Safe Haskell | None |
---|
- data PMConfig p = PMConfig {
- _pmc_location :: FilePath
- _pmc_env_var :: EnvVar
- _pmc_keystore_msg :: String
- _pmc_password_msg :: String
- _pmc_shell :: IO ()
- _pmc_hash_descr :: HashDescription
- _pmc_allow_dumps :: Bool
- _pmc_dump_prefix :: String
- _pmc_sample_script :: Maybe String
- _pmc_plus_env_var :: PasswordName -> Maybe EnvVar
- class (Bounded p, Enum p, Eq p, Ord p, Show p) => PW p where
- pwName :: p -> PasswordName
- parsePwName :: PasswordName -> Maybe p
- isSession :: p -> Maybe (PasswordText -> Either String SessionDescriptor)
- isOneShot :: p -> Bool
- enVar :: p -> EnvVar
- summarize :: p -> String
- describe :: p -> String
- data PW_ p = PW_
- data SessionDescriptor = SessionDescriptor {
- _sd_name :: SessionName
- _sd_isOneShot :: Bool
- data CollectConfig p = CollectConfig {
- _cc_optional :: Bool
- _cc_active :: [p]
- defaultCollectConfig :: PW p => CollectConfig p
- data Password = Password {
- _pw_name :: !PasswordName
- _pw_text :: !PasswordText
- _pw_sessions :: !SessionMap
- _pw_isOneShot :: !Bool
- _pw_primed :: !Bool
- _pw_setup :: !UTCTime
- newtype PasswordName = PasswordName {}
- newtype PasswordText = PasswordText {}
- newtype SessionName = SessionName {
- _SessionName :: Text
- newtype EnvVar = EnvVar {}
- passwordManager :: PW p => PMConfig p -> [String] -> IO ()
- defaultHashDescription :: Salt -> HashDescription
- defaultSampleScript :: PW p => PW_ p -> String -> String
- hashMasterPassword :: PW p => PMConfig p -> String -> PasswordText
- bindMasterPassword :: PW p => PMConfig p -> PasswordText -> IO ()
- setup :: PW p => PMConfig p -> Bool -> Maybe PasswordText -> IO ()
- passwordValid :: PW p => PMConfig p -> PasswordText -> IO Bool
- passwordValid' :: PW p => PMConfig p -> FilePath -> PasswordText -> IO (Maybe PasswordStore)
- isStorePresent :: PW p => PMConfig p -> IO Bool
- amLoggedIn :: PW p => PMConfig p -> IO Bool
- isBound :: PW p => PMConfig p -> p -> Maybe SessionName -> IO Bool
- import_ :: PW p => PMConfig p -> FilePath -> Maybe PasswordText -> IO ()
- load :: PW p => PMConfig p -> p -> Maybe PasswordText -> IO ()
- loadPlus :: PW p => PMConfig p -> PasswordName -> Maybe PasswordText -> IO ()
- psComment :: PW p => PMConfig p -> PasswordStoreComment -> IO ()
- collect :: PW p => PMConfig p -> CollectConfig p -> IO ()
- prime :: PW p => PMConfig p -> Bool -> Maybe p -> IO ()
- select :: PW p => PMConfig p -> Maybe p -> SessionName -> IO ()
- deletePassword :: PW p => PMConfig p -> p -> IO ()
- deletePasswordPlus :: PW p => PMConfig p -> PasswordName -> IO ()
- deleteSession :: PW p => PMConfig p -> Maybe p -> SessionName -> IO ()
- status :: PW p => PMConfig p -> Bool -> IO ()
- prompt :: PW p => PMConfig p -> IO ()
- passwords :: PW p => PMConfig p -> Bool -> IO ()
- passwordsPlus :: PW p => PMConfig p -> Bool -> IO ()
- sessions :: PW p => PMConfig p -> Bool -> Bool -> Maybe p -> IO ()
- infoPassword :: PW p => PMConfig p -> Bool -> p -> IO ()
- infoPassword_ :: PW p => PMConfig p -> Bool -> p -> IO Doc
- infoPasswordPlus :: PW p => PMConfig p -> Bool -> PasswordName -> IO ()
- infoPasswordPlus_ :: PW p => PMConfig p -> Bool -> PasswordName -> IO Doc
- dump :: PW p => PMConfig p -> Bool -> IO ()
- collectShell :: PW p => PMConfig p -> IO ()
- passwordManager' :: PW p => PMConfig p -> PMCommand p -> IO ()
- data PMCommand p
- pmCommandParser :: PW p => PMConfig p -> Parser (PMCommand p)
Documentation
The password manager is used for storing locally the passwords and session
tokens of a single user. The password used to encode the store is stored in
an environment variable and the passwords and tokens are stored in a file.
The file and and environment cariable are specified in the PWConfig
record.
(The attributes of each password and session list, including the environment
variables that they are communicated through, is statically specified
with the PW class below.)
PMConfig | |
|
class (Bounded p, Enum p, Eq p, Ord p, Show p) => PW p whereSource
The PW class provides all of the information on the bounded enumeration type used to identify the passwords
pwName :: p -> PasswordNameSource
the name by which the password is known
parsePwName :: PasswordName -> Maybe pSource
parse a PasswordName into a p
isSession :: p -> Maybe (PasswordText -> Either String SessionDescriptor)Source
whether the passwords is a session and if so a function for extracting the session name from the secret password text
whether the password is a one-shot password, needing to be primed to be used
the environment variable where the password is expected to be found by the client/deployment scripts
summarize :: p -> StringSource
a brief description of the password in a few words
a description of the password
we resort to phantom types when we have no other way of passing PW into a
function (see defaultSampleScript
)
data SessionDescriptor Source
SessionDescriptor | |
|
Show SessionDescriptor |
data CollectConfig p Source
the client calls collect
to bind the passwords into the environment
CollectConfig | |
|
defaultCollectConfig :: PW p => CollectConfig pSource
raise an error if not logged in and collect all of the passwords
Password | |
|
Eq Password | |
Show Password | |
Typeable Password | |
ToJSON PasswordMap | |
ToJSON Password | |
FromJSONWithErrs PasswordMap | |
FromJSONWithErrs Password |
newtype PasswordName Source
Eq PasswordName | |
Ord PasswordName | |
Show PasswordName | |
Typeable PasswordName | |
IsString PasswordName | |
ToJSON PasswordMap | |
ToJSON PasswordName | |
FromJSONWithErrs PasswordMap | |
FromJSONWithErrs PasswordName |
newtype PasswordText Source
Eq PasswordText | |
Ord PasswordText | |
Show PasswordText | |
Typeable PasswordText | |
IsString PasswordText | |
ToJSON PasswordText | |
FromJSONWithErrs PasswordText |
newtype SessionName Source
Eq SessionName | |
Ord SessionName | |
Show SessionName | |
Typeable SessionName | |
IsString SessionName | |
ToJSON SessionMap | |
ToJSON SessionName | |
FromJSONWithErrs SessionMap | |
FromJSONWithErrs SessionName |
passwordManager :: PW p => PMConfig p -> [String] -> IO ()Source
the password manager CLI: it just needs the config and command line
defaultHashDescription :: Salt -> HashDescriptionSource
a sample HashDescription
generator to help with setting up PMConfig
defaultSampleScript :: PW p => PW_ p -> String -> StringSource
sample sample-script generator to help with setting up PMConfig
hashMasterPassword :: PW p => PMConfig p -> String -> PasswordTextSource
hashing the master password to create the private key for securing the store
bindMasterPassword :: PW p => PMConfig p -> PasswordText -> IO ()Source
bind the master password in the environment
:: PW p | |
=> PMConfig p | |
-> Bool | => don't fire up an interactive shell with access to the new store |
-> Maybe PasswordText | the master password |
-> IO () |
create an empty passowrd store; if the boolean flag is False then an interactive shell is fired up with access to the new store; if no password is specified then one is read from stdin
passwordValid :: PW p => PMConfig p -> PasswordText -> IO BoolSource
is this the correct master password?
passwordValid' :: PW p => PMConfig p -> FilePath -> PasswordText -> IO (Maybe PasswordStore)Source
is this the correct master password for this keystore? Return the decrypted keystore if so.
isStorePresent :: PW p => PMConfig p -> IO BoolSource
is the password store there?
amLoggedIn :: PW p => PMConfig p -> IO BoolSource
are we currently logged in?
isBound :: PW p => PMConfig p -> p -> Maybe SessionName -> IO BoolSource
is the password/session bound to a value in the store?
import_ :: PW p => PMConfig p -> FilePath -> Maybe PasswordText -> IO ()Source
import the contents of another keystore into the current keystore
load :: PW p => PMConfig p -> p -> Maybe PasswordText -> IO ()Source
loads a password into the store; if this is a session password and the
boolean ss is True then the session will be reset to this password also;
if no PasswordText
is specified then one will be read from stdin
loadPlus :: PW p => PMConfig p -> PasswordName -> Maybe PasswordText -> IO ()Source
load a dynamic password into the Password store
psComment :: PW p => PMConfig p -> PasswordStoreComment -> IO ()Source
set the comment for the password store
collect :: PW p => PMConfig p -> CollectConfig p -> IO ()Source
collect the available passwords listed in CollectConfig
from the store
and bind them in their designated environmants variables
prime :: PW p => PMConfig p -> Bool -> Maybe p -> IO ()Source
prime a one-shot password so that it will be availabe on the next collection (probably for a deployment); if no password is specified then they are all primed
select :: PW p => PMConfig p -> Maybe p -> SessionName -> IO ()Source
select a different session for use
deletePassword :: PW p => PMConfig p -> p -> IO ()Source
delete a password from the store
deletePasswordPlus :: PW p => PMConfig p -> PasswordName -> IO ()Source
delete a password from the store
deleteSession :: PW p => PMConfig p -> Maybe p -> SessionName -> IO ()Source
delete a session from the store
status :: PW p => PMConfig p -> Bool -> IO ()Source
print a status line; if q
is True
then don't output anything and exit
with fail code 1 if not logged in
passwords :: PW p => PMConfig p -> Bool -> IO ()Source
list the passwords, one per line; if a
is set then all passwords will be listed,
otherwise just the primed passwords will be listed
passwordsPlus :: PW p => PMConfig p -> Bool -> IO ()Source
list all of the dynamic (+) passwords
:: PW p | |
=> PMConfig p | |
-> Bool | list active sessions only |
-> Bool | list only the session identifiers |
-> Maybe p | if specified, then only the sessions on this password |
-> IO () |
list the sessions, one per line; if p
is specified then all of the
sessions are listed for that password
:: PW p | |
=> PMConfig p | |
-> Bool | True => show the password secret text |
-> p | the password to show |
-> IO () |
print the info, including the text descriton, for an individual passowrd
infoPassword_ :: PW p => PMConfig p -> Bool -> p -> IO DocSource
get the info on a password
infoPasswordPlus :: PW p => PMConfig p -> Bool -> PasswordName -> IO ()Source
print the info for a dynamic (+) password
infoPasswordPlus_ :: PW p => PMConfig p -> Bool -> PasswordName -> IO DocSource
get the info on a dynamic (+) password
dump :: PW p => PMConfig p -> Bool -> IO ()Source
dump the store in a s script that can be used to reload it
collectShell :: PW p => PMConfig p -> IO ()Source
collect the passowrds, bthem into the environmant and launch an interacive shell
passwordManager' :: PW p => PMConfig p -> PMCommand p -> IO ()Source
run a password manager command abstracy syntax command
the abstract syntax for the passowd manager commands
Show p => Show (PMCommand p) |