feat(2FA-UI-Refresh): [Auth/PM-8113] - 2FA Components Consolidation and UI Refresh (#12087)
* PM-8113 - Deprecate TwoFactorComponentRefactor feature flag in favor of UnauthenticatedExtensionUIRefresh flag
* PM-8113 - Rename all existing 2FA components as V1.
* PM-8113 - TwoFactorAuthComp - Add comment explaining that tagged unused import is used a dialog.
* PM-8113 - 2FA Auth Comp - deprecate captcha
* PM-8113 - LoginStrategySvc - add todo for deprecation of captcha response
* PM-8113 - TwoFactorAuth tests - remove captcha
* PM-8113 - TwoFactorAuthComp HTML - remove captcha
* PM-8113 - Web Two Factor Auth - update deps
* PM-8113 - Move all new two-factor-auth components into libs/auth instead of libs/angular/src/auth
* PM-8113 - Add new child-components folder to help differentiate between top level page component and child components
* PM-8113 - Add todo for browser TwoFactorAuthEmailComponent
* PM-8113 - TwoFactorAuth - progress on consolidation
* PM-8113 - TwoFactorAuth - add TODO to ensure I don't miss web on success logic
* PM-8113 - TwoFactorAuth - Deprecate browser implementation of two-factor-auth and move all logic into single component - WIP
* PM-8113 - Bring across 2FA session timeout to new 2FA orchestrator comp
* PM-8113 - Export TwoFactorAuth from libs/auth
* PM-8113 - Fix 2FA Auth Comp tests by adding new service deps.
* PM-8113 - Fix TwoFactorAuthExpiredComp imports + TwoFactorAuthComponent imports on other clients.
* PM-8113 - 2FA Auth Comp - Progress on removing onSuccessfulLogin callback
* PM-8113 - 2FA Auth - update deps to private as inheritance will no longer be used.
* PM-8113 - TwoFactorAuthComp - Refactor init a bit.
* PM-8113 - TwoFactorAuthComp - More naming refactors
* PM-8113 - TwoFactorAuth - (1) more refactoring (2) removed onSuccessfulLoginNavigate (3) after successful login we always loginEmailService.clearValues()
* PM-8113 - TwoFactorAuthComp Tests - clean up tests for removed callbacks.
* PM-8113 - TwoFactorAuthComponent - refactor default success route handling
* PM-8113 - TwoFactorAuthComp - More refactoring
* PM-8113 - TwoFactorAuthComp - more refactors
* PM-8113 - TwoFactorAuth - Remove unused service dep
* PM-8113 - TwoFactorAuthComp - Refactor out unused button action text and move checks for continue button visibility into component
* PM-8113 - TwoFactorAuthComponent - Add type for providerData
* PM-8113 - TwoFactorAuthComponent - Add todo
* PM-8113 - TwoFactorAuthComponent - Add client type
* PM-8113 - TwoFactorAuth - implement browser specific SSO + 2FA logic
* PM-8113 - TwoFactorService Abstraction - refactor to use proper functions + mark methods as abstract properly + add null return to getProviders
* PM-8113 - Refactor 2FA Guard logic out of ngOnInit and into own tested guard. Updated all routes.
* PM-8113 - TwoFactorAuthComponent - WIP on webauthn init.
* PM-8113 - TwoFactorAuthComponent - pull webauthn fallback response handling into primary init with checks based on client for if it should be processed.
* PM-8113 - TwoFactorAuthComponent - move linux popup width extension logic into ExtensionTwoFactorAuthComponentService
* PM-8113 - WebTwoFactorAuthComponentService - add explicit override for web's determineLegacyKeyMigrationAction method.
* PM-8113 - Implement new TwoFactorAuthComponentService .openPopoutIfApprovedForEmail2fa to replace extension specific init logic.
* PM-8113 - TwoFactorAuthComponent - misc cleanup
* PM-8113 - TwoFactorAuthComponent - more clean up
* PM-8113 - TwoFactorAuthComponent - WIP on removing TDE callbacks
* PM-8113 - TwoFactorAuthComponent - finish refactoring out all callbacks
* PM-8113 - TwoFactorAuthComponent - remove now unused method
* PM-8113 - TwoFactorAuthComponent - refactor routes.
* PM-8113 - TwoFactorAuthComponent - add TODO
* PM-8113 - TwoFactorAuthComp - isTrustedDeviceEncEnabled - add undefined check for optional window close. + Add todo
* PM-8113 - TwoFactorAuthComponent tests - updated to pass
* PM-8113 - (1) Consolidate TwoFactorAuthEmail component into new service architecture (2) Move openPopoutIfApprovedForEmail2fa to new TwoFactorAuthEmailComponentService
* PM-8113 - Refactor libs/auth/2fa into barrel files.
* PM-8113 - Move TwoFactorAuthEmail content to own folder.
* PM-8113 - Move 2FA Duo to own comp folder.
* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - Add comment
* PM-8113 - TwoFactorAuthEmailComponentService - add docs
* PM-8113 - TwoFactorAuthDuoComponentService - define top level abstraction and each clients implementation of the duo2faResultListener
* PM-8113 - TwoFactorAuthDuoCompService - add client specific handling for launchDuoFrameless
* PM-8113 - Delete no longer used client specific two factor auth duo components.
* PM-8113 - Register TwoFactorAuthDuoComponentService implementation in each client.
* PM-8113 - TwoFactorAuthComp - add destroy ref to fix warnings.
* PM-8113 - Remove accidentally checked in dev change
* PM-8113 - TwoFactorAuthComp - (1) Add loading state (2) Add missing CheckboxModule import
* PM-8113 - TwoFactorAuthDuoComponent - update takeUntilDestroyed to pass in destroy context as you can't use takeUntilDestroyed in ngOnInit without it.
* PM-8113 - TwoFactorAuthWebAuthnComponent - remove no longer necessary webauthn new tab check as webauthn seems to work without it
* PM-8113 - TwoFactorAuthWebAuthnComp - refactor names and add todo
* PM-8113 - (1) Move WebAuthn 2FA comp to own folder (2) build out client service for new tab logic
* PM-8113 - Register TwoFactorAuthWebAuthnComponentServices
* PM-8113 - Tweak TwoFactorAuthWebAuthnComponentService and add to TwoFactorAuthWebAuthnComponent
* PM-8113 - WebTwoFactorAuthDuoComponentService - fix type issue
* PM-8113 - ExtensionTwoFactorAuthDuoComponentService - attempt to fix type issue.
* PM-8113 - Remove ts-strict-ignore
* PM-8113 - TwoFactorAuthWebAuthnComponent - satisfy strict typescript reqs.
* PM-8113 - TwoFactorAuthComponent - some progress on strict TS conversion
* PM-8113 - TwoFactorAuthComp - fixed all strict typescript issues.
* PM-8113 - TwoFactorAuthComp - remove no longer necessary webauthn code
* PM-8113 - ExtensionTwoFactorAuthComponentService - handleSso2faFlowSuccess - add more context
* PM-8113 - TwoFactorAuthComp - TDE should use same success handler method
* PM-8113 - Fix SSO + 2FA result handling by closing proper popout window
* PM-8113 - Add todo
* PM-8113 - Webauthn 2FA - As webauthn popout doesn't persist SSO state, have to genercize success logic (which should be a good thing but requires confirmation testing).
* PM-8113 - Per main changes, remove deprecated I18nPipe from 2fa comps that use it.
* PM-8113 - Remove more incorrect i18nPipes
* PM-8113 - TwoFactorAuth + Webauthn - Refactor logic
* PM-8113 - TwoFactorAuth - build submitting loading logic
* PM-8113 - TwoFactorAuth - remove loading as submitting.
* PM-8113 - TwoFactorAuth - update to latest authN session timeout logic
* PM-8113 - AuthPopoutWindow - Add new single action popout for email 2FA so we can close it programmatically
* PM-8113 - Update ExtensionTwoFactorAuthComponentService to close email 2FA single action popouts.
* PM-8113 - Fix build after merge conflict issue
* PM-8113 - 2FA - Duo & Email comps - strict typescript adherence.
* PM-8113 - TwoFactorAuth - Clean up unused stuff and get tests passing
* PM-8113 - Clean up used service method + TODO as I've confirmed it works for other flows.
* PM-8113 - TODO: test all comp services
* PM-8113 - TwoFactorAuthComponent Tests - fix tests by removing mock of removed method.
* PM-8113 - Revert changes to login strategies to avoid scope creep for the sake of typescript strictness.
* PM-8113 - ExtensionTwoFactorAuthComponentService tests
* PM-8113 - Test ExtensionTwoFactorAuthDuoComponentService
* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - add tests
* PM-8113 - Test ExtensionTwoFactorAuthWebAuthnComponentService
* PM-8113 - Add 2fa icons (icons need tweaking still)
* PM-8113 - TwoFactorAuthComponent - add setAnonLayoutDataByTwoFactorProviderType and handle email case as POC
* PM-8113 - TwoFactorEmailComp - work on converting to new design
* PM-8113 - Update icons with proper svg with scaling via viewbox
* PM-8113 - Update icons to use proper classes
* PM-8113 - 2FA Auth Comp - Progress on implementing design changes
* PM-8113 - TwoFactorOptionsComponent - add todos
* PM-8113 - 2fa Email Comp - add style changes per discussion with design
* PM-8113 - TwoFactorAuthComponent - use2faRecoveryCode - build out method per discussion with design
* PM-8113 - TwoFactorAuthComp - fix comp tests
* PM-8113 - TwoFactorAuthComp - progress on adding 2fa provider page icons and subtitles
* PM-8113 - Browser Translations - update duoTwoFactorRequiredPageSubtitle to match design discussion
* PM-8113 - TwoFactorAuthComp - more work on getting page title / icons working
* PM-8113 - Add todo
* PM-8113 - TwoFactorAuthDuoComponent Html - remove text that was moved to page subtitle.
* PM-8113 - 2FA Auth Comp - Duo icon works
* PM-8113 - (1) Add Yubico logo icon (2) Rename Yubikey icon to security key icon
* PM-8113 - TwoFactorAuthComp - remove icon from launch duo button per figma
* PM-8113 - Mark old two-factor-options component as v1.
* PM-8113 - Web - TwoFactorOptionsComponentV1 - Fix import
* PM-8113 - Fix more imports
* PM-8113 - Adjust translations based on meeting with Design
* PM-8113 - TwoFactorOptionsComponent - deprecate recovery code functionality
* PM-8113 - TwoFactorOptionsComponent - remove icon disable logic and unused imports
* PM-8113 - 2FA Options Comp rewritten to match figma
* PM-8113 - TwoFactorOptions - (1) Sort providers like setup screen (2) Add responsive scaling
* PM-8113 - Webauthn 2FA - WIP on updating connectors to latest style
* PM-8113 - Webauthn connector - clean up commented out code and restore block style
* PM-8113 - TwoFactorAuthWebAuthn - Add loading state for iframe until webauthn ready
* PM-8113 - Webauthn Iframe - update translation per figma
* PM-8113 - TwoFactorAuthComp - per figma, put webauthn after checkbox.
* PM-8113 - WebAuthn Fallback connector - UI refreshed
* PM-8113 - Two Factor Options - Implement wrapping
* PM-8113 - TwoFactorAuthAuthenticator - Remove text per figma
* PM-8113 - TwoFactorAuthYubikey - Clean up design per figma
* PM-8113 - Refactor all 2FA flows to use either reactive forms or programmatic submission so we get the benefit of onSubmit form validation like we have elsewhere.
* PM-8113 - 2FA Auth Comp - for form validated 2FA methods, add enter support.
* PM-8113 - TwoFactorAuthComp - Add loginSuccessHandlerService
* PM-8113 - DesktopTwoFactorAuthDuoComponentService - add tests
* PM-8113 - WebTwoFactorAuthDuoComponentService test file - WIP on tests
* PM-8113 - WebTwoFactorAuthDuoComponentService - test listenForDuo2faResult
* PM-8113 - TwoFactorAuthComp - (1) remove unused deps (2) get tests passing
* PM-8113 - Add required to inputs
* PM-8113 - TwoFactorAuth - Save off 2FA providers map so we can only show the select another 2FA method if the user actually has more than 1 configured 2FA method.
* PM-8113 - Webauthn iframe styling must be adjusted per client so adjust desktop and browser extension
* PM-8113 - TwoFactorAuthComp - Integrate latest ssoLoginService changes
* PM-8113 - Desktop & Browser routing modules - add new page title per figma
* PM-8113 - WebAuthn - added optional awaiting security key interaction button state to improve UX.
* PM-8113 - TwoFactorAuthComp - refactor to avoid reactive race condition with retrieval of active user id.
* PM-8113 - ExtensionTwoFactorAuthEmailComponentService - force close the popup since it has stopped closing when the popup opens.
* PM-8113 - TwoFactorAuth - refactor enter key press to exempt non-applicable flows from enter key handling
* PM-8113 - Refactor ExtensionTwoFactorAuthComponentService methods to solve issues with submission
* PM-8113 - TwoFactorAuth - fix programmatic submit of form
* PM-8113 - Fix ExtensionTwoFactorAuthComponentService tests
* PM-8113 - Extension - Webauthn iframe - remove -10px margin
* PM-8113 - Extension Routing module - 2FA screens need back button
* PM-8113 - Get Duo working in extension
* PM-8113 - TwoFactorOptions - tweak styling of row styling to better work for extension
* PM-8113 - TwoFactorWebauthnComp - new tab button styling per figma
* PM-8113 - 2FA Comp - Update logic for hiding / showing the remember me checkbox
* PM-8113 - TwoFactorAuthWebAuthnComp - new tab flow - fix remember me
* PM-8113 - Per PR feedback, add TODO for better provider and module structure for auth component client logic services.
* PM-8113 - TwoFactorAuth - add missing TDE offboarding logic.
* PM-8113 - TwoFactorAuthComponent tests - fix tests
* PM-8113 - 2FA Auth Comp HTML - per PR feedback, remove unnecessary margin bottom
* PM-8113 - 2FA Comp - per PR feedback, remove inSsoFlow as it isn't used.
* PM-8113 - TwoFactorOptionsComp - Clean up no longer needed emitters.
* PM-8113 - TwoFactorOptions - per PR feedback, clean up any usage
* PM-8113 - TwoFactorAuthComp - per PR feedback, rename method from selectOtherTwofactorMethod to selectOtherTwoFactorMethod
* PM-8113 - Per PR feedback, fix translations misspelling
* PM-8113 - TwoFactorAuthSecurityKeyIcon - fix hardcoded value
* PM-8113 - TwoFactorAuthSecurityKeyIcon - fix extra "
* PM-8113 - TwoFactorAuthDuo - Per PR feedback, remove empty template.
* PM-8113 - LooseComponentsModule - re-add accidentally removed component
* PM-8113 - TwoFactorAuthWebAuthnIcon - per PR feedback, fix hardcoded stroke value.
* PM-8113 - Desktop AppRoutingModule - per PR feedback, remove unnecessary AnonLayoutWrapperComponent component property.
* PM-8113 - Update apps/browser/src/auth/services/extension-two-factor-auth-duo-component.service.spec.ts to fix misspelling
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* PM-8113 - TwoFactorAuthComp - Per PR feedback, add trim to token value
* PM-8113 - TwoFactorService - add typescript strict
* PM-8113 - TwoFactorService - per PR feedback, add jsdocs
* PM-8113 - Per PR feedback, fix misspelling
* PM-8113 - Webauthn fallback - per PR feedback fix stroke
* PM-8113 - Update apps/web/src/connectors/webauthn-fallback.html
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
* PM-8113 - Update libs/auth/src/angular/icons/two-factor-auth/two-factor-auth-webauthn.icon.ts
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
---------
Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
2025-02-24 09:59:14 -05:00
|
|
|
import { TwoFactorProviderType } from "@bitwarden/common/auth/enums/two-factor-provider-type";
|
|
|
|
|
|
|
|
|
|
export enum LegacyKeyMigrationAction {
|
|
|
|
|
PREVENT_LOGIN_AND_SHOW_REQUIRE_MIGRATION_WARNING,
|
|
|
|
|
NAVIGATE_TO_MIGRATION_COMPONENT,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export enum DuoLaunchAction {
|
|
|
|
|
DIRECT_LAUNCH,
|
|
|
|
|
SINGLE_ACTION_POPOUT,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Manages all cross client functionality so we can have a single two factor auth component
|
|
|
|
|
* implementation for all clients.
|
|
|
|
|
*/
|
|
|
|
|
export abstract class TwoFactorAuthComponentService {
|
|
|
|
|
/**
|
|
|
|
|
* Determines if the client should check for a webauthn response on init.
|
|
|
|
|
* Currently, only the extension should check during component initialization.
|
|
|
|
|
*/
|
|
|
|
|
abstract shouldCheckForWebAuthnQueryParamResponse(): boolean;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Extends the popup width if required.
|
|
|
|
|
* Some client specific situations require the popup to be wider than the default width.
|
|
|
|
|
*/
|
|
|
|
|
abstract extendPopupWidthIfRequired?(
|
|
|
|
|
selected2faProviderType: TwoFactorProviderType,
|
|
|
|
|
): Promise<void>;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Removes the popup width extension.
|
|
|
|
|
*/
|
|
|
|
|
abstract removePopupWidthExtension?(): void;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* We used to use the user's master key to encrypt their data. We deprecated that approach
|
|
|
|
|
* and now use a user key. This method should be called if we detect that the user
|
|
|
|
|
* is still using the old master key encryption scheme (server sends down a flag to
|
|
|
|
|
* indicate this). This method then determines what action to take based on the client.
|
|
|
|
|
*
|
|
|
|
|
* We have two possible actions:
|
|
|
|
|
* 1. Prevent the user from logging in and show a warning that they need to migrate their key on the web client today.
|
|
|
|
|
* 2. Navigate the user to the key migration component on the web client.
|
|
|
|
|
*/
|
|
|
|
|
abstract determineLegacyKeyMigrationAction(): LegacyKeyMigrationAction;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Optionally closes any single action popouts (extension only).
|
|
|
|
|
* @returns true if we are in a single action popout and it was closed, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
abstract closeSingleActionPopouts?(): Promise<boolean>;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Optionally refreshes any open windows (exempts current window).
|
|
|
|
|
* Only defined on the extension client for the goal of refreshing sidebars.
|
|
|
|
|
*/
|
|
|
|
|
abstract reloadOpenWindows?(): void;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Determines the action to take when launching the Duo flow.
|
|
|
|
|
* The extension has to popout the flow, while other clients can launch it directly.
|
|
|
|
|
*/
|
|
|
|
|
abstract determineDuoLaunchAction(): DuoLaunchAction;
|
|
|
|
|
}
|