From 983aae85e2f027ae7b3a237ee997676e901e8aa3 Mon Sep 17 00:00:00 2001 From: Manas Date: May 28 2019 15:47:02 +0000 Subject: bugzilla and pagure key storage and auth --- diff --git a/auth/bugzilla_auth.py b/auth/bugzilla_auth.py new file mode 100644 index 0000000..6622177 --- /dev/null +++ b/auth/bugzilla_auth.py @@ -0,0 +1,76 @@ +import requests +import json +import keyring +import random +import os +import binascii +import getpass +import configparser + +config = configparser.ConfigParser() +config.read('config.ini') + +service_id = config['BUGZILLA']['SERVICE_ID'] # service id +service_token = config['BUGZILLA']['SERVICE_TOKEN'] # service d for auth +bz_url = config['BUGZILLA']['DEFAULT_BUGZILLA_URL'] # taiga server note +custom_bz = config['BUGZILLA']['CUSTOM_BUGZILLA_URL'] + + +def refresh_token(): + headers = { + 'Content-Type': 'application/json' + } + """ + Used only for testing and Demo + Encrypted Config file/Application token + used in production. + Doing the follwoing in prod is security risk. + """ + username = keyring.get_password(service_id, "username") + # print(username) # debug only + payload = { + 'type': 'normal', + 'username': username, + 'password': keyring.get_password(service_id, username) + } + # print(payload) # only for debugging + + try: + r = requests.post( + str(taiga_url) + "https://api.taiga.io/api/v1/auth", + data=json.dumps(payload), + headers=headers) + print(r.status_code) + if r.status_code == 200: + """ + with open('auth.txt', 'w') as a_file: + a_file.write(r.json()['auth_token']) + """ + try: + keyring.set_password(service_token, "username", r.json()['auth_token']) + print("succesful authentication") + except (keyring.errors.PasswordSetError, Exception) as e: + print("Failed to set auth token") + elif r.status_code == 400: + print("auth error") + except Exception as e: + print(e) + + +def reset(): + print("You User Id and password will be securly store in the Keyring") + username = input("Enter your user id for bugzilla: ") + password = getpass.getpass("Enter your password for bugzilla: ") + api_key = getpass.getpass("Enter your bugzilla api: ") + try: + # keyring.set_password("taiga", username) + # keyring.set_password(service_id, "username", username) + keyring.set_password(service_id, username, str(password)) + keyring.set_password(service_id, username, api_key) + username = binascii.hexlify(os.urandom(20)) # randomising username to avoid sneak memory attacks + password = binascii.hexlify(os.urandom(20)) # ranomising pass to avoid sneak memory attacks + # username = random.choices(string.ascii_uppercase + string.digits, k=random.randint(1,10)) + # passwd = random.choices(string.ascii_uppercase + string.digits, k=random.randint(1,10)) + print("Password and api key reset succesfully") + except (keyring.errors.PasswordSetError, Exception) as e: + print("Failed to reset password & api key") diff --git a/auth/pagure_auth.py b/auth/pagure_auth.py new file mode 100644 index 0000000..0f36322 --- /dev/null +++ b/auth/pagure_auth.py @@ -0,0 +1,34 @@ +import requests +import json +import keyring +import random +import os +import binascii +import getpass +import configparser + +config = configparser.ConfigParser() +config.read('config.ini') + + +""" +def refresh_token(): + headers = { + 'Content-Type': 'application/json' + } +""" + + +def reset(): + print("Your auth token will be securly store in the Keyring") + # username = input("Enter your user id for taiga: ") + api_token = "api_token" + repo_name = input("Enter the repo name you want to set api key for: ") + token = getpass.getpass("Enter your token for" + ' ' + repo_name + ' ' "repository: ") + try: + # keyring.set_password("taiga", username) + keyring.set_password(repo_name, api_token, token) + print("token reset succesfully") + except (keyring.errors.PasswordSetError, Exception) as e: + print("Failed to reset token") + # print(e + "Contact the developers asap") diff --git a/auth/pauth.py b/auth/pauth.py deleted file mode 100644 index e69de29..0000000 --- a/auth/pauth.py +++ /dev/null diff --git a/auth/taiga_auth.py b/auth/taiga_auth.py new file mode 100644 index 0000000..271e0ed --- /dev/null +++ b/auth/taiga_auth.py @@ -0,0 +1,84 @@ +import requests +import json +import keyring +import random +import os +import binascii +import getpass +import configparser + +config = configparser.ConfigParser() +config.read('config.ini') + +service_id = config['TAIGA']['SERVICE_ID'] # service id +service_token = config['TAIGA']['SERVICE_TOKEN'] # service d for auth +taiga_url = config['TAIGA']['DEFAULT_TAIGA_URL'] # taiga server note +custom_taiga = config['TAIGA']['CUSTOM_TAIGA_URL'] + + +def refresh_token(): + headers = { + 'Content-Type': 'application/json' + } + """ + Used only for testing and Demo + Encrypted Config file/Application token + used in production. + Doing the follwoing in prod is security risk. + """ + username = keyring.get_password(service_id, "username") + # print(username) # debug only + payload = { + 'type': 'normal', + 'username': username, + 'password': keyring.get_password(service_id, username) + } + # print(payload) # only for debugging + + try: + r = requests.post( + str(taiga_url) + "https://api.taiga.io/api/v1/auth", + data=json.dumps(payload), + headers=headers) + print(r.status_code) + if r.status_code == 200: + """ + with open('auth.txt', 'w') as a_file: + a_file.write(r.json()['auth_token']) + """ + try: + keyring.set_password(service_token, "username", r.json()['auth_token']) + print("succesful authentication") + except (keyring.errors.PasswordSetError, Exception) as e: + print("Failed to set auth token") + elif r.status_code == 400: + print("auth error") + except Exception as e: + print(e) + + +def reset(): + print("You User Id and password will be securly store in the Keyring") + username = input("Enter your user id for taiga: ") + password = getpass.getpass("Enter your password for taiga: ") + try: + # keyring.set_password("taiga", username) + """ + So a workaround to store username along with pass is being used + the only drawback ofthis work around is in the gui keyring broswer + a seperate username keyring will show,sadly this cannot be avoided + at the point of writing this peice of software + """ + """ + The above comment is not true + """ + #keyring.set_password(service_id, "username", username) refer line 67 + keyring.set_password(service_id, username, str(password)) + username = binascii.hexlify(os.urandom(20)) # randomising username to avoid sneak memory attacks + password = binascii.hexlify(os.urandom(20)) # ranomising pass to avoid sneak memory attacks + # username = random.choices(string.ascii_uppercase + string.digits, k=random.randint(1,10)) + # passwd = random.choices(string.ascii_uppercase + string.digits, k=random.randint(1,10)) + print("Password reset succesfully") + except (keyring.errors.PasswordSetError, Exception) as e: + print("Failed to reset password") + # print(e + "Contact the developers asap") diff --git a/auth/tauth.py b/auth/tauth.py deleted file mode 100644 index 99f156d..0000000 --- a/auth/tauth.py +++ /dev/null @@ -1,73 +0,0 @@ -import requests -import json -import keyring -import random -import os -import binascii -import getpass -import configparser - -config = configparser.ConfigParser() -confi.read('config.ini') - -service_id = config['TAIGA']['SERVICE_ID'] # service id -service_token = config['TAIGA']['SERVICE_TOKEN'] # service d for auth - - -def refresh_token(): - headers = { - 'Content-Type': 'application/json' - } - """ - Used only for testing and Demo - Encrypted Config file/Application token - used in production. - Doing the follwoing in prod is security risk. - """ - username = keyring.get_password(service_id, "username") - print(username) - payload = { - 'type': 'normal', - 'username': username, - 'password': keyring.get_password(service_id, username) - } - # print(payload) # only for debugging - - try: - r = requests.post( - "https://api.taiga.io/api/v1/auth", - data=json.dumps(payload), - headers=headers) - print(r.status_code) - if r.status_code == 200: - """ - with open('auth.txt', 'w') as a_file: - a_file.write(r.json()['auth_token']) - """ - try: - keyring.set_password(service_token, "username", r.json()['auth_token']) - print("succesful authentication") - except (keyring.errors.PasswordSetError, Exception) as e: - print("Failed to set auth token") - elif r.status_code == 400: - print("auth error") - except Exception as e: - print(e) - - -def reset(): - print("You User Id and password will be securly store in the Keyring") - username = input("Enter your user id for taiga: ") - password = getpass.getpass("Enter your password for taiga: ") - try: - # keyring.set_password("taiga", username) - keyring.set_password(service_id, "username", username) - keyring.set_password(service_id, username, str(password)) - username = binascii.hexlify(os.urandom(20)) # randomising username to avoid sneak memory attacks - password = binascii.hexlify(os.urandom(20)) # ranomising pass to avoid sneak memory attacks - # username = random.choices(string.ascii_uppercase + string.digits, k=random.randint(1,10)) - # passwd = random.choices(string.ascii_uppercase + string.digits, k=random.randint(1,10)) - print("Password reset succesfully") - except (keyring.errors.PasswordSetError, Exception) as e: - print("Failed to reset password") - # print(e + "Contact the developers asap") diff --git a/config.ini b/config.ini index b3e5d51..655b93b 100644 --- a/config.ini +++ b/config.ini @@ -2,9 +2,15 @@ SERVICE_ID = taiga SERVICE_TOKEN = taiga_auth PID = 315827 # for test only - +DEFAULT_TAIGA_URL = teams.fedoraproject.org +CUSTOM_TAIGA_URL = https://api.taiga.io/api/v1/auth [PAGURE] SERVICE_ID = pagure -[BUGZILLA] \ No newline at end of file +[BUGZILLA] +SERVICE_ID = bugzilla +SERVICE_TOKEN = bugzilla_auth +PID = 315827 # for test only +DEFAULT_BUGZILLA_URL = https://bugzilla.redhat.com/ +CUSTOM_BUGZILLA_URL = https://bugzilla.redhat.com/ \ No newline at end of file diff --git a/convert.py b/convert.py index 517e29a..21a585b 100644 --- a/convert.py +++ b/convert.py @@ -5,7 +5,7 @@ import keyring import configparser config = configparser.ConfigParser() -confi.read('config.ini') +config.read('config.ini') service_id = config['TAIGA']['SERVICE_ID'] # service id service_token = config['TAIGA']['SERVICE_TOKEN'] @@ -17,10 +17,11 @@ with open('auth.txt', 'r') as a_file: # auth_t = token.encode("ascii", "ignore") # print(token) # debug only """ -keyring.get_password(service_id, username) +#keyring.get_password(service_id, username) headers = { 'Content-Type': 'application/json', - 'Authorization': 'Bearer {0}'.format(keyring.get_password(service_id, username)) + #'Authorization': 'Bearer {0}'.format(keyring.get_password(service_id, username)) + 'Authorization': 'Bearer {0}'.format(str(123)) } @@ -70,9 +71,3 @@ def convert(args): except Exception as e: print(e) -""" -curl -X GET \ --H "Content-Type: application/json" \ --H "Authorization: Bearer ${eyJ1c2VyX2F1dGhlbnRpY2F0aW9uX2lkIjozNTY4MDR9:1hI6pm:4d4mA-gUXC2S0FxaladX0Fd_3gA}" \ --s https://api.taiga.io/api/v1/issues/by_ref?ref=1\&project=315827 -""" \ No newline at end of file diff --git a/main.py b/main.py index cb21ea8..277cbce 100644 --- a/main.py +++ b/main.py @@ -4,7 +4,9 @@ import requests import json import argparse import sys -from auth import tauth +from auth import taiga_auth +from auth import pagure_auth +from auth import bugzilla_auth # import taiga from convert import convert @@ -36,25 +38,42 @@ class Change_Tool(object): # Subparser for taiga taiga = subparsers.add_parser('taiga', help='taiga auth module') taiga.add_argument('--token', action='store_true', help='refreshes the token') - taiga.add_argument('--reset', action='store_true', help='resets the user id and pass') + taiga.add_argument('--reset', action='store_true', help='sets/resets the user id and pass') # subparser for pagure pagure = subparsers.add_parser('pagure', help='pagure auth module') - pagure.add_argument('--token', action='store_true', help='refreshes the token') - pagure.add_argument('--reset', action='store_true', help='resets the user id and pass') + pagure.add_argument('--whoami', action='store_true', help='returns who the user is,for debug/developement only') + pagure.add_argument('--reset', action='store_true', help='resets the pagure token') # subparser for bugzilla bugzilla = subparsers.add_parser('bugzilla', help='bugzilla auth module') - bugzilla.add_argument('--token', action='store_true', help='refreshes the token') - bugzilla.add_argument('--reset', action='store_true', help='resets the user id and pass') + bugzilla.add_argument('--token', action='store_true', help='sets the the token for bugzilla') + bugzilla.add_argument('--reset', action='store_true', help='sets/resets the user id,pass and the api token') args = parser.parse_args(sys.argv[2:]) if args.auth: print("Incomplete command,please specify the auth") if args.command == 'taiga': if args.token: - tauth.refresh_token() + taiga_auth.refresh_token() elif args.reset: - tauth.reset() + taiga_auth.reset() + else: + print("Wrong command") + elif args.command == 'pagure': + if args.reset: + pagure_auth.reset() + else: + print("Wrong command") + elif args.command == 'bugzilla': + if args.token: + bugzilla_auth.refresh_token() + elif args.reset: + bugzilla_auth.reset() + else: + print("Wrong command,please check documentation for the proper command") + else: + print("Please Check the Documentation for the proper command or press --h for help") + # print("Running the auth instance.....") # authenticate()