mirror of
https://github.com/openSUSE/osc.git
synced 2024-12-27 02:16:12 +01:00
Print user and apiurl when prompting for a password
It's not a good idea to send a password to a different server than it belongs. Now the server identity is obvious.
This commit is contained in:
parent
7de13ea597
commit
f8a8c9c91c
@ -794,7 +794,7 @@ def get_config(override_conffile=None,
|
|||||||
user = _extract_user_compat(cp, url, creds_mgr)
|
user = _extract_user_compat(cp, url, creds_mgr)
|
||||||
if user is None:
|
if user is None:
|
||||||
raise oscerr.ConfigMissingCredentialsError('No user found in section %s' % url, conffile, url)
|
raise oscerr.ConfigMissingCredentialsError('No user found in section %s' % url, conffile, url)
|
||||||
password = creds_mgr.get_password(url, user, defer=True)
|
password = creds_mgr.get_password(url, user, defer=True, apiurl=apiurl)
|
||||||
if password is None:
|
if password is None:
|
||||||
raise oscerr.ConfigMissingCredentialsError('No password found in section %s' % url, conffile, url)
|
raise oscerr.ConfigMissingCredentialsError('No password found in section %s' % url, conffile, url)
|
||||||
|
|
||||||
|
@ -80,14 +80,14 @@ class AbstractCredentialsManager:
|
|||||||
def create(cls, cp, options):
|
def create(cls, cp, options):
|
||||||
return cls(cp, options)
|
return cls(cp, options)
|
||||||
|
|
||||||
def _get_password(self, url, user):
|
def _get_password(self, url, user, apiurl=None):
|
||||||
raise NotImplementedError()
|
raise NotImplementedError()
|
||||||
|
|
||||||
def get_password(self, url, user, defer=True):
|
def get_password(self, url, user, defer=True, apiurl=None):
|
||||||
if defer:
|
if defer:
|
||||||
return _LazyPassword(lambda: self._get_password(url, user))
|
return _LazyPassword(lambda: self._get_password(url, user, apiurl=apiurl))
|
||||||
else:
|
else:
|
||||||
return self._get_password(url, user)
|
return self._get_password(url, user, apiurl=apiurl)
|
||||||
|
|
||||||
def set_password(self, url, user, password):
|
def set_password(self, url, user, password):
|
||||||
raise NotImplementedError()
|
raise NotImplementedError()
|
||||||
@ -103,7 +103,7 @@ class AbstractCredentialsManager:
|
|||||||
|
|
||||||
|
|
||||||
class PlaintextConfigFileCredentialsManager(AbstractCredentialsManager):
|
class PlaintextConfigFileCredentialsManager(AbstractCredentialsManager):
|
||||||
def get_password(self, url, user, defer=True):
|
def get_password(self, url, user, defer=True, apiurl=None):
|
||||||
return self._cp.get(url, 'pass', raw=True)
|
return self._cp.get(url, 'pass', raw=True)
|
||||||
|
|
||||||
def set_password(self, url, user, password):
|
def set_password(self, url, user, password):
|
||||||
@ -132,13 +132,12 @@ class PlaintextConfigFileDescriptor(AbstractCredentialsManagerDescriptor):
|
|||||||
return PlaintextConfigFileCredentialsManager(cp, None)
|
return PlaintextConfigFileCredentialsManager(cp, None)
|
||||||
|
|
||||||
|
|
||||||
class ObfuscatedConfigFileCredentialsManager(
|
class ObfuscatedConfigFileCredentialsManager(PlaintextConfigFileCredentialsManager):
|
||||||
PlaintextConfigFileCredentialsManager):
|
def get_password(self, url, user, defer=True, apiurl=None):
|
||||||
def get_password(self, url, user, defer=True):
|
|
||||||
if self._cp.has_option(url, 'passx', proper=True):
|
if self._cp.has_option(url, 'passx', proper=True):
|
||||||
passwd = self._cp.get(url, 'passx', raw=True)
|
passwd = self._cp.get(url, 'passx', raw=True)
|
||||||
else:
|
else:
|
||||||
passwd = super(self.__class__, self).get_password(url, user)
|
passwd = super(self.__class__, self).get_password(url, user, apiurl=apiurl)
|
||||||
return self.decode_password(passwd)
|
return self.decode_password(passwd)
|
||||||
|
|
||||||
def set_password(self, url, user, password):
|
def set_password(self, url, user, password):
|
||||||
@ -182,9 +181,15 @@ class TransientCredentialsManager(AbstractCredentialsManager):
|
|||||||
if options is not None:
|
if options is not None:
|
||||||
raise RuntimeError('options must be None')
|
raise RuntimeError('options must be None')
|
||||||
|
|
||||||
def _get_password(self, url, user):
|
def _get_password(self, url, user, apiurl=None):
|
||||||
if self._password is None:
|
if self._password is None:
|
||||||
self._password = getpass.getpass('Password: ')
|
if apiurl:
|
||||||
|
# strip scheme from apiurl because we don't want to display it to the user
|
||||||
|
apiurl_no_scheme = urlsplit(apiurl)[1]
|
||||||
|
msg = f'Password [{user}@{apiurl_no_scheme}]: '
|
||||||
|
else:
|
||||||
|
msg = 'Password: '
|
||||||
|
self._password = getpass.getpass(msg)
|
||||||
return self._password
|
return self._password
|
||||||
|
|
||||||
def set_password(self, url, user, password):
|
def set_password(self, url, user, password):
|
||||||
@ -229,7 +234,7 @@ class KeyringCredentialsManager(AbstractCredentialsManager):
|
|||||||
return None
|
return None
|
||||||
return super(cls, cls).create(cp, options)
|
return super(cls, cls).create(cp, options)
|
||||||
|
|
||||||
def _get_password(self, url, user):
|
def _get_password(self, url, user, apiurl=None):
|
||||||
self._load_backend()
|
self._load_backend()
|
||||||
return keyring.get_password(urlsplit(url)[1], user)
|
return keyring.get_password(urlsplit(url)[1], user)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user