Merge lp:~apachelogger/desktopcouch/kwallet-support into lp:desktopcouch

Proposed by Harald Sitter on 2010-07-28
Status: Rejected
Rejected by: Vincenzo Di Somma on 2010-11-02
Proposed branch: lp:~apachelogger/desktopcouch/kwallet-support
Merge into: lp:desktopcouch
Diff against target: 109 lines (+60/-4)
1 file modified
desktopcouch/local_files.py (+60/-4)
To merge this branch: bzr merge lp:~apachelogger/desktopcouch/kwallet-support
Reviewer Review Type Date Requested Status
Rodrigo Moya (community) Needs Fixing on 2010-08-06
Tim Cole (community) 2010-07-28 Approve on 2010-08-02
Review via email: mp+31135@code.launchpad.net

Description of the change

Store tokens also if KWallet (if pykde is available). Please note that this will work with either pykde or python-gnome-keyring available or both to allow applications/libraries to read from both KWallet AND gnome-keyring in a mixed environment.

Also: currently the ubuntu packaging depends on gnome-keyring that probably should be changed to recommends on pygnomekeyring | pykde.

To post a comment you must log in.
Tim Cole (tcole) wrote :

Looks like a good start. Is this something we can factor out into a library?

review: Approve
Harald Sitter (apachelogger) wrote :

IMHO a library to throw content at should be possible and would be a good idea (supposedly it could use the same approach to cover both gnomekeyring and kwallet).

For now however I would just like to get this in as-is to make the way free for ubuntuone-kde stuff.

Rodrigo Moya (rodrigo-moya) wrote :

Wouldn't it be easier to use python-keyring? Also, the way the code is written, it will always check for kwallet first and then, whether it found it or not, check again for gnomekeyring:

22 + if ctx.wallet is not None:
...
43 if ctx.keyring is not None:

review: Needs Fixing
Harald Sitter (apachelogger) wrote :

IIRC python-keyring has at least on the KWallet side of things a desktop experience flaw because it will trigger authentication (to the wallet) for Python and not the particular app.
Eitherway I wanted it to be as non-intrusive as possible as to prevent regression.

The fact that it does look for kwallet and keyring is intentional since one user can run apps that try to access either backend, since the specification @ fdo does not go into any detail regarding multiple keyrings. In one implementation it is entirely possible that someone writes a KDE library that only accesses kwallet (which is entirely valid considering the spec says that one has to get the token from the keyring, but not any specific one or in any particular order), so if desktopcouch can access kwallet then it _must_ drop its token there (and technically any other keyring system it can find as to not limit client implementations).
If it did not do that then it sort of requires client implementations to search all keyring systems for tokens since desktopcouch might have dropped them in either of them.

Vincenzo Di Somma (vds) wrote :

Due to changes this branch doesn't apply anymore.

Unmerged revisions

168. By Harald Sitter on 2010-07-28

add as non-intrusive kwallet support as possible

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'desktopcouch/local_files.py'
2--- desktopcouch/local_files.py 2010-07-14 21:02:43 +0000
3+++ desktopcouch/local_files.py 2010-07-28 09:38:43 +0000
4@@ -1,4 +1,5 @@
5 # Copyright 2009 Canonical Ltd.
6+# Copyright 2010 Harald Sitter <apachelogger@ubuntu.com>
7 #
8 # This file is part of desktopcouch.
9 #
10@@ -31,7 +32,6 @@
11 import random
12 import string
13 import re
14-import gnomekeyring
15 try:
16 import ConfigParser as configparser
17 except ImportError:
18@@ -86,7 +86,29 @@
19 if ctx.with_auth:
20 admin_username = self._make_random_string(10)
21 admin_password = self._make_random_string(10)
22+ if ctx.wallet is not None:
23+ if ctx.wallet.isOpen():
24+ write_basic = False
25+ if ctx.wallet.setFolder("desktopcouch"):
26+ fail, value = ctx.wallet.readMap("basic")
27+ if not fail and len(value) == 2:
28+ admin_username = basic["admin_username"]
29+ admin_password = basic["admin_password"]
30+ else:
31+ write_basic = True
32+ else:
33+ ctx.wallet.createFolder("desktopcouch")
34+ ctx.wallet.setFolder("desktopcouch")
35+ write_basic = True
36+ if write_basic:
37+ value = dict()
38+ value["admin_username"] = admin_username
39+ value["admin_password"] = admin_password
40+ ctx.wallet.writeMap("basic", value)
41+ else:
42+ logging.warn("There is no wallet to store our admin credentials.")
43 if ctx.keyring is not None:
44+ import gnomekeyring # (Re)import for errors.
45 try:
46 data = ctx.keyring.find_items_sync(gnomekeyring.ITEM_GENERIC_SECRET,
47 {'desktopcouch': 'basic'})
48@@ -110,9 +132,22 @@
49 token = self._make_random_string(10)
50 token_secret = self._make_random_string(10)
51
52+ # Save the new OAuth creds so that 3rd-party apps can authenticate by
53+ # accessing the keyring first. This is one-way. We don't read from keyring.
54+ if ctx.wallet is not None:
55+ if ctx.wallet.isOpen():
56+ if str(ctx.wallet.currentFolder()) != "desktopcouch":
57+ ctx.wallet.setFolder("desktopcouch")
58+ value = dict()
59+ value["consumer_key"] = consumer_key
60+ value["consumer_secret"] = consumer_secret
61+ value["token"] = token
62+ value["token_secret"] = token_secret
63+ ctx.wallet.writeMap("oauth", value)
64+ else:
65+ logging.warn("There is no wallet to store our oauth credentials.")
66 if ctx.keyring is not None:
67- # Save the new OAuth creds so that 3rd-party apps can authenticate by
68- # accessing the keyring first. This is one-way. We don't read from keyring.
69+ import gnomekeyring # (Re)import for errors.
70 try:
71 ctx.keyring.item_create_sync(None,
72 gnomekeyring.ITEM_GENERIC_SECRET,
73@@ -207,7 +242,27 @@
74 depend on environment variables."""
75
76 def __init__(self, run_dir, db_dir, config_dir, with_auth=True,
77- keyring=gnomekeyring): # (cache, data, config)
78+ wallet=None, keyring=None): # (cache, data, config)
79+
80+ try:
81+ from PyQt4.QtCore import QCoreApplication
82+ from PyKDE4.kdeui import KWallet
83+
84+ # KWallet uses a QEventLoop. This only works if a QApp is present.
85+ # We only can have one instance - ever!
86+ if QCoreApplication.instance() == None:
87+ a = QCoreApplication([""])
88+ a.setApplicationName("Desktop Couch")
89+
90+ wallet = KWallet.Wallet.openWallet(KWallet.Wallet.LocalWallet(), 0, KWallet.Wallet.Synchronous)
91+ except ImportError:
92+ wallet = None # just to be save
93+
94+ try:
95+ import gnomekeyring
96+ keyring = gnomekeyring
97+ except ImportError:
98+ keyring = None # just to be save
99
100 self.couchdb_log_level = 'notice'
101
102@@ -221,6 +276,7 @@
103 self.config_dir = os.path.realpath(config_dir)
104 self.db_dir = os.path.realpath(db_dir)
105 self.with_auth = with_auth
106+ self.wallet = wallet
107 self.keyring = keyring
108
109 self.file_ini = os.path.join(config_dir, "desktop-couchdb.ini")

Subscribers

People subscribed via source and target branches