extensions icon indicating copy to clipboard operation
extensions copied to clipboard

Published 20 hours ago verified publisher icon raycast

Add apple-passwords extension

Open bendews opened this issue 1 year ago • 9 comments

Description

Uses the apw command line tool to facilitate retrieving and and copying Apple Password entries, based on either the currently open webpage or a root domain entered by the user.

Screencast

https://github.com/user-attachments/assets/867d5bdc-80af-43b0-ad0f-0f67f1c97b6f

Checklist

bendews avatar Oct 01 '24 05:10 bendews

Congratulations on your new Raycast extension! :rocket:

Due to our current reduced availability, the initial review may take up to 10-15 business days.

Once the PR is approved and merged, the extension will be available on our Store.

raycastbot avatar Oct 01 '24 05:10 raycastbot

This extension is very sensitive. I don't believe it's secure to recommend that people install the CLI from a Homebrew tap. If the CLI code isn't embedded, no one will review it. It's not even an NPM package.

xilopaint avatar Oct 07 '24 13:10 xilopaint

Hey @xilopaint, this is probably more suited to a discussion on the apw tool repo itself so please feel free to open an issue there. I do agree RE: installing from a homebrew tap. I'm working on getting it in to homebrew core but don't have enough github stars yet 😄 Worth noting that the tool uses the underlying password helper extension in MacOS which is designed for almost this exact purpose - it is to allow browser extensions to retrieve passwords in a safe way without requiring the extension to handle sensitive operations such as biometrics, login/root passwords or interacting with the underlying AuthD subsystem. This allows it to run completely in user space with no privileged access. Regarding publishing on NPM - I can't really see what sort of benefit that would provide, it has not been designed to be consumed as a class or library only as a CLI helper similar to op for 1Password.

bendews avatar Oct 07 '24 23:10 bendews

Hi @pernielsentikaer many thanks for taking the time to review & test! In answer to your questions:

  • As mentioned, could this be moved out of tap?
    • Unfortunately due to Homebrew notability requirements the apw project is required to have considerable popularity first (70+ stars, 30+ watchers etc.). I think it will be difficult to get those stars as it is only a foundational tool and the real value comes from what you can build with it. Hence why I'm still putting it up for submission to Raycast, I use this extension thousands of times per week and want to share that value with others. The homebrew tap is via the github integration so the tap information and formula is completely public and is the recommended method for sharing tools that don't meet the notability requirement.
  • I'm getting no results in Apple Passwords command even though I have items
    • This is a limitation of the Passwords helper tool, it doesn't allow you to list items, you have to provide a domain for it to search first. Appreciate any pointers on making this more obvious in the GUI, I did include URL as an optional input to try and make it more clear. If you have a webpage open when you open the command (I have my shortcut set to Cmd+\, same as 1Password) then it will automatically fill the root domain from the active browser and allow you to copy or fill the Username/Password/OTP.
  • Is there a way to use a name instead of (null) when requesting access?
    • I have tried and tried - and tried again 😂 This should be possible but there is no documentation regarding how that string is populated and I have not yet been able to find a way to change it.
  • After entering the code we should maybe poptoroot?
    • Absolutely, will do 👍

bendews avatar Oct 09 '24 07:10 bendews

  1. Makes sense, I think it's fine as is until it's possible
  2. Maybe you should make a <List.EmptyView> showing an error if you use it without an argument? Not sure what the best way is here?
  3. Weird, some day it might work!

Awaiting you update 🙂

pernielsentikaer avatar Oct 10 '24 14:10 pernielsentikaer

This pull request has been automatically marked as stale because it did not have any recent activity.

It will be closed if no further activity occurs in the next 7 days to keep our backlog clean 😊

raycastbot avatar Oct 24 '24 14:10 raycastbot

Still working on this - past couple of weeks have been busy but will put some time aside soon to get this over the line.

bendews avatar Oct 31 '24 08:10 bendews

This pull request has been automatically marked as stale because it did not have any recent activity.

It will be closed if no further activity occurs in the next 7 days to keep our backlog clean 😊

raycastbot avatar Nov 14 '24 09:11 raycastbot

This would be a game changer. Especially if we can set it up with a command shortcut.

SeniorMars avatar Jan 13 '25 01:01 SeniorMars

If the cli was distributed via jsr or npm (I see it's written in ts) would that satisfy the problems with homebrew? I could help update the cli to work with node runtime and publish to a js package registry if you want

cotyhamilton avatar Feb 02 '25 18:02 cotyhamilton

Any update on this? I was looking into building an Apple Passwords extension and came across this thread during my researches.

Another idea I had was to develop a custom Node.js module that interacts with the macOS Keychain using native system calls or the security command-line tool.

raaphhh avatar Mar 11 '25 15:03 raaphhh

This pull request has been automatically marked as stale because it did not have any recent activity.

It will be closed if no further activity occurs in the next 7 days to keep our backlog clean 😊

raycastbot avatar Mar 26 '25 11:03 raycastbot

This pull request has been automatically closed due to inactivity.

Feel free to comment in the thread when you're ready to continue working on it 🙂

You can also catch us in Slack if you want to discuss this.

raycastbot avatar Apr 02 '25 11:04 raycastbot