From e3f02cb161b7bf351ebab9335b31056a6125348b Mon Sep 17 00:00:00 2001 From: reverendj1 Date: Sat, 7 Jan 2023 04:28:05 -0500 Subject: [PATCH] Add Support to Bitwarden Lookup for Custom Fields (#5694) * Add Support to Bitwarden Lookup for Custom Fields This adds support to the Bitwarden lookup for retrieving values from custom fields, such as api keys. * Need to Return Whole Record if Field is Not Defined * whitespace * Add Changelog Fragment * Need to Make Sure All Login Fields are Represented We need to make sure that all login fields are accounted for, since there will be no other way to retrieve them with this change, and we don't want to break backwards compatibility. Looking at this code from the official client, https://github.com/bitwarden/clients/blob/master/libs/common/spec/models/domain/login.spec.ts, autofillOnPageLoad might be another login field. * Update changelogs/fragments/5694-add-custom-fields-to-bitwarden.yml Clarify changelog fragment Co-authored-by: Felix Fontein * Update plugins/lookup/bitwarden.py Fix logic. Should only error if matches were found, but are missing the custom field. Co-authored-by: Felix Fontein Co-authored-by: Felix Fontein --- .../5694-add-custom-fields-to-bitwarden.yml | 2 ++ plugins/lookup/bitwarden.py | 20 ++++++++++++++++--- 2 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/5694-add-custom-fields-to-bitwarden.yml diff --git a/changelogs/fragments/5694-add-custom-fields-to-bitwarden.yml b/changelogs/fragments/5694-add-custom-fields-to-bitwarden.yml new file mode 100644 index 0000000000..55006f06a9 --- /dev/null +++ b/changelogs/fragments/5694-add-custom-fields-to-bitwarden.yml @@ -0,0 +1,2 @@ +minor_changes: + - bitwarden lookup plugin - can now retrieve secrets from custom fields (https://github.com/ansible-collections/community.general/pull/5694). diff --git a/plugins/lookup/bitwarden.py b/plugins/lookup/bitwarden.py index 1cc2e44c74..dbcb88d456 100644 --- a/plugins/lookup/bitwarden.py +++ b/plugins/lookup/bitwarden.py @@ -47,6 +47,11 @@ EXAMPLES = """ ansible.builtin.debug: msg: >- {{ lookup('community.general.bitwarden', 'a_test') }} + +- name: "Get custom field 'api_key' from Bitwarden record named 'a_test'" + ansible.builtin.debug: + msg: >- + {{ lookup('community.general.bitwarden', 'a_test', field='api_key') }} """ RETURN = """ @@ -109,10 +114,19 @@ class Bitwarden(object): """ matches = self._get_matches(search_value, search_field) - if field: + if field in ['autofillOnPageLoad', 'password', 'passwordRevisionDate', 'totp', 'uris', 'username']: return [match['login'][field] for match in matches] - - return matches + elif not field: + return matches + else: + custom_field_matches = [] + for match in matches: + for custom_field in match['fields']: + if custom_field['name'] == field: + custom_field_matches.append(custom_field['value']) + if matches and not custom_field_matches: + raise AnsibleError("Custom field {field} does not exist in {search_value}".format(field=field, search_value=search_value)) + return custom_field_matches class LookupModule(LookupBase):