Suggestion Developing a Quicksilver Plugin for 1Password

2»

Comments

  • pjrobertson
    pjrobertson
    Community Member
    edited December 1969
    Aaah lucky them :)

    Thanks for the info Marty. I guess the next release will just have to wait a bit longer...
  • pjrobertson
    pjrobertson
    Community Member
    edited December 1969
    Hi guys,

    Whilst troubleshooting a crash with one user I came across a 'potential' bug in 1Password.
    The 'AgileKeychainLocation' key in the ws.agile.1Password.plist didn't exist for this one user.
    It turned out his keychain resided in ~/Library/Application Support/1Password/1Password.agilekeychain

    Is this the default location? And if so, is the key NOT added to the prefs? If this is the case I can just do a simple if() and write it to the .plist if it doesn't already exists.

    Cheers

    P.S. my previous two or three posts were made during WWDC so if you could read and reply to those as well that'd be great :)
  • MartyS
    MartyS
    Community Member
    edited December 1969
    What you surmised as the default 1Password data file is correct. If the key isn't in the plist and 1Password is working correctly, why would you need to write it there? If the 1Password data file is found in the default location it will properly operate even without the plist entry.
  • pjrobertson
    pjrobertson
    Community Member
    edited December 1969
    Thanks for shedding some light on that Marty.

    I just assumed the key always existed for users, and so if they key didn't exist my app would crash. I can now fix this :)

    Are the rest of the devs still away/working hard on the Safari 5 extension? Once I've got the few things I've mentioned cleared up I'll release a new version of the plugin!
  • MartyS
    MartyS
    Community Member
    edited December 1969
    Are the rest of the devs still away/working hard on the Safari 5 extension? Once I've got the few things I've mentioned cleared up I'll release a new version of the plugin!


    The developers are back from WWDC but we don't know what they're working on. ;)
  • jxpx777
    jxpx777
    1Password Alumni
    edited December 1969
    Looks like the plugin's really taken off since you guys advertised it and it was put on MacUpdate - cheers :D


    Congrats!

    Seeing as my plugin seems to be appearing as 'OnePassword' on lots of software sites (annoying, I know! Happens because you can't start names/classes with numbers of course) I was just wondering what's the name of your classes? Is it OnePassword like mine? Just curious...


    Our classes are prefixed with either OP or AG as appropriate.

    I've just looked back into the idea of using the findUUID key for when 1Password is launched (I'm still using applescript and keystrokes, which isn't that robust) but it seems pretty flakey to me.


    It probably is flakey. The locating of logins when launching from Safari is the same way too. It's more of a nice Easter egg that a lot of folks might not notice and works most of the time. Sort of like the one-click bookmarks that 1P will create as well. They work most of the time and they're nice, but they're not what we would call core features.

    It's definitely working, but it's normally taking about 30 seconds or so for 1Password to actually realise. I've tried 'touch'ing the .plist etc. to try and get 1Password to 'realise' there's been a change but it's not working.

    Also sometimes it doesn't work at all - the findUUID gets removed from the prefs (can see this using defaults read) and nothing happens.


    I'm not sure why this might be happening, but the first thing that comes to mind is to make sure that there is actually an entry with the UUID in question and that it isn't in the trash. (You might also filter out items that are not trashed so you're not crufting up the user's list with stuff they don't want to see.)

    grep -irl trashed `defaults read ws.agile.1Password AgileKeychainLocation`
    

    or for the default location
    grep -irl trashed ~/Library/Application\ Support/1Password/1Password.agilekeychain
    


    will show you the entries that are trashed and you can open them up and see what the key looks like.

    Is the popup that new in 1P3 part of the browser extension? (For editing login items) and does the browser need to be running or is it something I could potentially launch from within QS?


    Yes, the standalone editor is part of the browser extension. This gets really close to scripting though and that's something we don't want to open up. With GUI scripting, it's certainly possible to do this, but that's left as an exercise to the reader and would be even less supported than the stuff you're already doing. :)

    Whilst troubleshooting a crash with one user I came across a 'potential' bug in 1Password.
    The 'AgileKeychainLocation' key in the ws.agile.1Password.plist didn't exist for this one user.
    It turned out his keychain resided in ~/Library/Application Support/1Password/1Password.agilekeychain

    Is this the default location? And if so, is the key NOT added to the prefs? If this is the case I can just do a simple if() and write it to the .plist if it doesn't already exists.


    This is standard Cocoa behavior and WAD. The app registers defaults at launch and if the key is not found, the app knows where to find the default value.
  • pjrobertson
    pjrobertson
    Community Member
    edited June 2011
    Sorry it's taken me a while to reply, been busy setting myself up in Aus :D

    Jamie wrote:

    It probably is flakey. The locating of logins when launching from Safari is the same way too. It's more of a nice Easter egg that a lot of folks might not notice and works most of the time. Sort of like the one-click bookmarks that 1P will create as well. They work most of the time and they're nice, but they're not what we would call core features.


    I guess I'll have to live with the findUUID key being flakey once 1Pwd has already been launched. It works flawlessly if 1Pwd hasn't been launched, so I guess I'll just have to make do with that :)


    Jamie wrote:

    I'm not sure why this might be happening, but the first thing that comes to mind is to make sure that there is actually an entry with the UUID in question and that it isn't in the trash. (You might also filter out items that are not trashed so you're not crufting up the user's list with stuff they don't want to see.)

    grep -irl trashed `defaults read ws.agile.1Password AgileKeychainLocation`
    

    or for the default location
    grep -irl trashed ~/Library/Application\ Support/1Password/1Password.agilekeychain
    


    will show you the entries that are trashed and you can open them up and see what the key looks like.


    I've only been trying the 'defaults write wd.agile.1Password findUUID "UUIDKey"' command (from terminal) with keys that exist.
    I also already sort through the trashed entries for users. They'll never see them in their catalog :)

    Jamie wrote:

    Yes, the standalone editor is part of the browser extension. This gets really close to scripting though and that's something we don't want to open up. With GUI scripting, it's certainly possible to do this, but that's left as an exercise to the reader and would be even less supported than the stuff you're already doing. :)


    I think I'll stray away from any more GUI scripting and opening up the 'edit' box since this could be even more tricky. Maybe we can all hope for a more complete scripting dictionary sometime... :)

    Jamie wrote:

    This is standard Cocoa behavior and WAD. The app registers defaults at launch and if the key is not found, the app knows where to find the default value.


    Okie dokies. I've added a bit of code to check if the key exists, and if not just use the default ~/Library/Application Support/1Password/ directory


    Thanks for the help.
    The only hurdle that I have now is getting the findUUID key to work consistently. Until then, I'll keep using GUI scripting.

    One other thing that could potentially break for some users...
    I'm referencing images in the 1Password.app/Contents/Resources/ folder for the plugin. If the user doesn't have his applications in /Applications/ then it'll break.
    Would it be possible for me to package the images in the plugin's resources folder?

    The images in question are:

    1Password.app/Contents/Resources/logins-icon-128.png
    1Password.app/Contents/Resources/secure-notes-icon-128.png
    1Password.app/Contents/Resources/wallet-icon-128.png

    They just appear in the catalog prefs like below

    sY3jo.jpg

    I can't use:

    [[NSBundle bundleWithIdentifier:@"ws.agile.1Password"] pathForResource:@"logins-icon-128" ofType:@"png"]
    


    (which is what I'm using somewhere else in the code) because it's hard coded into QS and it just looks for paths.


    Thanks again :D

    I'm gonna release a new release now. If I can put the images in the plugin's resource folder or if you get the findUUID key working reliably I'll bash out another update :)
  • Nik
    Nik
    1Password Alumni
    edited December 1969
    Congratulations on the new release, Patrick!
  • pjrobertson
    pjrobertson
    Community Member
    edited December 1969
    Thanks justG,

    I've just released another version since 0.9 had a small bug :(
    I need to start employing beta testers!

    http://github.com/pjrobertson/1Password-Plugin
  • macpug
    macpug
    Community Member
    edited December 1969
    Gratz, Patrick! I'd pretty much given up on QS for LB5 on 3 of my 4 machines, but still have QS on one. I'll have to add this and see what it looks like. :)
    Cheers!
  • Jameson
    Jameson
    Community Member
    Jamie wrote:

    Of course, you would need to make sure that you take appropriate precautions with this so that folks' data does not get left on the clipboard.


    I'm using Quicksilver and 1Password, and I have discovered that if Quicksilver's "Clipboard History" feature is enabled, it tends to defeat 1Password's feature that clears password data from the clipboard after a user-specified amount of time. If the password is still the most recent item in the clipboard history, it will be erased properly, but if other data has been added to the clipboard since, the password is not removed from the list, which could be a security concern.

    I realize this is somewhat an edge case, but it seems like this is the best place to post it. Is there anything that can be done about this?

    Thanks.
  • Hi Jameson,

    Welcome to the forums! :)

    Unfortunately there isn't really much we can do about that. The clipboard is intentionally accessible to all applications on the system (otherwise it wouldn't be very useful, would it?) and as such they can access the information in it at any time.

    Ben
  • Jameson
    Jameson
    Community Member
    bwoodruff wrote:
    The clipboard is intentionally accessible to all applications on the system (otherwise it wouldn't be very useful, would it?)


    Thanks!

    So, if I understand correctly, the issue is that 1Password inserts a password into the clipboard, and later inserts a null value into the clipboard if it finds that the password is still there, but if other applications like Quicksilver have polled the clipboard and cached its contents in their own system in the meantime, 1Password has no way of correcting that. Does I have that right?



    I wonder if Quicksilver's Clipboard History module (which has not been upgraded in ages) could be modified to do a better job of this. If not, I suppose I'll need to make a habit of clicking that "Clear History" button after copying passwords! :)
  • That is exactly correct, Jameson. :)
This discussion has been closed.