pwman-tools

Artifact [3498bba650]
Login

Artifact 3498bba65073fdfc02c6d3c05f2f0e948c6236e3393b4a420493f0e3ee862371:


; CLisp script for SBCL to export PWman to 1password
; Converts items to 1pass using 1password cli to import rather than an intermediate format; assumes an existing authenticated session
; See README for usage instructions

; Load quicklisp
(load "~/.sbclrc")
; Load libraries
; Had parsing errors with xmls so use cxml instead
(ql:quickload "cxml")
(ql:quickload "cl-ppcre")

; "Escape" certain characters.
(defun escape-quotes
	(text)
	(cl-ppcre:regex-replace-all "\"" (cl-ppcre:regex-replace-all "'" text "\\u0027" :preserve-case t) "\\u0022" :preserve-case t))

; Just assume two template types
; Obtained from `op get template <category>`
(defun template-secure-note
	(content)
	(concatenate 'string "{\"notesPlain\":\"" (escape-quotes content) "\",\"sections\":[]}"))

(defun template-login
	(username password content)
	(concatenate 'string "{\"notesPlain\":\"" (escape-quotes content) "\",\"sections\":[],\"passwordHistory\":[],\"fields\":[{\"value\":\"" username "\",\"name\":\"username\",\"type\":\"T\",\"designation\":\"username\"},{\"value\":\"" password "\",\"name\":\"password\",\"type\":\"P\",\"designation\":\"password\"}]}"))

(defun send-to-op
	(op-category pwman-category name host username passwd launch)
	(progn
		; Case would be better if I can figure that out
		(defparameter template
			(if (string= op-category "Login")
				(template-login username passwd launch)
				; Need to do this and not multiple ifs in progn as otherwise template picks up NIL from progmn
				; Need to combine fields for Secure notes
				(template-secure-note (concatenate 'string "host: " host "; user: " username "; password: " passwd "; launch: " launch))))
		(defparameter extproc (sb-ext:run-program "sh" (list "-c" (concatenate 'string "echo '" template "' | op encode")) :search :environment :output :stream))
		(defparameter encoded-item (read-line (sb-ext:process-output extproc)))
		; Create item
		; Just going to send blanks, etc if that's what some fields are. It doesn't seem to matter.
		; Need to only send url if it's a Login item
		(defparameter defaultargs (list  "create" "item" op-category encoded-item (concatenate 'string "--title=" name) (concatenate 'string "--tags=" pwman-category)))
		(defparameter args
			(if (string= op-category "Login")
				; Append, because need at end
				(append defaultargs (list (concatenate 'string "--url=" host)))
				defaultargs))
		(defparameter cproc (sb-ext:run-program "op" args :search :environment :output :stream))
		(defparameter output (read-line (sb-ext:process-output cproc)))
		(print output)))

; decrpyt the file
; Nice idea, but can't find a way of reading input in a concealed fashion so instead just decrypt the file manually before running this script
;(sb-ext:run-program "gpg" (list "-d" "--password" some-password-we-get-from-input (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db") ">" ".pwman.db.decrypt") :search :environment)
; read file
(defparameter *pwman* (cxml:parse-file  (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db.decrypt") (cxml-dom:make-dom-builder)))
(defparameter *categories* (dom:child-nodes (dom:item (dom:child-nodes (dom:document-element  *pwman* )) 0 )))

; Kept for ref
;(dom:do-node-list (category *categories*) (print (dom:get-attribute category "name")))

(dom:do-node-list (category *categories*)
	(progn
		(defparameter category-name (dom:get-attribute category "name"))
		(defparameter pwlists (dom:child-nodes category))
		; Kept for ref - prints category
		;(print category-name)
		(dom:do-node-list (pwlist pwlists)
			(progn
				; Rather than loop through at this point, call things explicitly so can then build the op command
				(defparameter pwitems (dom:child-nodes pwlist))
				; Kept for ref - prints Name
				;(print (dom:tag-name (dom:item pwitems 0)))
				;(print (dom:data (dom:item (dom:child-nodes (dom:item pwitems 0)) 0)))
				; Need to check for NIL and only then set paremter. E.g:
				(defparameter name
					(if (dom:item (dom:child-nodes (dom:item pwitems 0)) 0)
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 0)) 0))
						"")))
				(defparameter host
					(if (dom:item (dom:child-nodes (dom:item pwitems 1)) 0)
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 1)) 0))
						""))
				(defparameter username
					(if (dom:item (dom:child-nodes (dom:item pwitems 2)) 0)
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 2)) 0))
						""))
				(defparameter passwd
					(if (dom:item (dom:child-nodes (dom:item pwitems 3)) 0)
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 3)) 0))
						""))
				(defparameter launch
					(if (dom:item (dom:child-nodes (dom:item pwitems 4)) 0)
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 4)) 0))
						""))
				(if (string= category-name "SECURE-NOTES")
					(progn
						(print (concatenate 'string "Creating Secure Note for " name " in " category-name))
						(send-to-op "Secure Note" category-name name host username passwd launch))
					(progn
						(if (string/= category-name "INACTIVE")
							(progn
								(print (concatenate 'string "Creating Login for " name " in " category-name))
								(send-to-op "Login" category-name name host username passwd launch))))))))

; Only right at end do we want to delete file
(delete-file (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db.decrypt"))