fix: use "cli" as client id when logging in, fixes #182 - Githubissues

doy / rbw

unofficial bitwarden cli

https://git.tozt.net/rbw

Other

573 stars 82 forks source link

fix: use "cli" as client id when logging in, fixes #182 #186

Closed impact-merlinmarek closed 2 weeks ago

impact-merlinmarek commented 2 weeks ago

the official bitwarden cli uses the following parameters when logging in (POST /connect/token):

scope=api offline_access
client_id=cli
deviceType=25
deviceIdentifier=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
deviceName=linux
grant_type=password
username=xxxxxxxxxxxxxxxxxxxxxxxxx
password=xxxxxxxxxxxxxxxxxxxxxxxxx

before this commit, rbw uses these parameters:

scope=api offline_access
client_id=desktop
deviceType=8
deviceIdentifier=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
deviceName=rbw
devicePushToken=
grant_type=password
username=xxxxxxxxxxxxxxxxxxxxxxxxx
password=xxxxxxxxxxxxxxxxxxxxxxxxx

although there are multiple differences, changing the client id from "desktop" to "cli" is sufficient to fix the issue.

impact-merlinmarek commented 2 weeks ago

I have also created a branch that shows how to export the tls keys from rbw to debug the network requests in wireshark, see https://github.com/impact-merlinmarek/rbw/tree/enable-sslkeylogfile

doy commented 2 weeks ago

thanks!

dezeroku commented 1 week ago

As for the deviceType, we'll probably want to change that too sooner or later. It seems that 8 describes Linux, while 25 is specifically for Linux CLI : https://github.com/bitwarden/server/pull/3329 https://github.com/bitwarden/server/blob/main/src/Core/Enums/DeviceType.cs