mirror of
https://github.com/bitwarden/browser
synced 2025-12-19 01:33:33 +00:00
SSO login (#154)
* support sso login * update jslib * set clientid in base login command
This commit is contained in:
Kyle Spearrin
GitHub
@@ -1,7 +1,11 @@
|
||||
import * as program from 'commander';
|
||||
|
||||
import { ApiService } from 'jslib/abstractions/api.service';
|
||||
import { AuthService } from 'jslib/abstractions/auth.service';
|
||||
import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service';
|
||||
import { EnvironmentService } from 'jslib/abstractions/environment.service';
|
||||
import { I18nService } from 'jslib/abstractions/i18n.service';
|
||||
import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service';
|
||||
import { SyncService } from 'jslib/abstractions/sync.service';
|
||||
|
||||
import { MessageResponse } from 'jslib/cli/models/response/messageResponse';
|
||||
@@ -11,24 +15,41 @@ import { Utils } from 'jslib/misc/utils';
|
||||
import { LoginCommand as BaseLoginCommand } from 'jslib/cli/commands/login.command';
|
||||
|
||||
export class LoginCommand extends BaseLoginCommand {
|
||||
private cmd: program.Command;
|
||||
|
||||
constructor(authService: AuthService, apiService: ApiService,
|
||||
cryptoFunctionService: CryptoFunctionService, syncService: SyncService,
|
||||
i18nService: I18nService) {
|
||||
super(authService, apiService, i18nService);
|
||||
i18nService: I18nService, environmentService: EnvironmentService,
|
||||
passwordGenerationService: PasswordGenerationService) {
|
||||
super(authService, apiService, i18nService, environmentService, passwordGenerationService,
|
||||
cryptoFunctionService);
|
||||
this.clientId = 'cli';
|
||||
this.validatedParams = async () => {
|
||||
const key = await cryptoFunctionService.randomBytes(64);
|
||||
process.env.BW_SESSION = Utils.fromBufferToB64(key);
|
||||
};
|
||||
this.success = async () => {
|
||||
await syncService.fullSync(true);
|
||||
const res = new MessageResponse('You are logged in!', '\n' +
|
||||
'To unlock your vault, set your session key to the `BW_SESSION` environment variable. ex:\n' +
|
||||
'$ export BW_SESSION="' + process.env.BW_SESSION + '"\n' +
|
||||
'> $env:BW_SESSION="' + process.env.BW_SESSION + '"\n\n' +
|
||||
'You can also pass the session key to any command with the `--session` option. ex:\n' +
|
||||
'$ bw list items --session ' + process.env.BW_SESSION);
|
||||
res.raw = process.env.BW_SESSION;
|
||||
return res;
|
||||
if (this.cmd.sso != null && this.canInteract) {
|
||||
const res = new MessageResponse('You are logged in!', '\n' +
|
||||
'To unlock your vault, use the `unlock` command. ex:\n' +
|
||||
'$ bw unlock');
|
||||
return res;
|
||||
} else {
|
||||
const res = new MessageResponse('You are logged in!', '\n' +
|
||||
'To unlock your vault, set your session key to the `BW_SESSION` environment variable. ex:\n' +
|
||||
'$ export BW_SESSION="' + process.env.BW_SESSION + '"\n' +
|
||||
'> $env:BW_SESSION="' + process.env.BW_SESSION + '"\n\n' +
|
||||
'You can also pass the session key to any command with the `--session` option. ex:\n' +
|
||||
'$ bw list items --session ' + process.env.BW_SESSION);
|
||||
res.raw = process.env.BW_SESSION;
|
||||
return res;
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
run(email: string, password: string, cmd: program.Command) {
|
||||
this.cmd = cmd;
|
||||
return super.run(email, password, cmd);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import * as program from 'commander';
|
||||
import * as inquirer from 'inquirer';
|
||||
|
||||
import { ApiService } from 'jslib/abstractions/api.service';
|
||||
import { CryptoService } from 'jslib/abstractions/crypto.service';
|
||||
import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service';
|
||||
import { UserService } from 'jslib/abstractions/user.service';
|
||||
@@ -8,11 +9,13 @@ import { UserService } from 'jslib/abstractions/user.service';
|
||||
import { Response } from 'jslib/cli/models/response';
|
||||
import { MessageResponse } from 'jslib/cli/models/response/messageResponse';
|
||||
|
||||
import { PasswordVerificationRequest } from 'jslib/models/request/passwordVerificationRequest';
|
||||
|
||||
import { Utils } from 'jslib/misc/utils';
|
||||
|
||||
export class UnlockCommand {
|
||||
constructor(private cryptoService: CryptoService, private userService: UserService,
|
||||
private cryptoFunctionService: CryptoFunctionService) { }
|
||||
private cryptoFunctionService: CryptoFunctionService, private apiService: ApiService) { }
|
||||
|
||||
async run(password: string, cmd: program.Command) {
|
||||
const canInteract = process.env.BW_NOINTERACTION !== 'true';
|
||||
@@ -34,8 +37,24 @@ export class UnlockCommand {
|
||||
const kdfIterations = await this.userService.getKdfIterations();
|
||||
const key = await this.cryptoService.makeKey(password, email, kdf, kdfIterations);
|
||||
const keyHash = await this.cryptoService.hashPassword(password, key);
|
||||
const storedKeyHash = await this.cryptoService.getKeyHash();
|
||||
if (storedKeyHash != null && keyHash != null && storedKeyHash === keyHash) {
|
||||
|
||||
let passwordValid = false;
|
||||
if (keyHash != null) {
|
||||
const storedKeyHash = await this.cryptoService.getKeyHash();
|
||||
if (storedKeyHash != null) {
|
||||
passwordValid = storedKeyHash === keyHash;
|
||||
} else {
|
||||
const request = new PasswordVerificationRequest();
|
||||
request.masterPasswordHash = keyHash;
|
||||
try {
|
||||
await this.apiService.postAccountVerifyPassword(request);
|
||||
passwordValid = true;
|
||||
await this.cryptoService.setKeyHash(keyHash);
|
||||
} catch { }
|
||||
}
|
||||
}
|
||||
|
||||
if (passwordValid) {
|
||||
await this.cryptoService.setKey(key);
|
||||
const res = new MessageResponse('Your vault is now unlocked!', '\n' +
|
||||
'To unlock your vault, set your session key to the `BW_SESSION` environment variable. ex:\n' +
|
||||
|
||||
Reference in New Issue
Block a user