Coder Social home page Coder Social logo

blacs30 / bitwarden-alfred-workflow Goto Github PK

View Code? Open in Web Editor NEW

This project forked from stuartcryan/lastpass-alfred-workflow

447.0 8.0 32.0 10.95 MB

Simple Bitwarden Workflow for Alfred

License: MIT License

Makefile 1.14% Starlark 0.70% Go 89.23% Shell 8.93%

bitwarden-alfred-workflow's Introduction

Bitwarden Alfred Workflow

Access your Bitwarden passwords, secrets, attachments and more via this powerful Alfred Workflow

THIS PROJECT HAS BEEN ARCHIVED
If someone wants to take this project over please contact me
I recommend this alternative workflow
https://github.com/ajrosen/Bitwarden-Accelerator
Alternatively I can also recommend 1Password as password manager

Table of contents

Features

  • Completely rewritten in go
  • fast secret / item search thanks to caching (no secrets are cached only the keys/names)
    • cache is encrypted
  • access to (almost) all object information via this workflow
  • download attachments via this workflow
  • show favicons of the websites
  • auto update (currently disabled. Alfred Gallery update support coming soon)
  • auto Bitwarden sync in the background
  • auto lock on startup and after customizable idle time
  • uses the awgo framework/library
  • many customizations possible

This workflow requires Alfred 5.0+.
This workflow is undergoing some changes in order to be listed on Alfred Gallery
If you are using Alfred 4, the latest supported version is 2.4.7.
NOT tested with Alfred 3

Bitwarden V2 - Alfred Workflow Demo

Installation

  • Download the latest release
  • Open the downloaded file in Finder
  • Make sure that the Bitwarden CLI version 1.19 or newer is installed
  • If running on macOS Catalina or later, you MUST add Alfred to the list of security exceptions for running unsigned software. See this guide for instructions on how to do this.
    • Yes, this sucks and is annoying, but there is unfortunately is no easy way around this. macOS requires a paying Developer account for proper app notarization. I'm afraid I'm not willing to pay a yearly subscription fee to Apple just so that this (free and open source) project doesn't pester macOS Gatekeeper.

PATH configuration

In many cases the bw and node executables are located in paths outside of the default system PATH.
Please configure the Alfred Worklow variables PATH accordingly.
In a normal terminal type which bw and copy the dirname (everything except the "bw") into the PATH workflow variable.
The best is to append it to the existing string and separate it by a colon (:)
Repeat the above steps for node, starting with which node.

Workflow PATH config

Usage

To use, activate Alfred and type .bw to trigger this workflow. From there:

  • type .bwauth for login/logout/unlock/lock
  • type .bwconfig for settings/sync/workflow help/issue reports
  • type any search term to search for secrets/notes/identities/cards
  • modifier keys and actions are presented in the subtitle, different actions are available depending on the object type

Login via APIKEY

Since version 2.4.1 the workflow supports login via the api key.
Get/create an api key via the web ui. See more information here https://bitwarden.com/help/article/cli/#using-an-api-key
To use the api key login flow in the workflow set the workflow variable USE_APIKEY to true.
The workflow will then ask you for the client_id and client secret to login.
Immediately afterwards it will also ask to unlock with the master password to get a session key.
That is a separate step and required with the api key as login method.

Search- / Filtermode

Up to version < 2.1.0 the Fuzzy filtering a la Sublime Text was default. Starting with version 2.1.0 Alfreds internal filtering is default.

You can change the search-/filtermode yourself easily. This gif shows the 3 steps which need to be done for it: Change filter mode

Enable auto background sync

In version 2.3.0 the background sync mechanism was added.
It is using the macOS user LaunchAgent.

To install the sync configure the workflow variables:

  • AUTOSYNC_TIMES, this can be used to configure comma separated multiple sync times per day, e.g. 8:15,23:45
  • alternatively you can use AUTO_HOUR together with AUTO_MIN for only one sync time

Bitwarden needs to be unlocked for sync to work.

Install via Alfred keyword: .bwauto

Enable auto lock

In version 2.3.0 the background lock and lock on startup mechanism was added.
It is using the macOS user LaunchAgent.

To install the sync configure the workflow variables:

  • LOCK_TIMEOUT set to a time in minutes after which the workflow should be locked if it hasn't been used in the meantime

The LaunchAgent checks every 5 minutes if the lock timeout has been reached.

The LaunchAgent checks also on load (e.g. startup of the system and login of the user),
if the startup happened within the last 5 minutes, if so then it locks the Bitwarden workflow.

Install via Alfred keyword: .bwautolock

Advanced Features / Configuration

Name Comment Default Value
2FA_ENABLED enables or disables 2FA for login (can be set via .bwconfig ) true
2FA_MODE sets the mode for the 2FA (can be set via .bwconfig ), 0 authenticator app, 1, email, 3 yubikey otp ; not used when APIKEYS are used to login 0
AUTO_HOUR sets the hour for the backround sync to run (is installed separately with .bwauto) 10
AUTO_MIN sets the minute for the backround sync to run (is installed separately with .bwauto) 0
AUTOSYNC_TIMES sets multiple times when bitwarden should sync with the server, this is used first and instead of AUTO_MIN and AUTO_HOUR 8:15,23:45
AUTO_FETCH_ICON_CACHE_AGE This defines how often the Workflow should check for an icon if is missing, it doesn't need to do it on every run hence this cache 1440 (1 day)
BW_EXEC defines the binary/executable for the Bitwarden CLI command bw
BW_DATA_PATH sets the path to the Bitwarden Cli data.json "~/Library/Application Support/Bitwarden CLI/data.json""
bw_keyword defines the keyword which opens the Bitwarden Alfred Workflow .bw
bwf_keyword defines the keyword which opens the folder search of the Bitwarden Alfred Workflow .bwf
bwauth_keyword defines the keyword which opens the Bitwarden authentications of the Alfred Workflow .bwauth
bwauto_keyword defines the keyword which opens the Bitwarden background sync agent .bwauto
bwautolock_keyword defines the keyword which opens the Bitwarden background lock agent .bwautolock
bwconf_keyword defines the keyword which opens the Bitwarden configuration/settings of the Alfred Workflow .bwconfig
DEBUG If enabled print additional debug information, specially about for the decryption process false
EMAIL the email which to use for the login via the Bitwarden CLI, will be read from the data.json of the Bitwarden CLI if present ""
EMAIL_MAX_WAIT For the email 2fa we trigger a process so that Bitwarden sends the email. Then we kill that process after timeout x is reached. This sets how long the process should wait before it is cancelled because if cancelled too early no email is send but waiting too long is annoying. 15
EMPTY_DETAIL_RESULTS Show all information in the detail view, also if the content is empty false
ICON_CACHE_ENABLED Download icons for login items if a URL is set true
ICON_CACHE_AGE This defines how old the icon cache can get in minutes, if expired the Workflow will download icons again. If icons are missing the workflow will also try to download them unrelated to this timeout 43200 (1 month)
LOCK_TIMEOUT Besides the lock on startup this additional timeout is set to define when Bitwarden should be locked in case of no usage. 1440 (1 day)
MAX_RESULTS The number of items to display maximal in the search view 1000
MODIFIER_1 The first modifier key combination, possible options, which can be combined by comma separation, are "cmd,alt/opt,ctrl,shift,fn" alt
MODIFIER_2 The first modifier key combination, possible options, which can be combined by comma separation, are "cmd,alt/opt,ctrl,shift,fn" shift
MODIFIER_3 The first modifier key combination, possible options, which can be combined by comma separation, are "cmd,alt/opt,ctrl,shift,fn" ctrl
MODIFIER_4 The first modifier key combination, possible options, which can be combined by comma separation, are "cmd,alt/opt,ctrl,shift,fn" cmd,opt
MODIFIER_5 The first modifier key combination, possible options, which can be combined by comma separation, are "cmd,alt/opt,ctrl,shift,fn" cmd,shift
MODIFIER_1_ACTION Action executed by the first modifier username,code
MODIFIER_2_ACTION Action executed by the second modifier url
MODIFIER_3_ACTION Action executed by the third modifier totp
MODIFIER_4_ACTION Action executed by the fourth modifier more
MODIFIER_5_ACTION Action executed by the fifth modifier webui
NO_MODIFIER_ACTION Action executed without modifier pressed password,card
OPEN_LOGIN_URL If set to false the url of an item will be copied to the clipboard, otherwise it will be opened in the default browser. true
OUTPUT_FOLDER The folder to which attachments should be saved when the action is triggered. Default is $HOME/Downloads. "~" can be used as well. ""
PATH The PATH env variable which is used to search for executables (like the Bitwarden CLI configured with BW_EXEC, security to get and set keychain objects) /usr/bin:/usr/local/bin:/usr/local/sbin:/usr/local/share/npm/bin:/usr/bin:/usr/sbin
REORDERING_DISABLED If set to false the items which are often selected appear further up in the results. true
SERVER_URL Set the server url if you host your own Bitwarden instance - you can also set separate domains for api,webvault etc e.g. --api http://localhost:4000 --identity http://localhost:33656 https://bitwarden.com
SKIP_TYPES Comma separated list of types which should not be listed in the Workflow. Clear the Workflow cache and sync again (in .bwconf ) Available types to skip: (login, note, card, identity) ""
TITLE_WITH_USER If enabled the name of the login user item or the last 4 numbers of the card number will be appended (added) at the end of the name of the item true
TITLE_WITH_URLS If enabled all the URLs for an login item will be appended (added) at the end of the name of the item true
USE_APIKEY If enabled an API KEY can be used to login, this is helpful to prevent problems with captches which Bitwarden cloud introduced recently https://bitwarden.com/help/article/cli/#using-an-api-key ; Second Factor will not be used when APIKEYS are used. After the login with APIKEYS an unlock with the master password is required - the workflow asks automatically to unlock false
WEBUI_URL Set the Web UI vault url if you host your own Bitwarden instance - you can also set separate domains for api,webvault etc e.g. --api http://localhost:4000 --identity http://localhost:33656 https://vault.bitwarden.com

Modifier Actions Explained

type action name
login password
username
url
webui
totp
note - (always copy the secret note)
cards card
code
identity - (always copy the name )
others more (to show all item entries, can't be NO_MODIFIER_ACTION)

You can place per type one action name into the ACTION config, a combination is possible where it is not overlapping with more or another of the same type.

Good examples:

NO_MODIFIER_ACTION=url,code
MODIFIER_1_ACTION=totp
MODIFIER_2_ACTION=more
MODIFIER_3_ACTION=password,card (2 items listed but of different type)

Bad examples:

NO_MODIFIER_ACTION=url,password
MODIFIER_3_ACTION=code,card (2 items listed but of the same type, therefore this is not permitted and will cause problems)

Develop locally

  1. Install alfred cli
    go install github.com/jason0x43/go-alfred/alfred@latest

  2. Clone this repo.

  3. Link the workflow directory with Alfred
    cd workflow; alfred link

  4. Install dependency and run the first build
    make build

Colors and Icons

Light blue

Hex: #175DDC
RGB: 23,93,220

Darker blue

Hex: #134db7
RGB: 20,81,192

Get icons as pngs here https://fa2png.app/ and this is the browser https://fontawesome.com/cheatsheet

Licensing and Thanks

The icons are based on Bitwarden Brand , Font Awesome and Material Design Icons.

Parts of the README are taken over from alfred-aws-console-services-workflow

Contributors

A big thanks to all code contributors but also to everyone who creates issues and helps that this workflow matures.

  • @luckman212
  • @blacs30

Though this repository was a fork, it has 0 code reference anymore to the forked repo because of watchers and stars I decided to leave it this way and not to "unlink" it - by creating a new clean repository

Source that helped me to get started

Troubleshooting

"bitwarden-alfred-workflow" cannot be opened because the developer cannot be verified.

The following dialog can appear when running the workflow:

image

Workaround

Per the installation steps, you MUST add Alfred to the list of Developer Tool exceptions for Alfred to run any workflow that contains an executable (like this one)

Unexpected error. Exit code -1.

Using bw cli and this workflow in parallel can possibly cause this error occurs Unexpected error. Exit code -1. The reason for that is when the bw cli is used in the terminal and the password is entered that a new session is initiated and the workflow's session invalidated.

Workaround

You can use the bash functions created by @luckman212 and located here in github
Download the bash file and source it in your own .bash_profile or .zshrc

Getting a secret still takes very much time

NB: The workflow's internal decryption mechanism is currently not working. Follow issue 171 for progress on this issue.

With version 2.2.0 this workflow decrypts the secrets without using the bw cli. This is much faster but it might possibly can fail.
If it fails it falls back and uses the bw cli to get the secret. The decryption takes then more time again, was in the previous versions.

Workaround

To use the workflows faster decryption you can follow this instruction by Bitwarden
to update the encryption keys to the new mechanism.

The linked doc doesn't specify how to force creation of a new key. It's easy though:

  • Login to your vault.
  • Click Settings at the top of the page.
  • Under My Account, scroll down to Encryption Key Settings.
  • Follow the instructions provided.
  • Logout (and on again) from Bitwarden on all devices.

bitwarden-alfred-workflow's People

Contributors

0skgc avatar andreasnasman avatar blacs30 avatar cnpunkt avatar creatorkoo avatar domoritz avatar gmq avatar hanoii avatar jsquyres avatar luckman212 avatar rustycamper avatar stdavis avatar stingalleman avatar stuartcryan avatar tcohen511 avatar wollew avatar zhongjis avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

bitwarden-alfred-workflow's Issues

Malformed session key: cannot login

When logging in via bwlogin to the bitwarden hosted instance with an account with 2fa enabled (not sure if relevant), the session key is malformed and only contains [object as can be seen in Keychain:

image

I'm not sure how to go about debugging this.

Search improvement

When searching in the Bitwarden Browser extension or the Web Vault, they use wildcard searches so i can look for any word within the title, url or username of the specific vault item.

Unfortunately, the search within this workflow is very specific and doesnt find an item if i look for app.com, but the actual url and title of the item are account.app.com.

Maybe we could change that.

Potential Improvement

When the vault is locked, it would be nice if the user could unlock it by hitting return, instead of entering bwunlock again.

Error the Bitwarden command wasn't found.

Screen Shot 2021-06-18 at 5 37 50 PM

I ran into this issue. I tried to fix by appending :$(which bw) to PATH, replacing PATH entirely, and changing the BW_EXEC var. None worked.

Any recommendations for how to debug?

link scripts in readme

Hey @blacs30 👋

I played around with the auth tokens and figured out a way to make them play nice with each other. I only tested it minimally but I think this could be useful... see → luckman212/bitwarden-cli-helpers

With these helper functions in .bash_profile (or .zshrc if that's your thing) you can pass auth tokens back and forth between your Workflow and the bw CLI without invalidating the other session key.

Let me know what you think. Hopefully we can close up this issue and #49 if everything's happy. Things have been working pretty well for me using 2.2.1-test5.

Originally posted by @luckman212 in #53 (comment)

Feature Request: Customize Default (Unmodified) Command

The ability to customize modified keys in the re-written workflow is wonderful; but I have been unable to customize the command executed without a modifier key. I had made some modifications to the previous version that allowed me to open the URL from a selected Bitwarden item without using a modifier key (thus changing the default behavior and making the experience more similar to Alfred's 1password integration). I don't see an easy way to make a similar modification to this version, so I wonder whether anyone else would find it convenient to open URLs without having to use a modifier key.

And thanks, Claas, for a faster, even more feature-packed version of software that was already very useful in previous versions!

2.0.3 - problem with "open url" action

Amazing workflow! 🎉

Today I tried to open a URL from within the workflow (pressing ⌘⌥ and then selecting "Url 1" from the following page), and an error notification appeared:
image

here's some debug output:
image

not sure what else to try?
(btw, typing open http://foo.com from Terminal works...)

Cache that persists across reboots

Hi there!

Perhaps I'm mistaking and it is actually persisted to disk. What I would like is if it's possible to persist the items on disk so that I wouldn't have to sync every time. My passwords don't change that much so that would be perfect for me.

I can imagine there are other users that would find this useful as well :), most likely you'll use 20% of the passwords 80% of the time and those are fine if they aren't as up-to-date since they wouldn't change that much.

I would be open to creating a PR for this too if you could point me in the right direction.

Can't get the password when having multiple items for one site

When selecting an item where there are multiple items for the same site I don't get the password in my clipboard – I get an error.

I'm using bitwarden-cli 1.3.0 and bitwarden-alfred-workflow 1.2.2.

Steps to reproduce

  1. Select an item where there are multiple logins for one site and press enter. I have blurred my usernames but they are all different.
    image

  2. This is copied to my clipboard

More than one result was found. Try getting a specific object by `id` instead. The following objects were found:
56d6067b-35de-4703-a766-a942008409a4
48c3a343-fdec-400d-a995-a942008409a4
e7c0f431-374a-47b0-886f-a942008409a5
cfab1cdc-c2f7-4efb-91b1-a95900dd06cb
98cf272d-5c08-4d14-bd44-a942008409a4
800b6ccc-8bc9-4739-941f-a942008409a5
c1f19717-f58d-4fcc-8ba2-a95f00bd191f
71a6d990-c85f-46d8-a85f-a942008409a4
89f26395-d54e-4fd7-a6e7-a942008409a4
013b666a-46e2-4746-8163-a942008409a5
800fe1cc-85d0-426d-9e34-a942008409a5
da57cb75-20c5-4597-80ca-a942008409a5
3dac775c-8242-43a4-8412-a942008409a5
a6351a17-c71c-490e-89f2-a942008409a5
1225e4da-c29c-4479-be78-a942008409a4
5e389ccb-19f8-4592-9898-a942008409a5
667bab13-8b68-4ffc-b870-a942008409a4
f12a1f07-b5cd-477a-9741-a942008409a5
0b89a0e9-d757-467d-8f6b-a942008409a5
7c528581-325e-4a41-9246-a942008409a5
0dc96acf-d6a4-407e-b386-a942008409a5
cf252dbf-7a5a-4d01-bffa-a942008409a5
60909c7e-23b5-4ef8-9570-a942008409a5
3b4d3fb7-d950-4e9d-b079-a942008409a5
1166afe4-e0bd-4cd3-b4f1-a942008409a5
e1ea5d23-8e6d-4bab-a06f-a942008409a5
ef7bfe90-ce6c-45f2-92ee-a942008409a5
fbe82418-930d-484d-a6ae-a942008409a5
037f7dc6-00fd-4514-b0ad-a942008409a5
e790dc82-49e1-41f5-b75f-a942008409a4
fc09ad54-ee21-4fe9-973f-a942008409a5
a6b1c6ba-60f8-46ea-b806-a942008409a4
f87a8891-58d7-4d88-a15e-a942008409a4
7496233f-97ec-42f3-a599-a942008409a5
215352eb-f74d-4c5a-aa5f-a942008409a5
357e7ec7-91f1-4db8-9b75-a942008409a5
1c6043b7-42ce-4a25-9708-a942008409a5
9a7f6786-b326-47a3-b569-a942008409a5
de0daddb-c002-4b04-ba56-a942008409a5
80d6cc4a-2231-4a59-8b1f-a942008409a5
a007c866-0d98-4996-bfe7-a942008409a5
72ff4287-9108-4072-81fd-a942008409a4
f6130bda-9fe1-4135-bcdf-a942008409a5
db9890a7-a4bb-4936-b5de-a942008409a5
42d9ae52-7fbf-4d4c-aa0d-a942008409a4
5815f5a6-9b06-4f88-b4ab-a942008409a5
998de16d-a5c4-4dfc-af31-a942008409a4
c53013d8-f699-4538-8978-a942008409a5
8528bbd9-c589-4171-8356-a942008409a5
7685481d-86d7-43d2-b38f-a942008409a5
afe27519-563e-47c7-a0c7-a942008409a5
befe90d5-30ca-459e-9dac-a942008409a5
df4dfcd7-48c1-4b1d-b543-a942008409a4
741ae853-c19d-4189-8119-a942008409a4
8b77b39d-3005-483e-b2e8-a942008409a5
f2641646-c12d-4d57-9e97-a942008409a5
182e7949-9fea-49fb-9b8a-a942008409a5
3e408f99-2143-4ce3-9a71-a942008409a4
819254c8-35a4-45d8-a9da-a942008409a5
b89a3130-b5d7-4b95-b0a9-a942008409a5
74e88442-aa45-4762-8da0-a942008409a5
89956967-45bc-4288-8286-a942008409a5
ed46284e-8c7d-4f36-9d5f-a942008409a5
6df44ae0-11fa-4695-873e-a942008409a5
aceae15c-4219-42af-ad16-a942008409a5
b77902ba-0837-49d2-8bea-a942008409a5
199568ea-6243-4f67-b9bd-a942008409a5
8433d059-9637-4f9b-bdb7-a96700c9deec

Error: You are already logged in as <email>

Facing this error on Alfred v4.1[1167], latest v2 release of the workflow (as of Aug. 12).

  1. Logged into my account (and entered 2fa). Login was successful.
  2. Typing .bw (to search vault) automatically fills it to .bwauth login, as if I'm not logged in.
  3. Re-logging in fails with error that I'm already logged in.

Logging out doesn't fix it, since I'm able to log in, but unable to search anything and am instead prompted to log in again (step 2).

I've been able to successfully log in and use it on another Mac, so not sure how to replicate this error.

bwlogin silently fails

Screen Shot 2020-05-19 at 6 16 48 PM

Screen Shot 2020-05-19 at 6 18 03 PM

I have 2FA enabled, and have so far tried using lots of 2FA modes. Let me know if it's helpful to provide any other information to help debug this ☺️

Tells me I'm logged out when it's simply locked

Every now and then when I search for an item or try to do a sync, I get an 'ERROR: not logged in' notification. I login in using password and second factor - nothing happens.

Until I realised - when performing a search - that the vault was locked. All I needed to do was a bwunlock.

Perhaps the ERROR not logged in message could be a little more helpful, if the vault is simply locked?

Automatic timed cache refresh in background

Not an issue, just wanted to open a discussion...

I got a little frustrated when calling up this workflow and waiting for it to sync when I needed a password right away. I know I am being impatient, but I thought it would be a better experience if there was a way to have this refresh automatically in the background.

I created a solution, which anyone can try: bw-cache-update

It's pretty simple to install (follow the README) but I think it would be better if this was made "native" by doing the following:

  • bundle the LaunchAgent (plist) and Bash script directly within the workflow itself
  • make a workflow trigger that self-installs (symlink) the LaunchAgent
  • add some workflow variables to control frequency of the background sync (or maybe just piggyback off SYNC_CACHE_AGE?)

I am open to helping with this / submitting a PR but I wanted to get opinions first on whether this was a good idea or if anyone sees any problems with the implementation. Also if you encounter any problems please open an issue.

Big thank you as always to @blacs30 for this amazing workflow! 👍

Not able to login through alfred (Email address is invalid error)

Not able to login through the extension as getting this error. Tried login using the cli, was able to login but alfred extensions can't fetch passwords in that case.

Using latest version of alfred, bitwarden extension as well as cli.


[18:51:27.765] Bitwarden v2[Script Filter] Processing complete
[18:51:27.767] Bitwarden v2[Script Filter] Passing output '(
    login,
    "[email protected]",
    0,
    "Authenticator-app"
)' to Conditional
[18:51:27.770] Bitwarden v2[Conditional] Processing complete
[18:51:27.771] Bitwarden v2[Conditional] Passing output '(
    login,
    "[email protected]",
    0,
    "Authenticator-app"
)' to Run Script
[18:51:39.993] Bitwarden v2[Run Script] Processing complete
[18:51:39.994] Bitwarden v2[Run Script] Passing output 'Error: Email address is invalid.
' to Post Notification

Auto-lock not functioning

I'm happy that you added the auto-lock and auto-sync features. Auto-lock isn't working for me, however. The launchagent successfully installed, and I have set LOCK_TIMEOUT to 15, but the workflow stays logged in all day. Any ideas on how to troubleshoot?

Update to Alfred 4

This workflow throws errors for me now, and I suspect the only problem is that it references to Alfred 3 a bunch of places.

I also suspect a simple search and replace with Alfred 4 will solve the problems.

I might get a PR up on this later if I have the time.

Cache won’t update

Recently, any changes I made to Bitwarden entries aren’t reflected.

I’ve tried both uninstalling and reinstalling this workflow and the bw CLI, but to no avail.

It seems like it never tries to update my secrets anymore either, FWIW.

Error the Bitwarden command \"bw\" wasn't found

I downloaded the latest version of this workflow and this error occurred when I first tried to run the command. I made sure to install the CLI and add Alfred to the list of security exceptions. I'm on Alfred version 4.1 and macOS Catalina 10.15.6

[17:57:20.894] Logging Stopped.
[17:58:15.175] Logging Started...
[17:58:21.024] Bitwarden v2[Script Filter] Queuing argument '(null)'
[17:58:21.213] Bitwarden v2[Script Filter] Script with argv '(null)' finished
[17:58:21.215] STDERR: Bitwarden v2[Script Filter] 17:58:21 config.go:73: BW DataPath /Users/gli/Library/Application Support/Bitwarden CLI/data.json
17:58:21 config.go:86: Got existing Bitwarden CLI data
🍺
17:58:21 workflow.go:328: -------- Bitwarden v2/2.0.4 (AwGo/0.26.2) --------
17:58:21 main.go:161: &main.options{Search:false, Config:false, SetConfigs:false, Auth:false, Sfa:false, Lock:false, Icons:false, Folder:false, Unlock:false, Login:false, Logout:false, Sync:false, Open:false, GetItem:false, Force:false, Totp:false, Last:false, Cache:false, Background:false, Id:"", Query:"", Previous:"", Attachment:"", Output:""}
17:58:21 main.go:163: args=[]string{} => []string{}
17:58:21 main.go:165: (main.config) {
 AutoFetchIconCacheAge: (int) 1440,
 AutoFetchIconMaxCacheAge: (time.Duration) 24h0m0s,
 BwconfKeyword: (string) "",
 BwauthKeyword: (string) "",
 BwKeyword: (string) "",
 BwExec: (string) (len=2) "bw",
 CacheAge: (int) 1440,
 Email: (string) "",
 EmptyDetailResults: (bool) false,
 IconCacheAge: (int) 43200,
 IconCacheEnabled: (bool) true,
 IconMaxCacheAge: (time.Duration) 720h0m0s,
 MaxResults: (int) 1000,
 MaxCacheAge: (time.Duration) 24h0m0s,
 Mod1: (string) (len=3) "alt",
 Mod2: (string) (len=5) "shift",
 Mod3: (string) (len=4) "ctrl",
 Mod4: (string) (len=7) "cmd,opt",
 OutputFolder: (string) (len=21) "/Users/gli/Downloads/",
 ReorderingDisabled: (bool) true,
 Server: (string) (len=21) "https://bitwarden.com",
 Sfa: (bool) true,
 SfaMode: (int) 0,
 SyncCacheAge: (int) 1440,
 SyncMaxCacheAge: (time.Duration) 24h0m0s
}
17:58:21 feedback.go:482: Sent 1 result(s) to Alfred
17:58:21 workflow.go:405: ------------------ 148.306756ms ------------------
[17:58:21.218] Bitwarden v2[Script Filter] {
  "variables": {
    "AW_SESSION_ID": "2ZWLMTPLVE65Y6EXZS8Z9DDF"
  },
  "items": [
    {
      "title": "Error the Bitwarden command \"bw\" wasn't found.",
      "subtitle": "Set \"BW_EXEC\" or \"PATH\" in the Workflow. Press ↩ or ⇥ for more info.",
      "arg": "README.html",
      "valid": true,
      "icon": {
        "path": "icons/warning.png"
      },
      "variables": {
        "action": "-open"
      }
    }
  ]
}

unable to login

For 2 or 3 days, i'm unable to login to my account. (connected to a specific server)

I'm using Alfred 4

It seems not store typed password.
No error message, nothing happens, either when I type a good or bad password or MFA code.

i.e. If I try to change server URL, it does not store it in info.plist file => i have to set it directly in info.plist file manually.

Can't set `bwsetemail`

Installed bitwarden-cli via HomeBrew.
Downloaded and imported .alfred file from this repo.

Trying to set email but can't upon writing bwsetemail <email> can't press 'Enter' or confirm in any way. Doesn't happen for other functions.

Thanks in advance!

Feature Request: manual sync command/option

Hello @blacs30,

Do you think it would be possible to add an additional option/command to manually trigger the syncing of the secrets?
I often find myself adding new passwords in bitwarden which I then need shortly after and throughout the day. I know I can lower the cache time for the syncing, but this results in too much syncing on days that I do not add any passwords.

Cheers

Differences between -sync / -cache / -icons?

Hi @blacs30

Related to #49 (comment), I was hoping you could give a little info about the differences between these 3 parameters for bitwarden-alfred-workflow:

-sync
-cache
-icons

I want to make sure the background refresh is optimized and not wasting time or bandwidth with unnecessary calls. Right now it passes -sync -force parameters which I think is right for this situation (not sure about -force tbh).

But I wonder what -cache does? I assume icons are refreshed when running -sync (but maybe not) Do we need to call that separately in order to keep the icons updated?

image

Not copying anything to clipboard

Running Alfred 4, allows login and pulls information from Bitwarden and returns results in Alfred window. Hitting enter after searching should copy password to clipboard but does nothing, no status message displayed from Alfred, nothing copied to clipboard.

Hitting shift and attempting to copy username to clipboard displays Alfred notification that the username has been copied, does not show up in clipboard.

Everytime I try to do something it logs me out of my account

I just downloaded and set up this workflow, i log in and everything's fine, after trying to do absolutely ANYTHING it always says im logged out, i dont have any knowledge when it comes to programming this is just a cry for help.

CleanShot.2021-08-16.at.11.33.17.mp4

I have an endless loop

not sure what is up

my BW_EXEC is set to /opt/homebrew/bin/bw
PATH is set to /usr/bin:/usr/local/bin:/usr/local/sbin:/usr/local/share/npm/bin:/usr/bin:/usr/sbin:/opt/homebrew/bin/bw`

loop.th.gif

Logged in but locked, but unable to unlock because not logged in

Hi,

Awesome that you updated to make it work with all bw installs!

However I am having this weird issue, even after complete removal and reinstallation. Where I cannot unlock, but I am logged in.

This is some of the logs;

[09:01:00.936] Bitwarden v2[Script Filter] Processing complete
[09:01:00.939] Bitwarden v2[Script Filter] Passing output '-background' to Conditional
[09:01:00.940] Bitwarden v2[Conditional] Processing complete
[09:01:00.940] Bitwarden v2[Conditional] Passing output '-background' to Arg and Vars
[09:01:00.941] Bitwarden v2[Arg and Vars] Processing complete
[09:01:00.942] Bitwarden v2[Arg and Vars] Passing output 'Syncing Bitwarden secrets cache…' to Post Notification
[09:01:00.964] Bitwarden v2[Conditional] Passing output '-background' to Run Script
[09:01:02.469] Bitwarden v2[Script Filter] Queuing argument 'unlock'
[09:01:02.497] STDERR: Bitwarden v2[Run Script] 🍺
09:01:00 workflow.go:328: -------- Bitwarden v2/2.0.0 (AwGo/0.26.2) --------
09:01:00 main.go:160: &main.options{Search:false, Config:false, SetConfigs:false, Auth:false, Sfa:false, Lock:false, Icons:false, Folder:false, Unlock:false, Login:false, Logout:false, Sync:true, Open:false, GetItem:false, Force:true, Totp:false, Last:false, Cache:false, Background:true, Id:"", Query:"", Previous:"", Attachment:"", Output:""}
09:01:00 main.go:162: args=[]string{"-sync", "-force", "-background"} => []string{}
09:01:00 main.go:163: Workflow configs => [email: [email protected] 2FA enabled: true 2FA Mode: Authenticator-app Server: https://bitwarden.com]
09:01:00 bitwarden.go:26: Clearing items cache.
09:01:02 utils.go:22: [ERROR] ==> [Vault is locked.]

09:01:02 utils.go:22: [ERROR] ==> Exit code 1. Not logged in. Need to login first. Err: Vault is locked.

09:01:02 utils.go:22: [ERROR] ==> Not logged in. Need to login first. Error:
Vault is locked.

09:01:02 utils.go:87: Search called with argument  .bwauth unlock
09:01:02 workflow.go:405: ------------------ 1.514220232s ------------------
[09:01:02.499] Bitwarden v2[Run Script] Processing complete
[09:01:02.499] Bitwarden v2[Run Script] Passing output 'Not unlocked. Need to unlock first.
' to Post Notification
[09:01:02.500] Bitwarden v2[Script Filter] Script with argv 'unlock' finished
[09:01:02.501] STDERR: Bitwarden v2[Script Filter] 🍺
09:01:02 workflow.go:328: -------- Bitwarden v2/2.0.0 (AwGo/0.26.2) --------
09:01:02 main.go:160: &main.options{Search:false, Config:false, SetConfigs:false, Auth:true, Sfa:false, Lock:false, Icons:false, Folder:false, Unlock:false, Login:false, Logout:false, Sync:false, Open:false, GetItem:false, Force:false, Totp:false, Last:false, Cache:false, Background:false, Id:"", Query:"unlock", Previous:"", Attachment:"", Output:""}
09:01:02 main.go:162: args=[]string{"-auth", "--", "unlock"} => []string{"unlock"}
09:01:02 main.go:163: Workflow configs => [email: [email protected] 2FA enabled: true 2FA Mode: Authenticator-app Server: https://bitwarden.com]
09:01:02 cli.go:293: filtering auth config "unlock" ...
09:01:02 feedback.go:482: Sent 1 result(s) to Alfred
09:01:02 workflow.go:405: ------------------- 5.364639ms -------------------
[09:01:02.503] Bitwarden v2[Script Filter] {
  "variables": {
    "AW_SESSION_ID": "XXXXX"
  },
  "items": [
    {
      "title": "Unlock",
      "subtitle": "Unlock Bitwarden",
      "uid": "unlock",
      "valid": true,
      "icon": {
        "path": "icons/on.png"
      },
      "variables": {
        "action": "-unlock"
      }
    }
  ]
}
[09:01:05.057] Bitwarden v2[Script Filter] Processing complete
[09:01:05.061] Bitwarden v2[Script Filter] Passing output '' to Conditional
[09:01:05.062] Bitwarden v2[Conditional] Processing complete
[09:01:05.063] Bitwarden v2[Conditional] Passing output '' to Arg and Vars
[09:01:05.064] Bitwarden v2[Arg and Vars] Processing complete
[09:01:05.065] Bitwarden v2[Arg and Vars] Passing output '' to Post Notification
[09:01:05.066] Bitwarden v2[Conditional] Passing output '' to Run Script
[09:01:06.438] ERROR: Bitwarden v2[Run Script] 🍺
09:01:05 workflow.go:328: -------- Bitwarden v2/2.0.0 (AwGo/0.26.2) --------
09:01:05 main.go:160: &main.options{Search:false, Config:false, SetConfigs:false, Auth:false, Sfa:false, Lock:false, Icons:false, Folder:false, Unlock:true, Login:false, Logout:false, Sync:false, Open:false, GetItem:false, Force:false, Totp:false, Last:false, Cache:false, Background:false, Id:"", Query:"", Previous:"", Attachment:"", Output:""}
09:01:05 main.go:162: args=[]string{"-unlock"} => []string{}
09:01:05 main.go:163: Workflow configs => [email: [email protected] 2FA enabled: true 2FA Mode: Authenticator-app Server: https://bitwarden.com]
09:01:06 utils.go:22: [ERROR] ==> [Vault is locked.]

09:01:06 utils.go:22: [ERROR] ==> Exit code 1. Not logged in. Need to login first. Err: Vault is locked.

09:01:06 utils.go:22: [ERROR] ==> Not logged in. Need to login first. Error:
Vault is locked.

09:01:06 workflow.go:376: [ERROR] Unexpected error. Exit code -1.

So this says not logged in. But when using the .bwauth command, it tells me I am logged in. Not sure what to make of this.
Is there some other cache I can clear or something? Tried all the available options in the workflow. And I removed and reinstalled the workflow several times completely.
My BW cli is installed via npm, but the path is correctly set in the workflow.

Filtering with >1 search term has no effect

VERSIONS

  • workflow v2.0.5
  • Alfred 4.1.1 Build 1172
  • bw CLI 1.11.0 cli installed from npm

EXAMPLE

I have the following 3 items in my vault:

  • Microsoft Alpha
  • Microsoft Bravo
  • Microsoft Charlie
  • Bravo Pizza

Searching using 'bw mic brav' will return ALL 3 Microsoft- items. This is not ideal. Conversely, searching for 'brav micro' returns both Microsoft Bravo AND Bravo Pizza. Also not what we want. The 2nd search term is simply ignored.

I looked at the debug output as well as the source code, and it looks like awgo accepts the args correctly, but only the first arg is passed to the bw cli for searching.

I realize now that this seems to be a limitation of the bw cli itself, so I opened up issue #163 over at bitwarden/cli. Until (or if?) that's sorted, I wonder if it would be better to simply dump ALL results from bw cli into the cache and then use Alfred's Word Matching algorithm to handle the matching. That is more robust and allows for multiple search terms as well as arbitrary ordering of the keywords.

image

Any thoughts?

Default set2famethod does not work for app auth

The README states that set2famethod is optional to set. However, the default value does not allow logging into Bitwarden if 2fa (with auth app) is set.

I had to set set2famethod to "0" which worked for me.

Add gif to README

To give a better first impression of the workflow add a gif which shows some of the workflow functionality to the README.

Place the gif into the icons folder or better create a new, an assets folder, which needs to be copied during the actions into the workflow folder for packaging the Alfred workflow.

The catalina warning png should be moved also into the new assets folder .

not usable when using alfred sync between 2 macs

I'm syncing my workflows using the Alfred Sync Folder technique which results in me .bw not working on one mac but on the other.

Path and Exec are the same on booth macs.

It actually fails silently:
shows no error,
shows no result at all

Bildschirmfoto 2020-11-25 um 11 11 19

Not working for CLI installed via NPM

Hi,

I had some troubles getting the workflow running. Seems that because I have installed the BW CLI via NPM (and NVM), that the workflow cannot find it.

I have tinkered with the code a bit;

def get_bw_exec():
    cmd = "which bw"
    proc = Popen(cmd.split(), env=my_env, stdout=PIPE, stderr=PIPE)
    bw_exec, err = proc.communicate()
    if "not found" in err.decode('utf8').strip():
        print(json.dumps(error_result(type="install")))
        exit(2)
    return bw_exec

This seems to fix it really quickly. I also noticed some other hard references to /usr/local/bin/bw.
Not sure if those are used. My best bet would be that in those cases it would also fail to work.

Python is not really my game, so I am unsure to put up a pull-request with some changes.

Would really appreciate for this to be fixed.

Can't login through bwlogin

Hi blacs30, thanks for your awesome job. I run into error when login and the error message is:

Your account could not be logged in for [email protected] Error Message: /bin/bash: /Users/i308587/Library/Application: No such file or directory
/bin/bash: /Users/i308587/Library/Application: No such file or directory

  error: option `--code <code>' argument missing
. 

I use https://bitwarden.com as server.

Do you have any idea about it?

Password generation

Hi there,

First off: A big thank you for the workflow. I can only imagine how much work this must have been.

I do have two ideas which you could consider if they are of any use to you as well:

  • Premium necessary: A shortcut to retrieve the mfa token that is generated within the app for premium users would be handy.
  • The ability to generate a password (either via saved settings or last used settings from within the account/app) and copy it to clipboard would be incredibly handy.

Thank you anyhow for your hard work on this. I enjoy using it and it already saved me tons of time.

Best,
Pascal

Search autocompletes to login always, but Im already logged in

As demonstrated below, anytime I try to use the tool it automatically jumps to the login option. I am already logged in (confirmed at the CLI). If I go ahead and try to login via Alfred anyway, it asks for my password (I enter it) and then it should be the 2fa dialog even though I don't have 2fa enabled.

Screen.Recording.2021-06-22.at.7.22.08.PM.mov

[Feature Request] Generate password

Hi,

I'd love to be able to generate a password through this workflow, perhaps with .bw genpwd with options to select the complexity of the password.

Autolock not working

Autolock isn't working for me. I've given LOCK_TIMEOUT a value of 60, and successfully installed autolock with the keyword.

Feature Request: Bio unlock with PIN fallback

Hi - would it be possible to add biometric unlock (Touch ID) with a fallback to PIN, similar to how Bitwarden mobile apps work? It can then require master password after new OS logins.

Copied password is error message in release 2.2.0

Hi! Love the Alfred workflow. Just updated to release 2.2.0 and found my passwords aren't copied correctly.

runtime error: slice bounds out of range [:32] with capacity 0 is copied to my clipboard instead.

Thanks.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.