Merge pull request #141 from SuperSandro2000/browser-err

Improve overhaul error handling, Fix more lints found by golangci-lint's default config
2024-03-21 08:42:43 +01:00 · 2024-03-21 08:42:43 +01:00 · 6ac5754075
commit 6ac5754075
parent 7b3e21b238 3323326920
20 changed files with 224 additions and 138 deletions
--- a/agent/actions/send.go
+++ b/agent/actions/send.go
@ -20,6 +20,9 @@ func handleCreateSend(msg messages.IPCMessage, cfg *config.Config, vault *vault.

 	ctx := context.WithValue(context.TODO(), bitwarden.AuthToken{}, token.AccessToken)
 	url, err := bitwarden.CreateSend(ctx, cfg, vault, parsedMsg.Name, parsedMsg.Text)
+	if err != nil {
+		actionsLog.Warn(err.Error())
+	}

 	response, err = messages.IPCMessageFromPayload(messages.CreateSendResponse{
 		URL: url,
--- a/agent/actions/ssh.go
+++ b/agent/actions/ssh.go
@ -17,7 +17,7 @@ func handleAddSSH(msg messages.IPCMessage, cfg *config.Config, vault *vault.Vaul
 	req := messages.ParsePayload(msg).(messages.CreateSSHKeyRequest)

 	cipher, publicKey := ssh.NewSSHKeyCipher(req.Name, vault.Keyring)
-	response, err = messages.IPCMessageFromPayload(messages.ActionResponse{
+	_, err = messages.IPCMessageFromPayload(messages.ActionResponse{
 		Success: true,
 	})
 	if err != nil {
@ -25,6 +25,9 @@ func handleAddSSH(msg messages.IPCMessage, cfg *config.Config, vault *vault.Vaul
 	}

 	token, err := cfg.GetToken()
+	if err != nil {
+		actionsLog.Warn(err.Error())
+	}
 	ctx := context.WithValue(context.TODO(), bitwarden.AuthToken{}, token.AccessToken)
 	ciph, err := bitwarden.PostCipher(ctx, cipher, cfg)
 	if err == nil {
--- a/agent/bitwarden/auth.go
+++ b/agent/bitwarden/auth.go
@ -162,10 +162,10 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf
 			return LoginResponseToken{}, crypto.MasterKey{}, "", err
 		}
 	} else if err != nil && strings.Contains(err.Error(), "Captcha required.") {
-		notify.Notify("Goldwarden", fmt.Sprintf("Captcha required"), "", 0, func() {})
+		notify.Notify("Goldwarden", "Captcha required", "", 0, func() {})
 		return LoginResponseToken{}, crypto.MasterKey{}, "", fmt.Errorf("captcha required, please login via the web interface")
 	} else if err != nil {
-		notify.Notify("Goldwarden", fmt.Sprintf("Could not login via password: %v", err), "", 0, func() {})
+		notify.Notify("Goldwarden", fmt.Sprintf("Could not login via password: %s", err.Error()), "", 0, func() {})
 		return LoginResponseToken{}, crypto.MasterKey{}, "", fmt.Errorf("could not login via password: %v", err)
 	}

--- a/agent/bitwarden/http.go
+++ b/agent/bitwarden/http.go
@ -7,7 +7,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strings"
@ -105,7 +104,7 @@ func makeAuthenticatedHTTPRequest(ctx context.Context, req *http.Request, recv i
 		return err
 	}
 	defer res.Body.Close()
-	body, err := ioutil.ReadAll(res.Body)
+	body, err := io.ReadAll(res.Body)
 	if err != nil {
 		return err
 	}
--- a/agent/bitwarden/passwordless.go
+++ b/agent/bitwarden/passwordless.go
@ -69,11 +69,17 @@ func CreateAuthResponse(ctx context.Context, authRequest AuthRequestData, keyrin
 	//}

 	publicKey, err := base64.StdEncoding.DecodeString(authRequest.PublicKey)
+	if err != nil {
+		return AuthRequestResponseData{}, err
+	}
 	requesterKey, err := crypto.MemoryAssymmetricEncryptionKeyFromBytes(publicKey)
+	if err != nil {
+		return AuthRequestResponseData{}, err
+	}

 	encryptedUserSymmetricKey, err := crypto.EncryptWithAsymmetric(userSymmetricKey, requesterKey)
 	if err != nil {
-		panic(err)
+		return AuthRequestResponseData{}, err
 	}
 	//encryptedMasterPasswordHash, err := crypto.EncryptWithAsymmetric(masterPasswordHash, requesterKey)
 	//if err != nil {
--- a/agent/bitwarden/websocket.go
+++ b/agent/bitwarden/websocket.go
@ -76,6 +76,10 @@ func connectToWebsocket(ctx context.Context, vault *vault.Vault, cfg *config.Con
 	}

 	token, err := cfg.GetToken()
+	if err != nil {
+		return err
+	}
+
 	var websocketURL = "wss://" + url.Host + url.Path + "/hub?access_token=" + token.AccessToken
 	c, _, err := websocket.DefaultDialer.Dial(websocketURL, nil)
 	if err != nil {
--- a/agent/systemauth/pinentry/keybase-pinentry/pinentry.go
+++ b/agent/systemauth/pinentry/keybase-pinentry/pinentry.go
@ -99,7 +99,7 @@ func (pe *Pinentry) Get(arg keybase1.SecretEntryArg) (res *keybase1.SecretEntryR

 func (pi *pinentryInstance) Close() {
 	pi.stdin.Close()
-	pi.cmd.Wait()
+	_ = pi.cmd.Wait()
 }

 type pinentryInstance struct {
@ -123,7 +123,6 @@ func (pi *pinentryInstance) Set(cmd, val string, errp *error) {
 	if string(line) != "OK" {
 		*errp = fmt.Errorf("Response to " + cmd + " was " + string(line))
 	}
-	return
 }

 func (pi *pinentryInstance) Init() (err error) {
--- a/autotype/libportalautotype.go
+++ b/autotype/libportalautotype.go
@ -42,50 +42,47 @@ func TypeString(textToType string) {
 	var sessionHandle dbus.ObjectPath

 	for {
-		select {
-		case message := <-signals:
-			if state == 0 {
-				log.Info("Selecting Devices")
-				result := message.Body[1].(map[string]dbus.Variant)
-				resultSessionHandle := result["session_handle"]
-				sessionHandle = dbus.ObjectPath(resultSessionHandle.String()[1 : len(resultSessionHandle.String())-1])
-				res := obj.Call("org.freedesktop.portal.RemoteDesktop.SelectDevices", 0, sessionHandle, map[string]dbus.Variant{
-					"types": dbus.MakeVariant(uint32(1)),
-				})
-				if res.Err != nil {
-					log.Error("Error selecting devices: %s", res.Err.Error())
-				}
-				state = 1
-			} else if state == 1 {
-				log.Info("Starting Session")
-				res := obj.Call("org.freedesktop.portal.RemoteDesktop.Start", 0, sessionHandle, "", map[string]dbus.Variant{})
-				if res.Err != nil {
-					log.Error("Error starting session: %s", res.Err.Error())
-				}
-				state = 2
-			} else if state == 2 {
-				log.Info("Performing Typing")
-				state = 3
-				time.Sleep(1000 * time.Millisecond)
-				for _, char := range textToType {
-					if char == '\t' {
-						obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeycode", 0, sessionHandle, map[string]dbus.Variant{}, 15, uint32(1))
-						time.Sleep(autoTypeDelay)
-						obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeycode", 0, sessionHandle, map[string]dbus.Variant{}, 15, uint32(0))
-						time.Sleep(autoTypeDelay)
-					} else {
-						obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeysym", 0, sessionHandle, map[string]dbus.Variant{}, int32(char), uint32(1))
-						time.Sleep(autoTypeDelay)
-						obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeysym", 0, sessionHandle, map[string]dbus.Variant{}, int32(char), uint32(0))
-						time.Sleep(autoTypeDelay)
-					}
-				}
-				bus.Close()
-				return
-			} else {
-				log.Info("State 3")
-				return
+		message := <-signals
+		switch state {
+		case 0:
+			log.Info("Selecting Devices")
+			result := message.Body[1].(map[string]dbus.Variant)
+			resultSessionHandle := result["session_handle"]
+			sessionHandle = dbus.ObjectPath(resultSessionHandle.String()[1 : len(resultSessionHandle.String())-1])
+			res := obj.Call("org.freedesktop.portal.RemoteDesktop.SelectDevices", 0, sessionHandle, map[string]dbus.Variant{
+				"types": dbus.MakeVariant(uint32(1)),
+			})
+			if res.Err != nil {
+				log.Error("Error selecting devices: %s", res.Err.Error())
 			}
+			state = 1
+		case 1:
+			log.Info("Starting Session")
+			res := obj.Call("org.freedesktop.portal.RemoteDesktop.Start", 0, sessionHandle, "", map[string]dbus.Variant{})
+			if res.Err != nil {
+				log.Error("Error starting session: %s", res.Err.Error())
+			}
+			state = 2
+		case 2:
+			log.Info("Performing Typing")
+			time.Sleep(1000 * time.Millisecond)
+			for _, char := range textToType {
+				if char == '\t' {
+					obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeycode", 0, sessionHandle, map[string]dbus.Variant{}, 15, uint32(1))
+					time.Sleep(autoTypeDelay)
+					obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeycode", 0, sessionHandle, map[string]dbus.Variant{}, 15, uint32(0))
+					time.Sleep(autoTypeDelay)
+				} else {
+					obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeysym", 0, sessionHandle, map[string]dbus.Variant{}, int32(char), uint32(1))
+					time.Sleep(autoTypeDelay)
+					obj.Call("org.freedesktop.portal.RemoteDesktop.NotifyKeyboardKeysym", 0, sessionHandle, map[string]dbus.Variant{}, int32(char), uint32(0))
+					time.Sleep(autoTypeDelay)
+				}
+			}
+			bus.Close()
+			return
+		default:
+			return
 		}
 	}
 }
--- a/browserbiometrics/communication.go
+++ b/browserbiometrics/communication.go
@ -4,6 +4,7 @@ import (
 	"bytes"
 	"encoding/binary"
 	"encoding/json"
+	"fmt"
 	"os"
 	"unsafe"

@ -25,44 +26,50 @@ func setupCommunication() {
 	}
 }

-func dataToBytes(msg SendMessage) []byte {
+func dataToBytes(msg SendMessage) ([]byte, error) {
 	byteMsg, err := json.Marshal(msg)
 	if err != nil {
-		logging.Panicf("Unable to marshal OutgoingMessage struct to slice of bytes: " + err.Error())
+		return nil, fmt.Errorf("unable to marshal OutgoingMessage struct to slice of bytes: %w", err)
 	}
-	return byteMsg
+	return byteMsg, nil
 }

-func writeMessageLength(msg []byte) {
+func writeMessageLength(msg []byte) error {
 	err := binary.Write(os.Stdout, nativeEndian, uint32(len(msg)))
 	if err != nil {
-		logging.Panicf("Unable to write message length to Stdout: " + err.Error())
+		return fmt.Errorf("unable to write message length to stdout: %w", err)
 	}
+	return nil
 }

-func readMessageLength(msg []byte) int {
-	var length uint32
+func readMessageLength(msg []byte) (int, error) {
+	var length int
 	buf := bytes.NewBuffer(msg)
 	err := binary.Read(buf, nativeEndian, &length)
 	if err != nil {
-		logging.Panicf("Unable to read bytes representing message length:" + err.Error())
+		return 0, fmt.Errorf("Unable to read bytes representing message length: %w", err)
 	}
-	return int(length)
+	return length, nil
 }

-func send(msg SendMessage) {
-	byteMsg := dataToBytes(msg)
+func send(msg SendMessage) error {
+	byteMsg, err := dataToBytes(msg)
+	if err != nil {
+		return err
+	}
+
 	logging.Debugf("[SENSITIVE] Sending message: " + string(byteMsg))
-	writeMessageLength(byteMsg)
+	err = writeMessageLength(byteMsg)
+	if err != nil {
+		return err
+	}

 	var msgBuf bytes.Buffer
-	_, err := msgBuf.Write(byteMsg)
+	_, err = msgBuf.Write(byteMsg)
 	if err != nil {
-		logging.Panicf(err.Error())
+		return err
 	}

 	_, err = msgBuf.WriteTo(os.Stdout)
-	if err != nil {
-		logging.Panicf(err.Error())
-	}
+	return err
 }
--- a/browserbiometrics/crypto.go
+++ b/browserbiometrics/crypto.go
@ -23,7 +23,7 @@ func pkcs7Pad(b []byte, blocksize int) ([]byte, error) {
 	if blocksize <= 0 {
 		return nil, ErrInvalidBlockSize
 	}
-	if b == nil || len(b) == 0 {
+	if len(b) == 0 {
 		return nil, ErrInvalidPKCS7Data
 	}
 	n := blocksize - (len(b) % blocksize)
@ -37,7 +37,7 @@ func pkcs7Unpad(b []byte, blocksize int) ([]byte, error) {
 	if blocksize <= 0 {
 		return nil, ErrInvalidBlockSize
 	}
-	if b == nil || len(b) == 0 {
+	if len(b) == 0 {
 		return nil, ErrInvalidPKCS7Data
 	}
 	if len(b)%blocksize != 0 {
@ -56,10 +56,10 @@ func pkcs7Unpad(b []byte, blocksize int) ([]byte, error) {
 	return b[:len(b)-n], nil
 }

-func decryptStringSymmetric(key []byte, ivb64 string, data string) string {
+func decryptStringSymmetric(key []byte, ivb64 string, data string) (string, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
-		panic(err)
+		return "", err
 	}
 	iv, _ := base64.StdEncoding.DecodeString(ivb64)
 	ciphertext, _ := base64.StdEncoding.DecodeString(data)
@ -67,19 +67,19 @@ func decryptStringSymmetric(key []byte, ivb64 string, data string) string {
 	bm.CryptBlocks(ciphertext, ciphertext)
 	ciphertext, _ = pkcs7Unpad(ciphertext, aes.BlockSize)

-	return string(ciphertext)
+	return string(ciphertext), nil
 }

-func encryptStringSymmetric(key []byte, data []byte) EncryptedString {
+func encryptStringSymmetric(key []byte, data []byte) (EncryptedString, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
-		panic(err)
+		return EncryptedString{}, err
 	}
 	data, _ = pkcs7Pad(data, block.BlockSize())
 	ciphertext := make([]byte, aes.BlockSize+len(data))
 	iv := ciphertext[:aes.BlockSize]
 	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
-		panic(err)
+		return EncryptedString{}, err
 	}
 	bm := cipher.NewCBCEncrypter(block, iv)
 	bm.CryptBlocks(ciphertext[aes.BlockSize:], data)
@ -88,15 +88,15 @@ func encryptStringSymmetric(key []byte, data []byte) EncryptedString {
 		IV:      base64.StdEncoding.EncodeToString(ciphertext[:aes.BlockSize]),
 		Data:    base64.StdEncoding.EncodeToString(ciphertext[aes.BlockSize:]),
 		EncType: 0,
-	}
+	}, nil
 }

-func generateTransportKey() []byte {
+func generateTransportKey() ([]byte, error) {
 	key := make([]byte, 32)
 	if _, err := io.ReadFull(rand.Reader, key); err != nil {
-		panic(err)
+		return nil, err
 	}
-	return key
+	return key, nil
 }

 func rsaEncrypt(keyB64 string, message []byte) (string, error) {
--- a/browserbiometrics/main.go
+++ b/browserbiometrics/main.go
@ -36,13 +36,17 @@ const appID = "com.quexten.bw-bio-handler"

 var transportKey []byte

-func Main(rtCfg *config.RuntimeConfig) {
+func Main(rtCfg *config.RuntimeConfig) error {
 	logging.Debugf("Starting browserbiometrics")
-	transportKey = generateTransportKey()
+	var err error
+	transportKey, err = generateTransportKey()
+	if err != nil {
+		return err
+	}
 	logging.Debugf("Generated transport key")

 	setupCommunication()
-	readLoop(rtCfg)
+	return readLoop(rtCfg)
 }

 func DetectAndInstallBrowsers() error {
--- a/browserbiometrics/protocol.go
+++ b/browserbiometrics/protocol.go
@ -3,6 +3,7 @@ package browserbiometrics
 import (
 	"bufio"
 	"encoding/json"
+	"fmt"
 	"io"
 	"os"

@ -14,7 +15,7 @@ import (

 var runtimeConfig *config.RuntimeConfig

-func readLoop(rtCfg *config.RuntimeConfig) {
+func readLoop(rtCfg *config.RuntimeConfig) error {
 	runtimeConfig = rtCfg
 	v := bufio.NewReader(os.Stdin)
 	s := bufio.NewReaderSize(v, bufferSize)
@ -23,64 +24,86 @@ func readLoop(rtCfg *config.RuntimeConfig) {
 	lengthNum := int(0)

 	logging.Debugf("Sending connected message")
-	send(SendMessage{
+	err := send(SendMessage{
 		Command: "connected",
 		AppID:   appID,
 	})
+	if err != nil {
+		return err
+	}

 	logging.Debugf("Starting read loop")
 	for b, err := s.Read(lengthBytes); b > 0 && err == nil; b, err = s.Read(lengthBytes) {
-		lengthNum = readMessageLength(lengthBytes)
+		lengthNum, err = readMessageLength(lengthBytes)
+		if err != nil {
+			return err
+		}

 		content := make([]byte, lengthNum)
 		_, err := s.Read(content)
 		if err != nil && err != io.EOF {
-			logging.Panicf(err.Error())
+			return err
 		}

-		parseMessage(content)
+		err = parseMessage(content)
+		if err != nil {
+			return err
+		}
 	}
+	return nil
 }

-func parseMessage(msg []byte) {
+func parseMessage(msg []byte) error {
 	logging.Debugf("Received message: " + string(msg))

 	var genericMessage GenericRecvMessage
 	err := json.Unmarshal(msg, &genericMessage)
 	if err != nil {
-		logging.Panicf("Unable to unmarshal json to struct: " + err.Error())
+		return fmt.Errorf("unable to unmarshal json to struct: %w", err)
 	}
+
 	if _, ok := (genericMessage.Message.(map[string]interface{})["command"]); ok {
 		logging.Debugf("Message is unencrypted")

 		var unmsg UnencryptedRecvMessage
 		err := json.Unmarshal(msg, &unmsg)
 		if err != nil {
-			logging.Panicf("Unable to unmarshal json to struct: " + err.Error())
+			return fmt.Errorf("unable to unmarshal json to struct: %w", err)
 		}

-		handleUnencryptedMessage(unmsg)
+		err = handleUnencryptedMessage(unmsg)
+		if err != nil {
+			return err
+		}
 	} else {
 		logging.Debugf("Message is encrypted")

 		var encmsg EncryptedRecvMessage
 		err := json.Unmarshal(msg, &encmsg)
 		if err != nil {
-			logging.Panicf("Unable to unmarshal json to struct: " + err.Error())
+			return fmt.Errorf("unable to unmarshal json to struct: %w", err)
 		}

-		decryptedMessage := decryptStringSymmetric(transportKey, encmsg.Message.IV, encmsg.Message.Data)
+		decryptedMessage, err := decryptStringSymmetric(transportKey, encmsg.Message.IV, encmsg.Message.Data)
+		if err != nil {
+			return err
+		}
 		var payloadMsg PayloadMessage
 		err = json.Unmarshal([]byte(decryptedMessage), &payloadMsg)
 		if err != nil {
-			logging.Panicf("Unable to unmarshal json to struct: " + err.Error())
+			return fmt.Errorf("unable to unmarshal json to struct: %w", err)
 		}

-		handlePayloadMessage(payloadMsg, genericMessage.AppID)
+		err = handlePayloadMessage(payloadMsg, genericMessage.AppID)
+		if err != nil {
+			return err
+		}
 	}
+
+	return nil
 }

-func handleUnencryptedMessage(msg UnencryptedRecvMessage) {
+func handleUnencryptedMessage(msg UnencryptedRecvMessage) error {
 	logging.Debugf("Received unencrypted message: %+v", msg.Message)
 	logging.Debugf("  with command: %s", msg.Message.Command)

@ -88,17 +111,22 @@ func handleUnencryptedMessage(msg UnencryptedRecvMessage) {
 	case "setupEncryption":
 		sharedSecret, err := rsaEncrypt(msg.Message.PublicKey, transportKey)
 		if err != nil {
-			logging.Panicf(err.Error())
+			return err
 		}
-		send(SendMessage{
+		err = send(SendMessage{
 			Command:      "setupEncryption",
 			AppID:        msg.AppID,
 			SharedSecret: sharedSecret,
 		})
-		break
+		if err != nil {
+			return err
+		}
 	}
+
+	return nil
 }
-func handlePayloadMessage(msg PayloadMessage, appID string) {
+
+func handlePayloadMessage(msg PayloadMessage, appID string) error {
 	logging.Debugf("Received unencrypted message: %+v", msg)

 	switch msg.Command {
@ -108,7 +136,7 @@ func handlePayloadMessage(msg PayloadMessage, appID string) {

 		home, err := os.UserHomeDir()
 		if err != nil {
-			panic(err)
+			return err
 		}

 		if runtimeConfig.GoldwardenSocketPath == "" {
@ -127,16 +155,12 @@ func handlePayloadMessage(msg PayloadMessage, appID string) {

 		result, err := client.NewUnixSocketClient(runtimeConfig).SendToAgent(messages.GetBiometricsKeyRequest{})
 		if err != nil {
-			logging.Errorf("Unable to send message to agent: %s", err.Error())
-			return
+			return fmt.Errorf("Unable to send message to agent: %w", err)
 		}
-		switch result.(type) {
-		case messages.GetBiometricsKeyResponse:
-			if err != nil {
-				logging.Panicf(err.Error())
-			}

-			var key = result.(messages.GetBiometricsKeyResponse).Key
+		switch result := result.(type) {
+		case messages.GetBiometricsKeyResponse:
+			var key = result.Key
 			var payloadMsg ReceiveMessage = ReceiveMessage{
 				Command:   "biometricUnlock",
 				Response:  "unlocked",
@ -145,18 +169,23 @@ func handlePayloadMessage(msg PayloadMessage, appID string) {
 			}
 			payloadStr, err := json.Marshal(payloadMsg)
 			if err != nil {
-				logging.Panicf(err.Error())
+				return err
 			}
 			logging.Debugf("Payload: %s", payloadStr)

-			encStr := encryptStringSymmetric(transportKey, payloadStr)
-			send(SendMessage{
+			encStr, err := encryptStringSymmetric(transportKey, payloadStr)
+			if err != nil {
+				return err
+			}
+			err = send(SendMessage{
 				AppID:   appID,
 				Message: encStr,
 			})
-			break
+			if err != nil {
+				return err
+			}
 		}
-
-		break
 	}
+
+	return nil
 }
--- a/cmd/login.go
+++ b/cmd/login.go
@ -13,7 +13,7 @@ import (
 var loginCmd = &cobra.Command{
 	Use:   "login",
 	Short: "Starts the login process for Bitwarden",
-	Long: `Starts the login process for Bitwarden. 
+	Long: `Starts the login process for Bitwarden.
 	You will be prompted to enter your password, and confirm your second factor if you have one.`,
 	Run: func(cmd *cobra.Command, args []string) {
 		request := messages.DoLoginRequest{}
@ -49,6 +49,6 @@ var loginCmd = &cobra.Command{
 func init() {
 	vaultCmd.AddCommand(loginCmd)
 	loginCmd.PersistentFlags().String("email", "", "")
-	loginCmd.MarkFlagRequired("email")
+	_ = loginCmd.MarkFlagRequired("email")
 	loginCmd.PersistentFlags().Bool("passwordless", false, "")
 }
--- a/cmd/logins.go
+++ b/cmd/logins.go
@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"os"
 	"strings"

 	"github.com/icza/gox/stringsx"
@ -17,7 +18,7 @@ var baseLoginCmd = &cobra.Command{
 	Short: "Commands for managing logins.",
 	Long:  `Commands for managing logins.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		cmd.Help()
+		_ = cmd.Help()
 	},
 }

@ -26,7 +27,11 @@ var getLoginCmd = &cobra.Command{
 	Short: "Gets a login in your vault",
 	Long:  `Gets a login in your vault.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		loginIfRequired()
+		err := loginIfRequired()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}

 		uuid, _ := cmd.Flags().GetString("uuid")
 		name, _ := cmd.Flags().GetString("name")
@ -51,7 +56,7 @@ var getLoginCmd = &cobra.Command{
 			} else {
 				fmt.Println(response.Result.Password)
 			}
-			break
+			return
 		case messages.ActionResponse:
 			fmt.Println("Error: " + resp.(messages.ActionResponse).Message)
 			return
@ -64,7 +69,11 @@ var listLoginsCmd = &cobra.Command{
 	Short: "Lists all logins in your vault",
 	Long:  `Lists all logins in your vault.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		loginIfRequired()
+		err := loginIfRequired()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}

 		logins, err := ListLogins(commandClient)
 		if err != nil {
--- a/cmd/run.go
+++ b/cmd/run.go
@ -54,7 +54,7 @@ var runCmd = &cobra.Command{
 		command.Stdout = os.Stdout
 		command.Stderr = os.Stderr
 		command.Stdin = os.Stdin
-		command.Run()
+		_ = command.Run()
 	},
 }

--- a/cmd/send.go
+++ b/cmd/send.go
@ -2,6 +2,7 @@ package cmd

 import (
 	"fmt"
+	"os"

 	"github.com/quexten/goldwarden/ipc/messages"
 	"github.com/spf13/cobra"
@ -12,7 +13,7 @@ var sendCmd = &cobra.Command{
 	Short: "Commands for managing sends",
 	Long:  `Commands for managing sends.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		cmd.Help()
+		_ = cmd.Help()
 	},
 }

@ -21,7 +22,12 @@ var sendCreateCmd = &cobra.Command{
 	Short: "Uploads a Bitwarden send.",
 	Long:  `Uploads a Bitwarden send.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		loginIfRequired()
+		err := loginIfRequired()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
 		name, _ := cmd.Flags().GetString("name")
 		text, _ := cmd.Flags().GetString("text")

@ -37,7 +43,7 @@ var sendCreateCmd = &cobra.Command{
 		switch result.(type) {
 		case messages.CreateSendResponse:
 			fmt.Println("Send created: " + result.(messages.CreateSendResponse).URL)
-			break
+			return
 		case messages.ActionResponse:
 			fmt.Println("Error: " + result.(messages.ActionResponse).Message)
 			return
--- a/cmd/session.go
+++ b/cmd/session.go
@ -23,7 +23,7 @@ var sessionCmd = &cobra.Command{
 			text = strings.TrimSuffix(text, "\n")
 			args := strings.Split(text, " ")
 			rootCmd.SetArgs(args)
-			rootCmd.Execute()
+			_ = rootCmd.Execute()
 		}
 	},
 }
@ -64,6 +64,9 @@ var pinentry = &cobra.Command{
 			case messages.PinentryApprovalRequest:
 				err = conn.WriteMessage(messages.PinentryApprovalResponse{Approved: text == "true"})
 			}
+			if err != nil {
+				panic(err)
+			}
 		}
 	},
 }
--- a/cmd/setup_linux.go
+++ b/cmd/setup_linux.go
@ -101,7 +101,10 @@ func setupSystemd() {
 		panic(err)
 	}

-	file.WriteString(strings.ReplaceAll(systemdService, "@BINARY_PATH@", path))
+	_, err = file.WriteString(strings.ReplaceAll(systemdService, "@BINARY_PATH@", path))
+	if err != nil {
+		panic(err)
+	}
 	file.Close()

 	userDirectory := os.Getenv("HOME")
@ -172,7 +175,7 @@ var setupCmd = &cobra.Command{
 	Short: "Sets up Goldwarden integrations",
 	Long:  "Sets up Goldwarden integrations",
 	Run: func(cmd *cobra.Command, args []string) {
-		cmd.Help()
+		_ = cmd.Help()
 	},
 }

--- a/cmd/ssh.go
+++ b/cmd/ssh.go
@ -2,6 +2,7 @@ package cmd

 import (
 	"fmt"
+	"os"

 	"github.com/atotto/clipboard"
 	"github.com/quexten/goldwarden/ipc/messages"
@ -13,7 +14,7 @@ var sshCmd = &cobra.Command{
 	Short: "Commands for managing SSH keys",
 	Long:  `Commands for managing SSH keys.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		cmd.Help()
+		_ = cmd.Help()
 	},
 }

@ -24,7 +25,11 @@ var sshAddCmd = &cobra.Command{
 	Long: `Runs a command with environment variables from your vault.
 	The variables are stored as a secure note. Consult the documentation for more information.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		loginIfRequired()
+		err := loginIfRequired()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}

 		name, _ := cmd.Flags().GetString("name")
 		copyToClipboard, _ := cmd.Flags().GetBool("clipboard")
@ -43,9 +48,12 @@ var sshAddCmd = &cobra.Command{
 			fmt.Println(response.Digest)

 			if copyToClipboard {
-				clipboard.WriteAll(string(response.Digest))
+				err := clipboard.WriteAll(string(response.Digest))
+				if err != nil {
+					panic(err)
+				}
 			}
-			break
+			return
 		case messages.ActionResponse:
 			fmt.Println("Error: " + result.(messages.ActionResponse).Message)
 			return
@ -58,7 +66,11 @@ var listSSHCmd = &cobra.Command{
 	Short: "Lists all SSH keys in your vault",
 	Long:  `Lists all SSH keys in your vault.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		loginIfRequired()
+		err := loginIfRequired()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}

 		result, err := commandClient.SendToAgent(messages.GetSSHKeysRequest{})
 		if err != nil {
@ -72,7 +84,7 @@ var listSSHCmd = &cobra.Command{
 			for _, key := range response.Keys {
 				fmt.Println(key)
 			}
-			break
+			return
 		case messages.ActionResponse:
 			fmt.Println("Error: " + result.(messages.ActionResponse).Message)
 			return
@ -84,7 +96,7 @@ func init() {
 	rootCmd.AddCommand(sshCmd)
 	sshCmd.AddCommand(sshAddCmd)
 	sshAddCmd.PersistentFlags().String("name", "", "")
-	sshAddCmd.MarkFlagRequired("name")
+	_ = sshAddCmd.MarkFlagRequired("name")
 	sshAddCmd.PersistentFlags().Bool("clipboard", false, "Copy the public key to the clipboard")
 	sshCmd.AddCommand(listSSHCmd)
 }
--- a/main.go
+++ b/main.go
@ -45,8 +45,10 @@ func main() {
 	}

 	if len(os.Args) > 1 && (strings.Contains(os.Args[1], "com.8bit.bitwarden.json") || strings.Contains(os.Args[1], "chrome-extension://")) {
-		browserbiometrics.Main(&runtimeConfig)
-		return
+		err = browserbiometrics.Main(&runtimeConfig)
+		if err != nil {
+			panic(err)
+		}
 	}

 	cmd.Execute(runtimeConfig)