Clean up ChunkedUpdateDrawingAreaProxy
[WebKit-https.git] / Tools / Scripts / webkitpy / common / net / credentials.py
1 # Copyright (c) 2009 Google Inc. All rights reserved.
2 # Copyright (c) 2009 Apple Inc. All rights reserved.
3 #
4 # Redistribution and use in source and binary forms, with or without
5 # modification, are permitted provided that the following conditions are
6 # met:
7 #
8 #     * Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 #     * Redistributions in binary form must reproduce the above
11 # copyright notice, this list of conditions and the following disclaimer
12 # in the documentation and/or other materials provided with the
13 # distribution.
14 #     * Neither the name of Google Inc. nor the names of its
15 # contributors may be used to endorse or promote products derived from
16 # this software without specific prior written permission.
17 #
18 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 #
30 # Python module for reading stored web credentials from the OS.
31
32 import getpass
33 import os
34 import platform
35 import re
36
37 from webkitpy.common.checkout.scm import Git
38 from webkitpy.common.system.executive import Executive, ScriptError
39 from webkitpy.common.system.user import User
40 from webkitpy.common.system.deprecated_logging import log
41
42 try:
43     # Use keyring, a cross platform keyring interface, as a fallback:
44     # http://pypi.python.org/pypi/keyring
45     import keyring
46 except ImportError:
47     keyring = None
48
49
50 class Credentials(object):
51     _environ_prefix = "webkit_bugzilla_"
52
53     def __init__(self, host, git_prefix=None, executive=None, cwd=os.getcwd(),
54                  keyring=keyring):
55         self.host = host
56         self.git_prefix = "%s." % git_prefix if git_prefix else ""
57         self.executive = executive or Executive()
58         self.cwd = cwd
59         self._keyring = keyring
60
61     def _credentials_from_git(self):
62         try:
63             if not Git.in_working_directory(self.cwd):
64                 return (None, None)
65             return (Git.read_git_config(self.git_prefix + "username"),
66                     Git.read_git_config(self.git_prefix + "password"))
67         except OSError, e:
68             # Catch and ignore OSError exceptions such as "no such file
69             # or directory" (OSError errno 2), which imply that the Git
70             # command cannot be found/is not installed.
71             pass
72         return (None, None)
73
74     def _keychain_value_with_label(self, label, source_text):
75         match = re.search("%s\"(?P<value>.+)\"" % label,
76                                                   source_text,
77                                                   re.MULTILINE)
78         if match:
79             return match.group('value')
80
81     def _is_mac_os_x(self):
82         return platform.mac_ver()[0]
83
84     def _parse_security_tool_output(self, security_output):
85         username = self._keychain_value_with_label("^\s*\"acct\"<blob>=",
86                                                    security_output)
87         password = self._keychain_value_with_label("^password: ",
88                                                    security_output)
89         return [username, password]
90
91     def _run_security_tool(self, username=None):
92         security_command = [
93             "/usr/bin/security",
94             "find-internet-password",
95             "-g",
96             "-s",
97             self.host,
98         ]
99         if username:
100             security_command += ["-a", username]
101
102         log("Reading Keychain for %s account and password.  "
103             "Click \"Allow\" to continue..." % self.host)
104         try:
105             return self.executive.run_command(security_command)
106         except ScriptError:
107             # Failed to either find a keychain entry or somekind of OS-related
108             # error occured (for instance, couldn't find the /usr/sbin/security
109             # command).
110             log("Could not find a keychain entry for %s." % self.host)
111             return None
112
113     def _credentials_from_keychain(self, username=None):
114         if not self._is_mac_os_x():
115             return [username, None]
116
117         security_output = self._run_security_tool(username)
118         if security_output:
119             return self._parse_security_tool_output(security_output)
120         else:
121             return [None, None]
122
123     def _read_environ(self, key):
124         environ_key = self._environ_prefix + key
125         return os.environ.get(environ_key.upper())
126
127     def _credentials_from_environment(self):
128         return (self._read_environ("username"), self._read_environ("password"))
129
130     def _offer_to_store_credentials_in_keyring(self, username, password):
131         if not self._keyring:
132             return
133         if not User().confirm("Store password in system keyring?", User.DEFAULT_NO):
134             return
135         self._keyring.set_password(self.host, username, password)
136
137     def read_credentials(self):
138         username, password = self._credentials_from_environment()
139         # FIXME: We don't currently support pulling the username from one
140         # source and the password from a separate source.
141         if not username or not password:
142             username, password = self._credentials_from_git()
143         if not username or not password:
144             username, password = self._credentials_from_keychain(username)
145
146         if username and not password and self._keyring:
147             password = self._keyring.get_password(self.host, username)
148
149         if not username:
150             username = User.prompt("%s login: " % self.host)
151         if not password:
152             password = getpass.getpass("%s password for %s: " % (self.host, username))
153             self._offer_to_store_credentials_in_keyring(username, password)
154
155         return (username, password)