer(url: string) {
+    clearTimeout(this.timeouts.get(url));
+    this.timeouts.set(
+      url,
+      setTimeout(() => {
+        this.sortedCiphersByUrl.delete(url);
+        this.timeouts.delete(url);
+      }, CacheTTL),
+    );
+  }
+}
+
+class Ciphers {
+  lastUsedIndex = -1;
+
+  constructor(private readonly ciphers: CipherView[]) {}
+
+  getLastUsed() {
+    this.lastUsedIndex = Math.max(this.lastUsedIndex, 0);
+    return this.ciphers[this.lastUsedIndex];
+  }
+
+  getLastLaunched() {
+    const usedCiphers = this.ciphers.filter((cipher) => cipher.localData?.lastLaunched);
+    const sortedCiphers = usedCiphers.sort(
+      (x, y) => y.localData.lastLaunched.valueOf() - x.localData.lastLaunched.valueOf(),
+    );
+    return sortedCiphers[0];
+  }
+
+  getNextIndex() {
+    return (this.lastUsedIndex + 1) % this.ciphers.length;
+  }
+
+  getNext() {
+    return this.ciphers[this.getNextIndex()];
+  }
+
+  updateLastUsedIndex() {
+    this.lastUsedIndex = this.getNextIndex();
+  }
+}

jslib/common/src/models/request/organizationImportRequest.ts

@@ -8,12 +8,16 @@ export class OrganizationImportRequest {
   overwriteExisting = false;
   largeImport = false;
 
-  constructor(model: {
+  constructor(
+    model:
+      | {
           groups: Required<OrganizationImportGroupRequest>[];
           users: Required<OrganizationImportMemberRequest>[];
           overwriteExisting: boolean;
           largeImport: boolean;
-  }) {
+        }
+      | ImportDirectoryRequest,
+  ) {
     if (model instanceof ImportDirectoryRequest) {
       this.groups = model.groups.map((g) => new OrganizationImportGroupRequest(g));
       this.members = model.users.map((u) => new OrganizationImportMemberRequest(u));

jslib/common/src/models/response/attachmentResponse.ts

@@ -0,0 +1,20 @@
+import { BaseResponse } from "./baseResponse";
+
+export class AttachmentResponse extends BaseResponse {
+  id: string;
+  url: string;
+  fileName: string;
+  key: string;
+  size: string;
+  sizeName: string;
+
+  constructor(response: any) {
+    super(response);
+    this.id = this.getResponseProperty("Id");
+    this.url = this.getResponseProperty("Url");
+    this.fileName = this.getResponseProperty("FileName");
+    this.key = this.getResponseProperty("Key");
+    this.size = this.getResponseProperty("Size");
+    this.sizeName = this.getResponseProperty("SizeName");
+  }
+}