Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extend 1Password secret provider to return the entire entry as JSON #1498

Closed
alecthomas opened this issue May 15, 2024 · 2 comments
Closed
Assignees
Labels
good first issue Good for newcomers

Comments

@alecthomas
Copy link
Collaborator

alecthomas commented May 15, 2024

Currently a single field must be specified as op://<vault>/<entry>/<field>, which is always treated as a single JSON string.

But sometimes we want a composite value. A proposal @mistermoe and I came up with is that if the reference is to the entry itself, eg. op://<vault>/<entry>, FTL would retrieve all fields as a JSON object.

eg. Given the following entry as JSON:

{
  "id": "xyz",
  "title": "JSON",
  "tags": ["json"],
  "version": 2,
  "vault": {
    "id": "xyz",
    "name": "Personal"
  },
  "category": "LOGIN",
  "last_edited_by": "xyz",
  "created_at": "2024-05-15T19:12:04Z",
  "updated_at": "2024-05-15T19:19:54Z",
  "additional_information": "test",
  "fields": [
    {
      "id": "password",
      "type": "CONCEALED",
      "purpose": "PASSWORD",
      "label": "password",
      "value": "aSecretPassword",
      "reference": "op://Personal/JSON/password",
      "password_details": {
        "strength": "VERY_GOOD"
      }
    },
    {
      "id": "username",
      "type": "STRING",
      "purpose": "USERNAME",
      "label": "username",
      "value": "test",
      "reference": "op://Personal/JSON/username"
    },
    {
      "id": "notesPlain",
      "type": "STRING",
      "purpose": "NOTES",
      "label": "notesPlain",
      "reference": "op://Personal/JSON/notesPlain"
    }
  ]
}

If the secret reference was op://Personal/JSON/password we would return the JSON string quoted value "aSecretPassword".

If the secret reference was op://Personal/JSON we would retrieve the JSON object {"password": "aSecretPassword", "username": "test"}. Note that notesPlain would be omitted because it has no value.

Unfortunately we'll need to manually parse the op:// reference in order to pass the individual values to op item get --json, because it doesn't support op:// references directly. We'll then need to unmarshal the JSON into an intermediate structure in order to retrieve the fields.

@alecthomas alecthomas added the good first issue Good for newcomers label May 15, 2024
@github-actions github-actions bot added the triage Issue needs triaging label May 15, 2024
@alecthomas alecthomas self-assigned this May 15, 2024
@github-actions github-actions bot removed the triage Issue needs triaging label May 15, 2024
@alecthomas
Copy link
Collaborator Author

This will resolve #1494

@mistermoe
Copy link
Collaborator

@gak thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Good for newcomers
Projects
None yet
Development

No branches or pull requests

3 participants