goldwarden-vaultwarden-bitw.../agent/actions/vault.go

187 lines
4.4 KiB
Go

package actions
import (
"context"
"fmt"
"github.com/quexten/goldwarden/agent/bitwarden"
"github.com/quexten/goldwarden/agent/bitwarden/crypto"
"github.com/quexten/goldwarden/agent/config"
"github.com/quexten/goldwarden/agent/sockets"
"github.com/quexten/goldwarden/agent/systemauth/biometrics"
"github.com/quexten/goldwarden/agent/systemauth/pinentry"
"github.com/quexten/goldwarden/agent/vault"
"github.com/quexten/goldwarden/ipc"
)
func handleUnlockVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext sockets.CallingContext) (response interface{}, err error) {
if !cfg.HasPin() {
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: false,
Message: "No pin set",
})
if err != nil {
panic(err)
}
return
}
if !cfg.IsLocked() {
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: true,
Message: "Unlocked",
})
if err != nil {
panic(err)
}
return
}
err = cfg.TryUnlock(vault)
if err != nil {
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: false,
Message: "wrong pin: " + err.Error(),
})
if err != nil {
panic(err)
}
return
}
if cfg.IsLoggedIn() {
token, err := cfg.GetToken()
if err == nil {
if token.AccessToken != "" {
ctx := context.Background()
bitwarden.RefreshToken(ctx, cfg)
token, err := cfg.GetToken()
userSymmkey, err := cfg.GetUserSymmetricKey()
if err != nil {
fmt.Println(err)
}
safeUserSymmkey, err := crypto.SymmetricEncryptionKeyFromBytes(userSymmkey)
if err != nil {
fmt.Println(err)
}
err = bitwarden.DoFullSync(context.WithValue(ctx, bitwarden.AuthToken{}, token.AccessToken), vault, cfg, &safeUserSymmkey, true)
if err != nil {
fmt.Println(err)
}
}
}
}
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: true,
})
if err != nil {
panic(err)
}
return
}
func handleLockVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext sockets.CallingContext) (response interface{}, err error) {
if !cfg.HasPin() {
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: false,
Message: "No pin set",
})
if err != nil {
panic(err)
}
return
}
if cfg.IsLocked() {
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: true,
Message: "Locked",
})
if err != nil {
panic(err)
}
return
}
cfg.Lock()
vault.Clear()
vault.Keyring.Lock()
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: true,
})
if err != nil {
panic(err)
}
return
}
func handleWipeVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext sockets.CallingContext) (response interface{}, err error) {
cfg.Purge()
cfg.WriteConfig()
vault.Clear()
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: true,
})
if err != nil {
panic(err)
}
return
}
func handleUpdateVaultPin(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext sockets.CallingContext) (response interface{}, err error) {
pin, err := pinentry.GetPassword("Pin Change", "Enter your desired pin")
if err != nil {
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: false,
Message: err.Error(),
})
if err != nil {
return nil, err
} else {
return response, nil
}
}
cfg.UpdatePin(pin, true)
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: true,
})
return
}
func handlePinStatus(request ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext sockets.CallingContext) (response interface{}, err error) {
var pinStatus string
if cfg.HasPin() {
pinStatus = "enabled"
} else {
pinStatus = "disabled"
}
response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
Success: true,
Message: pinStatus,
})
return
}
func init() {
AgentActionsRegistry.Register(ipc.IPCMessageTypeUnlockVaultRequest, handleUnlockVault)
AgentActionsRegistry.Register(ipc.IPCMessageTypeLockVaultRequest, handleLockVault)
AgentActionsRegistry.Register(ipc.IPCMessageTypeWipeVaultRequest, handleWipeVault)
AgentActionsRegistry.Register(ipc.IPCMessageTypeUpdateVaultPINRequest, ensureBiometricsAuthorized(biometrics.ChangePin, handleUpdateVaultPin))
AgentActionsRegistry.Register(ipc.IPCMessageTypeGetVaultPINStatusRequest, handlePinStatus)
}