Documentation ¶
Overview ¶
Package lastpass implements a LastPass client.
Index ¶
- Constants
- func NewContextWithLogger(ctx context.Context, logger Logger) context.Context
- type Account
- type AccountNotFoundError
- type AuthenticationError
- type Client
- func (c *Client) Accounts(ctx context.Context) ([]*Account, error)
- func (c *Client) Add(ctx context.Context, account *Account) error
- func (c *Client) Delete(ctx context.Context, account *Account) error
- func (c *Client) Logout(ctx context.Context) error
- func (c *Client) Update(ctx context.Context, account *Account) error
- type ClientOption
- type Logger
Examples ¶
Constants ¶
const ( EndpointLogin = "/login.php" EndpointTrust = "/trust.php" EndpointLoginCheck = "/login_check.php" EndpointGetAccts = "/getaccts.php" EndpointShowWebsite = "/show_website.php" EndpointLogout = "/logout.php" )
LastPass API endpoints used by this client.
const (
MaxLoginRetries = 7
)
MaxLoginRetries determines the maximum number of login retries if the login fails with cause "outofbandrequired". This increases the user's time to approve the out-of-band (2nd) factor (e.g. approving a push notification sent to their mobile phone).
Variables ¶
This section is empty.
Functions ¶
func NewContextWithLogger ¶
NewContextWithLogger returns a new context with logging enabled.
Example ¶
NewContextWithLogger logs only for a specific method (request scope). In the following example, it emits logs for only the NewClient method.
logger := log.New(os.Stderr, "lastpass: ", log.LstdFlags) _, _ = lastpass.NewClient( lastpass.NewContextWithLogger(context.Background(), logger), "user name", "master password")
Output:
Types ¶
type Account ¶
type Account struct { ID string Name string Username string Password string URL string Group string // Shared folder name. // If non-empty, it must have prefix "Shared-". // Empty means this Account is not in a shared folder. Notes string // Timestamp in seconds (set by LastPass servers). LastModifiedGMT string LastTouch string }
Account represents a LastPass item. An item can be a password, payment card, bank account, etc., or a custom item type.
type AccountNotFoundError ¶
type AccountNotFoundError struct { // account ID that does not exist ID string }
AccountNotFoundError indicates that no account with AccountNotFoundError.ID exists on LastPass.
func (*AccountNotFoundError) Error ¶
func (e *AccountNotFoundError) Error() string
type AuthenticationError ¶
type AuthenticationError struct {
// contains filtered or unexported fields
}
AuthenticationError indicates that the Client is not logged in.
func (*AuthenticationError) Error ¶
func (e *AuthenticationError) Error() string
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client represents a LastPass client. A Client can be logged in to a single account at a given time.
func NewClient ¶
func NewClient(ctx context.Context, username, masterPassword string, opts ...ClientOption) (*Client, error)
NewClient authenticates with the LastPass servers.
The following authentication schemes are supported: single-factor authentication via master password, two-factor authentication via out-of-band mechanism (e.g. LastPass Authenticator Push Notification, Duo Security Push Notification), and two-factor authentication via one-time password (e.g. one-time verification code of LastPass Authenticator, Google Authenticator, Microsoft Authenticator, YubiKey, Transakt, Duo Security, or Sesame)
If authentication fails, an *AuthenticationError is returned.
Example (OneTimePasswordAuthentication) ¶
Login with two-factor authentication: 1st factor is master passord, 2nd factor is one-time password (e.g. one-time verification code of LastPass Authenticator, Google Authenticator, Microsoft Authenticator, YubiKey, Transakt, Duo Security, or Sesame).
If an invalid user name, master password, or one-time password is supplied, NewClient returns an error of type *AuthenticationError.
_, _ = lastpass.NewClient(context.Background(), "user name", "master password", lastpass.WithOneTimePassword("123456"), )
Output:
Example (OutOfBandAuthentication) ¶
Login with two-factor authentication: 1st factor is master passord, 2nd factor is out-of-band mechanism (e.g. LastPass Authenticator Push Notification or Duo Security Push Notification).
Below code is the same as the login without two-factor authentication. Once the NewClient function got invoked, the user has around 90 seconds to accept the out-of-band mechanism (e.g. by selecting "Approve" in the LastPass Authenticator or Duo Security app.)
If the user does not accept the out-of-band mechanism within the 90 seconds, NewClient returns an error of type *AuthenticationError.
_, _ = lastpass.NewClient(context.Background(), "user name", "master password")
Output:
Example (PasswordBasedAuthentication) ¶
Login with master password (without two-factor authentication).
If an invalid user name or master password is supplied, NewClient returns an error of type *AuthenticationError.
_, _ = lastpass.NewClient(context.Background(), "user name", "master password")
Output:
Example (Trust) ¶
Login with two-factor authentication and trust:
The WithTrust option will cause subsequent logins to not require multifactor authentication. It will create a trust label with the format `<hostname> <operating system name> lastpass-go` which will show up in the LastPass Web Browser Extension under Account Settings => Trusted Devices.
// On first login, the 2nd factor must be provided. _, _ = lastpass.NewClient(context.Background(), "user name", "master password", lastpass.WithOneTimePassword("123456"), lastpass.WithTrust(), ) // Thereafter, within the next 30 days, the 2nd factor can be omitted. // (If you want to disable the default limit of 30 days, in the LastPass Web Browser Extension select the checkbox // Account Settings => General => Show Advanced Settings => Don't end trust period after 30 days.) _, _ = lastpass.NewClient(context.Background(), "user name", "master password")
Output:
func (*Client) Accounts ¶
Accounts lists all LastPass accounts.
If Client is not logged in, an *AuthenticationError is returned.
func (*Client) Add ¶
Add adds the account to LastPass. Since LastPass generates a new account ID, account.ID is ignored. When this method returns (without an error), account.ID is set to the newly generated account ID. If Client is not logged in, an *AuthenticationError is returned. To add an account to a shared folder, account.Share must be prefixed with "Shared-".
func (*Client) Delete ¶
Delete deletes the LastPass Account with the given account.ID. If account.ID does not exist in LastPass, an *AccountNotFoundError is returned. If Client is not logged in, an *AuthenticationError is returned. If Client is not logged in, an *AuthenticationError is returned.
All Account fields other than account.ID and account.Share are ignored.
func (*Client) Update ¶
Update updates the account with the given account.ID. If account.ID does not exist in LastPass, an *AccountNotFoundError is returned. If Client is not logged in, an *AuthenticationError is returned.
Updating an account within a shared folder is supported unless field account.Share itself is modified: To move an account to / from a shared folder, use Delete() and Add() functions instead.
type ClientOption ¶
type ClientOption func(c *Client)
ClientOption is the type of constructor options for NewClient(...).
func WithBaseURL ¶
func WithBaseURL(baseURL string) ClientOption
WithBaseURL overwrites the Client's default base URL https://lastpass.com/. This function is used for unit testing.
func WithConfigDir ¶
func WithConfigDir(path string) ClientOption
WithConfigDir sets the path of this library's cofiguration directory to persist user specific configuration. If this option is not specified, the configuration directory defaults to <default-config-root-directory>/lastpass-go where <default-config-root-directory> is the path returned by method UserConfigDir, see https://golang.org/pkg/os/#UserConfigDir. The only user specific configuration currently supported by this library is a file called `trusted_id`.
func WithLogger ¶
func WithLogger(logger Logger) ClientOption
WithLogger enables logging.
Example ¶
WithLogger enables logging for all methods on lastpass.Client.
logger := log.New(os.Stderr, "lastpass: ", log.LstdFlags) _, _ = lastpass.NewClient(context.Background(), "user name", "master password", lastpass.WithLogger(logger))
Output:
func WithOneTimePassword ¶
func WithOneTimePassword(oneTimePassword string) ClientOption
WithOneTimePassword enables two-factor authentication with a one-time password as the second factor. For an example how to use this function see https://godoc.org/github.com/veloceapps/lastpass-go#example-NewClient--OneTimePasswordAuthentication.
func WithTrust ¶
func WithTrust() ClientOption
WithTrust will cause subsequent logins to not require multifactor authentication. It behaves like the `lpass login --trust` option of the LastPass CLI. If not already present, it will create a file `trusted_id` with a random trust ID in the configuration directory set by WithConfigDir. It will create a trust label with the format `<hostname> <operating system name> lastpass-go` which will show up in the LastPass Web Browser Extension under Account Settings => Trusted Devices.
Directories ¶
Path | Synopsis |
---|---|
examples
|
|
create_read_update_delete
Example showing how to create, read, update, delete accounts.
|
Example showing how to create, read, update, delete accounts. |
logging
Example showing how to log HTTP requests
|
Example showing how to log HTTP requests |
trust
Example showing the trust feature which allows to skip multifactor authentication in subsequent logins.
|
Example showing the trust feature which allows to skip multifactor authentication in subsequent logins. |
test
|
|