desktop

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 24, 2026 License: MIT Imports: 2 Imported by: 0

README

OmiVault Desktop

Go CI Go Lint Go SAST Go Report Card Docs Visualization License

Aggregates desktop/personal vault providers for omnivault.

Overview

This module bundles vault providers for personal password managers, enabling applications using omnivault.VaultFromURI() to access credentials stored in desktop vaults with a single import.

┌────────────────────────────────────────────────────────────────┐
│                        Applications                            │
│  ┌─────────────┐  ┌─────────────┐  ┌──────────────────┐        │
│  │ mcp-google  │  │  mcp-aha    │  │  mcp-confluence  │        │
│  └──────┬──────┘  └──────┬──────┘  └─────────┬────────┘        │
│         └────────────────┼───────────────────┘                 │
│                          │                                     │
│              ┌───────────▼───────────┐                         │
│              │  omnivault-desktop    │ ← Single import for     │
│              │  (this module)        │   all desktop vaults    │
│              └───────────┬───────────┘                         │
└──────────────────────────┼─────────────────────────────────────┘
                           │
          ┌────────────────┴────────────────┐
          │                                 │
   ┌──────▼───────┐                  ┌──────▼──────┐
   │    omni-     │                  │    omni-    │
   │ onepassword  │                  │  bitwarden  │
   └──────┬───────┘                  └──────┬──────┘
          │                                 │
          └────────────────┬────────────────┘
                           │
              ┌────────────▼────────────┐
              │      omnivault          │ ← Core interfaces
              └─────────────────────────┘

Installation

go get github.com/plexusone/omnivault-desktop

Usage

Import this package for side effects to register all desktop vault providers:

import (
    "github.com/plexusone/omnivault"
    _ "github.com/plexusone/omnivault-desktop"
)

func main() {
    // 1Password: op:// URIs work automatically
    v, err := omnivault.VaultFromURI("op://MyVault")
    if err != nil {
        log.Fatal(err)
    }
    secret, err := v.Get(ctx, "credentials/my-api-key")

    // Bitwarden: bw:// URIs work automatically
    v2, err := omnivault.VaultFromURI("bw://org-id/my-secret")
    if err != nil {
        log.Fatal(err)
    }
    secret2, err := v2.Get(ctx, "my-secret")
    // ...
}

Supported Vault Providers

Provider URI Scheme Module SDK
1Password op:// omni-onepassword 1password-sdk-go
Bitwarden bw:// omni-bitwarden bitwarden/sdk-go

Environment Variables

1Password
Variable Required Description
OP_SERVICE_ACCOUNT_TOKEN Yes Service account token (starts with ops_)

Create a service account at: https://my.1password.com/developer-tools/infrastructure-secrets/serviceaccount/

Bitwarden
Variable Required Description
BW_ACCESS_TOKEN Yes Access token for authentication
BW_ORGANIZATION_ID Yes* Default organization ID (*can be in URI path)
BW_API_URL No Custom API URL (for self-hosted)
BW_IDENTITY_URL No Custom Identity URL (for self-hosted)

Create an access token at: https://bitwarden.com/help/access-tokens/

URI Formats

1Password
URI Format Example Description
op://vault op://Private Access vault by name
op://vault/item op://Private/API Keys Access item in vault
op://vault/item/field op://Private/API Keys/password Access specific field
Bitwarden
URI Format Example Description
bw://org-id bw://abc123-def456 Organization vault
bw://org-id/secret bw://abc123/my-api-key Secret in organization

Path Formats

After obtaining a vault with VaultFromURI(), use these path formats with vault.Get():

1Password Paths
Format Example Description
vault/item Private/API Keys Item in vault
vault/item/field Private/DB Creds/password Specific field
Bitwarden Paths
Format Example Description
secret-key my-api-key Secret by key (uses default org)
secret-key/field my-api-key/note Specific field (value, key, note)
org-id/secret-key abc123/my-api-key Secret in specific org

Provider Capabilities

Capability 1Password Bitwarden
Read Yes Yes
Write Yes Yes
Delete Yes Yes
List Yes Yes
Multi-Field Yes Yes
Batch Yes Yes
Binary/Attachments Yes No

Example: MCP Server Configuration

When using with MCP servers like mcp-confluence, mcp-aha, or mcp-google:

With 1Password
export OP_SERVICE_ACCOUNT_TOKEN="ops_..."
export OMNITOKEN_VAULT_URI="op://MyVault"
export OMNITOKEN_CREDENTIALS_NAME="confluence"
mcp-confluence --base-url https://example.atlassian.net/wiki
With Bitwarden
export BW_ACCESS_TOKEN="..."
export BW_ORGANIZATION_ID="..."
export OMNITOKEN_VAULT_URI="bw://org-id"
export OMNITOKEN_CREDENTIALS_NAME="confluence"
mcp-confluence --base-url https://example.atlassian.net/wiki

Why This Module?

This module exists to:

  1. Minimize code duplication - Applications import one package instead of individual provider register packages
  2. Keep dependencies explicit - Desktop vault SDKs are heavy; this module isolates them from lightweight packages like omnitoken
  3. Separate desktop from server vaults - Server-side vaults (HashiCorp Vault, AWS Secrets Manager) can be imported individually for applications that need them

Architecture

  • omnivault - Lightweight core with interfaces, registry, and built-in providers (memory, file, env)
  • omnivault-desktop - Aggregates desktop vault providers (this module)
  • omnitoken - Generic credential manager, depends only on omnivault interfaces
  • omni-onepassword - Standalone 1Password provider
  • omni-bitwarden - Standalone Bitwarden provider

Applications that need desktop vault support import omnivault-desktop. Applications that need server-side vaults import those providers individually.

Package Description
omnivault Core vault interfaces and registry
omnitoken Credential management with vault storage
omni-onepassword 1Password provider
omni-bitwarden Bitwarden provider

License

MIT

Documentation

Overview

Package desktop registers all desktop/personal vault providers with omnivault.

Import this package for side effects to enable support for personal password managers in applications using omnivault.VaultFromURI: 

import _ "github.com/plexusone/omnivault-desktop"

After importing, the following URI schemes are available:

  • op:// - 1Password (requires OP_SERVICE_ACCOUNT_TOKEN env var)
  • bw:// - Bitwarden (requires BW_ACCESS_TOKEN and BW_ORGANIZATION_ID env vars)

Example: 

import (
    "github.com/plexusone/omnivault"
    _ "github.com/plexusone/omnivault-desktop"
)

func main() {
    v, err := omnivault.VaultFromURI("op://MyVault")
    // ...
}

For server-side vaults (HashiCorp Vault, AWS Secrets Manager, GCP Secret Manager), import their register packages individually as those have heavier dependencies.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.