added an explicit basic auth password option and added support for bo…

…th paramfile and interactive basic auth password as well
Pectojin · Apr 8, 2018 · 5b98a1c · 5b98a1c
1 parent 1a9455f
commit 5b98a1c
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 7 deletions.
diff --git a/auth.py b/auth.py
@@ -14,7 +14,7 @@
 
 # Login by authenticating against the Duplicati API and extracting a token
 def login(data, input_url=None, password=None, verify=True,
-          interactive=True, basic_user=None):
+          interactive=True, basic_user=None, basic_pass=None):
     if input_url is None:
         input_url = ""
 
@@ -66,9 +66,14 @@ def login(data, input_url=None, password=None, verify=True,
     # Detect if we're prompted for basic authentication
     auth_method = r.headers.get('WWW-Authenticate', False)
     if (auth_method):
-        common.log_output('Server requests basic auth...', False)
+        if basic_pass is None and interactive:
+            common.log_output('Basic authentication required...', False)
+            basic_pass = getpass.getpass('Basic auth:')
+        elif basic_pass is None:
+            basic_pass = password
+
         # Create the basic auth secret
-        secret = base64.b64encode((basic_user+":"+password).encode('ascii'))
+        secret = base64.b64encode((basic_user+":"+basic_pass).encode('ascii'))
         # Create the authorization string
         basic_auth = "Basic " + secret.decode('utf-8')
         headers = {"Authorization": basic_auth}
@@ -78,7 +83,7 @@ def login(data, input_url=None, password=None, verify=True,
         if r.status_code == 200:
             common.log_output('Passed basic auth', False)
             # Update basic auth secret in config file
-            data['basic_auth'] = basic_auth
+            data['authorization'] = basic_auth
 
     # Detect if we were prompted to login
     login_redirect = "/login.html" in r.url

diff --git a/common.py b/common.py
@@ -117,7 +117,7 @@ def create_headers(data):
     }
 
     # Add a basic auth header if available
-    basic_auth = data.get('basic_auth', None)
+    basic_auth = data.get('authorization', None)
     if basic_auth is not None:
         headers["Authorization"] = basic_auth
 

diff --git a/duplicati_client.py b/duplicati_client.py
@@ -82,11 +82,12 @@ def main(**args):
         url = args.get("url", None)
         password = args.get("password", None)
         basic_user = args.get("basic_user", None)
+        basic_pass = args.get("basic_pass", None)
         certfile = args.get("certfile", None)
         insecure = args.get("insecure", False)
         verify = auth.determine_ssl_validation(data, certfile, insecure)
         interactive = args.get("script", True)
-        data = auth.login(data, url, password, verify, interactive, basic_user)
+        data = auth.login(data, url, password, verify, interactive, basic_user, basic_pass)
 
     # Logout
     if method == "logout":

diff --git a/parser.py b/parser.py
@@ -172,8 +172,10 @@
 login_parser.add_argument('url', nargs='?')
 message = "provide a password inline instead of interactively"
 login_parser.add_argument('--password', metavar='', help=message)
-message = "username to use basic auth instead of Duplicati auth"
+message = "username to use for basic auth"
 login_parser.add_argument('--basic-user', metavar='', help=message)
+message = "password to use for basic auth"
+login_parser.add_argument('--basic-pass', metavar='', help=message)
 message = "allow insecure HTTPS connections to the server"
 login_parser.add_argument('--insecure', action='store_true', help=message)
 message = "specify the path to certificate to be used for validation"