Handle issue when encryption password for local cache is missing
This commit is contained in:
parent
b0a2e83795
commit
c50c7c9413
1 changed files with 36 additions and 12 deletions
|
|
@ -24,6 +24,7 @@ import click
|
||||||
import click_config_file
|
import click_config_file
|
||||||
import passpy
|
import passpy
|
||||||
import secretstorage
|
import secretstorage
|
||||||
|
import cryptography.fernet
|
||||||
from cryptography.fernet import Fernet
|
from cryptography.fernet import Fernet
|
||||||
from yaml import dump
|
from yaml import dump
|
||||||
try:
|
try:
|
||||||
|
|
@ -128,7 +129,7 @@ class NextcloudHandler:
|
||||||
self.field_replacements[key] = value
|
self.field_replacements[key] = value
|
||||||
self.debug(
|
self.debug(
|
||||||
{
|
{
|
||||||
"action": "Initializing Netcloud handler",
|
"action": "Initializing Nextcloud handler",
|
||||||
"field_replacements": self.field_replacements
|
"field_replacements": self.field_replacements
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
@ -229,9 +230,18 @@ class NextcloudHandler:
|
||||||
collection = secretstorage.get_default_collection(connection)
|
collection = secretstorage.get_default_collection(connection)
|
||||||
if collection.is_locked():
|
if collection.is_locked():
|
||||||
collection.unlock()
|
collection.unlock()
|
||||||
for item in collection.get_all_items():
|
try:
|
||||||
if item.get_label() == 'nc_password_client':
|
for item in collection.get_all_items():
|
||||||
self.encryption_pass = item.get_secret()
|
if item.get_label() == 'nc_password_client':
|
||||||
|
self.encryption_pass = item.get_secret()
|
||||||
|
except secretstorage.exceptions.ItemNotFoundException as error:
|
||||||
|
self.error(
|
||||||
|
{
|
||||||
|
"action": "_get_encryption_pass_from_keyring",
|
||||||
|
"message": "Item not found browsing keyring items",
|
||||||
|
"error": error
|
||||||
|
}
|
||||||
|
)
|
||||||
if self.encryption_pass is None:
|
if self.encryption_pass is None:
|
||||||
self.debug(
|
self.debug(
|
||||||
{
|
{
|
||||||
|
|
@ -245,10 +255,11 @@ class NextcloudHandler:
|
||||||
}
|
}
|
||||||
item = collection.create_item('nc_password_client', attributes, self.encryption_pass)
|
item = collection.create_item('nc_password_client', attributes, self.encryption_pass)
|
||||||
else:
|
else:
|
||||||
|
print(self.encryption_pass)
|
||||||
self.debug(
|
self.debug(
|
||||||
{
|
{
|
||||||
"action": "_get_encryption_pass_from_keyring",
|
"action": "_get_encryption_pass_from_keyring",
|
||||||
"message": "Encryption password obtained from keyring"
|
"message": "Encryption password obtained from keyring",
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -264,14 +275,27 @@ class NextcloudHandler:
|
||||||
content = cache_file.read()
|
content = cache_file.read()
|
||||||
if len(content) != 0:
|
if len(content) != 0:
|
||||||
cipher_suite = Fernet(self.encryption_pass)
|
cipher_suite = Fernet(self.encryption_pass)
|
||||||
self.cache = json.loads(cipher_suite.decrypt(content))
|
try:
|
||||||
self.debug(
|
self.cache = json.loads(cipher_suite.decrypt(content))
|
||||||
{
|
self.debug(
|
||||||
"action": "_read_cache",
|
{
|
||||||
"last_update": self.cache['last_update'],
|
"action": "_read_cache",
|
||||||
"total_cached_password": len(self.cache['cached_passwords'])
|
"last_update": self.cache['last_update'],
|
||||||
|
"total_cached_password": len(self.cache['cached_passwords'])
|
||||||
|
}
|
||||||
|
)
|
||||||
|
except cryptography.fernet.InvalidToken as error:
|
||||||
|
self.debug(
|
||||||
|
{
|
||||||
|
"action": "_read_cache",
|
||||||
|
"message": "Fernet token for passwords local cache is invalid, discarding the local cache.",
|
||||||
|
}
|
||||||
|
)
|
||||||
|
self.cache = {
|
||||||
|
"last_update": -1,
|
||||||
|
"cached_passwords": []
|
||||||
}
|
}
|
||||||
)
|
|
||||||
else:
|
else:
|
||||||
self.debug(
|
self.debug(
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue