Properly invalidate exceptions

The simple authenticator now properly invalidates its credentials. Also, the
invalidation functions have been given better names and documentation.
This commit is contained in:
Joscha 2021-05-15 17:37:05 +02:00
parent b70b62cef5
commit d63494908d
3 changed files with 50 additions and 7 deletions

View File

@ -42,11 +42,35 @@ class Authenticator(ABC):
async def credentials(self) -> Tuple[str, str]: async def credentials(self) -> Tuple[str, str]:
pass pass
def invalid_credentials(self) -> None: def invalidate_credentials(self) -> None:
"""
Tell the authenticator that some or all of its credentials are invalid.
Authenticators should overwrite this function if they have a way to
deal with this issue that is likely to result in valid credentials
(e. g. prompting the user).
"""
raise AuthException("Invalid credentials") raise AuthException("Invalid credentials")
def invalid_username(self) -> None: def invalidate_username(self) -> None:
"""
Tell the authenticator that specifically its username is invalid.
Authenticators should overwrite this function if they have a way to
deal with this issue that is likely to result in valid credentials
(e. g. prompting the user).
"""
raise AuthException("Invalid username") raise AuthException("Invalid username")
def invalid_password(self) -> None: def invalidate_password(self) -> None:
"""
Tell the authenticator that specifically its password is invalid.
Authenticators should overwrite this function if they have a way to
deal with this issue that is likely to result in valid credentials
(e. g. prompting the user).
"""
raise AuthException("Invalid password") raise AuthException("Invalid password")

View File

@ -1,6 +1,6 @@
from typing import Optional, Tuple from typing import Optional, Tuple
from ..authenticator import Authenticator, AuthSection from ..authenticator import Authenticator, AuthException, AuthSection
from ..conductor import TerminalConductor from ..conductor import TerminalConductor
from ..config import Config from ..config import Config
from ..utils import agetpass, ainput from ..utils import agetpass, ainput
@ -42,7 +42,26 @@ class SimpleAuthenticator(Authenticator):
if self.password is None: if self.password is None:
self.password = await agetpass("Password: ") self.password = await agetpass("Password: ")
else:
print("Password: *******")
return self.username, self.password return self.username, self.password
def invalidate_credentials(self) -> None:
if self.username_fixed and self.password_fixed:
raise AuthException("Configured credentials are invalid")
if not self.username_fixed:
self.username = None
if not self.password_fixed:
self.password = None
def invalidate_username(self) -> None:
if self.username_fixed:
raise AuthException("Configured username is invalid")
else:
self.username = None
def invalidate_password(self) -> None:
if self.password_fixed:
raise AuthException("Configured password is invalid")
else:
self.password = None

View File

@ -156,7 +156,7 @@ class KitShibbolethLogin:
soup = await self._authenticate_tfa(sess, soup) soup = await self._authenticate_tfa(sess, soup)
if not self._login_successful(soup): if not self._login_successful(soup):
self._auth.invalid_credentials() self._auth.invalidate_credentials()
# Equivalent: Being redirected via JS automatically # Equivalent: Being redirected via JS automatically
# (or clicking "Continue" if you have JS disabled) # (or clicking "Continue" if you have JS disabled)