keystore-0.8.1.1: Managing stores of secret things

Safe HaskellNone
LanguageHaskell2010

Data.KeyStore.PasswordManager

Synopsis

Documentation

data PMConfig p Source #

The password manager is used for storing locally the passwords and session tokens of a single user. The password used to encode the store is stored in an environment variable and the passwords and tokens are stored in a file. The file and and environment cariable are specified in the PWConfig record. (The attributes of each password and session list, including the environment variables that they are communicated through, is statically specified with the PW class below.)

Constructors

PMConfig 

Fields

class (Bounded p, Enum p, Eq p, Ord p, Show p) => PW p where Source #

The PW class provides all of the information on the bounded enumeration type used to identify the passwords

Minimal complete definition

Nothing

Methods

pwName :: p -> PasswordName Source #

the name by which the password is known

parsePwName :: PasswordName -> Maybe p Source #

parse a PasswordName into a p

isSession :: p -> Maybe (PasswordText -> Either String SessionDescriptor) Source #

whether the passwords is a session and if so a function for extracting the session name from the secret password text

isOneShot :: p -> Bool Source #

whether the password is a one-shot password, needing to be primed to be used

enVar :: p -> EnvVar Source #

the environment variable where the password is expected to be found by the client/deployment scripts

summarize :: p -> String Source #

a brief description of the password in a few words

describe :: p -> String Source #

a description of the password

data PW_ p Source #

we resort to phantom types when we have no other way of passing PW into a function (see defaultSampleScript)

Constructors

PW_ 

data SessionDescriptor Source #

Constructors

SessionDescriptor 

Fields

Instances
Show SessionDescriptor Source # 
Instance details

Defined in Data.KeyStore.PasswordManager

Methods

showsPrec :: Int -> SessionDescriptor -> ShowS #

show :: SessionDescriptor -> String #

showList :: [SessionDescriptor] -> ShowS #

data CollectConfig p Source #

the client calls collect to bind the passwords into the environment

Constructors

CollectConfig 

Fields

  • _cc_optional :: Bool

    if True , collect will not report an error if the master password is missing

  • _cc_active :: [p]

    the list of active passwords for this collection

defaultCollectConfig :: PW p => CollectConfig p Source #

raise an error if not logged in and collect all of the passwords

data Password Source #

Constructors

Password 

Fields

Instances
Eq Password Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

(==) :: Password -> Password -> Bool #

(/=) :: Password -> Password -> Bool #

Show Password Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

showsPrec :: Int -> Password -> ShowS #

show :: Password -> String #

showList :: [Password] -> ShowS #

newtype PasswordName Source #

Constructors

PasswordName 

Fields

Instances
Eq PasswordName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

(==) :: PasswordName -> PasswordName -> Bool #

(/=) :: PasswordName -> PasswordName -> Bool #

Ord PasswordName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

compare :: PasswordName -> PasswordName -> Ordering #

(<) :: PasswordName -> PasswordName -> Bool #

(<=) :: PasswordName -> PasswordName -> Bool #

(>) :: PasswordName -> PasswordName -> Bool #

(>=) :: PasswordName -> PasswordName -> Bool #

max :: PasswordName -> PasswordName -> PasswordName #

min :: PasswordName -> PasswordName -> PasswordName #

Show PasswordName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

showsPrec :: Int -> PasswordName -> ShowS #

show :: PasswordName -> String #

showList :: [PasswordName] -> ShowS #

IsString PasswordName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

fromString :: String -> PasswordName #

ToJSON PasswordName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

toJSON :: PasswordName -> Value #

toEncoding :: PasswordName -> Encoding #

toJSONList :: [PasswordName] -> Value #

toEncodingList :: [PasswordName] -> Encoding #

FromJSON PasswordName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

parseJSON :: Value -> Parser PasswordName #

parseJSONList :: Value -> Parser [PasswordName] #

FromJSONWithErrs PasswordName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

parseJSONWithErrs :: Value -> ParserWithErrs PasswordName #

newtype PasswordText Source #

Constructors

PasswordText 

Fields

Instances
Eq PasswordText Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

(==) :: PasswordText -> PasswordText -> Bool #

(/=) :: PasswordText -> PasswordText -> Bool #

Ord PasswordText Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

compare :: PasswordText -> PasswordText -> Ordering #

(<) :: PasswordText -> PasswordText -> Bool #

(<=) :: PasswordText -> PasswordText -> Bool #

(>) :: PasswordText -> PasswordText -> Bool #

(>=) :: PasswordText -> PasswordText -> Bool #

max :: PasswordText -> PasswordText -> PasswordText #

min :: PasswordText -> PasswordText -> PasswordText #

Show PasswordText Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

showsPrec :: Int -> PasswordText -> ShowS #

show :: PasswordText -> String #

showList :: [PasswordText] -> ShowS #

IsString PasswordText Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

fromString :: String -> PasswordText #

ToJSON PasswordText Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

toJSON :: PasswordText -> Value #

toEncoding :: PasswordText -> Encoding #

toJSONList :: [PasswordText] -> Value #

toEncodingList :: [PasswordText] -> Encoding #

FromJSON PasswordText Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

parseJSON :: Value -> Parser PasswordText #

parseJSONList :: Value -> Parser [PasswordText] #

FromJSONWithErrs PasswordText Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

parseJSONWithErrs :: Value -> ParserWithErrs PasswordText #

newtype SessionName Source #

Constructors

SessionName 

Fields

Instances
Eq SessionName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

(==) :: SessionName -> SessionName -> Bool #

(/=) :: SessionName -> SessionName -> Bool #

Ord SessionName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

compare :: SessionName -> SessionName -> Ordering #

(<) :: SessionName -> SessionName -> Bool #

(<=) :: SessionName -> SessionName -> Bool #

(>) :: SessionName -> SessionName -> Bool #

(>=) :: SessionName -> SessionName -> Bool #

max :: SessionName -> SessionName -> SessionName #

min :: SessionName -> SessionName -> SessionName #

Show SessionName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

showsPrec :: Int -> SessionName -> ShowS #

show :: SessionName -> String #

showList :: [SessionName] -> ShowS #

IsString SessionName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

fromString :: String -> SessionName #

ToJSON SessionName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

toJSON :: SessionName -> Value #

toEncoding :: SessionName -> Encoding #

toJSONList :: [SessionName] -> Value #

toEncodingList :: [SessionName] -> Encoding #

FromJSON SessionName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

parseJSON :: Value -> Parser SessionName #

parseJSONList :: Value -> Parser [SessionName] #

FromJSONWithErrs SessionName Source # 
Instance details

Defined in Data.KeyStore.Types.PasswordStoreModel

Methods

parseJSONWithErrs :: Value -> ParserWithErrs SessionName #

newtype EnvVar Source #

Constructors

EnvVar 

Fields

Instances
Eq EnvVar Source # 
Instance details

Defined in Data.KeyStore.Types

Methods

(==) :: EnvVar -> EnvVar -> Bool #

(/=) :: EnvVar -> EnvVar -> Bool #

Ord EnvVar Source # 
Instance details

Defined in Data.KeyStore.Types

Methods

compare :: EnvVar -> EnvVar -> Ordering #

(<) :: EnvVar -> EnvVar -> Bool #

(<=) :: EnvVar -> EnvVar -> Bool #

(>) :: EnvVar -> EnvVar -> Bool #

(>=) :: EnvVar -> EnvVar -> Bool #

max :: EnvVar -> EnvVar -> EnvVar #

min :: EnvVar -> EnvVar -> EnvVar #

Show EnvVar Source # 
Instance details

Defined in Data.KeyStore.Types

Methods

showsPrec :: Int -> EnvVar -> ShowS #

show :: EnvVar -> String #

showList :: [EnvVar] -> ShowS #

IsString EnvVar Source # 
Instance details

Defined in Data.KeyStore.Types

Methods

fromString :: String -> EnvVar #

ToJSON EnvVar Source # 
Instance details

Defined in Data.KeyStore.Types

Methods

toJSON :: EnvVar -> Value #

toEncoding :: EnvVar -> Encoding #

toJSONList :: [EnvVar] -> Value #

toEncodingList :: [EnvVar] -> Encoding #

FromJSON EnvVar Source # 
Instance details

Defined in Data.KeyStore.Types

Methods

parseJSON :: Value -> Parser EnvVar #

parseJSONList :: Value -> Parser [EnvVar] #

FromJSONWithErrs EnvVar Source # 
Instance details

Defined in Data.KeyStore.Types

Methods

parseJSONWithErrs :: Value -> ParserWithErrs EnvVar #

passwordManager :: PW p => PMConfig p -> [String] -> IO () Source #

the password manager CLI: it just needs the config and command line

defaultHashDescription :: Salt -> HashDescription Source #

a sample HashDescription generator to help with setting up PMConfig

defaultSampleScript :: PW p => PW_ p -> String -> String Source #

sample sample-script generator to help with setting up PMConfig

hashMasterPassword :: PW p => PMConfig p -> String -> PasswordText Source #

hashing the master password to create the private key for securing the store

bindMasterPassword :: PW p => PMConfig p -> PasswordText -> IO () Source #

bind the master password in the environment

setup Source #

Arguments

:: PW p 
=> PMConfig p 
-> Bool

> don't fire up an interactive shell with access to the new store

-> Maybe PasswordText

the master password

-> IO () 

create an empty passowrd store; if the boolean flag is False then an interactive shell is fired up with access to the new store; if no password is specified then one is read from stdin

login :: PW p => PMConfig p -> Bool -> Maybe PasswordText -> IO () Source #

launch an interactive shell with access to the password store; if the bool boolean flag is True then it will loop asking for the passwoord until the correct password is typed (or an error ocurrs, possibly from a SIGint); if no PasswordText is specified then one will be read from stdin

passwordValid :: PW p => PMConfig p -> PasswordText -> IO Bool Source #

is this the correct master password?

passwordValid' :: PW p => PMConfig p -> FilePath -> PasswordText -> IO (Maybe PasswordStore) Source #

is this the correct master password for this keystore? Return the decrypted keystore if so.

isStorePresent :: PW p => PMConfig p -> IO Bool Source #

is the password store there?

amLoggedIn :: PW p => PMConfig p -> IO Bool Source #

are we currently logged in?

isBound :: PW p => PMConfig p -> p -> Maybe SessionName -> IO Bool Source #

is the password/session bound to a value in the store?

import_ :: PW p => PMConfig p -> FilePath -> Maybe PasswordText -> IO () Source #

import the contents of another keystore into the current keystore

load :: PW p => PMConfig p -> p -> Maybe PasswordText -> IO () Source #

loads a password into the store; if this is a session password and the boolean ss is True then the session will be reset to this password also; if no PasswordText is specified then one will be read from stdin

loadPlus :: PW p => PMConfig p -> PasswordName -> Maybe PasswordText -> IO () Source #

load a dynamic password into the Password store

psComment :: PW p => PMConfig p -> PasswordStoreComment -> IO () Source #

set the comment for the password store

collect :: PW p => PMConfig p -> CollectConfig p -> IO () Source #

collect the available passwords listed in CollectConfig from the store and bind them in their designated environmants variables

prime :: PW p => PMConfig p -> Bool -> Maybe p -> IO () Source #

prime a one-shot password so that it will be availabe on the next collection (probably for a deployment); if no password is specified then they are all primed

select :: PW p => PMConfig p -> Maybe p -> SessionName -> IO () Source #

select a different session for use

deletePassword :: PW p => PMConfig p -> p -> IO () Source #

delete a password from the store

deletePasswordPlus :: PW p => PMConfig p -> Maybe PasswordName -> IO () Source #

delete a password from the store

deleteSession :: PW p => PMConfig p -> Maybe p -> SessionName -> IO () Source #

delete a session from the store

status :: PW p => PMConfig p -> Bool -> IO () Source #

print a status line; if q is True then don't output anything and exit with fail code 1 if not logged in

prompt :: PW p => PMConfig p -> IO () Source #

print a status apropriate for a prompt

passwords :: PW p => PMConfig p -> Bool -> IO () Source #

list the passwords, one per line; if a is set then all passwords will be listed, otherwise just the primed passwords will be listed

passwordsPlus :: PW p => PMConfig p -> Bool -> IO () Source #

list all of the dynamic (+) passwords

sessions Source #

Arguments

:: PW p 
=> PMConfig p 
-> Bool

list active sessions only

-> Bool

list only the session identifiers

-> Maybe p

if specified, then only the sessions on this password

-> IO () 

list the sessions, one per line; if p is specified then all of the sessions are listed for that password

infoPassword Source #

Arguments

:: PW p 
=> PMConfig p 
-> Bool

True => show the password secret text

-> p

the password to show

-> IO () 

print the info, including the text descriton, for an individual passowrd

infoPassword_ :: PW p => PMConfig p -> Bool -> p -> IO Doc Source #

get the info on a password

infoPasswordPlus :: PW p => PMConfig p -> Bool -> PasswordName -> IO () Source #

print the info for a dynamic (+) password

infoPasswordPlus_ :: PW p => PMConfig p -> Bool -> PasswordName -> IO Doc Source #

get the info on a dynamic (+) password

dump :: PW p => PMConfig p -> Bool -> IO () Source #

dump the store in a s script that can be used to reload it

collectShell :: PW p => PMConfig p -> IO () Source #

collect the passowrds, bthem into the environmant and launch an interacive shell

passwordManager' :: PW p => PMConfig p -> PMCommand p -> IO () Source #

run a password manager command

data PMCommand p Source #

the abstract syntax for the passowd manager commands

Constructors

PMCD_version 
PMCD_setup Bool (Maybe PasswordText) 
PMCD_login Bool (Maybe PasswordText) 
PMCD_import Bool FilePath (Maybe PasswordText) 
PMCD_load p (Maybe PasswordText) 
PMCD_load_plus PasswordName (Maybe PasswordText) 
PMCD_comment PasswordStoreComment 
PMCD_prime Bool p 
PMCD_prime_all Bool 
PMCD_select (Maybe p) SessionName 
PMCD_delete_password p 
PMCD_delete_password_plus (Maybe PasswordName) 
PMCD_delete_session (Maybe p) SessionName 
PMCD_status Bool 
PMCD_prompt 
PMCD_passwords Bool 
PMCD_passwords_plus Bool 
PMCD_session Bool 
PMCD_sessions Bool (Maybe p) 
PMCD_info Bool p 
PMCD_info_plus Bool PasswordName 
PMCD_dump Bool 
PMCD_collect 
PMCD_sample_script 
Instances
Show p => Show (PMCommand p) Source # 
Instance details

Defined in Data.KeyStore.PasswordManager

Methods

showsPrec :: Int -> PMCommand p -> ShowS #

show :: PMCommand p -> String #

showList :: [PMCommand p] -> ShowS #

pmCommandParser :: PW p => PMConfig p -> Parser (PMCommand p) Source #

getStore :: PW p => PMConfig p -> IO PasswordStore Source #