goldwarden-vaultwarden-bitw.../agent/actions/getclicredentials.go

50 lines
1.7 KiB
Go
Raw Normal View History

2023-07-17 03:23:26 +02:00
package actions
import (
"fmt"
"github.com/quexten/goldwarden/agent/config"
"github.com/quexten/goldwarden/agent/sockets"
2023-09-19 21:49:56 +02:00
"github.com/quexten/goldwarden/agent/systemauth"
2023-09-12 02:54:46 +02:00
"github.com/quexten/goldwarden/agent/systemauth/pinentry"
2023-07-17 03:23:26 +02:00
"github.com/quexten/goldwarden/agent/vault"
2023-09-20 03:05:44 +02:00
"github.com/quexten/goldwarden/ipc/messages"
2023-07-17 03:23:26 +02:00
)
2023-09-20 03:05:44 +02:00
func handleGetCliCredentials(request messages.IPCMessage, cfg *config.Config, vault *vault.Vault, ctx *sockets.CallingContext) (response messages.IPCMessage, err error) {
req := messages.ParsePayload(request).(messages.GetCLICredentialsRequest)
2023-07-17 03:23:26 +02:00
2023-09-12 02:54:46 +02:00
if approved, err := pinentry.GetApproval("Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access credentials for %s", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName, req.ApplicationName)); err != nil || !approved {
2023-09-20 03:05:44 +02:00
response, err = messages.IPCMessageFromPayload(messages.ActionResponse{
2023-07-17 03:23:26 +02:00
Success: false,
Message: "not approved",
})
if err != nil {
2023-09-20 03:05:44 +02:00
return messages.IPCMessage{}, err
2023-07-17 03:23:26 +02:00
}
return response, nil
}
env, found := vault.GetEnvCredentialForExecutable(req.ApplicationName)
if !found {
2023-09-20 03:05:44 +02:00
response, err = messages.IPCMessageFromPayload(messages.ActionResponse{
2023-07-17 03:23:26 +02:00
Success: false,
Message: "no credentials found for " + req.ApplicationName,
})
if err != nil {
2023-09-20 03:05:44 +02:00
return messages.IPCMessage{}, err
2023-07-17 03:23:26 +02:00
}
return response, nil
}
2023-09-20 03:05:44 +02:00
response, err = messages.IPCMessageFromPayload(messages.GetCLICredentialsResponse{
2023-07-17 03:23:26 +02:00
Env: env,
})
return
}
func init() {
2023-09-20 03:05:44 +02:00
AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.GetCLICredentialsRequest{}), ensureEverything(systemauth.AccessVault, handleGetCliCredentials))
2023-07-17 03:23:26 +02:00
}