Add totp and password-description-totp Support

passbolt · Nov 24, 2023 · 8dbb077 · 8dbb077
1 parent 605db2b
commit 8dbb077
Show file tree

Hide file tree

Showing 2 changed files with 81 additions and 0 deletions.
diff --git a/api/secrets.go b/api/secrets.go
@@ -22,6 +22,25 @@ type SecretDataTypePasswordAndDescription struct {
 	Description string `json:"description,omitempty"`
 }
 
+type SecretDataTOTP struct {
+	Algorithm string `json:"algorithm"`
+	SecretKey string `json:"secret_key"`
+	Digits    int    `json:"digits"`
+	Period    int    `json:"period"`
+}
+
+// SecretDataTypeTOTP is the format a secret of resource type "totp" is stored in
+type SecretDataTypeTOTP struct {
+	TOTP SecretDataTOTP `json:"totp"`
+}
+
+// SecretDataTypePasswordDescriptionTOTP is the format a secret of resource type "password-description-totp" is stored in
+type SecretDataTypePasswordDescriptionTOTP struct {
+	Password    string         `json:"password"`
+	Description string         `json:"description,omitempty"`
+	TOTP        SecretDataTOTP `json:"totp"`
+}
+
 // GetSecret gets a Passbolt Secret
 func (c *Client) GetSecret(ctx context.Context, resourceID string) (*Secret, error) {
 	err := checkUUIDFormat(resourceID)

diff --git a/helper/resources.go b/helper/resources.go
@@ -128,6 +128,21 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
 		}
 		pw = secretData.Password
 		desc = secretData.Description
+	case "password-description-totp":
+		rawSecretData, err := c.DecryptMessage(secret.Data)
+		if err != nil {
+			return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
+		}
+
+		var secretData api.SecretDataTypePasswordDescriptionTOTP
+		err = json.Unmarshal([]byte(rawSecretData), &secretData)
+		if err != nil {
+			return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Secret Data: %w", err)
+		}
+		pw = secretData.Password
+		desc = secretData.Description
+	case "totp":
+		// nothing fits into the interface in this case
 	default:
 		return "", "", "", "", "", "", fmt.Errorf("Unknown ResourceType: %v", rType.Slug)
 	}
@@ -224,6 +239,53 @@ func UpdateResource(ctx context.Context, c *api.Client, resourceID, name, userna
 			return fmt.Errorf("Marshalling Secret Data: %w", err)
 		}
 		secretData = string(res)
+	case "password-description-totp":
+		secret, err := c.GetSecret(ctx, resourceID)
+		if err != nil {
+			return fmt.Errorf("Getting Secret: %w", err)
+		}
+		oldSecretData, err := c.DecryptMessage(secret.Data)
+		if err != nil {
+			return fmt.Errorf("Decrypting Secret: %w", err)
+		}
+		var oldSecret api.SecretDataTypePasswordDescriptionTOTP
+		err = json.Unmarshal([]byte(oldSecretData), &secretData)
+		if err != nil {
+			return fmt.Errorf("Parsing Decrypted Secret Data: %w", err)
+		}
+		if password != "" {
+			oldSecret.Password = password
+		}
+		if description != "" {
+			oldSecret.Description = description
+		}
+
+		res, err := json.Marshal(&oldSecret)
+		if err != nil {
+			return fmt.Errorf("Marshalling Secret Data: %w", err)
+		}
+		secretData = string(res)
+	case "totp":
+		secret, err := c.GetSecret(ctx, resourceID)
+		if err != nil {
+			return fmt.Errorf("Getting Secret: %w", err)
+		}
+		oldSecretData, err := c.DecryptMessage(secret.Data)
+		if err != nil {
+			return fmt.Errorf("Decrypting Secret: %w", err)
+		}
+		var oldSecret api.SecretDataTypeTOTP
+		err = json.Unmarshal([]byte(oldSecretData), &secretData)
+		if err != nil {
+			return fmt.Errorf("Parsing Decrypted Secret Data: %w", err)
+		}
+		// since we don't have totp parameters we don't do anything
+
+		res, err := json.Marshal(&oldSecret)
+		if err != nil {
+			return fmt.Errorf("Marshalling Secret Data: %w", err)
+		}
+		secretData = string(res)
 	default:
 		return fmt.Errorf("Unknown ResourceType: %v", rType.Slug)
 	}