Skip to content

Commit

Permalink
Merge branch 'PB-34213_42-Backport-changes-onto-master_Pierre-Colart'…
Browse files Browse the repository at this point in the history
… into 'master'

PB-33917 - On some version of (presumably) .Net, the HTTP requests are made...

See merge request passbolt/desktop/passbolt-windows!160
  • Loading branch information
cedricalfonsi committed Aug 1, 2024
2 parents df0e123 + d6ba608 commit 1ea9196
Show file tree
Hide file tree
Showing 116 changed files with 10,360 additions and 5,849 deletions.
25 changes: 25 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,31 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).

## [1.3.0] - 2024-07-25

### Maintenance
- PB-34181 - As a windows app I should support the 4.9.0 version of the browser extension

### Fixed
- PB-33915 - When a an unexpected error is displayed, the 'try again' button seems to have no effect
- PB-34091 - Fix the import account kit button after the webview refreshing
- PB-33916 - On import/auth screen the heart icons tooltip displays "Server 1.2.0" instead of "Client 1.2.0”

## [1.2.0] - 2024-07-01
### Improved
- PB-33686 As a user I should be signed out after browser update
- PB-33610 As a desktop i should inform the user about an untrusted certificate
- PB-33609 as a desktop i should not accept http trusted domain

### Fixed
- PB-33595 As a user running an instance serving an invalid certificate I should be able to sync the gpgkeyring
- PB-33727 Fix session extension, service worker awaken and user instance storage not set
- PB-33801 Remove active account cache in memory

### Maintenance
- PB-33541 Chrome Extension Manifest upgrade to version 3
- PB-33728 - Add support of 4.8 BEXT on the windows app

## [1.1.0] - 2024-05-15
### Added
- PB-32931 As administrator, I see SSO and Directory Sync health checks in Passbolt API Status page
Expand Down
87 changes: 15 additions & 72 deletions RELEASE_NOTES.md
Original file line number Diff line number Diff line change
@@ -1,77 +1,20 @@
We're pleased to announce the release of the Passbolt Windows Desktop Application Version 1.1. This version aligns with Passbolt v4.7 feature set and allows users to use the drap and drop feature to move their folders and resources.
We're pleased to announce the release of the Passbolt Windows Desktop Application Version 1.1, marking the first stable iteration of the application. This version follows a detailed security audit conducted by Cure53, reflecting our focus on maintaining high security standards. As usual, the audit's findings are available publicly on the passbolt website.

Thank you for your support and for trusting Passbolt.
This version also aligns with Passbolt v4.8 feature set, ensuring that users transitioning between the web and the desktop environment have a consistent experience. If you want to know more about the current and future status of the application, checkout this blog article: https://www.passbolt.com/blog/stable-release-of-passbolt-windows-desktop-application

## [1.1.0] - 2024-05-17
## Changelog
### Added
- PB-32931 As administrator, I see SSO and Directory Sync health checks in Passbolt API Status page
- PB-33065 As an administrator I can add a fallback property to map my organisation AD user username
- PB-33070 Request passphrase when exporting account kit
- PB-33176 Desktop app adapt code to work with 4.7.0
- PB-33074 As a desktop app user I should be able to add a resource to a folder by drag and drop
Thank you for your support and for trusting Passbolt. Stay tuned for more updates and the detailed security report.

## [1.2.0] - 2024-07-01
### Improved
- PB-33686 As a user I should be signed out after browser update
- PB-33610 As a desktop i should inform the user about an untrusted certificate
- PB-33609 as a desktop i should not accept http trusted domain

### Fixed
- PB-32420 Fix double calls to PwnedPassword API service
- PB-32631 Fix healthCheck Entity to support air gapped instances
- PB-33066 As AD, I should not see directorySync and SSO checks if they are disabled
- PB-33067 After an unexpected error during setup, recover or account recovery, only the iframe reload and the port cannot reconnect
- PB-33410 Fix Chrome Extension frozen and unusable after some period of inactivity
- PB-33444 When dragging resources on folders, the folders keep the \"hover\" state visually
- PB-33442 The keepSessionAlive seems not to trigger
- PB-33323 Dragging a private folder to a shared folder seems to be blocked in \"computing changes\" state
- PB-33445 Sometimes the drag and drop is broken and the \"info\" tooltip stays static on the UI
- PB-33595 As a user running an instance serving an invalid certificate I should be able to sync the gpgkeyring
- PB-33727 Fix session extension, service worker awaken and user instance storage not set
- PB-33801 Remove active account cache in memory

### Maintain
- PB-22623 Start service worker in an insecure environment
- PB-22640 As a signed-in user the inform call to action should remain after the port is disconnected only for MV3
- PB-22644 The passbolt icon should detect if the user is still connected after the service worker awake
- PB-23928 Handle when the extension is updated, the webIntegration should be destroy and injected again
- PB-29622 Simulate user keyboard input for autofill event
- PB-29946 When the service worker is shutdown and a navigation is detected the service worker do not reconnect port and stay in error mode
- PB-29965 Use a dedicated service to verify the server
- PB-29966 Update apiClient to support form data body and custom header
- PB-29967 Use a dedicated service to do the step challenge with the server
- PB-29968 use a dedicated service to check the user authentication status
- PB-29969 Use a dedicated service to logout the user
- PB-29988 Update the alarm in the class StartLoopAuthSessionCheckService to use the property periodInMinutes
- PB-29989 Put the alarm listener at the top level for the StartLoopAuthSessionCheckService to check the authentication status
- PB-29990 Move PassphraseStorageService keep alive alarm listener in top level
- PB-30272 Add message service in the app content script in order to reconnect the port from a message sent by the service worker
- PB-30273 On the post logout event the service worker should reconnect port that needs to receive the post logout message
- PB-30274 Add message service in the browser integration content script in order to reconnect the port from a message sent by the service worker
- PB-30310 Improve invalid groups users sanitization strategy
- PB-30335 Use timeout instead alarms for service worker
- PB-30336 Use timeout instead alarms for promise timeout service
- PB-30337 Put the alarm listener at the top level for the passphraseStorageService to flush passphrase after a time duration
- PB-30341 Remove alarms for toolbar controller
- PB-30342 Use timeout instead of alarm for the resource in progress cache service to flush the resource not consumed
- PB-30374 Check if AuthService from styleguide is still used in the Bext otherwise remove it
- PB-30375 Improve CI unit test performance by running them in band
- PB-32291 Cleanup legacy code and unused passbolt.auth.is-authenticated related elements
- PB-32335 Split PassphraseStorageService to put the KeepSessionAlive feature on its own service
- PB-32345 Ensures on the desktop app during import account that the file to import is taken into account
- PB-32597 Ensure ToolbarController are set on index.js
- PB-32598 Ensure add listener from authentication event controller are set on index.js
- PB-32599 Ensure add listener from StartLoopAuthSessionCheckService are set on index.js
- PB-32604 Ensure add listener from on extension update available controller are set on index.js
- PB-32602 Ensure add listener from user.js are set on index.js
- PB-32603 Ensure add listener from ResourceInProgressCacheService are set on index.js
- PB-32915 Update code to remove the destruction of the public web sign-in on port disconnected
- PB-32916 Update code to remove the destruction of the setup on port disconnected
- PB-32917 Update code to remove the destruction of the recover on port disconnected
- PB-33018 Automate browser extension npm publication
- PB-33024 Ensure only stable tags of the styleguide are published to npm
- PB-33024 Ensure only stable tag of the browser extension are sent for review or publish to the store
- PB-33061 Create account temporary storage
- PB-33062 Use temporary account storage for setup process
- PB-33063 Use temporary account storage for recover process
- PB-33064 Use temporary account storage for account recovery process
- PB-33068 Remove beta information for the windows app
- PB-33235 Convert formData file into a json serializable in offscreen
- PB-33225 MV3 beta rollout
- PB-33297 Extension update available should store the state if user signed in
- PB-33304 Fix extension update available service
- PB-33307 Browser extension version bump to v4.7.5-rc.0
- PB-33307 Add debug to capture onInstall reason details
- PB-33321 Fix local storage loading on extension update
### Maintenance
- PB-33541 Chrome Extension Manifest upgrade to version 3
- PB-33728 - Add support of 4.8 BEXT on the windows app
3 changes: 3 additions & 0 deletions passbolt-windows-tests/passbolt-windows-tests.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,9 @@
<ErrorReport>prompt</ErrorReport>
<Prefer32Bit>true</Prefer32Bit>
</PropertyGroup>
<PropertyGroup>
<TargetFrameworks>netstandard1.4</TargetFrameworks>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|ARM'">
<OutputPath>bin\ARM\Release\</OutputPath>
<DefineConstants>TRACE;NETFX_CORE;WINDOWS_UWP</DefineConstants>
Expand Down
34 changes: 32 additions & 2 deletions passbolt/Controllers/MainController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
using System;
using System.Diagnostics;
using System.Net.Http;
using System.Security.Authentication;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
using Microsoft.UI.Xaml.Controls;
Expand Down Expand Up @@ -86,6 +87,8 @@ public async Task BackgroundNavigationStarting(WebView2 sender, CoreWebView2Navi

if (currentAccountMetaData != null)
{
//When the application start the main controller save the metadata and init the httpservice trusted domain
this.httpService.setTrustedDomain(currentAccountMetaData.domain);
//If the credential locker is not empty we launch the authentication applications.
await LocalFolderService.Instance.CreateRenderedIndex("index-auth.html", "rendered-auth", "ext_authentication.min.css", currentAccountMetaData.domain);
await LocalFolderService.Instance.CreateBackgroundIndex("index-auth.html", "background-auth", currentAccountMetaData.domain);
Expand All @@ -100,6 +103,18 @@ public async Task BackgroundNavigationStarting(WebView2 sender, CoreWebView2Navi
await this.LoadWebviews();
this.SetWebviewSettings(webviewBackground);
}
//When credentials are saved from import and we navigate to auth application we init the trusted domain to check API calls
if(currentAccountMetaData == null && this.backgroundNavigationService.IsAuthApplication(args.Uri))
{
currentAccountMetaData = await this.credentialLockerService.GetAccountMetadata();
this.httpService.setTrustedDomain(currentAccountMetaData.domain);
}
//In case of we are facing to an authentication error during import we delete trusted domain from the HTTPServices
if (currentAccountMetaData != null && this.backgroundNavigationService.IsImportApplication(args.Uri))
{
currentAccountMetaData = null;
this.httpService.unSetTrustedDomain();
}
}

/// <summary>
Expand Down Expand Up @@ -247,8 +262,23 @@ protected virtual void WebResourceRequested(CoreWebView2 sender, CoreWebView2Web
else
{
HttpRequestMessage request = httpService.BuildHttpRequest(resource);
HttpResponseMessage response = httpService.SendRequest(request).Result;
httpService.SendResponseToWebview(sender, resource, response);
try
{
HttpResponseMessage response = httpService.SendRequest(request).Result;
httpService.SendResponseToWebview(sender, resource, response);
}
catch (AggregateException ex)
{
foreach (var innerException in ex.InnerExceptions)
{
// Handle each inner exception based on its type
if (innerException is HttpRequestException httpRequestException)
{
httpService.SendErrorToWebview(sender, resource, request, httpRequestException.InnerException.Message);
}
}
}

}
}
}
Expand Down
4 changes: 3 additions & 1 deletion passbolt/Models/Messaging/AllowedTopics.cs
Original file line number Diff line number Diff line change
Expand Up @@ -33,11 +33,13 @@ public class AllowedTopics
public const string BACKGROUND_SET_THEME = "passbolt.background.set-theme";
public const string BACKGROUND_SET_SECURITY_TOKEN = "passbolt.background.set-security-token";
public const string BACKGROUND_SET_LOCALE = "passbolt.background.set-locale";
public const string BACKGROUND_AUTHENTICATION_ERROR = "passbolt.background.authentication-error";
public const string RENDERED_READY = "passbolt.rendered.is-ready";
public const string BACKGROUND_GET_COOKIE = "passbolt.background.get-cookie";
public const string BACKGROUND_ROTATE_KEY = "passbolt.background.rotate-private-key";
public const string RENDERED_RELOAD = "passbolt.tab.reload";

private static List<string> topics = new List<string>() { BACKGROUND_READY, ERROR, BACKGROUND_DOWNLOAD_FILE, BACKGROUND_STORE_PASSPHRASE, BACKGROUND_SET_THEME, BACKGROUND_SET_SECURITY_TOKEN, BACKGROUND_SET_LOCALE, RENDERED_READY, BACKGROUND_AFTER_LOGOUT, BACKGROUND_GET_COOKIE, BACKGROUND_ROTATE_KEY };
private static List<string> topics = new List<string>() { BACKGROUND_READY, ERROR, BACKGROUND_DOWNLOAD_FILE, BACKGROUND_STORE_PASSPHRASE, BACKGROUND_SET_THEME, BACKGROUND_SET_SECURITY_TOKEN, BACKGROUND_SET_LOCALE, RENDERED_READY, BACKGROUND_AFTER_LOGOUT, BACKGROUND_GET_COOKIE, BACKGROUND_ROTATE_KEY, BACKGROUND_AUTHENTICATION_ERROR, RENDERED_RELOAD };
private static List<string> requestIds = new List<string>();
private static Dictionary<string, string> pendingRequests = new Dictionary<string, string>();

Expand Down
3 changes: 2 additions & 1 deletion passbolt/Models/Messaging/Topics/GroupTopics.cs
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ public class GroupTopics
public const string CREATE = "passbolt.groups.create";
public const string UPDATE = "passbolt.groups.update";
public const string DELETE = "passbolt.groups.delete";
public const string DELETE_DRY_RUN = "passbolt.groups.delete-dry-run";
public const string DELETE_DRY_RUN = "passbolt.groups.delete-dry-run";
public const string FIND_MY_GROUPS = "passbolt.groups.find-my-groups";
}
}
3 changes: 2 additions & 1 deletion passbolt/Models/Messaging/Topics/ResourceTopics.cs
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ public class ResourceTopics
public const string DELETE_ALL = "passbolt.resources.delete-all";
public const string GET_ALL = "passbolt.resource-type.get-all";
public const string GET_GRID_SETTING = "passbolt.resources.get-grid-setting";
public const string SET_GRID_SETTING = "passbolt.resources.set-grid-setting";
public const string SET_GRID_SETTING = "passbolt.resources.set-grid-setting";
public const string FIND_DETAILS = "passbolt.resources.find-details";
}
}
11 changes: 11 additions & 0 deletions passbolt/Models/Messaging/Webviews/BackgroundTopic.cs
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,17 @@ public async override void ProceedMessage(IPC ipc)
await localFolderService.CreateBackgroundIndex(this.currentIndexBackground, "background-auth", metaData.domain);
background.Source = new Uri(UriBuilderHelper.BuildHostUri(backgroundUrl, "/index-auth.html"));
break;
case AllowedTopics.BACKGROUND_AUTHENTICATION_ERROR:
//This case can happen when a certificate and/or the API cannot be reached. In this case we cancel the account saving and redirect background to import
if(currentIndexRendered == "index-import.html" && currentIndexBackground == "index-auth.html")
{
await this.credentialLockerService.Remove("account-metadata");
await this.credentialLockerService.Remove("account-secret");
await localFolderService.RemoveFile("Background", "index-auth.html");
await localFolderService.CreateBackgroundIndex(this.currentIndexBackground, "background-import");
background.Source = new Uri(UriBuilderHelper.BuildHostUri(BackgroundNavigationService.Instance.trustedUrl, "/Background/index-import.html"));
}
break;
case AllowedTopics.BACKGROUND_DOWNLOAD_FILE:
var downloadService = new DownloadService();
await downloadService.Download(ipc);
Expand Down
Loading

0 comments on commit 1ea9196

Please sign in to comment.