Skip to content


Subversion checkout URL

You can clone with
Download ZIP


Prompt for username/password when not in config file. #4

merged 2 commits into from

2 participants


No description provided.


Functionally this looks good. Can you update the README explaining that this type of auth is supported? Also, it would be worth mentioning that you need to completely remove all items under the [authentication] section and that just leaving items empty (like ldap_username =) won't work.



How's this?


I'll merge this tomorrow.

@uberj uberj merged commit 45eb4e0 into mozilla:master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jul 9, 2013
  1. @bhearsum
Commits on Jul 11, 2013
  1. @bhearsum

    Update docs.

    bhearsum authored
This page is out of date. Refresh to see the latest.
Showing with 30 additions and 20 deletions.
  1. +12 −7 README.rst
  2. +18 −13 invtool/lib/
19 README.rst
@@ -19,13 +19,18 @@ An optional package (though highly recommend and included in
it, remove it from ``requirements.txt`` and store your ldap password in
-``invtool`` requires you to store your ldap username in a clear text
-configuration file. Your ldap password can be stored either in plaintext in the
-same file or else in the system keyring. In order to use the keyring you need
-`python-keyring <>`_. ``invtool`` tries to
-find a configuration file by first looking at ``./etc/invtool.conf`` and if it
-can't find anything there, ``/etc/invtool.conf``. Here is a quick tip for a
-non-root install::
+``invtool`` supports a few different ways of setting your credentials. Your
+username can either be stored in the configuration file or passed at the
+command line. Your password may be stored in the configuration file (in
+plain text), stored in a `python-keyring <>`_,
+or passed on the command line. If you do not want to store your credentials
+on disk at all, you must remove the ldap_username AND ldap_password entries
+from the configuration file.
+``invtool`` will look for a configuration file at ``./etc/invtool.conf`` and
+if it can't find anything there, ``/etc/invtool.conf``.
+Here is a quick tip for a non-root install::
git clone invtool
cd invtool
31 invtool/lib/
@@ -39,15 +39,18 @@
except ImportError:
+# No auth required for dev
if dev == 'True':
auth = None
+# Can't use keyring and a password in the config at the same time.
elif (config.has_option('authorization', 'ldap_password') and
config.has_option('authorization', 'keyring')):
raise Exception(
"ldap_password and keyring are mutually exclusive "
"in config file '{0}'".format(CONFIG_FILE)
+# If there's an existing keyring, let's use it!
elif (config.has_option('authorization', 'ldap_username') and
config.get('authorization', 'ldap_username') != '' and
config.has_option('authorization', 'keyring') and
@@ -77,14 +80,8 @@
print("Saved password to keyring")
auth = tuple(auth)
AUTH_TYPE = 'keyring'
-elif (config.has_option('authorization', 'ldap_username') and
- config.has_option('authorization', 'ldap_password')):
- # use plaintext
- auth = (
- config.get('authorization', 'ldap_username'),
- config.get('authorization', 'ldap_password')
- )
- AUTH_TYPE = 'plaintext'
+# If there's no existing keyring and we have keyring support
+# let's try to be nice and create a keyring.
# configure credentials
auth = (
@@ -103,9 +100,17 @@
keyring.set_password(config.get('authorization', 'keyring'), *auth)
print("Saved password to keyring")
AUTH_TYPE = 'keyring'
+# If there's no keyring support, let's try to get the username and password
+# from the config or command line
- raise Exception(
- "Unable to get or set ldap password."
- "Install the keyring module or set ldap_password"
- "in config file '{0}'".format(CONFIG_FILE)
- )
+ if config.has_option('authorization', 'ldap_username'):
+ username = config.get('authorization', 'ldap_username')
+ else:
+ username = raw_input('ldap username: ')
+ if config.has_option('authorization', 'ldap_password'):
+ password = config.get('authorization', 'ldap_password')
+ else:
+ password = getpass.getpass('ldap password: ')
+ # use plaintext
+ auth = (username, password)
+ AUTH_TYPE = 'plaintext'
Something went wrong with that request. Please try again.