Merge pull request #137 from level12/132-remove-keyring

Remove keyring support

.circleci/config.yml

@@ -16,7 +16,7 @@ jobs:
 
             - run:
                 name: install tox and upgrade pip
-                command: pip install -U pip tox pipenv
+                command: pip install --progress-bar off -U pip tox pipenv
 
             - run:
                 name: version checks

.gitignore

@@ -14,3 +14,5 @@ tags
 .vscode
 .pytest_cache
 keg_apps/keg_apps.db-config.py
+.idea
+.python-version

keg/app.py

@@ -1,10 +1,8 @@
 from __future__ import absolute_import
 
 import importlib
-import warnings
 
 import flask
-from flask.config import ConfigAttribute
 from six.moves import range
 from werkzeug.datastructures import ImmutableDict
 
@@ -28,10 +26,8 @@ class Keg(flask.Flask):
     import_name = None
     use_blueprints = ()
     oauth_providers = ()
-    keyring_enabled = ConfigAttribute('KEG_KEYRING_ENABLE')
     config_class = keg.config.Config
     logging_class = keg.logging.Logging
-    keyring_manager_class = None
 
     _cli = None
     cli_loader_class = keg.cli.CLILoader
@@ -61,7 +57,6 @@ def __init__(self, import_name=None, *args, **kwargs):
         # passed in value takes precedence
         import_name = import_name or self.import_name
 
-        self.keyring_manager = None
         self._init_config = kwargs.pop('config', {})
 
         flask.Flask.__init__(self, import_name, *args, **kwargs)
@@ -83,7 +78,6 @@ def init(self, config_profile=None, use_test_profile=False, config=None):
 
         self.init_config(config_profile, use_test_profile, config)
         self.init_logging()
-        self.init_keyring()
         self.init_oath()
         self.init_error_handling()
         self.init_extensions()
@@ -119,20 +113,6 @@ def on_config_complete(self):
         """ For subclasses to override """
         pass
 
-    def init_keyring(self):
-        # do keyring substitution
-        if self.keyring_enabled:
-            from keg.keyring import Manager, keyring
-            if keyring is None:
-                warnings.warn(_('Keyring substitution is enabled, but the keyring package is not'
-                                ' installed.  Please install the keyring package (pip install'
-                                ' keyring) or disable keyring support by setting'
-                                ' `KEG_KEYRING_ENABLE = False` in your configuration profile.'))
-                return
-
-            self.keyring_manager = Manager(self)
-            self.keyring_manager.substitute(self.config)
-
     def init_extensions(self):
         self.init_db()
 

keg/cli.py

@@ -2,7 +2,6 @@
 
 from collections import defaultdict
 from contextlib import contextmanager
-import platform
 
 import click
 import flask
@@ -11,7 +10,6 @@
 
 from keg import current_app
 from keg.extensions import gettext as _
-from keg.keyring import keyring as keg_keyring
 
 
 class KegAppGroup(flask.cli.AppGroup):
@@ -186,107 +184,6 @@ def database_clear():
     click.echo(_('Database cleared'))
 
 
-class KeyringGroup(click.MultiCommand):
-
-    def list_commands(self, ctx):
-        if keg_keyring:
-            return ['delete', 'list-keys', 'setup', 'status']
-        else:
-            return ['status']
-
-    def get_command(self, ctx, name):
-        if name == 'status':
-            return keyring_status
-        if name == 'list-keys':
-            return keyring_list_keys
-        if name == 'delete':
-            return keyring_delete
-
-
-def keyring_notify_no_module():
-    click.echo(_('Keyring module not installed. Keyring functionality disabled.\n\nYou can'
-                 ' enable keyring functionality by installing the package:'
-                 ' `pip install keyring`.'))
-
-
-@dev_command.command('keyring', cls=KeyringGroup, invoke_without_command=True,
-                     help=_('Lists keyring related sub-commands.'))
-@click.pass_context
-def keyring_group(ctx):
-    # only take action if no subcommand is involved.
-    if ctx.invoked_subcommand is None:
-        if keg_keyring is None:
-            keyring_notify_no_module()
-        else:
-            # keyring is available, but no subcommand was given, therefore we want to just show
-            # the help message, which would be the default behavior if we had not used the
-            # invoke_Without_command option.
-            click.echo(ctx.get_help())
-            ctx.exit()
-
-
-@click.command('status', short_help=_('Show keyring related status info.'))
-@click.option('--unavailable', default=False, is_flag=True,
-              help=_('Show unavailable backends with reasons.'))
-@flask.cli.with_appcontext
-def keyring_status(unavailable):
-    if keg_keyring is None:
-        keyring_notify_no_module()
-        return
-    import keyring
-    import keyring.backend as kb
-    viable = kb.get_all_keyring()
-
-    # call get_all_keyring() before this so we are sure all keyrings are loaded
-    # on KeyringBackend
-    if unavailable:
-        click.echo(_('Unavailable backends'))
-        for cls in kb.KeyringBackend._classes:
-            try:
-                cls.priority
-            except Exception as e:
-                click.echo(_('    {_class.__module__}:{_class.__name__} - {exception}',
-                             _class=cls, exception=e))
-
-    click.echo(_('\nAvailable backends (backends with priority < 1 are not'
-                 ' recommended and may be insecure)'))
-    for backend in viable:
-        click.echo(_('    {_class.__module__}:{_class.__name__} (priority: {priority})',
-                     _class=backend.__class__, priority=backend.priority))
-
-    click.echo(_('\nDefault backend'))
-    backend = keyring.get_keyring()
-    click.echo(_('    {_class.__module__}:{_class.__name__}', _class=backend.__class__))
-    if hasattr(backend, 'file_path'):
-        click.echo(_('    file path: {file_path}', file_path=backend.file_path))
-
-    if not flask.current_app.keyring_enabled:
-        click.echo(_('\nKeyring functionality for this app has been DISABLED through the config'
-                     ' setting KEG_KEYRING_ENABLE.'))
-    elif not flask.current_app.keyring_manager.verify_backend():
-        click.echo(_('\nWARNING: the current backend is insecure,'
-                     ' keyring substitution unavailable.'))
-        if platform.system() == 'Linux':
-            click.echo(_('\nTRY THIS: use the SecretStorage Setup utility to get a more secure'
-                         ' keyring backend.'))
-            click.echo('https://pypi.python.org/pypi/SecretStorage-Setup\n')
-
-
-@click.command('list-keys', short_help=_('Show all keys used in config value substitution.'))
-@flask.cli.with_appcontext
-def keyring_list_keys():
-    km = flask.current_app.keyring_manager
-    for key in sorted(km.sub_keys_seen):
-        click.echo(key)
-
-
-@click.command('delete', short_help=_('Delete an entry from the keyring.'))
-@click.argument('key')
-@flask.cli.with_appcontext
-def keyring_delete(key):
-    flask.current_app.keyring_manager.delete(key)
-
-
 class CLILoader(object):
     """
         This loader takes care of the complexity of click object setup and instantiation in the

keg/config.py

@@ -171,8 +171,6 @@ class DefaultProfile(object):
         after_logout='public.home',
     )
 
-    KEG_KEYRING_ENABLE = True
-
     KEG_SMTP_HOST = 'localhost'
 
     KEG_DB_DIALECT_OPTIONS = {}
@@ -186,7 +184,6 @@ class DevProfile(object):
 class TestProfile(object):
     DEBUG = True
     TESTING = True
-    KEG_KEYRING_ENABLE = False
     KEG_LOG_SYSLOG_ENABLED = False
 
     # set this to allow generation of URLs without a request context

keg/tests/test_cli.py

@@ -73,7 +73,7 @@ def test_help_all(self):
         expected_lines = [
             'Usage', '', 'Options', '--profile', '--quiet', '--help-all', '--help',
             'Commands', 'develop', 'Commands', 'config', 'db', 'Commands', 'clear',
-            'init', 'keyring', 'Commands', 'delete', 'list-keys', 'status', 'routes',
+            'init', 'routes',
             'run', 'shell', 'templates', 'hello1', 'is-not-quiet', 'is-quiet', 'reverse',
             ''
         ]