github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-13 22:05:59 +00:00
Code Issues Projects Releases Wiki Activity

Make password prompting hide the string

Browse Source
This commit is contained in:
Brendan Burns 2016-07-03 21:52:38 -07:00
parent ba7f61c340
commit a79f714b1e
2 changed files with 30 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
pkg/client/unversioned/clientcmd/auth_loaders.go
View File

@ -23,6 +23,7 @@ import (
"io/ioutil" "io/ioutil"
"os" "os"
"github.com/howeyc/gopass"
clientauth "k8s.io/kubernetes/pkg/client/unversioned/auth" clientauth "k8s.io/kubernetes/pkg/client/unversioned/auth"
) )
@ -46,10 +47,13 @@ type PromptingAuthLoader struct {
// LoadAuth parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist. // LoadAuth parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist.
func (a *PromptingAuthLoader) LoadAuth(path string) (*clientauth.Info, error) { func (a *PromptingAuthLoader) LoadAuth(path string) (*clientauth.Info, error) {
var auth clientauth.Info
// Prompt for user/pass and write a file if none exists. // Prompt for user/pass and write a file if none exists.
if _, err := os.Stat(path); os.IsNotExist(err) { if _, err := os.Stat(path); os.IsNotExist(err) {
auth = *a.Prompt() authPtr, err := a.Prompt()
auth := *authPtr
if err != nil {
return nil, err
}
data, err := json.Marshal(auth) data, err := json.Marshal(auth)
if err != nil { if err != nil {
return &auth, err return &auth, err
@ -65,19 +69,30 @@ func (a *PromptingAuthLoader) LoadAuth(path string) (*clientauth.Info, error) {
} }
// Prompt pulls the user and password from a reader // Prompt pulls the user and password from a reader
func (a *PromptingAuthLoader) Prompt() *clientauth.Info { func (a *PromptingAuthLoader) Prompt() (*clientauth.Info, error) {
var err error
auth := &clientauth.Info{} auth := &clientauth.Info{}
auth.User = promptForString("Username", a.reader) auth.User, err = promptForString("Username", a.reader, true)
auth.Password = promptForString("Password", a.reader) if err != nil {
return nil, err
return auth }
auth.Password, err = promptForString("Password", nil, false)
if err != nil {
return nil, err
}
return auth, nil
} }
func promptForString(field string, r io.Reader) string { func promptForString(field string, r io.Reader, show bool) (result string, err error) {
fmt.Printf("Please enter %s: ", field) fmt.Printf("Please enter %s: ", field)
var result string if show {
fmt.Fscan(r, &result) _, err = fmt.Fscan(r, &result)
return result } else {
var data []byte
data, err = gopass.GetPasswdMasked()
result = string(data)
}
return result, err
} }
// NewPromptingAuthLoader is an AuthLoader that parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist. // NewPromptingAuthLoader is an AuthLoader that parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist.

6
pkg/client/unversioned/clientcmd/client_config.go
View File

@ -195,8 +195,10 @@ func getUserIdentificationPartialConfig(configAuthInfo clientcmdapi.AuthInfo, fa
// if there still isn't enough information to authenticate the user, try prompting // if there still isn't enough information to authenticate the user, try prompting
if !canIdentifyUser(*mergedConfig) && (fallbackReader != nil) { if !canIdentifyUser(*mergedConfig) && (fallbackReader != nil) {
prompter := NewPromptingAuthLoader(fallbackReader) prompter := NewPromptingAuthLoader(fallbackReader)
promptedAuthInfo := prompter.Prompt() promptedAuthInfo, err := prompter.Prompt()
if err != nil {
return nil, err
}
promptedConfig := makeUserIdentificationConfig(*promptedAuthInfo) promptedConfig := makeUserIdentificationConfig(*promptedAuthInfo)
previouslyMergedConfig := mergedConfig previouslyMergedConfig := mergedConfig
mergedConfig = &restclient.Config{} mergedConfig = &restclient.Config{}