diff --git a/cli/global.go b/cli/global.go index 751800302..afd780238 100644 --- a/cli/global.go +++ b/cli/global.go @@ -31,6 +31,7 @@ type AwsVault struct { keyringImpl keyring.Keyring awsConfigFile *vault.ConfigFile + UseBiometrics bool } func (a *AwsVault) Keyring() (keyring.Keyring, error) { @@ -120,11 +121,20 @@ func ConfigureGlobals(app *kingpin.Application) *AwsVault { Envar("AWS_VAULT_FILE_DIR"). StringVar(&a.KeyringConfig.FileDir) + app.Flag("biometrics", "Use biometric authentication if supported"). + Envar("AWS_VAULT_BIOMETRICS"). + BoolVar(&a.UseBiometrics) + app.PreAction(func(c *kingpin.ParseContext) error { if !a.Debug { log.SetOutput(ioutil.Discard) } keyring.Debug = a.Debug + + if a.UseBiometrics { + configureTouchID(&a.KeyringConfig) + } + log.Printf("aws-vault %s", app.Model().Version) return nil }) @@ -132,6 +142,12 @@ func ConfigureGlobals(app *kingpin.Application) *AwsVault { return a } +func configureTouchID(k *keyring.Config) { + k.UseBiometrics = true + k.TouchIDAccount = "com.99designs.aws-vault.biometrics" + k.TouchIDService = "aws-vault" +} + func fileKeyringPassphrasePrompt(prompt string) (string, error) { if password, ok := os.LookupEnv("AWS_VAULT_FILE_PASSPHRASE"); ok { return password, nil diff --git a/go.mod b/go.mod index 5056efaee..2a3230e9e 100644 --- a/go.mod +++ b/go.mod @@ -13,11 +13,14 @@ require ( github.com/aws/aws-sdk-go-v2/service/sts v1.16.15 github.com/google/go-cmp v0.5.8 github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 - golang.org/x/sys v0.0.0-20220829200755-d48e67d00261 + golang.org/x/sys v0.0.0-20220913175220-63ea55921009 golang.org/x/term v0.0.0-20220722155259-a9ba230a4035 gopkg.in/ini.v1 v1.67.0 ) +// TODO: remove this once the keyring PR is merged upstream +replace github.com/99designs/keyring => github.com/milesbxf/keyring v0.0.0-20220916120441-35a1afea02b0 + require ( github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect @@ -33,5 +36,7 @@ require ( github.com/dvsekhvalnov/jose2go v1.5.0 // indirect github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c // indirect + github.com/lox/go-touchid v0.0.0-20170712105233-619cc8e578d0 // indirect github.com/mtibben/percent v0.2.1 // indirect + golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 // indirect ) diff --git a/go.sum b/go.sum index da15ad4a1..a7e069676 100644 --- a/go.sum +++ b/go.sum @@ -1,7 +1,5 @@ github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 h1:/vQbFIOMbk2FiG/kXiLl8BRyzTWDw7gX/Hz7Dd5eDMs= github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4/go.mod h1:hN7oaIRCjzsZ2dE+yG5k+rsdt3qcwykqK6HVGcKwsw4= -github.com/99designs/keyring v1.2.1 h1:tYLp1ULvO7i3fI5vE21ReQuj99QFSs7lGm0xWyJo87o= -github.com/99designs/keyring v1.2.1/go.mod h1:fc+wB5KTk9wQ9sDx0kFXB3A0MaeGHM9AwRStKOQ5vOA= github.com/alecthomas/kingpin v0.0.0-20200323085623-b6657d9477a6 h1:0fwkEPHxb5V+KZZLxWmOknl4oHWo60+TnhmKOi4BIkU= github.com/alecthomas/kingpin v0.0.0-20200323085623-b6657d9477a6/go.mod h1:b6br6/pDFSfMkBgC96TbpOji05q5pa+v5rIlS0Y6XtI= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -54,6 +52,10 @@ github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfC github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/lox/go-touchid v0.0.0-20170712105233-619cc8e578d0 h1:m81erW+1MD5vl3lKQ/+TYPHJ6Y9/C1COqxXPE51FkDk= +github.com/lox/go-touchid v0.0.0-20170712105233-619cc8e578d0/go.mod h1:EHbIQzfC3kdWFI81pLOFjssnolF+ALfmVf8PUdWBxo4= +github.com/milesbxf/keyring v0.0.0-20220916120441-35a1afea02b0 h1:uo3w4oBZOI8t88f7DXWB/0Gnuq2RUhftOYqjEA3CfTo= +github.com/milesbxf/keyring v0.0.0-20220916120441-35a1afea02b0/go.mod h1:wPK2D8SXeZqOUpA38s8MyVMvYIhWGKTFmVKevHfm590= github.com/mtibben/percent v0.2.1 h1:5gssi8Nqo8QU/r2pynCm+hBQHpkB/uNK7BJCFogWdzs= github.com/mtibben/percent v0.2.1/go.mod h1:KG9uO+SZkUp+VkRHsCdYQV3XSZrrSpR3O9ibNBTZrns= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= @@ -68,9 +70,11 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM= +golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/sys v0.0.0-20210819135213-f52c844e1c1c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220829200755-d48e67d00261 h1:v6hYoSR9T5oet+pMXwUWkbiVqx/63mlHjefrHmxwfeY= -golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220913175220-63ea55921009 h1:PuvuRMeLWqsf/ZdT1UUZz0syhioyv1mzuFZsXs4fvhw= +golang.org/x/sys v0.0.0-20220913175220-63ea55921009/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20220722155259-a9ba230a4035 h1:Q5284mrmYTpACcm+eAKjKJH48BBwSyfJqmmGDTtT8Vc= golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=