Workflow is broken with the latest version of Bitwarden CLI 1.21.1
luckman212 opened this issue · comments
I'm now getting "Not logged in to Bitwarden." no matter what I do.
Even logging out completely, clearing cache, and then re-logging in, all my logins are populated (see screenshot below) but the
workflow thinks I am logged out.
- macOS 12.2.1
- Bitwarden CLI 1.21.1
- Workflow ver 2.4.1
[15:27:51.763] Logging Stopped.
[15:31:09.055] Logging Started...
[15:31:11.947] Bitwarden v2[Script Filter] Queuing argument '(null)'
[15:31:12.155] Bitwarden v2[Script Filter] Script with argv '(null)' finished
[15:31:12.159] STDERR: Bitwarden v2[Script Filter] 15:31:11 utils.go:158: [DEBUG] bwDataPath is: /Users/luke/Library/Application Support/Bitwarden CLI/data.json
🍺
15:31:11 workflow.go:328: -------- Bitwarden v2/2.4.1 (AwGo/0.27.1) --------
15:31:11 main.go:143: &main.options{Search:false, Config:false, SetConfigs:false, Auth:false, Sfa:false, Lock:false, Icons:false, Folder:false, Unlock:false, Login:false, Logout:false, Sync:false, Open:false, GetItem:false, Force:false, Totp:false, Last:false, Background:false, Id:"", Query:"", Attachment:"", Output:""}
15:31:11 main.go:145: args=[]string{} => []string{}
15:31:11 main.go:146: (main.config) {
AutoFetchIconCacheAge: (int) 1440,
AutoFetchIconMaxCacheAge: (time.Duration) 24h0m0s,
BwconfKeyword: (string) (len=9) ".bwconfig",
BwauthKeyword: (string) (len=7) ".bwauth",
BwKeyword: (string) (len=2) "bw",
BwfKeyword: (string) (len=4) ".bwf",
BwExec: (string) (len=2) "bw",
BwDataPath: (string) "",
Debug: (bool) true,
Email: (string) (len=22) "luke.hamburg@gmail.com",
EmptyDetailResults: (bool) false,
IconCacheAge: (int) 43200,
IconCacheEnabled: (bool) true,
IconMaxCacheAge: (time.Duration) 720h0m0s,
MaxResults: (int) 1000,
Mod1: (string) (len=3) "alt",
Mod1Action: (string) (len=13) "username,code",
Mod2: (string) (len=5) "shift",
Mod2Action: (string) (len=3) "url",
Mod3: (string) (len=4) "ctrl",
Mod3Action: (string) (len=4) "totp",
Mod4: (string) (len=7) "cmd,opt",
Mod4Action: (string) (len=4) "more",
NoModAction: (string) (len=13) "password,card",
OutputFolder: (string) (len=22) "/Users/luke/Downloads/",
Path: (string) (len=68) "/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/Users/luke/.n/bin",
ReorderingDisabled: (bool) true,
Server: (string) "",
Sfa: (bool) true,
SfaMode: (int) 0,
SyncCacheAge: (int) 10080,
SyncMaxCacheAge: (time.Duration) 168h0m0s,
TitleWithUser: (bool) true,
TitleWithUrls: (bool) true
}
15:31:11 crypt.go:53: Decrypting data.
15:31:12 cli.go:673: Number of items 887
15:31:12 items.go:21: Couldn't load the cached icon, error: stat /Users/luke/Library/Application Support/Alfred/Workflow Data/com.lisowski-development.alfred.bitwarden/urlicon/d157fb62-79e0-433d-9d97-add7003fbf42.png: no such file or directory
15:31:12 items.go:21: Couldn't load the cached icon, error: stat /Users/luke/Library/Application Support/Alfred/Workflow Data/com.lisowski-development.alfred.bitwarden/urlicon/bbcbf43c-3f0e-4e5f-82f4-aa2901025398.png: no such file or directory
15:31:12 items.go:21: Couldn't load the cached icon, error: stat /Users/luke/Library/Application Support/Alfred/Workflow Data/com.lisowski-development.alfred.bitwarden/urlicon/c7919c6f-0122-410a-9783-aa290111c89d.png: no such file or directory
15:31:12 items.go:21: Couldn't load the cached icon, error: stat /Users/luke/Library/Application Support/Alfred/Workflow Data/com.lisowski-development.alfred.bitwarden/urlicon/0fd337b5-c748-48f5-8b48-aa290111cca8.png: no such file or directory
15:31:12 items.go:21: Couldn't load the cached icon, error: stat /Users/luke/Library/Application Support/Alfred/Workflow Data/com.lisowski-development.alfred.bitwarden/urlicon/3e7a69fa-1183-49c5-b341-acee018026e3.png: no such file or directory
15:31:12 items.go:21: Couldn't load the cached icon, error: stat /Users/luke/Library/Application Support/Alfred/Workflow Data/com.lisowski-development.alfred.bitwarden/urlicon/d06809db-8487-4c3b-b3d1-aa5200f1ea68.png: no such file or directory
15:31:12 feedback.go:509: Sent 890 result(s) to Alfred
15:31:12 workflow.go:405: ------------------- 104.418ms --------------------
[15:31:12.163] Bitwarden v2[Script Filter] {
"variables": {
"AW_SESSION_ID": "3FAXKQTFXXXXXXXXXXXXXXX"
},
"items": [
{
"title": "Not logged in to Bitwarden.",
"subtitle": "Need to login first to get secrets, reading cached items without the secret.",
"valid": false,
"icon": {
"path": "icons/warning.png"
}
},
{
"title": "Login to Bitwarden",
"subtitle": "↩ or ⇥ to login now",
"valid": true,
"icon": {
"path": "icons/on.png"
},
"variables": {
"action": "-login",
"email": "luke.hamburg@gmail.com",
"mapsfamode": "Authenticator-app",
"sfamode": "0",
"type": "login"
}
},
{
"title": "Search Folders",
"subtitle": "Find folders and secrets in them.",
"arg": ".bwf",
"valid": true,
"icon": {
"path": "icons/folder-solid.png"
},
"variables": {
"action": "-search"
}
},
{
"title": "<REMOVED -- ALL MY ITEMS ARE LISTED BELOW>"
...
I think I had the same when I moved to a new Mac few weeks ago.
I needed to enable API key login (noticed that the bitwarden cli asked for the api keys).
Have you tried that?
Yes, thanks @blacs30 — sorry I should have posted that in my original message. I have been using USE_APIKEY=true for many months. But when this failed, I tried "normal" login again just in case. It didn't help, so I went back to API key mode. The cache is being updated, so the login itself seems to be working -- it's just that the workflow for some reason is detecting it as not being so.
Thanks for clarifying this @luckman212.
The error comes from here https://github.com/blacs30/bitwarden-alfred-workflow/blob/master/src/cli.go#L515
Can you check that this command returns a userId:
jq .userId $HOME/Library/Application\ Support/Bitwarden\ CLI/data.json
Could it be that Alfred lost Full Disk Access in the macOS Privacy settings and is not able to access that path?
Can you check that this command returns a userId:
jq .userId $HOME/Library/Application\ Support/Bitwarden\ CLI/data.json
That command didn't return anything, so I looked at the raw JSON and it appears that in the latest BW CLI version 1.21.1 the key may have changed to .activeUserId
I guess here
bitwarden-alfred-workflow/config.go
Line 119 in c540e62
I guess it should look for the new value and fall back to the old one for compatibility with older versions of the CLI? If you don't have time I can try to make a PR...
You are right, there have been multiple changes in the data.json which are relevant to the workflow.
We now need the .activeUserId but also from the object which is the value of the activeUserId the .profile and .keys object for decryption of the secrets.
It's a little bit bigger change I think.
Ouch, I looked at the changes and I see what you mean @blacs30, it's quite a structural change. I started messing around with it but Go isn't my strong suit and I have a feeling it's a little out of my reach to make a correct PR. Again, I can try if you're too busy but I hope maybe you've got time to look into it.
For now, I "fixed" my problem by rolling back to an older version of the bw CLI 🙁
npm -g install @bitwarden/cli@1.20.0Thanks for the command to downgrade.
This is the command to downgrade for brew installations:
curl https://raw.githubusercontent.com/Homebrew/homebrew-core/12e05b99786589136f4474f5ae50eab9b42300e4/Formula/bitwarden-cli.rb > $(find $(brew --repository) -name bitwarden-cli.rb) && brew reinstall bitwarden-cliI might not be able this week to update the code, possibly only next week.
That's something I think could be helpful as we have now a json file with unkown keys:
https://gist.github.com/mjohnsullivan/24647cae50928a34b5cc
For some reason going back to the older CLI doesn't solve this issue. The workflow is still broken for me after following the downgrade instructions.
I will release the fix today. I am using the unreleased workflow which contains the fix for a few days now successfully. Strange why downgrading didn't work.
One thing I did was is to logout of bitwarden via cli bw logout and delete the data.json rm ~/Library/Application\ Support/Bitwarden\ CLI/data.json and then login again.
Thank you. I will probably wait til the new release then.
The new release is out that should fix the problem.
In case brew was used to downgrade the local changes in the git repo needs to be reverted.
For me the brew core taps are at cd $(brew --repository)/Library/Taps/homebrew/homebrew-core/Formula and then I checkout the bitwarden-cli.rb again git checkout bitwarden-cli.rb
edit: include command from @kelbyers
The path for the taps above didn't work for me. This did:
cd $(brew --repository)/Library/Taps/homebrew/homebrew-core/Formula
Faced the same issue with the latest version of the workflow (2.4.3).
Steps:
- Tried to use api_key as auth method. Did not work (but did not debug the reason)
- Tried the password method, failed and started debugging. Firstly, had to delete the record from the keychain, cause wf was complaining about existing key. But it did not solve the issue. Only logging in through CLI itself helped.