Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Prompt for username/password when not in config file. #4

Merged
merged 2 commits into from

2 participants

@bhearsum

No description provided.

@uberj
Collaborator

Functionally this looks good. Can you update the README explaining that this type of auth is supported? Also, it would be worth mentioning that you need to completely remove all items under the [authentication] section and that just leaving items empty (like ldap_username =) won't work.

Thanks!

@bhearsum

How's this?

@uberj
Collaborator

r+
I'll merge this tomorrow.

@uberj uberj merged commit 45eb4e0 into mozilla:master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jul 9, 2013
  1. @bhearsum
Commits on Jul 11, 2013
  1. @bhearsum

    Update docs.

    bhearsum authored
This page is out of date. Refresh to see the latest.
Showing with 30 additions and 20 deletions.
  1. +12 −7 README.rst
  2. +18 −13 invtool/lib/config.py
View
19 README.rst
@@ -19,13 +19,18 @@ An optional package (though highly recommend and included in
it, remove it from ``requirements.txt`` and store your ldap password in
plaintext.
-``invtool`` requires you to store your ldap username in a clear text
-configuration file. Your ldap password can be stored either in plaintext in the
-same file or else in the system keyring. In order to use the keyring you need
-`python-keyring <https://pypi.python.org/pypi/keyring>`_. ``invtool`` tries to
-find a configuration file by first looking at ``./etc/invtool.conf`` and if it
-can't find anything there, ``/etc/invtool.conf``. Here is a quick tip for a
-non-root install::
+``invtool`` supports a few different ways of setting your credentials. Your
+username can either be stored in the configuration file or passed at the
+command line. Your password may be stored in the configuration file (in
+plain text), stored in a `python-keyring <https://pypi.python.org/pypi/keyring>`_,
+or passed on the command line. If you do not want to store your credentials
+on disk at all, you must remove the ldap_username AND ldap_password entries
+from the configuration file.
+
+``invtool`` will look for a configuration file at ``./etc/invtool.conf`` and
+if it can't find anything there, ``/etc/invtool.conf``.
+
+Here is a quick tip for a non-root install::
git clone git@github.com:uberj/inv-tool.git invtool
cd invtool
View
31 invtool/lib/config.py
@@ -39,15 +39,18 @@
except ImportError:
KEYRING_PRESENT = False
+# No auth required for dev
if dev == 'True':
auth = None
AUTH_TYPE = None
+# Can't use keyring and a password in the config at the same time.
elif (config.has_option('authorization', 'ldap_password') and
config.has_option('authorization', 'keyring')):
raise Exception(
"ldap_password and keyring are mutually exclusive "
"in config file '{0}'".format(CONFIG_FILE)
)
+# If there's an existing keyring, let's use it!
elif (config.has_option('authorization', 'ldap_username') and
config.get('authorization', 'ldap_username') != '' and
config.has_option('authorization', 'keyring') and
@@ -77,14 +80,8 @@
print("Saved password to keyring")
auth = tuple(auth)
AUTH_TYPE = 'keyring'
-elif (config.has_option('authorization', 'ldap_username') and
- config.has_option('authorization', 'ldap_password')):
- # use plaintext
- auth = (
- config.get('authorization', 'ldap_username'),
- config.get('authorization', 'ldap_password')
- )
- AUTH_TYPE = 'plaintext'
+# If there's no existing keyring and we have keyring support
+# let's try to be nice and create a keyring.
elif KEYRING_PRESENT:
# configure credentials
auth = (
@@ -103,9 +100,17 @@
keyring.set_password(config.get('authorization', 'keyring'), *auth)
print("Saved password to keyring")
AUTH_TYPE = 'keyring'
+# If there's no keyring support, let's try to get the username and password
+# from the config or command line
else:
- raise Exception(
- "Unable to get or set ldap password."
- "Install the keyring module or set ldap_password"
- "in config file '{0}'".format(CONFIG_FILE)
- )
+ if config.has_option('authorization', 'ldap_username'):
+ username = config.get('authorization', 'ldap_username')
+ else:
+ username = raw_input('ldap username: ')
+ if config.has_option('authorization', 'ldap_password'):
+ password = config.get('authorization', 'ldap_password')
+ else:
+ password = getpass.getpass('ldap password: ')
+ # use plaintext
+ auth = (username, password)
+ AUTH_TYPE = 'plaintext'
Something went wrong with that request. Please try again.