-
Notifications
You must be signed in to change notification settings - Fork 156
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix #233
- Loading branch information
Showing
11 changed files
with
201 additions
and
362 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,54 +1,55 @@ | ||
=============== | ||
Keyring Support | ||
=============== | ||
================= | ||
Storing passwords | ||
================= | ||
|
||
Vdirsyncer will try the following storages in that order if no password (but a | ||
username) is set in your config. If all of those methods fail, it will prompt | ||
for the password and store the password in the system keyring (if possible and | ||
wished). | ||
.. versionchanged:: 0.7.0 | ||
|
||
Custom command | ||
============== | ||
|
||
.. versionadded:: 0.3.0 | ||
Password configuration got completely overhauled. | ||
|
||
A custom command/binary can be specified to retrieve the password for a | ||
username/hostname combination. See :ref:`general_config`. | ||
Vdirsyncer can fetch passwords from a custom command or your system keyring if | ||
the keyring_ Python package is installed. | ||
|
||
.. versionchanged:: 0.6.0 | ||
Command | ||
======= | ||
|
||
Setting a custom command now disables all other methods. | ||
Say you have the following configuration:: | ||
|
||
netrc | ||
===== | ||
[storage foo] | ||
type = caldav | ||
url = ... | ||
username = foo | ||
password = bar | ||
|
||
Vdirsyncer can use ``~/.netrc`` for retrieving a password. An example | ||
``.netrc`` looks like this:: | ||
But it bugs you that the password is stored in cleartext in the config file. | ||
You can do this:: | ||
|
||
machine owncloud.example.com | ||
login foouser | ||
password foopass | ||
[storage foo] | ||
type = caldav | ||
url = ... | ||
username = foo | ||
password.fetch = ["command", "~/get-password.sh", "more", "args"] | ||
|
||
System Keyring | ||
============== | ||
You can fetch the username as well:: | ||
|
||
Vdirsyncer can use your system's password storage, utilizing the keyring_ | ||
library. Supported services include **OS X Keychain, Gnome Keyring, KDE Kwallet | ||
or the Windows Credential Vault**. For a full list see the library's | ||
documentation. | ||
[storage foo] | ||
type = caldav | ||
url = ... | ||
username.fetch = ["command", "~/get-username.sh"] | ||
password.fetch = ["command", "~/get-password.sh"] | ||
|
||
To use it, you must install the ``keyring`` Python package. | ||
Or really any kind of parameter in a storage section. | ||
|
||
.. _keyring: https://bitbucket.org/kang/python-keyring-lib | ||
System Keyring | ||
============== | ||
|
||
Storing the password | ||
-------------------- | ||
While the command approach is quite flexible, it is often cumbersome to write a | ||
script fetching the system keyring. | ||
|
||
Vdirsyncer will use the hostname as key prefixed with ``vdirsyncer:``, e.g. | ||
``vdirsyncer:owncloud.example.com``. | ||
Given that you have the keyring_ Python library installed, you can use:: | ||
|
||
Changing the Password | ||
--------------------- | ||
[storage foo] | ||
type = caldav | ||
username = myusername | ||
password.fetch = ["keyring", "myservicename", "myusername"] | ||
|
||
If your password on the server changed or you misspelled it, you need to | ||
manually edit or delete the entry in your system keyring. | ||
.. _keyring: https://pypi.python.org/pypi/keyring |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
# -*- coding: utf-8 -*- | ||
|
||
from textwrap import dedent | ||
|
||
import pytest | ||
|
||
|
||
class EmptyKeyring(object): | ||
def get_password(self, *a, **kw): | ||
return None | ||
|
||
|
||
@pytest.fixture(autouse=True) | ||
def empty_password_storages(monkeypatch): | ||
monkeypatch.setattr('vdirsyncer.cli.fetchparams.keyring', EmptyKeyring()) | ||
|
||
|
||
def test_get_password_from_command(tmpdir, runner): | ||
runner.write_with_general(dedent(''' | ||
[pair foobar] | ||
a = foo | ||
b = bar | ||
collections = ["a", "b", "c"] | ||
[storage foo] | ||
type = filesystem | ||
path = {base}/foo/ | ||
fileext.fetch = ["command", "echo", ".txt"] | ||
[storage bar] | ||
type = filesystem | ||
path = {base}/bar/ | ||
fileext.fetch = ["command", "echo", ".asdf"] | ||
'''.format(base=str(tmpdir)))) | ||
|
||
foo = tmpdir.ensure('foo', dir=True) | ||
foo.ensure('a', dir=True) | ||
foo.ensure('b', dir=True) | ||
foo.ensure('c', dir=True) | ||
bar = tmpdir.ensure('bar', dir=True) | ||
bar.ensure('a', dir=True) | ||
bar.ensure('b', dir=True) | ||
bar.ensure('c', dir=True) | ||
|
||
result = runner.invoke(['discover']) | ||
assert not result.exception | ||
status = tmpdir.join('status').join('foobar.collections').read() | ||
assert 'foo' in status | ||
assert 'bar' in status | ||
assert 'asdf' not in status | ||
assert 'txt' not in status | ||
|
||
result = runner.invoke(['sync']) | ||
assert not result.exception |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.