From 52cc1881d850dc847aa2b317a4925b3b06e9725a Mon Sep 17 00:00:00 2001
From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com>
Date: Mon, 10 Feb 2025 22:04:24 +0100
Subject: [PATCH] [PR #9625/4e0de41a backport][stable-10] onepassword_doc: fix
 1Password Connect support (#9719)

onepassword_doc: fix 1Password Connect support (#9625)

Fix 1Password Connect support for onepassword_doc.

(cherry picked from commit 4e0de41a85655e971a9f195bba3e16c3442fec92)

Co-authored-by: Felix Fontein <felix@fontein.de>
---
 changelogs/fragments/9625-onepassword_doc.yml |  2 ++
 plugins/lookup/onepassword.py                 |  8 +++++---
 plugins/lookup/onepassword_doc.py             | 17 +----------------
 3 files changed, 8 insertions(+), 19 deletions(-)
 create mode 100644 changelogs/fragments/9625-onepassword_doc.yml

diff --git a/changelogs/fragments/9625-onepassword_doc.yml b/changelogs/fragments/9625-onepassword_doc.yml
new file mode 100644
index 0000000000..e4c4cd5b65
--- /dev/null
+++ b/changelogs/fragments/9625-onepassword_doc.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - "onepassword_doc lookup plugin - ensure that 1Password Connect support also works for this plugin (https://github.com/ansible-collections/community.general/pull/9625)."
diff --git a/plugins/lookup/onepassword.py b/plugins/lookup/onepassword.py
index 60e0b2a69c..ce0179a31e 100644
--- a/plugins/lookup/onepassword.py
+++ b/plugins/lookup/onepassword.py
@@ -553,9 +553,7 @@ class OnePassCLIv2(OnePassCLIBase):
         environment_update = {"OP_SECRET_KEY": self.secret_key}
         return self._run(args, command_input=to_bytes(self.master_password), environment_update=environment_update)
 
-    def get_raw(self, item_id, vault=None, token=None):
-        args = ["item", "get", item_id, "--format", "json"]
-
+    def _add_parameters_and_run(self, args, vault=None, token=None):
         if self.account_id:
             args.extend(["--account", self.account_id])
 
@@ -582,6 +580,10 @@ class OnePassCLIv2(OnePassCLIBase):
 
         return self._run(args)
 
+    def get_raw(self, item_id, vault=None, token=None):
+        args = ["item", "get", item_id, "--format", "json"]
+        return self._add_parameters_and_run(args, vault=vault, token=token)
+
     def signin(self):
         self._check_required_params(['master_password'])
 
diff --git a/plugins/lookup/onepassword_doc.py b/plugins/lookup/onepassword_doc.py
index b1728fce89..5ffcf02c69 100644
--- a/plugins/lookup/onepassword_doc.py
+++ b/plugins/lookup/onepassword_doc.py
@@ -46,28 +46,13 @@ RETURN = """
 """
 
 from ansible_collections.community.general.plugins.lookup.onepassword import OnePass, OnePassCLIv2
-from ansible.errors import AnsibleLookupError
-from ansible.module_utils.common.text.converters import to_bytes
 from ansible.plugins.lookup import LookupBase
 
 
 class OnePassCLIv2Doc(OnePassCLIv2):
     def get_raw(self, item_id, vault=None, token=None):
         args = ["document", "get", item_id]
-        if vault is not None:
-            args = [*args, f"--vault={vault}"]
-
-        if self.service_account_token:
-            if vault is None:
-                raise AnsibleLookupError("'vault' is required with 'service_account_token'")
-
-            environment_update = {"OP_SERVICE_ACCOUNT_TOKEN": self.service_account_token}
-            return self._run(args, environment_update=environment_update)
-
-        if token is not None:
-            args = [*args, to_bytes("--session=") + token]
-
-        return self._run(args)
+        return self._add_parameters_and_run(args, vault=vault, token=token)
 
 
 class LookupModule(LookupBase):