Remove extension gRPC address setting
This commit is contained in:
@@ -8,7 +8,7 @@ The Arch package installs this directory under `/usr/share/keepassgo/browser-ext
|
|||||||
- `manifest.chromium.json` is the Chromium/Chrome manifest template
|
- `manifest.chromium.json` is the Chromium/Chrome manifest template
|
||||||
- `background.js` caches per-tab match state, updates the toolbar badge, keeps token-scoped approval state visible, and talks to the native messaging host `com.keepassgo.browser`
|
- `background.js` caches per-tab match state, updates the toolbar badge, keeps token-scoped approval state visible, and talks to the native messaging host `com.keepassgo.browser`
|
||||||
- `content.js` fills username and password fields on the current page, keeps fills tied to the focused form when possible, and shows inline KeePassGO field affordances when matches exist
|
- `content.js` fills username and password fields on the current page, keeps fills tied to the focused form when possible, and shows inline KeePassGO field affordances when matches exist
|
||||||
- `options.html` stores the local gRPC address and API token in browser extension storage
|
- `options.html` stores the API token in browser extension storage
|
||||||
|
|
||||||
The extension sends the API token to the native host on each request. The bridge does not store the token on disk.
|
The extension sends the API token to the native host on each request. The bridge does not store the token on disk.
|
||||||
|
|
||||||
|
|||||||
@@ -3,7 +3,6 @@ const nativeHost = "com.keepassgo.browser";
|
|||||||
const isNodeTestEnv = typeof module !== "undefined" && module.exports;
|
const isNodeTestEnv = typeof module !== "undefined" && module.exports;
|
||||||
const usePromiseAPI = typeof globalThis.browser !== "undefined";
|
const usePromiseAPI = typeof globalThis.browser !== "undefined";
|
||||||
const defaultSettings = {
|
const defaultSettings = {
|
||||||
grpcAddress: "",
|
|
||||||
bearerToken: ""
|
bearerToken: ""
|
||||||
};
|
};
|
||||||
const pageStatePrefix = "keepassgo-page-state:";
|
const pageStatePrefix = "keepassgo-page-state:";
|
||||||
@@ -174,9 +173,8 @@ function connectNative(message) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async function loadSettings() {
|
async function loadSettings() {
|
||||||
const stored = await storageGet(["grpcAddress", "bearerToken"]);
|
const stored = await storageGet(["bearerToken"]);
|
||||||
return {
|
return {
|
||||||
grpcAddress: (stored.grpcAddress || defaultSettings.grpcAddress).trim(),
|
|
||||||
bearerToken: (stored.bearerToken || defaultSettings.bearerToken).trim()
|
bearerToken: (stored.bearerToken || defaultSettings.bearerToken).trim()
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
@@ -418,7 +416,6 @@ async function fetchStatus(settings) {
|
|||||||
}
|
}
|
||||||
const status = await connectNative({
|
const status = await connectNative({
|
||||||
action: "status",
|
action: "status",
|
||||||
grpcAddress: settings.grpcAddress,
|
|
||||||
bearerToken: settings.bearerToken
|
bearerToken: settings.bearerToken
|
||||||
});
|
});
|
||||||
return {
|
return {
|
||||||
@@ -515,7 +512,6 @@ async function refreshPageState(tabId, pageUrl, options = {}) {
|
|||||||
|
|
||||||
const matches = await connectNative({
|
const matches = await connectNative({
|
||||||
action: "find-logins",
|
action: "find-logins",
|
||||||
grpcAddress: settings.grpcAddress,
|
|
||||||
bearerToken: settings.bearerToken,
|
bearerToken: settings.bearerToken,
|
||||||
url: resolvedURL
|
url: resolvedURL
|
||||||
});
|
});
|
||||||
@@ -601,7 +597,6 @@ async function fillLogin(tabId, entryId) {
|
|||||||
|
|
||||||
const response = await connectNative({
|
const response = await connectNative({
|
||||||
action: "get-login",
|
action: "get-login",
|
||||||
grpcAddress: settings.grpcAddress,
|
|
||||||
bearerToken: settings.bearerToken,
|
bearerToken: settings.bearerToken,
|
||||||
entryId,
|
entryId,
|
||||||
url: pageUrl
|
url: pageUrl
|
||||||
@@ -697,7 +692,6 @@ if (isNodeTestEnv) {
|
|||||||
return;
|
return;
|
||||||
case "keepassgo-save-settings":
|
case "keepassgo-save-settings":
|
||||||
await storageSet({
|
await storageSet({
|
||||||
grpcAddress: String(message.settings?.grpcAddress || defaultSettings.grpcAddress).trim(),
|
|
||||||
bearerToken: String(message.settings?.bearerToken || "").trim()
|
bearerToken: String(message.settings?.bearerToken || "").trim()
|
||||||
});
|
});
|
||||||
await refreshActivePage({ force: true }).catch(() => null);
|
await refreshActivePage({ force: true }).catch(() => null);
|
||||||
|
|||||||
@@ -11,14 +11,10 @@
|
|||||||
<header class="topbar">
|
<header class="topbar">
|
||||||
<div>
|
<div>
|
||||||
<h1>Browser Settings</h1>
|
<h1>Browser Settings</h1>
|
||||||
<p class="subtle">Configure how the extension reaches KeePassGO.</p>
|
<p class="subtle">Connect the extension to KeePassGO.</p>
|
||||||
</div>
|
</div>
|
||||||
</header>
|
</header>
|
||||||
<form id="settings-form" class="settings-form">
|
<form id="settings-form" class="settings-form">
|
||||||
<label>
|
|
||||||
<span>gRPC address</span>
|
|
||||||
<input id="grpc-address" name="grpc-address" type="text" value="" placeholder="Leave blank for the local default socket" autocomplete="off">
|
|
||||||
</label>
|
|
||||||
<label>
|
<label>
|
||||||
<span>API token</span>
|
<span>API token</span>
|
||||||
<textarea id="bearer-token" name="bearer-token" rows="6" spellcheck="false"></textarea>
|
<textarea id="bearer-token" name="bearer-token" rows="6" spellcheck="false"></textarea>
|
||||||
|
|||||||
@@ -22,7 +22,6 @@ async function loadSettings() {
|
|||||||
if (!response?.success) {
|
if (!response?.success) {
|
||||||
throw new Error(response?.error || "Could not load settings.");
|
throw new Error(response?.error || "Could not load settings.");
|
||||||
}
|
}
|
||||||
document.getElementById("grpc-address").value = response.settings.grpcAddress || "";
|
|
||||||
document.getElementById("bearer-token").value = response.settings.bearerToken || "";
|
document.getElementById("bearer-token").value = response.settings.bearerToken || "";
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -34,7 +33,6 @@ async function saveSettings(event) {
|
|||||||
const response = await runtimeSend({
|
const response = await runtimeSend({
|
||||||
type: "keepassgo-save-settings",
|
type: "keepassgo-save-settings",
|
||||||
settings: {
|
settings: {
|
||||||
grpcAddress: document.getElementById("grpc-address").value,
|
|
||||||
bearerToken: document.getElementById("bearer-token").value
|
bearerToken: document.getElementById("bearer-token").value
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ The browser extension does **not** talk to vault files directly.
|
|||||||
## Security Model
|
## Security Model
|
||||||
|
|
||||||
- KeePassGO remains the source of truth for authentication, authorization, approvals, and audit events.
|
- KeePassGO remains the source of truth for authentication, authorization, approvals, and audit events.
|
||||||
- The browser extension stores the gRPC address and API token in browser extension storage.
|
- The browser extension stores the API token in browser extension storage.
|
||||||
- The native messaging host receives the token on each request from the extension.
|
- The native messaging host receives the token on each request from the extension.
|
||||||
- The native messaging host uses the token only to attach `authorization: Bearer ...` metadata to the local gRPC request.
|
- The native messaging host uses the token only to attach `authorization: Bearer ...` metadata to the local gRPC request.
|
||||||
- The native messaging host does not persist the token to disk.
|
- The native messaging host does not persist the token to disk.
|
||||||
@@ -78,14 +78,13 @@ Firefox:
|
|||||||
|
|
||||||
1. Load `browser/extension/manifest.firefox.json` as a temporary add-on or package it as an extension.
|
1. Load `browser/extension/manifest.firefox.json` as a temporary add-on or package it as an extension.
|
||||||
2. Open the extension settings page.
|
2. Open the extension settings page.
|
||||||
3. Leave the gRPC address blank to use the local default Unix socket, or set an explicit address if you overrode the listener.
|
3. Paste an API token scoped for browser login lookup and credential copy.
|
||||||
4. Paste an API token scoped for browser login lookup and credential copy.
|
|
||||||
|
|
||||||
Chromium / Chrome:
|
Chromium / Chrome:
|
||||||
|
|
||||||
1. Load a Chromium manifest based on `browser/extension/manifest.chromium.json`, or install the published extension when that distribution exists.
|
1. Load a Chromium manifest based on `browser/extension/manifest.chromium.json`, or install the published extension when that distribution exists.
|
||||||
2. Start KeePassGO once so it can refresh the native host manifest for the discovered extension id.
|
2. Start KeePassGO once so it can refresh the native host manifest for the discovered extension id.
|
||||||
3. Configure the gRPC address and API token in the extension settings page.
|
3. Configure the API token in the extension settings page.
|
||||||
|
|
||||||
## Current Browser Flow
|
## Current Browser Flow
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user