Add support for the KeePassNatMsg plugin#93
Add support for the KeePassNatMsg plugin#93Abestanis wants to merge 37 commits intoRoelVB:dev-v1from
Conversation
This was a breaking change for SCSS: https://sass-lang.com/documentation/breaking-changes/css-vars
localStorage is not available in service workers.
It is no longer necessity, Chrome and Edge now set the `Origin` header correctly.
Abestanis
changed the title
|
The pull request in the KeePassNat plugin has now been merged and a new version of the plugin has been released, which includes ChromeKeePass in its list of allowed extension ids. 🎉 |
|
@RoelVB Should I try to rebase this on the |
|
Hey @RoelVB, I hope you are doing good. Since version 2 of the extension has now been officially released, would you be interesting in accepting this MR if I rebased it onto the |
|
Hello! |
|
Hey, I've been using this branch for the past 3 years in Chrome without a problem, it is working very well. But the extension has changed quite a bit so it will take some work to bring this into the current main branch. I am willing to work towards merging it, but I would like to know that it's not going to sit unmerged again for 3 years before I put any more time in this. |
Is it a compiled or an unpacked CRX? Could you share it?
Yes, I understand you. It's a bit strange that @RoelVB hasn't merged your PR so far :( |
Sure, here is the zip: ChromeKeePass-feature-kee_pass_native.zip |
Thank you! However, I was unable to use this extension with KeePass v2.59 and KeePassNatMsg v2.0.17.0. After selecting the "KeePassNatMsg" access method and clicking the "Connect" button, I always receive the message "Something went wrong... did you accept the connection within KeePass?" The "KeePassXC-Browser" chrome extension works without any issues with the same configuration. What am I doing wrong? |
|
Ah, my bad, I forgot a step: Because the browser assigns a random id to the extracted extension, we need to manually edit some files to allow the extension to talk to KeePassNatMsg. To do so, we need to edit all So the files should looks something like this:{
"name": "org.keepassxc.keepassxc_browser",
"description": "KeepassXC integration with Native Messaging support",
"path" : "keepassnatmsg-proxy.exe",
"type": "stdio",
"allowed_origins": [
"chrome-extension://iopaggbpplllidnfmcghoonnokmjoicf/",
"chrome-extension://igehcghedoajofcldolpdbnlfapcoagk/",
"chrome-extension://oboonakemofpalcgghocfoadofidjkkk/",
"chrome-extension://pdffhmdngciaglkoonimfcmckehcpafo/"
]
} |
|
@ArtyoZ In my opinion, the only reason to add support for this it to built OTP support into CKP, but this has a low priority. It's not really recommended to have your OTP in the same database as you username and password, that kind of defeats the purpose of OTP. If we do add support for KeePassNatMsg there's some more things that need to happen. First of all it will have to be implemented in v2. But to do is right I would want an abstraction layer and we need automated tests. |
Let's just compare KeePassHttp plugin and KeePassNatMsg plugin possibilities. 
And, of cause:
I really use and need options 1, 2, 3 marked red on KeePassNatMsg screenshots. Yes, we have KeePassXC-Browser Chrome extension that supports KeePassNatMsg plugin. But your extension works better in some cases. |
|
@ArtyoZ |
This abstraction layer should be added before anything else. It is a refactoring of the existing
Looks like the core logic does not really have to change, it's mainly the configuration interface that will need adapted. As outlined above, this can be done once the abstraction layer and tests for the |
3 participants
This pull request includes changed from #92 and should be merged after it.
This adds support to connect to the KeePass password manage via the
KeePassNatMsgplugin in addition to theKeePassHttpplugin that we already support, which is no longer being actively developed.For this to work, we need the
KeePassNatMsgto add our extension id to the list of allowed extensions in its native messaging configuration files. I created a pull request in their repository with the required changes here: smorks/keepassnatmsg#102For testing this locally edit the
kpnm_chrome.jsonconfiguration file (on Windows, its located at%LocalAppData%\KeePassNatMsg) and add"chrome-extension://<extension id>/",to theallowed_originslist, where<extension id>has to be replaced with the extension id of ChromeKeePass.The user is able to select between the two plugins in the options. It is also possible to change the native messaging app id, this way one could also possibly connect to another plugin that provides the same interface as
KeePassNatMsg. I also took the chance to clean up the association options UI and made the connect button save the current settings, so the users are actually connecting with the settings they see, not the ones that were saved in storage before they edited them:The default in the settings is to connect via the
KeePassHttpplugin, to not break existing configurations. But I thinkKeePassNatMsgshould be the default, sinceKeePassHttpseems to be no longer actively maintained.@RoelVB do you agree with that? In that case, we could add some code that saves the settings when the plugin is loaded, release a version that will save the
KeePassHttpas the selected plugin, and then change the default.I tested that fetching credentials normally and for http basic auth is still working with Chrome and Edge.