2021-05-23 19:44:12 +02:00
|
|
|
from typing import Optional, Tuple
|
|
|
|
|
|
|
|
|
|
import keyring
|
|
|
|
|
|
|
|
|
|
from ..logging import log
|
2021-05-25 15:02:35 +02:00
|
|
|
from ..utils import agetpass, ainput
|
2021-05-23 19:44:12 +02:00
|
|
|
from ..version import NAME
|
2021-05-25 14:21:12 +02:00
|
|
|
from .authenticator import Authenticator, AuthError, AuthSection
|
2021-05-23 19:44:12 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class KeyringAuthSection(AuthSection):
|
2021-05-25 15:02:35 +02:00
|
|
|
def username(self) -> Optional[str]:
|
|
|
|
|
return self.s.get("username")
|
2021-05-23 19:44:12 +02:00
|
|
|
|
|
|
|
|
def keyring_name(self) -> str:
|
|
|
|
|
return self.s.get("keyring_name", fallback=NAME)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class KeyringAuthenticator(Authenticator):
|
|
|
|
|
|
2021-05-31 18:21:18 +02:00
|
|
|
def __init__(self, name: str, section: KeyringAuthSection) -> None:
|
2021-05-25 15:11:33 +02:00
|
|
|
super().__init__(name)
|
2021-05-23 19:44:12 +02:00
|
|
|
|
|
|
|
|
self._username = section.username()
|
|
|
|
|
self._password: Optional[str] = None
|
|
|
|
|
self._keyring_name = section.keyring_name()
|
|
|
|
|
|
2021-05-25 15:02:35 +02:00
|
|
|
self._password_invalidated = False
|
|
|
|
|
self._username_fixed = section.username() is not None
|
|
|
|
|
|
2021-05-23 19:44:12 +02:00
|
|
|
async def credentials(self) -> Tuple[str, str]:
|
2021-05-25 15:02:35 +02:00
|
|
|
# Request the username
|
|
|
|
|
if self._username is None:
|
|
|
|
|
async with log.exclusive_output():
|
|
|
|
|
self._username = await ainput("Username: ")
|
2021-05-23 19:44:12 +02:00
|
|
|
|
2021-05-25 15:02:35 +02:00
|
|
|
# First try looking it up in the keyring.
|
|
|
|
|
# Do not look it up if it was invalidated - we want to re-prompt in this case
|
|
|
|
|
if self._password is None and not self._password_invalidated:
|
|
|
|
|
self._password = keyring.get_password(self._keyring_name, self._username)
|
2021-05-23 19:44:12 +02:00
|
|
|
|
2021-05-25 15:02:35 +02:00
|
|
|
# If that fails it wasn't saved in the keyring - we need to
|
|
|
|
|
# read it from the user and store it
|
|
|
|
|
if self._password is None:
|
2021-05-23 19:44:12 +02:00
|
|
|
async with log.exclusive_output():
|
2021-05-25 15:02:35 +02:00
|
|
|
self._password = await agetpass("Password: ")
|
|
|
|
|
keyring.set_password(self._keyring_name, self._username, self._password)
|
2021-05-23 19:44:12 +02:00
|
|
|
|
2021-05-25 15:02:35 +02:00
|
|
|
self._password_invalidated = False
|
|
|
|
|
return self._username, self._password
|
2021-05-23 19:44:12 +02:00
|
|
|
|
|
|
|
|
def invalidate_credentials(self) -> None:
|
2021-05-25 15:02:35 +02:00
|
|
|
if not self._username_fixed:
|
|
|
|
|
self.invalidate_username()
|
2021-05-23 19:44:12 +02:00
|
|
|
self.invalidate_password()
|
|
|
|
|
|
2021-05-25 15:02:35 +02:00
|
|
|
def invalidate_username(self) -> None:
|
|
|
|
|
if self._username_fixed:
|
|
|
|
|
raise AuthError("Configured username is invalid")
|
|
|
|
|
else:
|
|
|
|
|
self._username = None
|
|
|
|
|
|
2021-05-23 19:44:12 +02:00
|
|
|
def invalidate_password(self) -> None:
|
2021-05-25 15:02:35 +02:00
|
|
|
self._password = None
|
|
|
|
|
self._password_invalidated = True
|
