added shake to password field

twocanoes · Jun 1, 2023 · d237066 · d237066
1 parent 6271994
commit d237066
Show file tree

Hide file tree

Showing 11 changed files with 342 additions and 115 deletions.
diff --git a/NomadLogin/UI/SignInWindowController.swift b/NomadLogin/UI/SignInWindowController.swift
@@ -400,6 +400,7 @@ class SignInWindowController: NSWindowController, DSQueryable {
         TCSLogWithMark(message ?? "")
         session = nil
         password.stringValue = ""
+        password.shake(self)
 //        alertText.stringValue = message ?? "Authentication Failed"
         loginStartedUI()
     }

diff --git a/Profile Manifest/com.twocanoes.xcreds.plist b/Profile Manifest/com.twocanoes.xcreds.plist
@@ -214,7 +214,7 @@ A profile can consist of payloads with different version numbers. For example, c
 			<key>pfm_default</key>
 			<string>https://login.microsoftonline.com/common/.well-known/openid-configuration</string>
 			<key>pfm_description</key>
-			<string>The discovery URL provided by your OIDC / Cloud provider.</string>
+			<string>The discovery URL provided by your OIDC / Cloud provider. For Google it is typically https://accounts.google.com/.well-known/openid-configuration and for Azure it is typically https://login.microsoftonline.com/common/.well-known/openid-configuration.</string>
 			<key>pfm_documentation_url</key>
 			<string>https://github.com/twocanoes/xcreds/wiki/AdminGuide#discoveryurl</string>
 			<key>pfm_name</key>

diff --git a/Shared/AuthRightsHelper.swift b/Shared/AuthRightsHelper.swift
@@ -0,0 +1,73 @@
+//
+//  AuthRIghtsHelper.swift
+//  XCreds
+//
+//  Created by Timothy Perfitt on 5/31/23.
+//
+
+import Foundation
+
+
+class AuthRightsHelper: NSObject {
+    static func resetRights() ->Bool {
+
+        if AuthorizationDBManager.shared.rightExists(right:"XCredsLoginPlugin:LoginWindow")==true {
+            TCSLogWithMark("replacing XCredsLoginPlugin:LoginWindow with loginwindow:login")
+            if AuthorizationDBManager.shared.replace(right: "XCredsLoginPlugin:LoginWindow", withNewRight: "loginwindow:login") == false {
+                TCSLogErrorWithMark("Error removing XCredsLoginPlugin:LoginWindow. bailing")
+                return false
+
+            }
+        }
+        else if AuthorizationDBManager.shared.rightExists(right: "loginwindow:login")==false {
+            TCSLogErrorWithMark("There was no XCredsLoginPlugin:LoginWindow and no loginwindow:login. Please remove /var/db/auth.db and reboot")
+            return false
+        }
+
+
+
+
+        for authRight in AuthorizationDBManager.shared.consoleRights() {
+            if authRight.hasPrefix("XCredsLoginPlugin") {
+                TCSLogWithMark("Removing \(authRight)")
+                if AuthorizationDBManager.shared.remove(right: authRight) == false {
+                    TCSLogErrorWithMark("Error removing \(authRight)")
+
+                }
+            }
+
+        }
+        return true
+
+    }
+    static func addRights() ->Bool {
+
+        TCSLogWithMark("Adding rights back in")
+        if AuthorizationDBManager.shared.replace(right: "loginwindow:login", withNewRight: "XCredsLoginPlugin:LoginWindow")==false {
+            TCSLogWithMark("error adding loginwindow:login after XCredsLoginPlugin:LoginWindow. bailing since this shouldn't happen")
+
+            return false
+
+        }
+
+        for right in [["XCredsLoginPlugin:LoginWindow":"XCredsLoginPlugin:PowerControl,privileged"], ["loginwindow:done":"XCredsLoginPlugin:KeychainAdd,privileged"],["builtin:login-begin":"XCredsLoginPlugin:CreateUser,privileged"],["loginwindow:done":"XCredsLoginPlugin:EnableFDE,privileged"],["loginwindow:done":"XCredsLoginPlugin:LoginDone"]] {
+
+            if AuthorizationDBManager.shared.rightExists(right: right.keys.first!){
+
+                if AuthorizationDBManager.shared.insertRight(newRight: right.values.first!, afterRight: right.keys.first!) {
+
+
+                    TCSLogWithMark("adding \(right.values.first!) after \(right.keys.first!)")
+                }
+
+                else {
+                    TCSLogErrorWithMark("\(right.keys.first!) does not exist. not inserting \(right.values.first!)")
+                }
+
+            }
+        }
+        return true
+
+    }
+
+}
diff --git a/XCreds Login Overlay/AppDelegate.swift b/XCreds Login Overlay/AppDelegate.swift
@@ -11,89 +11,7 @@ import AppKit
 
 
 @main
-struct MyMain {
-    static func resetRights() ->Bool {
 
-        if AuthorizationDBManager.shared.rightExists(right:"XCredsLoginPlugin:LoginWindow")==true {
-            TCSLogWithMark("replacing XCredsLoginPlugin:LoginWindow with loginwindow:login")
-            if AuthorizationDBManager.shared.replace(right: "XCredsLoginPlugin:LoginWindow", withNewRight: "loginwindow:login") == false {
-                TCSLogErrorWithMark("Error removing XCredsLoginPlugin:LoginWindow. bailing")
-                return false
-
-            }
-        }
-        else if AuthorizationDBManager.shared.rightExists(right: "loginwindow:login")==false {
-            TCSLogErrorWithMark("There was no XCredsLoginPlugin:LoginWindow and no loginwindow:login. Please remove /var/db/auth.db and reboot")
-            return false
-        }
-
-
-
-
-        for authRight in AuthorizationDBManager.shared.consoleRights() {
-            if authRight.hasPrefix("XCredsLoginPlugin") {
-                TCSLogWithMark("Removing \(authRight)")
-                if AuthorizationDBManager.shared.remove(right: authRight) == false {
-                    TCSLogErrorWithMark("Error removing \(authRight)")
-
-                }
-            }
-
-        }
-        return true
-
-    }
-    static func addRights() ->Bool {
-
-        TCSLogWithMark("Adding rights back in")
-        if AuthorizationDBManager.shared.replace(right: "loginwindow:login", withNewRight: "XCredsLoginPlugin:LoginWindow")==false {
-            TCSLogWithMark("error adding loginwindow:login after XCredsLoginPlugin:LoginWindow. bailing since this shouldn't happen")
-
-            return false
-
-        }
-
-        for right in [["XCredsLoginPlugin:LoginWindow":"XCredsLoginPlugin:PowerControl,privileged"], ["loginwindow:done":"XCredsLoginPlugin:KeychainAdd,privileged"],["builtin:login-begin":"XCredsLoginPlugin:CreateUser,privileged"],["loginwindow:done":"XCredsLoginPlugin:EnableFDE,privileged"],["loginwindow:done":"XCredsLoginPlugin:LoginDone"]] {
-
-            if AuthorizationDBManager.shared.rightExists(right: right.keys.first!){
-
-                if AuthorizationDBManager.shared.insertRight(newRight: right.values.first!, afterRight: right.keys.first!) {
-
-
-                    TCSLogWithMark("adding \(right.values.first!) after \(right.keys.first!)")
-                }
-
-                else {
-                    TCSLogErrorWithMark("\(right.keys.first!) does not exist. not inserting \(right.values.first!)")
-                }
-
-            }
-        }
-        return true
-
-    }
-
-    static func main() -> Void {
-        if AuthorizationDBManager.shared.rightExists(right: "XCredsLoginPlugin:LoginWindow") == true {
-            TCSLogWithMark("XCreds auth rights already installed.")
-
-            return
-        }
-        TCSLogErrorWithMark("XCreds rights do not exist. Fixing and rebooting")
-
-        if resetRights()==false {
-            TCSLogErrorWithMark("error resetting rights")
-            return
-        }
-        if addRights()==false {
-            TCSLogErrorWithMark("error adding rights")
-
-        }
-        let _ = cliTaskNoTerm("/sbin/reboot")
-
-    }
-
-}
 
 class AppDelegate: NSObject, NSApplicationDelegate {
 

diff --git a/XCredsLoginPlugIn/TestWindowController.xib b/XCredsLoginPlugIn/TestWindowController.xib
@@ -17,7 +17,7 @@
             <windowStyleMask key="styleMask" titled="YES" closable="YES" miniaturizable="YES" resizable="YES"/>
             <windowPositionMask key="initialPositionMask" leftStrut="YES" rightStrut="YES" topStrut="YES" bottomStrut="YES"/>
             <rect key="contentRect" x="196" y="240" width="480" height="270"/>
-            <rect key="screenRect" x="0.0" y="0.0" width="1496" height="933"/>
+            <rect key="screenRect" x="0.0" y="0.0" width="3440" height="1415"/>
             <view key="contentView" id="se5-gp-TjO">
                 <rect key="frame" x="0.0" y="0.0" width="480" height="270"/>
                 <autoresizingMask key="autoresizingMask"/>

diff --git a/auth_mech_fixup/main.swift b/auth_mech_fixup/main.swift
@@ -0,0 +1,24 @@
+//
+//  main.swift
+//  auth_mech_fixup
+//
+//  Created by Timothy Perfitt on 5/31/23.
+//
+
+import Foundation
+
+if AuthorizationDBManager.shared.rightExists(right: "XCredsLoginPlugin:LoginWindow") == true {
+    TCSLogWithMark("XCreds auth rights already installed.")
+    exit(0)
+
+}
+TCSLogErrorWithMark("XCreds rights do not exist. Fixing and rebooting")
+
+if AuthRightsHelper.resetRights()==false {
+    TCSLogErrorWithMark("error resetting rights")
+    exit(1)
+}
+if AuthRightsHelper.addRights()==false {
+    TCSLogErrorWithMark("error adding rights")
+    exit(1)
+}
diff --git a/test/main.swift b/test/main.swift
@@ -0,0 +1,11 @@
+//
+//  main.swift
+//  test
+//
+//  Created by Timothy Perfitt on 5/31/23.
+//
+
+import Foundation
+
+print("Hello, World!")
+