11 changed files with 124 additions and 290 deletions
--- a/.coafile
+++ b/.coafile
@ -0,0 +1,4 @@
 [python]
 bears = PyUnusedCodeBear,PySafetyBear,PyFlakesBear,PEP8Bear,BanditBear,PyCommentedCodeBear,VultureBear,InvalidLinkBear,PyImportSortBear
 files = *.py
 use_spaces = true
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,23 +0,0 @@
 ---
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v3.3.0
    hooks:
      - id: trailing-whitespace
      - id: end-of-file-fixer
      - id: check-added-large-files
  - repo: https://github.com/psf/black
    rev: 20.8b1
    hooks:
      - id: black
  - repo: https://gitlab.com/pycqa/flake8
    rev: 3.8.4
    hooks:
      - id: flake8
        args: ['--ignore=E501,E203']
  - repo: https://github.com/asottile/reorder_python_imports
    rev: v2.3.6
    hooks:
      - id: reorder-python-imports
--- a/.tito/packages/.readme
+++ b/.tito/packages/.readme
@ -1,3 +0,0 @@
 the .tito/packages directory contains metadata files
 named after their packages. Each file has the latest tagged
 version and the project's relative directory.
--- a/.tito/packages/gnome-pass-search-provider
+++ b/.tito/packages/gnome-pass-search-provider
@ -1 +0,0 @@
 1.3.2-1 ./
--- a/.tito/tito.props
+++ b/.tito/tito.props
@ -1,5 +0,0 @@
 [buildconfig]
 builder = tito.builder.Builder
 tagger = tito.tagger.VersionTagger
 changelog_do_not_remove_cherrypick = 0
 changelog_format = %s (%ae)
--- a/README.md
+++ b/README.md
@ -1,16 +1,8 @@
-A search provider for GNOME Shell that adds support for searching in:
+A search provider for GNOME Shell that adds support for searching in zx2c4/[pass](https://www.passwordstore.org/).
-* zx2c4/[pass](https://www.passwordstore.org/)
+Names of passwords will show up in GNOME Shell searches, choosing one will copy the corresponding content to the clipboard.
 * compatible alternatives such as [gopass](https://www.gopass.pw/)
 * or the [rbw](https://github.com/doy/rbw) Bitwarden/Vaultwarden client
-Names of entries will show up in GNOME Shell searches, choosing one will copy the corresponding content to the clipboard.
+Supports OTP, fields and can use GPaste.
 Supports:
 * using the [GPaste](https://github.com/Keruspe/GPaste) clipboard manager
 * OTP with the [pass-otp](https://github.com/tadfisher/pass-otp) extension
 * fields (cf below for syntax)
 ![Sreencapture](misc/screencapture.gif)
@ -21,31 +13,23 @@ Supports:
 Install `gnome-pass-search-provider-git` from the AUR.
 ## Debian, Ubuntu and derivatives
-If a package is available for your distribution version (see above for packaging status), just install `gnome-pass-search-provider` through APT:
+If a package is available for your distribution version (see above for packaging status), just install `gnome-pass-search-provider` through APT.
 ```
 apt install gnome-pass-search-provider
 ```
 ## Fedora
 [![Copr build status](https://copr.fedorainfracloud.org/coprs/jle64/gnome-pass-search-provider/package/gnome-pass-search-provider/status_image/last_build.png)](https://copr.fedorainfracloud.org/coprs/jle64/gnome-pass-search-provider/package/gnome-pass-search-provider/)
 Enable the copr repo and install the package with DNF:
-```
+```shell
 dnf copr enable jle64/gnome-pass-search-provider
 dnf install gnome-pass-search-provider
 ```
 ## Manual
-Ensure that python>=3.7 as well as the dbus, gobject and thefuzz (formerly fuzzywuzzy, might still be packaged under that name in your distribution) Python modules are installed. They should all be packaged under python-name or python3-name depending on your distribution.
+Ensure that python>=3.5 as well as the dbus, gobject, fuzzywuzzy modules are installed. They should all be packaged under python-name or python3-name depending on your distribution.
 Clone this repository and run the installation script as root:
-```
+```shell
-git clone https://github.com/jle64/gnome-pass-search-provider.git
+git clone git@github.com:jle64/gnome-shell-pass-search-provider.git
 cd gnome-pass-search-provider
 sudo ./install.sh
 ```
@ -53,17 +37,13 @@ sudo ./install.sh
 Log out and reopen your GNOME session.
-The search provider will be loaded automatically when doing a search.
+The search provider will be loaded automatically when doing a search. You should see it enabled in GNOME Settings Search pane.
-You should see it enabled in GNOME Settings, in the Search pane. This is also where you can move it up or down in the list of results relatively to other search providers.
+# OTP
 # Advanced usage
 ## OTP
 The [pass-otp](https://github.com/tadfisher/pass-otp) extension is supported. Searches starting with `otp` will copy the otp token to the clipboard.
-## Fields
+# Fields
 To copy other values than the password in the first line from a pass file, start the search with `:NAME search...`. The field name must be a full but case insensitive match. This requires `GPaste`.
@ -74,78 +54,32 @@ user: username
 pin: 123456
 ```
-To copy the pin start the search with `:pin` and for the username with `:user`.
+To copy the pin start the search with `:pin` and for the username `:user`.
-## Disabling notifications
+# Environment variables
-Set the `DISABLE_NOTIFICATIONS` environment variable to `True`.
+If you are configuring `pass` through environment variables, such as `PASSWORD_STORE_DIR`, make sure to set them in a way that will propagate to the search provider executable, not just in your shell.
-# Alternative password providers
+Setting them in `~/.profile` or `~/.pam_environment` should be sufficient, but stuff in shell-specific files such as `~/.bashrc` will not be picked up by gnome-shell.
-## Gopass and other pass-compatible tools
+If your values have no effect, make sure they propagate to the script environment:
-
+```shell
 If you want to use [gopass](https://www.gopass.pw/) or another `pass` compatible tool instead of `pass`, you need to set the proper environment variables to point to the executable and password store directory to use.
 For example, on a systemd-based OS, you can run `systemctl --user edit org.gnome.Pass.SearchProvider.service` and add in the file:
 ```
 [Service]
 Environment=PASSWORD_EXECUTABLE=gopass
 Environment=PASSWORD_STORE_DIR=/home/jonathan/.local/share/gopass/stores/root
 ```
 (be careful not leave a trailing "/" at the end of the `PASSWORD_STORE_DIR` path)
 Then save and restart the service with `systemctl --user restart org.gnome.Pass.SearchProvider.service`.
 On other systems, you might want to use `~/.profile` or another mechanism to set these environment variables.
 ## Bitwarden/Vaultwarden
 To search in Bitwarden/Vaultwarden instead of `pass`, you will need to setup [rbw](https://github.com/doy/rbw). You'll also need to install `wl-clipboard` or another clipboard utility (such as `xclip`), unless you use GPaste.
 You need to set the proper environment variables to point to the executables and specify to operate in Bitwarden mode.
 For example, on a systemd-based OS, you can run `systemctl --user edit org.gnome.Pass.SearchProvider.service` and add in the file:
 ```
 [Service]
 Environment=PASSWORD_EXECUTABLE=rbw
 Environment=PASSWORD_MODE=bw
 Environment=CLIPBOARD_EXECUTABLE=wl-copy
 ```
 Then save and restart the service with `systemctl --user restart org.gnome.Pass.SearchProvider.service`.
 On other systems, you might want to use `~/.profile` or another mechanism to set these environment variables.
 # Clipboard managers
 By default, passwords are sent to the clipboard using `pass -c`, which defaults to expiration after 45 seconds.
 If [GPaste](https://github.com/Keruspe/GPaste) is installed, passwords be sent to it marked as passwords through its API, thus ensuring they are not visible in the UI.
 # Compatibility
 This implements the `org.gnome.Shell.SearchProvider2` D-Bus API and has been tested with GNOME Shell 3.22 to 42. This uses the `org.gnome.GPaste1` or `org.gnome.GPaste2` versions of the GPaste D-Bus API to add passwords to GPaste.
 # Troubleshooting
 ## Environment variables have no effect
 If you are configuring `pass` using environment variables, such as `PASSWORD_STORE_DIR`, make sure to set them in a way that will propagate to the search provider executable, not just in your shell.
 On systemd-based OSes, you can directly set them in `~/.config/environment.d/*.conf` (see `man environment.d`). On other systems, setting them in `~/.profile` should be sufficient, but keep in mind that some shell-specific files such as `~/.bashrc` might be only loaded in non-login interactive shells and will thus not propagate to the script.
 If your values have no effect, make sure they propagate to the script environment. You can check this by displaying the process environment with `ps` and looking for your values here:
 ```
 ps auxeww | grep [g]nome-pass-search-provider.py
 ```
-## Passphrase is not requested to unlock store
+# Clipboard managers
 If you are using GPaste, passwords will be sent to it marked as passwords, thus ensuring they are not visible.
 Otherwise they are sent to the clipboard using `pass -c` which defaults to expiration after 45 seconds.
 # Compatibility
 This implements the `org.gnome.Shell.SearchProvider2` D-Bus API and has been tested with GNOME Shell 3.22-3.38. This uses the `org.gnome.GPaste1` or `org.gnome.GPaste2` versions of the GPaste D-Bus API to add passwords to GPaste.
 # Troubleshooting
 If you don't see passphrase prompts when your key is locked, it might be because GPG is not using the right pinentry program. You can force gpg-agent to use pinentry-gnome3 by adding `pinentry-program /usr/bin/pinentry-gnome3` to `~/.gnupg/gpg-agent.conf`.
-## Other problems
+If you encounter problems, make sure to look to wherever GNOME and D-Bus are logging for error messages. You can do this using `journalctl --user` on systemd-using systems.
 If you encounter problems, make sure to look in the logs of GNOME and D-Bus. On systems that use systemd, you can do this using `journalctl --user`.
 Don't hesitate to open an issue.
--- a/conf/org.gnome.Pass.SearchProvider.desktop
+++ b/conf/org.gnome.Pass.SearchProvider.desktop
@ -3,7 +3,7 @@ Version=1.0
 Categories=GNOME;Security;
 Icon=dialog-password
 Name=Pass
-Comment=GNOME Shell search provider for pass and Bitwarden
+Comment=GNOME Shell search provider for pass
 Terminal=false
 Type=Application
 OnlyShowIn=GNOME;
--- a/conf/org.gnome.Pass.SearchProvider.service.systemd
+++ b/conf/org.gnome.Pass.SearchProvider.service.systemd
@ -1,5 +1,5 @@
 [Unit]
-Description=Pass and Bitwarden search provider for GNOME Shell daemon
+Description=Pass search provider for GNOME Shell daemon
 Wants=org.gnome.GPaste.service
 [Service]
--- a/gnome-pass-search-provider.py
+++ b/gnome-pass-search-provider.py
@ -14,31 +14,27 @@
 # You should have received a copy of the GNU General Public License
 # along with gnome-pass-search-provider. If not, see
 # <http://www.gnu.org/licenses/>.
 # Copyright (C) 2017 Jonathan Lestrelin
 # Author: Jonathan Lestrelin <jonathan.lestrelin@gmail.com>
 # This project was based on gnome-shell-search-github-repositories
 # Copyright (C) 2012 Red Hat, Inc.
 # Author: Ralph Bean <rbean@redhat.com>
 # which itself was based on fedmsg-notify
 # Copyright (C) 2012 Red Hat, Inc.
 # Author: Luke Macken <lmacken@redhat.com>
 import dbus
 import dbus.service
 import re
 import subprocess
 from os import getenv
 from os import walk
 from os.path import expanduser
 from os.path import join as path_join
 import dbus.service
 from dbus.mainloop.glib import DBusGMainLoop
-
+from fuzzywuzzy import process, fuzz
 try:
    from thefuzz import fuzz
    from thefuzz import process
 except ModuleNotFoundError:
    from fuzzywuzzy import fuzz
    from fuzzywuzzy import process
 from gi.repository import GLib
 from os import getenv, walk
 from os.path import expanduser, join as path_join
 # Convenience shorthand for declaring dbus interface methods.
 # s.b.n. -> search_bus_name
@ -64,12 +60,6 @@ class SearchPassService(dbus.service.Object):
        self.password_store = getenv("PASSWORD_STORE_DIR") or expanduser(
            "~/.password-store"
        )
        self.password_executable = getenv("PASSWORD_EXECUTABLE") or "pass"
        self.password_mode = getenv("PASSWORD_MODE") or "pass"
        self.clipboard_executable = getenv("CLIPBOARD_EXECUTABLE") or "wl-copy"
        self.disable_notifications = (
            getenv("DISABLE_NOTIFICATIONS", "false").lower() == "true"
        )
    @dbus.service.method(in_signature="sasu", **sbn)
    def ActivateResult(self, id, terms, timestamp):
@ -77,10 +67,7 @@ class SearchPassService(dbus.service.Object):
    @dbus.service.method(in_signature="as", out_signature="as", **sbn)
    def GetInitialResultSet(self, terms):
-        if self.password_mode == "bw":
+        return self.get_result_set(terms)
            return self.get_bw_result_set(terms)
        else:
            return self.get_pass_result_set(terms)
    @dbus.service.method(in_signature="as", out_signature="aa{sv}", **sbn)
    def GetResultMetas(self, ids):
@ -95,46 +82,13 @@ class SearchPassService(dbus.service.Object):
    @dbus.service.method(in_signature="asas", out_signature="as", **sbn)
    def GetSubsearchResultSet(self, previous_results, new_terms):
-        if self.password_mode == "bw":
+        return self.get_result_set(new_terms)
            return self.get_bw_result_set(new_terms)
        else:
            return self.get_pass_result_set(new_terms)
    @dbus.service.method(in_signature="asu", terms="as", timestamp="u", **sbn)
    def LaunchSearch(self, terms, timestamp):
        pass
-    def get_bw_result_set(self, terms):
+    def get_result_set(self, terms):
        if terms[0].startswith(":"):
            field = terms[0][1:]
            terms = terms[1:]
        else:
            field = None
        name = "".join(terms)
        password_list = subprocess.check_output(
            [self.password_executable, "list"], universal_newlines=True
        ).split("\n")[:-1]
        results = list(filter(lambda p: p.startswith(name), password_list))[:5]
        remaining = 5 - len(results)
        if remaining > 0:
            fuzzy_results = [
                e[0]
                for e in process.extract(
                    name, password_list, limit=remaining, scorer=fuzz.token_sort_ratio
                )
            ]
            results.extend(fuzzy_results)
        if field is not None:
            results = [f":{field} {r}" for r in results]
        return results
    def get_pass_result_set(self, terms):
        if terms[0] == "otp":
            field = terms[0]
        elif terms[0].startswith(":"):
@ -157,104 +111,44 @@ class SearchPassService(dbus.service.Object):
                path = path_join(dir_path, filename)[:-4]
                password_list.append(path)
-        results = list(sorted(filter(lambda p: p.startswith(name), password_list)))[:5]
+        results = [
        remaining = 5 - len(results)
        if remaining > 0:
            containing_results = list(
                sorted(filter(lambda p: name in p, password_list))
            )[:remaining]
            results.extend(containing_results)
        remaining = 5 - len(results)
        if remaining > 0:
            fuzzy_results = [
            e[0]
            for e in process.extract(
-                    name, password_list, limit=remaining, scorer=fuzz.token_sort_ratio
+                name, password_list, limit=5, scorer=fuzz.partial_ratio
            )
        ]
            results.extend(fuzzy_results)
        if field == "otp":
            results = [f"otp {r}" for r in results]
        elif field is not None:
            results = [f":{field} {r}" for r in results]
        return results
    def get_value_from_output(self, output, field=None):
        if field is not None:
            match = re.search(
                rf"^{field}:\s*(?P<value>.+?)$", output, flags=re.I | re.M
            )
            if match:
                value = match.group("value")
            else:
                raise RuntimeError(
                    f"The field {field} was not found in the password entry."
                )
        else:
            value = output.split("\n", 1)[0]
        return value
    def send_password_to_gpaste(self, base_args, name, field=None):
        try:
            gpaste = self.session_bus.get_object(
                "org.gnome.GPaste.Daemon", "/org/gnome/GPaste"
            )
        output = subprocess.check_output(base_args + [name], universal_newlines=True)
        value = self.get_value_from_output(output, field)
        try:
            gpaste.AddPassword(name, value, dbus_interface="org.gnome.GPaste1")
        except dbus.DBusException:
            gpaste.AddPassword(name, value, dbus_interface="org.gnome.GPaste2")
    def send_password_to_native_clipboard(self, base_args, name, field=None):
        if self.password_mode == "bw":
            output = subprocess.check_output(
-                base_args + [name], universal_newlines=True
+                base_args + [name], stderr=subprocess.STDOUT, universal_newlines=True
            )
            value = self.get_value_from_output(output, field)
            p1 = subprocess.run(self.clipboard_executable, input=value, text=True)
            if p1.returncode:
                raise RuntimeError(
                    f"Error while running copying to clipboard: got return code: {p1.returncode}."
                )
        else:
            if field is not None:
-                raise RuntimeError("This feature requires GPaste.")
+                match = re.search(
-            result = subprocess.run(base_args + ["-c", name])
+                    fr"^{field}:\s*(?P<value>.+?)$", output, flags=re.I | re.M
            if result.returncode:
                raise RuntimeError(
                    f"Error while running pass: got return code: {result.returncode}."
                )
-
+                if match:
-    def send_password_to_clipboard(self, name):
+                    password = match.group("value")
        if name.startswith(":"):
            field, name = name.split(" ", 1)
            field = field[1:]
                else:
-            field = None
+                    raise RuntimeError(
-
+                        f"The field {field} was not found in " + "the pass file."
-        if self.password_mode == "bw":
+                    )
            base_args = [self.password_executable, "get", "--full"]
        elif name.startswith("otp "):
            base_args = [self.password_executable, "otp", "code"]
            name = name[4:]
            field = None
            else:
-            base_args = [self.password_executable, "show"]
+                password = output.split("\n", 1)[0]
            try:
-            try:
+                gpaste.AddPassword(name, password, dbus_interface="org.gnome.GPaste1")
                self.send_password_to_gpaste(base_args, name, field)
            except dbus.DBusException:
-                # We couldn't join GPaste over D-Bus, use native clipboard
+                gpaste.AddPassword(name, password, dbus_interface="org.gnome.GPaste2")
-                self.send_password_to_native_clipboard(base_args, name, field)
+
            if "otp" in base_args:
                self.notify("Copied OTP password to clipboard:", body=f"<b>{name}</b>")
            elif field is not None:
@ -263,12 +157,47 @@ class SearchPassService(dbus.service.Object):
                )
            else:
                self.notify("Copied password to clipboard:", body=f"<b>{name}</b>")
-        except (subprocess.CalledProcessError, FileNotFoundError, RuntimeError) as e:
+        except subprocess.CalledProcessError as e:
-            self.notify("Failed to copy password or field!", body=str(e), error=True)
+            self.notify("Failed to copy password!", body=e.output, error=True)
        except RuntimeError as e:
            self.notify("Failed to copy field!", body=e.output, error=True)
    def send_password_to_native_clipboard(self, base_args, name, field=None):
        if field is not None:
            self.notify(
                f"Cannot copy field values.",
                body="This feature requires GPaste.",
                error=True,
            )
            return
        pass_cmd = subprocess.run(base_args + ["-c", name])
        if pass_cmd.returncode:
            self.notify("Failed to copy password!", error=True)
        elif "otp" in base_args:
            self.notify("Copied OTP password to clipboard:", body=f"<b>{name}</b>")
        else:
            self.notify("Copied password to clipboard:", body=f"<b>{name}</b>")
    def send_password_to_clipboard(self, name):
        field = None
        if name.startswith("otp "):
            base_args = ["pass", "otp", "code"]
            name = name[4:]
        else:
            base_args = ["pass", "show"]
            if name.startswith(":"):
                field, name = name.split(" ", 1)
                field = field[1:]
        try:
            self.send_password_to_gpaste(base_args, name, field)
        except dbus.DBusException:
            # We couldn't join GPaste over D-Bus,
            # use pass native clipboard copy
            self.send_password_to_native_clipboard(base_args, name, field)
    def notify(self, message, body="", error=False):
        if not error and self.disable_notifications:
            return
        try:
            self.session_bus.get_object(
                "org.freedesktop.Notifications", "/org/freedesktop/Notifications"
--- a/gnome-pass-search-provider.spec
+++ b/gnome-pass-search-provider.spec
@ -1,23 +1,25 @@
 Name:           gnome-pass-search-provider
-Version: 1.3.3
+Version:        master
-Release: %autorelease
+Release:        0
 Summary: Gnome Shell search provider for zx2c4/pass
 License:        GPL-3.0+
-Url: https://git.dm1sh.ru/dm1sh/%{name}
+Summary:        Gnome Shell search provider for zx2c4/pass
-Source0: https://git.dm1sh.ru/dm1sh/%{name}/archive/%{version}.tar.gz
+Url:            https://github.com/jle64/gnome-pass-search-provider
 Source:         https://github.com/jle64/%{name}/archive/master.tar.gz
 Requires:       gnome-shell
-Requires:       (pass or gopass)
+Requires:       pass
 Requires:       python3-gobject
 Requires:       python3-dbus
 Requires:       python3-fuzzywuzzy
 Requires:       python3-Levenshtein
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %global debug_package %{nil}
 %description
-A Gnome Shell passwords search provider for zx2c4/pass (passwordstore.org) or compatibles and Bitwarden/Vaultwarden that sends passwords to clipboard (or GPaste).
+A Gnome Shell search provider for zx2c4/pass (passwordstore.org) that sends passwords to clipboard (or GPaste).
 %prep
-%autosetup -n %{name}
+%setup -q -n %{name}-%{version}
 %define debug_package %{nil}
 %build
@ -27,13 +29,10 @@ sed -i -e 's|LIBDIR=|LIBDIR=$RPM_BUILD_ROOT|' install.sh
 ./install.sh
 %files
 %defattr(-,root,root,-)
 %doc README.md
 %license LICENSE
 %{_prefix}/lib/gnome-pass-search-provider/gnome-pass-search-provider.py
 %{_prefix}/lib/systemd/user/org.gnome.Pass.SearchProvider.service
 %{_prefix}/share/dbus-1/services/org.gnome.Pass.SearchProvider.service
 %{_prefix}/share/applications/org.gnome.Pass.SearchProvider.desktop
 %{_prefix}/share/gnome-shell/search-providers/org.gnome.Pass.SearchProvider.ini
 %changelog
 %autochangelog
--- a/misc/screencapture.gif
+++ b/misc/screencapture.gif