mirror of
https://github.com/Garmelon/PFERD.git
synced 2023-12-21 10:23:01 +01:00
Allow invalidation of keyring authenticator
This commit is contained in:
parent
61430c8739
commit
d905e95dbb
@ -4,17 +4,14 @@ import keyring
|
|||||||
|
|
||||||
from ..config import Config
|
from ..config import Config
|
||||||
from ..logging import log
|
from ..logging import log
|
||||||
from ..utils import agetpass
|
from ..utils import agetpass, ainput
|
||||||
from ..version import NAME
|
from ..version import NAME
|
||||||
from .authenticator import Authenticator, AuthError, AuthSection
|
from .authenticator import Authenticator, AuthError, AuthSection
|
||||||
|
|
||||||
|
|
||||||
class KeyringAuthSection(AuthSection):
|
class KeyringAuthSection(AuthSection):
|
||||||
def username(self) -> str:
|
def username(self) -> Optional[str]:
|
||||||
name = self.s.get("username")
|
return self.s.get("username")
|
||||||
if name is None:
|
|
||||||
self.missing_value("username")
|
|
||||||
return name
|
|
||||||
|
|
||||||
def keyring_name(self) -> str:
|
def keyring_name(self) -> str:
|
||||||
return self.s.get("keyring_name", fallback=NAME)
|
return self.s.get("keyring_name", fallback=NAME)
|
||||||
@ -34,23 +31,41 @@ class KeyringAuthenticator(Authenticator):
|
|||||||
self._password: Optional[str] = None
|
self._password: Optional[str] = None
|
||||||
self._keyring_name = section.keyring_name()
|
self._keyring_name = section.keyring_name()
|
||||||
|
|
||||||
|
self._password_invalidated = False
|
||||||
|
self._username_fixed = section.username() is not None
|
||||||
|
|
||||||
async def credentials(self) -> Tuple[str, str]:
|
async def credentials(self) -> Tuple[str, str]:
|
||||||
if self._password is not None:
|
# Request the username
|
||||||
|
if self._username is None:
|
||||||
|
async with log.exclusive_output():
|
||||||
|
self._username = await ainput("Username: ")
|
||||||
|
|
||||||
|
# First try looking it up in the keyring.
|
||||||
|
# Do not look it up if it was invalidated - we want to re-prompt in this case
|
||||||
|
if self._password is None and not self._password_invalidated:
|
||||||
|
self._password = keyring.get_password(self._keyring_name, self._username)
|
||||||
|
|
||||||
|
# If that fails it wasn't saved in the keyring - we need to
|
||||||
|
# read it from the user and store it
|
||||||
|
if self._password is None:
|
||||||
|
async with log.exclusive_output():
|
||||||
|
self._password = await agetpass("Password: ")
|
||||||
|
keyring.set_password(self._keyring_name, self._username, self._password)
|
||||||
|
|
||||||
|
self._password_invalidated = False
|
||||||
return self._username, self._password
|
return self._username, self._password
|
||||||
|
|
||||||
password = keyring.get_password(self._keyring_name, self._username)
|
|
||||||
|
|
||||||
if not password:
|
|
||||||
async with log.exclusive_output():
|
|
||||||
password = await agetpass("Password: ")
|
|
||||||
keyring.set_password(self._keyring_name, self._username, password)
|
|
||||||
|
|
||||||
self._password = password
|
|
||||||
|
|
||||||
return self._username, password
|
|
||||||
|
|
||||||
def invalidate_credentials(self) -> None:
|
def invalidate_credentials(self) -> None:
|
||||||
|
if not self._username_fixed:
|
||||||
|
self.invalidate_username()
|
||||||
self.invalidate_password()
|
self.invalidate_password()
|
||||||
|
|
||||||
|
def invalidate_username(self) -> None:
|
||||||
|
if self._username_fixed:
|
||||||
|
raise AuthError("Configured username is invalid")
|
||||||
|
else:
|
||||||
|
self._username = None
|
||||||
|
|
||||||
def invalidate_password(self) -> None:
|
def invalidate_password(self) -> None:
|
||||||
raise AuthError("Invalid password")
|
self._password = None
|
||||||
|
self._password_invalidated = True
|
||||||
|
Loading…
Reference in New Issue
Block a user