1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-10-30 08:10:34 +01:00
bitwarden-browser/apps/cli/src/program.ts

635 lines
22 KiB
TypeScript
Raw Normal View History

2021-12-20 18:04:00 +01:00
import * as chalk from "chalk";
import * as program from "commander";
2018-05-14 17:15:54 +02:00
Auth/ps 2298 reorg auth (#4564) * Move auth service factories to Auth team * Move authentication componenets to Auth team * Move auth guard services to Auth team * Move Duo content script to Auth team * Move auth CLI commands to Auth team * Move Desktop Account components to Auth Team * Move Desktop guards to Auth team * Move two-factor provider images to Auth team * Move web Accounts components to Auth Team * Move web settings components to Auth Team * Move web two factor images to Auth Team * Fix missed import changes for Auth Team * Fix Linting errors * Fix missed CLI imports * Fix missed Desktop imports * Revert images move * Fix missed imports in Web * Move angular lib components to Auth Team * Move angular auth guards to Auth team * Move strategy specs to Auth team * Update .eslintignore for new paths * Move lib common abstractions to Auth team * Move services to Auth team * Move common lib enums to Auth team * Move webauthn iframe to Auth team * Move lib common domain models to Auth team * Move common lib requests to Auth team * Move response models to Auth team * Clean up whitelist * Move bit web components to Auth team * Move SSO and SCIM files to Auth team * Revert move SCIM to Auth team SCIM belongs to Admin Console team * Move captcha to Auth team * Move key connector to Auth team * Move emergency access to auth team * Delete extra file * linter fixes * Move kdf config to auth team * Fix whitelist * Fix duo autoformat * Complete two factor provider request move * Fix whitelist names * Fix login capitalization * Revert hint dependency reordering * Revert hint dependency reordering * Revert hint component This components is being picked up as a move between clients * Move web hint component to Auth team * Move new files to auth team * Fix desktop build * Fix browser build
2023-02-06 22:53:37 +01:00
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
[AC-1266] Enums filename conventions (#5140) * refactor: update clientType enum * refactor: update deviceType filename * refactor: update encryptedExportType filename * refactor: update encryptionType filename * refactor: update eventType filename * refactor: update fieldType filename * refactor: update fileUploadType filename * refactor: update hashPurpose filename * refactor: update htmlStorageLocation filename * refactor: update kdfType filename * refactor: update keySuffixOptions filename * refactor: update linkedIdType filename * refactor: update logLevelType filename * refactor: update nativeMessagingVersion filename * refactor: update notificationType filename * refactor: update productType filename * refactor: update secureNoteType filename * refactor: update stateVersion filename * refactor: update storageLocation filename * refactor: update themeType filename * refactor: update uriMatchType filename * fix: update kdfType classes missed in initial pass, refs AC-1266 * fix: missing import update for device-type * refactor: add barrel file for enums and update pathed import statements, refs AC-1266 * fix: incorrect import statements for web, refs AC-1266 * fix: missed import statement updates (browser), refs AC-1266 * fix: missed import statement changes (cli), refs AC-1266 * fix: missed import statement changes (desktop), refs AC-1266 * fix: prettier, refs AC-1266 * refactor: (libs) update relative paths to use barrel file, refs AC-1266 * fix: missed find/replace import statements for SecureNoteType, refs AC-1266 * refactor: apply .enum suffix to enums folder and modify leftover relative paths, refs AC-1266 * fix: find/replace errors for native-messaging-version, refs AC-1266
2023-04-05 05:42:21 +02:00
import { KeySuffixOptions } from "@bitwarden/common/enums";
2018-05-15 05:16:59 +02:00
Auth/ps 2298 reorg auth (#4564) * Move auth service factories to Auth team * Move authentication componenets to Auth team * Move auth guard services to Auth team * Move Duo content script to Auth team * Move auth CLI commands to Auth team * Move Desktop Account components to Auth Team * Move Desktop guards to Auth team * Move two-factor provider images to Auth team * Move web Accounts components to Auth Team * Move web settings components to Auth Team * Move web two factor images to Auth Team * Fix missed import changes for Auth Team * Fix Linting errors * Fix missed CLI imports * Fix missed Desktop imports * Revert images move * Fix missed imports in Web * Move angular lib components to Auth Team * Move angular auth guards to Auth team * Move strategy specs to Auth team * Update .eslintignore for new paths * Move lib common abstractions to Auth team * Move services to Auth team * Move common lib enums to Auth team * Move webauthn iframe to Auth team * Move lib common domain models to Auth team * Move common lib requests to Auth team * Move response models to Auth team * Clean up whitelist * Move bit web components to Auth team * Move SSO and SCIM files to Auth team * Revert move SCIM to Auth team SCIM belongs to Admin Console team * Move captcha to Auth team * Move key connector to Auth team * Move emergency access to auth team * Delete extra file * linter fixes * Move kdf config to auth team * Fix whitelist * Fix duo autoformat * Complete two factor provider request move * Fix whitelist names * Fix login capitalization * Revert hint dependency reordering * Revert hint dependency reordering * Revert hint component This components is being picked up as a move between clients * Move web hint component to Auth team * Move new files to auth team * Fix desktop build * Fix browser build
2023-02-06 22:53:37 +01:00
import { LockCommand } from "./auth/commands/lock.command";
import { LoginCommand } from "./auth/commands/login.command";
import { LogoutCommand } from "./auth/commands/logout.command";
import { UnlockCommand } from "./auth/commands/unlock.command";
2022-03-03 18:24:41 +01:00
import { Main } from "./bw";
import { CompletionCommand } from "./commands/completion.command";
2021-12-20 18:04:00 +01:00
import { ConfigCommand } from "./commands/config.command";
import { EncodeCommand } from "./commands/encode.command";
2022-01-19 16:45:14 +01:00
import { ServeCommand } from "./commands/serve.command";
2021-12-20 18:04:00 +01:00
import { StatusCommand } from "./commands/status.command";
import { UpdateCommand } from "./commands/update.command";
import { Response } from "./models/response";
import { ListResponse } from "./models/response/list.response";
import { MessageResponse } from "./models/response/message.response";
import { StringResponse } from "./models/response/string.response";
import { TemplateResponse } from "./models/response/template.response";
import { GenerateCommand } from "./tools/generate.command";
2021-12-20 18:04:00 +01:00
import { CliUtils } from "./utils";
[SG-998] and [SG-999] Vault and Autofill team refactor (#4542) * Move DeprecatedVaultFilterService to vault folder * [libs] move VaultItemsComponent * [libs] move AddEditComponent * [libs] move AddEditCustomFields * [libs] move attachmentsComponent * [libs] folderAddEditComponent * [libs] IconComponent * [libs] PasswordRepormptComponent * [libs] PremiumComponent * [libs] ViewCustomFieldsComponent * [libs] ViewComponent * [libs] PasswordRepromptService * [libs] Move FolderService and FolderApiService abstractions * [libs] FolderService imports * [libs] PasswordHistoryComponent * [libs] move Sync and SyncNotifier abstractions * [libs] SyncService imports * [libs] fix file casing for passwordReprompt abstraction * [libs] SyncNotifier import fix * [libs] CipherServiceAbstraction * [libs] PasswordRepromptService abstraction * [libs] Fix file casing for angular passwordReprompt service * [libs] fix file casing for SyncNotifierService * [libs] CipherRepromptType * [libs] rename CipherRepromptType * [libs] CipherType * [libs] Rename CipherType * [libs] CipherData * [libs] FolderData * [libs] PasswordHistoryData * [libs] AttachmentData * [libs] CardData * [libs] FieldData * [libs] IdentityData * [libs] LocalData * [libs] LoginData * [libs] SecureNoteData * [libs] LoginUriData * [libs] Domain classes * [libs] SecureNote * [libs] Request models * [libs] Response models * [libs] View part 1 * [libs] Views part 2 * [libs] Move folder services * [libs] Views fixes * [libs] Move sync services * [libs] cipher service * [libs] Types * [libs] Sync file casing * [libs] Fix folder service import * [libs] Move spec files * [libs] casing fixes on spec files * [browser] Autofill background, clipboard, commands * [browser] Fix ContextMenusBackground casing * [browser] Rename fix * [browser] Autofill content * [browser] autofill.js * [libs] enpass importer spec fix * [browser] autofill models * [browser] autofill manifest path updates * [browser] Autofill notification files * [browser] autofill services * [browser] Fix file casing * [browser] Vault popup loose components * [browser] Vault components * [browser] Manifest fixes * [browser] Vault services * [cli] vault commands and models * [browser] File capitilization fixes * [desktop] Vault components and services * [web] vault loose components * [web] Vault components * [browser] Fix misc-utils import * [libs] Fix psono spec imports * [fix] Add comments to address lint rules
2023-01-31 22:08:37 +01:00
import { SyncCommand } from "./vault/sync.command";
2018-05-14 20:54:19 +02:00
const writeLn = CliUtils.writeLn;
2018-05-16 20:47:03 +02:00
export class Program {
constructor(protected main: Main) {}
2021-12-20 18:04:00 +01:00
async register() {
program
.option("--pretty", "Format output. JSON is tabbed with two spaces.")
.option("--raw", "Return raw output instead of a descriptive message.")
.option("--response", "Return a JSON formatted version of response output.")
.option("--cleanexit", "Exit with a success exit code (0) unless an error is thrown.")
.option("--quiet", "Don't return anything to stdout.")
.option("--nointeraction", "Do not prompt for interactive user input.")
.option("--session <session>", "Pass session key instead of reading from env.")
.version(await this.main.platformUtilsService.getApplicationVersion(), "-v, --version");
program.on("option:pretty", () => {
process.env.BW_PRETTY = "true";
});
program.on("option:raw", () => {
process.env.BW_RAW = "true";
});
program.on("option:quiet", () => {
process.env.BW_QUIET = "true";
});
program.on("option:response", () => {
process.env.BW_RESPONSE = "true";
});
program.on("option:cleanexit", () => {
process.env.BW_CLEANEXIT = "true";
});
program.on("option:nointeraction", () => {
process.env.BW_NOINTERACTION = "true";
});
program.on("option:session", (key) => {
process.env.BW_SESSION = key;
});
program.on("command:*", () => {
writeLn(chalk.redBright("Invalid command: " + program.args.join(" ")), false, true);
writeLn("See --help for a list of available commands.", true, true);
process.exitCode = 1;
});
program.on("--help", () => {
writeLn("\n Examples:");
writeLn("");
writeLn(" bw login");
writeLn(" bw lock");
writeLn(" bw unlock myPassword321");
writeLn(" bw list --help");
writeLn(" bw list items --search google");
writeLn(" bw get item 99ee88d2-6046-4ea7-92c2-acac464b1412");
writeLn(" bw get password google.com");
writeLn(' echo \'{"name":"My Folder"}\' | bw encode');
writeLn(" bw create folder eyJuYW1lIjoiTXkgRm9sZGVyIn0K");
writeLn(
" bw edit folder c7c7b60b-9c61-40f2-8ccd-36c49595ed72 eyJuYW1lIjoiTXkgRm9sZGVyMiJ9Cg=="
);
writeLn(" bw delete item 99ee88d2-6046-4ea7-92c2-acac464b1412");
writeLn(" bw generate -lusn --length 18");
writeLn(" bw config server https://bitwarden.example.com");
writeLn(" bw send -f ./file.ext");
writeLn(' bw send "text to send"');
writeLn(' echo "text to send" | bw send');
writeLn(
" bw receive https://vault.bitwarden.com/#/send/rg3iuoS_Akm2gqy6ADRHmg/Ht7dYjsqjmgqUM3rjzZDSQ"
);
writeLn("", true);
});
program
.command("login [email] [password]")
.description("Log into a user account.")
.option("--method <method>", "Two-step login method.")
.option("--code <code>", "Two-step login code.")
.option("--sso", "Log in with Single-Sign On.")
.option("--apikey", "Log in with an Api Key.")
.option("--passwordenv <passwordenv>", "Environment variable storing your password")
.option(
"--passwordfile <passwordfile>",
"Path to a file containing your password as its first line"
)
.option("--check", "Check login status.", async () => {
const authed = await this.main.stateService.getIsAuthenticated();
2021-12-20 18:04:00 +01:00
if (authed) {
const res = new MessageResponse("You are logged in!", null);
this.processResponse(Response.success(res), true);
}
this.processResponse(Response.error("You are not logged in."), true);
})
.on("--help", () => {
writeLn("\n Notes:");
writeLn("");
writeLn(" See docs for valid `method` enum values.");
writeLn("");
writeLn(" Pass `--raw` option to only return the session key.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(" bw login");
writeLn(" bw login john@example.com myPassword321 --raw");
writeLn(" bw login john@example.com myPassword321 --method 1 --code 249213");
writeLn(" bw login --sso");
writeLn("", true);
})
.action(async (email: string, password: string, options: program.OptionValues) => {
if (!options.check) {
await this.exitIfAuthed();
const command = new LoginCommand(
this.main.authService,
this.main.apiService,
this.main.cryptoFunctionService,
this.main.environmentService,
this.main.passwordGenerationService,
this.main.platformUtilsService,
this.main.stateService,
2021-12-20 18:04:00 +01:00
this.main.cryptoService,
this.main.policyService,
this.main.twoFactorService,
this.main.syncService,
2021-12-20 18:04:00 +01:00
this.main.keyConnectorService,
[AC-1070] Enforce master password policy on login (#4795) * [EC-1070] Introduce flag for enforcing master password policy on login * [EC-1070] Update master password policy form Add the ability to toggle enforceOnLogin flag in web * [EC-1070] Add API method to retrieve all policies for the current user * [EC-1070] Refactor forcePasswordReset in state service to support more options - Use an options class to provide a reason and optional organization id - Use the OnDiskMemory storage location so the option persists between the same auth session * [AC-1070] Retrieve single master password policy from identity token response Additionally, store the policy in the login strategy for future use * [EC-1070] Introduce master password evaluation in the password login strategy - If a master password policy is returned from the identity result, evaluate the password. - If the password does not meet the requirements, save the forcePasswordReset options - Add support for 2FA by storing the results of the password evaluation on the login strategy instance - Add unit tests to password login strategy * [AC-1070] Modify admin password reset component to support update master password on login - Modify the warning message to depend on the reason - Use the forcePasswordResetOptions in the update temp password component * [EC-1070] Require current master password when updating weak mp on login - Inject user verification service to verify the user - Conditionally show the current master password field only when updating a weak mp. Admin reset does not require the current master password. * [EC-1070] Implement password policy check during vault unlock Checking the master password during unlock is the only applicable place to enforce the master password policy check for SSO users. * [EC-1070] CLI - Add ability to load MP policies on login Inject policyApi and organization services into the login command * [EC-1070] CLI - Refactor update temp password logic to support updating weak passwords - Introduce new shared method for collecting a valid and confirmed master password from the CLI and generating a new encryption key - Add separate methods for updating temp passwords and weak passwords. - Utilize those methods during login flow if not using an API key * [EC-1070] Add route guard to force password reset when required * [AC-1070] Use master password policy from verify password response in lock component * [EC-1070] Update labels in update password component * [AC-1070] Fix policy service tests * [AC-1070] CLI - Force sync before any password reset flow Move up the call to sync the vault before attempting to collect a new master password. Ensures the master password policies are available. * [AC-1070] Remove unused getAllPolicies method from policy api service * [AC-1070] Fix missing enforceOnLogin copy in policy service * [AC-1070] Include current master password on desktop/browser update password page templates * [AC-1070] Check for forced password reset on account switch in Desktop * [AC-1070] Rename WeakMasterPasswordOnLogin to WeakMasterPassword * [AC-1070] Update AuthServiceInitOptions * [AC-1070] Add None force reset password reason * [AC-1070] Remove redundant ForcePasswordResetOptions class and replace with ForcePasswordResetReason enum * [AC-1070] Rename ForceResetPasswordReason file * [AC-1070] Simplify conditional * [AC-1070] Refactor logic that saves password reset flag * [AC-1070] Remove redundant constructors * [AC-1070] Remove unnecessary state service call * [AC-1070] Update master password policy component - Use typed reactive form - Use CL form components - Remove bootstrap - Update error component to support min/max - Use Utils.minimumPasswordLength value for min value form validation * [AC-1070] Cleanup leftover html comment * [AC-1070] Remove overridden default values from MasterPasswordPolicyResponse * [AC-1070] Hide current master password input in browser for admin password reset * [AC-1070] Remove clientside user verification * [AC-1070] Update temp password web component to use CL - Use CL for form inputs in the Web component template - Remove most of the bootstrap classes in the Web component template - Use userVerificationService to build the password request - Remove redundant current master password null check * [AC-1070] Replace repeated user inputs email parsing helpers - Update passwordStrength() method to accept an optional email argument that will be parsed into separate user inputs for use with zxcvbn - Remove all other repeated getUserInput helper methods that parsed user emails and use the new passwordStrength signature * [AC-1070] Fix broken login command after forcePasswordReset enum refactor * [AC-1070] Reduce side effects in base login strategy - Remove masterPasswordPolicy property from base login.strategy.ts - Include an IdentityResponse in base startLogin() in addition to AuthResult - Use the new IdentityResponse to parse the master password policy info only in the PasswordLoginStrategy * [AC-1070] Cleanup password login strategy tests * [AC-1070] Remove unused field * [AC-1070] Strongly type postAccountVerifyPassword API service method - Remove redundant verify master password response - Use MasterPasswordPolicyResponse instead * [AC-1070] Use ForceResetPassword.None during account switch check * [AC-1070] Fix check for forcePasswordReset reason after addition of None * [AC-1070] Redirect a user home if on the update temp password page without a reason * [AC-1070] Use bit-select and bit-option * [AC-1070] Reduce explicit form control definitions for readability * [AC-1070] Import SelectModule in Shared web module * [AC-1070] Add check for missing 'at' symbol * [AC-1070] Remove redundant unpacking and null coalescing * [AC-1070] Update passwordStrength signature and add jsdocs * [AC-1070] Remove variable abbreviation * [AC-1070] Restore Id attributes on form inputs * [AC-1070] Clarify input value min/max error messages * [AC-1070] Add input min/max value example to storybook * [AC-1070] Add missing spinner to update temp password form * [AC-1070] Add missing ids to form elements * [AC-1070] Remove duplicate force sync and update comment * [AC-1070] Switch backticks to quotation marks --------- Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-04-17 16:35:37 +02:00
this.main.policyApiService,
this.main.organizationService,
2021-12-20 18:04:00 +01:00
async () => await this.main.logout()
);
const response = await command.run(email, password, options);
this.processResponse(response, true);
2021-12-20 18:04:00 +01:00
}
});
program
.command("logout")
.description("Log out of the current user account.")
.on("--help", () => {
writeLn("\n Examples:");
writeLn("");
writeLn(" bw logout");
writeLn("", true);
})
.action(async (cmd) => {
await this.exitIfNotAuthed();
const command = new LogoutCommand(
this.main.authService,
this.main.i18nService,
async () => await this.main.logout()
);
const response = await command.run();
this.processResponse(response);
});
program
.command("lock")
.description("Lock the vault and destroy active session keys.")
.on("--help", () => {
writeLn("\n Examples:");
writeLn("");
writeLn(" bw lock");
writeLn("", true);
})
.action(async (cmd) => {
await this.exitIfNotAuthed();
2018-05-14 20:54:19 +02:00
if (await this.main.keyConnectorService.getUsesKeyConnector()) {
2021-12-20 18:04:00 +01:00
const logoutCommand = new LogoutCommand(
this.main.authService,
this.main.i18nService,
async () => await this.main.logout()
);
await logoutCommand.run();
this.processResponse(
Response.error(
"You cannot lock your vault because you are using Key Connector. " +
"To protect your vault, you have been logged out."
),
true
);
return;
}
2018-05-16 04:10:24 +02:00
2021-12-20 18:04:00 +01:00
const command = new LockCommand(this.main.vaultTimeoutService);
2022-01-19 16:45:14 +01:00
const response = await command.run();
2021-12-20 18:04:00 +01:00
this.processResponse(response);
});
program
.command("unlock [password]")
.description("Unlock the vault and return a new session key.")
.on("--help", () => {
writeLn("\n Notes:");
writeLn("");
writeLn(" After unlocking, any previous session keys will no longer be valid.");
writeLn("");
writeLn(" Pass `--raw` option to only return the session key.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(" bw unlock");
writeLn(" bw unlock myPassword321");
writeLn(" bw unlock myPassword321 --raw");
writeLn("", true);
})
.option("--check", "Check lock status.", async () => {
await this.exitIfNotAuthed();
const authStatus = await this.main.authService.getAuthStatus();
if (authStatus === AuthenticationStatus.Unlocked) {
2021-12-20 18:04:00 +01:00
const res = new MessageResponse("Vault is unlocked!", null);
this.processResponse(Response.success(res), true);
} else {
this.processResponse(Response.error("Vault is locked."), true);
2018-05-16 04:10:24 +02:00
}
2021-12-20 18:04:00 +01:00
})
.option("--passwordenv <passwordenv>", "Environment variable storing your password")
.option(
"--passwordfile <passwordfile>",
"Path to a file containing your password as its first line"
)
.action(async (password, cmd) => {
if (!cmd.check) {
await this.exitIfNotAuthed();
const command = new UnlockCommand(
this.main.cryptoService,
this.main.stateService,
2021-12-20 18:04:00 +01:00
this.main.cryptoFunctionService,
this.main.apiService,
this.main.logService,
this.main.keyConnectorService,
this.main.environmentService,
this.main.syncService,
this.main.organizationApiService,
async () => await this.main.logout()
2021-12-20 18:04:00 +01:00
);
const response = await command.run(password, cmd);
this.processResponse(response);
}
});
program
.command("sync")
.description("Pull the latest vault data from server.")
.option("-f, --force", "Force a full sync.")
.option("--last", "Get the last sync date.")
.on("--help", () => {
writeLn("\n Examples:");
writeLn("");
writeLn(" bw sync");
writeLn(" bw sync -f");
writeLn(" bw sync --last");
writeLn("", true);
})
.action(async (cmd) => {
await this.exitIfNotAuthed();
2021-12-20 18:04:00 +01:00
const command = new SyncCommand(this.main.syncService);
const response = await command.run(cmd);
this.processResponse(response);
});
program
.command("generate")
.description("Generate a password/passphrase.")
.option("-u, --uppercase", "Include uppercase characters.")
.option("-l, --lowercase", "Include lowercase characters.")
.option("-n, --number", "Include numeric characters.")
.option("-s, --special", "Include special characters.")
.option("-p, --passphrase", "Generate a passphrase.")
.option("--length <length>", "Length of the password.")
.option("--words <words>", "Number of words.")
.option("--separator <separator>", "Word separator.")
.option("-c, --capitalize", "Title case passphrase.")
.option("--includeNumber", "Passphrase includes number.")
.on("--help", () => {
writeLn("\n Notes:");
writeLn("");
writeLn(" Default options are `-uln --length 14`.");
writeLn("");
writeLn(" Minimum `length` is 5.");
writeLn("");
writeLn(" Minimum `words` is 3.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(" bw generate");
writeLn(" bw generate -u -l --length 18");
writeLn(" bw generate -ulns --length 25");
writeLn(" bw generate -ul");
writeLn(" bw generate -p --separator _");
writeLn(" bw generate -p --words 5 --separator space");
writeLn("", true);
})
.action(async (options) => {
const command = new GenerateCommand(
this.main.passwordGenerationService,
this.main.stateService
);
2021-12-20 18:04:00 +01:00
const response = await command.run(options);
this.processResponse(response);
});
program
.command("encode")
.description("Base 64 encode stdin.")
.on("--help", () => {
writeLn("\n Notes:");
writeLn("");
writeLn(" Use to create `encodedJson` for `create` and `edit` commands.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(' echo \'{"name":"My Folder"}\' | bw encode');
writeLn("", true);
})
.action(async () => {
const command = new EncodeCommand();
const response = await command.run();
this.processResponse(response);
});
program
.command("config <setting> [value]")
.description("Configure CLI settings.")
.option(
"--web-vault <url>",
"Provides a custom web vault URL that differs from the base URL."
)
.option("--api <url>", "Provides a custom API URL that differs from the base URL.")
.option("--identity <url>", "Provides a custom identity URL that differs from the base URL.")
.option(
"--icons <url>",
"Provides a custom icons service URL that differs from the base URL."
)
.option(
"--notifications <url>",
"Provides a custom notifications URL that differs from the base URL."
)
.option("--events <url>", "Provides a custom events URL that differs from the base URL.")
.option("--key-connector <url>", "Provides the URL for your Key Connector server.")
.on("--help", () => {
writeLn("\n Settings:");
writeLn("");
writeLn(" server - On-premises hosted installation URL.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(" bw config server");
writeLn(" bw config server https://bw.company.com");
writeLn(" bw config server bitwarden.com");
writeLn(
" bw config server --api http://localhost:4000 --identity http://localhost:33656"
);
writeLn("", true);
})
.action(async (setting, value, options) => {
const command = new ConfigCommand(this.main.environmentService);
const response = await command.run(setting, value, options);
this.processResponse(response);
});
program
.command("update")
.description("Check for updates.")
.on("--help", () => {
writeLn("\n Notes:");
writeLn("");
writeLn(" Returns the URL to download the newest version of this CLI tool.");
writeLn("");
writeLn(" Use the `--raw` option to return only the download URL for the update.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(" bw update");
writeLn(" bw update --raw");
writeLn("", true);
})
.action(async () => {
const command = new UpdateCommand(this.main.platformUtilsService);
2021-12-20 18:04:00 +01:00
const response = await command.run();
this.processResponse(response);
});
program
.command("completion")
.description("Generate shell completions.")
.option("--shell <shell>", "Shell to generate completions for.")
.on("--help", () => {
writeLn("\n Notes:");
writeLn("");
writeLn(" Valid shells are `zsh`.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(" bw completion --shell zsh");
writeLn("", true);
})
.action(async (options: program.OptionValues, cmd: program.Command) => {
const command = new CompletionCommand();
const response = await command.run(options);
this.processResponse(response);
});
program
.command("status")
.description("Show server, last sync, user information, and vault status.")
.on("--help", () => {
writeLn("");
writeLn("");
writeLn(" Example return value:");
writeLn("");
writeLn(" {");
writeLn(' "serverUrl": "https://bitwarden.example.com",');
writeLn(' "lastSync": "2020-06-16T06:33:51.419Z",');
writeLn(' "userEmail": "user@example.com,');
writeLn(' "userId": "00000000-0000-0000-0000-000000000000",');
writeLn(' "status": "locked"');
writeLn(" }");
writeLn("");
writeLn(" Notes:");
writeLn("");
writeLn(" `status` is one of:");
writeLn(" - `unauthenticated` when you are not logged in");
writeLn(" - `locked` when you are logged in and the vault is locked");
writeLn(" - `unlocked` when you are logged in and the vault is unlocked");
writeLn("", true);
})
.action(async () => {
const command = new StatusCommand(
this.main.environmentService,
this.main.syncService,
this.main.stateService,
this.main.authService
2021-12-20 18:04:00 +01:00
);
const response = await command.run();
this.processResponse(response);
});
2022-01-19 16:45:14 +01:00
program
.command("serve")
.description("Start a RESTful API webserver.")
.option("--hostname <hostname>", "The hostname to bind your API webserver to.")
.option("--port <port>", "The port to run your API webserver on.")
.option(
"--disable-origin-protection",
"If set, allows requests with origin header. Warning, this option exists for backwards compatibility reasons and exposes your environment to known CSRF attacks."
)
.on("--help", () => {
writeLn("\n Notes:");
writeLn("");
writeLn(" Default hostname is `localhost`.");
writeLn(" Use hostname `all` for no hostname binding.");
writeLn(" Default port is `8087`.");
writeLn("");
writeLn(" Examples:");
writeLn("");
writeLn(" bw serve");
writeLn(" bw serve --port 8080");
writeLn(" bw serve --hostname bwapi.mydomain.com --port 80");
writeLn("", true);
})
.action(async (cmd) => {
await this.exitIfNotAuthed();
const command = new ServeCommand(this.main);
await command.run(cmd);
});
2021-12-20 18:04:00 +01:00
}
protected processResponse(response: Response, exitImmediately = false) {
if (!response.success) {
if (process.env.BW_QUIET !== "true") {
if (process.env.BW_RESPONSE === "true") {
writeLn(this.getJson(response), true, false);
} else {
writeLn(chalk.redBright(response.message), true, true);
}
}
const exitCode = process.env.BW_CLEANEXIT ? 0 : 1;
if (exitImmediately) {
process.exit(exitCode);
} else {
process.exitCode = exitCode;
}
return;
}
if (process.env.BW_RESPONSE === "true") {
writeLn(this.getJson(response), true, false);
} else if (response.data != null) {
let out: string = null;
2021-12-20 18:04:00 +01:00
if (response.data.object === "template") {
out = this.getJson((response.data as TemplateResponse).template);
2021-12-20 18:04:00 +01:00
}
if (out == null) {
if (response.data.object === "string") {
const data = (response.data as StringResponse).data;
if (data != null) {
out = data;
}
} else if (response.data.object === "list") {
out = this.getJson((response.data as ListResponse).data);
} else if (response.data.object === "message") {
out = this.getMessage(response);
} else {
out = this.getJson(response.data);
}
}
if (out != null && process.env.BW_QUIET !== "true") {
writeLn(out, true, false);
}
}
if (exitImmediately) {
process.exit(0);
} else {
process.exitCode = 0;
}
}
private getJson(obj: any): string {
if (process.env.BW_PRETTY === "true") {
return JSON.stringify(obj, null, " ");
} else {
return JSON.stringify(obj);
}
}
private getMessage(response: Response): string {
const message = response.data as MessageResponse;
if (process.env.BW_RAW === "true") {
return message.raw;
}
let out = "";
if (message.title != null) {
if (message.noColor) {
out = message.title;
} else {
out = chalk.greenBright(message.title);
}
}
if (message.message != null) {
if (message.title != null) {
out += "\n";
}
out += message.message;
}
return out.trim() === "" ? null : out;
}
private async exitIfAuthed() {
const authed = await this.main.stateService.getIsAuthenticated();
if (authed) {
const email = await this.main.stateService.getEmail();
this.processResponse(Response.error("You are already logged in as " + email + "."), true);
}
}
private async exitIfNotAuthed() {
const authed = await this.main.stateService.getIsAuthenticated();
if (!authed) {
this.processResponse(Response.error("You are not logged in."), true);
}
2021-12-20 18:04:00 +01:00
}
protected async exitIfLocked() {
await this.exitIfNotAuthed();
if (await this.main.cryptoService.hasKeyInMemory()) {
return;
} else if (await this.main.cryptoService.hasKeyStored(KeySuffixOptions.Auto)) {
// load key into memory
await this.main.cryptoService.getKey();
} else if (process.env.BW_NOINTERACTION !== "true") {
// must unlock
if (await this.main.keyConnectorService.getUsesKeyConnector()) {
const response = Response.error(
"Your vault is locked. You must unlock your vault using your session key.\n" +
"If you do not have your session key, you can get a new one by logging out and logging in again."
);
this.processResponse(response, true);
} else {
const command = new UnlockCommand(
this.main.cryptoService,
this.main.stateService,
this.main.cryptoFunctionService,
this.main.apiService,
this.main.logService,
this.main.keyConnectorService,
this.main.environmentService,
this.main.syncService,
this.main.organizationApiService,
this.main.logout
);
const response = await command.run(null, null);
if (!response.success) {
2021-12-20 18:04:00 +01:00
this.processResponse(response, true);
}
}
} else {
this.processResponse(Response.error("Vault is locked."), true);
2018-05-16 04:10:24 +02:00
}
2021-12-20 18:04:00 +01:00
}
2018-05-14 17:15:54 +02:00
}