Allow special placeholders in key/value pairs

Author: hsanson

CHANGELOG.adoc

@@ -1,5 +1,16 @@
 = Changelog
 
+== v0.5.0
+
+*Changes*
+
+* Migrate from distutils to setuptools.
+* Rename nativePass script to chrome_pass
+
+*Improvements*
+
+* Allow special placeholders in key/value pairs.
+
 == v0.4.0
 
 *Improvements*

DEPLOY.md

@@ -3,18 +3,18 @@
 ## Chrome Extension
 
 1. Create extension zip `zip -r extension.zip extension`.
-2. Go to [Chrome Developer Dashboard](https:
-   //chrome.google.com/webstore/devconsole).
+2. Go to [Chrome Developer Dashboard](https://chrome.google.com/webstore/devconsole).
 3. Login with developer account (hxxxx.sxxxx@gmail.com).
 4. Go to the extension details -> build -> package -> Upload new package.
 5. After uploading the extension.zip file edit the store listing description.
 6. Press `submit for review` to publish.
 
 ## Native App
 
-1. pip3 install --user twine
-2. Configure pypi API token in ~/.pypirc file.
+1. Configure pypi API token in ~/.pypirc file.
      https://pypi.org/help/#apitoken
-3. Update the version string below.
-4. Build package with `python3 setup.py sdist`
-5. Upload package with `twine upload dist/*`
+2. cd application
+3. pip3 install --user twine build setuptools
+4. Update the version string in the pyproject.toml file.
+5. Build package with `python3 -m build`
+6. Upload package with `twine upload dist/*`

README.md

@@ -59,7 +59,7 @@ symbolic link to work around this limitation.
 
 This plugin assumes that the last two parts of each password path follows this structure:
 
-    [Service URL]/[Account]
+    [Service URL]/[Username]
 
 For example to keep some Gmail and Amazon accounts:
 
@@ -103,21 +103,41 @@ logic to be able to fill all information in the login page.
     │   └── accountalias
 
 1. The [Service URL] must be `signin.aws.amazon.com` that is the URL for login into
-the console.
+   the console.
 2. For root accounts the [Account] can be the root account email used for login.
 3. For IAM accounts the [Account] can be anything that uniquely identifies the
    credentials. For example the account 12-digit ID, or the account alias, or a
    combination of the account 12-digit ID and the IAM username.
-4. For IAM accounts it is necessary to edit the password GPG file using `pass edit`
-   and add two key/value pairs: `username=[IAM username]` and `account=[12 digit
-   account id or alias]`. When filling AWS login forms, chrome-pass uses
-   these key/value pairs to fill the username and account input fields.
+4. For IAM accounts edit the password GPG file using `pass edit ...` and add two
+   key/value pairs:
+   - `username=[IAM username]`
+   - `account=[12 digit AWS account id or alias]`
 
 ### Custom input fields
 
-Using the same feature for IAM accounts, chrome-pass looks for any key/value pairs
-in the pass gpg files and fills any input field with ID equal to the `key` with
-the corresponding `value`.
+The chrome-pass extension looks for any key/value pairs in the pass gpg files
+and fills any input field with ID equal to the `key` with the corresponding
+`value`.
+
+In addition if the `value` is set to the following placeholder values they are
+replaced:
+
+- `pass__user`: Replaced with the `[Username]` extracted from the last part of
+  the pass path.
+- `pass__password`: Replaced with the decrypted pass password.
+- `otpauth`: Replaced with the pass-otp code if available.
+
+This allows chrome-pass to work with some non-standard login forms like the
+[Apple Id](https://appleid.apple.com/sign-in) login form. This login page lacks
+a form element and relies in javascript to work. Fortunatelly the username and
+password input fields have well defined IDs that we can set in the chrome-pass
+file to let it work:
+
+```
+# chrome-pass for Apple ID login from.
+account_name_text_field=pass__user
+password_text_field=pass__password
+```
 
 ## Install from source
 

extension/content.js

@@ -51,6 +51,8 @@ function writeValueWithEvents(input, value) {
 // Fill MFA TOTP code
 function fillTOTP(code) {
 
+  if(!code) { return; }
+
   if(document.baseURI.includes("zoom.us")) {
     var zoomInput = document.querySelector("[class=form-masked-pin]");
 
@@ -111,10 +113,11 @@ function copyToClipboard(txt) {
 
 function fillForm(creds) {
 
-  // Try filling TOTP code.
-  if(creds["otpauth"]) {
-    fillTOTP(creds["otpauth"]);
-  }
+  const password = creds["pass__password"];
+  const username = creds["pass__user"];
+  const totp = creds["otpauth"];
+
+  fillTOTP(totp);
 
   // AWS signin forms has two text inputs for username and account. Here we
   // specifically fill username.
@@ -132,43 +135,39 @@ function fillForm(creds) {
         writeValueWithEvents(input, creds["account"]);
       } else {
         // If placeholder is not empty, the form expects a root user email.
-        writeValueWithEvents(input, creds["pass__user"]);
+        writeValueWithEvents(input, username);
       }
     }
 
     var userInput = document.querySelector("input[id=username]");
 
     if(userInput) {
-      writeValueWithEvents(userInput, creds["pass__user"]);
+      writeValueWithEvents(userInput, username);
     }
 
     var passInput = document.querySelector("input[type=password]");
 
     if(passInput) {
-      writeValueWithEvents(passInput, creds["pass__password"]);
-    }
-
-  } else if(document.baseURI.includes("idmsa.apple.com")) {
-
-    var userInput = document.querySelector("#account_name_text_field");
-
-    if(userInput) {
-      writeValueWithEvents(userInput, creds["pass__user"]);
+      writeValueWithEvents(passInput, password);
     }
+  } else {
+    fillDefaultForm(username, password);
+  }
 
-    var passwordInput = document.querySelector("input[type=password]");
+  for(const [id, content] of Object.entries(creds)) {
 
-    if(passwordInput) {
-      writeValueWithEvents(passwordInput, creds["pass__password"]);
-      focus(passwordInput);
+    // Skip special keys.
+    if(["pass__password", "pass__user", "otpauth"].includes(id)) {
+      continue;
     }
-  } else {
-    fillDefaultForm(creds["pass__user"], creds["pass__password"])
-  }
 
+    var input = document.querySelector("input[id=" + id + "]");
+    var value = content;
 
-  for(const [key, value] of Object.entries(creds)) {
-    var input = document.querySelector("input[name=" + key + "]");
+    // Replace special values.
+    if(content == "pass__user") { value = username; }
+    if(content == "pass__password") { value = password; }
+    if(content == "otpauth") { value = totp; }
 
     if(input != null) {
       writeValueWithEvents(input, value);

extension/manifest.json

@@ -1,7 +1,7 @@
 {
   "manifest_version": 3,
   "name": "chrome-pass (ZX2C4)",
-  "version": "0.4.0",
+  "version": "0.5.0",
   "description": "Chrome plugin for *pass* the standard unix password manager.",
   "minimum_chrome_version": "107.0",
   "author": "Horacio Sanson",