From d5fc753599772a90d238b2ecfda0600f1d5fb458 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rold=C3=A1n=20Betancort?= Date: Wed, 11 Jan 2017 12:47:38 +0100 Subject: [PATCH] #29 Perform OAuth2 Implicit Grant Flow to get access token - removed unnecessary user/password flags --- piu/cli.py | 13 ++++--------- tests/test_cli.py | 10 ---------- 2 files changed, 4 insertions(+), 19 deletions(-) diff --git a/piu/cli.py b/piu/cli.py index 4e734f4..90f458d 100644 --- a/piu/cli.py +++ b/piu/cli.py @@ -137,7 +137,7 @@ def tunnel_validation(ctx, param, value): def _request_access(even_url, cacert, username, hostname, reason, remote_host, - lifetime, user, password, clip, connect, tunnel): + lifetime, clip, connect, tunnel): data = {'username': username, 'hostname': hostname, 'reason': reason} host_via = hostname if remote_host: @@ -198,9 +198,6 @@ def cli(ctx, config_file): @click.argument('host', metavar='[USER]@HOST', required=False) @click.argument('reason', required=False) @click.argument('reason_cont', nargs=-1, metavar='[..]', required=False) -@click.option('-U', '--user', help='Username to use for OAuth2 authentication', envvar='PIU_USER', metavar='NAME') -@click.option('-p', '--password', help='Password to use for OAuth2 authentication', - envvar='PIU_PASSWORD', metavar='PWD') @click.option('-E', '--even-url', help='Even SSH Access Granting Service URL', envvar='EVEN_URL', metavar='URI') @click.option('-O', '--odd-host', help='Odd SSH bastion hostname', envvar='ODD_HOST', metavar='HOSTNAME') @click.option('-t', '--lifetime', help='Lifetime of the SSH access request in minutes (default: 60)', @@ -212,7 +209,7 @@ def cli(ctx, config_file): @click.option('--tunnel', help='Tunnel to the host', envvar='PIU_TUNNEL', callback=tunnel_validation, metavar='LOCALPORT:REMOTEPORT') @click.pass_obj -def request_access(obj, host, reason, reason_cont, user, password, even_url, odd_host, lifetime, interactive, +def request_access(obj, host, reason, reason_cont, even_url, odd_host, lifetime, interactive, insecure, clip, connect, tunnel): '''Request SSH access to a single host''' @@ -226,13 +223,11 @@ def request_access(obj, host, reason, reason_cont, user, password, even_url, odd if connect and tunnel: raise click.UsageError('Cannot specify both "connect" and "tunnel"') - user = user or zign.api.get_config().get('user') or os.getenv('USER') - parts = host.split('@') if len(parts) > 1: username = parts[0] else: - username = user + username = zign.api.get_config().get('user') or os.getenv('USER') hostname = parts[-1] @@ -293,7 +288,7 @@ def request_access(obj, host, reason, reason_cont, user, password, even_url, odd remote_host = None return_code = _request_access(even_url, cacert, username, first_host, reason, remote_host, lifetime, - user, password, clip, connect, tunnel) + clip, connect, tunnel) if return_code != 200: sys.exit(return_code) diff --git a/tests/test_cli.py b/tests/test_cli.py index 6a1bd0b..1d7337b 100644 --- a/tests/test_cli.py +++ b/tests/test_cli.py @@ -18,7 +18,6 @@ def test_success(monkeypatch): response = MagicMock(status_code=200, text='**MAGIC-SUCCESS**') monkeypatch.setattr('zign.api.get_token', MagicMock(return_value='123')) monkeypatch.setattr('requests.post', MagicMock(return_value=response)) - monkeypatch.setattr('keyring.set_password', MagicMock()) runner = CliRunner() with runner.isolated_filesystem(): @@ -27,7 +26,6 @@ def test_success(monkeypatch): '--lifetime=15', '--even-url=https://localhost/', '--odd-host=odd.example.org', - '--password=foobar', 'my reason'], catch_exceptions=False) @@ -38,7 +36,6 @@ def test_bad_request(monkeypatch): response = MagicMock(status_code=400, text='**MAGIC-BAD-REQUEST**') monkeypatch.setattr('zign.api.get_token', MagicMock(return_value='123')) monkeypatch.setattr('requests.post', MagicMock(return_value=response)) - monkeypatch.setattr('keyring.set_password', MagicMock()) runner = CliRunner() with runner.isolated_filesystem(): @@ -46,7 +43,6 @@ def test_bad_request(monkeypatch): ['req', '--lifetime=15', '--even-url=https://localhost/', - '--password=foobar', 'myuser@odd-host', 'my reason'], catch_exceptions=False) @@ -59,14 +55,12 @@ def test_auth_failure(monkeypatch): response = MagicMock(status_code=403, text='**MAGIC-AUTH-FAILED**') monkeypatch.setattr('zign.api.get_token', MagicMock(return_value='123')) monkeypatch.setattr('requests.post', MagicMock(return_value=response)) - monkeypatch.setattr('keyring.set_password', MagicMock()) runner = CliRunner() with runner.isolated_filesystem(): result = runner.invoke(cli, ['r', '--even-url=https://localhost/', - '--password=invalid', 'myuser@odd-host', 'my reason'], catch_exceptions=False) @@ -81,8 +75,6 @@ def test_dialog(monkeypatch): monkeypatch.setattr('requests.post', MagicMock(return_value=response)) monkeypatch.setattr('requests.get', MagicMock(return_value=response)) monkeypatch.setattr('socket.getaddrinfo', MagicMock()) - monkeypatch.setattr('keyring.set_password', MagicMock()) - monkeypatch.setattr('keyring.get_password', MagicMock(return_value=None)) runner = CliRunner() with runner.isolated_filesystem(): @@ -99,8 +91,6 @@ def test_oauth_failure(monkeypatch): monkeypatch.setattr('requests.post', MagicMock(return_value=response)) monkeypatch.setattr('requests.get', MagicMock(return_value=response)) monkeypatch.setattr('socket.getaddrinfo', MagicMock()) - monkeypatch.setattr('keyring.set_password', MagicMock()) - monkeypatch.setattr('keyring.get_password', MagicMock(return_value=None)) runner = CliRunner() with runner.isolated_filesystem():