From 6f9af64bb1ad1c945b1a81a0050829a553294f16 Mon Sep 17 00:00:00 2001 From: wmarshall Date: Fri, 12 Jan 2024 11:48:06 -0600 Subject: [PATCH] Update the Invoke-BitwardenCLI --- .../SecretManagement.Warden.Extension.psd1 | 2 +- .../private/Invoke-BitwardenCLI.ps1 | 22 +++++++++++++------ SecretManagement.Warden.psd1 | 6 ++--- 3 files changed, 19 insertions(+), 11 deletions(-) diff --git a/SecretManagement.Warden.Extension/SecretManagement.Warden.Extension.psd1 b/SecretManagement.Warden.Extension/SecretManagement.Warden.Extension.psd1 index d2ad564..2809aee 100644 --- a/SecretManagement.Warden.Extension/SecretManagement.Warden.Extension.psd1 +++ b/SecretManagement.Warden.Extension/SecretManagement.Warden.Extension.psd1 @@ -1,5 +1,5 @@ @{ - ModuleVersion = '0.2.11' + ModuleVersion = '1.0.2' RootModule = 'SecretManagement.Warden.Extension.psm1' FunctionsToExport = @( 'Get-Secret', diff --git a/SecretManagement.Warden.Extension/private/Invoke-BitwardenCLI.ps1 b/SecretManagement.Warden.Extension/private/Invoke-BitwardenCLI.ps1 index b23a9b0..7f294d0 100644 --- a/SecretManagement.Warden.Extension/private/Invoke-BitwardenCLI.ps1 +++ b/SecretManagement.Warden.Extension/private/Invoke-BitwardenCLI.ps1 @@ -2,7 +2,7 @@ # . '..\classes\BitwardenPasswordHistory.ps1' # . '.\ConvertTo-BWEncoding.ps1' -[version]$SupportedVersion = '2022.8.0' +[version]$MinSupportedVersion = '2022.8.0' [version]$CurrentVersion # check if we should use a specific bw.exe if ( $env:BITWARDEN_CLI_PATH -and ($BitwardenCLI = Get-Command $env:BITWARDEN_CLI_PATH -CommandType Application -ErrorAction SilentlyContinue) ) { @@ -11,7 +11,7 @@ if ( $env:BITWARDEN_CLI_PATH -and ($BitwardenCLI = Get-Command $env:BITWARDEN_CL elseif ( $BitwardenCLI = Get-Command -Name bw.exe -CommandType Application -ErrorAction Ignore ) { #? Scoop shims eliminate version numbers, so we ask scoop for the true version. if( $BitwardenCLI.Version -eq '0.0.0.0' -and (Get-Command scoop -ErrorAction Ignore) ) { - $CurrentVersion = (scoop info bitwarden-cli).Installed ?? $BitwardenCLI.Version + $CurrentVersion = (scoop list bitwarden-cli 6> $null).Version ?? $BitwardenCLI.Version } #? WinGet install version has invalid version numbers, and the winget cli is slow. Therefore, ask bw.exe what version it is. elseif( $BitwardenCLI.Source -like "*\WinGet\Links\bw.exe" ) { @@ -29,8 +29,11 @@ else { Write-Error "No Bitwarden CLI found in your path, either specify `$env:BITWARDEN_CLI_PATH or put bw.exe in your path. If the CLI is not installed, you can install it using scoop, chocolatey, npm, snap, or winget. You can also download it directly from: https://vault.bitwarden.com/download/?app=cli&platform=$platform" -ErrorAction Stop } -if ( $BitwardenCLI -and $CurrentVersion -lt $SupportedVersion ) { - Write-Warning "Your Bitwarden CLI is version $CurrentVersion and out of date, please upgrade to at least version $SupportedVersion." +if ( $BitwardenCLI -and $CurrentVersion -lt $MinSupportedVersion ) { + Write-Warning "Your Bitwarden CLI is version $CurrentVersion and is out of date. Please upgrade to at least version $MinSupportedVersion." +} +elseif ( $BitwardenCLI -and $CurrentVersion -eq '2023.12.1') { + Write-Warning "Your Bitwarden CLI is version $CurrentVersion. This version of the CLI has a known issue affecting bw list, which is used to check if the vault is unlocked due to bug: https://github.com/bitwarden/clients/issues/2729. It is `e[3mstrongly`e[23m recomended you move to another version. Otherwise you will need to constantly logout and login again." } @@ -50,7 +53,7 @@ $__Commands = @{ confirm = '--organizationid --help' import = '--formats --help' export = '--output --format --organizationid --help' - generate = '--uppercase --lowercase --number --special --passphrase --length --words --separator --help' + generate = '--uppercase --lowercase --capitalize --number --special --passphrase --length --words --minNumber --minSpecial --separator --includeNumber --ambiguous --help' encode = '--help' config = '--web-vault --api --identity --icons --notifications --events --help' update = '--raw --help' @@ -174,6 +177,10 @@ $($errparse | Format-Table ID, Name | Out-String ) exit } } + '*mac failed.*' { + Write-Error "bitwarden-cli is returning 'mac failed.' error(s) alongside content, which may result in invalid results. The short-term resolution is to logout and then login again. Some comments I've seen suggest you might try API key rotation." -Category AuthenticationError -ErrorAction Continue + break + } default { Write-Error $BWError -ErrorAction Stop; break } } } @@ -208,8 +215,9 @@ $($errparse | Format-Table ID, Name | Out-String ) if($ps.ExitCode -eq 0) { return $true } else { return $false } } - if ( $ps.StartInfo.ArgumentList.Contains('--raw') ) { return $Result } - + # Help output tends to get truncated as the brackets can look kinda like JSON. + if ( $ps.StartInfo.ArgumentList.Contains('--raw') -or + $ps.StartInfo.ArgumentList.Contains('help') ) { return $Result } if ( $JsonResult -is [array] ) { $JsonResult.ForEach({ diff --git a/SecretManagement.Warden.psd1 b/SecretManagement.Warden.psd1 index ceebe8f..dd04d5b 100644 --- a/SecretManagement.Warden.psd1 +++ b/SecretManagement.Warden.psd1 @@ -4,7 +4,7 @@ # RootModule = '' # Version number of this module. - ModuleVersion = '1.0.1' + ModuleVersion = '1.0.2' # Supported PSEditions CompatiblePSEditions = @("Core") @@ -19,10 +19,10 @@ CompanyName = 'Industrial Info Resources, Inc.' # Copyright statement for this module - Copyright = '© 2023 Industrial Info Resources, Inc. All rights reserved.' + Copyright = '© 2024 Industrial Info Resources, Inc. All rights reserved.' # Description of the functionality provided by this module - Description = 'Bitwarden/Vaultwarden extension for the PowerShell SecretManager allowing you to Get, Set, and Remove secrets in a standardized way. Supports storing and retrieving PowerShell Objects as secrets. Targets automated usage.' + Description = 'Bitwarden/Vaultwarden extension for the PowerShell SecretManager allowing you to Get, Set, and Remove secrets in a standardized way. Supports storing and retrieving PowerShell Objects as secrets. Can be used for automated secret retrieval/management.' # Minimum version of the PowerShell engine required by this module PowerShellVersion = '7.0'