mirror of
https://github.com/bitwarden/mobile
synced 2025-12-05 23:53:33 +00:00
b108b4e71d
* [AC-1070] Add EnforceOnLogin property to MasterPasswordPolicyOptions
* [AC-1070] Add MasterPasswordPolicy property to Identity responses
* [AC-1070] Add policy service dependency to auth service
* [AC-1070] Introduce logic to evaluate master password after successful login
* [AC-1070] Add optional ForcePasswordResetReason to profile / state service
* [AC-1070] Save ForcePasswordResetReason to state when a weak master password is found during login
- Additionally, save the AdminForcePasswordReset reason if the identity result indicates an admin password reset is in effect.
* [AC-1070] Check for a saved ForcePasswordReset reason on TabsPage load force show the update password page
* [AC-1070] Make InitAsync virtual
Allow the UpdateTempPasswordPage to override the InitAsync method to check for a reset password reason in the state service
* [AC-1070] Modify UpdateTempPassword page appearance
- Load the force password reset reason from the state service
- Make warning text dynamic based on force password reason
- Conditionally show the Current master password field if updating a weak master password
* [AC-1070] Add update password method to Api service
* [AC-1070] Introduce logic to update both temp and regular passwords
- Check the Reason to use the appropriate request/endpoint when submitting.
- Verify the users current password locally using the user verification service.
* [AC-1070] Introduce VerifyMasterPasswordResponse
* [AC-1070] Add logic to evaluate master password on unlock
* [AC-1070] Add support 2FA login flow
Keep track of the reset password reason after a password login requires 2FA. During 2FA submission, check if there is a saved reason, and if so, force the user to update their password.
* [AC-1070] Formatting
* [AC-1070] Remove string key from service resolution
* [AC-1070] Change master password options to method variable to avoid class field
Add null check for password strength result and log an error as this is an unexpected flow
* [AC-1070] Remove usage of i18nService
* [AC-1070] Use AsyncCommand for SubmitCommand
* [AC-1070] Remove type from ShowToast call
* [AC-1070] Simplify UpdatePassword methods to accept string for the new encryption key
* [AC-1070] Use full text for key for the CurrentMasterPassword resource
* [AC-1070] Convert Reason to a private class field
* [AC-1070] Formatting changes
* [AC-1070] Simplify if statements in master password options policy service method
* [AC-1070] Use the saved force password reset reason after 2FA login
* [AC-1070] Use constant for ForceUpdatePassword message command
* [AC-1070] Move shared RequirePasswordChangeOnLogin method into PolicyService
* Revert "[AC-1070] Move shared RequirePasswordChangeOnLogin method into PolicyService"
This reverts commit e4feac130f.
* [AC-1070] Add check for null password strength response
* [AC-1070] Fix broken show password icon
* [AC-1070] Add show password icon for current master password
178 lines
7.2 KiB
C#
178 lines
7.2 KiB
C#
using System.Text;
|
|
using System.Threading.Tasks;
|
|
using Bit.App.Abstractions;
|
|
using Bit.App.Resources;
|
|
using Bit.Core;
|
|
using Bit.Core.Abstractions;
|
|
using Bit.Core.Models.Domain;
|
|
using Bit.Core.Utilities;
|
|
using Xamarin.Essentials;
|
|
|
|
namespace Bit.App.Pages
|
|
{
|
|
public class BaseChangePasswordViewModel : BaseViewModel
|
|
{
|
|
protected readonly IPlatformUtilsService _platformUtilsService;
|
|
protected readonly IStateService _stateService;
|
|
protected readonly IPolicyService _policyService;
|
|
protected readonly IPasswordGenerationService _passwordGenerationService;
|
|
protected readonly II18nService _i18nService;
|
|
protected readonly ICryptoService _cryptoService;
|
|
protected readonly IDeviceActionService _deviceActionService;
|
|
protected readonly IApiService _apiService;
|
|
protected readonly ISyncService _syncService;
|
|
|
|
private bool _showPassword;
|
|
private bool _isPolicyInEffect;
|
|
private string _policySummary;
|
|
private MasterPasswordPolicyOptions _policy;
|
|
|
|
protected BaseChangePasswordViewModel()
|
|
{
|
|
_platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>("platformUtilsService");
|
|
_stateService = ServiceContainer.Resolve<IStateService>("stateService");
|
|
_policyService = ServiceContainer.Resolve<IPolicyService>("policyService");
|
|
_passwordGenerationService =
|
|
ServiceContainer.Resolve<IPasswordGenerationService>("passwordGenerationService");
|
|
_i18nService = ServiceContainer.Resolve<II18nService>("i18nService");
|
|
_cryptoService = ServiceContainer.Resolve<ICryptoService>("cryptoService");
|
|
_deviceActionService = ServiceContainer.Resolve<IDeviceActionService>("deviceActionService");
|
|
_apiService = ServiceContainer.Resolve<IApiService>("apiService");
|
|
_syncService = ServiceContainer.Resolve<ISyncService>("syncService");
|
|
}
|
|
|
|
public bool ShowPassword
|
|
{
|
|
get => _showPassword;
|
|
set => SetProperty(ref _showPassword, value,
|
|
additionalPropertyNames: new[]
|
|
{
|
|
nameof(ShowPasswordIcon),
|
|
nameof(PasswordVisibilityAccessibilityText)
|
|
});
|
|
}
|
|
|
|
public bool IsPolicyInEffect
|
|
{
|
|
get => _isPolicyInEffect;
|
|
set => SetProperty(ref _isPolicyInEffect, value);
|
|
}
|
|
|
|
public string PolicySummary
|
|
{
|
|
get => _policySummary;
|
|
set => SetProperty(ref _policySummary, value);
|
|
}
|
|
|
|
public MasterPasswordPolicyOptions Policy
|
|
{
|
|
get => _policy;
|
|
set => SetProperty(ref _policy, value);
|
|
}
|
|
|
|
public string ShowPasswordIcon => ShowPassword ? BitwardenIcons.EyeSlash : BitwardenIcons.Eye;
|
|
public string PasswordVisibilityAccessibilityText => ShowPassword ? AppResources.PasswordIsVisibleTapToHide : AppResources.PasswordIsNotVisibleTapToShow;
|
|
public string MasterPassword { get; set; }
|
|
public string ConfirmMasterPassword { get; set; }
|
|
public string Hint { get; set; }
|
|
|
|
public virtual async Task InitAsync(bool forceSync = false)
|
|
{
|
|
if (forceSync)
|
|
{
|
|
var task = Task.Run(async () => await _syncService.FullSyncAsync(true));
|
|
await task.ContinueWith(async (t) => await CheckPasswordPolicy());
|
|
}
|
|
else
|
|
{
|
|
await CheckPasswordPolicy();
|
|
}
|
|
}
|
|
|
|
private async Task CheckPasswordPolicy()
|
|
{
|
|
Policy = await _policyService.GetMasterPasswordPolicyOptions();
|
|
IsPolicyInEffect = Policy?.InEffect() ?? false;
|
|
if (!IsPolicyInEffect)
|
|
{
|
|
return;
|
|
}
|
|
|
|
var bullet = "\n" + "".PadLeft(4) + "\u2022 ";
|
|
var sb = new StringBuilder();
|
|
sb.Append(_i18nService.T("MasterPasswordPolicyInEffect"));
|
|
if (Policy.MinComplexity > 0)
|
|
{
|
|
sb.Append(bullet)
|
|
.Append(string.Format(_i18nService.T("PolicyInEffectMinComplexity"), Policy.MinComplexity));
|
|
}
|
|
if (Policy.MinLength > 0)
|
|
{
|
|
sb.Append(bullet).Append(string.Format(_i18nService.T("PolicyInEffectMinLength"), Policy.MinLength));
|
|
}
|
|
if (Policy.RequireUpper)
|
|
{
|
|
sb.Append(bullet).Append(_i18nService.T("PolicyInEffectUppercase"));
|
|
}
|
|
if (Policy.RequireLower)
|
|
{
|
|
sb.Append(bullet).Append(_i18nService.T("PolicyInEffectLowercase"));
|
|
}
|
|
if (Policy.RequireNumbers)
|
|
{
|
|
sb.Append(bullet).Append(_i18nService.T("PolicyInEffectNumbers"));
|
|
}
|
|
if (Policy.RequireSpecial)
|
|
{
|
|
sb.Append(bullet).Append(string.Format(_i18nService.T("PolicyInEffectSpecial"), "!@#$%^&*"));
|
|
}
|
|
PolicySummary = sb.ToString();
|
|
}
|
|
|
|
protected async Task<bool> ValidateMasterPasswordAsync()
|
|
{
|
|
if (Connectivity.NetworkAccess == NetworkAccess.None)
|
|
{
|
|
await _platformUtilsService.ShowDialogAsync(AppResources.InternetConnectionRequiredMessage,
|
|
AppResources.InternetConnectionRequiredTitle, AppResources.Ok);
|
|
return false;
|
|
}
|
|
if (string.IsNullOrWhiteSpace(MasterPassword))
|
|
{
|
|
await _platformUtilsService.ShowDialogAsync(
|
|
string.Format(AppResources.ValidationFieldRequired, AppResources.MasterPassword),
|
|
AppResources.AnErrorHasOccurred, AppResources.Ok);
|
|
return false;
|
|
}
|
|
if (IsPolicyInEffect)
|
|
{
|
|
var userInputs = _passwordGenerationService.GetPasswordStrengthUserInput(await _stateService.GetEmailAsync());
|
|
var passwordStrength = _passwordGenerationService.PasswordStrength(MasterPassword, userInputs);
|
|
if (!await _policyService.EvaluateMasterPassword(passwordStrength.Score, MasterPassword, Policy))
|
|
{
|
|
await _platformUtilsService.ShowDialogAsync(AppResources.MasterPasswordPolicyValidationMessage,
|
|
AppResources.MasterPasswordPolicyValidationTitle, AppResources.Ok);
|
|
return false;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if (MasterPassword.Length < Constants.MasterPasswordMinimumChars)
|
|
{
|
|
await _platformUtilsService.ShowDialogAsync(string.Format(AppResources.MasterPasswordLengthValMessageX, Constants.MasterPasswordMinimumChars),
|
|
AppResources.MasterPasswordPolicyValidationTitle, AppResources.Ok);
|
|
return false;
|
|
}
|
|
}
|
|
if (MasterPassword != ConfirmMasterPassword)
|
|
{
|
|
await _platformUtilsService.ShowDialogAsync(AppResources.MasterPasswordConfirmationValMessage,
|
|
AppResources.AnErrorHasOccurred, AppResources.Ok);
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
}
|
|
}
|