Petru Posted August 23, 2019 Share Posted August 23, 2019 (edited) @blacs30 Could you add notifications for login? Like "Login successful" / "Cannot login - Incorrect password" ? Also: Is there any clipboard wiping done after a few seconds? Other security measures in place? Edited August 23, 2019 by Petru Link to comment
alexbet Posted September 18, 2019 Share Posted September 18, 2019 I installed this workflow and installed the Node version of the CLI, but the workflow doesn't work for me. I set the email, I set the server, and when i try to login and type bwlogin and hit enter, nothing happens. The Alfred search bar disappears, and that is it. Am I doing something wrong? Link to comment
blacs30 Posted September 19, 2019 Author Share Posted September 19, 2019 @alexbet Thanks for reporting this issue. So the workflow doesn't ask you for the password for your bitwarden account, correct? Which macOS version do you run? Are you running Alfred 4 and have you upgraded it from version 3 or is it der first time you are using Alfred? Did you allow Alfred in the Accessibility settings (System Preferences > Security & Privacy > Privacy > Accessibility > add Alfred here) Currently there is a known issue for a clean Alfred 4 installation on macOS without having Alfred 3 installed before that. I didn't find time to fix it yet. Link to comment
alexbet Posted September 19, 2019 Share Posted September 19, 2019 (edited) Hi @blacs30 you are correct, the workflow doesn't ask for a password when I try to login with my BitWarden account. I am using the latest Mac OS X 10.14.6. Yes, I upgraded Alfred from v3 to v4, and I am running the latest Alfred 4.0.4 version. Also, Alfred is already enabled in the Privacy/Accessibility settings in System Preferences. Edited September 19, 2019 by alexbet Link to comment
blacs30 Posted September 19, 2019 Author Share Posted September 19, 2019 Hi @alexbet, thanks for the information. That is a strange behaviour. Can you please check the logs of the workflow (in the Alfred Preferences select the workflow and then enable the debug mode by clicking on the bug icon at the top right ) Link to comment
alexbet Posted September 19, 2019 Share Posted September 19, 2019 @blacs30, here is what appears in the debugging console when I try to login (see the error): [12:14:41.910] Logging Started... [12:14:51.982] Bitwarden CLI[Keyword] Processing complete [12:14:51.983] Bitwarden CLI[Keyword] Passing output '' to Run Script [12:14:52.520] ERROR: Bitwarden CLI[Run Script] 2910:2911: syntax error: Expected end of line but found “"”. (-2741) [12:14:52.523] Bitwarden CLI[Run Script] Processing complete [12:14:52.523] Bitwarden CLI[Run Script] Passing output '' to Post Notification Link to comment
blacs30 Posted September 20, 2019 Author Share Posted September 20, 2019 @alexbet just for confirmation, are you using version 1.2.4? You can also find it here on Github https://github.com/blacs30/bitwarden-alfred-workflow/releases Link to comment
thomasSDK Posted September 28, 2019 Share Posted September 28, 2019 Hi blacs30, This is an amazing Workflow but im running into some issues getting it up and running and it would be great if you could help me out and if you can explain whats going wrong in the code as well that would be amazing (ive had a bit of a poke around but dont have much experience with Python). Im running version 1.2.4 and Alfred 4 with Script Editor and Alfred both added to the Accessibly permissions of Privacy and Security. When trying to Login the enter password popup shows but when I enter my password nothing happens, here is the log from the debug console (ive managed to login via the bitwarden-cli in the terminal btws) Cheers [22:32:04.480] Bitwarden CLI[Keyword] Processing complete [22:32:04.481] Bitwarden CLI[Keyword] Passing output '' to Run Script [22:32:09.923] STDERR: Bitwarden CLI[Run Script] . 22:32:04 workflow.py:2055 DEBUG ---------- Bitwarden CLI (1.2.4) ---------- 22:32:04 <string>:120 DEBUG MAIN: Started 22:32:04 <string>:132 DEBUG MAIN: 2fa method not set 22:32:04 <string>:142 DEBUG MAIN: 2fa not used 22:32:04 <string>:97 DEBUG START get_bw_exec 22:32:04 <string>:106 DEBUG END found get_bw_exec 22:32:04 <string>:149 DEBUG MAIN: Start login without 2fa 22:32:04 <string>:54 DEBUG login: - bw Start running bw login 22:32:04 <string>:17 DEBUG login: START for ********@mail.com and title: Enter Bitwarden password 22:32:04 <string>:37 DEBUG login: START osascript to ask for the password. 22:32:09 <string>:40 DEBUG login: Evaluate returned result status from the password entry. 22:32:09 <string>:45 DEBUG login: osascript - An error occured: 2019-09-28 22:32:04.818 osascript[96370:371271] isPrefsCreateCacheFromEnabledAndDefaultInputSources - can't find anything from GetInputSourceEnabledPrefs, use defaultASCIIKeyLayoutDict = <CFBasicHash 0x7fb48d532f10 [0x7fff9600f8e0]>{type = mutable dict, count = 3, entries => 0 : <CFString 0x7fff9607a818 [0x7fff9600f8e0]>{contents = "InputSourceKind"} = <CFString 0x7fff960bfd58 [0x7fff9600f8e0]>{contents = "Keyboard Layout"} 1 : <CFString 0x7fff960abe98 [0x7fff9600f8e0]>{contents = "KeyboardLayout ID"} = <CFNumber 0x7c28f854af23cc1f [0x7fff9600f8e0]>{value = +2, type = kCFNumberSInt64Type} 9 : <CFString 0x7fff96075518 [0x7fff9600f8e0]>{contents = "KeyboardLayout Name"} = British } 22:32:09 workflow.py:2074 ERROR local variable 'out' referenced before assignment Traceback (most recent call last): File "workflow/workflow.py", line 2067, in run func(self) File "<string>", line 150, in main File "<string>", line 57, in login UnboundLocalError: local variable 'out' referenced before assignment 22:32:09 workflow.py:2097 DEBUG ---------- finished in 5.290s ---------- [22:32:09.928] Bitwarden CLI[Run Script] Processing complete [22:32:09.929] Bitwarden CLI[Run Script] Passing output '<?xml version="1.0" encoding="utf-8"?> <items><item valid="no"><title>Error in workflow 'Bitwarden CLI'</title><subtitle>local variable 'out' referenced before assignment</subtitle><icon>/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/AlertStopIcon.icns</icon></item></items>' to Post Notification Link to comment
Al30 Posted January 10, 2020 Share Posted January 10, 2020 (edited) Hi @blacs30, I'm so excited to get this one working! Kudos for the work. It seems that I'm having some issues and wanted to put them out there in case someone is having a similar issue and for your information so that it can be resolved: Environment: MacOs Catalina v10.15.2 Homebrew: v2.2.2 bitwarden cli: v1.8.0 Alfred: v3.8.6 Alfred Bitwarden Workflow: v1.2.4 (Only because the latest version v1.3.0 -I think- is "incompatible" with Alfred version 3.8.6) Actions: bwsetemail - Set the Bitwarden user account email bwsetserver - Set the Bitwarden server to connect to bwset2fa - Enable 2FA for Bitwarden login bwset2famethod - Set the method for the Bitwarden 2FA login (1) bwlogin - Log in to Bitwarden Verified that the accessibility is correctly set up as recommended earlier in the thread. Issue: [2020-01-10 11:32:44][input.keyword] Processing output of 'action.script' with arg '' [2020-01-10 11:33:09][ERROR: action.script] . 11:32:44 workflow.py:2055 DEBUG ---------- Bitwarden CLI (1.2.4) ---------- 11:32:44 <string>:120 DEBUG MAIN: Started 11:32:44 <string>:97 DEBUG START get_bw_exec 11:32:44 <string>:106 DEBUG END found get_bw_exec 11:32:44 <string>:157 DEBUG MAIN: Start login with 2fa and method set to: 1 11:32:44 <string>:54 DEBUG login: - bw Start running bw login 11:32:44 <string>:17 DEBUG login: START for ***********@gmail.com and title: Enter Bitwarden password 11:32:44 <string>:37 DEBUG login: START osascript to ask for the password. 11:32:51 <string>:40 DEBUG login: Evaluate returned result status from the password entry. 11:32:51 <string>:17 DEBUG login: START for alvarobolanos@gmail.com and title: Enter Bitwarden second factor code 11:32:51 <string>:37 DEBUG login: START osascript to ask for the password. 11:33:05 <string>:40 DEBUG login: Evaluate returned result status from the password entry. 11:33:08 <string>:73 DEBUG login: bw Evaluating bw login result 11:33:08 <string>:78 DEBUG login: bw An error occured: [object Object] 11:33:08 <string>:159 DEBUG MAIN: 2fa with method set login result: (trimmed) 11:33:08 <string>:162 DEBUG MAIN: Error occured: [object Object] 11:33:09 workflow.py:2097 DEBUG ---------- finished in 24.185s ---------- [2020-01-10 11:33:09][action.script] Processing output of 'output.notification' with arg 'error output: [object Object] ' Here's the notification related to it. Let me know if you need more information and I'll be happy to share what I can. Regards. Edited January 10, 2020 by Al30 Added @ and 2fa option I've selected. Link to comment
blacs30 Posted May 19, 2020 Author Share Posted May 19, 2020 (edited) On 1/10/2020 at 5:55 PM, Al30 said: Hi @blacs30, I'm so excited to get this one working! Kudos for the work. It seems that I'm having some issues and wanted to put them out there in case someone is having a similar issue and for your information so that it can be resolved: I'm sorry not to have answered before @Al30 . I think I messed up my notifications here from the forum. Do you still need help? For the logs it looked like that the setting for 2fa mode might have been wrong. I would ask you to try to login via cli in the terminal. If the cli asks you to choose an 2fa auth method (which only happens if multiple 2fa ways are setup) then you need to configure the method otherwise it's 0. Edited May 19, 2020 by blacs30 Link to comment
blacs30 Posted May 19, 2020 Author Share Posted May 19, 2020 (edited) On 9/28/2019 at 11:51 PM, thomasSDK said: Hi blacs30, This is an amazing Workflow but im running into some issues getting it up and running and it would be great if you could help me out and if you can explain whats going wrong in the code as well that would be amazing (ive had a bit of a poke around but dont have much experience with Python). Im running version 1.2.4 and Alfred 4 with Script Editor and Alfred both added to the Accessibly permissions of Privacy and Security. When trying to Login the enter password popup shows but when I enter my password nothing happens, here is the log from the debug console (ive managed to login via the bitwarden-cli in the terminal btws) Also sorry to you @thomasSDK for my very very last reply. I will configure my notifications here on the forum. This error you showed looks heavily like this one https://stackoverflow.com/questions/53603246/strange-error-running-osascript-e-command-on-macos-mojave Edited May 19, 2020 by blacs30 Link to comment
raultaboraz Posted May 29, 2020 Share Posted May 29, 2020 Hello I am using High Sierra and Alfred v4 and v1.30 extension and I have the same problem. I use bwsetemail me@mail.com & hit ENTER and nothing happens... I tried to add another keyboard input (as you suggested a bug in MOVAJE) but it doesn't work... However if I use bwlogin I can see a popup. I have tried bitwarden cli and it works perfectly in terminal. Could you please help me? I really NEED this workflow. Thanks in advance Link to comment
deanishe Posted May 29, 2020 Share Posted May 29, 2020 2 hours ago, raultaboraz said: and nothing happens... That isn’t a useful description of the problem. Something is happening, and we need to know what it is in order to help you. What does Alfred's debugger say? Link to comment
blacs30 Posted May 29, 2020 Author Share Posted May 29, 2020 2 hours ago, raultaboraz said: I use bwsetemail me@mail.com & hit ENTER and nothing happens... If Alfred is allowed to send notifications you should set a confirmation notification like this (screenshot 1) You can also double check the keychain if items have been created there. Open the app "Keychain Access", search for "bitwarden", you should be able to see couple of entries, but at least the one for the email-address. Can you try to search for an item like "bw google", it could be that you also need to run "bwunlock", that is needed in case bitwarden cli unlock is run in the meantime. It is so that bitwarden then invalidates the previous generated session key. Thanks @deanishe taking part here as well, it's an honour I hope to soon fully rewrite this workflow in go with help of your library. Link to comment
blacs30 Posted August 11, 2020 Author Share Posted August 11, 2020 (edited) With version 2.0.0 I have rewritten the complete workflow and added many new features. I've released version 2.0.3 now and updated the first post in this thread You can find the latest version on github https://github.com/blacs30/bitwarden-alfred-workflow/release Edited August 11, 2020 by blacs30 llityslife 1 Link to comment
new member Posted August 12, 2020 Share Posted August 12, 2020 I updated from version 1.4.0 to version 2.0.3. I was looking forward to the new Workflow, but it doesn't seem to work as well as it should. In the new Workflow, the command was changed to ".bw", so I typed it in. Alfred thinks for a moment and then only shows the ".bwauth unlock" option. Looking at GitHub, I can see that I can change the settings with the command ".bwconfig", but when I type that command, it says ".bwauth unlock". I thought the Bitwarden CLI was not unlocked and ran ".bwauth unlock". Then I was prompted to enter my password. I joyfully entered my password. But next, I was asked to enter "2FA". Since I don't have 2FA enabled, I get an error no matter what I enter. You won't find these steps in Git's ReadMe either. It looks like I can change the enable/disable of 2FA, but I can't get to ".bwconfig" and change it. Obviously, the new Workflow has a problem. I immediately reverted to version 1.4.0. Link to comment
paulw Posted January 4, 2021 Share Posted January 4, 2021 (edited) On 8/11/2020 at 10:56 PM, new member said: But next, I was asked to enter "2FA". Since I don't have 2FA enabled, I get an error no matter what I enter. Go to the workflow environment variables, and change "2FA_ENABLED" from to "true" to "false", and then you can log in. Edited January 4, 2021 by paulw blacs30 1 Link to comment
Hoogo Posted January 13, 2021 Share Posted January 13, 2021 Hi, I would love to start using this workflow. I'm not a expert in reading code so I don't really understand what's happening under the hood. I just wanted to ask if it is secure to use this workflow and if there is any of my data (email, masterpassword) beeing send to the workflow developer or to any servers. Best regards Noah blacs30 1 Link to comment
deanishe Posted January 13, 2021 Share Posted January 13, 2021 (edited) 1 hour ago, Hoogo said: if there is any of my data (email, masterpassword) beeing send to the workflow developer or to any servers. So, I've just gone through the source code. All the workflow does with your email & master password is pass them to the Bitwarden CLI client (it does save the email, but not the password). The only network connections the workflow itself makes are to fetch favicons and to check for updates. The workflow caches your Bitwarden data (for speed), but the data are encrypted on disk, the encryption key is stored in your Keychain, and the cached data are deleted when you lock Bitwarden. All in all, very well done. @blacs30 is very security aware. I would trust this workflow much more than the browser extension, which was written—at least in part—by idiots. Also, thanks for getting me to look at the source code. I am totally going to steal the trick of fetching favicons from DDG. Thanks @blacs30! Edited January 13, 2021 by deanishe Link to comment
blacs30 Posted January 13, 2021 Author Share Posted January 13, 2021 42 minutes ago, deanishe said: So, I've just gone through the source code. All the workflow does with your email & master password is pass them to the Bitwarden CLI client (it does save the email, but not the password). The only network connections the workflow itself makes are to fetch favicons and to check for updates. The workflow caches your Bitwarden data (for speed), but the data are encrypted on disk, the encryption key is stored in your Keychain, and the cached data are deleted when you lock Bitwarden. All in all, very well done. @blacs30 is very security aware. I would trust this workflow much more than the browser extension, which was written—at least in part—by idiots. Also, thanks for getting me to look at the source code. I am totally going to steal the trick of fetching favicons from DDG. Thanks @blacs30! Thank you @deanishe, was only my second golang project but with the Alfred go package provided by you it was fun, and the github interactions since then grew. Currently there is one open improvement on github which makes sense to me: optional time based lock of the Bitwarden workflow. As said already, the encryption key is stored in Keychain and it stays there until manually "lock" or "logout" is called from the workflow (or manually deleted via Keychain) or it get's invalidated by another Bitwarden cli client login in the meantime. The locally cached data also doesn't contain any secrets (unless secrets are put into non secret fields like username or name of the secret). Link to comment
blacs30 Posted January 13, 2021 Author Share Posted January 13, 2021 2 hours ago, Hoogo said: Hi, I would love to start using this workflow. I'm not a expert in reading code so I don't really understand what's happening under the hood. I just wanted to ask if it is secure to use this workflow and if there is any of my data (email, masterpassword) beeing send to the workflow developer or to any servers. Best regards Noah Good that you ask and not just "trust" or "hope". Little snitch is a great firewall which can show up all the hidden traffic going out from applications. deanishe 1 Link to comment
deanishe Posted January 13, 2021 Share Posted January 13, 2021 21 minutes ago, blacs30 said: Currently there is one open improvement on github which makes sense to me: optional time based lock of the Bitwarden workflow Definitely a good feature to have. How would you do that? Have a background job running that deletes the cache and exits after it's been running for X minutes, and then kill the job every time the user uses the workflow? 24 minutes ago, blacs30 said: with the Alfred go package provided by you it was fun Thanks! Please let me know if you have any feedback. I've got very little feedback on the library one way or the other, and I'm not sure if that means I nailed it or people really hate it… 23 minutes ago, blacs30 said: Little snitch is a great firewall which can show up all the hidden traffic going out from applications. This. If you care who your apps are talking to, I can't recommend Little Snitch enough. I'm really annoyed Apple have changed Big Sur so that Apple's own programs can bypass 3rd-party firewalls. Link to comment
paulw Posted January 14, 2021 Share Posted January 14, 2021 I just started using this extension, thanks so much @blacs30 for developing it! Suggestion for the future—could you add an option to display details of an item in the vault? For example, I might want to view the contents of a note, or even copy and paste a portion of an item. Link to comment
blacs30 Posted January 14, 2021 Author Share Posted January 14, 2021 7 hours ago, paulw said: Suggestion for the future—could you add an option to display details of an item in the vault? For example, I might want to view the contents of a note, or even copy and paste a portion of an item. Partly I would say it is implemented. Per default it shows "show more" with the modifier keys command + option (or alt). It shows every possible, used field for each item. any of this can be copied. just it's not currently possible to copy only a part of a field, e.g. a part of a note. Secure note content is hidden in the workflow and is treated like a password. Link to comment
Hoogo Posted January 14, 2021 Share Posted January 14, 2021 (edited) Thanks @blacs30 and @deanishe for your quick answers, appreciate that. I'm definitely gonna use this workflow now. Edited January 14, 2021 by Hoogo Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now