Jump to content

Fabian Näf

Members
  • Posts

    205
  • Joined

  • Last visited

  • Days Won

    11

Everything posted by Fabian Näf

  1. +1 for OTP I think the whole extension would deserve an upgrade, as it's quite buggy sometimes (at least with Firefox). The bugs have already been reported but never fixed.
  2. Hi buddies, A while a go a created the following feature request for Passwordstate 8. This topic is related to this feature request and to the issue I'm facing explained in the feature request. The main problem I'm facing is, that the Passwordstate extension (mainly used with Firefox) keeps me asking to save credentials whenever there's a random password field somewhere on a website. Mostly it's the field for two factor authentication or when I'm using e.g. a user management with a random password field somewhere on the wesite. When changing to the next webpage the Passwordstate extension will ask me to save this "credentials" ("Add Site to Passwordstate?"). Just that there's a HTML passwod field somewhere on the page seams to trigger this popup. As I've already saved my credentials, I don't want to save any more credentials. The Passwordstate extensions always shows me three options: "Later" -> I'll get the same message again next time "Never" -> This helps, but it also will stop the extension from filling the form for other credentials, not what I'm looking for. "Save" -> Not what I'm looking for, as the credential is just some random data and not a real credential. This time around I try to log this issue as a question in the general support forum, rather then directly coming up with a feature request and a proposed solution. What kind of action do you guys see that I could do to get rid of this annoying popup all the time ("Add Site to Passwordstate?")? Best regards, Fabian
  3. Hi Habskilla To create the REST JSON Body I always go for the following approach: First create a PowerShell object and convert it then to a JSON-String. The big advantage of that is, that you don't have to care about any special characters, escaping and stuff like that. $Body = @{ FolderName = $Name Description = $Description NestUnderFolderID = $ParentFolderID APIKey = $global:PasswordStateSystemWideAPIKey } $jsonBody = $Body | ConvertTo-Json $PasswordstateURLFull = "$($global:PasswordstateURL)/api/folders" $result = Invoke-Restmethod -Method POST -Uri $PasswordstateURLFull -ContentType "application/json; charset=utf-8" -Body $jsonBody The response I get is then stored in $result and can be accessed directly: $output = $result.FolderID If you have the answer as a string you also could use for the following approach: $responseObject = $responseJsonString | ConvertFrom-Json If you take a look the KeePassImport-Script you'll find some more examples. All the best, Fabian
  4. +1 for a recycle bin for password lists (to push this feature request )
  5. You can also save your credentials in a variable ($credVariabke = Get-Credentials) and pass this to the Invoke-Rest Powershell command. So I assume, there could be a way. I also can imagine, that you could pass your credential to a REST-call header from another system (e.g. bash script) to authenticate, but I'm not familiar with bash scripts.
  6. Ohh, I just realized, that I've overseen your "by the way"! Sounds very very interesting to me!! I know, that other people already asked for a funktion to upload the attachments as well. Could you post your updated version in this thread? Grüsse zurück nach München :-) Fabian
  7. +1 Reason: Sometimes the extension fills other fields which are not my logon fields. E.g. I work with a ServiceNow which is running in the browser. There are loads of fields and if a field accidentaly matches the id, it get filled, which can lead to problems when I submit the form then (data get changed unintended). My current workaround: specify in the URL field in Passwordstate the path to the logon form of ServiceNow (/logon.do). The extension is then only running on the logon form.
  8. Hi Folke My final solution (workaround) in this case was to update the guide directly in the database, below some snippets from my Powershell script. I have to say, that this is very dangerous and can lead to a corrupt database if you're doing something wrong! So be very careful with this!! $global:PasswordstateSystemWideAPIKey = ''; Import-Module SQLPS -DisableNameChecking Push-Location cd SQLSERVER:\SQL\localhost\DEFAULT\Databases\passwordstate Function UpdateGuideOfPasswordstatePasswordlistOrFolder() { Param ( [Parameter(Mandatory=$True,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$False)] [String]$Id, [Parameter(Mandatory=$False,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$False)] [String]$Guide ) Begin { $Guide = ConvertTextToHtml -text $Guide } Process { $Header = @{ APIKey = $global:PasswordstateSystemWideAPIKey } try { $query = $("UPDATE PasswordLists SET Guide = '" + $Guide + "' WHERE PasswordListID = " + $ID) Invoke-Sqlcmd -Query $query } catch { Write-Host $_ -ForegroundColor Red Write-Host $_.GetType() -ForegroundColor Red Write-Host $_.Exception -ForegroundColor Red throw $_.Exception } } End { Write-Output ($result | Where-Object { $_.TreePath -eq $Tree }).PasswordListID } } Function ConvertTextToHtml() { Param ( [Parameter(Mandatory=$True,ValueFromPipeline=$False,ValueFromPipelinebyPropertyName=$False)] [String]$text ) Begin { } Process { $html = $($text -replace "\n", "<br>") } End { Write-Output $html } } $dummyGuide = @" This Is A Test Guide Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. "@ UpdateGuideOfPasswordstatePasswordlistOrFolder -Id 123456789 -Guide $dummyGuide Pop-Location Best regards, Fabian
  9. Hi pferree Every Paaswordlist has its own recyle bin. You find the recycle bin under "List Administrator Actions..." This option should be available on any Passwortlist in the dropdown menu on the bottom right side. Best regards, Fabian
  10. Hi All Our company just went live with Passwordstate a week a go. We migrated loads of credentials and a big tree structur from our previous password manager solution to Passwordstate. After we went live, we realized, that we forgot to migrate some certain fields from the old password manager solution from the tree (which should be migrated to folder and passwordliste in Passwordstate). Currently Passwordstate has no REST method to modify (or delete) folders or passwordlists. So the only option which left was to inject the missing date directly into the database, which is kind of ugly, even though it went well. Therefore I'd like to raise this feature request for modify and delete REST methods for the win and anonymous REST API. Best regards, Fabian
×
×
  • Create New...