update README with steps to install LaughPass and the updated CLI tool

[araff-r7]

This is a draft of the installation steps I used to get the LaughPass Electron app working. I'm still troubleshooting an issue with the updated CLI tool when I try to use lpass login --sso, it seems to not trigger the Electron app properly, as the window to login to Okta does not show up. I documented that issue here: https://github.com/lastpass/lastpass-cli/pull/580#issuecomment-749085810

Hope this helps someone!

[jnewbigin]

Hi. Great progress. I know the steps were a bit vague. I have actually set up some local homebrew formula for use at my work. There is a missing part of your setup. I'll try and explain how it works and then you can see how it fits in your environment.

Although I use the term install for testing you can just leave everything in the development folders and execute them from there.

1. build & install lpass (lastpass-cli with sso patch from https://github.com/jnewbigin/lastpass-cli/tree/sso)
2. build & install laughpass using auto/build and looking in the dist/mac folder. This build uses docker. You can build it natively with yarn && yarn dist but YMMV

to run:

1. export LPASS_PINENTRY=/path/to/pinentry
2. lpass login --sso user@example.com

lpass will invoke the pinentry command which will in turn invoke the laughpass binary. pinentry needs to find the laughpass binary. It should be included in the correct location but you must make sure you are using the correct copy.

So something like this might work for a proof of concept:

cd
git clone git@github.com:jnewbigin/laughpass.git
cd laughpass
cd laughpass && yarn && yarn dist
cd dist/mac/laughpass.app/Contents/
export LPASS_PINENTRY="$PWD"

cd
git clone git@github.com:jnewbigin/lastpass-cli.git
cd lastpass-cli
git checkout sso
make
cd build
./lpass login --sso username@example.com

Once that is working you can refine the procedure and install into proper directories. I can share my homebrew formula too but that is not 100% complete yet either.

[araff-r7]

Awesome, thanks for the help! I'll give it a go tomorrow morning and update the README with the commands and any additional troubleshooting steps I have to take. I appreciate your help on this!

[araff-r7]

Hi again @jnewbigin, I was able to get this installed and (mostly) configured. I'm documenting a few 'gotchas' I faced along the way, but the problem I'm running into now is the cli tool is prompting for an SSO Fragment. I found this doc: https://github.com/jnewbigin/laughpass/blob/master/docs/login_flow.md but the directions were rather confusing and I wasnt sure how exactly to extract the SSO Fragment. Can you please list the steps when you have a moment? I'll get it tested and written up. Thanks again for your help on this!

[jnewbigin]

The pinentry tool should save the fragment and supply it when requested. I might have make a mistake with this command:

export LPASS_PINENTRY="$PWD"

That should be an executable (or script) so it should be something like: export LPASS_PINENTRY="$PWD/pinentry" though I don't have my Mac handy to confirm.

What should happen in when lpass wants the password, it runs pinentry which in turn runs the electron app. Upon successful login, the electron app will print out the master password and the sso fragment. As lpass is only asking for the password, the fragment is saved to a file to be used later. Next, lpass will request the fragment from pinentry which will load it from file and then remove the file from disk.

It is possible to test pinentry without lpass but it requires a number of correctly formatted strings to invoke it. Perhaps I will prepare a test script in order to confirm that it is working correctly which will help you.

[araff-r7]

After posting this I did think of using export LPASS_PINENTRY="$PWD/pinentry" since that's what the earlier docs eluded to, but even after doing that the CLI still prompts for a master password and sso fragment within the terminal. I've tried rerunning make after exporting the new pinentry location but havent had much success yet. If you can give an example of the string formatting I can play around with testing pinentry, but from what I can tell the Electron app may not even be getting invoked, as the lpass login --sso command prompts for my master pass and sso fragment in the Terminal window without anything else popping up, and stalls on the mater password prompt if I dont enter anything. Thanks for your help on this!