2023-07-17 04:23:26 +03:00
package actions
import (
"fmt"
"github.com/quexten/goldwarden/agent/config"
"github.com/quexten/goldwarden/agent/sockets"
2023-09-19 22:49:56 +03:00
"github.com/quexten/goldwarden/agent/systemauth"
2023-09-12 03:54:46 +03:00
"github.com/quexten/goldwarden/agent/systemauth/pinentry"
2023-07-17 04:23:26 +03:00
"github.com/quexten/goldwarden/agent/vault"
"github.com/quexten/goldwarden/ipc"
)
2023-09-12 19:56:35 +03:00
func handleGetCliCredentials ( request ipc . IPCMessage , cfg * config . Config , vault * vault . Vault , ctx * sockets . CallingContext ) ( response ipc . IPCMessage , err error ) {
2023-07-17 04:23:26 +03:00
req := request . ParsedPayload ( ) . ( ipc . GetCLICredentialsRequest )
2023-09-12 03:54:46 +03:00
if approved , err := pinentry . GetApproval ( "Approve Credential Access" , fmt . Sprintf ( "%s on %s>%s>%s is trying to access credentials for %s" , ctx . UserName , ctx . GrandParentProcessName , ctx . ParentProcessName , ctx . ProcessName , req . ApplicationName ) ) ; err != nil || ! approved {
2023-07-17 04:23:26 +03:00
response , err = ipc . IPCMessageFromPayload ( ipc . ActionResponse {
Success : false ,
Message : "not approved" ,
} )
if err != nil {
2023-09-12 19:56:35 +03:00
return ipc . IPCMessage { } , err
2023-07-17 04:23:26 +03:00
}
return response , nil
}
env , found := vault . GetEnvCredentialForExecutable ( req . ApplicationName )
if ! found {
response , err = ipc . IPCMessageFromPayload ( ipc . ActionResponse {
Success : false ,
Message : "no credentials found for " + req . ApplicationName ,
} )
if err != nil {
2023-09-12 19:56:35 +03:00
return ipc . IPCMessage { } , err
2023-07-17 04:23:26 +03:00
}
return response , nil
}
response , err = ipc . IPCMessageFromPayload ( ipc . GetCLICredentialsResponse {
Env : env ,
} )
return
}
func init ( ) {
2023-09-19 22:49:56 +03:00
AgentActionsRegistry . Register ( ipc . IPCMessageTypeGetCLICredentialsRequest , ensureEverything ( systemauth . AccessVault , handleGetCliCredentials ) )
2023-07-17 04:23:26 +03:00
}