* PM-1402 Refactor pass generation service alongside policyservice
* PM-1402 Refactor PasswordGenerationService and PolicyService to have a simpler code and more specific to each class
* PM-1402 Fix format
* PM-1402 Moved policy consts from PolicyService to Policy
* PM-1402 fix crash due to lack of null checking
* PM-1402 fix format
* PM-1402 removed GetValueOrDefault() given that it was not needed and was changing the behavior
* [AC-1070] Add EnforceOnLogin property to MasterPasswordPolicyOptions
* [AC-1070] Add MasterPasswordPolicy property to Identity responses
* [AC-1070] Add policy service dependency to auth service
* [AC-1070] Introduce logic to evaluate master password after successful login
* [AC-1070] Add optional ForcePasswordResetReason to profile / state service
* [AC-1070] Save ForcePasswordResetReason to state when a weak master password is found during login
- Additionally, save the AdminForcePasswordReset reason if the identity result indicates an admin password reset is in effect.
* [AC-1070] Check for a saved ForcePasswordReset reason on TabsPage load force show the update password page
* [AC-1070] Make InitAsync virtual
Allow the UpdateTempPasswordPage to override the InitAsync method to check for a reset password reason in the state service
* [AC-1070] Modify UpdateTempPassword page appearance
- Load the force password reset reason from the state service
- Make warning text dynamic based on force password reason
- Conditionally show the Current master password field if updating a weak master password
* [AC-1070] Add update password method to Api service
* [AC-1070] Introduce logic to update both temp and regular passwords
- Check the Reason to use the appropriate request/endpoint when submitting.
- Verify the users current password locally using the user verification service.
* [AC-1070] Introduce VerifyMasterPasswordResponse
* [AC-1070] Add logic to evaluate master password on unlock
* [AC-1070] Add support 2FA login flow
Keep track of the reset password reason after a password login requires 2FA. During 2FA submission, check if there is a saved reason, and if so, force the user to update their password.
* [AC-1070] Formatting
* [AC-1070] Remove string key from service resolution
* [AC-1070] Change master password options to method variable to avoid class field
Add null check for password strength result and log an error as this is an unexpected flow
* [AC-1070] Remove usage of i18nService
* [AC-1070] Use AsyncCommand for SubmitCommand
* [AC-1070] Remove type from ShowToast call
* [AC-1070] Simplify UpdatePassword methods to accept string for the new encryption key
* [AC-1070] Use full text for key for the CurrentMasterPassword resource
* [AC-1070] Convert Reason to a private class field
* [AC-1070] Formatting changes
* [AC-1070] Simplify if statements in master password options policy service method
* [AC-1070] Use the saved force password reset reason after 2FA login
* [AC-1070] Use constant for ForceUpdatePassword message command
* [AC-1070] Move shared RequirePasswordChangeOnLogin method into PolicyService
* Revert "[AC-1070] Move shared RequirePasswordChangeOnLogin method into PolicyService"
This reverts commit e4feac130f.
* [AC-1070] Add check for null password strength response
* [AC-1070] Fix broken show password icon
* [AC-1070] Add show password icon for current master password
* [EC-426] Add watchOS PoC app (#2054)
* EC-426 Added watchOS app, configured iOS.csproj to bundle the output of XCode build into the Xamarin iOS app and added some custom logic to use WCSession to communicate between the iOS and the watchOS apps
* EC-426 Removed Info.plist from iOS.Core project given that it's not needed
* [EC-426] Added new encrypted watch app profiles
* EC-426 added configuration for building watchApp and bundle it up on the iOS one
* EC-426 Fix build for watchOS
* EC-426 Fix build for watchOS applied shell bash
* EC-426 Fix build for watchOS echo
* EC-426 Fix build for watchOS simplify
* EC-426 Fix build for watchOS added workspace path
* EC-426 Changed code sign identity of watchOS project to Apple Distribution
* EC-426 added manual code sign style and specified the provisioning profile for the targets on the watch xcode project
* EC-426 updated path to watchOS on release on iOS.csproj and disabled android and f-.droid
* EC-426 fix build
* EC-426 fix path and check listing of directory of watchOS output just in case
* EC-426 Fix Apple Watch build to list the folder recursively just in case we need to change the path for the watch bundle
* EC-426 TEMP Change texts on input on login and lock to show that the app is for the Watch PoC testing
* EC-426 Fix WatchApp build path
* EC-426 Added WatchOS AppIcons
* EC-426 added gitignore for XCode project removed files supposed to be ignored
* EC-426 Cleaned the code a bit to avoid misbehavior
* EC-426 Code cleanup
Co-authored-by: Joseph Flinn <joseph.s.flinn@gmail.com>
* [EC-585] Added data, encryption and some helpers and structure to the Watch app (#2164)
* [EC-585] Added foundation classes on the watch to handle CoreData and some fixes on the communication of the ciphers, also some helper classes to store in keychain and encrypt data
* EC-585 Added keychain helper, encryption helpers and added data storage using CoreData configuring it appropiately. View and ViewModel are here only to test that the fetching/saving works but it's not the actual UI of the watch app. Also removed all the places where the automatic file signature was added by XCode
* EC-585 Fixed CipherServiceMock to implement protocol
* EC-585 Fixed DeviceActionService duplicated services
* [EC-614] Apple Watch MVP Cipher list UI (#2175)
* [EC-585] Added foundation classes on the watch to handle CoreData and some fixes on the communication of the ciphers, also some helper classes to store in keychain and encrypt data
* EC-585 Added keychain helper, encryption helpers and added data storage using CoreData configuring it appropiately. View and ViewModel are here only to test that the fetching/saving works but it's not the actual UI of the watch app. Also removed all the places where the automatic file signature was added by XCode
* EC-585 Fixed CipherServiceMock to implement protocol
* EC-585 Fixed DeviceActionService duplicated services
* EC-614 Implemented watch ciphers list UI
* [EC-615] Apple Watch MVP Cipher details UI (#2192)
* [EC-585] Added foundation classes on the watch to handle CoreData and some fixes on the communication of the ciphers, also some helper classes to store in keychain and encrypt data
* EC-585 Added keychain helper, encryption helpers and added data storage using CoreData configuring it appropiately. View and ViewModel are here only to test that the fetching/saving works but it's not the actual UI of the watch app. Also removed all the places where the automatic file signature was added by XCode
* EC-585 Fixed CipherServiceMock to implement protocol
* EC-585 Fixed DeviceActionService duplicated services
* EC-614 Implemented watch ciphers list UI
* EC-615 Added cipher details UI to watch and also implemented logic and helpers to generate the TOTPs
* EC-615 Added value transformer to login uris on the cipher entity
* EC-617 Added state view on watch app and some state helpers and wired it on the CipherListView. Also added some images (#2195)
* [EC-581] Implement Apple Watch MVP Sync (#2206)
* EC-581 Implemented sync iPhone -> watchOS, fix some issues with the watch database and sync flows for login/locks/multiple accounts
* EC-581 Added watch sync on unlocking and need setup state when no user is synced and the session is not active
* EC-581 Removed unused method
* EC-581 Fix format
* EC-759 Added avatar row on cipher list header to display avatar icon and email (#2213)
* [EC-786] Apple Watch MVP Sync fixes (#2214)
* EC-786 Commented things that are not going to be included on the MVP and fixed issue on the dictionary sent on the applicationContext to have a changing key based on time
* EC-786 Commented need unlock state
* EC-579 Added logic for Connect To Watch on iOS settings and moved it to the correct place. Also improved the synchronization and watch session activation logic (#2218)
* EC-616 Added search header for ciphers and polished the code (#2226)
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
Co-authored-by: Joseph Flinn <joseph.s.flinn@gmail.com>
* [SG-816] Get all login requests anfd pick the most recent
* [SG-816] Add check if active user has approve login with device active
* [SG-816] Build fix. Fix response model.
* [SG-816] Move code to sync service
* [SG-471] Passwordless device login screen (#2017)
* [SSG-471] Added UI for the device login request response.
* [SG-471] Added text resources and arguments to Page.
* [SG-471] Added properties to speed up page bindings
* [SG-471] Added mock services. Added Accept/reject command binding, navigation and toast messages.
* [SG-471] fixed code styling with dotnet-format
* [SG-471] Fixed back button placement. PR fixes.
* [SG-471] Added new Origin parameter to the page.
* [SG-471] PR Fixes
* [SG-471] PR fixes
* [SG-471] PR Fix: added FireAndForget.
* [SG-471] Moved fire and forget to run on ui thread task.
* [SG-381] Passwordless - Add setting to Mobile (#2037)
* [SG-381] Added settings option to approve passwordless login request. If user has notifications disabled, prompt to go to settings and enable them.
* [SG-381] Update settings pop up texts.
* [SG-381] Added new method to get notifications state on device settings. Added userId to property saved on device to differentiate value between users.
* [SG-381] Added text for the popup on selection.
* [SG-381] PR Fixes
* [SG-408] Implement passwordless api methods (#2055)
* [SG-408] Update notification model.
* [SG-408] removed duplicated resource
* [SG-408] Added implementation to Api Service of new passwordless methods.
* removed qa endpoints
* [SG-408] Changed auth methods implementation, added method call to viewmodel.
* [SG-408] ran code format
* [SG-408] PR fixes
* [SG-472] Add configuration for new notification type (#2056)
* [SG-472] Added methods to present local notification to the user. Configured new notification type for passwordless logins
* [SG-472] Updated code to new api service changes.
* [SG-472] ran dotnet format
* [SG-472] PR Fixes.
* [SG-472] PR Fixes
* [SG-169] End-to-end testing refactor. (#2073)
* [SG-169] Passwordless demo change requests (#2079)
* [SG-169] End-to-end testing refactor.
* [SG-169] Fixed labels. Changed color of Fingerprint phrase. Waited for app to be in foreground to launch passwordless modal to fix Android issues.
* [SG-169] Anchored buttons to the bottom of the screen.
* [SG-169] Changed device type from enum to string.
* [SG-169] PR fixes
* [SG-169] PR fixes
* [SG-169] Added comment on static variable
- Logout was removing the 2FA token, portion of code deleted.
- Clear saved token when 2FA error is returned by the server.
Co-authored-by: André Bispo <abispo@bitwarden.com>
* Account Switching (#1720)
* Account switching
* WIP
* wip
* wip
* updates to send test logic
* fixed Send tests
* fixes for theme handling on account switching and re-adding existing account
* switch fixes
* fixes
* fixes
* cleanup
* vault timeout fixes
* account list status enhancements
* logout fixes and token handling improvements
* merge latest (#1727)
* remove duplicate dependency
* fix for initial login token storage paradox (#1730)
* Fix avatar color update toolbar item issue on iOS for account switching (#1735)
* Updated account switching menu UI (#1733)
* updated account switching menu UI
* additional changes
* add key suffix to constant
* GetFirstLetters method tweaks
* Fix crash on account switching when logging out when having more than user at a time (#1740)
* single account migration to multi-account on app update (#1741)
* Account Switching Tap to dismiss (#1743)
* Added tap to dismiss on the Account switching overlay and improved a bit the code
* Fix account switching overlay background transparent on the proper place
* Fixed transparent background and the shadow on the account switching overlay
* Fix iOS top space on Account switching list overlay after modal (#1746)
* Fix top space added to Account switching list overlay after closing modal
* Fix top space added to Account switching list overlay after closing modal on lock, login and home views just in case we add modals in the future there as well
* Usability: dismiss account list on certain events (#1748)
* dismiss account list on certain events
* use new FireAndForget method for back button logic
* Create and use Account Switching overlay control (#1753)
* Added Account switching overlay control and its own ViewModel and refactored accordingly
* Fix account switching Accounts list binding update
* Implemented dismiss account switching overlay when changing tabs and when selecting the same tab. Also updated the deprecated listener on CustomTabbedRenderer on Android (#1755)
* Overriden Equals on AvatarImageSource so it doesn't get set multiple times when it's the same image thus producing blinking on tab chaged (#1756)
* Usability improvements for logout on vault timeout (#1781)
* accountswitching fixes (#1784)
* Fix for invalid PIN lock state when switching accounts (#1792)
* fix for pin lock flow
* named tuple values and updated async
* clear send service cache on account switch (#1796)
* Global theme and account removal (#1793)
* Global theme and account removal
* remove redundant call to hide account list overlay
* cleanup and additional tweaks
* add try/catch to remove account dialog flow
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
* initial commit
- add UsesKeyConnector to UserService
- add models
- begin work on authentication
* finish auth workflow for key connector sso login
- finish api call for get user key
- start api calls for posts to key connector
* Bypass lock page if already unlocked
* Move logic to KeyConnectorService, log out if no pin or biometric is set
* Disable password reprompt when using key connector
* hide password reprompt checkbox when editing or adding cipher
* add PostUserKey and PostSetKeyConnector calls
* add ConvertMasterPasswordPage
* add functionality to RemoveMasterPasswordPage
- rename Convert to Remove
* Hide Change Master Password button if using key connector
* Add OTP verification for export component
* Update src/App/Pages/Vault/AddEditPage.xaml.cs
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* remove toolbar item "close"
* Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* remove new line in resource string
- format warning as two labels
- set label in code behind for loading simultaneously
* implement GetAndSetKey in KeyConnectorService
- ignore EnvironmentService call
* remove unnecesary orgIdentifier
* move RemoveMasterPasswordPage call to LockPage
* add spacing to export vault page
* log out if no PIN or bio on lock page with key connector
* Delete excessive whitespace
* Delete excessive whitespace
* Change capitalisation of OTP
* add default value to models for backwards compatibility
* remove this keyword
* actually handle exceptions
* move RemoveMasterPasswordPage to TabPage using messaging service
* add minor improvements
* remove 'this.'
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [Reset Password v1] Update Temp Password
* fixed order of operations for reset temp password flow
* Refactored bool with auth result
* Finished removal of temp password flow from set password
* iOS extension support plus extension bugfixes
Co-authored-by: addison <addisonbeck1@gmail.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
* Add captcha to login models and methods
* Add captcha web auth to login
* Extract captcha to abstract base class
* Add Captcha to register
* Null out captcha token after each successful challenge
* Cancel > close
* Add HashPurpose parameter to HashPasswordAsync
* Use 2 iterations for local password hashing
* Force logout if user has old keyHash stored
* Revert "Force logout if user has old keyHash stored"
This reverts commit 497d4928fa.
* Add backwards compatability with existing keyHash
* SSO login flow for pre-existing user and no 2FA
* 2FA progress
* 2FA support
* Added SSO flows and functionality
* Handle webauthenticator cancellation gracefully
* updates & bugfixes
* Added state validation to web auth response handling
* SSO auth, account registration, and environment settings support for iOS extensions
* Added SSO prevalidation to auth process
* prevalidation now hitting identity service base url
* additional error handling
* Requested changes
* fixed case
