Merge pull request #946 from bitwarden/authenticate-with-secure-storage-service

Authenticate with secure storage service
This commit is contained in:
Matt Gibson 2021-06-11 16:42:52 -05:00 committed by GitHub
commit 3b4142bd0d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 61 additions and 48 deletions

View File

@ -34,12 +34,12 @@ jobs:
with:
node-version: '14'
- name: Cache Node Modules
id: node-modules-cache
- name: Cache npm
id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6
with:
path: '**/node_modules'
key: ${{ runner.os }}-${{ github.run_id }}-node-${{ hashFiles('**/package-lock.json') }}
path: '~/.npm'
key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }}
- name: Set Node options
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
@ -71,8 +71,7 @@ jobs:
shell: pwsh
- name: Install Node dependencies
if: steps.node-modules-cache.outputs.cache-hit != 'true'
run: npm install
run: npm ci
- name: Run linter
run: npm run lint
@ -132,12 +131,12 @@ jobs:
with:
node-version: '14'
- name: Cache Node Modules
id: node-modules-cache
- name: Cache npm
id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6
with:
path: '**/node_modules'
key: ${{ runner.os }}-${{ github.run_id }}-node-${{ hashFiles('**/package-lock.json') }}
path: '%AppData%/npm-cache'
key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }}
- name: Set Node options
run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
@ -185,8 +184,7 @@ jobs:
shell: pwsh
- name: Install Node dependencies
if: steps.node-modules-cache.outputs.cache-hit != 'true'
run: npm install
run: npm ci
- name: Run linter
run: npm run lint
@ -278,12 +276,12 @@ jobs:
with:
node-version: '14'
- name: Cache Node Modules
id: node-modules-cache
- name: Cache npm
id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6
with:
path: '**/node_modules'
key: ${{ runner.os }}-${{ github.run_id }}-node-${{ hashFiles('**/package-lock.json') }}
path: '~/.npm'
key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }}
- name: Set Node options
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
@ -345,8 +343,7 @@ jobs:
shell: pwsh
- name: Install Node dependencies
if: steps.node-modules-cache.outputs.cache-hit != 'true'
run: npm install
run: npm ci
- name: Run linter
run: npm run lint
@ -382,12 +379,12 @@ jobs:
with:
node-version: '14'
- name: Cache Node Modules
id: node-modules-cache
- name: Cache npm
id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6
with:
path: '**/node_modules'
key: ${{ runner.os }}-${{ github.run_id }}-node-${{ hashFiles('**/package-lock.json') }}
path: '~/.npm'
key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }}
- name: Set Node options
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
@ -449,8 +446,7 @@ jobs:
shell: pwsh
- name: NPM install
if: steps.node-modules-cache.outputs.cache-hit != 'true'
run: npm install
run: npm ci
- name: Build
if: steps.build-cache.outputs.cache-hit != 'true'
@ -513,12 +509,12 @@ jobs:
with:
node-version: '14'
- name: Cache Node Modules
id: node-modules-cache
- name: Cache npm
id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6
with:
path: '**/node_modules'
key: ${{ runner.os }}-${{ github.run_id }}-node-${{ hashFiles('**/package-lock.json') }}
path: '~/.npm'
key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }}
- name: Set Node options
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
@ -580,8 +576,7 @@ jobs:
shell: pwsh
- name: NPM install
if: steps.node-modules-cache.outputs.cache-hit != 'true'
run: npm install
run: npm ci
- name: Build
if: steps.build-cache.outputs.cache-hit != 'true'
@ -639,12 +634,12 @@ jobs:
with:
node-version: '14'
- name: Cache Node Modules
id: node-modules-cache
- name: Cache npm
id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6
with:
path: '**/node_modules'
key: ${{ runner.os }}-${{ github.run_id }}-node-${{ hashFiles('**/package-lock.json') }}
path: '~/.npm'
key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }}
- name: Set Node options
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
@ -706,8 +701,7 @@ jobs:
shell: pwsh
- name: NPM install
if: steps.node-modules-cache.outputs.cache-hit != 'true'
run: npm install
run: npm ci
- name: Build
if: steps.build-cache.outputs.cache-hit != 'true'

2
jslib

@ -1 +1 @@
Subproject commit fdc6f7b1d234c72724db47cbea6c94bff7ec0106
Subproject commit 5ba1416679f112e42e4b5dbd5c47949dcd8d0b56

View File

@ -30,10 +30,13 @@
"lint": "tslint 'src/**/*.ts'",
"lint:fix": "tslint 'src/**/*.ts' --fix",
"build": "concurrently -n Main,Rend -c yellow,cyan \"npm run build:main\" \"npm run build:renderer\"",
"build:main": "webpack --config webpack.main.js",
"build:renderer": "gulp prebuild:renderer && webpack --config webpack.renderer.js",
"build:renderer:watch": "gulp prebuild:renderer && webpack --config webpack.renderer.js --watch",
"electron": "npm run build:main && concurrently -k -n Main,Rend -c yellow,cyan \"electron --inspect=5858 ./build --watch\" \"npm run build:renderer:watch\"",
"build:dev": "concurrently -n Main,Rend -c yellow,cyan \"npm run build:main:dev\" \"npm run build:renderer:dev\"",
"build:main": "cross-env NODE_ENV=production webpack --config webpack.main.js",
"build:main:dev": "cross-env NODE_ENV=development webpack --config webpack.main.js",
"build:renderer": "gulp prebuild:renderer && cross-env NODE_ENV=production webpack --config webpack.renderer.js",
"build:renderer:dev": "gulp prebuild:renderer && cross-env NODE_ENV=development webpack --config webpack.renderer.js",
"build:renderer:watch": "gulp prebuild:renderer && cross-env NODE_ENV=development webpack --config webpack.renderer.js --watch",
"electron": "npm run build:main:dev && concurrently -k -n Main,Rend -c yellow,cyan \"electron --inspect=5858 ./build --watch\" \"npm run build:renderer:watch\"",
"clean:dist": "rimraf ./dist/*",
"clean:l10n": "git push origin --delete l10n_master",
"pack:dir": "npm run clean:dist && electron-builder --dir -p never",

View File

@ -109,7 +109,6 @@ export class Main {
this.messagingMain.onMessage(message);
});
this.keytarStorageListener = new KeytarStorageListener('Bitwarden');
if (process.platform === 'win32') {
const BiometricWindowsMain = require('jslib-electron/biometric.windows.main').default;
@ -119,6 +118,8 @@ export class Main {
this.biometricMain = new BiometricDarwinMain(this.storageService, this.i18nService);
}
this.keytarStorageListener = new KeytarStorageListener('Bitwarden', this.biometricMain);
this.nativeMessagingMain = new NativeMessagingMain(this.logService, this.windowMain, app.getPath('userData'), app.getPath('exe'));
}

View File

@ -102,11 +102,12 @@ export class NativeMessagingService {
});
}
const response = await this.platformUtilService.authenticateBiometric();
if (response) {
this.send({command: 'biometricUnlock', response: 'unlocked', keyB64: (await this.cryptoService.getKey()).keyB64}, appId);
const keyB64 = await (await this.cryptoService.getKey('biometric')).keyB64;
if (keyB64 != null) {
this.send({ command: 'biometricUnlock', response: 'unlocked', keyB64: keyB64 }, appId);
} else {
this.send({command: 'biometricUnlock', response: 'canceled'}, appId);
this.send({ command: 'biometricUnlock', response: 'canceled' }, appId);
}
break;

View File

@ -5,6 +5,8 @@ const { CleanWebpackPlugin } = require('clean-webpack-plugin');
const nodeExternals = require('webpack-node-externals');
const TsconfigPathsPlugin = require('tsconfig-paths-webpack-plugin');
const NODE_ENV = process.env.NODE_ENV == null ? 'development' : process.env.NODE_ENV;
const common = {
module: {
rules: [
@ -25,14 +27,26 @@ const common = {
extensions: ['.tsx', '.ts', '.js'],
plugins: [new TsconfigPathsPlugin({ configFile: './tsconfig.json' })]
},
};
const prod = {
output: {
filename: '[name].js',
path: path.resolve(__dirname, 'build'),
},
};
const dev = {
output: {
filename: '[name].js',
path: path.resolve(__dirname, 'build'),
devtoolModuleFilenameTemplate: '[absolute-resource-path]',
},
devtool: 'cheap-source-map'
}
const main = {
mode: 'production',
mode: NODE_ENV,
target: 'electron-main',
node: {
__dirname: false,
@ -65,4 +79,4 @@ const main = {
externals: [nodeExternals()],
};
module.exports = merge(common, main);
module.exports = merge(common, NODE_ENV === 'development' ? dev : prod, main);