add the Verify command

2025-05-12 02:58:20 +00:00 · 2021-09-22 13:09:41 +02:00 · 2021-09-22 13:09:41 +02:00 · 97ef59ff2c
commit 97ef59ff2c
parent 07c02c6dba
2 changed files with 91 additions and 2 deletions
--- a/cmd/verify.go
+++ b/cmd/verify.go
@ -0,0 +1,79 @@
+package cmd
+
+import (
+	"fmt"
+	"syscall"
+
+	"github.com/speatzle/go-passbolt-cli/util"
+	"github.com/speatzle/go-passbolt/api"
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+	"golang.org/x/term"
+)
+
+// verifyCMD represents the verify command
+var verifyCMD = &cobra.Command{
+	Use:   "verify",
+	Short: "Verify Setup the Server Verification",
+	Long:  `Verify Setup the Server Verification. You need to run this once after that the Server will always be verified if the same config is used`,
+	RunE: func(cmd *cobra.Command, args []string) error {
+		ctx := util.GetContext()
+
+		viper.Set("serverVerifyToken", "")
+		viper.Set("serverVerifyEncToken", "")
+
+		serverAddress := viper.GetString("serverAddress")
+		if serverAddress == "" {
+			return fmt.Errorf("serverAddress is not defined")
+		}
+
+		userPrivateKey := viper.GetString("userPrivateKey")
+		if userPrivateKey == "" {
+			return fmt.Errorf("userPrivateKey is not defined")
+		}
+
+		userPassword := viper.GetString("userPassword")
+		if userPassword == "" {
+			fmt.Print("Enter Password:")
+			bytepw, err := term.ReadPassword(int(syscall.Stdin))
+			if err != nil {
+				fmt.Println()
+				return fmt.Errorf("Reading Password: %w", err)
+			}
+			userPassword = string(bytepw)
+			fmt.Println()
+		}
+
+		client, err := api.NewClient(nil, "", serverAddress, userPrivateKey, userPassword)
+		if err != nil {
+			return fmt.Errorf("Creating Client: %w", err)
+		}
+
+		client.Debug = viper.GetBool("debug")
+
+		token, enctoken, err := client.SetupServerVerification(ctx)
+		if err != nil {
+			return fmt.Errorf("Setup Verification: %w", err)
+		}
+		viper.Set("serverVerifyToken", token)
+		viper.Set("serverVerifyEncToken", enctoken)
+
+		if viper.ConfigFileUsed() == "" {
+			err := viper.SafeWriteConfig()
+			if err != nil {
+				return fmt.Errorf("Writing Config: %w", err)
+			}
+		} else {
+			err := viper.WriteConfig()
+			if err != nil {
+				return fmt.Errorf("Writing Config: %w", err)
+			}
+		}
+		fmt.Println("Verification Enabled")
+		return nil
+	},
+}
+
+func init() {
+	rootCmd.AddCommand(verifyCMD)
+}
--- a/util/client.go
+++ b/util/client.go
@ -31,11 +31,11 @@ func GetClient(ctx context.Context) (*api.Client, error) {
 		fmt.Print("Enter Password:")
 		bytepw, err := term.ReadPassword(int(syscall.Stdin))
 		if err != nil {
-			fmt.Println("\n")
+			fmt.Println()
 			return nil, fmt.Errorf("Reading Password: %w", err)
 		}
 		userPassword = string(bytepw)
-		fmt.Println("\n")
+		fmt.Println()
 	}

 	client, err := api.NewClient(nil, "", serverAddress, userPrivateKey, userPassword)
@ -45,6 +45,16 @@ func GetClient(ctx context.Context) (*api.Client, error) {

 	client.Debug = viper.GetBool("debug")

+	token := viper.GetString("serverVerifyToken")
+	encToken := viper.GetString("serverVerifyEncToken")
+
+	if token != "" {
+		err = client.VerifyServer(ctx, token, encToken)
+		if err != nil {
+			return nil, fmt.Errorf("Verifing Server: %w", err)
+		}
+	}
+
 	switch viper.GetString("mfaMode") {
 	case "interactive-totp":
 		client.MFACallback = func(ctx context.Context, c *api.Client, res *api.APIResponse) (http.Cookie, error) {