From 30c2e387fa9edb03b16ce7f205d61d0babd8caaa Mon Sep 17 00:00:00 2001
From: Stuart Ryan <stuart@ryan.email>
Date: Thu, 14 Jan 2016 11:45:12 +1100
Subject: [PATCH 1/2] Updated for v 1.4.2

NOTE: This version *requires* the LastPass CLI v 0.7.1 or higher due to this new feature --> Login process completely changed over to use AppleScript (cleaner and nicer). This was thanks to work between myself and Bob from LastPass who maintains the official LastPass CLI to add a feature allowing an external login prompt to be used.
Login password prompt now uses an AppleScript password prompt.
Fix to allow you to search for words in any order.
Vault item's which now require re-authentication will pop up the AppleScript login prompt.
Has now been tested with a Vault with over 30,000 items for performance tweaks. (I have since been told by LastPass support their soft limit is significantly lower than this at ~2500 items explains why I was having some issues in testing).
More resilient escaping of text in the XML to ensure that special characters should not cause any issues.
Fixed missing quotes in some areas that could cause issues with spaces.
Squashed a little regex bug and wiped up the goo.
Fixed issues with spaces in certain paths we referenced
Fixed how the initial login process is run after a reboot. This required the changes made to how we manage the login process and it has subsequently been cleaned up significantly.
Other minor general tweaks.

Signed-off-by: Stuart Ryan <stuart@ryan.email>
---
 workflow/applescript.scpt        | Bin 0 -> 9484 bytes
 workflow/info.plist              | 126 ++++++++++++++++++-------------
 workflow/passwordInput.osascript |  13 ++++
 3 files changed, 85 insertions(+), 54 deletions(-)
 create mode 100644 workflow/applescript.scpt
 create mode 100755 workflow/passwordInput.osascript

diff --git a/workflow/applescript.scpt b/workflow/applescript.scpt
new file mode 100644
index 0000000000000000000000000000000000000000..0dcf4a517a256ba3e48e7856a2dbf1e3a647be62
GIT binary patch
literal 9484
zcmeHNd6bmZvHyKN1o7*+4K1L=X#6s=Dl-EHH;hIE6cj{Z05yrw%=9oVJ>6}055s6w
z6c<$76*t^>aaY{;eMLc0T)<rsC2FECYV=ipb#E^N4s(3x<h(!Lc|F{^TivDV)~%{r
zAA84g4U<Pq3WnAU9ik}$pi6fVcnG1wV*!R`Zx-A2*Cm85?D-YC8iI->`}mXp#wO_I
zF+(LwGw|nzL@twzwFRkkKGB${kL45TR8Vz5G9JstgVtCgUsF>PWU}#0ESpHp43g=Y
zi4^PU`gktKuBxClk#7p}iF`61RE>+}@(09nxnP{4RdIbp&<)=0*ffewaW5K>Kn@us
z5kngSq>x6QZH-LzY}0a@tpTcV0I}k1%Mk`>Whue_8v7S;jx5_VY|XMgg_*=ja_mf7
zbNy+~8Rz(1VN{i!M`vkbN!QBTHFULccBMR5)fIE>A6J^KDuk}2#Yfl>ke8&3y!=Ui
zlz(~h6X3~@3jPK5gqbQ~3;{7ci}?fD(A|?Cl<N`PjobE1B$Gib)ux=Cok+Lj)@N)G
z%LTb~b3C7Dj^~1WQ@kx`ijn*2Y!C}ta`9}?%p*&r^6_l8C6iZ-=D|UtQ48645MxTE
zQ}JM6Yg3}0r(;{wjrn*=`*>`Ff>xfcZenIU&y56}h?8gIxlB5x2XDs_CowaX<_M*j
zB<M-@h@yu#9s7}cN&W@oSIVBHJCWIJPou?haO3Bpqm;)v;x_Y)^ei;jHa(rVow3Qz
zttXr2DeIWP&K$S3X4X}P^z`!_k>y_tB_hu@H%BuD+y2H<i^`17<8qb0lx-PE`D)@!
z^##e$9XOmcWm9KYnRMfv1P)@o)sAiDILC>Ztn2E^k-*N7E$m$9Qn}alit=1u&&`vd
z?COpbw<g5f96}VE83M|YN?a5@<$L+gpeHI0RJmeHFZ7mw8fFz^iBo}Y@?Y3ozV(^)
zsmZnF((yU*`nu5v)rritL$qwLIlN|8E2ty3h+qpn*FI77!CshEpe9zJsT#YImZZID
z?q2M{dM$5q9J86H$a6>i4%h?zF*GFKsw(P@iivhX$T#v2`MWRQa7VFReU_pYY{#GL
zJri2?<R82{@^`&O|5Wh3g75S`ZN~I#Y-tDze1Lo{U&)uAe62`dDfm(`w`BSawlV}3
zb2ALV*77%5XRx*7n6~^D+aNH^LRs#hH@3p>P-O@#2YX{n`2yR@=RUK}IJm9jU~jUr
zZv=gngZ-lD=hb04d8N{$ccYr600RnAtMZ;_kIGpdyRk>_Nm09H$xElna<;G8N_SuO
ztE8)pjUd+>tbDkW*qv+X_<GKxv*zsx)uk!oRa2f+ZgnrZVs+^ZTdkBe*!{IysQ0dl
zt0XDyDt|g!b+qnRb*!$Zv=nzz&9?Ghw7-gbQHt~i>7CB7yz#v&rs@lKcRR-%faxLm
zTxF^XUb-MtYs0b@-G?A-4brrDb1acmlx@ml_nEAbPks5UQ?Xm4V)v<z44m!kOA+ZG
zq9BKOYy%B}m5aWpmQOGU+xg6#T+nikh$Z6%DF@um8sy}nFZyBo2)0+b7#yV@+76>j
z+*1uv=AQE2*+G>LYLKo(u8@z(@EV_47oSF8l3~@}+5X&8ZG<<EGY^S!w<|H0r=)Xc
z_@@>#%Xyp*REz3nSAA4Gy`QhInpVfmAePg0b|<u(!3K6%b*yT)0hEu7+wXcaxAF8<
z8mF~u-IL`xTtTHmZF&u*L}g?E=TTj$lBoAWwRwzEtJ0oAO;;jT$VV6|ANtI?__T^6
z42C*B48$P$z?TouEj)TevaUXxsOu^psva1~w1d2Fumiktl$RO|k@q}#PmlV2)fRtK
zuuf68V){LX8G@2>c~@4;Do@^3q}2*mDdsSy9kG)kAf~5cDDPlr?BX#)B}-FrU|qH?
z$fuo6Em(9l;pvvV8s}J0-;&Fxn*%k?O(bSUoCY};&s)<?2TYAJt2#wPyfN02%yUuN
z-Cgvoca2gLUx~T`pYr5jU~jlP`}Mt_qCM5K(0=u>l(%|6Rp;pFX4Z=KZ)4|Qwx2}_
zb+*b$hn|}5LTy1KXID#*4`C<ndN_771eU2ou{Zu8Z_8T-e{gzOTXv_p_@iNF_3$t%
zk3GTD-P7H-Vc1pP#9p$}XV#e>-pfhDFrLfE2u3QWMny5on@D~1pVh-<Z>Em?RBxro
z-T!SpT;54FPoVu?I@ZEv{PlPKb1l4aOsj=gs-hfG*1~Uu<qbrKz&I^jkab1cqpXKt
zmlg7wFRyp1hgaz3d`(CG(Fw#zipXf}Z3wK|8;Mc!YK6R-nQPcnvIEP*vb>`mc=EPh
z-M94W?#8qa#u$RqC0{15$jhEAQ>0fEysVgGn8spXLtruYp&HvymdZ<p{%&Xj@4U8*
z!+1kr<#s#{#r~LJ2txJjACE(*Fb^~Yp_Hvp!9-AdPjqBV#1whamlvtc>hr0r!6aSj
zR~$DHb@GBdZ+OG4#bJv)hspA+&#X^PJeJKhHa28q$wZFx^2htky1``d^6AR^hvZo$
z<pl-LD=!api%!A8@{BLfs0!t9g9&8@J{^{)(PIcI>szwfcq%_F6U#U0*zs=cKG+vi
zx?_sByqjJ1KMKZ=7&!?c4@IIpRd`<I_*gyPHtAebFlN*S>n*$Kh~vj>&&CxC5Ayd;
zq#EMcnph^Y0oE_9uH3nLnOrcxh%Nj9n+C;tA+H?C7to}5c6NeqUi9F57Rwf|`-r_!
zTbA$|mOWJJo|vXGO(7jSwI^fvq_$i>-aH)R5;L-~Y};_OpLICekrJUx=~Kp?7pLA^
z4Rx#9_U?3XD|s+6YH{Z|rK!vHEjtFI=qUGhi_{j@sBOPQZMzkE!mEYS>d8_CFRASB
z%QO`S83HT&)A<xQSe}w64Gwm)t}Tb)PlmwC_H>$`KjSZkz#B>y)MKVR;mZ>gvrKMI
z#^5hb%%-DW9uLdo9g5kX%A)vKSRO;~A&3@5u_cw5Q;<hbp3<E@sXIN0=}=5F1a_xf
zS{{{0<Y7-9RisB0Jgk`0n5H9U2#Dzs5%Lh7oO+KLSviAj+e0mGI;Ss_gg&Lyw9@V-
zl$H<r2UQt{HCofzhOwzkOTMOrUx;zktKDgc(h~l);1j8B&GDpiWQ+Q_#doRNOXshv
zpRF&~X|$W_`OjfVeQg(==uf;VTUXz^=&_F_X2#m|nhxe?oFYbwX^ag)i8l|*19HD7
z4=P(8P;kHUrjcnTnhb%(Omdlo+$Z-M?#1dhZ8;3H41uSwMKun|2s6^!97VI&mtN>(
zBB_k#SXRHHg<HrnS8q;zyIQhXU%?qNJ53sEX+O%Zj7h{wkss@~s=SwRTwI~iuA&@s
zF`e21PiB!2-B_#LfqPHsjd2_+_twymjHX98glR|aX$R=bb{9H+JFzrOZ4Et3ZQIrM
zSMx2rD_cgge+2PH5%c%-@^<E4i!Y*IbSj3orev<}3Cle&L$GN{fb=}>Q*f^yN)r=3
zEkjT`zPn|K+~vvLinK(*U5c4z%HVKAU@`MJ23fgN?l5GxH6Uz}+mVyod}f`wP&tHV
z@Obk$QqRv2*yGNVhqEJm<ny>&qpWPlBbdYWG(@3J<v1F-5j0?vD7c#MSE}!BC<m74
zRvaO>hUL}`i4MtaO3IxI?ofITXPSdHLtyEdi&HuD7P;Br2uBZF<R%;`i+yID(Q~Au
zXD&|SZ9K{lSbFAS9*&OSXr<?vDA~0K1xKA$6{#jB4F(pTV5Brf$~&VmFgVK5I1eYv
zjbXX*=QJ)>@@`RZv(nhcG#AGjg3{^UAlJ)vp4^~F*DJVAF^^?B4)Y9w#aw{%aJ*bA
z*BBh{xWN{=8YjqAKC{laaf0K<0-S{tagrgh+*p7!Fh7F%%8iqwIGOtYf69%0cxm>h
zyE2VwEXK1of$E@6qbnyl&YXcW<;t*J*^!49lB<;5YZY9hG|yu?1*aN<5_hhU%jGgp
zu27`Q6<ns6r!p<TX@<aJF2rXzT`rYN3{H1$nznFpL(t_A%Jw3xA^m6L99d*ou=isT
zu9u5(u3Y3Z>r+!tE8oCy*^G3Wkp%Zk&p3?4oQu#fJIB>>A<pv&tbwDFJ<sv-a$JRl
z5iC?*o*%{ed{)*{u5!F5wN!g*s%y#Jg4zhlMe1Lj?Ud|d+<^;lp&_v6vKY7Eq6jY1
zxh{_4;?CzXxUj5TE(ps7*2X5)SWTOeNYT+yex1X#2;|NpNBI&wCg<Z)S?DwCjPgqz
z<xB98oQKPNf+FRYx!vA}2XT1>m+Nk?h~f&qy~~uVTGpU`vSThR)U92@bS17b1lHy}
zi5GA+DCSqY1)jt+xHf`ob%E=mxbBxPU~o;DHRp!q+zwfD71zHWHy8pd6ie}zoP!(X
zY@b<Ythv##W+`5mvp|(}R*5x>-OiU|1#XJqCf)hXQQT~Iu68hQg`rc{oUN?6f$0{Z
z4Bz5dvkD*KR@`O?tfZ{Md$>J<+jW6Eq7)<L{V!U;;I=Yr&IrpH9kE8v)cdwbMfFU#
z;6e)9o!xQg|33x(Pd)`M)$_hYCGRw*yRgI%lr-__a+)mg<a9+kO~C@iT*7oW?lA<!
z^i*rgsr=4&pT`W9EFFr263zTxI6L0V*CoF&9o~|lq7C$u)Zic=&)Luz17ETFd`m2u
zYzxMWm@-;FNwwEvtT$)~O@n0aQx#)sT${nM`&9n#kK%p`wT42}T};z<Yq--n*a2JO
zbTC@j?}FO_?Y%m!ar=QtKkumPS`3r95SKo(oI9(ZH#9UkhF;DTS~(4*X$Z8W(P;sl
zmRHx;1u<Pv(}mrNp)*~v_(8~qjzYMHG(3O@4MB<1r^v}N-;-06$tNqAubh66=^>&0
ze#l|2^?KrAIZ;k9c-W~fw#e~#MCSR-I`aq~aUQ{1uR9*aV}`)`e`~!k9>)`gpitig
zPvR*<P^eenX*^>H3Uv?9;yFX$>i7xI;{`)dsDF<a!O+Qz#rn5cikA&Rq5o^Vf@Oxl
z>a(?2hvgA0*YkWeidU`WD_YMP<hgt5R`XmKel}R<hONU_crAk0bl8e0m99pZ+q<cC
zJhF*&Pj*KY+ufJKW_tSi4%ms4@lnH+WpBW+zrMTHAK!_as~?VDcB=Gid?Uw&<+u%<
zK!cauKEK6xcs+vGb)RoU@dn@cr4<dWo^_YM$B%MsSdQ&LAsamBCi=+(Rz?{1=R|Kt
z@g_ICe(<-N#OVXf1$qPB<TG}9&+|euH_R`A9eg=?%FgapcwO;U1aIl=Z%6SqPocC;
zGRu9E*N?H5RR&MEnK$u#IVLQ}bhz=y+|*$&f_L~&r(PAsDs>e(p?-JJE$0ev!QFYe
z^gS2QLGScSBYVr|rC+}SzU~HuWS(A{6BV4mn<FQwmY}NW-h<yeE97Xb#=9OfhH_RD
z=O|x};&q9|XXn$5B&AxCbpPg3k-0CE5xk2{ddOe#o*XGh;C*}`Z9c0TA7N;h-G9U2
z75y-T54m_0ABAYX_50+<A$-ijaC{QNCoGJ`ry+dG!c?pY(M{D?`DY>eull}Q8^T%^
z=HT-XK4;-Ld=bJIEG)pf5bulXggGIZqr@Jm#2%q!y|3T{etg<OT4lDhps(byz3_=H
zSvg!XlEz3$Ni$=SNtq>wNkW=rCX&)fy?Hd|OB@TO0T)R<J-ch^!rabV`5HxcCFSBB
zUs^j+FP_ZSeY5~!F8VV$^SKN6LCcpcOEG@Z@#XM#A8{%q!**`bsj!Z|vV|qp(Tk!&
znlp2KNpj@IqNTpf;^Z26_2n>Kp5f52B&^gH!#*wm>Pr**HI5Y~Yc>*<3X@|Syykr}
z&pF9HS-5czGEC-b*tNZtV?<Hfyk5QFzjs(Ays7A>p{|Oi3B6GHk+zIpF%>;++b5r{
z`E2dym8hK1)LpyR+3wX-;oI&nN3Wg`LyyhSa}YbCF>E$ChMxULPe-rG6Q-e847~@l
zvN@5qVBUxMucx6;Kb?i;E!&lUv$WXC>GmHK!&WhDT}#B@ZjH(qw&C#LVC?8Repl|O
zavfW_j%~{weO*UI(`2sHFNXg8bhQ`;Fb|jy?DrJmph9gsyLxwMe2xx=`C;|yoBs_y
Cpp^#z

literal 0
HcmV?d00001

diff --git a/workflow/info.plist b/workflow/info.plist
index 7334ebf..4539d64 100644
--- a/workflow/info.plist
+++ b/workflow/info.plist
@@ -12,7 +12,7 @@
 		<array>
 			<dict>
 				<key>destinationuid</key>
-				<string>D05CE8AC-DFE8-46FC-A600-3163BAF7AD23</string>
+				<string>D21298B3-763D-48F9-A804-C3B06D3B70E7</string>
 				<key>modifiers</key>
 				<integer>0</integer>
 				<key>modifiersubtext</key>
@@ -56,11 +56,11 @@
 		<array>
 			<dict>
 				<key>destinationuid</key>
-				<string>D05CE8AC-DFE8-46FC-A600-3163BAF7AD23</string>
+				<string>D21298B3-763D-48F9-A804-C3B06D3B70E7</string>
 				<key>modifiers</key>
 				<integer>262144</integer>
 				<key>modifiersubtext</key>
-				<string>Initiate LP Command Line Client Login</string>
+				<string>Login to LastPass Vault</string>
 			</dict>
 			<dict>
 				<key>destinationuid</key>
@@ -153,7 +153,7 @@
 				<string></string>
 			</dict>
 		</array>
-		<key>D05CE8AC-DFE8-46FC-A600-3163BAF7AD23</key>
+		<key>D21298B3-763D-48F9-A804-C3B06D3B70E7</key>
 		<array/>
 		<key>DE8D285B-733F-4B2D-91DA-4613717E2005</key>
 		<array>
@@ -188,6 +188,31 @@
 	<string>LastPass CLI</string>
 	<key>objects</key>
 	<array>
+		<dict>
+			<key>config</key>
+			<dict>
+				<key>concurrently</key>
+				<false/>
+				<key>escaping</key>
+				<integer>0</integer>
+				<key>script</key>
+				<string>--display notification "Please wait... preparing login process..." with title "LastPass Login"

--Kill any previous login process as sometimes they hang or a user may interrupt them, if there are none (which there often are...) we will get an error response which we ignore.
try
	do shell script "killall -9 lpass &gt; /dev/null 2&gt;&amp;1"
end try

try
	set login_email to do shell script "`perl -e 'use strict; use warnings; my $emailAddress =`security find-generic-password -w -s \"alfred-lastpass-email-address\"`; chomp $emailAddress; print $emailAddress;'`"
on error
	display alert "Email address not set" message "It appears that no email address has been set. Please run 'lpsetemail your_email@example.com' and try again." as critical
	return
end try

--Try to get a login timeout if a custom one has been set, if not we set to default
try
	set login_timeout to do shell script "`perl -e 'use strict; use warnings; my $loginTimeout =`security find-generic-password -w -s \"alfred-lastpass-login-timeout\"`; chomp $loginTimeout; print $loginTimeout;'`"
on error
	set login_timeout to 28800
end try

tell application "Finder"
	set current_path to container of (path to me) as alias
end tell
set current_unix_path to POSIX path of current_path

--set osascript to current_unix_path &amp; "passwordInput.osascript"

set osascript to (system attribute "alfred_preferences") &amp; "/workflows/" &amp; (system attribute "alfred_workflow_uid") &amp; "/passwordInput.osascript"

do shell script "export LPASS_ASKPASS=\"" &amp; osascript &amp; "\""
do shell script "launchctl setenv LPASS_ASKPASS \"" &amp; osascript &amp; "\""

do shell script "launchctl setenv LPASS_AGENT_TIMEOUT " &amp; login_timeout

tell application "Finder"
	if exists POSIX file "/usr/bin/lpass" then
		set lpass_binary to "/usr/bin/lpass"
	else if exists POSIX file "/usr/local/bin/lpass" then
		set lpass_binary to "/usr/local/bin/lpass"
	else if exists POSIX file "/opt/local/bin/lpass" then
		set lpass_binary to "/opt/local/bin/lpass"
	end if
end tell

--improvement required here, test if we actually HAVE an lpass_binary and if not error out

if ("{query}" = "scriptlocationnotset") then
+display notification "Please wait... the alfred search will be presented once login is complete." with title "LastPass Login"
+end if

do shell script "/bin/bash -c '" &amp; "export TERM=\"xterm-256color\" &amp;&amp; export LPASS_ASKPASS=\"" &amp; osascript &amp; "\" &amp;&amp; export LPASS_AGENT_TIMEOUT=" &amp; login_timeout &amp; " &amp;&amp; " &amp; lpass_binary &amp; " login --trust \"" &amp; login_email &amp; "\" &amp;&amp; clear &amp;&amp; " &amp; lpass_binary &amp; " ls --sync=now &gt; /dev/null 2&gt;&amp;1 &amp;&amp; exit 0'"
+
+if ("{query}" = "scriptlocationnotset") then
+tell application "Alfred 2" to search "lp "
+end if</string>
+				<key>type</key>
+				<integer>6</integer>
+			</dict>
+			<key>type</key>
+			<string>alfred.workflow.action.script</string>
+			<key>uid</key>
+			<string>D21298B3-763D-48F9-A804-C3B06D3B70E7</string>
+			<key>version</key>
+			<integer>0</integer>
+		</dict>
 		<dict>
 			<key>config</key>
 			<dict>
@@ -234,40 +259,6 @@
 			<key>version</key>
 			<integer>0</integer>
 		</dict>
-		<dict>
-			<key>config</key>
-			<dict>
-				<key>escaping</key>
-				<integer>0</integer>
-				<key>script</key>
-				<string>killall -9 lpass &gt; /dev/null 2&gt;&amp;1
-clear
-login_email=`perl -e 'use strict; use warnings; my $emailAddress =\`security find-generic-password -w -s "alfred-lastpass-email-address"\`; chomp $emailAddress; print $emailAddress;'`
-login_timeout=`perl -e 'use strict; use warnings; my $loginTimeout =\`security find-generic-password -w -s "alfred-lastpass-login-timeout"\`; chomp $loginTimeout; print $loginTimeout;'`
-if [[ -z $login_timeout ]]; then
-login_timeout="28800"
-fi
-clear
-if [[ -z $login_email ]]; then
-echo "It appears that no email address has been set";
-echo "Please run 'lpsetemail your_email@example.com'";
-fi
-launchctl setenv LPASS_AGENT_TIMEOUT $login_timeout &amp;&amp; export LPASS_AGENT_TIMEOUT=$login_timeout
-for f in lpass /usr/local/bin/lpass /opt/local/bin/lpass /usr/bin/lpass; do
-if test -x $f; then
-lpass_exec=$f
-fi
-done
-clear
-$lpass_exec login --trust "$login_email" &amp;&amp; clear &amp;&amp; echo 'Forcing vault synchronisation... Please wait... (this window will close when complete)' &amp;&amp; $lpass_exec ls --sync=now &gt; /dev/null 2&gt;&amp;1 &amp;&amp; exit 0</string>
-			</dict>
-			<key>type</key>
-			<string>alfred.workflow.action.terminalcommand</string>
-			<key>uid</key>
-			<string>D05CE8AC-DFE8-46FC-A600-3163BAF7AD23</string>
-			<key>version</key>
-			<integer>0</integer>
-		</dict>
 		<dict>
 			<key>config</key>
 			<dict>
@@ -332,7 +323,7 @@ print $details[0];
 				<key>argumenttype</key>
 				<integer>0</integer>
 				<key>escaping</key>
-				<integer>127</integer>
+				<integer>126</integer>
 				<key>keyword</key>
 				<string>lp</string>
 				<key>queuedelaycustom</key>
@@ -359,6 +350,22 @@ $search=~ s/\'/\\'/g;
 #    exit 0;
 #}
 
+my $loginScriptLocation = `launchctl getenv LPASS_ASKPASS`;
+
+chomp($loginScriptLocation);
+
+#check if getenv LPASS_ASKPASS is not set... if it isn't a login definitely
+#hasn't been completed by the flow and needs to be.
+
+if ($loginScriptLocation eq "")
+{
+print qq{&lt;?xml version="1.0"?&gt;\n&lt;items&gt;\n};
+print qq{&lt;item uid="error-login"&gt;&lt;arg&gt;scriptlocationnotset&lt;/arg&gt;&lt;title&gt;It appears you are not logged in to LastPass.&lt;/title&gt;&lt;subtitle&gt;Please login using the 'lplogin' command or press 'ctrl' + enter to login now.&lt;/subtitle&gt;&lt;icon&gt;icon.png&lt;/icon&gt;&lt;/item&gt;\n};
+
+print "&lt;/items&gt;\n";
+exit 1;
+}
+
 my ($agent, $agentErr, $agentErrCode) = capture {
   system('ps -ef | grep "lpass \[agent\]" | grep -v grep | grep -v "perl"');
 };
@@ -369,8 +376,13 @@ foreach my $f (qw@lpass /usr/local/bin/lpass /opt/local/bin/lpass /usr/bin/lpass
         if (-x $f);
 }
 
+#add multiple grep statements to deal with multiple words as AWK on OSx
+#does not allow for case insensitive searches
+
+$search=~ s/ /" | grep -i "/g;
+
 my ($results, $err, $errorCode) = capture {
-    system($lpass_exec . ' ls --sync=no | grep -i ' . $search);
+    system($lpass_exec . ' ls --sync=no | grep -i "' . $search . '"');
 };
 
 print qq{&lt;?xml version="1.0"?&gt;\n&lt;items&gt;\n};
@@ -393,24 +405,25 @@ exit 2;
 }else {
 
 my @resultsArray = split /\n/, $results;
+
 foreach my $result (@resultsArray) {
 my $id;
 my $name;
-if ($result =~ '^(.*) \[id: ([0-9]*)\]$'){
-$name = $1;
-$id = $2;
+if ($result =~ '^(.*) +\[id: ([0-9]*)\]'){
+$name = "$1";
+$id = "$2";
 }
 
-print qq{&lt;item uid="$id"&gt;&lt;arg&gt;'$name', '$id'&lt;/arg&gt;&lt;title&gt;$name&lt;/title&gt;&lt;subtitle&gt;&lt;/subtitle&gt;&lt;icon&gt;icon.png&lt;/icon&gt;&lt;/item&gt;\n};
+print qq{&lt;item uid="$id"&gt;&lt;arg&gt;&lt;![CDATA['$name', '$id']]&gt;&lt;/arg&gt;&lt;title&gt;&lt;![CDATA[$name]]&gt;&lt;/title&gt;&lt;subtitle&gt;&lt;/subtitle&gt;&lt;icon&gt;icon.png&lt;/icon&gt;&lt;/item&gt;\n};
 }
 
 print "&lt;/items&gt;\n";
 }
 exit 0;</string>
 				<key>subtext</key>
-				<string>Search Laspass Vault</string>
+				<string>Search Lastpass Vault</string>
 				<key>title</key>
-				<string>Search Laspass Vault</string>
+				<string>Search Lastpass Vault</string>
 				<key>type</key>
 				<integer>4</integer>
 				<key>withspace</key>
@@ -539,7 +552,7 @@ print $details[0];
 				<key>escaping</key>
 				<integer>127</integer>
 				<key>script</key>
-				<string>
+				<string>#!/bin/bash
 for f in lpass /usr/local/bin/lpass /opt/local/bin/lpass /usr/bin/lpass; do
     if test -x $f; then
         lpass_exec=$f
@@ -657,7 +670,9 @@ exit 0;</string>
 				<key>escaping</key>
 				<integer>102</integer>
 				<key>script</key>
-				<string>security add-generic-password -a "alfred-lastpass-email-address" -s "alfred-lastpass-email-address" -w "{query}" -C "note" -U
+				<string>#!/bin/bash
+
+security add-generic-password -a "alfred-lastpass-email-address" -s "alfred-lastpass-email-address" -w "{query}" -C "note" -U
 
 echo "{query}"</string>
 				<key>type</key>
@@ -747,7 +762,9 @@ echo "{query}"</string>
 				<key>escaping</key>
 				<integer>102</integer>
 				<key>script</key>
-				<string>security add-generic-password -a "alfred-lastpass-login-timeout" -s "alfred-lastpass-login-timeout" -w "{query}" -C "note" -U
+				<string>#!/bin/bash
+
+security add-generic-password -a "alfred-lastpass-login-timeout" -s "alfred-lastpass-login-timeout" -w "{query}" -C "note" -U
 
 echo "{query}"</string>
 				<key>type</key>
@@ -781,13 +798,14 @@ echo "{query}"</string>
 		</dict>
 	</array>
 	<key>readme</key>
-	<string>See installation instructions at http://technicalnotebook.com/wiki/display/ALFREDWORKFLOWS/Installation+Instructions+-+LastPass+Workflow+for+Alfred
-
-For support please log a ticket on my JIRA BugTracker —&gt; http://technicalnotebook.com/jira/browse/LPALFRED/
+	<string>See installation instructions at https://github.com/stuartcryan/lastpass-alfred-workflow
+For support please log a ticket on https://github.com/stuartcryan/lastpass-alfred-workflow
 
 NOTE: This Alfred Workflow is not affiliated in any way with LastPass. The LastPass trademark and logo are owned by LastPass.com. The LastPass logo and product name have been used with permission of the LastPass team.
 
-My thanks go out to LastPass for their awesome product and the new CLI!</string>
+My thanks go out to LastPass for their awesome product and the new CLI!
+
+Version: 1.4.2</string>
 	<key>uidata</key>
 	<dict>
 		<key>01DFFE0F-13AB-4E19-AC39-8E2177548224</key>
@@ -870,7 +888,7 @@ My thanks go out to LastPass for their awesome product and the new CLI!</string>
 			<key>ypos</key>
 			<real>380</real>
 		</dict>
-		<key>D05CE8AC-DFE8-46FC-A600-3163BAF7AD23</key>
+		<key>D21298B3-763D-48F9-A804-C3B06D3B70E7</key>
 		<dict>
 			<key>ypos</key>
 			<real>160</real>
diff --git a/workflow/passwordInput.osascript b/workflow/passwordInput.osascript
new file mode 100755
index 0000000..a0ec2b1
--- /dev/null
+++ b/workflow/passwordInput.osascript
@@ -0,0 +1,13 @@
+#!/usr/bin/osascript
+set my_password to display dialog ¬
+    "Please enter your LastPass Vault password:" with title ¬
+    "Password" with icon caution ¬
+    default answer ¬
+    "" buttons {"Cancel", "OK"} default button 2 ¬
+    giving up after 295 ¬
+    with hidden answer
+if length of (text returned of my_password) is not 0 then
+    return (text returned of my_password)
+else
+    display dialog "You didn't enter a password!" buttons ["OK"] default button 1
+end if

From a3b869955e419dffa9280b783fdb4998b60087a5 Mon Sep 17 00:00:00 2001
From: Stuart Ryan <stuart@ryan.email>
Date: Thu, 14 Jan 2016 11:49:35 +1100
Subject: [PATCH 2/2] Updated Readme

Signed-off-by: Stuart Ryan <stuart@ryan.email>
---
 README.md | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 929e742..0b68fa0 100644
--- a/README.md
+++ b/README.md
@@ -2,13 +2,16 @@
 
 Simple yet powerful integration with the Lastpass CLI so you can now get your passwords out of your Lastpass vault and straight into the clipboard from within Alfred.
 
+## Important note for v.1.4.2
+Please note, v1.4.2 and higer of the workflow require v0.7.1 or higher of the LastPass CLI to operate, if you do not have this then it will not work. Therefore please ensure you update to the latest version of the CLI.
+
 ## How to use the workflow
 Check out the official YouTube video, it will give you a quick two and a half minute rundown (updated for v1.2 and above).
 
 [![ScreenShot](http://akamai.technicalnotebook.com/alfred-workflow-images/lastpass-cli-for-alfred/demonstration_of_lastpass_workflow_for_alfred_v1_2.png)](https://www.youtube.com/watch?v=DJvtjBs2r6E)
 
 ## Donations
-This workflow represents many many hours effort of development, testing and rework. So if you love the workflow, and get use out of it every day, if you would like to donate as a thank you to buy me more caffeine giving Diet Coke, some Cake, or to put towards a shiny new gadget you can [donate to me via Paypal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=JM6E65M2GLXHE). 
+This workflow (and the 1.4.2 update especially) represents many many hours effort of development, testing and rework. So if you love the workflow, and get use out of it every day, if you would like to donate as a thank you to buy me more caffeine giving Diet Coke, some Cake, or to put towards a shiny new gadget you can [donate to me via Paypal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=JM6E65M2GLXHE). 
 
 <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=JM6E65M2GLXHE" target="_blank"><img src="http://akamai.technicalnotebook.com/alfred-workflow-images/donate.png" border="0" alt="PayPal — The safer, easier way to pay online."></a>
 
@@ -49,6 +52,18 @@ This workflow represents many many hours effort of development, testing and rewo
 
 ## History
 
+* Version 1.4.2
+	1. NOTE: This version *requires* the LastPass CLI v 0.7.1 or higher due to this new feature --> Login process completely changed over to use AppleScript (cleaner and nicer). This was thanks to work between myself and Bob from LastPass who maintains the official LastPass CLI to add a feature allowing an external login prompt to be used.
+	2. Login password prompt now uses an AppleScript password prompt.
+	3. Fix to allow you to search for words in any order.
+	4. Vault item's which now require re-authentication will pop up the AppleScript login prompt.
+	5. Has now been tested with a Vault with over 30,000 items for performance tweaks. (I have since been told by LastPass support their soft limit is significantly lower than this at ~2500 items explains why I was having some issues in testing).
+	6. More resilient escaping of text in the XML to ensure that special characters should not cause any issues.
+	7. Fixed missing quotes in some areas that could cause issues with spaces.
+	8. Squashed a little regex bug and wiped up the goo.
+	9. Fixed issues with spaces in certain paths we referenced
+	10. Fixed how the initial login process is run after a reboot. This required the changes made to how we manage the login process and it has subsequently been cleaned up significantly.
+	11. Other minor general tweaks.
 * Version 1.2
 	1. Bug - Removed deprecated framework code
 	2. Bug - Merged [pull request #4](https://github.com/stuartcryan/lastpass-alfred-workflow/pull/4) from [jsquyres](https://github.com/jsquyres) "we-love-macports-too" to support macports installs of the lastpass-CLI