March 31, 2015: an updated version is now available, see the article at:
Being long time Linux user and doing lot of remote consultancy (you know, VoIP solutions design and implementation using
Kamailio and
SIP Router), one of the most used application was
KeePassX. It fits perfectly for secure storing of my long list of usernames, passwords, IP addresses and web URLs.
Recently I become the owner of a MacBook Pro and fortunately KeePassX is available (natively) for Mac OS X, but with no auto-typing. That is very handy in Linux for authentication on web pages. I tried to play a bit with KeePass (the original Windows version) and Mono, but the results were not very satisfactory (quite tight tied to Windows style), plus that I could not import the KeePassX database (I would need a Windows box).
Checking the web for KeePassX and auto-typing revealed clearly that is not available for Mac OS X out of the box, but folks around gave some good hints, so I started digging in. Pretty soon a plan was sketched:
- AppleScript give the tools for a nicely and easily coding of interactive applications
- KeePassX uses OS URL handlers to start applications when double-clicking the URL field of stored records
- MoreInternet application for Mac OS X offers easy way to manage URL helper applications
Therefore, here we are...
Step 1
Go, download and install MoreInternet:
http://www.monkeyfood.com/software/MoreInternet/
We will be back later to its configuration.
Step 2
Create the application handler for a new URL type. Open the Script Editor and paste following code:
on open location localURL
-- kex://proto?username:password:address:port/path
set thePath to text 7 thru -1 of localURL
if (text 1 thru 4 of thePath) is "ssh?" then
-- ssh?
set theProto to "ssh"
set theData to text 5 thru -1 of thePath
else
if (text 1 thru 6 of thePath) is "https?" then
-- https?
set theProto to "https"
set theData to text 7 thru -1 of thePath
else
if (text 1 thru 5 of thePath) is "http?" then
-- http?
set theProto to "http"
set theData to text 6 thru -1 of thePath
else
-- assume http
set theProto to "http"
set theData to thePath
end if
end if
end if
set theCLPos to offset of ":" in theData
if theCLPos = 0 then
display dialog "INVALID URL - NO USER"
return
end if
set theUser to text 1 thru (theCLPos - 1) of theData
set theData1 to text (theCLPos + 1) thru -1 of theData
set theData to theData1
set theCLPos to offset of ":" in theData
if theCLPos = 0 then
display dialog "INVALID URL - NO PASSWORD"
return
end if
set thePass to text 1 thru (theCLPos - 1) of theData
set theAddr to text (theCLPos + 1) thru -1 of theData
-- display dialog "URL+: " & theProto & "://" & theUser & ":xyz@" & theAddr
if theProto is "ssh" then
tell application "Terminal"
activate
delay 1
set theCLPos to offset of ":" in theAddr
if theCLPos = 0 then
set theSSHUrl to "ssh " & theUser & "@" & theAddr
else
set theHost to texts 1 thru (theCLPos - 1) of theAddr
set thePort to texts (theCLPos + 1) thru -1 of theAddr
set theSSHUrl to "ssh -p " & thePort & " " & theUser & "@" & theHost
end if
do script with command theSSHUrl
set theButton to button returned of (display dialog "Auto type? (" & theAddr & ")" buttons {"No", "Yes"} default button "Yes")
if theButton is "Yes" then
tell application "System Events"
keystroke thePass
key code 52
end tell
end if
end tell
else
set theHTTPUrl to theProto & "://" & theAddr
tell application "Safari"
activate
delay 1
tell window 1 of application "Safari" to make new tab
tell front window of application "Safari" to set current tab to last tab
set the URL of document 1 to theHTTPUrl
set theButton to button returned of (display dialog "Auto type? (" & theAddr & ")" buttons {"No", "Yes"} default button "Yes")
if theButton is "Yes" then
tell application "System Events"
keystroke theUser
keystroke " "
keystroke thePass
key code 52
end tell
end if
end tell
end if
end open location
Save it as Application Bundle, say under 'kpx' name.
Step 3
Update Application bundle meta-data
Edit kpx.app/Contents/PkgInfo and set the content to "APPLokpx" (no double quotes). Edit kpx.app/Contents/Info.plist and set the bundle signature to the last 4 letters of the value in PkgInfo file and add details about 'kpx' URL handling, you should get to something like this:
<key>CFBundleSignature</key>
<string>okpx</string>
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLName</key>
<string>KeePassX</string>
<key>CFBundleURLSchemes</key>
<array>
<string>kpx</string>
</array>
</dict>
</array>
Note: CFBundleSignature should be there already, just update the string value. CFBundleURLTypes (and the array value) must be added.
Step 4
Set the 'kpx' URL helper application.
Open System Preferences, then More Internet and add a new protocol 'kpx'. Associate the kpx.app (the application bundle built above) with this URL type. Now, all URL starting with 'kpx://' should be opened with kpx application.
Step 5
Add entries to the KeePassX
The format of the kpx URL is kind of special to fit my needs of opening http and ssh URLs:
kpx://proto?username:password:address:port/path
- proto can be http, https or ssh - if it is something else, it assumes http (can be extended or just use the given value and let the OS handle it)
- the rest are more or less self explaining, 'path' is just for HTTP(S) - the part after server address in web URLs
Here are some examples:
kpx://ssh?{USERNAME}:{PASSWORD}:192.168.64.103:14092
kpx://http?test:testpw:192.168.64.103/admin/login.php
As you can see, it is possible to use the KeePassX self expanding variables such as {USERNAME} or {PASSWORD}.
The format is chosen this way to be compliant with URL specs, you can try a different one, which might be nicer from your point of view, but you have to adjust kxp.app accordingly.
Step 6
Save the KeePassX record and double-click on URL field.
The Terminal or Safari should start depending whether is SSH or HTTP/S URL. A dialog prompting if you want auto-type pops up. Wait (this is important) until SSH prompts for password or the web page is completely loaded. Then you can click "Yes". If you don't want auto-type, press "No".
REMARKS:
- do not use real username and passwords until you are sure the kpx application handler starts correctly. If the OS didn't register the URL helper properly, Safari will open and try to guess what site you want to open, so it may result in trying accessing public web sites with your username and password in URL (e.g., kpx.com/username/password/address) which will stay in remote server logs
- you can change the 'kpx' to anything you want, which is recommended anyway. You have to do small adjustment for the parser in kpx.app to skip it, update the metadata URL types and the System Preferences, Internet More records.
- it is my first Apple Script coding, so bare with me if there are other nicer ways to accomplish same goals
- yeah, you get auto-type for SSH which is not possible in Linux
Hopefully I haven't forgotten anything important. I did it about one week ago. I hope some of you will enjoy and contribute back with improvements or comments (which are moderated by the way). Maybe KeePassX will add auto-type feature for Mac OS X soon, that would be great. Being myself an open source developer, I have to congrat the KeePassX coders, a great project.
Some screenshots:
Posts
