Reuse a session token from environment, not from command line
The op signin command has an immensely useful functionality:
You can use the `--session` option with the `signin` command to reuse an
active token or to test whether a session has expired. This may be
useful when writing scripts that use the command-line tool. If the
session is active, the tool will use it and return the same token. If
the session is expired, you’ll have to sign in again.
However, as Michael pointed out in https://1password.community/discussion/123986/command-line-tool-v1-12-2-op-create-item-template-file-json it is insecure to provide secrets on the command-line. For example, in shared and cloud environments there's a risk of other users seeing the session token through ps or the token making its way to audit logs.
With that in mind, it would be fantastic if the token reuse functionality was usable with the session token in an environmental variable. I see two possible approaches:
1. Change the default behavior of op signin (without --session parameter) to reuse the existing session token by default. Add a new parameter e.g. --new-session to force a new sign-in.
2. Leave the current default behavior as it is, add a --reuse parameter to tell the CLI to try reusing the token from env.
Best regards,
Kamil Domański
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
