This commit is contained in:
Bernd Schoolmann 2024-11-07 00:23:54 +01:00
parent dd063cc768
commit 829193e70c
No known key found for this signature in database
3 changed files with 14 additions and 9 deletions

View File

@ -116,6 +116,7 @@ func LoginWithApiKey(ctx context.Context, email string, cfg *config.Config, vaul
func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Config, vault *vault.Vault) (LoginResponseToken, crypto.MasterKey, string, error) { func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Config, vault *vault.Vault) (LoginResponseToken, crypto.MasterKey, string, error) {
var preLogin preLoginResponse var preLogin preLoginResponse
fmt.Println("Posting prelogin")
if err := authenticatedHTTPPost(ctx, cfg.ConfigFile.IdentityUrl+"/accounts/prelogin", &preLogin, preLoginRequest{ if err := authenticatedHTTPPost(ctx, cfg.ConfigFile.IdentityUrl+"/accounts/prelogin", &preLogin, preLoginRequest{
Email: email, Email: email,
}); err != nil { }); err != nil {
@ -127,12 +128,14 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf
var masterKey crypto.MasterKey var masterKey crypto.MasterKey
var hashedPassword string var hashedPassword string
fmt.Println("Getting password")
password, err := pinentry.GetPassword("Bitwarden Password", "Enter your Bitwarden password") password, err := pinentry.GetPassword("Bitwarden Password", "Enter your Bitwarden password")
if err != nil { if err != nil {
notify.Notify("Goldwarden", fmt.Sprintf("Could not get password: %v", err), "", 0, func() {}) notify.Notify("Goldwarden", fmt.Sprintf("Could not get password: %v", err), "", 0, func() {})
return LoginResponseToken{}, crypto.MasterKey{}, "", err return LoginResponseToken{}, crypto.MasterKey{}, "", err
} }
fmt.Println("Deriving master key")
masterKey, err = crypto.DeriveMasterKey([]byte(strings.Clone(password)), email, crypto.KDFConfig{Type: crypto.KDFType(preLogin.KDF), Iterations: uint32(preLogin.KDFIterations), Memory: uint32(preLogin.KDFMemory), Parallelism: uint32(preLogin.KDFParallelism)}) masterKey, err = crypto.DeriveMasterKey([]byte(strings.Clone(password)), email, crypto.KDFConfig{Type: crypto.KDFType(preLogin.KDF), Iterations: uint32(preLogin.KDFIterations), Memory: uint32(preLogin.KDFMemory), Parallelism: uint32(preLogin.KDFParallelism)})
if err != nil { if err != nil {
notify.Notify("Goldwarden", fmt.Sprintf("Could not derive master key: %v", err), "", 0, func() {}) notify.Notify("Goldwarden", fmt.Sprintf("Could not derive master key: %v", err), "", 0, func() {})
@ -142,14 +145,14 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf
hashedPassword = b64enc.EncodeToString(pbkdf2.Key(masterKey.GetBytes(), []byte(password), 1, 32, sha256.New)) hashedPassword = b64enc.EncodeToString(pbkdf2.Key(masterKey.GetBytes(), []byte(password), 1, 32, sha256.New))
values = urlValues( values = urlValues(
"scope", loginScope,
"client_id", "web",
"deviceType", "10",
"deviceIdentifier", cfg.ConfigFile.DeviceUUID,
"deviceName", "firefox",
"grant_type", "password", "grant_type", "password",
"username", email, "username", email,
"password", string(hashedPassword), "password", string(hashedPassword),
"scope", loginScope,
"client_id", "connector",
"deviceType", deviceType(),
"deviceName", deviceName,
"deviceIdentifier", cfg.ConfigFile.DeviceUUID,
) )
var loginResponseToken LoginResponseToken var loginResponseToken LoginResponseToken

View File

@ -51,7 +51,7 @@ func authenticatedHTTPPost(ctx context.Context, urlstr string, recv, send interf
} }
req.Header.Set("Content-Type", contentType) req.Header.Set("Content-Type", contentType)
if authEmail != "" { if authEmail != "" {
req.Header.Set("Auth-Email", base64.URLEncoding.EncodeToString([]byte(authEmail))) req.Header.Set("Auth-Email", base64.RawURLEncoding.EncodeToString([]byte(authEmail)))
} }
return makeAuthenticatedHTTPRequest(ctx, req, recv) return makeAuthenticatedHTTPRequest(ctx, req, recv)
} }
@ -97,8 +97,10 @@ func makeAuthenticatedHTTPRequest(ctx context.Context, req *http.Request, recv i
if token, ok := ctx.Value(AuthToken{}).(string); ok { if token, ok := ctx.Value(AuthToken{}).(string); ok {
req.Header.Set("Authorization", "Bearer "+token) req.Header.Set("Authorization", "Bearer "+token)
} }
req.Header.Set("device-type", deviceType()) req.Header.Set("Accept", "*/*")
req.Header.Set("Accept-Language", "en-US,en;q=0.5")
req.Header.Set("User-Agent", "Goldwarden (github.com/quexten/goldwarden)") req.Header.Set("User-Agent", "Goldwarden (github.com/quexten/goldwarden)")
req.Header.Set("Device-Type", "10")
req.Header.Set("Bitwarden-Client-Name", "goldwarden") req.Header.Set("Bitwarden-Client-Name", "goldwarden")
req.Header.Set("Bitwarden-Client-Version", "0.0.0") req.Header.Set("Bitwarden-Client-Version", "0.0.0")

View File

@ -89,8 +89,8 @@ func DefaultConfig(useMemguard bool) Config {
useMemguard, useMemguard,
&keyBuffer, &keyBuffer,
ConfigFile{ ConfigFile{
IdentityUrl: "https://vault.bitwarden.com/identity", IdentityUrl: "https://identity.bitwarden.com",
ApiUrl: "https://vault.bitwarden.com/api", ApiUrl: "https://api.bitwarden.com",
NotificationsUrl: "https://notifications.bitwarden.com", NotificationsUrl: "https://notifications.bitwarden.com",
VaultUrl: "https://vault.bitwarden.com", VaultUrl: "https://vault.bitwarden.com",
EncryptedClientID: "", EncryptedClientID: "",