1Password dynamic script doesn't support OTP about toolbox HOT 13 CLOSED

@rfoust

Here's the first Beta version with support for MFA-enabled 1Password accounts:

1Password (Python) 1.1.0 BETA 1.rdfe.zip

Here's how to add the Dynamic Folder to one of your documents:

• Extract the zip file
• In Royal TSX select a folder or document where you want the Dynamic Folder to be imported to
• Go to File - Import - Dynamic Folder
• Click Browse…
• Select the extracted .rdfe file (1Password (Python) 1.1.0 BETA 1.rdfe)
• When the properties of the Dynamic Folder open, configure your 1Password account details like previously in the Custom Properties section

Please note that you will have to install the pexpect Python package if you're using macOS or the wexpect package on Windows for this to work.

When you refresh the dynamic folder you should get prompted for your MFA code in a dialog like this:

Feedback is obviously very welcome! 😉

from toolbox.

I'm happy to report that we just published version 2.0.0 of the 1Password dynamic folder sample and it's now available to import through the in-app Dynamic Folder gallery.

Change Log

Improvements:

• Support for two-factor authentication
• Support for private key files (new type in 1Password 8)

Bugfixes:

• Improved error handling

Dependency changes:

• pexpect is now required on macOS (can be installed using pip)
• wexpect is now required on Windows (can be installed using pip)

from toolbox.

@rfoust Thx for the bug report. We just fixed this and the issue should be resolved in the next version.

from toolbox.

@rfoust We're currently working on Multi-Factor-Authentication support for the 1Password Dynamic Folder script.
Would you be interested in testing a beta version of the script?

from toolbox.

@lemonmojo Absolutely! Let me know how to get it. Thanks!

from toolbox.

Took me a sec to figure out how to install pexpect, but this worked (on mac) from a shell prompt: "python3 -m pip install pexpect"

Otherwise I had no problems getting it to work, OTP worked fine. I'll post back here if I run into any problems. Thanks!

from toolbox.

@rfoust Great to hear it's working for you!

from toolbox.

@rfoust Here's a new beta version with a couple of improvements and fixes. Could you please give this new version a try and let me know if everything still works as expected for you? Thx!

1Password (Python) 2.0.0 BETA 5.rdfe.zip

from toolbox.

So far 2.0 beta 5 is working fine. Just a few comments:

• The default text for "Email Address" under custom properties is "TODO". Might want to change that to something like "<Insert valid 1Password login email address here>" (or whatever)
• When the OTP popup appears, it would be helpful to have the dialog box show the email address (login) of the account that is requesting the OTP. Since I have multiple 1Password accounts, that would make it clear which one is asking for it.
• Having an upgrade/replace option for the dynamic folder script import would be nice, otherwise I have to create a new dynamic folder, and then all of the references to passwords in those folders will be broken since they're pointing to the old dynamic folder. This would make future updates a lot easier.

Hope this helps!

-Robbie

from toolbox.

Hey @rfoust! Thx for the feedback.

Here's a new version which includes the email address in the MFA prompt:
1Password (Python) 2.0.0 BETA 6.rdfe.zip

Regarding your other points:

• The default text for fields to be filled by the user is always "TODO". That happens automatically when exporting Dynamic Folders with "Anonymize Custom Properties" enabled. For now we will keep it like that because it's consistent in all dynamic folder samples in our repository.
• Regarding upgrading dynamic folders: That's something we will look into in the next major version of Royal TS/X. We're aware that there's room for improvement in that area but making a smooth update experience requires a couple of major changes to the way we handle dynamic folder exports/imports.

Cheers,
Felix

from toolbox.

Ran into a weird issue when testing this, even though it's not directly related to OTP, figured I'd mention it. When I imported the new script in a new dynamic folder, I then deleted the older versions of the dynamic folders that I had been using. After deleting the old ones, I was unable to save the rtsz document, I got the following error:

I was able to fix it by editing the 2 rdp session credentials to point to the new dynamic folder location, and then I was able to save the document. Not sure what was preventing it from saving, but fixing the problem there might be the best solution, since if the credential source disappears, it just shows up as "unknown credential".

from toolbox.

@rfoust hmm weird. A credential going "missing" has no impact on saving the document as the two are basically not tied to each other apart from us storing the ID of the referenced object. So this error certainly has nothing to do with any missing credentials, it must be something else that triggers it.

Can you reproduce this? If so, I'd like to know how exactly to trigger it.

Regarding ensuring that your assigned credentials keep working even after removing the dynamic folder and re-adding it: For this case it makes the most sense to assign credentials by using the "Specify a credential name" mode instead of "Use an existing credential". That way, the credential will be resolved by its name instead of the ID and keeps working even if the source of the credential changes.

from toolbox.

Did some more testing, it seems to just be the act of deleting the dynamic folder and then immediately trying to save the document that results in the error. Doesn't have anything to do with referencing credentials in it.

If I wait another 10 seconds or so, the save works fine. I wonder if there's a background task that is deleting all of the credentials in the folder that hasn't completed yet when I'm trying to save (just guessing)? If I create a 1password dynamic folder and don't actually do a refresh (so that the folder remains empty), and then delete the folder, the error doesn't occur.

from toolbox.