2022-11-26 12:49:57 +00:00
|
|
|
import os
|
2023-01-19 01:57:21 +00:00
|
|
|
import json
|
2022-11-26 12:49:57 +00:00
|
|
|
import subprocess
|
|
|
|
|
2023-04-21 12:39:06 +00:00
|
|
|
|
2022-11-26 20:33:31 +00:00
|
|
|
class BitwardenCommandException(Exception):
|
|
|
|
pass
|
|
|
|
|
2023-04-21 12:39:06 +00:00
|
|
|
|
2023-04-21 14:50:33 +00:00
|
|
|
def get_secret_from_bitwarden(logger, id):
|
|
|
|
return command_wrapper(logger, command=f"get item {id}")
|
2022-11-26 12:49:57 +00:00
|
|
|
|
2023-04-21 12:39:06 +00:00
|
|
|
|
2022-11-26 12:49:57 +00:00
|
|
|
def unlock_bw(logger):
|
2023-04-21 14:50:33 +00:00
|
|
|
status_output = command_wrapper(logger, "status", False)
|
|
|
|
status = status_output['data']['template']['status']
|
2023-01-19 01:57:21 +00:00
|
|
|
if status == 'unlocked':
|
|
|
|
logger.info("Already unlocked")
|
|
|
|
return
|
2023-04-21 14:50:33 +00:00
|
|
|
token_output = command_wrapper(logger, "unlock --passwordenv BW_PASSWORD")
|
|
|
|
os.environ["BW_SESSION"] = token_output["data"]["raw"]
|
2022-11-26 12:49:57 +00:00
|
|
|
logger.info("Signin successful. Session exported")
|
|
|
|
|
2023-04-21 12:39:06 +00:00
|
|
|
|
2023-04-21 14:50:33 +00:00
|
|
|
def command_wrapper(logger, command, use_success: bool = True):
|
2022-11-26 12:49:57 +00:00
|
|
|
system_env = dict(os.environ)
|
2023-04-21 12:39:06 +00:00
|
|
|
sp = subprocess.Popen(
|
2023-04-21 14:50:33 +00:00
|
|
|
[f"bw --response {command}"],
|
2023-04-21 12:39:06 +00:00
|
|
|
stdout=subprocess.PIPE,
|
|
|
|
stderr=subprocess.PIPE,
|
|
|
|
close_fds=True,
|
|
|
|
shell=True,
|
|
|
|
env=system_env)
|
2022-11-26 12:49:57 +00:00
|
|
|
out, err = sp.communicate()
|
2023-04-24 07:54:53 +00:00
|
|
|
if "DEBUG" in system_env:
|
2023-06-24 16:31:00 +00:00
|
|
|
logger.info(out.decode(encoding='UTF-8'))
|
|
|
|
resp = json.loads(out.decode(encoding='UTF-8'))
|
2023-04-21 14:50:33 +00:00
|
|
|
if resp["success"] != None and (not use_success or (use_success and resp["success"] == True)):
|
|
|
|
return resp
|
|
|
|
logger.warn(resp)
|
|
|
|
return None
|
2022-11-26 20:33:31 +00:00
|
|
|
|
2023-04-21 12:39:06 +00:00
|
|
|
|
2022-11-26 20:33:31 +00:00
|
|
|
def parse_login_scope(secret_json, key):
|
2023-04-21 14:50:33 +00:00
|
|
|
return secret_json["data"]["login"][key]
|
2022-11-26 20:33:31 +00:00
|
|
|
|
2023-04-21 12:39:06 +00:00
|
|
|
|
2022-11-26 20:33:31 +00:00
|
|
|
def parse_fields_scope(secret_json, key):
|
2023-05-10 08:35:00 +00:00
|
|
|
if "fields" not in secret_json["data"]:
|
2023-01-20 01:57:06 +00:00
|
|
|
return None
|
2023-04-21 14:50:33 +00:00
|
|
|
for entry in secret_json["data"]["fields"]:
|
2022-11-26 20:33:31 +00:00
|
|
|
if entry['name'] == key:
|
|
|
|
return entry['value']
|