From 2cb39e9481ae75943322f79040b6d6ed1d227089 Mon Sep 17 00:00:00 2001 From: Samuel Lorch Date: Mon, 11 Aug 2025 15:36:01 +0200 Subject: [PATCH 1/3] Fix resource type password-string validation --- helper/secret.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/helper/secret.go b/helper/secret.go index 586ac26..502bfe7 100644 --- a/helper/secret.go +++ b/helper/secret.go @@ -11,6 +11,15 @@ import ( ) func validateSecretData(rType *api.ResourceType, secretData string) error { + // TODO Remove when v4 Resources are unsupported + // with the Resource Type password-string the Secret is not json and can't be properly validated, so skip the check here + if rType.Slug == "password-string" { + if len(secretData) > 4096 { + return fmt.Errorf("password is longer than 4096") + } + return nil + } + var schemaDefinition api.ResourceTypeSchema definition := rType.Definition From 09ecd1f23a27b4e83b1359abbd92830a2e3e3a32 Mon Sep 17 00:00:00 2001 From: Samuel Lorch Date: Mon, 11 Aug 2025 15:39:48 +0200 Subject: [PATCH 2/3] Fix null's in schema --- api/schema.go | 72 +++++++++++++++++++-------------------------------- 1 file changed, 26 insertions(+), 46 deletions(-) diff --git a/api/schema.go b/api/schema.go index b9fe6d4..0f351ac 100644 --- a/api/schema.go +++ b/api/schema.go @@ -15,22 +15,19 @@ var ResourceSchemas = map[string]json.RawMessage{ "maxLength": 255 }, "username": { - "type": "string", - "maxLength": 255, - "nullable": true + "type": ["string", "null"], + "maxLength": 255 }, "uris": { "type": "array", "items": { "type": "string", - "maxLength": 1024, - "nullable": true + "maxLength": 1024 } }, "description": { - "type": "string", - "maxLength": 10000, - "nullable": true + "type": ["string", "null"], + "maxLength": 10000 } } }, @@ -43,14 +40,12 @@ var ResourceSchemas = map[string]json.RawMessage{ "enum": ["PASSBOLT_SECRET_DATA"] }, "password": { - "type": "string", - "maxLength": 4096, - "nullable": true + "type": ["string", "null"], + "maxLength": 4096 }, "description": { - "type": "string", - "maxLength": 10000, - "nullable": true + "type": ["string", "null"], + "maxLength": 10000 } } } @@ -66,22 +61,19 @@ var ResourceSchemas = map[string]json.RawMessage{ "maxLength": 255 }, "username": { - "type": "string", - "maxLength": 255, - "nullable": true + "type": ["string", "null"], + "maxLength": 255 }, "uris": { "type": "array", "items": { "type": "string", - "maxLength": 1024, - "nullable": true + "maxLength": 1024 } }, "description": { - "type": "string", - "maxLength": 10000, - "nullable": true + "type": ["string", "null"], + "maxLength": 10000 } } }, @@ -101,22 +93,19 @@ var ResourceSchemas = map[string]json.RawMessage{ "maxLength": 255 }, "username": { - "type": "string", - "maxLength": 255, - "nullable": true + "type": ["string", "null"], + "maxLength": 255 }, "uris": { "type": "array", "items": { "type": "string", - "maxLength": 1024, - "nullable": true + "maxLength": 1024 } }, "description": { - "type": "string", - "maxLength": 10000, - "nullable": true + "type": ["string", "null"], + "maxLength": 10000 } } }, @@ -129,14 +118,12 @@ var ResourceSchemas = map[string]json.RawMessage{ "enum": ["PASSBOLT_SECRET_DATA"] }, "password": { - "type": "string", - "maxLength": 4096, - "nullable": true + "type": ["string", "null"], + "maxLength": 4096 }, "description": { - "type": "string", - "maxLength": 10000, - "nullable": true + "type": ["string", "null"], + "maxLength": 10000 }, "totp": { "type": "object", @@ -174,23 +161,16 @@ var ResourceSchemas = map[string]json.RawMessage{ "type": "string", "maxLength": 255 }, - "username": { - "type": "string", - "maxLength": 255, - "nullable": true - }, "uris": { "type": "array", "items": { "type": "string", - "maxLength": 1024, - "nullable": true + "maxLength": 1024 } }, "description": { - "type": "string", - "maxLength": 10000, - "nullable": true + "type": ["string", "null"], + "maxLength": 10000 } } }, From 1111e12f1e098a7b4dc784175c5f5bf6fd325095 Mon Sep 17 00:00:00 2001 From: Samuel Lorch Date: Mon, 11 Aug 2025 15:40:10 +0200 Subject: [PATCH 3/3] Fix Metadata Parsing for v5-totp-standalone --- helper/resource_get.go | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/helper/resource_get.go b/helper/resource_get.go index 7967bae..64fcc1f 100644 --- a/helper/resource_get.go +++ b/helper/resource_get.go @@ -173,7 +173,21 @@ func GetResourceFromData(c *api.Client, resource api.Resource, secret api.Secret pw = rawSecretData case "v5-totp-standalone": - // nothing fits into the interface in this case + rawMetadata, err := GetResourceMetadata(ctx, c, &resource, &rType) + if err != nil { + return "", "", "", "", "", "", fmt.Errorf("Getting Metadata: %w", err) + } + + var metadata api.ResourceMetadataTypeV5TOTPStandalone + err = json.Unmarshal([]byte(rawMetadata), &metadata) + if err != nil { + return "", "", "", "", "", "", fmt.Errorf("Parsing Decrypted Metadata: %w", err) + } + + name = metadata.Name + if len(metadata.URIs) != 0 { + uri = metadata.URIs[0] + } default: return "", "", "", "", "", "", fmt.Errorf("Unknown ResourceType: %v", rType.Slug) }