//go:build linux || freebsd package biometrics import ( "github.com/amenzhinsky/go-polkit" ) const POLICY = ` Allow access to the vault Allows access to the vault auth_self auth_self auth_self Use SSH Key Authenticate to use an SSH Key from your vault auth_self auth_self auth_self Browser Biometrics Authenticate to allow Goldwarden to unlock your browser auth_self auth_self auth_self ` func CheckBiometrics(approvalType Approval) bool { if biometricsDisabled { return true } log.Info("Checking biometrics for %s", approvalType.String()) authority, err := polkit.NewAuthority() if err != nil { log.Error("Failed to create polkit authority: %s", err.Error()) return false } result, err := authority.CheckAuthorization( approvalType.String(), nil, uint32(polkit.AuthenticationRequiredRetained), "", ) if err != nil { log.Error("Failed to create polkit authority: %s", err.Error()) return false } log.Info("Biometrics result: %t", result.IsAuthorized) return result.IsAuthorized } func BiometricsWorking() bool { if biometricsDisabled { return false } authority, err := polkit.NewAuthority() if err != nil { return false } result, err := authority.EnumerateActions("en") if err != nil { return false } if len(result) == 0 { return false } testFor := AccessVault for _, action := range result { if Approval(action.ActionID) == testFor { return true } } return false }