goldwarden-vaultwarden-bitw.../agent/actions/browserbiometrics.go

package actions

import (
	"encoding/base64"
	"fmt"

	"github.com/quexten/goldwarden/agent/config"
	"github.com/quexten/goldwarden/agent/sockets"
	"github.com/quexten/goldwarden/agent/systemauth"
	"github.com/quexten/goldwarden/agent/systemauth/biometrics"
	"github.com/quexten/goldwarden/agent/systemauth/pinentry"
	"github.com/quexten/goldwarden/agent/vault"

	"github.com/quexten/goldwarden/ipc/messages"
)

func handleGetBiometricsKey(request messages.IPCMessage, cfg *config.Config, vault *vault.Vault, ctx *sockets.CallingContext) (response messages.IPCMessage, err error) {
	actionsLog.Info("Browser Biometrics: Key requested, verifying biometrics...")
	if !(systemauth.VerifyPinSession(*ctx) || biometrics.CheckBiometrics(biometrics.BrowserBiometrics)) {
		response, err = messages.IPCMessageFromPayload(messages.ActionResponse{
			Success: false,
			Message: "not approved",
		})
		actionsLog.Info("Browser Biometrics: Biometrics not approved %v", err)
		if err != nil {
			return messages.IPCMessage{}, err
		}
		return response, nil
	}

	actionsLog.Info("Browser Biometrics: Biometrics verified, asking for approval...")
	if approved, err := pinentry.GetApproval("Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access your vault encryption key for browser biometric unlock.", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName)); err != nil || !approved {
		response, err = messages.IPCMessageFromPayload(messages.ActionResponse{
			Success: false,
			Message: "not approved",
		})
		actionsLog.Info("Browser Biometrics: Biometrics not approved %v", err)
		if err != nil {
			return messages.IPCMessage{}, err
		}
		return response, nil
	}

	actionsLog.Info("Browser Biometrics: Approved, getting key...")
	masterKey, err := cfg.GetMasterKey()
	if err != nil {
		return messages.IPCMessage{}, err
	}
	masterKeyB64 := base64.StdEncoding.EncodeToString(masterKey)
	response, err = messages.IPCMessageFromPayload(messages.GetBiometricsKeyResponse{
		Key: masterKeyB64,
	})
	actionsLog.Info("Browser Biometrics: Sending key...")
	return response, err
}

func init() {
	AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.GetBiometricsKeyRequest{}), ensureIsNotLocked(ensureIsLoggedIn(handleGetBiometricsKey)))
}
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`package actions`

			`import (`
			`"encoding/base64"`
			`"fmt"`

			`"github.com/quexten/goldwarden/agent/config"`
			`"github.com/quexten/goldwarden/agent/sockets"`
Rework systemauth 2023-09-19 21:49:56 +02:00			`"github.com/quexten/goldwarden/agent/systemauth"`
Add touchid biometrics 2023-09-12 01:22:48 +02:00			`"github.com/quexten/goldwarden/agent/systemauth/biometrics"`
Refactor platform abstractions 2023-09-12 02:54:46 +02:00			`"github.com/quexten/goldwarden/agent/systemauth/pinentry"`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`"github.com/quexten/goldwarden/agent/vault"`
Refactor ipc 2023-09-20 03:05:44 +02:00
			`"github.com/quexten/goldwarden/ipc/messages"`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`)`

Refactor ipc 2023-09-20 03:05:44 +02:00			`func handleGetBiometricsKey(request messages.IPCMessage, cfg config.Config, vault vault.Vault, ctx *sockets.CallingContext) (response messages.IPCMessage, err error) {`
Add more logging 2023-12-22 10:44:49 +01:00			`actionsLog.Info("Browser Biometrics: Key requested, verifying biometrics...")`
Rework systemauth 2023-09-19 21:49:56 +02:00			`if !(systemauth.VerifyPinSession(*ctx) \|\| biometrics.CheckBiometrics(biometrics.BrowserBiometrics)) {`
Refactor ipc 2023-09-20 03:05:44 +02:00			`response, err = messages.IPCMessageFromPayload(messages.ActionResponse{`
Rework systemauth 2023-09-19 21:49:56 +02:00			`Success: false,`
			`Message: "not approved",`
			`})`
Add more logging 2023-12-22 10:44:49 +01:00			`actionsLog.Info("Browser Biometrics: Biometrics not approved %v", err)`
Rework systemauth 2023-09-19 21:49:56 +02:00			`if err != nil {`
Refactor ipc 2023-09-20 03:05:44 +02:00			`return messages.IPCMessage{}, err`
Rework systemauth 2023-09-19 21:49:56 +02:00			`}`
			`return response, nil`
			`}`

Add more logging 2023-12-22 10:44:49 +01:00			`actionsLog.Info("Browser Biometrics: Biometrics verified, asking for approval...")`
Refactor platform abstractions 2023-09-12 02:54:46 +02:00			`if approved, err := pinentry.GetApproval("Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access your vault encryption key for browser biometric unlock.", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName)); err != nil \|\| !approved {`
Refactor ipc 2023-09-20 03:05:44 +02:00			`response, err = messages.IPCMessageFromPayload(messages.ActionResponse{`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`Success: false,`
			`Message: "not approved",`
			`})`
Add more logging 2023-12-22 10:44:49 +01:00			`actionsLog.Info("Browser Biometrics: Biometrics not approved %v", err)`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`if err != nil {`
Refactor ipc 2023-09-20 03:05:44 +02:00			`return messages.IPCMessage{}, err`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`}`
			`return response, nil`
			`}`

Add more logging 2023-12-22 10:44:49 +01:00			`actionsLog.Info("Browser Biometrics: Approved, getting key...")`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`masterKey, err := cfg.GetMasterKey()`
Rework systemauth 2023-09-19 21:49:56 +02:00			`if err != nil {`
Refactor ipc 2023-09-20 03:05:44 +02:00			`return messages.IPCMessage{}, err`
Rework systemauth 2023-09-19 21:49:56 +02:00			`}`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`masterKeyB64 := base64.StdEncoding.EncodeToString(masterKey)`
Refactor ipc 2023-09-20 03:05:44 +02:00			`response, err = messages.IPCMessageFromPayload(messages.GetBiometricsKeyResponse{`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`Key: masterKeyB64,`
			`})`
Add more logging 2023-12-22 10:44:49 +01:00			`actionsLog.Info("Browser Biometrics: Sending key...")`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`return response, err`
			`}`

			`func init() {`
Refactor ipc 2023-09-20 03:05:44 +02:00			`AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.GetBiometricsKeyRequest{}), ensureIsNotLocked(ensureIsLoggedIn(handleGetBiometricsKey)))`
Port bw-bio-handler for browser biometrics 2023-07-17 05:02:29 +02:00			`}`