From f19e0038bddf42e937b5a7675bd6ed43f539590b Mon Sep 17 00:00:00 2001
From: iromli <isman.firmansyah@gmail.com>
Date: Fri, 19 Apr 2024 03:28:06 +0700
Subject: [PATCH] fix(jans-pycloudlib): incorrect password loaded for couchbase
 access

Signed-off-by: iromli <isman.firmansyah@gmail.com>
---
 .../jans/pycloudlib/lock/couchbase_lock.py    | 35 ++++++-------------
 1 file changed, 10 insertions(+), 25 deletions(-)

diff --git a/jans-pycloudlib/jans/pycloudlib/lock/couchbase_lock.py b/jans-pycloudlib/jans/pycloudlib/lock/couchbase_lock.py
index 704c3d22919..579d323f8ad 100644
--- a/jans-pycloudlib/jans/pycloudlib/lock/couchbase_lock.py
+++ b/jans-pycloudlib/jans/pycloudlib/lock/couchbase_lock.py
@@ -186,33 +186,18 @@ def _prepare_bucket(self):
                 resp.raise_for_status()
 
     def _resolve_auth(self):
-        # list of possible password files
-        password_files = [
-            os.environ.get("CN_OCI_LOCK_PASSWORD_FILE", "/etc/jans/conf/oci_lock_password")
-        ]
-
-        # check which user is accessing couchbase
-        user = os.environ.get("CN_COUCHBASE_SUPERUSER", "")
-
-        if user:
-            password_files.append(
-                os.environ.get("CN_COUCHBASE_SUPERUSER_PASSWORD_FILE", "/etc/jans/conf/couchbase_superuser_password")
-            )
-        else:
-            user = os.environ.get("CN_COUCHBASE_USER", "admin")
-            password_files.append(
-                os.environ.get("CN_COUCHBASE_PASSWORD_FILE", "/etc/jans/conf/couchbase_password")
-            )
-
-        # password of the running user
-        password = ""  # nosec: B105
-
-        for password_file in password_files:
-            if not os.path.isfile(password_file):
-                continue
+        superuser_password_file = os.environ.get("CN_COUCHBASE_SUPERUSER_PASSWORD_FILE", "/etc/jans/conf/couchbase_superuser_password")
+        password_file = os.environ.get("CN_COUCHBASE_PASSWORD_FILE", "/etc/jans/conf/couchbase_password")
 
+        if os.path.isfile(superuser_password_file):
+            user = os.environ.get("CN_COUCHBASE_SUPERUSER", "admin")
+            password = get_password_from_file(superuser_password_file)
+        elif os.path.isfile(password_file):
+            user = os.environ.get("CN_COUCHBASE_USER", "admin")
             password = get_password_from_file(password_file)
-            break
+        else:
+            user = ""
+            password = ""  # nosec: B105
 
         # auth credentials
         return user, password