speatzle/go-passbolt
1
0
Fork 0
mirror of https://github.com/passbolt/go-passbolt.git synced 2025-09-13 14:29:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Validate Secret on Get

Browse source
This commit is contained in:
Samuel Lorch 2025-08-18 14:38:12 +02:00
parent faf74e0156
commit 5c4fb07d5e
1 changed files with 11 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

41
helper/resource_get.go
View file

@ -37,23 +37,24 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
ctx := context.TODO() ctx := context.TODO()
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
err = validateSecretData(&rType, rawSecretData)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Validate Secret Data: %w", err)
}
switch rType.Slug { switch rType.Slug {
case "password-string": case "password-string":
var err error pw = rawSecretData
pw, err = c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
name = resource.Name name = resource.Name
username = resource.Username username = resource.Username
uri = resource.URI uri = resource.URI
desc = resource.Description desc = resource.Description
case "password-and-description": case "password-and-description":
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
var secretData api.SecretDataTypePasswordAndDescription var secretData api.SecretDataTypePasswordAndDescription
err = json.Unmarshal([]byte(rawSecretData), &secretData) err = json.Unmarshal([]byte(rawSecretData), &secretData)
if err != nil { if err != nil {
@ -65,11 +66,6 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
pw = secretData.Password pw = secretData.Password
desc = secretData.Description desc = secretData.Description
case "password-description-totp": case "password-description-totp":
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
var secretData api.SecretDataTypePasswordDescriptionTOTP var secretData api.SecretDataTypePasswordDescriptionTOTP
err = json.Unmarshal([]byte(rawSecretData), &secretData) err = json.Unmarshal([]byte(rawSecretData), &secretData)
if err != nil { if err != nil {
@ -103,11 +99,6 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
uri = metadata.URIs[0] uri = metadata.URIs[0]
} }
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
var secretData api.SecretDataTypeV5Default var secretData api.SecretDataTypeV5Default
err = json.Unmarshal([]byte(rawSecretData), &secretData) err = json.Unmarshal([]byte(rawSecretData), &secretData)
if err != nil { if err != nil {
@ -133,11 +124,6 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
uri = metadata.URIs[0] uri = metadata.URIs[0]
} }
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
var secretData api.SecretDataTypeV5DefaultWithTOTP var secretData api.SecretDataTypeV5DefaultWithTOTP
err = json.Unmarshal([]byte(rawSecretData), &secretData) err = json.Unmarshal([]byte(rawSecretData), &secretData)
if err != nil { if err != nil {
@ -166,11 +152,6 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret
// Not available in the Secret // Not available in the Secret
desc = metadata.Description desc = metadata.Description
rawSecretData, err := c.DecryptMessage(secret.Data)
if err != nil {
return "", "", "", "", "", "", fmt.Errorf("Decrypting Secret Data: %w", err)
}
pw = rawSecretData pw = rawSecretData
case "v5-totp-standalone": case "v5-totp-standalone":
rawMetadata, err := GetResourceMetadata(ctx, c, &resource, &rType) rawMetadata, err := GetResourceMetadata(ctx, c, &resource, &rType)