Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Make auth lazy.

This makes it possible to run stuff like --help without entering
credentials.
  • Loading branch information...
commit 0c4e2afdcf55dabb7a7bbda45d9a90f78033d60b 1 parent ea9b45f
@oremj oremj authored
View
6 invtool/dns_dispatch.py
@@ -26,7 +26,7 @@ def delete(self, nas):
nas.pk)
url = "{0}{1}?format=json".format(REMOTE, url)
headers = {'content-type': 'application/json'}
- resp = requests.delete(url, headers=headers, auth=auth)
+ resp = requests.delete(url, headers=headers, auth=auth())
return self.handle_resp(nas, {}, resp)
def detail(self, nas):
@@ -34,7 +34,7 @@ def detail(self, nas):
nas.pk)
url = "{0}{1}?format=json".format(REMOTE, url)
headers = {'content-type': 'application/json'}
- resp = requests.get(url, headers=headers, auth=auth)
+ resp = requests.get(url, headers=headers, auth=auth())
return self.handle_resp(nas, {}, resp)
def update(self, nas):
@@ -54,7 +54,7 @@ def create(self, nas):
def action(self, nas, url, method, data):
headers = {'content-type': 'application/json'}
data = json.dumps(data, indent=2)
- resp = method(url, headers=headers, data=data, auth=auth)
+ resp = method(url, headers=headers, data=data, auth=auth())
return self.handle_resp(nas, data, resp)
def get_create_data(self, nas):
View
139 invtool/lib/config.py
@@ -39,10 +39,76 @@
except ImportError:
KEYRING_PRESENT = False
+
+def _keyring():
+ # If there's an existing keyring, let's use it!
+ if (config.has_option('authorization', 'ldap_username') and
+ config.get('authorization', 'ldap_username') != '' and
+ config.has_option('authorization', 'keyring') and
+ config.get('authorization', 'keyring') != '' and KEYRING_PRESENT):
+
+ # use keyring
+ auth = [
+ config.get('authorization', 'ldap_username'),
+ keyring.get_password(
+ config.get('authorization', 'keyring'),
+ config.get('authorization', 'ldap_username')
+ )
+ ]
+ if auth[1] is None:
+ keyring.get_keyring()
+ print("Can't retrieve ldap password from keyring '{0}'"
+ .format(config.get('authorization', 'keyring')))
+ auth[1] = getpass.getpass(
+ 'ldap username: {0}\npassword: '
+ .format(config.get('authorization', 'ldap_username'))
+ )
+ keyring.set_password(
+ config.get('authorization', 'keyring'),
+ config.get('authorization', 'ldap_username'),
+ auth[1]
+ )
+ print("Saved password to keyring")
+ return tuple(auth)
+ # If there's no existing keyring and we have keyring support
+ # let's try to be nice and create a keyring.
+ else:
+ # configure credentials
+ auth = (
+ raw_input('ldap username: '),
+ getpass.getpass('password: ')
+ )
+
+ # store the username and service name
+ config.set('authorization', 'ldap_username', auth[0])
+ if (not config.has_option('authorization', 'keyring') or
+ config.get('authorization', 'keyring') == ''):
+ config.set('authorization', 'keyring', 'invtool-ldap')
+ config.write(open(CONFIG_FILE, 'w'))
+
+ # store the password
+ keyring.set_password(config.get('authorization', 'keyring'), *auth)
+ print("Saved password to keyring")
+ return auth
+
+
+def _plaintext():
+ if config.has_option('authorization', 'ldap_username'):
+ username = config.get('authorization', 'ldap_username')
+ else:
+ username = raw_input('ldap username: ')
+ if config.has_option('authorization', 'ldap_password'):
+ password = config.get('authorization', 'ldap_password')
+ else:
+ password = getpass.getpass('ldap password: ')
+ # use plaintext
+ return (username, password)
+
+
# No auth required for dev
if dev == 'True':
- auth = None
AUTH_TYPE = None
+ _realauth = lambda: None
# Can't use keyring and a password in the config at the same time.
elif (config.has_option('authorization', 'ldap_password') and
config.has_option('authorization', 'keyring')):
@@ -50,67 +116,22 @@
"ldap_password and keyring are mutually exclusive "
"in config file '{0}'".format(CONFIG_FILE)
)
-# If there's an existing keyring, let's use it!
-elif (config.has_option('authorization', 'ldap_username') and
- config.get('authorization', 'ldap_username') != '' and
- config.has_option('authorization', 'keyring') and
- config.get('authorization', 'keyring') != '' and
- KEYRING_PRESENT):
- # use keyring
- auth = [
- config.get('authorization', 'ldap_username'),
- keyring.get_password(
- config.get('authorization', 'keyring'),
- config.get('authorization', 'ldap_username')
- )
- ]
- if auth[1] is None:
- keyring.get_keyring()
- print("Can't retrieve ldap password from keyring '{0}'"
- .format(config.get('authorization', 'keyring')))
- auth[1] = getpass.getpass(
- 'ldap username: {0}\npassword: '
- .format(config.get('authorization', 'ldap_username'))
- )
- keyring.set_password(
- config.get('authorization', 'keyring'),
- config.get('authorization', 'ldap_username'),
- auth[1]
- )
- print("Saved password to keyring")
- auth = tuple(auth)
- AUTH_TYPE = 'keyring'
-# If there's no existing keyring and we have keyring support
-# let's try to be nice and create a keyring.
elif KEYRING_PRESENT:
- # configure credentials
- auth = (
- raw_input('ldap username: '),
- getpass.getpass('password: ')
- )
-
- # store the username and service name
- config.set('authorization', 'ldap_username', auth[0])
- if (not config.has_option('authorization', 'keyring') or
- config.get('authorization', 'keyring') == ''):
- config.set('authorization', 'keyring', 'invtool-ldap')
- config.write(open(CONFIG_FILE, 'w'))
-
- # store the password
- keyring.set_password(config.get('authorization', 'keyring'), *auth)
- print("Saved password to keyring")
AUTH_TYPE = 'keyring'
+ _realauth = _keyring
# If there's no keyring support, let's try to get the username and password
# from the config or command line
else:
- if config.has_option('authorization', 'ldap_username'):
- username = config.get('authorization', 'ldap_username')
- else:
- username = raw_input('ldap username: ')
- if config.has_option('authorization', 'ldap_password'):
- password = config.get('authorization', 'ldap_password')
- else:
- password = getpass.getpass('ldap password: ')
- # use plaintext
- auth = (username, password)
AUTH_TYPE = 'plaintext'
+ _realauth = _plaintext
+
+
+authcache = False
+
+
+def auth():
+ global authcache
+ if authcache is False:
+ authcache = _realauth()
+
+ return authcache
View
6 invtool/search_dispatch.py
@@ -58,7 +58,8 @@ def irange(self, nas):
search = {'start': start, 'end': end}
if nas.d_integers:
search['format'] = 'integers'
- resp = requests.get(url, params=search, headers=headers, auth=auth)
+ resp = requests.get(url, params=search, headers=headers,
+ auth=auth())
if resp.status_code == 500:
resp_list = [
"CLIENT ERROR! (Please email this output to a code monkey)"
@@ -89,7 +90,8 @@ def query(self, nas):
url = "{0}{1}".format(REMOTE, tmp_url)
headers = {'content-type': 'application/json'}
search = {'search': nas.query}
- resp = requests.get(url, params=search, headers=headers, auth=auth)
+ resp = requests.get(url, params=search, headers=headers,
+ auth=auth())
if resp.status_code == 500:
resp_list = [
"CLIENT ERROR! (Please email this output to a code monkey)"
Please sign in to comment.
Something went wrong with that request. Please try again.