package systemauth import ( "github.com/LlamaNite/llamalog" "github.com/amenzhinsky/go-polkit" ) var log = llamalog.NewLogger("Goldwarden", "Systemauth") type Approval string const ( AccessCredential Approval = "com.quexten.goldwarden.accesscredential" ChangePin Approval = "com.quexten.goldwarden.changepin" SSHKey Approval = "com.quexten.goldwarden.usesshkey" ModifyVault Approval = "com.quexten.goldwarden.modifyvault" BrowserBiometrics Approval = "com.quexten.goldwarden.browserbiometrics" ) const POLICY = ` Allow Credential Access Authenticate to allow access to a single credential auth_self auth_self auth_self Approve Pin Change Authenticate to change your Goldwarden PIN. auth_self auth_self auth_self Use Bitwarden SSH Key Authenticate to use an SSH Key from your vault auth_self auth_self auth_self Modify Bitwarden Vault Authenticate to allow modification of your Bitvarden vault in Goldwarden auth_self auth_self auth_self Browser Biometrics Authenticate to allow Goldwarden to unlock your browser. auth_self auth_self auth_self ` func (a Approval) String() string { return string(a) } func CheckBiometrics(approvalType Approval) bool { log.Info("Checking biometrics for %s", approvalType.String()) authority, err := polkit.NewAuthority() if err != nil { return false } result, err := authority.CheckAuthorization( approvalType.String(), nil, polkit.CheckAuthorizationAllowUserInteraction, "", ) if err != nil { return false } log.Info("Biometrics result: %t", result.IsAuthorized) return result.IsAuthorized }