|
20 | 20 |
|
21 | 21 | from __future__ import print_function |
22 | 22 | import argparse |
23 | | -import getpass |
24 | 23 | import logging |
25 | 24 | import sys |
26 | 25 |
|
|
32 | 31 |
|
33 | 32 | osprofiler_profiler = importutils.try_import("osprofiler.profiler") |
34 | 33 |
|
35 | | -HAS_KEYRING = False |
36 | | -all_errors = ValueError |
37 | | -try: |
38 | | - import keyring |
39 | | - HAS_KEYRING = True |
40 | | -except ImportError: |
41 | | - pass |
42 | | - |
43 | 34 | import novaclient |
44 | 35 | from novaclient import api_versions |
45 | 36 | from novaclient import client |
@@ -210,133 +201,6 @@ def __call__(self, parser, namespace, values, option_string): |
210 | 201 | action(parser, namespace, values, option_string) |
211 | 202 |
|
212 | 203 |
|
213 | | -class SecretsHelper(object): |
214 | | - def __init__(self, args, client): |
215 | | - self.args = args |
216 | | - self.client = client |
217 | | - self.key = None |
218 | | - self._password = None |
219 | | - |
220 | | - def _validate_string(self, text): |
221 | | - if text is None or len(text) == 0: |
222 | | - return False |
223 | | - return True |
224 | | - |
225 | | - def _make_key(self): |
226 | | - if self.key is not None: |
227 | | - return self.key |
228 | | - keys = [ |
229 | | - self.client.auth_url, |
230 | | - self.client.projectid, |
231 | | - self.client.user, |
232 | | - self.client.region_name, |
233 | | - self.client.endpoint_type, |
234 | | - self.client.service_type, |
235 | | - self.client.service_name, |
236 | | - ] |
237 | | - for (index, key) in enumerate(keys): |
238 | | - if key is None: |
239 | | - keys[index] = '?' |
240 | | - else: |
241 | | - keys[index] = str(keys[index]) |
242 | | - self.key = "/".join(keys) |
243 | | - return self.key |
244 | | - |
245 | | - def _prompt_password(self, verify=True): |
246 | | - pw = None |
247 | | - if hasattr(sys.stdin, 'isatty') and sys.stdin.isatty(): |
248 | | - # Check for Ctl-D |
249 | | - try: |
250 | | - while True: |
251 | | - pw1 = getpass.getpass('OS Password: ') |
252 | | - if verify: |
253 | | - pw2 = getpass.getpass('Please verify: ') |
254 | | - else: |
255 | | - pw2 = pw1 |
256 | | - if pw1 == pw2 and self._validate_string(pw1): |
257 | | - pw = pw1 |
258 | | - break |
259 | | - except EOFError: |
260 | | - pass |
261 | | - return pw |
262 | | - |
263 | | - def save(self, auth_token, management_url, tenant_id): |
264 | | - if not HAS_KEYRING or not self.args.os_cache: |
265 | | - return |
266 | | - if (auth_token == self.auth_token and |
267 | | - management_url == self.management_url): |
268 | | - # Nothing changed.... |
269 | | - return |
270 | | - if not all([management_url, auth_token, tenant_id]): |
271 | | - raise ValueError(_("Unable to save empty management url/auth " |
272 | | - "token")) |
273 | | - value = "|".join([str(auth_token), |
274 | | - str(management_url), |
275 | | - str(tenant_id)]) |
276 | | - keyring.set_password("novaclient_auth", self._make_key(), value) |
277 | | - |
278 | | - @property |
279 | | - def password(self): |
280 | | - # Cache password so we prompt user at most once |
281 | | - if self._password: |
282 | | - pass |
283 | | - elif self._validate_string(self.args.os_password): |
284 | | - self._password = self.args.os_password |
285 | | - else: |
286 | | - verify_pass = strutils.bool_from_string( |
287 | | - utils.env("OS_VERIFY_PASSWORD", default=False), True) |
288 | | - self._password = self._prompt_password(verify_pass) |
289 | | - if not self._password: |
290 | | - raise exc.CommandError( |
291 | | - 'Expecting a password provided via either ' |
292 | | - '--os-password, env[OS_PASSWORD], or ' |
293 | | - 'prompted response') |
294 | | - return self._password |
295 | | - |
296 | | - @property |
297 | | - def management_url(self): |
298 | | - if not HAS_KEYRING or not self.args.os_cache: |
299 | | - return None |
300 | | - management_url = None |
301 | | - try: |
302 | | - block = keyring.get_password('novaclient_auth', self._make_key()) |
303 | | - if block: |
304 | | - _token, management_url, _tenant_id = block.split('|', 2) |
305 | | - except all_errors: |
306 | | - pass |
307 | | - return management_url |
308 | | - |
309 | | - @property |
310 | | - def auth_token(self): |
311 | | - # Now is where it gets complicated since we |
312 | | - # want to look into the keyring module, if it |
313 | | - # exists and see if anything was provided in that |
314 | | - # file that we can use. |
315 | | - if not HAS_KEYRING or not self.args.os_cache: |
316 | | - return None |
317 | | - token = None |
318 | | - try: |
319 | | - block = keyring.get_password('novaclient_auth', self._make_key()) |
320 | | - if block: |
321 | | - token, _management_url, _tenant_id = block.split('|', 2) |
322 | | - except all_errors: |
323 | | - pass |
324 | | - return token |
325 | | - |
326 | | - @property |
327 | | - def tenant_id(self): |
328 | | - if not HAS_KEYRING or not self.args.os_cache: |
329 | | - return None |
330 | | - tenant_id = None |
331 | | - try: |
332 | | - block = keyring.get_password('novaclient_auth', self._make_key()) |
333 | | - if block: |
334 | | - _token, _management_url, tenant_id = block.split('|', 2) |
335 | | - except all_errors: |
336 | | - pass |
337 | | - return tenant_id |
338 | | - |
339 | | - |
340 | 204 | class NovaClientArgumentParser(argparse.ArgumentParser): |
341 | 205 |
|
342 | 206 | def __init__(self, *args, **kwargs): |
@@ -688,7 +552,6 @@ def main(self, argv): |
688 | 552 |
|
689 | 553 | # We may have either, both or none of these. |
690 | 554 | # If we have both, we don't need USERNAME, PASSWORD etc. |
691 | | - # Fill in the blanks from the SecretsHelper if possible. |
692 | 555 | # Finally, authenticate unless we have both. |
693 | 556 | # Note if we don't auth we probably don't have a tenant ID so we can't |
694 | 557 | # cache the token. |
@@ -847,27 +710,6 @@ def main(self, argv): |
847 | 710 | user_domain_id=os_user_domain_id, |
848 | 711 | user_domain_name=os_user_domain_name) |
849 | 712 |
|
850 | | - # Now check for the password/token of which pieces of the |
851 | | - # identifying keyring key can come from the underlying client |
852 | | - if must_auth: |
853 | | - helper = SecretsHelper(args, self.cs.client) |
854 | | - self.cs.client.keyring_saver = helper |
855 | | - |
856 | | - tenant_id = helper.tenant_id |
857 | | - # Allow commandline to override cache |
858 | | - if not auth_token: |
859 | | - auth_token = helper.auth_token |
860 | | - endpoint_override = endpoint_override or helper.management_url |
861 | | - if tenant_id and auth_token and endpoint_override: |
862 | | - self.cs.client.tenant_id = tenant_id |
863 | | - self.cs.client.auth_token = auth_token |
864 | | - self.cs.client.management_url = endpoint_override |
865 | | - self.cs.client.password_func = lambda: helper.password |
866 | | - else: |
867 | | - # We're missing something, so auth with user/pass and save |
868 | | - # the result in our helper. |
869 | | - self.cs.client.password = helper.password |
870 | | - |
871 | 713 | args.func(self.cs, args) |
872 | 714 |
|
873 | 715 | if osprofiler_profiler and args.profile: |
|
0 commit comments