* initial commit
- add UsesKeyConnector to UserService
- add models
- begin work on authentication
* finish auth workflow for key connector sso login
- finish api call for get user key
- start api calls for posts to key connector
* Bypass lock page if already unlocked
* Move logic to KeyConnectorService, log out if no pin or biometric is set
* Disable password reprompt when using key connector
* hide password reprompt checkbox when editing or adding cipher
* add PostUserKey and PostSetKeyConnector calls
* add ConvertMasterPasswordPage
* add functionality to RemoveMasterPasswordPage
- rename Convert to Remove
* Hide Change Master Password button if using key connector
* Add OTP verification for export component
* Update src/App/Pages/Vault/AddEditPage.xaml.cs
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* remove toolbar item "close"
* Update src/Core/Models/Request/KeyConnectorUserKeyRequest.cs
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* remove new line in resource string
- format warning as two labels
- set label in code behind for loading simultaneously
* implement GetAndSetKey in KeyConnectorService
- ignore EnvironmentService call
* remove unnecesary orgIdentifier
* move RemoveMasterPasswordPage call to LockPage
* add spacing to export vault page
* log out if no PIN or bio on lock page with key connector
* Delete excessive whitespace
* Delete excessive whitespace
* Change capitalisation of OTP
* add default value to models for backwards compatibility
* remove this keyword
* actually handle exceptions
* move RemoveMasterPasswordPage to TabPage using messaging service
* add minor improvements
* remove 'this.'
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Add linked fields support
* Fix style, don't show linked field if Secure Note
* Finish basic linked fields for Login
* Use Field.LinkedId to store linked field info
* Reset Linked Custom Fields if cipherType changes
* Refactor to use ItemView class
* Use enum for LinkedId
* Detect if no linkedFieldOptions
- uses Apple APIs for formatting on iOS
- uses .Net APIs for formatting Android
- implemented across project
- remove unnecesary calls to DateTimeConverter
* Fixed long secure notes edition scrolling when focused issue (#1257)
* Improved fix long secure notes edition scrolling when focused issue to not use a new editor custom renderer but an effect (#1257)
* Fixed long editor, on text and notes on send when scrolling when focused issue (#1257)
* [Reset Password] BUG - Update local policies for enforcement
* Updated with blocking sync
* add the stuff I forgot to tell vsalucci about
* removed the lies I fed vsalucci
* remove unnecessary import
Co-authored-by: Matt Portune <mportune@bitwarden.com>
* Dynamic theme switching and visual tweaks
* update action runner to use macos-11 for iOS 15 support
* additional tweaks
* refinements
* refinements
* formatting and tweaks
* [Reset Password v1] Update Temp Password
* fixed order of operations for reset temp password flow
* Refactored bool with auth result
* Finished removal of temp password flow from set password
* iOS extension support plus extension bugfixes
Co-authored-by: addison <addisonbeck1@gmail.com>
Co-authored-by: Matt Portune <mportune@bitwarden.com>
* Add captcha to login models and methods
* Add captcha web auth to login
* Extract captcha to abstract base class
* Add Captcha to register
* Null out captcha token after each successful challenge
* Cancel > close
* Move continue to a button
* Resolve pr comments
* Move use another two step method button
* Resolve code suggestions
* Resolve for iPhone
* Apply suggestions from code review
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Add HashPurpose parameter to HashPasswordAsync
* Use 2 iterations for local password hashing
* Force logout if user has old keyHash stored
* Revert "Force logout if user has old keyHash stored"
This reverts commit 497d4928fa.
* Add backwards compatability with existing keyHash
* Make card number hidden
* Add support for password reprompt
* Rename PasswordPrompt to Reprompt
* Protect autofill
* Use Enums.CipherRepromptType
* Fix iOS not building
* Protect iOS autofill
* Update to match jslib
* Fix failing build
* Explain how to verify email for file Sends
* Revert "Explain how to verify email for file Sends"
This reverts commit b72314bc93.
* Explain how to verify email for file Sends
both iOS and Android are having trouble with the current method
of loading the entire file to memory, encrypting it, and sending
to azure in one go.
We will need to come up with a chunking scheme to support
larger files in the future
* Update Size limits
* Add new Api paths for direct upload of Cipher Attachments
* Add Attachment upload to fileUploadService
* Save with direct upload and fallback to legacy uplaod
CipherID is required for direct upload to request an upload URL
* Inform on when to remove legacy code
* Test Attachment upload
* Add direct upload api endpoints
* Create azure upload service
* Update max file size
* Update send file upload test
* Move internationalization string to correct document
* Allow for one shot blob uploads
* Remove unused helper
* Use FileUploadService
Fallback to legacy method on old server implementations.
* add support for disable send policy
* cleanup
* show/hide options support for send search results
* additional failsafes and copy function consolidation
* added missing disabled send icon to android renderer
* async fix and string updates
* Send feature for mobile
* added fallback for KdfIterations
* additional property exclusions for tests
* support encryptedFileData as byte array comparison in SendServiceTests
* formatting
* requested changes
* additional changes
* change position of send service registration to match declaration order
* Initial commit of personal ownership policy
* Updated logic for returning from allowing cipher creation from notification
* fixed small edge case when user in one org // adjusted error message to match all platforms
* Removed test code
* reposition buttons in Log In and Unlock pages
- Log In page: move Log In button to primary location below password
entry, move Get Your Master Password Hint to the More Options menu
- Unlock page (Verify Master Password): swap position of Unlock
and Log Out buttons
* finish changes to improved login ui
- move Log Out button in lock screen to secondary menu
- show Get Hint button on login screen in the iOS autofill login flow
Co-authored-by: Matt Portune <59324545+mportune-bw@users.noreply.github.com>
* SSO login flow for pre-existing user and no 2FA
* 2FA progress
* 2FA support
* Added SSO flows and functionality
* Handle webauthenticator cancellation gracefully
* updates & bugfixes
* Added state validation to web auth response handling
* SSO auth, account registration, and environment settings support for iOS extensions
* Added SSO prevalidation to auth process
* prevalidation now hitting identity service base url
* additional error handling
* Requested changes
* fixed case
* Initial working version for Android
* Add a fallback for when upgrading from older app version.
* Ensure biometric validity is re-checked on focus
* Only setup biometric integrity key if biometric is turned on.
* Fix styling according to comments
* Fallback for Android 5.
* Improve comment
* Add boilerplate for iOS
* Change BiometricService to public
* Untested iOS implementation.
* Convert IBiometricService to async. Fix code style for iOS.
* Base64 NSData.
* Review comments for Android BiometricService.
* Rename methods in BiometricService to append Async
* Ensure we wait for async SetupBiometricAsync.
* Update BiometricService.cs
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
* Added new option: Sync on refresh
* Removed unused field
* Fixed refreshing on disappearing & unnecessary codes removed
* Requested changes
* Calling storage service instead of a dedicated service function (mobile-specific)
* Password generator policy enforcement
* Formatting
* Changed to simple cast (double unboxing for int64/long)
* Added ui indication of active policy on password generator page and fixed issue with switch enable logic
The code expects to be called form UI thread, but it loks like JavaScript
callbacks are not. Switch to UI thread when invoking a callback.
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
In the callback the processing does not go in the main UI thread, so we
need to switch there. Otherwise on Android this throws
Android.Util.AndroidRuntimeException with detail “Only the original thread
that created a view hierarchy can touch its views”.
Discovered by trying to login with Duo as a two-factor login type.
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
* Add clone ability to personal vault items
* Fixed formatter
* Made requested changes and removed some extra whitespace added by Rider formatter
* Removed formatting on AppResources file
* Fixed casing on UpdateCipherId method
* Update calling method
* First pass at vault export UI
* Password validation via cryptoService
* Export service framework
* support for constructing json export data
* Support for constructing csv export data
* Cleanup and simplification
* Completion of vault export feature
* Formatting and simplification
* Use dialog instead of toast for invalid master password entry
* UI support in app settings for handling overlay permission requirement in Accessibility Service implementation
* Cleaned up shorthand operator with new var
* Change password generator to use ColoredPassword
* Change ColoredPassword from FormattedString to HTML string for improved performance
* PasswordFormatter fixes
* Correct || to && condition
* Apply password colouring to history pages