Skip to content

Pass OTP data across to OTP extension for further action #118

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Apr 15, 2019
Merged

Pass OTP data across to OTP extension for further action #118

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
439e685
Extract OTP field
erayd Apr 15, 2019
8bdead1
Pass otp info, tab & current hostname to OTP extension
erayd Apr 15, 2019
3595d69
Use the existing host from settings
erayd Apr 15, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 35 additions & 1 deletion src/background.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@ var idb = require("idb");
// native application id
var appID = "com.github.browserpass.native";

// OTP extension id
var otpID = [
"afjjoildnccgmjbblnklbohcbjehjaph", // webstore releases
"jbnpmhhgnchcoljeobafpinmchnpdpin" // github releases
];

// default settings
var defaultSettings = {
autoSubmit: false,
Expand Down Expand Up @@ -785,13 +791,20 @@ async function parseFields(settings, login) {
secret: ["secret", "password", "pass"],
login: ["login", "username", "user"],
openid: ["openid"],
otp: ["otp", "totp", "hotp"],
url: ["url", "uri", "website", "site", "link", "launch"]
};
login.settings = {
autoSubmit: { name: "autosubmit", type: "bool" }
};
var lines = login.raw.split(/[\r\n]+/).filter(line => line.trim().length > 0);
lines.forEach(function(line) {
// check for uri-encoded otp
if (line.match(/^otpauth:\/\/.+/)) {
login.fields.otp = { key: null, data: line };
return;
}

// split key / value & ignore non-k/v lines
var parts = line.match(/^(.+?):(.+)$/);
if (parts === null) {
Expand All @@ -811,7 +824,11 @@ async function parseFields(settings, login) {
Array.isArray(login.fields[key]) &&
login.fields[key].includes(parts[0].toLowerCase())
) {
login.fields[key] = parts[1];
if (key === "otp") {
login.fields[key] = { key: parts[0].toLowerCase(), data: parts[1] };
} else {
login.fields[key] = parts[1];
}
break;
}
}
Expand Down Expand Up @@ -851,6 +868,23 @@ async function parseFields(settings, login) {
delete login.settings[key];
}
}

// trigger otp extension
if (login.fields.hasOwnProperty("otp")) {
for (let key in otpID) {
chrome.runtime
.sendMessage(otpID[key], {
otp: login.fields.otp,
host: settings.host,
tab: settings.tab
})
// Both response & error are noop functions, because we don't care about
// the response, and if there's an error it just means the otp extension
// is probably not installed. We can't detect that without requesting the
// management permission, so this is an acceptable workaround.
.then(noop => null, noop => null);
}
}
}

/**
Expand Down