topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1791 Commits
2 Branches
74 Tags
43 MiB
 
 
 
 
 
 
Tree: 4a76119e92
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4a76119e92'
${ noResults }
vaultwarden/web-vault-sso.patch

706 lines
35 KiB
Raw Blame History

Submodule jslib contains modified content
diff --git a/jslib/angular/src/components/register.component.ts b/jslib/angular/src/components/register.component.ts
index fd91af29..abcfd62c 100644
--- a/jslib/angular/src/components/register.component.ts
+++ b/jslib/angular/src/components/register.component.ts
@@ -30,7 +30,7 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
formPromise: Promise<any>;
masterPasswordScore: number;
referenceData: ReferenceEventRequest;
- showTerms = true;
+ showTerms = false;
acceptPolicies: boolean = false;
protected successRoute = 'login';
@@ -43,7 +43,7 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
protected passwordGenerationService: PasswordGenerationService, environmentService: EnvironmentService,
protected logService: LogService) {
super(environmentService, i18nService, platformUtilsService);
- this.showTerms = !platformUtilsService.isSelfHost();
+ this.showTerms = false;
}
async ngOnInit() {
@@ -81,6 +81,12 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
}
async submit() {
+ if (typeof crypto.subtle === 'undefined') {
+ this.platformUtilsService.showToast('error', "This browser requires HTTPS to use the web vault",
+ "Check the Vaultwarden wiki for details on how to enable it");
+ return;
+ }
+
if (!this.acceptPolicies && this.showTerms) {
this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
this.i18nService.t('acceptPoliciesError'));
diff --git a/jslib/angular/src/components/sso.component.ts b/jslib/angular/src/components/sso.component.ts
index 1ab8e2f4..7e74fbd7 100644
--- a/jslib/angular/src/components/sso.component.ts
+++ b/jslib/angular/src/components/sso.component.ts
@@ -23,6 +23,8 @@ import { Utils } from 'jslib-common/misc/utils';
import { AuthResult } from 'jslib-common/models/domain/authResult';
+import { switchMap } from 'rxjs/operators';
+
@Directive()
export class SsoComponent {
identifier: string;
@@ -54,13 +56,19 @@ export class SsoComponent {
async ngOnInit() {
this.route.queryParams.pipe(first()).subscribe(async qParams => {
- if (qParams.code != null && qParams.state != null) {
+ // I have no idea why the qParams is empty here - I've hacked in an alternative very messily, but it works.
+ const workingParams = (new URL(window.location.href)).searchParams;
+ const workingSwap = {
+ code: workingParams.get('code'),
+ state: workingParams.get('state'),
+ };
+ if (workingSwap.code != null && workingSwap.state != null) {
const codeVerifier = await this.storageService.get<string>(ConstantsService.ssoCodeVerifierKey);
const state = await this.storageService.get<string>(ConstantsService.ssoStateKey);
await this.storageService.remove(ConstantsService.ssoCodeVerifierKey);
await this.storageService.remove(ConstantsService.ssoStateKey);
- if (qParams.code != null && codeVerifier != null && state != null && this.checkState(state, qParams.state)) {
- await this.logIn(qParams.code, codeVerifier, this.getOrgIdentifierFromState(qParams.state));
+ if (workingSwap.code != null && codeVerifier != null && state != null && this.checkState(state, workingSwap.state)) {
+ await this.logIn(workingSwap.code, codeVerifier, this.getOrgIdentifierFromState(workingSwap.state));
}
} else if (qParams.clientId != null && qParams.redirectUri != null && qParams.state != null &&
qParams.codeChallenge != null) {
@@ -125,7 +133,7 @@ export class SsoComponent {
let authorizeUrl = this.environmentService.getIdentityUrl() + '/connect/authorize?' +
'client_id=' + this.clientId + '&redirect_uri=' + encodeURIComponent(this.redirectUri) + '&' +
'response_type=code&scope=api offline_access&' +
- 'state=' + state + '&code_challenge=' + codeChallenge + '&' +
+ 'state=' + encodeURIComponent(state) + '&code_challenge=' + codeChallenge + '&' +
'code_challenge_method=S256&response_mode=query&' +
'domain_hint=' + encodeURIComponent(this.identifier);
diff --git a/jslib/common/src/abstractions/api.service.ts b/jslib/common/src/abstractions/api.service.ts
index 1c6aa0ef..aab45eeb 100644
--- a/jslib/common/src/abstractions/api.service.ts
+++ b/jslib/common/src/abstractions/api.service.ts
@@ -38,6 +38,7 @@ import { OrganizationSsoRequest } from '../models/request/organization/organizat
import { OrganizationCreateRequest } from '../models/request/organizationCreateRequest';
import { OrganizationImportRequest } from '../models/request/organizationImportRequest';
import { OrganizationKeysRequest } from '../models/request/organizationKeysRequest';
+import { OrganizationSsoUpdateRequest } from '../models/request/organizationSsoUpdateRequest';
import { OrganizationSubscriptionUpdateRequest } from '../models/request/organizationSubscriptionUpdateRequest';
import { OrganizationTaxInfoUpdateRequest } from '../models/request/organizationTaxInfoUpdateRequest';
import { OrganizationUpdateRequest } from '../models/request/organizationUpdateRequest';
@@ -148,6 +149,7 @@ import { SendAccessResponse } from '../models/response/sendAccessResponse';
import { SendFileDownloadDataResponse } from '../models/response/sendFileDownloadDataResponse';
import { SendFileUploadDataResponse } from '../models/response/sendFileUploadDataResponse';
import { SendResponse } from '../models/response/sendResponse';
+import { SsoConfigResponse } from '../models/response/ssoConfigResponse';
import { SubscriptionResponse } from '../models/response/subscriptionResponse';
import { SyncResponse } from '../models/response/syncResponse';
import { TaxInfoResponse } from '../models/response/taxInfoResponse';
@@ -386,6 +388,8 @@ export abstract class ApiService {
getOrganizationSso: (id: string) => Promise<OrganizationSsoResponse>;
postOrganization: (request: OrganizationCreateRequest) => Promise<OrganizationResponse>;
putOrganization: (id: string, request: OrganizationUpdateRequest) => Promise<OrganizationResponse>;
+ getSsoConfig: (id: string) => Promise<SsoConfigResponse>;
+ putOrganizationSso: (id: string, request: OrganizationSsoUpdateRequest) => Promise<SsoConfigResponse>;
putOrganizationTaxInfo: (id: string, request: OrganizationTaxInfoUpdateRequest) => Promise<any>;
postLeaveOrganization: (id: string) => Promise<any>;
postOrganizationLicense: (data: FormData) => Promise<OrganizationResponse>;
diff --git a/jslib/common/src/models/request/organizationSsoUpdateRequest.ts b/jslib/common/src/models/request/organizationSsoUpdateRequest.ts
new file mode 100644
index 00000000..7075aecc
--- /dev/null
+++ b/jslib/common/src/models/request/organizationSsoUpdateRequest.ts
@@ -0,0 +1,8 @@
+export class OrganizationSsoUpdateRequest {
+ useSso: boolean;
+ callbackPath: string;
+ signedOutCallbackPath: string;
+ authority: string;
+ clientId: string;
+ clientSecret: string;
+}
diff --git a/jslib/common/src/models/request/tokenRequest.ts b/jslib/common/src/models/request/tokenRequest.ts
index 41797eb0..26206356 100644
--- a/jslib/common/src/models/request/tokenRequest.ts
+++ b/jslib/common/src/models/request/tokenRequest.ts
@@ -14,9 +14,10 @@ export class TokenRequest implements CaptchaProtectedRequest {
clientId: string;
clientSecret: string;
device?: DeviceRequest;
+ orgId?: string
constructor(credentials: string[], codes: string[], clientIdClientSecret: string[], public provider: TwoFactorProviderType,
- public token: string, public remember: boolean, public captchaResponse: string, device?: DeviceRequest) {
+ public token: string, public remember: boolean, public captchaResponse: string, device?: DeviceRequest, orgId?: string) {
if (credentials != null && credentials.length > 1) {
this.email = credentials[0];
this.masterPasswordHash = credentials[1];
@@ -28,6 +29,9 @@ export class TokenRequest implements CaptchaProtectedRequest {
this.clientId = clientIdClientSecret[0];
this.clientSecret = clientIdClientSecret[1];
}
+ if (orgId && orgId !== '') {
+ this.orgId = orgId;
+ }
this.device = device != null ? device : null;
}
@@ -50,6 +54,7 @@ export class TokenRequest implements CaptchaProtectedRequest {
obj.code = this.code;
obj.code_verifier = this.codeVerifier;
obj.redirect_uri = this.redirectUri;
+ obj.org_identifier = this.orgId;
} else {
throw new Error('must provide credentials or codes');
}
diff --git a/jslib/common/src/models/response/ssoConfigResponse.ts b/jslib/common/src/models/response/ssoConfigResponse.ts
new file mode 100644
index 00000000..9c72dd33
--- /dev/null
+++ b/jslib/common/src/models/response/ssoConfigResponse.ts
@@ -0,0 +1,22 @@
+import { BaseResponse } from './baseResponse';
+
+export class SsoConfigResponse extends BaseResponse {
+ id: string;
+ useSso: boolean;
+ callbackPath: string;
+ signedOutCallbackPath: string;
+ authority: string;
+ clientId: string;
+ clientSecret: string;
+
+ constructor(response: any) {
+ super(response);
+ this.id = this.getResponseProperty('Id');
+ this.useSso = this.getResponseProperty('UseSso');
+ this.callbackPath = this.getResponseProperty('CallbackPath');
+ this.signedOutCallbackPath = this.getResponseProperty('SignedOutCallbackPath');
+ this.authority = this.getResponseProperty('Authority');
+ this.clientId = this.getResponseProperty('ClientId');
+ this.clientSecret = this.getResponseProperty('ClientSecret');
+ }
+}
diff --git a/jslib/common/src/services/api.service.ts b/jslib/common/src/services/api.service.ts
index 46fdc139..16140f6c 100644
--- a/jslib/common/src/services/api.service.ts
+++ b/jslib/common/src/services/api.service.ts
@@ -39,6 +39,7 @@ import { OrganizationSsoRequest } from '../models/request/organization/organizat
import { OrganizationCreateRequest } from '../models/request/organizationCreateRequest';
import { OrganizationImportRequest } from '../models/request/organizationImportRequest';
import { OrganizationKeysRequest } from '../models/request/organizationKeysRequest';
+import { OrganizationSsoUpdateRequest } from '../models/request/organizationSsoUpdateRequest';
import { OrganizationSubscriptionUpdateRequest } from '../models/request/organizationSubscriptionUpdateRequest';
import { OrganizationTaxInfoUpdateRequest } from '../models/request/organizationTaxInfoUpdateRequest';
import { OrganizationUpdateRequest } from '../models/request/organizationUpdateRequest';
@@ -154,6 +155,7 @@ import { SendAccessResponse } from '../models/response/sendAccessResponse';
import { SendFileDownloadDataResponse } from '../models/response/sendFileDownloadDataResponse';
import { SendFileUploadDataResponse } from '../models/response/sendFileUploadDataResponse';
import { SendResponse } from '../models/response/sendResponse';
+import { SsoConfigResponse } from '../models/response/ssoConfigResponse';
import { SubscriptionResponse } from '../models/response/subscriptionResponse';
import { SyncResponse } from '../models/response/syncResponse';
import { TaxInfoResponse } from '../models/response/taxInfoResponse';
@@ -1187,6 +1189,16 @@ export class ApiService implements ApiServiceAbstraction {
return new OrganizationResponse(r);
}
+ async getSsoConfig(id: string): Promise<SsoConfigResponse> {
+ const r = await this.send('GET', '/organizations/' + id + '/sso', null, true, true);
+ return new SsoConfigResponse(r);
+ }
+
+ async putOrganizationSso(id: string, request: OrganizationSsoUpdateRequest): Promise<SsoConfigResponse> {
+ const r = await this.send('PUT', '/organizations/' + id + '/sso', request, true, false);
+ return new SsoConfigResponse(r);
+ }
+
async putOrganizationTaxInfo(id: string, request: OrganizationTaxInfoUpdateRequest): Promise<any> {
return this.send('PUT', '/organizations/' + id + '/tax', request, true, false);
}
diff --git a/jslib/common/src/services/auth.service.ts b/jslib/common/src/services/auth.service.ts
index e4f670d7..d96f78cd 100644
--- a/jslib/common/src/services/auth.service.ts
+++ b/jslib/common/src/services/auth.service.ts
@@ -310,13 +310,13 @@ export class AuthService implements AuthServiceAbstraction {
let request: TokenRequest;
if (twoFactorToken != null && twoFactorProvider != null) {
request = new TokenRequest(emailPassword, codeCodeVerifier, clientIdClientSecret, twoFactorProvider,
- twoFactorToken, remember, captchaToken, deviceRequest);
+ twoFactorToken, remember, captchaToken, deviceRequest, orgId);
} else if (storedTwoFactorToken != null) {
request = new TokenRequest(emailPassword, codeCodeVerifier, clientIdClientSecret,
- TwoFactorProviderType.Remember, storedTwoFactorToken, false, captchaToken, deviceRequest);
+ TwoFactorProviderType.Remember, storedTwoFactorToken, false, captchaToken, deviceRequest, orgId);
} else {
request = new TokenRequest(emailPassword, codeCodeVerifier, clientIdClientSecret, null,
- null, false, captchaToken, deviceRequest);
+ null, false, captchaToken, deviceRequest, orgId);
}
const response = await this.apiService.postIdentityToken(request);
diff --git a/src/404.html b/src/404.html
index eba36375..cb8883ec 100644
--- a/src/404.html
+++ b/src/404.html
@@ -41,10 +41,10 @@
</a>
</p>
<p>You can <a href="/">return to the web vault</a>, check our <a href="https://status.bitwarden.com/">status page</a>
- or <a href="https://bitwarden.com/contact/">contact us</a>.</p>
+ or <a href="https://github.com/dani-garcia/vaultwarden">contact us</a>.</p>
</div>
<div class="container footer text-muted content">
- © Copyright 2021 Bitwarden, Inc.
+ © Copyright 2021 Bitwarden, Inc. (Powered by Vaultwarden)
</div>
</body>
</html>
diff --git a/src/app/app.component.ts b/src/app/app.component.ts
index f01ecb69..22fd7dc2 100644
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@@ -160,6 +160,10 @@ export class AppComponent implements OnDestroy, OnInit {
}
break;
case 'showToast':
+ if (typeof message.text === "string" && typeof crypto.subtle === 'undefined') {
+ message.title="This browser requires HTTPS to use the web vault";
+ message.text="Check the Vaultwarden wiki for details on how to enable it";
+ }
this.showToast(message);
break;
case 'setFullWidth':
diff --git a/src/app/layouts/footer.component.html b/src/app/layouts/footer.component.html
index b001b9e3..c1bd2ac8 100644
--- a/src/app/layouts/footer.component.html
+++ b/src/app/layouts/footer.component.html
@@ -1,7 +1,7 @@
<div class="container footer text-muted">
<div class="row">
<div class="col">
- &copy; {{year}}, Bitwarden Inc.
+ &copy; {{year}}, Bitwarden Inc. (Powered by Vaultwarden)
</div>
<div class="col text-center"></div>
<div class="col text-right">
diff --git a/src/app/layouts/frontend-layout.component.html b/src/app/layouts/frontend-layout.component.html
index 4c2c4ca1..dc990b22 100644
--- a/src/app/layouts/frontend-layout.component.html
+++ b/src/app/layouts/frontend-layout.component.html
@@ -1,5 +1,5 @@
<router-outlet></router-outlet>
<div class="container my-5 text-muted text-center">
- &copy; {{year}}, Bitwarden Inc.
+ &copy; {{year}}, Bitwarden Inc. (Powered by Vaultwarden)
<br> {{'versionNumber' | i18n : version}}
</div>
diff --git a/src/app/layouts/navbar.component.html b/src/app/layouts/navbar.component.html
index 8581e239..24ae6788 100644
--- a/src/app/layouts/navbar.component.html
+++ b/src/app/layouts/navbar.component.html
@@ -46,7 +46,7 @@
<i class="fa fa-fw fa-user" aria-hidden="true"></i>
{{'myAccount' | i18n}}
</a>
- <a class="dropdown-item" href="https://help.bitwarden.com" target="_blank" rel="noopener">
+ <a class="dropdown-item" href="https://github.com/dani-garcia/vaultwarden" target="_blank" rel="noopener">
<i class="fa fa-fw fa-question-circle" aria-hidden="true"></i>
{{'getHelp' | i18n}}
</a>
diff --git a/src/app/organizations/manage/manage.component.html b/src/app/organizations/manage/manage.component.html
index 1cb4384b..826407f2 100644
--- a/src/app/organizations/manage/manage.component.html
+++ b/src/app/organizations/manage/manage.component.html
@@ -20,10 +20,6 @@
*ngIf="organization.canManagePolicies && accessPolicies">
{{'policies' | i18n}}
</a>
- <a routerLink="sso" class="list-group-item" routerLinkActive="active"
- *ngIf="organization.canManageSso && accessSso">
- {{'singleSignOn' | i18n}}
- </a>
<a routerLink="events" class="list-group-item" routerLinkActive="active"
*ngIf="organization.canAccessEventLogs && accessEvents">
{{'eventLogs' | i18n}}
diff --git a/src/app/organizations/settings/settings.component.html b/src/app/organizations/settings/settings.component.html
index 2dac5ac1..21ce9848 100644
--- a/src/app/organizations/settings/settings.component.html
+++ b/src/app/organizations/settings/settings.component.html
@@ -7,6 +7,9 @@
<a routerLink="account" class="list-group-item" routerLinkActive="active">
{{'myOrganization' | i18n}}
</a>
+ <a routerLink="sso" class="list-group-item" routerLinkActive="active">
+ {{'singleSignOn' | i18n}}
+ </a>
<a routerLink="subscription" class="list-group-item" routerLinkActive="active">
{{'subscription' | i18n}}
</a>
diff --git a/src/app/organizations/settings/sso.component.html b/src/app/organizations/settings/sso.component.html
new file mode 100644
index 00000000..02ec6f3f
--- /dev/null
+++ b/src/app/organizations/settings/sso.component.html
@@ -0,0 +1,51 @@
+<div class="page-header">
+ <h1>{{'singleSignOn' | i18n}}</h1>
+</div>
+<div *ngIf="!loaded" class="text-muted">
+ <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+ <span class="sr-only">{{'loading' | i18n}}</span>
+</div>
+<form *ngIf="ssoConfig && !loading" #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate>
+ <div class="row">
+ <div class="col-12">
+ <div class="form-group">
+ <label for="enabled">{{'enabled' | i18n}}</label>
+ <input id="enabled" class="form-control" type="checkbox" name="Enabled" [(ngModel)]="ssoConfig.useSso" [disabled]="selfHosted">
+ </div>
+ <h2>OpenId Connect Configuration</h2>
+ <div class="form-group">
+ <label for="callbackPath">{{'callbackPath' | i18n}}</label>
+ <input id="callbackPath" class="form-control" type="text" name="Callback Path" [(ngModel)]="ssoConfig.callbackPath"
+ [disabled]="selfHosted">
+ </div>
+ <div class="form-group">
+ <label for="signedOutCallbackPath">{{'signedOutCallbackPath' | i18n}}</label>
+ <input id="signedOutCallbackPath" class="form-control" type="text" name="Signed Out Callback Path"
+ [(ngModel)]="ssoConfig.signedOutCallbackPath" [disabled]="selfHosted">
+ </div>
+ <div class="form-group">
+ <label for="authority">{{'authority' | i18n}}</label>
+ <input id="authority" class="form-control" type="text" name="Authority"
+ [(ngModel)]="ssoConfig.authority" [disabled]="selfHosted">
+ </div>
+ <div class="form-group">
+ <label for="clientId">{{'clientId' | i18n}}</label>
+ <input id="authority" class="form-control" type="text" name="Client ID"
+ [(ngModel)]="ssoConfig.clientId" [disabled]="selfHosted">
+ </div>
+ <div class="form-group">
+ <label for="clientSecret">{{'clientSecret' | i18n}}</label>
+ <input id="clientSecret" class="form-control" type="password" name="Client Secret"
+ [(ngModel)]="ssoConfig.clientSecret" [disabled]="selfHosted">
+ </div>
+ </div>
+ </div>
+ <button type="submit" class="btn btn-primary btn-submit" [disabled]="form.loading">
+ <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+ <span>{{'save' | i18n}}</span>
+ </button>
+</form>
+<div *ngIf="!ssoConfig || loading">
+ <i class="fa fa-spinner fa-spin text-muted" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+ <span class="sr-only">{{'loading' | i18n}}</span>
+</div>
diff --git a/src/app/organizations/settings/sso.component.ts b/src/app/organizations/settings/sso.component.ts
new file mode 100644
index 00000000..f00c36ba
--- /dev/null
+++ b/src/app/organizations/settings/sso.component.ts
@@ -0,0 +1,70 @@
+import {
+ Component,
+ ComponentFactoryResolver,
+ ViewChild,
+ ViewContainerRef,
+} from '@angular/core';
+
+import { ActivatedRoute } from '@angular/router';
+
+import { ToasterService } from 'angular2-toaster';
+
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { SyncService } from 'jslib-common/abstractions/sync.service';
+
+import { OrganizationSsoUpdateRequest } from 'jslib-common/models/request/organizationSsoUpdateRequest';
+
+import { SsoConfigResponse } from 'jslib-common/models/response/ssoConfigResponse';
+
+@Component({
+ selector: 'app-org-sso',
+ templateUrl: 'sso.component.html',
+})
+export class SsoComponent {
+ selfHosted = false;
+ loading = true;
+ loaded = false;
+ ssoConfig: SsoConfigResponse;
+ formPromise: Promise<any>;
+
+ private organizationId: string;
+
+ constructor(private componentFactoryResolver: ComponentFactoryResolver,
+ private apiService: ApiService, private i18nService: I18nService,
+ private toasterService: ToasterService, private route: ActivatedRoute,
+ private syncService: SyncService, private platformUtilsService: PlatformUtilsService,
+ private cryptoService: CryptoService) { }
+
+ async ngOnInit() {
+ this.selfHosted = this.platformUtilsService.isSelfHost();
+ this.route.parent.parent.params.subscribe(async params => {
+ this.organizationId = params.organizationId;
+ try {
+ this.ssoConfig = await this.apiService.getSsoConfig(this.organizationId);
+ } catch { }
+ });
+ this.loading = false;
+ this.loaded = true;
+ }
+
+ async submit() {
+ try {
+ const request = new OrganizationSsoUpdateRequest();
+ request.useSso = this.ssoConfig.useSso;
+ request.callbackPath = this.ssoConfig.callbackPath;
+ request.signedOutCallbackPath = this.ssoConfig.signedOutCallbackPath;
+ request.authority = this.ssoConfig.authority;
+ request.clientId = this.ssoConfig.clientId;
+ request.clientSecret = this.ssoConfig.clientSecret;
+
+ this.formPromise = this.apiService.putOrganizationSso(this.organizationId, request).then(() => {
+ return this.syncService.fullSync(true);
+ });
+ await this.formPromise;
+ this.toasterService.popAsync('success', null, this.i18nService.t('organizationUpdated'));
+ } catch { }
+ }
+}
diff --git a/src/app/organizations/vault/vault.component.ts b/src/app/organizations/vault/vault.component.ts
index 715453fd..b7c2a7b2 100644
--- a/src/app/organizations/vault/vault.component.ts
+++ b/src/app/organizations/vault/vault.component.ts
@@ -63,9 +63,7 @@ export class VaultComponent implements OnInit, OnDestroy {
private platformUtilsService: PlatformUtilsService) { }
ngOnInit() {
- this.trashCleanupWarning = this.i18nService.t(
- this.platformUtilsService.isSelfHost() ? 'trashCleanupWarningSelfHosted' : 'trashCleanupWarning'
- );
+ this.trashCleanupWarning = this.i18nService.t('trashCleanupWarningSelfHosted');
this.route.parent.params.pipe(first()).subscribe(async params => {
this.organization = await this.userService.getOrganization(params.organizationId);
diff --git a/src/app/oss-routing.module.ts b/src/app/oss-routing.module.ts
index 84a056e4..88f631c2 100644
--- a/src/app/oss-routing.module.ts
+++ b/src/app/oss-routing.module.ts
@@ -35,6 +35,7 @@ import { AccountComponent as OrgAccountComponent } from './organizations/setting
import { OrganizationBillingComponent } from './organizations/settings/organization-billing.component';
import { OrganizationSubscriptionComponent } from './organizations/settings/organization-subscription.component';
import { SettingsComponent as OrgSettingsComponent } from './organizations/settings/settings.component';
+import { SsoComponent as OrgSsoComponent } from './organizations/settings/sso.component';
import {
TwoFactorSetupComponent as OrgTwoFactorSetupComponent,
} from './organizations/settings/two-factor-setup.component';
@@ -443,6 +444,8 @@ const routes: Routes = [
children: [
{ path: '', pathMatch: 'full', redirectTo: 'account' },
{ path: 'account', component: OrgAccountComponent, data: { titleId: 'myOrganization' } },
+ { path: 'sso', component: OrgSsoComponent, data: { titleId: 'sso' } },
{ path: 'two-factor', component: OrgTwoFactorSetupComponent, data: { titleId: 'twoStepLogin' } },
{
path: 'billing',
diff --git a/src/app/oss.module.ts b/src/app/oss.module.ts
index 88790771..e3915e88 100644
--- a/src/app/oss.module.ts
+++ b/src/app/oss.module.ts
@@ -67,6 +67,7 @@ import { DownloadLicenseComponent } from './organizations/settings/download-lice
import { OrganizationBillingComponent } from './organizations/settings/organization-billing.component';
import { OrganizationSubscriptionComponent } from './organizations/settings/organization-subscription.component';
import { SettingsComponent as OrgSettingComponent } from './organizations/settings/settings.component';
+import { SsoComponent as OrgSsoComponent } from './organizations/settings/sso.component';
import {
TwoFactorSetupComponent as OrgTwoFactorSetupComponent,
} from './organizations/settings/two-factor-setup.component';
@@ -367,6 +368,7 @@ registerLocaleData(localeZhTw, 'zh-TW');
NestedCheckboxComponent,
OptionsComponent,
OrgAccountComponent,
+ OrgSsoComponent,
OrgAddEditComponent,
OrganizationBillingComponent,
OrganizationPlansComponent,
diff --git a/src/app/send/access.component.html b/src/app/send/access.component.html
index 84944a2b..107ad359 100644
--- a/src/app/send/access.component.html
+++ b/src/app/send/access.component.html
@@ -8,7 +8,7 @@
</div>
<div class="col-8" *ngIf="hideEmail">
<app-callout type="warning" title="{{'warning' | i18n}}">
- {{'viewSendHiddenEmailWarning' | i18n }}
+ {{'viewSendHiddenEmailWarning' | i18n }}
<a href="https://bitwarden.com/help/article/receive-send/" target="_blank">{{'learnMore' | i18n}}</a>.
</app-callout>
</div>
@@ -82,10 +82,7 @@
<div class="col-12 text-center mt-5 text-muted">
<p class="mb-0">{{'sendAccessTaglineProductDesc' | i18n}}<br>
{{'sendAccessTaglineLearnMore' | i18n}} <a
- href="https://www.bitwarden.com/products/send?source=web-vault" target="_blank">Bitwarden Send</a>
- {{'sendAccessTaglineOr' | i18n}} <a
- href="https://vault.bitwarden.com/#/register" target="_blank">{{'sendAccessTaglineSignUp' | i18n}}</a>
- {{'sendAccessTaglineTryToday' | i18n}}
+ href="https://www.bitwarden.com/products/send/" target="_blank">Bitwarden Send</a>.
</p>
</div>
</div>
diff --git a/src/app/services/services.module.ts b/src/app/services/services.module.ts
index 9064202e..5a6bc9de 100644
--- a/src/app/services/services.module.ts
+++ b/src/app/services/services.module.ts
@@ -155,12 +155,23 @@ const userVerificationService = new UserVerificationService(cryptoService, i18nS
containerService.attachToWindow(window);
export function initFactory(): Function {
+ function getBaseUrl() {
+ // If the base URL is `https://bitwarden.example.com/base/path/`,
+ // `window.location.href` should have one of the following forms:
+ //
+ // - `https://bitwarden.example.com/base/path/`
+ // - `https://bitwarden.example.com/base/path/#/some/route[?queryParam=...]`
+ //
+ // We want to get to just `https://bitwarden.example.com/base/path`.
+ let baseUrl = window.location.origin;
+ baseUrl = baseUrl.replace(/#.*/, ''); // Strip off `#` and everything after.
+ baseUrl = baseUrl.replace(/\/+$/, ''); // Trim any trailing `/` chars.
+ return baseUrl;
+ }
return async () => {
await (storageService as HtmlStorageService).init();
- const urls = process.env.URLS as Urls;
- urls.base ??= window.location.origin;
- environmentService.setUrls(urls, false);
+ environmentService.setUrls({ base: getBaseUrl() }, false);
setTimeout(() => notificationsService.init(), 3000);
diff --git a/src/app/vault/vault.component.ts b/src/app/vault/vault.component.ts
index d91211eb..edd2a82d 100644
--- a/src/app/vault/vault.component.ts
+++ b/src/app/vault/vault.component.ts
@@ -81,9 +81,7 @@ export class VaultComponent implements OnInit, OnDestroy {
async ngOnInit() {
this.showVerifyEmail = !(await this.tokenService.getEmailVerified());
this.showBrowserOutdated = window.navigator.userAgent.indexOf('MSIE') !== -1;
- this.trashCleanupWarning = this.i18nService.t(
- this.platformUtilsService.isSelfHost() ? 'trashCleanupWarningSelfHosted' : 'trashCleanupWarning'
- );
+ this.trashCleanupWarning = this.i18nService.t('trashCleanupWarningSelfHosted');
this.route.queryParams.pipe(first()).subscribe(async params => {
await this.syncService.fullSync(false);
diff --git a/src/locales/en/messages.json b/src/locales/en/messages.json
index 74d61382..f0b8cc2e 100644
--- a/src/locales/en/messages.json
+++ b/src/locales/en/messages.json
@@ -3423,6 +3423,9 @@
"enterpriseSingleSignOn": {
"message": "Enterprise Single Sign-On"
},
+ "singleSignOn": {
+ "message": "Single Sign-On"
+ },
"ssoHandOff": {
"message": "You may now close this tab and continue in the extension."
},
@@ -4195,6 +4198,21 @@
"resetPasswordManageUsers": {
"message": "Manage Users must also be enabled with the Manage Password Reset permission"
},
+ "callbackPath": {
+ "message": "Callback Path"
+ },
+ "signedOutCallbackPath": {
+ "message": "Signed Out Callback Path"
+ },
+ "authority": {
+ "message": "Authority"
+ },
+ "clientId": {
+ "message": "Client Id"
+ },
+ "clientSecret": {
+ "message": "Client Secret"
+ },
"setupProvider": {
"message": "Provider Setup"
},
diff --git a/src/scss/styles.scss b/src/scss/styles.scss
index 45a91fe1..b6a662a3 100644
--- a/src/scss/styles.scss
+++ b/src/scss/styles.scss
@@ -55,3 +55,46 @@
@import "./plugins";
@import "./tables";
@import "./toasts";
+
+/**** START Vaultwarden CHANGES ****/
+/* This combines all selectors extending it into one */
+%vw-hide { display: none !important; }
+
+/* This allows searching for the combined style in the browsers dev-tools (look into the head tag) */
+#vw-hide, head { @extend %vw-hide; }
+
+/* Hide any link pointing to billing */
+a[href$="/settings/billing"] { @extend %vw-hide; }
+
+/* Hide any link pointing to subscriptions */
+a[href$="/settings/subscription"] { @extend %vw-hide; }
+
+/* Hide any link pointing to Sponsored Families */
+a[href$="/settings/sponsored-families"] { @extend %vw-hide; }
+
+/* Hide the info box that advertises Bitwarden Send */
+app-send-info.d-block { @extend %vw-hide; }
+
+/* Hide Two-Factor menu in Organization settings */
+app-org-settings a[href$="/settings/two-factor"] { @extend %vw-hide; }
+
+/* Hide organization plans */
+app-organization-plans > form > div.form-check { @extend %vw-hide; }
+app-organization-plans > form > h2.mt-5 { @extend %vw-hide; }
+
+/* Hide the `This account is owned by a business` checkbox and label */
+#ownedBusiness, label[for^=ownedBusiness] { @extend %vw-hide; }
+
+/* Hide the radio button and label for the `Custom` org user type */
+#userTypeCustom, label[for^=userTypeCustom] {
+ @extend %vw-hide;
+}
+
+/* Hide the warning that policy config is moving to Business Portal */
+app-org-policies > app-callout { @extend %vw-hide; }
+
+/* Hide Tax Info and Form in Organization settings */
+app-org-account > div.secondary-header:nth-child(3) { @extend %vw-hide; }
+app-org-account > div.secondary-header:nth-child(3) + p { @extend %vw-hide; }
+app-org-account > div.secondary-header:nth-child(3) + p + form { @extend %vw-hide; }
+/**** END Vaultwarden CHANGES ****/
diff --git a/src/services/webPlatformUtils.service.ts b/src/services/webPlatformUtils.service.ts
index 13f754c0..c40612d8 100644
--- a/src/services/webPlatformUtils.service.ts
+++ b/src/services/webPlatformUtils.service.ts
@@ -224,11 +224,11 @@ export class WebPlatformUtilsService implements PlatformUtilsService {
}
isDev(): boolean {
- return process.env.NODE_ENV === 'development';
+ return false;
}
isSelfHost(): boolean {
- return process.env.ENV.toString() === 'selfhosted';
+ return false;
}
copyToClipboard(text: string, options?: any): void | boolean {