This commit is contained in:
commit
e2898677e6
|
@ -116,6 +116,7 @@ func LoginWithApiKey(ctx context.Context, email string, cfg *config.Config, vaul
|
||||||
|
|
||||||
func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Config, vault *vault.Vault) (LoginResponseToken, crypto.MasterKey, string, error) {
|
func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Config, vault *vault.Vault) (LoginResponseToken, crypto.MasterKey, string, error) {
|
||||||
var preLogin preLoginResponse
|
var preLogin preLoginResponse
|
||||||
|
fmt.Println("Posting prelogin")
|
||||||
if err := authenticatedHTTPPost(ctx, cfg.ConfigFile.IdentityUrl+"/accounts/prelogin", &preLogin, preLoginRequest{
|
if err := authenticatedHTTPPost(ctx, cfg.ConfigFile.IdentityUrl+"/accounts/prelogin", &preLogin, preLoginRequest{
|
||||||
Email: email,
|
Email: email,
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
|
@ -127,12 +128,14 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf
|
||||||
var masterKey crypto.MasterKey
|
var masterKey crypto.MasterKey
|
||||||
var hashedPassword string
|
var hashedPassword string
|
||||||
|
|
||||||
|
fmt.Println("Getting password")
|
||||||
password, err := pinentry.GetPassword("Bitwarden Password", "Enter your Bitwarden password")
|
password, err := pinentry.GetPassword("Bitwarden Password", "Enter your Bitwarden password")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
notify.Notify("Goldwarden", fmt.Sprintf("Could not get password: %v", err), "", 0, func() {})
|
notify.Notify("Goldwarden", fmt.Sprintf("Could not get password: %v", err), "", 0, func() {})
|
||||||
return LoginResponseToken{}, crypto.MasterKey{}, "", err
|
return LoginResponseToken{}, crypto.MasterKey{}, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fmt.Println("Deriving master key")
|
||||||
masterKey, err = crypto.DeriveMasterKey([]byte(strings.Clone(password)), email, crypto.KDFConfig{Type: crypto.KDFType(preLogin.KDF), Iterations: uint32(preLogin.KDFIterations), Memory: uint32(preLogin.KDFMemory), Parallelism: uint32(preLogin.KDFParallelism)})
|
masterKey, err = crypto.DeriveMasterKey([]byte(strings.Clone(password)), email, crypto.KDFConfig{Type: crypto.KDFType(preLogin.KDF), Iterations: uint32(preLogin.KDFIterations), Memory: uint32(preLogin.KDFMemory), Parallelism: uint32(preLogin.KDFParallelism)})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
notify.Notify("Goldwarden", fmt.Sprintf("Could not derive master key: %v", err), "", 0, func() {})
|
notify.Notify("Goldwarden", fmt.Sprintf("Could not derive master key: %v", err), "", 0, func() {})
|
||||||
|
@ -142,14 +145,14 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf
|
||||||
hashedPassword = b64enc.EncodeToString(pbkdf2.Key(masterKey.GetBytes(), []byte(password), 1, 32, sha256.New))
|
hashedPassword = b64enc.EncodeToString(pbkdf2.Key(masterKey.GetBytes(), []byte(password), 1, 32, sha256.New))
|
||||||
|
|
||||||
values = urlValues(
|
values = urlValues(
|
||||||
|
"scope", loginScope,
|
||||||
|
"client_id", "web",
|
||||||
|
"deviceType", "10",
|
||||||
|
"deviceIdentifier", cfg.ConfigFile.DeviceUUID,
|
||||||
|
"deviceName", "firefox",
|
||||||
"grant_type", "password",
|
"grant_type", "password",
|
||||||
"username", email,
|
"username", email,
|
||||||
"password", string(hashedPassword),
|
"password", string(hashedPassword),
|
||||||
"scope", loginScope,
|
|
||||||
"client_id", "connector",
|
|
||||||
"deviceType", deviceType(),
|
|
||||||
"deviceName", deviceName,
|
|
||||||
"deviceIdentifier", cfg.ConfigFile.DeviceUUID,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var loginResponseToken LoginResponseToken
|
var loginResponseToken LoginResponseToken
|
||||||
|
|
|
@ -51,7 +51,7 @@ func authenticatedHTTPPost(ctx context.Context, urlstr string, recv, send interf
|
||||||
}
|
}
|
||||||
req.Header.Set("Content-Type", contentType)
|
req.Header.Set("Content-Type", contentType)
|
||||||
if authEmail != "" {
|
if authEmail != "" {
|
||||||
req.Header.Set("Auth-Email", base64.URLEncoding.EncodeToString([]byte(authEmail)))
|
req.Header.Set("Auth-Email", base64.RawURLEncoding.EncodeToString([]byte(authEmail)))
|
||||||
}
|
}
|
||||||
return makeAuthenticatedHTTPRequest(ctx, req, recv)
|
return makeAuthenticatedHTTPRequest(ctx, req, recv)
|
||||||
}
|
}
|
||||||
|
@ -97,8 +97,10 @@ func makeAuthenticatedHTTPRequest(ctx context.Context, req *http.Request, recv i
|
||||||
if token, ok := ctx.Value(AuthToken{}).(string); ok {
|
if token, ok := ctx.Value(AuthToken{}).(string); ok {
|
||||||
req.Header.Set("Authorization", "Bearer "+token)
|
req.Header.Set("Authorization", "Bearer "+token)
|
||||||
}
|
}
|
||||||
req.Header.Set("device-type", deviceType())
|
req.Header.Set("Accept", "*/*")
|
||||||
|
req.Header.Set("Accept-Language", "en-US,en;q=0.5")
|
||||||
req.Header.Set("User-Agent", "Goldwarden (github.com/quexten/goldwarden)")
|
req.Header.Set("User-Agent", "Goldwarden (github.com/quexten/goldwarden)")
|
||||||
|
req.Header.Set("Device-Type", "10")
|
||||||
req.Header.Set("Bitwarden-Client-Name", "goldwarden")
|
req.Header.Set("Bitwarden-Client-Name", "goldwarden")
|
||||||
req.Header.Set("Bitwarden-Client-Version", "0.0.0")
|
req.Header.Set("Bitwarden-Client-Version", "0.0.0")
|
||||||
|
|
||||||
|
|
|
@ -89,8 +89,8 @@ func DefaultConfig(useMemguard bool) Config {
|
||||||
useMemguard,
|
useMemguard,
|
||||||
&keyBuffer,
|
&keyBuffer,
|
||||||
ConfigFile{
|
ConfigFile{
|
||||||
IdentityUrl: "https://vault.bitwarden.com/identity",
|
IdentityUrl: "https://identity.bitwarden.com",
|
||||||
ApiUrl: "https://vault.bitwarden.com/api",
|
ApiUrl: "https://api.bitwarden.com",
|
||||||
NotificationsUrl: "https://notifications.bitwarden.com",
|
NotificationsUrl: "https://notifications.bitwarden.com",
|
||||||
VaultUrl: "https://vault.bitwarden.com",
|
VaultUrl: "https://vault.bitwarden.com",
|
||||||
EncryptedClientID: "",
|
EncryptedClientID: "",
|
||||||
|
|
Loading…
Reference in New Issue