1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-10-30 08:10:34 +01:00
bitwarden-browser/src/commands/get.command.ts

460 lines
18 KiB
TypeScript
Raw Normal View History

2018-05-14 19:37:52 +02:00
import * as program from 'commander';
2018-05-17 19:28:22 +02:00
import * as fet from 'node-fetch';
2018-05-14 19:37:52 +02:00
import { CipherType } from 'jslib/enums/cipherType';
2018-11-16 16:02:22 +01:00
import { ApiService } from 'jslib/abstractions/api.service';
2018-05-17 17:07:53 +02:00
import { AuditService } from 'jslib/abstractions/audit.service';
2018-05-14 19:37:52 +02:00
import { CipherService } from 'jslib/abstractions/cipher.service';
import { CollectionService } from 'jslib/abstractions/collection.service';
2018-05-17 19:28:22 +02:00
import { CryptoService } from 'jslib/abstractions/crypto.service';
2018-05-14 19:37:52 +02:00
import { FolderService } from 'jslib/abstractions/folder.service';
2018-08-13 20:38:04 +02:00
import { SearchService } from 'jslib/abstractions/search.service';
2018-05-14 19:37:52 +02:00
import { TotpService } from 'jslib/abstractions/totp.service';
2018-05-18 21:26:59 +02:00
import { UserService } from 'jslib/abstractions/user.service';
import { Organization } from 'jslib/models/domain/organization';
2018-05-14 19:37:52 +02:00
2018-12-17 16:30:06 +01:00
import { Card } from 'jslib/models/export/card';
import { Cipher } from 'jslib/models/export/cipher';
import { Collection } from 'jslib/models/export/collection';
import { Field } from 'jslib/models/export/field';
import { Folder } from 'jslib/models/export/folder';
import { Identity } from 'jslib/models/export/identity';
import { Login } from 'jslib/models/export/login';
import { LoginUri } from 'jslib/models/export/loginUri';
import { SecureNote } from 'jslib/models/export/secureNote';
2018-05-16 17:54:59 +02:00
import { CipherView } from 'jslib/models/view/cipherView';
import { CollectionView } from 'jslib/models/view/collectionView';
import { FolderView } from 'jslib/models/view/folderView';
2019-09-25 23:11:48 +02:00
import { CipherString } from 'jslib/models/domain/cipherString';
2019-03-16 03:34:59 +01:00
import { Response } from 'jslib/cli/models/response';
import { MessageResponse } from 'jslib/cli/models/response/messageResponse';
import { StringResponse } from 'jslib/cli/models/response/stringResponse';
2018-05-14 20:54:19 +02:00
import { CipherResponse } from '../models/response/cipherResponse';
import { CollectionResponse } from '../models/response/collectionResponse';
import { FolderResponse } from '../models/response/folderResponse';
2019-09-25 23:11:48 +02:00
import { OrganizationCollectionResponse } from '../models/response/organizationCollectionResponse';
2018-05-18 21:26:59 +02:00
import { OrganizationResponse } from '../models/response/organizationResponse';
2018-05-14 22:25:14 +02:00
import { TemplateResponse } from '../models/response/templateResponse';
2019-09-25 22:08:56 +02:00
import { OrganizationCollectionRequest } from '../models/request/organizationCollectionRequest';
2019-09-25 23:11:48 +02:00
import { SelectionReadOnly } from '../models/selectionReadOnly';
2018-05-16 17:54:59 +02:00
import { CliUtils } from '../utils';
2018-11-16 16:02:22 +01:00
import { Utils } from 'jslib/misc/utils';
2018-05-14 19:37:52 +02:00
export class GetCommand {
constructor(private cipherService: CipherService, private folderService: FolderService,
2018-05-17 17:07:53 +02:00
private collectionService: CollectionService, private totpService: TotpService,
2018-05-18 16:55:50 +02:00
private auditService: AuditService, private cryptoService: CryptoService,
2018-11-16 16:02:22 +01:00
private userService: UserService, private searchService: SearchService,
private apiService: ApiService) { }
2018-05-14 19:37:52 +02:00
2018-05-14 20:54:19 +02:00
async run(object: string, id: string, cmd: program.Command): Promise<Response> {
2018-05-16 17:54:59 +02:00
if (id != null) {
id = id.toLowerCase();
}
2018-05-14 22:25:14 +02:00
switch (object.toLowerCase()) {
2018-05-14 19:37:52 +02:00
case 'item':
2018-05-17 21:55:44 +02:00
return await this.getCipher(id);
2018-05-16 19:59:08 +02:00
case 'username':
return await this.getUsername(id);
case 'password':
return await this.getPassword(id);
case 'uri':
return await this.getUri(id);
2018-05-14 19:37:52 +02:00
case 'totp':
2018-05-14 20:54:19 +02:00
return await this.getTotp(id);
2018-05-17 17:07:53 +02:00
case 'exposed':
return await this.getExposed(id);
2018-05-17 21:55:44 +02:00
case 'attachment':
return await this.getAttachment(id, cmd);
2018-05-14 19:37:52 +02:00
case 'folder':
2018-05-14 20:54:19 +02:00
return await this.getFolder(id);
2018-05-14 19:37:52 +02:00
case 'collection':
2018-05-14 20:54:19 +02:00
return await this.getCollection(id);
2019-09-25 23:11:48 +02:00
case 'org-collection':
return await this.getOrganizationCollection(id, cmd);
2018-05-18 21:26:59 +02:00
case 'organization':
return await this.getOrganization(id);
2018-05-14 22:25:14 +02:00
case 'template':
return await this.getTemplate(id);
2018-11-16 16:02:22 +01:00
case 'fingerprint':
return await this.getFingerprint(id);
2018-05-14 19:37:52 +02:00
default:
2018-05-14 20:54:19 +02:00
return Response.badRequest('Unknown object.');
2018-05-14 19:37:52 +02:00
}
}
2019-10-21 20:16:16 +02:00
private async getCipherView(id: string): Promise<CipherView | CipherView[]> {
2018-05-16 17:54:59 +02:00
let decCipher: CipherView = null;
2019-10-01 17:04:15 +02:00
if (Utils.isGuid(id)) {
2018-05-16 17:54:59 +02:00
const cipher = await this.cipherService.get(id);
if (cipher != null) {
decCipher = await cipher.decrypt();
}
} else if (id.trim() !== '') {
let ciphers = await this.cipherService.getAllDecrypted();
2018-08-13 20:38:04 +02:00
ciphers = this.searchService.searchCiphersBasic(ciphers, id);
2018-05-16 17:54:59 +02:00
if (ciphers.length > 1) {
2019-10-21 20:16:16 +02:00
return ciphers;
2018-05-16 17:54:59 +02:00
}
if (ciphers.length > 0) {
decCipher = ciphers[0];
}
2018-05-14 19:37:52 +02:00
}
2018-12-08 03:55:32 +01:00
return decCipher;
}
2019-10-21 20:16:16 +02:00
private async getCipher(id: string, filter?: (c: CipherView) => boolean) {
let decCipher = await this.getCipherView(id);
2018-05-16 17:54:59 +02:00
if (decCipher == null) {
return Response.notFound();
}
2018-12-08 03:55:32 +01:00
if (Array.isArray(decCipher)) {
2019-10-21 20:16:16 +02:00
if (filter != null) {
const filteredCiphers = decCipher.filter(filter);
if (filteredCiphers.length === 1) {
decCipher = filteredCiphers[0];
}
}
if (Array.isArray(decCipher)) {
return Response.multipleResults(decCipher.map((c) => c.id));
}
2018-12-08 03:55:32 +01:00
}
2018-05-14 20:54:19 +02:00
const res = new CipherResponse(decCipher);
return Response.success(res);
2018-05-14 19:37:52 +02:00
}
2018-05-16 19:59:08 +02:00
private async getUsername(id: string) {
2019-10-21 20:16:16 +02:00
const cipherResponse = await this.getCipher(id,
(c) => c.type === CipherType.Login && !Utils.isNullOrWhitespace(c.login.username));
2018-05-16 19:59:08 +02:00
if (!cipherResponse.success) {
return cipherResponse;
}
const cipher = cipherResponse.data as CipherResponse;
if (cipher.type !== CipherType.Login) {
return Response.badRequest('Not a login.');
}
2019-10-21 20:16:16 +02:00
if (Utils.isNullOrWhitespace(cipher.login.username)) {
2018-05-16 19:59:08 +02:00
return Response.error('No username available for this login.');
}
const res = new StringResponse(cipher.login.username);
return Response.success(res);
}
private async getPassword(id: string) {
2019-10-21 20:16:16 +02:00
const cipherResponse = await this.getCipher(id,
(c) => c.type === CipherType.Login && !Utils.isNullOrWhitespace(c.login.password));
2018-05-16 19:59:08 +02:00
if (!cipherResponse.success) {
return cipherResponse;
}
const cipher = cipherResponse.data as CipherResponse;
if (cipher.type !== CipherType.Login) {
return Response.badRequest('Not a login.');
}
2019-10-21 20:16:16 +02:00
if (Utils.isNullOrWhitespace(cipher.login.password)) {
2018-05-16 19:59:08 +02:00
return Response.error('No password available for this login.');
}
const res = new StringResponse(cipher.login.password);
return Response.success(res);
}
private async getUri(id: string) {
2019-10-21 20:16:16 +02:00
const cipherResponse = await this.getCipher(id,
(c) => c.type === CipherType.Login && c.login.uris != null && c.login.uris.length > 0 &&
c.login.uris[0].uri !== '');
2018-05-16 19:59:08 +02:00
if (!cipherResponse.success) {
return cipherResponse;
}
const cipher = cipherResponse.data as CipherResponse;
if (cipher.type !== CipherType.Login) {
return Response.badRequest('Not a login.');
}
if (cipher.login.uris == null || cipher.login.uris.length === 0 || cipher.login.uris[0].uri === '') {
return Response.error('No uri available for this login.');
}
const res = new StringResponse(cipher.login.uris[0].uri);
return Response.success(res);
}
2018-05-14 19:37:52 +02:00
private async getTotp(id: string) {
2019-10-21 20:16:16 +02:00
const cipherResponse = await this.getCipher(id,
(c) => c.type === CipherType.Login && !Utils.isNullOrWhitespace(c.login.totp));
2018-05-16 17:54:59 +02:00
if (!cipherResponse.success) {
return cipherResponse;
2018-05-14 19:37:52 +02:00
}
2018-05-16 17:54:59 +02:00
const cipher = cipherResponse.data as CipherResponse;
2018-05-14 19:37:52 +02:00
if (cipher.type !== CipherType.Login) {
2018-05-14 20:54:19 +02:00
return Response.badRequest('Not a login.');
2018-05-14 19:37:52 +02:00
}
2019-10-21 20:16:16 +02:00
if (Utils.isNullOrWhitespace(cipher.login.totp)) {
2018-05-14 20:54:19 +02:00
return Response.error('No TOTP available for this login.');
2018-05-14 19:37:52 +02:00
}
2018-05-16 17:54:59 +02:00
const totp = await this.totpService.getCode(cipher.login.totp);
2018-05-14 19:37:52 +02:00
if (totp == null) {
2018-05-14 20:54:19 +02:00
return Response.error('Couldn\'t generate TOTP code.');
2018-05-14 19:37:52 +02:00
}
2018-08-29 05:17:44 +02:00
const canAccessPremium = await this.userService.canAccessPremium();
if (!canAccessPremium) {
const originalCipher = await this.cipherService.get(cipher.id);
2018-05-18 16:55:50 +02:00
if (originalCipher == null || originalCipher.organizationId == null ||
!originalCipher.organizationUseTotp) {
2018-08-29 05:17:44 +02:00
return Response.error('Premium status is required to use this feature.');
2018-05-18 16:55:50 +02:00
}
}
2018-05-14 20:54:19 +02:00
const res = new StringResponse(totp);
return Response.success(res);
2018-05-14 19:37:52 +02:00
}
2018-05-17 17:07:53 +02:00
private async getExposed(id: string) {
const passwordResponse = await this.getPassword(id);
if (!passwordResponse.success) {
return passwordResponse;
}
const exposedNumber = await this.auditService.passwordLeaked((passwordResponse.data as StringResponse).data);
const res = new StringResponse(exposedNumber.toString());
return Response.success(res);
}
2018-05-17 21:55:44 +02:00
private async getAttachment(id: string, cmd: program.Command) {
if (cmd.itemid == null || cmd.itemid === '') {
return Response.badRequest('--itemid <itemid> required.');
}
2018-05-17 19:43:53 +02:00
2018-05-17 21:55:44 +02:00
const itemId = cmd.itemid.toLowerCase();
const cipherResponse = await this.getCipher(itemId);
2018-05-17 19:28:22 +02:00
if (!cipherResponse.success) {
return cipherResponse;
}
2018-12-08 03:55:32 +01:00
const cipher = await this.getCipherView(itemId);
if (cipher == null || Array.isArray(cipher) || cipher.attachments.length === 0) {
2018-05-17 19:28:22 +02:00
return Response.error('No attachments available for this item.');
}
2018-05-17 21:55:44 +02:00
const attachments = cipher.attachments.filter((a) => a.id.toLowerCase() === id ||
(a.fileName != null && a.fileName.toLowerCase().indexOf(id) > -1));
2018-05-17 19:43:53 +02:00
if (attachments.length === 0) {
2018-05-17 21:55:44 +02:00
return Response.error('Attachment `' + id + '` was not found.');
2018-05-17 19:28:22 +02:00
}
2018-05-17 19:43:53 +02:00
if (attachments.length > 1) {
return Response.multipleResults(attachments.map((a) => a.id));
2018-05-17 19:28:22 +02:00
}
if (!(await this.userService.canAccessPremium())) {
2018-05-18 16:55:50 +02:00
const originalCipher = await this.cipherService.get(cipher.id);
if (originalCipher == null || originalCipher.organizationId == null) {
return Response.error('Premium status is required to use this feature.');
2018-05-18 16:55:50 +02:00
}
}
2018-05-17 19:43:53 +02:00
const response = await fet.default(new fet.Request(attachments[0].url, { headers: { cache: 'no-cache' } }));
2018-05-17 19:28:22 +02:00
if (response.status !== 200) {
return Response.error('A ' + response.status + ' error occurred while downloading the attachment.');
}
try {
const buf = await response.arrayBuffer();
2018-12-08 03:55:32 +01:00
const key = attachments[0].key != null ? attachments[0].key :
await this.cryptoService.getOrgKey(cipher.organizationId);
2018-05-17 19:28:22 +02:00
const decBuf = await this.cryptoService.decryptFromBytes(buf, key);
return await CliUtils.saveResultToFile(Buffer.from(decBuf), cmd.output, attachments[0].fileName);
2018-05-17 19:28:22 +02:00
} catch (e) {
if (typeof (e) === 'string') {
return Response.error(e);
} else {
return Response.error('An error occurred while saving the attachment.');
}
}
}
2018-05-14 19:37:52 +02:00
private async getFolder(id: string) {
2018-05-16 17:54:59 +02:00
let decFolder: FolderView = null;
2019-10-01 17:04:15 +02:00
if (Utils.isGuid(id)) {
2018-05-16 17:54:59 +02:00
const folder = await this.folderService.get(id);
if (folder != null) {
decFolder = await folder.decrypt();
}
} else if (id.trim() !== '') {
let folders = await this.folderService.getAllDecrypted();
folders = CliUtils.searchFolders(folders, id);
if (folders.length > 1) {
2018-05-16 18:00:40 +02:00
return Response.multipleResults(folders.map((f) => f.id));
2018-05-16 17:54:59 +02:00
}
if (folders.length > 0) {
decFolder = folders[0];
}
2018-05-14 19:37:52 +02:00
}
2018-05-16 17:54:59 +02:00
if (decFolder == null) {
return Response.notFound();
}
2018-05-14 20:54:19 +02:00
const res = new FolderResponse(decFolder);
return Response.success(res);
2018-05-14 19:37:52 +02:00
}
private async getCollection(id: string) {
2018-05-16 17:54:59 +02:00
let decCollection: CollectionView = null;
2019-10-01 17:04:15 +02:00
if (Utils.isGuid(id)) {
2018-05-16 17:54:59 +02:00
const collection = await this.collectionService.get(id);
if (collection != null) {
decCollection = await collection.decrypt();
}
} else if (id.trim() !== '') {
let collections = await this.collectionService.getAllDecrypted();
collections = CliUtils.searchCollections(collections, id);
if (collections.length > 1) {
2018-05-16 18:00:40 +02:00
return Response.multipleResults(collections.map((c) => c.id));
2018-05-16 17:54:59 +02:00
}
if (collections.length > 0) {
decCollection = collections[0];
}
2018-05-14 19:37:52 +02:00
}
2018-05-16 17:54:59 +02:00
if (decCollection == null) {
return Response.notFound();
}
2018-05-14 20:54:19 +02:00
const res = new CollectionResponse(decCollection);
return Response.success(res);
2018-05-14 19:37:52 +02:00
}
2018-05-14 22:25:14 +02:00
2019-09-25 23:11:48 +02:00
private async getOrganizationCollection(id: string, cmd: program.Command) {
if (cmd.organizationid == null || cmd.organizationid === '') {
return Response.badRequest('--organizationid <organizationid> required.');
}
2019-10-01 17:04:15 +02:00
if (!Utils.isGuid(id)) {
2019-09-25 23:11:48 +02:00
return Response.error('`' + id + '` is not a GUID.');
}
2019-10-01 17:04:15 +02:00
if (!Utils.isGuid(cmd.organizationid)) {
2019-09-25 23:11:48 +02:00
return Response.error('`' + cmd.organizationid + '` is not a GUID.');
}
try {
const orgKey = await this.cryptoService.getOrgKey(cmd.organizationid);
if (orgKey == null) {
throw new Error('No encryption key for this organization.');
}
const response = await this.apiService.getCollectionDetails(cmd.organizationid, id);
const decCollection = new CollectionView(response);
decCollection.name = await this.cryptoService.decryptToUtf8(
new CipherString(response.name), orgKey);
const groups = response.groups == null ? null :
response.groups.map((g) => new SelectionReadOnly(g.id, g.readOnly, g.hidePasswords));
2019-09-25 23:11:48 +02:00
const res = new OrganizationCollectionResponse(decCollection, groups);
return Response.success(res);
} catch (e) {
return Response.error(e);
}
}
2018-05-18 21:26:59 +02:00
private async getOrganization(id: string) {
let org: Organization = null;
2019-10-01 17:04:15 +02:00
if (Utils.isGuid(id)) {
2018-05-18 21:26:59 +02:00
org = await this.userService.getOrganization(id);
} else if (id.trim() !== '') {
let orgs = await this.userService.getAllOrganizations();
orgs = CliUtils.searchOrganizations(orgs, id);
if (orgs.length > 1) {
return Response.multipleResults(orgs.map((c) => c.id));
}
if (orgs.length > 0) {
org = orgs[0];
}
}
if (org == null) {
return Response.notFound();
}
const res = new OrganizationResponse(org);
return Response.success(res);
}
2018-05-14 22:25:14 +02:00
private async getTemplate(id: string) {
let template: any = null;
switch (id.toLowerCase()) {
case 'item':
2018-05-15 18:18:47 +02:00
template = Cipher.template();
2018-05-14 22:25:14 +02:00
break;
2018-05-18 15:16:34 +02:00
case 'item.field':
2018-05-15 18:18:47 +02:00
template = Field.template();
2018-05-14 22:25:14 +02:00
break;
2018-05-18 15:16:34 +02:00
case 'item.login':
2018-05-15 18:18:47 +02:00
template = Login.template();
2018-05-14 22:25:14 +02:00
break;
2018-05-18 15:16:34 +02:00
case 'item.login.uri':
2018-05-15 18:18:47 +02:00
template = LoginUri.template();
2018-05-14 22:25:14 +02:00
break;
2018-05-18 15:16:34 +02:00
case 'item.card':
2018-05-15 18:18:47 +02:00
template = Card.template();
2018-05-14 22:25:14 +02:00
break;
2018-05-18 15:16:34 +02:00
case 'item.identity':
2018-05-15 18:18:47 +02:00
template = Identity.template();
2018-05-14 22:25:14 +02:00
break;
2018-05-18 15:16:34 +02:00
case 'item.securenote':
2018-05-15 18:18:47 +02:00
template = SecureNote.template();
2018-05-14 22:25:14 +02:00
break;
2018-05-15 18:53:08 +02:00
case 'folder':
template = Folder.template();
break;
case 'collection':
template = Collection.template();
break;
2018-10-23 23:31:59 +02:00
case 'item-collections':
template = ['collection-id1', 'collection-id2'];
break;
2019-09-25 22:08:56 +02:00
case 'org-collection':
template = OrganizationCollectionRequest.template();
break;
2018-05-14 22:25:14 +02:00
default:
2018-05-14 23:13:57 +02:00
return Response.badRequest('Unknown template object.');
2018-05-14 22:25:14 +02:00
}
2018-05-15 05:40:11 +02:00
2018-05-14 22:25:14 +02:00
const res = new TemplateResponse(template);
return Response.success(res);
}
2018-11-16 16:02:22 +01:00
private async getFingerprint(id: string) {
let fingerprint: string[] = null;
if (id === 'me') {
fingerprint = await this.cryptoService.getFingerprint(await this.userService.getUserId());
2019-10-01 17:04:15 +02:00
} else if (Utils.isGuid(id)) {
2018-11-16 16:02:22 +01:00
try {
const response = await this.apiService.getUserPublicKey(id);
const pubKey = Utils.fromB64ToArray(response.publicKey);
fingerprint = await this.cryptoService.getFingerprint(id, pubKey.buffer);
} catch { }
}
if (fingerprint == null) {
return Response.notFound();
}
const res = new StringResponse(fingerprint.join('-'));
return Response.success(res);
}
2018-05-14 19:37:52 +02:00
}