Introduce typed MIME Secrets (gopasspw#1415)

This commit introduces a new MIME-based secrets format that will eventually replace any existing secret format. Fixes gopasspw#1310 RELEASE_NOTES=[BREAKING] New secrets format. Signed-off-by: Dominik Schulz <[email protected]>
vbargl · Jun 11, 2020 · dccfbeb · dccfbeb
1 parent b2ac176
commit dccfbeb
Show file tree

Hide file tree

Showing 101 changed files with 2,380 additions and 2,398 deletions.
diff --git a/cmd/gopass-git-credentials/git-credential.go b/cmd/gopass-git-credentials/git-credential.go
@@ -11,11 +11,11 @@ import (
 
 	"github.com/gopasspw/gopass/internal/debug"
 	"github.com/gopasspw/gopass/internal/out"
-	"github.com/gopasspw/gopass/internal/store/secret"
 	"github.com/gopasspw/gopass/internal/termio"
 	"github.com/gopasspw/gopass/pkg/ctxutil"
 	"github.com/gopasspw/gopass/pkg/fsutil"
 	"github.com/gopasspw/gopass/pkg/gopass"
+	"github.com/gopasspw/gopass/pkg/gopass/secret"
 	"github.com/urfave/cli/v2"
 )
 
@@ -141,7 +141,7 @@ func (s *gc) Get(c *cli.Context) error {
 	}
 	// try git/host/username... If username is empty, simply try git/host
 	path := "git/" + fsutil.CleanFilename(cred.Host) + "/" + fsutil.CleanFilename(cred.Username)
-	if _, err := s.gp.Get(ctx, path); err != nil {
+	if _, err := s.gp.Get(ctx, path, "latest"); err != nil {
 		// if the looked up path is a directory with only one entry (e.g. one user per host), take the subentry instead
 		ls, err := s.gp.List(ctx)
 		if err != nil {
@@ -158,13 +158,12 @@ func (s *gc) Get(c *cli.Context) error {
 		}
 		path = entries[0]
 	}
-	secret, err := s.gp.Get(ctx, path)
+	secret, err := s.gp.Get(ctx, path, "latest")
 	if err != nil {
 		return err
 	}
-	cred.Password = secret.Password()
-	username, err := secret.Value("login")
-	if err == nil {
+	cred.Password = secret.Get("password")
+	if username := secret.Get("login"); username != "" {
 		// leave the username as is otherwise
 		cred.Username = username
 	}
@@ -185,7 +184,7 @@ func (s *gc) Store(c *cli.Context) error {
 	}
 	path := "git/" + fsutil.CleanFilename(cred.Host) + "/" + fsutil.CleanFilename(cred.Username)
 	// This should never really be an issue because git automatically removes invalid credentials first
-	if _, err := s.gp.Get(ctx, path); err == nil {
+	if _, err := s.gp.Get(ctx, path, "latest"); err == nil {
 		debug.Log(""+
 			"gopass: did not store \"%s\" because it already exists. "+
 			"If you want to overwrite it, delete it first by doing: "+
@@ -194,9 +193,10 @@ func (s *gc) Store(c *cli.Context) error {
 		)
 		return nil
 	}
-	secret := secret.New(cred.Password, "")
+	secret := secret.New()
+	secret.Set("password", cred.Password)
 	if cred.Username != "" {
-		_ = secret.SetValue("login", cred.Username)
+		secret.Set("login", cred.Username)
 	}
 
 	if err := s.gp.Set(ctx, path, secret); err != nil {

diff --git a/cmd/gopass-git-credentials/main.go b/cmd/gopass-git-credentials/main.go
@@ -7,7 +7,7 @@ import (
 	"os/signal"
 
 	"github.com/gopasspw/gopass/pkg/ctxutil"
-	"github.com/gopasspw/gopass/pkg/gopass"
+	"github.com/gopasspw/gopass/pkg/gopass/api"
 	"github.com/urfave/cli/v2"
 )
 
@@ -40,7 +40,7 @@ func main() {
 		ctx = ctxutil.WithStdin(ctx, true)
 	}
 
-	gp, err := gopass.New(ctx)
+	gp, err := api.New(ctx)
 	if err != nil {
 		panic(err)
 	}

diff --git a/cmd/gopass-hibp/hibp.go b/cmd/gopass-hibp/hibp.go
@@ -129,13 +129,13 @@ func (s *hibp) precomputeHashes(ctx context.Context) (map[string]string, []strin
 		// comparing the body is super hard, as every user may choose to use
 		// the body of a secret differently. In the future we may support
 		// go templates to extract and compare data from the body
-		sec, err := s.gp.Get(ctx, secret)
+		sec, err := s.gp.Get(ctx, secret, "latest")
 		if err != nil {
 			out.Print(ctx, "\n"+color.YellowString("Failed to retrieve secret '%s': %s", secret, err))
 			continue
 		}
 
-		pw := sec.Password()
+		pw := sec.Get("password")
 		// do not check empty passwords, there should be caught by `gopass audit`
 		// anyway
 		if len(pw) < 1 {

diff --git a/cmd/gopass-hibp/main.go b/cmd/gopass-hibp/main.go
@@ -6,7 +6,7 @@ import (
 	"os"
 	"os/signal"
 
-	"github.com/gopasspw/gopass/pkg/gopass"
+	"github.com/gopasspw/gopass/pkg/gopass/api"
 	"github.com/urfave/cli/v2"
 )
 
@@ -33,7 +33,7 @@ func main() {
 		}
 	}()
 
-	gp, err := gopass.New(ctx)
+	gp, err := api.New(ctx)
 	if err != nil {
 		panic(err)
 	}

diff --git a/cmd/gopass-jsonapi/internal/jsonapi/api.go b/cmd/gopass-jsonapi/internal/jsonapi/api.go
@@ -19,19 +19,18 @@ type API struct {
 
 // ReadAndRespond a single message
 func (api *API) ReadAndRespond(ctx context.Context) error {
-	silentCtx := out.WithHidden(ctx, true)
+	ctx = out.WithHidden(ctx, true)
 	message, err := readMessage(api.Reader)
 	if message == nil || err != nil {
 		return err
 	}
 
-	return api.respondMessage(silentCtx, message)
+	return api.respondMessage(ctx, message)
 }
 
 // RespondError sends err as JSON response
 func (api *API) RespondError(err error) error {
-	var response errorResponse
-	response.Error = err.Error()
-
-	return sendSerializedJSONMessage(response, api.Writer)
+	return sendSerializedJSONMessage(errorResponse{
+		Error: err.Error(),
+	}, api.Writer)
 }