Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use InMemoryAccountInfo when using env vars for authentication #1009

Merged
merged 16 commits into from
Mar 28, 2024
Merged

Use InMemoryAccountInfo when using env vars for authentication #1009

merged 16 commits into from
Mar 28, 2024

Conversation

agoncharov-reef
Copy link
Contributor

@agoncharov-reef agoncharov-reef commented Mar 27, 2024
edited
Loading

Re #894

Current behavior:
When users use env vars for authenticating in B2, those credentials are stored in ~/.b2_account_info file which is unexpected by users and exposes B2 secrets to everyone who can read the file.

New behavior (CLI >=v4 only):
If user uses env vars for authentication, console tool uses InMemoryAccountInfo for storing account info and InMemoryCache for caching data.

Exception: when user calls authorize-account or clear-account commands, they store (or clear) credentials on disk even if "env vars authorization" is used.

--

This PR also removes b2_api parameter from ConsoleTool class init method. It was used only in tests and allowed passing mocked B2Api instance, however it added complexity to production code in case when special parameters were passed (like --max_download_streams_per_file): those parameters should be passed to B2Api during initialization, but ConsoleTool received already initialized mocked B2Api instance and thus those parameters couldn't be applied.

This is fixed by delegating B2Api initialization to ConsoleTool entirely, and for tests we use monkeypatching which substitutes few functions used to initialize B2Api inside ConsoleTool.

agoncharov-reef and others added 16 commits March 21, 2024 11:57
@agoncharov-reef
Use in-memory account info storage when using env vars for auth
d3c980f
@agoncharov-reef
Lint fixes
531ffff
@agoncharov-reef
Expose last instance of ConsoleTool after BaseConsoleToolTest.run_com…
40e9254 
…mand
@agoncharov-reef
Minor fixes after rebase
6d3d0fc
@agoncharov-reef
Fix integration test due to not creating account info file
a6fbcee
@agoncharov-reef
Fix integration test due to lack of valid account for testing
9a502ad
@agoncharov-reef
Don't delete account_info_file
bd44cb1
@agoncharov-reef @mjurbanski-reef
Update changelog.d/+not-saving-auth-data-when-env-vars.fixed.md
e5215b5 
Co-authored-by: Maciej Urbański <122983254+mjurbanski-reef@users.noreply.github.com>
@agoncharov-reef
Use in-memory account info since v4 only
86d7574
@agoncharov-reef
Don't use in-memory account info if it would match account info on disk
41cb0f7
@agoncharov-reef
Preserve storing account info in v3
98ea664
@agoncharov-reef
Use random temp folder for EnvVarTestContext
d75670a
@agoncharov-reef
WIP remove EnvVarTestContext
8657852
@agoncharov-reef
Remove EnvVarTestContext
78a1fdc
@agoncharov-reef @mjurbanski-reef
Update changelog.d/+not-saving-auth-data-when-env-vars.fixed.md
3f658c3 
Co-authored-by: Maciej Urbański <122983254+mjurbanski-reef@users.noreply.github.com>
@agoncharov-reef
Don't create unnecessary account info file
e7e6a43
@mjurbanski-reef mjurbanski-reef merged commit d9d8851 into Backblaze:master Mar 28, 2024
30 checks passed
@mjurbanski-reef mjurbanski-reef deleted the inmemory-if-env-vars-auth branch March 28, 2024 16:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@agoncharov-reef @mjurbanski-reef