Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Autofill credentials in the SAML window from ini file #82

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Autofill credentials in the SAML window from ini file #82

wants to merge 9 commits into from

Conversation

nitrogl
Copy link

@nitrogl nitrogl commented Oct 14, 2023

This allows one to autofill credentials in the SAML window from ini file.
Default is "~/.gp-saml-gui-credentials", can be specified with "--login" command line argument.

Mode of the credential file should be set the to 600 (similarly to .git-credentials, .ssh/id_rsa, ...).

dlenski
dlenski reviewed May 2, 2024
View reviewed changes
Copy link
Owner

@dlenski dlenski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can the interface here be made compatible with openconnect --form-entry=NAME:VALUE? https://www.infradead.org/openconnect/manual.html#opt-form-entry

In particular, form fields should be specified by the name attribute rather than the id attriute.

gp_saml_gui.py Outdated
Comment on lines 134 to 136
def setvalue_DOM_element(self, selector, value):
if self.wview:
self.wview.evaluate_javascript("document.getElementById('" + selector + "').value='" + value + "';", -1, None, None, None, None, None)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These need quoting. Using JSON should be sufficient, e.g. "document.getElementById(%s).value = %s;" % (json.dumps(selector), json.dumps(value));

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've fixed this one, thank you

dlenski
dlenski reviewed May 2, 2024
View reviewed changes
gp_saml_gui.py Outdated
Comment on lines 86 to 87
for x in ['username', 'password']:
self.credentials[x] = config['gp-saml-gui'][x]
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not allow any arbitrarily-named form field to be set? (For example, what if the password field is called passwd, what if there's an extra dropdown field called realm that needs to be set, etc.)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not only I've added arbitrarily-named form field to be set, but also domain specific, so in the same file one can store different field-value for different domains: e.g,

[domain.one]
user=user
password=password

[domain.two]
email=email
pwd=pwd

@dlenski dlenski added the enhancement New feature or request label Nov 20, 2024
nitrogl added 8 commits January 7, 2025 09:24
@nitrogl
Merge branch 'master' into master
00e5384
@nitrogl
rename to match argparse Namespace
f2dd67d
@nitrogl
expand ~
1444b86
@nitrogl
read the ini file content
2d25af4
@nitrogl
use domain as section names
56d2d1b
@nitrogl
fill custom fields
dabe845
@nitrogl
fix issue
dcb3063 
dlenski on May 2, 2024:

These need quoting. Using JSON should be sufficient, e.g.
"document.getElementById(%s).value = %s;" % (json.dumps(selector),
json.dumps(value));
@nitrogl
add "name" attribute completion
8fcdec6
@nitrogl
Copy link
Author

nitrogl commented Jan 7, 2025
edited
Loading

Can the interface here be made compatible with openconnect --form-entry=NAME:VALUE? https://www.infradead.org/openconnect/manual.html#opt-form-entry

In particular, form fields should be specified by the name attribute rather than the id attriute.

This filling operation happens before openconnect is called. Additionally, I'm not sure if we should actually use --form-entry, as the manual suggest "This option should not be used to enter passwords. --passwd-on-stdin should be used for that purpose."

I initially based that on _id_attribute because they're supposed to be unique. To conform to _name_attribute, I've also added code to fill name too! (where id is filled after name).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlenski dlenski dlenski left review comments

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nitrogl @dlenski