r00t2
/
vaultpass
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity
This repository has been archived on 2022-01-23. You can view files and clone it, but cannot push or open issues or pull requests.
vaultpass/vaultpass/__init__.py

94 lines
3.4 KiB
Python
Raw Blame History

import logging
import os
##
from . import logger
_logger = logging.getLogger('VaultPass')
from . import auth
from . import clipboard
from . import config
from . import mounts
class PassMan(object):
client = None
auth = None
uri = None
mount = None
def __init__(self, cfg = '~/.config/vaultpass.xml'):
self.cfg = config.getConfig(cfg)
self._getURI()
self.getClient()
self._checkSeal()
self._getMount()
def _checkSeal(self):
_logger.debug('Checking and attempting unseal if necessary and possible.')
if not self.client.sys.is_sealed():
_logger.debug('Unsealing unnecessary; Vault is already unsealed.')
return(None)
shard = self.cfg.xml.find('unseal')
if shard is None:
_logger.debug('Vault is sealed but no key shard was provided.')
_logger.error('Vault is sealed')
raise RuntimeError('Vault is sealed')
self.client.sys.submit_unseal_key(shard.text)
if self.client.sys.is_sealed:
_logger.debug(('Vault is sealed and either our unseal shard is incorrect or it is not enough to meet the '
'unseal shard threshold.'))
_logger.error('Unable to unseal')
raise RuntimeError('Unable to unseal')
return(None)
def _getMount(self):
# TODO: mounts xml?
self.mount = mounts.MountHandler(self.client)
def _getURI(self):
uri = self.cfg.xml.find('.//uri')
if uri is None:
_logger.debug('No server URI specified; checking ${VAULT_ADDR}')
_uri = os.environ.get('VAULT_ADDR')
if not _uri:
_logger.debug('No ${VAULT_ADDR}; using default of http://localhost:8200/')
uri = 'http://localhost:8200/'
else:
uri = _uri
else:
uri = uri.text
self.uri = uri
_logger.debug('Set URI to {0}'.format(self.uri))
return(None)
def getClient(self):
auth_xml = self.cfg.xml.find('.//auth')
if auth_xml is None:
_logger.debug('No auth section was found in the configuration file.')
_logger.error('Could not find authentication')
raise RuntimeError('Could not find authentication')
authmethod_xml = auth_xml.getchildren()[0]
_logger.debug('Attempting to auto-detect the authentication method...')
for a in dir(auth):
if a.startswith('_'):
continue
c = getattr(auth, a)
if not c:
continue
confname = getattr(c, 'config_name')
if not confname or confname != authmethod_xml.tag:
continue
self.auth = c(self.uri,
authmethod_xml)
_logger.debug('Found auth method: {0}'.format(self.auth.name))
break
if not self.auth:
_logger.debug('Auth specified ({0}) was not found or is not supported'.format(authmethod_xml.tag))
_logger.error('Invalid auth configuration')
raise RuntimeError('Invalid auth configuration')
self.client = self.auth.client
if not self.client.sys.is_initialized():
_logger.debug('Vault instance is not initialized. Please initialize (and configure, if necessary) first.')
_logger.error('Not initialized')
raise RuntimeError('Not initialized')
return(None)
Reference in New Issue View Git Blame Copy Permalink