ENH make veracrypt look up passwords in the bitwarden vault

This commit is contained in:
Nathan Dwarshuis 2020-12-11 22:18:20 -05:00
parent 4cbdad193b
commit 77ffbd3140
2 changed files with 26 additions and 10 deletions

View File

@ -11,6 +11,8 @@
module Main (main) where module Main (main) where
import Bitwarden.Internal
import Control.Monad import Control.Monad
import Control.Monad.Reader import Control.Monad.Reader
@ -47,7 +49,6 @@ parse args = case getOpt Permute options args of
where where
h = "Usage: rofi-dev [OPTIONS] [-- ROFI-OPTIONS]" h = "Usage: rofi-dev [OPTIONS] [-- ROFI-OPTIONS]"
-- TODO add option to look up password in bitwarden vault
options :: [OptDescr (MountConf -> MountConf)] options :: [OptDescr (MountConf -> MountConf)]
options = options =
[ Option ['s'] ["secret"] [ Option ['s'] ["secret"]
@ -55,6 +56,11 @@ options =
$ wrap "Use libsecret to retrieve password for DIR using ATTR/VAL pairs. \ $ wrap "Use libsecret to retrieve password for DIR using ATTR/VAL pairs. \
\The pairs will be supplied to a 'secret-tool lookup' call. \ \The pairs will be supplied to a 'secret-tool lookup' call. \
\ Argument is formatted like 'DIR:ATTR1=VAL1,ATTR2=VAL2...'" \ Argument is formatted like 'DIR:ATTR1=VAL1,ATTR2=VAL2...'"
, Option ['b'] ["bitwarden"]
(ReqArg (\s m -> m { passwords = addBitwarden (passwords m) s } ) "BW")
$ wrap "Use the Bitwarden CLI to retrieve a password for DIR. \
\The argument is formatted like 'DIR:NAME' where NAME is the \
\name of the Bitwarden entry to find."
, Option ['d'] ["directory"] , Option ['d'] ["directory"]
(ReqArg (\s m -> m { mountDir = s } ) "DIR") (ReqArg (\s m -> m { mountDir = s } ) "DIR")
$ wrap "The DIR in which new mountpoints will be created. This is assumed \ $ wrap "The DIR in which new mountpoints will be created. This is assumed \
@ -110,17 +116,27 @@ addSecret :: MountpointPasswords -> String -> MountpointPasswords
addSecret pwds c = case splitPrefix c of addSecret pwds c = case splitPrefix c of
(dir, ":", r) -> M.insert dir (runSecret $ fromCommaSepString' r) pwds (dir, ":", r) -> M.insert dir (runSecret $ fromCommaSepString' r) pwds
_ -> pwds _ -> pwds
where
splitPrefix s = s =~ (":" :: String) :: (String, String, String)
runSecret :: [(String, String)] -> Password runSecret :: [(String, String)] -> Password
runSecret kvs = readCmdSuccess "secret-tool" ("lookup":kvs') "" runSecret kvs = readCmdSuccess "secret-tool" ("lookup":kvs') ""
where where
kvs' = concatMap (\(k, v) -> [k, v]) kvs kvs' = concatMap (\(k, v) -> [k, v]) kvs
addBitwarden :: MountpointPasswords -> String -> MountpointPasswords
addBitwarden pwds c = case splitPrefix c of
(dir, ":", name) -> M.insert dir (runBitwarden name) pwds
_ -> pwds
runBitwarden :: String -> Password
runBitwarden pname = ((password . login) <=< find (\i -> name i == pname))
<$> getItems
addPwdPrompt :: MountpointPasswords -> String -> MountpointPasswords addPwdPrompt :: MountpointPasswords -> String -> MountpointPasswords
addPwdPrompt pwds dir = M.insert dir readPassword pwds addPwdPrompt pwds dir = M.insert dir readPassword pwds
splitPrefix :: String -> (String, String, String)
splitPrefix s = s =~ (":" :: String)
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
-- | Main prompt -- | Main prompt
-- --

View File

@ -78,7 +78,7 @@ getSession' BWServerConf { timeout = t } ses = do
Nothing -> getNewSession Nothing -> getNewSession
where where
getNewSession = do getNewSession = do
pwd <- readPassword pwd <- readPassword' "Bitwarden Password"
newHash <- join <$> mapM readSession pwd newHash <- join <$> mapM readSession pwd
(, newHash) <$> mapM newSession newHash (, newHash) <$> mapM newSession newHash
newSession h = do newSession h = do
@ -134,13 +134,13 @@ runClient a = do
] ]
browseLogins :: RofiConf c => RofiIO c () browseLogins :: RofiConf c => RofiIO c ()
browseLogins = do browseLogins = io getItems >>= selectItem
session <- io callGetSession
forM_ session $ (io . getItems) >=> selectItem
-- TODO use this in rofi-dev to mount thing using BW passwords getItems :: IO [Item]
getItems :: String -> IO [Item] getItems = maybe (return []) getItems' =<< callGetSession
getItems session = do
getItems' :: String -> IO [Item]
getItems' session = do
items <- io $ readProcess "bw" ["list", "items", "--session", session] "" items <- io $ readProcess "bw" ["list", "items", "--session", session] ""
return $ filter notEmpty $ fromMaybe [] $ decode $ fromString items return $ filter notEmpty $ fromMaybe [] $ decode $ fromString items
where where