diff --git a/native/install.sh b/native/install.sh index c27ffe4..11071f9 100755 --- a/native/install.sh +++ b/native/install.sh @@ -8,17 +8,17 @@ BIN_DIR="$HOME/.local/bin" TARGET_HOST_PATH="$BIN_DIR/webauthnlinux_host.py" MANIFEST_PATH="$SCRIPT_DIR/webauthnlinux_host.json" -# Default values FIREFOX_ID="webauthnlinux@samveen.github.io" CHROME_ID="" DO_FIREFOX=false DO_CHROME=false +DO_FLATPAK=false usage() { echo "Usage: $0 [options]" echo "" echo "Options:" - echo " --firefox Install for Firefox" + echo " --firefox Install for Firefox (XDG + legacy + Flatpak)" echo " --chrome Install for Chrome/Chromium with the specified Extension ID" echo " --help Show this help message" echo "" @@ -28,10 +28,9 @@ usage() { exit 1 } -# Parse arguments while [[ "$#" -gt 0 ]]; do case $1 in - --firefox) DO_FIREFOX=true ;; + --firefox) DO_FIREFOX=true;; --chrome) CHROME_ID="$2"; DO_CHROME=true; shift ;; --help) usage ;; *) echo "Unknown parameter: $1"; usage ;; @@ -39,10 +38,9 @@ while [[ "$#" -gt 0 ]]; do shift done -# Interactively ask if no flags provided if [ "$DO_FIREFOX" = false ] && [ "$DO_CHROME" = false ]; then echo "No browser targets specified." - read -p "Install for Firefox? (y/n): " resp + read -p "Install for Firefox (native + Flatpak)? (y/n): " resp if [[ "$resp" =~ ^[Yy]$ ]]; then DO_FIREFOX=true; fi read -p "Install for Chrome/Chromium? (y/n): " resp @@ -52,15 +50,15 @@ if [ "$DO_FIREFOX" = false ] && [ "$DO_CHROME" = false ]; then fi fi -[[ "$DO_FIREFOX" == true ]] && [[ "$DO_CHROME" == true ]] && { echo "Only one browser install can be done at a time"; exit 2; } -[[ "$DO_FIREFOX" = false ]] && [[ "$DO_CHROME" = false ]] && { echo "No browsers selected. Exiting."; exit 0; } +[ "$DO_FIREFOX" = false ] && [ "$DO_CHROME" = false ] && { + echo "No browsers selected. Exiting." + exit 0 +} echo "Installing Native Messaging Host for WebAuthnLinux..." -# Install host script to ~/.local/bin install -v -D -m 755 "$SOURCE_HOST_PATH" "$TARGET_HOST_PATH" -# Create Manifest ( cat < "$MANIFEST_PATH" - -# Directories to install to DIRS=() + if [ "$DO_FIREFOX" = true ]; then + DIRS+=("$HOME/.mozilla/native-messaging-hosts") + XDG_CONFIG_HOME="${XDG_CONFIG_HOME:-$HOME/.config}" + DIRS+=("$XDG_CONFIG_HOME/mozilla/native-messaging-hosts") + + DIRS+=("$HOME/.var/app/org.mozilla.firefox/.mozilla/native-messaging-hosts") fi + if [ "$DO_CHROME" = true ]; then DIRS+=("$HOME/.config/google-chrome/NativeMessagingHosts") DIRS+=("$HOME/.config/chromium/NativeMessagingHosts") fi - +# Following open bug https://bugzilla.mozilla.org/show_bug.cgi?id=2005167 firefox does not check the new XDG paths it uses for new installations thus i opted for creation in the previous ~/.mozilla folder instead since that still works. +# I did it using the below for HOST_DIR in "${DIRS[@]}"; do - if [ -d "$(dirname "$HOST_DIR")" ]; then - mkdir -p "$HOST_DIR" - mv -f "$MANIFEST_PATH" "$HOST_DIR/$HOST_NAME.json" - echo "Registered manifest at: $HOST_DIR/$HOST_NAME.json" - else - echo "Skipping non-existent browser config directory: $(dirname "$HOST_DIR")" - fi + mkdir -p "$HOST_DIR" + cp "$MANIFEST_PATH" "$HOST_DIR/$HOST_NAME.json" + echo "Registered manifest at: $HOST_DIR/$HOST_NAME.json" done +rm -f "$MANIFEST_PATH" + echo "Done." diff --git a/native/webauthnlinux_host.py b/native/webauthnlinux_host.py index ba23c5d..80c6190 100755 --- a/native/webauthnlinux_host.py +++ b/native/webauthnlinux_host.py @@ -55,12 +55,9 @@ def verify_fingerprint(): # NOTE: fprintd-verify usually writes to stdout/stderr. # Since we are communicating over stdin/stdout with the browser, # we MUST capture or redirect subprocess IO to avoid corrupting the stream. - result = subprocess.run( - ['fprintd-verify'], - capture_output=True, - text=True - ) + # Small fix here since this only asked for one finger, the initially enrolled one instead on any since the user might have multiple enrolled ones + result = subprocess.run(['fprintd-verify', '-f', 'any'], capture_output=True, text=True) # Check for success string usually present in fprintd output if result.returncode == 0 and ("verify-match" in result.stdout or "verify-match" in result.stderr): return True, "Verified"