fix(GODT-2481): Fix DBUS Secert Service
Fix the path we are checking for was not updated for V3. Ensure that we only inspect items that start with the correct prefix. Some implementation (e.g.: KeepassXC) return some values which are not valid. Finally, remove unnecessary attributes.
This commit is contained in:
parent
b1ad0ab6dc
commit
9425e091d8
|
@ -20,6 +20,8 @@ package keychain
|
||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"github.com/ProtonMail/proton-bridge/v3/internal/constants"
|
||||||
|
"github.com/bradenaw/juniper/xslices"
|
||||||
"github.com/docker/docker-credential-helpers/credentials"
|
"github.com/docker/docker-credential-helpers/credentials"
|
||||||
"github.com/godbus/dbus"
|
"github.com/godbus/dbus"
|
||||||
"github.com/keybase/go-keychain/secretservice"
|
"github.com/keybase/go-keychain/secretservice"
|
||||||
|
@ -30,10 +32,13 @@ const (
|
||||||
labelAtt = "label"
|
labelAtt = "label"
|
||||||
usernameAtt = "username"
|
usernameAtt = "username"
|
||||||
|
|
||||||
defaulDomain = "protonmail/bridge/users/"
|
defaultLabel = "Proton Mail Bridge Credentials"
|
||||||
defaultLabel = "Docker Credentials"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func getDomain() string {
|
||||||
|
return hostURL(constants.KeyChainName)
|
||||||
|
}
|
||||||
|
|
||||||
func getSession() (*secretservice.SecretService, *secretservice.Session, error) {
|
func getSession() (*secretservice.SecretService, *secretservice.Session, error) {
|
||||||
service, err := secretservice.NewService()
|
service, err := secretservice.NewService()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -73,8 +78,9 @@ func getItems(service *secretservice.SecretService, attributes map[string]string
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
return xslices.Filter(items, func(t dbus.ObjectPath) bool {
|
||||||
return items, err
|
return strings.HasPrefix(string(t), "/org/freedesktop/secrets")
|
||||||
|
}), err
|
||||||
}
|
}
|
||||||
|
|
||||||
func unlock(service *secretservice.SecretService) error {
|
func unlock(service *secretservice.SecretService) error {
|
||||||
|
@ -108,8 +114,6 @@ func (s *SecretServiceDBusHelper) Add(creds *credentials.Credentials) error {
|
||||||
usernameAtt: creds.Username,
|
usernameAtt: creds.Username,
|
||||||
serverAtt: creds.ServerURL,
|
serverAtt: creds.ServerURL,
|
||||||
labelAtt: defaultLabel,
|
labelAtt: defaultLabel,
|
||||||
"xdg:schema": "io.docker.Credentials",
|
|
||||||
"docker_cli": "1",
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return handleTimeout(func() error {
|
return handleTimeout(func() error {
|
||||||
|
@ -203,13 +207,15 @@ func (s *SecretServiceDBusHelper) List() (map[string]string, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
defaultDomain := getDomain()
|
||||||
|
|
||||||
for _, it := range items {
|
for _, it := range items {
|
||||||
attributes, err := service.GetAttributes(it)
|
attributes, err := service.GetAttributes(it)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
if !strings.HasPrefix(attributes[serverAtt], defaulDomain) {
|
if !strings.HasPrefix(attributes[serverAtt], defaultDomain) {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue