updated to work with api keys

2022-06-06 20:22:22 -04:00
parent e850610128
commit 8c2714a9d6
1 changed files with 30 additions and 18 deletions
--- a/bitwardenBackup.ps1
+++ b/bitwardenBackup.ps1
@@ -21,26 +21,38 @@ $sdelete = "$PSScriptRoot\lib\sdelete.exe"

 # begin while loop to login, if login is incorrect, ask user again
 while ($true) {
-    # ask for username, password, and auth 2fa code
-    $username = Read-Host "Please enter your bitwarden email"
-    $password = Read-Host -assecurestring "Please enter your bitwarden password"
-    $password = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password))
-    $code = Read-Host "Please enter your 2fa code (hit enter if not used)"
-    # logic for no code, code
-    if ($code -eq "") {
-        $sessionKey = $(& $bw login $username $password --raw --nointeraction)
-    } else {
-        $sessionKey = $(& $bw login $username $password --method 0 --code $code --raw --nointeraction)
-    }
-    # get the bw status to see if the login was successfull and inform user
+    # ask for api client id/secret and password
+    $clientID = Read-Host "Please enter your Bitwarden API client_id"
+    $env:BW_CLIENTID = "$clientID"
+    $clientSecret = Read-Host -assecurestring "Please enter your bitwarden API client_secret"
+    $clientSecret = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($clientSecret))
+    $env:BW_CLIENTSECRET = "$clientSecret"
+    # test login
+    & $bw login --apikey --raw
    $bwStatus = $(ConvertFrom-Json $(& $bw status))
-    if ($bwStatus.Status -ne "locked") {
-        # just writing a new line
-        Write-Host " "
-        Write-Warning "Unable to login, please try agian."
-    } else {
+    if ($bwStatus."Status" -eq "locked") {
+        # Authentication was successful 
+        # start new loop for password unlock
+        while ($true) {
+            $password = Read-Host -assecurestring "Please enter your Bitwarden password"
+            $password = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password))
+            $sessionKey = $(& $bw unlock $password --raw --nointeraction)
+            # get the bw status to see if the login was successfull and inform user
+            $bwStatus = $(ConvertFrom-Json $(& $bw status --session $sessionKey))
+            if ($bwStatus."Status" -eq "unlocked") {
+                $username = $bwStatus."userEmail"
+                break
+            } else {
+                # just writing a new line
+                Write-Host " "
+                Write-Warning "Unable to unlock your vault, please try agian."
+            }
+        }
        break
-    }
+    } else {
+        Write-Host " "
+        Write-Warning "Unable to authenticate, please try agian."
+    }  
 }

 # Export the vault to both CSV and JSON files, this allows best compatibility to import again or switch managers.