Safe Haskell | None |
---|---|
Language | Haskell2010 |
- data PMConfig p = PMConfig {}
- class (Bounded p, Enum p, Eq p, Ord p, Show p) => PW p where
- pwName :: p -> PasswordName
- parsePwName :: PasswordName -> Maybe p
- isSession :: p -> Maybe (PasswordText -> Either String SessionDescriptor)
- isOneShot :: p -> Bool
- enVar :: p -> EnvVar
- summarize :: p -> String
- describe :: p -> String
- data PW_ p = PW_
- data SessionDescriptor = SessionDescriptor {}
- data CollectConfig p = CollectConfig {
- _cc_optional :: Bool
- _cc_active :: [p]
- defaultCollectConfig :: PW p => CollectConfig p
- data Password = Password {
- _pw_name :: !PasswordName
- _pw_text :: !PasswordText
- _pw_sessions :: !SessionMap
- _pw_isOneShot :: !Bool
- _pw_primed :: !Bool
- _pw_setup :: !UTCTime
- newtype PasswordName = PasswordName {}
- newtype PasswordText = PasswordText {}
- newtype SessionName = SessionName {
- _SessionName :: Text
- newtype EnvVar = EnvVar {}
- passwordManager :: PW p => PMConfig p -> [String] -> IO ()
- defaultHashDescription :: Salt -> HashDescription
- defaultSampleScript :: PW p => PW_ p -> String -> String
- hashMasterPassword :: PW p => PMConfig p -> String -> PasswordText
- bindMasterPassword :: PW p => PMConfig p -> PasswordText -> IO ()
- setup :: PW p => PMConfig p -> Bool -> Maybe PasswordText -> IO ()
- passwordValid :: PW p => PMConfig p -> PasswordText -> IO Bool
- passwordValid' :: PW p => PMConfig p -> FilePath -> PasswordText -> IO (Maybe PasswordStore)
- isStorePresent :: PW p => PMConfig p -> IO Bool
- amLoggedIn :: PW p => PMConfig p -> IO Bool
- isBound :: PW p => PMConfig p -> p -> Maybe SessionName -> IO Bool
- import_ :: PW p => PMConfig p -> FilePath -> Maybe PasswordText -> IO ()
- load :: PW p => PMConfig p -> p -> Maybe PasswordText -> IO ()
- loadPlus :: PW p => PMConfig p -> PasswordName -> Maybe PasswordText -> IO ()
- psComment :: PW p => PMConfig p -> PasswordStoreComment -> IO ()
- collect :: PW p => PMConfig p -> CollectConfig p -> IO ()
- prime :: PW p => PMConfig p -> Bool -> Maybe p -> IO ()
- select :: PW p => PMConfig p -> Maybe p -> SessionName -> IO ()
- deletePassword :: PW p => PMConfig p -> p -> IO ()
- deletePasswordPlus :: PW p => PMConfig p -> PasswordName -> IO ()
- deleteSession :: PW p => PMConfig p -> Maybe p -> SessionName -> IO ()
- status :: PW p => PMConfig p -> Bool -> IO ()
- prompt :: PW p => PMConfig p -> IO ()
- passwords :: PW p => PMConfig p -> Bool -> IO ()
- passwordsPlus :: PW p => PMConfig p -> Bool -> IO ()
- sessions :: PW p => PMConfig p -> Bool -> Bool -> Maybe p -> IO ()
- infoPassword :: PW p => PMConfig p -> Bool -> p -> IO ()
- infoPassword_ :: PW p => PMConfig p -> Bool -> p -> IO Doc
- infoPasswordPlus :: PW p => PMConfig p -> Bool -> PasswordName -> IO ()
- infoPasswordPlus_ :: PW p => PMConfig p -> Bool -> PasswordName -> IO Doc
- dump :: PW p => PMConfig p -> Bool -> IO ()
- collectShell :: PW p => PMConfig p -> IO ()
- passwordManager' :: PW p => PMConfig p -> PMCommand p -> IO ()
- data PMCommand p
- pmCommandParser :: PW p => PMConfig p -> Parser (PMCommand p)
Documentation
The password manager is used for storing locally the passwords and session
tokens of a single user. The password used to encode the store is stored in
an environment variable and the passwords and tokens are stored in a file.
The file and and environment cariable are specified in the PWConfig
record.
(The attributes of each password and session list, including the environment
variables that they are communicated through, is statically specified
with the PW class below.)
PMConfig | |
|
class (Bounded p, Enum p, Eq p, Ord p, Show p) => PW p where Source
The PW class provides all of the information on the bounded enumeration type used to identify the passwords
Nothing
pwName :: p -> PasswordName Source
the name by which the password is known
parsePwName :: PasswordName -> Maybe p Source
parse a PasswordName into a p
isSession :: p -> Maybe (PasswordText -> Either String SessionDescriptor) Source
whether the passwords is a session and if so a function for extracting the session name from the secret password text
whether the password is a one-shot password, needing to be primed to be used
the environment variable where the password is expected to be found by the client/deployment scripts
summarize :: p -> String Source
a brief description of the password in a few words
describe :: p -> String Source
a description of the password
we resort to phantom types when we have no other way of passing PW into a
function (see defaultSampleScript
)
data SessionDescriptor Source
data CollectConfig p Source
the client calls collect
to bind the passwords into the environment
CollectConfig | |
|
defaultCollectConfig :: PW p => CollectConfig p Source
raise an error if not logged in and collect all of the passwords
Password | |
|
newtype PasswordName Source
newtype PasswordText Source
newtype SessionName Source
passwordManager :: PW p => PMConfig p -> [String] -> IO () Source
the password manager CLI: it just needs the config and command line
defaultHashDescription :: Salt -> HashDescription Source
a sample HashDescription
generator to help with setting up PMConfig
defaultSampleScript :: PW p => PW_ p -> String -> String Source
sample sample-script generator to help with setting up PMConfig
hashMasterPassword :: PW p => PMConfig p -> String -> PasswordText Source
hashing the master password to create the private key for securing the store
bindMasterPassword :: PW p => PMConfig p -> PasswordText -> IO () Source
bind the master password in the environment
:: PW p | |
=> PMConfig p | |
-> Bool | > don't fire up an interactive shell with access to the new store |
-> Maybe PasswordText | the master password |
-> IO () |
create an empty passowrd store; if the boolean flag is False then an interactive shell is fired up with access to the new store; if no password is specified then one is read from stdin
passwordValid :: PW p => PMConfig p -> PasswordText -> IO Bool Source
is this the correct master password?
passwordValid' :: PW p => PMConfig p -> FilePath -> PasswordText -> IO (Maybe PasswordStore) Source
is this the correct master password for this keystore? Return the decrypted keystore if so.
isBound :: PW p => PMConfig p -> p -> Maybe SessionName -> IO Bool Source
is the password/session bound to a value in the store?
import_ :: PW p => PMConfig p -> FilePath -> Maybe PasswordText -> IO () Source
import the contents of another keystore into the current keystore
load :: PW p => PMConfig p -> p -> Maybe PasswordText -> IO () Source
loads a password into the store; if this is a session password and the
boolean ss is True then the session will be reset to this password also;
if no PasswordText
is specified then one will be read from stdin
loadPlus :: PW p => PMConfig p -> PasswordName -> Maybe PasswordText -> IO () Source
load a dynamic password into the Password store
psComment :: PW p => PMConfig p -> PasswordStoreComment -> IO () Source
set the comment for the password store
collect :: PW p => PMConfig p -> CollectConfig p -> IO () Source
collect the available passwords listed in CollectConfig
from the store
and bind them in their designated environmants variables
prime :: PW p => PMConfig p -> Bool -> Maybe p -> IO () Source
prime a one-shot password so that it will be availabe on the next collection (probably for a deployment); if no password is specified then they are all primed
select :: PW p => PMConfig p -> Maybe p -> SessionName -> IO () Source
select a different session for use
deletePassword :: PW p => PMConfig p -> p -> IO () Source
delete a password from the store
deletePasswordPlus :: PW p => PMConfig p -> PasswordName -> IO () Source
delete a password from the store
deleteSession :: PW p => PMConfig p -> Maybe p -> SessionName -> IO () Source
delete a session from the store
status :: PW p => PMConfig p -> Bool -> IO () Source
print a status line; if q
is True
then don't output anything and exit
with fail code 1 if not logged in
passwords :: PW p => PMConfig p -> Bool -> IO () Source
list the passwords, one per line; if a
is set then all passwords will be listed,
otherwise just the primed passwords will be listed
:: PW p | |
=> PMConfig p | |
-> Bool | list active sessions only |
-> Bool | list only the session identifiers |
-> Maybe p | if specified, then only the sessions on this password |
-> IO () |
list the sessions, one per line; if p
is specified then all of the
sessions are listed for that password
print the info, including the text descriton, for an individual passowrd
infoPasswordPlus :: PW p => PMConfig p -> Bool -> PasswordName -> IO () Source
print the info for a dynamic (+) password
infoPasswordPlus_ :: PW p => PMConfig p -> Bool -> PasswordName -> IO Doc Source
get the info on a dynamic (+) password
dump :: PW p => PMConfig p -> Bool -> IO () Source
dump the store in a s script that can be used to reload it
collectShell :: PW p => PMConfig p -> IO () Source
collect the passowrds, bthem into the environmant and launch an interacive shell
passwordManager' :: PW p => PMConfig p -> PMCommand p -> IO () Source
run a password manager command abstracy syntax command
the abstract syntax for the passowd manager commands