Comments (13)
kiorky
commented on June 23, 2024
1
from #11
BITWARDEN_TOKEN=$(curl --location -s --request POST \
${BITWARDEN_URL}/identity/connect/token \
--header "Content-Type: application/x-www-form-urlencoded" \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "scope=api" \
--data-urlencode 'deviceName=chrome' \
--data-urlencode 'deviceIdentifier=DEVICE_ID' \
--data-urlencode 'deviceType=DEVICE_TYPE' \
--data-urlencode "username=${BITWARDEN_USER}" \
--data-urlencode "client_id=${BITWARDEN_CLIENID}" \
--data-urlencode "client_secret=${BITWARDEN_SECRET}" | jq -r '.access_token')from bitwardentools.
commonism
commented on June 23, 2024
1
possible via #18
def api_key():
return {"client_id": "…",
"client_secret":"…",
"scope":"api",
"grant_type":"client_credentials"}
client = Client(server, email, password, mfa_cb=api_key)
client.sync()from bitwardentools.
kiorky
commented on June 23, 2024
Feel free to open PR for it, which i would be welcome to merge !
from bitwardentools.
karlism
commented on June 23, 2024
@valleedelisle, can you please create PR for your commit?
from bitwardentools.
kiorky
commented on June 23, 2024
does it cover vaultwarden api token auth too ?
Seems it's for official bitwarden server implementation, isnt it ?
from bitwardentools.
mfominov
commented on June 23, 2024
i've create a patch from this code for tests, unfortunately it doesn't handle api token auth
from bitwardentools.
valleedelisle
commented on June 23, 2024
I don't use this lib anymore because it's incomplete. I decided to wrap around the bwcli instead. Feel free to use my code if it helps, but I can't maintain this as I don't use it anymore.
from bitwardentools.
karlism
commented on June 23, 2024
@commonism, thanks! I've tried it out with bitwardentools 1.0.56 and it works.
Unfortunately client password is still required, am I misunderstanding this feature or is it really supposed to work only when client password is provided?
from bitwardentools.
kiorky
commented on June 23, 2024
@commonism, thanks! I've tried it out with bitwardentools 1.0.56 and it works.
Unfortunately client password is still required, am I misunderstanding this feature or is it really supposed to work only when client password is provided?
Can you paste how you implemented it as there is an error on @commonism snippet, it should be
def api_key():
return {"client_id": "…",
"client_secret":"…",
"scope":"api",
"grant_type":"client_credentials"}
client = Client(server, email, password, authentication_cb=api_key)
client.sync()from bitwardentools.
kiorky
commented on June 23, 2024
BTW, i have some bits to finish before an official release which includes this PR.
from bitwardentools.
karlism
commented on June 23, 2024
Can you paste how you implemented it as there is an error on @commonism snippet, it should be
@kiorky, I did and it works as long as username, password and API key is provided. However it doesn't work if I do not specify email or password. Am I wrong to assume that API key alone should be sufficient to authenticate user?
Python 3.10.12 (main, Jun 19 2023, 16:27:15) [Clang 13.0.0 ] on openbsd7
Type "help", "copyright", "credits" or "license" for more information.
>>> from bitwardentools import Client
>>> def api_key(loginpayload):
... loginpayload.update(
... {
... "client_id": "user.eb76d2ac-528f-4189-8f5b-f200a6e6891e",
... "client_secret": "oAI1704x6sLfxqVCsJkxtl1NrncUmz",
... "scope": "api",
... "grant_type": "client_credentials"
... }
... )
... return loginpayload
...
>>> Client('https://bitwarden.k8s.dev.example.com', '[email protected]', 'password', authentication_cb=api_key)
<bitwardentools.client.Client object at 0xf43d4163fd0>
>>> Client('https://bitwarden.k8s.dev.example.com', authentication_cb=api_key)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/username/.local/lib/python3.10/site-packages/bitwardentools/client.py", line 695, in __init__
raise RunError("no email")
bitwardentools.client.RunError: no email
>>> Client('https://bitwarden.k8s.dev.example.com', '[email protected]', authentication_cb=api_key)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/username/.local/lib/python3.10/site-packages/bitwardentools/client.py", line 699, in __init__
raise RunError("no password")
bitwardentools.client.RunError: no password
BTW, i have some bits to finish before an official release which includes this PR.
I'm aware of that and I've installed bitwardentools from here: https://github.com/corpusops/bitwardentools/archive/refs/tags/1.0.56.tar.gz
from bitwardentools.
commonism
commented on June 23, 2024
Email/Password is required for 2fa, pass empty strings for api key via cb.
Not a beauty, but … consider this cosmetics.
from bitwardentools.
kiorky
commented on June 23, 2024
I'm aware of that and I've installed bitwardentools from here: https://github.com/corpusops/bitwardentools/archive/refs/tags/1.0.56.tar.gz
This isnt a release. Published release remain only on pypi.
from bitwardentools.
Related Issues (17)
- Error when trying to create a login HOT 6
- Requests dependency missing HOT 1
- add TOTP support HOT 4
- add edit_item/edit_login functionality HOT 1
- raising keyerror on 'kdfIterations' HOT 1
- Admin page requests end in NotFounds (vaultwarden) HOT 5
- PyPi version is missing packaging dependency
- Dev requirements HOT 1
- Bitwardentools bw always asks for master password HOT 1
- Edit the cipher username and password. Is it possible?
- Editing login with passkey invalidates date in passkey (or elsewhere in item) and makes login non-editable.
- Argon2id algorithm support?
- Missing dependency - ModuleNotFoundError: No module named 'packaging'
- Changing the item name
- confirm_invitation unnecessarily requires server private key HOT 2
- Error with get_cipher HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bitwardentools.