stove/rougail-user-data-bitwarden
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
rougail-user-data-bitwarden/src/rougail/user_data_bitwarden/data.py

296 lines
9.1 KiB
Python
Raw Blame History

"""
Silique (https://www.silique.fr)
Copyright (C) 2025
distribued with GPL-2 or later license
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
"""
from subprocess import run
from json import loads
from os import environ
from shutil import which
from rougail.error import ExtentionError
from .i18n import _
class RougailUserDataBitwarden:
def __init__(
self,
config: "Config",
*,
rougailconfig: "RougailConfig" = None,
):
# this is the tiramisu config object
self.config = config
if rougailconfig is None:
from rougail.config import RougailConfig
rougailconfig = RougailConfig
user_data = rougailconfig["step.user_data"]
if "bitwarden" not in user_data:
user_data.append("bitwarden")
rougailconfig["step.user_data"] = user_data
user_data = rougailconfig["step.user_data"]
self.rougailconfig = rougailconfig
if "bitwarden" not in user_data:
raise ExtentionError(_('"bitwarden" is not set in step.user_data'))
self.errors = []
self.warnings = []
self.leader_informations = {}
self.bitwarden_command_line = self.get_command(rougailconfig)
def get_command(self, rougailconfig):
if "ROUGAIL_BITWARDEN_MOCK_ENABLE" in environ:
return None
one_is_find = False
force_command = rougailconfig["bitwarden.command"]
if force_command:
commands = [force_command]
else:
commands = ["rbw", "bw"]
for command in commands:
status = self.test_command(command)
if status is False:
one_is_find = True
elif status:
return command
if not force_command:
command_string = _('"rbw" or "bw"')
else:
command_string = _('"{0}"').format(force_command)
if one_is_find:
raise ExtentionError(
_("please unlock Bitwarden password database with {0}").format(
command_string
)
)
raise ExtentionError(
_("cannot find Bitwarden command {0} please install it").format(
command_string
)
)
def test_command(self, command):
if not which(command):
return None
if command == "rbw":
cmd = ["rbw", "unlocked"]
else:
cmd = ["bw", "status"]
try:
cpe = run(cmd, capture_output=True)
except Exception as exc:
return False
if cpe.returncode != 0:
return False
if command == "rbw":
return True
try:
data = loads(cpe.stdout.decode("utf8"))
if data["status"] == "unlocked":
return True
except:
pass
return False
def run(self):
values = {}
self.set_passwords(self.config.forcepermissive, values)
return [
{
"source": 'Bitwarden',
"errors": self.errors,
"warnings": self.warnings,
"values": values,
"options": {
"secret_manager": True,
}
}
]
def set_passwords(self, optiondescription, values):
for option in optiondescription.list(uncalculated=True):
if option.isoptiondescription():
self.set_passwords(option, values)
elif option.information.get("bitwarden", False):
values[option.path()] = (set_password, self.leader_informations, self.bitwarden_command_line)
def set_password(leader_informations, bitwarden_command_line, *, option, warnings, errors):
path = option.path()
leader_key = None
if option.isfollower():
leader_path = option.parent().leader().path()
if leader_path in leader_informations:
leader_key = leader_informations[leader_path][option.index()]
if not option.isleader():
return get_values(bitwarden_command_line, option, warnings, errors, leader_key=leader_key)
leader_informations[path], option_values = get_values(
bitwarden_command_line, option, warnings, errors, multiple=True, leader_key=option.value.default()[0]
)
return option_values
def get_values(bitwarden_command_line, option, warnings, errors, *, multiple=False, leader_key=None):
if leader_key:
key = leader_key
else:
key = option.value.default()
path = option.path()
type_ = option.information.get("type")
# FIXME retrait du permissive suffit ?
if "validator" not in option.property.get():
option.property.add("validator")
if not isinstance(key, str):
errors.append(
_('the default value for "{0}" must be the Bitwarden item name').format(
path
)
)
if multiple:
return [], []
return None
if "ROUGAIL_BITWARDEN_MOCK_ENABLE" in environ:
if type_ == "secret":
value = "Ex4mpL3_P4ssw0rD"
else:
value = "example_login"
if multiple:
return [key], [value]
return value
try:
if bitwarden_command_line == "rbw":
data = get_key_from_rbw(key, multiple)
else:
data = get_key_from_bw(key)
except Exception as exc:
errors.append(
_(
'cannot execute the "{0}" commandline from Bitwarden for "{1}": {2}'
).format(bitwarden_command_line, path, exc)
)
if multiple:
return [], []
return None
if not data:
errors.append(
_('item "{0}" in Bitwarden is not found for "{1}"').format(
key, path
)
)
if multiple:
return [], []
return None
if len(data) != 1:
names = [d["name"] for d in data]
if multiple:
ret = []
return names, [
get_value(key, path, type_, d, errors) for d in data
]
errors.append(
_(
'several items found with name "{0}" in Bitwarden for "{1}": "{2}"'
).format(key, path, '", "'.join(names))
)
return None
value = get_value(key, path, type_, data[0], errors)
if multiple:
return [data[0]["name"]], [value]
return value
def get_value( key_bitwarden: str, path: str, type_: str, data: dict, errors: dict) -> str:
try:
if type_ == "secret":
value = data["login"]["password"]
else:
value = data["login"]["username"]
except Exception as exc:
errors.append(
_('unexpected datas "{0}" from Bitwarden for "{1}": {2}').format(
key_bitwarden, path, exc
)
)
value = None
else:
if value is None:
if type_ == "secret":
bw_type = _("password")
else:
bw_type = _("username")
errors.append(
_('item "{0}" in Bitwarden has no {1} for "{2}"').format(
key_bitwarden, bw_type, path
)
)
return value
def get_key_from_rbw(
key_bitwarden: str, multiple: bool
):
keys = []
items = run_commandline(["rbw", "search", key_bitwarden]).strip()
if items:
items = items.split("\n")
else:
items = []
for item in items:
# if item.count('@') != 1:
# continue
if "@" in item:
keys.append(item.split("@", 1)[-1])
else:
keys.append(item.rsplit("/", 1)[-1])
if not multiple:
if not items:
return []
if len(items) > 1:
return [{"name": key} for key in keys]
keys = [key_bitwarden]
datas = []
for key in keys:
data = loads(
run_commandline(
["rbw", "get", key, "--raw", "--ignorecase"]
).strip()
)
datas.append({"name": key, "login": data["data"]})
return datas
def get_key_from_bw(
key_bitwarden: str,
):
return loads(
run_commandline(
["bw", "list", "items", "--search", key_bitwarden, "--nointeraction"]
)
)
def run_commandline(cmd) -> str:
cpe = run(cmd, capture_output=True)
err = cpe.stderr.decode("utf8")
if cpe.returncode != 0 or err:
raise Exception("{0} ({1})".format(err, cpe.returncode))
return cpe.stdout.decode("utf8")
Reference in a new issue View git blame Copy permalink