Expected Behavior

Let's take the global auto-type hotkey as an example. Here's the sequence of actions to fill user/pass:

1. Hit the global auto-type hotkey.
2. A dialog window opens asking to unlock the database. Input the key and hit Enter.
3. Hit the global auto-type hotkey again.
4. A dialog window opens asking for the entry. Hit Enter.
5. Done, the credentials are now filled in.

How I expect keepassxc-browser to work:

1. Use the "Fill User + Pass" option, whether by hotkey or the context menu.
2. A dialog window opens asking to unlock the database. Input the key and hit Enter.
3. A dialog window opens asking for the entry. Hit Enter.
4. Done, the credentials are now filled in.

Current Behavior

1. Use the "Fill User + Pass" option, whether by hotkey or the context menu.
2. Nothing happens, keepassxc remains hidden in the tray.

Alright, let's assume I had keepassxc window opened already with the correct database selected and try again.

1. Use the "Fill User + Pass" option, whether by hotkey or the context menu.
2. KeepassXC window gains focus. Input the key.
3. The database unlocks and then nothing happens. Use the "Fill User + Pass" option, whether by hotkey or the context menu again.
4. A dialog window opens asking to allow or deny the entry. Hit Enter to allow.
5. Nothing happens. Use the "Fill User + Pass" option, whether by hotkey or the context menu the third time.
6. Finally, the credentials are now filled in.

Possible Solution

At least copy the global auto-type behavior (the dialog window for database unlocking is really nice for the tiling WM I'm using since it floats and doesn't take up half of the monitor by default), however the provided expected solution (without an extra step currently present in the global auto-type) would be even better.

Context

Inputting credentials is currently EXTREMELY slow and annoying with lots of unnecessary clicks. Maybe I'm missing some setting or something? Pretty sure I looked through all of them, and either way this shouldn't be the default behavior.

Debug Info

KeePassXC - Version 2.2.4
Revision: 90a4201

Libraries:

• Qt 5.10.0
• libgcrypt 1.8.2

Operating system: Arch Linux
CPU architecture: x86_64
Kernel: linux 4.14.8-1-ARCH

Enabled extensions:

• Auto-Type
• YubiKey
• Native messaging browser extension

keepassxc-browser Version: 0.4.5
Firefox 58.0b13 (64-bit)

Thanks for the feedback. I'll see if I can make this behaviour more simple.

Since the branch got merged, is it OK to keep the issue here, or should I re-make it in the upstream repo?

It's ok to keep here.

I've been making some progress. Now the sequence works like it should (like you expected) but I found some bugs in the process. Some call were synchronous but expected to be asynchronous and there's still few things missing. The next stable release will have the final fix.

Fixed via varjolintu/keepassxc-browser@a583100. Please give it a try. The latest version should be online soon at AMO and CWS.

I tried the latest git of keepassxc develop branch with keepassxc-browser 0.5.0, but it seems to hang keepassxc upon trying to connect, so I can't pair them together to test.

@YaLTeR I'm pretty sure the connect popup is somewhere to be found. If it's activated KeePassXC doesn't respond until it's closed. Can you test if it's under the main window or something similar?

Nope, I don't see it anywhere. :/ Awesome WM, checked all tags, tried moving the windows around in floating mode. The autotype popups show up correctly.

@YaLTeR Could you try to compile KeePassXC with the old KeePassHTTP support and try if it does the same with KeePassHTTP-Connector extension?

That one shows a popup asking me for the browser name and then connects successfully.

Could you look at the debug output (JavaScript console) and see what it says in that hang situation? Thanks. I cannot reproduce this in macOS or Linux (arch & i3-gaps).

The normal firefox F12 console? Doesn't display anything. Also keepassxc seems to simply not respond to window messages as opposed to hanging, since, first of all, minimizing it makes it hide to tray (I have that option enabled), and killing it with pkill keepassxc works (which means it's still processing the signal correctly) and immediately makes the extension show the timeout error.

I meant the console that you can see when debugging the extension from about:addons. Sorry for not being clear.

First it prints database not opened, then I click "Reopen database", unlock the database, click "Connect", and it shows the exception. Clicking "Connect" again results in the same exception.

To clarify, I installed keepassxc via the keepassxc-git AUR package with adding -DWITH_XC_BROWSER=ON to PKGBUILD.

Edit: I'm on Firefox 58.0, keepassxc debug info:

KeePassXC - Version 2.2.4
Revision: 9c641dd

Libraries:
- Qt 5.10.0
- libgcrypt 1.8.2

Operating system: Arch Linux
CPU architecture: x86_64
Kernel: linux 4.14.14-1-ARCH

Enabled extensions:
- Auto-Type
- Browser Integration
- Legacy Browser Integration (KeePassHTTP)
- SSH Agent
- YubiKey

I tried the AUR and I can reproduce the problem. No popup is visible. However when I use the sources from GitHub and compile them everything works just fine. Can you confirm this?

I built keepassxc manually and I'm launching it from the build dir as src/keepassxc, how do I pair it with the extension? It says timeout or not connected and prints this into the debug console: TypeError: keepass.nativePort is null[Learn More] keepass.js:92:13

You'll have to use a custom proxy location if you run keepassxc from the build folder. The path is <build folder>/src/proxy/keepassxc-proxy

Looks like I have the same issue building from GitHub (https://github.com/keepassxreboot/keepassxc, develop branch). I'm generating the build files with

cmake -G Ninja -DWITH_TESTS=OFF -DCMAKE_BUILD_TYPE=Release -DWITH_XC_BROWSER=ON -DCMAKE_INSTALL_PREFIX=/usr/local ..

then building with ninja, and I also did sudo ninja install just in case.

I have tried both my fork and the official development branch and they both work. This is really strange. I can only reproduce the error with the AUR build.

Btw, does this happen with the older extension release 0.4.8 too? You can download it manually from here and add it as a temporary extension.

Trying to install add-on from file, the .zip file fails with "the addon appears to be corrupt", and the .crx fails with unsigned addon. Same on the developer edition.

Alright, after a bunch of attempts I somehow finally got the connect popup on the same KeepassXC that I built and keepassxc-browser 0.5.1. Here's what I did:

1. Cleaned up /usr/local from the sudo ninja install;
2. pacaur -Rscn keepassxc-git;
3. In KeepassXC's settings enabled "use proxy application" (in addition to specifying the correct proxy application path) — this step made it so instead of remaining at the "press Connect" screen the extension switches to "timeout" screen if you open it again after pressing Connect and not getting the popup from KeepassXC;
4. Restarted both KeepassXC and the browser a couple of times.

Then I tried connecting again, on the first try it didn't show the popup, but when I pressed Reload and Connect the second time the popup finally showed up. Maybe there's a race condition happening preventing it from showing up?

With the application and the extension finally paired I tried filling in a password on a website, and upon pressing "Fill Pass Only" the application shows up in its entirety (as opposed to a popup), I unlock the database, nothing happens, and further "Fill Pass Only" presses do nothing.

Some details about the pairing when proxy is enabled (default):
Every time you start KeePassXC again the browser extension needs to be reconnected. If the timeout error is seen, probably the connection isn't valid anymore. This means that if you start browser after KeePassXC it doesn't connect automatically. This explains the Connect popup showing after the reload.

I'll try to do some testing with the AUR build because it's still the only binary I can reproduce the problem.

About your last message and the issue itself:
After the database unlock you should see a confirmation popup for the credentials. Just re-ensured that this is working with macOS (Firefox and Chromium) and with Arch Linux (i3+Firefox). It worked with the AUR build too. Requesting a database to be opened the whole application will be brought to the front. So it's still not clear why it doesn't work for you. If you want to give it a hand you could debug the application using for example QtCreator.

Alright, I got the credential filling to work. Looks like nothing was happening because I didn't have an entry with a matching URL in the database. Would be nice if some message was displayed instead of nothing happening in this case. I also went back to the AUR build without a proxy.

As for the credential filling, the UX is really nice when the database is already unlocked and the "Automatically retrieve credentials" setting is activated (the popup is displayed automatically on page load, just clicking enter allows inputting the credentials).

When the database is locked, however, the full application window is brought up for unlocking instead of a popup (which isn't very good because it takes up half a screen in the tiling mode, and because if I minimized KeepassXC earlier it's brought up minimized so I have to maximize it manually).

Also when "Automatically retrieve credentials" is unchecked or when the database is initially locked it seems like I have to click fill credentials and accept the popup twice before the extension can successfully fill them in.

You are right, maybe there could be some kind of error message displayed when this kind of situation happens.

AFAIK it's not possible to request the database password through a popup in KeePassXC. Only from the main window.

By testing quickly the new behaviour without "Automatically retrieve credentials" there's some room for improvement. That should be working as smoothly when the feature is enabled. I'll do some more fixing.

Thanks for the great feedback!

Thanks a lot for working on this and not giving up on the hard to reproduce issue!

That Connect error is a strange one indeed. I tried the following combos:

• keepassxc and keepassxc-proxy from AUR (/usr/bin): doesn't work
• keepassxc from the build folder and keepassxc-proxy from AUR (/usr/bin): works
• keepassxc from AUR (/usr/bin) and keepassxc-proxy from the build dir: works

I'm building a debug version of the AUR package and try to figure this one out.

Also, it could be possible to use the same database unlock dialog AutoType uses. The only problem with this solution is the you cannot change the database you are going to unlock if you use multiple simultanously.

The connect error is fixed with prometheanfire@78e962e. Also, I'm closing the issue because the original problem is not present anymore. Feel free to open another issue if you have an exact feature request in the future. Thanks!