diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 7541956..44740c1 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -8,6 +8,15 @@ YYYY/MM/DD - MAJOR.MINOR.RELEASE
[!] = Fix / Security
+2022/02/11 - 1.1.4
+——————————————————
+[!] TOTP secret with spaces
+[!] Proper Steam Guard codes
+[+] Added support for Min Browser
+[+] Added support for Bitwarden CLI v1.21
+[=] Bitwarden CLI version >= 1.11.0
+
+
2021/11/08 - 1.1.3
——————————————————
[!] TOTP generation for other than otpauth Key Uri
diff --git a/Lib/Alert.ahk b/Lib/Alert.ahk
index 929822f..b34e9f4 100644
--- a/Lib/Alert.ahk
+++ b/Lib/Alert.ahk
@@ -14,7 +14,7 @@ Alert(Parameters*)
Alert_Labels(ButtonList*)
{
static fObject := ""
- , pid := DllCall("GetCurrentProcessId")
+ , pid := DllCall("Kernel32\GetCurrentProcessId")
if !IsObject(fObject)
{
@@ -25,11 +25,11 @@ Alert_Labels(ButtonList*)
if !WinExist("ahk_pid" pid " ahk_class#32770")
return
+ fObject := ""
SetTimer ,, Delete
for i,lbl in ButtonList
{
if StrLen(lbl)
ControlSetText % "Button" i, % lbl
}
- fObject := ""
}
diff --git a/Lib/Bind.ahk b/Lib/Bind.ahk
index f9291f9..45de517 100644
--- a/Lib/Bind.ahk
+++ b/Lib/Bind.ahk
@@ -14,7 +14,7 @@ Bind()
Bind_To(Field, Key)
{
static fObjects := {}, keys := {}
- , pid := DllCall("GetCurrentProcessId")
+ , pid := DllCall("Kernel32\GetCurrentProcessId")
Hotkey IfWinNotActive, % "ahk_pid" pid
if (!Field && !Key)
diff --git a/Lib/Epoch.ahk b/Lib/Epoch.ahk
index 27d669e..76bd159 100644
--- a/Lib/Epoch.ahk
+++ b/Lib/Epoch.ahk
@@ -1,7 +1,7 @@
Epoch(Timestamp := "")
{
- epoch := (Timestamp ? Timestamp : A_NowUTC)
+ epoch := Timestamp ? Timestamp : A_NowUTC
epoch -= 19700101000000, Seconds
return epoch
}
diff --git a/Lib/Favicons.ahk b/Lib/Favicons.ahk
index 4fccf54..eaf03f4 100644
--- a/Lib/Favicons.ahk
+++ b/Lib/Favicons.ahk
@@ -1,9 +1,9 @@
Favicons()
{
-/* UrlDownloadToFile is way too primitive thus file
-download rely on cURL, shipped with W10 from builds
-1803 onwards (April 2018), check for availability.
+ /* UrlDownloadToFile is way too primitive thus file
+ download rely on cURL, shipped with W10 from builds
+ 1803 onwards (April 2018), check for availability.
*/
GetStdStream("curl --version")
if (ErrorLevel)
diff --git a/Lib/JSON.ahk b/Lib/JSON.ahk
index 271c5e2..7e8944b 100644
--- a/Lib/JSON.ahk
+++ b/Lib/JSON.ahk
@@ -47,7 +47,6 @@ class JSON
_init()
{
- qpc()
if (this.lib)
return
this.lib := this._LoadLib()
@@ -62,7 +61,6 @@ class JSON
this.fnCastString := Func("Format").Bind("{}")
NumPut(&this.fnCastString, this.lib.fnCastString, "UPtr")
- return qpc()
}
_LoadLib() {
diff --git a/Lib/Login.ahk b/Lib/Login.ahk
index 112f041..a9a9251 100644
--- a/Lib/Login.ahk
+++ b/Lib/Login.ahk
@@ -192,7 +192,7 @@ Login_Toggle(ShowTip := true)
ALert(0x10, out)
Exit
}
- else if (FileOpen("data.json", 0).Length < 512)
+ else if (FileOpen("data.json", 0).Length < 1024)
{
Alert(0x10, "The server is misidentifying the application with a bot.`n`nLogin via Personal API Key is required to circumvent the issue.")
Reload
diff --git a/Lib/Match.ahk b/Lib/Match.ahk
index c9923a3..a35a6e4 100644
--- a/Lib/Match.ahk
+++ b/Lib/Match.ahk
@@ -104,7 +104,7 @@ Match_ByUrl(Url, Entry)
Match_ParseUrl(hWnd, Exe)
{
- if !(Exe ~= "i)chrome|msedge|firefox|iexplore|opera")
+ if !(Exe ~= "i)chrome|msedge|firefox|iexplore|opera|min")
return
Url := Url_Get(hWnd, InStr(Exe, "ie"))
if (url)
diff --git a/Lib/Totp.ahk b/Lib/Totp.ahk
index d6bf35f..acb7e5e 100644
--- a/Lib/Totp.ahk
+++ b/Lib/Totp.ahk
@@ -41,25 +41,22 @@ Totp_ClipboardReset(Period)
Totp_Parse(String, Mode)
{
- RegExMatch(String, "algorithm=\K\w+", algorithm)
+ RegExMatch(String, "i)algorithm=\K\w+", algorithm)
if !(algorithm ~= "i)(SHA1|SHA256|SHA512)")
algorithm := "SHA1"
- RegExMatch(String, "digits=\K\d+", digits)
- digits := digits ? digits : 6
- RegExMatch(String, "period=\K\d+", period)
+ if RegExMatch(String, "i)digits=\K\d+", digits)
+ digits := Max(1, Min(10, digits))
+ else
+ digits := 6
+ RegExMatch(String, "i)period=\K\d+", period)
period := period ? period : 30
- secret := String
- if (InStr(String, "otpauth://totp") = 1)
- {
- if !RegExMatch(String, "secret=\K\w+", secret)
- secret := String
- }
- else if (InStr(String, "steam://") = 1)
- {
- digits := 5
- secret := SubStr(String, 9)
- }
+ if RegExMatch(String, "i)^steam:\/\/\K.+", secret)
+ digits := 0
+ else if !RegExMatch(String, "i)secret=\K\w+", secret)
+ secret := StrReplace(String, " ")
totp := Totp(secret, digits, period, algorithm)
+ if (digits = 0)
+ totp := Totp_Steam(totp)
if (Mode = "default")
{
if (INI.GENERAL.totp)
@@ -70,6 +67,20 @@ Totp_Parse(String, Mode)
return totp
}
+Totp_Steam(Totp)
+{
+ otp := ""
+ dict := StrSplit("23456789BCDFGHJKMNPQRTVWXY")
+ size := dict.Count()
+ loop 5
+ {
+ idx := Mod(Totp, size)
+ otp .= dict[idx + 1]
+ Totp /= size
+ }
+ return otp
+}
+
Totp_Tip(Message)
{
timeout := 10
diff --git a/Lib/Url.ahk b/Lib/Url.ahk
index 62a7013..d18e9ff 100644
--- a/Lib/Url.ahk
+++ b/Lib/Url.ahk
@@ -19,8 +19,12 @@ Url_Get(hWnd, isIE := false)
Url_GetAddressBar(oAcc)
{
- if InStr(oAcc.accName(0), "Address")
+ ; Firefox + Chromium-based + IE || Min Browser
+ if (oAcc.accRole(0) = 42 && InStr(oAcc.accName(0), "Address"))
+ || (oAcc.accRole(0) = 15 && oAcc.accName(0) != "Min")
+ {
return oAcc
+ }
for _,accChild in Acc_Children(oAcc)
{
oAcc := Url_GetAddressBar(accChild)
diff --git a/README.md b/README.md
index d80e26e..23850bc 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ A script-based, small (~1mb), Open Source Application written in [AutoHotkey][01
It does NOT replace Bitwarden application as entries can't be added/edited. They can run side-by-side but is not required.
-_\* Even for the free version, but please support bitwarden development by buying a Premium subscription._
+_\* Even for the free version, but please support Bitwarden development by buying a Premium subscription._
## Security
@@ -56,11 +56,12 @@ The application attempts to fullfil the applicable Top-10 user requested feature
- Quick custom PIN and Authenticator codes for unlocking.
- Universal Window Platform support (Microsoft Store Apps).
- Browser support: instead of insecure extensions.
-- All the major browsers (plus Internet Explorer) are supported.
+- All the major browsers (plus IE and [Min][06]) are supported.
- TOTP generation: via Clipboard and/or hotkey and/or placeholder.
+- Steam Guard TOTP support (same as Bitwarden).
- Strong Password Generator with entropy indicator.
- Placeholder for smart detection of text input fields.
-- [Two-Channel Auto-Type Obfuscation][06]: global/per-entry.
+- [Two-Channel Auto-Type Obfuscation][07]: global/per-entry.
## Instructions
@@ -142,8 +143,8 @@ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH RE
[03]: https://keepass.info/help/base/autotype.html "KeePass Auto-type"
[04]: https://bitwarden.com "Bitwarden"
[05]: https://github.com/anonymous1184/bitwarden-autotype/wiki "Wiki not written yet"
-[06]: https://keepass.info/help/v2/autotype_obfuscation.html "TCATO: Two-Channel Auto-Type Obfuscation"
-
+[06]: https://minbrowser.org/ "Min: A fast, minimal browser that protects your privacy"
+[07]: https://keepass.info/help/v2/autotype_obfuscation.html "TCATO: Two-Channel Auto-Type Obfuscation"
[08]: https://github.com/bitwarden/cli "Bitwarden CLI"
[09]: https://github.com/bitwarden/jslib/blob/master/src/models/view/loginUriView.ts#L9 "loginUriView.ts:9"
[10]: https://github.com/bitwarden/jslib/blob/master/src/angular/components/icon.component.ts#L80 "icon.component.ts:6"
diff --git a/bw-at.ahk b/bw-at.ahk
index da67a98..d773383 100644
--- a/bw-at.ahk
+++ b/bw-at.ahk
@@ -111,18 +111,9 @@ Bitwarden_SyncAuto(INI.GENERAL.sync)
IsLocked := IsLogged := false
BwStatus := FileOpen("data.json", 0x3).Read()
BwStatus := BwStatus ? JSON.Load(BwStatus) : {}
-if (BwStatus.accessToken)
-{
- if (INI.CREDENTIALS["api-key"]
- && BwStatus.apikey_clientId && BwStatus.apikey_clientSecret
- && BwStatus.apikey_clientId = INI.CREDENTIALS["client-id"]
- && BwStatus.apikey_clientSecret = INI.CREDENTIALS["client-secret"])
- || (!INI.CREDENTIALS["api-key"]
- && BwStatus.userEmail && BwStatus.userEmail = INI.CREDENTIALS.user)
- {
- IsLocked := IsLogged := true
- }
-}
+; v1.11 to v1.20 || v1.21+
+if (StrLen(BwStatus.accessToken) || StrLen(BwStatus.activeUserId))
+ IsLocked := IsLogged := true
if (IsLocked)
{
@@ -200,9 +191,9 @@ return ; End of auto-execute thread
;@Ahk2Exe-SetMainIcon %A_ScriptDir%\assets\bw-at.ico
;@Ahk2Exe-SetName Bitwarden Auto-Type
;@Ahk2Exe-SetOrigFilename bw-at.ahk
-;@Ahk2Exe-SetProductVersion 1.1.3.1
-;@Ahk2Exe-SetVersion 1.1.3.1
-;@Ahk2Exe-UpdateManifest 0, Auto-Type, 1.1.3.1, 0
+;@Ahk2Exe-SetProductVersion 1.1.4.1
+;@Ahk2Exe-SetVersion 1.1.4.1
+;@Ahk2Exe-UpdateManifest 0, Auto-Type, 1.1.4.1, 0
; BinMod
;@Ahk2Exe-PostExec "%A_ScriptDir%\assets\BinMod.exe" "%A_WorkFileName%"
;@Ahk2Exe-Cont "2.AutoHotkeyGUI.Auto-Type-GUI"
diff --git a/setup.ahk b/setup.ahk
index 9275531..f764097 100644
--- a/setup.ahk
+++ b/setup.ahk
@@ -286,9 +286,9 @@ return
;@Ahk2Exe-SetMainIcon %A_ScriptDir%\assets\bw-at.ico
;@Ahk2Exe-SetName Bitwarden Auto-Type
;@Ahk2Exe-SetOrigFilename setup.ahk
-;@Ahk2Exe-SetProductVersion 1.1.3.1
-;@Ahk2Exe-SetVersion 1.1.3.1
-;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.3.1, 0
+;@Ahk2Exe-SetProductVersion 1.1.4.1
+;@Ahk2Exe-SetVersion 1.1.4.1
+;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.4.1, 0
; BinMod
;@Ahk2Exe-PostExec "%A_ScriptDir%\assets\BinMod.exe" "%A_WorkFileName%"
;@Ahk2Exe-Cont "2.AutoHotkeyGUI.Auto-Type-GUI"
diff --git a/uninstall.ahk b/uninstall.ahk
index 59a9a25..20ec3b8 100644
--- a/uninstall.ahk
+++ b/uninstall.ahk
@@ -122,9 +122,9 @@ ExitApp
;@Ahk2Exe-SetMainIcon %A_ScriptDir%\assets\uninstall.ico
;@Ahk2Exe-SetName Bitwarden Auto-Type
;@Ahk2Exe-SetOrigFilename uninstall.ahk
-;@Ahk2Exe-SetProductVersion 1.1.3.1
-;@Ahk2Exe-SetVersion 1.1.3.1
-;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.3.1, 0
+;@Ahk2Exe-SetProductVersion 1.1.4.1
+;@Ahk2Exe-SetVersion 1.1.4.1
+;@Ahk2Exe-UpdateManifest 1, Auto-Type, 1.1.4.1, 0
; BinMod
;@Ahk2Exe-PostExec "%A_ScriptDir%\assets\BinMod.exe" "%A_WorkFileName%"
;@Ahk2Exe-Cont "22.>AUTOHOTKEY SCRIPT<.$APPLICATION SOURCE"
diff --git a/version b/version
index ab60e4b..a97c6a9 100644
--- a/version
+++ b/version
@@ -1 +1 @@
-1.1.3.1
\ No newline at end of file
+1.1.4.1
\ No newline at end of file