Password Verification Correctly Implemented

AppleScript wants to only run shell commands as root using its with administrator priveleges. Which just uses granted permissions to the app to authenticate. This is super unhelpful when you are trying to verify the entered password. This adds in a simple shell script file that runs a command that requries the current user password, just to check if the entered password is correct.
andrewbluepiano · Dec 5, 2019 · 214cff4 · 214cff4
1 parent 906c2bb
commit 214cff4
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 2 deletions.
diff --git a/...oj/project.xcworkspace/xcuserdata/andrewafonso.xcuserdatad/UserInterfaceState.xcuserstate b/...oj/project.xcworkspace/xcuserdata/andrewafonso.xcuserdatad/UserInterfaceState.xcuserstate
diff --git a/CatalinaExporter/ArtifactFinder.applescript b/CatalinaExporter/ArtifactFinder.applescript
@@ -54,21 +54,34 @@ script ArtifactFinder
     end setup:
 
     on testWindow:sender
+        set appLocation to (quoted form of ((current application's NSBundle's mainBundle()'s resourcePath() as text) & "/subScripts/pwTester.sh"))
+        display dialog appLocation
+        set theResponse to (display dialog "What's your name?" default answer "" with icon stop buttons {"Cancel", "Continue"} default button "Continue" with hidden answer)
+        set theusser to (display dialog "What's your username?" default answer "" with icon stop buttons {"Cancel", "Continue"} default button "Continue")
+        try
+            do shell script "sudo -K"
+            set output to do shell script "sudo -n /bin/echo \"cat\"" user name theusser password theResponse
+            display dialog output
+            set the_script to "echo Hello World"
+            set the_result to do shell script the_script
+        on error errMsg number errorNumber
+            display dialog ("Error occurred:  " & errMsg as text) & " Num: " & errorNumber as text
+        end try
         -- Debugging
         display alert "This does nothing unless you tell it what to do."
     end testWindow:
 
     on checkPasswd:sender
         set shellPassword to shellPasswordField's stringValue() as text
+        set scriptLocation to (quoted form of ((current application's NSBundle's mainBundle()'s resourcePath() as text) & "/subScripts/pwTester.sh"))
         try
             do shell script "sudo -K"
-            do shell script "/bin/echo" password shellPassword with administrator privileges
+            set output to (do shell script "sh " & scriptLocation & " " & shellPassword)
             display notification "Auth Success"
             delay 1
         on error errMsg number errorNumber
             -- display alert "Debugging alert error occurred:  " & errMsg as text & " Num: " & errorNumber as text
             display alert "Sorry, you've entered an invalid password. Please try again."
-            return 0
         end try
     end checkPasswd:
 

diff --git a/CatalinaExporter/subScripts/pwTester.sh b/CatalinaExporter/subScripts/pwTester.sh
@@ -0,0 +1,3 @@
+# pwTester.sh
+# "Author": Andrew Afonso
+pwpolicy -p $@ enableuser