1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

onepassword: find the password field out of the fields list (#1610)

* Find the password field out of the fields list

With the command line utility `op` version 1.8, the password field exists, while the fields list is empty.  This will look for the desired field without it being listed in the fields list.

* Add changelog fragment

* Update changelogs/fragments/1610-bugfix-onepassword-lookup-plugin.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/onepassword.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Roberto Aguilar 2021-01-20 16:37:28 -05:00 committed by GitHub
parent 25e246bdc2
commit 5b1bede4cb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 57 additions and 0 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- "onepassword lookup plugin - updated to support password items, which place the password field directly in the payload's ``details`` attribute (https://github.com/ansible-collections/community.general/pull/1610)."

View file

@ -187,8 +187,63 @@ class OnePass(object):
return rc, out, err
def _parse_field(self, data_json, field_name, section_title=None):
"""
Retrieves the desired field from the `op` response payload
When the item is a `password` type, the password is a key within the `details` key:
$ op get item 'test item' | jq
{
[...]
"templateUuid": "005",
"details": {
"notesPlain": "",
"password": "foobar",
"passwordHistory": [],
"sections": [
{
"name": "linked items",
"title": "Related Items"
}
]
},
[...]
}
However, when the item is a `login` type, the password is within a fields array:
$ op get item 'test item' | jq
{
[...]
"details": {
"fields": [
{
"designation": "username",
"name": "username",
"type": "T",
"value": "foo"
},
{
"designation": "password",
"name": "password",
"type": "P",
"value": "bar"
}
],
[...]
},
[...]
"""
data = json.loads(data_json)
if section_title is None:
# https://github.com/ansible-collections/community.general/pull/1610:
# check the details dictionary for `field_name` and return it immediately if it exists
# when the entry is a "password" instead of a "login" item, the password field is a key
# in the `details` dictionary:
if field_name in data['details']:
return data['details'][field_name]
# when the field is not found above, iterate through the fields list in the object details
for field_data in data['details'].get('fields', []):
if field_data.get('name', '').lower() == field_name.lower():
return field_data.get('value', '')