diff --git a/cli/agent/bitwarden/auth.go b/cli/agent/bitwarden/auth.go index 0e00d75..a7668a7 100644 --- a/cli/agent/bitwarden/auth.go +++ b/cli/agent/bitwarden/auth.go @@ -116,6 +116,7 @@ func LoginWithApiKey(ctx context.Context, email string, cfg *config.Config, vaul func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Config, vault *vault.Vault) (LoginResponseToken, crypto.MasterKey, string, error) { var preLogin preLoginResponse + fmt.Println("Posting prelogin") if err := authenticatedHTTPPost(ctx, cfg.ConfigFile.IdentityUrl+"/accounts/prelogin", &preLogin, preLoginRequest{ Email: email, }); err != nil { @@ -127,12 +128,14 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf var masterKey crypto.MasterKey var hashedPassword string + fmt.Println("Getting password") password, err := pinentry.GetPassword("Bitwarden Password", "Enter your Bitwarden password") if err != nil { notify.Notify("Goldwarden", fmt.Sprintf("Could not get password: %v", err), "", 0, func() {}) return LoginResponseToken{}, crypto.MasterKey{}, "", err } + fmt.Println("Deriving master key") masterKey, err = crypto.DeriveMasterKey([]byte(strings.Clone(password)), email, crypto.KDFConfig{Type: crypto.KDFType(preLogin.KDF), Iterations: uint32(preLogin.KDFIterations), Memory: uint32(preLogin.KDFMemory), Parallelism: uint32(preLogin.KDFParallelism)}) if err != nil { notify.Notify("Goldwarden", fmt.Sprintf("Could not derive master key: %v", err), "", 0, func() {}) @@ -142,14 +145,14 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf hashedPassword = b64enc.EncodeToString(pbkdf2.Key(masterKey.GetBytes(), []byte(password), 1, 32, sha256.New)) values = urlValues( + "scope", loginScope, + "client_id", "web", + "deviceType", "10", + "deviceIdentifier", cfg.ConfigFile.DeviceUUID, + "deviceName", "firefox", "grant_type", "password", "username", email, "password", string(hashedPassword), - "scope", loginScope, - "client_id", "connector", - "deviceType", deviceType(), - "deviceName", deviceName, - "deviceIdentifier", cfg.ConfigFile.DeviceUUID, ) var loginResponseToken LoginResponseToken diff --git a/cli/agent/bitwarden/http.go b/cli/agent/bitwarden/http.go index cdaefc3..30f4823 100644 --- a/cli/agent/bitwarden/http.go +++ b/cli/agent/bitwarden/http.go @@ -51,7 +51,7 @@ func authenticatedHTTPPost(ctx context.Context, urlstr string, recv, send interf } req.Header.Set("Content-Type", contentType) if authEmail != "" { - req.Header.Set("Auth-Email", base64.URLEncoding.EncodeToString([]byte(authEmail))) + req.Header.Set("Auth-Email", base64.RawURLEncoding.EncodeToString([]byte(authEmail))) } return makeAuthenticatedHTTPRequest(ctx, req, recv) } @@ -97,8 +97,10 @@ func makeAuthenticatedHTTPRequest(ctx context.Context, req *http.Request, recv i if token, ok := ctx.Value(AuthToken{}).(string); ok { req.Header.Set("Authorization", "Bearer "+token) } - req.Header.Set("device-type", deviceType()) + req.Header.Set("Accept", "*/*") + req.Header.Set("Accept-Language", "en-US,en;q=0.5") req.Header.Set("User-Agent", "Goldwarden (github.com/quexten/goldwarden)") + req.Header.Set("Device-Type", "10") req.Header.Set("Bitwarden-Client-Name", "goldwarden") req.Header.Set("Bitwarden-Client-Version", "0.0.0") diff --git a/cli/agent/config/config.go b/cli/agent/config/config.go index a0ab3b1..8eb3fce 100644 --- a/cli/agent/config/config.go +++ b/cli/agent/config/config.go @@ -89,8 +89,8 @@ func DefaultConfig(useMemguard bool) Config { useMemguard, &keyBuffer, ConfigFile{ - IdentityUrl: "https://vault.bitwarden.com/identity", - ApiUrl: "https://vault.bitwarden.com/api", + IdentityUrl: "https://identity.bitwarden.com", + ApiUrl: "https://api.bitwarden.com", NotificationsUrl: "https://notifications.bitwarden.com", VaultUrl: "https://vault.bitwarden.com", EncryptedClientID: "",