package actions import ( "context" "fmt" "github.com/quexten/goldwarden/agent/bitwarden" "github.com/quexten/goldwarden/agent/bitwarden/crypto" "github.com/quexten/goldwarden/agent/config" "github.com/quexten/goldwarden/agent/sockets" "github.com/quexten/goldwarden/agent/systemauth/biometrics" "github.com/quexten/goldwarden/agent/systemauth/pinentry" "github.com/quexten/goldwarden/agent/vault" "github.com/quexten/goldwarden/ipc" ) func handleUnlockVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext *sockets.CallingContext) (response ipc.IPCMessage, err error) { if !cfg.HasPin() { response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: false, Message: "No pin set", }) if err != nil { panic(err) } return } if !cfg.IsLocked() { response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: true, Message: "Unlocked", }) if err != nil { panic(err) } return } err = cfg.TryUnlock(vault) if err != nil { response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: false, Message: "wrong pin: " + err.Error(), }) if err != nil { panic(err) } return } if cfg.IsLoggedIn() { token, err := cfg.GetToken() if err == nil { if token.AccessToken != "" { ctx := context.Background() bitwarden.RefreshToken(ctx, cfg) token, err := cfg.GetToken() userSymmkey, err := cfg.GetUserSymmetricKey() if err != nil { fmt.Println(err) } safeUserSymmkey, err := crypto.SymmetricEncryptionKeyFromBytes(userSymmkey) if err != nil { fmt.Println(err) } err = bitwarden.DoFullSync(context.WithValue(ctx, bitwarden.AuthToken{}, token.AccessToken), vault, cfg, &safeUserSymmkey, true) if err != nil { fmt.Println(err) } } } } response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: true, }) if err != nil { panic(err) } return } func handleLockVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext *sockets.CallingContext) (response ipc.IPCMessage, err error) { if !cfg.HasPin() { response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: false, Message: "No pin set", }) if err != nil { panic(err) } return } if cfg.IsLocked() { response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: true, Message: "Locked", }) if err != nil { panic(err) } return } cfg.Lock() vault.Clear() vault.Keyring.Lock() response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: true, }) if err != nil { panic(err) } return } func handleWipeVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext *sockets.CallingContext) (response ipc.IPCMessage, err error) { cfg.Purge() cfg.WriteConfig() vault.Clear() response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: true, }) if err != nil { panic(err) } return } func handleUpdateVaultPin(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext *sockets.CallingContext) (response ipc.IPCMessage, err error) { pin, err := pinentry.GetPassword("Pin Change", "Enter your desired pin") if err != nil { response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: false, Message: err.Error(), }) if err != nil { return ipc.IPCMessage{}, err } else { return response, nil } } cfg.UpdatePin(pin, true) response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: true, }) return } func handlePinStatus(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext *sockets.CallingContext) (response ipc.IPCMessage, err error) { var pinStatus string if cfg.HasPin() { pinStatus = "enabled" } else { pinStatus = "disabled" } response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{ Success: true, Message: pinStatus, }) return } func init() { AgentActionsRegistry.Register(ipc.IPCMessageTypeUnlockVaultRequest, handleUnlockVault) AgentActionsRegistry.Register(ipc.IPCMessageTypeLockVaultRequest, handleLockVault) AgentActionsRegistry.Register(ipc.IPCMessageTypeWipeVaultRequest, handleWipeVault) AgentActionsRegistry.Register(ipc.IPCMessageTypeUpdateVaultPINRequest, ensureBiometricsAuthorized(biometrics.ChangePin, handleUpdateVaultPin)) AgentActionsRegistry.Register(ipc.IPCMessageTypeGetVaultPINStatusRequest, handlePinStatus) }