auth request for passwordless login

2025-12-06 00:03:28 +00:00 · 2022-01-13 13:12:47 -05:00
4 changed files with 83 additions and 6 deletions
--- a/2
+++ b/2
--- a/src/app/accounts/login.component.html
+++ b/src/app/accounts/login.component.html
@@ -89,6 +89,20 @@
              <i class="fa fa-pencil-square-o" aria-hidden="true"></i> {{ "createAccount" | i18n }}
            </a>
          </div>
+          <div class="d-flex">
+            <button
+              type="button"
+              (click)="startPasswordlessLogin()"
+              class="btn btn-outline-secondary btn-block btn-submit mt-2"
+            >
+              <span> <i class="fa fa-key" aria-hidden="true"></i> Passwordless</span>
+              <i
+                class="fa fa-spinner fa-spin"
+                title="{{ 'loading' | i18n }}"
+                aria-hidden="true"
+              ></i>
+            </button>
+          </div>
          <div class="d-flex">
            <a routerLink="/sso" class="btn btn-outline-secondary btn-block mt-2">
              <i class="fa fa-bank" aria-hidden="true"></i> {{ "enterpriseSingleSignOn" | i18n }}
--- a/src/app/accounts/login.component.ts
+++ b/src/app/accounts/login.component.ts
@@ -4,11 +4,15 @@ import { ActivatedRoute, Router } from "@angular/router";
 import { first } from "rxjs/operators";

 import { ApiService } from "jslib-common/abstractions/api.service";
+import { AppIdService } from "jslib-common/abstractions/appId.service";
 import { AuthService } from "jslib-common/abstractions/auth.service";
+import { BroadcasterService } from "jslib-common/abstractions/broadcaster.service";
 import { CryptoFunctionService } from "jslib-common/abstractions/cryptoFunction.service";
+import { CryptoService } from "jslib-common/abstractions/crypto.service";
 import { EnvironmentService } from "jslib-common/abstractions/environment.service";
 import { I18nService } from "jslib-common/abstractions/i18n.service";
 import { LogService } from "jslib-common/abstractions/log.service";
+import { MessagingService } from "jslib-common/abstractions/messaging.service";
 import { PasswordGenerationService } from "jslib-common/abstractions/passwordGeneration.service";
 import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
 import { PolicyService } from "jslib-common/abstractions/policy.service";
@@ -35,10 +39,14 @@ export class LoginComponent extends BaseLoginComponent {
    environmentService: EnvironmentService,
    passwordGenerationService: PasswordGenerationService,
    cryptoFunctionService: CryptoFunctionService,
-    private apiService: ApiService,
+    apiService: ApiService,
    private policyService: PolicyService,
    logService: LogService,
-    ngZone: NgZone
+    ngZone: NgZone,
+    appIdService: AppIdService,
+    broadcasterService: BroadcasterService,
+    cryptoService: CryptoService,
+    messagingService: MessagingService
  ) {
    super(
      authService,
@@ -50,7 +58,12 @@ export class LoginComponent extends BaseLoginComponent {
      passwordGenerationService,
      cryptoFunctionService,
      logService,
-      ngZone
+      ngZone,
+      apiService,
+      appIdService,
+      broadcasterService,
+      cryptoService,
+      messagingService
    );
    this.onSuccessfulLoginNavigate = this.goAfterLogIn;
  }
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@@ -3,8 +3,9 @@ import { DomSanitizer } from "@angular/platform-browser";
 import { NavigationEnd, Router } from "@angular/router";
 import * as jq from "jquery";
 import { IndividualConfig, ToastrService } from "ngx-toastr";
-import Swal from "sweetalert2";
+import Swal, { SweetAlertIcon } from "sweetalert2";

+import { ApiService } from "jslib-common/abstractions/api.service";
 import { AuthService } from "jslib-common/abstractions/auth.service";
 import { BroadcasterService } from "jslib-common/abstractions/broadcaster.service";
 import { CipherService } from "jslib-common/abstractions/cipher.service";
@@ -39,6 +40,10 @@ import { SendOptionsPolicy } from "./organizations/policies/send-options.compone
 import { SingleOrgPolicy } from "./organizations/policies/single-org.component";
 import { TwoFactorAuthenticationPolicy } from "./organizations/policies/two-factor-authentication.component";

+import { Utils } from "jslib-common/misc/utils";
+import { AuthRequestUpdateRequest } from "jslib-common/models/request/authRequestUpdateRequest";
+import { AppIdService } from "jslib-common/abstractions/appId.service";
+
 const BroadcasterSubscriptionId = "AppComponent";
 const IdleTimeout = 60000 * 10; // 10 minutes

@@ -76,7 +81,9 @@ export class AppComponent implements OnDestroy, OnInit {
    private eventService: EventService,
    private policyService: PolicyService,
    protected policyListService: PolicyListService,
-    private keyConnectorService: KeyConnectorService
+    private keyConnectorService: KeyConnectorService,
+    private apiService: ApiService,
+    private appIdService: AppIdService
  ) {}

  ngOnInit() {
@@ -167,6 +174,49 @@ export class AppComponent implements OnDestroy, OnInit {
            this.keyConnectorService.setConvertAccountRequired(true);
            this.router.navigate(["/remove-password"]);
            break;
+          case "closeDialog":
+            Swal.close();
+            break;
+          case "authRequest":
+            Swal.close();
+            const authRequestId = message.id;
+            console.log("Got request for " + authRequestId);
+            const authRequest = await this.apiService.getAuthRequest(authRequestId);
+            const email = await this.stateService.getEmail();
+            const requestPublicKey = Utils.fromB64ToArray(authRequest.publicKey).buffer;
+            const fingerprint = await this.cryptoService.getFingerprint(email, requestPublicKey);
+            const authRequestConfirmed = await this.platformUtilsService.showDialog(
+              `Another device is requesting to log into your Bitwarden account. Do you want to allow it?<br /><br />
+              <b><u>Details</u></b><br />
+              Device: Opera Browser<br />
+              IP Address: ${authRequest.requestIpAddress}<br />
+              Time: ${authRequest.creationDate}<br /><br />
+              <b><u>Public Key Fingerprint</u></b><br />
+              <code>${fingerprint.join("-")}</code>`,
+              "New Login Request",
+              "Yes, Allow",
+              "No, Deny",
+              null,
+              true
+            );
+            if (authRequestConfirmed) {
+              const masterKey = await this.cryptoService.getKey();
+              const masterKeyHash = await this.cryptoService.getKeyHash();
+              const encMasterKey = await this.cryptoService.rsaEncrypt(
+                masterKey.key,
+                requestPublicKey
+              );
+              const encMasterKeyHash = await this.cryptoService.rsaEncrypt(
+                Utils.fromB64ToArray(masterKeyHash).buffer,
+                requestPublicKey
+              );
+              const authRequestUpdate = new AuthRequestUpdateRequest();
+              authRequestUpdate.deviceIdentifier = await this.appIdService.getAppId();
+              authRequestUpdate.key = encMasterKey.encryptedString;
+              authRequestUpdate.masterPasswordHash = encMasterKeyHash.encryptedString;
+              this.apiService.putAuthRequest(authRequest.id, authRequestUpdate);
+            }
+            break;
          default:
            break;
        }