search

1Password / onepassword-sdk-go

https://developer.1password.com/docs/sdks/
MIT License
40 stars 3 forks source link

Ability to get OTP from SDK #93

Closed s3rj1k closed 1 month ago

s3rj1k commented 2 months ago

Use Case

I am trying to automate VPN connection as systemd-service and in need of the ability for SDK to handle OTP links like below

{{ op://CLI/VPN/Security/OTP?attribute=otp }}

Requirements and desired behavior

Bare-minimal code support to fetch OTP data.

Additional information

Would be nice to have a working example code for OTP fetching.

AndyTitu commented 2 months ago

Thank you for sharing this use case. We have OTP support on our short roadmap.

AndyTitu commented 2 months ago

@s3rj1k Would you also be ok with getting the OTP in some other way than using secret references, like for example: 

item, err := client.Items.Get("my_OTP_item_id")
if err != nil {
    panic(err)
}

var myTOTP string
for _, f := range item.Fields {
   if field.Type == onepassword.FieldTypeOTP {
      myTOTP = field.value
   }
}
s3rj1k commented 2 months ago

Would you also be ok with getting the OTP in some other way than using secret references

I would be ok with any working solution as this is not any kind of performance related solution in my case.

(not related to current issue) also if possible, please provide a working boilerplate for main function, I did try to run some examples with exported SA token, it worked for CLI op and did not for example code, erroring with some token serialization errors.

MOmarMiraj commented 2 months ago

I did try to run some examples with exported SA token, it worked for CLI op and did not for example code, erroring with some token serialization errors.

Yes this is a identified bug that we recently discovered regarding creating service account tokens through the CLI. An internal issue has been brought up and we will let you know when this gets addressed.

A workaround would be creating a service account token through the 1Password website.. the steps can be found here: https://developer.1password.com/docs/service-accounts/get-started

s3rj1k commented 2 months ago

@MOmarMiraj I see, thanks for info, will try again when OTP support will be added to SDK

s3rj1k commented 2 months ago

@AndyTitu

We have OTP support on our short roadmap.

Do you have some time estimates for that? (Just to understand how long of a wait)

AndyTitu commented 2 months ago

it worked for CLI op and did not for example code, erroring with some token serialization errors.

We recently discovered that service account tokens generated by the CLI aren't serialised the right way, so only the CLI knows how to deserialise them. To quick fix your issue, you can generate an SA token from the web UI.

In the meantime, we're working on that CLI issue.

Edit: Oh, I see Omar answered this already

AndyTitu commented 2 months ago

Do you have some time estimates for that? (Just to understand how long of a wait)

Can't offer any strong commitments, but I'd say it's in the span of the next couple of months.

MOmarMiraj commented 1 month ago

Hi @s3rj1k

As of v0.1.0-beta.12 of the Go SDK, you are now able to get/write OTP field information using the Item API.

If you have any more issues, please feel free to create another issue.