Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Browse files

Merge branch 'master' of

  • Loading branch information...
2 parents 2b914d1 + 45eb4e0 commit 1534524ef66dc86ecb2631d2fe785660a910b6bc @uberj uberj committed
Showing with 30 additions and 20 deletions.
  1. +12 −7 README.rst
  2. +18 −13 invtool/lib/
19 README.rst
@@ -19,13 +19,18 @@ An optional package (though highly recommend and included in
it, remove it from ``requirements.txt`` and store your ldap password in
-``invtool`` requires you to store your ldap username in a clear text
-configuration file. Your ldap password can be stored either in plaintext in the
-same file or else in the system keyring. In order to use the keyring you need
-`python-keyring <>`_. ``invtool`` tries to
-find a configuration file by first looking at ``./etc/invtool.conf`` and if it
-can't find anything there, ``/etc/invtool.conf``. Here is a quick tip for a
-non-root install::
+``invtool`` supports a few different ways of setting your credentials. Your
+username can either be stored in the configuration file or passed at the
+command line. Your password may be stored in the configuration file (in
+plain text), stored in a `python-keyring <>`_,
+or passed on the command line. If you do not want to store your credentials
+on disk at all, you must remove the ldap_username AND ldap_password entries
+from the configuration file.
+``invtool`` will look for a configuration file at ``./etc/invtool.conf`` and
+if it can't find anything there, ``/etc/invtool.conf``.
+Here is a quick tip for a non-root install::
git clone invtool
cd invtool
31 invtool/lib/
@@ -39,15 +39,18 @@
except ImportError:
+# No auth required for dev
if dev == 'True':
auth = None
+# Can't use keyring and a password in the config at the same time.
elif (config.has_option('authorization', 'ldap_password') and
config.has_option('authorization', 'keyring')):
raise Exception(
"ldap_password and keyring are mutually exclusive "
"in config file '{0}'".format(CONFIG_FILE)
+# If there's an existing keyring, let's use it!
elif (config.has_option('authorization', 'ldap_username') and
config.get('authorization', 'ldap_username') != '' and
config.has_option('authorization', 'keyring') and
@@ -77,14 +80,8 @@
print("Saved password to keyring")
auth = tuple(auth)
AUTH_TYPE = 'keyring'
-elif (config.has_option('authorization', 'ldap_username') and
- config.has_option('authorization', 'ldap_password')):
- # use plaintext
- auth = (
- config.get('authorization', 'ldap_username'),
- config.get('authorization', 'ldap_password')
- )
- AUTH_TYPE = 'plaintext'
+# If there's no existing keyring and we have keyring support
+# let's try to be nice and create a keyring.
# configure credentials
auth = (
@@ -103,9 +100,17 @@
keyring.set_password(config.get('authorization', 'keyring'), *auth)
print("Saved password to keyring")
AUTH_TYPE = 'keyring'
+# If there's no keyring support, let's try to get the username and password
+# from the config or command line
- raise Exception(
- "Unable to get or set ldap password."
- "Install the keyring module or set ldap_password"
- "in config file '{0}'".format(CONFIG_FILE)
- )
+ if config.has_option('authorization', 'ldap_username'):
+ username = config.get('authorization', 'ldap_username')
+ else:
+ username = raw_input('ldap username: ')
+ if config.has_option('authorization', 'ldap_password'):
+ password = config.get('authorization', 'ldap_password')
+ else:
+ password = getpass.getpass('ldap password: ')
+ # use plaintext
+ auth = (username, password)
+ AUTH_TYPE = 'plaintext'

0 comments on commit 1534524

Please sign in to comment.
Something went wrong with that request. Please try again.