diff --git a/Sources/main.swift b/Sources/main.swift index 420e286..7e719de 100644 --- a/Sources/main.swift +++ b/Sources/main.swift @@ -1,27 +1,40 @@ +/* + tidcli - Touch ID Command Line + by @singe + + tidcli is a simple utility to invoke Touch ID and produce an appropriate exit + code for a successful or failed authentication. + + It's primary use is to add TouchID auth to shell scripts. +*/ + +import Darwin // required for simple fputs stderr output import Foundation import LocalAuthentication let arguments = CommandLine.arguments var promptMessage = "authenticate to proceed" if arguments.count > 1 { - promptMessage = arguments[1] + // Limit potential input to 100 characters + promptMessage = String(arguments[1].prefix(100)) } let context = LAContext() var error: NSError? if context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) { - context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: promptMessage) { success, evaluationError in - if success { - print("Authentication was successful.") - } else { - print("Authentication failed.") - } - exit(success ? 0 : 1) + context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: promptMessage) { + success, evaluationError in + if success { + fputs("Authentication was successful.\n", stderr) + } else { + fputs("Authentication failed.\n", stderr) } + exit(success ? 0 : 1) + } } else { - print("Touch ID is not available.") - exit(1) + fputs("Touch ID is not available.\n", stderr) + exit(1) } // Keep the run loop running to wait for the async authentication callback. diff --git a/readme.md b/readme.md index 5e65604..773e40d 100644 --- a/readme.md +++ b/readme.md @@ -1,14 +1,27 @@ # Outrageously simple touch ID command line prompter -TouchID CLI (tidcli) simply pops a TouchID prompt. +Touch ID Command Line Interface (tidcli) simply pops a Touch ID prompt. + It returns an exit code of 0 on success and 1 on failure. You can use this to embed additional authentication steps into your shell script or the like. -Custom prompt information can be passed as the first argument. - image +# Usage + +`tidcli [optional prompt context]` + +Optional custom prompt information can be passed as the first argument. This is limited to 100 characters. + +An example of using it in a bash shell script to exit if there is an authentication failure is: + +``` +tidcli "EXAMPLE SCRIPT" +if [[ "$?" -ne 0 ]]; then + exit 1 +fi +``` # Building @@ -17,3 +30,13 @@ Build a release binary with swift by running: `swift build -c release` The resulting binary will be in the `.build/release` directory as `tidcli`. + +# Notes + +## Password fallback not allowed + +The Touch ID prompt will contain a "Use Password" button, but only biometric authentication is allowed, so clicking it will result in an authentication failure. If you wanted to change this you could use `.deviceOwnerAuthentication` instead of `.deviceOwnerAuthenticationWithBiometrics`. + +## Output on standard error + +Success and failure messages are output to standard error.