Merge branch 'develop'

CHANGELOG.txt

@@ -8,6 +8,15 @@ YYYY/MM/DD - MAJOR.MINOR.RELEASE
 [!] = Fix / Security
 
 
+2022/02/11 - 1.1.4
+——————————————————
+[!] TOTP secret with spaces
+[!] Proper Steam Guard codes
+[+] Added support for Min Browser
+[+] Added support for Bitwarden CLI v1.21
+[=] Bitwarden CLI version >= 1.11.0
+
+
 2021/11/08 - 1.1.3
 ——————————————————
 [!] TOTP generation for other than otpauth Key Uri

Lib/Alert.ahk

@@ -14,7 +14,7 @@ Alert(Parameters*)
 Alert_Labels(ButtonList*)
 {
 	static fObject := ""
-		, pid := DllCall("GetCurrentProcessId")
+		, pid := DllCall("Kernel32\GetCurrentProcessId")
 
 	if !IsObject(fObject)
 	{
@@ -25,11 +25,11 @@ Alert_Labels(ButtonList*)
 
 	if !WinExist("ahk_pid" pid " ahk_class#32770")
 		return
+	fObject := ""
 	SetTimer ,, Delete
 	for i,lbl in ButtonList
 	{
 		if StrLen(lbl)
 			ControlSetText % "Button" i, % lbl
 	}
-	fObject := ""
 }

Lib/Bind.ahk

@@ -14,7 +14,7 @@ Bind()
 Bind_To(Field, Key)
 {
 	static fObjects := {}, keys := {}
-		, pid := DllCall("GetCurrentProcessId")
+		, pid := DllCall("Kernel32\GetCurrentProcessId")
 
 	Hotkey IfWinNotActive, % "ahk_pid" pid
 	if (!Field && !Key)

Lib/Epoch.ahk

@@ -1,7 +1,7 @@
 
 Epoch(Timestamp := "")
 {
-	epoch := (Timestamp ? Timestamp : A_NowUTC)
+	epoch := Timestamp ? Timestamp : A_NowUTC
 	epoch -= 19700101000000, Seconds
 	return epoch
 }

Lib/Favicons.ahk

@@ -1,9 +1,9 @@
 
 Favicons()
 {
-/* UrlDownloadToFile is way too primitive thus file
-download rely on cURL, shipped with W10 from builds
-1803 onwards (April 2018), check for availability.
+	/* UrlDownloadToFile is way too primitive thus file
+	download rely on cURL, shipped with W10 from builds
+	1803 onwards (April 2018), check for availability.
 	*/
 	GetStdStream("curl --version")
 	if (ErrorLevel)

Lib/JSON.ahk

@@ -47,7 +47,6 @@ class JSON
 
 	_init()
 	{
-		qpc()
 		if (this.lib)
 			return
 		this.lib := this._LoadLib()
@@ -62,7 +61,6 @@ class JSON
 
 		this.fnCastString := Func("Format").Bind("{}")
 		NumPut(&this.fnCastString, this.lib.fnCastString, "UPtr")
-		return qpc()
 	}
 
 	_LoadLib() {

Lib/Login.ahk

@@ -192,7 +192,7 @@ Login_Toggle(ShowTip := true)
 			ALert(0x10, out)
 			Exit
 		}
-		else if (FileOpen("data.json", 0).Length < 512)
+		else if (FileOpen("data.json", 0).Length < 1024)
 		{
 			Alert(0x10, "The server is misidentifying the application with a bot.`n`nLogin via Personal API Key is required to circumvent the issue.")
 			Reload

Lib/Match.ahk

@@ -104,7 +104,7 @@ Match_ByUrl(Url, Entry)
 
 Match_ParseUrl(hWnd, Exe)
 {
-	if !(Exe ~= "i)chrome|msedge|firefox|iexplore|opera")
+	if !(Exe ~= "i)chrome|msedge|firefox|iexplore|opera|min")
 		return
 	Url := Url_Get(hWnd, InStr(Exe, "ie"))
 	if (url)

Lib/Totp.ahk

@@ -41,25 +41,22 @@ Totp_ClipboardReset(Period)
 
 Totp_Parse(String, Mode)
 {
-	RegExMatch(String, "algorithm=\K\w+", algorithm)
+	RegExMatch(String, "i)algorithm=\K\w+", algorithm)
 	if !(algorithm ~= "i)(SHA1|SHA256|SHA512)")
 		algorithm := "SHA1"
-	RegExMatch(String, "digits=\K\d+", digits)
-	digits := digits ? digits : 6
-	RegExMatch(String, "period=\K\d+", period)
+	if RegExMatch(String, "i)digits=\K\d+", digits)
+		digits := Max(1, Min(10, digits))
+	else
+		digits := 6
+	RegExMatch(String, "i)period=\K\d+", period)
 	period := period ? period : 30
-	secret := String
-	if (InStr(String, "otpauth://totp") = 1)
-	{
-		if !RegExMatch(String, "secret=\K\w+", secret)
-			secret := String
-	}
-	else if (InStr(String, "steam://") = 1)
-	{
-		digits := 5
-		secret := SubStr(String, 9)
-	}
+	if RegExMatch(String, "i)^steam:\/\/\K.+", secret)
+		digits := 0
+	else if !RegExMatch(String, "i)secret=\K\w+", secret)
+		secret := StrReplace(String, " ")
 	totp := Totp(secret, digits, period, algorithm)
+	if (digits = 0)
+		totp := Totp_Steam(totp)
 	if (Mode = "default")
 	{
 		if (INI.GENERAL.totp)
@@ -70,6 +67,20 @@ Totp_Parse(String, Mode)
 	return totp
 }
 
+Totp_Steam(Totp)
+{
+	otp := ""
+	dict := StrSplit("23456789BCDFGHJKMNPQRTVWXY")
+	size := dict.Count()
+	loop 5
+	{
+		idx := Mod(Totp, size)
+		otp .= dict[idx + 1]
+		Totp /= size
+	}
+	return otp
+}
+
 Totp_Tip(Message)
 {
 	timeout := 10

Lib/Url.ahk

@@ -19,8 +19,12 @@ Url_Get(hWnd, isIE := false)
 
 Url_GetAddressBar(oAcc)
 {
-	if InStr(oAcc.accName(0), "Address")
+	; Firefox + Chromium-based + IE || Min Browser
+	if (oAcc.accRole(0) = 42 && InStr(oAcc.accName(0), "Address"))
+		|| (oAcc.accRole(0) = 15 && oAcc.accName(0) != "Min")
+	{
 		return oAcc
+	}
 	for _,accChild in Acc_Children(oAcc)
 	{
 		oAcc := Url_GetAddressBar(accChild)

README.md

@@ -4,7 +4,7 @@ A script-based, small (~1mb), Open Source Application written in [AutoHotkey][01
 
 It does NOT replace Bitwarden application as entries can't be added/edited. They can run side-by-side but is not required.
 
-<sup>_\* Even for the free version, but please support bitwarden development by buying a Premium subscription._</sup>
+<sup>_\* Even for the free version, but please support Bitwarden development by buying a Premium subscription._</sup>
 
 ## Security
 
@@ -56,11 +56,12 @@ The application attempts to fullfil the applicable Top-10 user requested feature
 - Quick custom PIN and Authenticator codes for unlocking.
 - Universal Window Platform support (Microsoft Store Apps).
 - Browser support: instead of insecure extensions.
-- All the major browsers (plus Internet Explorer) are supported.
+- All the major browsers (plus IE and [Min][06]) are supported.
 - TOTP generation: via Clipboard and/or hotkey and/or placeholder.
+- Steam Guard TOTP support (same as Bitwarden).
 - Strong Password Generator with entropy indicator.
 - Placeholder for smart detection of text input fields.
-- [Two-Channel Auto-Type Obfuscation][06]: global/per-entry.
+- [Two-Channel Auto-Type Obfuscation][07]: global/per-entry.
 
 ## Instructions
 
@@ -142,8 +143,8 @@ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH RE
 [03]: https://keepass.info/help/base/autotype.html "KeePass Auto-type"
 [04]: https://bitwarden.com "Bitwarden"
 [05]: https://github.com/anonymous1184/bitwarden-autotype/wiki "Wiki not written yet"
-[06]: https://keepass.info/help/v2/autotype_obfuscation.html "TCATO: Two-Channel Auto-Type Obfuscation"
-
+[06]: https://minbrowser.org/ "Min: A fast, minimal browser that protects your privacy"
+[07]: https://keepass.info/help/v2/autotype_obfuscation.html "TCATO: Two-Channel Auto-Type Obfuscation"
 [08]: https://github.com/bitwarden/cli "Bitwarden CLI"
 [09]: https://github.com/bitwarden/jslib/blob/master/src/models/view/loginUriView.ts#L9 "loginUriView.ts:9"
 [10]: https://github.com/bitwarden/jslib/blob/master/src/angular/components/icon.component.ts#L80 "icon.component.ts:6"

bw-at.ahk

@@ -111,18 +111,9 @@ Bitwarden_SyncAuto(INI.GENERAL.sync)
 IsLocked := IsLogged := false
 BwStatus := FileOpen("data.json", 0x3).Read()
 BwStatus := BwStatus ? JSON.Load(BwStatus) : {}
-if (BwStatus.accessToken)
-{
-	if (INI.CREDENTIALS["api-key"]
-		&& BwStatus.apikey_clientId && BwStatus.apikey_clientSecret
-		&& BwStatus.apikey_clientId = INI.CREDENTIALS["client-id"]
-		&& BwStatus.apikey_clientSecret = INI.CREDENTIALS["client-secret"])
-	|| (!INI.CREDENTIALS["api-key"]
-		&& BwStatus.userEmail && BwStatus.userEmail = INI.CREDENTIALS.user)
-	{
-		IsLocked := IsLogged := true
-	}
-}
+;          v1.11 to v1.20        ||        v1.21+
+if (StrLen(BwStatus.accessToken) || StrLen(BwStatus.activeUserId))
+	IsLocked := IsLogged := true
 
 if (IsLocked)
 {
@@ -200,9 +191,9 @@ return ; End of auto-execute thread
 ;@Ahk2Exe-SetMainIcon %A_ScriptDir%\assets\bw-at.ico
 ;@Ahk2Exe-SetName Bitwarden Auto-Type
 ;@Ahk2Exe-SetOrigFilename bw-at.ahk
-;@Ahk2Exe-SetProductVersion 1.1.3.1
-;@Ahk2Exe-SetVersion 1.1.3.1
-;@Ahk2Exe-UpdateManifest 0, Auto-Type, 1.1.3.1, 0
+;@Ahk2Exe-SetProductVersion 1.1.4.1
+;@Ahk2Exe-SetVersion 1.1.4.1
+;@Ahk2Exe-UpdateManifest 0, Auto-Type, 1.1.4.1, 0
 ; BinMod
 ;@Ahk2Exe-PostExec "%A_ScriptDir%\assets\BinMod.exe" "%A_WorkFileName%"
 ;@Ahk2Exe-Cont  "2.AutoHotkeyGUI.Auto-Type-GUI"

setup.ahk

@@ -286,9 +286,9 @@ return
 ;@Ahk2Exe-SetMainIcon %A_ScriptDir%\assets\bw-at.ico
 ;@Ahk2Exe-SetName Bitwarden Auto-Type
 ;@Ahk2Exe-SetOrigFilename setup.ahk
-;@Ahk2Exe-SetProductVersion 1.1.3.1
-;@Ahk2Exe-SetVersion 1.1.3.1
-;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.3.1, 0
+;@Ahk2Exe-SetProductVersion 1.1.4.1
+;@Ahk2Exe-SetVersion 1.1.4.1
+;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.4.1, 0
 ; BinMod
 ;@Ahk2Exe-PostExec "%A_ScriptDir%\assets\BinMod.exe" "%A_WorkFileName%"
 ;@Ahk2Exe-Cont  "2.AutoHotkeyGUI.Auto-Type-GUI"

uninstall.ahk

@@ -122,9 +122,9 @@ ExitApp
 ;@Ahk2Exe-SetMainIcon %A_ScriptDir%\assets\uninstall.ico
 ;@Ahk2Exe-SetName Bitwarden Auto-Type
 ;@Ahk2Exe-SetOrigFilename uninstall.ahk
-;@Ahk2Exe-SetProductVersion 1.1.3.1
-;@Ahk2Exe-SetVersion 1.1.3.1
-;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.3.1, 0
+;@Ahk2Exe-SetProductVersion 1.1.4.1
+;@Ahk2Exe-SetVersion 1.1.4.1
+;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.4.1, 0
 ; BinMod
 ;@Ahk2Exe-PostExec "%A_ScriptDir%\assets\BinMod.exe" "%A_WorkFileName%"
 ;@Ahk2Exe-Cont  "22.>AUTOHOTKEY SCRIPT<.$APPLICATION SOURCE"

version

@@ -1 +1 @@
-1.1.3.1
+1.1.4.1