vorta/src/vorta/keyring/secretstorage.py

import asyncio
import logging
import os

import secretstorage

from vorta.keyring.abc import VortaKeyring

logger = logging.getLogger(__name__)

LABEL_TEMPLATE = "Vorta Backup Repo {repo_url}"


class VortaSecretStorageKeyring(VortaKeyring):
    """A wrapper for the secretstorage package to support the custom keyring backend"""

    def __init__(self):
        """
        Test whether DBus and a SecretStorage provider are available.
        """
        try:
            self.connection = secretstorage.dbus_init()
        except secretstorage.exceptions.SecretServiceNotAvailableException as e:
            logger.debug("SecretStorage provider or DBus daemon is not available.")
            raise e
        asyncio.set_event_loop(asyncio.new_event_loop())
        self.collection = secretstorage.get_default_collection(self.connection)

    def set_password(self, service, repo_url, password):
        """
        Writes a password to the underlying store.
        """
        if self.is_unlocked:
            asyncio.set_event_loop(asyncio.new_event_loop())
            attributes = {
                'application': 'Vorta',
                'service': service,
                'repo_url': repo_url,
                'xdg:schema': 'org.freedesktop.Secret.Generic',
            }
            self.collection.create_item(
                LABEL_TEMPLATE.format(repo_url=repo_url),
                attributes,
                password,
                replace=True,
            )
            logger.debug(f"Saved password for repo {repo_url}")

    def get_password(self, service, repo_url):
        """
        Retrieve a password from the underlying store. Return None if not found.
        """
        if self.is_unlocked:
            asyncio.set_event_loop(asyncio.new_event_loop())
            attributes = {
                'application': 'Vorta',
                'service': service,
                'repo_url': repo_url,
            }
            items = list(self.collection.search_items(attributes))
            logger.debug('Found %i passwords matching repo URL.', len(items))
            if len(items) > 0:
                item = items[0]
                if item.is_locked() and item.unlock():
                    return None
                logger.debug(f"Retrieved password for repo {repo_url}")
                return item.get_secret().decode("utf-8")
        return None

    @property
    def is_unlocked(self):
        # unlock() will return True if the unlock prompt is dismissed
        return not (self.collection.is_locked() and self.collection.unlock())

    @classmethod
    def get_priority(cls):
        return 6 if "GNOME" in os.getenv("XDG_CURRENT_DESKTOP", "") else 5

    @property
    def is_system(self):
        return True
Remove keyring dependency. Fixes #190. By @Hofer-Julian * Implement secretstorage backend for DBus connection * Use newer Ubuntu version for Travis CI testing 2019-03-06 01:37:12 +00:00			`import asyncio`
Improve keyring logging. By @real-yfprojects (#1263) They now log storing and retrieving passwords. 2022-04-20 08:07:01 +00:00			`import logging`
Allow to fully disable using the system keychain. (#898) - Add option to avoid using system keychain. - Prioritize keychains first. Then try to start them. - Maintenance: Possible fixes for hung tests and segfault on exit on some setups. 2021-03-01 07:25:31 +00:00			`import os`
Run pre-commit (with newly added ruff) on code base. Includes all changes by `pre-commit --all-files` including the changes introduced by ruff. 2023-05-01 08:28:11 +00:00
Ensure system keychain is unlocked before using it. By @samuel-w (#607) 2020-12-16 02:56:42 +00:00			`import secretstorage`
Run pre-commit (with newly added ruff) on code base. Includes all changes by `pre-commit --all-files` including the changes introduced by ruff. 2023-05-01 08:28:11 +00:00
Remove keyring dependency. Fixes #190. By @Hofer-Julian * Implement secretstorage backend for DBus connection * Use newer Ubuntu version for Travis CI testing 2019-03-06 01:37:12 +00:00			`from vorta.keyring.abc import VortaKeyring`
Improve keyring logging. By @real-yfprojects (#1263) They now log storing and retrieving passwords. 2022-04-20 08:07:01 +00:00
			`logger = logging.getLogger(__name__)`
Remove keyring dependency. Fixes #190. By @Hofer-Julian * Implement secretstorage backend for DBus connection * Use newer Ubuntu version for Travis CI testing 2019-03-06 01:37:12 +00:00
Change keyring label to improve UX on Gnome. By @real-yfprojects (#1181) 2022-03-06 09:14:28 +00:00			`LABEL_TEMPLATE = "Vorta Backup Repo {repo_url}"`

Remove keyring dependency. Fixes #190. By @Hofer-Julian * Implement secretstorage backend for DBus connection * Use newer Ubuntu version for Travis CI testing 2019-03-06 01:37:12 +00:00
			`class VortaSecretStorageKeyring(VortaKeyring):`
			`"""A wrapper for the secretstorage package to support the custom keyring backend"""`

			`def __init__(self):`
Fall back to DB-based password storage when Gnome-Keyring is missing. Fixes #235 2019-03-24 09:21:12 +00:00			`"""`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`Test whether DBus and a SecretStorage provider are available.`
Fall back to DB-based password storage when Gnome-Keyring is missing. Fixes #235 2019-03-24 09:21:12 +00:00			`"""`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`try:`
			`self.connection = secretstorage.dbus_init()`
			`except secretstorage.exceptions.SecretServiceNotAvailableException as e:`
			`logger.debug("SecretStorage provider or DBus daemon is not available.")`
			`raise e`
Fall back to DB-based password storage when Gnome-Keyring is missing. Fixes #235 2019-03-24 09:21:12 +00:00			`asyncio.set_event_loop(asyncio.new_event_loop())`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`self.collection = secretstorage.get_default_collection(self.connection)`
Remove keyring dependency. Fixes #190. By @Hofer-Julian * Implement secretstorage backend for DBus connection * Use newer Ubuntu version for Travis CI testing 2019-03-06 01:37:12 +00:00
			`def set_password(self, service, repo_url, password):`
Change keyring label to improve UX on Gnome. By @real-yfprojects (#1181) 2022-03-06 09:14:28 +00:00			`"""`
			`Writes a password to the underlying store.`
			`"""`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`if self.is_unlocked:`
Ensure system keychain is unlocked before using it. By @samuel-w (#607) 2020-12-16 02:56:42 +00:00			`asyncio.set_event_loop(asyncio.new_event_loop())`
			`attributes = {`
			`'application': 'Vorta',`
			`'service': service,`
			`'repo_url': repo_url,`
			`'xdg:schema': 'org.freedesktop.Secret.Generic',`
			`}`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`self.collection.create_item(`
			`LABEL_TEMPLATE.format(repo_url=repo_url),`
			`attributes,`
			`password,`
			`replace=True,`
			`)`
Improve keyring logging. By @real-yfprojects (#1263) They now log storing and retrieving passwords. 2022-04-20 08:07:01 +00:00			`logger.debug(f"Saved password for repo {repo_url}")`
Remove keyring dependency. Fixes #190. By @Hofer-Julian * Implement secretstorage backend for DBus connection * Use newer Ubuntu version for Travis CI testing 2019-03-06 01:37:12 +00:00
			`def get_password(self, service, repo_url):`
Change keyring label to improve UX on Gnome. By @real-yfprojects (#1181) 2022-03-06 09:14:28 +00:00			`"""`
			`Retrieve a password from the underlying store. Return None if not found.`
			`"""`
Ensure system keychain is unlocked before using it. By @samuel-w (#607) 2020-12-16 02:56:42 +00:00			`if self.is_unlocked:`
			`asyncio.set_event_loop(asyncio.new_event_loop())`
			`attributes = {`
			`'application': 'Vorta',`
			`'service': service,`
			`'repo_url': repo_url,`
			`}`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`items = list(self.collection.search_items(attributes))`
Ensure system keychain is unlocked before using it. By @samuel-w (#607) 2020-12-16 02:56:42 +00:00			`logger.debug('Found %i passwords matching repo URL.', len(items))`
			`if len(items) > 0:`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`item = items[0]`
			`if item.is_locked() and item.unlock():`
			`return None`
Improve keyring logging. By @real-yfprojects (#1263) They now log storing and retrieving passwords. 2022-04-20 08:07:01 +00:00			`logger.debug(f"Retrieved password for repo {repo_url}")`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`return item.get_secret().decode("utf-8")`
Remove keyring dependency. Fixes #190. By @Hofer-Julian * Implement secretstorage backend for DBus connection * Use newer Ubuntu version for Travis CI testing 2019-03-06 01:37:12 +00:00			`return None`
Ensure system keychain is unlocked before using it. By @samuel-w (#607) 2020-12-16 02:56:42 +00:00
			`@property`
			`def is_unlocked(self):`
Improve SecretStorage locking behavior. By @Aeysol (#1255) 2022-04-20 04:15:08 +00:00			`# unlock() will return True if the unlock prompt is dismissed`
			`return not (self.collection.is_locked() and self.collection.unlock())`
Allow to fully disable using the system keychain. (#898) - Add option to avoid using system keychain. - Prioritize keychains first. Then try to start them. - Maintenance: Possible fixes for hung tests and segfault on exit on some setups. 2021-03-01 07:25:31 +00:00
			`@classmethod`
			`def get_priority(cls):`
			`return 6 if "GNOME" in os.getenv("XDG_CURRENT_DESKTOP", "") else 5`

			`@property`
			`def is_system(self):`
			`return True`