Client Secret Cap

[sarmiese]

Gday - After going through the setup of Bitwarden - Flow, when i look for an item in my vault using the action keyword, it says 'No Results Found' where there should be items appearing. I dont know if this is the issue, but when im adding the Client Secret, as soon as i press one key, it looks like it fills the line. I cannot clear the input box nor can i see what the Client Secret is. So when i actually paste my Client Secret, i dont know if it is actually reading the correct values.

Not sure if this is the reason why my flow is not connecting to bw appropriately, but in any case i think this is something that needs to be addressed, even if its just front end. Thanks a lot for the plugin! cannot wait until i can use it:)

[RedMageKnight]

Ah yes, you're absolutely right in your deduction - in order to prevent someone from being able to copy the already provided client secret, I'm applying a mask after the setting is applied and the client secret has been stored in Windows Credential Manager. Unfortunately, I only tested this when copying and pasting my secret, I never expected anyone to try and type it out and the settings changes are being applied on "PasswordChange" which would occur when you type in anything :)

I'll attempt to fix this today so it only applies the settings when either the user tabs out, clicks out, or perhaps I'll add a button to "Save" the configuration. Thank you for bringing it to my attention! :)

Also, not sure if you've already installed the Bitwarden CLI, but that is a requirement in order to use this plugin (I noticed you said you perhaps tried to copy and paste the key already as well?) In any case, I'll make this adjustment as I think it just makes more sense in not assuming people are only copying and pasting. If this applied change still doesn't work, if you could show me your log entries in the plugin directory --> Logs, I would be able to discern some of those assumptions :)

[RedMageKnight]

Hi @sarmiese!

I believe I have addressed this and some other observed issues in 1.2.0, so whenever it gets updated in the plugin store and you get a chance to try it out and let me know if this works for you, it would be much appreciated! :)

[sarmiese]

Thanks for the quick response and update! I downloaded your updated zip file and replaced the content in the bw flow plugin folder (if i should wait for the actual update to be live for it to work then i will! lol)

I cannot access my bitwarden logins yet(ill drop my logs underneath if you have a min) but the changes you made seem to work great. Secret input seems to be working as intended now, and i appreciate you added the 'CLI not installed' when you try to call bw since i thought i installed it, but i didnt know i needed to add it to my PATH (so thank you for the extra description on your docs, even though it says so in the bitwarden CLI installation link, i clearly didnt read that part). I think i have it all installed now (atleast i can get to the part where i type bw and it says that its locked) but this is where im getting stuck on. I write "bw /unlock mypassword" and it just minimizes the launcher. I open it again and it still says locked—and i know for a fact im using the correct password.

Log: BitwardenFlow_20240723.log

[RedMageKnight]

Hi @sarmiese!

Looking at your log, it looks like it may still not see your CLI - after you installed the CLI and you entered your credentials in the settings panel, did you happen to fully close out of Flow Launcher and re-open it? I know if you already have the CLI installed and set up when you install the plugin and you enter your client id and secret, you can run the shortcut from Flow Launcher to "Restart Flow Launcher" and that works, but if you install the CLI after you install the plugin, you have to do a full close (like right-click the Flow Launcher icon and close from the notification tray) and then re-open so it refreshes your PATH variable settings so it can see that the CLI is installed. The notification that the CLI isn't installed might have gone away for you because it sees that the CLI is installed but it can't reference it from your PATH, so either your PATH variable might be incorrect or you just need to do a full close and open (computer reboot would also do the trick). :)

Let me know if any of those work for you, and if they don't work, go ahead and delete the log from your log folder, and then check all the boxes in the logging section so I'm getting the debug logs as well and try to go through the process and then send me those logs and I can look further :)

[sarmiese]

Okay so i uninstalled the plugin and re-installed it from the plugin store (1.2.0). I downloaded CLI, extracted it and placed it in the same folder as my plugin (is it okay if its in the same folder?). In Environment Variables, under Path, i added this "C:\Users\"myUser"\AppData\Roaming\FlowLauncher\Plugins\Bitwarden-1.2.0" I double clicked the CLI (to run it i guess lol), I exit flow launcher from the notification tray and launched it again. I went to my bitwarden acc, rotated my API key and re-added it to the flow plugin settings. I get stuck in the same place, where it asks for password and i input it, but it just closes and keeps telling me its locked.

Im attaching the dev logs, they should show everything from the beginning. Hope this helps! BitwardenFlow_20240725.log

[RedMageKnight]

Hi @sarmiese!

It looks like it's detecting your CLI now so that's good! You shouldn't need to run the CLI manually because the plugin will auto-initiate the CLI local server on your device so long as your PATH variable is set correctly and because I can see in the logs it detected your CLI installation, you should be all good there :)

Your CLI should be fine there, I have mine just in the root of C (so C:\bitwarden-cli\bw.exe) but as long as it detects it, I don't see a problem. I'm going to review your logs more in-depth because it seems like it's not accepting your API key values to initiate the login (CLI output is saying that you're not logged in even though it should try and log in with your API client_id and client_secret and then accept your master password as the final authentication mechanism to approve the login and create a session token).

While I look into this some more (it's been such a busy day so I didn't really get a chance to work on this today), can you verify that after you rotated your API creds and re-entered them into the plugin settings that you restarted Flow Launcher? Since it's recognizing your CLI already, usually running "Restart Flow Launcher" from the Flow Launcher box is enough to refresh the credentials. Additionally, can you confirm that in your Flow Launcher settings itself (usually %appdata%\Flow Launcher\Settings\Plugins\Flow.Launcher.Bitwarden.Search\BitwardenFlowSettings.json) that in that file you see your client_id listed there? That should be populated and then, when you login, the SessionKey value in there should populate with a long string which will indicate it is properly creating the Session Key from your creds?

Sorry you've been experiencing such hassles with it, although through this I am getting ideas on how to better adjust my ReadMe file and maybe adding some additional sanity checks in the plugin itself to better guide users going forward in dealing with these initial setup issues like what you've had :)

[RedMageKnight]

Ah, you know what - nevermind, I know what you've got to do and I need to fix this to make it more streamlined. You have to first open up PowerShell on your computer and type in bw login and log in like normal from there. Once you do that and you've already got your client_id and client_secret configured in the plugin settings, it will probably work. I've been logged into the CLI the whole time and you need to initially "log in" to associate your account to your local Bitwarden CLI instance (on top of everything else I'm using to log in to open new localhost Bitwarden CLI servers when they close and to authenticate into those and to unlock using a session key relationship).

I'm going to release an update in the common days that can handle that piece as well in the instance that you have a completely new and fresh Bitwarden CLI instance installed on the box and need to initiate a full login. Sorry for the runaround, I've been doing all kinds of tests this evening and think I've finally come up with what's going on.

[sarmiese]

No worries at all! I dont mind being a tester and going through all this if the dev is active and willing to keep improving their plugin as you are:) Thanks for the quick responses and workarounds.

Im out for most of the day, but Ill try to log in using PowerShell and let you know how it goes tonight:) Do i run cmd window from the CLI folder, or just anywhere?

[RedMageKnight]

Since your PATH variable is set correctly, you should be able to do it from anywhere :) You'll know if you just type in bw from the PowerShell window and you get the help output instead of it saying "bw is an unknown cmdlet" type output.

[sarmiese]

Doing bw did give me the help output, i logged in through there and now i can unlock my vault using flow launcher bw and it works now! Whenever you do another update ill go through it from the beginning if it helps:) Thanks!

[RedMageKnight]

That's awesome! Thanks for letting me know it's working now and I know what I need to do now to fix that! I appreciate your patience and willingness to work me to figure things out :)