ENH make veracrypt look up passwords in the bitwarden vault
This commit is contained in:
parent
4cbdad193b
commit
77ffbd3140
|
|
@ -11,6 +11,8 @@
|
||||||
|
|
||||||
module Main (main) where
|
module Main (main) where
|
||||||
|
|
||||||
|
import Bitwarden.Internal
|
||||||
|
|
||||||
import Control.Monad
|
import Control.Monad
|
||||||
import Control.Monad.Reader
|
import Control.Monad.Reader
|
||||||
|
|
||||||
|
|
@ -47,7 +49,6 @@ parse args = case getOpt Permute options args of
|
||||||
where
|
where
|
||||||
h = "Usage: rofi-dev [OPTIONS] [-- ROFI-OPTIONS]"
|
h = "Usage: rofi-dev [OPTIONS] [-- ROFI-OPTIONS]"
|
||||||
|
|
||||||
-- TODO add option to look up password in bitwarden vault
|
|
||||||
options :: [OptDescr (MountConf -> MountConf)]
|
options :: [OptDescr (MountConf -> MountConf)]
|
||||||
options =
|
options =
|
||||||
[ Option ['s'] ["secret"]
|
[ Option ['s'] ["secret"]
|
||||||
|
|
@ -55,6 +56,11 @@ options =
|
||||||
$ wrap "Use libsecret to retrieve password for DIR using ATTR/VAL pairs. \
|
$ wrap "Use libsecret to retrieve password for DIR using ATTR/VAL pairs. \
|
||||||
\The pairs will be supplied to a 'secret-tool lookup' call. \
|
\The pairs will be supplied to a 'secret-tool lookup' call. \
|
||||||
\ Argument is formatted like 'DIR:ATTR1=VAL1,ATTR2=VAL2...'"
|
\ Argument is formatted like 'DIR:ATTR1=VAL1,ATTR2=VAL2...'"
|
||||||
|
, Option ['b'] ["bitwarden"]
|
||||||
|
(ReqArg (\s m -> m { passwords = addBitwarden (passwords m) s } ) "BW")
|
||||||
|
$ wrap "Use the Bitwarden CLI to retrieve a password for DIR. \
|
||||||
|
\The argument is formatted like 'DIR:NAME' where NAME is the \
|
||||||
|
\name of the Bitwarden entry to find."
|
||||||
, Option ['d'] ["directory"]
|
, Option ['d'] ["directory"]
|
||||||
(ReqArg (\s m -> m { mountDir = s } ) "DIR")
|
(ReqArg (\s m -> m { mountDir = s } ) "DIR")
|
||||||
$ wrap "The DIR in which new mountpoints will be created. This is assumed \
|
$ wrap "The DIR in which new mountpoints will be created. This is assumed \
|
||||||
|
|
@ -110,17 +116,27 @@ addSecret :: MountpointPasswords -> String -> MountpointPasswords
|
||||||
addSecret pwds c = case splitPrefix c of
|
addSecret pwds c = case splitPrefix c of
|
||||||
(dir, ":", r) -> M.insert dir (runSecret $ fromCommaSepString' r) pwds
|
(dir, ":", r) -> M.insert dir (runSecret $ fromCommaSepString' r) pwds
|
||||||
_ -> pwds
|
_ -> pwds
|
||||||
where
|
|
||||||
splitPrefix s = s =~ (":" :: String) :: (String, String, String)
|
|
||||||
|
|
||||||
runSecret :: [(String, String)] -> Password
|
runSecret :: [(String, String)] -> Password
|
||||||
runSecret kvs = readCmdSuccess "secret-tool" ("lookup":kvs') ""
|
runSecret kvs = readCmdSuccess "secret-tool" ("lookup":kvs') ""
|
||||||
where
|
where
|
||||||
kvs' = concatMap (\(k, v) -> [k, v]) kvs
|
kvs' = concatMap (\(k, v) -> [k, v]) kvs
|
||||||
|
|
||||||
|
addBitwarden :: MountpointPasswords -> String -> MountpointPasswords
|
||||||
|
addBitwarden pwds c = case splitPrefix c of
|
||||||
|
(dir, ":", name) -> M.insert dir (runBitwarden name) pwds
|
||||||
|
_ -> pwds
|
||||||
|
|
||||||
|
runBitwarden :: String -> Password
|
||||||
|
runBitwarden pname = ((password . login) <=< find (\i -> name i == pname))
|
||||||
|
<$> getItems
|
||||||
|
|
||||||
addPwdPrompt :: MountpointPasswords -> String -> MountpointPasswords
|
addPwdPrompt :: MountpointPasswords -> String -> MountpointPasswords
|
||||||
addPwdPrompt pwds dir = M.insert dir readPassword pwds
|
addPwdPrompt pwds dir = M.insert dir readPassword pwds
|
||||||
|
|
||||||
|
splitPrefix :: String -> (String, String, String)
|
||||||
|
splitPrefix s = s =~ (":" :: String)
|
||||||
|
|
||||||
--------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------
|
||||||
-- | Main prompt
|
-- | Main prompt
|
||||||
--
|
--
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,7 @@ getSession' BWServerConf { timeout = t } ses = do
|
||||||
Nothing -> getNewSession
|
Nothing -> getNewSession
|
||||||
where
|
where
|
||||||
getNewSession = do
|
getNewSession = do
|
||||||
pwd <- readPassword
|
pwd <- readPassword' "Bitwarden Password"
|
||||||
newHash <- join <$> mapM readSession pwd
|
newHash <- join <$> mapM readSession pwd
|
||||||
(, newHash) <$> mapM newSession newHash
|
(, newHash) <$> mapM newSession newHash
|
||||||
newSession h = do
|
newSession h = do
|
||||||
|
|
@ -134,13 +134,13 @@ runClient a = do
|
||||||
]
|
]
|
||||||
|
|
||||||
browseLogins :: RofiConf c => RofiIO c ()
|
browseLogins :: RofiConf c => RofiIO c ()
|
||||||
browseLogins = do
|
browseLogins = io getItems >>= selectItem
|
||||||
session <- io callGetSession
|
|
||||||
forM_ session $ (io . getItems) >=> selectItem
|
|
||||||
|
|
||||||
-- TODO use this in rofi-dev to mount thing using BW passwords
|
getItems :: IO [Item]
|
||||||
getItems :: String -> IO [Item]
|
getItems = maybe (return []) getItems' =<< callGetSession
|
||||||
getItems session = do
|
|
||||||
|
getItems' :: String -> IO [Item]
|
||||||
|
getItems' session = do
|
||||||
items <- io $ readProcess "bw" ["list", "items", "--session", session] ""
|
items <- io $ readProcess "bw" ["list", "items", "--session", session] ""
|
||||||
return $ filter notEmpty $ fromMaybe [] $ decode $ fromString items
|
return $ filter notEmpty $ fromMaybe [] $ decode $ fromString items
|
||||||
where
|
where
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue