bitwarden/jslib
1
0
Fork 0
mirror of https://github.com/bitwarden/jslib synced 2026-01-08 03:23:15 +00:00
Code Issues Releases Wiki Activity

Merge branch 'master' into AccountService

Browse Source
This commit is contained in:
addison
2021-11-09 13:52:18 -05:00
parent 3f1e84afa3 c4fb4a35ab
commit e3edffd462
73 changed files with 1276 additions and 255 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
common/src/abstractions/api.service.ts
View File

@@ -1,5 +1,6 @@
import { PolicyType } from '../enums/policyType';
import { SetCryptoAgentKeyRequest } from '../models/request/account/setCryptoAgentKeyRequest';
import { SetKeyConnectorKeyRequest } from '../models/request/account/setKeyConnectorKeyRequest';
import { VerifyOTPRequest } from '../models/request/account/verifyOTPRequest';
import { AttachmentRequest } from '../models/request/attachmentRequest';
@@ -13,7 +14,6 @@ import { CipherCreateRequest } from '../models/request/cipherCreateRequest';
import { CipherRequest } from '../models/request/cipherRequest';
import { CipherShareRequest } from '../models/request/cipherShareRequest';
import { CollectionRequest } from '../models/request/collectionRequest';
import { CryptoAgentUserKeyRequest } from '../models/request/cryptoAgentUserKeyRequest';
import { DeleteRecoverRequest } from '../models/request/deleteRecoverRequest';
import { EmailRequest } from '../models/request/emailRequest';
import { EmailTokenRequest } from '../models/request/emailTokenRequest';
@@ -30,6 +30,7 @@ import { ImportCiphersRequest } from '../models/request/importCiphersRequest';
import { ImportDirectoryRequest } from '../models/request/importDirectoryRequest';
import { ImportOrganizationCiphersRequest } from '../models/request/importOrganizationCiphersRequest';
import { KdfRequest } from '../models/request/kdfRequest';
import { KeyConnectorUserKeyRequest } from '../models/request/keyConnectorUserKeyRequest';
import { KeysRequest } from '../models/request/keysRequest';
import { OrganizationSsoRequest } from '../models/request/organization/organizationSsoRequest';
import { OrganizationCreateRequest } from '../models/request/organizationCreateRequest';
@@ -50,7 +51,6 @@ import { OrganizationUserUpdateGroupsRequest } from '../models/request/organizat
import { OrganizationUserUpdateRequest } from '../models/request/organizationUserUpdateRequest';
import { PasswordHintRequest } from '../models/request/passwordHintRequest';
import { PasswordRequest } from '../models/request/passwordRequest';
import { PasswordVerificationRequest } from '../models/request/passwordVerificationRequest';
import { PaymentRequest } from '../models/request/paymentRequest';
import { PolicyRequest } from '../models/request/policyRequest';
import { PreloginRequest } from '../models/request/preloginRequest';
@@ -66,6 +66,7 @@ import { ProviderUserInviteRequest } from '../models/request/provider/providerUs
import { ProviderUserUpdateRequest } from '../models/request/provider/providerUserUpdateRequest';
import { RegisterRequest } from '../models/request/registerRequest';
import { SeatRequest } from '../models/request/seatRequest';
import { SecretVerificationRequest } from '../models/request/secretVerificationRequest';
import { SelectionReadOnlyRequest } from '../models/request/selectionReadOnlyRequest';
import { SendAccessRequest } from '../models/request/sendAccessRequest';
import { SendRequest } from '../models/request/sendRequest';
@@ -100,7 +101,6 @@ import {
CollectionGroupDetailsResponse,
CollectionResponse,
} from '../models/response/collectionResponse';
import { CryptoAgentUserKeyResponse } from '../models/response/cryptoAgentUserKeyResponse';
import { DomainsResponse } from '../models/response/domainsResponse';
import {
EmergencyAccessGranteeDetailsResponse,
@@ -117,6 +117,7 @@ import {
import { IdentityCaptchaResponse } from '../models/response/identityCaptchaResponse';
import { IdentityTokenResponse } from '../models/response/identityTokenResponse';
import { IdentityTwoFactorResponse } from '../models/response/identityTwoFactorResponse';
import { KeyConnectorUserKeyResponse } from '../models/response/keyConnectorUserKeyResponse';
import { ListResponse } from '../models/response/listResponse';
import { OrganizationSsoResponse } from '../models/response/organization/organizationSsoResponse';
import { OrganizationAutoEnrollStatusResponse } from '../models/response/organizationAutoEnrollStatusResponse';
@@ -175,9 +176,9 @@ export abstract class ApiService {
postEmail: (request: EmailRequest) => Promise<any>;
postPassword: (request: PasswordRequest) => Promise<any>;
setPassword: (request: SetPasswordRequest) => Promise<any>;
postSetCryptoAgentKey: (request: SetCryptoAgentKeyRequest) => Promise<any>;
postSecurityStamp: (request: PasswordVerificationRequest) => Promise<any>;
deleteAccount: (request: PasswordVerificationRequest) => Promise<any>;
postSetKeyConnectorKey: (request: SetKeyConnectorKeyRequest) => Promise<any>;
postSecurityStamp: (request: SecretVerificationRequest) => Promise<any>;
deleteAccount: (request: SecretVerificationRequest) => Promise<any>;
getAccountRevisionDate: () => Promise<number>;
postPasswordHint: (request: PasswordHintRequest) => Promise<any>;
postRegister: (request: RegisterRequest) => Promise<any>;
@@ -192,13 +193,16 @@ export abstract class ApiService {
postAccountKeys: (request: KeysRequest) => Promise<any>;
postAccountVerifyEmail: () => Promise<any>;
postAccountVerifyEmailToken: (request: VerifyEmailRequest) => Promise<any>;
postAccountVerifyPassword: (request: PasswordVerificationRequest) => Promise<any>;
postAccountVerifyPassword: (request: SecretVerificationRequest) => Promise<any>;
postAccountRecoverDelete: (request: DeleteRecoverRequest) => Promise<any>;
postAccountRecoverDeleteToken: (request: VerifyDeleteRecoverRequest) => Promise<any>;
postAccountKdf: (request: KdfRequest) => Promise<any>;
postUserApiKey: (id: string, request: PasswordVerificationRequest) => Promise<ApiKeyResponse>;
postUserRotateApiKey: (id: string, request: PasswordVerificationRequest) => Promise<ApiKeyResponse>;
postUserApiKey: (id: string, request: SecretVerificationRequest) => Promise<ApiKeyResponse>;
postUserRotateApiKey: (id: string, request: SecretVerificationRequest) => Promise<ApiKeyResponse>;
putUpdateTempPassword: (request: UpdateTempPasswordRequest) => Promise<any>;
postAccountRequestOTP: () => Promise<void>;
postAccountVerifyOTP: (request: VerifyOTPRequest) => Promise<void>;
postConvertToKeyConnector: () => Promise<void>;
getFolder: (id: string) => Promise<FolderResponse>;
postFolder: (request: FolderRequest) => Promise<FolderResponse>;
@@ -240,7 +244,7 @@ export abstract class ApiService {
putShareCiphers: (request: CipherBulkShareRequest) => Promise<any>;
putCipherCollections: (id: string, request: CipherCollectionsRequest) => Promise<any>;
putCipherCollectionsAdmin: (id: string, request: CipherCollectionsRequest) => Promise<any>;
postPurgeCiphers: (request: PasswordVerificationRequest, organizationId?: string) => Promise<any>;
postPurgeCiphers: (request: SecretVerificationRequest, organizationId?: string) => Promise<any>;
postImportCiphers: (request: ImportCiphersRequest) => Promise<any>;
postImportOrganizationCiphers: (organizationId: string, request: ImportOrganizationCiphersRequest) => Promise<any>;
putDeleteCipher: (id: string) => Promise<any>;
@@ -329,15 +333,15 @@ export abstract class ApiService {
getTwoFactorProviders: () => Promise<ListResponse<TwoFactorProviderResponse>>;
getTwoFactorOrganizationProviders: (organizationId: string) => Promise<ListResponse<TwoFactorProviderResponse>>;
getTwoFactorAuthenticator: (request: PasswordVerificationRequest) => Promise<TwoFactorAuthenticatorResponse>;
getTwoFactorEmail: (request: PasswordVerificationRequest) => Promise<TwoFactorEmailResponse>;
getTwoFactorDuo: (request: PasswordVerificationRequest) => Promise<TwoFactorDuoResponse>;
getTwoFactorAuthenticator: (request: SecretVerificationRequest) => Promise<TwoFactorAuthenticatorResponse>;
getTwoFactorEmail: (request: SecretVerificationRequest) => Promise<TwoFactorEmailResponse>;
getTwoFactorDuo: (request: SecretVerificationRequest) => Promise<TwoFactorDuoResponse>;
getTwoFactorOrganizationDuo: (organizationId: string,
request: PasswordVerificationRequest) => Promise<TwoFactorDuoResponse>;
getTwoFactorYubiKey: (request: PasswordVerificationRequest) => Promise<TwoFactorYubiKeyResponse>;
getTwoFactorWebAuthn: (request: PasswordVerificationRequest) => Promise<TwoFactorWebAuthnResponse>;
getTwoFactorWebAuthnChallenge: (request: PasswordVerificationRequest) => Promise<ChallengeResponse>;
getTwoFactorRecover: (request: PasswordVerificationRequest) => Promise<TwoFactorRecoverResponse>;
request: SecretVerificationRequest) => Promise<TwoFactorDuoResponse>;
getTwoFactorYubiKey: (request: SecretVerificationRequest) => Promise<TwoFactorYubiKeyResponse>;
getTwoFactorWebAuthn: (request: SecretVerificationRequest) => Promise<TwoFactorWebAuthnResponse>;
getTwoFactorWebAuthnChallenge: (request: SecretVerificationRequest) => Promise<ChallengeResponse>;
getTwoFactorRecover: (request: SecretVerificationRequest) => Promise<TwoFactorRecoverResponse>;
putTwoFactorAuthenticator: (
request: UpdateTwoFactorAuthenticatorRequest) => Promise<TwoFactorAuthenticatorResponse>;
putTwoFactorEmail: (request: UpdateTwoFactorEmailRequest) => Promise<TwoFactorEmailResponse>;
@@ -384,8 +388,8 @@ export abstract class ApiService {
postLeaveOrganization: (id: string) => Promise<any>;
postOrganizationLicense: (data: FormData) => Promise<OrganizationResponse>;
postOrganizationLicenseUpdate: (id: string, data: FormData) => Promise<any>;
postOrganizationApiKey: (id: string, request: PasswordVerificationRequest) => Promise<ApiKeyResponse>;
postOrganizationRotateApiKey: (id: string, request: PasswordVerificationRequest) => Promise<ApiKeyResponse>;
postOrganizationApiKey: (id: string, request: SecretVerificationRequest) => Promise<ApiKeyResponse>;
postOrganizationRotateApiKey: (id: string, request: SecretVerificationRequest) => Promise<ApiKeyResponse>;
postOrganizationSso: (id: string, request: OrganizationSsoRequest) => Promise<OrganizationSsoResponse>;
postOrganizationUpgrade: (id: string, request: OrganizationUpgradeRequest) => Promise<PaymentResponse>;
postOrganizationUpdateSubscription: (id: string, request: OrganizationSubscriptionUpdateRequest) => Promise<void>;
@@ -395,7 +399,7 @@ export abstract class ApiService {
postOrganizationVerifyBank: (id: string, request: VerifyBankRequest) => Promise<any>;
postOrganizationCancel: (id: string) => Promise<any>;
postOrganizationReinstate: (id: string) => Promise<any>;
deleteOrganization: (id: string, request: PasswordVerificationRequest) => Promise<any>;
deleteOrganization: (id: string, request: SecretVerificationRequest) => Promise<any>;
getPlans: () => Promise<ListResponse<PlanResponse>>;
getTaxRates: () => Promise<ListResponse<TaxRateResponse>>;
getOrganizationKeys: (id: string) => Promise<OrganizationKeysResponse>;
@@ -449,6 +453,6 @@ export abstract class ApiService {
preValidateSso: (identifier: string) => Promise<boolean>;
getUserKeyFromCryptoAgent: (cryptoAgentUrl: string) => Promise<CryptoAgentUserKeyResponse>;
postUserKeyToCryptoAgent: (cryptoAgentUrl: string, request: CryptoAgentUserKeyRequest) => Promise<void>;
getUserKeyFromKeyConnector: (keyConnectorUrl: string) => Promise<KeyConnectorUserKeyResponse>;
postUserKeyToKeyConnector: (keyConnectorUrl: string, request: KeyConnectorUserKeyRequest) => Promise<void>;
}

2
common/src/abstractions/environment.service.ts
View File

@@ -8,6 +8,7 @@ export type Urls = {
icons?: string;
notifications?: string;
events?: string;
keyConnector?: string;
};
export type PayPalConfig = {
@@ -26,6 +27,7 @@ export abstract class EnvironmentService {
getApiUrl: () => string;
getIdentityUrl: () => string;
getEventsUrl: () => string;
getKeyConnectorUrl: () => string;
setUrlsFromStorage: () => Promise<void>;
setUrls: (urls: any, saveSettings?: boolean) => Promise<Urls>;
getUrls: () => Urls;

14
common/src/abstractions/keyConnector.service.ts Normal file
View File

@@ -0,0 +1,14 @@
import { Organization } from '../models/domain/organization';
export abstract class KeyConnectorService {
getAndSetKey: (url?: string) => Promise<void>;
getManagingOrganization: () => Promise<Organization>;
getUsesKeyConnector: () => Promise<boolean>;
migrateUser: () => Promise<void>;
userNeedsMigration: () => Promise<boolean>;
setUsesKeyConnector: (enabled: boolean) => Promise<void>;
setConvertAccountRequired: (status: boolean) => Promise<void>;
getConvertAccountRequired: () => Promise<boolean>;
removeConvertAccountRequired: () => Promise<void>;
clear: () => Promise<void>;
}

1
common/src/abstractions/passwordReprompt.service.ts
View File

@@ -1,4 +1,5 @@
export abstract class PasswordRepromptService {
protectedFields: () => string[];
showPasswordPrompt: () => Promise<boolean>;
enabled: () => Promise<boolean>;
}

1
common/src/abstractions/token.service.ts
View File

@@ -23,4 +23,5 @@ export abstract class TokenService {
getName: () => Promise<string>;
getPremium: () => Promise<boolean>;
getIssuer: () => Promise<string>;
getIsExternal: () => boolean;
}

9
common/src/abstractions/userVerification.service.ts Normal file
View File

@@ -0,0 +1,9 @@
import { SecretVerificationRequest } from '../models/request/secretVerificationRequest';
import { Verification } from '../types/verification';
export abstract class UserVerificationService {
buildRequest: <T extends SecretVerificationRequest> (verification: Verification,
requestClass?: new () => T, alreadyHashed?: boolean) => Promise<T>;
verifyUser: (verification: Verification) => Promise<boolean>;
}

5
common/src/enums/eventType.ts
View File

@@ -8,6 +8,7 @@ export enum EventType {
User_FailedLogIn2fa = 1006,
User_ClientExportedVault = 1007,
User_UpdatedTempPassword = 1008,
User_MigratedKeyToKeyConnector = 1009,
Cipher_Created = 1100,
Cipher_Updated = 1101,
@@ -51,6 +52,10 @@ export enum EventType {
Organization_PurgedVault = 1601,
// Organization_ClientExportedVault = 1602,
Organization_VaultAccessed = 1603,
Organization_EnabledSso = 1604,
Organization_DisabledSso = 1605,
Organization_EnabledKeyConnector = 1606,
Organization_DisabledKeyConnector = 1607,
Policy_Updated = 1700,

1
common/src/enums/fieldType.ts
View File

@@ -2,4 +2,5 @@ export enum FieldType {
Text = 0,
Hidden = 1,
Boolean = 2,
Linked = 3,
}

40
common/src/enums/linkedIdType.ts Normal file
View File

@@ -0,0 +1,40 @@
export type LinkedIdType = LoginLinkedId | CardLinkedId | IdentityLinkedId;
// LoginView
export enum LoginLinkedId {
Username = 100,
Password = 101,
}
// CardView
export enum CardLinkedId {
CardholderName = 300,
ExpMonth = 301,
ExpYear = 302,
Code = 303,
Brand = 304,
Number = 305,
}
// IdentityView
export enum IdentityLinkedId {
Title = 400,
MiddleName = 401,
Address1 = 402,
Address2 = 403,
Address3 = 404,
City = 405,
State = 406,
PostalCode = 407,
Country = 408,
Company = 409,
Email = 410,
Phone = 411,
Ssn = 412,
Username = 413,
PassportNumber = 414,
LicenseNumber = 415,
FirstName = 416,
LastName = 417,
FullName = 418,
}

4
common/src/enums/verificationType.ts Normal file
View File

@@ -0,0 +1,4 @@
export enum VerificationType {
MasterPassword = 0,
OTP = 1,
}

28
common/src/misc/linkedFieldOption.decorator.ts Normal file
View File

@@ -0,0 +1,28 @@
import { ItemView } from '../models/view/itemView';
import { LinkedIdType } from '../enums/linkedIdType';
export class LinkedMetadata {
constructor(readonly propertyKey: string, private readonly _i18nKey?: string) { }
get i18nKey() {
return this._i18nKey ?? this.propertyKey;
}
}
/**
* A decorator used to set metadata used by Linked custom fields. Apply it to a class property or getter to make it
* available as a Linked custom field option.
* @param id - A unique value that is saved in the Field model. It is used to look up the decorated class property.
* @param i18nKey - The i18n key used to describe the decorated class property in the UI. If it is null, then the name
* of the class property will be used as the i18n key.
*/
export function linkedFieldOption(id: LinkedIdType, i18nKey?: string) {
return (prototype: ItemView, propertyKey: string) => {
if (prototype.linkedFieldOptions == null) {
prototype.linkedFieldOptions = new Map<LinkedIdType, LinkedMetadata>();
}
prototype.linkedFieldOptions.set(id, new LinkedMetadata(propertyKey, i18nKey));
};
}

3
common/src/misc/utils.ts
View File

@@ -219,7 +219,8 @@ export class Utils {
}
let httpUrl = uriString.startsWith('http://') || uriString.startsWith('https://');
if (!httpUrl && uriString.indexOf('://') < 0 && Utils.tldEndingRegex.test(uriString)) {
if (!httpUrl && uriString.indexOf('://') < 0 && Utils.tldEndingRegex.test(uriString) &&
uriString.indexOf('@') < 0) {
uriString = 'http://' + uriString;
httpUrl = true;
}

3
common/src/models/api/fieldApi.ts
View File

@@ -1,11 +1,13 @@
import { BaseResponse } from '../response/baseResponse';
import { FieldType } from '../../enums/fieldType';
import { LinkedIdType } from '../../enums/linkedIdType';
export class FieldApi extends BaseResponse {
name: string;
value: string;
type: FieldType;
linkedId: LinkedIdType;
constructor(data: any = null) {
super(data);
@@ -15,5 +17,6 @@ export class FieldApi extends BaseResponse {
this.type = this.getResponseProperty('Type');
this.name = this.getResponseProperty('Name');
this.value = this.getResponseProperty('Value');
this.linkedId = this.getResponseProperty('linkedId');
}
}

8
common/src/models/api/ssoConfigApi.ts
View File

@@ -37,8 +37,8 @@ enum Saml2SigningBehavior {
export class SsoConfigApi extends BaseResponse {
configType: SsoType;
useCryptoAgent: boolean;
cryptoAgentUrl: string;
useKeyConnector: boolean;
keyConnectorUrl: string;
// OpenId
authority: string;
@@ -81,8 +81,8 @@ export class SsoConfigApi extends BaseResponse {
this.configType = this.getResponseProperty('ConfigType');
this.useCryptoAgent = this.getResponseProperty('UseCryptoAgent');
this.cryptoAgentUrl = this.getResponseProperty('CryptoAgentUrl');
this.useKeyConnector = this.getResponseProperty('UseKeyConnector');
this.keyConnectorUrl = this.getResponseProperty('KeyConnectorUrl');
this.authority = this.getResponseProperty('Authority');
this.clientId = this.getResponseProperty('ClientId');

3
common/src/models/data/fieldData.ts
View File

@@ -1,4 +1,5 @@
import { FieldType } from '../../enums/fieldType';
import { LinkedIdType } from '../../enums/linkedIdType';
import { FieldApi } from '../api/fieldApi';
@@ -6,6 +7,7 @@ export class FieldData {
type: FieldType;
name: string;
value: string;
linkedId: LinkedIdType;
constructor(response?: FieldApi) {
if (response == null) {
@@ -14,5 +16,6 @@ export class FieldData {
this.type = response.type;
this.name = response.name;
this.value = response.value;
this.linkedId = response.linkedId;
}
}

4
common/src/models/data/organizationData.ts
View File

@@ -33,6 +33,8 @@ export class OrganizationData {
providerId: string;
providerName: string;
isProviderUser: boolean;
usesKeyConnector: boolean;
keyConnectorUrl: string;
constructor(response: ProfileOrganizationResponse) {
this.id = response.id;
@@ -62,5 +64,7 @@ export class OrganizationData {
this.hasPublicAndPrivateKeys = response.hasPublicAndPrivateKeys;
this.providerId = response.providerId;
this.providerName = response.providerName;
this.usesKeyConnector = response.usesKeyConnector;
this.keyConnectorUrl = response.keyConnectorUrl;
}
}

6
common/src/models/domain/field.ts
View File

@@ -1,4 +1,5 @@
import { FieldType } from '../../enums/fieldType';
import { LinkedIdType } from '../../enums/linkedIdType';
import { FieldData } from '../data/fieldData';
@@ -12,6 +13,7 @@ export class Field extends Domain {
name: EncString;
value: EncString;
type: FieldType;
linkedId: LinkedIdType;
constructor(obj?: FieldData, alreadyEncrypted: boolean = false) {
super();
@@ -20,6 +22,7 @@ export class Field extends Domain {
}
this.type = obj.type;
this.linkedId = obj.linkedId;
this.buildDomainModel(this, obj, {
name: null,
value: null,
@@ -39,7 +42,8 @@ export class Field extends Domain {
name: null,
value: null,
type: null,
}, ['type']);
linkedId: null,
}, ['type', 'linkedId']);
return f;
}
}

4
common/src/models/domain/organization.ts
View File

@@ -34,6 +34,8 @@ export class Organization {
providerId: string;
providerName: string;
isProviderUser: boolean;
usesKeyConnector: boolean;
keyConnectorUrl: string;
constructor(obj?: OrganizationData) {
if (obj == null) {
@@ -68,6 +70,8 @@ export class Organization {
this.providerId = obj.providerId;
this.providerName = obj.providerName;
this.isProviderUser = obj.isProviderUser;
this.usesKeyConnector = obj.usesKeyConnector;
this.keyConnectorUrl = obj.keyConnectorUrl;
}
get canAccess() {

2
common/src/models/request/account/setCryptoAgentKeyRequest.ts → common/src/models/request/account/setKeyConnectorKeyRequest.ts
View File

@@ -2,7 +2,7 @@ import { KeysRequest } from '../keysRequest';
import { KdfType } from '../../../enums/kdfType';
export class SetCryptoAgentKeyRequest {
export class SetKeyConnectorKeyRequest {
key: string;
keys: KeysRequest;
kdf: KdfType;

7
common/src/models/request/account/verifyOTPRequest.ts Normal file
View File

@@ -0,0 +1,7 @@
export class VerifyOTPRequest {
OTP: string;
constructor(OTP: string) {
this.OTP = OTP;
}
}

1
common/src/models/request/cipherRequest.ts
View File

@@ -119,6 +119,7 @@ export class CipherRequest {
field.type = f.type;
field.name = f.name ? f.name.encryptedString : null;
field.value = f.value ? f.value.encryptedString : null;
field.linkedId = f.linkedId;
return field;
});
}

4
common/src/models/request/emailTokenRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class EmailTokenRequest extends PasswordVerificationRequest {
export class EmailTokenRequest extends SecretVerificationRequest {
newEmail: string;
masterPasswordHash: string;
}

2
common/src/models/request/cryptoAgentUserKeyRequest.ts → common/src/models/request/keyConnectorUserKeyRequest.ts
View File

@@ -1,4 +1,4 @@
export class CryptoAgentUserKeyRequest {
export class KeyConnectorUserKeyRequest {
key: string;
constructor(key: string) {

4
common/src/models/request/passwordRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class PasswordRequest extends PasswordVerificationRequest {
export class PasswordRequest extends SecretVerificationRequest {
newMasterPasswordHash: string;
key: string;
}

3
common/src/models/request/passwordVerificationRequest.ts
View File

@@ -1,3 +0,0 @@
export class PasswordVerificationRequest {
masterPasswordHash: string;
}

4
common/src/models/request/secretVerificationRequest.ts Normal file
View File

@@ -0,0 +1,4 @@
export class SecretVerificationRequest {
masterPasswordHash: string;
otp: string;
}

10
common/src/models/request/twoFactorEmailRequest.ts
View File

@@ -1,11 +1,5 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class TwoFactorEmailRequest extends PasswordVerificationRequest {
export class TwoFactorEmailRequest extends SecretVerificationRequest {
email: string;
constructor(email: string, masterPasswordHash: string) {
super();
this.masterPasswordHash = masterPasswordHash;
this.email = email;
}
}

4
common/src/models/request/twoFactorProviderRequest.ts
View File

@@ -1,7 +1,7 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
import { TwoFactorProviderType } from '../../enums/twoFactorProviderType';
export class TwoFactorProviderRequest extends PasswordVerificationRequest {
export class TwoFactorProviderRequest extends SecretVerificationRequest {
type: TwoFactorProviderType;
}

4
common/src/models/request/twoFactorRecoveryRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class TwoFactorRecoveryRequest extends PasswordVerificationRequest {
export class TwoFactorRecoveryRequest extends SecretVerificationRequest {
recoveryCode: string;
email: string;
}

4
common/src/models/request/updateTwoFactorAuthenticatorRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class UpdateTwoFactorAuthenticatorRequest extends PasswordVerificationRequest {
export class UpdateTwoFactorAuthenticatorRequest extends SecretVerificationRequest {
token: string;
key: string;
}

4
common/src/models/request/updateTwoFactorDuoRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class UpdateTwoFactorDuoRequest extends PasswordVerificationRequest {
export class UpdateTwoFactorDuoRequest extends SecretVerificationRequest {
integrationKey: string;
secretKey: string;
host: string;

4
common/src/models/request/updateTwoFactorEmailRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class UpdateTwoFactorEmailRequest extends PasswordVerificationRequest {
export class UpdateTwoFactorEmailRequest extends SecretVerificationRequest {
token: string;
email: string;
}

4
common/src/models/request/updateTwoFactorWebAuthnDeleteRequest.ts
View File

@@ -1,5 +1,5 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class UpdateTwoFactorWebAuthnDeleteRequest extends PasswordVerificationRequest {
export class UpdateTwoFactorWebAuthnDeleteRequest extends SecretVerificationRequest {
id: number;
}

4
common/src/models/request/updateTwoFactorWebAuthnRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class UpdateTwoFactorWebAuthnRequest extends PasswordVerificationRequest {
export class UpdateTwoFactorWebAuthnRequest extends SecretVerificationRequest {
deviceResponse: PublicKeyCredential;
name: string;
id: number;

4
common/src/models/request/updateTwoFactorYubioOtpRequest.ts
View File

@@ -1,6 +1,6 @@
import { PasswordVerificationRequest } from './passwordVerificationRequest';
import { SecretVerificationRequest } from './secretVerificationRequest';
export class UpdateTwoFactorYubioOtpRequest extends PasswordVerificationRequest {
export class UpdateTwoFactorYubioOtpRequest extends SecretVerificationRequest {
key1: string;
key2: string;
key3: string;

4
common/src/models/response/identityTokenResponse.ts
View File

@@ -15,7 +15,7 @@ export class IdentityTokenResponse extends BaseResponse {
kdf: KdfType;
kdfIterations: number;
forcePasswordReset: boolean;
cryptoAgentUrl: string;
keyConnectorUrl: string;
constructor(response: any) {
super(response);
@@ -31,6 +31,6 @@ export class IdentityTokenResponse extends BaseResponse {
this.kdf = this.getResponseProperty('Kdf');
this.kdfIterations = this.getResponseProperty('KdfIterations');
this.forcePasswordReset = this.getResponseProperty('ForcePasswordReset');
this.cryptoAgentUrl = this.getResponseProperty('CryptoAgentUrl');
this.keyConnectorUrl = this.getResponseProperty('KeyConnectorUrl');
}
}

2
common/src/models/response/cryptoAgentUserKeyResponse.ts → common/src/models/response/keyConnectorUserKeyResponse.ts
View File

@@ -1,6 +1,6 @@
import { BaseResponse } from './baseResponse';
export class CryptoAgentUserKeyResponse extends BaseResponse {
export class KeyConnectorUserKeyResponse extends BaseResponse {
key: string;
constructor(response: any) {

4
common/src/models/response/profileOrganizationResponse.ts
View File

@@ -33,6 +33,8 @@ export class ProfileOrganizationResponse extends BaseResponse {
userId: string;
providerId: string;
providerName: string;
usesKeyConnector: boolean;
keyConnectorUrl: string;
constructor(response: any) {
super(response);
@@ -64,5 +66,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
this.userId = this.getResponseProperty('UserId');
this.providerId = this.getResponseProperty('ProviderId');
this.providerName = this.getResponseProperty('ProviderName');
this.usesKeyConnector = this.getResponseProperty('UsesKeyConnector') ?? false;
this.keyConnectorUrl = this.getResponseProperty('KeyConnectorUrl');
}
}

66
common/src/models/response/profileProviderOrganizationResponse.ts
View File

@@ -1,68 +1,8 @@
import { BaseResponse } from './baseResponse';
import { OrganizationUserStatusType } from '../../enums/organizationUserStatusType';
import { OrganizationUserType } from '../../enums/organizationUserType';
import { PermissionsApi } from '../api/permissionsApi';
export class ProfileProviderOrganizationResponse extends BaseResponse {
id: string;
name: string;
usePolicies: boolean;
useGroups: boolean;
useDirectory: boolean;
useEvents: boolean;
useTotp: boolean;
use2fa: boolean;
useApi: boolean;
useSso: boolean;
useResetPassword: boolean;
selfHost: boolean;
usersGetPremium: boolean;
seats: number;
maxCollections: number;
maxStorageGb?: number;
key: string;
hasPublicAndPrivateKeys: boolean;
status: OrganizationUserStatusType;
type: OrganizationUserType;
enabled: boolean;
ssoBound: boolean;
identifier: string;
permissions: PermissionsApi;
resetPasswordEnrolled: boolean;
userId: string;
providerId: string;
providerName: string;
import { ProfileOrganizationResponse } from './profileOrganizationResponse';
export class ProfileProviderOrganizationResponse extends ProfileOrganizationResponse {
constructor(response: any) {
super(response);
this.id = this.getResponseProperty('Id');
this.name = this.getResponseProperty('Name');
this.usePolicies = this.getResponseProperty('UsePolicies');
this.useGroups = this.getResponseProperty('UseGroups');
this.useDirectory = this.getResponseProperty('UseDirectory');
this.useEvents = this.getResponseProperty('UseEvents');
this.useTotp = this.getResponseProperty('UseTotp');
this.use2fa = this.getResponseProperty('Use2fa');
this.useApi = this.getResponseProperty('UseApi');
this.useSso = this.getResponseProperty('UseSso');
this.useResetPassword = this.getResponseProperty('UseResetPassword');
this.selfHost = this.getResponseProperty('SelfHost');
this.usersGetPremium = this.getResponseProperty('UsersGetPremium');
this.seats = this.getResponseProperty('Seats');
this.maxCollections = this.getResponseProperty('MaxCollections');
this.maxStorageGb = this.getResponseProperty('MaxStorageGb');
this.key = this.getResponseProperty('Key');
this.hasPublicAndPrivateKeys = this.getResponseProperty('HasPublicAndPrivateKeys');
this.status = this.getResponseProperty('Status');
this.type = this.getResponseProperty('Type');
this.enabled = this.getResponseProperty('Enabled');
this.ssoBound = this.getResponseProperty('SsoBound');
this.identifier = this.getResponseProperty('Identifier');
this.permissions = new PermissionsApi(this.getResponseProperty('permissions'));
this.resetPasswordEnrolled = this.getResponseProperty('ResetPasswordEnrolled');
this.userId = this.getResponseProperty('UserId');
this.providerId = this.getResponseProperty('ProviderId');
this.providerName = this.getResponseProperty('ProviderName');
this.usesKeyConnector = false;
}
}

2
common/src/models/response/profileResponse.ts
View File

@@ -16,6 +16,7 @@ export class ProfileResponse extends BaseResponse {
privateKey: string;
securityStamp: string;
forcePasswordReset: boolean;
usesKeyConnector: boolean;
organizations: ProfileOrganizationResponse[] = [];
providers: ProfileProviderResponse[] = [];
providerOrganizations: ProfileProviderOrganizationResponse[] = [];
@@ -34,6 +35,7 @@ export class ProfileResponse extends BaseResponse {
this.privateKey = this.getResponseProperty('PrivateKey');
this.securityStamp = this.getResponseProperty('SecurityStamp');
this.forcePasswordReset = this.getResponseProperty('ForcePasswordReset') ?? false;
this.usesKeyConnector = this.getResponseProperty('UsesKeyConnector') ?? false;
const organizations = this.getResponseProperty('Organizations');
if (organizations != null) {

16
common/src/models/view/cardView.ts
View File

@@ -1,11 +1,19 @@
import { View } from './view';
import { ItemView } from './itemView';
import { Card } from '../domain/card';
export class CardView implements View {
import { CardLinkedId as LinkedId } from '../../enums/linkedIdType';
import { linkedFieldOption } from '../../misc/linkedFieldOption.decorator';
export class CardView extends ItemView {
@linkedFieldOption(LinkedId.CardholderName)
cardholderName: string = null;
@linkedFieldOption(LinkedId.ExpMonth, 'expirationMonth')
expMonth: string = null;
@linkedFieldOption(LinkedId.ExpYear, 'expirationYear')
expYear: string = null;
@linkedFieldOption(LinkedId.Code, 'securityCode')
code: string = null;
// tslint:disable
@@ -15,7 +23,7 @@ export class CardView implements View {
// tslint:enable
constructor(c?: Card) {
// ctor
super();
}
get maskedCode(): string {
@@ -26,6 +34,7 @@ export class CardView implements View {
return this.number != null ? '•'.repeat(this.number.length) : null;
}
@linkedFieldOption(LinkedId.Brand)
get brand(): string {
return this._brand;
}
@@ -34,6 +43,7 @@ export class CardView implements View {
this._subTitle = null;
}
@linkedFieldOption(LinkedId.Number)
get number(): string {
return this._number;
}

34
common/src/models/view/cipherView.ts
View File

@@ -1,5 +1,6 @@
import { CipherRepromptType } from '../../enums/cipherRepromptType';
import { CipherType } from '../../enums/cipherType';
import { LinkedIdType } from '../../enums/linkedIdType';
import { Cipher } from '../domain/cipher';
@@ -7,6 +8,7 @@ import { AttachmentView } from './attachmentView';
import { CardView } from './cardView';
import { FieldView } from './fieldView';
import { IdentityView } from './identityView';
import { ItemView } from './itemView';
import { LoginView } from './loginView';
import { PasswordHistoryView } from './passwordHistoryView';
import { SecureNoteView } from './secureNoteView';
@@ -57,16 +59,16 @@ export class CipherView implements View {
this.reprompt = c.reprompt ?? CipherRepromptType.None;
}
get subTitle(): string {
private get item() {
switch (this.type) {
case CipherType.Login:
return this.login.subTitle;
return this.login;
case CipherType.SecureNote:
return this.secureNote.subTitle;
return this.secureNote;
case CipherType.Card:
return this.card.subTitle;
return this.card;
case CipherType.Identity:
return this.identity.subTitle;
return this.identity;
default:
break;
}
@@ -74,6 +76,10 @@ export class CipherView implements View {
return null;
}
get subTitle(): string {
return this.item.subTitle;
}
get hasPasswordHistory(): boolean {
return this.passwordHistory && this.passwordHistory.length > 0;
}
@@ -109,4 +115,22 @@ export class CipherView implements View {
get isDeleted(): boolean {
return this.deletedDate != null;
}
get linkedFieldOptions() {
return this.item.linkedFieldOptions;
}
linkedFieldValue(id: LinkedIdType) {
const linkedFieldOption = this.linkedFieldOptions?.get(id);
if (linkedFieldOption == null) {
return null;
}
const item = this.item;
return this.item[linkedFieldOption.propertyKey as keyof typeof item];
}
linkedFieldI18nKey(id: LinkedIdType): string {
return this.linkedFieldOptions.get(id)?.i18nKey;
}
}

3
common/src/models/view/fieldView.ts
View File

@@ -1,4 +1,5 @@
import { FieldType } from '../../enums/fieldType';
import { LinkedIdType } from '../../enums/linkedIdType';
import { View } from './view';
@@ -10,6 +11,7 @@ export class FieldView implements View {
type: FieldType = null;
newField: boolean = false; // Marks if the field is new and hasn't been saved
showValue: boolean = false;
linkedId: LinkedIdType = null;
constructor(f?: Field) {
if (!f) {
@@ -17,6 +19,7 @@ export class FieldView implements View {
}
this.type = f.type;
this.linkedId = f.linkedId;
}
get maskedValue(): string {

29
common/src/models/view/identityView.ts
View File

@@ -1,25 +1,45 @@
import { View } from './view';
import { ItemView } from './itemView';
import { Identity } from '../domain/identity';
import { Utils } from '../../misc/utils';
export class IdentityView implements View {
import { IdentityLinkedId as LinkedId } from '../../enums/linkedIdType';
import { linkedFieldOption } from '../../misc/linkedFieldOption.decorator';
export class IdentityView extends ItemView {
@linkedFieldOption(LinkedId.Title)
title: string = null;
@linkedFieldOption(LinkedId.MiddleName)
middleName: string = null;
@linkedFieldOption(LinkedId.Address1)
address1: string = null;
@linkedFieldOption(LinkedId.Address2)
address2: string = null;
@linkedFieldOption(LinkedId.Address3)
address3: string = null;
@linkedFieldOption(LinkedId.City, 'cityTown')
city: string = null;
@linkedFieldOption(LinkedId.State, 'stateProvince')
state: string = null;
@linkedFieldOption(LinkedId.PostalCode, 'zipPostalCode')
postalCode: string = null;
@linkedFieldOption(LinkedId.Country)
country: string = null;
@linkedFieldOption(LinkedId.Company)
company: string = null;
@linkedFieldOption(LinkedId.Email)
email: string = null;
@linkedFieldOption(LinkedId.Phone)
phone: string = null;
@linkedFieldOption(LinkedId.Ssn)
ssn: string = null;
@linkedFieldOption(LinkedId.Username)
username: string = null;
@linkedFieldOption(LinkedId.PassportNumber)
passportNumber: string = null;
@linkedFieldOption(LinkedId.LicenseNumber)
licenseNumber: string = null;
// tslint:disable
@@ -29,9 +49,10 @@ export class IdentityView implements View {
// tslint:enable
constructor(i?: Identity) {
// ctor
super();
}
@linkedFieldOption(LinkedId.FirstName)
get firstName(): string {
return this._firstName;
}
@@ -40,6 +61,7 @@ export class IdentityView implements View {
this._subTitle = null;
}
@linkedFieldOption(LinkedId.LastName)
get lastName(): string {
return this._lastName;
}
@@ -65,6 +87,7 @@ export class IdentityView implements View {
return this._subTitle;
}
@linkedFieldOption(LinkedId.FullName)
get fullName(): string {
if (this.title != null || this.firstName != null || this.middleName != null || this.lastName != null) {
let name = '';

8
common/src/models/view/itemView.ts Normal file
View File

@@ -0,0 +1,8 @@
import { View } from './view';
import { LinkedMetadata } from '../../misc/linkedFieldOption.decorator';
export abstract class ItemView implements View {
linkedFieldOptions: Map<number, LinkedMetadata>;
abstract get subTitle(): string;
}

13
common/src/models/view/loginView.ts
View File

@@ -1,18 +1,27 @@
import { ItemView } from './itemView';
import { LoginUriView } from './loginUriView';
import { View } from './view';
import { Utils } from '../../misc/utils';
import { Login } from '../domain/login';
export class LoginView implements View {
import { LoginLinkedId as LinkedId } from '../../enums/linkedIdType';
import { linkedFieldOption } from '../../misc/linkedFieldOption.decorator';
export class LoginView extends ItemView {
@linkedFieldOption(LinkedId.Username)
username: string = null;
@linkedFieldOption(LinkedId.Password)
password: string = null;
passwordRevisionDate?: Date = null;
totp: string = null;
uris: LoginUriView[] = null;
autofillOnPageLoad: boolean = null;
constructor(l?: Login) {
super();
if (!l) {
return;
}

5
common/src/models/view/secureNoteView.ts
View File

@@ -1,13 +1,14 @@
import { SecureNoteType } from '../../enums/secureNoteType';
import { View } from './view';
import { ItemView } from './itemView';
import { SecureNote } from '../domain/secureNote';
export class SecureNoteView implements View {
export class SecureNoteView extends ItemView {
type: SecureNoteType = null;
constructor(n?: SecureNote) {
super();
if (!n) {
return;
}

71
common/src/services/api.service.ts
View File

@@ -52,7 +52,6 @@ import { OrganizationUserUpdateGroupsRequest } from '../models/request/organizat
import { OrganizationUserUpdateRequest } from '../models/request/organizationUserUpdateRequest';
import { PasswordHintRequest } from '../models/request/passwordHintRequest';
import { PasswordRequest } from '../models/request/passwordRequest';
import { PasswordVerificationRequest } from '../models/request/passwordVerificationRequest';
import { PaymentRequest } from '../models/request/paymentRequest';
import { PolicyRequest } from '../models/request/policyRequest';
import { PreloginRequest } from '../models/request/preloginRequest';
@@ -68,6 +67,7 @@ import { ProviderUserInviteRequest } from '../models/request/provider/providerUs
import { ProviderUserUpdateRequest } from '../models/request/provider/providerUserUpdateRequest';
import { RegisterRequest } from '../models/request/registerRequest';
import { SeatRequest } from '../models/request/seatRequest';
import { SecretVerificationRequest } from '../models/request/secretVerificationRequest';
import { SelectionReadOnlyRequest } from '../models/request/selectionReadOnlyRequest';
import { SendAccessRequest } from '../models/request/sendAccessRequest';
import { SendRequest } from '../models/request/sendRequest';
@@ -166,9 +166,10 @@ import { ChallengeResponse } from '../models/response/twoFactorWebAuthnResponse'
import { TwoFactorYubiKeyResponse } from '../models/response/twoFactorYubiKeyResponse';
import { UserKeyResponse } from '../models/response/userKeyResponse';
import { SetCryptoAgentKeyRequest } from '../models/request/account/setCryptoAgentKeyRequest';
import { CryptoAgentUserKeyRequest } from '../models/request/cryptoAgentUserKeyRequest';
import { CryptoAgentUserKeyResponse } from '../models/response/cryptoAgentUserKeyResponse';
import { SetKeyConnectorKeyRequest } from '../models/request/account/setKeyConnectorKeyRequest';
import { VerifyOTPRequest } from '../models/request/account/verifyOTPRequest';
import { KeyConnectorUserKeyRequest } from '../models/request/keyConnectorUserKeyRequest';
import { KeyConnectorUserKeyResponse } from '../models/response/keyConnectorUserKeyResponse';
import { SendAccessView } from '../models/view/sendAccessView';
export class ApiService implements ApiServiceAbstraction {
@@ -292,15 +293,15 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('POST', '/accounts/set-password', request, true, false);
}
postSetCryptoAgentKey(request: SetCryptoAgentKeyRequest): Promise<any> {
return this.send('POST', '/accounts/set-crypto-agent-key', request, true, false);
postSetKeyConnectorKey(request: SetKeyConnectorKeyRequest): Promise<any> {
return this.send('POST', '/accounts/set-key-connector-key', request, true, false);
}
postSecurityStamp(request: PasswordVerificationRequest): Promise<any> {
postSecurityStamp(request: SecretVerificationRequest): Promise<any> {
return this.send('POST', '/accounts/security-stamp', request, true, false);
}
deleteAccount(request: PasswordVerificationRequest): Promise<any> {
deleteAccount(request: SecretVerificationRequest): Promise<any> {
return this.send('DELETE', '/accounts', request, true, false);
}
@@ -363,7 +364,7 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('POST', '/accounts/verify-email-token', request, false, false);
}
postAccountVerifyPassword(request: PasswordVerificationRequest): Promise<any> {
postAccountVerifyPassword(request: SecretVerificationRequest): Promise<any> {
return this.send('POST', '/accounts/verify-password', request, true, false);
}
@@ -387,12 +388,12 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('GET', '/accounts/sso/user-identifier', null, true, true);
}
async postUserApiKey(id: string, request: PasswordVerificationRequest): Promise<ApiKeyResponse> {
async postUserApiKey(id: string, request: SecretVerificationRequest): Promise<ApiKeyResponse> {
const r = await this.send('POST', '/accounts/api-key', request, true, true);
return new ApiKeyResponse(r);
}
async postUserRotateApiKey(id: string, request: PasswordVerificationRequest): Promise<ApiKeyResponse> {
async postUserRotateApiKey(id: string, request: SecretVerificationRequest): Promise<ApiKeyResponse> {
const r = await this.send('POST', '/accounts/rotate-api-key', request, true, true);
return new ApiKeyResponse(r);
}
@@ -401,6 +402,18 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('PUT', '/accounts/update-temp-password', request, true, false);
}
postAccountRequestOTP(): Promise<void> {
return this.send('POST', '/accounts/request-otp', null, true, false);
}
postAccountVerifyOTP(request: VerifyOTPRequest): Promise<void> {
return this.send('POST', '/accounts/verify-otp', request, true, false);
}
postConvertToKeyConnector(): Promise<void> {
return this.send('POST', '/accounts/convert-to-key-connector', null, true, false);
}
// Folder APIs
async getFolder(id: string): Promise<FolderResponse> {
@@ -573,7 +586,7 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('PUT', '/ciphers/' + id + '/collections-admin', request, true, false);
}
postPurgeCiphers(request: PasswordVerificationRequest, organizationId: string = null): Promise<any> {
postPurgeCiphers(request: SecretVerificationRequest, organizationId: string = null): Promise<any> {
let path = '/ciphers/purge';
if (organizationId != null) {
path += '?organizationId=' + organizationId;
@@ -939,44 +952,44 @@ export class ApiService implements ApiServiceAbstraction {
return new ListResponse(r, TwoFactorProviderResponse);
}
async getTwoFactorAuthenticator(request: PasswordVerificationRequest): Promise<TwoFactorAuthenticatorResponse> {
async getTwoFactorAuthenticator(request: SecretVerificationRequest): Promise<TwoFactorAuthenticatorResponse> {
const r = await this.send('POST', '/two-factor/get-authenticator', request, true, true);
return new TwoFactorAuthenticatorResponse(r);
}
async getTwoFactorEmail(request: PasswordVerificationRequest): Promise<TwoFactorEmailResponse> {
async getTwoFactorEmail(request: SecretVerificationRequest): Promise<TwoFactorEmailResponse> {
const r = await this.send('POST', '/two-factor/get-email', request, true, true);
return new TwoFactorEmailResponse(r);
}
async getTwoFactorDuo(request: PasswordVerificationRequest): Promise<TwoFactorDuoResponse> {
async getTwoFactorDuo(request: SecretVerificationRequest): Promise<TwoFactorDuoResponse> {
const r = await this.send('POST', '/two-factor/get-duo', request, true, true);
return new TwoFactorDuoResponse(r);
}
async getTwoFactorOrganizationDuo(organizationId: string,
request: PasswordVerificationRequest): Promise<TwoFactorDuoResponse> {
request: SecretVerificationRequest): Promise<TwoFactorDuoResponse> {
const r = await this.send('POST', '/organizations/' + organizationId + '/two-factor/get-duo',
request, true, true);
return new TwoFactorDuoResponse(r);
}
async getTwoFactorYubiKey(request: PasswordVerificationRequest): Promise<TwoFactorYubiKeyResponse> {
async getTwoFactorYubiKey(request: SecretVerificationRequest): Promise<TwoFactorYubiKeyResponse> {
const r = await this.send('POST', '/two-factor/get-yubikey', request, true, true);
return new TwoFactorYubiKeyResponse(r);
}
async getTwoFactorWebAuthn(request: PasswordVerificationRequest): Promise<TwoFactorWebAuthnResponse> {
async getTwoFactorWebAuthn(request: SecretVerificationRequest): Promise<TwoFactorWebAuthnResponse> {
const r = await this.send('POST', '/two-factor/get-webauthn', request, true, true);
return new TwoFactorWebAuthnResponse(r);
}
async getTwoFactorWebAuthnChallenge(request: PasswordVerificationRequest): Promise<ChallengeResponse> {
async getTwoFactorWebAuthnChallenge(request: SecretVerificationRequest): Promise<ChallengeResponse> {
const r = await this.send('POST', '/two-factor/get-webauthn-challenge', request, true, true);
return new ChallengeResponse(r);
}
async getTwoFactorRecover(request: PasswordVerificationRequest): Promise<TwoFactorRecoverResponse> {
async getTwoFactorRecover(request: SecretVerificationRequest): Promise<TwoFactorRecoverResponse> {
const r = await this.send('POST', '/two-factor/get-recover', request, true, true);
return new TwoFactorRecoverResponse(r);
}
@@ -1187,12 +1200,12 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('POST', '/organizations/' + id + '/license', data, true, false);
}
async postOrganizationApiKey(id: string, request: PasswordVerificationRequest): Promise<ApiKeyResponse> {
async postOrganizationApiKey(id: string, request: SecretVerificationRequest): Promise<ApiKeyResponse> {
const r = await this.send('POST', '/organizations/' + id + '/api-key', request, true, true);
return new ApiKeyResponse(r);
}
async postOrganizationRotateApiKey(id: string, request: PasswordVerificationRequest): Promise<ApiKeyResponse> {
async postOrganizationRotateApiKey(id: string, request: SecretVerificationRequest): Promise<ApiKeyResponse> {
const r = await this.send('POST', '/organizations/' + id + '/rotate-api-key', request, true, true);
return new ApiKeyResponse(r);
}
@@ -1237,7 +1250,7 @@ export class ApiService implements ApiServiceAbstraction {
return this.send('POST', '/organizations/' + id + '/reinstate', null, true, false);
}
deleteOrganization(id: string, request: PasswordVerificationRequest): Promise<any> {
deleteOrganization(id: string, request: SecretVerificationRequest): Promise<any> {
return this.send('DELETE', '/organizations/' + id, request, true, false);
}
@@ -1436,12 +1449,12 @@ export class ApiService implements ApiServiceAbstraction {
return r as string;
}
// Crypto Agent
// Key Connector
async getUserKeyFromCryptoAgent(cryptoAgentUrl: string): Promise<CryptoAgentUserKeyResponse> {
async getUserKeyFromKeyConnector(keyConnectorUrl: string): Promise<KeyConnectorUserKeyResponse> {
const authHeader = await this.getActiveBearerToken();
const response = await this.fetch(new Request(cryptoAgentUrl + '/user-keys', {
const response = await this.fetch(new Request(keyConnectorUrl + '/user-keys', {
cache: 'no-store',
method: 'GET',
headers: new Headers({
@@ -1455,13 +1468,13 @@ export class ApiService implements ApiServiceAbstraction {
return Promise.reject(error);
}
return new CryptoAgentUserKeyResponse(await response.json());
return new KeyConnectorUserKeyResponse(await response.json());
}
async postUserKeyToCryptoAgent(cryptoAgentUrl: string, request: CryptoAgentUserKeyRequest): Promise<void> {
async postUserKeyToKeyConnector(keyConnectorUrl: string, request: KeyConnectorUserKeyRequest): Promise<void> {
const authHeader = await this.getActiveBearerToken();
const response = await this.fetch(new Request(cryptoAgentUrl + '/user-keys', {
const response = await this.fetch(new Request(keyConnectorUrl + '/user-keys', {
cache: 'no-store',
method: 'POST',
headers: new Headers({

33
common/src/services/auth.service.ts
View File

@@ -6,9 +6,9 @@ import { Account } from '../models/domain/account';
import { AuthResult } from '../models/domain/authResult';
import { SymmetricCryptoKey } from '../models/domain/symmetricCryptoKey';
import { SetCryptoAgentKeyRequest } from '../models/request/account/setCryptoAgentKeyRequest';
import { CryptoAgentUserKeyRequest } from '../models/request/cryptoAgentUserKeyRequest';
import { SetKeyConnectorKeyRequest } from '../models/request/account/setKeyConnectorKeyRequest';
import { DeviceRequest } from '../models/request/deviceRequest';
import { KeyConnectorUserKeyRequest } from '../models/request/keyConnectorUserKeyRequest';
import { KeysRequest } from '../models/request/keysRequest';
import { PreloginRequest } from '../models/request/preloginRequest';
import { TokenRequest } from '../models/request/tokenRequest';
@@ -21,7 +21,9 @@ import { AppIdService } from '../abstractions/appId.service';
import { AuthService as AuthServiceAbstraction } from '../abstractions/auth.service';
import { CryptoService } from '../abstractions/crypto.service';
import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
import { EnvironmentService } from '../abstractions/environment.service';
import { I18nService } from '../abstractions/i18n.service';
import { KeyConnectorService } from '../abstractions/keyConnector.service';
import { LogService } from '../abstractions/log.service';
import { MessagingService } from '../abstractions/messaging.service';
import { PlatformUtilsService } from '../abstractions/platformUtils.service';
@@ -102,6 +104,7 @@ export class AuthService implements AuthServiceAbstraction {
private i18nService: I18nService, protected platformUtilsService: PlatformUtilsService,
private messagingService: MessagingService, private vaultTimeoutService: VaultTimeoutService,
private logService: LogService, protected cryptoFunctionService: CryptoFunctionService,
private keyConnectorService: KeyConnectorService,
protected stateService: StateService, private setCryptoKeys = true) {
}
@@ -371,16 +374,10 @@ export class AuthService implements AuthServiceAbstraction {
// Skip this step during SSO new user flow. No key is returned from server.
if (code == null || tokenResponse.key != null) {
if (tokenResponse.cryptoAgentUrl != null) {
try {
const userKeyResponse = await this.apiService.getUserKeyFromCryptoAgent(tokenResponse.cryptoAgentUrl);
const keyArr = Utils.fromB64ToArray(userKeyResponse.key);
const k = new SymmetricCryptoKey(keyArr);
await this.cryptoService.setKey(k);
} catch (e) {
this.logService.error(e);
throw new Error('Unable to reach crypto agent');
}
if (tokenResponse.keyConnectorUrl != null) {
await this.keyConnectorService.getAndSetKey(tokenResponse.keyConnectorUrl);
} else if (this.environmentService.getKeyConnectorUrl() != null) {
await this.keyConnectorService.getAndSetKey();
}
await this.cryptoService.setEncKey(tokenResponse.key);
@@ -397,11 +394,11 @@ export class AuthService implements AuthServiceAbstraction {
}
await this.cryptoService.setEncPrivateKey(tokenResponse.privateKey);
} else if (tokenResponse.cryptoAgentUrl != null) {
} else if (tokenResponse.keyConnectorUrl != null) {
const password = await this.cryptoFunctionService.randomBytes(64);
const k = await this.cryptoService.makeKey(Utils.fromBufferToB64(password), await this.tokenService.getEmail(), tokenResponse.kdf, tokenResponse.kdfIterations);
const cryptoAgentRequest = new CryptoAgentUserKeyRequest(k.encKeyB64);
const keyConnectorRequest = new KeyConnectorUserKeyRequest(k.encKeyB64);
await this.cryptoService.setKey(k);
const encKey = await this.cryptoService.makeEncKey(k);
@@ -410,16 +407,16 @@ export class AuthService implements AuthServiceAbstraction {
const [pubKey, privKey] = await this.cryptoService.makeKeyPair();
try {
await this.apiService.postUserKeyToCryptoAgent(tokenResponse.cryptoAgentUrl, cryptoAgentRequest);
await this.apiService.postUserKeyToKeyConnector(tokenResponse.keyConnectorUrl, keyConnectorRequest);
} catch (e) {
throw new Error('Unable to reach crypto agent');
throw new Error('Unable to reach key connector');
}
const keys = new KeysRequest(pubKey, privKey.encryptedString);
const setPasswordRequest = new SetCryptoAgentKeyRequest(
const setPasswordRequest = new SetKeyConnectorKeyRequest(
encKey[1].encryptedString, tokenResponse.kdf, tokenResponse.kdfIterations, orgId, keys
);
await this.apiService.postSetCryptoAgentKey(setPasswordRequest);
await this.apiService.postSetKeyConnectorKey(setPasswordRequest);
}
}

1
common/src/services/cipher.service.ts
View File

@@ -212,6 +212,7 @@ export class CipherService implements CipherServiceAbstraction {
async encryptField(fieldModel: FieldView, key: SymmetricCryptoKey): Promise<Field> {
const field = new Field();
field.type = fieldModel.type;
field.linkedId = fieldModel.linkedId;
// normalize boolean type field values
if (fieldModel.type === FieldType.Boolean && fieldModel.value !== 'true') {
fieldModel.value = 'false';

11
common/src/services/environment.service.ts
View File

@@ -17,6 +17,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
private iconsUrl: string;
private notificationsUrl: string;
private eventsUrl: string;
private keyConnectorUrl: string;
constructor(private stateService: StateService) {}
@@ -101,6 +102,10 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
return 'https://events.bitwarden.com';
}
getKeyConnectorUrl() {
return this.keyConnectorUrl;
}
async setUrlsFromStorage(): Promise<void> {
const urlsObj: any = await this.stateService.getEnvironmentUrls();
const urls = urlsObj || {
@@ -111,6 +116,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
notifications: null,
events: null,
webVault: null,
keyConnector: null,
};
const envUrls = new EnvironmentUrls();
@@ -126,6 +132,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
this.iconsUrl = urls.icons;
this.notificationsUrl = urls.notifications;
this.eventsUrl = envUrls.events = urls.events;
this.keyConnectorUrl = urls.keyConnector;
}
async setUrls(urls: Urls, saveSettings: boolean = true): Promise<any> {
@@ -136,6 +143,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
urls.icons = this.formatUrl(urls.icons);
urls.notifications = this.formatUrl(urls.notifications);
urls.events = this.formatUrl(urls.events);
urls.keyConnector = this.formatUrl(urls.keyConnector);
if (saveSettings) {
await this.stateService.setEnvironmentUrls({
@@ -146,6 +154,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
icons: urls.icons,
notifications: urls.notifications,
events: urls.events,
keyConnector: urls.keyConnector,
});
}
@@ -156,6 +165,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
this.iconsUrl = urls.icons;
this.notificationsUrl = urls.notifications;
this.eventsUrl = urls.events;
this.keyConnectorUrl = urls.keyConnector;
this.urlsSubject.next(urls);
@@ -171,6 +181,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
icons: this.iconsUrl,
notifications: this.notificationsUrl,
events: this.eventsUrl,
keyConnector: this.keyConnectorUrl,
};
}

106
common/src/services/keyConnector.service.ts Normal file
View File

@@ -0,0 +1,106 @@
import { ApiService } from '../abstractions/api.service';
import { CryptoService } from '../abstractions/crypto.service';
import { EnvironmentService } from '../abstractions/environment.service';
import { KeyConnectorService as KeyConnectorServiceAbstraction } from '../abstractions/keyConnector.service';
import { LogService } from '../abstractions/log.service';
import { StorageService } from '../abstractions/storage.service';
import { TokenService } from '../abstractions/token.service';
import { UserService } from '../abstractions/user.service';
import { OrganizationUserType } from '../enums/organizationUserType';
import { Utils } from '../misc/utils';
import { SymmetricCryptoKey } from '../models/domain/symmetricCryptoKey';
import { KeyConnectorUserKeyRequest } from '../models/request/keyConnectorUserKeyRequest';
const Keys = {
usesKeyConnector: 'usesKeyConnector',
convertAccountToKeyConnector: 'convertAccountToKeyConnector',
};
export class KeyConnectorService implements KeyConnectorServiceAbstraction {
private usesKeyConnector?: boolean = null;
constructor(private storageService: StorageService, private userService: UserService,
private cryptoService: CryptoService, private apiService: ApiService,
private environmentService: EnvironmentService, private tokenService: TokenService,
private logService: LogService) { }
setUsesKeyConnector(usesKeyConnector: boolean) {
this.usesKeyConnector = usesKeyConnector;
return this.storageService.save(Keys.usesKeyConnector, usesKeyConnector);
}
async getUsesKeyConnector(): Promise<boolean> {
return this.usesKeyConnector ??= await this.storageService.get<boolean>(Keys.usesKeyConnector);
}
async userNeedsMigration() {
const loggedInUsingSso = this.tokenService.getIsExternal();
const requiredByOrganization = await this.getManagingOrganization() != null;
const userIsNotUsingKeyConnector = !await this.getUsesKeyConnector();
return loggedInUsingSso && requiredByOrganization && userIsNotUsingKeyConnector;
}
async migrateUser() {
const organization = await this.getManagingOrganization();
const key = await this.cryptoService.getKey();
try {
const keyConnectorRequest = new KeyConnectorUserKeyRequest(key.encKeyB64);
await this.apiService.postUserKeyToKeyConnector(organization.keyConnectorUrl, keyConnectorRequest);
} catch (e) {
throw new Error('Unable to reach key connector');
}
await this.apiService.postConvertToKeyConnector();
}
async getAndSetKey(url?: string) {
if (url == null) {
url = this.environmentService.getKeyConnectorUrl();
}
if (url == null) {
throw new Error('No Key Connector URL found.');
}
try {
const userKeyResponse = await this.apiService.getUserKeyFromKeyConnector(url);
const keyArr = Utils.fromB64ToArray(userKeyResponse.key);
const k = new SymmetricCryptoKey(keyArr);
await this.cryptoService.setKey(k);
} catch (e) {
this.logService.error(e);
throw new Error('Unable to reach key connector');
}
}
async getManagingOrganization() {
const orgs = await this.userService.getAllOrganizations();
return orgs.find(o =>
o.usesKeyConnector &&
o.type !== OrganizationUserType.Admin &&
o.type !== OrganizationUserType.Owner &&
!o.isProviderUser);
}
async setConvertAccountRequired(status: boolean) {
await this.storageService.save(Keys.convertAccountToKeyConnector, status);
}
async getConvertAccountRequired(): Promise<boolean> {
return await this.storageService.get(Keys.convertAccountToKeyConnector);
}
async removeConvertAccountRequired() {
await this.storageService.remove(Keys.convertAccountToKeyConnector);
}
async clear() {
await this.removeConvertAccountRequired();
}
}

25
common/src/services/sync.service.ts
View File

@@ -3,6 +3,7 @@ import { CipherService } from '../abstractions/cipher.service';
import { CollectionService } from '../abstractions/collection.service';
import { CryptoService } from '../abstractions/crypto.service';
import { FolderService } from '../abstractions/folder.service';
import { KeyConnectorService } from '../abstractions/keyConnector.service';
import { LogService } from '../abstractions/log.service';
import { MessagingService } from '../abstractions/messaging.service';
import { OrganizationService } from '../abstractions/organization.service';
@@ -12,6 +13,11 @@ import { SendService } from '../abstractions/send.service';
import { SettingsService } from '../abstractions/settings.service';
import { StateService } from '../abstractions/state.service';
import { SyncService as SyncServiceAbstraction } from '../abstractions/sync.service';
<<<<<<< HEAD
=======
import { TokenService } from '../abstractions/token.service';
import { UserService } from '../abstractions/user.service';
>>>>>>> master
import { CipherData } from '../models/data/cipherData';
import { CollectionData } from '../models/data/collectionData';
@@ -42,8 +48,13 @@ export class SyncService implements SyncServiceAbstraction {
private cryptoService: CryptoService, private collectionService: CollectionService,
private messagingService: MessagingService, private policyService: PolicyService,
private sendService: SendService, private logService: LogService,
<<<<<<< HEAD
private logoutCallback: (expired: boolean) => Promise<void>, private stateService: StateService,
private organizationService: OrganizationService, private providerService: ProviderService) {
=======
private tokenService: TokenService, private keyConnectorService: KeyConnectorService,
private logoutCallback: (expired: boolean) => Promise<void>) {
>>>>>>> master
}
async getLastSync(): Promise<Date> {
@@ -287,9 +298,16 @@ export class SyncService implements SyncServiceAbstraction {
await this.cryptoService.setEncPrivateKey(response.privateKey);
await this.cryptoService.setProviderKeys(response.providers);
await this.cryptoService.setOrgKeys(response.organizations, response.providerOrganizations);
<<<<<<< HEAD
await this.stateService.setSecurityStamp(response.securityStamp);
await this.stateService.setEmailVerified(response.emailVerified);
await this.stateService.setForcePasswordReset(response.forcePasswordReset);
=======
await this.userService.setSecurityStamp(response.securityStamp);
await this.userService.setEmailVerified(response.emailVerified);
await this.userService.setForcePasswordReset(response.forcePasswordReset);
await this.keyConnectorService.setUsesKeyConnector(response.usesKeyConnector);
>>>>>>> master
const organizations: { [id: string]: OrganizationData; } = {};
response.organizations.forEach(o => {
@@ -307,6 +325,13 @@ export class SyncService implements SyncServiceAbstraction {
organizations[o.id].isProviderUser = true;
}
});
if (await this.keyConnectorService.userNeedsMigration()) {
this.messagingService.send('convertAccountToKeyConnector');
} else {
this.keyConnectorService.removeConvertAccountRequired();
}
return Promise.all([
this.organizationService.save(organizations),
this.providerService.save(providers),

21
common/src/services/token.service.ts
View File

@@ -209,6 +209,27 @@ export class TokenService implements TokenServiceAbstraction {
return decoded.iss as string;
}
<<<<<<< HEAD
=======
getIsExternal(): boolean {
const decoded = this.decodeToken();
if (!Array.isArray(decoded.amr)) {
throw new Error('No amr found');
}
return decoded.amr.includes('external');
}
private async storeTokenValue(key: string, value: string) {
if (await this.skipTokenStorage()) {
// if we have a vault timeout and the action is log out, don't store token
return;
}
return this.storageService.save(key, value);
}
>>>>>>> master
private async skipTokenStorage(): Promise<boolean> {
const timeout = await this.stateService.getVaultTimeout();
const action = await this.stateService.getVaultTimeoutAction();

233
common/src/services/user.service.ts Normal file
View File

@@ -0,0 +1,233 @@
import { StorageService } from '../abstractions/storage.service';
import { TokenService } from '../abstractions/token.service';
import { UserService as UserServiceAbstraction } from '../abstractions/user.service';
import { OrganizationData } from '../models/data/organizationData';
import { Organization } from '../models/domain/organization';
import { KdfType } from '../enums/kdfType';
import { ProviderData } from '../models/data/providerData';
import { Provider } from '../models/domain/provider';
const Keys = {
userId: 'userId',
userEmail: 'userEmail',
stamp: 'securityStamp',
kdf: 'kdf',
kdfIterations: 'kdfIterations',
organizationsPrefix: 'organizations_',
providersPrefix: 'providers_',
emailVerified: 'emailVerified',
forcePasswordReset: 'forcePasswordReset',
};
export class UserService implements UserServiceAbstraction {
private userId: string;
private email: string;
private stamp: string;
private kdf: KdfType;
private kdfIterations: number;
private emailVerified: boolean;
private forcePasswordReset: boolean;
constructor(private tokenService: TokenService, private storageService: StorageService) { }
async setInformation(userId: string, email: string, kdf: KdfType, kdfIterations: number): Promise<any> {
this.email = email;
this.userId = userId;
this.kdf = kdf;
this.kdfIterations = kdfIterations;
await this.storageService.save(Keys.userEmail, email);
await this.storageService.save(Keys.userId, userId);
await this.storageService.save(Keys.kdf, kdf);
await this.storageService.save(Keys.kdfIterations, kdfIterations);
}
setSecurityStamp(stamp: string): Promise<any> {
this.stamp = stamp;
return this.storageService.save(Keys.stamp, stamp);
}
setEmailVerified(emailVerified: boolean) {
this.emailVerified = emailVerified;
return this.storageService.save(Keys.emailVerified, emailVerified);
}
setForcePasswordReset(forcePasswordReset: boolean) {
this.forcePasswordReset = forcePasswordReset;
return this.storageService.save(Keys.forcePasswordReset, forcePasswordReset);
}
async getUserId(): Promise<string> {
if (this.userId == null) {
this.userId = await this.storageService.get<string>(Keys.userId);
}
return this.userId;
}
async getEmail(): Promise<string> {
if (this.email == null) {
this.email = await this.storageService.get<string>(Keys.userEmail);
}
return this.email;
}
async getSecurityStamp(): Promise<string> {
if (this.stamp == null) {
this.stamp = await this.storageService.get<string>(Keys.stamp);
}
return this.stamp;
}
async getKdf(): Promise<KdfType> {
if (this.kdf == null) {
this.kdf = await this.storageService.get<KdfType>(Keys.kdf);
}
return this.kdf;
}
async getKdfIterations(): Promise<number> {
if (this.kdfIterations == null) {
this.kdfIterations = await this.storageService.get<number>(Keys.kdfIterations);
}
return this.kdfIterations;
}
async getEmailVerified(): Promise<boolean> {
if (this.emailVerified == null) {
this.emailVerified = await this.storageService.get<boolean>(Keys.emailVerified);
}
return this.emailVerified;
}
async getForcePasswordReset(): Promise<boolean> {
if (this.forcePasswordReset == null) {
this.forcePasswordReset = await this.storageService.get<boolean>(Keys.forcePasswordReset);
}
return this.forcePasswordReset;
}
async clear(): Promise<any> {
const userId = await this.getUserId();
await this.storageService.remove(Keys.userId);
await this.storageService.remove(Keys.userEmail);
await this.storageService.remove(Keys.stamp);
await this.storageService.remove(Keys.kdf);
await this.storageService.remove(Keys.kdfIterations);
await this.storageService.remove(Keys.forcePasswordReset);
await this.clearOrganizations(userId);
await this.clearProviders(userId);
this.userId = this.email = this.stamp = null;
this.kdf = null;
this.kdfIterations = null;
}
async isAuthenticated(): Promise<boolean> {
const token = await this.tokenService.getToken();
if (token == null) {
return false;
}
const userId = await this.getUserId();
return userId != null;
}
async canAccessPremium(): Promise<boolean> {
const authed = await this.isAuthenticated();
if (!authed) {
return false;
}
const tokenPremium = this.tokenService.getPremium();
if (tokenPremium) {
return true;
}
const orgs = await this.getAllOrganizations();
for (let i = 0; i < orgs.length; i++) {
if (orgs[i].usersGetPremium && orgs[i].enabled) {
return true;
}
}
return false;
}
async getOrganization(id: string): Promise<Organization> {
const userId = await this.getUserId();
const organizations = await this.storageService.get<{ [id: string]: OrganizationData; }>(
Keys.organizationsPrefix + userId);
if (organizations == null || !organizations.hasOwnProperty(id)) {
return null;
}
return new Organization(organizations[id]);
}
async getOrganizationByIdentifier(identifier: string): Promise<Organization> {
const organizations = await this.getAllOrganizations();
if (organizations == null || organizations.length === 0) {
return null;
}
return organizations.find(o => o.identifier === identifier);
}
async getAllOrganizations(): Promise<Organization[]> {
const userId = await this.getUserId();
const organizations = await this.storageService.get<{ [id: string]: OrganizationData; }>(
Keys.organizationsPrefix + userId);
const response: Organization[] = [];
for (const id in organizations) {
if (organizations.hasOwnProperty(id) && !organizations[id].isProviderUser) {
response.push(new Organization(organizations[id]));
}
}
return response;
}
async replaceOrganizations(organizations: { [id: string]: OrganizationData; }): Promise<any> {
const userId = await this.getUserId();
await this.storageService.save(Keys.organizationsPrefix + userId, organizations);
}
async clearOrganizations(userId: string): Promise<any> {
await this.storageService.remove(Keys.organizationsPrefix + userId);
}
async getProvider(id: string): Promise<Provider> {
const userId = await this.getUserId();
const providers = await this.storageService.get<{ [id: string]: ProviderData; }>(
Keys.providersPrefix + userId);
if (providers == null || !providers.hasOwnProperty(id)) {
return null;
}
return new Provider(providers[id]);
}
async getAllProviders(): Promise<Provider[]> {
const userId = await this.getUserId();
const providers = await this.storageService.get<{ [id: string]: ProviderData; }>(
Keys.providersPrefix + userId);
const response: Provider[] = [];
for (const id in providers) {
if (providers.hasOwnProperty(id)) {
response.push(new Provider(providers[id]));
}
}
return response;
}
async replaceProviders(providers: { [id: string]: ProviderData; }): Promise<any> {
const userId = await this.getUserId();
await this.storageService.save(Keys.providersPrefix + userId, providers);
}
async clearProviders(userId: string): Promise<any> {
await this.storageService.remove(Keys.providersPrefix + userId);
}
}

70
common/src/services/userVerification.service.ts Normal file
View File

@@ -0,0 +1,70 @@
import { Injectable } from '@angular/core';
import { UserVerificationService as UserVerificationServiceAbstraction } from '../abstractions/userVerification.service';
import { ApiService } from '../abstractions/api.service';
import { CryptoService } from '../abstractions/crypto.service';
import { I18nService } from '../abstractions/i18n.service';
import { LogService } from '../abstractions/log.service';
import { PlatformUtilsService } from '../abstractions/platformUtils.service';
import { VerificationType } from '../enums/verificationType';
import { VerifyOTPRequest } from '../models/request/account/verifyOTPRequest';
import { SecretVerificationRequest } from '../models/request/secretVerificationRequest';
import { Verification } from '../types/verification';
@Injectable()
export class UserVerificationService implements UserVerificationServiceAbstraction {
constructor(private cryptoService: CryptoService, private i18nService: I18nService,
private platformUtilsService: PlatformUtilsService, private apiService: ApiService,
private logService: LogService) { }
async buildRequest<T extends SecretVerificationRequest>(verification: Verification,
requestClass?: new () => T, alreadyHashed?: boolean) {
if (verification?.secret == null || verification.secret === '') {
throw new Error('No secret provided for verification.');
}
const request = requestClass != null
? new requestClass()
: new SecretVerificationRequest() as T;
if (verification.type === VerificationType.OTP) {
request.otp = verification.secret;
} else {
request.masterPasswordHash = alreadyHashed
? verification.secret
: await this.cryptoService.hashPassword(verification.secret, null);
}
return request;
}
async verifyUser(verification: Verification): Promise<boolean> {
if (verification?.secret == null || verification.secret === '') {
throw new Error('No secret provided for verification.');
}
if (verification.type === VerificationType.OTP) {
const request = new VerifyOTPRequest(verification.secret);
try {
await this.apiService.postAccountVerifyOTP(request);
} catch (e) {
this.logService.error(e);
this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
this.i18nService.t('invalidVerificationCode'));
return false;
}
} else {
const passwordValid = await this.cryptoService.compareAndUpdateKeyHash(verification.secret, null);
if (!passwordValid) {
this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
this.i18nService.t('invalidMasterPassword'));
return false;
}
}
return true;
}
}

33
common/src/services/vaultTimeout.service.ts
View File

@@ -2,6 +2,7 @@ import { CipherService } from '../abstractions/cipher.service';
import { CollectionService } from '../abstractions/collection.service';
import { CryptoService } from '../abstractions/crypto.service';
import { FolderService } from '../abstractions/folder.service';
import { KeyConnectorService } from '../abstractions/keyConnector.service';
import { MessagingService } from '../abstractions/messaging.service';
import { PlatformUtilsService } from '../abstractions/platformUtils.service';
import { PolicyService } from '../abstractions/policy.service';
@@ -18,10 +19,18 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
constructor(private cipherService: CipherService, private folderService: FolderService,
private collectionService: CollectionService, private cryptoService: CryptoService,
<<<<<<< HEAD
protected platformUtilsService: PlatformUtilsService, private messagingService: MessagingService,
private searchService: SearchService, private tokenService: TokenService,
private policyService: PolicyService, private stateService: StateService,
private lockedCallback: () => Promise<void> = null, private loggedOutCallback: (userId?: string) => Promise<void> = null) {
=======
protected platformUtilsService: PlatformUtilsService, private storageService: StorageService,
private messagingService: MessagingService, private searchService: SearchService,
private userService: UserService, private tokenService: TokenService, private policyService: PolicyService,
private keyConnectorService: KeyConnectorService,
private lockedCallback: () => Promise<void> = null, private loggedOutCallback: () => Promise<void> = null) {
>>>>>>> master
}
init(checkOnInterval: boolean) {
@@ -94,6 +103,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
return;
}
<<<<<<< HEAD
if (userId == null || userId === await this.stateService.getUserId()) {
this.searchService.clearIndex();
}
@@ -109,6 +119,29 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
await this.stateService.setBiometricLocked(true, { userId: userId });
this.messagingService.send('locked', { userId: userId });
=======
if (await this.keyConnectorService.getUsesKeyConnector()) {
const pinSet = await this.isPinLockSet();
const pinLock = (pinSet[0] && this.pinProtectedKey != null) || pinSet[1];
if (!pinLock && !await this.isBiometricLockSet()) {
await this.logOut();
}
}
this.biometricLocked = true;
this.everBeenUnlocked = true;
await this.cryptoService.clearKey(false);
await this.cryptoService.clearOrgKeys(true);
await this.cryptoService.clearKeyPair(true);
await this.cryptoService.clearEncKey(true);
this.folderService.clearCache();
this.cipherService.clearCache();
this.collectionService.clearCache();
this.searchService.clearIndex();
this.messagingService.send('locked');
>>>>>>> master
if (this.lockedCallback != null) {
await this.lockedCallback();
}

6
common/src/types/verification.ts Normal file
View File

@@ -0,0 +1,6 @@
import { VerificationType } from '../enums/verificationType';
export type Verification = {
type: VerificationType,
secret: string,
};